Kerberos-based Security
Scenarios
Flink Kerberos configuration items must be configured in security mode.
Configuration Description
The configuration items include keytab, principal, and cookie of Kerberos.
For versions earlier than MRS 3.x, the configuration item does not contain cookie.
Parameter |
Description |
Default Value |
Mandatory |
---|---|---|---|
security.kerberos.login.keytab |
Keytab file path. This parameter is a client parameter. |
Configure the parameter based on actual service requirements. |
Yes |
security.kerberos.login.principal |
A parameter on the client. If security.kerberos.login.keytab and security.kerberos.login.principal are both set, keytab certificate is used by default. |
Configure the parameter based on actual service requirements. |
No |
security.kerberos.login.contexts |
Contexts of the jass file generated by Flink. This parameter is a server parameter. |
Client, KafkaClient |
Yes |
security.enable |
Certificate enabling switch of the Flink internal module. This parameter is a client parameter. |
This parameter is configured automatically according to the cluster installation mode.
|
Yes |
security.cookie |
Module certificate token. This parameter is a client parameter. It must be configured and cannot be left empty when security.enable is enabled. |
Configure the parameter based on actual service requirements. |
Yes |
For versions earlier than MRS 3.x, the configuration parameters do not include security.enable and security.cookie.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot