Changeset View
Changeset View
Standalone View
Standalone View
site-modules/profile/manifests/kafka/broker.pp
| Show First 20 Lines • Show All 127 Lines • ▼ Show 20 Lines | $kafka_tls_config = { | ||||
| 'inter.broker.listener.name' => 'INTERNAL_PLAINTEXT', | 'inter.broker.listener.name' => 'INTERNAL_PLAINTEXT', | ||||
| 'sasl.enabled.mechanisms' => join($sasl_mechanisms, ','), | 'sasl.enabled.mechanisms' => join($sasl_mechanisms, ','), | ||||
| 'super.users' => $cluster_superusers, | 'super.users' => $cluster_superusers, | ||||
| 'authorizer.class.name' => 'kafka.security.auth.SimpleAclAuthorizer', | 'authorizer.class.name' => 'kafka.security.auth.SimpleAclAuthorizer', | ||||
| } + $kafka_jaas_config | } + $kafka_jaas_config | ||||
| # TODO: remove once this file has been cleared on all hosts | # Reset the TLS listeners when the keystore gets refreshed | ||||
| $jaas_config = '/opt/kafka/config/kafka_broker_jaas.conf' | ['INTERNAL', 'EXTERNAL'].each |$tls_listener_name| { | ||||
| file {$jaas_config: | Java_ks['kafka:broker'] | ||||
| ensure => absent, | ~> exec {"kafka-reload-tls:${tls_listener_name}": | ||||
| command => ["/opt/kafka/bin/kafka-configs.sh", | |||||
| "--bootstrap-server", "${internal_hostname}:${plaintext_port}", | |||||
| "--entity-name", "${broker_id}", | |||||
| "--entity-type", "brokers", | |||||
| "--add-config", "listener.name.${tls_listener_name}.ssl.keystore.location=${ks_location}", | |||||
| "--alter"], | |||||
| refreshonly => true, | |||||
| require => Service['kafka'], | |||||
| } | |||||
| } | } | ||||
| } else { | } else { | ||||
| $kafka_tls_config = { | $kafka_tls_config = { | ||||
| 'listeners' => "PLAINTEXT://${internal_hostname}:${kafka_cluster_config['plaintext_port']}", | 'listeners' => "PLAINTEXT://${internal_hostname}:${kafka_cluster_config['plaintext_port']}", | ||||
| } | } | ||||
| } | } | ||||
| include ::profile::prometheus::jmx | include ::profile::prometheus::jmx | ||||
| ▲ Show 20 Lines • Show All 81 Lines • Show Last 20 Lines | |||||