Kafka SSL Support in K8 Deployment

In the existing K8s setup, external ingestion flow uses the out-of-the-box Kafka, which uses the bootstrap server for producing or consuming events in the appropriate Kafka topics. The Kafka SSL changes focus on validating security certificates before producing or consuming events.

Prerequisite

• Kafka should be running in SSL mode.

Service Request MS K8sScript Changes to Enable the Support of Kafka SSL are as Follows:

1. Navigate to the CDD K8 On Premise of your choice (mongo or Postgresql).



2. Edit the start-up script to enable the Kafka SSL enable property.

3. Once done with the changes, the Microservice can be deployed by executing the start script.

4. Testing the APIs response to ensure the pods are working fine.

5. Checking the command ingester container sub-folders, to validate whether the Kafka SSL Certificates has been moved. In the screenshot, it can be confirmed that the certificates are present.

6. Triggering API Healthcheck API to validate the working of the API.

7. To confirm whether the Ingester is listening to the Kafka bootstrap server. We have created a new CreateRequest in near-realTime scenario so that we can see the generated events in kafka topic ms-duediligence-outbox-topic.