--- alias: installation-guide-planning-and-installation-guides-kafka description: "This documentation outlines Kafka connection configuration, including authentication methods and deployment considerations" --- # Kafka Connection Setup In this section you can see information on what you must prepare to configure the connection to Kafka. ## Authentication Methods There are different required settings depending on the authentication method selected. Both are listed in the tables below: ### Using Mutual TLS authentication | Item | Description | Planning and installation guide | Checked | | ------------------- | ---------------------------- | ------------------------------------------ | ------------------------------------------ | | Cluster Certificate Authority | The Kafka cluster certificate authority | This will be used to connect to Kafka when using mutual TLS | [[installation-guide-accountsandsecurity]] | | | User public key | The kafka user public key | This will be used to connect to Kafka when using mutual TLS | [[installation-guide-accountsandsecurity]] | | | User private key | The kafka user private key | This will be used to connect to Kafka when using mutual TLS | [[installation-guide-accountsandsecurity]] | | Table: Kafka connection setup using Mutual TLS authentication ### Using SASL SSL Plain | Item | Description | Planning and installation guide | Checked | | ------------------- | ---------------------------- | ------------------------------------------ | ------------------------------------------ | | Kafka Username | The Kafka User name | This will be used to connect to Kafka when using SASL SSL Plain | [[installation-guide-accountsandsecurity]] | | | Kafka Password | The Kafka User password | This will be used to connect to Kafka when using SASL SSL Plain | [[installation-guide-accountsandsecurity]] | | Table: Kafka connection setup using SASL SSL Plain ## Deployment Critical Manufacturing MES uses Kafka for event streaming. Ensure that the Kafka deployment complies with the [[system-requirements-kafka#minimum-system-requirement|Minimum System Requirements]] defined for the platform. As stated above, Critical Manufacturing MES provides two forms of authentication to communicate with Kafka: * Mutual TLS (client certificates) * SASL Plain (username and password). !!! info For an adequate operation connection setup for Kafka under Critical Manufacturing MES, the user must have the permissions described in [[installation-guide-accountsandsecurity]]. When running MES on OpenShift, we recommend using Red Hat Streams for Apache Kafka version 3.7.0 or higher. Please contact Red Hat at [Red Hat Support](https://www.redhat.com/en/services/support) for detailed instructions on setting up AMQ Streams. It is also possible to use Confluent Cloud. Please contact Confluent at [Confluent Support](https://support.confluent.io/) for detailed instructions on setting up Kafka.