ADS configuration parameters

log.dirs

The directory to store the logs

/kafka-logs

listeners

Comma-separated list of URIs to listen on and the listener names.

If a non-PLAINTEXT protocol is used, then listener.security.protocol.map must also be specified.

To bind to all interfaces, specify the hostname as 0.0.0.0

PLAINTEXT://:9092

default.replication.factor

The default replication factors for automatically created topics

1

num.partitions

The default number of log partitions per topic

1

delete.topic.enable

Enables topics deletion. Topics deletion has no effect it this config is turned off

ON

log.retention.hours

The number of hours to keep a log file before deleting it

168

log.roll.hours

The maximum time before a new log segment is rolled out

168

log.cleanup.policy

Log cleanup policy

delete

log.cleanup.interval.mins

Log cleanup interval

10

log.cleaner.min.compaction.lag.ms

The minimum time a message remains uncompacted in the log. Only applicable for logs that are being compacted (in ms)

0

log.cleaner.delete.retention.ms

The amount of time to retain delete tombstone markers for log compacted topics (in ms)

86400000

PID_DIR

The directory to store the Kafka process ID

/var/run/kafka

LOG_DIR

The directory for logs

/var/log/kafka

JMX_PORT

Port on which Kafka sends JMX metrics

9999

auto.create.topics.enable

Enables automatic topic creation

OFF

auto.leader.rebalance.enable

Enables automatic leader balancing in the background at regular intervals

ON

queued.max.requests

Number of requests in the queue before blocking network flows

500

num.network.threads

The number of threads used by the server to receive requests from the network and send responses to the network

3

num.io.threads

Sets the number of threads spawned for IO operations

8

unclean.leader.election.enable

Specifies whether to include out-of-ISR replicas and set the last resort as the leader, even if doing so may result in data loss

OFF

offsets.topic.replication.factor

The replication factor for the offsets topic (set higher to ensure availability). Internal topic creation does not occur until the cluster size meets this replication factor requirement

1

transaction.state.log.min.isr

Overrides the min.insync.replicas configuration for a transaction topic

1

transaction.state.log.replication.factor

The replication factor for the transaction topic (set higher to ensure availability). Internal topic creation fails until the cluster size meets this replication factor requirement

1

zookeeper.connection.timeout.ms

The max time that the client waits to establish a connection to ZooKeeper. If not set, the value in zookeeper.session.timeout.ms is used (in ms)

30000

zookeeper.session.timeout.ms

ZooKeeper session timeout (in ms)

30000

zookeeper.sync.time.ms

How far a ZooKeeper follower can be behind a ZooKeeper leader (in ms)

2000

security.inter.broker.protocol

Security protocol used to communicate between brokers

PLAINTEXT

ssl.keystore.location

The location of the keystore file. This is optional for client and can be used for two-way authentication for client

 — 

ssl.keystore.password

The store password for the keystore file. This is optional for client and only needed if ssl.keystore.location is configured

 — 

ssl.key.password

The password of the private key in the keystore file. This is optional for client

 — 

ssl.keystore.type

The file format of the keystore file. This is optional for client

 — 

ssl.truststore.location

The location of the trust store file

 — 

ssl.truststore.password

The store password for the truststore file. This is optional for client and only needed if ssl.truststore.location is configured

 — 

ssl.truststore.type

The file format of the trust store file

 — 

num.partitions

The default number of partitions for each topic. If the required setting is not in the list of the server.properties group, then to add it, use the Add key,value line, where you need to write the key and value in the appropriate fields

 — 

Add key,value

 — 

xasecure.audit.destination.solr.batch.filespool.dir

The directory for Solr audit spool

/srv/ranger/kafka_plugin/audit_solr_spool

xasecure.audit.destination.solr.urls

Specifies Solr URL. Not setting when using ZooKeeper to connect to Solr

 — 

xasecure.audit.destination.solr.zookeepers

Enables Audit to Solr for the Ranger plugins

 — 

ranger.plugin.kafka.policy.rest.url

URL to Ranger Admin

 — 

ranger.plugin.kafka.service.name

Name of the Ranger Service containing policies for this Kafka instance

 — 

ranger.plugin.kafka.policy.cache.dir

The directory where Ranger policies are cached after successful retrieval from the source

