THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
Code Block | ||||
---|---|---|---|---|
| ||||
KafkaServer { com.sun.security.auth.module.Krb5LoginModule required useKeyTab=true keyTab="/keytabs/kafka.keytab" storeKey=true useTicketCache=false serviceName="kafka" // this will be used to connect to other brokers for replica management and also controller requests. This should be set to whatever principal that kafka brokers are running. principal="kafka/_HOST@EXAMPLE.COM"; }; Client { com.sun.security.auth.module.Krb5LoginModule required useKeyTab=true keyTab="/vagrant/keytabs/stormkafka.keytab" storeKey=true useTicketCache=false serviceName="zookeeper" principal="kafka@EXAMPLE.COM"; } KafkaServer will be used to authenticate Kafka broker against kerberos and Client section will be used for zkClient to access kerberos enabled zookeeper cluster. KafkaClient { com.sun.security.auth.module.Krb5LoginModule required useKeyTab=true keyTab="/keytabs/kafkakafkaclient.keytab" storeKey=true useTicketCache=truefalse serviceName="kafka" principal="kafkaproducer/_HOST@EXAMPLE.COM"; }; The above config is for any client ( producer, consumer) connecting to kerberos enabled Kafka cluster. Here serviceName must match the principal name used under KafkaServer. |
...