search

echojc / kafka-offset-exporter

Prometheus exporter for Kafka topic and consumer group offsets
27 stars 37 forks source link

Connect to broker using SSL #6

Open piequi opened 6 years ago

piequi commented 6 years ago

Hi there,

Your exporter is just the one I need, it exposes just the right thing ! My only concern is that I need to connect to the broker using SSL...

When I connect to the broker using kafka-consumer-groups.sh tool, I specify the following variables in a separated properties file and use the --command-config flag

security.protocol=SSL
ssl.keystore.location=/etc/kafka/keystore/keystore.jks
ssl.keystore.password=xxx
ssl.truststore.location=/etc/kafka/keystore/truststore.jks
ssl.truststore.password=xxx

In the sarama/client_tls_test.go they use something like :

config := NewConfig()
config.Net.TLS.Enable = true
config.Net.TLS.Config = clientConfig

With clientConfig being a GO TLS config (as far as I understand)...

Would there be a way to configure those properties in your exporter to establish a SSL connection ?

Thanks a lot

echojc commented 6 years ago

Hey there, from a quick look at the docs I'm not sure that you can read Java keystores in Go without additional libraries such as https://github.com/pavel-v-chernykh/keystore-go. If you would like that support, it would seem best for you to fork the project. All the best!

piequi commented 6 years ago

Hi, We actually create keystore and trusstore using crt and key files. I'll try to find a way to create that TLSConfig correctly using those files. Thanks