Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Issue with Kafka Kerberos+SSL

Highlighted

Issue with Kafka Kerberos+SSL

New Contributor

On HDP 26 cluster, I have installed Kafka, and enable Kerberos+SSL on it. But when I run "get /brokers/ids/1002" I get below value
{"jmx_port":-1,"timestamp":"1490888565689","endpoints":["SASL_SSL://hostname:9092"],"host":null,"version":2,"port":-1}

The host and the port information is not getting configured. I tried configuring these(advertised.host.name and advertised.port) through ambari as well as setting proprty in server.properties file and restarting the kafka manually but it is not getting reflected.

But, if i change the protocol from PLAINTEXTSASL/SASL_PLAINTEXT to simply PLAINTEXT then the host and port information is gets updated correctly as below.

get /brokers/ids/1002

{"jmx_port":-1,"timestamp":"1490888108079","endpoints":["PLAINTEXT://hostname:6667"],"host":"hostname","version":2,"port":6667}

I have tried to update the endpoint manually, but still does not work.

I used consumer command:

/usr/hdp/2.6.0.3-8/kafka/bin/kafka-console-consumer.sh --new-consumer --bootstrap-server hostname:6668 --topic testTopic --from-beginning --security-protocol SASL_SSL --consumer.config /usr/hdp/current/kafka-broker/config/server.properties

I get below error:
[2018-02-02 09:58:49,475] WARN Error while fetching metadata with correlation id 479 : {testTopic=UNKNOWN_TOPIC_OR_PARTITION} (org.apache.kafka.clients.NetworkClient)

I used producer command:

/usr/hdp/current/kafka-broker/bin/kafka-console-producer.sh --broker-list hostname:6668 --topic testTopic --producer-property "security.protocol=SASL_SSL" --producer.config /usr/hdp/current/kafka-broker/config/server.properties

But when I type string on it, I got below error:

[2018-02-02 09:36:10,674] WARN Bootstrap broker tal-qa16.talend.lan:6668 disconnected (org.apache.kafka.clients.NetworkClient)
[2018-02-02 09:36:10,960] WARN Bootstrap broker tal-qa16.talend.lan:6668 disconnected (org.apache.kafka.clients.NetworkClient)

Seems my problem is similar with https://community.hortonworks.com/questions/92035/issue-with-kafka-while-enabling-kerberos.html, but the solution does not work for me.

So can you help me check?

Don't have an account?
Coming from Hortonworks? Activate your account here