Replicator Configuration Reference for Confluent Platform¶
This section is a reference for Replicator configuration options.
For more about Replicator features, use cases, and use in failover scenarios, see Replicate Multi-Datacenter Topics Across Kafka Clusters in Confluent Platform.
To use this connector, specify the name of the connector class in the connector.class
configuration property.
connector.class=io.confluent.connect.replicator.ReplicatorSourceConnector
Connector-specific configuration properties are described below.
Source Topics¶
Important
The __consumer_timestamps
topic will not be copied from source to destination as this topic is relevant only to Replicator offset translation. For more information regarding offset translation, see Understanding consumer offset translation.
topic.regex
Regex of topics to replicate to the destination cluster. To learn more about regular expressions, see Java Regular Expressions.
- Type: string
- Default: null
- Importance: high
Important
Replicator will not copy the internal __consumer_offsets
or __transaction_state
topics from the source cluster even if matched in topic.regex
or topic.whitelist
.
Note
The topic.regex
property and the following two topic.whitelist
and
topic.blacklist
properties are applied in the following order:
- Any topics specified in
topic.blacklist
will not be replicated. - Any topics specified in
topic.whitelist
or matched bytopic.regex
will be replicated (whitelisted topics do not have to match the regex).
All three properties can be provided in a single Replicator configuration.
They work cooperatively to determine which topics to replicate. For instance,
given a sequence of topic names topic1
, topic2
, topic3
, and
topic4
, you could specify a topic.whitelist
of topic1
, a
topic.regex
of topic[2,3,4]
, and a topic.blacklist
of topic4
.
Replicator would combine these constraints to produce a final list of
replicated topics containing topic1
, topic2
, and topic3
.
If all three properties are left with their default values, no topics are replicated.
topic.whitelist
Whitelist of topics to be replicated.
- Type: list
- Default: “”
- Importance: high
Important
At startup, Replicator lists the topics to replicate. Replicator will fail if any topic in
topic.whitelist
cannot be listed, either because the topic does not exist or because there are insufficient ACLs for it. The Replicator principal must have permissions to describe ACLs on every topic in the list. For more information, see Replicator Security.For Replicator version 5.5 and later, topics listed in
topic.whitelist
must exist in the source cluster. If you want to topics to be created after starting Replicator, usetopic.regex
for these instead.topic.blacklist
Topics to exclude from replication.
- Type: list
- Default: “”
- Importance: high
topic.poll.interval.ms
How often to poll the source cluster for new topics matching topic.whitelist or topic.regex.
- Type: int
- Default: 120000
- Valid Values: [0,…]
- Importance: low
Important
The topic.regex
, topic.whitelist
and topic.blacklist
configurations apply in the following order:
- Any topics specified in
topic.blacklist
will not be replicated. - Any topics specified in
topic.whitelist
or matched bytopic.regex
will be replicated (whitelisted topics do not have to match the regex).
If all 3 properties are left with their default values then no topics will be replicated.
Source Data Conversion¶
src.key.converter
Converter for the key field of messages retrieved from the source cluster.
- Type: class
- Default: io.confluent.connect.replicator.util.ByteArrayConverter
- Importance: low
src.value.converter
Converter for the value field of messages retrieved from the source cluster.
- Type: class
- Default: io.confluent.connect.replicator.util.ByteArrayConverter
- Importance: low
src.header.converter
HeaderConverter class used to convert serialized Kafka headers to Kafka Connect headers. Default value is ByteArrayConverter, which simply passes the input bytes into the destination record.
- Type: class
- Default: io.confluent.connect.replicator.util.ByteArrayConverter
- Importance: low
Source Kafka¶
The following configuration options are common properties that are used across Kafka clients. Replicator uses these options
to connect with the source cluster (consumer, adminclient). Valid client properties that use the src.kafka
prefix will
be forwarded to clients that connect to the source cluster. You should use src.kafka
if the configurations for consumer and adminclient are the same.
src.kafka.bootstrap.servers
A list of host and port pairs to use for establishing the initial connection to the source Kafka cluster. The client will use all servers, irrespective of which servers are designated here for bootstrapping. This list only controls the initial hosts used to discover the full set of servers. This list must be in the form
host1:port1,host2:port2,...
. These servers are only used for the initial connection, to discover the full cluster membership. You don’t need to specify the full set of servers, but you may want to specify more than one, in case of failover.- Type: list
- Importance: high
src.kafka.client.id
An ID string to pass to the server when making requests. This string is used to track the source of requests. It allows a logical application name to be included in server-side request logging.
- Type: string
- Default: “”
- Importance: low
src.kafka.request.timeout.ms
Specifies the maximum amount of time the client will wait for the response of a request. If the response is not received before the timeout elapses, the client will resend, or fail the request if retries are exhausted.
- Type: int
- Default: 30000
- Valid Values: [0,…]
- Importance: medium
src.kafka.retry.backoff.ms
Specifies the amount of time to wait before attempting to retry a failed request to a topic partition. This avoids repeatedly sending requests in a tight loop under some failure scenarios.
