Setup Camel-K in VMware Tansu (Kubernetes) with a Harbor registry

Here is how I set up a Camel-K installation in VMware Tansu with a Harbor registry.

  1. Log into Harbor
  2. Got to your project
  3. Create a Robot Account with both push and pull permissions (you might need Admin permissions in the project for this)
  4. Copy the JWT at the end of the creation process
  5. Log into VMware Tansu CLI
  6. Create a secret with that JWT token
    kubectl create secret docker-registry camel-k-stage --docker-server=<Harbor adress> --docker-username="robot\$camel-k-stage" --docker-password='<JWT token>'
  7. Install Camel-K Operator
    kamel install --registry <Harbor adress> --organization <Harbor project name> --registry-secret camel-k-stage
  8. Your Camel-K operator is now ready for use

Tested on Harbor v2.0 and VMware Tansu Kubernetes v1.22

Camel-K: Custom HTTP Client with Kerberos auth

I haven’t been able to do this using the Apache Camel HTTP component yet, so I put together a Processor to do it for me instead. To make this work we need a krb5.conf and login.conf file with settings for our domain.
Example krb5.conf

[libdefaults]
    default_realm = MYDOMAIN.SE

[realms]
    MYDOMAIN.SE = {
        kdc = kdc.mydomain.se
    }

Example Login.conf

com.sun.security.jgss.krb5.initiate {
  com.sun.security.auth.module.Krb5LoginModule required
 doNotPrompt=false useTicketCache=true;
};

Camel flow:

public class MyFlow extends RouteBuilder {

  @Override
  public void configure() throws Exception {
    from("timer:myTimer?repeatCount=1")
          .process(new CustomHTTPClient())
          .log("${body}");                  
  }

  // Create a custom Authenticator
  static class MyAuthenticator extends Authenticator {
    public PasswordAuthentication getPasswordAuthentication() {
      return (new PasswordAuthentication("username", 
                                         "password".toCharArray()));
    }
  }

  // Camel Processor
  public static class CustomHTTPClient implements Processor {

    public void process(Exchange exchange) throws Exception {
      // Setup Kerberos authentication via Java VM options
      System.setProperty("java.security.krb5.conf", "/etc/krb5.conf");
      System.setProperty("java.security.auth.login.config", "/etc/login.conf");
      System.setProperty("javax.security.auth.useSubjectCredsOnly", "false");
      System.setProperty("sun.security.krb5.debug", "true"); // Debug logging 

      // Set a custom Authenticator
      Authenticator.setDefault(new MyAuthenticator());

      // Custom "HTTPClient"
      URL url = new URL("https://resource.mydomain.se/data");
      InputStream ins = url.openConnection().getInputStream();
      BufferedReader reader = new BufferedReader(new InputStreamReader(ins));
      String str = "";
      for (String line; (line = reader.readLine()) != null; str += line);

      // Set payload as message back to flow
      exchange.getIn().setBody(str);
    }
  }
}

Kamel run arguments:

kamel run MyFlow.java 
               --resource file:krb5.conf@/etc/krb5.conf 
               --resource file:login.conf@/etc/login.conf

Tested on Apache Camel K Runtime 1.16.0, Apache Camel 3.19.0, Minikube v1.29.0 and WSL2 Ubuntu 20.04.4 LTS

Apache Camel: Get properties from within a Processor

Getting properties from within a Processor needs interaction with the exchange object. This can be accomplished by the following code:

public static class MyProccessor implements Processor {

    public void process(Exchange exchange) throws Exception {
        String prop = exchange
                         .getContext()
                              .resolvePropertyPlaceholders("{{my.property}}");
    }
}

Tested on Apache Camel K Runtime 1.16.0, Apache Camel 3.19.0, Minikube v1.29.0 and WSL2 Ubuntu 20.04.4 LTS