In this article
...
Known Issues
None.
Account Settings
...
Parameter | Data Type | Description | Default Value | Example | ||
---|---|---|---|---|---|---|
Label | String | Required. Specify a unique label for the account. | N/A | Kafka Kerberos Account_89 | ||
Bootstrap Servers | Use this field set to configure the bootstrap servers. Click o add a new row in this table for configuring bootstrap servers. t This field set contains the Bootstrap Server field. | |||||
Bootstrap Server | String/Expression | Specify an ordered list of host:port pairs to use for establishing establish the initial connection to the Kafka cluster. | N/A | ec2-5455-234334-2444-5855.compute-1.amazonaws.com:90929000 | ||
Schema Registry URL | String/Expression | Specify the schema registry server URL. | N/A | http://ec2-5455-234334-2444-5888.compute-1.amazonaws.com:80818000 | ||
Advanced Kafka Properties | Use this field set to specify any additional Kafka properties that are not explicitly provided in the Snaps for connecting to the Kafka server.
This field set contains the following fields:
| |||||
Key | String/Expression | Specify the key for any Kafka parameters that are not explicitly supported by the Snaps. | N/A | max.message.size | ||
Value | String/Expression | Specify the value for the corresponding key that are not explicitly supported by the Snaps. | N/A | 5MB | ||
Security Protocol | String/Expression | Choose a security protocol that GSSAPI/Kerberos authentication supports. The available options are:
| SASL_SSL | SASL_PLAINTEXT | ||
Principal | String/Expression | Required. Specify a unique name of a user or service for authentication. | N/A | User: testuser Service: kafka/testhost.example.com. | ||
Keytab | String/Expression | Required. Specify the path of path of the Kerberos Keytab file that includes the Principals. | N/A | /etc/security/keytabs/nn.service.keytab | ||
Truststore Filepath | String/Expression | Provide the location of the Truststore file that is used to authenticate the server.
| N/A | kafka.net.ssl.truststore | ||
Truststore Password | String | Specify the password to access the Truststore file, if used. | N/A | test1234 |
Additional Information
When connecting to a Kerberos-enabled Kafka server, you must enable the User Datagram Protocol (UDP) connections to Port 88 of the Key Distribution Center (KDC) service. To do so, follow these steps:
Connect to the Snaplex node (on Windows / Linux).
Navigate to the krb5.conf file.
Edit the krb5.conf file using any text editor.
Note: Before you edit, take a backup of the current file.Navigate to the [libdefaults] section.
Add the following entry in the krb5.conf file under [libdefaults].
udp_preference_limit = 1
Save and close the krb5.conf file.
Troubleshooting
Error | Reason | Resolution |
---|---|---|
Read timed out (read timeout = 300) | The Kafka Kerberos account validation fails when you do not enable the UDP connections. | Enable UDP connections by adding the following entry in the
Refer to the Additional Information section for details. |
...
Insert excerpt | ||||||
---|---|---|---|---|---|---|
|
...