- Type: long
- Default: 100
- Valid Values: [0,…]
- Importance: low
src.kafka.connections.max.idle.ms
Specifies the amount of time (milliseconds) before idle connections are closed.
- Type: long
- Default: 540000
- Importance: medium
src.kafka.reconnect.backoff.ms
Specifies the amount of time to wait before attempting to reconnect to a host. This avoids repeatedly connecting to a host in a tight loop. This backoff applies to all requests sent by the consumer to the broker.
- Type: long
- Default: 50
- Valid Values: [0,…]
- Importance: low
src.kafka.metric.reporters
A list of classes to use as metrics reporters. Implementing the
MetricReporter
interface allows plugging in classes that will be notified of new metric creation. The JmxReporter is always included to register JMX statistics.- Type: list
- Default: “”
- Importance: low
src.kafka.metrics.num.samples
The number of samples maintained to compute metrics.
- Type: int
- Default: 2
- Valid Values: [1,…]
- Importance: low
src.kafka.metrics.sample.window.ms
The window of time a metrics sample is computed over.
- Type: long
- Default: 30000
- Valid Values: [0,…]
- Importance: low
src.kafka.send.buffer.bytes
The size of the TCP send buffer (SO_SNDBUF) to use when sending data. If the value is -1, the operating system default will be used.
- Type: int
- Default: 131072
- Valid Values: [-1,…]
- Importance: medium
src.kafka.receive.buffer.bytes
The size of the TCP receive buffer (SO_RCVBUF) to use when reading data. If the value is -1, the operating system default will be used.
- Type: int
- Default: 65536
- Valid Values: [-1,…]
- Importance: medium
src.kafka.timestamps.topic.replication.factor
Replication factor for the consumer timestamps topic.
- Type: int
- Default: 3
- Importance: high
src.kafka.timestamps.topic.num.partitions
Number of partitions for the consumer timestamps topic.
- Type: int
- Default: 50
- Importance: high
Source Kafka: Security¶
Tip
For a full description of Replicator encryption and authentication options available on various protocols, see the overview on Replicator Security.
src.kafka.security.protocol
Protocol used to communicate with brokers. Valid values are: PLAINTEXT, SSL, SASL_PLAINTEXT, SASL_SSL.
- Type: string
- Default: PLAINTEXT
- Valid Values: [PLAINTEXT, SSL, SASL_PLAINTEXT, SASL_SSL]
- Importance: medium
src.kafka.sasl.mechanism
SASL mechanism used for client connections. This may be any mechanism for which a security provider is available. GSSAPI is the default mechanism.
- Type: string
- Default: GSSAPI
- Importance: medium
src.kafka.sasl.kerberos.ticket.renew.window.factor
Login thread will sleep until the specified window factor of time from last refresh to ticket’s expiry has been reached, at which time it will try to renew the ticket.
- Type: double
- Default: 0.8
- Importance: low
src.kafka.sasl.kerberos.min.time.before.relogin
Login thread sleep time between refresh attempts.
- Type: long
- Default: 60000
- Importance: low
src.kafka.sasl.kerberos.kinit.cmd
Kerberos kinit command path.
- Type: string
- Default: /usr/bin/kinit
- Importance: low
src.kafka.sasl.kerberos.service.name
The Kerberos principal name that Kafka runs as. This can be defined either in Kafka’s JAAS config or in Kafka’s config.
- Type: string
- Default: null
- Importance: medium
src.kafka.sasl.kerberos.ticket.renew.jitter
Percentage of random jitter added to the renewal time.
- Type: double
- Default: 0.05
- Importance: low
src.kafka.ssl.protocol
The TLS protocol used to generate the SSLContext. The default is
TLSv1.3
when running with Java 11 or newer,TLSv1.2
otherwise. This value should be fine for most use cases. Allowed values in recent JVMs areTLSv1.2
andTLSv1.3
.TLS
,TLSv1.1
,SSL
,SSLv2
andSSLv3
might be supported in older JVMs, but their usage is discouraged due to known security vulnerabilities. With the default value for this configuration andssl.enabled.protocols
, clients downgrade toTLSv1.2
if the server does not supportTLSv1.3
. If this configuration is set toTLSv1.2
, clients do not useTLSv1.3
, even if it is one of the values inssl.enabled.protocols
and the server only supportsTLSv1.3
.- Type: string
- Default:
TLSv1.3
- Importance: medium
src.kafka.ssl.provider
The name of the security provider used for TLS connections. Default value is the default security provider of the JVM.
- Type: string
- Default: null
- Importance: medium
src.kafka.ssl.enabled.protocols
The comma-separated list of protocols enabled for TLS connections. The default value is
TLSv1.2,TLSv1.3
when running with Java 11 or later,TLSv1.2
otherwise. With the default value for Java 11 (TLSv1.2,TLSv1.3
), Kafka clients and brokers prefer TLSv1.3 if both support it, and falls back to TLSv1.2 otherwise (assuming both support at least TLSv1.2).- Type: list
- Default:
TLSv1.2,TLSv1.3
- Importance: medium
src.kafka.ssl.keystore.location
The location of the key store file. This is optional for client and can be used for two-way client authentication.
- Type: string
- Default: null
- Importance: high
src.kafka.ssl.cipher.suites
A list of cipher suites. This is a named combination of authentication, encryption, MAC, and key exchange algorithms used to negotiate the security settings for a network connection using TLS. By default, all the available cipher suites are supported.
- Type: list
- Default: null
- Importance: low
src.kafka.ssl.secure.random.implementation
The SecureRandom PRNG implementation to use for TLS cryptography operations.
- Type: string
- Default: null
- Importance: low
src.kafka.ssl.truststore.type
The file format of the trust store file.
- Type: string
- Default: JKS
- Importance: medium
src.kafka.ssl.keystore.type
The file format of the key store file. This is optional for client.
- Type: string
- Default: JKS
- Importance: medium
src.kafka.ssl.trustmanager.algorithm
The algorithm used by trust manager factory for TLS connections. Default value is the trust manager factory algorithm configured for the Java Virtual Machine.
- Type: string
- Default: PKIX
- Importance: low
src.kafka.ssl.truststore.location
The location of the trust store file.
- Type: string
- Default: null
- Importance: high
src.kafka.ssl.keystore.password
The store password for the key store file. This is optional for client and only needed if
ssl.keystore.location
is configured.- Type: password
- Default: null
- Importance: high
src.kafka.ssl.keymanager.algorithm
The algorithm used by key manager factory for TLS connections. Default value is the key manager factory algorithm configured for the Java Virtual Machine.
- Type: string
- Default: SunX509
- Importance: low
src.kafka.ssl.key.password
The password of the private key in the key store file. This is optional for client.
- Type: password
- Default: null
- Importance: high
src.kafka.ssl.truststore.password
The password for the trust store file.
- Type: password
- Default: null
- Importance: high
src.kafka.ssl.endpoint.identification.algorithm
The endpoint identification algorithm to validate server hostname using server certificate.
- Type: string
- Default: https
- Importance: low
Source Kafka: Consumer¶
The following configuration options are properties that are specific to the Kafka consumer. These options will be combined
with the src.kafka
properties and forwarded to consumers that connect to the source cluster.
src.consumer.allow.auto.create.topics
Allow automatic topic creation on the broker when subscribing to or assigning a topic. A topic being subscribed to will be automatically created only if the broker allows for it using
auto.create.topics.enable
broker configuration. This configuration must be set tofalse
when using brokers older than 0.11.0.- Type: boolean
- Default: false
- Importance: medium
Note
- Normally, this config in consumers defaults to
true
. However, for Replicator this config internally defaults tofalse
so as not to allow topic creation by consumers. To delete topics while Replicator is running, you can do so in one of two ways if you havetopic.auto.create
set totrue
: either, stop Replicator and delete all the topics, or setauto.create.topics.enable
tofalse
on the Kafka clusters. - Replicator does not support auto topic creation where the source topic is configured with replica placement constraints (confluent.placement.constraints).
As a workaround, you can manually create the topic on the destination cluster, and disable
topic.auto.create
within the Replicator configuration. (Seetopic.auto.create
under Destination Topics.)
src.consumer.interceptor.classes
A list of classes to use as interceptors. Implementing the
ConsumerInterceptor
interface allows you to intercept (and possibly mutate) records received by the consumer. By default, there are no interceptors.- Type: list
- Default: null
- Importance: low
src.consumer.fetch.max.wait.ms
The maximum amount of time the server will block before answering the fetch request if there isn’t sufficient data to immediately satisfy the requirement given by
fetch.min.bytes
.- Type: int
- Default: 500
- Valid Values: [0,…]
- Importance: low
src.consumer.fetch.min.bytes
The minimum amount of data the server should return for a fetch request. If insufficient data is available the request will wait for that much data to accumulate before answering the request. The default setting of 1 byte means that fetch requests are answered as soon as a single byte of data is available or the fetch request times out waiting for data to arrive. Setting this to something greater than 1 will cause the server to wait for larger amounts of data to accumulate which can improve server throughput a bit at the cost of some additional latency.
- Type: int
- Default: 1
- Valid Values: [0,…]
- Importance: high
src.consumer.fetch.max.bytes
The maximum amount of data the server should return for a fetch request. This is not an absolute maximum, if the first message in the first non-empty partition of the fetch is larger than this value, the message will still be returned to ensure that the consumer can make progress. The maximum message size accepted by the broker is defined via
message.max.bytes
(broker config) ormax.message.bytes
(topic config). Note that the consumer performs multiple fetches in parallel.- Type: int
- Default: 52428800
- Valid Values: [0,…]
- Importance: medium
src.consumer.max.partition.fetch.bytes
The maximum amount of data per-partition the server will return. If the first message in the first non-empty partition of the fetch is larger than this limit, the message will still be returned to ensure that the consumer can make progress. The maximum message size accepted by the broker is defined via
message.max.bytes
(broker config) ormax.message.bytes
(topic config). Seefetch.max.bytes
for limiting the consumer request size- Type: int
- Default: 1048576
- Valid Values: [0,…]
- Importance: high
src.consumer.max.poll.records
The maximum number of records returned in a single call to poll().
