Kafka SSL Sink
Provided by: "Apache Software Foundation"
Support Level for this Kamelet is: "Stable"
Send data to Kafka topics wit TLS/SSL support.
The Kamelet is able to understand the following headers to be set:
-
key
/ce-key
: as message key -
partition-key
/ce-partitionkey
: as message partition key
Both the headers are optional.
Configuration Options
The following table summarizes the configuration options available for the kafka-ssl-sink
Kamelet:
Property | Name | Description | Type | Default | Example |
---|---|---|---|---|---|
Brokers |
Required Comma separated list of Kafka Broker URLs. |
string |
|||
SSL Key Password |
Required The password of the private key in the key store file. |
string |
|||
SSL Keystore Location |
Required The location of the key store file. This is optional for client and can be used for two-way authentication for client. |
string |
|||
SSL Keystore Password |
Required The store password for the key store file.This is optional for client and only needed if ssl.keystore.location is configured. |
string |
|||
SSL Truststore Location |
Required The location of the trust store file. |
string |
|||
Topic Names |
Required Comma separated list of Kafka topic names. |
string |
|||
SASL Mechanism |
The Simple Authentication and Security Layer (SASL) Mechanism used. |
string |
GSSAPI |
||
Security Protocol |
Protocol used to communicate with brokers. SASL_PLAINTEXT, PLAINTEXT, SASL_SSL and SSL are supported. |
string |
SSL |
||
SSL Enabled Protocols |
The list of protocols enabled for SSL connections. TLSv1.2, TLSv1.1 and TLSv1 are enabled by default. |
string |
TLSv1.2,TLSv1.1,TLSv1 |
||
SSL Protocol |
The SSL protocol used to generate the SSLContext. Default setting is TLS, which is fine for most cases. Allowed values in recent JVMs are TLS, TLSv1.1 and TLSv1.2. SSL, SSLv2 and SSLv3 may be supported in older JVMs, but their usage is discouraged due to known security vulnerabilities. |
string |
TLSv1.2 |
Dependencies
At runtime, the kafka-ssl-sink
Kamelet relies upon the presence of the following dependencies:
-
camel:core
-
camel:kafka
-
camel:kamelet
Usage
This section describes how you can use the kafka-ssl-sink
.
Knative sink
You can use the kafka-ssl-sink
Kamelet as a Knative sink by binding it to a Knative object.
apiVersion: camel.apache.org/v1alpha1
kind: KameletBinding
metadata:
name: kafka-ssl-sink-binding
spec:
source:
ref:
kind: Channel
apiVersion: messaging.knative.dev/v1
name: mychannel
sink:
ref:
kind: Kamelet
apiVersion: camel.apache.org/v1alpha1
name: kafka-ssl-sink
properties:
bootstrapServers: The Brokers
sslKeyPassword: The SSL Key Password
sslKeystoreLocation: The SSL Keystore Location
sslKeystorePassword: The SSL Keystore Password
sslTruststoreLocation: The SSL Truststore Location
topic: The Topic Names
Prerequisite
You have Camel K installed on the cluster.
Procedure for using the cluster CLI
-
Save the
kafka-ssl-sink-binding.yaml
file to your local drive, and then edit it as needed for your configuration. -
Run the sink by using the following command:
kubectl apply -f kafka-ssl-sink-binding.yaml
Procedure for using the Kamel CLI
Configure and run the sink by using the following command:
kamel bind kafka-ssl-sink -p "sink.bootstrapServers=The Brokers" -p "sink.sslKeyPassword=The SSL Key Password" -p "sink.sslKeystoreLocation=The SSL Keystore Location" -p "sink.sslKeystorePassword=The SSL Keystore Password" -p "sink.sslTruststoreLocation=The SSL Truststore Location" -p "sink.topic=The Topic Names" channel:mychannel
This command creates the KameletBinding in the current namespace on the cluster.
Kafka sink
You can use the kafka-ssl-sink
Kamelet as a Kafka sink by binding it to a Kafka topic.
apiVersion: camel.apache.org/v1alpha1
kind: KameletBinding
metadata:
name: kafka-ssl-sink-binding
spec:
source:
ref:
kind: KafkaTopic
apiVersion: kafka.strimzi.io/v1beta1
name: my-topic
sink:
ref:
kind: Kamelet
apiVersion: camel.apache.org/v1alpha1
name: kafka-ssl-sink
properties:
bootstrapServers: The Brokers
sslKeyPassword: The SSL Key Password
sslKeystoreLocation: The SSL Keystore Location
sslKeystorePassword: The SSL Keystore Password
sslTruststoreLocation: The SSL Truststore Location
topic: The Topic Names
Prerequisites
-
You’ve installed Strimzi.
-
You’ve created a topic named
my-topic
in the current namespace. -
You have Camel K installed on the cluster.
Procedure for using the cluster CLI
-
Save the
kafka-ssl-sink-binding.yaml
file to your local drive, and then edit it as needed for your configuration. -
Run the sink by using the following command:
kubectl apply -f kafka-ssl-sink-binding.yaml
Procedure for using the Kamel CLI
Configure and run the sink by using the following command:
kamel bind kafka-ssl-sink -p "sink.bootstrapServers=The Brokers" -p "sink.sslKeyPassword=The SSL Key Password" -p "sink.sslKeystoreLocation=The SSL Keystore Location" -p "sink.sslKeystorePassword=The SSL Keystore Password" -p "sink.sslTruststoreLocation=The SSL Truststore Location" -p "sink.topic=The Topic Names" kafka.strimzi.io/v1beta1:KafkaTopic:my-topic
This command creates the KameletBinding in the current namespace on the cluster.