Re: swagger/openapi spec for Kafka-Connect REST API?

2020-05-22 Thread Jun Wang 
I am not aware of any swagger api spec for Kafka connect reset api.
But following 2 resources have enough information for me.

https://kafka.apache.org/documentation/#connect_rest
https://docs.confluent.io/current/connect/references/restapi.html



From: Miguel Silvestre 
Sent: Friday, May 22, 2020 8:06 AM
To: users@kafka.apache.org 
Subject: Re: swagger/openapi spec for Kafka-Connect REST API?

Hi,

I'm also searching for this. If you find it, please let me know.
Thank you.
--
Miguel Silvestre


On Mon, May 18, 2020 at 8:59 AM Aki Yoshida  wrote:

> I am looking for the openapi spec for Kafka-Connect API but I couldn't
> find one. If it is available somewhere, could someone tell me where I
> can find it?
>
> regards, aki
>

Re: ACLs - How To Allow Anyone To Access of A Topic

2020-05-20 Thread Jun Wang 
It turns out that kafka acls support wildcard principal, I missed this in the 
document.

Current ACLs for resource `ResourcePattern(resourceType=TOPIC, name=test3, 
patternType=LITERAL)`:
  (principal=User:*, host=*, operation=ALL, permissionType=ALLOW)

It is good now.



From: Jun Wang 
Sent: Monday, May 18, 2020 2:11 PM
To: users@kafka.apache.org 
Subject: Re: ACLs - How To Allow Anyone To Access of A Topic

I am testing in a dev. environment, maybe it does not make sense in production.

See my detail explanation below and rephrase of the question:

1. I have mixed authenticated and unauthenticated user in the system.

For example:
listeners=PLAINTEXT://localhost:9092,SASL_PLAINTEXT://localhost:9093

Users comes to port 9092 is unauthenticated thus ANONYMOUS;
Users comes to port 9093 is SASL anthenticated.

2. I want fine-grain access control over topic. so I default 
allow.everyone.if.no.acl.found=false

3. I want some topic to be private to certain user and some topic public to 
every one.

|Topic Name |test1 | test2 | test3|
|+--++-|
|ACLs   | Bob  | Alice | Everyone|

The focus is on ALCs  of test3 topic.

Current ACLs for resource `ResourcePattern(resourceType=TOPIC, name=test3, 
patternType=LITERAL)`:
line 1: (principal=User:ANONYMOUS, host=*, operation=ALL, permissionType=ALLOW)
line 2: (principal=User:bob, host=*, operation=ALL, permissionType=ALLOW)  // 
rule for Bob
line 3: (principal=User:alice, host=*, operation=ALL, permissionType=ALLOW)  // 
rule for Alice

I have to set up explicit rule on line 1 to allow Anonymous access. and line 2 
and line 3 for Bob and Alice.

I thought line 1 already covers line 2 and line 3, thus line 2 and line 3 is 
redundant.
Do we need line 2 and line 3 at all?

Thanks
Jun​


From: Andrew Otto 
Sent: Monday, May 18, 2020 11:51 AM
To: users@kafka.apache.org 
Subject: Re: ACLs - How To Allow Anyone To Access of A Topic

If I understand correctly, if your client authenticates, there must be an
ACL for that principal, otherwise it will fail authorization.

If you are going to allow everything anyway, perhaps you don't need to
authenticate?

Re: ACLs - How To Allow Anyone To Access of A Topic

2020-05-18 Thread Jun Wang 
I am testing in a dev. environment, maybe it does not make sense in production.

See my detail explanation below and rephrase of the question:

1. I have mixed authenticated and unauthenticated user in the system.

For example:
listeners=PLAINTEXT://localhost:9092,SASL_PLAINTEXT://localhost:9093

Users comes to port 9092 is unauthenticated thus ANONYMOUS;
Users comes to port 9093 is SASL anthenticated.

2. I want fine-grain access control over topic. so I default 
allow.everyone.if.no.acl.found=false

3. I want some topic to be private to certain user and some topic public to 
every one.

|Topic Name |test1 | test2 | test3|
|+--++-|
|ACLs   | Bob  | Alice | Everyone|

The focus is on ALCs  of test3 topic.