/srv/ranger/kafka/policycache

ranger.plugin.kafka.policy.pollIntervalMs

How often to poll for changes in policies (in ms)

30000

ranger.plugin.kafka.policy.rest.client.connection.timeoutMs

Kafka plugin RangerRestClient connection timeout (in ms)

120000

ranger.plugin.kafka.policy.rest.client.read.timeoutMs

Kafka plugin RangerRestClient read timeout (in ms)

30000

xasecure.policymgr.clientssl.keystore

The location of the keystore file

 — 

xasecure.policymgr.clientssl.keystore.password

The keystore password

 — 

xasecure.policymgr.clientssl.truststore

The location of the truststore file

 — 

xasecure.policymgr.clientssl.truststore.password

The truststore password

 — 

xasecure.policymgr.clientssl.keystore.credential.file

Location of keystore credential file

/etc/kafka/conf/keystore.jceks

xasecure.policymgr.clientssl.truststore.credential.file

Location of the truststore credential file

/etc/kafka/conf/truststore.jceks

log4j.rootLogger

Setting the logging level

INFO

log4j.logger.org.apache.zookeeper

Change to adjust ZooKeeper client logging

INFO

log4j.logger.kafka

Change to adjust the general broker logging level (output to server.log and stdout). See also log4j.logger.org.apache.kafka

INFO

log4j.logger.org.apache.kafka

Change to adjust the general broker logging level (output to server.log and stdout). See also log4j.logger.kafka

INFO

log4j.logger.kafka.request.logger

Change to DEBUG or TRACE to enable request logging

WARN

log4j.logger.kafka.controller

Setting the controller Kafka logging level

TRACE

log4j.logger.kafka.log.LogCleaner

Setting the Kafka log cleaning level

INFO

log4j.logger.state.change.logger

Setting log status change

INFO

log4j.logger.kafka.authorizer.logger

Access denials are logged at INFO level, change to DEBUG to also log allowed accesses

INFO

log4j.rootLogger

Setting the logging level

WARN

Kafka-Manager port

Kafka-Manager to listen port. Specified as JAVA_OPTS in kafka-manager-env file

9000

Enable JMX Polling

Enables or disables the polling thread for JMX

ON

JMX Auth Username

Adding a New Username for JMX Authorization

 — 

JMX Auth Password

Adding a New User Password for JMX Authorization

 — 

JMX with SSL

Enables or disables JMX activation by SSL authentication

OFF

Poll consumer information

Poll consumer information

ON

Filter out inactive consumers

Filter out inactive consumers

ON

Enable Logkafka

Enables or disables Logkafka

OFF

Enable Active OffsetCache

Enables Active OffsetCache

ON

Display Broker and Topic Size

Defines whether to display broker and topic size

OFF

brokerViewUpdatePeriodSeconds

Broker View Cycle Update Time/Cycle

30

clusterManagerThreadPoolSize

Cluster control thread pool size

10

clusterManagerThreadPoolQueueSize

Cluster control thread pool queue size

100

kafkaCommandThreadPoolSize

Kafka command thread pool size

10

kafkaCommandThreadPoolQueueSize

Kafka command thread pool queue size

100

logkafkaCommandThreadPoolSize

Logkafka command thread pool size

10

logkafkaCommandThreadPoolQueueSize

Logkafka command thread pool queue size

100

logkafkaUpdatePeriodSeconds

Logkafka update cycle time (in seconds)

30

partitionOffsetCacheTimeoutSecs

Logkafka update cycle time (in seconds)

5

brokerViewThreadPoolSize

Broker view thread pool size

10

brokerViewThreadPoolQueueSize

Broker view thread pool queue size

1000

offsetCacheThreadPoolSize

Cache offset thread pool size

10

offsetCacheThreadPoolQueueSize

Offset cache thread pool queue size

1000

kafkaAdminClientThreadPoolSize

Kafka control client thread pool size

10

kafkaAdminClientThreadPoolQueueSize

Kafka control client thread pool queue size

1000

kafkaManagedOffsetMetadataCheckMillis

Metadata offset check time

30000

kafkaManagedOffsetGroupCacheSize

Offset Group Cache Size

1000000

kafkaManagedOffsetGroupExpireDays

Offset Group Expire

7

Security Protocol

Security Protocol

PLAINTEXT

SASL Mechanism

Enables SASL authentication mechanism

DEFAULT

jaasConfig

Configurations for JAAS Authentication

 — 

rest_listener_port

REST Proxy listener port. Specified as listeners in kafka-rest.properties file

8082

LOG_DIR

The directory to store the logs

/var/log/kafka-rest

JMX_PORT

Port on which Kafka REST Proxy sends JMX metrics

9998

KAFKAREST_HEAP_OPTS

Heap size allocated to the Kafka REST Proxy process

-Xmx1024M

KAFKAREST_JMX_OPTS

JVM options in terms of JMX options (authorization, connection, ssl)

-Dcom.sun.management.jmxremote

-Dcom.sun.management.jmxremote.authenticate=false

-Dcom.sun.management.jmxremote.ssl=false

authentication.method

Authentication method

BASIC

authentication.roles

Defines a comma-separated list of user roles. To log in to the Kafka REST Proxy server, the authenticated user must belong to at least one of these roles

admin

authentication.realm

Corresponds to a section in the jaas_config.file that defines how the server authenticates users and must be passed as a parameter to the JVM during server startup

SchemaRegistry-Props

id

Unique ID for this REST server instance

kafka-rest-server

consumer.threads

The minimum number of threads to run consumer request on. You must set this value higher than the maximum number of consumers in a single consumer group

50

consumer.request.timeout.ms

The maximum total time to wait for messages for a request in the maximum request size has not yet been reached (in ms)

100

consumer.request.max.bytes

The maximum number of bytes in message keys and values returned by a single request

67108864

fetch.min.bytes

The minimum number of bytes in message keys and values returned by a single request

-1

client.ssl.endpoint.identification.algorithm

The endpoint identification algorithm to validate the server

 — 

Add key, value

 — 

Listener port

ksqlDB server listener port. Specified as listeners in ksql-server.properties file

8088

LOG_DIR

The directory for storing logs

/var/log/ksql

JMX_PORT

Port on which ksqlDB-server sends JMX metrics

10099

KSQL_HEAP_OPTS

Heap size allocated to the ksqlDB-server process

-Xmx3g

KSQL_JVM_PERFORMANCE_OPTS

JVM options in terms of PERFORMANCE options

-server

-XX:+UseConcMarkSweepGC

-XX:+CMSClassUnloadingEnabled

-XX:+CMSScavengeBeforeRemark

-XX:+ExplicitGCInvokesConcurrent

-XX:NewRatio=1 -Djava.awt.headless=true

CLASSPATH

A setting for the Java Virtual Machine or Java compiler that specifies the location of custom classes and packages

/usr/lib/ksql/libs/*

KSQL_CLASSPATH

Path to Java deployment of ksqlDB Server and related Java classes

${CLASSPATH}

KSQL_OPTS

Environment variable that specifies the configuration settings for the ksqlDB server. Properties set with KSQL_OPTS take precedence over those specified in the ksqlDB configuration file

-Djava.security.auth.login.config=/etc/ksqldb/jaas_config.conf

authentication.method

Authentication method

BASIC

authentication.roles

Defines a comma-separated list of user roles. To log in to the ksqlDB server, the authenticated user must belong to at least one of these roles

admin

authentication.realm

Corresponds to a section in the jaas_config.file that defines how the server authenticates users and must be passed as a parameter to the JVM during server startup

