Monitoring

In November 2024, Apache NiFi released a new major version 2.0.0.

The NiFi 2.0.0 release changed the way of exposing Prometheus metrics significantly. The following steps explain on how to expose Metrics in NiFi versions 1.x.x and 2.x.x.

Configure metrics in NiFi 1.x.x

For NiFi versions 1.x.x, the operator automatically configures NiFi to export Prometheus metrics. This is done by creating a Job that connects to NiFi and configures a Prometheus Reporting Task.

Network access from the Job to NiFi is required. If you are running a Kubernetes with restrictive NetworkPolicies, make sure to allow access from the Job to NiFi.

See Monitoring for more details.

Disabling create-reporting-task Job

It can be helpful to disable the Job, e.g. when you configOverride an authentication mechanism, which the Job currently cannot use to authenticate against NiFi.

To achieve this use the following configuration:

spec:
  clusterConfig:
    createReportingTaskJob:
      enabled: false

Configure metrics in NiFi 2.x.x

The Prometheus Reporting Task was removed in NiFi 2.x.x in NIFI-13507. Metrics are now always exposed and can be scraped using the NiFi Pod FQDN and the HTTP path /nifi-api/flow/metrics/prometheus.

For a deployed single node NiFi cluster called simple-nifi, containing a rolegroup called default, the metrics endpoint is reachable under:

https://simple-nifi-node-default-0.simple-nifi-node-default.<namespace>.svc.cluster.local:8443/nifi-api/flow/metrics/prometheus
If NiFi is configured to do any user authentication, requests to the metric endpoint must be authenticated and authorized.