tabVersion
commented
2 weeks ago each of the first three options has its corresponding API for reading in credential content, which is listed as follows:
properties.ssl.ca.location->ssl.ca.pemssl_caproperties.ssl.certificate.location->ssl.certificate.pemssl_certificateproperties.ssl.key.location->ssl.key.pemssl_keyThis makes the cloud deployment and usage easier
Upvote for the option changes, but they are mostly for on-perm users. Cloud Kafka vendors seldom require using custom certs to connect to brokers. We need to be aware of the case.
lmatz
right now, when connecting via SSL, the user is expected to input 4 fields:
properties.ssl.ca.locationproperties.ssl.certificate.locationproperties.ssl.key.locationproperties.ssl.key.passwordWhen RW is deployed in the cloud environment, the file needs to be mounted to the file system in the pod first and then the user can specify the path in the 3
locationconfigsSince we have supported
create secret, it is easier if the user can just copy & paste the content of these files into RW as a secret. The Cloud user can still upload the file, but this uploading is just a widget on Cloud UI to copy & paste the content.The change is that there is no longer a need to mount the file to the pod.
To support this, it requires the Kafka API, i.e. librdkafka to support configs of reading in credential content directly.
By checking https://github.com/confluentinc/librdkafka/blob/master/CONFIGURATION.md
each of the first three options has its corresponding API for reading in credential content, which is listed as follows:
properties.ssl.ca.location->ssl.ca.pemssl_caproperties.ssl.certificate.location->ssl.certificate.pemssl_certificateproperties.ssl.key.location->ssl.key.pemssl_keyThis makes the cloud deployment and usage easier