Get information from secured TLS enforced Kafka with ACL's enforced.
To be run as long running REST application in Docker.
Configuration is done via Docker environment variables:
- VAULT_ADDR - address of Hashicorp Vault
- VAULT_TOKEN - Periodic token, which could issue Kafka manager TLS certificate
- VAULT_TOKEN_RENEW_PERIOD - Renewal period of token, should be less that period, so that server could renew token before it's expire. Should be ending with s,m,h as defined in here
- VAULT_TLS_RENEW_PERIOD - Period (in hours) ending with
hlike24hafter which TLS certificate should be renewed. TLS cert TTL would be issued from Vault with this value - VAULT_PKI_ISSUE_ENDPOINT - where to get certificate from, should be like pki/issue/some_role
- KAFKA_PKI_BASE_FQDN - TLS certificate CN FQDN consists of 2 parts which are combined in this way: KAFKA_PKI_MANAGER_NAME.KAFKA_PKI_BASE_FQDN Here is last part of FQDN
- KAFKA_PKI_MANAGER_NAME - TLS certificate CN FQDN consists of 2 parts which are combined in this way: KAFKA_PKI_MANAGER_NAME.KAFKA_PKI_BASE_FQDN Here is initial part of FQDN
- KAFKA_BROKERS - Comma separated list of Kafka brokers with ports, like 10.0.0.1:9093,10.0.0.2:9093 Can be single host with port.