Kerberos-based Security
Scenarios
Flink Kerberos configuration items must be configured in security mode.
Configuration Description
The configuration items include keytab, principal, and cookie of Kerberos.
|
Parameter |
Description |
Default Value |
Mandatory |
|---|---|---|---|
|
security.kerberos.login.keytab |
Keytab file path. This parameter is a client parameter. |
Configure the parameter based on actual service requirements. |
Yes |
|
security.kerberos.login.principal |
A parameter on the client. If security.kerberos.login.keytab and security.kerberos.login.principal are both set, keytab certificate is used by default. |
Configure the parameter based on actual service requirements. |
No |
|
security.kerberos.login.contexts |
Contexts of the jass file generated by Flink. This parameter is a server parameter. |
Client, KafkaClient |
Yes |
|
security.enable |
Certificate enabling switch of the Flink internal module. This parameter is a client parameter. |
This parameter is configured automatically according to the cluster installation mode.
|
Yes |
|
security.cookie |
Module certificate token. This parameter is a client parameter. It must be configured and cannot be left empty when security.enable is enabled. |
Configure the parameter based on actual service requirements. |
Yes |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.