KsqlServer-Props

Path to password.properties

Path to password.properties

/etc/ksqldb/password.properties

application.id

Application ID

ksql-server

ksql.internal.topic.replicas

The replication factor for the ksqlDB Servers internal topics

1

ksql.streams.state.dir

The storage directory for stateful operation

/usr/lib/ksql/state

ksql.streams.replication.factor

Underlying internal topics of Kafka Streams

1

ksql.streams.topic.min.insync.replicas

Minimum number of brokers that must have data written to synchronized replicas

2

ksql.streams.num.standby.replicas

Number of replicas for stateful operations

1

ksql.streams.producer.acks

Number of brokers that need to acknowledge receipt of a message before it is considered a successful write

all

ksql.streams.producer.delivery.timeout.ms

The batch expiry (in ms)

2147483647

ksql.streams.producer.max.block.ms

Maximum allowable time for the producer to block (in ms)

9223372036854775000

ssl.endpoint.identification.algorithm

Endpoint identification algorithm for server validation

 — 

ssl.keystore.location

Used for HTTPS. Location of the keystore file to use for SSL

 — 

ssl.keystore.type

The file format of the key store file

 — 

ssl.keystore.password

Used for HTTPS. The store password for the keystore file

 — 

ssl.key.password

Used for HTTPS. The password of the private key in the keystore file

 — 

ssl.truststore.location

Location of the truststore file

 — 

ssl.truststore.type

File format of the truststore file

 — 

ssl.truststore.password

Used for HTTPS. The store password for the trust store file

 — 

ksql.schema.registry.ssl.keystore.location

The location of the SSL keystore file

ksql.schema.registry.ssl.keystore.password

The password to access the keystore

 — 

ksql.schema.registry.ssl.key.password

The password of the key contained in the keystore

 — 

ksql.schema.registry.ssl.keystore.type

The file format of the keystore

 — 

ksql.schema.registry.ssl.truststore.location

The location of the SSL trust store file

 — 

ksql.schema.registry.ssl.truststore.password

The password to access the trust store

 — 

ksql.schema.registry.ssl.truststore.type

The file format of the trust store

 — 

Add key, value

 — 

group.id

The group ID is a unique identifier for the set of workers

ksql-connect-cluster

key.converter

The converters specify the format of data in Kafka and how to translate it into Connect data

org.apache.kafka.connect.storage.StringConverter

key.converter.schema.registry.url

KSQL key data location

http://localhost:8081

value.converter

Converter class for value Connect data

io.confluent.connect.avro.AvroConverter

value.converter.schema.registry.url

Location of ksqlDB data values

http://localhost:8081

config.storage.topic

The name of the internal topic for storing configurations

ksql-connect-configs

offset.storage.topic

A topic to store statistics connect offsets

ksql-connect-offsets

status.storage.topic

A topic to store statistics connect status

ksql-connect-statuses

config.storage.replication.factor

Replication factor for config.storage.topic

1

offset.storage.replication.factor

Replication factor for offset.storage.topic

1

status.storage.replication.factor

Replication factor for status.storage.topic

1

internal.key.converter

A converter class for internal values with connect records

org.apache.kafka.connect.json.JsonConverter

internal.value.converter

A converter class for internal values with connect records

org.apache.kafka.connect.json.JsonConverter

internal.key.converter.schemas.enable

Schema configuration for internal statistics connect data

OFF

Add key,value

 — 

interceptor.classes

If you are not using any interceptors currently, you will need to add a new item to the Java Properties object that you use to create a new Producer

io.confluent.monitoring.clients.interceptor.MonitoringProducerInterceptor

Add key,value

 — 

log4j.rootLogger

Setting the logging level

INFO

log4j.logger.org.reflections

Setting the Reflections warning level

ERROR

log4j.logger.org.apache.kafka.streams

Setting the logging level of Kafka Streams

INFO

log4j.logger.kafka

Change to adjust the general broker logging level (output to server.log and stdout). See also log4j.logger.org.apache.kafka

