Re: [DISCUSSION] PIP-156: Enable system topic by default

2022-05-10 Thread Ran Gao 
+1 (non-binding)

Best,
Ran

On 2022/04/26 12:07:32 guo jiwei wrote:
> Hi community:
>In PIP-39
> ,
> we have introduced namespace event to support topic level policy. This
> feature was released in Pulsar 2.6.
> 
>Then PIP-92
> ,
> we support topic policy to replicate across clusters and release in Pulsar
> 2.10.
> 
> And with version iteration, the corresponding topic policy CLI and
> functions are mature and stable, but users need to enable system topic to
> support these features.  So it's better to enable system topic by default.
> 
> 
> So I have opened apache/pulsar#15333
>  to discuss this.
> 
> 
> Regards
> Jiwei Guo (Tboy)
>

Re: [DISCUSSION] PIP-156: Enable system topic by default

2022-05-10 Thread Yunze Xu 
+1 (non-binding)

Thanks,
Yunze

Re: [DISCUSSION] PIP-156: Enable system topic by default

2022-05-10 Thread mattison chao 
+1

Best,
Mattison

On Wed, 11 May 2022 at 13:49, Qiang Zhao  wrote:

>
>
> On 2022/04/26 12:07:32 guo jiwei wrote:
> > Hi community:
> >In PIP-39
> >  >,
> > we have introduced namespace event to support topic level policy. This
> > feature was released in Pulsar 2.6.
> >
> >Then PIP-92
> > <
> https://github.com/apache/pulsar/wiki/PIP-92%3A-Topic-policy-across-multiple-clusters
> >,
> > we support topic policy to replicate across clusters and release in
> Pulsar
> > 2.10.
> >
> > And with version iteration, the corresponding topic policy CLI and
> > functions are mature and stable, but users need to enable system topic to
> > support these features.  So it's better to enable system topic by
> default.
> >
> >
> > So I have opened apache/pulsar#15333
> >  to discuss this.
> >
> >
> > Regards
> > Jiwei Guo (Tboy)
> >
>

Re: [DISCUSSION] PIP-156: Enable system topic by default

2022-05-10 Thread Qiang Zhao 



On 2022/04/26 12:07:32 guo jiwei wrote:
> Hi community:
>In PIP-39
> ,
> we have introduced namespace event to support topic level policy. This
> feature was released in Pulsar 2.6.
> 
>Then PIP-92
> ,
> we support topic policy to replicate across clusters and release in Pulsar
> 2.10.
> 
> And with version iteration, the corresponding topic policy CLI and
> functions are mature and stable, but users need to enable system topic to
> support these features.  So it's better to enable system topic by default.
> 
> 
> So I have opened apache/pulsar#15333
>  to discuss this.
> 
> 
> Regards
> Jiwei Guo (Tboy)
>

Re: [DISCUSSION] PIP-156: Enable system topic by default

2022-05-10 Thread 丛搏 
+1

Thanks,
Bo

Haiting Jiang  于2022年4月27日周三 10:39写道:
>
> +1
>
> Thanks,
> Haiting
>
> On 2022/04/26 12:07:32 guo jiwei wrote:
> > Hi community:
> >In PIP-39
> > ,
> > we have introduced namespace event to support topic level policy. This
> > feature was released in Pulsar 2.6.
> >
> >Then PIP-92
> > ,
> > we support topic policy to replicate across clusters and release in Pulsar
> > 2.10.
> >
> > And with version iteration, the corresponding topic policy CLI and
> > functions are mature and stable, but users need to enable system topic to
> > support these features.  So it's better to enable system topic by default.
> >
> >
> > So I have opened apache/pulsar#15333
> >  to discuss this.
> >
> >
> > Regards
> > Jiwei Guo (Tboy)
> >

Re: [VOTE] [PIP-158] Split client TLS transport encryption from authentication

2022-05-10 Thread Lan Liang 
+1, NB 

Thanks for your work.






Best Regards,
Lan Liang
On 5/10/2022 19:31,mattison chao wrote:
+1 (non-binding)

Best,
Mattison

On Tue, 10 May 2022 at 19:00, Yunze Xu  wrote:

+1 (non-binding)

Thanks,
Yunze

[GitHub] [pulsar-site] urfreespace merged pull request #73: [PIP-87][Website] Publish website from asf-site-next branch

2022-05-10 Thread GitBox 


urfreespace merged PR #73:
URL: https://github.com/apache/pulsar-site/pull/73


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [pulsar-site] dave2wave commented on issue #72: Data driven pages - How to Submit New Content

2022-05-10 Thread GitBox 


dave2wave commented on issue #72:
URL: https://github.com/apache/pulsar-site/issues/72#issuecomment-1123155868

   Yes, but let me make specific suggestions in a new issue.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [pulsar-site] Anonymitaet commented on issue #72: Data driven pages - How to Submit New Content

2022-05-10 Thread GitBox 


Anonymitaet commented on issue #72:
URL: https://github.com/apache/pulsar-site/issues/72#issuecomment-1123124163

   Hi @dave2wave Do you want us to make changes to the [Meet the 
Community](https://pulsar-next.staged.apache.org/community/#section-community) 
page? If so, can you explicitly indicate the intended changes? Thanks.
   
