Member since
07-26-2016
7
Posts
1
Kudos Received
0
Solutions
10-19-2018
01:47 PM
I have same issue - was any fix ever found for this?
... View more
05-28-2018
11:39 AM
1 Kudo
ext4 was the default filesystem in RHEL6 xfs is the default filesystem in RHEL7 (yes, xfs has a long history - but is that a bad thing ...? it's still current & supported, and scales higher that ext4) If choosing between those two options - I would go with xfs - since it's probably more used now in RHEL7.
... View more
08-09-2017
08:54 AM
Hi. Want to access Kafka brokers via DNS CNAMEs (instead of specific machine host name). The brokers are kerberoised, however when using the CNAME I get an error "kinit: Server not found in
Kerberos database while getting initial credentials" - ie there is no SPN created against the CNAME Ambari must be registering the SPN for the machine name when it setups up the Kerberoised Broker - so my question is can Kafka be used with a CNAME, and if so how to setup the SPN for this (ie how would Ambari have created it, and so can we run the same command using CNAME instead)? Thanks.
... View more
Labels:
03-20-2017
06:48 PM
Hi - this is probably more a kerberos question than a Kafka issue - but will ask anyway. I have a Kafka producer which intermittently fails with "Client not found in Kerberos database" It works most of the time so suspect issue is with one of the KDCs (Active Directory), so I want to use debug logging to capture which KDC is giving the issue. The enterprise uses a DNS label for KDCs (ie KERBEROS.GROUP.COM) which returns a random list of 20+ KDCs, so each connection attempt uses a different IP.
If I set KRB5_TRACE variable on Linux, and use Linux kinit - I see the below type of output: [26116] 1490023255.280436: Sending request (305 bytes) to KERBEROS.GROUP.COM [26116] 1490023255.280462: Resolving hostname KERBEROS.GROUP.COM
[26116] 1490023255.280567: Sending initial UDP request to dgram 10.x.x.x:88 [26116] 1490023255.282137: Received answer from dgram 10.x.x.x:88 which contains the IP address and is exactly what I want. However, I can't figure out how to get the IP info from a Java based Kafka Producer. On the JVM I can set "-Dsun.security.krb5.debug=true", but the logging then looks like: >>> KrbKdcReq send: kdc=KERBEROS.GROUP.COM UDP:88, timeout=30000, number of retries =3, #bytes=1438 >>> KDCCommunication: kdc=KERBEROS.GROUP.COM UDP:88, timeout=30000,Attempt =1, #bytes=1438 >>> KrbKdcReq send: #bytes read=131 >>> KrbKdcReq send: kdc=KERBEROS.GROUP.COM TCP:88, timeout=30000, number of retries =3, #bytes=1438 >>> KDCCommunication: kdc=KERBEROS.GROUP.COM TCP:88, timeout=30000,Attempt =1, #bytes=1438 >>>DEBUG: TCPClient reading 1600 bytes i.e. no IP address recorded. I'm tying to establish which specific KDC the request has gone to.
Any ideas how to capture the IP in the Java debuging options?
... View more
Labels:
11-21-2016
10:46 PM
After disabling kerberos, you may need to check the Zookeeper znode permissions for kafka - possibly some are still set with sasl security which might cause kafka not to work.
... View more
11-21-2016
10:36 PM
My understanding of how it works is -- when a producer first connects to a cluster it receives back the topology layout of the cluster (ie which brokers are leaders for which topics/partitions etc). Next, the producer will then connect directly to the leader broker for a specific topic/partition - ie it wont know anything about the proxy, and will only connect to brokers returned in the topology.
... View more
07-26-2016
12:57 PM
Also would like to see this doc - can someone post the instructions. I cant access that link. Thanks.
... View more