Example 6 with KafkaListenerAuthenticationCustom
use of io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationCustom in project strimzi-kafka-operator by strimzi.
the class KafkaCluster method getNonDataVolumes.
/**
* Generates list of non-data volumes used by Kafka Pods. This includes tmp volumes, mounted secrets and config
* maps.
*
* @param isOpenShift Indicates whether we are on OpenShift or not
*
* @return List of nondata volumes used by the ZooKeeper pods
*/
private List<Volume> getNonDataVolumes(boolean isOpenShift) {
List<Volume> volumeList = new ArrayList<>();
if (rack != null || isExposedWithNodePort()) {
volumeList.add(VolumeUtils.createEmptyDirVolume(INIT_VOLUME_NAME, "1Mi", "Memory"));
}
volumeList.add(createTempDirVolume());
volumeList.add(VolumeUtils.createSecretVolume(CLUSTER_CA_CERTS_VOLUME, AbstractModel.clusterCaCertSecretName(cluster), isOpenShift));
volumeList.add(VolumeUtils.createSecretVolume(BROKER_CERTS_VOLUME, KafkaCluster.brokersSecretName(cluster), isOpenShift));
volumeList.add(VolumeUtils.createSecretVolume(CLIENT_CA_CERTS_VOLUME, KafkaCluster.clientsCaCertSecretName(cluster), isOpenShift));
volumeList.add(VolumeUtils.createConfigMapVolume(logAndMetricsConfigVolumeName, ancillaryConfigMapName));
volumeList.add(VolumeUtils.createEmptyDirVolume("ready-files", "1Ki", "Memory"));
for (GenericKafkaListener listener : listeners) {
if (listener.isTls() && listener.getConfiguration() != null && listener.getConfiguration().getBrokerCertChainAndKey() != null) {
CertAndKeySecretSource secretSource = listener.getConfiguration().getBrokerCertChainAndKey();
Map<String, String> items = new HashMap<>(2);
items.put(secretSource.getKey(), "tls.key");
items.put(secretSource.getCertificate(), "tls.crt");
volumeList.add(VolumeUtils.createSecretVolume("custom-" + ListenersUtils.identifier(listener) + "-certs", secretSource.getSecretName(), items, isOpenShift));
}
if (isListenerWithOAuth(listener)) {
KafkaListenerAuthenticationOAuth oauth = (KafkaListenerAuthenticationOAuth) listener.getAuth();
volumeList.addAll(AuthenticationUtils.configureOauthCertificateVolumes("oauth-" + ListenersUtils.identifier(listener), oauth.getTlsTrustedCertificates(), isOpenShift));
}
if (isListenerWithCustomAuth(listener)) {
KafkaListenerAuthenticationCustom custom = (KafkaListenerAuthenticationCustom) listener.getAuth();
volumeList.addAll(AuthenticationUtils.configureGenericSecretVolumes("custom-listener-" + ListenersUtils.identifier(listener), custom.getSecrets(), isOpenShift));
}
}
if (authorization instanceof KafkaAuthorizationKeycloak) {
KafkaAuthorizationKeycloak keycloakAuthz = (KafkaAuthorizationKeycloak) authorization;
volumeList.addAll(AuthenticationUtils.configureOauthCertificateVolumes("authz-keycloak", keycloakAuthz.getTlsTrustedCertificates(), isOpenShift));
}
return volumeList;
}
Also used :
GenericKafkaListener(io.strimzi.api.kafka.model.listener.arraylistener.GenericKafkaListener)
Volume(io.fabric8.kubernetes.api.model.Volume)
HashMap(java.util.HashMap)
ArrayList(java.util.ArrayList)
KafkaListenerAuthenticationOAuth(io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationOAuth)
KafkaAuthorizationKeycloak(io.strimzi.api.kafka.model.KafkaAuthorizationKeycloak)
KafkaListenerAuthenticationCustom(io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationCustom)
CertAndKeySecretSource(io.strimzi.api.kafka.model.CertAndKeySecretSource)
Aggregations
KafkaAuthorizationKeycloak (io.strimzi.api.kafka.model.KafkaAuthorizationKeycloak)6
KafkaListenerAuthenticationCustom (io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationCustom)6
KafkaListenerAuthenticationOAuth (io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationOAuth)6
GenericKafkaListener (io.strimzi.api.kafka.model.listener.arraylistener.GenericKafkaListener)6
ArrayList (java.util.ArrayList)6
VolumeMount (io.fabric8.kubernetes.api.model.VolumeMount)4
CertAndKeySecretSource (io.strimzi.api.kafka.model.CertAndKeySecretSource)4
Volume (io.fabric8.kubernetes.api.model.Volume)2
CruiseControlSpec (io.strimzi.api.kafka.model.CruiseControlSpec)2
KafkaAuthorization (io.strimzi.api.kafka.model.KafkaAuthorization)2
KafkaAuthorizationCustom (io.strimzi.api.kafka.model.KafkaAuthorizationCustom)2
KafkaAuthorizationOpa (io.strimzi.api.kafka.model.KafkaAuthorizationOpa)2
KafkaAuthorizationSimple (io.strimzi.api.kafka.model.KafkaAuthorizationSimple)2
KafkaResources (io.strimzi.api.kafka.model.KafkaResources)2
Rack (io.strimzi.api.kafka.model.Rack)2
KafkaListenerAuthentication (io.strimzi.api.kafka.model.listener.KafkaListenerAuthentication)2
KafkaListenerAuthenticationScramSha512 (io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationScramSha512)2
KafkaListenerAuthenticationTls (io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationTls)2
GenericKafkaListenerConfiguration (io.strimzi.api.kafka.model.listener.arraylistener.GenericKafkaListenerConfiguration)2
ServerConfig (io.strimzi.kafka.oauth.server.ServerConfig)2
