This is an automated email from the ASF dual-hosted git repository.
lhotari pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/pulsar.git
The following commit(s) were added to refs/heads/master by this push:
new eb1391a199d [improve][proxy] Make keep-alive interval configurable in
Pulsar Proxy (#23981)
eb1391a199d is described below
commit eb1391a199d2c85f1ad7ce22a4d3eefa78d2fed3
Author: Lari Hotari <[email protected]>
AuthorDate: Fri Feb 14 08:56:40 2025 +0200
[improve][proxy] Make keep-alive interval configurable in Pulsar Proxy
(#23981)
---
conf/proxy.conf | 7 +
.../pulsar/proxy/server/ProxyConfiguration.java | 9 +
.../pulsar/proxy/server/ProxyConnection.java | 2 +-
.../proxy/server/ProxyConfigurationTest.java | 16 +-
.../proxy/server/ProxyOriginalClientIPTest.java | 3 +-
.../ProxyServiceStarterDisableZeroCopyTest.java | 2 +-
.../proxy/server/ProxyServiceStarterTest.java | 45 +++-
.../proxy/server/ProxyServiceTlsStarterTest.java | 22 +-
pulsar-proxy/src/test/resources/proxy.conf | 250 ---------------------
9 files changed, 76 insertions(+), 280 deletions(-)
diff --git a/conf/proxy.conf b/conf/proxy.conf
index 567cc0772a3..46d84744e12 100644
--- a/conf/proxy.conf
+++ b/conf/proxy.conf
@@ -59,6 +59,13 @@ bindAddress=0.0.0.0
# If not set, the value of `InetAddress.getLocalHost().getCanonicalHostName()`
is used.
advertisedAddress=
+# Specifies the interval (in seconds) for sending ping messages to the client.
Set to 0 to disable
+# ping messages. This setting applies to client connections used for topic
lookups and
+# partition metadata requests. When a client establishes a broker connection
via the proxy,
+# the client and broker will communicate directly without the proxy
intercepting the messages.
+# In that case, the broker's keepAliveIntervalSeconds configuration becomes
relevant.
+keepAliveIntervalSeconds=30
+
# Enable or disable the HAProxy protocol.
# If true, the real IP addresses of consumers and producers can be obtained
when getting topic statistics data.
haProxyProtocolEnabled=false
diff --git
a/pulsar-proxy/src/main/java/org/apache/pulsar/proxy/server/ProxyConfiguration.java
b/pulsar-proxy/src/main/java/org/apache/pulsar/proxy/server/ProxyConfiguration.java
index 329e6d52ba6..d89801d360b 100644
---
a/pulsar-proxy/src/main/java/org/apache/pulsar/proxy/server/ProxyConfiguration.java
+++
b/pulsar-proxy/src/main/java/org/apache/pulsar/proxy/server/ProxyConfiguration.java
@@ -266,6 +266,15 @@ public class ProxyConfiguration implements
PulsarConfiguration {
)
private String advertisedAddress;
+ @FieldContext(
+ category = CATEGORY_SERVER,
+ doc = "Specifies the interval (in seconds) for sending ping
messages to the client. Set to 0 to disable "
+ + "ping messages. This setting applies to client
connections used for topic lookups and "
+ + "partition metadata requests. When a client establishes
a broker connection via the proxy, "
+ + "the client and broker will communicate directly without
the proxy intercepting the messages. "
+ + "In that case, the broker's keepAliveIntervalSeconds
configuration becomes relevant.")
+ private int keepAliveIntervalSeconds = 30;
+
@FieldContext(category = CATEGORY_SERVER,
doc = "Enable or disable the proxy protocol.")