   > for the team / community the PMC as whole should be responsible. Members 
of the PMC are PMC Members and not PMCs. PMCs are ambiguous, it could mean a 
group of people or more than one project management committee. The format of 
the Meet the Community section is another issue.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [pulsar-site] Anonymitaet commented on a diff in pull request #70: [improve][website] Add license explanations to Ecosystem page

2022-05-10 Thread GitBox 


Anonymitaet commented on code in PR #70:
URL: https://github.com/apache/pulsar-site/pull/70#discussion_r869823108


##
site2/website-next/src/pages/ecosystem.js:
##
@@ -37,7 +37,7 @@ export default function Home() {
   
 Ecosystem
 To build better streaming data pipelines and event-driven 
applications, you can use the powerful extensions to Pulsar, including connectors, protocol handlers, tools, and 
more. Additionally, you can develop applications using client libraries.
-This page lists both built-in and third-party tools. Note 
that some of the third-party tools were not tested throughly by the community, 
and may not work as expected.
+This page lists both built-in and third-party tools. Note 
that some of the third-party tools were not tested throughly by the community, 
and may not work as expected. Components with https://opensource.org/licenses;>OSI approved licenses are only 
allowed. 

Review Comment:
   I've incorporated your suggestions, PTAL and feel free to approve, thanks!



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [DISCUSS] PIP-157 Exclusive Producer: new mode ExclusiveWithFencing

2022-05-10 Thread Kezhu Wang 
 Nice improvement.

I was searching for similar functionalities to ban/fence old producers and
found a similar improvement/suggestion from [PIP 68 Suggestions](
https://github.com/apache/pulsar/issues/7584) in addition to PIP 68.

Best,
Kezhu Wang

On May 10, 2022 at 21:59:43, Enrico Olivelli (eolive...@gmail.com) wrote:

I have renamed this to PIP-161 (there is some mess in the wiki page)

Enrico

Il giorno mar 10 mag 2022 alle ore 14:56 Enrico Olivelli
 ha scritto:
>
> Hello,
> I created a new PIP about a new AccessMode for the Producer.
> https://github.com/apache/pulsar/issues/15528
>
> This is the PR: https://github.com/apache/pulsar/pull/15488
>
> Honestly I don't like the name "ExclusiveWithFencing", any suggestion
> is really appreciated.
>
> Enrico
>
> Motivation
>
> In PIP-68 we introduced two access modes for the Producer:
>
> Exclusive: The producer is the only one who can publish to the topic.
> Fail if there is another Exclusive Producer connected to the topic
> while creating the new Producer.
> WaitForExclusive: Like Exclusive, but instead of Failing we are going
> to wait for the current Exclusive Producer to disconnect.
>
> Those two modes are very powerful and allow you to perform some kind
> of Locking on a topic.
>
> We are missing a third more, in which the Producer always succeeds to
> acquire the Exclusive lock on the topic by fencing out any other
> Producer that is connected, even the current Exclusive Producer and
> the other Producers waiting in WaitForExclusive mode.
>
> Goal
>
> The modes that are available with PIP-68 require a writer to acquire
> the lock and release it as soon as possible in order to allow other
> clients to write to the topic.
>
> With the new mode it will be possible to implement locking in another
> way: the Producer holds the lock until someone else steals it. This
> way when you have very low contention you can achieve better latency
> for writes because you don't have to acquire the lock every time you
> want to write,.
>
> API and Wire protocol Changes
>
> Changes:
>
> a new constant on the Wire Protocol for AccessMode
> a new constant in the Java Client API AccessMode#ExclusiveWithFencing
>
> Implementation
>
> The new mode will behave mostly like AccessMode#Exclusive but instead
> of failing in case of the presence of other Producers it will force
> all of the current connected Producers to be removed and invalidated
> (they will see ProducerFencedException).
>
> Reject Alternatives
>
> None

[GitHub] [pulsar-site] dave2wave opened a new issue, #72: Data driven pages - How to Submit New Content

2022-05-10 Thread GitBox 


dave2wave opened a new issue, #72:
URL: https://github.com/apache/pulsar-site/issues/72

   There needs to be a way for users to submit new content for these pages on 
these pages.
   
   The javascript files that contain this data are here - 
https://github.com/apache/pulsar-site/tree/main/site2/website-next/data
   
   - ? - 
[connectors.js](https://github.com/apache/pulsar-site/blob/main/site2/website-next/data/connectors.js)
 is this still live?
   - Ecosytem - 
[ecosystem.js](https://github.com/apache/pulsar-site/blob/main/site2/website-next/data/ecosystem.js)
   - Events - 
[events.js](https://github.com/apache/pulsar-site/blob/main/site2/website-next/data/events.js)
   - Resources - 
[resources.js](https://github.com/apache/pulsar-site/blob/main/site2/website-next/data/resources.js)
   - Meet the Community - 
[team.js](https://github.com/apache/pulsar-site/blob/main/site2/website-next/data/team.js)
   - Case Studies - 
[users.js](https://github.com/apache/pulsar-site/blob/main/site2/website-next/data/users.js)
   
   What is the proposed workflow?
   - for most of these pages it should start with an explanation with a link to 
create a PR at the bottom of the page.
   - for the team / community the PMC as whole should be responsible. Members 
of the PMC are PMC Members and not **PMCs**. PMCs are ambiguous, it could mean 
a group of people or more than one project management committee. The format of 
the Meet the Community section is another issue.
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@pulsar.apache.org.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: Discuss about creating partitioned topic in V1

2022-05-10 Thread Matteo Merli 
It's already deprecated. No one is encouraged to use v1 API except for
users for Pulsar 1.x that had topics created with the old namings.

What I'm proposing, instead of trying to fix the inconsistencies in
that API, is to disable v1 API by default and leave a configuration
option to turn it on in the clusters where it's needed, which will be
<1% of the currently deployed clusters.


--
Matteo Merli


On Mon, May 9, 2022 at 9:49 PM Rajan Dhabalia  wrote:
>
> > Having said that, V1 admin API was in effect considered as "soft
> deprecated" since Pulsar 2.0. All documentation has been focused on v2 APIs.
>
> There are Orgs which have large scale Pulsar clusters and use V1 apis.
> There is no way we can deprecate V1 api and it has to be maintained until
> we find a way to migrate V1 topics to V2. Right now, topics with V1 and V2
> api names are having a separate state and it's not easy to migrate existing
> V1 topics to V2 topics. So, any efforts which will cause incompatibility is
> not acceptable and we can not deprecate V1.
>
> Thanks,
> Rajan
>
> On Mon, May 9, 2022 at 4:37 PM Matteo Merli  wrote:
>
> > Why I agree that it "looks like a bug", "walks like a bug" and "talks
> > like a bug"...
> > this was actually a "feature" :)
> >
> > not a good one, or with a good reason to exist, but something we've
> > been trying not to break. I'm not going to dig into the "wrong"
> > reasoning on why this was done in the first place, unless someone is
> > really curious. :D
> >
> > Having said that, V1 admin API was in effect considered as "soft
> > deprecated" since Pulsar 2.0. All documentation has been focused on v2
> > APIs.
> >
> > I believe a better approach now would be to disable v1 APIs using the
> > configuration, and actually disabling it by default in next Pulsar
> > versions.
> >
> > Matteo
> >
> > Instead
> > --
> > Matteo Merli
> > 
> >
> > On Mon, May 9, 2022 at 12:06 PM Enrico Olivelli 
> > wrote:
> > >
> > > +1
> > > I agree totally. It is a bug
> > >
> > > Enrico
> > >
> > > Il Lun 9 Mag 2022, 20:59 Michael Marshall  ha
> > scritto:
> > >
> > > > Great find, Jiwei Guo. I agree that this should be classified as a bug
> > > > and that we should change the V1 implementation so that a topic can
> > > > only be created if its namespace already exists.
> > > >
> > > > Thanks,
> > > > Michael
> > > >
> > > > On Mon, May 9, 2022 at 7:13 AM guo jiwei  wrote:
> > > > >
> > > > > Hi, community:
> > > > >I found that in the admin API V1, it is possible to successfully
> > > > create
> > > > > a partitioned topic without a namespace.
> > > > > However, in V1, when getting the partitioned topic list
> > > > > (getPartitionedTopicList) and when creating a non-partitioned topic,
> > the
> > > > > existence of the namespace is checked.
> > > > > In V2, we all need to check whether the namespace exists.
> > > > > For consistency, I think creating a partitioned topic in V1 also
> > needs to
> > > > > check for the existence of the namespace.
> > > > > So, I push out patch #14858 <
> > https://github.com/apache/pulsar/pull/14858
> > > > >.
> > > > > If the patch is passed, the user's existing topics will not be
> > affected,
> > > > > the newly created partitioned topic will fail, and a namespace needs
> > to
> > > > be
> > > > > created first.
> > > > >
> > > > > Above, I hope you can give some other ideas.
> > > > >
> > > > >
> > > > > Regards
> > > > > Jiwei Guo (Tboy)
> > > >
> >

[ANNOUNCE] Apache BookKeeper 4.15.0 released

2022-05-10 Thread Andrey Yegorov 
The Apache BookKeeper team is proud to announce Apache BookKeeper version
4.15.0.

Apache BookKeeper is a scalable, fault-tolerant, and low-latency storage
service optimized for
real-time workloads. It has been used for a fundamental service to build
reliable services.
It is also the log segment store for Apache DistributedLog and the message
store for Apache Pulsar.

This is the 31st release of the Apache BookKeeper.

Release 4.15 includes many upgrades to third party libraries marked with
CVEs, adds more configuration options, extends REST API, adds an option to
run without journal, improves memory utilization and stability, and more!

For BookKeeper release details and downloads, visit:

https://bookkeeper.apache.org/releases

BookKeeper 4.15.0 Release Notes are at:

https://bookkeeper.apache.org/release-notes#4150

We would like to thank the contributors that made the release possible.

Regards,
The BookKeeper Team

[GitHub] [pulsar-site] dave2wave commented on a diff in pull request #70: [improve][website] Add license explanations to Ecosystem page

2022-05-10 Thread GitBox 


dave2wave commented on code in PR #70:
URL: https://github.com/apache/pulsar-site/pull/70#discussion_r869360194


##
site2/website-next/src/pages/ecosystem.js:
##
@@ -37,7 +37,7 @@ export default function Home() {
   
 Ecosystem
 To build better streaming data pipelines and event-driven 
applications, you can use the powerful extensions to Pulsar, including connectors, protocol handlers, tools, and 
more. Additionally, you can develop applications using client libraries.
-This page lists both built-in and third-party tools. Note 
that some of the third-party tools were not tested throughly by the community, 
and may not work as expected.
+This page lists both built-in and third-party tools. Note 
that some of the third-party tools were not tested throughly by the community, 
and may not work as expected. Components with https://opensource.org/licenses;>OSI approved licenses are only 
allowed. 

