Prepare v0.9.0 release documentation

Signed-off-by: k-wall <[email protected]>

Author: k-wall

_data/kroxylicious.yml

@@ -1,6 +1,8 @@
 versions:
   - title: 'Development'
     url: '/kroxylicious'
+  - title: 'v0.9.0'
+    url: '/docs/v0.9.0/'
   - title: 'v0.8.0'
     url: '/docs/v0.8.0/'
   - title: 'v0.7.0'

docs/v0.9.0/_files/_assets/attributes.adoc

@@ -0,0 +1,47 @@
+// AsciiDoc settings
+:data-uri!:
+:doctype: book
+:experimental:
+:idprefix:
+:imagesdir: images
+:numbered:
+:sectanchors!:
+:sectnums:
+:source-highlighter: highlight.js
+:toc: left
+:linkattrs:
+:toclevels: 2
+:icons: font
+
+//Latest version
+:KroxyliciousVersion: 0.9
+:gitRef: releases/tag/v0.9.0
+:ApicurioVersion: 2.6.x
+
+//Proxy links
+:github: https://github.com/kroxylicious/kroxylicious
+:github-releases: https://github.com/kroxylicious/kroxylicious/{gitRef}
+:github-issues: https://github.com/kroxylicious/kroxylicious/issues[Kroxylicious issues^]
+:api-javadoc: https://javadoc.io/doc/io.kroxylicious/kroxylicious-api/{KroxyliciousVersion}
+:kms-api-javadoc: https://javadoc.io/doc/io.kroxylicious/kroxylicious-kms/{KroxyliciousVersion}
+:encryption-api-javadoc: https://javadoc.io/doc/io.kroxylicious/kroxylicious-encryption/{KroxyliciousVersion}
+:start-script: https://github.com/kroxylicious/kroxylicious/blob/{gitRef}/kroxylicious-app/src/assembly/kroxylicious-start.sh
+
+//Kafka links
+:ApacheKafkaSite: https://kafka.apache.org[Apache Kafka website^]
+:kafka-protocol: https://kafka.apache.org/protocol.html
+
+//java links
+:java-17-javadoc: https://docs.oracle.com/en/java/javase/17/docs/api
+
+//Vault links
+:hashicorp-vault: https://developer.hashicorp.com/vault
+
+//AWS links
+:aws:  https://docs.aws.amazon.com/
+
+// Apicurio links
+:apicurio-docs: https://www.apicur.io/registry/docs/apicurio-registry/{ApicurioVersion}/
+
+// Conditional inclusion flags
+:include-aws-kms-service-config-identity-ec2-metadata: 1

docs/v0.9.0/_files/_assets/trademarks.adoc

@@ -0,0 +1,5 @@
+= Trademark notice
+
+* Hashicorp Vault is a registered trademark of HashiCorp, Inc.
+* AWS Key Management Service is a trademark of Amazon.com, Inc. or its affiliates.
+* Apache Kafka is a registered trademark of The Apache Software Foundation.

docs/v0.9.0/_files/assemblies/assembly-aws-kms.adoc

@@ -0,0 +1,19 @@
+// file included in the following:
+//
+// assembly-record-encryption-filter.adoc
+
+[id='assembly-aws-kms-{context}']
+= Setting up AWS KMS
+
+[role="_abstract"]
+To use {aws}/kms/latest/developerguide/overview.html[AWS Key Management Service] with the Record Encryption filter, use the following setup:
+
+* Establish an AWS KMS aliasing convention for keys
+* Configure the AWS KMS 
+* Create AWS KMS keys
+
+You'll need a privileged AWS user that is capable of creating users and policies to perform the set-up.
+
+include::../modules/record-encryption/aws-kms/con-aws-kms-setup.adoc[leveloffset=+1]
+include::../modules/record-encryption/aws-kms/con-aws-kms-service-config.adoc[leveloffset=+1]
+include::../modules/record-encryption/aws-kms/con-aws-kms-key-creation.adoc[leveloffset=+1]

docs/v0.9.0/_files/assemblies/assembly-built-in-filters.adoc

@@ -0,0 +1,14 @@
+// file included in the following:
+//
+// index.adoc
+
+[id='assembly-built-in-filters-{context}']
+= Built-in filters
+
+[role="_abstract"]
+Kroxylicious comes with a suite of built-in filters designed to enhance the functionality and security of your Kafka clusters.
+
+include::assembly-record-encryption-filter.adoc[leveloffset=+1]
+include::assembly-multi-tenancy-filter.adoc[leveloffset=+1]
+include::assembly-record-validation-filter.adoc[leveloffset=+1]
+include::../modules/oauthbearer/con-oauthbearer.adoc[leveloffset=+1]

docs/v0.9.0/_files/assemblies/assembly-configuring-proxy.adoc

@@ -0,0 +1,11 @@
+[id='assembly-configuring-proxy-{context}']
+= Configuring proxies
+
+[role="_abstract"]
+Fine-tune your deployment by configuring proxies to include additional features according to your specific requirements.  
+
+include::../modules/configuring/con-configuring-virtual-clusters.adoc[leveloffset=+1]
+include::../modules/configuring/ref-configuring-proxy-example.adoc[leveloffset=+1]
+include::../modules/configuring/con-configuring-client-connections.adoc[leveloffset=+1]
+include::../modules/configuring/con-configuring-target-cluster-connections.adoc[leveloffset=+1]
+include::../modules/configuring/con-configuring-network-addresses.adoc[leveloffset=+1]

docs/v0.9.0/_files/assemblies/assembly-hashicorp-vault.adoc

@@ -0,0 +1,17 @@
+// file included in the following:
+//
+// assembly-record-encryption-filter.adoc
+
+[id='assembly-hashicorp-vault-{context}']
+= Setting up HashiCorp Vault
+
+[role="_abstract"]
+To use HashiCorp Vault with the Record Encryption filter, use the following setup:
+
+* Enable the Transit Engine as the Record Encryption filter relies on its APIs.
+* Create a Vault policy specifically for the filter with permissions for generating and decrypting Data Encryption Keys (DEKs) for envelope encryption.
+* Obtain a Vault token that includes the filter policy.
+
+include::../modules/record-encryption/hashicorp-vault/con-vault-setup.adoc[leveloffset=+1]
+include::../modules/record-encryption/hashicorp-vault/con-vault-service-config.adoc[leveloffset=+1]
+include::../modules/record-encryption/hashicorp-vault/con-vault-key-creation.adoc[leveloffset=+1]

docs/v0.9.0/_files/assemblies/assembly-monitoring-proxy.adoc

@@ -0,0 +1,19 @@
+// file included in the following:
+//
+// index.adoc
+
+[id='con-operating-{context}']
+= Monitoring proxies
+
+[role="_abstract"]
+Monitoring data allows you to monitor the performance and health of proxy operations. 
+You can configure your deployment to capture metrics data for analysis and notifications.
+
+* Introduce custom logging configurations using `log4j2` and set appropriate root log levels.
+* Set up an admin HTTP endpoint for Prometheus metrics scraping.
+* Integrate Micrometer for enhanced observability.
+* Configure common tags and standard binders for JVM and system metrics to ensure comprehensive monitoring and efficient proxy operation.
+
+include::../modules/monitoring/proc-introducing-metrics.adoc[leveloffset=+1]
+include::../modules/monitoring/con-setting-logs.adoc[leveloffset=+1]
+include::../modules/monitoring/con-integrating-micrometer.adoc[leveloffset=+1]

docs/v0.9.0/_files/assemblies/assembly-multi-tenancy-filter.adoc

@@ -0,0 +1,31 @@
+// file included in the following:
+//
+// assembly-built-in-filters.adoc
+
+[id='assembly-multi-tenancy-filter-{context}']
+= (Preview) Multi-tenancy filter
+
+[role="_abstract"]
+Kroxylicious’s Multi-tenancy filter presents a single Kafka cluster to tenants as if it were multiple clusters.
+Operations are isolated to a single tenant by prefixing resources with an identifier.
+
+NOTE: This filter is currently in incubation and available as a preview. 
+We would not recommend using it in a production environment.
+
+The Multi-tenancy filter works by intercepting all Kafka RPCs (remote procedure calls) that reference resources, such as topic names and consumer group names:
+
+Request path:: On the request path, resource names are prefixed with a tenant identifier.
+Response path:: On the response path, the prefix is removed.
+
+Kafka RPCs that list resources are filtered so that only resources belonging to the tenant are returned, effectively creating a private cluster experience for each tenant.
+
+To set up the filter, configure it in Kroxylicious.
+
+IMPORTANT: While the Multi-tenancy filter isolates operations on resources, it does not isolate user identities across tenants. 
+User authentication and ACLs (Access Control Lists) are shared across all tenants, meaning that identity is not scoped to individual tenants. 
+For more information on open issues related to this filter, see {github-issues}.
+
+NOTE: For more information on Kafka's support for multi-tenancy, see the {ApacheKafkaSite}.
+
+//configuring the multi-tenancy filter
+include::../modules/multi-tenancy/proc-multi-tenancy.adoc[leveloffset=+1]

docs/v0.9.0/_files/assemblies/assembly-overview.adoc

@@ -0,0 +1,21 @@
+// file included in the following:
+//
+// index.adoc
+
+[id='assembly-overview-{context}']
+= Kroxylicious overview
+
+[role="_abstract"]
+Kroxylicious is an Apache Kafka protocol-aware ("Layer 7") proxy designed to enhance Kafka-based systems.
+Through its filter mechanism it allows additional behavior to be introduced into a Kafka-based system without requiring changes to either your applications or the Kafka cluster itself. 
+Built-in filters are provided as part of the solution.
+
+Functioning as an intermediary, the Kroxylicious mediates communication between a Kafka cluster and its clients. 
+It takes on the responsibility of receiving, filtering, and forwarding messages.
+
+An API provides a convenient means for implementing custom logic within the proxy.
+
+[role="_additional-resources"]
+.Additional resources
+
+* {ApacheKafkaSite}