Configuring a keytab file (SASL/Kerberos)

If you need to specify a keytab file when running KaDeck on your local machine to connect to your Apache Kafka cluster, you need to create a volume containing the keytab of your certificate and mount it to your Docker container.

Mounting the keytab file to your container

Start KaDeck with the following command:

docker run -d --network host --name=kadeckweb -e xeotek_kadeck_secret="<secret>" -e xeotek_kadeck_teamid="<teamid>" -e xeotek_kadeck_port=80 -v "<absolutepath_to_keytab_file>":"/opt/xeotek/<name_of_your_keytab_file>" --rm xeotek/kadeckweb

Replace the placeholders accordingly:

The absolute path of your keytab file on your machine (e.g., "/home/myuser/myuser.keytab").
The name of your keytab file inside the container. Note this, as you need to specify the path including the file name in your Kerberos settings when creating the server configuration in KaDeck. Example: myuser.keytab
Your teamid that was provided to you in your welcome mail.
Your secret that was provided to you in your welcome mail.

Logging in & configure Kerberos/SASL

Navigate to http://localhost:80 with your browser and log in with your user (default: admin/admin).

  1. Create a new server configuration or edit your existing one
  2. Enter or update the connection details appropriately. 
  3. Select the appropriate security protocol.
  4. In the SASL tab update your SASL configuration string accordingly:
    useKeyTab=true keyTab="/opt/xeotek/<name_of_your_keytab_file>"

 To learn more about configuring Kerberos and SASL, read our article SASL/Kerberos Configuration.

Was this article helpful?
0 out of 0 found this helpful



Please sign in to leave a comment.