JUNIPER NETWORKS - logoRouting Active Testing Streaming API
Itọsọna

Awọn akoonu tọju
1 Ọrọ Iṣaaju
2 Pariview
3 Àfikún
4 Gbogboogbo
5 Awọn orukọ Kafka Koko
6 Awọn iwe aṣẹ / Awọn orisun
6.1 Awọn itọkasi

Ọrọ Iṣaaju

This guide describes how to extract data from Routing Active Testing via the product’s streaming API.
The API as well as the streaming client are included in the Routing Active Testing installation. However, a bit of configuration is needed before you can use the API. This is covered in the “Configuring the Streaming API” on page 1 chapter.
Ṣiṣeto API ṣiṣanwọle

Pariview

Ori yii ṣe apejuwe bi o ṣe le tunto API ṣiṣanwọle lati gba ṣiṣe alabapin si awọn ifiranṣẹ metiriki nipasẹ Kafka.
Ni isalẹ a yoo lọ nipasẹ:

  • Bi o ṣe le mu API ṣiṣanwọle ṣiṣẹ
  • Bii o ṣe le tunto Kafka lati tẹtisi awọn alabara ita
  • Bii o ṣe le tunto Kafka lati lo awọn ACLs ati ṣeto fifi ẹnọ kọ nkan SSL fun awọn alabara wi

Kini Kafka?
Kafka jẹ iru ẹrọ ṣiṣanwọle iṣẹlẹ ti o fun laaye gbigba akoko gidi ti data ti a firanṣẹ lati oriṣiriṣi awọn orisun iṣẹlẹ (awọn sensọ, awọn apoti isura infomesonu, awọn ẹrọ alagbeka) ni irisi ṣiṣan iṣẹlẹ, bakanna bi ipamọ ti o tọ ti awọn ṣiṣan iṣẹlẹ wọnyi fun igbapada ati ifọwọyi nigbamii.
Pẹlu Kafka o ṣee ṣe lati ṣakoso iṣẹlẹ ṣiṣanwọle ipari-si-opin ni pinpin, iwọn ti o ga julọ, rirọ, ọlọdun ẹbi, ati ọna aabo.
AKIYESI: Kafka can be configured in many different ways and was designed for scalability and redundant systems. This document focuses only on how to configure it to make use of the Streaming API feature found in Routing Active Testing Control Center. For more advanced setups we refer to the official Kafka documentation: kafka.apache.org/26/documentation.html.
Itumọ ọrọ

  • Kafka: Syeed-sisanwọle iṣẹlẹ.
  • Kafka koko: Gbigba ti awọn iṣẹlẹ.
  • Alabapin Kafka/olumulo: Ẹka ti o ni iduro fun igbapada awọn iṣẹlẹ ti o fipamọ sinu koko Kafka kan.
  • Kafka alagbata: Ibi ipamọ Layer olupin ti a Kafka iṣupọ.
  • SSL/TLS: SSL jẹ ilana aabo ti o dagbasoke fun fifiranṣẹ alaye ni aabo lori Intanẹẹti. TLS jẹ arọpo ti SSL, ti a ṣe ni 1999.
  • SASL: Ilana ti o pese awọn ọna ṣiṣe fun ijẹrisi olumulo, ṣayẹwo iyege data, ati fifi ẹnọ kọ nkan.
  • Streaming API subscriber: Component responsible for retrieval of events stored in topics defined in Routing Active Testing and meant for external access.
  • Alaṣẹ Iwe-ẹri: Ohun kan ti o ni igbẹkẹle ti o funni ati fagile awọn iwe-ẹri bọtini gbangba.
  • Ijẹrisi root Aṣẹ Aṣẹ: Ijẹrisi bọtini gbangba ti o ṣe idanimọ Alaṣẹ ijẹrisi kan.

Bawo ni API ṣiṣanwọle Nṣiṣẹ
Gẹgẹbi a ti sọ tẹlẹ, API ṣiṣanwọle ngbanilaaye awọn alabara ita lati gba alaye nipa awọn metiriki lati Kafka.
Gbogbo awọn metiriki ti a gba nipasẹ Awọn aṣoju Idanwo lakoko idanwo tabi iṣẹ ṣiṣe ibojuwo ni a firanṣẹ si iṣẹ ṣiṣan.
Lẹhin ipele processing kan, iṣẹ ṣiṣan ṣe atẹjade awọn metiriki wọnyẹn lori Kafka papọ pẹlu awọn metadata afikun.
Awọn koko-ọrọ Kafka
Kafka has the concept of topics to which all data is published. In Routing Active Testing there are many such Kafka topics available; however, only a subset of these are meant for external access.
Each Routing Active Testing account in Control Center has two dedicated topics. Below, ACCOUNT is the account short name:

  • paa.gbangba.iroyin.{ACCOUNT}.metrics
  • Gbogbo awọn ifiranṣẹ metiriki fun akọọlẹ ti a fun ni a gbejade si koko yii
  • Ti o tobi oye akojo ti data
  • Igbohunsafẹfẹ imudojuiwọn giga
  • paa.accounts.{ACCOUNT}.metadata
  • Ni metadata ti o ni ibatan si data metiriki, fun example idanwo, atẹle tabi Aṣoju Idanwo ti o ni nkan ṣe pẹlu awọn metiriki
  • Awọn iwọn kekere ti data
  • Igbohunsafẹfẹ imudojuiwọn kekere

