Di Li created AMBARI-21215:
------------------------------
Summary: kerberos.json conf calculation may result in the whole
macro be set as the property value when the macro contains non-existing property
Key: AMBARI-21215
URL: https://issues.apache.org/jira/browse/AMBARI-21215
Project: Ambari
Issue Type: Bug
Components: ambari-server
Affects Versions: trunk
Reporter: Di Li
Fix For: trunk
For the following example of kafka configuration in Kafka kerberos.json, the
"advertised.listeners" line will have value
"${kafka-broker/advertised.listeners|replace(\\bPLAINTEXT\\b, SASL_PLAINTEXT)}"
if "advertised.listeners" does not exit when enabling Kerberos. The value will
be set correctly post keberos enabling if a user then adds the property and
regenerate keberos keytabs.
"configurations": [
{
"kafka-broker": {
"authorizer.class.name":
"kafka.security.auth.SimpleAclAuthorizer",
"principal.to.local.class":"kafka.security.auth.KerberosPrincipalToLocal",
"super.users": "user:${kafka-env/kafka_user}",
"security.inter.broker.protocol": "PLAINTEXTSASL",
"zookeeper.set.acl": "true",
"listeners": "${kafka-broker/listeners|replace(\\bPLAINTEXT\\b,
PLAINTEXTSASL)}"
"advertised.listeners":
"${kafka-broker/advertised.listeners|replace(\\bPLAINTEXT\\b, SASL_PLAINTEXT)}"
}
}
]
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