private boolean haProxyProtocolEnabled;
diff --git
a/pulsar-proxy/src/main/java/org/apache/pulsar/proxy/server/ProxyConnection.java
b/pulsar-proxy/src/main/java/org/apache/pulsar/proxy/server/ProxyConnection.java
index f8b5d084450..540771c86fb 100644
---
a/pulsar-proxy/src/main/java/org/apache/pulsar/proxy/server/ProxyConnection.java
+++
b/pulsar-proxy/src/main/java/org/apache/pulsar/proxy/server/ProxyConnection.java
@@ -155,7 +155,7 @@ public class ProxyConnection extends PulsarHandler {
}
public ProxyConnection(ProxyService proxyService, DnsAddressResolverGroup
dnsAddressResolverGroup) {
- super(30, TimeUnit.SECONDS);
+ super(proxyService.getConfiguration().getKeepAliveIntervalSeconds(),
TimeUnit.SECONDS);
this.service = proxyService;
this.dnsAddressResolverGroup = dnsAddressResolverGroup;
this.state = State.Init;
diff --git
a/pulsar-proxy/src/test/java/org/apache/pulsar/proxy/server/ProxyConfigurationTest.java
b/pulsar-proxy/src/test/java/org/apache/pulsar/proxy/server/ProxyConfigurationTest.java
index a9a562e04c8..18e7efbd7b5 100644
---
a/pulsar-proxy/src/test/java/org/apache/pulsar/proxy/server/ProxyConfigurationTest.java
+++
b/pulsar-proxy/src/test/java/org/apache/pulsar/proxy/server/ProxyConfigurationTest.java
@@ -147,7 +147,7 @@ public class ProxyConfigurationTest {
theMock.when(PulsarConfigurationLoader.create(Mockito.anyString(),
Mockito.any()))
.thenReturn(configuration);
try {
- new ProxyServiceStarter(ProxyServiceStarterTest.ARGS);
+ new ProxyServiceStarter(ProxyServiceStarterTest.getArgs());
fail("brokerServiceURL must start with pulsar://");
} catch (Exception ex) {
assertTrue(ex.getMessage().contains("brokerServiceURL must
start with pulsar://"));
@@ -161,7 +161,7 @@ public class ProxyConfigurationTest {
theMock.when(PulsarConfigurationLoader.create(Mockito.anyString(),
Mockito.any()))
.thenReturn(configuration);
try {
- new ProxyServiceStarter(ProxyServiceStarterTest.ARGS);
+ new ProxyServiceStarter(ProxyServiceStarterTest.getArgs());
fail("brokerServiceURLTLS must start with pulsar+ssl://");
} catch (Exception ex) {
assertTrue(ex.getMessage().contains("brokerServiceURLTLS must
start with pulsar+ssl://"));
@@ -174,7 +174,7 @@ public class ProxyConfigurationTest {
theMock.when(PulsarConfigurationLoader.create(Mockito.anyString(),
Mockito.any()))
.thenReturn(configuration);
try {
- new ProxyServiceStarter(ProxyServiceStarterTest.ARGS);
+ new ProxyServiceStarter(ProxyServiceStarterTest.getArgs());
fail("brokerServiceURL does not support multi urls yet");
} catch (Exception ex) {
assertTrue(ex.getMessage().contains("does not support multi
urls yet"));
@@ -188,7 +188,7 @@ public class ProxyConfigurationTest {
theMock.when(PulsarConfigurationLoader.create(Mockito.anyString(),
Mockito.any()))
.thenReturn(configuration);
try {
- new ProxyServiceStarter(ProxyServiceStarterTest.ARGS);
+ new ProxyServiceStarter(ProxyServiceStarterTest.getArgs());
fail("brokerServiceURLTLS does not support multi urls yet");
} catch (Exception ex) {
assertTrue(ex.getMessage().contains("does not support multi
urls yet"));
@@ -202,7 +202,7 @@ public class ProxyConfigurationTest {
theMock.when(PulsarConfigurationLoader.create(Mockito.anyString(),
Mockito.any()))
.thenReturn(configuration);
try {
- new ProxyServiceStarter(ProxyServiceStarterTest.ARGS);
+ new ProxyServiceStarter(ProxyServiceStarterTest.getArgs());
fail("brokerWebServiceURL does not support multi urls yet");
} catch (Exception ex) {
assertTrue(ex.getMessage().contains("does not support multi
urls yet"));
@@ -216,7 +216,7 @@ public class ProxyConfigurationTest {
theMock.when(PulsarConfigurationLoader.create(Mockito.anyString(),
Mockito.any()))
.thenReturn(configuration);
try {
- new ProxyServiceStarter(ProxyServiceStarterTest.ARGS);
+ new ProxyServiceStarter(ProxyServiceStarterTest.getArgs());
fail("brokerWebServiceURLTLS does not support multi urls yet");
} catch (Exception ex) {
assertTrue(ex.getMessage().contains("does not support multi
urls yet"));
@@ -230,7 +230,7 @@ public class ProxyConfigurationTest {
theMock.when(PulsarConfigurationLoader.create(Mockito.anyString(),
Mockito.any()))
.thenReturn(configuration);
try {
- new ProxyServiceStarter(ProxyServiceStarterTest.ARGS);
+ new ProxyServiceStarter(ProxyServiceStarterTest.getArgs());
fail("functionWorkerWebServiceURL does not support multi urls
yet");
} catch (Exception ex) {
assertTrue(ex.getMessage().contains("does not support multi
urls yet"));
@@ -244,7 +244,7 @@ public class ProxyConfigurationTest {
theMock.when(PulsarConfigurationLoader.create(Mockito.anyString(),
Mockito.any()))
.thenReturn(configuration);
try {
- new ProxyServiceStarter(ProxyServiceStarterTest.ARGS);
+ new ProxyServiceStarter(ProxyServiceStarterTest.getArgs());
fail("functionWorkerWebServiceURLTLS does not support multi
urls yet");
} catch (Exception ex) {
assertTrue(ex.getMessage().contains("does not support multi
urls yet"));
diff --git
a/pulsar-proxy/src/test/java/org/apache/pulsar/proxy/server/ProxyOriginalClientIPTest.java
b/pulsar-proxy/src/test/java/org/apache/pulsar/proxy/server/ProxyOriginalClientIPTest.java
index b267439d471..50ae6e627e8 100644
---
a/pulsar-proxy/src/test/java/org/apache/pulsar/proxy/server/ProxyOriginalClientIPTest.java
+++
b/pulsar-proxy/src/test/java/org/apache/pulsar/proxy/server/ProxyOriginalClientIPTest.java
@@ -39,7 +39,6 @@ import org.testng.annotations.Test;
@Slf4j
@Test(groups = "broker")
public class ProxyOriginalClientIPTest extends MockedPulsarServiceBaseTest {
- static final String[] ARGS = new String[]{"-c",
"./src/test/resources/proxy.conf"};
HttpClient httpClient;
ProxyServiceStarter serviceStarter;
String webServiceUrl;
@@ -49,7 +48,7 @@ public class ProxyOriginalClientIPTest extends
MockedPulsarServiceBaseTest {
@BeforeClass
protected void setup() throws Exception {
internalSetup();
- serviceStarter = new ProxyServiceStarter(ARGS, proxyConfig -> {
+ serviceStarter = new
ProxyServiceStarter(ProxyServiceStarterTest.getArgs(), proxyConfig -> {
proxyConfig.setBrokerServiceURL(pulsar.getBrokerServiceUrl());
proxyConfig.setBrokerWebServiceURL(pulsar.getWebServiceAddress());
proxyConfig.setWebServicePort(Optional.of(0));
diff --git
a/pulsar-proxy/src/test/java/org/apache/pulsar/proxy/server/ProxyServiceStarterDisableZeroCopyTest.java
b/pulsar-proxy/src/test/java/org/apache/pulsar/proxy/server/ProxyServiceStarterDisableZeroCopyTest.java
index 937526629ac..b645c472425 100644
---
a/pulsar-proxy/src/test/java/org/apache/pulsar/proxy/server/ProxyServiceStarterDisableZeroCopyTest.java
+++
b/pulsar-proxy/src/test/java/org/apache/pulsar/proxy/server/ProxyServiceStarterDisableZeroCopyTest.java
@@ -27,7 +27,7 @@ public class ProxyServiceStarterDisableZeroCopyTest extends
ProxyServiceStarterT
@BeforeClass
protected void setup() throws Exception {
internalSetup();
- serviceStarter = new ProxyServiceStarter(ARGS, null, true);
+ serviceStarter = new ProxyServiceStarter(getArgs(), null, true);
serviceStarter.getConfig().setBrokerServiceURL(pulsar.getBrokerServiceUrl());
serviceStarter.getConfig().setBrokerWebServiceURL(pulsar.getWebServiceAddress());
serviceStarter.getConfig().setWebServicePort(Optional.of(0));
diff --git
a/pulsar-proxy/src/test/java/org/apache/pulsar/proxy/server/ProxyServiceStarterTest.java
b/pulsar-proxy/src/test/java/org/apache/pulsar/proxy/server/ProxyServiceStarterTest.java
