Kafka安全认证-SASL

Zookeeper开启认证

  • 新建zk_server_jaas.conf文件到zookeeper安装目录conf
Server {
    org.apache.zookeeper.server.auth.DigestLoginModule required
    username=admin 
    password=admin 
    user_kafka=admin 
    user_producer=admin;
};
QuorumServer {
       org.apache.zookeeper.server.auth.DigestLoginModule required
       user_zookeeper="zookeeper@password";
};
QuorumLearner {
       org.apache.zookeeper.server.auth.DigestLoginModule required
       username="zookeeper"
       password="zookeeper@password";
};
  • 在zookeeper安装目录conf下新建zoo.cfg文件如下
# The number of milliseconds of each tick
tickTime=2000
# The number of ticks that the initial 
# synchronization phase can take
initLimit=10
# The number of ticks that can pass between 
# sending a request and getting an acknowledgement
syncLimit=5
# the directory where the snapshot is stored.
# do not use /tmp for storage, /tmp here is just 
# example sakes.
dataDir=/usr/zookeeper-3.4.6/zkdata
# the port at which the clients will connect
clientPort=2181
# the maximum number of client connections.
# increase this if you need to handle more clients
#maxClientCnxns=60
#
# Be sure to read the maintenance section of the 
# administrator guide before turning on autopurge.
#
# http://zookeeper.apache.org/doc/current/zookeeperAdmin.html#sc_maintenance
#
# The number of snapshots to retain in dataDir
#autopurge.snapRetainCount=3
# Purge task interval in hours
# Set to "0" to disable auto purge feature
#autopurge.purgeInterval=1

authProvider.1=org.apache.zookeeper.server.auth.SASLAuthenticationProvider
requireClientAuthScheme=sasl
jaasLoginRenew=3600000
quorum.auth.enableSasl=true 
quorum.auth.learnerRequireSasl=true 
quorum.auth.serverRequireSasl=true 
quorum.auth.learner.loginContext=

你可能感兴趣的:(Kafka流处理平台,kafka,安全,java-zookeeper)