Configuring Talend Dictionary Service

Talend Big Data Platform Installation Guide for Windows

EnrichVersion
6.4
EnrichProdName
Talend Big Data Platform
task
Installation and Upgrade
EnrichPlatform
Talend Administration Center
Talend Studio
Talend SAP RFC Server
Talend Data Preparation
Talend Artifact Repository
Talend Project Audit
Talend Runtime
Talend DQ Portal
Talend Log Server
Talend Data Stewardship
Talend Installer
Talend JobServer
Talend CommandLine
Talend Activity Monitoring Console
Talend Repository Manager

This section contains information on how to secure connections for Talend Dictionary Service and how to configure the application logs.

Securing connections for Talend Dictionary Service

To secure connections between Talend Dictionary Service, the MongoDB server and Apache Kafka, proceed as follows:

  1. Open the <Tomcat>/conf/server.xml file.

  2. Comment the non-SSL part:

    <!-- <Connector port="8187" protocol="HTTP/1.1"
           connectionTimeout="20000"
           redirectPort="8550" /> -->
  3. Uncomment the following lines:

    <!-- <Connector port="8550"
    protocol="org.apache.coyote.http11.Http11NioProtocol"
    maxThreads="150"
    SSLEnabled="true"
    scheme="https"
    secure="true"
    clientAuth="false"
    sslProtocol="TLS"/> -->
    
  4. Add the following lines:

    keystoreFile="<certificate_path>/server.keystore.jks" 
    keystorePass="<certificate_password>"
    
  5. Open the <Tomcat>/conf/data-quality.properties file.

  6. To secure connections with MongoDB, edit the following lines:

    dq.mongo.ssl=true
    dq.mongo.ssl.trust-store=<path_to_truststore>
    dq.mongo.ssl.trust-store-password=<truststore_password>
  7. To secure connections with Kafka using communication encryption only, edit the following lines:

    spring.cloud.stream.kafka.binder.configuration.security.protocol=SSL
    spring.cloud.stream.kafka.binder.configuration.ssl.truststore.location=<path_to_truststore>
    spring.cloud.stream.kafka.binder.configuration.ssl.truststore.password=<truststore_password>
  8. To secure connections with Kafka using authentication, edit the following lines:

    spring.cloud.stream.kafka.binder.configuration.ssl.keystore.location=<path_to_keystore>
    spring.cloud.stream.kafka.binder.configuration.ssl.keystore.password=<keystore_password>
    spring.cloud.stream.kafka.binder.configuration.ssl.key.password=<key_password>
  9. To secure connections with Talend Identity and Access Management, change the below URLs from http to https:

    oidc.url=https://<iam_url:port>/oidc
    scim.url=https://<iam_url:port>/scim

    Note that the communication encryption parameters must also be defined to use authentication.

Talend Dictionary Service only supports the Java Key Store (.jks) format to store keys and certificates.

To enable HTTPS support on Tomcat, see https://tomcat.apache.org/tomcat-8.0-doc/ssl-howto.html.

To enable SSL support on MongoDB, see https://docs.mongodb.com/v3.0/tutorial/configure-ssl/.

To enable SSL support on Kafka, see http://kafka.apache.org/documentation.html#security_ssl.

To enable SSL support on Talend Identity and Access Management, see Securing connections for Talend Identity and Access Management.

Configuring logs for Talend Dictionary Service

Talend Dictionary Service logs allows you to analyze and debug the activity of Talend Dictionary Service.

Talend Dictionary Service logs are located in <Dictionary_Service_Path>/apache-tomcat/logs/.

To configure the information level of your log files, proceed as follows:

  1. Open the <Dictionary_Service_Path>/apache-tomcat/conf/data-quality.properties file.

  2. Edit the value of the logging.level.org.talend field. For more information on log4j log levels, see http://logging.apache.org/log4j/1.2/apidocs/org/apache/log4j/Level.html.