Support Questions

amru · ‎10-26-2024

Hi Team,

I am encountering error while listing topics using kafka-topics command,

kafka-topics --list --bootstrap-server localhost:9093 --command-config ssl.properties

> cat ssl.properties

security.protocol=SSL
ssl.truststore.location=truststore_location_jks
ssl.truststore.password=truststore_password

Error:

INFO clients.NetworkClient: [kafka-admin-client-thread | adminclient-1]: [AdminClient clientId=adminclient-1] Cancelled in-flight METADATA request with correlation id 13 due to node -1 being disconnected (elapsed time since creation: 302ms, elapsed time since send: 302ms, request timeout: 26959ms)

Please help to solve this problem

amru · ‎10-28-2024

I see this error in Kafka Broker logs:

[data-plane-kafka-network-thread-156-ListenerName(SASL_SSL)-SASL_SSL-6]: [SocketServer listenerType=BROKER, nodeId=156] Failed authentication with /IP (channelId=IP:9093-IP:56720-2) (Unexpected Kafka request of type METADATA during SASL handshake.

ggangadharan · ‎10-29-2024

To access Kafka topics in a security-enabled cluster, please follow the steps outlined below.

kinit with appropriate user.

kinit -kt <user> <principal>

Create jaas.conf file.

KafkaClient {
com.sun.security.auth.module.Krb5LoginModule required
useTicketCache=true;
};

Export the jaas.conf file in KAFKA_OPTS environment variable.

export KAFKA_OPTS="-Djava.security.auth.login.config=/root/jaas.conf"

Make Sure provide fully qualified path of the jaas.conf file.

Create client.properties as per your cluster configurations.

security.protocol=SASL_SSL
ssl.truststore.location=<truststore location>
ssl.truststore.password=<truststore password>
sasl.kerberos.service.name=kafka

Use kafka-topics utility to list the topics in the cluster.

kafka-topics --bootstrap-server <broker:port> --list --command-config client.properties

amru · ‎11-11-2024

Thanks for the response. I tried using these steps, I am getting the following response when I use command:

Error:

kafka-topics --bootstrap-server <broker:port> --list --command-config client.properties

24/11/11 08:08:21 INFO authenticator.AbstractLogin: [main]: Successfully logged in.
24/11/11 08:08:21 INFO kerberos.KerberosLogin: [kafka-kerberos-refresh-thread-null]: [Principal=null]: TGT refresh thread started.
24/11/11 08:08:21 INFO kerberos.KerberosLogin: [kafka-kerberos-refresh-thread-null]: [Principal=null]: TGT valid starting at: 2024-11-11T07:56:28.000+0000
24/11/11 08:08:21 INFO kerberos.KerberosLogin: [kafka-kerberos-refresh-thread-null]: [Principal=null]: TGT expires: 2024-11-11T17:56:28.000+0000
24/11/11 08:08:21 INFO kerberos.KerberosLogin: [kafka-kerberos-refresh-thread-null]: [Principal=null]: TGT refresh sleeping until: 2024-11-11T16:22:10.118+0000
24/11/11 08:08:21 WARN admin.AdminClientConfig: [main]: These configurations '[ssl.truststore.password.generator]' were supplied but are not used yet.
24/11/11 08:08:21 INFO utils.AppInfoParser: [main]: Kafka version: 3.4.1.7.1.9.0-387
24/11/11 08:08:21 INFO utils.AppInfoParser: [main]: Kafka commitId: b0573bcfb543760f
24/11/11 08:08:21 INFO utils.AppInfoParser: [main]: Kafka startTimeMs: 1731312501450

24/11/11 08:08:22 INFO utils.AppInfoParser: [kafka-admin-client-thread | adminclient-1]: App info kafka.admin.client for adminclient-1 unregistered
24/11/11 08:08:22 WARN kerberos.KerberosLogin: [kafka-kerberos-refresh-thread-null]: [Principal=null]: TGT renewal thread has been interrupted and will exit.
24/11/11 08:08:22 INFO metrics.Metrics: [kafka-admin-client-thread | adminclient-1]: Metrics scheduler closed
24/11/11 08:08:22 INFO metrics.Metrics: [kafka-admin-client-thread | adminclient-1]: Closing reporter org.apache.kafka.common.metrics.JmxReporter
24/11/11 08:08:22 INFO metrics.Metrics: [kafka-admin-client-thread | adminclient-1]: Metrics reporters closed

Cloudera Community

Support Questions

Error while using kafka-topics