-
Notifications
You must be signed in to change notification settings - Fork 2
/
cluster.yaml
68 lines (68 loc) · 2.14 KB
/
cluster.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
apiVersion: platform.confluent.io/v1beta1
kind: KRaftController
metadata:
name: kraftcontroller
namespace: confluent
spec:
dataVolumeCapacity: 10G
image:
application: docker.io/confluentinc/cp-server:7.7.0
init: confluentinc/confluent-init-container:2.9.1
replicas: 1
---
apiVersion: platform.confluent.io/v1beta1
kind: Kafka
metadata:
name: broker
namespace: confluent
spec:
dependencies:
kRaftController:
clusterRef:
name: kraftcontroller
dataVolumeCapacity: 10G
image:
application: docker.io/confluentinc/cp-server:7.7.0
init: confluentinc/confluent-init-container:2.9.1
replicas: 3
listeners:
external:
authentication:
type: oauth
jaasConfig:
secretRef: oauth-jass
oauthSettings:
groupsClaimName: groups
subClaimName: sub
audience: <client-id>
expectedIssuer: https://login.microsoftonline.com/<tenant-id>/v2.0
jwksEndpointUri: https://login.microsoftonline.com/<tenant-id>/discovery/v2.0/keys
tokenEndpointUri: https://login.microsoftonline.com/<tenant-id>/oauth2/v2.0/token
configOverrides:
server:
- auto.create.topics.enable=true
- listener.name.external.oauthbearer.sasl.server.callback.handler.class=org.apache.kafka.common.security.oauthbearer.secured.OAuthBearerValidatorCallbackHandler
- listener.name.external.oauthbearer.sasl.jaas.config=org.apache.kafka.common.security.oauthbearer.OAuthBearerLoginModule required;
---
apiVersion: platform.confluent.io/v1beta1
kind: ControlCenter
metadata:
name: controlcenter
namespace: confluent
spec:
replicas: 1
image:
application: confluentinc/cp-enterprise-control-center:7.7.0
init: confluentinc/confluent-init-container:2.9.1
dataVolumeCapacity: 10Gi
dependencies:
kafka:
bootstrapEndpoint: broker.confluent.svc.cluster.local:9092
authentication:
type: oauth
jaasConfig:
secretRef: oauth-jass
oauthSettings:
tokenEndpointUri: https://login.microsoftonline.com/<tenant-id>/oauth2/v2.0/token
scope: <Azure client id of the broker application>/.default
---