- Type: int
- Default: 500
- Valid Values: [1,…]
- Importance: medium
src.consumer.check.crcs
Automatically check the CRC32 of the records consumed. This ensures no on-the-wire or on-disk corruption to the messages occurred. This check adds some overhead, so it may be disabled in cases seeking extreme performance.
- Type: boolean
- Default: true
- Importance: low
Destination Topics¶
topic.rename.format
A format string for the topic name in the destination cluster, which may contain
${topic}
as a placeholder for the originating topic name. For example,dc_${topic}
for the topicorders
will map to the destination topic namedc_orders
.Be careful of the potential for topic name collisions when configuring replicators from multiple source clusters. We typically recommend that each cluster be given a distinct prefix or suffix (as in the example above).
- Type: string
- Default: ${topic}
- Importance: high
Tip
Starting with Confluent Platform 5.2.0, you can use Confluent Replicator to migrate schemas to another Schema Registry, which is either self-managed or on Confluent Cloud.
If you configure Confluent Replicator to use the default subject translator for schemas as follows:
schema.subject.translator.class=io.confluent.connect.replicator.schemas.DefaultSubjectTranslator
then,
topic.rename.format
is used to rename the subjects in the target Schema Registry during a schema migration.For example, if the
topic.rename.format
is${topic}-replica
, the subjectmytopic-value
in the original Schema Registry would be renamedmytopic-replica-value
in the “new”, target registry.Only the schemas that use the subject name strategy
TopicNameStrategy
(subject name with-key
or-value
) will be renamed. All other subjects (which use different naming strategies) will be migrated but not renamed.topic.auto.create
Whether to automatically create topics in the destination cluster if required.
- Type: boolean
- Default: true
- Importance: low
Note
Replicator does not support auto topic creation where the source topic is configured with replica placement constraints (confluent.placement.constraints). As a workaround, you can manually create the topic on the destination cluster, and disable
topic.auto.create
within the Replicator configuration.topic.preserve.partitions
Whether to automatically increase the number of partitions in the destination cluster to match the source cluster and ensure that messages replicated from the source cluster use the same partition in the destination cluster.
- Type: boolean
- Default: true
- Importance: low
Note
- If
topic.preserve.partitions
is set tofalse
,offset.topic.commit
must also be set tofalse
. Replicator does not supportoffset.topic.commit=true
whentopic.preserve.partitions=false
. - If
offset.topic.commit
is set tofalse
, there won’t be any consumer groups in the source cluster.
topic.create.backoff.ms
Time to wait before retrying auto topic creation or expansion.
- Type: int
- Default: 120000
- Valid Values: [0,…]
- Importance: low
topic.config.sync
Whether to periodically sync topic configuration to the destination cluster.
- Type: boolean
- Default: true
- Importance: low
topic.config.sync.interval.ms
How often to check for configuration changes when
topic.config.sync
is enabled.- Type: int
- Default: 120000
- Valid Values: [0,…]
- Importance: low
topic.timestamp.type
The timestamp type for the topics in the destination cluster.
- Type: string
- Default: CreateTime
- Valid Values: [CreateTime, LogAppendTime]
- Importance: low
dest.topic.replication.factor
Sets the replication factor for the topic at the destination cluster.
- Type: int
- Default: source replication factor
- Valid Values: > 0
- Importance: low
Destination Kafka¶
Tip
Starting in Replicator 5.4.0, dest.kafka.*
configurations are no longer mandatory. If these configurations are not supplied, their values are inferred from producer configurations in the Connect worker.
The following configuration options are common properties that are used across
Kafka clients. Replicator uses these options to connect with the destination cluster
(adminclient). Valid client properties that use the dest.kafka
prefix will
be forwarded to clients that connect to the destination cluster for admin operations.
dest.kafka.bootstrap.servers
A list of host and port pairs to use for establishing the initial connection to the destination Kafka cluster. The client will use all servers, irrespective of which servers are designated here for bootstrapping. This list only controls the initial hosts used to discover the full set of servers. This list must be in the form
host1:port1,host2:port2,...
. These servers are only used for the initial connection, to discover the full cluster membership. You don’t need to specify the full set of servers, but you may want to specify more than one, in case of failover.- Type: list
- Importance: high
dest.kafka.client.id
An ID string to pass to the server when making requests. This string is used to track the source of requests. It allows a logical application name to be included in server-side request logging.
- Type: string
- Default: “”
- Importance: low
dest.kafka.request.timeout.ms
Specifies the maximum amount of time the client will wait for the response of a request. If the response is not received before the timeout elapses, the client will resend, or fail the request if retries are exhausted.
- Type: int
- Default: 30000
- Valid Values: [0,…]
- Importance: medium
dest.kafka.retry.backoff.ms
Specifies the amount of time to wait before attempting to retry a failed request to a topic partition. This avoids repeatedly sending requests in a tight loop under some failure scenarios.
- Type: long
- Default: 100
- Valid Values: [0,…]
- Importance: low
dest.kafka.connections.max.idle.ms
Specifies the amount of time (milliseconds) before idle connections are closed.
