- StreamNative Console
Configure StreamNative Console
The StreamNative Console is a web-based tool for configuring and managing Apache Pulsar. You can check your environments and associated clusters, as well as configure and manage instances, tenants, namespaces, and topics.
This document provides the items to be configured for StreamNative Console before deploying StreamNative Platform.
Configure login methods
This section describes how to configure different methods for logging in to StreamNative Console.
This table lists the items to be configured when you want to log in to StreamNative Console using a username.
| Item | Description | Default value |
|---|---|---|
DEFAULT_ORGANIZATION | The organization name. Does not support special characters (such as periods (.), slashes (/), dollar signs ($) etc.). If you do not specify the organization name, a default organization (streamnative) is created. | streamnative |
INSTANCE_NAME | The instance name. It starts with a lowercase letter, contains any combination of lowercase letters (a-z), numbers (0-9), and hyphens (-), and must be 4-10 characters. If you do not specify the instance name, a default instance (pulsar) is created. | pulsar |
GLOBAL_RESOURCE_READ_ONLY | Enable or disable the read-only mode for StreamNative Console. If it is enabled, you can only check resources using StreamNative Console. | false |
INIT_DEFAULT_ENVIRONMENT | Configure whether to initiate the default organization and Pulsar cluster. If it is set to true, the default organization (streamnative) and Pulsar cluster (your-release-name) are available for use. | false |
BACKEND_DEFAULT_SUPER_USER_ROLE | The Super Admin of the StreamNative Console. When JWT authentication is enabled, you need to set it to pulsar-manager-admin or admin. | admin |
Forward Grafana requests
StreamNative Platform supports forwarding Grafana requests using StreamNative Console. Therefore, you can directly log in to Grafana after you log in to StreamNative Console. Configure the Grafana property of the StreamNative Console in the values.yaml YAML file as follows, and update the resource.
streamnative_console:
...
configData:
GRAFANA_AUTH_PROXY: # --- [1]
GRAFANA_AUTH_PROXY_USER: "" # --- [2]
- [1]
GRAFANA_AUTH_PROXY: configure whether to enable Auth Proxy for StreamNative Console. If enabled, StreamNative Console can forward Grafana requests. By default, it is set tofalse. - [2]
GRAFANA_AUTH_PROXY_USER: configure the user who accesses Grafana through StreamNative Console. By default, it is set topulsar.
Enable the connector page
StreamNative Platform supports multiple Pulsar IO connectors to import data into or export data out of Pulsar topics. You can set the CONNECTOR_ENABLED option of the StreamNative Console in the values.yaml YAML file to configure whether to display the connector page on the StreamNative Console. By default, the connector page displays on the StreamNative Console.
streamnative_console:
...
configData:
CONNECTOR_ENABLED: true
Customize the username and password
Note
For security reasons, the custom username and password are disabled by default. It is recommended to execute the following command to automatically generate the password.
kubectl get secret <release_name>-sn-platform-vault-console-admin-passwd -o=jsonpath='{.data.password}' -n <k8s_namespace> | base64 --decode; echo
When vault-based authentication is enabled, you can log in to StreamNative Console using a username and a password. By default, an admin user is created for StreamNative Console. You can configure the specific username and password in the values.yaml YAML file and then update the resource, as shown below.
streamnative_console:
component: streamnative-console
username: 'apachepulsar'
password: 'apchepulsar'
Customize a service account
By default, when JWT authentication is enabled, you can access your Pulsar cluster using the pulsar-manager-admin role. StreamNative Platform also allows you to use a custom service account with Super Admin privilege to access your Pulsar cluster and then create tenants, namespaces, or topics.
After creating a service account with Super Admin privilege through StreamNative Console, you need to add the service account to the superuser list of the Pulsar broker, Pulsar proxy, and StreamNative Console in the auth.superUsers section and to the streamnative_console.configData.BACKEND_DEFAULT_SUPER_USER_ROLE parameter in the values.yaml YAML file, and then update the resource.
The following example shows how to configure a service account (named sa-super) with the Super Admin privilege to access your Pulsar cluster.
auth:
superUsers:
broker: 'admin,broker-admin,admin-approle,pulsar-manager-admin,sa-super'
proxy: 'admin,proxy-admin,admin-approle,pulsar-manager-admin,sa-super'
streamnative-console: 'pulsar-manager-admin,sa-super'
streamnative_console:
configData:
BACKEND_DEFAULT_SUPER_USER_ROLE: 'pulsar-manager-admin,sa-super'