feat: add insecure data plane #127
Conversation
|
@wtrocki to get this to work with the mock, my clusterHost is localhost:9092, and the confluentinc/cp-kafka container is running. Getting: ❯ rhoas kafka topics list --insecure
Topics:
panic: dial tcp [::1]:9092: connect: connection refused
goroutine 1 [running]:
github.com/bf2fc6cc711aee1a0c2a/cli/pkg/sdk/kafka/topics.brokerConnect(0xc000417c01, 0x4df9b7, 0x4862c5)
/home/ephelan/code/github.com/bf2fc6cc711aee1a0c2a/cli/pkg/sdk/kafka/topics/topics.go:53 +0x4e6
github.com/bf2fc6cc711aee1a0c2a/cli/pkg/sdk/kafka/topics.ListKafkaTopics(0x1924e01, 0x0, 0x0)
/home/ephelan/code/github.com/bf2fc6cc711aee1a0c2a/cli/pkg/sdk/kafka/topics/topics.go:88 +0x65
github.com/bf2fc6cc711aee1a0c2a/cli/pkg/cmd/kafka/topics/list.listTopic(0x1)
/home/ephelan/code/github.com/bf2fc6cc711aee1a0c2a/cli/pkg/cmd/kafka/topics/list/list.go:35 +0x86
github.com/bf2fc6cc711aee1a0c2a/cli/pkg/cmd/kafka/topics/list.NewListTopicCommand.func1(0xc000430840, 0xc0003f4df0, 0x0, 0x1)
/home/ephelan/code/github.com/bf2fc6cc711aee1a0c2a/cli/pkg/cmd/kafka/topics/list/list.go:23 +0x2c
github.com/spf13/cobra.(*Command).execute(0xc000430840, 0xc0003f4de0, 0x1, 0x1, 0xc000430840, 0xc0003f4de0)
/home/ephelan/go/pkg/mod/github.com/spf13/[email protected]/command.go:854 +0x2c2
github.com/spf13/cobra.(*Command).ExecuteC(0xc0003a0580, 0x5, 0xc0003a0580, 0xc000417f60)
/home/ephelan/go/pkg/mod/github.com/spf13/[email protected]/command.go:958 +0x375
github.com/spf13/cobra.(*Command).Execute(...)
/home/ephelan/go/pkg/mod/github.com/spf13/[email protected]/command.go:895
main.main()
/home/ephelan/code/github.com/bf2fc6cc711aee1a0c2a/cli/cmd/rhoas/main.go:29 +0x14cI will not have the opportunity to look at this for another couple of hours, it is probably something small. |
|
@craicoverflow Does it work with production? |
Without a client, can this be tested against production? |
|
Yep.. Just swap refresh token in your config to the offline token from openshift/token page. |
craicoverflow
force-pushed
the
insecure-topics
branch
from
49fc5e9 to
586c94f
Compare
wtrocki
force-pushed
the
insecure-topics
branch
from
586c94f to
cc492f8
Compare
|
Rebased. |
| @@ -23,12 +24,17 @@ func brokerConnect() (broker *kafka.Conn, ctl *kafka.Conn) { | |||
| dialer := &kafka.Dialer{ | |||
| Timeout: 100 * time.Second, | |||
| DualStack: true, | |||
| // #nosec 402 | |||
| TLS: &tls.Config{ | |||
There was a problem hiding this comment.
So trick is that if we want CLI to work with any kafka we will need to dynamically add tls... but generally our kafka always have tls so it can stay and we can just use insecure option
This should be added only when insecure is present.
|
I have tried this and it looks like this is not working. We are still blocked by cert. Error I'm getting: I would see if we can get this problem fixed on server side (I heard that tomorrow this should work with valid cert). CC @pmuir |
craicoverflow
force-pushed
the
insecure-topics
branch
from
6034476 to
2cf1771
Compare
|
Verified this works. |
craicoverflow
force-pushed
the
insecure-topics
branch
from
2cf1771 to
ee67bcc
Compare
DO NOT MERGE
Verification is on hold until we have a staging environment to test this against. The local mock in use does not have SSL enabled.
Resolves #122