1. 首頁
  2. 問答
  3. 卡夫卡0.10 SASL /純生產者超時

卡夫卡0.10 SASL /純生產者超時

2017-03-01 167 views
0

我有一個3經紀人kerberised卡夫卡0.10安裝在運行Cloudera的,我試圖用SASL認證/純卡夫卡0.10 SASL /純生產者超時

我傳遞kafka_server_jaas.conf到JVM上每個經紀人。

KafkaServer { org.apache.kafka.common.security.plain.PlainLoginModule required username=admin password=password1 user_admin=password1 user_remote=password1; };

server.properties(或kafka.properties如Cloudera的將其重命名),如下設置;

listeners=SASL_SSL://10.10.3.47:9093 # ip set for each broker advertised.listeners=SASL_SSL://10.10.3.47:9093 # ip set for each broker sasl.enabled.mechanisms=GSSAPI,PLAIN security.inter.broker.protocol=SASL_SSL sasl.mechanism.inter.broker.protocol=GSSAPI

當卡夫卡啓動時,經紀人之間的溝通是一切正常,但當我嘗試使用控制檯製造商連接我得到一個超時未能更新元數據

bin/kafka-consolproducer --broker-list 10.10.3.161:9093 --topic test1 --producer.config client.properties.plain

client.properties.plain設置爲

security.protocol=SASL_SSL sasl.mechanism=PLAIN

最後,客戶端的Jaas.conf

KafkaClient { org.apache.kafka.common.security.plain.PlainLoginModule required username="remote" password="password1"; };

至於我可以告訴我正確執行了所有的說明,任何人都可以看到什麼錯?

更新 我已經把控制檯消費者的日誌記錄上了一下,我收到以下錯誤;

[2017-03-02 13:17:50,817] TRACE SSLHandshake NEED_UNWRAP channelId -1, handshakeResult Status = OK HandshakeStatus = FINISHED bytesConsumed = 101 bytesProduced = 0, appReadBuffer pos 0, netReadBuffer pos 0, netWriteBuffer pos 101 (org.apache.kafka.common.network.SslTransportLayer) [2017-03-02 13:17:50,817] TRACE SSLHandshake FINISHED channelId -1, appReadBuffer pos 0, netReadBuffer pos 0, netWriteBuffer pos 101 (org.apache.kafka.common.network.SslTransportLayer) [2017-03-02 13:17:50,817] DEBUG Set SASL client state to RECEIVE_HANDSHAKE_RESPONSE (org.apache.kafka.common.security.authenticator.SaslClientAuthenticator) [2017-03-02 13:17:50,818] DEBUG Set SASL client state to INITIAL (org.apache.kafka.common.security.authenticator.SaslClientAuthenticator) [2017-03-02 13:17:50,819] DEBUG Set SASL client state to INTERMEDIATE (org.apache.kafka.common.security.authenticator.SaslClientAuthenticator) [2017-03-02 13:17:50,820] DEBUG Connection with <IPADDESS_REMOVED> disconnected (org.apache.kafka.common.network.Selector) java.io.EOFException at org.apache.kafka.common.network.SslTransportLayer.read(SslTransportLayer.java:488) at org.apache.kafka.common.network.NetworkReceive.readFromReadableChannel(NetworkReceive.java:81) at org.apache.kafka.common.network.NetworkReceive.readFrom(NetworkReceive.java:71) at org.apache.kafka.common.security.authenticator.SaslClientAuthenticator.receiveResponseOrToken(SaslClientAuthenticator.java:239) at org.apache.kafka.common.security.authenticator.SaslClientAuthenticator.authenticate(SaslClientAuthenticator.java:182) at org.apache.kafka.common.network.KafkaChannel.prepare(KafkaChannel.java:64) at org.apache.kafka.common.network.Selector.pollSelectionKeys(Selector.java:318) at org.apache.kafka.common.network.Selector.poll(Selector.java:283) at org.apache.kafka.clients.NetworkClient.poll(NetworkClient.java:260) at org.apache.kafka.clients.consumer.internals.ConsumerNetworkClient.clientPoll(ConsumerNetworkClient.java:360) at org.apache.kafka.clients.consumer.internals.ConsumerNetworkClient.poll(ConsumerNetworkClient.java:224) at org.apache.kafka.clients.consumer.internals.ConsumerNetworkClient.poll(ConsumerNetworkClient.java:192) at org.apache.kafka.clients.consumer.internals.ConsumerNetworkClient.awaitMetadataUpdate(ConsumerNetworkClient.java:134) at org.apache.kafka.clients.consumer.internals.AbstractCoordinator.ensureCoordinatorReady(AbstractCoordinator.java:183) at org.apache.kafka.clients.consumer.KafkaConsumer.pollOnce(KafkaConsumer.java:974) at org.apache.kafka.clients.consumer.KafkaConsumer.poll(KafkaConsumer.java:938) at kafka.consumer.NewShinyConsumer.<init>(BaseConsumer.scala:61) at kafka.tools.ConsoleConsumer$.run(ConsoleConsumer.scala:64) at kafka.tools.ConsoleConsumer$.main(ConsoleConsumer.scala:51) at kafka.tools.ConsoleConsumer.main(ConsoleConsumer.scala) [2017-03-02 13:17:50,821] DEBUG Node -1 disconnected. (org.apache.kafka.clients.NetworkClient)

來源

2017-03-01 owen79

+0

我遇到了包含性能測試生產者工具相同的問題。我很難過。 –

+0

你可以試用0.10.2嗎?在配置0.10.0的sasl明文時,我遇到了類似的問題,我升級到了0.10.2(代理和客戶端庫)並且工作。 – basit

+0

僅限於我們可以使用的版本 - 與Cloudera支持的組合的偏差可能會導致問題。他們正在研究它......讓人放心的是它們也有問題。如果發現解決方案,我會報告。 – owen79

回答

1

我有SASL_PLAINTEXT AUTH類似的問題。我能夠連接到代理(通過kafka-python),但是我從製作者發送的任何消息都會超時。

我最終宣佈了SASL_PLAINTEXT和PLAINTEXT偵聽器,但只通過AWS安全組公開暴露了SASL_PLAINTEXT偵聽器。

我的server_jaas.conf基本上是一樣的。

我server.properties使用這些設置:

security.inter.broker.protocol=PLAINTEXT 
sasl.mechanism.inter.broker.protocol=PLAIN 
sasl.enabled.mechanisms=PLAIN 
advertised.listeners=SASL_PLAINTEXT://example.com:9095,PLAINTEXT://example.com:9092 
listeners = SASL_PLAINTEXT://0.0.0.0:9095,PLAINTEXT://0.0.0.0:9092

我與卡夫卡的Python客戶端調試這和我的命令看起來像這樣(蟒蛇)

from kafka import KafkaProducer 
producer = KafkaProducer(bootstrap_servers='example.com:9095', security_protocol="SASL_PLAINTEXT", sasl_mechanism='PLAIN', sasl_plain_username='username', sasl_plain_password='password')

有了這個設置我能夠進行用戶名/密碼認證,並且可以在不超時的情況下產生並使用消息給代理。

希望這有助於某種方式:)

來源

2017-03-28 20:59:34

相關問題

 相關問題