akafazov
Reputation: 465
Konfiguring Hortonworks NiFI with kerberized Kafka
I have been trying to configure HDF 1.2.0 Nifi to work with kerberized Kafka, but to no avail. Here my zookeeper-jaas.conf:
Client {
com.sun.security.auth.module.Krb5LoginModule required
useKeyTab=true
keyTab="./conf/user.keytab"
storeKey=true
useTicketCache=false
principal="[email protected]”;
};
KafkaClient {
com.sun.security.auth.module.Krb5LoginModule required
useTicketCache=true
renewTicket=true
serviceName="kafka"
useKeyTab=true
keyTab="./conf/user.keytab"
principal="[email protected]";
};
I am getting errors when starting the PutKafka processor:
Caused by: java.io.IOException: Configuration Error:
Line 8: expected [option key]
at sun.security.provider.ConfigFile$Spi.ioException(ConfigFile.java:666) ~[na:1.8.0_66]
at sun.security.provider.ConfigFile$Spi.match(ConfigFile.java:562) ~[na:1.8.0_66]
at sun.security.provider.ConfigFile$Spi.parseLoginEntry(ConfigFile.java:477) ~[na:1.8.0_66]
at sun.security.provider.ConfigFile$Spi.readConfig(ConfigFile.java:427) ~[na:1.8.0_66]
at sun.security.provider.ConfigFile$Spi.init(ConfigFile.java:329) ~[na:1.8.0_66]
at sun.security.provider.ConfigFile$Spi.init(ConfigFile.java:227) ~[na:1.8.0_66]
at sun.security.provider.ConfigFile$Spi.access$000(ConfigFile.java:115) ~[na:1.8.0_66]
at sun.security.provider.ConfigFile$Spi$1.run(ConfigFile.java:180) ~[na:1.8.0_66]
at sun.security.provider.ConfigFile$Spi$1.run(ConfigFile.java:169) ~[na:1.8.0_66]
at java.security.AccessController.doPrivileged(Native Method) ~[na:1.8.0_66]
at sun.security.provider.ConfigFile$Spi.<init>(ConfigFile.java:169) ~[na:1.8.0_66]
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) ~[na:1.8.0_66]
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) ~[na:1.8.0_66]
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) ~[na:1.8.0_66]
at java.lang.reflect.Constructor.newInstance(Constructor.java:422) ~[na:1.8.0_66]
at java.security.Provider$Service.newInstance(Provider.java:1609) ~[na:1.8.0_66]
... 26 common frames omitted
I have added
authProvider.1=org.apache.zookeeper.server.auth.SASLAuthenticationProvider
jaasLoginRenew=3600000
requireClientAuthScheme=sasl
to the zookeeper.properties file. Also set this to bootstrap.conf
java.arg.15=-Djava.security.auth.login.config=./conf/zookeeper-jaas.conf
I have checked the zookeeper-jaas.conf many times and cannot identify the error. Any pointers will be appreciated.
Upvotes: 0
Views: 751
Answers (2)
Joe Witt
Reputation: 2172
HDF 1.2 does not support the Apache Kafka kerberos support that came out in 0.9 release. Yet.
Upvotes: 1
akafazov
Reputation: 465
Looks like it was a syntactical error in the file, not sure what exactly. By recreating the contents it works, which seems like a whitespace or some other character to be the reason for the error.
Upvotes: 0
Related Questions
- Understanding Kafka Topics and Partitions
- What determines Kafka consumer offset?
- How to configure Apache NiFi for a Kerberized Hadoop Cluster
- Difference between kafka and nifi
- Adding Apache NiFi to existing Hortonworks HDP Cluster
- How to do authentication with Kerberos in Jupyter notebook
- Inserting from Kafka to Cassandra using NIFI