Environment Variables
All the configuration options available to kPow
kPow is configured with these Environment Variables.

Kafka

One instance of kPow can manage multiple Kafka Clusters and associated resources.

Web Server

The kPow UI and Prometheus endpoints are served by Jetty.
The server can be configured to serve the UI via HTTPS or on a different port, or to redirect correctly when fronted with an HTTPS-terminating proxy.

PORT

Type: Long, Default: 3000
The server port of the kPow UI.

HTTP_FORWARDED

Type: Boolean, Default: false
See Jetty HTTP_FORWARDED module for more information.
Configure when running kPow with Jetty Authentication and behind a reverse-proxy that is performing HTTP termination. When true the Jetty Authentication process will respect the HTTPS scheme when redirecting post-authentication.

ENABLE_HTTPS

Type: Boolean, Default: false
See HTTPS Connections for more information.
Serve the kPow UI via HTTPS (requires further configuration, below)

HTTPS_SNI_HOST_CHECK

Type: Boolean, Default: false
When SSL is configured, confirm that the certificate sent to the client matches the Host header.

HTTPS_KEYSTORE_LOCATION

Type: String (e.g. /ssl/https.keystore.jks)
Path to the SSL Keystore.

HTTPS_KEYSTORE_TYPE

Type: String, Default: JKS
Type of the SSL Keystore.

HTTPS_KEYSTORE_PASSWORD

Type: String
Password of the SSL Keystore.

HTTPS_TRUSTSTORE_LOCATION

Type: String (e.g. /ssl/https.truststore.jks)
Path to the SSL Truststore.

HTTPS_TRUSTSTORE_TYPE

Type: String, Default: JKS
Type of the SSL Truststore.

HTTPS_TRUSTSTORE_PASSWORD

Type: String
Password of the SSL Truststore

Authentication

kPow supports Jetty (File, LDAP, DB, JAAS), SAML, OpenID and OAuth for authentication.
See User Authentication for more details.

AUTH_PROVIDER_TYPE

Type: Enum, Values: okta, github, saml, jetty, auth0
Your choice of Authentication provider, specify Jetty for LDAP, DB, File, or JAAS.

OKTA_ORGANISATION

Type: String
When using Okta authentication - the name of your Okta organisation.

AUTH_LANDING_URI

Type: String (e.g. https://staging.operatr.z-corp.com)
The absolute URL to redirect to after successful login.

OPENID_AUTH_URI

Type: String
The OpenID Auth URI, e.g.

OPENID_API_URI

Type: String
The OpenID API URI, e.g.

OPENID_TOKEN_URI

Type: String
The OpenID Token URI, e.g.

OPENID_CLIENT_ID

Type: String
The OpenID Client ID found in your configured OpenID App.

OPENID_CLIENT_SECRET

Type: String
The OpenID Client Secret found in your configured OpenID App.

SAML_RELYING_PARTY_IDENTIFIER

Type: String
Your kPow Application ID

SAML_ACS_URL

Type: String
The Assertion Consumer Service URL

SAML_METADATA_FILE

Type: String (e.g. /path/to/metadata.xml)
The Metadata File from your SAML provider.

SAML_CERT

Type: String (e.g. /path/to/saml.cert)
Optional SAML Certificate

SAML_SESSION_S

Type: Long, Default: 3600
The duration in seconds before re-authenticating SAML credentials.

DEBUG_SAML

Type: Boolean, Default: False
Enable SAML debug logging

JETTY_AUTH_METHOD

Type: Enum, Values: form, basic, Default: form
When using Jetty Authentication, specifies to use form or basic-auth login UX

Authorization

RBAC_CONFIGURATION_FILE

Type: String (e.g. /path/to/rbac.yaml)
See Role Based Access Control for more information
The path to your RBAC configuration file (optional, requires Authentication enabled)

Global Access Controls

See Global Access Controls for more information
Apply global access controls like ALLOW_TOPIC_CREATE, etc.

General

DATA_POLICY_CONFIGURATION_FILE

Type: String (e.g. /path/to/data-policies.yaml)
See Data Policies for more information
The path to your kPow Data Policy Configuration.

CUSTOM_SERDES

Type: String (e.g. io.kpow.SerdeOne,io.kpow.SerdeTwo)
See Custom Serdes for more information.
Comma separated names of custom Serdes that can be found on the classpath.

DEFAULT_KEY_SERDES

Type: String (e.g. JSON)
The default key Serde to use when inspecting data.

DEFAULT_VALUE_SERDES

Type: String (e.g. AVRO)
The default value Serde to use when inspecting data.

AVAILABLE_KEY_SERDES

Type: String (e.g. JSON,String)
Comma separated list of key Serdes to present when inspecting data.

AVAILABLE_VALUE_SERDES

Type: String (e.g. JSON,String)
Comma separated list of value Serdes to present when inspecting data.

NUM_PARTITIONS

Type: Long, Default: 12
The number of partitions for kPow's internal topics.

REPLICATION_FACTOR

Type: Long, Default: 3
The replication factor of kPow's internal topics.

REQUEST_TIMEOUT_MS

Type: Long, Default: 30000
The request.timeout.ms setting for kPow's internal consumer groups.

MAX_PRODUCE_REQUEST_SIZE

Type: Long, Default: 1000000
The max.produce.request.size setting for kPow's internal producers

PROMETHEUS_EGRESS

Type: Boolean, Default: false
See Prometheus Integration for more information.
Enable Prometheus endpoints for metrics and offsets egress.

PROMETHEUS_LABEL_ENV

Type: Boolean, Default: True
Include your ENVIRONMENT_NAME as 'env' label on Prometheus metrics.

SNAPSHOT_PARALLELISM

Type: Long, Default: 3
The level of parallelism configured for kPow telemetry capture and snapshotting.

SNAPSHOT_DEBUG

Type: Boolean, Default: False
Add additional logging messages to help debug snapshotting.

LIVE_ MODE_ENABLED

Type: Boolean, Default: True
See Live mode for more information.
Allow your users to switch to Live Mode.

LIVE_MODE_PERIOD_MS

Type: Long, Default: 60000
Live Mode will prompt you to continue after this period has elapsed.

LIVE_MODE_INTERVAL_MS

Type: Long, Default: 3500
The amount of time between Live Mode snapshots.

LIVE_MODE_MAX_CONCURRENT_USERS

Type: Long, Default: 2
The maximum number of concurrent Live Mode user sessions.

SAMPLER_TIMEOUT_MS

Type: Long, Default: 7000
The maximum period of a single data inspect query.

SAMPLER_CONSUMER_THREADS

Type: Long, Default: 6
The level of parallelism for a data inspect query.

SLACK_WEBHOOK_URL

Type: String (e.g https://slack/webhook-url)
Send Audit Log messages to Slack.

SLACK_WEBHOOK_URL_VERBOSITY

Type: Enum, Values: Mutations, Queries, All, Default: Mutations
Select the type of Audit Log messages that are sent to Slack.

STREAMS_ERROR_STRATEGY

Type: Enum, Values: LOG_EXCEPTION, LOG_AND_EXIT, Default: LOG EXCEPTION
The strategy to use when kPow's internal Kafka Streams instance enters an ERROR state.

STREAMS_TASK_TIMEOUT_MS

Type: Long, Default: 300000
Configures kPow's internal streams task.timeout.ms value. See: KIP-572 for more information.
Last modified 5d ago