You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@ambari.apache.org by "Di Li (JIRA)" <ji...@apache.org> on 2017/06/09 17:40:18 UTC
[jira] [Created] (AMBARI-21215) kerberos.json conf calculation may
result in the whole macro be set as the property value when the macro
contains non-existing property
Di Li created AMBARI-21215:
------------------------------
Summary: kerberos.json conf calculation may result in the whole macro be set as the property value when the macro contains non-existing property
Key: AMBARI-21215
URL: https://issues.apache.org/jira/browse/AMBARI-21215
Project: Ambari
Issue Type: Bug
Components: ambari-server
Affects Versions: trunk
Reporter: Di Li
Fix For: trunk
For the following example of kafka configuration in Kafka kerberos.json, the "advertised.listeners" line will have value "${kafka-broker/advertised.listeners|replace(\\bPLAINTEXT\\b, SASL_PLAINTEXT)}" if "advertised.listeners" does not exit when enabling Kerberos. The value will be set correctly post keberos enabling if a user then adds the property and regenerate keberos keytabs.
"configurations": [
{
"kafka-broker": {
"authorizer.class.name": "kafka.security.auth.SimpleAclAuthorizer",
"principal.to.local.class":"kafka.security.auth.KerberosPrincipalToLocal",
"super.users": "user:${kafka-env/kafka_user}",
"security.inter.broker.protocol": "PLAINTEXTSASL",
"zookeeper.set.acl": "true",
"listeners": "${kafka-broker/listeners|replace(\\bPLAINTEXT\\b, PLAINTEXTSASL)}"
"advertised.listeners": "${kafka-broker/advertised.listeners|replace(\\bPLAINTEXT\\b, SASL_PLAINTEXT)}"
}
}
]
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)