I'm writing this blog because some of the existing documentation is a bit confusing and I initially struggled to get the new OIC Streams Adapter configured.
There are not many things to setup for the connector, but let me explain each one in detail:
If you search around, you'll find lots of different examples of how this should look. Some use "cell-1" prefix, some show "console" prefix and others.
For The OIC Streams Adapter, this should be in the form:
streaming.us-ashburn-1.oci.oraclecloud.com:9092
where the "us-ashburn-1" is replaced with your region (e.g. us-ashburn-1,us-phoenix-1, etc). This can be found in the URL when you login to the OCI console.
The rest should be the same and the port should be 9092.
This part can be confusing. The docs often speak of an ID, but not meaning OCID. Let me try to make it clear here. It is made up of three parts:
1. Tenancy NAME. This can be found in the OCI console by clicking on your username and then Tenancy.
2. Stream User NAME. This is configured according to the documentation found here:
This is just the NAME of a user with authorization to publish or consume messages from the stream.
3. Stream Pool OCID. In this case, we don't want the name, but the actual OCID of the stream pool.
This can easily be found on the streams page, stream pool, OCID.
These there are then concatenated together to form the SASL Username:
e.g. mytenancy/streaming-user/ocid1.streampool.oc1.iad.amaaaaaa...cf54nka
This is an authorization token generated for the streams user.
Go to the specific user to be used to publish or consume messages. Click the Generate Token button.
This field can be confusing. Depending on your browser, you download the trust details in different ways. I've found that even the same browser behaves differently on Windows, MAC or Linux.
I'll show an example here, but it is unfortunate this can't be done for us.
Anyway, just go to your OCI console and click the security button from your browser:
Typically, in Chrome, it looks something like this:
When you click on the Certificate button, you'll see something like this:
Click Details, then pick the top level root certificate and then the export button. Again, different OSes and browsers work differently, but the basic idea is the same.
Save this file somewhere.
Now you have to create a jks truststore. To do this, you need to have Oracle Java installed on your computer and use the keytool found in the bin directory.
NOTE: You MUST use the Oracle Java to build the trust store. I tried using OpenJDK and it did NOT work.
Make the keystore using a command like this:
/oracle/jdk/bin/keytool -keystore us-ashburn-1.jks -alias CARoot1 -import -file TopRoot.crt
Where:
This will create the jks file that you then upload to the Streams Adapter connector configuration.
At this point you should be able to click the "test" button and verify the configuration is correct.
This adapter works well, but setting it up can be confusing. I hope this blog helps others avoid any headaches and clarifies exactly what to set in each field.
Worked for Oracle for many years through the BEA acquisition. Built many applications using Oracle technology and currently work with all things iPaaS.
Previous Post