| # |
| # Licensed to the Apache Software Foundation (ASF) under one |
| # or more contributor license agreements. See the NOTICE file |
| # distributed with this work for additional information |
| # regarding copyright ownership. The ASF licenses this file |
| # to you under the Apache License, Version 2.0 (the |
| # "License"); you may not use this file except in compliance |
| # with the License. You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, |
| # software distributed under the License is distributed on an |
| # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| # KIND, either express or implied. See the License for the |
| # specific language governing permissions and limitations |
| # under the License. |
| # |
| |
| # Zookeeper quorum connection string (comma-separated) |
| zookeeperServers= |
| |
| # Configuration Store connection string (comma-separated) |
| configurationStoreServers= |
| |
| # ZooKeeper session timeout |
| zookeeperSessionTimeoutMs=30000 |
| |
| # Port to use to server binary-proto request |
| servicePort=6650 |
| |
| # Port to use to server binary-proto-tls request |
| servicePortTls=6651 |
| |
| # Port that discovery service listen on |
| webServicePort=8080 |
| |
| # Port to use to server HTTPS request |
| webServicePortTls=8443 |
| |
| # Path for the file used to determine the rotation status for the proxy-instance when responding |
| # to service discovery health checks |
| statusFilePath= |
| |
| ### --- Authentication --- ### |
| |
| # Enable authentication |
| authenticationEnabled=false |
| |
| # Authentication provider name list, which is comma separated list of class names (comma-separated) |
| authenticationProviders= |
| |
| # Enforce authorization |
| authorizationEnabled=false |
| |
| # Authorization provider fully qualified class-name |
| authorizationProvider=org.apache.pulsar.broker.authorization.PulsarAuthorizationProvider |
| |
| # Authentication settings of the proxy itself. Used to connect to brokers |
| brokerClientAuthenticationPlugin= |
| brokerClientAuthenticationParameters= |
| brokerClientTrustCertsFilePath= |
| |
| # Role names that are treated as "super-user", meaning they will be able to do all admin |
| # operations and publish/consume from all topics (comma-separated) |
| superUserRoles= |
| |
| # Forward client authorization Credentials to Broker for re authorization |
| # make sure authentication is enabled for this to take effect |
| forwardAuthorizationCredentials=false |
| |
| # --- RateLimiting ---- |
| # Max concurrent inbound Connections, proxy will reject requests beyond that. Default value is 10,000 |
| maxConcurrentInboundConnections=10000 |
| |
| # Max concurrent outbound Connections, proxy will error out requests beyond that. Default value is 10,000 |
| maxConcurrentLookupRequests=10000 |
| |
| ##### --- TLS --- ##### |
| |
| # Enable TLS in the proxy |
| tlsEnabledInProxy=false |
| |
| # Enable TLS when talking with the brokers |
| tlsEnabledWithBroker=false |
| |
| # Path for the TLS certificate file |
| tlsCertificateFilePath= |
| |
| # Path for the TLS private key file |
| tlsKeyFilePath= |
| |
| # Validates hostname when proxy creates tls connection with broker |
| tlsHostnameVerificationEnabled=false |
| |
| # Specify whether Client certificates are required for TLS |
| # Reject the Connection if the Client Certificate is not trusted. |
| tlsRequireTrustedClientCertOnConnect=false |
| |
| |
| ### --- Deprecated config variables --- ### |
| |
| # Deprecated. Use configurationStoreServers |
| globalZookeeperServers= |