amazon-kinesis-producer icon indicating copy to clipboard operation
amazon-kinesis-producer copied to clipboard

Published 20 hours ago verified publisher icon awslabs

No support for http proxies

Open samcday opened this issue 9 years ago • 12 comments

I can't see any mention of http proxying anywhere in the Java bindings or in the underlying C++ code.

What I've gathered from a cursory glance is that the HTTP requests to Kinesis are happening in C++. I definitely don't feel confident enough to roll up my sleeves and crank out a PR to add support for http proxies in there ;)

samcday avatar Jul 25 '15 11:07 samcday

Hi Sam,

You can try using the customEndpoint option to divert the requests to a different place.

Unfortunately there's no way to disable TLS at the moment, so this might not work with a standard HTTP proxy. You can however disable certificate checking with the verifyCertificate option.

kevincdeng avatar Aug 12 '15 00:08 kevincdeng

Using a different endpoint is a possible workaround yes, but I'll keep this ticket open as a request to support "proper" proxying through something like Squid (using CONNECT for TLS socket passthrough connections etc)

samcday avatar Aug 12 '15 08:08 samcday

With the 0.12.x version, which uses the AWS C++ SDK and Curl, proxies should work. I will need to investigate how you would pass proxy configuration to the native process. This may still require some change to the configuration for the native process.

For everyone if this is affecting you please comment, or add a reaction to assist us in prioritizing the change.

Thanks.

pfifer avatar Feb 15 '17 16:02 pfifer

Hi,

We are evaluating the usage of KPL & KCL for Kinesis stream processing. All our services access aws resources via an internal proxy. It would be great if you could update this issue about passing on proxy configuration to the native process. Right now, we see the following exceptions in the logs

2017-08-02 17:47:30,626 [kpl-daemon-0003] [trid=, url=] logLevel=ERROR com.amazonaws.services.kinesis.producer.LogInputStreamReader - [2017-08-02 17:47:30.626540] [0x00005332][0x00007f4170dfa700] [error] [AWS Log: ERROR](CurlHttpClient)Curl returned error code 56

Is it possibly related ?

x418 avatar Aug 02 '17 15:08 x418

A quick note to say that while trying to test KPL's buffering, I tried capturing the requests via a proxy and found that it infact doesn't use the proxy.

We would love to have the ability to pass in the proxy config to the native process.

KCL on the other hand, does use the proxy.

x418 avatar Oct 05 '17 08:10 x418

Still hoping this gets done sooner rather than later.

kunickiaj avatar Oct 12 '17 17:10 kunickiaj

Any news on proxy support for KPL?

Pyons avatar May 11 '18 13:05 Pyons

I really need to tell people to place reactions on the top post. GitHub's issue sorting only appears to work if the reactions are on the initial post.

Curl, which is used by the C++ SDK, does support proxies so it should be possible to add.

I don't have an ETA for this, but I'm looking into the priority of it.

pfifer avatar May 11 '18 13:05 pfifer

We fixed it in our setup with an environment variable for the socks proxy like this:

export ALL_PROXY=socks5://proxy.example.org:1080

DracoBlue avatar Oct 22 '18 19:10 DracoBlue

Any updates on the PR trying to solve it?

conilas avatar Jul 25 '19 15:07 conilas

Would the utilization of a Kinesis VPC Endpoint be a way to work around this limitation? I am currently experiencing a similar issue where I can't connect to the service endpoint via a proxy configuration.

kabennett avatar Feb 03 '20 17:02 kabennett

This can be closed with https://github.com/awslabs/amazon-kinesis-producer/pull/351?

jdcaperon avatar Sep 13 '21 07:09 jdcaperon