[ https://issues.apache.org/jira/browse/METRON-821?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15965940#comment-15965940 ]
ASF GitHub Bot commented on METRON-821: --------------------------------------- Github user nickwallen commented on a diff in the pull request: https://github.com/apache/incubator-metron/pull/510#discussion_r111162379 --- Diff: metron-deployment/vagrant/Kerberos-setup.md --- @@ -167,39 +167,48 @@ KafkaClient { serviceName="kafka" principal="met...@example.com"; }; +EOF ``` 18. Create a storm.yaml with jaas file info. Set the array of nimbus hosts accordingly. ``` -[metron@node1 .storm]$ cat storm.yaml +cat << EOF > storm.yaml nimbus.seeds : ['node1'] java.security.auth.login.config : '/home/metron/.storm/client_jaas.conf' storm.thrift.transport : 'org.apache.storm.security.auth.kerberos.KerberosSaslTransportPlugin' +EOF ``` 19. Create an auxiliary storm configuration json file in the metron user’s home directory. Note the login config option in the file points to our custom client_jaas.conf. ``` -cd /home/metron -[metron@node1 ~]$ cat storm-config.json +cd +cat << EOF > storm-config.json { "topology.worker.childopts" : "-Djava.security.auth.login.config=/home/metron/.storm/client_jaas.conf" } +EOF ``` 20. Setup enrichment and indexing. a. Modify enrichment.properties - `${METRON_HOME}/config/enrichment.properties` ``` - kafka.security.protocol=PLAINTEXTSASL - topology.worker.childopts=-Djava.security.auth.login.config=/home/metron/.storm/client_jaas.conf + if [[ $EUID -ne 0 ]]; then + echo "You must be root to run these commands" + else + sed -i 's/kafka.security.protocol=.*/kafka.security.protocol=PLAINTEXTSASL/' ${METRON_HOME}/config/enrichment.properties + sed -i 's/topology.worker.childopts=.*/topology.worker.childopts=-Djava.security.auth.login.config=\/home\/metron\/.storm\/client_jaas.conf/' ${METRON_HOME}/config/enrichment.properties + fi ``` b. Modify elasticsearch.properties - `${METRON_HOME}/config/elasticsearch.properties` ``` - kafka.security.protocol=PLAINTEXTSASL - topology.worker.childopts=-Djava.security.auth.login.config=/home/metron/.storm/client_jaas.conf + sed -i 's/kafka.security.protocol=.*/kafka.security.protocol=PLAINTEXTSASL/' ${METRON_HOME}/config/elasticsearch.properties + sed -i 's/topology.worker.childopts=.*/topology.worker.childopts=-Djava.security.auth.login.config=\/home\/metron\/.storm\/client_jaas.conf/' ${METRON_HOME}/config/elasticsearch.properties + su metron --- End diff -- Why `su metron; cd` here? We could move them to the step that actually needs them done (maybe the next step) or call them out as a separate step. Their purpose is not very clear to me when we tack them onto the end of this step. > Minor fixes in full dev kerberos setup instructions > --------------------------------------------------- > > Key: METRON-821 > URL: https://issues.apache.org/jira/browse/METRON-821 > Project: Metron > Issue Type: Bug > Reporter: Jon Zeolla > Assignee: Jon Zeolla > > There is at least one error in metron-deployment/vagrant/Kerberos-setup.md > and some other very minor changes for clarity/accuracy. -- This message was sent by Atlassian JIRA (v6.3.15#6346)