Steps to use security enabled kafka

Steps to use kerberos security enabled kafka are below.

 

  1. Set Inter Broker Protocol SASL_PLAINTEXT in Cloudera manager
  2. Create a jaas.conf file with the following contents to use with cached Kerberos credentials

For kinit

KafkaClient {

com.sun.security.auth.module.Krb5LoginModule required

useTicketCache=true;

};

For keytab

 

KafkaClient {

com.sun.security.auth.module.Krb5LoginModule required

useKeyTab=true

keyTab=”/etc/security/keytabs/username.keytab”

principal=”username@realm”;

};

In the above jaas.conf file the user’s principal and keytab should be used.

3. Create the client.properties file containing the following properties.

 

security.protocol=SASL_PLAINTEXT

sasl.kerberos.service.name=kafka

4. Create and list a topic

 

kafka-topics –create –zookeeper znode1.com:2181/kafka  –replication-factor 4 –partitions 4 –topic anoop4

kafka-topics –list –zookeeper znode1.com:2181/kafka

5. Set the environment to use jaas.conf

#export KAFKA_OPTS=”-Djava.security.auth.login.config=/home/anoop/jaas.conf”

 

6. Start the producer

#kafka-console-producer –broker-list edgnode1.com:9092 –topic anoop4 –producer.config client.properties

7. Start the consumer and check the messages are received at consumer side

#kafka-console-consumer –new-consumer –topic anoop4 –from-beginning –bootstrap-server edgenode1.com:9092 –consumer.config client.properties

Advertisements

One thought on “Steps to use security enabled kafka

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s