wip not working

Author: vdesabou

ccloud/fm-opensearch-sink/README.md

@@ -0,0 +1,44 @@
+# Fully Managed OpenSearch Sink connector
+
+
+
+## Objective
+
+Quickly test [OpenSearch Sink](https://docs.confluent.io/cloud/current/connectors/cc-opensearch-sink.html) connector.
+
+
+
+## Exposing docker container over internet
+
+**🚨WARNING🚨** It is considered a security risk to run this example on your personal machine since you'll be exposing a TCP port over internet using [Ngrok](https://ngrok.com). It is strongly encouraged to run it on a AWS EC2 instance where you'll use [Confluent Static Egress IP Addresses](https://docs.confluent.io/cloud/current/networking/static-egress-ip-addresses.html#use-static-egress-ip-addresses-with-ccloud) (only available for public endpoints on AWS) to allow traffic from your Confluent Cloud cluster to your EC2 instance using EC2 Security Group.
+
+Example in order to set EC2 Security Group with Confluent Static Egress IP Addresses and port 1521:
+
+```bash
+group=$(aws ec2 describe-instances --instance-id <$ec2-instance-id> --output=json | jq '.Reservations[] | .Instances[] | {SecurityGroups: .SecurityGroups}' | jq -r '.SecurityGroups[] | .GroupName')
+aws ec2 authorize-security-group-ingress --group-name $group --protocol tcp --port 1521 --cidr 13.36.88.88/32
+aws ec2 authorize-security-group-ingress --group-name $group --protocol tcp --port 1521 --cidr 13.36.88.89/32
+etc...
+```
+
+An [Ngrok](https://ngrok.com) auth token is necessary in order to expose the Docker Container port to internet, so that fully managed connector can reach it.
+
+You can sign up at https://dashboard.ngrok.com/signup
+If you have already signed up, make sure your auth token is setup by exporting environment variable `NGROK_AUTH_TOKEN`
+
+Your auth token is available on your dashboard: https://dashboard.ngrok.com/get-started/your-authtoken
+
+Ngrok web interface available at http://localhost:4551
+
+## Prerequisites
+
+See [here](https://kafka-docker-playground.io/#/how-to-use?id=%f0%9f%8c%a4%ef%b8%8f-confluent-cloud-examples)
+
+
+## How to run
+
+Simply run:
+
+```
+$ just use <playground run> command and search for fully-managed-opensearch-sink.sh in this folder
+```

ccloud/fm-opensearch-sink/docker-compose.yml

@@ -0,0 +1,96 @@
+---
+version: '3.5'
+services:
+  opensearch-node1:
+    image: opensearchproject/opensearch:latest
+    hostname: opensearch-node1
+    container_name: opensearch-node1
+    environment:
+      - cluster.name=opensearch-cluster
+      - node.name=opensearch-node1
+      - discovery.seed_hosts=opensearch-node1,opensearch-node2
+      - cluster.initial_cluster_manager_nodes=opensearch-node1,opensearch-node2
+      - bootstrap.memory_lock=true  # along with the memlock settings below, disables swapping
+      - OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m  # minimum and maximum Java heap size, recommend setting both to 50% of system RAM
+      - OPENSEARCH_INITIAL_ADMIN_PASSWORD=P@szw0rd1!    # Sets the demo admin user password when using demo configuration, required for OpenSearch 2.12 and higher
+    ulimits:
+      memlock:
+        soft: -1
+        hard: -1
+      nofile:
+        soft: 65536  # maximum number of open files for the OpenSearch user, set to at least 65536 on modern systems
+        hard: 65536
+    volumes:
+      - opensearch-data1:/usr/share/opensearch/data
+    ports:
+      - 9200:9200
+      - 9600:9600  # required for Performance Analyzer
+    # networks:
+    #   - opensearch-net
+  opensearch-node2:
+    image: opensearchproject/opensearch:latest
+    hostname: opensearch-node2
+    container_name: opensearch-node2
+    environment:
+      - cluster.name=opensearch-cluster
+      - node.name=opensearch-node2
+      - discovery.seed_hosts=opensearch-node1,opensearch-node2
+      - cluster.initial_cluster_manager_nodes=opensearch-node1,opensearch-node2
+      - bootstrap.memory_lock=true
+      - OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m
+      - OPENSEARCH_INITIAL_ADMIN_PASSWORD=P@szw0rd1!
+    ulimits:
+      memlock:
+        soft: -1
+        hard: -1
+      nofile:
+        soft: 65536
+        hard: 65536
+    volumes:
+      - opensearch-data2:/usr/share/opensearch/data
+    # networks:
+    #   - opensearch-net
+
+
+  opensearch-dashboards:
+    image: opensearchproject/opensearch-dashboards:latest
+    hostname: opensearch-dashboards
+    container_name: opensearch-dashboards
+    ports:
+      - 5601:5601
+    expose:
+      - '5601'
+    environment:
+      OPENSEARCH_HOSTS: '["https://opensearch-node1:9200","https://opensearch-node2:9200"]'
+    # networks:
+    #   - opensearch-net
+
+  # https://ngrok.com/docs/using-ngrok-with/docker/
+  ngrok:
+    image: ngrok/ngrok:latest
+    hostname: ngrok
+    container_name: ngrok
+    ports:
+      - 4040:4040
+    restart: unless-stopped
+    links:
+      - opensearch-node1
+    command:
+      - "start"
+      - "--all"
+      - "--log=stdout"
+      - "--config"
+      - "/etc/ngrok.yml"
+    volumes:
+      - ../../ccloud/fm-opensearch-sink/ngrok.yml:/etc/ngrok.yml
+    environment:
+      NGROK_AUTHTOKEN: $NGROK_AUTH_TOKEN
+    # networks:
+    #   - opensearch-net
+
+volumes:
+  opensearch-data1:
+  opensearch-data2:
+
+# networks:
+#   opensearch-net:

ccloud/fm-opensearch-sink/fully-managed-opensearch-sink.sh

@@ -0,0 +1,111 @@
+#!/bin/bash
+set -e
+
+DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )"
+source ${DIR}/../../scripts/utils.sh
+
+NGROK_AUTH_TOKEN=${NGROK_AUTH_TOKEN:-$1}
+
+display_ngrok_warning
+
+bootstrap_ccloud_environment
+
+
+
+log "Creating users topic"
+set +e
+playground topic delete --topic users
+sleep 3
+playground topic create --topic users
+set -e
+
+docker compose build
+docker compose down -v --remove-orphans
+docker compose up -d --quiet-pull
+
+sleep 5
+
+log "Waiting for ngrok to start"
+while true
+do
+  container_id=$(docker ps -q -f name=ngrok)
+  if [ -n "$container_id" ]
+  then
+    status=$(docker inspect --format '{{.State.Status}}' $container_id)
+    if [ "$status" = "running" ]; then
+      break
+    fi
+  fi
+  log "Waiting for container ngrok to start..."
+  sleep 5
+done
+log "Getting ngrok hostname and port"
+NGROK_URL=$(curl --silent http://127.0.0.1:4040/api/tunnels | jq -r '.tunnels[0].public_url')
+NGROK_HOSTNAME=$(echo $NGROK_URL | cut -d "/" -f3 | cut -d ":" -f 1)
+NGROK_PORT=$(echo $NGROK_URL | cut -d "/" -f3 | cut -d ":" -f 2)
+
+
+playground --output-level WARN container logs --container opensearch-dashboards --wait-for-log "Server running at http://0.0.0.0:5601" --max-wait 300
+log "Navigate to http://127.0.0.1:5601 (admin/P@szw0rd1!) for OpenSearch Dashboards"
+
+connector_name="OpenSearchSink_$USER"
+set +e
+playground connector delete --connector $connector_name > /dev/null 2>&1
+set -e
+
+log "Creating fully managed connector"
+playground connector create-or-update --connector $connector_name << EOF
+{
+  "connector.class": "OpenSearchSink",
+  "name": "$connector_name",
+  "kafka.auth.mode": "KAFKA_API_KEY",
+  "kafka.api.key": "$CLOUD_KEY",
+  "kafka.api.secret": "$CLOUD_SECRET",
+  "input.data.format": "AVRO",
+  "topics": "users",
+  "instance.url": "https://$NGROK_HOSTNAME:$NGROK_PORT",
+  "auth.type": "BASIC",
+  "connection.user": "admin",
+  "connection.password": "P@szw0rd1!",
+  "indexes.num": "1",
+  "index1.name" : "users_index",
+  "index1.topic": "users",
+  "request.method": "POST",
+  "opensearch.ssl.enabled": "true",
+  "retry.backoff.policy": "CONSTANT_VALUE",
+  "max.retries": "1",
+  "tasks.max" : "1"
+}
+EOF
+wait_for_ccloud_connector_up $connector_name 600
+
+log "Sending messages to topic users"
+playground topic produce -t users --nb-messages 10 --forced-value '{"f1":"value%g"}' << 'EOF'
+{
+  "type": "record",
+  "name": "myrecord",
+  "fields": [
+    {
+      "name": "f1",
+      "type": "string"
+    }
+  ]
+}
+EOF
+
+sleep 10
+
+# curl -XPUT --insecure -u 'admin:P@szw0rd1!' 'https://localhost:9200/users_index/_doc/1' -H 'Content-Type: application/json' -d '{"f1": "value1"}'
+
+# curl -XGET --insecure -u 'admin:P@szw0rd1!' 'https://4.tcp.eu.ngrok.io:14463/users_index/_search?pretty' > /tmp/result.log  2>&1
+
+log "Check that the data is available in opensearch in users_index"
+curl -XGET --insecure -u 'admin:P@szw0rd1!' 'https://localhost:9200/users_index/_search?pretty' > /tmp/result.log  2>&1
+cat /tmp/result.log
+grep "f1" /tmp/result.log | grep "value1"
+grep "f1" /tmp/result.log | grep "value10"
+
+log "Do you want to delete the fully managed connector $connector_name ?"
+check_if_continue
+
+playground connector delete --connector $connector_name

ccloud/fm-opensearch-sink/ngrok.yml

@@ -0,0 +1,5 @@
+version: 2
+tunnels:
+  opensearch-node1:
+    addr: opensearch-node1:9200
+    proto: tcp

ccloud/fm-opensearch-sink/stop.sh

@@ -0,0 +1,11 @@
+#!/bin/bash
+
+
+
+DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )"
+source ${DIR}/../../scripts/utils.sh
+
+
+docker compose down -v --remove-orphans
+
+maybe_delete_ccloud_environment