Github user merrimanr commented on a diff in the pull request:
https://github.com/apache/metron/pull/826#discussion_r150549974
--- Diff:
metron-interface/metron-rest/src/main/java/org/apache/metron/rest/config/KafkaConfig.java
---
@@ -108,6 +108,9 @@ public ZkUtils zkUtils() {
producerConfig.put("key.serializer",
"org.apache.kafka.common.serialization.StringSerializer");
producerConfig.put("value.serializer",
"org.apache.kafka.common.serialization.StringSerializer");
producerConfig.put("request.required.acks", 1);
+ if
(environment.getProperty(MetronRestConstants.KERBEROS_ENABLED_SPRING_PROPERTY,
Boolean.class, false)) {
+ producerConfig.put("security.protocol", "SASL_PLAINTEXT");
--- End diff --
Is the KAFKA_SECURITY_PROTOCOL env variable guaranteed to be available on
the the host where REST is installed? Either way I don't have a problem with
making the Kafka security protocol configurable vs hard-coded. I would propose
we manage it like the other REST properties though and put it in
`metron-deployment/packaging/ambari/metron-mpack/src/main/resources/common-services/METRON/CURRENT/package/templates/metron.j2`
to ensure it's always available to REST. Would it make sense to remove the
"kerberos.enabled" spring property in this case?
---
