Configuring Talend Data Stewardship to support Kerberized Apache Kafka - 7.0

Talend MDM Platform Installation Guide for Linux

EnrichVersion
7.0
EnrichProdName
Talend MDM Platform
task
Installation and Upgrade
EnrichPlatform
Talend Activity Monitoring Console
Talend Administration Center
Talend Artifact Repository
Talend CommandLine
Talend Data Preparation
Talend Data Stewardship
Talend DQ Portal
Talend ESB
Talend Identity and Access Management
Talend Installer
Talend JobServer
Talend Log Server
Talend MDM Server
Talend MDM Web UI
Talend Repository Manager
Talend Runtime
Talend SAP RFC Server
Talend Studio
You can set up Talend Data Stewardship to work with an external Kerberized Apache Kafka.

Before you begin

Make sure you have the following resources:

  • Client Kerberos configuration file: krb5.conf
  • JAAS Kerberos configuration file: kafka_client_jaas.conf
  • Kerberos keytab file: hostname.keyTab
  • JKS truststore: krb5.truststore

Procedure

  1. Create an <install_dir>/kafka-kerberos/ directory and copy the below files into it:
    • krb5.conf
    • kafka_client_jaas.conf
    • hostname.keyTab
    • krb5.truststore
  2. Add the below java options to the <install_dir>/tds/apache-tomcat/bin/setenv.sh file:
    -Djava.security.auth.login.config=<install_dir>/kafka-kerberos/kafka_client_jaas.conf
    -Djava.security.krb5.conf=<install_dir>/kafka-kerberos/krb5.conf
  3. Open the <install_dir>/kafka-kerberos/kafka_client_jaas.conf file and check that the keyTab property is as below:
    keyTab=<install_dir>/kafka-kerberos/hostname.keyTab
  4. Edit the <install_dir>/tds/apache-tomcat/bin/conf/data-stewardship.properties file to add or edit the following lines:
    kafka.ssl.truststore.location=<install_dir>/kafka-kerberos/krk5.truststore
    kafka.ssl.truststore.password=<your_truststore_password>
    spring.cloud.stream.kafka.binder.configuration.ssl.truststore.location=${kafka.ssl.truststore.location}
    spring.cloud.stream.kafka.binder.configuration.ssl.truststore.password=${kafka.ssl.truststore.password}
    spring.kafka.properties.ssl.truststore.location=${kafka.ssl.truststore.location}
    spring.kafka.properties.ssl.truststore.password=${kafka.ssl.truststore.password}