Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

No JAAS configuration section named 'Server' was foundin '/kafka/kafka_2.12-2.3.0/config/zookeeper_jaas.conf'

when i run the zookeeper from the package in the kakfa_2.12-2.3.0 i am getting the following error

$ export KAFKA_OPTS="-Djava.security.auth.login.config=/kafka/kafka_2.12-2.3.0/config/zookeeper_jaas.conf"
    $ ./bin/zookeeper-server-start.sh  config/zookeeper.properties

and the zookeeper_jaas.conf is

KafkaServer {
   org.apache.kafka.common.security.plain.PlainLoginModule required
   username="admin"
   password="admin-secret"
   user_admin="admin-secret";
};

and the zookeeper.properties file is

server=localhost:9092
#server=localhost:2888:3888
sasl.jaas.config=org.apache.kafka.common.security.plain.PlainLoginModule required username="ibm" password="ibm-secret";

security.protocol=SASL_SSL
sasl.mechanism=PLAIN
ssl.truststore.location=**strong text**/kafka/apache-zookeeper-3.5.5-bin/zookeeperkeys/client.truststore.jks
ssl.truststore.password=test1234

 authProvider.1=org.apache.zookeeper.server.auth.SASLAuthenticationProvider 
 jaasLoginRenew=3600000 
 requireClientAuthScheme=sasl 

can anyone suggest what could be the reason

like image 802
RamanaMuttana Avatar asked Jul 29 '19 16:07

RamanaMuttana


1 Answers

You seem to have mixed up a bunch of Kafka SASL configuration into your Zookeeper configuration files. Both Zookeeper and Kafka have different SASL support so it's not going to work.

I'm guessing you want to enable SASL authentication between Kafka and Zookeeper. In that case you need to follow the Zookeeper Server-Client guide: https://cwiki.apache.org/confluence/display/ZOOKEEPER/Client-Server+mutual+authentication

Zookeeper does not support SASL Plain, but DigestMD5 is pretty similar. In that case your jaas.conf file should look like:

Server {
   org.apache.zookeeper.server.auth.DigestLoginModule required
   user_super="adminsecret"
   user_bob="bobsecret";
};

Then you need to configure your Kafka brokers to connect to Zookeeper with SASL. You can do that using another jaas.conf file (this time loading it in Kafka):

Client {
   org.apache.zookeeper.server.auth.DigestLoginModule required
   username="bob"
   password="bobsecret";
};

Note: you can also enable SASL between the Zookeeper servers. To do so, follow the Server-Server guide: https://cwiki.apache.org/confluence/display/ZOOKEEPER/Server-Server+mutual+authentication

like image 152
Mickael Maison Avatar answered Oct 19 '22 17:10

Mickael Maison