Search in sources :

Example 1 with GenericKafkaListener

use of io.strimzi.api.kafka.model.listener.arraylistener.GenericKafkaListener in project strimzi by strimzi.

the class ListenersValidatorTest method testInvalidNames.

@ParallelTest
public void testInvalidNames() {
    GenericKafkaListener listener1 = new GenericKafkaListenerBuilder().withName("listener 1").withPort(9900).withType(KafkaListenerType.INTERNAL).build();
    GenericKafkaListener listener2 = new GenericKafkaListenerBuilder().withName("LISTENER2").withPort(9901).withType(KafkaListenerType.INTERNAL).build();
    GenericKafkaListener listener3 = new GenericKafkaListenerBuilder().withName("listener12345678901234567890").withPort(9902).withType(KafkaListenerType.INTERNAL).build();
    List<GenericKafkaListener> listeners = asList(listener1, listener2, listener3);
    assertThat(ListenersValidator.validateAndGetErrorMessages(3, listeners), containsInAnyOrder("listener names [listener 1, LISTENER2, listener12345678901234567890] are invalid and do not match the pattern ^[a-z0-9]{1,11}$"));
}
Also used : GenericKafkaListener(io.strimzi.api.kafka.model.listener.arraylistener.GenericKafkaListener) GenericKafkaListenerBuilder(io.strimzi.api.kafka.model.listener.arraylistener.GenericKafkaListenerBuilder) ParallelTest(io.strimzi.test.annotations.ParallelTest)

Example 2 with GenericKafkaListener

use of io.strimzi.api.kafka.model.listener.arraylistener.GenericKafkaListener in project strimzi by strimzi.

the class ListenersValidatorTest method testValidateBrokerCertChainAndKey.

@ParallelTest
public void testValidateBrokerCertChainAndKey() {
    GenericKafkaListener listener1 = new GenericKafkaListenerBuilder().withName("listener1").withPort(9900).withType(KafkaListenerType.INTERNAL).withNewConfiguration().withNewBrokerCertChainAndKey().withCertificate("").withKey("").endBrokerCertChainAndKey().endConfiguration().build();
    List<GenericKafkaListener> listeners = asList(listener1);
    Exception exception = assertThrows(InvalidResourceException.class, () -> ListenersValidator.validate(Reconciliation.DUMMY_RECONCILIATION, 3, listeners));
    assertThat(exception.getMessage(), allOf(containsString("listener 'listener1' cannot have an empty secret name in the brokerCertChainAndKey"), containsString("listener 'listener1' cannot have an empty key in the brokerCertChainAndKey"), containsString("listener 'listener1' cannot have an empty certificate in the brokerCertChainAndKey")));
}
Also used : GenericKafkaListener(io.strimzi.api.kafka.model.listener.arraylistener.GenericKafkaListener) GenericKafkaListenerBuilder(io.strimzi.api.kafka.model.listener.arraylistener.GenericKafkaListenerBuilder) ParallelTest(io.strimzi.test.annotations.ParallelTest)

Example 3 with GenericKafkaListener

use of io.strimzi.api.kafka.model.listener.arraylistener.GenericKafkaListener in project strimzi by strimzi.

the class KafkaBrokerConfigurationBuilderTest method testWithExternalRouteListenersWithoutAuth.

@ParallelTest
public void testWithExternalRouteListenersWithoutAuth() {
    GenericKafkaListener listener = new GenericKafkaListenerBuilder().withName("external").withPort(9094).withType(KafkaListenerType.ROUTE).withTls(true).build();
    String configuration = new KafkaBrokerConfigurationBuilder(Reconciliation.DUMMY_RECONCILIATION).withListeners("my-cluster", "my-namespace", singletonList(listener), false).build();
    assertThat(configuration, isEquivalent("listener.name.controlplane-9090.ssl.client.auth=required", "listener.name.controlplane-9090.ssl.keystore.location=/tmp/kafka/cluster.keystore.p12", "listener.name.controlplane-9090.ssl.keystore.password=${CERTS_STORE_PASSWORD}", "listener.name.controlplane-9090.ssl.keystore.type=PKCS12", "listener.name.controlplane-9090.ssl.truststore.location=/tmp/kafka/cluster.truststore.p12", "listener.name.controlplane-9090.ssl.truststore.password=${CERTS_STORE_PASSWORD}", "listener.name.controlplane-9090.ssl.truststore.type=PKCS12", "listener.name.replication-9091.ssl.keystore.location=/tmp/kafka/cluster.keystore.p12", "listener.name.replication-9091.ssl.keystore.password=${CERTS_STORE_PASSWORD}", "listener.name.replication-9091.ssl.keystore.type=PKCS12", "listener.name.replication-9091.ssl.truststore.location=/tmp/kafka/cluster.truststore.p12", "listener.name.replication-9091.ssl.truststore.password=${CERTS_STORE_PASSWORD}", "listener.name.replication-9091.ssl.truststore.type=PKCS12", "listener.name.replication-9091.ssl.client.auth=required", "listeners=CONTROLPLANE-9090://0.0.0.0:9090,REPLICATION-9091://0.0.0.0:9091,EXTERNAL-9094://0.0.0.0:9094", "advertised.listeners=CONTROLPLANE-9090://my-cluster-kafka-${STRIMZI_BROKER_ID}.my-cluster-kafka-brokers.my-namespace.svc:9090,REPLICATION-9091://my-cluster-kafka-${STRIMZI_BROKER_ID}.my-cluster-kafka-brokers.my-namespace.svc:9091,EXTERNAL-9094://${STRIMZI_EXTERNAL_9094_ADVERTISED_HOSTNAME}:${STRIMZI_EXTERNAL_9094_ADVERTISED_PORT}", "listener.security.protocol.map=CONTROLPLANE-9090:SSL,REPLICATION-9091:SSL,EXTERNAL-9094:SSL", "inter.broker.listener.name=REPLICATION-9091", "sasl.enabled.mechanisms=", "ssl.secure.random.implementation=SHA1PRNG", "ssl.endpoint.identification.algorithm=HTTPS", "listener.name.external-9094.ssl.keystore.location=/tmp/kafka/cluster.keystore.p12", "listener.name.external-9094.ssl.keystore.password=${CERTS_STORE_PASSWORD}", "listener.name.external-9094.ssl.keystore.type=PKCS12"));
}
Also used : GenericKafkaListener(io.strimzi.api.kafka.model.listener.arraylistener.GenericKafkaListener) GenericKafkaListenerBuilder(io.strimzi.api.kafka.model.listener.arraylistener.GenericKafkaListenerBuilder) CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString) ParallelTest(io.strimzi.test.annotations.ParallelTest)

Example 4 with GenericKafkaListener

use of io.strimzi.api.kafka.model.listener.arraylistener.GenericKafkaListener in project strimzi by strimzi.

the class KafkaBrokerConfigurationBuilderTest method testWithExternalListenersNodePortWithoutTls.

