Configure OpenShift Route to Access Confluent Components

When you configure Confluent components with the OpenShift route for external client access, CFK creates a route resource for the Confluent component service, and clients access the service at the HTTPS port, 443.

When using a route, you need to configure the Confluent component with TLS.

For the additional configuration steps required to allow external access to Metadata Service (MDS), see Configure Networking for RBAC.

To use a route for external access to Confluent:

  1. Set the route property in the Confluent component and apply the configuration.

    The following is a snippet of a Kafka CR for route:

    listeners:
      external:
        externalAccess:
          type: route
          route:
            wildcardPolicy:    --- [1]
            domain:            --- [2]
            bootstrapPrefix:   --- [3]
            brokerPrefix:      --- [4]
    
    • [1] Optional. It defaults to None if not configured. Allowed values are Subdomain and None.
    • [2] Required. Set domain to the OpenShift domain.
    • [3] Optional. BootstrapPrefix defines the prefix for the bootstrap advertised endpoint and added as bootstrapPrefix.domain. If not set, it will be the cluster name of the component, kafka in this example.
    • [4] Optional. BrokerPrefix defines the prefix for the broker advertised endpoint and will be added as brokerPrefix.domain. If not configured, it will add b as a prefix, for example, b1.domain, b2.domain.