- Type: long
- Default: 540000
- Importance: medium
dest.kafka.reconnect.backoff.ms
Specifies the amount of time to wait before attempting to reconnect to a host. This avoids repeatedly connecting to a host in a tight loop. This backoff applies to all requests sent by the consumer to the broker.
- Type: long
- Default: 50
- Valid Values: [0,…]
- Importance: low
dest.kafka.metric.reporters
A list of classes to use as metrics reporters. Implementing the
MetricReporter
interface allows plugging in classes that will be notified of new metric creation. The JmxReporter is always included to register JMX statistics.- Type: list
- Default: “”
- Importance: low
dest.kafka.metrics.num.samples
The number of samples maintained to compute metrics.
- Type: int
- Default: 2
- Valid Values: [1,…]
- Importance: low
dest.kafka.metrics.sample.window.ms
The window of time a metrics sample is computed over.
- Type: long
- Default: 30000
- Valid Values: [0,…]
- Importance: low
dest.kafka.send.buffer.bytes
The size of the TCP send buffer (SO_SNDBUF) to use when sending data. If the value is -1, the operating system default will be used.
- Type: int
- Default: 131072
- Valid Values: [-1,…]
- Importance: medium
dest.kafka.receive.buffer.bytes
The size of the TCP receive buffer (SO_RCVBUF) to use when reading data. If the value is -1, the operating system default will be used.
- Type: int
- Default: 65536
- Valid Values: [-1,…]
- Importance: medium
Destination Kafka: Security¶
Tip
For a full description of Replicator encryption and authentication options available on various protocols, see the overview on Replicator Security.
dest.kafka.security.protocol
Protocol used to communicate with brokers. Valid values are: PLAINTEXT, SSL, SASL_PLAINTEXT, SASL_SSL.
- Type: string
- Default: PLAINTEXT
- Valid Values: [PLAINTEXT, SSL, SASL_PLAINTEXT, SASL_SSL]
- Importance: medium
dest.kafka.sasl.mechanism
SASL mechanism used for client connections. This may be any mechanism for which a security provider is available. GSSAPI is the default mechanism.
- Type: string
- Default: GSSAPI
- Importance: medium
dest.kafka.sasl.kerberos.ticket.renew.window.factor
Specifies the window factor of time that the login thread will sleep until the ticket is renewed. The window factor of time is computed from last refresh to ticket’s expiry.
- Type: double
- Default: 0.8
- Importance: low
dest.kafka.sasl.kerberos.min.time.before.relogin
Login thread sleep time between refresh attempts.
- Type: long
- Default: 60000
- Importance: low
dest.kafka.sasl.kerberos.kinit.cmd
Kerberos kinit command path.
- Type: string
- Default: /usr/bin/kinit
- Importance: low
dest.kafka.sasl.kerberos.service.name
The Kerberos principal name that Kafka runs as. This can be defined either in Kafka’s JAAS config or in Kafka’s config.
- Type: string
- Default: null
- Importance: medium
dest.kafka.sasl.kerberos.ticket.renew.jitter
Percentage of random jitter added to the renewal time.
- Type: double
- Default: 0.05
- Importance: low
dest.kafka.ssl.protocol
The TLS protocol used to generate the SSLContext. The default is
TLSv1.3
when running with Java 11 or newer,TLSv1.2
otherwise. This value should be fine for most use cases. Allowed values in recent JVMs areTLSv1.2
andTLSv1.3
.TLS
,TLSv1.1
,SSL
,SSLv2
andSSLv3
might be supported in older JVMs, but their usage is discouraged due to known security vulnerabilities. With the default value for this configuration andssl.enabled.protocols
, clients downgrade toTLSv1.2
if the server does not supportTLSv1.3
. If this configuration is set toTLSv1.2
, clients do not useTLSv1.3
, even if it is one of the values inssl.enabled.protocols
and the server only supportsTLSv1.3
.- Type: string
- Default:
TLSv1.3
- Importance: medium
dest.kafka.ssl.provider
The name of the security provider used for TLS connections. Default value is the default security provider of the JVM.
- Type: string
- Default: null
- Importance: medium
dest.kafka.ssl.enabled.protocols
The comma-separated list of protocols enabled for TLS connections. The default value is
TLSv1.2,TLSv1.3
when running with Java 11 or later,TLSv1.2
otherwise. With the default value for Java 11 (TLSv1.2,TLSv1.3
), Kafka clients and brokers prefer TLSv1.3 if both support it, and falls back to TLSv1.2 otherwise (assuming both support at least TLSv1.2).- Type: list
- Default:
TLSv1.2,TLSv1.3
- Importance: medium
dest.kafka.ssl.keystore.location
The location of the key store file. This is optional for client and can be used for two-way client authentication.
- Type: string
- Default: null
- Importance: high
dest.kafka.ssl.cipher.suites
A list of cipher suites. This is a named combination of authentication, encryption, MAC, and key exchange algorithms used to negotiate the security settings for a network connection using TLS. By default, all the available cipher suites are supported.
