Public Network Access Through SASL

TDMQ for CKafka

Release Notes and Announcements

Release Notes

Broker Release Notes

Connector Release Notes

DataHub Release Notes

Announcement

TDMQ for CKafka Advanced Edition Launch Announcement

Product Introduction

Comparison with Apache Kafka

Use Limits

Regions and AZs

Purchase Guide

Product Specifications

Professional Edition - Elastic Storage

Billing Overview

Purchasing pay-as-you-go instances

Getting Started

Obtaining Access Permission

Getting Access Authorization

Granting Operation-Level Permissions to Sub-Accounts

Granting Resource-Level Permissions to Sub-Accounts

Granting Tag-Level Permissions to Sub-Accounts

VPC Access

Step 1. Create an Instance

Step 2. Create a Topic

Step 3. Add a VPC Route

Step 4. Send/Receive Messages

Using SDK to Receive/Send Message (Recommended)

Running Kafka Client (Optional)

Access via Public Domain Name

Step 1. Create an Instance

Step 2. Add a Public Route

Step 3. Create a Topic

Step 4. Configure an ACL Policy

Step 5. Send/Receive Messages

Using SDK to Receive/Send Message (Recommended)

Running Kafka Client (Optional)

Operation Guide

Instance Management

Creating Instance

Naming with Consecutive Numeric Suffixes or Designated Pattern String

Viewing Instance

Upgrading Instance

Downgrading Instance Configuration

Terminating/Returning Instances

Change from Pay-as-You-Go to Monthly Subscription

Upgrading Instance Version

Adding Routing Policy

Connecting to Prometheus

AZ Migration

Setting Maintenance Time

Setting Message Size

Topic Management

Instance Topic

Setting Topic Traffic Throttling Rule

Elastic Topic

Topic Management

Subscription Management

Consumer Group

Consumer Group Overview

Creating Consumer Group

Querying Consumer Group

Deleting Consumer Group

Setting Offset

Automatically Resetting Offset

Monitoring and Alarms

Viewing Monitoring Data

Querying Advanced Monitoring (Pro Edition)

Configuring Alarms

Suggestions for Alarm Configuration

Viewing Advanced Ops Features (Pro Edition)

Smart Ops

Elastic Scaling

Disk Utilization Policy

Dynamic Partition Processing

Elastic Bandwidth

Permission Management

Configuring ACL Policy

Tag Management

Migration to Cloud

Migration Scheme Overview

Step 1. Purchasing CKafka Instance

Step 2. Migrating Topic to Cloud

Step 3. Migrating Data to Cloud

Scheme 1: Single-Producer Dual-Consumer Migration

Scheme 2: Single-Producer Single-Consumer Migration

Scheme 3: Migration with MirrorMaker

Scheme 4: Migrating Unconsumed Data

Data Compression

CKafka Connector

Introduction

Connection Management

Task Management

Creating Data Access Task

Creating Data Distribution Task

Data Target

Data Distribution to TDW

Simple Data Processing

Data Conversion

Filter Rule Description

Task Management

Schema Management

Event Center

Practical Tutorial

Troubleshooting

Topic Failures

Topic Creation Failure

No Topic Monitoring Data

Linkage Failure of Other Tencent Cloud Services Caused by Topic ACL Policy Configuration

