To validate a certificate agains a certificate authority you just have to run
openssl verify -trusted ca_root.pem -untrusted intermediate_ca.pem certificate.pem
You'll see a 'OK' message at the end of the output
Enable memberOf attribute on an openldap server.
Source: https://www.brianshowalter.com/blog/installing-configuring-openldap
Since many deployments may start out with 3 nodes and so little is known about how to grow a cluster from 3 memebrs to 5 members without losing the existing Quorum, here is an example of how this might be achieved.
In this example, all 5 nodes will be running on the same Vagrant host for the purpose of illustration, running on distinct configurations (ports and data directories) without the actual load of clients.
YMMV. Caveat usufructuarius.
# Kernel sysctl configuration file for Red Hat Linux | |
# | |
# For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and | |
# sysctl.conf(5) for more details. | |
# Turn on execshield | |
# 0 completely disables ExecShield and Address Space Layout Randomization | |
# 1 enables them ONLY if the application bits for these protections are set to “enable” | |
# 2 enables them by default, except if the application bits are set to “disable” | |
# 3 enables them always, whatever the application bits |
bin/kafka-topics.sh --zookeeper localhost:2181 --list
bin/kafka-topics.sh --zookeeper localhost:2181 --alter --topic mytopic --config retention.ms=1000
... wait a minute ...
bin/kafka-topics.sh --zookeeper localhost:2181 --alter --topic mytopic --delete-config retention.ms
Kafka 0.11.0.0 (Confluent 3.3.0) added support to manipulate offsets for a consumer group via cli kafka-consumer-groups
command.
kafka-consumer-groups --bootstrap-server <kafkahost:port> --group <group_id> --describe
Note the values under "CURRENT-OFFSET" and "LOG-END-OFFSET". "CURRENT-OFFSET" is the offset where this consumer group is currently at in each of the partitions.
CREATE STREAM sensor_events_json (sensor_id VARCHAR, temperature INTEGER, ...) | |
WITH (KAFKA_TOPIC='events-topic', VALUE_FORMAT='JSON'); | |
CREATE STREAM sensor_events_avro WITH (VALUE_FORMAT='AVRO') AS SELECT * FROM sensor_events_json; | |
Just run this from your Mac terminal and it'll drop you in a container with full permissions on the Docker VM. This also works for Docker for Windows for getting in Moby Linux VM (doesn't work for Windows Containers).
docker run -it --rm --privileged --pid=host justincormack/nsenter1
more info: https://github.com/justincormack/nsenter1