Inquiry about XK6 Support for SASL/SSL Authentication and SSL Integration with Kafka in K6

Hello K6 community,

What steps are involved in setting up SSL integration between XK6 and Kafka? Are there any prerequisites or specific certificate/key configurations that should be taken into account?

Hey @meghanathote,

Configuring and using SASL with SSL is one of those hard tasks. I tried many different installations using Docker/docker-compose, such as this one, but I couldn’t make it work. If I could, I wouldn’t have ignored the test in the CI. Thus, I relied on cloud-based installations like Confluent, AWS MSK or the like to configure, test and provide SASL auth to the users. I actually tested the SASL/SSL integration manually using a demo account on Confluent Cloud, however it can’t be integrated in the CI, due to costs and other considerations.

Nevertheless, there are two examples in the xk6-kafka repository that shows how to configure SASL and TLS, given you already have a working Kafka instance with SASL and TLS enabled:

  1. test_sasl_auth.js: the complete example of SSL/SASL containing all the details.
  2. test_tls_with_jks.js: this example shows how to convert Java keystore (JKS) files and save the certificates in the same directory, and then referencing them in the TLS/SASL config.

You can find generated JS API docs for xk6-kafka here, and these are the specific configuration objects for TLS and SASL:

Good luck with your testing and feel free to ask specific questions.

1 Like