Cloudera Community

Welcome to the Cloudera Community

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Announcements
Celebrating as our community reaches 100,000 members! Thank you!

Who agreed with this topic

HBase, coprocessor and custom jaas.conf file

avatar
author-rank RichardK1967
Explorer

Created ‎08-24-2017 05:09 AM

I'm using Cloudera v5.4.9 enterprise edition.

 

I've enabled Kerberos on HBase, Kafka and Zookeeper and it's working great.  I've created an HBase coprocessor that uses KafkaProducer to send events to a Kafka topic.  Once again I got it working but I had to add a 'KafkaClient' block in the jaas.conf file to allow the HBase coprocessor to connect to Kafka using Kerberos.

 

ie.

KafkaClient {

  com.sun.security.auth.module.Krb5LoginModule required

  useKeyTab=true

  keyTab="hbase.keytab"

  principal="hbase/<node>";

};

 

I had to manually add this on each HBase node and point HBase to use this jaas.conf file rather than use the generated one located in /var/run/cloudera/process/<HBase process directory>/jaas.conf.

 

ie. Add the following to Java Configuration Options for HBase Master and Region

-Djava.security.auth.login.config=/etc/hbase/jaasClientAndKafkaClient.conf

 

Is there a way to hook into when the jaas.conf file is generated and add this 'KafkaClient' into the jaas.conf file automatically?

 

1,023
1
Who agreed with this topic