When running Camunda 8 Self Managed, how to connect your External Worker to the zeebe cluster?
Hello @hakanostrom ,
the zeebe client you are using needs to know where the GRPC endpoint is, whether TLS encryption is used and whether credentials are required.
The concrete implementation depends on the client you want to use. Can you provide more insights on this?
Jonathan
I may actually have found the solution. And exactly as you say the config parameter for the GRPC-endpoint have to be specified. The difference is that for C8-cloud you have secrets and id:s. But for C8-SM you dont need secrets. And I was looking for a description of this. Which I found/derived from theese links.
I found out the full gateway adress for C8 is (used in client code):
Cloud: [MY_CLUSTER_ID].[MY_CLUSTER_REGION].zeebe.camunda.io:443
SM: localhost:26500
1 Like
I am a little curious about this…
I am currently looking into the Spring Zeebe client (GitHub - camunda-community-hub/spring-zeebe: Easily use the Zeebe Java Client in your Spring or Spring Boot projects) and was wondering about connecting this client to a self managed Zeebe cluster and not the Camunda SaaS cloud platform.
What about running a self managed Camunda 8 inside a K8S cluster which is protected by security (API gateway with token verification) and having external workers outside the cluster. Is that possible with this client and how would the connection properties look in such a case - I mean the Camunda cluster ID and region do not apply in such a setup - and the worker would have to get a security token so they would still need to specify an auth URL.
Thanks.
BR
Michael
Hello @mimaom ,
this requires the setup of an interceptor. I have opened an issue on the project a while ago and got green light to deliver it, yet I did not have the time until now.
If you like, please provide something.
Jonathan
Thank you for your reply.
I am not sure why this would be done using interceptors… At first glance it would seem more natural to be able to either configure this using the application.properties or provide 1 or 2 custom Spring beans to override the creation of the ZeebeClient or similar. Looking at the Camunda 8 docs: https://docs.camunda.io/docs/8.0/apis-clients/java-client/
This is what you would need to connect to something else than the Camunda cloud SaaS without the cluster ID and the region ID:
public static void main(String[] args) {
OAuthCredentialsProvider credentialsProvider =
new OAuthCredentialsProviderBuilder()
.authorizationServerUrl(oAuthAPI)
.audience(zeebeAPI)
.clientId(clientId)
.clientSecret(clientSecret)
.build();
try (ZeebeClient client = ZeebeClient.newClientBuilder()
.gatewayAddress(zeebeAPI)
.credentialsProvider(credentialsProvider)
.build()) {
client.newTopologyRequest().send().join();
}
}
Thank you for your time.
BR
Michael
Hello @mimaom ,
the CredentialsProvider is an interceptor in the end. However, I am not sure how to extend the Spring Zeebe Client with it.
Jonathan