nats_jetstream
Write messages to a NATS JetStream subject.
Introduced in version 1.0.0.
- Common
- Advanced
# Common config fields, showing default values
output:
label: ""
nats_jetstream:
urls: [] # No default (required)
subject: foo.bar.baz # No default (required)
headers: {}
metadata:
include_prefixes: []
include_patterns: []
max_in_flight: 1024
# All config fields, showing default values
output:
label: ""
nats_jetstream:
urls: [] # No default (required)
subject: foo.bar.baz # No default (required)
headers: {}
metadata:
include_prefixes: []
include_patterns: []
max_in_flight: 1024
tls:
enabled: false
skip_cert_verify: false
enable_renegotiation: false
root_cas: ""
root_cas_file: ""
client_certs: []
auth:
nkey_file: ./seed.nk # No default (optional)
user_credentials_file: ./user.creds # No default (optional)
user_jwt: "" # No default (optional)
user_nkey_seed: "" # No default (optional)
inject_tracing_map: meta = @.assign(this) # No default (optional)
Connection Name
When monitoring and managing a production NATS system, it is often useful to know which connection a message was send/received from. This can be achieved by setting the connection name option when creating a NATS connection.
Bento will automatically set the connection name based off the label of the given NATS component, so that monitoring tools between NATS and bento can stay in sync.
Authentication
There are several components within Bento which utilise NATS services. You will find that each of these components support optional advanced authentication parameters for NKeys and User Credentials.
An in depth tutorial can be found here.
NKey file
The NATS server can use these NKeys in several ways for authentication. The simplest is for the server to be configured
with a list of known public keys and for the clients to respond to the challenge by signing it with its private NKey
configured in the nkey_file
field.
More details here.
User Credentials
NATS server supports decentralized authentication based on JSON Web Tokens (JWT). Clients need an user JWT and a corresponding NKey secret when connecting to a server which is configured to use this authentication scheme.
The user_credentials_file
field should point to a file containing both the private key and the JWT and can be
generated with the nsc tool.
Alternatively, the user_jwt
field can contain a plain text JWT and the user_nkey_seed
can contain
the plain text NKey Seed.
More details here.