-
Notifications
You must be signed in to change notification settings - Fork 0
/
cluster.yaml
33 lines (31 loc) · 1.15 KB
/
cluster.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
meta:
name: local-cluster-auth
environment: local-env
region: local-region
description: |
Test cluster that uses SSL/TLS and SASL to securely connect to brokers. Can be run
against compose setup defined in docker-compose-auth.yml in the repo root.
spec:
bootstrapAddrs:
# To use just TLS without SASL, switch to port 9093 and disable SASL in the config below.
# To use just SASL without TLS, switch to port 9094 and disabled TLS in the config below.
- localhost:9095
tls:
enabled: true
caCertPath: certs/ca.crt
certPath: certs/client.crt
keyPath: certs/client.key
skipVerify: true
sasl:
enabled: true
mechanism: SCRAM-SHA-512
# As an alternative to storing these in plain text in the config (probably not super-secure),
# these can also be set via:
#
# 1. The --sasl-username and --sasl-password command-line flags,
# 2. The TOPICCTL_SASL_USERNAME and TOPICCTL_SASL_PASSWORD environment variables, or
# 3. Putting placeholder strings in the config and running with the --expand-env flag as
# described in the README.
#
username: adminscram
password: admin-secret-512