index d96d2cd1f6e..6ef24874387 100644
---
a/pulsar-proxy/src/test/java/org/apache/pulsar/proxy/server/ProxyServiceStarterTest.java
+++
b/pulsar-proxy/src/test/java/org/apache/pulsar/proxy/server/ProxyServiceStarterTest.java
@@ -21,16 +21,23 @@ package org.apache.pulsar.proxy.server;
import static org.testng.Assert.assertEquals;
import static org.testng.Assert.assertTrue;
import static org.testng.Assert.fail;
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileOutputStream;
import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
import java.net.URI;
import java.nio.ByteBuffer;
import java.util.Base64;
import java.util.Map;
import java.util.Optional;
+import java.util.Properties;
import java.util.concurrent.ArrayBlockingQueue;
import java.util.concurrent.Future;
import java.util.function.Consumer;
import lombok.Cleanup;
+import lombok.SneakyThrows;
import org.apache.pulsar.broker.auth.MockedPulsarServiceBaseTest;
import org.apache.pulsar.client.api.Authentication;
import org.apache.pulsar.client.api.Producer;
@@ -50,17 +57,38 @@ import org.testng.annotations.BeforeClass;
import org.testng.annotations.Test;
public class ProxyServiceStarterTest extends MockedPulsarServiceBaseTest {
-
- public static final String[] ARGS = new String[]{"-c",
"./src/test/resources/proxy.conf"};
-
protected ProxyServiceStarter serviceStarter;
protected String serviceUrl;
+ private static File proxyConfFileForTests;
+
+ @SneakyThrows
+ public static String[] getArgs() {
+ if (proxyConfFileForTests == null) {
+ // load the properties from the proxy.conf file
+ Properties properties = new Properties();
+ try (InputStream inputStream = new
FileInputStream("../conf/proxy.conf")) {
+ properties.load(inputStream);
+ }
+ // set dummy values for the required properties so that validation
is passed
+ properties.setProperty("brokerServiceURL", "pulsar://0.0.0.0:0");
+ properties.setProperty("brokerWebServiceURL", "http://0.0.0.0:0";);
+ // change keepAliveIntervalSeconds default value so that it's
possible to validate that it's configured
+ properties.setProperty("keepAliveIntervalSeconds", "25");
+ // write the properties to a temporary file
+ proxyConfFileForTests = File.createTempFile("proxy", ".conf");
+ proxyConfFileForTests.deleteOnExit();
+ try (OutputStream out = new
FileOutputStream(proxyConfFileForTests)) {
+ properties.store(out, null);
+ }
+ }
+ return new String[] { "-c", proxyConfFileForTests.getAbsolutePath() };
+ }
@Override
@BeforeClass
protected void setup() throws Exception {
internalSetup();
- serviceStarter = new ProxyServiceStarter(ARGS, null, true);
+ serviceStarter = new ProxyServiceStarter(getArgs(), null, true);
serviceStarter.getConfig().setBrokerServiceURL(pulsar.getBrokerServiceUrl());
serviceStarter.getConfig().setBrokerWebServiceURL(pulsar.getWebServiceAddress());
serviceStarter.getConfig().setWebServicePort(Optional.of(0));
@@ -100,6 +128,11 @@ public class ProxyServiceStarterTest extends
MockedPulsarServiceBaseTest {
}
}
+ @Test
+ public void testKeepAliveIntervalSecondsIsConfigured() throws Exception {
+ assertEquals(serviceStarter.getConfig().getKeepAliveIntervalSeconds(),
25);
+ }
+
@Test
public void testProduceAndConsumeMessageWithWebsocket() throws Exception {
@Cleanup("stop")
@@ -180,7 +213,7 @@ public class ProxyServiceStarterTest extends
MockedPulsarServiceBaseTest {
- ProxyServiceStarter serviceStarter = new ProxyServiceStarter(ARGS,
null, true);
+ ProxyServiceStarter serviceStarter = new
ProxyServiceStarter(getArgs(), null, true);
initConfig.accept(serviceStarter.getConfig());
// ProxyServiceStarter will throw an exception when
Authentication#start is failed