WARN

log4j.logger.org.apache.zookeeper

Change to adjust ZooKeeper client logging

WARN

log4j.logger.org.apache.kafka

Change to adjust the general broker logging level (output to server.log and stdout). See also log4j.logger.kafka

WARN

log4j.logger.org.I0Itec.zkclient

Change to adjust ZooKeeper client logging level

WARN

log4j.logger.io.confluent.ksql.rest.server.resources.KsqlResource

Stop ksqlDB from logging out each request it receives

WARN

log4j.logger.io.confluent.ksql.util.KsqlConfig

Enable to avoid the logs being spammed with KsqlConfig values

WARN

listener port

Schema-Registry listener port. Specified as listeners in the schema-registry.properties file

8081

LOG_DIR

The directory for storing logs

/var/log/schema-registry

JMX_PORT

Port on which Schema-Registry sends JMX metrics

9997

SCHEMA_REGISTRY_HEAP_OPTS

Heap size allocated to the Schema-Registry process

-Xmx1024M

SCHEMA_REGISTRY_JVM_PERFORMANCE_OPTS

JVM options in terms of PERFORMANCE options

-server

-XX:+UseG1G

-XX:MaxGCPauseMillis=20

-XX:InitiatingHeapOccupancyPercent=35

-XX:+ExplicitGCInvokesConcurrent

-Djava.awt.headless=true

authentication.method

Authentication method

BASIC

authentication.roles

Defines a comma-separated list of user roles. To be authorized on the Schema-Registry server, the authenticated user must belong to at least one of these roles

admin

authentication.realm

Corresponds to a section in the jaas_config.file that defines how the server authenticates users and must be passed as a parameter to the JVM during server startup

SchemaRegistry-Props

kafkastore.topic

The durable single partition topic that acts as the durable log for the data. This topic must be compacted to avoid losing data due to retention policy

_schemas

debug

Boolean indicating whether extra debugging information is generated in some error response entities

OFF

inter.instance.protocol

The protocol used while making calls between the instances of Schema Registry

 — 

ssl.keystore.location

Used for HTTPS. Location of the keystore file to use for SSL

 — 

ssl.keystore.password

Used for HTTPS. The store password for the keystore file

 — 

ssl.key.password

The password of the key contained in the keystore

 — 

ssl.truststore.location

Used for HTTPS. Location of the trust store. Required only to authenticate HTTPS clients

 — 

ssl.truststore.password

The password to access the trust store

 — 

kafkastore.ssl.keystore.location

The location of the SSL keystore file

 — 

kafkastore.ssl.keystore.password

The password to access the keystore

 — 

kafkastore.ssl.key.password

The password of the key contained in the keystore

 — 

kafkastore.ssl.keystore.type

The file format of the keystore

 — 

kafkastore.ssl.truststore.location

The location of the SSL trust store file

 — 

kafkastore.ssl.truststore.password

The password to access the trust store

 — 

kafkastore.ssl.truststore.type

The file format of the trust store

 — 

kafkastore.ssl.endpoint.identification.algorithm

The endpoint identification algorithm to validate the server hostname using the server certificate

 — 

Add key,value

 — 

log4j.rootLogger

Setting the logging level

INFO

log4j.logger.kafka

Change to adjust the general broker logging level (output to server.log and stdout). See also log4j.logger.org.apache.kafka

ERROR

log4j.logger.org.apache.zookeeper

Change to adjust ZooKeeper client logging

ERROR

log4j.logger.org.apache.kafka

Change to adjust the general broker logging level (output to server.log and stdout). See also log4j.logger.kafka

ERROR

log4j.logger.org.I0Itec.zkclient

Change to adjust ZooKeeper client logging level

ERROR

Nifi UI port

NiFi Server HTTP port. Specified as property nifi.web.http.port in the nifi.properties configuration file

