Skip to content

Latest commit

 

History

History

kraft_sasl_ssl_autogenerated

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
README.md
README.md
 
 
basic.txt
basic.txt
 
 
kraftbroker_controller.yaml
kraftbroker_controller.yaml
 
 
plain-users.json
plain-users.json
 
 
plain.txt
plain.txt
 
 

README.md

Deploy KRaft broker and controller with CFK

This playbook explains how to deploy KRaft brokers and controllers with CFK.

Before continuing with the scenario, ensure that you have set up the prerequisites.

Set the current tutorial directory

Set the tutorial directory under the directory you downloaded this Github repo:

export TUTORIAL_HOME=<Github repo directory>/security/kraft_sasl_ssl_autogenerated

Deploy Confluent for Kubernetes

This workflow scenario assumes you are using the namespace confluent.

Set up the Helm Chart:

helm repo add confluentinc https://packages.confluent.io/helm

Install Confluent For Kubernetes using Helm:

helm upgrade --install operator confluentinc/confluent-for-kubernetes -n confluent

Check that the Confluent For Kubernetes pod comes up and is running:

kubectl get pods

Provide a Certificate Authority

Confluent For Kubernetes provides auto-generated certificates for Confluent Platform components to use for TLS network encryption. You'll need to generate and provide a Certificate Authority (CA).

Generate a CA pair to use:

openssl genrsa -out $TUTORIAL_HOME/ca-key.pem 2048

openssl req -new -key $TUTORIAL_HOME/ca-key.pem -x509 \
  -days 1000 \
  -out $TUTORIAL_HOME/ca.pem \
  -subj "/C=US/ST=CA/L=MountainView/O=Confluent/OU=Operator/CN=TestCA"

Create a Kubernetes secret for the certificate authority:

kubectl create secret tls ca-pair-sslcerts \
  --cert=$TUTORIAL_HOME/ca.pem \
  --key=$TUTORIAL_HOME/ca-key.pem -n confluent
  • create secret credential in operator namespace, refer to Here Following was used in this playbook
    kubectl create -n confluent secret generic credential \
    --from-file=plain.txt=$TUTORIAL_HOME/plain.txt \
    --from-file=plain-users.json=$TUTORIAL_HOME/plain-users.json \
    --from-file=basic.txt=$TUTORIAL_HOME/basic.txt

Set up cluster

Deploy KRaft broker and controller

kubectl apply -f $TUTORIAL_HOME/kraftbroker_controller.yaml

Produce and consume from the topics

kubectl -n confluent exec -it kafka-0 -- bash

seq 5 | kafka-console-producer --topic demotopic --broker-list kafka.confluent.svc.cluster.local:9092

kafka-console-consumer --from-beginning --topic demotopic --bootstrap-server  kafka.confluent.svc.cluster.local:9092
1
2
3
4
5

Tear down Cluster

kubectl delete -f $TUTORIAL_HOME/kraftbroker_controller.yaml
kubectl delete namespace confluent