Kafka Connection
Supported Kafka Versions
2.1.0
3.4.x
Connection Configuration
Configure the fields required to create the connection as explained below.
Connection Name
Enter a unique name for this connection.
Scope
When creating connections, users can define the scope to customize their accessibility.
You can set the connection scope as follows:
Organization: Accessible to organization users across all Gathr projects for usage in applications.
Project: Accessible to organization users limited to projects that are specified by the connection owner for usage in applications.
Private: Accessible only to the connection owner for usage in applications.
Connection Type
Choose between a secure SSH Tunnel connection or a direct connection.
If Connection Type value is SSH Tunnel, additional fields will be displayed as given below:
To know more about SSH Tunneling with Gathr, see SSH Tunneling.
SSH Key
Provide the SSH key for authenticating the SSH host and user.
SSH Host
Enter the public IP address of your SSH host.
SSH User
Specify the default SSH username.
If Connection Type value is Direct Connection, then proceed by updating the following fields.
Zookeeper Hosts
List of comma separated IPs: port of Zookeeper for creating Kafka topic from Gathr.
Kafka Brokers
List of Kafka nodes for creating connections.
Enable Topic Administration
Allows the user to create and update topics in Kafka, provided they have the necessary authorization for these actions.
Enable SSL
Enable SSL for the Kafka connection.
Upload Truststore File
Upload the Truststore file for SSL in JKS format.
Truststore Password
Enter the password for the Truststore file.
Enable Authentication
Enable additional authentication settings.
Upload Keystore File
Upload the Keystore file for authentication in PKCS12 format.
Keystore Password
Enter the password for the Keystore file.
Password
Enter the password for the private key in the Keystore file.
Confluent Kafka
Check this box if you are using Confluent Kafka.
Enabling this option ensures compatibility with Confluent-specific configurations and optimizations.
Schema Registry URL
Enter the Schema Registry URL for your Kafka setup.
This is the location where Kafka stores and manages data schemas. It helps ensure consistency and compatibility of data formats in your Kafka topics.
Example: http://localhost:8081.
Enable SASL
Select to enable SASL based authentication for enhanced security in the Kafka connection.
SASL Mechanism
Choose how you want to securely prove your identity based on your Kafka server setup.
Enter one of these methods:
PLAIN: Send your username and password (make sure it’s a secure connection).
GSSAPI (Kerberos): Integrates with security systems like Kerberos. Offers secure authentication without sharing sensitive info.
SCRAM: Modern and secure. Uses a challenge-response approach, protecting against various attacks.
SASL JAAS Configuration
Specify how Java applications authenticate users using SASL.
Configure the Java Authentication and Authorization Service (JAAS) by defining login modules and options.
Tailor these settings to control how user identities are verified and authorized during authentication.
Example Values for JAAS Configuration:
com.example.CustomLoginModule required;
com.sun.security.auth.module.Krb5LoginModule required useKeyTab=true keyTab="/path/to/keytab" principal="user@example.com";
org.apache.kafka.common.security.scram.ScramLoginModule required username="myUser" password="myPassword" principal="user@example.com" serviceName="kafka";
User Principal
Enter the unique identity (principal) for SASL authentication.
This identifies you during the authentication process.
Example Values for User Principal:
user123
user.one@example.com
Security Protocol
This field appears when SSL is enabled. Specify the security protocol for the Kafka connection.
Common options include:
SSL: If SSL is enabled, providing
SSL
ensures encrypted communication.PLAINTEXT: If SSL is not enabled, you can provide
PLAINTEXT
for unencrypted communication.
When SASL is enabled, the following values are valid:
SASL_SSL: This protocol combines SASL for authentication and SSL for encryption. It ensures both secure authentication and encrypted data transmission, providing a high level of security.
SASL_PLAINTEXT: This option uses SASL for authentication but does not encrypt the data during transmission. It’s less secure compared to SASL_SSL but may be suitable for environments where encryption is not a requirement.
Make sure the selected protocol aligns with your security requirements and the configuration of your Kafka cluster.
Example Value for Security Protocol:
SSL
PLAINTEXT
SASL_SSL
SASL_PLAINTEXT
Add Configuration: Additional properties can be added using ADD CONFIGURATION link.
After entering all the details, click on the TEST button.
If the connection service identification and authentication details are provided correctly, a success message stating “connection available” is generated. Click on the CREATE button to save the changes.
If the details are incorrect or the server is down, you will get a message “Connection unavailable”.
If you have any feedback on Gathr documentation, please email us!