serviceStarter.getConfig().setBrokerClientAuthenticationPlugin(ExceptionAuthentication1.class.getName());
@@ -192,7 +225,7 @@ public class ProxyServiceStarterTest extends
MockedPulsarServiceBaseTest {
assertTrue(serviceStarter.getProxyClientAuthentication()
instanceof ExceptionAuthentication1);
}
- serviceStarter = new ProxyServiceStarter(ARGS, null, true);
+ serviceStarter = new ProxyServiceStarter(getArgs(), null, true);
initConfig.accept(serviceStarter.getConfig());
// ProxyServiceStarter will throw an exception when
Authentication#start and Authentication#close are failed
serviceStarter.getConfig().setBrokerClientAuthenticationPlugin(ExceptionAuthentication2.class.getName());
diff --git
a/pulsar-proxy/src/test/java/org/apache/pulsar/proxy/server/ProxyServiceTlsStarterTest.java
b/pulsar-proxy/src/test/java/org/apache/pulsar/proxy/server/ProxyServiceTlsStarterTest.java
index ee8ae8d4afb..3e1c1200a74 100644
---
a/pulsar-proxy/src/test/java/org/apache/pulsar/proxy/server/ProxyServiceTlsStarterTest.java
+++
b/pulsar-proxy/src/test/java/org/apache/pulsar/proxy/server/ProxyServiceTlsStarterTest.java
@@ -18,6 +18,15 @@
*/
package org.apache.pulsar.proxy.server;
+import static org.apache.pulsar.proxy.server.ProxyServiceStarterTest.getArgs;
+import static org.testng.Assert.assertEquals;
+import static org.testng.Assert.assertTrue;
+import java.net.URI;
+import java.nio.ByteBuffer;
+import java.util.Base64;
+import java.util.Optional;
+import java.util.concurrent.ArrayBlockingQueue;
+import java.util.concurrent.Future;
import lombok.Cleanup;
import org.apache.pulsar.broker.auth.MockedPulsarServiceBaseTest;
import org.apache.pulsar.client.api.Producer;
@@ -35,17 +44,6 @@ import org.testng.annotations.AfterClass;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.Test;
-import java.net.URI;
-import java.nio.ByteBuffer;
-import java.util.Base64;
-import java.util.Optional;
-import java.util.concurrent.ArrayBlockingQueue;
-import java.util.concurrent.Future;
-
-import static org.apache.pulsar.proxy.server.ProxyServiceStarterTest.ARGS;
-import static org.testng.Assert.assertEquals;
-import static org.testng.Assert.assertTrue;
-
public class ProxyServiceTlsStarterTest extends MockedPulsarServiceBaseTest {
private ProxyServiceStarter serviceStarter;
private String serviceUrl;
@@ -55,7 +53,7 @@ public class ProxyServiceTlsStarterTest extends
MockedPulsarServiceBaseTest {
@BeforeClass
protected void setup() throws Exception {
internalSetup();
- serviceStarter = new ProxyServiceStarter(ARGS, null, true);
+ serviceStarter = new ProxyServiceStarter(getArgs(), null, true);
serviceStarter.getConfig().setBrokerServiceURL(pulsar.getBrokerServiceUrl());
serviceStarter.getConfig().setBrokerServiceURLTLS(pulsar.getBrokerServiceUrlTls());
serviceStarter.getConfig().setBrokerWebServiceURL(pulsar.getWebServiceAddress());
diff --git a/pulsar-proxy/src/test/resources/proxy.conf
b/pulsar-proxy/src/test/resources/proxy.conf
deleted file mode 100644
index aec9f5ee1c5..00000000000
--- a/pulsar-proxy/src/test/resources/proxy.conf
+++ /dev/null
@@ -1,250 +0,0 @@
-#
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-#
-
-### --- Broker Discovery --- ###
-
-# The metadata store URL
-# Examples:
-# * zk:my-zk-1:2181,my-zk-2:2181,my-zk-3:2181
-# * my-zk-1:2181,my-zk-2:2181,my-zk-3:2181 (will default to ZooKeeper when the
schema is not specified)
-# * zk:my-zk-1:2181,my-zk-2:2181,my-zk-3:2181/my-chroot-path (to add a ZK
chroot path)
-metadataStoreUrl=
-
-# The metadata store URL for the configuration data. If empty, we fall back to
use metadataStoreUrl
-configurationMetadataStoreUrl=
-
-# if Service Discovery is Disabled this url should point to the discovery
service provider.
