April 28, 2025

Release 2.10.0-b443 of Cloudera Data Flow makes NiFi 2 generally available for flow development and flow deployments, and provides a semi-automatic tool to migrate NiFi 1.x flows to NiFi 2.x. It also provides security enhancements in the form of role-based access control to flow definitions in the Catalog and specifying trusted IP addresses for inbound connections. Flow deployment is further streamlined by the availability of shared parameters and made more cost-efficient by customizable storage sizing.

New features

Latest NiFi version

Flow Deployments and Test Sessions now support the latest Apache NiFi 1.28 and NiFi 2.3 releases.

You can now develop flows in the Flow Designer as NiFi 2.3 flows by default. NiFi 2.3 is also available as the NiFi 2 runtime for Flow Deployments. This marks the general availability of NiFi 2 in Cloudera Data Flow.

NiFi 2 migrations

Self-service migration is powered by Cloudera Data Flow Catalog and Flow Designer. You can organize NiFi 1 flows in the Catalog, start migrations with one click, and make any required changes in Flow Designer. A comprehensive visual migration report clearly highlights items that require manual updates, while enabling users to effectively keep track of their progress.

For more information, see Migrating to Ni­Fi 2.x.

Shared Parameter Groups in flow deployments

You can accelerate deployment processes by importing and referencing Shared Parameter Groups during flow deployment. This streamlined workflow significantly reduces development and deployment complexity and accelerates time to value for users by eliminating manual copy&paste of parameter values.

For more information, see Shared parameters.

Custom storage sizing

You can now specify tailored storage capacity, IOPS, and throughput sizes for your NiFi repositories, making smaller deployments more cost-efficient.

For more information, see Configuring sizing and scaling.

Access control for flow definitions

Collections enhance security by enabling precise role based access control for cataloged flows. You can organize cataloged flows into Collections and tightly manage user access to each Collection.

For more information, see Collections.

Secured inbound connections

You can now specify trusted IP addresses for flows with inbound connections. This limits traffic to only the specified IP addresses.

For more information, see Create an Inbound Connection Endpoint.

Better notifications

You can now stay better informed with enhanced, customizable notifications.

For more information, see Service notifications and Deployment notifications.

New ReadyFlows
  • ADLS to Chroma DB
  • S3 to Chroma DB
  • Slack to Chroma DB
  • Slack to Milvus
  • ADLS to Qdrant
  • S3 to Qdrant
  • Slack to Qdrant
  • ADLS to OpenSearch
  • S3 to OpenSearch
  • Slack to OpenSearch
  • RAG Query Pinecone

Available ReadyFlows.

Platform updates

New Kubernetes version support

Cloudera Data Flow now supports EKS/AKS 1.31.

Adopted Chainguard base image for all in-house components
All Cloudera Data Flow components are now built based on Chainguard base images to minimize CVEs
Migrated third party container images to Chainguard
90% of third party container images used in Cloudera Data Flow are now sourced from Chainguard to minimize CVEs.

Changes and improvements

  • Storage size reserved for NiFi 2.x deployments has been reduced.

  • Redis has been replaced by Valkey.

  • In flow Designer, local parameter group assets are now deleted if applicable, when the parameter group is updated.

  • In Flow Designer, when importing shared parameter groups to flow drafts, there is now an option to automatically remove overlapping local parameters.

  • More accurate test session status in Flow Designer

  • Messaging and marking of required fields on the UI were improved

  • Various UI accessibility improvements

Fixed issues

CDPDFX-8375: Renewing inbound connection client certificate intermittently fails
Fixes an issue where, under certain circumstances, inbound connection certificate renewal failed without any visible indication of failure.
CDPDFX-9709: Projects limit checked globally instead of account level
Fixes an issue where customers were unable to create new projects due to the number of projects erroneously being calculated by region instead of by tenant.
CDPDFX-8848: Data Flow release breaking ongoing upgrades
Fixes an issue where releasing a new Cloudera Data Flow version during an ongoing service upgrade broke subsequent upgrades for that service.
CDPDFX-9685: PEM certificate renewal backward compatibility issue for pre 2.9 workloads
Fixes an issue where PEM certificate renewal for a pre 2.9.0 environment failed with a timeoout, due to a missing reconciliation force annotation.
CDPDFX-9534: Reported Bug for machineUser Crn
Fixes an issue where project creation with a machine user failed due to erroneous user type setting.
CDPDFX-9777: Storing additional details needs to update cached extensions manage
Fixes an issue in Flow Designer where new additional detail entries logged during test session flow deployment did not overwrite cached additional details.
CDPDFX-10064
Fixes an issue where after a failed environment update, the retry update environment action did not populate the user supplied values that resulted in failure.