[
https://issues.apache.org/jira/browse/NIFI-8100?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ruben Laguna updated NIFI-8100:
-------------------------------
Description:
Usually load balancers with AWS Application Load Balancer use periodic health
checks to determine which node it should forward requests to.
Today we have the /status api endpoint but that is not suitable because it
really requires authentication on a secure nifi installation and there is no
way to provide authorization headers in the health checks performed by load
balancers.
So I would like to have a /heath or /health-check endpoint that can be "open"
that answers 200 OK *when the node is connected to the cluster and a 4xx-5xx
error if the node is disconnected* ("Only a node connected to a cluster can
process the request", "This node is currently not connect to the cluster. Any
modifications to the data flow made here will not replicate across the
cluster").
This will simplify secure nifi deployment with load balancing, right now if a
node gets disconnected users will be still be routed to it even if that node is
really not usable.
Here I'm referring to *Load balancer for the NiFi web UI*, and just checking
for / or /nifi is not good enough because t he UI may be up (GET / 200OK) but
not usable (the node is disconnected from the cluster).
was:
Usually load balancers with AWS Application Load Balancer use periodic health
checks to determine which node it should forward requests to.
Today we have the /status api endpoint but that is not suitable because it
really requires authentication on a secure nifi installation and there is no
way to provide authorization headers in the health checks performed by load
balancers.
So I would like to have a /heath or /health-check endpoint that can be "open"
that answers 200 OK *when the node is connected to the cluster and a 4xx-5xx
error if the node is disconnected* ("Only a node connected to a cluster can
process the request", "This node is currently not connect to the cluster. Any
modifications to the data flow made here will not replicate across the
cluster").
This will simplify secure nifi deployment with load balancing, right now if a
node gets disconnected users will be still be routed to it even if that node is
really not usable.
> Provide a /health endpoint that do not require authentication for use in
> LoadBalancer (nifi UI)
> -----------------------------------------------------------------------------------------------
>
> Key: NIFI-8100
> URL: https://issues.apache.org/jira/browse/NIFI-8100
> Project: Apache NiFi
> Issue Type: Bug
> Reporter: Ruben Laguna
> Priority: Major
>
> Usually load balancers with AWS Application Load Balancer use periodic health
> checks to determine which node it should forward requests to.
> Today we have the /status api endpoint but that is not suitable because it
> really requires authentication on a secure nifi installation and there is no
> way to provide authorization headers in the health checks performed by load
> balancers.
> So I would like to have a /heath or /health-check endpoint that can be "open"
> that answers 200 OK *when the node is connected to the cluster and a 4xx-5xx
> error if the node is disconnected* ("Only a node connected to a cluster can
> process the request", "This node is currently not connect to the cluster. Any
> modifications to the data flow made here will not replicate across the
> cluster").
> This will simplify secure nifi deployment with load balancing, right now if a
> node gets disconnected users will be still be routed to it even if that node
> is really not usable.
> Here I'm referring to *Load balancer for the NiFi web UI*, and just checking
> for / or /nifi is not good enough because t he UI may be up (GET / 200OK) but
> not usable (the node is disconnected from the cluster).
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
