You are looking at the documentation of a prior release. To read the documentation of the latest release, please
visit here.
New to KubeDB? Please start here.
Rotate Authentication of Kafka
This guide will give an overview on how KubeDB Ops-manager operator Rotate Authentication configuration.
Before You Begin
- You should be familiar with the following
KubeDB
concepts:
How Rotate Kafka Authentication Configuration Process Works
The following diagram shows how KubeDB Ops-manager operator Rotate Authentication of a Kafka
. Open the image in a new tab to see the enlarged version.
The Rotate Kafka Authentication process consists of the following steps:
At first, a user creates a
Kafka
Custom Resource Object (CRO).KubeDB
Provisioner operator watches theKafka
CRO.When the operator finds a
Kafka
CR, it creates required number ofPetSets
and related necessary stuff like secrets, services, etc.Then, in order to rotate the authentication configuration of the
Kafka
, the user creates aKafkaOpsRequest
CR with desired information.KubeDB
Ops-manager operator watches theKafkaOpsRequest
CR.When it finds a
KafkaOpsRequest
CR, it pauses theKafka
object which is referred from theKafkaOpsRequest
. So, theKubeDB
Provisioner operator doesn’t perform any operations on theKafka
object during the rotating Authentication process.Then the
KubeDB
Ops-manager operator will update necessary configuration based on the Ops Request yaml to update credentials.Then the
KubeDB
Ops-manager operator will restart all the Pods of the database so that they restart with the new authenticationENVs
or other configuration defined in theKafkaOpsRequest
CR.After the successful rotating of the
Kafka
Authentication, theKubeDB
Ops-manager operator resumes theKafka
object so that theKubeDB
Provisioner operator resumes its usual operations.
In the next docs, we are going to show a step by step guide on rotating Authentication configuration of a Kafka using KafkaOpsRequest
CRD.