These are the current requirements in order to use the SDM SaaS.
Transport Agent client deployment¶
The agent has to be deployed next to the Kafka. For details about the configuration see agent documentation. There is instruction for minimal permission setup for the agent.
Local network connection requirements¶
The agent as well as the optional profiler are deployed next the transport (ex: Kafka cluster). This means in a place where the transport APIs are accessible and hostnames are resolvable.
Each transport can have specifics requirements. For example the Kafka agent needs to access Kafka over the AdminClient API to be able to list the topics.
Internet facing connection requirements¶
The agents communicate to the Agoora SaaS over
IMPORTANT: check that gRPC / http2 works with your infrastructure.
Common problems in enterprises with proxies:
- Truststore has to be extended with local CA
http2not supported by proxy servers
- interception proxies not able to handle
We strongly recommend to avoid any kind of SSL interception on proxies between the communication of the agents and Agoora SaaS endpoint.
Proxies are supported if they pass through all SSL traffic to the Agoora SaaS endpoint. For further requests about interception or audits please get in touch with the Agoora SaaS team.
All Agoora SaaS access is to the
HTTPS on port 443.
Identity federation has to be set up. We are using keycloak as IAM solution. The authentication has to be integrated with social logins or enterprise system. There is a way of having local users for Agoora.
Optional: Profiler agent client deployment¶
If you want to profile your data you will have to setup the profiler service.
In addition, you need to enable the profiling on your agent:
This is optional. If you just want to scrape for the metadata, and you don't want the agent to look into your data you can just turn it off.