kafka实战kerberos(笔记)

1 安装配置kerberos

more /etc/krb5.conf

[logging]
 default = FILE:/var/log/krb5libs.log
 kdc = FILE:/var/log/krb5kdc.log
 admin_server = FILE:/var/log/kadmind.log

[libdefaults]
 default_realm = EXAMPLE.COM
 dns_lookup_realm = false
 dns_lookup_kdc = false
 ticket_lifetime = 24h
 renew_lifetime = 7d
 forwardable = true

[realms]
 EXAMPLE.COM = {
  kdc = 10.211.55.5
  admin_server = 10.211.55.5
 }

[domain_realm]
kafka = EXAMPLE.COM
zookeeper = EXAMPLE.COM
weiwei = EXAMPLE.COM
10.211.55.5 = EXAMPLE.COM
127.0.0.1 = EXAMPLE.COM

kadmin.local

Authenticating as principal kafka/admin@EXAMPLE.COM with password.
kadmin.local:  listprincs
K/M@EXAMPLE.COM
clients@EXAMPLE.COM
host/10.211.55.5@EXAMPLE.COM
host/weiwei@EXAMPLE.COM
kadmin/admin@EXAMPLE.COM
kadmin/changepw@EXAMPLE.COM
kadmin/weiwei@EXAMPLE.COM
kafka/10.211.55.5@EXAMPLE.COM
kafka/127.0.0.1@EXAMPLE.COM
kafka/localhost@EXAMPLE.COM
kafka/weiwei@EXAMPLE.COM
krbtgt/EXAMPLE.COM@EXAMPLE.COM
root/admin@EXAMPLE.COM
zookeeper/10.211.55.5@EXAMPLE.COM
zookeeper/127.0.0.1@EXAMPLE.COM

klist -t -e -k /var/kerberos/krb5kdc/kafka.keytab

Keytab name: FILE:/var/kerberos/krb5kdc/kafka.keytab
KVNO Timestamp         Principal
---- ----------------- --------------------------------------------------------
   3 07/24/16 00:58:30 kafka/10.211.55.5@EXAMPLE.COM (aes256-cts-hmac-sha1-96)
   3 07/24/16 00:58:30 kafka/10.211.55.5@EXAMPLE.COM (aes128-cts-hmac-sha1-96)
   3 07/24/16 00:58:30 kafka/10.211.55.5@EXAMPLE.COM (des3-cbc-sha1)
   3 07/24/16 00:58:30 kafka/10.211.55.5@EXAMPLE.COM (arcfour-hmac)
   3 07/24/16 00:58:30 kafka/10.211.55.5@EXAMPLE.COM (des-hmac-sha1)
   3 07/24/16 00:58:30 kafka/10.211.55.5@EXAMPLE.COM (des-cbc-md5)
   2 07/24/16 12:23:18 zookeeper/10.211.55.5@EXAMPLE.COM (aes256-cts-hmac-sha1-96)
   2 07/24/16 12:23:18 zookeeper/10.211.55.5@EXAMPLE.COM (aes128-cts-hmac-sha1-96)
   2 07/24/16 12:23:18 zookeeper/10.211.55.5@EXAMPLE.COM (des3-cbc-sha1)
   2 07/24/16 12:23:18 zookeeper/10.211.55.5@EXAMPLE.COM (arcfour-hmac)
   2 07/24/16 12:23:18 zookeeper/10.211.55.5@EXAMPLE.COM (des-hmac-sha1)
   2 07/24/16 12:23:18 zookeeper/10.211.55.5@EXAMPLE.COM (des-cbc-md5)
   2 07/25/16 11:31:37 kafka/127.0.0.1@EXAMPLE.COM (aes256-cts-hmac-sha1-96)
   2 07/25/16 11:31:37 kafka/127.0.0.1@EXAMPLE.COM (aes128-cts-hmac-sha1-96)
   2 07/25/16 11:31:37 kafka/127.0.0.1@EXAMPLE.COM (des3-cbc-sha1)
   2 07/25/16 11:31:37 kafka/127.0.0.1@EXAMPLE.COM (arcfour-hmac)
   2 07/25/16 11:31:37 kafka/127.0.0.1@EXAMPLE.COM (des-hmac-sha1)
   2 07/25/16 11:31:37 kafka/127.0.0.1@EXAMPLE.COM (des-cbc-md5)
   3 07/25/16 13:13:31 kafka/weiwei@EXAMPLE.COM (aes256-cts-hmac-sha1-96)
   3 07/25/16 13:13:31 kafka/weiwei@EXAMPLE.COM (aes128-cts-hmac-sha1-96)
   3 07/25/16 13:13:31 kafka/weiwei@EXAMPLE.COM (des3-cbc-sha1)
   3 07/25/16 13:13:31 kafka/weiwei@EXAMPLE.COM (arcfour-hmac)
   3 07/25/16 13:13:31 kafka/weiwei@EXAMPLE.COM (des-hmac-sha1)
   3 07/25/16 13:13:31 kafka/weiwei@EXAMPLE.COM (des-cbc-md5)
   2 07/25/16 15:07:58 zookeeper/127.0.0.1@EXAMPLE.COM (aes256-cts-hmac-sha1-96)
   2 07/25/16 15:07:58 zookeeper/127.0.0.1@EXAMPLE.COM (aes128-cts-hmac-sha1-96)
   2 07/25/16 15:07:58 zookeeper/127.0.0.1@EXAMPLE.COM (des3-cbc-sha1)
   2 07/25/16 15:07:58 zookeeper/127.0.0.1@EXAMPLE.COM (arcfour-hmac)
   2 07/25/16 15:07:58 zookeeper/127.0.0.1@EXAMPLE.COM (des-hmac-sha1)
   2 07/25/16 15:07:58 zookeeper/127.0.0.1@EXAMPLE.COM (des-cbc-md5)
   2 07/25/16 18:47:55 clients@EXAMPLE.COM (aes256-cts-hmac-sha1-96)
   2 07/25/16 18:47:55 clients@EXAMPLE.COM (aes128-cts-hmac-sha1-96)
   2 07/25/16 18:47:55 clients@EXAMPLE.COM (des3-cbc-sha1)
   2 07/25/16 18:47:55 clients@EXAMPLE.COM (arcfour-hmac)
   2 07/25/16 18:47:55 clients@EXAMPLE.COM (des-hmac-sha1)
   2 07/25/16 18:47:55 clients@EXAMPLE.COM (des-cbc-md5)

