From a80858f811ade691b17e48b657ed46734baae9b4 Mon Sep 17 00:00:00 2001 From: Abhishek Mohite Date: Tue, 10 Jan 2023 13:55:53 +0530 Subject: [PATCH 1/2] Add tls auth doc for rabbitmq scaler (#967) Signed-off-by: Abhishek Mohite --- content/docs/2.10/scalers/rabbitmq-queue.md | 66 +++++++++++++++++++++ 1 file changed, 66 insertions(+) diff --git a/content/docs/2.10/scalers/rabbitmq-queue.md b/content/docs/2.10/scalers/rabbitmq-queue.md index 724bf1b54..fe9196b40 100644 --- a/content/docs/2.10/scalers/rabbitmq-queue.md +++ b/content/docs/2.10/scalers/rabbitmq-queue.md @@ -68,6 +68,15 @@ TriggerAuthentication CRD is used to connect and authenticate to RabbitMQ: > See the [RabbitMQ Ports](https://www.rabbitmq.com/networking.html#ports) section for more details on how to configure the ports. +**TLS:** + +- `tls` - To enable SSL auth for RabbitMQ, set this to `enable`. If not set, TLS for RabbitMQ is not used. (Values: `enable`, `disable`, Default: `disable`, Optional) +- `ca` - Certificate authority file for TLS client authentication. (Optional) +- `cert` - Certificate for client authentication. (Optional) +- `key` - Key for client authentication. (Optional) + +> Using RabbitMQ host with amqps will require enabling the tls settings and passing the required parameters. + ### Example #### AMQP protocol: @@ -111,6 +120,63 @@ spec: name: keda-trigger-auth-rabbitmq-conn ``` +#### AMQPS protocol with TLS auth: + +```yaml +apiVersion: v1 +kind: Secret +metadata: + name: keda-rabbitmq-secret +data: + host: # base64 encoded value of format amqps://guest:password@localhost:5672/vhost + tls: "enable" + ca: + cert: + key: +--- +apiVersion: keda.sh/v1alpha1 +kind: TriggerAuthentication +metadata: + name: keda-trigger-auth-rabbitmq-conn + namespace: default +spec: + secretTargetRef: + - parameter: host + name: keda-rabbitmq-secret + key: host + - parameter: tls + name: keda-rabbitmq-secret + key: tls + - parameter: ca + name: keda-rabbitmq-secret + key: ca + - parameter: cert + name: keda-rabbitmq-secret + key: cert + - parameter: key + name: keda-rabbitmq-secret + key: key +--- +apiVersion: keda.sh/v1alpha1 +kind: ScaledObject +metadata: + name: rabbitmq-scaledobject + namespace: default +spec: + scaleTargetRef: + name: rabbitmq-deployment + triggers: + - type: rabbitmq + metadata: + protocol: amqp + queueName: testqueue + mode: QueueLength + value: "20" + metricName: custom-testqueue #optional. Generated value would be `rabbitmq-custom-testqueue` + authenticationRef: + name: keda-trigger-auth-rabbitmq-conn +``` + #### HTTP protocol (`QueueLength`): ```yaml From 27a220806d22d5e81250874db7fbe18454b0faef Mon Sep 17 00:00:00 2001 From: Abhishek Mohite Date: Fri, 13 Jan 2023 11:33:24 +0530 Subject: [PATCH 2/2] Update content/docs/2.10/scalers/rabbitmq-queue.md Co-authored-by: Jorge Turrado Ferrero Signed-off-by: Abhishek Mohite --- content/docs/2.10/scalers/rabbitmq-queue.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/docs/2.10/scalers/rabbitmq-queue.md b/content/docs/2.10/scalers/rabbitmq-queue.md index fe9196b40..e545be69a 100644 --- a/content/docs/2.10/scalers/rabbitmq-queue.md +++ b/content/docs/2.10/scalers/rabbitmq-queue.md @@ -68,7 +68,7 @@ TriggerAuthentication CRD is used to connect and authenticate to RabbitMQ: > See the [RabbitMQ Ports](https://www.rabbitmq.com/networking.html#ports) section for more details on how to configure the ports. -**TLS:** +**TLS authentication:** - `tls` - To enable SSL auth for RabbitMQ, set this to `enable`. If not set, TLS for RabbitMQ is not used. (Values: `enable`, `disable`, Default: `disable`, Optional) - `ca` - Certificate authority file for TLS client authentication. (Optional)