dapr
/
docs
mirror of https://github.com/dapr/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Documentation for Jetstream TLS configuration (#2698) 

* docs(pubsub/jetstream): make table readable as plain text and easier to edit

Signed-off-by: NickLarsenNZ <nick@aptiv.co.nz>

* docs(pubsub/jetstream): add tls client authentication fields (see dapr/components-contrib#1924)

Signed-off-by: NickLarsenNZ <nick@aptiv.co.nz>

* docs(pubsub/jetstream): make example values consistent (strings quotes inside the code span)

Signed-off-by: NickLarsenNZ <nick@aptiv.co.nz>

* add to yaml example and mark as optional

Signed-off-by: Hannah Hunter <hannahhunter@microsoft.com>

Signed-off-by: Hannah Hunter <94493363+hhunter-ms@users.noreply.github.com>

Signed-off-by: NickLarsenNZ <nick@aptiv.co.nz>
Signed-off-by: Hannah Hunter <94493363+hhunter-ms@users.noreply.github.com>
Co-authored-by: Yaron Schneider <schneider.yaron@live.com>
Co-authored-by: Mark Fussell <markfussell@gmail.com>
Co-authored-by: Hannah Hunter <94493363+hhunter-ms@users.noreply.github.com>
This commit is contained in:
Nick 2022-10-08 00:13:38 +02:00 committed by GitHub
parent 47375831be
commit 44ed7a782a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 35 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
daprdocs/content/en/reference/components-reference/supported-pubsub/setup-jetstream.md
View File

@ -24,40 +24,46 @@ spec:
metadata:
- name: natsURL
value: "nats://localhost:4222"
- name: jwt
value: "eyJhbGciOiJ...6yJV_adQssw5c" # Optional. Used for decentralized JWT authentication
- name: seedKey
value: "SUACS34K232O...5Z3POU7BNIL4Y" # Optional. Used for decentralized JWT authentication
- name: name
value: "connection name"
- name: durableName
value: "consumer durable name"
- name: queueGroupName
value: "queue group name"
- name: startSequence
- name: jwt # Optional. Used for decentralized JWT authentication.
value: "eyJhbGciOiJ...6yJV_adQssw5c"
- name: seedKey # Optional. Used for decentralized JWT authentication.
value: "SUACS34K232O...5Z3POU7BNIL4Y"
- name: tls_client_cert # Optional. Used for TLS Client authentication.
value: "/path/to/tls.crt"
- name: tls_client_key # Optional. Used for TLS Client authentication.
value: "/path/to/tls.key"
- name: name
value: "my-conn-name"
- name: durableName
value: "my-durable"
- name: queueGroupName
value: "my-queue"
- name: startSequence
value: 1
- name: startTime # in Unix format
- name: startTime # In Unix format
value: 1630349391
- name: deliverAll
- name: deliverAll
value: false
- name: flowControl
- name: flowControl
value: false
```
## Spec metadata fields
| Field | Required | Details | Example |
|----------------|:--------:|---------|---------|
| natsURL | Y | NATS server address URL | "`nats://localhost:4222`"|
| jwt | N | NATS decentralized authentication JWT | "`eyJhbGciOiJ...6yJV_adQssw5c`"|
| seedKey | N | NATS decentralized authentication seed key | "`SUACS34K232O...5Z3POU7BNIL4Y`"|
| name | N | NATS connection name | `"my-conn-name"`|
| durableName | N | [Durable name] | `"my-durable"` |
| queueGroupName | N | Queue group name | `"my-queue"` |
| startSequence | N | [Start Sequence] | `1` |
| startTime | N | [Start Time] in Unix format | `1630349391` |
| deliverAll | N | Set deliver all as [Replay Policy] | `true` |
| flowControl | N | [Flow Control] | `true` |
| Field | Required | Details | Example |
| --------------- | :------: | ------------------------------------------ | -------------------------------- |
| natsURL | Y | NATS server address URL | `"nats://localhost:4222"` |
| jwt | N | NATS decentralized authentication JWT | `"eyJhbGciOiJ...6yJV_adQssw5c"` |
| seedKey | N | NATS decentralized authentication seed key | `"SUACS34K232O...5Z3POU7BNIL4Y"` |
| tls_client_cert | N | NATS TLS Client Authentication Certificate | `"/path/to/tls.crt"` |
| tls_client_key | N | NATS TLS Client Authentication Key | `"/path/to/tls.key"` |
| name | N | NATS connection name | `"my-conn-name"` |
| durableName | N | [Durable name] | `"my-durable"` |
| queueGroupName | N | Queue group name | `"my-queue"` |
| startSequence | N | [Start Sequence] | `1` |
| startTime | N | [Start Time] in Unix format | `1630349391` |
| deliverAll | N | Set deliver all as [Replay Policy] | `true` |
| flowControl | N | [Flow Control] | `true` |
## Create a NATS server
@ -81,13 +87,13 @@ helm repo add nats https://nats-io.github.io/k8s/helm/charts/
helm install --set nats.jetstream.enabled=true my-nats nats/nats
```
This installs a single NATS server into the `default` namespace. To interact with NATS, find the service with:
This installs a single NATS server into the `default` namespace. To interact with NATS, find the service with:
```bash
kubectl get svc my-nats
```
For more information on helm chart settings, see the [Helm chart documentation](https://helm.sh/docs/helm/helm_install/).
For more information on helm chart settings, see the [Helm chart documentation](https://helm.sh/docs/helm/helm_install/).
{{% /codetab %}}
@ -114,4 +120,4 @@ nats -s localhost:4222 stream add myStream --subjects mySubject
[Start Time]: https://docs.nats.io/jetstream/concepts/consumers#deliverbystarttime
[Replay Policy]: https://docs.nats.io/jetstream/concepts/consumers#replaypolicy
[Flow Control]: https://docs.nats.io/jetstream/concepts/consumers#flowcontrol
[Decentralized JWT Authentication/Authorization]: https://docs.nats.io/running-a-nats-service/configuration/securing_nats/auth_intro/jwt
[Decentralized JWT Authentication/Authorization]: https://docs.nats.io/running-a-nats-service/configuration/securing_nats/auth_intro/jwt