The Pulsar admin interface

The Pulsar admin interface enables you to manage all of the important entities in a Pulsar instance, such as tenants, topics, and namespaces.

You can currently interact with the admin interface via:

  • Making HTTP calls against the admin REST API provided by Pulsar brokers. For some restful apis, they might be redirected to topic owner brokers for servingwith 307 Temporary Redirect, hence the HTTP callers should handle 307 Temporary Redirect. If you are using curl, you should specify -Lto handle redirections.
  • The pulsar-admin CLI tool, which is available in the bin folder of your Pulsar installation:
  1. $ bin/pulsar-admin

Full documentation for this tool can be found in the Pulsar command-line tools doc.

  • A Java client interface.

The REST API is the admin interface

Under the hood, both the pulsar-admin CLI tool and the Java client both use the REST API. If you’d like to implement your own admin interface client, you should use the REST API as well. Full documentation can be found here.

In this document, examples from each of the three available interfaces will be shown.

Admin setup

Each of Pulsar's three admin interfaces—-the pulsar-admin CLI tool, the Java admin API, and the REST API —-requires some special setup if you have authentication enabled in your Pulsar instance.

pulsar-admin

If you have authentication enabled, you will need to provide an auth configuration to use the pulsar-admin tool. By default, the configuration for the pulsar-admin tool is found in the conf/client.conf file. Here are the available parameters:

NameDescriptionDefault
webServiceUrlThe web URL for the cluster.http://localhost:8080/
brokerServiceUrlThe Pulsar protocol URL for the cluster.pulsar://localhost:6650/
authPluginThe authentication plugin.
authParamsThe authentication parameters for the cluster, as a comma-separated string.
useTlsWhether or not TLS authentication will be enforced in the cluster.false
tlsAllowInsecureConnectionAccept untrusted TLS certificate from client.false
tlsTrustCertsFilePathPath for the trusted TLS certificate file.

REST API

You can find documentation for the REST API exposed by Pulsar brokers in this reference document.

Java admin client

To use the Java admin API, instantiate a PulsarAdmin object, specifying a URL for a Pulsar broker and a ClientConfiguration. Here's a minimal example using localhost:

  1. URL url = new URL("http://localhost:8080");
  2. // Pass auth-plugin class fully-qualified name if Pulsar-security enabled
  3. String authPluginClassName = "com.org.MyAuthPluginClass";
  4. // Pass auth-param if auth-plugin class requires it
  5. String authParams = "param1=value1";
  6. boolean useTls = false;
  7. boolean tlsAllowInsecureConnection = false;
  8. String tlsTrustCertsFilePath = null;
  9. ClientConfiguration config = new ClientConfiguration();
  10. config.setAuthentication(authPluginClassName, authParams);
  11. config.setUseTls(useTls);
  12. config.setTlsAllowInsecureConnection(tlsAllowInsecureConnection);
  13. config.setTlsTrustCertsFilePath(tlsTrustCertsFilePath);
  14. PulsarAdmin admin = new PulsarAdmin(url, config);

If you have multiple brokers to use, you can use multi-host like Pulsar service. For example,

  1. URL url = new URL("http://localhost:8080,localhost:8081,localhost:8082");
  2. // Pass auth-plugin class fully-qualified name if Pulsar-security is enabled.
  3. String authPluginClassName = "com.org.MyAuthPluginClass";
  4. // Pass auth-param if auth-plugin class requires it
  5. String authParams = "param1=value1";
  6. boolean useTls = false;
  7. boolean tlsAllowInsecureConnection = false;
  8. String tlsTrustCertsFilePath = null;
  9. ClientConfiguration config = new ClientConfiguration();
  10. config.setAuthentication(authPluginClassName, authParams);
  11. config.setUseTls(useTls);
  12. config.setTlsAllowInsecureConnection(tlsAllowInsecureConnection);
  13. config.setTlsTrustCertsFilePath(tlsTrustCertsFilePath);
  14. PulsarAdmin admin = new PulsarAdmin(url, config);