Examples with KafkaAuthorizationKeycloak io.strimzi.api.kafka.model.KafkaAuthorizationKeycloak used on opensource projects

Search in sources :

Example 16 with KafkaAuthorizationKeycloak

use of io.strimzi.api.kafka.model.KafkaAuthorizationKeycloak in project strimzi by strimzi.

the class KafkaCluster method getNonDataVolumes.

/**
 * Generates list of non-data volumes used by Kafka Pods. This includes tmp volumes, mounted secrets and config
 * maps.
 *
 * @param isOpenShift   Indicates whether we are on OpenShift or not
 *
 * @return              List of nondata volumes used by the ZooKeeper pods
 */
private List<Volume> getNonDataVolumes(boolean isOpenShift) {
    List<Volume> volumeList = new ArrayList<>();
    if (rack != null || isExposedWithNodePort()) {
        volumeList.add(VolumeUtils.createEmptyDirVolume(INIT_VOLUME_NAME, "1Mi", "Memory"));
    }
    volumeList.add(createTempDirVolume());
    volumeList.add(VolumeUtils.createSecretVolume(CLUSTER_CA_CERTS_VOLUME, AbstractModel.clusterCaCertSecretName(cluster), isOpenShift));
    volumeList.add(VolumeUtils.createSecretVolume(BROKER_CERTS_VOLUME, KafkaCluster.brokersSecretName(cluster), isOpenShift));
    volumeList.add(VolumeUtils.createSecretVolume(CLIENT_CA_CERTS_VOLUME, KafkaCluster.clientsCaCertSecretName(cluster), isOpenShift));
    volumeList.add(VolumeUtils.createConfigMapVolume(logAndMetricsConfigVolumeName, ancillaryConfigMapName));
    volumeList.add(VolumeUtils.createEmptyDirVolume("ready-files", "1Ki", "Memory"));
    for (GenericKafkaListener listener : listeners) {
        if (listener.isTls() && listener.getConfiguration() != null && listener.getConfiguration().getBrokerCertChainAndKey() != null) {
            CertAndKeySecretSource secretSource = listener.getConfiguration().getBrokerCertChainAndKey();
            Map<String, String> items = new HashMap<>(2);
            items.put(secretSource.getKey(), "tls.key");
            items.put(secretSource.getCertificate(), "tls.crt");
            volumeList.add(VolumeUtils.createSecretVolume("custom-" + ListenersUtils.identifier(listener) + "-certs", secretSource.getSecretName(), items, isOpenShift));
        }
        if (isListenerWithOAuth(listener)) {
            KafkaListenerAuthenticationOAuth oauth = (KafkaListenerAuthenticationOAuth) listener.getAuth();
            volumeList.addAll(AuthenticationUtils.configureOauthCertificateVolumes("oauth-" + ListenersUtils.identifier(listener), oauth.getTlsTrustedCertificates(), isOpenShift));
        }
        if (isListenerWithCustomAuth(listener)) {
            KafkaListenerAuthenticationCustom custom = (KafkaListenerAuthenticationCustom) listener.getAuth();
            volumeList.addAll(AuthenticationUtils.configureGenericSecretVolumes("custom-listener-" + ListenersUtils.identifier(listener), custom.getSecrets(), isOpenShift));
        }
    }
    if (authorization instanceof KafkaAuthorizationKeycloak) {
        KafkaAuthorizationKeycloak keycloakAuthz = (KafkaAuthorizationKeycloak) authorization;
        volumeList.addAll(AuthenticationUtils.configureOauthCertificateVolumes("authz-keycloak", keycloakAuthz.getTlsTrustedCertificates(), isOpenShift));
    }
    return volumeList;
}
Also used : GenericKafkaListener(io.strimzi.api.kafka.model.listener.arraylistener.GenericKafkaListener) Volume(io.fabric8.kubernetes.api.model.Volume) HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) KafkaListenerAuthenticationOAuth(io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationOAuth) KafkaAuthorizationKeycloak(io.strimzi.api.kafka.model.KafkaAuthorizationKeycloak) KafkaListenerAuthenticationCustom(io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationCustom) CertAndKeySecretSource(io.strimzi.api.kafka.model.CertAndKeySecretSource)

Aggregations

KafkaAuthorizationKeycloak (io.strimzi.api.kafka.model.KafkaAuthorizationKeycloak)16 GenericKafkaListener (io.strimzi.api.kafka.model.listener.arraylistener.GenericKafkaListener)14 ArrayList (java.util.ArrayList)12 KafkaListenerAuthenticationCustom (io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationCustom)10 KafkaListenerAuthenticationOAuth (io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationOAuth)10 CertAndKeySecretSource (io.strimzi.api.kafka.model.CertAndKeySecretSource)8 VolumeMount (io.fabric8.kubernetes.api.model.VolumeMount)6 Volume (io.fabric8.kubernetes.api.model.Volume)4 CruiseControlSpec (io.strimzi.api.kafka.model.CruiseControlSpec)4 InlineLogging (io.strimzi.api.kafka.model.InlineLogging)4 KafkaAuthorization (io.strimzi.api.kafka.model.KafkaAuthorization)4 KafkaAuthorizationCustom (io.strimzi.api.kafka.model.KafkaAuthorizationCustom)4 KafkaAuthorizationOpa (io.strimzi.api.kafka.model.KafkaAuthorizationOpa)4 KafkaAuthorizationSimple (io.strimzi.api.kafka.model.KafkaAuthorizationSimple)4 KafkaClusterSpec (io.strimzi.api.kafka.model.KafkaClusterSpec)4 KafkaResources (io.strimzi.api.kafka.model.KafkaResources)4 KafkaSpec (io.strimzi.api.kafka.model.KafkaSpec)4 Rack (io.strimzi.api.kafka.model.Rack)4 KafkaListenerAuthentication (io.strimzi.api.kafka.model.listener.KafkaListenerAuthentication)4 KafkaListenerAuthenticationScramSha512 (io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationScramSha512)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial