Reputation: 121
Flink Kafka Connector SSL Support
We have a secured Kafka cluster in our production environment (using TLS encryption, certificate based client authentication and ACL's). I am trying to figure out how to configure the Flink Kafka connector with the appropriate settings so it can connect securely to our Kafka cluster. Is this possible with Flink? Do i have to pass the security configuration stuff via the properties?
Our Flink cluster is running on Kubernetes (1.14.2) and using the latest Flink stable release (v1.8) with the integrated kafka connector.
Upvotes: 2
Views: 2086
Answers (1)
Reputation: 121
After some fiddling with the docs I have got it working by myself. I am now providing the required Java keystores at deployment time when running helm (We deploy the whole Flink stuff through helm charts). The keystores will be base64 encoded and saved as a Kubernetes secret. The taskmanager pods mount the secret at the given location.
I can now pass the location of the keystore / truststore and their passwords on the command-line as params when running the Flink job. These params are finally used to configure the Kafka client via properties.
Upvotes: 1
Related Questions
- How to provide KafkaSource SSL files to Flink worker nodes
- Flink kafka connector and flink version
- Testing Flink-Kafka integration
- Flink with Kafka connection
- Flink Kafka Connector runtime error
- Apache Flink 1.3.2 connectivity issue with Kafka 1.1.0
- Apache Flink 1.4 with Apache Kafka 1.0.0
- Flink with Kafka as a source
- How to use Flink with Kafka 0.10.1.0?
- Apache Flink Kafka Itegration