Schema Registry
About the Schema Registry
The Schema Registry provides client applications with the Avro schemas available in a specific tenant.
The Schema Registry is always connected to a single Kafka Broker in the same cluster to allow for clusters to have different tenant/instance isolation patterns.
Enabling required authentication with a client certificate
The Schema Registry has support for authentication with Mutual TLS. In this approach each connection to the SSL endpoint must provide a client certificate signed by a certificate authority trusted in the instance. This is disabled by default, but can be activated per cluster.
See the Deployment page for more information about the different service types, like cluster and instance services. |
Using Axual CLI
Add or modify the following configuration in the Schema Registry config file for the tenant instance. The configuration is usually located in platform-config/tenants/{tenant-name}/instances/{instance-name}/schema-registry.sh
.
# Disables mTLS for clusters cluster1 and enables it for the cluster2 cluster. These clusters are defined in this config as well
SR_SLAVE_SSL_CLIENT_AUTH=cluster1:false,cluster2:true