[GitHub] storm pull request #2760: STORM-3123: Storm Kafka Monitor cannot connect to ...

Wed, 11 Jul 2018 17:32:14 -0700 

GitHub user VipinRathor opened a pull request:

    https://github.com/apache/storm/pull/2760

    STORM-3123: Storm Kafka Monitor cannot connect to Kafka over two-way SSL

    ### What is this PR for?
    This PR introduces a new configuration option "--consumer-config" (or "-c") 
in KafkaOffsetLagUtil to connect to Kafka Broker over two-way SSL. New option 
expects a configuration file containing security properties for Kafka.
    
    Behavior without this PR:
    When Kafka broker is running with two-way SSL (i.e. 
ssl.client.auth=required), Storm Kafka monitor would fail to connect to Kafka 
with this error:
    `Warning: no suitable certificate found - continuing without client 
authentication
    *** Certificate chain
    <Empty>
    ***`
    
    Behavior with this PR:
    KafkaOffsetLagUtil can now query offset lag for Kafka spout with 2-way SSL 
authentication
    
    ### What type of PR is it?
    [Bug Fix]
    
    ### What is the Jira issue?
    * https://issues.apache.org/jira/browse/STORM-3123
    
    ### How should this be tested?
    1. Configure Kafka Broker with 2-way SSL authentication (make sure that 
ssl.client.auth=required is set in the broker configuration)
    2. Create a topic 'testoffset' and produce some messages to it.
    3. Run KafkaOffsetLagUtil from command line:
    `/usr/jdk64/jdk1.8.0_77/bin/java -cp 
/root/storm-kafka-monitor-1.1.0.2.6.3.0-SNAPSHOT.jar 
org.apache.storm.kafka.monitor.KafkaOffsetLagUtil -t testoffset -g testgroup -b 
node2.openstacklocal:6669 --security-protocol SSL --consumer-config 
./consumer.properties`
    where the file consumer.properties contains:
    ssl.truststore.location=/tmp/kafkaCert/client.truststore.jks
    ssl.truststore.password=password
    ssl.keystore.location=/tmp/kafkaCert/client.keystore.jks
    ssl.keystore.password=password
    security.protocol=SSL
    4. KafkaOffsetLagUtil would show correct offset log from Kafka topic 
'testoffset'.

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/VipinRathor/storm STORM-3123

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/storm/pull/2760.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #2760
    
----
commit 33b948fad8e3902cb1b83ce92f94eb8c6f204acc
Author: Vipin Rathor <v.rathor@...>
Date:   2018-07-12T00:01:36Z

    STORM-3123 - add support for Kafka security config in storm-kafka-monitor

----


---

Reply via email to