JavaScript must be enabled to correctly display this content
Connect to Confluent Kafka
Learn to create a connection to Confluent Kafka, which you use with the Confluent Schema Registry connection, to serve as a source or target in an OCI GoldenGate Big Data deployment.
From the OCI GoldenGate Overview page, click
Connections.
You can also click Create Connection under the
Get started section and skip to step 3.
On the Connections page, click Create Connection.
In the Create Connection panel, complete the General Information
fields as follows:
For Name, enter a name for the connection.
(Optional) For Description, enter a description that helps
you distinguish this connection from others.
For Compartment, select the compartment in which to create
the connection.
From the Type dropdown, under Big Data,
select Confluent Kafka.
(Optional) Click Show advanced options to manage keys or add
tags.
Under Security, select one of the following:
Select Use Oracle-managed encryption key to leave all
encryption key management to Oracle.
Select Use customer-managed encryption key to select a
specific encryption key stored in your OCI Vault to encrypt your connection
credentials.
Under Tags, add tags to organize your resources.
Click Next.
Complete the Connection details fields as follows:
Under Bootstrap servers:
Select a Traffic routing
method:
Shared endpoint, to share an
endpoint with the assigned deployment. You must allow connectivity from the
deployment's ingress IP.
Dedicated endpoint, for
network traffic through a dedicated endpoint in the assigned subnet in your VCN.
You must allow connectivity from this connection's ingress IPs. Then, select a subnet from the dropdown.
Enter the Host and
Port number for the Bootstrap server.
Enter the Private IP only if the hostname is not resolvable from
your subnet or if it uses SSL/TLS.
Note:
If you enter a private IP, then OCI GoldenGate rewrites the private IP in the format,
ip-10-0-0-0.ociggsvc.oracle.vcn.com.
Tip:
All nodes in
the cluster must have FQDNs to allow for traversal over
private endpoints.
(Optional) Click + Bootstrap
server to add another bootstrap server.
For Security protocol, select from:
Plaintext
SASL over plaintext, and then provide the Username and
Password.
SASL over SSL, and then provide the Username, Password, and
Truststore and Keystore values as needed.
SSL, and then provide the Truststore and Keystore values as needed.
(Optional) Click Show advanced options.
To capture from Kafka, create a Kafka
Consumer properties file with one of the following deserializers or
converters:
The connection appears in the Connections list, where you can select it
to view its details. Ensure that you also create a connection to Confluent Schema Registry, and then assign both
connections to a Big Data deployment.
From the OCI GoldenGate Overview page, click
Connections.
You can also click Create Connection under the
Get started section and skip to step 3.
On the Connections page, click Create Connection.
In the Create Connection panel, complete the General Information
fields as follows:
For Name, enter a name for the connection.
(Optional) For Description, enter a description that helps
you distinguish this connection from others.
For Compartment, select the compartment in which to create
the connection.
From the Type dropdown, under Big Data,
select Confluent Kafka.
(Optional) Click Show advanced options to manage keys or add
tags.
Under Security, select one of the following:
Select Use Oracle-managed encryption key to leave all
encryption key management to Oracle.
Select Use customer-managed encryption key to select a
specific encryption key stored in your OCI Vault to encrypt your connection
credentials.
Under Tags, add tags to organize your resources.
Click Next.
Complete the Connection details fields as follows:
Under Bootstrap servers:
Select a Traffic routing
method:
Shared endpoint, to share an
endpoint with the assigned deployment. You must allow connectivity from the
deployment's ingress IP.
Dedicated endpoint, for
network traffic through a dedicated endpoint in the assigned subnet in your VCN.
You must allow connectivity from this connection's ingress IPs. Then, select a subnet from the dropdown.
Enter the Host and
Port number for the Bootstrap server.
Enter the Private IP only if the hostname is not resolvable from
your subnet or if it uses SSL/TLS.
Note:
If you enter a private IP, then OCI GoldenGate rewrites the private IP in the format,
ip-10-0-0-0.ociggsvc.oracle.vcn.com.
Tip:
All nodes in
the cluster must have FQDNs to allow for traversal over
private endpoints.
(Optional) Click + Bootstrap
server to add another bootstrap server.
For Security protocol, select from:
Plaintext
SASL over plaintext, and then provide the Username and
Password.
SASL over SSL, and then provide the Username, Password, and
Truststore and Keystore values as needed.
SSL, and then provide the Truststore and Keystore values as needed.
The connection appears in the Connections list, where you can select it
to view its details. Ensure that you also create a connection to Confluent Schema Registry, and then assign both
connections to a Big Data deployment.
Create a connection to Confluent Cloud with
Private Links
Private Link lets you access your Confluent Cloud cluster running on a third party
cloud through a private endpoint that exists in your virtual network.
Before you create the connection, ensure you have the following:
Create private network connectivity between Oracle Cloud Infrastructure (OCI) and
the target third party cloud.
While adding network configuration for private link in Confluent Cloud, ensure that
you select Private DNS Resolution.
Configure DNS zones and set up DNS records in the third party cloud where you
configured Confluent Cloud and in OCI. In OCI, you can create zones within your
VCN's private views. Within zones, you can add the required DNS records.
You can use the instructions above to create the connection, but in place of Steps 5 and
6, do the following:
For Step 5:
Provide the Bootstrap details. You can find the bootstrap details of your
cluster in the Confluent Cloud cluster settings.
Select Network connectivity via private endpoint, and
then select the subnet linked to the third party cloud where Confluent Cloud
runs. Don't enter any private IP addresses.
For Step 6:
For Security protocol, select SASL over
Plaintext.
Enter the username and password.
Troubleshoot Kafka connection errors
Most connection issues result in TimeoutException errors. For example:
A failure occurred sending a message to Kafka to topic [ggstest] org.apache.kafka.common.errors.TimeoutException: Topic ggstest not present in metadata after 60000/120000 ms.
If you encounter this message in your Replicat report file, you can:
Ensure the target topic is present or check that auto topic creation is enabled
within the target Kafka settings.
Ensure that there are no firewall rules blocking traffic.
If you're running Kafka on OCI with a private endpoint, then ensure that you use the
Internal FQDN as the bootstrap server in server.properties and in the Kafka
connection.
If you're connecting to a Confluent Cloud with private endpoints:
Ensure that the DNS zones and DNS records are configured properly in both
OCI and the target third party cloud.
Ensure that the network connection between OCI and the target cloud work
fine.
Test that you can connect to the target Confluent Cloud with OpenSSL
(openssl s_client -connect <bootstrap>) from an OCI
VM running in the same subnet connected to the third party cloud.
Test that you can publish or consume messages from a Kafka client running on
OCI within the same subnet connected to the third party cloud. If it fails,
then check your network settings on both OCI and the third party cloud.