diff --git a/charts/hono/templates/_helpers.tpl b/charts/hono/templates/_helpers.tpl index 81ff4f56..5d9ecfdc 100644 --- a/charts/hono/templates/_helpers.tpl +++ b/charts/hono/templates/_helpers.tpl @@ -227,6 +227,9 @@ kafka: {{- if .dot.Values.kafkaMessagingClusterExample.enabled }} commonClientConfig: bootstrap.servers: {{ .dot.Release.Name }}-{{ .dot.Values.kafka.nameOverride }}-0.{{ .dot.Release.Name }}-{{ .dot.Values.kafka.nameOverride }}-headless.{{ .dot.Release.Namespace }}:{{ .dot.Values.kafka.service.port }} + security.protocol: SASL_PLAINTEXT + sasl.mechanism: SCRAM-SHA-512 + sasl.jaas.config: "org.apache.kafka.common.security.scram.ScramLoginModule required username=\"{{ first .dot.Values.kafka.auth.sasl.jaas.clientUsers }}\" password=\"{{ first .dot.Values.kafka.auth.sasl.jaas.clientPasswords }}\";" {{- else if not .dot.Values.adapters.kafkaMessagingSpec }} {{- required ".Values.adapters.kafkaMessagingSpec MUST be provided if example Kafka cluster is disabled" nil }} {{- else if not (index .dot.Values.adapters.kafkaMessagingSpec.commonClientConfig "bootstrap.servers") }} diff --git a/charts/hono/values.yaml b/charts/hono/values.yaml index b09fdc05..87f8ab0f 100755 --- a/charts/hono/values.yaml +++ b/charts/hono/values.yaml @@ -1807,6 +1807,12 @@ kafka: zookeeper: persistence: size: 1Gi + auth: + enabled: true + clientUser: zookeeperUser + clientPassword: zookeeperPassword + serverUsers: zookeeperUser + serverPasswords: zookeeperPassword # Expose the Kafka service to be accessed from outside the cluster (LoadBalancer service). # Alternatively use NodePort configuration, for more information refer to # https://github.com/bitnami/charts/tree/master/bitnami/kafka#accessing-kafka-brokers-from-outside-the-cluster @@ -1828,3 +1834,13 @@ kafka: nameOverride: kafka service: port: 9092 + auth: + clientProtocol: sasl + sasl: + jaas: + clientUsers: + - "hono" + clientPasswords: + - "hono-secret" + zookeeperUser: zookeeperUser + zookeeperPassword: zookeeperPassword