- Define a connection named
test-pulsar-connection
by using the YAML file and save the YAML fileconnection.yaml
.
apiVersion: resource.streamnative.io/v1alpha1
kind: PulsarConnection
metadata:
name: test-pulsar-connection
namespace: test
spec:
adminServiceURL: http://test-pulsar-sn-platform-broker.test.svc.cluster.local:8080
brokerServiceURL: pulsar://test-pulsar-sn-platform-broker.test.svc.cluster.local:6650
clusterName: pulsar-cluster
Other PulsarConnection
configuration examples:
-
TLS connection
apiVersion: resource.streamnative.io/v1alpha1 kind: PulsarConnection metadata: name: test-tls-pulsar-connection namespace: test spec: adminServiceSecureURL: https://test-pulsar-sn-platform-broker.test.svc.cluster.local:443 brokerServiceSecureURL: pulsar+ssl//test-pulsar-sn-platform-broker.test.svc.cluster.local:6651 clusterName: pulsar-cluster
-
JWT Token authentication with Secret
apiVersion: resource.streamnative.io/v1alpha1 kind: PulsarConnection metadata: name: test-tls-pulsar-connection namespace: test spec: adminServiceURL: http://test-pulsar-sn-platform-broker.test.svc.cluster.local:8080 brokerServiceURL: pulsar://test-pulsar-sn-platform-broker.test.svc.cluster.local:6650 clusterName: pulsar-cluster authentication: token: # Use a Kubernetes Secret to store the JWT Token. https://kubernetes.io/docs/concepts/configuration/secret/ # Secret data field have to be base64-encoded strings. https://kubernetes.io/docs/concepts/configuration/secret/#restriction-names-data secretRef: name: test-pulsar-sn-platform-vault-secret-env-injection key: brokerClientAuthenticationParameters
-
JWT Token authentication with value
apiVersion: resource.streamnative.io/v1alpha1 kind: PulsarConnection metadata: name: test-tls-pulsar-connection namespace: test spec: adminServiceURL: http://test-pulsar-sn-platform-broker.test.svc.cluster.local:8080 brokerServiceURL: pulsar://test-pulsar-sn-platform-broker.test.svc.cluster.local:6650 clusterName: pulsar-cluster authentication: token: # Use the JWT Token raw data as the token value value: eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJKb2UifQ.ipevRNuRP6HflG8cFKnmUPtypruRC4fb1DWtoLL62SY
-
OAuth2 authentication with Secret
apiVersion: resource.streamnative.io/v1alpha1 kind: PulsarConnection metadata: name: test-tls-pulsar-connection namespace: test spec: adminServiceURL: http://test-pulsar-sn-platform-broker.test.svc.cluster.local:8080 brokerServiceURL: pulsar://test-pulsar-sn-platform-broker.test.svc.cluster.local:6650 clusterName: pulsar-cluster authentication: oauth2: issuerEndpoint: https://auth.streamnative.cloud clientID: pvqx76oGvWQMIGGP2ozMfOus2s4tDQAJ audience: urn:sn:pulsar:sndev:us-west key: # Use a Kubernetes Secret to store the OAuth2 keyFile contents. https://kubernetes.io/docs/concepts/configuration/secret/ # Secret data field have to be base64-encoded strings. https://kubernetes.io/docs/concepts/configuration/secret/#restriction-names-data secretRef: name: key-file-secret key: key-file
-
OAuth2 authentication with value
apiVersion: resource.streamnative.io/v1alpha1 kind: PulsarConnection metadata: name: test-tls-pulsar-connection namespace: test spec: adminServiceURL: http://test-pulsar-sn-platform-broker.test.svc.cluster.local:8080 brokerServiceURL: pulsar://test-pulsar-sn-platform-broker.test.svc.cluster.local:6650 clusterName: pulsar-cluster authentication: oauth2: issuerEndpoint: https://auth.streamnative.cloud clientID: pvqx76oGvWQMIGGP2ozMfOus2s4tDQAJ audience: urn:sn:pulsar:sndev:us-west key: # Use the keyFile contents as the oauth2 key value value: {"type":"sn_service_account","client_id":"pvqx76oGvWQMIGGP2ozMfOus2s4tDQAJ","client_secret":"60J6fo81j-h69_vVvYvqFOHs2NfOyy6pqGqwIhTgnxpQ7O3UH8PdCbVtdm_SJjIf","client_email":"contoso@sndev.auth.streamnative.cloud","issuer_url":"https://auth.streamnative.cloud"}
This table lists specifications available for the PulsarConnection
resource.
Option | Description | Required or not |
---|---|---|
adminServiceURL |
The admin service URL of the Pulsar cluster, such as http://cluster-broker.test.svc.cluster.local:8080 . |
No |
authentication |
A secret that stores authentication configurations. This option is required when you enable authentication for your Pulsar cluster. Support JWT Token and OAuth2 authentication methods. | No |
brokerServiceURL |
The broker service URL of the Pulsar cluster, such as pulsar://cluster-broker.test.svc.cluster.local:6650 . This option is required for configuring Geo-replication. This option is available for version 0.3.0 or above. |
No |
brokerServiceSecureURL |
The broker service URL for secure connection to the Pulsar cluster, such as pulsar+ssl://cluster-broker.test.svc.cluster.local:6651 . This option is required for configuring Geo-replication when TLS is enabled. This option is available for version 0.3.0 or above. |
No |
adminServiceSecureURL |
The admin service URL for secure connection to the Pulsar cluster, such as https://cluster-broker.test.svc.cluster.local:443 . This option is available for version 0.3.0 or above. |
No |
clusterName |
The Pulsar cluster name. You can use the pulsar-admin clusters list command to get the Pulsar cluster name. This option is required for configuring Geo-replication. Provided from 0.3.0 |
No |
- Apply the YAML file to create the Pulsar Connection.
kubectl apply -f connection.yaml
- Check the resource status.
kubectl -n test get pulsarconnection.resource.streamnative.io
NAME ADMIN_SERVICE_URL GENERATION OBSERVED_GENERATION READY
test-pulsar-connection http://ok-sn-platform-broker.test.svc.cluster.local:8080 1 1 True
You can update the connection by editing the connection.yaml, then apply it again. For example, if pulsar cluster doesn’t setup the authentication, then you don’t need the authentication part in the spec
apiVersion: resource.streamnative.io/v1alpha1
kind: PulsarConnection
metadata:
name: test-pulsar-connection
namespace: test
spec:
adminServiceURL: http://test-pulsar-sn-platform-broker.test.svc.cluster.local:8080
kubectl apply -f connection.yaml
kubectl -n test delete pulsarconnection.resource.streamnative.io test-pulsar-connection
Please be noticed, because the Pulsar Resources Operator are using the connection to manage pulsar resources, If you delete the pulsar connection, it will only be deleted after the resources CRs are deleted