Static Configuration
Static Configuration refers to properties that are parsed when Streamvisor is started. Upon changing configuration, a restart of Streamvisor is required.
For a complete list of static configuration properties, please refer to the Configuration Reference.
By default, Streamvisor will boostrap an admin user with admin@example.com/streamvisor
credentials.
You can configure this behavior with the following properties:
STREAMVISOR_BOOTSTRAPADMIN_ENABLE=true
STREAMVISOR_BOOTSTRAPADMIN_EMAIL=admin@example.com
STREAMVISOR_BOOTSTRAPADMIN_PASSWORD=streamvisor
If you want Streamvisor to bootstrap a Pulsar environment on startup, you need to enable it:
STREAMVISOR_BOOTSTRAPENV_ENABLE=true
You can customize the default connection by changing these properties:
STREAMVISOR_BOOTSTRAPENV_NAME=playground
STREAMVISOR_BOOTSTRAPENV_SERVICEURL=http://localhost:8080
STREAMVISOR_BOOTSTRAPENV_BROKERURL=pulsar://localhost:6650
In case you have JWT authentication enabled in Pulsar, you will also need to set the JWT like this:
STREAMVISOR_BOOTSTRAPENV_TOKEN=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJKb2UifQ.ipevRNuRP6HflG8cFKnmUPtypruRC4fb1DWtoLL62SY
Pulsar versions <=3.1.0, <=3.0.1, <=2.11.3 are affected with a bug when TLS is enabled and will need the following property to be set:
# Port must match `webServicePortTls` in Pulsar proxy.conf/broker.conf STREAMVISOR_PULSAR_CONNECTION_LOOKUPSERVICEPORT_OVERRIDE=8081
To enable TLS, configure the following properties:
STREAMVISOR_PULSAR_CONNECTION_TLS_TRUSTCERTSFILEPATH=/path/to/tls-certs/ca.cert.pem
STREAMVISOR_PULSAR_CONNECTION_TLS_INSECURECONNECTION_ALLOW=false
STREAMVISOR_PULSAR_CONNECTION_TLS_HOSTNAMEVERFICIATION_ENABLE=false
If you have authentication enabled on your Pulsar cluster, you will need to configure Streamvisor using the following properties:
STREAMVISOR_PULSAR_CONNECTION_AUTH_PLUGIN=org.apache.pulsar.client.impl.auth.AuthenticationTls
STREAMVISOR_PULSAR_CONNECTION_AUTH_PARAMS=tlsCertFile:/path/to/tls-certs/client.cert.pem,tlsKeyFile:/path/to/tls-certs/client.key-pk8.pem
If you want to enforce permissions on your Pulsar resources and Streamvisor configurations, you can enable RBAC with the following property:
STREAMVISOR_RBAC_ENABLE=true
To allow your users to sign in with an SSO provider, you need to add your provider information using the following properties:
STREAMVISOR_SSO_OAUTH_PROVIDERS_KEYCLOAK_CLIENTID=<client ID>
STREAMVISOR_SSO_OAUTH_PROVIDERS_KEYCLOAK_ISSUERURI=http://localhost:7777/realms/master
STREAMVISOR_SSO_OAUTH_PROVIDERS_KEYCLOAK_SCOPES=openid,profile,email
If you also want to activate group mapping, you need to set the following property:
STREAMVISOR_SSO_OAUTH_PROVIDERS_KEYCLOAK_GROUPSCLAIM=roles
Streamvisor supports using PostgreSQL instead of the default filesystem storage for persistence. Before configuring Streamvisor, you will have to create a database for it in PostgreSQL:
psql -U postgres -d postgres <<EOF
CREATE DATABASE streamvisor;
EOF
Then configure the connection to PostgreSQL by setting the following properties:
STREAMVISOR_PERSISTENCE_URL=jdbc:postgresql://127.0.0.1:5432/streamvisor
STREAMVISOR_PERSISTENCE_DRIVERCLASSNAME=org.postgresql.Driver
STREAMVISOR_PERSISTENCE_USERNAME=postgres
STREAMVISOR_PERSISTENCE_PASSWORD=postgres