-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathfips_producer.py
executable file
·83 lines (72 loc) · 3.08 KB
/
fips_producer.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
#!/usr/bin/env python
#
# Copyright 2023 Confluent Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
#
# Example Kafka FIPS Compliant Producer.
# Reads lines from stdin and sends to Kafka.
#
from confluent_kafka import Producer
import sys
if __name__ == '__main__':
if len(sys.argv) != 3:
sys.stderr.write('Usage: %s <bootstrap-brokers> <topic>\n' % sys.argv[0])
sys.exit(1)
broker = sys.argv[1]
topic = sys.argv[2]
# Producer configuration
# See https://github.com/confluentinc/librdkafka/blob/master/CONFIGURATION.md
conf = {'bootstrap.servers': broker,
'security.protocol': 'SASL_SSL',
'sasl.mechanism': 'PLAIN',
'sasl.username': 'broker',
'sasl.password': 'broker-secret',
# pkc12 keystores are not FIPS compliant and hence you will need to use
# path to key and certificate separately in FIPS mode
# 'ssl.keystore.location': './docker/secrets/client.keystore.p12',
# 'ssl.keystore.password': '111111',
'ssl.key.location': './docker/secrets/localhost_client.key',
'ssl.key.password': '111111',
'ssl.certificate.location': './docker/secrets/localhost_client.crt',
'ssl.ca.location': './docker/secrets/ca-root.crt',
'ssl.providers': 'fips,base'
}
# Create Producer instance
p = Producer(**conf)
# Optional per-message delivery callback (triggered by poll() or flush())
# when a message has been successfully delivered or permanently
# failed delivery (after retries).
def delivery_callback(err, msg):
if err:
sys.stderr.write('%% Message failed delivery: %s\n' % err)
else:
sys.stderr.write('%% Message delivered to %s [%d] @ %d\n' %
(msg.topic(), msg.partition(), msg.offset()))
# Read lines from stdin, produce each line to Kafka
for line in sys.stdin:
try:
# Produce line (without newline)
p.produce(topic, line.rstrip(), callback=delivery_callback)
except BufferError:
sys.stderr.write('%% Local producer queue is full (%d messages awaiting delivery): try again\n' %
len(p))
# Serve delivery callback queue.
# NOTE: Since produce() is an asynchronous API this poll() call
# will most likely not serve the delivery callback for the
# last produce()d message.
p.poll(0)
# Wait until all messages have been delivered
sys.stderr.write('%% Waiting for %d deliveries\n' % len(p))
p.flush()