@ParallelTest
public void testWithExternalListenersNodePortWithoutTls() {
    GenericKafkaListener listener = new GenericKafkaListenerBuilder().withName("external").withPort(9094).withType(KafkaListenerType.NODEPORT).withTls(false).build();
    String configuration = new KafkaBrokerConfigurationBuilder(Reconciliation.DUMMY_RECONCILIATION).withListeners("my-cluster", "my-namespace", singletonList(listener), false).build();
    assertThat(configuration, isEquivalent("listener.name.controlplane-9090.ssl.client.auth=required", "listener.name.controlplane-9090.ssl.keystore.location=/tmp/kafka/cluster.keystore.p12", "listener.name.controlplane-9090.ssl.keystore.password=${CERTS_STORE_PASSWORD}", "listener.name.controlplane-9090.ssl.keystore.type=PKCS12", "listener.name.controlplane-9090.ssl.truststore.location=/tmp/kafka/cluster.truststore.p12", "listener.name.controlplane-9090.ssl.truststore.password=${CERTS_STORE_PASSWORD}", "listener.name.controlplane-9090.ssl.truststore.type=PKCS12", "listener.name.replication-9091.ssl.keystore.location=/tmp/kafka/cluster.keystore.p12", "listener.name.replication-9091.ssl.keystore.password=${CERTS_STORE_PASSWORD}", "listener.name.replication-9091.ssl.keystore.type=PKCS12", "listener.name.replication-9091.ssl.truststore.location=/tmp/kafka/cluster.truststore.p12", "listener.name.replication-9091.ssl.truststore.password=${CERTS_STORE_PASSWORD}", "listener.name.replication-9091.ssl.truststore.type=PKCS12", "listener.name.replication-9091.ssl.client.auth=required", "listeners=CONTROLPLANE-9090://0.0.0.0:9090,REPLICATION-9091://0.0.0.0:9091,EXTERNAL-9094://0.0.0.0:9094", "advertised.listeners=CONTROLPLANE-9090://my-cluster-kafka-${STRIMZI_BROKER_ID}.my-cluster-kafka-brokers.my-namespace.svc:9090,REPLICATION-9091://my-cluster-kafka-${STRIMZI_BROKER_ID}.my-cluster-kafka-brokers.my-namespace.svc:9091,EXTERNAL-9094://${STRIMZI_EXTERNAL_9094_ADVERTISED_HOSTNAME}:${STRIMZI_EXTERNAL_9094_ADVERTISED_PORT}", "listener.security.protocol.map=CONTROLPLANE-9090:SSL,REPLICATION-9091:SSL,EXTERNAL-9094:PLAINTEXT", "inter.broker.listener.name=REPLICATION-9091", "sasl.enabled.mechanisms=", "ssl.secure.random.implementation=SHA1PRNG", "ssl.endpoint.identification.algorithm=HTTPS"));
}
Also used : GenericKafkaListener(io.strimzi.api.kafka.model.listener.arraylistener.GenericKafkaListener) GenericKafkaListenerBuilder(io.strimzi.api.kafka.model.listener.arraylistener.GenericKafkaListenerBuilder) CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString) ParallelTest(io.strimzi.test.annotations.ParallelTest)

Example 5 with GenericKafkaListener

use of io.strimzi.api.kafka.model.listener.arraylistener.GenericKafkaListener in project strimzi by strimzi.

the class KafkaBrokerConfigurationBuilderTest method testWithTlsListenersWithTlsAuth.

@ParallelTest
public void testWithTlsListenersWithTlsAuth() {
    GenericKafkaListener listener = new GenericKafkaListenerBuilder().withName("tls").withPort(9093).withType(KafkaListenerType.INTERNAL).withTls(true).withNewKafkaListenerAuthenticationTlsAuth().endKafkaListenerAuthenticationTlsAuth().build();
    String configuration = new KafkaBrokerConfigurationBuilder(Reconciliation.DUMMY_RECONCILIATION).withListeners("my-cluster", "my-namespace", singletonList(listener), false).build();
    assertThat(configuration, isEquivalent("listener.name.controlplane-9090.ssl.client.auth=required", "listener.name.controlplane-9090.ssl.keystore.location=/tmp/kafka/cluster.keystore.p12", "listener.name.controlplane-9090.ssl.keystore.password=${CERTS_STORE_PASSWORD}", "listener.name.controlplane-9090.ssl.keystore.type=PKCS12", "listener.name.controlplane-9090.ssl.truststore.location=/tmp/kafka/cluster.truststore.p12", "listener.name.controlplane-9090.ssl.truststore.password=${CERTS_STORE_PASSWORD}", "listener.name.controlplane-9090.ssl.truststore.type=PKCS12", "listener.name.replication-9091.ssl.keystore.location=/tmp/kafka/cluster.keystore.p12", "listener.name.replication-9091.ssl.keystore.password=${CERTS_STORE_PASSWORD}", "listener.name.replication-9091.ssl.keystore.type=PKCS12", "listener.name.replication-9091.ssl.truststore.location=/tmp/kafka/cluster.truststore.p12", "listener.name.replication-9091.ssl.truststore.password=${CERTS_STORE_PASSWORD}", "listener.name.replication-9091.ssl.truststore.type=PKCS12", "listener.name.replication-9091.ssl.client.auth=required", "listeners=CONTROLPLANE-9090://0.0.0.0:9090,REPLICATION-9091://0.0.0.0:9091,TLS-9093://0.0.0.0:9093", "advertised.listeners=CONTROLPLANE-9090://my-cluster-kafka-${STRIMZI_BROKER_ID}.my-cluster-kafka-brokers.my-namespace.svc:9090,REPLICATION-9091://my-cluster-kafka-${STRIMZI_BROKER_ID}.my-cluster-kafka-brokers.my-namespace.svc:9091,TLS-9093://${STRIMZI_TLS_9093_ADVERTISED_HOSTNAME}:${STRIMZI_TLS_9093_ADVERTISED_PORT}", "listener.security.protocol.map=CONTROLPLANE-9090:SSL,REPLICATION-9091:SSL,TLS-9093:SSL", "inter.broker.listener.name=REPLICATION-9091", "sasl.enabled.mechanisms=", "ssl.secure.random.implementation=SHA1PRNG", "ssl.endpoint.identification.algorithm=HTTPS", "listener.name.tls-9093.ssl.client.auth=required", "listener.name.tls-9093.ssl.truststore.location=/tmp/kafka/clients.truststore.p12", "listener.name.tls-9093.ssl.truststore.password=${CERTS_STORE_PASSWORD}", "listener.name.tls-9093.ssl.truststore.type=PKCS12", "listener.name.tls-9093.ssl.keystore.location=/tmp/kafka/cluster.keystore.p12", "listener.name.tls-9093.ssl.keystore.password=${CERTS_STORE_PASSWORD}", "listener.name.tls-9093.ssl.keystore.type=PKCS12"));
}
Also used : GenericKafkaListener(io.strimzi.api.kafka.model.listener.arraylistener.GenericKafkaListener) GenericKafkaListenerBuilder(io.strimzi.api.kafka.model.listener.arraylistener.GenericKafkaListenerBuilder) CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString) ParallelTest(io.strimzi.test.annotations.ParallelTest)

Aggregations

GenericKafkaListener (io.strimzi.api.kafka.model.listener.arraylistener.GenericKafkaListener)160 GenericKafkaListenerBuilder (io.strimzi.api.kafka.model.listener.arraylistener.GenericKafkaListenerBuilder)116 ParallelTest (io.strimzi.test.annotations.ParallelTest)102 CoreMatchers.containsString (org.hamcrest.CoreMatchers.containsString)50 ArrayList (java.util.ArrayList)38 GenericKafkaListenerConfigurationBrokerBuilder (io.strimzi.api.kafka.model.listener.arraylistener.GenericKafkaListenerConfigurationBrokerBuilder)18 Matchers.containsString (org.hamcrest.Matchers.containsString)16 KafkaListenerAuthenticationOAuth (io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationOAuth)12 KafkaListenerAuthenticationOAuthBuilder (io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationOAuthBuilder)12 Kafka (io.strimzi.api.kafka.model.Kafka)10 LabelSelector (io.fabric8.kubernetes.api.model.LabelSelector)8 HTTPIngressPathBuilder (io.fabric8.kubernetes.api.model.networking.v1.HTTPIngressPathBuilder)8 Ingress (io.fabric8.kubernetes.api.model.networking.v1.Ingress)8 IngressTLSBuilder (io.fabric8.kubernetes.api.model.networking.v1.IngressTLSBuilder)8 HashMap (java.util.HashMap)8 List (java.util.List)8 Collectors (java.util.stream.Collectors)8 NetworkPolicyIngressRule (io.fabric8.kubernetes.api.model.networking.v1.NetworkPolicyIngressRule)6 NetworkPolicyIngressRuleBuilder (io.fabric8.kubernetes.api.model.networking.v1.NetworkPolicyIngressRuleBuilder)6 KafkaResources (io.strimzi.api.kafka.model.KafkaResources)6