Skip to main content Skip to complementary content

Configuring Talend Dictionary Service to support Kerberized Apache Kafka

You can set up Talend Dictionary Service to work with an external Kerberized Apache Kafka.

Before you begin

Make sure you have the following resources:

  • Client Kerberos configuration file: krb5.conf
  • JAAS Kerberos configuration file: kafka_client_jaas.conf
  • Kerberos keytab file: hostname.keyTab
  • JKS truststore: krb5.truststore

Procedure

  1. Create an <install_dir>/kafka-kerberos/ directory and copy the below files into it:
    • krb5.conf
    • kafka_client_jaas.conf
    • hostname.keyTab
    • krb5.truststore
  2. Add the below java options to the <install_dir>/dq_dict/apache-tomcat/bin/setenv.sh file:
    -Djava.security.auth.login.config=<install_dir>/kafka-kerberos/kafka_client_jaas.conf
    -Djava.security.krb5.conf=<install_dir>/kafka-kerberos/krb5.conf
  3. Open the <install_dir>/kafka-kerberos/kafka_client_jaas.conf file and check that the keyTab property is as below:
    keyTab=<install_dir>/kafka-kerberos/hostname.keyTab
  4. Edit the <install_dir>/dq_dict/apache-tomcat/bin/conf/data-quality.properties file to add or edit the following lines:
    kafka.ssl.truststore.location=<install_dir>/kafka-kerberos/krk5.truststore
    kafka.ssl.truststore.password=<your_truststore_password>
    spring.cloud.stream.kafka.binder.configuration.ssl.truststore.location=${kafka.ssl.truststore.location}
    spring.cloud.stream.kafka.binder.configuration.ssl.truststore.password=${kafka.ssl.truststore.password}
    spring.kafka.properties.ssl.truststore.location=${kafka.ssl.truststore.location}
    spring.kafka.properties.ssl.truststore.password=${kafka.ssl.truststore.password}

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – please let us know!