9090

Nifi server Heap size

Heap size for Nifi server. Specified in bootstrap.conf configuration file

1024m

Nifi Registry UI

Nifi Registry HTTP port. Specified as the nifi.registry.web.http.port property in the nifi.properties configuration file

18080

Nifi Registry Heap size

Heap size for Nifi Registry. Specified in the bootstrap.conf configuration file

512m

nifi.queue.backpressure.count

The default value for the number of FlowFile files (underlying NiFi processing object) that can be queued before backpressure is applied, i.e. the source stops sending data. The value must be an integer

10000

nifi.queue.backpressure.size

The default value for the maximum amount of data that must be queued before backpressure is applied. The value must be the size of the data, including the unit of measure

1 GB

nifi.flowfile.repository.directory

FlowFile repository location

/usr/lib/nifi-server/flowfile_repository

nifi.content.repository.directory

Content repository location

/usr/lib/nifi-server/content_repository

nifi.provenance.repository.directory

Provenance repository location

/usr/lib/nifi-server/provenance_repository

nifi.database.directory

H2 database directory location

/usr/lib/nifi-server/database_repository

nifi.registry.db.directory

Location of the Registry database directory

/usr/lib/nifi-registry/database

nifi.nar.library.directory.lib

The parameter should be used in case of adding custom nars

 — 

xasecure.audit.destination.solr.batch.filespool.dir

The directory for Solr audit spool

/srv/ranger/nifi_plugin/audit_solr_spool

xasecure.audit.destination.solr.urls

Specifies Solr URL. Not setting when using ZooKeeper to connect to Solr

 — 

xasecure.audit.destination.solr.zookeepers

ZooKeeper connection string for the Solr destination

 — 

xasecure.audit.destination.solr.force.use.inmemory.jaas.config

ZooKeeper connections to Solr using configuration in a JAAS file

 — 

xasecure.audit.jaas.Client.loginModuleControlFlag

Specifies whether the success of the module is required, requisite, sufficient, or optional

 — 

xasecure.audit.jaas.Client.loginModuleName

Class name of the authentication technology used

 — 

xasecure.audit.jaas.Client.option.keyTab

Set this to the file name of the keytab to get principal’s secret key

 — 

xasecure.audit.jaas.Client.option.serviceName

Service name

 — 

xasecure.audit.jaas.Client.option.storeKey

Set this to true to if you want the keytab or the principal’s key to be stored in the Subject’s private credentials

 — 

xasecure.audit.jaas.Client.option.useKeyTab

Set this to true if you want the module to get the principal’s key from the the keytab

 — 

ranger.plugin.nifi.policy.rest.url

URL to Ranger Admin

 — 

ranger.plugin.nifi.service.name

Name of the Ranger service containing policies for this NiFi instance

 — 

ranger.plugin.nifi.policy.source.impl

Class to retrieve policies from the source

org.apache.ranger.admin.client.RangerAdminRESTClient

ranger.plugin.nifi.policy.cache.dir

Directory where Ranger policies are cached after successful retrieval from the source

