配置 Talend Data Stewardship 以支持 Kerberized Apache Kafka - 7.1

Talend Data Fabric 安装指南 (Linux)

EnrichVersion
7.1
EnrichProdName
Talend Data Fabric
task
数据治理
EnrichPlatform
Talend Activity Monitoring Console
Talend Administration Center
Talend Artifact Repository
Talend CommandLine
Talend Data Preparation
Talend Data Stewardship
Talend DQ Portal
Talend ESB
Talend Identity and Access Management
Talend Installer
Talend JobServer
Talend Log Server
Talend MDM Server
Talend MDM Web UI
Talend Repository Manager
Talend Runtime
Talend SAP RFC Server
Talend Studio
可以设置 Talend Data Stewardship 与外部 Kerberized Apache Kafka 配合工作。

开始之前

确保您有以下资源:

  • 客户端 Kerberos 配置文件:krb5.conf
  • JAAS Kerberos 配置文件:kafka_client_jaas.conf
  • Kerberos keytab 文件:hostname.keyTab
  • JKS 信任库:krb5.truststore

过程

  1. 创建一个 <install_dir>/kafka-kerberos/ 目录并将以下文件复制到其中:
    • krb5.conf
    • kafka_client_jaas.conf
    • hostname.keyTab
    • krb5.truststore
  2. 将下面的 java 选项添加到 <install_dir>/tds/apache-tomcat/bin/setenv.sh 文件:
    -Djava.security.auth.login.config=<install_dir>/kafka-kerberos/kafka_client_jaas.conf
    -Djava.security.krb5.conf=<install_dir>/kafka-kerberos/krb5.conf
  3. 打开 <install_dir>/kafka-kerberos/kafka_client_jaas.conf 文件并检查 keyTab 属性如下:
    keyTab=<install_dir>/kafka-kerberos/hostname.keyTab
  4. 编辑 <install_dir>/tds/apache-tomcat/bin/conf/data-stewardship.properties 文件以添加或编辑以下行:
    kafka.ssl.truststore.location=<install_dir>/kafka-kerberos/krk5.truststore
    kafka.ssl.truststore.password=<your_truststore_password>
    spring.cloud.stream.kafka.binder.configuration.ssl.truststore.location=${kafka.ssl.truststore.location}
    spring.cloud.stream.kafka.binder.configuration.ssl.truststore.password=${kafka.ssl.truststore.password}
    spring.kafka.properties.ssl.truststore.location=${kafka.ssl.truststore.location}
    spring.kafka.properties.ssl.truststore.password=${kafka.ssl.truststore.password}