-
Notifications
You must be signed in to change notification settings - Fork 585
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
12 changed files
with
71 additions
and
11 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
//Rename this file to cruise_control_jaas.conf when using secured zookeepers | ||
//For detailed instructions, see /docs/wiki/User Guide/Secure-zookeeper-configuration.md | ||
|
||
//Enter appropriate Client entry for secured zookeeper client connections | ||
Client { | ||
com.sun.security.auth.module.Krb5LoginModule required | ||
useKeyTab=true | ||
keyTab="/path/to/zookeeper_client.keytab" | ||
storeKey=true | ||
useTicketCache=false | ||
principal="zookeeper_client@<REALM>"; | ||
}; | ||
|
||
//Enter appropriate KafkaClient entry if using the SASL protocol, remove if not | ||
KafkaClient { | ||
com.sun.security.auth.module.Krb5LoginModule required | ||
useKeyTab=true | ||
keyTab="/path/to/kafka_client.keytab" | ||
storeKey=true | ||
useTicketCache=false | ||
serviceName="kafka" | ||
principal="kafka_client@<REALM>"; | ||
}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
#Secure zookeeper configuration | ||
|
||
Cruise Control uses zookeeper clients for its operation. If the zookeeper is secured, the following | ||
steps are to be taken care of so that the zookeeper client authenticates successfully. | ||
|
||
* Set the config _zookeeper.security.enabled_ in "$base_dir/config/cruisecontrol.properties" to _true_. | ||
* Rename the file "$base_dir/config/cruise_control_jaas.conf_template" to "$base_dir/config/cruise_control_jaas.conf". | ||
* In the file cruise_control_jaas.conf, enter the appropriate _Client{ .. }_ entry for the zookeeper client. | ||
|
||
Cruise Control will export the "$base_dir/config/cruise_control_jaas.conf" configuration file only if it is present. | ||
Please ensure that the jaas file contains the correct entry for successful authentication. The authentication failure/success | ||
messages will appear in the Cruise Control logs on startup. | ||
|
||
NOTE: If using the SASL protocol, you could enter the _KafkaClient{ .. }_ entry here as this configuration file will be | ||
exported. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters