Chapter 2. Managed broker configuration
When you deploy AMQ Streams on OpenShift, you specify broker configuration through the config
property of the Kafka
custom resource. However, certain broker configuration options are managed directly by AMQ Streams.
As such, if you are using AMQ Streams on OpenShift, you cannot configure the following options:
-
broker.id
to specify the ID of the Kafka broker -
log.dirs
directories for log data -
zookeeper.connect
configuration to connect Kafka with ZooKeeper -
listeners
to expose the Kafka cluster to clients -
authorization
mechanisms to allow or decline actions executed by users -
authentication
mechanisms to prove the identity of users requiring access to Kafka
Broker IDs start from 0 (zero) and correspond to the number of broker replicas. Log directories are mounted to /var/lib/kafka/data/kafka-logIDX
based on the spec.kafka.storage
configuration in the Kafka
custom resource. IDX is the Kafka broker pod index.
For a list of exclusions, see the KafkaClusterSpec
schema reference.
These exclusions don’t apply when using AMQ Streams on RHEL. In this case, you will need to add these properties in your basic broker configuration to identify your brokers and provide secure access.
Example broker configuration for AMQ Streams on RHEL
# ... broker.id=1 log.dirs=/var/lib/kafka zookeeper.connect=zoo1.my-domain.com:2181,zoo2.my-domain.com:2181,zoo3.my-domain.com:2181 listeners=internal-1://:9092 authorizer.class.name=kafka.security.auth.SimpleAclAuthorizer ssl.truststore.location=/path/to/truststore.jks ssl.truststore.password=123456 ssl.client.auth=required # ...
Additional resources