Ṣiṣẹda API ṣiṣanwọle
AKIYESI: These instructions are to be run on the Control Center server using sudor.
Niwọn igba ti API ṣiṣanwọle n ṣafikun diẹ si oke si Ile-iṣẹ Iṣakoso, ko ṣiṣẹ nipasẹ aiyipada. Lati mu API ṣiṣẹ, a gbọdọ kọkọ ṣiṣẹ titẹjade awọn metiriki si Kafka ni iṣeto akọkọ file:

  • /etc/netrounds/netrounds.conf

KAFKA_METRICS_ENABLED = Otitọ
KAFKA_PUBLISH_METADATA_FOR_STREAMS = True

Aami Ikilọ Ina IKILO: Ṣiṣe ẹya ara ẹrọ yii le ni ipa lori iṣẹ ṣiṣe Ile-iṣẹ Iṣakoso. Rii daju pe o ti ṣe iwọn apẹẹrẹ rẹ ni ibamu.
Nigbamii, lati jẹ ki fifiranṣẹ siwaju awọn metiriki wọnyi si awọn koko-ọrọ Kafka ti o pe:

  • /etc/netrounds/metrics.yaml

sisanwọle-api: otitọ
Lati mu ṣiṣẹ ati bẹrẹ awọn iṣẹ API ṣiṣanwọle, ṣiṣe:

  • awọn iṣẹ sudo ncc ṣiṣẹ awọn metiriki timescaledb
  • awọn iṣẹ sudo ncc bẹrẹ awọn metiriki timescaledb

Ni ipari, tun bẹrẹ awọn iṣẹ:

  • awọn iṣẹ sudo ncc tun bẹrẹ

AKIYESI: The KAFKA_PUBLISH_RESOURCES setting has been deprecated. It should be removed from your configuration. Use KAFKA_PUBLISH_METADATA_FOR_STREAMS = True instead.
Ijerisi pe API ṣiṣanwọle Nṣiṣẹ ni Ile-iṣẹ Iṣakoso
AKIYESI: Awọn ilana wọnyi ni lati ṣiṣẹ lori olupin Ile-iṣẹ Iṣakoso.
You can now verify that you are receiving metrics on the correct Kafka topics. To do so, install the Kafka cat utility:

  • sudo apt-gba imudojuiwọn
  • sudo apt-gba fi sori ẹrọ kafkacat

If you have a test or monitor running in Control Center, you should be able to use Kafka cat to receive metrics and metadata on these topics.
Ropo myaccount pẹlu orukọ kukuru ti akọọlẹ rẹ (eyi ni ohun ti o rii ninu Ile-iṣẹ Iṣakoso rẹ URL):

  • okeere METRICS_TOPIC=paa.public.accounts.myaccount.metrics
  • okeere METADATA_TOPIC=paa.public.accounts.myaccount.metadata

O yẹ ki o wo awọn metiriki bayi nipa ṣiṣe aṣẹ yii:

  • kafkacat -b ${KAFKA_FQDN}:9092 -t ${METRICS_TOPIC} -C -e

Si view metadata, ṣiṣe aṣẹ wọnyi (ṣe akiyesi pe eyi kii yoo ṣe imudojuiwọn bi igbagbogbo):

  • kafkacat -b ${KAFKA_FQDN}:9092 -t ${METADATA_TOPIC} -C -e

AKIYESI: This is just a sanity check to make sure things are being published correctly. The data you see being published will be in binary form, which kafkacat will not decode by default. For properly subscribing to these topics, please see the “Client Examples” on page 13 section.
Eyi jẹri pe a ni API ṣiṣanwọle ti n ṣiṣẹ lati inu Ile-iṣẹ Iṣakoso. Sibẹsibẹ, o ṣeese julọ o nifẹ si iraye si data lati ọdọ alabara ita dipo. Abala ti o tẹle ṣe apejuwe bi o ṣe le ṣii Kafka fun iraye si ita.
Nsii Up Kafka fun Ita Ogun
AKIYESI: Awọn ilana wọnyi ni lati ṣiṣẹ lori olupin Ile-iṣẹ Iṣakoso.
Nipa aiyipada Kafka nṣiṣẹ lori Ile-iṣẹ Iṣakoso ti tunto lati gbọ nikan lori localhost fun lilo inu.
O ṣee ṣe lati ṣii Kafka fun awọn alabara ita nipasẹ iyipada awọn eto Kafka.
Nsopọ si Kafka: Caveats
Aami Ikilọ IKIRA: Jọwọ ka eyi ni pẹkipẹki, nitori o rọrun lati ṣiṣe sinu awọn ọran asopọ pẹlu Kafka ti o ko ba loye awọn imọran wọnyi.
Ninu iṣeto Ile-iṣẹ Iṣakoso ti a ṣalaye ninu iwe yii, alagbata Kafka kan ṣoṣo wa.
Sibẹsibẹ, ṣe akiyesi pe alagbata Kafka kan ni itumọ lati ṣiṣẹ gẹgẹbi apakan ti iṣupọ Kafka eyiti o le ni ọpọlọpọ awọn alagbata Kafka.
Nigbati o ba n sopọ si alagbata Kafka kan, asopọ ibẹrẹ ti ṣeto nipasẹ alabara Kafka. Lori asopọ yii, alagbata Kafka yoo pada akojọ kan ti "awọn olutẹtisi ti a kede", eyi ti o jẹ akojọ awọn alagbata Kafka kan tabi diẹ sii.
Lori gbigba atokọ yii, alabara Kafka yoo ge asopọ, lẹhinna tun sopọ si ọkan ninu awọn olutẹtisi ipolowo wọnyi. Awọn olutẹtisi ti o polowo gbọdọ ni awọn orukọ igbalejo tabi adirẹsi IP ti o wa si alabara Kafka, tabi alabara yoo kuna lati sopọ.
Ti o ba ti lo fifi ẹnọ kọ nkan SSL, ti o kan ijẹrisi SSL kan eyiti o so mọ orukọ agbalejo kan, paapaa ṣe pataki diẹ sii ki alabara Kafka gba adirẹsi ti o pe lati sopọ si, nitori bibẹẹkọ asopọ le jẹ kọ.
Ka diẹ sii nipa awọn olutẹtisi Kafka nibi: www.confluent.io/blog/kafka-listeners-explained
SSL/TLS ìsekóòdù
Lati rii daju pe awọn alabara ti o ni igbẹkẹle nikan ni a gba laaye lati wọle si Kafka ati API ṣiṣanwọle, a gbọdọ tunto atẹle naa:

