Can't produce message with SASL: timeout error

Thu, 16 Feb 2017 21:05:33 -0800 

Hi,

I secured my cluster and everything was working fine. Brokers are up and
don’t complain, my topics are all synchronized.

Here’s my config (excerpt):
listeners=
PLAINTEXT://0.0.0.0:9092,SSL://0.0.0.0:9093,SASL_PLAINTEXT://0.0.0.0:9094,SASL_SSL://0.0.0.0:9095
super.users=User:kafka;User:ANONYMOUS

I can publish and read messages from port 9092, but when trying on 9094 I
get the following errors:

/etc/kafka# KAFKA_OPTS="-Djava.security.krb5.conf=/etc/kafka/krb5.conf
-Djava.security.auth.login.config=/etc/kafka/kafka_client_jaas.conf"
kafka-console-producer  --topic sasltest --broker-list localhost:9094
--producer-property security.protocol=SASL_PLAINTEXT --producer-property
sasl.mechanism=GSSAPI --producer-property sasl.kerberos.service.name=kafka
hi
[2017-02-17 04:41:47,275] ERROR Error when sending message to topic
sasltest with key: null, value: 2 bytes with error:
(org.apache.kafka.clients.producer.internals.ErrorLoggingCallback)
org.apache.kafka.common.errors.TimeoutException: Failed to update metadata
after 60000 ms.


I did permission my user using the following:

root@ip-10-13-80-172:/#
KAFKA_OPTS="-Djava.security.krb5.conf=/etc/kafka/krb5.conf
-Djava.security.auth.login.config=/etc/kafka/kafka_server_jaas.conf"
kafka-acls --add --allow-principal User:sa_sasltest_dev_1
--authorizer-properties zookeeper.connect=zoo1:2181/kafka-xfs --producer
--topic sasltest
Adding ACLs for resource `Topic:sasltest`:
     User:sa_sasltest_dev_1 has Allow permission for operations: Write from
hosts: *
    User:sa_sasltest_dev_1 has Allow permission for operations: Describe
from hosts: *

Adding ACLs for resource `Cluster:kafka-cluster`:
     User:sa_sasltest_dev_1 has Allow permission for operations: Create
from hosts: *

Current ACLs for resource `Topic:sasltest`:
     User:sa_sasltest_dev_1 has Allow permission for operations: Write from
hosts: *
    User:sa_sasltest_dev_1 has Allow permission for operations: Describe
from hosts: *

root@ip-10-13-80-172:/#
KAFKA_OPTS="-Djava.security.krb5.conf=/etc/kafka/krb5.conf
-Djava.security.auth.login.config=/etc/kafka/kafka_server_jaas.conf"
kafka-acls --add --allow-principal User:sa_sasltest_dev_1
--authorizer-properties zookeeper.connect=zoo1:2181/kafka-xfs --consumer
--topic sasltest --group sasltest-1
Adding ACLs for resource `Topic:sasltest`:
     User:sa_sasltest_dev_1 has Allow permission for operations: Describe
from hosts: *
    User:sa_sasltest_dev_1 has Allow permission for operations: Read from
hosts: *

Adding ACLs for resource `Group:sasltest-1`:
     User:sa_sasltest_dev_1 has Allow permission for operations: Read from
hosts: *

Current ACLs for resource `Topic:sasltest`:
     User:sa_sasltest_dev_1 has Allow permission for operations: Write from
hosts: *
    User:sa_sasltest_dev_1 has Allow permission for operations: Describe
from hosts: *
    User:sa_sasltest_dev_1 has Allow permission for operations: Read from
hosts: *

Current ACLs for resource `Group:sasltest-1`:
     User:sa_sasltest_dev_1 has Allow permission for operations: Read from
hosts: *


*Am I missing some permissions? Do you have any idea what could be wrong?*

Thanks for the help you’ve given me so far!
Stephane

Reply via email to