Example 56 with CertSecretSource
use of io.strimzi.api.kafka.model.CertSecretSource in project strimzi-kafka-operator by strimzi.
the class KafkaMirrorMaker2Cluster method getClusterTrustedCerts.
private void getClusterTrustedCerts(final StringBuilder clustersTrustedCerts, KafkaMirrorMaker2ClusterSpec mirrorMaker2Cluster, String clusterAlias) {
ClientTls tls = mirrorMaker2Cluster.getTls();
if (tls != null) {
List<CertSecretSource> trustedCertificates = tls.getTrustedCertificates();
if (trustedCertificates != null && trustedCertificates.size() > 0) {
if (clustersTrustedCerts.length() > 0) {
clustersTrustedCerts.append("\n");
}
clustersTrustedCerts.append(clusterAlias);
clustersTrustedCerts.append("=");
boolean separator = false;
for (CertSecretSource certSecretSource : trustedCertificates) {
if (separator) {
clustersTrustedCerts.append(";");
}
clustersTrustedCerts.append(certSecretSource.getSecretName());
clustersTrustedCerts.append("/");
clustersTrustedCerts.append(certSecretSource.getCertificate());
separator = true;
}
}
}
}
Also used :
ClientTls(io.strimzi.api.kafka.model.ClientTls)
CertSecretSource(io.strimzi.api.kafka.model.CertSecretSource)
Example 57 with CertSecretSource
use of io.strimzi.api.kafka.model.CertSecretSource in project strimzi-kafka-operator by strimzi.
the class KafkaMirrorMakerCluster method addConsumerEnvVars.
/**
* Sets the consumer related environment variables in the provided List.
*
* @param varList List with environment variables
*/
private void addConsumerEnvVars(List<EnvVar> varList) {
if (consumer.getTls() != null) {
varList.add(buildEnvVar(ENV_VAR_KAFKA_MIRRORMAKER_TLS_CONSUMER, "true"));
if (consumer.getTls().getTrustedCertificates() != null && consumer.getTls().getTrustedCertificates().size() > 0) {
StringBuilder sb = new StringBuilder();
boolean separator = false;
for (CertSecretSource certSecretSource : consumer.getTls().getTrustedCertificates()) {
if (separator) {
sb.append(";");
}
sb.append(certSecretSource.getSecretName() + "/" + certSecretSource.getCertificate());
separator = true;
}
varList.add(buildEnvVar(ENV_VAR_KAFKA_MIRRORMAKER_TRUSTED_CERTS_CONSUMER, sb.toString()));
}
}
AuthenticationUtils.configureClientAuthenticationEnvVars(consumer.getAuthentication(), varList, name -> ENV_VAR_PREFIX + name + "_CONSUMER");
}
Also used :
CertSecretSource(io.strimzi.api.kafka.model.CertSecretSource)
Example 58 with CertSecretSource
use of io.strimzi.api.kafka.model.CertSecretSource in project strimzi-kafka-operator by strimzi.
the class KafkaMirrorMakerCluster method addProducerEnvVars.
/**
* Sets the producer related environment variables in the provided List.
*
* @param varList List with environment variables
*/
private void addProducerEnvVars(List<EnvVar> varList) {
if (producer.getTls() != null) {
varList.add(buildEnvVar(ENV_VAR_KAFKA_MIRRORMAKER_TLS_PRODUCER, "true"));
if (producer.getTls().getTrustedCertificates() != null && producer.getTls().getTrustedCertificates().size() > 0) {
StringBuilder sb = new StringBuilder();
boolean separator = false;
for (CertSecretSource certSecretSource : producer.getTls().getTrustedCertificates()) {
if (separator) {
sb.append(";");
}
sb.append(certSecretSource.getSecretName() + "/" + certSecretSource.getCertificate());
separator = true;
}
varList.add(buildEnvVar(ENV_VAR_KAFKA_MIRRORMAKER_TRUSTED_CERTS_PRODUCER, sb.toString()));
}
}
AuthenticationUtils.configureClientAuthenticationEnvVars(producer.getAuthentication(), varList, name -> ENV_VAR_PREFIX + name + "_PRODUCER");
}
Also used :
CertSecretSource(io.strimzi.api.kafka.model.CertSecretSource)
Example 59 with CertSecretSource
use of io.strimzi.api.kafka.model.CertSecretSource in project strimzi-kafka-operator by strimzi.
the class AuthenticationUtils method configureOauthCertificateVolumeMounts.