Review Comment:
   Only open source components with an https://opensource.org/licenses;>OSI approved license are allowed.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [DISCUSS] PIP-157 Exclusive Producer: new mode ExclusiveWithFencing

2022-05-10 Thread Enrico Olivelli 
I have renamed this to PIP-161 (there is some mess in the wiki page)

Enrico

Il giorno mar 10 mag 2022 alle ore 14:56 Enrico Olivelli
 ha scritto:
>
> Hello,
> I created a new PIP about a new AccessMode for the Producer.
> https://github.com/apache/pulsar/issues/15528
>
> This is the PR: https://github.com/apache/pulsar/pull/15488
>
> Honestly I don't like the name "ExclusiveWithFencing", any suggestion
> is really appreciated.
>
> Enrico
>
> Motivation
>
> In PIP-68 we introduced two access modes for the Producer:
>
> Exclusive: The producer is the only one who can publish to the topic.
> Fail if there is another Exclusive Producer connected to the topic
> while creating the new Producer.
> WaitForExclusive: Like Exclusive, but instead of Failing we are going
> to wait for the current Exclusive Producer to disconnect.
>
> Those two modes are very powerful and allow you to perform some kind
> of Locking on a topic.
>
> We are missing a third more, in which the Producer always succeeds to
> acquire the Exclusive lock on the topic by fencing out any other
> Producer that is connected, even the current Exclusive Producer and
> the other Producers waiting in WaitForExclusive mode.
>
> Goal
>
> The modes that are available with PIP-68 require a writer to acquire
> the lock and release it as soon as possible in order to allow other
> clients to write to the topic.
>
> With the new mode it will be possible to implement locking in another
> way: the Producer holds the lock until someone else steals it. This
> way when you have very low contention you can achieve better latency
> for writes because you don't have to acquire the lock every time you
> want to write,.
>
> API and Wire protocol Changes
>
> Changes:
>
> a new constant on the Wire Protocol for AccessMode
> a new constant in the Java Client API AccessMode#ExclusiveWithFencing
>
> Implementation
>
> The new mode will behave mostly like AccessMode#Exclusive but instead
> of failing in case of the presence of other Producers it will force
> all of the current connected Producers to be removed and invalidated
> (they will see ProducerFencedException).
>
> Reject Alternatives
>
> None

[DISCUSS] PIP-157 Exclusive Producer: new mode ExclusiveWithFencing

2022-05-10 Thread Enrico Olivelli 
Hello,
I created a new PIP about a new AccessMode for the Producer.
https://github.com/apache/pulsar/issues/15528

This is the PR: https://github.com/apache/pulsar/pull/15488

Honestly I don't like the name "ExclusiveWithFencing", any suggestion
is really appreciated.

Enrico

Motivation

In PIP-68 we introduced two access modes for the Producer:

Exclusive: The producer is the only one who can publish to the topic.
Fail if there is another Exclusive Producer connected to the topic
while creating the new Producer.
WaitForExclusive: Like Exclusive, but instead of Failing we are going
to wait for the current Exclusive Producer to disconnect.

Those two modes are very powerful and allow you to perform some kind
of Locking on a topic.

We are missing a third more, in which the Producer always succeeds to
acquire the Exclusive lock on the topic by fencing out any other
Producer that is connected, even the current Exclusive Producer and
the other Producers waiting in WaitForExclusive mode.

Goal

The modes that are available with PIP-68 require a writer to acquire
the lock and release it as soon as possible in order to allow other
clients to write to the topic.

With the new mode it will be possible to implement locking in another
way: the Producer holds the lock until someone else steals it. This
way when you have very low contention you can achieve better latency
for writes because you don't have to acquire the lock every time you
want to write,.

API and Wire protocol Changes

Changes:

a new constant on the Wire Protocol for AccessMode
a new constant in the Java Client API AccessMode#ExclusiveWithFencing

Implementation

The new mode will behave mostly like AccessMode#Exclusive but instead
of failing in case of the presence of other Producers it will force
all of the current connected Producers to be removed and invalidated
(they will see ProducerFencedException).

Reject Alternatives

None

[GitHub] [pulsar-site] urfreespace merged pull request #71: feat: update docker build image

2022-05-10 Thread GitBox 


urfreespace merged PR #71:
URL: https://github.com/apache/pulsar-site/pull/71


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [pulsar-site] urfreespace opened a new pull request, #71: feat: update docker build image

2022-05-10 Thread GitBox 


urfreespace opened a new pull request, #71:
URL: https://github.com/apache/pulsar-site/pull/71

   Signed-off-by: Li Li 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [VOTE] [PIP-158] Split client TLS transport encryption from authentication

2022-05-10 Thread mattison chao 
+1 (non-binding)

Best,
Mattison

On Tue, 10 May 2022 at 19:00, Yunze Xu  wrote:

> +1 (non-binding)
>
> Thanks,
> Yunze
>

Re: [VOTE] [PIP-158] Split client TLS transport encryption from authentication

2022-05-10 Thread Yunze Xu 
+1 (non-binding)

Thanks,
Yunze

[GitHub] [pulsar-dotpulsar] jonclare commented on pull request #97: Add crude first version of DLQ

2022-05-10 Thread GitBox 


jonclare commented on PR #97:
URL: https://github.com/apache/pulsar-dotpulsar/pull/97#issuecomment-1122235167

   @blankensteiner 
   My understanding is that this would all be driven from a negative 
acknowledgement on a message and that the behaviour of the 'retryLetterTopic' 
and 'deadLetterTopic' is based on what Pulsar supports for each.
   
https://pulsar.apache.org/docs/en/2.10.0/concepts-messaging/#negative-acknowledgement
   
   From what I can see of what @GeroL has implemented so far, it looks like 
he's basing the types on what the Java client supports for those concepts.
   