  • Ijeri: Awọn alabara gbọdọ pese orukọ olumulo ati ọrọ igbaniwọle nipasẹ asopọ aabo SSL/TLS laarin alabara ati Kafka.
  • Aṣẹ: Awọn alabara ti o ni ifọwọsi le ṣe awọn iṣẹ ṣiṣe ti ofin nipasẹ ACLs.

Eyi jẹ ipariview:
Lati loye ni kikun bi fifi ẹnọ kọ nkan SSL/TLS ṣiṣẹ fun Kafka, jọwọ tọka si iwe aṣẹ osise: docs.confluent.io/platform/current/kafka/encryption.html
Iwe-ẹri SSL/TLS Pariview
AKIYESI: Ninu abala yii a yoo lo awọn ọrọ-ọrọ wọnyi:
Iwe-ẹri: Iwe-ẹri SSL ti o fowo si nipasẹ Alaṣẹ Ijẹrisi (CA). Oluṣowo Kafka kọọkan ni ọkan.
Keyystore: Ile itaja file ti o tọju iwe-ẹri naa. Ile-itaja bọtini file ni bọtini ikọkọ ti ijẹrisi naa; nitorina, o nilo lati wa ni ipamọ lailewu.
Ile itaja: A file ti o ni awọn iwe-ẹri CA ti o gbẹkẹle.
Lati ṣeto ijẹrisi laarin alabara ita ati Kafka ti n ṣiṣẹ ni Ile-iṣẹ Iṣakoso, awọn ẹgbẹ mejeeji gbọdọ ni keyystore ti a ṣalaye pẹlu ijẹrisi ti o jọmọ ti o fowo si nipasẹ Alaṣẹ Ijẹrisi (CA) papọ pẹlu ijẹrisi gbongbo CA.
Ni afikun si eyi, alabara gbọdọ tun ni ile-itaja igbẹkẹle pẹlu ijẹrisi root CA.
Iwe ijẹrisi root CA jẹ wọpọ si alagbata Kafka ati alabara Kafka.
Ṣiṣẹda Awọn iwe-ẹri ti a beere
Èyí wà nínú “Àfikún” ní ojú ìwé 16.
Kafka alagbata SSL/TLS iṣeto ni ni Iṣakoso ile-iṣẹ
AKIYESI: Awọn ilana wọnyi ni lati ṣiṣẹ lori olupin Ile-iṣẹ Iṣakoso.
AKIYESI: Before continuing, you must create the keystone which contains the SSL certificate by following the instructions in the “Appendix” on page 16. The paths mentioned below come from these instructions. The SSL keystore is a file ti o ti fipamọ lori disk pẹlu awọn file itẹsiwaju .jks.
Ni kete ti o ba ni awọn iwe-ẹri ti o nilo fun mejeeji alagbata Kafka ati alabara Kafka ti o wa, o le tẹsiwaju nipa atunto alagbata Kafka ti n ṣiṣẹ ni Ile-iṣẹ Iṣakoso. O nilo lati mọ awọn wọnyi:

  • : Orukọ ile-iṣẹ gbogbogbo ti Ile-iṣẹ Iṣakoso; eyi gbọdọ jẹ atunṣe ati wiwọle nipasẹ awọn onibara Kafka.
  • : Ọrọ igbaniwọle ibi ipamọ ti a pese nigba ṣiṣẹda ijẹrisi SSL.
  • ati : Iwọnyi ni awọn ọrọ igbaniwọle ti o fẹ ṣeto fun alabojuto ati olumulo alabara lẹsẹsẹ. Ṣe akiyesi pe o le ṣafikun awọn olumulo diẹ sii, gẹgẹ bi itọkasi ninu example.

Edit or append (with sudo access) the properties below in /etc/kafka/server.properties, inserting the above
variables as shown:
Aami Ikilọ Ina IKILO: Maṣe yọ PLAINTEXT: // localhost:9092; eyi yoo fọ iṣẹ ṣiṣe Ile-iṣẹ Iṣakoso nitori awọn iṣẹ inu kii yoo ni anfani lati baraẹnisọrọ.

# Awọn adirẹsi ti alagbata Kafka tẹtisi.
awọn olutẹtisi=PLAINTEXT://localhost:9092,SASL_SSL://0.0.0.0:9093
# Iwọnyi jẹ awọn agbalejo ti a kede pada si eyikeyi asopọ alabara.
advertised.listeners=PLAINTEXT://localhost:9092,SASL_SSL:// :9093
… ####### CUSTOM CONFIG
# SSL atunto
ssl.endpoint.identification.algorithm=
ssl.keystore.location=/var/ssl/private/kafka.server.keystore.jks
ssl.keystore.ọrọigbaniwọle =
ssl.key.ọrọigbaniwọle =
ssl.client.auth=ko si
ssl.protocol=TLSv1.2
# SASL iṣeto ni
sasl.enabled.mechanisms=PLAIN
olutẹtisi.name.sasl_ssl.plain.sasl.jaas.config=org.apache.kafka.common.security.plain.PlainLoginMo
dule beere \
oruko olumulo=”abojuto” \
ọrọigbaniwọle =" ” \
User:admin=”<admin_pwd>” \
user client=”<client_pwd>”;
# AKIYESI awọn olumulo diẹ sii le ṣafikun pẹlu olumulo_ =
# Aṣẹ, tan ACLs
authorizer.class.name=kafka.security.authorizer.AclAuthorizer
superusers=User:admin
Ṣiṣeto Awọn atokọ Iṣakoso Wiwọle (ACLs)
Titan-an ACLs lori localhost
Aami Ikilọ Ina  IKILO: A gbọdọ kọkọ ṣeto awọn ACLs fun localhost, ki Ile-iṣẹ Iṣakoso funrararẹ tun le wọle si Kafka. Ti a ko ba ṣe eyi, awọn nkan yoo fọ.
######### Awọn titẹ sii ACLs fun awọn olumulo ailorukọ
/usr/lib/kafka/bin/kafka-acls.sh \
–authorizer kafka.security.authorizer.AclAuthorizer \
–authorizer-properties zookeeper.connect=localhost:2181 \
–add –allow-principal User: ANONYMOUS –allow-host 127.0.0.1 –cluster
/usr/lib/kafka/bin/kafka-acls.sh \
–authorizer kafka.security.authorizer.AclAuthorizer \
–authorizer-properties zookeeper.connect=localhost:2181 \
–fi –allow-olumulo akọkọ:ANONYMOUS –allow-ogun 127.0.0.1 –koko ‘*'
/usr/lib/kafka/bin/kafka-acls.sh \
–authorizer kafka.security.authorizer.AclAuthorizer \
–authorizer-properties zookeeper.connect=localhost:2181 \
–add –allow-principal User: ANONYMOUS –allow-host 127.0.0.1 –group ‘*’
Lẹhinna a nilo lati mu awọn ACL ṣiṣẹ fun iraye si kika-nikan, ki awọn olumulo ita le gba ọ laaye lati ka awọn koko paa.public.*.
AKIYESI: Fun iṣakoso didara-dara diẹ sii, jọwọ tọka si iwe aṣẹ Kafka osise.
######### Awọn titẹ sii ACLs fun awọn olumulo ita
/usr/lib/kafka/bin/kafka-acls.sh \
–authorizer kafka.security.authorizer.AclAuthorizer \
–authorizer-properties zookeeper.connect=localhost:2181 \
–add –allow-principal User:* –iṣẹ ka –apejuwe isẹ \
-ẹgbẹ 'NCC'
/usr/lib/kafka/bin/kafka-acls.sh \
–authorizer kafka.security.authorizer.AclAuthorizer \
–authorizer-properties zookeeper.connect=localhost:2181 \
–add –allow-principal User:* –iṣẹ ka –apejuwe isẹ \
– koko paa.gbangba. –oro-apẹẹrẹ-iru iru-iṣaaju
Ni kete ti o ba ṣe eyi, o nilo lati tun awọn iṣẹ naa bẹrẹ:
awọn iṣẹ sudo ncc tun bẹrẹ
Lati rii daju pe alabara le fi idi asopọ to ni aabo mulẹ, ṣiṣe aṣẹ atẹle yii lori kọnputa alabara ita (kii ṣe lori olupin Ile-iṣẹ Iṣakoso). Ni isalẹ, PUBLIC_HOSTNAME ni orukọ agbalejo Ile-iṣẹ Iṣakoso:
openssl s_client -debug -so ${PUBLIC_HOSTNAME}:9093 -tls1_2 | grep “Idunadura to ni aabo WA ni atilẹyin”
Ninu iṣelọpọ aṣẹ o yẹ ki o wo ijẹrisi olupin bi atẹle:
Idunadura to ni aabo WA ni atilẹyin
Lati rii daju pe awọn iṣẹ inu ti ni iraye si olupin Kafka, jọwọ ṣayẹwo akọọlẹ atẹle naafiles:

