Open andrewdevelopz opened 1 month ago
When using Kafka it would be nice to be able to include additional certs into /etc/certs/server directory.
This branch adds a tlsSecret.extraServerCerts property that allows adding additional sources of certs.
tlsSecret.extraServerCerts
So if values.yaml is like below:
values.yaml
tlsSecret: name: "fleet-telemetry-secret" extraServerCerts: - secret: name: cluster-ca-cert items: - key: ca.crt path: ca.crt - secret: name: kafka-user items: - key: user.crt path: kafka.crt - key: user.key path: kafka.key
Then 2-deployment.yaml will produce in volumes:
2-deployment.yaml
volumes:
- name: server-certs projected: sources: - secret: name: fleet-telemetry-secret - secret: items: - key: ca.crt path: ca.crt name: cluster-ca-cert - secret: items: - key: user.crt path: kafka.crt - key: user.key path: kafka.key name: kafka-user
This way, configs for fleet-telemetry can be sent to k8s like below:
{ "host": "0.0.0.0", "port": 443, ... "kafka": { "bootstrap.servers": "<bootstrap-url>", "security.protocol": "SSL", "ssl.ca.location": "/etc/certs/server/ca.crt", "ssl.certificate.location": "/etc/certs/server/kafka.crt", "ssl.key.location": "/etc/certs/server/kafka.key" }, "tls": { "server_cert": "/etc/certs/server/tls.crt", "server_key": "/etc/certs/server/tls.key" } }
When using Kafka it would be nice to be able to include additional certs into /etc/certs/server directory.
This branch adds a
tlsSecret.extraServerCertsproperty that allows adding additional sources of certs.So if
values.yamlis like below:Then
2-deployment.yamlwill produce involumes:This way, configs for fleet-telemetry can be sent to k8s like below: