B.2 Kafka
B.2.1 General

OPC UA defines a generic PubSub model that can be bound to different underlying protocols. This section describes how OPC UA PubSub can be bound to Kafka, a distributed streaming platform that allows publishers and subscribers to exchange messages through topics. Kafka is widely used for data integration, stream processing, and event-driven applications.

The transport protocol binding of OPC UA to Kafka is based on the following assumptions and conventions:

  • Kafka brokers are used to manage the topics and partitions, and to store the messages.
  • Kafka producers are used to publish OPC UA NetworkMessages to Kafka topics. Topics must be created in the broker before they can be used by producers.
  • Kafka consumers are used to subscribe to Kafka topics and receive OPC UA NetworkMessages.
  • Kafka topics are configured throgh QueueNames in WriterGroups, DataSetWriters and DataSetReaders.

Broker may persist messages so they can be delivered even if the subscriber is not online.

Kafka security is applied at the transport level, using the SSL/TLS or SASL mechanisms supported by Kafka. The Kafka security configuration is independent of the OPC UA security configuration and can be used to provide an additional layer of protection.

The OPC UA PubSub transport protocol mapping for Kafka enables the integration of OPC UA PubSub with Kafka-based systems, and the use of Kafka as a reliable and scalable transport for OPC UA PubSub.

B.2.2 TransportProfileUri

The TransportProfileUri for Kafka transport protocol mapping with UADP message mapping is

http://opcfoundation.org/UA-Profile/Transport/pubsub-kafka-uadp

The TransportProfileUri for Kafka transport protocol mapping with JSON message mapping is

http://opcfoundation.org/UA-Profile/Transport/pubsub-kafka-json

B.2.3 Address

The syntax of the Kafka transporting protocol URL used in the Address parameter defined in 6.2.7.3 has the following form:

kafka://<domain name>[:<port>]

The default port is 9092. The protocol prefix above provides transport security using TLS.

B.2.4 Authentication

Authentication is performed according to the configured AuthenticationProfileUri of the PubSubConnection, DataSetWriterGroup, DataSetWriter or DataSetReader entities.

If no authentication information is provided in the form of ResourceUri and AuthenticationProfileUri, SASL Anonymous is implied.

For simple username/password authentication SASL PLAIN is used.

B.2.5 Message body
B.2.5.1 JSON message mapping

A JSON body is encoded as defined for the JSON message mapping defined in 7.2.4.6.9.

The optional Kafka header with ContentType key can be set to application/json when sending uncompressed JSON messages.

When sending a gzip (RFC 1952) compressed JSON message on Kafka the optional Kafka header with ContentType key can be set to application/json+gzip.

B.2.5.2 UADP message mapping

A UADP body is encoded as defined for the UADP message mapping defined in 7.2.3.

It is expected that the software used to receive UADP NetworkMessage can process the body without needing to know how it was transported.

When sending such message the optional Kafka header with ContentType key can be set to application/opcua+uadp.