  • /var/log/kafka/server.log
  • /var/log/kafka/kafka-authorizer.log

Ifọwọsi Asopọmọra Onibara Ita
kafkacat
AKIYESI: Awọn ilana wọnyi ni lati ṣiṣẹ lori kọnputa alabara (kii ṣe lori olupin Ile-iṣẹ Iṣakoso).
AKIYESI: Lati ṣafihan alaye awọn metiriki, rii daju pe o kere ju atẹle kan n ṣiṣẹ ni Ile-iṣẹ Iṣakoso.
Lati jẹrisi ati fọwọsi isopọmọ gẹgẹbi alabara itagbangba, o ṣee ṣe lati lo ohun elo kafkacat eyiti o ti fi sii ni apakan “Ijeri Wipe API ṣiṣan Nṣiṣẹ ni Ile-iṣẹ Iṣakoso” ni oju-iwe 4.
Ṣe awọn igbesẹ wọnyi:
AKIYESI: Ni isalẹ, CLIENT_USER ni olumulo ti a sọ tẹlẹ ninu file /etc/kafka/ server.properties in Control Center: namely, user_client and the password set there. The CA root certificate used to sign the server side SSL certificate must be present on the client.
Ṣẹda a file client.properties pẹlu akoonu wọnyi:
security.protocol=SASL_SSL
ssl.ca.location={PATH_TO_CA_CERT}
sasl.mechanisms=PLAIN
sasl.username={CLIENT_USER}
sasl.password={CLIENT_PASSWORD}
ibo

  • {PATH_TO_CA_CERT} ni ibi ijẹrisi root CA ti alagbata Kafka lo
  • {CLIENT_USER} ati {CLIENT_PASSWORD} ni iwe eri olumulo fun onibara.
  • Ṣiṣe aṣẹ atẹle lati wo ifiranṣẹ ti o jẹ nipasẹ kafkacat:

okeere KAFKA_FQDN =
okeere METRICS_TOPIC=paa.public.accounts. .metiriki
kafkacat -b ${KAFKA_FQDN}:9093 -F client.properties -t ${METRICS_TOPIC} -C -e
nibiti {METRICS_TOPIC} ti jẹ orukọ koko-ọrọ Kafka pẹlu ìpele “paa.public.”.
AKIYESI: Awọn ẹya agbalagba ti kafkacat ko pese aṣayan -F fun kika awọn eto alabara lati a file. Ti o ba nlo iru ẹya kan, o gbọdọ pese awọn eto kanna lati laini aṣẹ bi a ṣe han ni isalẹ.
kafkacat -b ${KAFKA_FQDN}:9093 \
-X security.protocol=SASL_SSL \
-X ssl.ca.location={PATH_TO_CA_CERT} \
-X sasl.mechanisms=PLAIN \
-X sasl.orukọ olumulo={CLIENT_USER} \
-X sasl.password={CLIENT_PASSWORD} \
-t ${METRICS_TOPIC} -C -e
Lati ṣatunṣe asopọ, o le lo aṣayan -d:
Ṣatunkọ awọn ibaraẹnisọrọ olumulo
kafkacat -d olumulo -b ${KAFKA_FQDN}:9093 -F client.properties -t ${METRICS_TOPIC} -C -e
# Ṣatunkọ awọn ibaraẹnisọrọ alagbata
kafkacat -d alagbata -b ${KAFKA_FQDN}:9093 -F client.properties -t ${METRICS_TOPIC} -C -e
Rii daju lati tọka si iwe fun ile-ikawe alabara Kafka ti o wa ni lilo, nitori awọn ohun-ini le yato si awọn ti o wa ni client.properties.
Ifiranṣẹ kika
The messages used for the metrics and metadata topics are serialized in the Protocol buffers (protobuf)format (see developers.google.com/protocol-buffers). Awọn eto fun awọn ifiranṣẹ wọnyi faramọ ọna kika atẹle:
Metiriki Protobuf Ero
sintasi = "proto3";
gbe wọle "google/protobuf/timestamp.proto”;
package paa.streamingapi;
aṣayan go_package = ".;paa_streamingapi";
Awọn Metiriki ifiranṣẹ {
google.protobuf.Timestamp igbaamp = 1;
maapu iye = 2;
int32 ṣiṣan_id = 3;
}
/**
* Iwọn metiriki le jẹ boya odidi kan tabi leefofo loju omi.
*/
ifiranṣẹ MetricValue {
ọkan ninu iru {
int64 int_val = 1;
leefofo float_val = 2;
}
}
Metadata Protobuf Schema
sintasi = "proto3";
package paa.streamingapi;
aṣayan go_package = ".;paa_streamingapi";
Metadata ifiranṣẹ {
int32 ṣiṣan_id = 1;
okun stream_name = 2;
maapu tags = 13;
}
Onibara Examples
AKIYESI: Awọn aṣẹ wọnyi jẹ ipinnu lati ṣiṣẹ lori alabara ita, fun example rẹ laptop tabi iru, ati ki o ko ni Iṣakoso ile-iṣẹ.
AKIYESI: Lati ṣafihan alaye awọn metiriki, rii daju pe o kere ju ọkan atẹle n ṣiṣẹ ni Ile-iṣẹ Iṣakoso.
Bọọlu ile-iṣẹ Iṣakoso pẹlu ibi ipamọ paa-sisanwọle-api-client-examples.tar.gz (onibara-examples), eyiti o ni example Python akosile nfihan bi o ṣe le lo API ṣiṣanwọle.
Fifi sori ẹrọ ati Iṣeto Onibara Examples
O ri client-examples in the Routing Active Testing Control Center folder:
okeere CC_VERSION = 4.6.0
cd ./paa-control-center_${CC_VERSION}
ls paa-sisanwọle-api-client-examples*
Lati fi sori ẹrọ client-examples lori kọnputa alabara ita rẹ, tẹsiwaju bi atẹle:
# Ṣẹda itọsọna fun yiyọ akoonu ti alabara examples tarball
mkdir paa-sisanwọle-api-onibara-examples
# Jade akoonu ti alabara examples tarball
tar xzf paa-sisanwọle-api-client-examples.tar.gz -C paa-sisanwọle-api-onibara-examples
# Lọ si itọsọna tuntun ti a ṣẹda
cd paa-sisanwọle-api-client-examples
onibara-examples nilo Docker lati ṣiṣẹ. Awọn igbasilẹ ati awọn ilana fifi sori ẹrọ fun Docker ni a le rii ni https://docs.docker.com/engine/install.
Lilo Client Examples
Onibara-examples irinṣẹ le ṣiṣe ni boya ipilẹ tabi to ti ni ilọsiwaju mode lati kọ Mofiamples ti orisirisi complexity. Ni igba mejeeji, o jẹ tun ṣee ṣe lati ṣiṣe awọn Mofiamples pẹlu kan iṣeto ni file ti o ni awọn ohun-ini afikun fun isọdi siwaju ti ẹgbẹ alabara.
Ipilẹ Ipo
Ni ipo ipilẹ, awọn metiriki ati metadata wọn jẹ ṣiṣan lọtọ. Ni ipari yii, alabara tẹtisi koko Kafka kọọkan ti o wa fun iraye si ita ati tẹ awọn ifiranṣẹ ti o gba wọle nirọrun si console.
Lati bẹrẹ ipaniyan ti ipilẹ examples, ṣiṣe:
./build.sh run-ipilẹ –kafka-brokers localhost:9092 –iroyin ACCOUNT_SHORTNAME
nibiti ACCOUNT_SHORTNAME jẹ orukọ kukuru ti akọọlẹ ti o fẹ gba awọn metiriki lati.
Lati fopin si ipaniyan ti example, tẹ Ctrl + C. (Idaduro diẹ le wa ṣaaju ki ipaniyan duro nitori pe alabara n duro de iṣẹlẹ akoko kan.)
Ipo to ti ni ilọsiwaju
AKIYESI: Awọn wiwọn jẹ afihan nikan fun awọn diigi HTTP nṣiṣẹ ni Ile-iṣẹ Iṣakoso.
Iṣiṣẹ ni ipo ilọsiwaju fihan ibamu laarin awọn metiriki ati awọn ifiranṣẹ metadata. Eyi ṣee ṣe ọpẹ si wiwa ninu ifiranṣẹ metiriki kọọkan ti aaye id ṣiṣan eyiti o tọka si ifiranṣẹ metadata ti o baamu.
Lati ṣiṣẹ awọn to ti ni ilọsiwaju examples, ṣiṣe:
./build.sh sure-to ti ni ilọsiwaju –kafka-brokers localhost:9092 –account ACCOUNT_SHORTNAME
nibiti ACCOUNT_SHORTNAME jẹ orukọ kukuru ti akọọlẹ ti o fẹ gba awọn metiriki lati.
Lati fopin si ipaniyan ti example, tẹ Ctrl + C. (Idaduro diẹ le wa ṣaaju ki ipaniyan duro nitori pe alabara n duro de iṣẹlẹ akoko kan.)
Afikun Eto
O ti wa ni ṣee ṣe lati ṣiṣe awọn examples pẹlu iṣeto ni afikun ti alabara nipa lilo –config-file aṣayan atẹle nipa a file orukọ ti o ni awọn ohun-ini ninu bọtini fọọmu = iye.
./build.sh run-advanced \
–kafka-brokers localhost:9092 \
-iroyin ACCOUNT_SHORTNAME \
– atunto-file client_config.properties
AKIYESI: Gbogbo fileAwọn itọkasi ni aṣẹ ti o wa loke gbọdọ wa ni itọsọna lọwọlọwọ ati tọka nipa lilo awọn ọna ibatan nikan. Eyi kan mejeeji si –config-file ariyanjiyan ati si gbogbo awọn titẹ sii ni iṣeto ni file ti o se apejuwe file awọn ipo.
Ifọwọsi Ijeri Onibara Ita
Lati fọwọsi ijẹrisi alabara lati ita Ile-iṣẹ Iṣakoso ni lilo alabara-examples, ṣe awọn igbesẹ wọnyi:

  • From the Routing Active Testing Control Center folder, switch to the paa-streaming-api-client-examples folda:
    cd paa-sisanwọle-api-client-examples
  • Da ca-cert ijẹrisi root root sinu itọsọna lọwọlọwọ.
  • Ṣẹda client.properties file pẹlu akoonu wọnyi:
    security.protocol=SASL_SSL
    ssl.ca.location=ca-cert
    sasl.mechanism=PLAIN
    sasl.username={CLIENT_USER}
    sasl.password={CLIENT_PASSWORD}
    nibiti {CLIENT_USER} ati {CLIENT_PASSWORD} ti jẹ ẹri olumulo fun alabara.
  • Ṣiṣe awọn ipilẹ example:
    okeere KAFKA_FQDN =
    ./build.sh run-basic –kafka-brokers ${KAFKA_FQDN}:9093 \
    -iroyin ACCOUNT_SHORTNAME
    – atunto-file klient.ohun-ini
    nibiti ACCOUNT_SHORTNAME jẹ orukọ kukuru ti akọọlẹ ti o fẹ gba awọn metiriki lati.
  • Ṣiṣe awọn ilọsiwaju example:
    okeere KAFKA_FQDN =
    ./build.sh run-advanced –kafka-brokers ${KAFKA_FQDN}:9093 \
    -iroyin ACCOUNT_SHORTNAME
    – atunto-file klient.ohun-ini

Àfikún

Ni afikun yii a ṣe apejuwe bi o ṣe le ṣẹda:

  • ibi-itaja kan file fun titoju Kafka alagbata SSL ijẹrisi
  • ile itaja kan file fun titoju ijẹrisi root Aṣẹ Aṣẹ (CA) ti a lo lati fowo si ijẹrisi alagbata Kafka.

Ṣiṣẹda Iwe-ẹri alagbata Kafka kan
Ṣiṣẹda Iwe-ẹri Lilo Alaṣẹ Ijẹrisi Gidi kan (Ṣiṣeduro)
A gba ọ niyanju pe ki o gba ijẹrisi SSL gidi lati ọdọ CA ti o gbẹkẹle.
Ni kete ti o ba ti pinnu lori CA kan, daakọ ijẹrisi root CA-cert wọn file si ọna ti ara rẹ bi a ṣe han ni isalẹ:
okeere CA_PATH=~/mi-ca
mkdir ${CA_PATH}
cp ca-cert ${CA_PATH}
Ṣẹda Aṣẹ Iwe-ẹri tirẹ
AKIYESI: Ni deede o yẹ ki o ni ijẹrisi rẹ ti fowo si nipasẹ Alaṣẹ Ijẹrisi gidi kan; wo apakan ti o ti kọja. Ohun ti wọnyi jẹ o kan ohun Mofiample.
Nibi a ṣẹda ijẹrisi root Aṣẹ Ijẹrisi tiwa (CA). file wulo fun awọn ọjọ 999 (kii ṣe iṣeduro ni iṣelọpọ):
# Ṣẹda itọsọna kan fun titoju CA
okeere CA_PATH=~/mi-ca
mkdir ${CA_PATH}
# Ṣẹda ijẹrisi CA
openssl req -new -x509 -keyout ${CA_PATH}/ca-key-out ${CA_PATH}/ca-cert -days 999
Ṣiṣẹda Onibara Truststore
Bayi o le ṣẹda ile itaja kan file ti o ni awọn ca-cert ti ipilẹṣẹ loke. Eyi file will be needed by the Kafka client that will access the Streaming API: keytool -keystore kafka.client.truststore.jks \
inagijẹ CARoot \
- agbewọle agbewọle -file ${CA_PATH}/ca-cert
Ni bayi pe ijẹrisi CA wa ni ile-itaja igbẹkẹle, alabara yoo gbẹkẹle eyikeyi ijẹrisi ti o fowo si.
O yẹ ki o daakọ naa file kafka.client.truststore.jks si ipo ti a mọ lori kọnputa alabara rẹ ki o tọka si ninu awọn eto.
Ṣiṣẹda Keyystore fun Alagbata Kafka
Lati ṣe ipilẹṣẹ ijẹrisi SSL alagbata Kafka ati lẹhinna keystore kafka.server.keystore.jks, tẹsiwaju bi atẹle:
Ṣiṣẹda ijẹrisi SSL
Use these commands to generate the SSL certificate. Below, 999 is the number of days of validity of the keystore.
sudo mkdir -p /var/ssl/ikọkọ
sudo chown -R $ USER: /var/ssl/ikọkọ
cd /var/ssl/ikọkọ
export CC_IP=<Control Center IP>
keytool -keystore kafka.server.keystore.jks \
-olupin inagijẹ \
-wulo 999 \
-genkey -keyalg RSA -ext SAN=ip:${CC_IP}
To verify the SSL certificate, you can use the following command:
keytool -v -list -keystore kafka.server.keystore.jks -alias server
You should ensure that the port 9093 is accessible from external clients.
Ṣẹda ibeere ibuwọlu ijẹrisi ati tọju rẹ sinu file ti a npè ni ijẹrisi-olupin-ibeere:
keytool -keystore kafka.server.keystore.jks \
-olupin inagijẹ \
-certreq \
-file ijẹrisi-olupin-ibeere
O yẹ ki o firanṣẹ bayi file ibeere ijẹrisi-olupin si Alaṣẹ Iwe-ẹri rẹ (CA) ti o ba nlo ọkan gidi kan. Wọn yoo da iwe-ẹri ti o fowo si pada. A yoo tọka si eyi bi ijẹrisi-olupin ti o fowo si ni isalẹ.
Wíwọlé Iwe-ẹri SSL Lilo Iwe-ẹri CA ti ara ẹni ti o ṣẹda
AKIYESI: Lẹẹkansi, lilo CA tirẹ ko ṣe iṣeduro ni eto iṣelọpọ kan.
Wole iwe-ẹri nipa lilo CA nipasẹ awọn file ijẹrisi-olupin-ibeere, eyiti o ṣe agbejade iwe-ẹri ti o fowo si ijẹrisi olupin-fọwọsi. Wo isalẹ; ca-ọrọigbaniwọle jẹ ọrọ igbaniwọle ṣeto nigbati o ṣẹda ijẹrisi CA.
cd /var/ssl/ikọkọ
opensl x509 -req \

