Skip to content
This repository was archived by the owner on Apr 2, 2024. It is now read-only.

Commit f04c3d1

Browse files
author
Matt Moyer
committed
Add TLS configuration to KafkaInput.
1 parent 7915028 commit f04c3d1

File tree

2 files changed

+25
-0
lines changed

2 files changed

+25
-0
lines changed

docs/source/config/inputs/kafka.rst

+12
Original file line numberDiff line numberDiff line change
@@ -77,6 +77,18 @@ Config:
7777
client code consumes events, greatly improving throughput. The default is
7878
16.
7979

80+
.. versionadded:: 0.11
81+
82+
- use_tls (bool, optional):
83+
Specifies whether or not SSL/TLS encryption should be used for the TCP
84+
connections. Defaults to false.
85+
86+
- tls (TlsConfig, optional):
87+
A sub-section that specifies the settings to be used for any SSL/TLS
88+
encryption. This will only have any impact if ``use_tls`` is set to true.
89+
See :ref:`tls`.
90+
91+
8092
Example 1: Read Fxa messages from partition 0.
8193

8294
.. code-block:: ini

plugins/kafka/kafka_input.go

+13
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,7 @@
1010
# Contributor(s):
1111
# Mike Trinkala ([email protected])
1212
# Rob Miller ([email protected])
13+
# Matt Moyer ([email protected])
1314
#
1415
# ***** END LICENSE BLOCK *****/
1516

@@ -27,6 +28,7 @@ import (
2728
"github.com/Shopify/sarama"
2829
"github.com/mozilla-services/heka/message"
2930
"github.com/mozilla-services/heka/pipeline"
31+
"github.com/mozilla-services/heka/plugins/tcp"
3032
)
3133

3234
type KafkaInputConfig struct {
@@ -39,6 +41,10 @@ type KafkaInputConfig struct {
3941
WaitForElection uint32 `toml:"wait_for_election"`
4042
BackgroundRefreshFrequency uint32 `toml:"background_refresh_frequency"`
4143

44+
// TLS Config
45+
UseTls bool `toml:"use_tls"`
46+
Tls tcp.TlsConfig
47+
4248
// Broker Config
4349
MaxOpenRequests int `toml:"max_open_reqests"`
4450
DialTimeout uint32 `toml:"dial_timeout"`
@@ -146,6 +152,13 @@ func (k *KafkaInput) Init(config interface{}) (err error) {
146152
k.saramaConfig.Metadata.Retry.Backoff = time.Duration(k.config.WaitForElection) * time.Millisecond
147153
k.saramaConfig.Metadata.RefreshFrequency = time.Duration(k.config.BackgroundRefreshFrequency) * time.Millisecond
148154

155+
k.saramaConfig.Net.TLS.Enable = k.config.UseTls
156+
if k.config.UseTls {
157+
if k.saramaConfig.Net.TLS.Config, err = tcp.CreateGoTlsConfig(&k.config.Tls); err != nil {
158+
return fmt.Errorf("TLS init error: %s", err)
159+
}
160+
}
161+
149162
k.saramaConfig.Net.MaxOpenRequests = k.config.MaxOpenRequests
150163
k.saramaConfig.Net.DialTimeout = time.Duration(k.config.DialTimeout) * time.Millisecond
151164
k.saramaConfig.Net.ReadTimeout = time.Duration(k.config.ReadTimeout) * time.Millisecond

0 commit comments

Comments
 (0)