Glad to hear you worked it out Oleg!
Martin
___
> Subject: Re: Kerberized Kafka setup issues
> From: ozhurakou...@hortonworks.com
> To: users@kafka.apache.org
&g
check:
>>
>> specifically are the /etc/krb5.conf credentials the same you use to
>> authenticate to ubuntu.oleg.com
>>
>> ?
>> Martin
>> __
>>
om
>
> ?
> Martin
> __
>
>
>
>
>> Subject: Re: Kerberized Kafka setup issues
>> From: ozhurakou...@hortonworks.com
>> To: users@kafka.apache.org
&g
one more thing to check:
specifically are the /etc/krb5.conf credentials the same you use to
authenticate to ubuntu.oleg.com
?
Martin
__
> Subject: Re: Kerberized Kafka se
Harsh
I followed this blog
(http://www.confluent.io/blog/apache-kafka-security-authorization-authentication-encryption)
and got an environment via vagrant setup, no issues. I’ll poke around what the
differences are and if find the issue will post.
Thanks for your help anyway.
Cheers
Oleg
On Fe
Yeah, I noticed the localhost as well, but I’ve changed it since to FQDN and it
is still the same including 'sname is zookeeper/localh...@oleg.com’
Oleg
> On Feb 23, 2016, at 4:00 PM, Harsha wrote:
>
> whats your zookeeper.connect in server.properties looks like. Did you
> use the hostname or
whats your zookeeper.connect in server.properties looks like. Did you
use the hostname or localhost
-Harsha
On Tue, Feb 23, 2016, at 12:01 PM, Oleg Zhurakousky wrote:
> Still digging, but here is more info that may help
>
> 2016-02-23 14:59:24,240] INFO zookeeper state changed (SyncConnected)
>
Still digging, but here is more info that may help
2016-02-23 14:59:24,240] INFO zookeeper state changed (SyncConnected)
(org.I0Itec.zkclient.ZkClient)
Found ticket for kafka/ubuntu.oleg@oleg.com to go to
krbtgt/oleg@oleg.com expiring on Wed Feb 24 00:59:24 EST 2016
Entered Krb5Context.i
No joy. the same error
KafkaServer {
com.sun.security.auth.module.Krb5LoginModule required
debug=true
useKeyTab=true
storeKey=true
keyTab="/home/oleg/kafka_2.10-0.9.0.1/config/security/kafka.keytab"
principal="kafka/ubuntu.oleg@oleg.com";
};
Clie
My bad it should be under Client section
Client {
com.sun.security.auth.module.Krb5LoginModule required
debug=true
useKeyTab=true
storeKey=true
serviceName=zookeeper
keyTab="/home/oleg/kafka_2.10-0.9.0.1/config/security/kafka.keytab"
principal="kafk
can you try adding "serviceName=zookeeper" to KafkaServer section like
KafkaServer {
com.sun.security.auth.module.Krb5LoginModule required
debug=true
useKeyTab=true
storeKey=true
serviceName=zookeeper
keyTab="/home/oleg/kafka_2.10-0.9.0.1/config/secur
More info
I am starting both services as myself ‘oleg’. Validated that both key tab files
are readable. o I am assuming Zookeeper is started as ‘zookeeper’ and Kafka as
‘kafka’
Oleg
> On Feb 23, 2016, at 2:22 PM, Oleg Zhurakousky
> wrote:
>
> Harsha
>
> Thanks for following up. Here is is
Harsha
Thanks for following up. Here is is:
oleg@ubuntu:~/kafka_2.10-0.9.0.1/config$ cat kafka_server_jaas.conf
KafkaServer {
com.sun.security.auth.module.Krb5LoginModule required
debug=true
useKeyTab=true
storeKey=true
keyTab="/home/oleg/kafka_2.10-0.9.0.
Oleg,
Can you post your jaas configs. Its important that serviceName
must match the principal name with which zookeeper is running.
Whats the principal name zookeeper service is running with.
-Harsha
On Tue, Feb 23, 2016, at 11:01 AM, Oleg Zhurakousky wrote:
> Hey guys, fir
Hey guys, first post here so bare with me
Trying to setup Kerberized Kafka 0.9.0.. Followed the instructions here
http://kafka.apache.org/documentation.html#security_sasl and i seem to be very
close, but not quite there yet.
ZOOKEEPER
Starting Zookeeper seems to be OK (below is the relevant par
15 matches
Mail list logo
