conf/proxy.conf - pulsar - Git at Google

 #
 # Licensed to the Apache Software Foundation (ASF) under one
 # or more contributor license agreements.  See the NOTICE file
 # distributed with this work for additional information
 # regarding copyright ownership.  The ASF licenses this file
 # to you under the Apache License, Version 2.0 (the
 # "License"); you may not use this file except in compliance
 # with the License.  You may obtain a copy of the License at
 #
 #   http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing,
 # software distributed under the License is distributed on an
 # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 # KIND, either express or implied.  See the License for the
 # specific language governing permissions and limitations
 # under the License.
 #

 # The ZooKeeper quorum connection string (as a comma-separated list)
 zookeeperServers=

 # Configuration store connection string (as a comma-separated list)
 configurationStoreServers=

 # ZooKeeper session timeout (in milliseconds)
 zookeeperSessionTimeoutMs=30000

 # The port to use for server binary Protobuf requests
 servicePort=6650

 # The port to use to server binary Protobuf TLS requests
 servicePortTls=6651

 # Port that discovery service listen on
 webServicePort=8080

 # Port to use to server HTTPS request
 webServicePortTls=8443

 # Path for the file used to determine the rotation status for the proxy instance when responding
 # to service discovery health checks
 statusFilePath=

 ### --- Authentication --- ###

 # Whether authentication is enabled for the Pulsar proxy
 authenticationEnabled=false

 # Authentication provider name list (a comma-separated list of class names)
 authenticationProviders=

 # Whether authorization is enforced by the Pulsar proxy
 authorizationEnabled=false

 # Authorization provider as a fully qualified class name
 authorizationProvider=org.apache.pulsar.broker.authorization.PulsarAuthorizationProvider

 # The three brokerClient* authentication settings below are for the proxy itself and determine how it
 # authenticates with Pulsar brokers

 # The authentication plugin used by the Pulsar proxy to authenticate with Pulsar brokers
 brokerClientAuthenticationPlugin=

 # The authentication parameters used by the Pulsar proxy to authenticate with Pulsar brokers
 brokerClientAuthenticationParameters=

 # The path to trusted certificates used by the Pulsar proxy to authenticate with Pulsar brokers
 brokerClientTrustCertsFilePath=

 # Role names that are treated as "super-users," meaning that they will be able to perform all admin
 # operations and publish/consume to/from all topics (as a comma-separated list)
 superUserRoles=

 # Whether client authorization credentials are forwared to the broker for re-authorization.
 # Authentication must be enabled via authenticationEnabled=true for this to take effect.
 forwardAuthorizationCredentials=false

 # --- RateLimiting ----
 # Max concurrent inbound connections. The proxy will reject requests beyond that.
 maxConcurrentInboundConnections=10000

 # Max concurrent outbound connections. The proxy will error out requests beyond that.
 maxConcurrentLookupRequests=10000

 ##### --- TLS --- #####

 # Whether TLS is enabled for the proxy
 tlsEnabledInProxy=false

 # Whether TLS is enabled when communicating with Pulsar brokers
 tlsEnabledWithBroker=false

 # Path for the TLS certificate file
 tlsCertificateFilePath=

 # Path for the TLS private key file
 tlsKeyFilePath=

 # Whether the hostname is validated when the proxy creates a TLS connection with brokers
 tlsHostnameVerificationEnabled=false

 # Whether client certificates are required for TLS. Connections are rejected if the client
 # certificate isn't trusted.
 tlsRequireTrustedClientCertOnConnect=false


 ### --- Deprecated config variables --- ###

 # Deprecated. Use configurationStoreServers
 globalZookeeperServers=
	#
	# Licensed to the Apache Software Foundation (ASF) under one
	# or more contributor license agreements. See the NOTICE file
	# distributed with this work for additional information
	# regarding copyright ownership. The ASF licenses this file
	# to you under the Apache License, Version 2.0 (the
	# "License"); you may not use this file except in compliance
	# with the License. You may obtain a copy of the License at
	#
	# http://www.apache.org/licenses/LICENSE-2.0
	#
	# Unless required by applicable law or agreed to in writing,
	# software distributed under the License is distributed on an
	# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	# KIND, either express or implied. See the License for the
	# specific language governing permissions and limitations
	# under the License.
	#

	# The ZooKeeper quorum connection string (as a comma-separated list)
	zookeeperServers=

	# Configuration store connection string (as a comma-separated list)
	configurationStoreServers=

	# ZooKeeper session timeout (in milliseconds)
	zookeeperSessionTimeoutMs=30000

	# The port to use for server binary Protobuf requests
	servicePort=6650

	# The port to use to server binary Protobuf TLS requests
	servicePortTls=6651

	# Port that discovery service listen on
	webServicePort=8080

	# Port to use to server HTTPS request
	webServicePortTls=8443

	# Path for the file used to determine the rotation status for the proxy instance when responding
	# to service discovery health checks
	statusFilePath=

	### --- Authentication --- ###

	# Whether authentication is enabled for the Pulsar proxy
	authenticationEnabled=false

	# Authentication provider name list (a comma-separated list of class names)
	authenticationProviders=

	# Whether authorization is enforced by the Pulsar proxy
	authorizationEnabled=false

	# Authorization provider as a fully qualified class name
	authorizationProvider=org.apache.pulsar.broker.authorization.PulsarAuthorizationProvider

	# The three brokerClient* authentication settings below are for the proxy itself and determine how it
	# authenticates with Pulsar brokers

	# The authentication plugin used by the Pulsar proxy to authenticate with Pulsar brokers
	brokerClientAuthenticationPlugin=

	# The authentication parameters used by the Pulsar proxy to authenticate with Pulsar brokers
	brokerClientAuthenticationParameters=

	# The path to trusted certificates used by the Pulsar proxy to authenticate with Pulsar brokers
	brokerClientTrustCertsFilePath=

	# Role names that are treated as "super-users," meaning that they will be able to perform all admin
	# operations and publish/consume to/from all topics (as a comma-separated list)
	superUserRoles=

	# Whether client authorization credentials are forwared to the broker for re-authorization.
	# Authentication must be enabled via authenticationEnabled=true for this to take effect.
	forwardAuthorizationCredentials=false

	# --- RateLimiting ----
	# Max concurrent inbound connections. The proxy will reject requests beyond that.
	maxConcurrentInboundConnections=10000

	# Max concurrent outbound connections. The proxy will error out requests beyond that.
	maxConcurrentLookupRequests=10000

	##### --- TLS --- #####

	# Whether TLS is enabled for the proxy
	tlsEnabledInProxy=false

	# Whether TLS is enabled when communicating with Pulsar brokers
	tlsEnabledWithBroker=false

	# Path for the TLS certificate file
	tlsCertificateFilePath=

	# Path for the TLS private key file
	tlsKeyFilePath=

	# Whether the hostname is validated when the proxy creates a TLS connection with brokers
	tlsHostnameVerificationEnabled=false

	# Whether client certificates are required for TLS. Connections are rejected if the client
	# certificate isn't trusted.
	tlsRequireTrustedClientCertOnConnect=false


	### --- Deprecated config variables --- ###

	# Deprecated. Use configurationStoreServers
	globalZookeeperServers=