From 19fbb007448131d4a8582a499e3ab4eff7d1c198 Mon Sep 17 00:00:00 2001
From: Nick Larsen <nick.larsen@stackable.tech>
Date: Thu, 20 Nov 2025 14:33:42 +0100
Subject: [PATCH 1/5] fix: Listen on loopback interface so that k8s
 port-forward works

NOTE: This required explicitly listening on eth0, otherwise only the loopback interface would be listening.
---
 rust/operator-binary/src/config/mod.rs | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/rust/operator-binary/src/config/mod.rs b/rust/operator-binary/src/config/mod.rs
index 1c3ed4be..08416ba6 100644
--- a/rust/operator-binary/src/config/mod.rs
+++ b/rust/operator-binary/src/config/mod.rs
@@ -484,6 +484,14 @@ pub fn build_nifi_properties(
         "nifi.web.https.network.interface.default".to_string(),
         "".to_string(),
     );
+    properties.insert(
+        "nifi.web.https.network.interface.eth0".to_string(),
+        "eth0".to_string(),
+    );
+    properties.insert(
+        "nifi.web.https.network.interface.lo0".to_string(),
+        "lo0".to_string(),
+    );
     properties.insert(
         "nifi.web.jetty.working.directory".to_string(),
         "./work/jetty".to_string(),

From 1104ed63de5267c6498d3bd51ab3bcf340790ae3 Mon Sep 17 00:00:00 2001
From: Nick Larsen <nick.larsen@stackable.tech>
Date: Thu, 20 Nov 2025 14:40:09 +0100
Subject: [PATCH 2/5] chore: Update changelog

---
 CHANGELOG.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 8f215d3c..062310cb 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,12 @@ All notable changes to this project will be documented in this file.
 
 ## [Unreleased]
 
+### Fixed
+
+- Also listen on the loopback interface so that k8s port-forwards work ([#870]).
+
+[#870]: https://github.com/stackabletech/nifi-operator/pull/870
+
 ## [25.11.0] - 2025-11-07
 
 ## [25.11.0-rc1] - 2025-11-06

From 33dd35538763143acbe324edee98f752ae123bdc Mon Sep 17 00:00:00 2001
From: Nick Larsen <nick.larsen@stackable.tech>
Date: Thu, 20 Nov 2025 14:40:34 +0100
Subject: [PATCH 3/5] docs(getting_started): Remove ZooKeeper from example
 output

---
 docs/modules/nifi/pages/getting_started/first_steps.adoc | 1 -
 1 file changed, 1 deletion(-)

diff --git a/docs/modules/nifi/pages/getting_started/first_steps.adoc b/docs/modules/nifi/pages/getting_started/first_steps.adoc
index 68547339..4049af45 100644
--- a/docs/modules/nifi/pages/getting_started/first_steps.adoc
+++ b/docs/modules/nifi/pages/getting_started/first_steps.adoc
@@ -46,7 +46,6 @@ The output should show all pods ready:
 ----
 NAME                                 READY   AGE
 simple-nifi-node-default             2/2     5m
-simple-zk-server-default             3/3     7m
 ----
 
 Congratulations! You successfully created your first NiFi cluster!

From da4d64d0912286080abc201e6bc04fa30bcc6217 Mon Sep 17 00:00:00 2001
From: Nick Larsen <nick.larsen@stackable.tech>
Date: Thu, 20 Nov 2025 20:09:41 +0100
Subject: [PATCH 4/5] fix: Use unnumbered loopback

---
 rust/operator-binary/src/config/mod.rs | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/rust/operator-binary/src/config/mod.rs b/rust/operator-binary/src/config/mod.rs
index 08416ba6..823f25a9 100644
--- a/rust/operator-binary/src/config/mod.rs
+++ b/rust/operator-binary/src/config/mod.rs
@@ -489,8 +489,8 @@ pub fn build_nifi_properties(
         "eth0".to_string(),
     );
     properties.insert(
-        "nifi.web.https.network.interface.lo0".to_string(),
-        "lo0".to_string(),
+        "nifi.web.https.network.interface.lo".to_string(),
+        "lo".to_string(),
     );
     properties.insert(
         "nifi.web.jetty.working.directory".to_string(),

From 48c41f4ccca2760aac32e79e34fa6376bea8dd17 Mon Sep 17 00:00:00 2001
From: Nick Larsen <nick.larsen@stackable.tech>
Date: Sat, 22 Nov 2025 11:17:50 +0100
Subject: [PATCH 5/5] chore: Add comments explaining why we explicitly listen
 on interfaces

---
 rust/operator-binary/src/config/mod.rs | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/rust/operator-binary/src/config/mod.rs b/rust/operator-binary/src/config/mod.rs
index 823f25a9..fbe4b768 100644
--- a/rust/operator-binary/src/config/mod.rs
+++ b/rust/operator-binary/src/config/mod.rs
@@ -484,6 +484,11 @@ pub fn build_nifi_properties(
         "nifi.web.https.network.interface.default".to_string(),
         "".to_string(),
     );
+    // Specifically listen on eth0 and lo interfaces.
+    // Listening on lo allows k8s port-forward to work.
+    // Once we listen on lo, we need to explicitly listen on eth0 so the server can be exposed (including health probes).
+    // NOTE: We assume "eth0" is always the external interface in containers launched in Kubernetes.
+    // It is possible that some container runtime will name it differently, but we haven't yet observed that.
     properties.insert(
         "nifi.web.https.network.interface.eth0".to_string(),
         "eth0".to_string(),
@@ -492,6 +497,7 @@ pub fn build_nifi_properties(
         "nifi.web.https.network.interface.lo".to_string(),
         "lo".to_string(),
     );
+    //#############################################
     properties.insert(
         "nifi.web.jetty.working.directory".to_string(),
         "./work/jetty".to_string(),