Existence of Partition Message Heap

Consumer Group Failures

No Consumer Group Details Displayed

Consumer Group Constantly in PreparingRebalance Status

Client Failures

Common Client Errors and Solutions

Blockage of Messages Produced by Client

Client’s Failure to Consume Messages

Sarama Client

Message Failures

Consumption Data Exception

Failure to Delete Expired Messages Promptly

Slow Consumption Speed

Warning Displayed for Message Heap

Error Persistence After a Period of Production

API Documentation

Making API Requests

DataHub APIs

DescribeDatahubTopics

ACL APIs

Topic APIs

Instance APIs

CreatePostPaidInstance

DescribeInstanceAttributes

DescribeInstancesDetail

InquireCkafkaPrice

ModifyGroupOffsets

ModifyInstanceAttributes

Route APIs

Other APIs

DeleteRouteTriggerTime

DescribeAppInfo

DescribeCkafkaZone

DescribeConsumerGroup

SDK Documentation

SDK for Java

VPC Access Through SASL_SCRAM

Public Network Access Through SASL_PLAINTEXT

Access Through SASL_SSL

SDK for Python

VPC Access

Public Network Access Through SASL_PLAINTEXT

Public Network Access Through SASL_SSL

SDK for Go

VPC Access

Public Network Access Through SASL_PLAINTEXT

SDK for PHP

VPC Access

Public Network Access Through SASL_PLAINTEXT

SDK for C++

VPC Access

Public Network Access Through SASL_PLAINTEXT

SDK for Node.js

VPC Access

Public Network Access Through SASL_PLAINTEXT

SDK for Connector

Data Reporting SDK

Elastic Topic Message Sending and Receiving

Connecting Filebeats to CKafka

Connecting Logstash to CKafka

General References

Conducting Production and Consumption Pressure Testing on CKafka

Configuration Guide for Common Parameters in CKafka

Connecting to Legacy Self-Built Kafka

Suggestions for CKafka Version Selection

CKafka Data Reliability Description

Connector

Database Change Subscription

MongoDB Data Subscription

MySQL Data Subscription

PostgreSQL Data Subscription

Official Format Description for MySQL Subscription Messages

Canal Format of MySQL Subscription Message

User Permission Settings Reference for PostgreSQL Subscription by Connector

Data Processing

Data Processing Rule Description

Regular Expression Extraction

JSONPath Description

Self-Built Cluster Connection Instructions (CLB Method)

Authorization Instructions for Access to CLS and COS Services Through Connectors

What Is a Signaling Table

FAQs

Connector

Data Reporting Issues

Data Processing Issues

Data Dump

Data Subscription Issues

Service Level Agreement

Glossary

DocumentationTDMQ for CKafkaSDK DocumentationSDK for PythonPublic Network Access Through SASL_SSL

Public Network Access Through SASL_SSL

Download PDF

Last updated: 2024-11-07 15:40:42

Public Network Access Through SASL_SSL

Last updated: 2024-11-07 15:40:42

Download PDF

Overview
This document describes how to access CKafka to send/receive messages with the SDK for Python through SASL_SSL over public network.
Prerequisites
Install Python
Install pip
Configure an ACL policy
Download demo
Download the SASL_SSL certificate
Directions
Step 1. Make preparations
1. Create an access point.
1.1 On the Instance List page in the CKafka console, click the target instance ID to enter the instance details page.
1.2 In Basic Info > Access Mode, click Add a routing policy. In the pop-up window, select Route Type: Public domain name access, Access Mode: SASL_SSL.
﻿
2. Create a role.
On the User Management tab page under ++ACL Policy Management++, create a role and set a password.
﻿
3. Create a topic.
Create a topic on the Topic Management tab page as instructed in Creating a topic.
4. Add the Python dependent library.
Run the following command to install the dependent library:
pip install kafka-python
Step 2. Produce messages
1. Modify the configuration parameters in the message production program producer.py.
producer = KafkaProducer(
 bootstrap_servers = ['xx.xx.xx.xx:port'],
 api_version = (1, 1),
﻿
 #
 # Public network access through SASL_SSL
 #
 security_protocol = "SASL_SSL",
 sasl_mechanism = "PLAIN",
 sasl_plain_username = "instanceId#username",
 sasl_plain_password = "password",
 ssl_cafile = "CARoot.pem",
 ssl_check_hostname = False,
)
﻿
message = "Hello World! Hello Ckafka!"
msg = json.dumps(message).encode()
producer.send('topic_name', value = msg)
print("produce message " + message + " success.")
producer.close()
Parameter
Description
bootstrap_servers
Accessed network, which can be copied from the Network column in the Access Mode section in Basic Info on the instance details page in the console.
﻿
sasl_plain_username
Username in the format of instance ID + #  + username. The instance ID can be obtained in Basic Info on the instance details page in the CKafka console, and the username is set when the user is created in on the User Management tab page under ACL Policy Management.
sasl_plain_password
User password, which is set when the user is created on the User Management tab page under ACL Policy Management on the instance details page in the CKafka console.
topic_name
Topic name, which can be copied from the Topic Management page in the console.
﻿
CARoot.pem
Certificate path that is required when the access mode is SASL_SSL.
2. Compile and run producer.py.
3. View the execution result.
﻿
4. On the Topic Management tab page on the instance details page in the CKafka console, select the target topic, and click More > Message Query to view the message just sent.
﻿
Step 3. Consume messages
1. Modify the configuration parameters in the message consumption program consumer.py.
consumer = KafkaConsumer(
 'topic_name',
 group_id = "group_id",
 bootstrap_servers = ['xx.xx.xx.xx:port'],
 api_version = (1,1),
﻿
 #
 # Public network access through SASL_SSL
 #
 security_protocol = "SASL_SSL",
 sasl_mechanism = 'PLAIN',
 sasl_plain_username = "instanceId#username",
 sasl_plain_password = "password",
 ssl_cafile = "CARoot.pem",
 ssl_check_hostname = False,
﻿
)
﻿
for message in consumer:
 print ("Topic:[%s] Partition:[%d] Offset:[%d] Value:[%s]" %
 (message.topic, message.partition, message.offset, message.value))
﻿
Parameter
Description
bootstrap_servers
Accessed network, which can be copied from the Network column in the Access Mode section in Basic Info on the instance details page in the console.
﻿
group_id
Consumer group ID, which can be customized based on business requirements.
sasl_plain_username
Username in the format of instance ID + #  + username. The instance ID can be obtained in Basic Info on the instance details page in the CKafka console, and the username is set when the user is created on the User Management tab page under ACL Policy Management.
sasl_plain_password
User password, which is set when the user is created on the User Management tab page under ACL Policy Management on the instance details page in the CKafka console.
topic_name
Topic name, which can be copied from the Topic Management page in the console.
﻿
CARoot.pem
Certificate path that is required when the access mode is SASL_SSL.
2. Compile and run consumer.py.
3. View the execution result.
﻿
4. On the Consumer Group tab page in the CKafka console, select the corresponding consumer group name, enter the topic name, and click View Details to view the consumption details.
﻿
﻿