   We need similar concepts for what our team is doing with Pulsar. I'm keen to 
see this one make some progress.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [VOTE] [PIP-158] Split client TLS transport encryption from authentication

2022-05-10 Thread PengHui Li 
+1 (binding)

Penghui

On Tue, May 10, 2022 at 4:47 PM Enrico Olivelli  wrote:

> +1 (binding)
>
> Enrico
>
> Il giorno mar 10 mag 2022 alle ore 10:46 Zixuan Liu
>  ha scritto:
> >
> > Hi Pulsar community,
> >
> > Voting for https://github.com/apache/pulsar/issues/15289
> >
> > Discussion thread:
> > https://lists.apache.org/thread/fblmm8oc7h907cfnppvk71o2cbp5mk8q
> >
> > Thanks,
> > Zixuan
> >
> > --
> >
> > ## Motivation
> >
> > The client supports TLS transport encryption and TLS authentication, this
> > code so like:
> >
> > ```java
> > PulsarClient client = PulsarClient.builder()
> > .serviceUrl("pulsar+ssl://localhost:6651")
> > .tlsTrustCertsFilePath("/path/to/cacert.pem")
> > .authentication(AuthenticationTls.class.getName(),
> > authParams)
> > .build()
> > ```
> >
> > This causes an issue that cannot use other authentication with TLS
> > transport encryption, and also made our confusion if we use TLS transport
> > encryption by setting `authentication`.
> >
> > ## Goal
> >
> > Split client TLS transport encryption from authentication is used to
> > support TLS transport encryption with any authentication.
> >
> > ## API Changes
> >
> > - Add new methods in `org.apache.pulsar.client.api.ClientBuilder`
> >
> > ```java
> > public interface ClientBuilder extends Serializable, Cloneable {
> > /**
> >  * Set the path to the TLS key file.
> >  *
> >  * @param tlsKeyFilePath
> >  * @return the client builder instance
> >  */
> > ClientBuilder tlsKeyFilePath(String tlsKeyFilePath);
> >
> > /**
> >  * Set the path to the TLS certificate file.
> >  *
> >  * @param tlsCertificateFilePath
> >  * @return the client builder instance
> >  */
> > ClientBuilder tlsCertificateFilePath(String tlsCertificateFilePath);
> >
> > /**
> >  * The file format of the key store file.
> >  *
> >  * @param tlsKeyStoreType
> >  * @return the client builder instance
> >  */
> > ClientBuilder tlsKeyStoreType(String tlsKeyStoreType);
> >
> > /**
> >  * The location of the key store file.
> >  *
> >  * @param tlsTrustStorePath
> >  * @return the client builder instance
> >  */
> > ClientBuilder tlsKeyStorePath(String tlsTrustStorePath);
> >
> > /**
> >  * The store password for the key store file.
> >  *
> >  * @param tlsKeyStorePassword
> >  * @return the client builder instance
> >  */
> > ClientBuilder tlsKeyStorePassword(String tlsKeyStorePassword);
> > }
> > ```
> >
> > ## Implementation
> >
> > ### TLS transport encryption
> >
> > We can call the `tlsKeyFilePath()`, `tlsCertificateFilePath()` and
> > `tlsTrustCertsFilePath()` to configurate the TLS transport encryption,
> the
> > code so like:
> >
> > ```java
> > PulsarClient client = PulsarClient.builder()
> > .serviceUrl("pulsar+ssl://my-host:6650")
> > .tlsTrustCertsFilePath("/path/to/cacert.pem")
> > .tlsKeyFilePath("/path/to/client-key.pem")
> > .tlsCertificateFilePath("/path/to/client-cert.pem")
> > .build();
> > ```
> >
> >
> > Call the `tlsKeyFilePath()`, `tlsTrustStorePath()` to configurate the JKS
> > TLS transport encryption, the code so like:
> >
> > ```java
> > PulsarClient client = PulsarClient.builder()
> > .serviceUrl("pulsar+ssl://my-host:6650")
> > .tlsKeyFilePath("/path/key.jks")
> > .tlsKeyStorePassword("hello")
> > .tlsTrustStorePath("/path/trust.jks")
> > .tlsTrustStorePassword("hello")
> > .build();
> > ```
> >
> >
> > ### TLS transport encryption with any authentication
> >
> > We can call the `tlsKeyFilePath()`, `tlsCertificateFilePath()`,
> > `tlsTrustCertsFilePath()` and `authentication()` to configurate  the TLS
> > transport encryption with any authentication, the code so like:
> >
> > ```java
> > PulsarClient client = PulsarClient.builder()
> > .serviceUrl("pulsar+ssl://my-host:6650")
> > .tlsTrustCertsFilePath("/path/to/cacert.pem")
> > .tlsKeyFilePath("/path/to/client-key.pem")
> > .tlsCertificateFilePath("/path/to/client-cert.pem")
> > .authentication(AuthenticationTls.class.getName() /*
> > AuthenticationToken.class.getName()*/, authParams)
> > .builder()
> > ```
> >
> > Call the `tlsKeyFilePath()`, `tlsTrustStorePath()` to configurate the JKS
> > TLS transport encryption, the code so like:
> >
> > ```java
> > PulsarClient client = PulsarClient.builder()
> > .serviceUrl("pulsar+ssl://my-host:6650")
> > .tlsKeyFilePath("/path/key.jks")
> > .tlsKeyStorePassword("hello")
> > .tlsTrustStorePath("/path/trust.jks")
> > .authentication(AuthenticationTls.class.getName() /*
> > AuthenticationToken.class.getName()*/, authParams)
> > .build();
> > ```
> >
> > For `AuthenticationTls`, we need to check the authParams, when the
> > authParams is empty, we need to read TLS

