Zookeeper Auth列出了Kerberos化的卡夫卡主题时失败了

时间:2019-07-11 11:53:43

标签: apache-kafka apache-zookeeper kerberos 

    I have enabled Kerberos via Ambari in all Hadoop components. I am using HDP v3.1.0 and Kafka version 2.0.0. While listing the Kafka topics. I am getting below error

zookeeper身份验证失败

kafka客户jaas:

KafkaClient {
com.sun.security.auth.module.Krb5LoginModule required
useTicketCache=true
renewTicket=true
serviceName="kafka";
};

 KafkaServer {
        com.sun.security.auth.module.Krb5LoginModule required
        useKeyTab=true
        keyTab="/etc/security/keytabs/kafka.service.keytab"
        storeKey=true
        useTicketCache=false
        serviceName="kafka"
        principal="kafka/HOSTNAME@TRINITY.LOCAL";
        };
        KafkaClient {
        com.sun.security.auth.module.Krb5LoginModule required
        useTicketCache=true
        renewTicket=true
        serviceName="kafka";
        };
        Client {
        com.sun.security.auth.module.Krb5LoginModule required
        useKeyTab=true
        keyTab="/etc/security/keytabs/kafka.service.keytab"
        storeKey=true
        useTicketCache=false
        serviceName="zookeeper"
        principal="kafka/HOSTNAME@TRINITY.LOCAL";
        };
        com.sun.security.jgss.krb5.initiate {
        com.sun.security.auth.module.Krb5LoginModule required
        renewTGT=false
        doNotPrompt=true
        useKeyTab=true
        keyTab="/etc/security/keytabs/kafka.service.keytab"
        storeKey=true
        useTicketCache=false
        serviceName="kafka"
        principal="kafka/HOSTNAME@TRINITY.LOCAL";
        };

zookeeper-client_jaas :

Client {
com.sun.security.auth.module.Krb5LoginModule required
useKeyTab=false
useTicketCache=true;
};

zookeeper_jaas:

Server {
com.sun.security.auth.module.Krb5LoginModule required
useKeyTab=true
storeKey=true
useTicketCache=false
keyTab="/etc/security/keytabs/zk.service.keytab"
principal="zookeeper/HOSTNAME@TRINITY.LOCAL";
};

/usr/hdp/current/kafka-broker/bin/kafka-topics.sh --list --zookeeper主机名:2181

[2019-07-11 16:42:55,546] WARN SASL配置失败:javax.security.auth.login.LoginException:在指定的JAAS配置文件中未找到名为“客户端”的JAAS配置节:'/ usr / hdp / current / kafka-broker / config / kafka_client_jaas.conf”。如果Zookeeper服务器允许,则无需SASL身份验证即可继续连接到Zookeeper服务器。 (org.apache.zookeeper.ClientCnxn) [2019-07-11 16:42:55,549]错误[ZooKeeperClient]身份验证失败。 (kafka.zookeeper.ZooKeeperClient)

__consumer_offsets,
ambari_kafka_service_check,
test,
testing

0 个答案:

没有答案
相关问题
最新问题