Changeset View
Changeset View
Standalone View
Standalone View
site-modules/profile/manifests/kafka/broker.pp
Show First 20 Lines • Show All 127 Lines • ▼ Show 20 Lines | $kafka_tls_config = { | ||||
'inter.broker.listener.name' => 'INTERNAL_PLAINTEXT', | 'inter.broker.listener.name' => 'INTERNAL_PLAINTEXT', | ||||
'sasl.enabled.mechanisms' => join($sasl_mechanisms, ','), | 'sasl.enabled.mechanisms' => join($sasl_mechanisms, ','), | ||||
'super.users' => $cluster_superusers, | 'super.users' => $cluster_superusers, | ||||
'authorizer.class.name' => 'kafka.security.auth.SimpleAclAuthorizer', | 'authorizer.class.name' => 'kafka.security.auth.SimpleAclAuthorizer', | ||||
} + $kafka_jaas_config | } + $kafka_jaas_config | ||||
# TODO: remove once this file has been cleared on all hosts | # Reset the TLS listeners when the keystore gets refreshed | ||||
$jaas_config = '/opt/kafka/config/kafka_broker_jaas.conf' | ['INTERNAL', 'EXTERNAL'].each |$tls_listener_name| { | ||||
file {$jaas_config: | Java_ks['kafka:broker'] | ||||
ensure => absent, | ~> exec {"kafka-reload-tls:${tls_listener_name}": | ||||
command => ["/opt/kafka/bin/kafka-configs.sh", | |||||
"--bootstrap-server", "${internal_hostname}:${plaintext_port}", | |||||
"--entity-name", "${broker_id}", | |||||
"--entity-type", "brokers", | |||||
"--add-config", "listener.name.${tls_listener_name}.ssl.keystore.location=${ks_location}", | |||||
"--alter"], | |||||
refreshonly => true, | |||||
require => Service['kafka'], | |||||
} | |||||
} | } | ||||
} else { | } else { | ||||
$kafka_tls_config = { | $kafka_tls_config = { | ||||
'listeners' => "PLAINTEXT://${internal_hostname}:${kafka_cluster_config['plaintext_port']}", | 'listeners' => "PLAINTEXT://${internal_hostname}:${kafka_cluster_config['plaintext_port']}", | ||||
} | } | ||||
} | } | ||||
include ::profile::prometheus::jmx | include ::profile::prometheus::jmx | ||||
▲ Show 20 Lines • Show All 81 Lines • Show Last 20 Lines |