= redpanda :type: input :status: beta :categories: ["Services"] //// THIS FILE IS AUTOGENERATED! To make changes, edit the corresponding source file under: https://github.com/redpanda-data/connect/tree/main/internal/impl/. And: https://github.com/redpanda-data/connect/tree/main/cmd/tools/docs_gen/templates/plugin.adoc.tmpl //// // © 2024 Redpanda Data Inc. component_type_dropdown::[] A Kafka input using the https://github.com/twmb/franz-go[Franz Kafka client library^]. [tabs] ====== Common:: + -- ```yml # Common config fields, showing default values input: label: "" redpanda: seed_brokers: [] # No default (required) topics: [] # No default (required) regexp_topics: false consumer_group: "" # No default (optional) auto_replay_nacks: true ``` -- Advanced:: + -- ```yml # All config fields, showing default values input: label: "" redpanda: seed_brokers: [] # No default (required) client_id: benthos tls: enabled: false skip_cert_verify: false enable_renegotiation: false root_cas: "" root_cas_file: "" client_certs: [] sasl: [] # No default (optional) metadata_max_age: 5m topics: [] # No default (required) regexp_topics: false rack_id: "" start_from_oldest: true fetch_max_bytes: 50MiB fetch_min_bytes: 1B fetch_max_partition_bytes: 1MiB consumer_group: "" # No default (optional) commit_period: 5s partition_buffer_bytes: 1MB auto_replay_nacks: true ``` -- ====== When a consumer group is specified this input consumes one or more topics where partitions will automatically balance across any other connected clients with the same consumer group. When a consumer group is not specified topics can either be consumed in their entirety or with explicit partitions. == Delivery Guarantees When using consumer groups the offsets of "delivered" records will be committed automatically and continuously, and in the event of restarts these committed offsets will be used in order to resume from where the input left off. Benthos guarantees at least once delivery by ensuring that records are only considerd to be delivered when all configured outputs that the record is routed to have confirmed delivery. == Ordering In order to preserve ordering of topic partitions, records consumed from each partition are processed and delivered in the order that they are received, and only one batch of records of a given partition will ever be processed at a time. This means that parallel processing can only occur when multiple topic partitions are being consumed, but ensures that data is processed in a sequential order as determined from the source partition. However, one way in which the order of records can be mixed is when delivery errors occur and error handling mechanisms kick in. Benthos always leans towards at least once delivery unless instructed otherwise, and this includes reattempting delivery of data when the ordering of that data can no longer be guaranteed. For example, a batch of records may have been sent to an output broker and only a subset of records were delivered, in this case Benthos by default will reattempt to deliver the records that failed, even though these failed records may have come before records that were previously delivered successfully. In order to avoid this scenario you must specify in your configuration an alternative way to handle delivery errors in the form of a xref:components:outputs/fallback.adoc[`fallback`] output. It is good practice to also disable the field `auto_retry_nacks` by setting it to `false` when you've added an explicit fallback output as this will improve the throughput of your pipeline. For example, the following config avoids ordering issues by specifying a fallback output into a DLQ topic, which is also retried indefinitely as a way to apply back pressure during connectivity issues: ```yaml output: fallback: - redpanda: seed_brokers: [ localhost:9092 ] topic: foo - retry: output: redpanda: seed_brokers: [ localhost:9092 ] topic: foo_dlq ``` == Batching Records are processed and delivered from each partition in batches as received from brokers. These batch sizes are therefore dynamically sized in order to optimise throughput, but can be tuned with the config fields `fetch_max_partition_bytes` and `fetch_max_bytes`. Batches can be further broken down using the xref:components:processors/split.adoc[`split`] processor. == Metadata This input adds the following metadata fields to each message: ```text - kafka_key - kafka_topic - kafka_partition - kafka_offset - kafka_timestamp_unix - kafka_timestamp - kafka_tombstone_message - All record headers ``` == Fields === `seed_brokers` A list of broker addresses to connect to in order to establish connections. If an item of the list contains commas it will be expanded into multiple addresses. *Type*: `array` ```yml # Examples seed_brokers: - localhost:9092 seed_brokers: - foo:9092 - bar:9092 seed_brokers: - foo:9092,bar:9092 ``` === `client_id` An identifier for the client connection. *Type*: `string` *Default*: `"benthos"` === `tls` Custom TLS settings can be used to override system defaults. *Type*: `object` === `tls.enabled` Whether custom TLS settings are enabled. *Type*: `bool` *Default*: `false` === `tls.skip_cert_verify` Whether to skip server side certificate verification. *Type*: `bool` *Default*: `false` === `tls.enable_renegotiation` Whether to allow the remote server to repeatedly request renegotiation. Enable this option if you're seeing the error message `local error: tls: no renegotiation`. *Type*: `bool` *Default*: `false` Requires version 3.45.0 or newer === `tls.root_cas` An optional root certificate authority to use. This is a string, representing a certificate chain from the parent trusted root certificate, to possible intermediate signing certificates, to the host certificate. [CAUTION] ==== This field contains sensitive information that usually shouldn't be added to a config directly, read our xref:configuration:secrets.adoc[secrets page for more info]. ==== *Type*: `string` *Default*: `""` ```yml # Examples root_cas: |- -----BEGIN CERTIFICATE----- ... -----END CERTIFICATE----- ``` === `tls.root_cas_file` An optional path of a root certificate authority file to use. This is a file, often with a .pem extension, containing a certificate chain from the parent trusted root certificate, to possible intermediate signing certificates, to the host certificate. *Type*: `string` *Default*: `""` ```yml # Examples root_cas_file: ./root_cas.pem ``` === `tls.client_certs` A list of client certificates to use. For each certificate either the fields `cert` and `key`, or `cert_file` and `key_file` should be specified, but not both. *Type*: `array` *Default*: `[]` ```yml # Examples client_certs: - cert: foo key: bar client_certs: - cert_file: ./example.pem key_file: ./example.key ``` === `tls.client_certs[].cert` A plain text certificate to use. *Type*: `string` *Default*: `""` === `tls.client_certs[].key` A plain text certificate key to use. [CAUTION] ==== This field contains sensitive information that usually shouldn't be added to a config directly, read our xref:configuration:secrets.adoc[secrets page for more info]. ==== *Type*: `string` *Default*: `""` === `tls.client_certs[].cert_file` The path of a certificate to use. *Type*: `string` *Default*: `""` === `tls.client_certs[].key_file` The path of a certificate key to use. *Type*: `string` *Default*: `""` === `tls.client_certs[].password` A plain text password for when the private key is password encrypted in PKCS#1 or PKCS#8 format. The obsolete `pbeWithMD5AndDES-CBC` algorithm is not supported for the PKCS#8 format. Because the obsolete pbeWithMD5AndDES-CBC algorithm does not authenticate the ciphertext, it is vulnerable to padding oracle attacks that can let an attacker recover the plaintext. [CAUTION] ==== This field contains sensitive information that usually shouldn't be added to a config directly, read our xref:configuration:secrets.adoc[secrets page for more info]. ==== *Type*: `string` *Default*: `""` ```yml # Examples password: foo password: ${KEY_PASSWORD} ``` === `sasl` Specify one or more methods of SASL authentication. SASL is tried in order; if the broker supports the first mechanism, all connections will use that mechanism. If the first mechanism fails, the client will pick the first supported mechanism. If the broker does not support any client mechanisms, connections will fail. *Type*: `array` ```yml # Examples sasl: - mechanism: SCRAM-SHA-512 password: bar username: foo ``` === `sasl[].mechanism` The SASL mechanism to use. *Type*: `string` |=== | Option | Summary | `AWS_MSK_IAM` | AWS IAM based authentication as specified by the 'aws-msk-iam-auth' java library. | `OAUTHBEARER` | OAuth Bearer based authentication. | `PLAIN` | Plain text authentication. | `SCRAM-SHA-256` | SCRAM based authentication as specified in RFC5802. | `SCRAM-SHA-512` | SCRAM based authentication as specified in RFC5802. | `none` | Disable sasl authentication |=== === `sasl[].username` A username to provide for PLAIN or SCRAM-* authentication. *Type*: `string` *Default*: `""` === `sasl[].password` A password to provide for PLAIN or SCRAM-* authentication. [CAUTION] ==== This field contains sensitive information that usually shouldn't be added to a config directly, read our xref:configuration:secrets.adoc[secrets page for more info]. ==== *Type*: `string` *Default*: `""` === `sasl[].token` The token to use for a single session's OAUTHBEARER authentication. *Type*: `string` *Default*: `""` === `sasl[].extensions` Key/value pairs to add to OAUTHBEARER authentication requests. *Type*: `object` === `sasl[].aws` Contains AWS specific fields for when the `mechanism` is set to `AWS_MSK_IAM`. *Type*: `object` === `sasl[].aws.region` The AWS region to target. *Type*: `string` *Default*: `""` === `sasl[].aws.endpoint` Allows you to specify a custom endpoint for the AWS API. *Type*: `string` *Default*: `""` === `sasl[].aws.credentials` Optional manual configuration of AWS credentials to use. More information can be found in xref:guides:cloud/aws.adoc[]. *Type*: `object` === `sasl[].aws.credentials.profile` A profile from `~/.aws/credentials` to use. *Type*: `string` *Default*: `""` === `sasl[].aws.credentials.id` The