You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@ambari.apache.org by "Doroszlai, Attila (JIRA)" <ji...@apache.org> on 2017/12/01 06:26:00 UTC

[jira] [Commented] (AMBARI-22485) Allow Ambari to support non-kerberos SASL mechanisms for Kafka

    [ https://issues.apache.org/jira/browse/AMBARI-22485?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16274005#comment-16274005 ] 

Doroszlai, Attila commented on AMBARI-22485:
--------------------------------------------

Hi [~YolandaMDavis],

The [unit test that validates config XMLs is failing|https://builds.apache.org/job/Ambari-trunk-Commit/8477/testReport/junit/org.apache.ambari.server.state/ServicePropertiesTest/validatePropertySchemaOfServiceXMLs/] since this commit.

{noformat:title=KAFKA/0.10.0/configuration/kafka-broker.xml}
<on-ambari-upgrade add="upgrade"/>
{noformat}

should be:

{noformat}
<on-ambari-upgrade add="true"/>
{noformat}

> Allow Ambari to support non-kerberos SASL mechanisms for Kafka
> --------------------------------------------------------------
>
>                 Key: AMBARI-22485
>                 URL: https://issues.apache.org/jira/browse/AMBARI-22485
>             Project: Ambari
>          Issue Type: Bug
>          Components: stacks
>    Affects Versions: 2.6.0
>            Reporter: Yolanda M. Davis
>            Assignee: Yolanda M. Davis
>         Attachments: AMBARI-22485.patch, AMBARI-22485_branch-2.6.patch
>
>
> Currently AMBARI support's SASL and SSL as the security options for Kafka.
> Within SASL Ambari only supports GSSAPI(kerberos) only. Kafka supports other mechanisms such as plain, md5 etc.. This allows users to plug in their LDAP system into Kafka.
> Also another important option is SASL_SSL. 
> We need to expose necessary configs in Ambari to enable these mechanisms for users.
> Ambari should allow users to not only configure Kafka for non-kerberos based SASL mechanisms, but also ensure that jaas configuration files are written when these options are provided (as opposed to only writing those files when kerberos has been enabled)..



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)