Was this page helpful?

You can also Contact Sales or Submit a Ticket for help.

Yes

Parameter	Description
`bootstrap_servers`	Accessed network, which can be copied from the Network column in the Access Mode section in Basic Info on the instance details page in the console.
`sasl_plain_username`	Username in the format of `instance ID` + `#` + `username`. The instance ID can be obtained in Basic Info on the instance details page in the CKafka console, and the username is set when the user is created in on the User Management tab page under ACL Policy Management.
`sasl_plain_password`	User password, which is set when the user is created on the User Management tab page under ACL Policy Management on the instance details page in the CKafka console.
`topic_name`	Topic name, which can be copied from the Topic Management page in the console.
`CARoot.pem`	Certificate path that is required when the access mode is `SASL_SSL`.

Parameter	Description
`bootstrap_servers`	Accessed network, which can be copied from the Network column in the Access Mode section in Basic Info on the instance details page in the console.
`group_id`	Consumer group ID, which can be customized based on business requirements.
`sasl_plain_username`	Username in the format of `instance ID` + `#` + `username`. The instance ID can be obtained in Basic Info on the instance details page in the CKafka console, and the username is set when the user is created on the User Management tab page under ACL Policy Management.
`sasl_plain_password`	User password, which is set when the user is created on the User Management tab page under ACL Policy Management on the instance details page in the CKafka console.
`topic_name`	Topic name, which can be copied from the Topic Management page in the console.
`CARoot.pem`	Certificate path that is required when the access mode is `SASL_SSL`.

tencent cloud

New User Offers

Next-Generation CDN：EdgeOne

Elasticsearch Service Special Offers

Free Tier

Tencent Cloud Startup Program

Special Offers

Lighthouse Special Offers

Cloud Object Storage Special Offers

Featured Products

New Products

Education

Tencent Cloud Online Education Solutions

Gaming

Gaming Solution

Game Media Solutions

Financial Services

Financial Services Solution

Audio & Video

Audio/Video Solution

LVB Recording Solution

Interactive Classroom Solution

Interactive Live Streaming Solution

Audio Chat Social Networking Solution

Real Estate

Tencent Cloud LinkBase(Weiling)

E-commerce

E-commerce retail solutions

Compute

Cloud Virtual Machine

Auto Scaling

Batch Compute

CVM Dedicated Host

Database

TencentDB for MySQL

TencentDB for Redis®

TencentDB for CTSDB

TDSQL for MySQL

Data Transfer Service

TencentDB for MongoDB

TencentDB for PostgreSQL

TencentDB for SQL Server

TencentDB for TcaplusDB

Video Service

Cloud Streaming Services

Video on Demand

Media Processing Service

Cloud Application Rendering

Cloud Contact Center

Game Multimedia Engine

Chat

Real-time Communication

Tencent Effect SDK

AI and Machine Learning

Image Creation Large Model

Face Fusion

eKYC

Optical Character Recognition

Video Creation Large Model

Industry Applications

Tencent HealthCare Omics Platform

Container and Middleware

TDMQ for CKafka

Serverless Cloud Function

Tencent Kubernetes Engine

Tencent Kubernetes Engine for Serverless

Networking

Cloud Load Balancer

Virtual Private Cloud

Direct Connect

Cloud Connect Network

NAT Gateway

VPN Connection

Bandwidth Package

Anycast Internet Acceleration

Elastic Network Interface

Flow Logs

Global Application Acceleration Platform

Security

Captcha