ID of credentials to use. *Type*: `string` *Default*: `""` === `sasl[].aws.credentials.secret` The secret for the credentials being used. [CAUTION] ==== This field contains sensitive information that usually shouldn't be added to a config directly, read our xref:configuration:secrets.adoc[secrets page for more info]. ==== *Type*: `string` *Default*: `""` === `sasl[].aws.credentials.token` The token for the credentials being used, required when using short term credentials. *Type*: `string` *Default*: `""` === `sasl[].aws.credentials.from_ec2_role` Use the credentials of a host EC2 machine configured to assume https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2.html[an IAM role associated with the instance^]. *Type*: `bool` *Default*: `false` Requires version 4.2.0 or newer === `sasl[].aws.credentials.role` A role ARN to assume. *Type*: `string` *Default*: `""` === `sasl[].aws.credentials.role_external_id` An external ID to provide when assuming a role. *Type*: `string` *Default*: `""` === `metadata_max_age` The maximum age of metadata before it is refreshed. *Type*: `string` *Default*: `"5m"` === `topics` A list of topics to consume from. Multiple comma separated topics can be listed in a single element. When a `consumer_group` is specified partitions are automatically distributed across consumers of a topic, otherwise all partitions are consumed. Alternatively, it's possible to specify explicit partitions to consume from with a colon after the topic name, e.g. `foo:0` would consume the partition 0 of the topic foo. This syntax supports ranges, e.g. `foo:0-10` would consume partitions 0 through to 10 inclusive. Finally, it's also possible to specify an explicit offset to consume from by adding another colon after the partition, e.g. `foo:0:10` would consume the partition 0 of the topic foo starting from the offset 10. If the offset is not present (or remains unspecified) then the field `start_from_oldest` determines which offset to start from. *Type*: `array` ```yml # Examples topics: - foo - bar topics: - things.* topics: - foo,bar topics: - foo:0 - bar:1 - bar:3 topics: - foo:0,bar:1,bar:3 topics: - foo:0-5 ``` === `regexp_topics` Whether listed topics should be interpreted as regular expression patterns for matching multiple topics. When topics are specified with explicit partitions this field must remain set to `false`. *Type*: `bool` *Default*: `false` === `rack_id` A rack specifies where the client is physically located and changes fetch requests to consume from the closest replica as opposed to the leader replica. *Type*: `string` *Default*: `""` === `start_from_oldest` Determines whether to consume from the oldest available offset, otherwise messages are consumed from the latest offset. The setting is applied when creating a new consumer group or the saved offset no longer exists. *Type*: `bool` *Default*: `true` === `fetch_max_bytes` Sets the maximum amount of bytes a broker will try to send during a fetch. Note that brokers may not obey this limit if it has records larger than this limit. This is the equivalent to the Java fetch.max.bytes setting. *Type*: `string` *Default*: `"50MiB"` === `fetch_min_bytes` Sets the minimum amount of bytes a broker will try to send during a fetch. This is the equivalent to the Java fetch.min.bytes setting. *Type*: `string` *Default*: `"1B"` === `fetch_max_partition_bytes` Sets the maximum amount of bytes that will be consumed for a single partition in a fetch request. Note that if a single batch is larger than this number, that batch will still be returned so the client can make progress. This is the equivalent to the Java fetch.max.partition.bytes setting. *Type*: `string` *Default*: `"1MiB"` === `consumer_group` An optional consumer group to consume as. When specified the partitions of specified topics are automatically distributed across consumers sharing a consumer group, and partition offsets are automatically committed and resumed under this name. Consumer groups are not supported when specifying explicit partitions to consume from in the `topics` field. *Type*: `string` === `commit_period` The period of time between each commit of the current partition offsets. Offsets are always committed during shutdown. *Type*: `string` *Default*: `"5s"` === `partition_buffer_bytes` A buffer size (in bytes) for each consumed partition, allowing records to be queued internally before flushing. Increasing this may improve throughput at the cost of higher memory utilisation. Note that each buffer can grow slightly beyond this value. *Type*: `string` *Default*: `"1MB"` === `auto_replay_nacks` Whether messages that are rejected (nacked) at the output level should be automatically replayed indefinitely, eventually resulting in back pressure if the cause of the rejections is persistent. If set to `false` these messages will instead be deleted. Disabling auto replays can greatly improve memory efficiency of high throughput streams as the original shape of the data can be discarded immediately upon consumption and mutation. *Type*: `bool` *Default*: `true`