HiveMQ extensions are configured with configuration XML files. To allow the HiveMQ Kubernetes Operator to manage the extension configuration files, you must provide the extension configuration XML in a ConfigMap.
\uD83D\uDCD8 Instructions
The following procedure shows you how to place the enterprise-security-extension.xml into a ConfigMap that a HiveMQ Cluster configuration references.
Save the Prepare an example configuration XML file as
enterprise-security-extension.xmlCode Block language yaml <?xml version="1.0" encoding="UTF-8" ?> <enterprise-security-extension xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="enterprise-security-extension.xsd" version="1"> <pipelines> <listener-pipeline listener="ALL"> <allow-all-authentication-manager/> <allow-all-authorization-manager/> </listener-pipeline> </pipelines> </enterprise-security-extension>Create the ConfigMap in Kubernetes clusterwith name
eseconfig:
whereCode Block language bash kubectl create configmap 'eseconfig' --from-file=enterprise-security-extension.xml \ --namespace ${namespace}eseconfigwill be the name of the new configmap and
variable contains the name of the target namespace.${namespace}Update the HiveMQ Cluster configuration in HiveMQ
hivemq.extensionssection of yourvalues.yamlfile withCode Block language yaml configMap: eseconfigThis example shows the HiveMQ Cluster enterprise security extension configuration that references the ConfigMap
eseconfigthat contains the extension configuration information. Add the key:Code Block language yaml ... hivemq: ... extensions: ... - name: hivemq-enterprise-security-extension extensionUri: preinstalled enabled: true configMap: eseconfig # Note that this is just an example initialization routine. Make sure this points to the current JDBC version you require for your configuration. initialization: | # A little hack because k8s configMaps can't handle sub-directories [[ -e /conf-override/extensions/hivemq-enterprise-security-extension/enterprise-security-extension.xml ]] && rm -f $(pwd)/conf/enterprise-security-extension.xml && cp -s /conf-override/extensions/hivemq-enterprise-security-extension/enterprise-security-extension.xml $(pwd)/conf/enterprise-security-extension.xml [[ ! -f drivers/postgres-jdbc.jar ]] && curl -L https://jdbc.postgresql.org/download/postgresql-42.2.14.jar --output drivers/jdbc/postgres.jar
Example
values.yaml:Install HiveMQ Operator using your
my-values.yamlfile:Code Block language bash helm upgrade ${hivemqReleaseName}hivemq --install hivemq/hivemq-operator \ --values my-values.yaml
HiveMQ Kubernetes Operator will automatically add configmap
eseconfigto the hivemq pod as a volumeeseconfig. Volumeeseconfigwill be mounted to thehivemqcontainer as directory/conf-override/extensions/hivemq-enterprise-security-extension. The initialization script will then create a symbolic link to the configuration file in the correct directory:Code Block language bash cp -s /conf-override/extensions/hivemq-enterprise-security-extension/enterprise-security-extension.xml $(pwd)/conf/enterprise-security-extension.xml
| Info |
|---|
HiveMQ Kubernetes Operator will automatically handle only ConfigMap, not a Secret. For a configuration with a Secret refer to the article Enterprise Security Extension Configuration with a secret Secret with HiveMQ Kubernetes Operator. |
\uD83D\uDCCB Related articles
| Filter by label (Content by label) | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|