Hello ,
I configure consumeKafka_2_0 processor with the Kerberos configuration. I have 4 node Nifi cluster. There are node specific keytab principal , and I made node specific jaas.config and placed on each node. My jaas.config looks like below:
KafkaClient {
com.sun.security.auth.module.Krb5LoginModule required
useKeyTab=true
storeKey=true
keyTab="/path-to-keytab/nifi.keytab"
serviceName="kafka"
principal="nifi/node-name@xxx.COM";
};
I made the entry to NiFi Node Advanced Configuration Snippet (Safety Valve) for staging/bootstrap.conf.xml by :
java.arg.15=-Djava.security.auth.login.config=pathto jaas.config
and restarted nifi cluster.
I am not getting any error on NiFi but when I put the message on Kafka , it is not reading. I made entry of topic name, group Id and offset reset to earliest.
I am getting below error in nifi logs :
WARN org.apache.kafka.clients.NetworkClient: [Consumer clientId=consumer-2, groupId=xxx-xxx] Bootstrap broker host-id:9092 (id: -1 rack: null) disconnected
2022-01-10 14:18:58,570 WARN org.apache.kafka.clients.NetworkClient: [Consumer clientId=consumer-2, groupId=xxx-xxx] Bootstrap broker host-id:9092 (id: -1 rack: null) disconnected.
My understanding is its Kerberos configuration error. Any help on correct configuration and how to get headless key tab will be appreciated.