/srv/ranger/nifi/policycache

ranger.plugin.nifi.policy.pollIntervalMs

How often to poll for changes in policies

30000

ranger.plugin.nifi.policy.rest.client.connection.timeoutMs

NiFi plugin RangerRestClient connection timeout in milliseconds

120000

ranger.plugin.nifi.policy.rest.client.read.timeoutMs

NiFi plugin RangerRestClient read timeout in milliseconds

30000

ranger.plugin.nifi.policy.rest.ssl.config.file

Path to the file containing SSL details to contact Ranger Admin

/etc/nifi/conf/ranger-nifi-policymgr-ssl.xml

xasecure.policymgr.clientssl.keystore

The location of the keystore file

 — 

xasecure.policymgr.clientssl.keystore.password

The keystore password

 — 

xasecure.policymgr.clientssl.truststore

The location of the truststore file

 — 

xasecure.policymgr.clientssl.truststore.password

The truststore password

 — 

xasecure.policymgr.clientssl.keystore.credential.file

Location of the keystore password credential file

/etc/nifi/conf/keystore.jceks

xasecure.policymgr.clientssl.truststore.credential.file

Location of the truststore password credential file

/etc/nifi/conf/truststore.jceks

xasecure.audit.destination.solr.batch.filespool.dir

The directory for Solr audit spool

/srv/ranger/nifi_registry_plugin/audit_solr_spool

xasecure.audit.destination.solr.urls

Specifies Solr URL

 — 

xasecure.audit.destination.solr.zookeepers

Zookeeper connection string for the Solr destination

 — 

xasecure.audit.destination.solr.force.use.inmemory.jaas.config

ZooKeeper connections to Solr using configuration in a JAAS file

 — 

xasecure.audit.jaas.Client.loginModuleControlFlag

Specifies whether the success of the module is required, requisite, sufficient, or optional

 — 

xasecure.audit.jaas.Client.loginModuleName

Class name of the authentication technology used

 — 

xasecure.audit.jaas.Client.option.keyTab

Set this to the file name of the keytab to get principal’s secret key

 — 

xasecure.audit.jaas.Client.option.serviceName

Service name

 — 

xasecure.audit.jaas.Client.option.storeKey

Set this to true to if you want the keytab or the principal’s key to be stored in the Subject’s private credentials

 — 

xasecure.audit.jaas.Client.option.useKeyTab

Set this to true if you want the module to get the principal’s key from the the keytab

 — 

ranger.plugin.nifi-registry.policy.rest.url

Path to the NiFi-registry variable for the Ranger service

 — 

ranger.plugin.nifi-registry.service.name

Name of the Ranger service containing policies for this NiFi-registry instance

 — 

ranger.plugin.nifi-registry.policy.source.impl

Class to retrieve policies from the source

org.apache.ranger.admin.client.RangerAdminRESTClient

ranger.plugin.nifi-registry.policy.cache.dir

The directory where Ranger policies are cached after successful retrieval from the source

/srv/ranger/nifi-registry/policycache

ranger.plugin.nifi-registry.policy.pollIntervalMs

How often to poll for changes in policies (in ms)

30000

ranger.plugin.nifi-registry.policy.rest.client.connection.timeoutMs

Nifi-registry plugin RangerRestClient connection timeout (in ms)

120000

ranger.plugin.nifi-registry.policy.rest.client.read.timeoutMs

Nifi-registrу plugin RangerRestClient read timeout (in ms)

30000

ranger.plugin.nifi-registry.policy.rest.ssl.config.file

Path to the file containing SSL details to contact Ranger Admin

/etc/nifi-registry/conf/ranger-policymgr-ssl.xml

xasecure.policymgr.clientssl.keystore

The location of the keystore file

 — 

xasecure.policymgr.clientssl.keystore.password

The keystore password

 — 

xasecure.policymgr.clientssl.truststore

The location of the truststore file

 — 

xasecure.policymgr.clientssl.truststore.password

The truststore password

 — 

xasecure.policymgr.clientssl.keystore.credential.file

Location of keystore password credential file

/etc/nifi-registry/conf/keystore.jceks

xasecure.policymgr.clientssl.truststore.credential.file

Location of the truststore password credential file

/etc/nifi-registry/conf/truststore.jceks

DN NiFi’s nodes list

List of user and system identifications to seed the User File. These are required fields to enable SSL for the first time. Must include not only the DName of the NiFi Server component, but also the DName of the NiFi Registry, as well as the DName for the MiNiFi service components. For example, for an SSL-enabled cluster consisting of only NiFi Server, when adding a MiNiFi service or Schema Registry extension, you need to supplement this list with new DNames Example for nodes — CN=nifi_node_hostname, OU=Arenadata, O=Arenadata, L=Moscow, ST=Moscow, C=RU

 — 

NiFi Initial Admin