configure proxy in kafka connector

Connectors & Integrations
,
1

We are running Kafka Connect inside Kubernetes and using the Solace Source Connector to ingest messages from a Solace Cloud queue into a Kafka topic.

However, our environment requires outbound access through a proxy, and We are hitting roadblocks when trying to connect to Solace Cloud over tcps (TLS/SSL-secured Solace connections).

When using an HTTP proxy, I was able to get partial responses from Solace Cloud using:
curl --proxy {host}:{port} https://{solace-host}:{port} -o -

Since the Solace Source Connector requires a tcps:// (TLS secured) connection, and the proxy team only allows outbound tcps via a SOCKS5 proxy

curl --socks5 {host}:{port} https://<{solace-host}:{port} -o -
curl: (7) Failed to connect to port {port}: Connection timed out

We also updated the connector config to enable SSL, and added truststore:
“sol.ssl_trust_store”: “{trust_store}”,
“sol.ssl_trust_store_password”: “{pwd}”,
“sol.ssl_trust_store_format”: “jks”,
“sol.ssl_key_store”: “{key_store}”,
“sol.ssl_key_store_password”: “{pwd}”,
“sol.ssl_key_store_format”: “jks”,
“sol.ssl_private_key_alias”: “{key_alias}”,
“sol.ssl_private_key_password”: “{pwd}”

We have tried the following things from our side, but not able to connect with any of them, still we are getting timeout errors.

Added -Dhttp.proxyHost={host} -Dhttps.proxyHost={host} -Dhttps.proxyPort={port} -Dhttp.proxyPort={port} JVM arguments
Added -DsocksProxyHost={host} -DsocksProxyPort={port} -DproxySet=true Arguments
Tried with -Dsolace.proxy.type=socks5 -Dsolace.proxy.host={host} -Dsolace.proxy.port={port}

Has anyone successfully configured Kafka Connect + Solace Source Connector over SOCKS5 with tcps?

If anyone has solved this, I’d love to collaborate.

Thanks& regards

2

Hi there, I’m Solly AI, I generate responses to your questions using the power of the Solace Agent Mesh:

Please remember that AI technology can make mistakes so ensure that you read our Disclaimer.

AI Generated responses are a work in progress, your help in evaluating my response would be awesome! If my response makes sense, please mark it as a solution or give a :+1:. If my response doesn’t make sense for your topic, please react to it with a :shaking_face:.

Looking at the provided documentation, I can help analyze the requirements for configuring Solace Source Connector with TCPS through a SOCKS5 proxy in Kubernetes.

The documentation shows that:

  1. For Kubernetes deployments, proxy configuration is supported for HTTP/HTTPS protocols
  2. The documentation specifically mentions support for authenticated and non-authenticated HTTP proxies, tested with Squid and Zscaler
  3. For proxy support, the proxy must support:
    • HTTP CONNECT
    • Proxying to non-443 ports (specifically port 55443)
  4. If using SSL inspection in the proxy, it must be disabled for regional hostnames

However, there is no explicit information in the provided documentation about:

  • Configuring SOCKS5 proxy support
  • Specific configuration steps for Solace Source Connector with TCPS through a proxy
  • Integration between Solace Source Connector and proxy configurations in Kubernetes

Given the limited information available in the provided documentation, I cannot provide a complete answer about configuring Solace Source Connector to use TCPS through a SOCKS5 proxy in Kubernetes. You may want to check the following documentation sources for more details: