Hello K6 community,
What steps are involved in setting up SSL integration between XK6 and Kafka? Are there any prerequisites or specific certificate/key configurations that should be taken into account?
Hey @meghanathote,
Configuring and using SASL with SSL is one of those hard tasks. I tried many different installations using Docker/docker-compose, such as this one, but I couldn’t make it work. If I could, I wouldn’t have ignored the test in the CI. Thus, I relied on cloud-based installations like Confluent, AWS MSK or the like to configure, test and provide SASL auth to the users. I actually tested the SASL/SSL integration manually using a demo account on Confluent Cloud, however it can’t be integrated in the CI, due to costs and other considerations.
Nevertheless, there are two examples in the xk6-kafka repository that shows how to configure SASL and TLS, given you already have a working Kafka instance with SASL and TLS enabled:
test_sasl_auth.js: the complete example of SSL/SASL containing all the details.test_tls_with_jks.js: this example shows how to convert Java keystore (JKS) files and save the certificates in the same directory, and then referencing them in the TLS/SASL config.
You can find generated JS API docs for xk6-kafka here, and these are the specific configuration objects for TLS and SASL:
Good luck with your testing and feel free to ask specific questions.
1 Like