Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

#38291: feat: add CCache #38296

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

#38291: feat: add CCache #38296

wants to merge 1 commit into from

Conversation

sokoide
Copy link
Member

@sokoide sokoide commented Mar 3, 2025
edited
Loading

Description

  • Support Kerberos credential cache by adding use_ccache and ccache_file config parameters.

Link to tracking issue

Fixes #38291

Testing

Manually teseted by sending to a Kerberized Kafka broker with the following config.

exporters:
  kafka:
    protocol_version: 7.6.0
    topic: otelcol
    partition_traces_by_id: true
    brokers:
      - my_broker_host_name:9092
    auth:
      kerberos:
        service_name: 'myservice'
        realm: 'MY.REALM'
        # use credential cache
        use_ccache: true
        ccache_file: '/tmp/krb5cc_12345'
        username: 'foo'
        config_file: '/etc/krb5.conf'
        disable_fast_negotiation: true

Documentation

  • use_ccache (bool) : if this is true and use_keytab is false/not-specified, OTELCOL connects to the brokers using Kerberos ccache
  • ccache_file (string): path to the credential cache file

License Information

A copyright notice may be inserted here, if appropriate, as discussed in Section
5B below THIS SOFTWARE IS CONTRIBUTED SUBJECT TO THE TERMS OF THE APACHE
LICENSE, V.2.0. YOU MAY OBTAIN A COPY OF THE LICENSE AT
https://www.apache.org/licenses/LICENSE-2.0. THIS SOFTWARE IS LICENSED BY THE
COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED
WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE AND ANY WARRANTY OF
NON-INFRINGEMENT, ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
OF SUCH DAMAGE. THIS SOFTWARE MAY BE REDISTRIBUTED TO OTHERS ONLY BY
EFFECTIVELY USING THIS OR ANOTHER EQUIVALENT DISCLAIMER IN ADDITION TO ANY
OTHER REQUIRED LICENSE TERMS.

@sokoide sokoide requested review from MovieStoreGuy and a team as code owners March 3, 2025 09:25
@github-actions github-actions bot requested a review from pavolloffay March 3, 2025 09:32
MovieStoreGuy
MovieStoreGuy reviewed Mar 3, 2025
View reviewed changes
Copy link
Contributor

@MovieStoreGuy MovieStoreGuy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please also add some tests to validate this change.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MovieStoreGuy MovieStoreGuy

@pavolloffay pavolloffay

At least 1 approving review is required to merge this pull request.

Assignees

@atoulme atoulme

Labels
internal/kafka
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[exporter/kafka] Kerberos ccache support
3 participants
@sokoide @MovieStoreGuy @atoulme