This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# -*- coding: utf-8 -*-\ | |
""" | |
The MIT License (MIT) | |
Copyright (c) 2015 Zalando SE | |
Permission is hereby granted, free of charge, to any person obtaining a copy | |
of this software and associated documentation files (the "Software"), to deal | |
in the Software without restriction, including without limitation the rights |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# double check that the certificates are loaded | |
openssl s_client -debug -connect kafka-schema-registry-1.kafka-schema-registry.example.com:443 -tls1 | |
# to verify if the schema registry is responding to REST requests | |
curl -k https://kafka-schema-registry-1.kafka-schema-registry.example.com:443/subjects | |
# to verify if your public certificate matches the SSL certificate from the schema registry | |
curl --cacert cacert.pem https://kafka-schema-registry-1.kafka-schema-registry.example.com:443/subjects |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
listeners=https://0.0.0.0:443/ | |
ssl.keystore.location=/etc/kafka/secrets/yourkeystore.jks | |
ssl.keystore.password=yourkeystorepassword | |
ssl.key.password=yourkeypassword | |
# The following are optional only if you’d like to authenticate HTTPS clients | |
ssl.truststore.location=/etc/kafka/secrets/yourtruststore.jks | |
ssl.truststore.password=yourtruststorepassword |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
kafka-topics --create --topic _schemas --zookeeper zoo1:2181 \ | |
--config cleanup.policy=compact --partitions 1 --replication-factor 3 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# java properties file: | |
# SASL related properties | |
kafkastore.bootstrap.servers=SASL_SSL://kafka-1:9095/ | |
kafkastore.sasl.kerberos.service.name=kafka | |
zookeeper.set.acl=true | |
# SSL related properties | |
kafkastore.ssl.truststore.location=/etc/kafka/secrets/kafkatruststore.jks | |
kafkastore.ssl.truststore.password=kafkatruststorepassword | |
# environment variable: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Kafka Client authentication | |
KafkaClient { | |
com.sun.security.auth.module.Krb5LoginModule required | |
useKeyTab=true | |
storeKey=true | |
keyTab="/etc/kafka/keytabs/schemaregistry.keytab" | |
principal="schemaregistry@EXAMPLE.COM"; | |
}; | |
// Zookeeper client authentication |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"swagger" : "2.0", | |
"info" : { | |
"description" : "The Rest Api provides programmatic access to command and control a NiFi instance in real time. Start and \n stop processors, monitor queues, query provenance data, and more. Each endpoint below includes a description,\n definitions of the expected input and output, potential response codes, and the authorizations required\n to invoke each service.", | |
"version" : "1.0.0", | |
"title" : "NiFi Rest Api", | |
"contact" : { | |
"url" : "https://nifi.apache.org", | |
"email" : "dev@nifi.apache.org" | |
}, |
NewerOlder