- Type: list
- Default: null
- Importance: low
dest.kafka.ssl.secure.random.implementation
The SecureRandom PRNG implementation to use for TLS cryptography operations.
- Type: string
- Default: null
- Importance: low
dest.kafka.ssl.truststore.type
The file format of the trust store file.
- Type: string
- Default: JKS
- Importance: medium
dest.kafka.ssl.keystore.type
The file format of the key store file. This is optional for client.
- Type: string
- Default: JKS
- Importance: medium
dest.kafka.ssl.trustmanager.algorithm
The algorithm used by trust manager factory for TLS connections. Default value is the trust manager factory algorithm configured for the Java Virtual Machine.
- Type: string
- Default: PKIX
- Importance: low
dest.kafka.ssl.truststore.location
The location of the trust store file.
- Type: string
- Default: null
- Importance: high
dest.kafka.ssl.keystore.password
The store password for the key store file. This is optional for client and only needed if
ssl.keystore.location
is configured.- Type: password
- Default: null
- Importance: high
dest.kafka.ssl.keymanager.algorithm
The algorithm used by key manager factory for TLS connections. Default value is the key manager factory algorithm configured for the Java Virtual Machine.
- Type: string
- Default: SunX509
- Importance: low
dest.kafka.ssl.key.password
The password of the private key in the key store file. This is optional for client.
- Type: password
- Default: null
- Importance: high
dest.kafka.ssl.truststore.password
The password for the trust store file.
- Type: password
- Default: null
- Importance: high
dest.kafka.ssl.endpoint.identification.algorithm
The endpoint identification algorithm to validate server hostname using server certificate.
- Type: string
- Default: null
- Importance: low
Destination Data Conversion¶
key.converter
Converter for the key field of messages written to the destination cluster. Use
io.confluent.connect.replicator.util.ByteArrayConverter
if you don’t need data conversion.- Type: class
- Default: inherited from worker configuration
- Importance: low
value.converter
Converter for the value field of messages written to the destination cluster. Use
io.confluent.connect.replicator.util.ByteArrayConverter
if you don’t need data conversion.- Type: class
- Default: inherited from worker configuration
- Importance: low
header.converter
HeaderConverter class used to convert serialized Kafka headers to Kafka Connect headers. Currently, the default value is
SimpleHeaderConverter
, which outputs base64 encoded headers. To get human readable headers showing the origin cluster name, topic name, and timestamp, you must explicitly set this to theByteArrayConverter
as follows:header.converter=io.confluent.connect.replicator.util.ByteArrayConverter
.- Type: class
- Default: SimpleHeaderConverter
- Importance: low
Consumer Offset Translation¶
Important
Offset translation is for Java consumers only; it does not work for other types of applications.
offset.translator.tasks.max
The maximum number of Replicator tasks that will perform offset translation. If -1 (the default), all tasks will perform offset translation.
- Type: int
- Default: -1
- Importance: medium
offset.translator.tasks.separate
Whether to translate offsets in separate tasks from those performing topic replication.
- Type: boolean
- Default: false
- Importance: medium
offset.translator.batch.period.ms
The period in milliseconds during which offset translation requests will be batched.
- Type: int
- Default: 60000
- Importance: medium
offset.translator.batch.size
The maximum size of a batch for offset translation requests.
- Type: int
- Default: 2147483647 (
Integer.MAX_VALUE
) - Importance: medium
offset.timestamps.commit
Whether to commit internal offset timestamps for Replicator, so that it can resume properly when switching to the secondary cluster.
- Type: boolean
- Default: true
- Importance: medium
src.kafka.timestamps.topic.replication.factor
- See
src.kafka.timestamps.topic.replication.factor
under Source Kafka. src.kafka.timestamps.topic.num.partitions
- See
src.kafka.timestamps.topic.num.partitions
under Source Kafka. provenance.header.enable
Whether to enable the use of provenance headers during replication.
- Type: boolean
- Default: false
- Importance: medium
To learn more about this setting, see Using Provenance Headers to Prevent Duplicates or Cyclic Message Repetition. Note the requirement to explicitly set
header.converter=io.confluent.connect.replicator.util.ByteArrayConverter
when provenance headers are enabled, as described in that section.Note
If Kafka messages have custom headers and are being replicated with provenance headers (
provenance.header.enable=true
), the consumer applications that are processing headers should skip the header with key__replicator_id
. Depending on how the consumer is processing records, this may not require a code change. If the consumer is asking for a specific header, no change is required. If, however, the consumer is usingtoArray
from the Kafka class Interface Headers to return all headers, the consumer must explicitly skip__replicator_id
, otherwise, the replication will produce errors such as “could not decode JSON types ..” and “unrecognized tokens”.Here is an example of Java code for the consumer that uses ConsumerRecord to read the header keys and skips
__replicator_id
:ConsumerRecord<byte[], byte[]> record = ... Headers headers = record.headers(); if (headers != null) { for (Header header : headers) { if (!"__replicator_id".equals(header.key())) { ... process application header... } } }
provenance.header.filter.overrides
Configured on a separate, temporary Replicator instance, specifies which data to exclude from normal replication filtering rules that prevent cyclic replication of messages. Semi-colon-delimited list of tuples as follows:
- Regular expression for the cluster ID to match that in the provenance header
- Regular expression for the topic name to match that in the provenance header
- Range of timestamps
Use this parameter for disaster recovery in particular scenarios where data in the Kafka topics in the original cluster could not be fully restored. In such cases, delete the remaining data in a cluster as a starting point for recovery, then re-run Replicator across datacenters. When you re-run Replicator in this scenario, override normal filtering rules that would otherwise skip replication of previously copied data. For more information and examples, see the topic “Data Synchronization in Active-Passive Design” under “Manually Reset Consumer Offsets” in the whitepaper: Disaster Recovery for Multi-Datacenter Apache Kafka Deployments.