-brokerServiceURL=pulsar://0.0.0.0:0
-brokerServiceURLTLS=
-
-# These settings are unnecessary if `zookeeperServers` is specified
-brokerWebServiceURL=http://0.0.0.0:0
-brokerWebServiceURLTLS=
-
-# If function workers are setup in a separate cluster, configure the following
2 settings
-# to point to the function workers cluster
-functionWorkerWebServiceURL=
-functionWorkerWebServiceURLTLS=
-
-# ZooKeeper session timeout (in milliseconds)
-zookeeperSessionTimeoutMs=30000
-
-# ZooKeeper cache expiry time in seconds
-zooKeeperCacheExpirySeconds=300
-
-### --- Server --- ###
-
-# Hostname or IP address the service binds on, default is 0.0.0.0.
-bindAddress=0.0.0.0
-
-# Hostname or IP address the service advertises to the outside world.
-# If not set, the value of `InetAddress.getLocalHost().getCanonicalHostName()`
is used.
-advertisedAddress=
-
-# Enable or disable the HAProxy protocol.
-haProxyProtocolEnabled=false
-
-# Enables zero-copy transport of data across network interfaces using the
splice system call.
-# Zero copy mode cannot be used when TLS is enabled or when proxyLogLevel is >
0.
-proxyZeroCopyModeEnabled=true
-
-# The port to use for server binary Protobuf requests
-servicePort=6650
-
-# The port to use to server binary Protobuf TLS requests
-servicePortTls=
-
-# Port that discovery service listen on
-webServicePort=8080
-
-# Port to use to server HTTPS request
-webServicePortTls=
-
-# Path for the file used to determine the rotation status for the proxy
instance when responding
-# to service discovery health checks
-statusFilePath=
-
-# Proxy log level, default is 0.
-# 0: Do not log any tcp channel info
-# 1: Parse and log any tcp channel info and command info without message body
-# 2: Parse and log channel info, command info and message body
-proxyLogLevel=0
-
-### ---Authorization --- ###
-
-# Role names that are treated as "super-users," meaning that they will be able
to perform all admin
-# operations and publish/consume to/from all topics (as a comma-separated list)
-superUserRoles=
-
-# Whether authorization is enforced by the Pulsar proxy
-authorizationEnabled=false
-
-# Authorization provider as a fully qualified class name
-authorizationProvider=org.apache.pulsar.broker.authorization.PulsarAuthorizationProvider
-
-# Whether client authorization credentials are forwared to the broker for
re-authorization.
-# Authentication must be enabled via authenticationEnabled=true for this to
take effect.
-forwardAuthorizationCredentials=false
-
-### --- Authentication --- ###
-
-# Whether authentication is enabled for the Pulsar proxy
-authenticationEnabled=false
-
-# Authentication provider name list (a comma-separated list of class names)
-authenticationProviders=
-
-# When this parameter is not empty, unauthenticated users perform as
anonymousUserRole
-anonymousUserRole=
-
-### --- Client Authentication --- ###
-
-# The three brokerClient* authentication settings below are for the proxy
itself and determine how it
-# authenticates with Pulsar brokers
-
-# The authentication plugin used by the Pulsar proxy to authenticate with
Pulsar brokers
-brokerClientAuthenticationPlugin=
-
-# The authentication parameters used by the Pulsar proxy to authenticate with
Pulsar brokers
-brokerClientAuthenticationParameters=
-
-# The path to trusted certificates used by the Pulsar proxy to authenticate
with Pulsar brokers
-brokerClientTrustCertsFilePath=
-
-# Whether TLS is enabled when communicating with Pulsar brokers
-tlsEnabledWithBroker=false
-
-# Tls cert refresh duration in seconds (set 0 to check on every new connection)
-tlsCertRefreshCheckDurationSec=300
-
-##### --- Rate Limiting --- #####
-
-# Max concurrent inbound connections. The proxy will reject requests beyond
that.
