ESE Configuration in a ConfigMap
HiveMQ extensions are configured with configuration XML files. To allow the HiveMQ Kubernetes Operator to manage the extension configuration files, you must provide the extension configuration XML in a ConfigMap.
Instructions
The following procedure shows you how to place the enterprise-security-extension.xml into a ConfigMap that a HiveMQ Cluster configuration references.
Prepare an example configuration XML file
enterprise-security-extension.xml<?xml version="1.0" encoding="UTF-8" ?> <enterprise-security-extension xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="enterprise-security-extension.xsd" version="1"> <pipelines> <listener-pipeline listener="ALL"> <allow-all-authentication-manager/> <allow-all-authorization-manager/> </listener-pipeline> </pipelines> </enterprise-security-extension>Create the ConfigMap with name
eseconfig:kubectl create configmap 'eseconfig' --from-file=enterprise-security-extension.xml \ --namespace ${namespace}Update the HiveMQ Cluster configuration in
hivemq.extensionssection of yourvalues.yamlfile. Add the key:configMap: eseconfigExample
values.yaml:Install HiveMQ Operator using your
my-values.yamlfile:helm upgrade hivemq --install hivemq/hivemq-operator --values my-values.yamlHiveMQ Kubernetes Operator will automatically add configmap
eseconfigto the hivemq pod as a volumeeseconfig. Volumeeseconfigwill be mounted to thehivemqcontainer as directory/conf-override/extensions/hivemq-enterprise-security-extension. The initialization script will then create a symbolic link to the configuration file in the correct directory:cp -s /conf-override/extensions/hivemq-enterprise-security-extension/enterprise-security-extension.xml $(pwd)/conf/enterprise-security-extension.xml
HiveMQ Kubernetes Operator will automatically handle only ConfigMap, not a Secret. For a configuration with a Secret refer to the article ESE Configuration in a Secret.