Reply
New Contributor
Posts: 5
Registered: ‎08-24-2017

HBase, coprocessor and custom jaas.conf file

I'm using Cloudera v5.4.9 enterprise edition.

 

I've enabled Kerberos on HBase, Kafka and Zookeeper and it's working great.  I've created an HBase coprocessor that uses KafkaProducer to send events to a Kafka topic.  Once again I got it working but I had to add a 'KafkaClient' block in the jaas.conf file to allow the HBase coprocessor to connect to Kafka using Kerberos.

 

ie.

KafkaClient {

  com.sun.security.auth.module.Krb5LoginModule required

  useKeyTab=true

  keyTab="hbase.keytab"

  principal="hbase/<node>";

};

 

I had to manually add this on each HBase node and point HBase to use this jaas.conf file rather than use the generated one located in /var/run/cloudera/process/<HBase process directory>/jaas.conf.

 

ie. Add the following to Java Configuration Options for HBase Master and Region

-Djava.security.auth.login.config=/etc/hbase/jaasClientAndKafkaClient.conf

 

Is there a way to hook into when the jaas.conf file is generated and add this 'KafkaClient' into the jaas.conf file automatically?

 

Announcements