Cloudera Docs

Configure a resource-based service: Kafka

How to add a Kafka service.

  1. On Service Manager > Resource Policies, click Add New Service () next to Kafka.

    The Create Service page appears.


    Ranger > Create Service page.
  2. On Create Service, enter the following information:
    Table 1. Service Details

    Field name

    Description

    Service Name

    The name of the service; required when configuring agents.
    Display Name The name which will appear on Service Manager.

    Description

    A description of the service.

    Active Status

    Enabled or Disabled.
    Tag Service Select a tag-based service to apply the service and its tag-based policies to Kafka.
    Table 2. Configuration Properties

    Field name

    Description

    Username

    The end system username that can be used for connection.

    Password

    The password for the username entered above.

    Zookeeper Connect String

    Defaults to localhost:2181 (Provide FQDN of zookeeper host : 2181).

    Ranger Plugin SSL CName

    Provide common.name.for.certificate which is registered with Ranger (in Wire Encryption environment).

    This field is interchangeably named Common Name For Certificate and Ranger Plugin SSL CName in Create Service pages.
    Policy Download Users Selected users can download policies in the service.
    Tag Download Users Selected users can download tags in the service.
    Service Admin Users Selected users can create/update/delete/read policies in the service.
    Service Admin Groups Users in the selected groups can create/update/delete/read policies in the service.
    Superusers The plugin grants all accesses on all resources to the selected users.
    Superuser Groups The plugin grants all accesses on all resources to users in the selected groups.
    Userstore Download Users Selected users can download user and group details.

    Add New Configurations

    Add any other new configuration(s).
    For non-SSL environment + Kerberos - Update in the Ranger plugin services to get resource lookup working.
    bootstrap.servers The value is host1:9092,host2:9092,host3:9092.
    security.protocol The value is SASL_PLAINTEXT.
    sasl.mechanism The value is GSSAPI.
    kafka.keytab The value is <path to keytab>.
    kafka.principal The value is kafka@<REALM>.
    For SSL environment + Kerberos - Update in the Ranger plugin services to get resource lookup working.
    bootstrap.servers The value is host1:9093,host2:9093,host3:9093.
    security.protocol The value is SASL_SSL.
    sasl.mechanism The value is GSSAPI.
    kafka.keytab The value is <path to keytab>.
    kafka.principal The value is kafka@<REALM>.
  3. Click Test Connection.
  4. Click Add.