-maxConcurrentInboundConnections=10000
-
-# Max concurrent outbound connections. The proxy will error out requests
beyond that.
-maxConcurrentLookupRequests=50000
-
-##### --- TLS --- #####
-
-# Deprecated - use servicePortTls and webServicePortTls instead
-tlsEnabledInProxy=false
-
-# Path for the TLS certificate file
-tlsCertificateFilePath=
-
-# Path for the TLS private key file
-tlsKeyFilePath=
-
-# Path for the trusted TLS certificate file.
-# This cert is used to verify that any certs presented by connecting clients
-# are signed by a certificate authority. If this verification
-# fails, then the certs are untrusted and the connections are dropped.
-tlsTrustCertsFilePath=
-
-# Accept untrusted TLS certificate from client.
-# If true, a client with a cert which cannot be verified with the
-# 'tlsTrustCertsFilePath' cert will allowed to connect to the server,
-# though the cert will not be used for client authentication.
-tlsAllowInsecureConnection=false
-
-# Whether the hostname is validated when the proxy creates a TLS connection
with brokers
-tlsHostnameVerificationEnabled=false
-
-# Specify the tls protocols the broker will use to negotiate during TLS
handshake
-# (a comma-separated list of protocol names).
-# Examples:- [TLSv1.3, TLSv1.2]
-tlsProtocols=
-
-# Specify the tls cipher the broker will use to negotiate during TLS Handshake
-# (a comma-separated list of ciphers).
-# Examples:- [TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-tlsCiphers=
-
-# Whether client certificates are required for TLS. Connections are rejected
if the client
-# certificate isn't trusted.
-tlsRequireTrustedClientCertOnConnect=false
-
-##### --- HTTP --- #####
-
-# Http directs to redirect to non-pulsar services.
-httpReverseProxyConfigs=
-
-# Http output buffer size. The amount of data that will be buffered for http
requests
-# before it is flushed to the channel. A larger buffer size may result in
higher http throughput
-# though it may take longer for the client to see data.
-# If using HTTP streaming via the reverse proxy, this should be set to the
minimum value, 1,
-# so that clients see the data as soon as possible.
-httpOutputBufferSize=32768
-
-# Number of threads to use for HTTP requests processing. Default is
-# 2 * Runtime.getRuntime().availableProcessors()
-httpNumThreads=
-
-# Enable the enforcement of limits on the incoming HTTP requests
-httpRequestsLimitEnabled=false
-
-# Max HTTP requests per seconds allowed. The excess of requests will be
rejected with HTTP code 429 (Too many requests)
-httpRequestsMaxPerSecond=100.0
-
-
-### --- Token Authentication Provider --- ###
-
-## Symmetric key
-# Configure the secret key to be used to validate auth tokens
-# The key can be specified like:
-# tokenSecretKey=data:;base64,xxxxxxxxx
-# tokenSecretKey=file:///my/secret.key ( Note: key file must be DER-encoded
)
-tokenSecretKey=
-
-## Asymmetric public/private key pair
-# Configure the public key to be used to validate auth tokens
-# The key can be specified like:
-# tokenPublicKey=data:;base64,xxxxxxxxx
-# tokenPublicKey=file:///my/public.key ( Note: key file must be DER-encoded
)
-tokenPublicKey=
-
-# The token "claim" that will be interpreted as the authentication "role" or
"principal" by AuthenticationProviderToken (defaults to "sub" if blank)
-tokenAuthClaim=
-
-# The token audience "claim" name, e.g. "aud", that will be used to get the
audience from token.
-# If not set, audience will not be verified.
-tokenAudienceClaim=
-
-# The token audience stands for this broker. The field `tokenAudienceClaim` of
a valid token, need contains this.
-tokenAudience=
-
-### --- WebSocket config variables --- ###
-
-# Enable or disable the WebSocket servlet.
-webSocketServiceEnabled=false
-
-# Name of the cluster to which this broker belongs to
-clusterName=
-
-### --- Deprecated config variables --- ###
-
-# Deprecated. Use configurationStoreServers
-globalZookeeperServers=
-
-# The ZooKeeper quorum connection string (as a comma-separated list)
-zookeeperServers=
-
-# Configuration store connection string (as a comma-separated list)
-configurationStoreServers=
