Hi ALL, I'm in POC Pinot.
Pinot support real tim...
# generalb
Bordin Suwannatri
03/15/2022, 11:12 AMHi ALL, I'm in POC Pinot.
Pinot support real time table with kafka SASL_SSL (authen kerbelos + cert ) ?
m
Mayank
03/15/2022, 3:45 PM
@User
a
Alexander Pucher
03/16/2022, 6:39 AMthis one is for @User
b
Bordin Suwannatri
03/16/2022, 7:29 AMhi i try to use this for create table it's not working.
Bordin Suwannatri
03/16/2022, 7:29 AM{
"tableName": "user_stream_kkts_test",
"tableType": "REALTIME",
"tenants": {
"broker": "DefaultTenant",
"server": "DefaultTenant",
"tagOverrideConfig": {}
},
"segmentsConfig": {
"schemaName": "user_stream_kkts",
"timeColumnName": "timestampInEpoch",
"replication": "1",
"replicasPerPartition": "1",
"retentionTimeUnit": null,
"retentionTimeValue": null,
"completionConfig": null,
"crypterClassName": null,
"peerSegmentDownloadScheme": null
},
"tableIndexConfig": {
"loadMode": "MMAP",
"invertedIndexColumns": [],
"createInvertedIndexDuringSegmentGeneration": false,
"rangeIndexColumns": [],
"sortedColumn": [],
"bloomFilterColumns": [],
"bloomFilterConfigs": null,
"noDictionaryColumns": [],
"onHeapDictionaryColumns": [],
"varLengthDictionaryColumns": [],
"enableDefaultStarTree": false,
"starTreeIndexConfigs": null,
"enableDynamicStarTreeCreation": false,
"segmentPartitionConfig": null,
"columnMinMaxValueGeneratorMode": null,
"aggregateMetrics": false,
"nullHandlingEnabled": false,
"streamConfigs": {
"streamType": "kafka",
"stream.kafka.topic.name": "user_stream",
"stream.kafka.broker.list": "kkts019094,kkts029094,kkts03:9094",
"stream.kafka.consumer.type": "lowlevel",
"stream.kafka.consumer.prop.auto.offset.reset": "smallest",
"stream.kafka.consumer.factory.class.name": "org.apache.pinot.plugin.stream.kafka20.KafkaConsumerFactory",
"stream.kafka.decoder.class.name": "org.apache.pinot.plugin.stream.kafka.KafkaJSONMessageDecoder",
"realtime.segment.flush.threshold.rows": "0",
"realtime.segment.flush.threshold.time": "24h",
"realtime.segment.flush.segment.size": "100M",
"stream.kafka.consumer.group.id": "rdp_lookup",
"security.protocol": "SASL_SSL",
"sasl.mechanism": "GSSAPI",
"sasl.kerberos.service.name": "bigfoot",
"ssl.truststore.location": "/data/apache-pinot/keytab/kfuat_rdp/kkts.client.truststore.jks",
"ssl.truststore.password": "godzilla007",
"sasl.jaas.config": "/data/apache-pinot/keytab/kfuat_rdp/client_jaas.conf"
}
},
"metadata": {},
"ingestionConfig": {
"filterConfig": null,
"transformConfigs": null
},
"quota": {
"storage": null,
"maxQueriesPerSecond": null
},
"task": null,
"routing": {
"segmentPrunerTypes": null,
"instanceSelectorType": null
},
"query": {
"timeoutMs": null
},
"fieldConfigList": null,
"upsertConfig": null,
"tierConfigs": null
}
Bordin Suwannatri
03/16/2022, 7:29 AMjaas client config if i comsume manual it work fine.
p
Peter Pringle
03/21/2022, 6:00 AMWithout ssl I have the following to connect using keytab auth. Maybe check server log for any errors.
Copy code
"security.protocol": "SASL_PLAINTEXT",
"sasl.jaas.config": "com.sun.security.auth.module.Krb5LoginModule required useKeyTab=true storeKey=true keyTab='/pathtoyourkt/user.kt' principal='user@YOUR.COM';",
"sasl.kerberos.service.name": "kafka"