Yes it's possible. The most common issue in my experience is the location of the trust store and key store being different or absent on some hosts. You need to make sure that these locations are consistent across all hosts in your Connect cluster, or use a ConfigProvider to provide the location dynamically. Otherwise, a task will get scheduled on some host and fail to find these files.
Ryanne On Wed, Mar 31, 2021, 8:22 PM Men Lim <zulu...@gmail.com> wrote: > Hello. I was wondering if someone can help answer my question. I'm trying > to run MirrorMaker 2 in distributed mode using SSL. I have the distributor > running in SSL but when I can't get the curl REST api to do so. I saw that > kif-208 fixed this but I can't seem to implement it. > > in my mm2-dist.prop file I have set: > //// > listeners=https://localhost:8443 > security.protocol=SSL > > ssl.truststore.location=/home/ec2-user/kafka_2.13-2.7.0/cert/kafka.client.truststore.jks > //// > my connector.json file look like this: > > //// > { > "name": "mm2-connect-cluster", > "config":{ > "connector.class": "org.apache.kafka.connect.mirror.MirrorSourceConnector", > "connector.client.config.override.policy": "All", > "name": "mm2-connect-cluster", > "topics": "test.*", > "tasks.max": "1", > "source.cluster.alias": "source", > "target.cluster.alias": "target", > "source.cluster.bootstrap.servers": "source:9094", > "target.cluster.bootstrap.servers": "target:9094", > "source->target.enabled": "true", > "target->source.enabled": "false", > "offset-syncs.topic.replication.factor": "4", > "topics.exclude": ".*[\\-\\.]internal, .*\\.replica, > __consumer_offsets", > "groups.blacklist": "console-consumer-.*, connect-.*, __.*", > "topic.creation.enabled": "true", > "topic.creation.default.replication.factor": "4", > "topic.creation.default.partitions": "1" > "key.converter": "org.apache.kafka.connect.json.JsonConverter", > "value.converter": "org.apache.kafka.connect.json.JsonConverter", > "security.protocol": "SSL", > "ssl.truststore.password": > "/home/ec2-user/kafka_2.13-2.7.0/cert/kafka.client.truststore.jks" > } > } > //// > > I would then start up the distributor and it launched fine. So I try to > run the CURl command > > //// > curl -s -X POST -H 'Content-Type: application/json' --data @connector.json > https://localhost:8443/connectors > //// > nada. nothing. no error. no reasons for not starting. > > Is it possible to run MM2 with SSL? If so, can someone point me to a > working example? > > thanks. >
