How to configure the Aerospike Outbound Connector for Kafka to avoid /tmp

How to configure the Aerospike Outbound Connector for Kafka to avoid /tmp

Context

The Aerospike Outbound Connector for Kafka allows Aerospike clusters to ship records to Kafka topics. By default, the Connector installs software in /tmp notably the netty client/server framework used by the Connector.

Some environments may mount /tmp with the noexec flag to prevent malicious exploits. How can the Connector be configured to avoid use of /tmp?

Method

To use an alternate directory the user should edit the /etc/systemd/system/aerospike-kafka-outbound.service file and add the following line:

Environment=AEROSPIKE_KAFKA_OUTBOUND_OPTS=-Dio.netty.native.workdir=<changeit>

[Service]
... 
...
Environment=AEROSPIKE_KAFKA_OUTBOUND_OPTS=-Dio.netty.native.workdir=<changeit>
...
...

Then the Connector daemon should be reloaded and then restarted.

$sudo systemctl  daemon-reload

$sudo systemctl start aerospike-kafka-outbound

Keywords

KAFKA OUTBOUND CONNECTOR TMP NOEXEC

Timestamp

June 2021

© 2021 Copyright Aerospike, Inc. | All rights reserved. Creators of the Aerospike Database.