Question

我尝试连接到http://bluemix.net上的Bluemix Message Hub实例。这个简单的脚本

#!/usr/bin/env python 

from kafka import KafkaProducer 
from kafka.errors import KafkaError 

kafka_brokers_sasl = [
  "kafka01-prod01.messagehub.services.us-south.bluemix.net:9093",
  "kafka02-prod01.messagehub.services.us-south.bluemix.net:9093",
  "kafka03-prod01.messagehub.services.us-south.bluemix.net:9093",
  "kafka04-prod01.messagehub.services.us-south.bluemix.net:9093",
  "kafka05-prod01.messagehub.services.us-south.bluemix.net:9093" ] 
sasl_plain_username = "xxxxxxxxxxxxxxx" 
sasl_plain_password = "xxxxxxxxxxxxxxxxxxxxxxxxx" 
sasl_mechanism = 'SASL_PLAINTEXT' 

producer = KafkaProducer(bootstrap_servers = kafka_brokers_sasl,
                         sasl_plain_username = sasl_plain_username,
                         sasl_plain_password = sasl_plain_password,
                         sasl_mechanism = sasl_mechanism )

以下面的例外结束：

Traceback (most recent call last): 
  File "./test-mh.py", line 12, in <module> 
    producer = KafkaProducer(bootstrap_servers = kafka_brokers_sasl, sasl_plain_username = sasl_plain_username, sasl_plain_password = sasl_plain_password, sasl_mechanism = sasl_mechanism ) 
  File "/usr/local/lib/python2.7/dist-packages/kafka/producer/kafka.py", line 328, in __init__ 
    **self.config) 
  File "/usr/local/lib/python2.7/dist-packages/kafka/client_async.py", line 202, in __init__ 
    self.config['api_version'] = self.check_version(timeout=check_timeout) 
  File "/usr/local/lib/python2.7/dist-packages/kafka/client_async.py", line 791, in check_version 
    raise Errors.NoBrokersAvailable() 
kafka.errors.NoBrokersAvailable: NoBrokersAvailable

我从messagehub服务凭证对象获得了kafka_brokers_sasl，sasl_plain_username和sasl_plain_password。我使用的是kafka-python 1.3.1，它似乎支持SASL身份验证机制。我知道我做错了什么吗？感谢。

Answer 1

Message Hub要求客户端使用TLS 1.2连接进行连接。这意味着通过security_protocol参数为KafkaProducer和ssl.SSLContext指定ssl_context参数 - 因为看起来Python Kafka客户端通过以下方式创建SSLv23上下文默认值。

以下是连接所需的更改：

import ssl
from kafka import KafkaProducer 
from kafka.errors import KafkaError 

kafka_brokers_sasl = [
    "kafka01-prod01.messagehub.services.us-south.bluemix.net:9093",
    "kafka02-prod01.messagehub.services.us-south.bluemix.net:9093",
    "kafka03-prod01.messagehub.services.us-south.bluemix.net:9093",
    "kafka04-prod01.messagehub.services.us-south.bluemix.net:9093",
    "kafka05-prod01.messagehub.services.us-south.bluemix.net:9093" ] 
sasl_plain_username = "xxxxxxxxxxxxxxx" 
sasl_plain_password = "xxxxxxxxxxxxxxxxxxxxxxxxx" 

sasl_mechanism = 'PLAIN'       # <-- changed from 'SASL_PLAINTEXT'
security_protocol = 'SASL_SSL'

# Create a new context using system defaults, disable all but TLS1.2
context = ssl.create_default_context()
context.options &= ssl.OP_NO_TLSv1
context.options &= ssl.OP_NO_TLSv1_1

producer = KafkaProducer(bootstrap_servers = kafka_brokers_sasl,
                         sasl_plain_username = sasl_plain_username,
                         sasl_plain_password = sasl_plain_password,
                         security_protocol = security_protocol,
                         ssl_context = context,
                         sasl_mechanism = sasl_mechanism)

为什么kafka-python无法连接到Bluemix消息中心服务？

1 个答案: