Why Ambari is setting the security protocol of the kafka to PLAINTEXTSASL instead of SASL_PLAINTEXT?

最新推荐文章于 2023-12-22 15:40:21 发布
最新推荐文章于 2023-12-22 15:40:21 发布
阅读量603 收藏
点赞数
文章标签: 大数据
原文链接:http://www.cnblogs.com/felixzh/p/10452804.html
版权
avatar image

Why Ambari is setting the security protocol of the kafka to PLAINTEXTSASL instead of SASL_PLAINTEXT?

个问题,截止  Param NC 2017年02月26日 08:36  kerberosKafka

Hi All ,

During Kerboraizing the kafka using the Ambari , it is setting the kafka security protocol to PLAINTEXTSASL instead of SASL_PLAINTEXT, but everywhere in the document is it mentioned that it must be SASL_PLAINTEXT , I have few questions regarding this .

1. Why Ambari setting the security protocol to PLAINTEXTSASL , is it a bug ?

2. Even though we are able to produce and consume the messages from program written in java.

But in the producer we are setting the security protocol to PLAINTEXTSASL, and in the consumer SASL_PLAINTEXT , it is working fine , Question is how come it is working fine when actual protocol is just PLAINTEXTSASL.

Thanks in Advance ,

Param.

 
 1

3条回复

·  添加您的回复
avatar image
最佳解答

个解答,截止Sriharsha Chintalapani  · 2017年02月26日 18:20

@Param NC Kafka security is developed by Hortonworks. Before it shipped into Apache Kafka we shipped it in HDP. At that time we called the SASL protocol as PLAINTEXTSASL which later changed SASL_PLAINTEXT. These protocols are synonymous so you can use them interchangeably. Older version of AMBARI still calls it as PLAINTEXTSASL which will be changing to SASL_PLAINTEXT in upcoming version.

In your case, producer & consumer are working because PLAINTEXTSASL or SASL_PLAINTEXT means the same thing and can be used interchangeably. For consistency purpose , we recommend you to use SASL_PLAINTEXT everywhere.

 
 3  隐藏 2 · 分享
avatar image Param NC  · 2017年02月27日 06:36 0
 

Thanks for the response I very much agree to you answer .

avatar image Qingyang Kong  · 2017年03月13日 22:43 0
 

Hello Sriharsha, just a quick question. When I use confluentinc kafka rest proxy in company's HDP 2.5.3 cluster, I run into the error "No security protocol defined for listener PLAINTEXTSASL" and "broker info from zookeeper cannot be parsed". I guess that is because PLAINTEXTSASL cannot be recognized by other frameworks, though producer and consumer can work within HDP. Is there any way solving this problem?

avatar image
 

个解答,截止bpreachuk  · 2017年06月28日 11:17

We encountered a similar issue when upgrading our Ambari from 2.4 to 2.5. Our Kafka brokers would not restart.

Here was the error message:

  1. /var/log/kafka/server.log.2017-06-27-19:java.lang.IllegalArgumentException: requirement failed: security.inter.broker.protocol must be a protocol in the configured set of advertised.listeners. The valid options based on currently configured protocols are Set(SASL_PLAINTEXT)

We had specified PLAINTEXTSASL as the SASL protocol in the configuration.

To fix this we changed the following configuration in Custom kafka-broker:

  1. security.inter.broker.protocol=SASL_PLAINTEXT
 
 0 · 分享
 
avatar image
 

个解答,截止Sriharsha Chintalapani  · 2017年03月14日 21:38

@Qingyang Kong

Kafka rest proxy uses old client apis, which are not supported in secure cluster in Apache. However HDP kafka supports security in old consumer apis. To enable this you need to build kafka rest proxy code with HDP kafka_core dependency and pass a KafkaClient jaas config to your kafka rest server JVM.

 

 

转载于:https://www.cnblogs.com/felixzh/p/10452804.html

weixin_30379973
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
KafkaKafka The valid options based on currently configured listeners are PLAINTEXT,SSL
九师兄
08-07 1383
1.背景 背景已经忘记了: [lcc@lcc ~/soft/kafka/kafka_2.11-1.1.0_author_scram]$ bin/kafka-server-start.sh config/scram.properties [2020-08-07 15:11:13,464] INFO Registered kafka:type=kafka.Log4jController MBean (kafka.utils.Log4jControllerRegistration$) [2020-08-07 1.
bk_ambari-installation
12-12
The Hortonworks Data Platform, powered by Apache Hadoop, is a massively scalable and 100% open source platform for storing, processing and analyzing large volumes of data. It is designed to deal with ...
kafka 配置 kerberos 中遇到的问题
zsyoung的博客
08-27 1万+
问题: requirement failed :inter.broker.listener.name must be a listener name defined in adverstised.listeners. the valid options based on currently configured listeners are PLAINTEXT 原因: server.propert...
Kafka SASL/PLAIN 环境构建(Docker版)
Be yourself.
11-22 5352
前言 近来,老有朋友询问Kafka SASL配置 & Demo测试 这篇文章的相关内容。近来无事,准备将所以的组件打成镜像。此处,便讲的为 Kafka SASL/PLAIN权限验证镜像模块的构建。 前置熟悉文章: Kafka SASL配置 & Demo测试 Kafka常用命令(带SASL权限版) First Try 由于Docker化的Kafka存在一定的缺陷和问题。第一次尝试的...
Kafka从上手到实践 - Kafka集群:Kafka Listeners | 凌云时刻
云布道师
06-12 2467
凌云时刻 · 技术导读:这一章节主要对和Listener相关的四个配置项做以详细解释。作者 | 计缘来源 |凌云时刻(微信号:linuxpk)概述listeners、advertise...
Kafka集群部署及基本操作
凡事不敷衍,才能被生活所厚待
04-16 2834
安装包下载:http://archive.apache.org/dist/kafka/1.0.0/kafka_2.11-1.0.0.tgz http://kafka.apache.org/ http://kafka.apachecn.org/ (已经安装好了zookeeper集群) 1、上传安装包解压 2、修改Kafka server.properties的配置连接...
bk_ambari-installation.pdf
03-10
ambari安装手册
ambari-2.7.5.0.72+HDP-3.1.0+KAFKA-3.1.0的RPM安装包
03-25
亲测,自己制作的KAFKA-3.1.0的RPM安装包,用于HDP3.0或3.1的集成,可替换ambari2.7.x里面kafka的2.0.0版本 支持centos7/redhat7的安装
kafka-manager-2.0.0.2
03-28
Ambarikafka 配置kafka-manager。 CDH、开源也可以步骤一样。 kafka为开启kerberos认证的。 文章中用到的kafka-manager 适配绝大多数。 推荐使用!!!! kafka-manager作用: 管理多个集群 轻松检查群集状态...
大数据(hadoop+spark+hbase+zookeeper+kafka+scala+ambari)全套视频教程(花3000¥买的)
06-24
大数据 hadoop spark hbase ambari全套视频教程(购买的付费视频)
Kafka 开启 SASL/PLAINTEXT 认证及 ACL
我吃柠檬的博客
07-06 4506
Linux 安装 Kafka 并开启 SASL/PLAINTEXT 认证
一个kafka创建topic失败的问题
shuxiaogd的专栏
11-22 1万+
关于kafka创建topic时出现 ERROR kafka.common.KafkaException: Failed to parse the broker info from zookeeper 错误的处理
Spring集成Kafka 结合Kafka Tool使用
Amy安的博客
03-08 797
下载安装 1.从http://kafka.apache.org/downloads 下载kafka 2.从https://zookeeper.apache.org/releases.html 下载zookeeper 3.从http://www.kafkatool.com/download.html 下载kafkatool 注意事项 kafka有路径长度限制,放置位置不宜过长 配置 Spring项目 pox.xml <dependency> <groupId>org.spri
kafka权限认证
热门推荐
shengjk1的博客
11-14 2万+
背景: 最近公司因为用的云服务器,需要保证kafka的安全性。可喜的是kafka0.9开始,已经支持权限控制了。网上中文资料又少,特此基于kafka0.9,记录kafaka的权限控制。 下面各位看官跟着小二一起开始kafak权限控制之旅吧!嘎嘎嘎!介绍: kafka权限控制整体可以分为三种类型: 1.基于SSL 2.基于Kerberos(本文不与讨论) 3.基于acl的 本文主要基于1
Kafka问题锦集
weixin_42438913的博客
05-26 411
1、kafka公网内网访问实现 有以下两种方式: 1)需要本地配置长域名映射后可以正常访问端口为9092,也可以之间ip+端口(9092) listeners=PLAINTEXT://kafka-hostname:9092 advertised.listeners=PLAINTEXT://kafka-hostname:9092 listener.security.protocol.map=PLAINTEXT:PLAINTEXT,SSL:SSL,SASL_PLAINTEXT:SASL_PLAINTEXT,S
一文搞懂 Kafka 中的 listeners 和 advertised.listeners 以及其他通信配置
最新发布
卷心菜投手
12-22 3795
listeners 和 advertised.listeners 以及其他通信配置
Kafka集群的Linux安装步骤
技术日志
08-17 1453
一、  环境准备 Kafka依赖ZooKeeper,首先需要确保ZooKeeper服务已经搭建完成。   操作系统: CentOS-7-x86_64-1611   节点IP端口: 192.168.2.200:9092 192.168.2.201:9092 192.168.2.202:9092   二、  Kafka安装   1. 下载Kafka Kafka官网地址:h
Kafka-Listener配置参数、配置公网访问以及可能出现的问题
lidelin10的博客
04-04 1万+
文章目录核心参数listenersadvertised.listenerslistener.security.protocol.mapinter.broker.listener.name配置外网访问配置实例可能会出现的问题listener_name不能相同inter.broker.listener.name must be a listener name defined in advertised...
ERROR [main] AmbariServer:1119 - Failed to run the Ambari Server
05-18
你需要查看 Ambari Server 的日志文件,以便确定错误的具体原因。你可以尝试以下几个步骤来解决这个问题: 1. 检查端口是否被占用。你可以使用 netstat 命令检查端口是否被占用,如果是,你需要释放该端口或者修改 ...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值