github.com/hechain20/hechain@v0.0.0-20220316014945-b544036ba106/orderer/consensus/kafka/config.go (about)

     1  /*
     2  Copyright hechain. All Rights Reserved.
     3  
     4  SPDX-License-Identifier: Apache-2.0
     5  */
     6  
     7  package kafka
     8  
     9  import (
    10  	"crypto/tls"
    11  	"crypto/x509"
    12  
    13  	localconfig "github.com/hechain20/hechain/orderer/common/localconfig"
    14  
    15  	"github.com/Shopify/sarama"
    16  )
    17  
    18  func newBrokerConfig(
    19  	tlsConfig localconfig.TLS,
    20  	saslPlain localconfig.SASLPlain,
    21  	retryOptions localconfig.Retry,
    22  	kafkaVersion sarama.KafkaVersion,
    23  	chosenStaticPartition int32) *sarama.Config {
    24  	// Max. size for request headers, etc. Set in bytes. Too big on purpose.
    25  	paddingDelta := 1 * 1024 * 1024
    26  
    27  	brokerConfig := sarama.NewConfig()
    28  
    29  	brokerConfig.Consumer.Retry.Backoff = retryOptions.Consumer.RetryBackoff
    30  
    31  	// Allows us to retrieve errors that occur when consuming a channel
    32  	brokerConfig.Consumer.Return.Errors = true
    33  
    34  	brokerConfig.Metadata.Retry.Backoff = retryOptions.Metadata.RetryBackoff
    35  	brokerConfig.Metadata.Retry.Max = retryOptions.Metadata.RetryMax
    36  
    37  	brokerConfig.Net.DialTimeout = retryOptions.NetworkTimeouts.DialTimeout
    38  	brokerConfig.Net.ReadTimeout = retryOptions.NetworkTimeouts.ReadTimeout
    39  	brokerConfig.Net.WriteTimeout = retryOptions.NetworkTimeouts.WriteTimeout
    40  
    41  	brokerConfig.Net.TLS.Enable = tlsConfig.Enabled
    42  	if brokerConfig.Net.TLS.Enable {
    43  		// create public/private key pair structure
    44  		keyPair, err := tls.X509KeyPair([]byte(tlsConfig.Certificate), []byte(tlsConfig.PrivateKey))
    45  		if err != nil {
    46  			logger.Panic("Unable to decode public/private key pair:", err)
    47  		}
    48  		// create root CA pool
    49  		rootCAs := x509.NewCertPool()
    50  		for _, certificate := range tlsConfig.RootCAs {
    51  			if !rootCAs.AppendCertsFromPEM([]byte(certificate)) {
    52  				logger.Panic("Unable to parse the root certificate authority certificates (Kafka.Tls.RootCAs)")
    53  			}
    54  		}
    55  		brokerConfig.Net.TLS.Config = &tls.Config{
    56  			Certificates: []tls.Certificate{keyPair},
    57  			RootCAs:      rootCAs,
    58  			MinVersion:   tls.VersionTLS12,
    59  			MaxVersion:   0, // Latest supported TLS version
    60  		}
    61  	}
    62  	brokerConfig.Net.SASL.Enable = saslPlain.Enabled
    63  	if brokerConfig.Net.SASL.Enable {
    64  		brokerConfig.Net.SASL.User = saslPlain.User
    65  		brokerConfig.Net.SASL.Password = saslPlain.Password
    66  	}
    67  
    68  	// Set equivalent of Kafka producer config max.request.bytes to the default
    69  	// value of a Kafka broker's socket.request.max.bytes property (100 MiB).
    70  	brokerConfig.Producer.MaxMessageBytes = int(sarama.MaxRequestSize) - paddingDelta
    71  
    72  	brokerConfig.Producer.Retry.Backoff = retryOptions.Producer.RetryBackoff
    73  	brokerConfig.Producer.Retry.Max = retryOptions.Producer.RetryMax
    74  
    75  	// A partitioner is actually not needed the way we do things now,
    76  	// but we're adding it now to allow for flexibility in the future.
    77  	brokerConfig.Producer.Partitioner = newStaticPartitioner(chosenStaticPartition)
    78  	// Set the level of acknowledgement reliability needed from the broker.
    79  	// WaitForAll means that the partition leader will wait till all ISRs got
    80  	// the message before sending back an ACK to the sender.
    81  	brokerConfig.Producer.RequiredAcks = sarama.WaitForAll
    82  	// An esoteric setting required by the sarama library, see:
    83  	// https://github.com/Shopify/sarama/issues/816
    84  	brokerConfig.Producer.Return.Successes = true
    85  
    86  	brokerConfig.Version = kafkaVersion
    87  
    88  	return brokerConfig
    89  }