[GitHub] [pulsar-site] Anonymitaet opened a new pull request, #70: [improve][website] Add license explanations to Ecosystem page

2022-05-10 Thread GitBox 


Anonymitaet opened a new pull request, #70:
URL: https://github.com/apache/pulsar-site/pull/70

   Preview looks good:
   https://user-images.githubusercontent.com/50226895/167595487-870659ee-7693-486c-a279-68969b641ffc.png;>
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [VOTE] [PIP-158] Split client TLS transport encryption from authentication

2022-05-10 Thread Enrico Olivelli 
+1 (binding)

Enrico

Il giorno mar 10 mag 2022 alle ore 10:46 Zixuan Liu
 ha scritto:
>
> Hi Pulsar community,
>
> Voting for https://github.com/apache/pulsar/issues/15289
>
> Discussion thread:
> https://lists.apache.org/thread/fblmm8oc7h907cfnppvk71o2cbp5mk8q
>
> Thanks,
> Zixuan
>
> --
>
> ## Motivation
>
> The client supports TLS transport encryption and TLS authentication, this
> code so like:
>
> ```java
> PulsarClient client = PulsarClient.builder()
> .serviceUrl("pulsar+ssl://localhost:6651")
> .tlsTrustCertsFilePath("/path/to/cacert.pem")
> .authentication(AuthenticationTls.class.getName(),
> authParams)
> .build()
> ```
>
> This causes an issue that cannot use other authentication with TLS
> transport encryption, and also made our confusion if we use TLS transport
> encryption by setting `authentication`.
>
> ## Goal
>
> Split client TLS transport encryption from authentication is used to
> support TLS transport encryption with any authentication.
>
> ## API Changes
>
> - Add new methods in `org.apache.pulsar.client.api.ClientBuilder`
>
> ```java
> public interface ClientBuilder extends Serializable, Cloneable {
> /**
>  * Set the path to the TLS key file.
>  *
>  * @param tlsKeyFilePath
>  * @return the client builder instance
>  */
> ClientBuilder tlsKeyFilePath(String tlsKeyFilePath);
>
> /**
>  * Set the path to the TLS certificate file.
>  *
>  * @param tlsCertificateFilePath
>  * @return the client builder instance
>  */
> ClientBuilder tlsCertificateFilePath(String tlsCertificateFilePath);
>
> /**
>  * The file format of the key store file.
>  *
>  * @param tlsKeyStoreType
>  * @return the client builder instance
>  */
> ClientBuilder tlsKeyStoreType(String tlsKeyStoreType);
>
> /**
>  * The location of the key store file.
>  *
>  * @param tlsTrustStorePath
>  * @return the client builder instance
>  */
> ClientBuilder tlsKeyStorePath(String tlsTrustStorePath);
>
> /**
>  * The store password for the key store file.
>  *
>  * @param tlsKeyStorePassword
>  * @return the client builder instance
>  */
> ClientBuilder tlsKeyStorePassword(String tlsKeyStorePassword);
> }
> ```
>
> ## Implementation
>
> ### TLS transport encryption
>
> We can call the `tlsKeyFilePath()`, `tlsCertificateFilePath()` and
> `tlsTrustCertsFilePath()` to configurate the TLS transport encryption, the
> code so like:
>
> ```java
> PulsarClient client = PulsarClient.builder()
> .serviceUrl("pulsar+ssl://my-host:6650")
> .tlsTrustCertsFilePath("/path/to/cacert.pem")
> .tlsKeyFilePath("/path/to/client-key.pem")
> .tlsCertificateFilePath("/path/to/client-cert.pem")
> .build();
> ```
>
>
> Call the `tlsKeyFilePath()`, `tlsTrustStorePath()` to configurate the JKS
> TLS transport encryption, the code so like:
>
> ```java
> PulsarClient client = PulsarClient.builder()
> .serviceUrl("pulsar+ssl://my-host:6650")
> .tlsKeyFilePath("/path/key.jks")
> .tlsKeyStorePassword("hello")
> .tlsTrustStorePath("/path/trust.jks")
> .tlsTrustStorePassword("hello")
> .build();
> ```
>
>
> ### TLS transport encryption with any authentication
>
> We can call the `tlsKeyFilePath()`, `tlsCertificateFilePath()`,
> `tlsTrustCertsFilePath()` and `authentication()` to configurate  the TLS
> transport encryption with any authentication, the code so like:
>
> ```java
> PulsarClient client = PulsarClient.builder()
> .serviceUrl("pulsar+ssl://my-host:6650")
> .tlsTrustCertsFilePath("/path/to/cacert.pem")
> .tlsKeyFilePath("/path/to/client-key.pem")
> .tlsCertificateFilePath("/path/to/client-cert.pem")
> .authentication(AuthenticationTls.class.getName() /*
> AuthenticationToken.class.getName()*/, authParams)
> .builder()
> ```
>
> Call the `tlsKeyFilePath()`, `tlsTrustStorePath()` to configurate the JKS
> TLS transport encryption, the code so like:
>
> ```java
> PulsarClient client = PulsarClient.builder()
> .serviceUrl("pulsar+ssl://my-host:6650")
> .tlsKeyFilePath("/path/key.jks")
> .tlsKeyStorePassword("hello")
> .tlsTrustStorePath("/path/trust.jks")
> .authentication(AuthenticationTls.class.getName() /*
> AuthenticationToken.class.getName()*/, authParams)
> .build();
> ```
>
> For `AuthenticationTls`, we need to check the authParams, when the
> authParams is empty, we need to read TLS config from `ClientBuilder`,
> otherwise read from the authParams, the authParams can override the config
> from `ClientBuilder`, if still is empty, we read TLS config from
> `ClientBuilder`.
>
> ### Plan test
>
> - Verify TLS transport encryption without authentication
> - Verify TLS transport encryption with token authentication
> - Verify TLS transport encryption with TLS