more zookeeper_jaas.conf

Server{
    com.sun.security.auth.module.Krb5LoginModule required
    useKeyTab=true
    storeKey=true
    useTicketCache=false
    keyTab="/var/kerberos/krb5kdc/kafka.keytab"
    principal="zookeeper/10.211.55.5@EXAMPLE.COM";
};

more kafka_server_jaas.conf

KafkaServer {
        com.sun.security.auth.module.Krb5LoginModule required
        useKeyTab=true
        storeKey=true
        keyTab="/var/kerberos/krb5kdc/kafka.keytab"
    principal="kafka/weiwei@EXAMPLE.COM";
};

Client {
    com.sun.security.auth.module.Krb5LoginModule required
    useKeyTab=true
    storeKey=true
    keyTab="/var/kerberos/krb5kdc/kafka.keytab"
    principal="kafka/weiwei@EXAMPLE.COM";
};

more config/server.properties

advertised.host.name=10.211.55.5
advertised.listeners=SASL_PLAINTEXT://10.211.55.5:9093
listeners=SASL_PLAINTEXT://10.211.55.5:9093
#listeners=PLAINTEXT://127.0.0.1:9093
security.inter.broker.protocol=SASL_PLAINTEXT
sasl.mechanism.inter.broker.protocol=GSSAPI
sasl.enabled.mechanisms=GSSAPI

sasl.kerberos.service.name=kafka

more start-zk-and-kafka

#!/bin/bash
export KAFKA_HEAP_OPTS='-Xmx256M'
export KAFKA_OPTS='-Djava.security.krb5.conf=/etc/krb5.conf -Djava.security.auth.login.confi
g=/etc/kafka/zookeeper_jaas.conf'
bin/zookeeper-server-start.sh config/zookeeper.properties &

sleep 5

export KAFKA_OPTS='-Djava.security.krb5.conf=/etc/krb5.conf -Djava.security.auth.login.confi
g=/etc/kafka/kafka_server_jaas.conf'
bin/kafka-server-start.sh config/server.properties

more config/zookeeper.properties

authProvider.1=org.apache.zookeeper.server.auth.SASLAuthenticationProvider
requireClientAuthScheme=sasl
jaasLoginRenew=3600000

