配置 Talend Data Stewardship 以支持 Kerberized Apache Kafka - 7.1

Talend Data Management Platform 安装与升级指南 (Windows)

EnrichVersion
7.1
EnrichProdName
Talend Data Management Platform
task
数据治理
EnrichPlatform
Talend Activity Monitoring Console
Talend Administration Center
Talend Artifact Repository
Talend CommandLine
Talend Data Preparation
Talend Data Stewardship
Talend DQ Portal
Talend Identity and Access Management
Talend Installer
Talend JobServer
Talend Log Server
Talend Repository Manager
Talend Runtime
Talend SAP RFC Server
Talend Studio
可以设置 Talend Data Stewardship 与外部 Kerberized Apache Kafka 配合工作。

开始之前

确保您有以下资源:

  • 客户端 Kerberos 配置文件:krb5.conf
  • JAAS Kerberos 配置文件:kafka_client_jaas.conf
  • Kerberos 密钥表文件:hostname.keyTab
  • JKS 信任库:krb5.truststore

过程

  1. 创建一个 <install_dir>/kafka-kerberos/ 目录并将以下文件复制到其中:
    • krb5.conf
    • kafka_client_jaas.conf
    • hostname.keyTab
    • krb5.truststore
  2. 添加以下 java 选项到 <install_dir>/tds/apache-tomcat/bin/setenv.sh 文件中:
    -Djava.security.auth.login.config=<install_dir>/kafka-kerberos/kafka_client_jaas.conf
    -Djava.security.krb5.conf=<install_dir>/kafka-kerberos/krb5.conf
  3. 打开 <install_dir>/kafka-kerberos/kafka_client_jaas.conf 文件并检查 keyTab 属性是否如下所示:
    keyTab=<install_dir>/kafka-kerberos/hostname.keyTab
  4. 编辑 <install_dir>/tds/apache-tomcat/bin/conf/data-stewardship.properties 文件,以添加或编辑下列行:
    kafka.ssl.truststore.location=<install_dir>/kafka-kerberos/krk5.truststore
    kafka.ssl.truststore.password=<your_truststore_password>
    spring.cloud.stream.kafka.binder.configuration.ssl.truststore.location=${kafka.ssl.truststore.location}
    spring.cloud.stream.kafka.binder.configuration.ssl.truststore.password=${kafka.ssl.truststore.password}
    spring.kafka.properties.ssl.truststore.location=${kafka.ssl.truststore.location}
    spring.kafka.properties.ssl.truststore.password=${kafka.ssl.truststore.password}