  • -CA ${CA_PATH}/ca-cert \
  • -CAkey ${CA_PATH}/bọtini-ca-\
  • -ninu ijẹrisi-olupin-ibeere \
  • -jade ijẹrisi-olupin-fọwọsi \
  • -days 999 -CAcreateserial \
  • -passin pass: {ca-password}

Gbigbe Iwe-ẹri Ibuwọlu wọle sinu Keyystore
Ṣe agbewọle ijẹrisi root ca-cert sinu ibi-itaja bọtini:
keytool -keystore kafka.server.keystore.jks \
inagijẹ ca-cert \
- gbe wọle \
-file ${CA_PATH}/ca-cert
Ṣe agbewọle ijẹrisi ti o fowo si ti a tọka si bi olupin-fọwọsi ijẹrisi:
keytool -keystore kafka.server.keystore.jks \
-olupin inagijẹ \
- gbe wọle \
-file ijẹrisi-olupin-wole
Awọn file kafka.server.keystore.jks yẹ ki o daakọ si ipo ti a mọ lori olupin Ile-iṣẹ Iṣakoso, ati lẹhinna tọka si /etc/kafka/server.properties.
Lilo API ṣiṣanwọle

Gbogboogbo

API ṣiṣanwọle n ṣe idanwo mejeeji ati atẹle data. Ko ṣee ṣe lati ya ọkan ninu awọn ẹka wọnyi.
API ṣiṣanwọle ko gba data lati awọn idanwo ti o da lori iwe afọwọkọ (awọn ti o jẹ aṣoju nipasẹ igun onigun dipo nkan jigsaw ni GUI Ile-iṣẹ Iṣakoso), gẹgẹbi awọn idanwo imuṣiṣẹ iṣẹ Ethernet ati awọn idanwo akoyawo.

Awọn orukọ Kafka Koko

Awọn orukọ koko Kafka fun API ṣiṣanwọle jẹ atẹle yii, nibiti %s jẹ orukọ kukuru ti akọọlẹ Ile-iṣẹ Iṣakoso (itọkasi nigbati o ṣẹda akọọlẹ naa):
const (
Orukọ okeere = "kafka"
metadataTopicTpl = "paa.public.accounts.%s.metadata"
metricsTopicTpl = "paa.public.accounts.%s.metrics"
)
Examples ti Lilo API ṣiṣanwọle
Awọn examples ti o tẹle ni a rii ni tarball paa-streaming-api-client-examples.tar.gz ti o wa ninu bọọlu ile-iṣẹ Iṣakoso.
First, nibẹ ni a ipilẹ example ṣe afihan bi awọn metiriki ati metadata wọn ṣe n san ni lọtọ ati tẹ awọn ifiranṣẹ ti o gba wọle nirọrun si console. O le ṣiṣẹ bi atẹle:
sudo ./build.sh run-basic –kafka-brokers localhost:9092 –account ACCOUNT_SHORTNAME There is also a more advanced exampnibi ti awọn metiriki ati awọn ifiranṣẹ metadata ti ni ibatan. Lo aṣẹ yii lati ṣiṣẹ:
sudo ./build.sh run-advanced –kafka-brokers localhost:9092 –account ACCOUNT_SHORTNAME You need to use sudo to run Docker commands such as the ones above. Optionally, you can follow the Linux post-installation steps to be able to run Docker commands without sudo. For details, go to docs.docker.com/engine/install/linux-postinstall.
Juniper Networks, aami Juniper Networks, Juniper, ati Junos jẹ aami-išowo ti a forukọsilẹ ti Juniper Networks, Inc. ni Amẹrika ati awọn orilẹ-ede miiran. Gbogbo awọn aami-išowo miiran, awọn ami iṣẹ, awọn aami ti a forukọsilẹ, tabi awọn aami iṣẹ ti a forukọsilẹ jẹ ohun-ini awọn oniwun wọn. Juniper Networks ko gba ojuse fun eyikeyi aiṣedeede ninu iwe yi. Juniper Networks ni ẹtọ lati yipada, yipada, gbigbe, tabi bibẹẹkọ tunwo atẹjade yii laisi akiyesi. Aṣẹ-lori-ara © 2025 Juniper Networks,
Inc. Gbogbo ẹtọ wa ni ipamọ.

JUNIPER NETWORKS - logo

Awọn iwe aṣẹ / Awọn orisun

JUNIPER NETWORKS Routing Active Testing Solution Brief [pdf] Itọsọna olumulo
Routing Active Testing Solution Brief, Active Testing Solution Brief, Testing Solution Brief, Solution Brief

Awọn itọkasi

Fi ọrọìwòye

Adirẹsi imeeli rẹ kii yoo ṣe atẹjade. Awọn aaye ti a beere ti wa ni samisi *