Versions Compared

Old Version 8

changes.mady.by.user Kevin Timoney

Saved on

compared with

New Version 9

changes.mady.by.user Kevin Timoney

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

cainjector is used to configure the CA certificates for Mutating Webhooks - see link below.

Kafka

You can use your own certificates and keys with Kafka by adding the following section in your configuration:

Code Block
languageyml
titleclusterCa
  clusterCa:
    generateCertificateAuthority: false

If this is set to false you need to setup your own cluster secrets containing the keys and certificates prior to starting the cluster.

Please refer to 8.3. Installing your own CA certificates

You can do the same for the client CA.

For the listeners you can also configure your own server certificates in the brokerCertChainAndKey section.

Code Block
languageyml
titlebrokerCertChainAndKey
      - name: external
        port: 9098
        type: nodeport
        tls: true
        authentication:
          type: tls
        configuration:
          brokerCertChainAndKey:
            secretName: cm-kafka-server-certs
            certificate: tls.crt
            key: tls.key
          bootstrap:
            alternativeNames:
              - localhost
              - 192.168.49.2
              - my-cluster-kafka-external-bootstrap.kafka
              - my-cluster-kafka-external-bootstrap.kafka.svc
              - my-cluster-kafka-external-0.kafka
              - my-cluster-kafka-external-0.kafka.svc

Please refer to the brokerCertChainAndKey section in the Strimzi documentation for more information.

Links

Installation

Issuer

SelfSigned

...