Skip to content
This repository has been archived by the owner on Dec 15, 2021. It is now read-only.

Commit

Permalink
Update use-existing-kafka.md (#1056)
Browse files Browse the repository at this point in the history
  • Loading branch information
gemanilkashyap authored and Andres Martinez Gotor committed Jul 2, 2019
1 parent 4f605f6 commit e668da7
Showing 1 changed file with 46 additions and 0 deletions.
46 changes: 46 additions & 0 deletions docs/use-existing-kafka.md
Original file line number Diff line number Diff line change
Expand Up @@ -171,3 +171,49 @@ When using SSL to secure kafka communication, you must set `KAFKA_ENABLE_TLS`, a
* `KAFKA_CACERTS` to check server certificate
* `KAFKA_CERT` and `KAFKA_KEY` to check client certificate
* `KAFKA_INSECURE` to skip TLS verfication

Example for Kafka controller deployments using TLS

`Prerequisite` : Create secrets to hold certificates and keys.

```yaml
---
apiVersion: apps/v1beta1
kind: Deployment
metadata:
labels:
kubeless: kafka-trigger-controller
name: kafka-trigger-controller
namespace: kubeless
spec:
selector:
matchLabels:
kubeless: kafka-trigger-controller
template:
metadata:
labels:
kubeless: kafka-trigger-controller
spec:
volumes:
- name: kafka-volume
secret:
secretName: certs-and-keys-secret # REPLACE WITH SECRET HOLDING CERTS AND KEYS
containers:
- image: bitnami/kafka-trigger-controller:latest
imagePullPolicy: IfNotPresent
name: kafka-trigger-controller
volumeMounts:
- name: kafka-volume
mountPath: /path/to/certsandkeys
env:
...
- name: KAFKA_ENABLE_TLS
value: "true" # ENABLE TLS
- name: KAFKA_CACERTS
value: "/path/to/certsandkeys/ca.crt" # CHANGE THIS! (NOTE : PATH HERE MATCHING THE MOUNT PATH ABOVE)
- name: KAFKA_CERT
value: "/path/to/certsandkeys/cert.pem" # CHANGE THIS! (NOTE : PATH HERE MATCHING THE MOUNT PATH ABOVE)
- name: KAFKA_KEY
value: "/path/to/certsandkeys/key.pem" # CHANGE THIS! (NOTE : PATH HERE MATCHING THE MOUNT PATH ABOVE)
...
```

0 comments on commit e668da7

Please sign in to comment.