Streamvisor Docs
Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Back to homepage
  1. Streamvisor Docs
  2. /
  3. Installation
  4. /
  5. Configuration

Configuration

For a complete list of configuration properties, please refer to the Configuration Reference.

Configuration properties are parsed when Streamvisor is started.

Upon changing configuration, a restart of Streamvisor is required to apply the changes.

Bootstrapping an admin user

By default, Streamvisor will boostrap an admin user with admin@example.com/streamvisor credentials. You can configure this behavior with the following properties:

STREAMVISOR_BOOTSTRAPADMIN_ENABLE=true
STREAMVISOR_BOOTSTRAPADMIN_EMAIL=admin@example.com
STREAMVISOR_BOOTSTRAPADMIN_PASSWORD=streamvisor

Bootstrapping a Pulsar environment

If you want Streamvisor to bootstrap one or multiple Pulsar environments on startup, you need to add these configuration properties:

STREAMVISOR_ENVIRONMENTS_0_NAME=playground
STREAMVISOR_ENVIRONMENTS_0_SERVICEURL=http://localhost:8080
STREAMVISOR_ENVIRONMENTS_0_BROKERURL=pulsar://localhost:6650

You can further customize the connection configuration by supplying a map of client configuration properties, e.g.:

STREAMVISOR_ENVIRONMENTS_0_CONFIGURATION_CONNECTION_TIMEOUT_MS=11111

TLS Encryption

Because of a bug in Pulsar when TLS is enabled, you will need to set the following property:

# Port must match `webServicePortTls` in Pulsar proxy.conf/broker.conf
STREAMVISOR_PULSAR_CONNECTION_LOOKUPSERVICEPORT_OVERRIDE=8081

If you have TLS encryption enabled on your Pulsar cluster, you will need to configure Streamvisor using the respective properties:

TLS Encryption with PEM 

STREAMVISOR_ENVIRONMENTS_0_CONFIGURATION_TLS_KEY_FILE_PATH=/path/to/tls-certs/client.key-pk8.pem
STREAMVISOR_ENVIRONMENTS_0_CONFIGURATION_TLS_CERTIFICATE_FILE_PATH=/path/to/tls-certs/client.cert.pem
STREAMVISOR_ENVIRONMENTS_0_CONFIGURATION_TLS_TRUST_CERTS_FILE_PATH=/path/to/tls-certs/ca.cert.pem
STREAMVISOR_ENVIRONMENTS_0_CONFIGURATION_TLS_HOSTNAME_VERIFICATION_ENABLE=false
STREAMVISOR_ENVIRONMENTS_0_CONFIGURATION_TLS_ALLOW_INSECURE_CONNECTION=false

TLS Encryption with Keystore 

STREAMVISOR_ENVIRONMENTS_0_CONFIGURATION_USE_KEY_STORE_TLS=true
STREAMVISOR_ENVIRONMENTS_0_CONFIGURATION_TLS_TRUST_STORE_TYPE=JKS
STREAMVISOR_ENVIRONMENTS_0_CONFIGURATION_TLS_TRUST_STORE_PATH=/path/to/keystore/client.truststore.jks
STREAMVISOR_ENVIRONMENTS_0_CONFIGURATION_TLS_TRUST_STORE_PASSWORD=clientpw
STREAMVISOR_ENVIRONMENTS_0_CONFIGURATION_TLS_KEY_STORE_TYPE=JKS
STREAMVISOR_ENVIRONMENTS_0_CONFIGURATION_TLS_KEY_STORE_PATH=/path/to/keystore/client.keystore.jks
STREAMVISOR_ENVIRONMENTS_0_CONFIGURATION_TLS_KEY_STORE_PASSWORD=clientpw
STREAMVISOR_ENVIRONMENTS_0_CONFIGURATION_TLS_HOSTNAME_VERIFICATION_ENABLE=false
STREAMVISOR_ENVIRONMENTS_0_CONFIGURATION_TLS_ALLOW_INSECURE_CONNECTION=false

Authentication

If you have authentication enabled on your Pulsar cluster, you will need to configure Streamvisor using the respective properties:

Token Authentication with JWT 

STREAMVISOR_ENVIRONMENTS_0_CONFIGURATION_AUTH_PLUGIN_CLASS_NAME=org.apache.pulsar.client.impl.auth.AuthenticationToken
STREAMVISOR_ENVIRONMENTS_0_CONFIGURATION_AUTH_PARAMS=token:eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJKb2UifQ.ipevRNuRP6HflG8cFKnmUPtypruRC4fb1DWtoLL62SY

mTLS Authentication with PEM 

STREAMVISOR_ENVIRONMENTS_0_CONFIGURATION_AUTH_PLUGIN_CLASS_NAME=org.apache.pulsar.client.impl.auth.AuthenticationTls
STREAMVISOR_ENVIRONMENTS_0_CONFIGURATION_AUTH_PARAMS=tlsCertFile:/path/to/tls-certs/client.cert.pem,tlsKeyFile:/path/to/tls-certs/client.key-pk8.pem

mTLS Authentication with Keystore 

STREAMVISOR_ENVIRONMENTS_0_CONFIGURATION_AUTH_PLUGIN_CLASS_NAME=org.apache.pulsar.client.impl.auth.AuthenticationKeyStoreTls
STREAMVISOR_ENVIRONMENTS_0_CONFIGURATION_AUTH_PARAMS={"keyStoreType":"JKS","keyStorePath":"/path/to/keystore/client.keystore.jks","keyStorePassword":"clientpw"}

Enabling RBAC

If you want to enforce permissions on your Pulsar resources and Streamvisor configurations, you can enable RBAC with the following property:

STREAMVISOR_RBAC_ENABLE=true

Configuring SSO with an OAuth provider

To allow your users to sign in with an SSO provider, you need to add your provider information using the following properties:

STREAMVISOR_SSO_OAUTH_PROVIDERS_KEYCLOAK_CLIENTID=<client ID>
STREAMVISOR_SSO_OAUTH_PROVIDERS_KEYCLOAK_ISSUERURI=http://localhost:7777/realms/master
STREAMVISOR_SSO_OAUTH_PROVIDERS_KEYCLOAK_SCOPES=openid,profile,email

If you also want to activate group mapping, you need to set the following property:

STREAMVISOR_SSO_OAUTH_PROVIDERS_KEYCLOAK_GROUPSCLAIM=roles

Using PostgreSQL for persistence

Streamvisor supports using PostgreSQL instead of the default filesystem storage for persistence. Before configuring Streamvisor, you will have to create a database for it in PostgreSQL:

psql -U postgres -d postgres <<EOF
CREATE DATABASE streamvisor;
EOF

Then configure the connection to PostgreSQL by setting the following properties:

STREAMVISOR_PERSISTENCE_URL=jdbc:postgresql://127.0.0.1:5432/streamvisor
STREAMVISOR_PERSISTENCE_DRIVERCLASSNAME=org.postgresql.Driver
STREAMVISOR_PERSISTENCE_USERNAME=postgres
STREAMVISOR_PERSISTENCE_PASSWORD=postgres

Problems

If you encounter any problems or are unsure how to configure Streamvisor in your specific case, please ask for help in the Streamvisor slack community.