[
https://issues.apache.org/jira/browse/METRON-821?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15965940#comment-15965940
]
ASF GitHub Bot commented on METRON-821:
---------------------------------------
Github user nickwallen commented on a diff in the pull request:
https://github.com/apache/incubator-metron/pull/510#discussion_r111162379
--- Diff: metron-deployment/vagrant/Kerberos-setup.md ---
@@ -167,39 +167,48 @@ KafkaClient {
serviceName="kafka"
principal="[email protected]";
};
+EOF
```
18. Create a storm.yaml with jaas file info. Set the array of nimbus hosts
accordingly.
```
-[metron@node1 .storm]$ cat storm.yaml
+cat << EOF > storm.yaml
nimbus.seeds : ['node1']
java.security.auth.login.config : '/home/metron/.storm/client_jaas.conf'
storm.thrift.transport :
'org.apache.storm.security.auth.kerberos.KerberosSaslTransportPlugin'
+EOF
```
19. Create an auxiliary storm configuration json file in the metron user’s
home directory. Note the login config option in the file points to our custom
client_jaas.conf.
```
-cd /home/metron
-[metron@node1 ~]$ cat storm-config.json
+cd
+cat << EOF > storm-config.json
{
"topology.worker.childopts" :
"-Djava.security.auth.login.config=/home/metron/.storm/client_jaas.conf"
}
+EOF
```
20. Setup enrichment and indexing.
a. Modify enrichment.properties -
`${METRON_HOME}/config/enrichment.properties`
```
- kafka.security.protocol=PLAINTEXTSASL
-
topology.worker.childopts=-Djava.security.auth.login.config=/home/metron/.storm/client_jaas.conf
+ if [[ $EUID -ne 0 ]]; then
+ echo "You must be root to run these commands"
+ else
+ sed -i
's/kafka.security.protocol=.*/kafka.security.protocol=PLAINTEXTSASL/'
${METRON_HOME}/config/enrichment.properties
+ sed -i
's/topology.worker.childopts=.*/topology.worker.childopts=-Djava.security.auth.login.config=\/home\/metron\/.storm\/client_jaas.conf/'
${METRON_HOME}/config/enrichment.properties
+ fi
```
b. Modify elasticsearch.properties -
`${METRON_HOME}/config/elasticsearch.properties`
```
- kafka.security.protocol=PLAINTEXTSASL
-
topology.worker.childopts=-Djava.security.auth.login.config=/home/metron/.storm/client_jaas.conf
+ sed -i
's/kafka.security.protocol=.*/kafka.security.protocol=PLAINTEXTSASL/'
${METRON_HOME}/config/elasticsearch.properties
+ sed -i
's/topology.worker.childopts=.*/topology.worker.childopts=-Djava.security.auth.login.config=\/home\/metron\/.storm\/client_jaas.conf/'
${METRON_HOME}/config/elasticsearch.properties
+ su metron
--- End diff --
Why `su metron; cd` here? We could move them to the step that actually
needs them done (maybe the next step) or call them out as a separate step.
Their purpose is not very clear to me when we tack them onto the end of this
step.
> Minor fixes in full dev kerberos setup instructions
> ---------------------------------------------------
>
> Key: METRON-821
> URL: https://issues.apache.org/jira/browse/METRON-821
> Project: Metron
> Issue Type: Bug
> Reporter: Jon Zeolla
> Assignee: Jon Zeolla
>
> There is at least one error in metron-deployment/vagrant/Kerberos-setup.md
> and some other very minor changes for clarity/accuracy.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
