Kafka adds security authentication SASL/PLAIN (user password login) Practical record of Xiaobai

Others 2020-09-21 12:05:53 views: null

Program Version

scala-2.12.3.tgz comes with zookeeper  installation steps

1 Switch to the installation directory and create a new configuration file
 

cd /usr/local/kafka/kafka_2.12-2.5.0

touch kafka_server_jaas.conf
vi config/kafka_server_jaas.conf

 

Enter the content

KafkaServer {
  org.apache.kafka.common.security.plain.PlainLoginModule required
    username="admin"
    password="admin-test"
    user_admin="admin-test"
    user_producer="prod-test"
    user_consumer="cons-test";
};

The keyword KafkaServer field is defined to specify the server login configuration. By using this configuration specified by org.apache.org.apache.kafka.common.security.plain.PlainLoginModule PLAIN mechanism, user defined, the user through the
through usemame and password specified cluster agent and the user name and password other agents initiated the connection, Create the user name and password of the connection agent by using "user_" as the prefix followed by the user name. For example, user_producer="prod-test" means that the user name is producer and the password is prod-test.

2 Modify the configuration file when kafka starts, server.properties
 

vi /usr/local/kafka/kafka_2.12-2.5.0/config/server.properties


The revised content is as follows, add the following content at the end of the article:
Note: 192.168.2.122 is my current host ip, 9092 is the kafka communication port, and the other places are the same

Check whether the server.properties file already contains it, do not configure duplicate items

listeners=SASL_PLAINTEXT://192.168.2.122:9092
advertised.listeners=SASL_PLAINTEXT://192.168.2.122:9092
security.inter.broker.protocol=SASL_PLAINTEXT
sasl.enabled.mechanisms=PLAIN
sasl.mechanism.inter.broker.protocol=PLAIN
authorizer.class.name=kafka.security.auth.SimpleAclAuthorizer
allow.everyone.if.no.acl.found=true


3 Modify the startup script

vi /usr/local/kafka/kafka_2.12-2.5.0/bin/kafka-server-start.sh

Find export KAFKA_HEAP_OPTS, add jvm parameter kafka_server_jaas.conf file
 

-Djava.security.auth.login.config=/usr/local/kafka/kafka_2.12-2.5.0/kafka_server_jaas.conf

 The effect after adding is as follows:

if [ "x$KAFKA_HEAP_OPTS" = "x" ]; then
    export KAFKA_HEAP_OPTS="-Xmx1G -Xms1G -Djava.security.auth.login.config=/usr/local/software/kafka/kafka_server_jaas.conf"
fi

 

 

 

Guess you like

Origin blog.csdn.net/h4241778/article/details/108402821
Recommended
Face Wall Intelligence releases the Eurux-8x22B open source large model - it can be called the "science champion"
Kaiyuan Daily | Google supports Hongmeng to take over; open source Rabbit R1; Android phones supported by Docker; Microsoft’s anxiety and ambition; Haier Electric shuts down the open platform
Ranking
Jianzhi offer interview questions 68-II. The nearest common ancestor of a binary tree (recursive)
jQuery Mobile development 1-UI components
Summary of Kotlin function knowledge
[ZZ] The Naked Truth About Anisotropic Filtering
Diagnosis: record a recovery of abnormal CRASH storage caused the database to be unable to be opened normally
Redis introduction and Linux installation Redis
Experiment 2 Introduction to switches
glances open source command-line system monitoring tools introduced
Use of selector
vue3 handwriting a carousel picture
Daily
More
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)

Code World

© 2018 codetd.com