more config/producer.properties/consumer.properties

security.protocol=SASL_PLAINTEXT
sasl.mechanism=GSSAPI
sasl.kerberos.service.name=kafka

more producer2

export KAFKA_OPTS="-Djava.security.krb5.conf=/etc/krb5.conf -Djava.security.auth.login.confi
g=/etc/kafka/kafka_client_jaas.conf"

bin/kafka-console-producer.sh --broker-list 10.211.55.5:9093 --topic test --producer.config
config/producer.properties

more consumer2

export KAFKA_OPTS="-Djava.security.krb5.conf=/etc/krb5.conf -Djava.security.auth.login.confi
g=/etc/kafka/kafka_client_jaas.conf"

bin/kafka-console-consumer.sh --bootstrap-server 10.211.55.5:9093 --topic test --new-consume
r --from-beginning --consumer.config config/consumer.properties





发表于: 1年前   最后更新时间: 1年前   游览量:21328
上一条: 获取kafka版本
下一条: Kafka Stream演示程序

评论…


  • 安装上面的配置,在centos7上搭建和kerberos,并按照上面的步骤配置kafka kerberos认证。zookeeper启动成功,显示信息为:[2018-12-07 14:39:01,096] INFO TGT refresh sleeping until: Sat Dec 08 10:02:52 CST 2018 (org.apache.zookeeper.Login)
    [2018-12-07 14:39:01,108] INFO binding to port 0.0.0.0/0.0.0.0:2181 (org.apache.zookeeper.server.NIOServerCnxnFactory)。启动kafka broker时显示INFO [KafkaServer id=1] started (kafka.server.KafkaServer)
    [2018-12-07 14:39:54,052] ERROR [Controller id=1, targetBrokerId=1] Connection to node 1 failed authentication due to: Authentication failed due to invalid credentials with SASL mechanism GSSAPI (org.apache.kafka.clients.NetworkClient)求问这个认证失败是什么原因呀,拜托了,其他的jaas文件和properties文件和您的一样

    • 具体的错误信息为:
      [2018-12-07 14:45:09,983] INFO [ZooKeeperClient] Connected. (kafka.zookeeper.ZooKeeperClient)
      [2018-12-07 14:45:10,059] INFO [/kafka-acl-changes-event-process-thread]: Starting (kafka.common.ZkNodeChangeNotificationListener$ChangeEventProcessThread)
      [2018-12-07 14:45:10,127] INFO [/config/changes-event-process-thread]: Starting (kafka.common.ZkNodeChangeNotificationListener$ChangeEventProcessThread)
      [2018-12-07 14:45:10,175] INFO [SocketServer brokerId=1] Started processors for 1 acceptors (kafka.network.SocketServer)
      [2018-12-07 14:45:10,192] INFO Kafka version : 1.1.1 (org.apache.kafka.common.utils.AppInfoParser)
      [2018-12-07 14:45:10,192] INFO Kafka commitId : 8e07427ffb493498 (org.apache.kafka.common.utils.AppInfoParser)
      [2018-12-07 14:45:10,194] INFO [KafkaServer id=1] started (kafka.server.KafkaServer)
      [2018-12-07 14:45:10,299] ERROR [Controller id=1, targetBrokerId=1] Connection to node 1 failed authentication due to: Authentication failed due to invalid credentials with SASL mechanism GSSAPI (org.apache.kafka.clients.NetworkClient)
      zookeeper那边对应的日志为:
      [2018-12-07 14:45:09,977] INFO Accepted socket connection from /10.201.83.55:48436 (org.apache.zookeeper.server.NIOServerCnxnFactory)
      [2018-12-07 14:45:09,979] INFO Client attempting to establish new session at /10.201.83.55:48436 (org.apache.zookeeper.server.ZooKeeperServer)
      [2018-12-07 14:45:09,982] INFO Established session 0x167876410970003 with negotiated timeout 6000 for client /10.201.83.55:48436 (org.apache.zookeeper.server.ZooKeeperServer)
      [2018-12-07 14:45:09,994] INFO Successfully authenticated client: authenticationID=kafka/weiwei@EXAMPLE.COM;  authorizationID=kafka/weiwei@EXAMPLE.COM. (org.apache.zookeeper.server.auth.SaslServerCallbackHandler)
      [2018-12-07 14:45:09,994] INFO Setting authorizedID: kafka/weiwei@EXAMPLE.COM (org.apache.zookeeper.server.auth.SaslServerCallbackHandler)
      [2018-12-07 14:45:09,994] INFO adding SASL authorization for authorizationID: kafka/weiwei@EXAMPLE.COM (org.apache.zookeeper.server.ZooKeeperServer)
      [2018-12-07 14:45:09,995] INFO Got user-level KeeperException when processing sessionid:0x167876410970003 type:create cxid:0x3 zxid:0x94 txntype:-1 reqpath:n/a Error Path:/kafka-acl Error:KeeperErrorCode = NodeExists for /kafka-acl (org.apache.zookeeper.server.PrepRequestProcessor)
        ni你好,storm 消费kafka,认证不通过,storm 、kafka、zookeeper都需要认证。认证storm_jaas.conf配置如下:
        StormServer {
           com.sun.security.auth.module.Krb5LoginModule required
           useKeyTab=true
           keyTab="/etc/security/keytabs/nimbus.service.keytab"
           storeKey=true
           useTicketCache=false
           principal="nimbus/zdhdpvdca03.crhd0a.crc.hk@ZDHDPVDCA01.CRHD0A.CRC.HK";
        };
        StormClient {
           com.sun.security.auth.module.Krb5LoginModule required
           useKeyTab=true
           keyTab="/etc/security/keytabs/storm.headless.keytab"
           storeKey=true
           useTicketCache=false
           serviceName="nimbus"
           principal="storm-bdos@ZDHDPVDCA01.CRHD0A.CRC.HK";
        };
        Client {
           com.sun.security.auth.module.Krb5LoginModule required
           useKeyTab=true
           keyTab="/etc/security/keytabs/storm.headless.keytab"
           storeKey=true
           useTicketCache=false
           serviceName="zookeeper"
           principal="storm-bdos@ZDHDPVDCA01.CRHD0A.CRC.HK";
        };

        KafkaClient {
           com.sun.security.auth.module.Krb5LoginModule required
           useKeyTab=true
           keyTab="/etc/security/keytabs/storm.headless.keytab"
           storeKey=true
           useTicketCache=false
           serviceName="kafka"
           principal="storm-bdos@ZDHDPVDCA01.CRHD0A.CRC.HK";
        };


        2018-10-29 16:40:14.267 o.a.z.c.ZooKeeperSaslClient [ERROR] An error: (java.security.PrivilegedActionException: javax.security.sasl.SaslException: GSS initiate failed [Caused by GSSException: No valid credentials provided (Mechanism level: Server not found in Kerberos database (7) - UNKNOWN_SERVER)]) occurred when evaluating Zookeeper Quorum Member's  received SASL token. This may be caused by Java's being unable to resolve the Zookeeper Quorum Member's hostname correctly. You may want to try to adding '-Dsun.net.spi.nameservice.provider.1=dns,sun' to your client's JVMFLAGS environment. Zookeeper Client will go to AUTH_FAILED state.
        2018-10-29 16:40:14.267 o.a.z.ClientCnxn [ERROR] SASL authentication with Zookeeper Quorum member failed: javax.security.sasl.SaslException: An error: (java.security.PrivilegedActionException: javax.security.sasl.SaslException: GSS initiate failed [Caused by GSSException: No valid credentials provided (Mechanism level: Server not found in Kerberos database (7) - UNKNOWN_SERVER)]) occurred when evaluating Zookeeper Quorum Member's  received SASL token. This may be caused by Java's being unable to resolve the Zookeeper Quorum Member's hostname correctly. You may want to try to adding '-Dsun.net.spi.nameservice.provider.1=dns,sun' to your client's JVMFLAGS environment. Zookeeper Client will go to AUTH_FAILED state.
        2018-10-29 16:40:14.268 o.a.c.ConnectionState [ERROR] Authentication failed
        2018-10-29 16:40:14.281 b.s.util [ERROR] Async loop died!
        java.lang.RuntimeException: java.lang.RuntimeException: org.apache.zookeeper.KeeperException$AuthFailedException: KeeperErrorCode = AuthFailed for /brokers/topics/test/partitions
         at storm.kafka.DynamicBrokersReader.getBrokerInfo(DynamicBrokersReader.java:82) ~[stormjar.jar:?]

        请问可以动态添加用户吗?  加了用户是不是要更新keytab, 重启kafka之类的? 望解答
        • 感谢回复, 搜了下,还不是很明白, 如果设置了acl, 不同用户去生产消费, 是不是需要用不同的客户端实例? producer是不是就不能使用同一个了
            你好,我再kafka上设置好了sasl认证,然后再Java程序中的生产者和消费者设置了System.setProperty("java.security.auth.login.config",
                            "/Users/Sean/Documents/Gitrep/bigdata/kafka/src/main/resources/kafka_client_jaas.conf"); // 环境变量添加,需要输入配置文件的路径
                    props.put("security.protocol", "SASL_PLAINTEXT");
                    props.put("sasl.mechanism", "PLAIN");,现在我生产和消费报这个错Caused by: java.lang.IllegalArgumentException: Could not find a 'KafkaClient' entry in the JAAS configuration. System property 'java.security.auth.login.config' is /home/hadoop/kafka_2.11-1.1.0/config/kafka_client_jaas.conf

            • 我的有KafkaClietn这个条目,java程序可以读取,现在是kettle ETL工具,使用kafka consumer组件,每次都报Kafka Consumer.0 - Caused by: java.lang.IllegalArgumentException: Could not find a 'KafkaClient' entry in the JAAS configuration. System property 'java.security.auth.login.config' is C:\ProgramData\MIT\Kerberos5\kafka_client_jaas.conf
                hi, 按照文档配置,遇到  could not login:the client is being asked for a password, bug kafka client code does not currently support,求大神解答
                按照上面的配置,Kafka单机没有问题,启用多台Kafka服务器,broker报错如下:
                [2018-05-03 14:52:13,975] ERROR [Controller id=1, targetBrokerId=0] Connection to node 0 failed authentication due to: An error: (java.security.PrivilegedActionException: javax.security.sasl.SaslException: GSS initiate failed [Caused by GSSException: No valid credentials provided (Mechanism level: Server not found in Kerberos database (7) - LOOKING_UP_SERVER)]) occurred when evaluating SASL token received from the Kafka Broker. Kafka Client will go to AUTHENTICATION_FAILED state. (org.apache.kafka.clients.NetworkClient)
                我会遇到这个问题: 是不是哪里配置不多
                [2018-04-27 07:00:54,558] WARN SASL configuration failed: javax.security.auth.login.LoginException: Cannot locate KDC Will continue connection to Zookeeper server without SASL authentication, if Zookeeper server allows it. (org.apache.zookeeper.ClientCnxn)
                [2018-04-27 07:00:54,560] INFO Opening socket connection to server 192.168.182.17/192.168.182.17:10363 (org.apache.zookeeper.ClientCnxn)
                [2018-04-27 07:00:54,561] INFO zookeeper state changed (AuthFailed) (org.I0Itec.zkclient.ZkClient)
                [2018-04-27 07:00:54,561] INFO Terminate ZkClient event thread. (org.I0Itec.zkclient.ZkEventThread)
                [2018-04-27 07:00:54,565] INFO Socket connection established to 192.168.182.17/192.168.182.17:10363, initiating session (org.apache.zookeeper.ClientCnxn)
                [2018-04-27 07:00:54,572] INFO Session establishment complete on server 192.168.182.17/192.168.182.17:10363, sessionid = 0x10130ca09830001, negotiated timeout = 6000 (org.apache.zookeeper.ClientCnxn)
                [2018-04-27 07:00:54,574] INFO Session: 0x10130ca09830001 closed (org.apache.zookeeper.ZooKeeper)
                [2018-04-27 07:00:54,575] FATAL Fatal error during KafkaServer startup. Prepare to shutdown (kafka.server.KafkaServer)
                org.I0Itec.zkclient.exception.ZkAuthFailedException: Authentication failure
                 at org.I0Itec.zkclient.ZkClient.waitForKeeperState(ZkClient.java:947)
                 at org.I0Itec.zkclient.ZkClient.waitUntilConnected(ZkClient.java:924)
                 at org.I0Itec.zkclient.ZkClient.connect(ZkClient.java:1231)
                 at org.I0Itec.zkclient.ZkClient.<init>(ZkClient.java:157)
                 at org.I0Itec.zkclient.ZkClient.<init>(ZkClient.java:131)
                 at kafka.utils.ZkUtils$.createZkClientAndConnection(ZkUtils.scala:115)
                 at kafka.utils.ZkUtils$.withMetrics(ZkUtils.scala:92)
                 at kafka.server.KafkaServer.initZk(KafkaServer.scala:346)
                 at kafka.server.KafkaServer.startup(KafkaServer.scala:194)
                 at kafka.server.KafkaServerStartable.startup(KafkaServerStartable.scala:38)
                 at kafka.Kafka$.main(Kafka.scala:92)
                 at kafka.Kafka.main(Kafka.scala)
                [2018-04-27 07:00:54,576] INFO EventThread shut down for session: 0x10130ca09830001 (org.apache.zookeeper.ClientCnxn)
                [2018-04-27 07:00:54,578] INFO shutting down (kafka.server.KafkaServer)
                [2018-04-27 07:00:54,583] INFO shut down completed (kafka.server.KafkaServer)
                [2018-04-27 07:00:54,583] FATAL Exiting Kafka. (kafka.server.KafkaServerStartable)
                [2018-04-27 07:00:54,585] INFO shutting down (kafka.server.KafkaServer)

                你好! 
                     在kafka配置文件server.properties中添加参数zookeeper.set.acl=true后,运行kafka.topics.sh创建topic时报错如下:
                Error while executing topic command : org.apache.zookeeper.KeeperException$NoAuthException: KeeperErrorCode = NoAuth for /config/topics
                [2018-04-26 16:30:43,027] ERROR org.I0Itec.zkclient.exception.ZkException: org.apache.zookeeper.KeeperException$NoAuthException: KeeperErrorCode = NoAuth for /config/topics
                 at org.I0Itec.zkclient.exception.ZkException.create(ZkException.java:68)
                 at org.I0Itec.zkclient.ZkClient.retryUntilConnected(ZkClient.java:1001)
                问一下kafka.topics.sh具体怎么配置?

                • export KAFKA_OPTS="-Djava.security.krb5.conf=/etc/krb5.conf -Djava.security.auth.login.confi
                  g=/etc/kafka/kafka_client_jaas.conf"

                  bin/kafka-console-consumer.sh --bootstrap-server 10.211.55.5:9093 --topic test --new-consume
                  r --from-beginning --consumer.config config/consumer.properties
                    我启动之后显示认证失败,这是什么问题?
                    ERROR An error: (java.security.PrivilegedActionException: javax.security.sasl.SaslException: GSS initiate failed [Caused by GSSException: No valid credentials provided (Mechanism level: Server not found in Kerberos database (7) - LOOKING_UP_SERVER)]) occurred when evaluating Zookeeper Quorum Member's  received SASL token. Zookeeper Client will go to AUTH_FAILED state. (org.apache.zookeeper.client.ZooKeeperSaslClient)
                    ERROR SASL authentication with Zookeeper Quorum member failed: javax.security.sasl.SaslException: An error: (java.security.PrivilegedActionException: javax.security.sasl.SaslException: GSS initiate failed [Caused by GSSException: No valid credentials provided (Mechanism level: Server not found in Kerberos database (7) - LOOKING_UP_SERVER)]) occurred when evaluating Zookeeper Quorum Member's  received SASL token. Zookeeper Client will go to AUTH_FAILED state. (org.apache.zookeeper.ClientCnxn)
                    INFO zookeeper state changed (AuthFailed) (org.I0Itec.zkclient.ZkClient)
                    INFO Terminate ZkClient event thread. (org.I0Itec.zkclient.ZkEventThread)
                    FATAL Fatal error during KafkaServer startup. Prepare to shutdown (kafka.server.KafkaServer)
                    org.I0Itec.zkclient.exception.ZkAuthFailedException: Authentication failure

                    你好,export KAFKA_OPTS="-Djava.security.krb5.conf=/etc/krb5.conf -Djava.security.auth.login.confi
                    g=/etc/kafka/kafka_client_jaas.conf"这个配置是要添加在kafka-console-producer.sh和kafka-console-consumer.sh这两个脚本里面是吧?

                    • 按步骤走的,启动kafka时一直警告无效证书,有什么方法可以看下认证过程,或者定位到问题
                      [2017-11-15 14:49:29,820] INFO [Kafka Server 0], started (kafka.server.KafkaServer)
                      [2017-11-15 14:49:29,915] WARN Connection to node 0 terminated during authentication. This may indicate that authentication failed due to invalid credentials. (org.apache.kafka.clients.NetworkClient)
                      • 评论…
                        • in this conversation