Search in sources :

Example 1 with CreateDelegationTokenOptions

use of org.apache.kafka.clients.admin.CreateDelegationTokenOptions in project hive by apache.

the class DagUtils method getKafkaDelegationTokenForBrokers.

private void getKafkaDelegationTokenForBrokers(DAG dag, JobConf conf, String kafkaBrokers) {
    LOG.info("Getting kafka credentials for brokers: {}", kafkaBrokers);
    String keytab = HiveConf.getVar(conf, HiveConf.ConfVars.HIVE_SERVER2_KERBEROS_KEYTAB);
    String principal = HiveConf.getVar(conf, HiveConf.ConfVars.HIVE_SERVER2_KERBEROS_PRINCIPAL);
    try {
        principal = SecurityUtil.getServerPrincipal(principal, "0.0.0.0");
    } catch (IOException e) {
        throw new RuntimeException(e);
    }
    Properties config = new Properties();
    config.put(AdminClientConfig.BOOTSTRAP_SERVERS_CONFIG, kafkaBrokers);
    config.put(CommonClientConfigs.SECURITY_PROTOCOL_CONFIG, "SASL_PLAINTEXT");
    String jaasConfig = String.format("%s %s %s %s serviceName=\"%s\" keyTab=\"%s\" principal=\"%s\";", "com.sun.security.auth.module.Krb5LoginModule required", "debug=true", "useKeyTab=true", "storeKey=true", "kafka", keytab, principal);
    config.put(SaslConfigs.SASL_JAAS_CONFIG, jaasConfig);
    LOG.debug("Jaas config for requesting kafka credentials: {}", jaasConfig);
    AdminClient admin = AdminClient.create(config);
    CreateDelegationTokenOptions createDelegationTokenOptions = new CreateDelegationTokenOptions();
    CreateDelegationTokenResult createResult = admin.createDelegationToken(createDelegationTokenOptions);
    DelegationToken token;
    try {
        token = createResult.delegationToken().get();
    } catch (InterruptedException | ExecutionException e) {
        throw new RuntimeException("Exception while getting kafka delegation tokens", e);
    }
    LOG.info("Got kafka delegation token: {}", token);
    dag.getCredentials().addToken(KAFKA_DELEGATION_TOKEN_KEY, new Token<>(token.tokenInfo().tokenId().getBytes(), token.hmac(), null, new Text("kafka")));
}
Also used : DelegationToken(org.apache.kafka.common.security.token.delegation.DelegationToken) CreateDelegationTokenOptions(org.apache.kafka.clients.admin.CreateDelegationTokenOptions) Text(org.apache.hadoop.io.Text) IOException(java.io.IOException) Properties(java.util.Properties) CreateDelegationTokenResult(org.apache.kafka.clients.admin.CreateDelegationTokenResult) ExecutionException(java.util.concurrent.ExecutionException) AdminClient(org.apache.kafka.clients.admin.AdminClient)

Aggregations

IOException (java.io.IOException)1 Properties (java.util.Properties)1 ExecutionException (java.util.concurrent.ExecutionException)1 Text (org.apache.hadoop.io.Text)1 AdminClient (org.apache.kafka.clients.admin.AdminClient)1 CreateDelegationTokenOptions (org.apache.kafka.clients.admin.CreateDelegationTokenOptions)1 CreateDelegationTokenResult (org.apache.kafka.clients.admin.CreateDelegationTokenResult)1 DelegationToken (org.apache.kafka.common.security.token.delegation.DelegationToken)1