fetch.offset.expiry.ms
The amount of time in milliseconds after which a fetch offset request for offset translation expires and is discarded.
- Type: long
- Default: 600000
- Importance: low
fetch.offset.retry.backoff.ms
The amount of time in milliseconds to wait before attempting to retry a failed fetch offset request during offset translation.
- Type: long
- Default: 100
- Importance: low
Schema Translation¶
Note
These properties are only required when using the Schema translation feature of Replicator. For more information regarding this see Use Schema Registry to Migrate Schemas in Confluent Platform.
schema.registry.topic
The topic that acts as the durable log for the schema registry.
- Type: string
- Default: null
- Importance: medium
schema.registry.url
Comma-separated list of URLs for schema registry instances that can be used to register or look up schemas.
- Type: string
- Default: null
- Importance: high
schema.registry.max.schemas.per.subject
Maximum number of schemas to cache locally.
- Type: int
- Default: 1000
- Importance: low
schema.registry.client.basic.auth.credentials.source
Specify how to pick the credentials for Basic Auth header. The supported values are URL, USER_INFO and SASL_INHERIT
- Type: string
- Default: URL
- Importance: medium
schema.registry.client.basic.auth.user.info
Specify the user info for Basic Auth in the form of {username}:{password}
- Type: string
- Default: null
- Importance: medium
schema.subject.translator.class
Translator for the schema subject, or null if no translation is to be performed. Properties with the prefix
schema.subject.translator.
will be passed to the configure() method of the translator.- Type: class
- Default: null
- Importance: low
Offset Management¶
offset.start
Specify the preference for determining where to start replication. Use
connect
to prefer the Connect offset if it exists, and the consumer offset otherwise. Useconsumer
to prefer the consumer offset if it exists, and the Connect offset otherwise. If neither the Connect offset nor the consumer offset exist, the starting offset will be the beginning of the topic.- Type: string
- Default: connect
- Importance: low
Note
It is recommended that you set it to the default of offset.start=connect
, unless running Replicator in the bidirectional setup.
offset.topic.commit
Whether to commit Replicator’s consumer offsets to the source Kafka cluster after the messages have been written to the destination cluster. These consumer offsets can be used to easily track the lag of Replicator.
- Type: boolean
- Default: true
- Importance: medium
Note
- If
topic.preserve.partitions
is set tofalse
,offset.topic.commit
must also be set tofalse
. Replicator does not supportoffset.topic.commit=true
whentopic.preserve.partitions=false
. - If
offset.topic.commit
is set tofalse
, there won’t be any consumer groups created by Replicator in the source cluster.
Cluster ID and Group ID¶
The parameter cluster.id
is required when running Replicator as an executable. This defines a
unique identifier for the cluster that is formed when several instances of Replicator Executable start with the same
--cluster.id
, and is a property on the executable only. The cluster.id
does not have a default value; it must be specified at runtime.
Replicator executables that have the same cluster.id
will automatically discover each other and form a cluster.
For non-executable deployments (using Connect workers), the parameter group.id
is a unique string specified in the Connect worker that identifies the cluster group the worker belongs to. The default is connect-cluster
. Distributed Worker Configuration that have the same group.id
will automatically discover each other and form a cluster.
If you want more than one cluster, you must specify different IDs appropriately, depending on the deployment type:
- Each cluster needs a unique
cluster.id
when running Replicator as an executable. - Each cluster needs a unique
group.id
for non-executable distributed workers.
Tip
group.id
is a property on the Connect worker, not on Replicator. It is mentioned here because it serves the same purpose as cluster.id
for non-executable Replicator deployments.
Confluent Platform license¶
Important
From 5.5.0 onwards, Replicator will fail immediately after the license key expires, even if Replicator is running.
Tip
For complete license information for Confluent Platform, see Confluent Platform Licenses.
confluent.topic.bootstrap.servers
A list of host/port pairs to use for establishing the initial connection to the Kafka cluster used for licensing. All servers in the cluster will be discovered from the initial connection. This list should be in the form
host1:port1,host2:port2,...
. Since these servers are just used for the initial connection to discover the full cluster membership (which may change dynamically), this list need not contain the full set of servers (you may want more than one, though, in case a server is down).- Type: list
- Importance: high
confluent.topic
Name of the Kafka topic used for Confluent Platform configuration, including licensing information.
