Help Center/ MapReduce Service/ FAQs/ Web Page Access/ How Do I Access Kafka of the Cluster in Security Mode on Windows Using EIPs?
Updated on 2023-01-11 GMT+08:00

How Do I Access Kafka of the Cluster in Security Mode on Windows Using EIPs?

Scenario

This section describes how to bind Elastic IP addresses (EIPs) to a cluster and configure Kafka files so that sample files can be compiled locally.

Procedure

  1. Apply for an EIP for each node in the cluster and add public IP addresses and corresponding host domain names of all nodes to the Windows local hosts file. (If a host name contains uppercase letters, change them to lowercase letters.)

    1. On the VPC console, apply for EIPs (the number of EIPs you buy should be equal to the number of nodes in the cluster), click the name of each node in the MRS cluster, and bind an EIP to each node on the EIPs page.

      For details, see Virtual Private Cloud > User Guide > EIP > Assigning an EIP and Binding It to an ECS.

    2. Record the mapping between the public IP addresses and private IP addresses. Change the private IP addresses in the hosts file to the corresponding public IP addresses.

  2. Change the IP addresses in the krb5.conf file to the corresponding host names.
  3. Configure security group rules for the cluster.

    1. On the Dashboard page, choose Add Security Group Rule > Manage Security Group Rule.

    2. On the Inbound Rules tab page, click Add Rule. In the Add Inbound Rule dialog box, configure the Windows IP address and port 21007.

  4. On Manager, choose Cluster > Services > Kafka > Configurations > All Configurations, search for and add the key-value pair advertised.listeners =SASL_PLAINTEXT://:21007,SASL_SSL://:21009,TRACE://:21013 in the kafka.config.expandor parameter, save the configuration, and restart the Kafka cluster.
  5. Before running the sample code, change the Kafka connection string in the sample code to hostname1:21007, hostname2:21007, hostname3:21007, change the domain name in the code, and change the machine-machine account name and keytab file name applied by the user.

    You can log in to FusionInsight Manager, choose System > Permission > Domain and Mutual Trust, and check the value of Local Domain, which is the current system domain name.