更新时间:2025-06-19 GMT+08:00

修改Kafka的接入方式

功能介绍

修改Kafka的内网或者公网接入方式。

调用方法

请参见如何调用API

URI

POST /v2/{project_id}/{engine}/instances/{instance_id}/plain-ssl-switch

表1 路径参数

参数

是否必选

参数类型

描述

project_id

String

项目ID,获取方式请参见获取项目ID

engine

String

消息引擎。

instance_id

String

实例ID。

请求参数

表2 请求Body参数

参数

是否必选

参数类型

描述

protocol

String

需要开启或者关闭的接入方式。

enable

Boolean

  • true:开启指定的接入方式。

  • false:关闭指定的接入方式。

user_name

String

首次开启SASL时,需要输入用户名。实例创建后,关闭SASL并不会删除已经创建的用户,再次开启SASL时无需传入用户名,传入的用户名将无效。

pass_word

String

首次开启SASL时,需要输入用户名的密码。

sasl_enabled_mechanisms

Array of strings

开启SASL后使用的认证机制。仅在第一次开启SASL时传入生效。生效后再次传入无效。

  • PLAIN:简单的用户名密码校验。

  • SCRAM-SHA-512:用户凭证校验,安全性比PLAIN机制更高。

响应参数

状态码:200

表3 响应Body参数

参数

参数类型

描述

job_id

String

后台任务id。

protocol

String

开启或者关闭的Kafka接入方式。

enable

Boolean

开启动作或者关闭动作。

请求示例

实例第一次开启内网SASL_SSL,需要传入用户名及密码。

POST https://{endpoint}/v2/{project_id}/{engine}/instances/{instance_id}/plain-ssl-switch

{
  "protocol" : "private_sasl_ssl_enable",
  "enable" : true,
  "user_name" : "root",
  "pass_word" : "password",
  "sasl_enabled_mechanisms" : [ "SCRAM-SHA-512", "PLAIN" ]
}

响应示例

状态码:200

提交修改Kafka接入方式成功。

{
  "job_id" : "ff8080828bdc0f64018bdcadfd8f00d7",
  "protocol" : "private_plain_enable",
  "enable" : true
}

SDK代码示例

SDK代码示例如下。

实例第一次开启内网SASL_SSL,需要传入用户名及密码。

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
package com.huaweicloud.sdk.test;

import com.huaweicloud.sdk.core.auth.ICredential;
import com.huaweicloud.sdk.core.auth.BasicCredentials;
import com.huaweicloud.sdk.core.exception.ConnectionException;
import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
import com.huaweicloud.sdk.core.exception.ServiceResponseException;
import com.huaweicloud.sdk.kafka.v2.region.KafkaRegion;
import com.huaweicloud.sdk.kafka.v2.*;
import com.huaweicloud.sdk.kafka.v2.model.*;

import java.util.List;
import java.util.ArrayList;

public class UpdateKafkaPortProtocolSolution {

    public static void main(String[] args) {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        String ak = System.getenv("CLOUD_SDK_AK");
        String sk = System.getenv("CLOUD_SDK_SK");
        String projectId = "{project_id}";

        ICredential auth = new BasicCredentials()
                .withProjectId(projectId)
                .withAk(ak)
                .withSk(sk);

        KafkaClient client = KafkaClient.newBuilder()
                .withCredential(auth)
                .withRegion(KafkaRegion.valueOf("<YOUR REGION>"))
                .build();
        UpdateKafkaPortProtocolRequest request = new UpdateKafkaPortProtocolRequest();
        request.withEngine(UpdateKafkaPortProtocolRequest.EngineEnum.fromValue("{engine}"));
        request.withInstanceId("{instance_id}");
        PlainSslEnableRequest body = new PlainSslEnableRequest();
        List<PlainSslEnableRequest.SaslEnabledMechanismsEnum> listbodySaslEnabledMechanisms = new ArrayList<>();
        listbodySaslEnabledMechanisms.add(PlainSslEnableRequest.SaslEnabledMechanismsEnum.fromValue("SCRAM-SHA-512"));
        listbodySaslEnabledMechanisms.add(PlainSslEnableRequest.SaslEnabledMechanismsEnum.fromValue("PLAIN"));
        body.withSaslEnabledMechanisms(listbodySaslEnabledMechanisms);
        body.withPassWord("password");
        body.withUserName("root");
        body.withEnable(true);
        body.withProtocol(PlainSslEnableRequest.ProtocolEnum.fromValue("private_sasl_ssl_enable"));
        request.withBody(body);
        try {
            UpdateKafkaPortProtocolResponse response = client.updateKafkaPortProtocol(request);
            System.out.println(response.toString());
        } catch (ConnectionException e) {
            e.printStackTrace();
        } catch (RequestTimeoutException e) {
            e.printStackTrace();
        } catch (ServiceResponseException e) {
            e.printStackTrace();
            System.out.println(e.getHttpStatusCode());
            System.out.println(e.getRequestId());
            System.out.println(e.getErrorCode());
            System.out.println(e.getErrorMsg());
        }
    }
}

实例第一次开启内网SASL_SSL,需要传入用户名及密码。

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
# coding: utf-8

import os
from huaweicloudsdkcore.auth.credentials import BasicCredentials
from huaweicloudsdkkafka.v2.region.kafka_region import KafkaRegion
from huaweicloudsdkcore.exceptions import exceptions
from huaweicloudsdkkafka.v2 import *

if __name__ == "__main__":
    # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak = os.environ["CLOUD_SDK_AK"]
    sk = os.environ["CLOUD_SDK_SK"]
    projectId = "{project_id}"

    credentials = BasicCredentials(ak, sk, projectId)

    client = KafkaClient.new_builder() \
        .with_credentials(credentials) \
        .with_region(KafkaRegion.value_of("<YOUR REGION>")) \
        .build()

    try:
        request = UpdateKafkaPortProtocolRequest()
        request.engine = "{engine}"
        request.instance_id = "{instance_id}"
        listSaslEnabledMechanismsbody = [
            "SCRAM-SHA-512",
            "PLAIN"
        ]
        request.body = PlainSslEnableRequest(
            sasl_enabled_mechanisms=listSaslEnabledMechanismsbody,
            pass_word="password",
            user_name="root",
            enable=True,
            protocol="private_sasl_ssl_enable"
        )
        response = client.update_kafka_port_protocol(request)
        print(response)
    except exceptions.ClientRequestException as e:
        print(e.status_code)
        print(e.request_id)
        print(e.error_code)
        print(e.error_msg)

实例第一次开启内网SASL_SSL,需要传入用户名及密码。

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
    kafka "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/kafka/v2"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/kafka/v2/model"
    region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/kafka/v2/region"
)

func main() {
    // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak := os.Getenv("CLOUD_SDK_AK")
    sk := os.Getenv("CLOUD_SDK_SK")
    projectId := "{project_id}"

    auth := basic.NewCredentialsBuilder().
        WithAk(ak).
        WithSk(sk).
        WithProjectId(projectId).
        Build()

    client := kafka.NewKafkaClient(
        kafka.KafkaClientBuilder().
            WithRegion(region.ValueOf("<YOUR REGION>")).
            WithCredential(auth).
            Build())

    request := &model.UpdateKafkaPortProtocolRequest{}
	request.Engine = model.GetUpdateKafkaPortProtocolRequestEngineEnum().ENGINE
	request.InstanceId = "{instance_id}"
	var listSaslEnabledMechanismsbody = []model.PlainSslEnableRequestSaslEnabledMechanisms{
        model.GetPlainSslEnableRequestSaslEnabledMechanismsEnum().SCRAM_SHA_512,
	    model.GetPlainSslEnableRequestSaslEnabledMechanismsEnum().PLAIN,
    }
	passWordPlainSslEnableRequest:= "password"
	userNamePlainSslEnableRequest:= "root"
	enablePlainSslEnableRequest:= true
	protocolPlainSslEnableRequest:= model.GetPlainSslEnableRequestProtocolEnum().PRIVATE_SASL_SSL_ENABLE
	request.Body = &model.PlainSslEnableRequest{
		SaslEnabledMechanisms: &listSaslEnabledMechanismsbody,
		PassWord: &passWordPlainSslEnableRequest,
		UserName: &userNamePlainSslEnableRequest,
		Enable: &enablePlainSslEnableRequest,
		Protocol: &protocolPlainSslEnableRequest,
	}
	response, err := client.UpdateKafkaPortProtocol(request)
	if err == nil {
        fmt.Printf("%+v\n", response)
    } else {
        fmt.Println(err)
    }
}

更多编程语言的SDK代码示例,请参见API Explorer的代码示例页签,可生成自动对应的SDK代码示例。

状态码

状态码

描述

200

提交修改Kafka接入方式成功。

错误码

请参见错误码