1.配置jaas.conf
Client {
com.sun.security.auth.module.Krb5LoginModule required
useKeyTab=true
debug=false
storeKey=true
keyTab="/opt/conf/kafka_admin.keytab"
principal="kafka_admin@HADOOP.COM";
};
KafkaClient {
com.sun.security.auth.module.Krb5LoginModule required
useKeyTab=true
storeKey=true
debug=false
useTicketCache=true
keyTab="/opt/conf/kafka_admin.keytab"
principal="kafka_admin@HADOOP.COM";
};
2.复制集群的krb5.conf文件到etc下,执行
export KAFKA_OPTS="-Djava.security.auth.login.config=/home/deploy/jaas.conf -Djava.security.krb5.conf=/etc/krb5.conf"
3.python测试代码
#!/usr/bin/env python3
# coding=utf-8
import time
from kafka import KafkaProducer
from kafka import KafkaConsumer
def kafka_python_producer_main():
producer = KafkaProducer(bootstrap_servers='fi-176:21007,fi-177:21007,fi-178:21007',
security_protocol='SASL_PLAINTEXT',
sasl_mechanism='GSSAPI',
ssl_certfile=r'/opt/conf/kafka_admin.keytab',
sasl_kerberos_service_name='kafka',
sasl_kerberos_domain_name='hadoop.hadoop.com',
sasl_plain_username='kafkaclient')
print ("connect succ....")
producer.send('Topic-demo1', 'kafka python test'.encode('utf-8'))
producer.flush()
producer.close()
print('done')
def kafka_python_consumer_main():
consumer = KafkaConsumer('Topic-demo',
bootstrap_servers='fi-178:21007,fi-177:21007,fi-176:21007',
group_id='kafka-test-20191014',
auto_offset_reset='earliest',
security_protocol='SASL_PLAINTEXT',
ssl_certfile=r'/opt/conf/kafka_admin.keytab',
sasl_mechanism='GSSAPI',
sasl_kerberos_service_name='kafka',
sasl_kerberos_domain_name='hadoop.hadoop.com',
sasl_plain_username='kafkaclient')
for msg in consumer:
print("begin.....")
print(msg.value)
print(msg.partition)
if __name__ == '__main__':
kafka_python_producer_main()
time.sleep(1)
kafka_python_consumer_main()