Broker role still uses tls flag rather than enable_tls in redpanda_broker/vars/main.yaml in
---
custom_config_templates:
- template: configs/defaults.j2
- template: configs/tls.j2
condition: "{{ tls | default(False) | bool }}"
- template: configs/tiered_storage.j2
condition: "{{ tiered_storage_bucket_name is defined | default(False) | bool }}"
console_config_templates:
- template: console/defaults.j2
This causes substantial confusion. Fixing it will require a docs pass.
We should strongly consider breaking up enable_tls into enabling tls for each endpoint individually (while retaining the global flag). So for example enable_tls_kafka_api and enable_tls_schema_registry as it makes a large difference to end users who may want to only secure one or two endpoints rather than all of them. Cert passthrough should also be broken up while still retaining the global variables to set all of them at once.
Broker role still uses tls flag rather than enable_tls in redpanda_broker/vars/main.yaml in
This causes substantial confusion. Fixing it will require a docs pass.
We should strongly consider breaking up enable_tls into enabling tls for each endpoint individually (while retaining the global flag). So for example enable_tls_kafka_api and enable_tls_schema_registry as it makes a large difference to end users who may want to only secure one or two endpoints rather than all of them. Cert passthrough should also be broken up while still retaining the global variables to set all of them at once.