[VOTE] [PIP-158] Split client TLS transport encryption from authentication

2022-05-10 Thread Zixuan Liu 
Hi Pulsar community,

Voting for https://github.com/apache/pulsar/issues/15289

Discussion thread:
https://lists.apache.org/thread/fblmm8oc7h907cfnppvk71o2cbp5mk8q

Thanks,
Zixuan

--

## Motivation

The client supports TLS transport encryption and TLS authentication, this
code so like:

```java
PulsarClient client = PulsarClient.builder()
.serviceUrl("pulsar+ssl://localhost:6651")
.tlsTrustCertsFilePath("/path/to/cacert.pem")
.authentication(AuthenticationTls.class.getName(),
authParams)
.build()
```

This causes an issue that cannot use other authentication with TLS
transport encryption, and also made our confusion if we use TLS transport
encryption by setting `authentication`.

## Goal

Split client TLS transport encryption from authentication is used to
support TLS transport encryption with any authentication.

## API Changes

- Add new methods in `org.apache.pulsar.client.api.ClientBuilder`

```java
public interface ClientBuilder extends Serializable, Cloneable {
/**
 * Set the path to the TLS key file.
 *
 * @param tlsKeyFilePath
 * @return the client builder instance
 */
ClientBuilder tlsKeyFilePath(String tlsKeyFilePath);

/**
 * Set the path to the TLS certificate file.
 *
 * @param tlsCertificateFilePath
 * @return the client builder instance
 */
ClientBuilder tlsCertificateFilePath(String tlsCertificateFilePath);

/**
 * The file format of the key store file.
 *
 * @param tlsKeyStoreType
 * @return the client builder instance
 */
ClientBuilder tlsKeyStoreType(String tlsKeyStoreType);

/**
 * The location of the key store file.
 *
 * @param tlsTrustStorePath
 * @return the client builder instance
 */
ClientBuilder tlsKeyStorePath(String tlsTrustStorePath);

/**
 * The store password for the key store file.
 *
 * @param tlsKeyStorePassword
 * @return the client builder instance
 */
ClientBuilder tlsKeyStorePassword(String tlsKeyStorePassword);
}
```

## Implementation

### TLS transport encryption

We can call the `tlsKeyFilePath()`, `tlsCertificateFilePath()` and
`tlsTrustCertsFilePath()` to configurate the TLS transport encryption, the
code so like:

```java
PulsarClient client = PulsarClient.builder()
.serviceUrl("pulsar+ssl://my-host:6650")
.tlsTrustCertsFilePath("/path/to/cacert.pem")
.tlsKeyFilePath("/path/to/client-key.pem")
.tlsCertificateFilePath("/path/to/client-cert.pem")
.build();
```


Call the `tlsKeyFilePath()`, `tlsTrustStorePath()` to configurate the JKS
TLS transport encryption, the code so like:

```java
PulsarClient client = PulsarClient.builder()
.serviceUrl("pulsar+ssl://my-host:6650")
.tlsKeyFilePath("/path/key.jks")
.tlsKeyStorePassword("hello")
.tlsTrustStorePath("/path/trust.jks")
.tlsTrustStorePassword("hello")
.build();
```


### TLS transport encryption with any authentication

We can call the `tlsKeyFilePath()`, `tlsCertificateFilePath()`,
`tlsTrustCertsFilePath()` and `authentication()` to configurate  the TLS
transport encryption with any authentication, the code so like:

```java
PulsarClient client = PulsarClient.builder()
.serviceUrl("pulsar+ssl://my-host:6650")
.tlsTrustCertsFilePath("/path/to/cacert.pem")
.tlsKeyFilePath("/path/to/client-key.pem")
.tlsCertificateFilePath("/path/to/client-cert.pem")
.authentication(AuthenticationTls.class.getName() /*
AuthenticationToken.class.getName()*/, authParams)
.builder()
```

Call the `tlsKeyFilePath()`, `tlsTrustStorePath()` to configurate the JKS
TLS transport encryption, the code so like:

```java
PulsarClient client = PulsarClient.builder()
.serviceUrl("pulsar+ssl://my-host:6650")
.tlsKeyFilePath("/path/key.jks")
.tlsKeyStorePassword("hello")
.tlsTrustStorePath("/path/trust.jks")
.authentication(AuthenticationTls.class.getName() /*
AuthenticationToken.class.getName()*/, authParams)
.build();
```

For `AuthenticationTls`, we need to check the authParams, when the
authParams is empty, we need to read TLS config from `ClientBuilder`,
otherwise read from the authParams, the authParams can override the config
from `ClientBuilder`, if still is empty, we read TLS config from
`ClientBuilder`.

### Plan test

- Verify TLS transport encryption without authentication
- Verify TLS transport encryption with token authentication
- Verify TLS transport encryption with TLS authentication
- Verify JKS TLS transport encryption without authentication
- Verify JKS TLS transport encryption with token authentication
- Verify JKS TLS transport encryption with TLS authentication

### Compatibility

None.

[GitHub] [pulsar-site] urfreespace merged pull request #69: fix: python api sync

2022-05-10 Thread GitBox 


urfreespace merged PR #69:
URL: https://github.com/apache/pulsar-site/pull/69


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [pulsar-site] urfreespace opened a new pull request, #69: fix: python api sync

2022-05-10 Thread GitBox 


urfreespace opened a new pull request, #69:
URL: https://github.com/apache/pulsar-site/pull/69

   * python api docs build workflow changed, here are the Prs: 
   * https://github.com/apache/pulsar/pull/14788
   * https://github.com/apache/pulsar/pull/14835
   * https://github.com/apache/pulsar/pull/14835
   
   * auto sync python api docs from pulsar repo


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [pulsar-helm-chart] benlongo commented on pull request #205: Tiered Storage config

2022-05-10 Thread GitBox 


benlongo commented on PR #205:
URL: 
https://github.com/apache/pulsar-helm-chart/pull/205#issuecomment-1121983501

   If needed I can open a new PR with this rebased.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [pulsar-dotpulsar] blankensteiner commented on pull request #97: Add crude first version of DLQ

2022-05-10 Thread GitBox 


blankensteiner commented on PR #97:
URL: https://github.com/apache/pulsar-dotpulsar/pull/97#issuecomment-1121982695

   Hi @GeroL 
   Let's start with a description of the feature before diving into the current 
implementation.
   How should this work? How is DotPulsar made aware that something is "dead"?
   What is the difference between a "deadLetterTopic" and "retryLetterTopic"?
   How is it decided when a message should go onto one or the other?
   Br
   db


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[VOTE] Pulsar Manager Release 0.3.0 Candidate 3

2022-05-10 Thread Li Li 
Hi everyone,
Please review and vote on the release candidate #3 for the version 0.3.0, as 
follows:
[ ] +1, Approve the release
[ ] -1, Do not approve the release (please provide specific comments)

The complete staging area is available for your review, which includes:
* Release notes [1]
* The official Apache source and binary distributions to be deployed to 
dist.apache.org  [2]
* Source code tag "v0.3.0-candidate-3" [4] with git sha 
951095a71f7471dca028da0a330bc1a5e0707333a61fa4a09c8ea0f0a144d5628b511487e2442ebe290b9642b6b8ca7dee486a18a8339c893c37253724ad5fd4
  apache-pulsar-manager-0.3.0-src.tar.gz

PulsarManager's KEYS file contains PGP keys we used to sign this release:
https://dist.apache.org/repos/dist/dev/pulsar/KEYS 


Please download these packages and review this release candidate:

- Review release notes
- Download the source package (verify shasum, and asc) and follow the
instructions to build and run the pulsar-manager front end and back end service.
- Download the binary package (verify shasum, and asc) and follow the
instructions to run run the pulsar-manager front end and back end service.

The vote will be open for at least 72 hours. It is adopted by majority 
approval, with at least 3 PMC affirmative votes.


Source and binary files:
https://dist.apache.org/repos/dist/dev/pulsar/pulsar-manager/apache-pulsar-manager-0.3.0/apache-pulsar-manager-0.3.0-bin.tar.gz
 

https://dist.apache.org/repos/dist/dev/pulsar/pulsar-manager/apache-pulsar-manager-0.3.0/apache-pulsar-manager-0.3.0-src.tar.gz
 


SHA-512 checksums:

6ffa5921765ee94a404792e98eb4b3cbda9e016c6661ef12e4e873e7e452301bc05650709955b012d08048e418133948a628ad55bc91ac65836022e1ea426d6f
  apache-pulsar-manager-0.3.0-bin.tar.gz
951095a71f7471dca028da0a330bc1a5e0707333a61fa4a09c8ea0f0a144d5628b511487e2442ebe290b9642b6b8ca7dee486a18a8339c893c37253724ad5fd4
  apache-pulsar-manager-0.3.0-src.tar.gz