使用以下属性启动zookeeper,即zookeeper.properties
dataDir=/tmp/zookeepeeer
clientPort=2186
maxClientCnxns=0
auto.offset.reset=smallest
authProvider.1=org.apache.zookeeper.server.auth.DigestAuthenticationProvider
jaasLoginRenew=3600000
requireClientAuthScheme=saslzookeeper\ u jaas.conf文件
Server {
org.apache.kafka.common.security.plain.PlainLoginModule required
username="admin"
password="admin-secret"
user_admin="admin-secret";
};服务器属性
group.initial.rebalance.delay.ms=0
authorizer.class.name=kafka.security.auth.SimpleAclAuthorizer
listeners=SASL_PLAINTEXT://localhost:9092
security.inter.broker.protocol= SASL_PLAINTEXT
sasl.mechanism.inter.broker.protocol=PLAIN
sasl.enabled.mechanisms=PLAIN
super.users=User:admin
zookeeper.set.acl=trueKafka\服务器\ jaaz.conf
KafkaServer {
org.apache.kafka.common.security.plain.PlainLoginModule required
username="admin"
password="admin-secret"
user_admin="admin-secret";
};误差如下 java.lang.SecurityException: zookeeper.set.acl is true, but the verification of the JAAS login file failed. 我已经尝试了下面的解决方案,但它再次失败,并出现以下错误,尽管做了更改
Kafka\服务器\ jaaz.conf
KafkaServer {
org.apache.kafka.common.security.plain.PlainLoginModule required
username="admin"
password="admin-secret"
user_admin="admin-secret";
};
Client {
org.apache.kafka.common.security.plain.PlainLoginModule required
username="admin"
password="admin-secret";
};server.properties与上述相同
但它失败了,错误如下:
[2018-02-23 10:16:04459]错误无效acl(kafka.utils.zkcheckedephemeral)
[2018-02-23 10:16:04459]错误无效acl(kafka.utils.zkcheckedephemeral)
[2018-02-23 10:16:04460]致命[kafka服务器0],kafka服务器运行期间发生致命错误
启动。准备关闭(kafka.server.kafkaserver)
org.i0itec.zkclient.exception.zkexception:
org.apache.zookeeper.keeperexception$invalidaclexception:keepererrorcode=invalidacl
1条答案
按热度按时间n8ghc7c11#
在kafka中,您还需要配置sasl客户端,当连接到zookeeper时将使用该客户端。这是使用
ClientKafkajaas配置中的上下文,例如。如果需要,可以使用
zookeeper.sasl.clientconfig系统属性。