Current ACLs for resource `ResourcePattern(resourceType=TOPIC, name=test3, 
patternType=LITERAL)`:
line 1: (principal=User:ANONYMOUS, host=*, operation=ALL, permissionType=ALLOW)
line 2: (principal=User:bob, host=*, operation=ALL, permissionType=ALLOW)  // 
rule for Bob
line 3: (principal=User:alice, host=*, operation=ALL, permissionType=ALLOW)  // 
rule for Alice

I have to set up explicit rule on line 1 to allow Anonymous access. and line 2 
and line 3 for Bob and Alice.

I thought line 1 already covers line 2 and line 3, thus line 2 and line 3 is 
redundant.
Do we need line 2 and line 3 at all?

Thanks
Jun​


From: Andrew Otto 
Sent: Monday, May 18, 2020 11:51 AM
To: users@kafka.apache.org 
Subject: Re: ACLs - How To Allow Anyone To Access of A Topic

If I understand correctly, if your client authenticates, there must be an
ACL for that principal, otherwise it will fail authorization.

If you are going to allow everything anyway, perhaps you don't need to
authenticate?

ACLs - How To Allow Anyone To Access of A Topic

2020-05-18 Thread Jun Wang 
Hi

I would like to allow anyone to access the a topic even for authenticated user, 
I assume following ACLs should be sufficient.

Current ACLs for resource `ResourcePattern(resourceType=TOPIC, name=test3, 
patternType=LITERAL)`:
(principal=User:ANONYMOUS, host=*, operation=ALL, permissionType=ALLOW)

It works for unauthenticated user, But I got "Not authorized to access topics: 
[test3]"  error for an authenticated User alice,
I have to add specific new rule for User:alice as following in order to get rid 
of the error:

Current ACLs for resource `ResourcePattern(resourceType=TOPIC, name=test3, 
patternType=LITERAL)`:
(principal=User:ANONYMOUS, host=*, operation=ALL, permissionType=ALLOW)
(principal=User:alice, host=*, operation=ALL, permissionType=ALLOW)  //new rule

My be the ALCs is not correct.  please let me know if you have any suggestion.

Thanks
Jun

Re: How actually jdbc sink connetor run

2020-05-11 Thread Jun Wang 
Hi Lei

For my understanding, from the github page you provided.  the 
kafka-connect-jdbc project is licensed under the Confluent Community 
License.

The project has different support channels.

"For more information, check the documentation for the JDBC connector on the 
confluent.io
 website. Questions related to the connector can be asked on Community 
Slack or the Confluent Platform 
Google Group."



From: wangl...@geekplus.com.cn 
Sent: Monday, May 11, 2020 6:10 AM
To: users 
Subject: How actually jdbc sink connetor run

doc:  
https://docs.confluent.io/3.1.1/connect/connect-jdbc/docs/sink_connector.html
github code:  https://github.com/confluentinc/kafka-connect-jdbc

I  glance over the code.
Seems  the actually worker is JdbcSinkTask.  After   put(Collection 
records) It will generate sql and execute it

I  try to implement it using java code instead of  kafka connect configuration.
Receive avro serialized kafka record and sent to  JdbcSinkTask.

Is there any document that will tells me some details or some example code?

Thanks,
Lei



wangl...@geekplus.com.cn

Re: Request for adding into contributors list

2020-05-01 Thread Jun Wang 
Thank You !



From: Matthias J. Sax
Sent: Friday, May 1, 2020 4:29 PM
To: users@kafka.apache.org
Subject: Re: Request for adding into contributors list

Done.

On 5/1/20 11:21 AM, Jun Wang wrote:
> Hi,
>
> Please add my JIRA ID into the contributors list of Apache Kafka.
>
> Here is my JIRA profile:
>
> Username: wj1918
> Full name: Jun Wang
>
> Thanks
>

Request for adding into contributors list

2020-05-01 Thread Jun Wang 
Hi,

Please add my JIRA ID into the contributors list of Apache Kafka.

Here is my JIRA profile:

Username: wj1918
Full name: Jun Wang

Thanks