/**
* Generates volume mounts needed for certificates needed to connect to OAuth server.
* This is used in both OAuth servers and clients.
*
* @param volumeNamePrefix Prefix which was used to name the secret volumes
* @param trustedCertificates List of certificates which should be mounted
* @param baseVolumeMount The Base volume into which the certificates should be mounted
*
* @return List of new VolumeMounts
*/
public static List<VolumeMount> configureOauthCertificateVolumeMounts(String volumeNamePrefix, List<CertSecretSource> trustedCertificates, String baseVolumeMount) {
List<VolumeMount> newVolumeMounts = new ArrayList<>();
if (trustedCertificates != null && trustedCertificates.size() > 0) {
int i = 0;
for (CertSecretSource certSecretSource : trustedCertificates) {
String volumeName = String.format("%s-%d", volumeNamePrefix, i);
newVolumeMounts.add(VolumeUtils.createVolumeMount(volumeName, String.format("%s/%s-%d", baseVolumeMount, certSecretSource.getSecretName(), i)));
i++;
}
}
return newVolumeMounts;
}
Also used :
ArrayList(java.util.ArrayList)
VolumeMount(io.fabric8.kubernetes.api.model.VolumeMount)
CertSecretSource(io.strimzi.api.kafka.model.CertSecretSource)
Example 60 with CertSecretSource
use of io.strimzi.api.kafka.model.CertSecretSource in project strimzi-kafka-operator by strimzi.
the class AuthenticationUtils method configureOauthCertificateVolumes.
/**
* Generates volumes needed for certificates needed to connect to OAuth server.
* This is used in both OAuth servers and clients.
*
* @param volumeNamePrefix Prefix for naming the secret volumes
* @param trustedCertificates List of certificates which should be mounted
* @param isOpenShift Flag whether we are on OpenShift or not
*
* @return List of new Volumes
*/
public static List<Volume> configureOauthCertificateVolumes(String volumeNamePrefix, List<CertSecretSource> trustedCertificates, boolean isOpenShift) {
List<Volume> newVolumes = new ArrayList<>();
if (trustedCertificates != null && trustedCertificates.size() > 0) {
int i = 0;
for (CertSecretSource certSecretSource : trustedCertificates) {
Map<String, String> items = Collections.singletonMap(certSecretSource.getCertificate(), "tls.crt");
String volumeName = String.format("%s-%d", volumeNamePrefix, i);
Volume vol = VolumeUtils.createSecretVolume(volumeName, certSecretSource.getSecretName(), items, isOpenShift);
newVolumes.add(vol);
i++;
}
}
return newVolumes;
}
Also used :
Volume(io.fabric8.kubernetes.api.model.Volume)
ArrayList(java.util.ArrayList)
CertSecretSource(io.strimzi.api.kafka.model.CertSecretSource)
Aggregations
CertSecretSource (io.strimzi.api.kafka.model.CertSecretSource)73
CertSecretSourceBuilder (io.strimzi.api.kafka.model.CertSecretSourceBuilder)30
GenericKafkaListenerBuilder (io.strimzi.api.kafka.model.listener.arraylistener.GenericKafkaListenerBuilder)29
Collections (java.util.Collections)28
List (java.util.List)28
HashMap (java.util.HashMap)26
Map (java.util.Map)26
Labels (io.strimzi.operator.common.model.Labels)24
TestUtils (io.strimzi.test.TestUtils)24
ParallelTest (io.strimzi.test.annotations.ParallelTest)24
ArrayList (java.util.ArrayList)24
MatcherAssert.assertThat (org.hamcrest.MatcherAssert.assertThat)24
ServiceAccount (io.fabric8.kubernetes.api.model.ServiceAccount)22
Reconciliation (io.strimzi.operator.common.Reconciliation)22
ConfigMap (io.fabric8.kubernetes.api.model.ConfigMap)20
EnvVar (io.fabric8.kubernetes.api.model.EnvVar)20
ContainerEnvVar (io.strimzi.api.kafka.model.ContainerEnvVar)20
Container (io.fabric8.kubernetes.api.model.Container)18
HasMetadata (io.fabric8.kubernetes.api.model.HasMetadata)18
IntOrString (io.fabric8.kubernetes.api.model.IntOrString)18
