tar -xvf lenses.tar.gz -C lenses
This will extract the application in a lenses directory.
Make sure the directory is owned by the root user.
Use the 2 sample configuration files, included in the directory, and create the Lenses configuration.
The sample files are:
After that, the final directory structure should be:
├── lenses.conf ← edited and renamed from .sample
├── security.conf ← edited and renamed from .sample
├── logs/ ← created when you run Lenses
├── storage/ ← created when you run Lenses
security.conf contains sensitive information:
Make it only readable by the Lenses user:
chmod 0600 /path/to/security.conf
chown [lenses-user]:root /path/to/security.conf
Lenses needs write access in 4-5 places in total:
Start Lenses by running:
or pass the location of the config file:
If you do not pass the location of the config file, Lenses will look for it
inside the current (runtime) directory. If it does not exist, it will try its
The default settings mean that you can login on http://localhost:9991 using your authentication provider, or with the
admin account that comes by default with the admin:admin credentials.
We strongly recommend changing the defaults.
Lenses license and connections to external services can be configured through wizard configuration,
which will appear at Lenses start up, or via a Lenses provision
To stop Lenses, press CTRL+C.
Lenses and Kafka itself use two common Java libraries that take advantage of JNI and are extracted to /tmp.
You must either:
If your server uses systemd as Service Manager, then manage Lenses (start upon system boot, stop, restart) with it.
Below you can find a simple unit file that starts Lenses automatically on system boot.
Description=Run Lenses.io service
This step will run Lenses in Wizard mode, so connections will be configured through the UI. In the case it is preferred
to run Lenses with automatic configuration, then you’ll need a second service.
Before continuing, please read about dynamic configuration
and Lenses Provisioning.
Now, we can create a second unit file that will provision Lenses given a provisioning.yaml.
Once the file is ready, place it under the desired folder and configured Lenses to pick that folder as the provisioning
Lenses will inspect that folder and grab any change in the provisioning.yaml file or any of the certificates needed to
establish a connection.
To setup the provisioning folder, specify lenses.provisioning.path configuration property
Lenses uses the default truststore (cacerts) of the system’s JRE (Java
Runtime) installation. The truststore is used to verify remote servers on TLS
connections, such as Kafka Brokers with an SSL protocol, Secure LDAP, JMX over
TLS, and more. Whilst for some type of connections (e.g. Kafka Brokers) a
separate keystore can be provided at the connection’s configuration, for some
other connections (e.g. Secure LDAP and JMX over TLS) we always rely on the
It is possible to set a global custom truststore via the LENSES_OPTS
export LENSES_OPTS="-Djavax.net.ssl.trustStore=/path/to/truststore.jks -Djavax.net.ssl.trustStorePassword=changeit"
On this page