GitHub user VipinRathor opened a pull request: https://github.com/apache/storm/pull/2760
STORM-3123: Storm Kafka Monitor cannot connect to Kafka over two-way SSL ### What is this PR for? This PR introduces a new configuration option "--consumer-config" (or "-c") in KafkaOffsetLagUtil to connect to Kafka Broker over two-way SSL. New option expects a configuration file containing security properties for Kafka. Behavior without this PR: When Kafka broker is running with two-way SSL (i.e. ssl.client.auth=required), Storm Kafka monitor would fail to connect to Kafka with this error: `Warning: no suitable certificate found - continuing without client authentication *** Certificate chain <Empty> ***` Behavior with this PR: KafkaOffsetLagUtil can now query offset lag for Kafka spout with 2-way SSL authentication ### What type of PR is it? [Bug Fix] ### What is the Jira issue? * https://issues.apache.org/jira/browse/STORM-3123 ### How should this be tested? 1. Configure Kafka Broker with 2-way SSL authentication (make sure that ssl.client.auth=required is set in the broker configuration) 2. Create a topic 'testoffset' and produce some messages to it. 3. Run KafkaOffsetLagUtil from command line: `/usr/jdk64/jdk1.8.0_77/bin/java -cp /root/storm-kafka-monitor-1.1.0.2.6.3.0-SNAPSHOT.jar org.apache.storm.kafka.monitor.KafkaOffsetLagUtil -t testoffset -g testgroup -b node2.openstacklocal:6669 --security-protocol SSL --consumer-config ./consumer.properties` where the file consumer.properties contains: ssl.truststore.location=/tmp/kafkaCert/client.truststore.jks ssl.truststore.password=password ssl.keystore.location=/tmp/kafkaCert/client.keystore.jks ssl.keystore.password=password security.protocol=SSL 4. KafkaOffsetLagUtil would show correct offset log from Kafka topic 'testoffset'. You can merge this pull request into a Git repository by running: $ git pull https://github.com/VipinRathor/storm STORM-3123 Alternatively you can review and apply these changes as the patch at: https://github.com/apache/storm/pull/2760.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #2760 ---- commit 33b948fad8e3902cb1b83ce92f94eb8c6f204acc Author: Vipin Rathor <v.rathor@...> Date: 2018-07-12T00:01:36Z STORM-3123 - add support for Kafka security config in storm-kafka-monitor ---- ---