loserwang1024 commented on code in PR #2506:
URL: https://github.com/apache/fluss/pull/2506#discussion_r2851198740
##########
website/docs/install-deploy/deploying-with-helm.md:
##########
@@ -245,16 +253,69 @@ The chart automatically configures listeners for internal
cluster communication
- **Internal Port (9123)**: Used for internal communication within the cluster
- **Client Port (9124)**: Used for client connections
-Custom listener configuration:
+Default listeners configuration:
```yaml
listeners:
internal:
+ protocol: PLAINTEXT
port: 9123
+ security:
+ mechanism: PLAIN
+ users: []
client:
+ protocol: PLAINTEXT
port: 9124
+ security:
+ mechanism: PLAIN
+ users: []
```
+To enable SASL based authentication, set any of the protocols to `SASL`.
+
+### Enabling Secure Connection
+
+With the helm deployment, you can specify authentication protocols when
connecting to the Fluss cluster.
+
+The following table shows the supported protocols and security they provide:
+
+| Method | Authentication | TLS Encryption |
+|-------------|:--------------:|:------------------:|
+| `PLAINTEXT` | No | No |
+| `SASL` | Yes | No |
+
+By default, the `PLAINTEXT` protocol is used.
+
+The SASL authentication will be enabled if any of the listener protocols is
using `SASL`.
+
+Set these values for additional configurations:
+
+```yaml
+listeners:
+ internal:
+ protocol: SASL
+ port: 9123
+ security:
+ mechanism: PLAIN
+ users:
Review Comment:
This is a bit confusing. Like Kafka, Fluss SASL authentication also does not
require each listener to have unique usernames and passwords. Multiple
listeners can share the SASL/PLAIN mechanism, but your example seems to suggest
that client and internal listeners can enforce account isolation. How does this
work?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
