tile38/internal/endpoint/kafka.go

160 lines
3.4 KiB
Go
Raw Normal View History

package endpoint
import (
"crypto/tls"
"crypto/x509"
"errors"
"fmt"
"io/ioutil"
2021-07-08 11:20:45 +03:00
"os"
"sync"
"time"
lg "log"
"github.com/Shopify/sarama"
"github.com/tidwall/gjson"
"github.com/tidwall/tile38/internal/log"
)
const kafkaExpiresAfter = time.Second * 30
2018-04-19 19:25:39 +03:00
// KafkaConn is an endpoint connection
type KafkaConn struct {
mu sync.Mutex
ep Endpoint
conn sarama.SyncProducer
ex bool
t time.Time
}
2018-04-19 19:25:39 +03:00
// Expired returns true if the connection has expired
func (conn *KafkaConn) Expired() bool {
conn.mu.Lock()
defer conn.mu.Unlock()
if !conn.ex {
if time.Since(conn.t) > kafkaExpiresAfter {
if conn.conn != nil {
conn.close()
}
conn.ex = true
}
}
return conn.ex
}
2018-04-19 19:25:39 +03:00
func (conn *KafkaConn) close() {
if conn.conn != nil {
conn.conn.Close()
conn.conn = nil
}
}
2018-04-19 19:25:39 +03:00
// Send sends a message
func (conn *KafkaConn) Send(msg string) error {
conn.mu.Lock()
defer conn.mu.Unlock()
if conn.ex {
return errExpired
}
conn.t = time.Now()
if log.Level > 2 {
2021-02-19 01:34:01 +03:00
sarama.Logger = lg.New(log.Output(), "[sarama] ", 0)
}
uri := fmt.Sprintf("%s:%d", conn.ep.Kafka.Host, conn.ep.Kafka.Port)
if conn.conn == nil {
2018-04-17 18:30:49 +03:00
cfg := sarama.NewConfig()
if conn.ep.Kafka.TLS {
log.Debugf("building kafka tls config")
tlsConfig, err := newKafkaTLSConfig(conn.ep.Kafka.CertFile, conn.ep.Kafka.KeyFile, conn.ep.Kafka.CACertFile)
if err != nil {
return err
}
cfg.Net.TLS.Enable = true
cfg.Net.TLS.Config = tlsConfig
2021-07-08 13:05:16 +03:00
}
if conn.ep.Kafka.SASL {
2021-07-08 11:20:45 +03:00
log.Debugf("building kafka sasl config")
cfg.ClientID = "sasl_scram_client"
cfg.Net.SASL.Enable = true
cfg.Net.SASL.User = os.Getenv("KAFKA_USERNAME")
cfg.Net.SASL.Password = os.Getenv("KAFKA_PASSWORD")
cfg.Net.SASL.Handshake = true
cfg.Net.SASL.SCRAMClientGeneratorFunc = func() sarama.SCRAMClient { return &XDGSCRAMClient{HashGeneratorFcn: SHA512} }
cfg.Net.SASL.Mechanism = sarama.SASLTypeSCRAMSHA512
}
2018-04-17 18:30:49 +03:00
cfg.Net.DialTimeout = time.Second
cfg.Net.ReadTimeout = time.Second * 5
cfg.Net.WriteTimeout = time.Second * 5
// Fix #333 : fix backward incompatibility introduced by sarama library
cfg.Producer.Return.Successes = true
2020-07-03 21:57:15 +03:00
cfg.Version = sarama.V0_10_0_0
2018-04-17 18:30:49 +03:00
c, err := sarama.NewSyncProducer([]string{uri}, cfg)
if err != nil {
return err
}
conn.conn = c
}
// parse json again to get out info for our kafka key
key := gjson.Get(msg, "key")
id := gjson.Get(msg, "id")
keyValue := fmt.Sprintf("%s-%s", key.String(), id.String())
message := &sarama.ProducerMessage{
Topic: conn.ep.Kafka.TopicName,
Key: sarama.StringEncoder(keyValue),
Value: sarama.StringEncoder(msg),
}
_, offset, err := conn.conn.SendMessage(message)
if err != nil {
conn.close()
return err
}
if offset < 0 {
conn.close()
return errors.New("invalid kafka reply")
}
return nil
}
2018-04-19 19:25:39 +03:00
func newKafkaConn(ep Endpoint) *KafkaConn {
return &KafkaConn{
ep: ep,
t: time.Now(),
}
}
func newKafkaTLSConfig(CertFile, KeyFile, CACertFile string) (*tls.Config, error) {
tlsConfig := tls.Config{}
// Load client cert
cert, err := tls.LoadX509KeyPair(CertFile, KeyFile)
if err != nil {
return &tlsConfig, err
}
tlsConfig.Certificates = []tls.Certificate{cert}
// Load CA cert
caCert, err := ioutil.ReadFile(CACertFile)
if err != nil {
return &tlsConfig, err
}
caCertPool := x509.NewCertPool()
caCertPool.AppendCertsFromPEM(caCert)
tlsConfig.RootCAs = caCertPool
return &tlsConfig, err
}