- Type: string
- Default: _confluent-command
- Importance: low
confluent.topic.replication.factor
The replication factor for the Kafka topic used for Confluent Platform configuration, including licensing information. This is used only if the topic does not already exist, and the default of 3 is appropriate for production use. If you are using a development environment with less than 3 brokers, you must set this to the number of brokers (often 1).
- Type: int
- Default: 3
- Importance: low
Confluent license properties¶
Note
By default, license-related properties (confluent.topic.*
) are inherited from dest.kafka.*
connector properties.
confluent.license
Confluent issues enterprise license keys to each subscriber. The license key is text that you can copy and paste as the value for
confluent.license
. A trial license allows using the connector for a 30-day trial period. A developer license allows using the connector indefinitely for single-broker development environments.If you are a subscriber, contact Confluent Support for more information.
- Type: string
- Default: “”
- Valid Values: Confluent Platform license
- Importance: high
confluent.topic.ssl.truststore.location
The location of the trust store file.
- Type: string
- Default: null
- Importance: high
confluent.topic.ssl.truststore.password
The password for the trust store file. If a password is not set access to the truststore is still available, but integrity checking is disabled.
- Type: password
- Default: null
- Importance: high
confluent.topic.ssl.keystore.location
The location of the key store file. This is optional for client and can be used for two-way authentication for client.
- Type: string
- Default: null
- Importance: high
confluent.topic.ssl.keystore.password
The store password for the key store file. This is optional for client and only needed if ssl.keystore.location is configured.
- Type: password
- Default: null
- Importance: high
confluent.topic.ssl.key.password
The password of the private key in the key store file. This is optional for client.
- Type: password
- Default: null
- Importance: high
confluent.topic.security.protocol
Protocol used to communicate with brokers. Valid values are: PLAINTEXT, SSL, SASL_PLAINTEXT, SASL_SSL.
- Type: string
- Default: “PLAINTEXT”
- Importance: medium
License topic configuration¶
A Confluent enterprise license is stored in the _confluent-command
topic.
This topic is created by default and contains the license that corresponds to
the license key supplied through the confluent.license
property. No public
keys are stored in Kafka topics.
The following describes how the default _confluent-command
topic is
generated under different scenarios:
- A 30-day trial license is automatically generated for the
_confluent command
topic if you do not add theconfluent.license
property or leave this property empty (for example,confluent.license=
). - Adding a valid license key (for example,
confluent.license=<valid-license-key>
) adds a valid license in the_confluent-command
topic.
Here is an example of the minimal properties for development and testing.
You can change the name of the _confluent-command
topic using the
confluent.topic
property (for instance, if your environment has strict
naming conventions). The example below shows this change and the configured
Kafka bootstrap server.
confluent.topic=foo_confluent-command
confluent.topic.bootstrap.servers=localhost:9092
The example above shows the minimally required bootstrap server property that
you can use for development and testing. For a production environment, you add
the normal producer, consumer, and topic configuration properties to the
connector properties, prefixed with confluent.topic.
.
License topic ACLs¶
The _confluent-command
topic contains the license that corresponds to the
license key supplied through the confluent.license
property. It is created
by default. Connectors that access this topic require the following ACLs
configured:
CREATE and DESCRIBE on the resource cluster, if the connector needs to create the topic.
DESCRIBE, READ, and WRITE on the
_confluent-command
topic.Important
You can also use DESCRIBE and READ without WRITE to restrict access to read-only for license topic ACLs. If a topic exists, the LicenseManager will not try to create the topic.
You can provide access either individually for each principal that will
use the license or use a wildcard entry to
allow all clients. The following examples show commands that you can use to
configure ACLs for the resource cluster and _confluent-command
topic.
Set a CREATE and DESCRIBE ACL on the resource cluster:
kafka-acls --bootstrap-server localhost:9092 --command-config adminclient-configs.conf \ --add --allow-principal User:<principal> \ --operation CREATE --operation DESCRIBE --cluster
Set a DESCRIBE, READ, and WRITE ACL on the
_confluent-command
topic:kafka-acls --bootstrap-server localhost:9092 --command-config adminclient-configs.conf \ --add --allow-principal User:<principal> \ --operation DESCRIBE --operation READ --operation WRITE --topic _confluent-command
Override Default Configuration Properties¶
You can override the replication factor using
confluent.topic.replication.factor
. For example, when using a Kafka cluster
as a destination with less than three brokers (for development and testing) you
should set the confluent.topic.replication.factor
property to 1
.
You can override producer-specific properties by using the
producer.override.*
prefix (for source connectors) and consumer-specific
properties by using the consumer.override.*
prefix (for sink connectors).
You can use the defaults or customize the other properties as well. For example,
the confluent.topic.client.id
property defaults to the name of the connector
with -licensing
suffix. You can specify the configuration settings for
brokers that require SSL or SASL for client connections using this prefix.
You cannot override the cleanup policy of a topic because the topic always has a single partition and is compacted. Also, do not specify serializers and deserializers using this prefix; they are ignored if added.