zookeeper所有节点都通过以下方式设置了ACL
1)增加一个认证用户
addauth digest 用户名:密码明文
eg. addauth digest user1:password1
2)设置权限
setAcl /path auth:用户名:密码明文:权限
eg. setAcl /test auth:user1:password1:cdrwa
zookeeper日志
2018-02-26 13:40:55,262 [myid:] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:NIOServerCnxnFactory@192] - Accepted socket connection from /10.33.46.133:41572
2018-02-26 13:40:55,267 [myid:] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:ZooKeeperServer@942] - Client attempting to establish new session at /10.33.46.133:41572
2018-02-26 13:40:55,268 [myid:] - INFO [SyncThread:0:ZooKeeperServer@687] - Established session 0x161d08851fb0002 with negotiated timeout 6000 for client /10.33.46.133:41572
2018-02-26 13:40:55,279 [myid:] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:SaslServerCallbackHandler@120] - Successfully authenticated client: authenticationID=hosp; authorizationID=hosp.
2018-02-26 13:40:55,279 [myid:] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:SaslServerCallbackHandler@136] - Setting authorizedID: hosp
2018-02-26 13:40:55,279 [myid:] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:ZooKeeperServer@1038] - adding SASL authorization for authorizationID: hosp
2018-02-26 13:40:55,320 [myid:] - INFO [ProcessThread(sid:0 cport:2181)::PrepRequestProcessor@486] - Processed session termination for sessionid: 0x161d08851fb0002
2018-02-26 13:40:55,321 [myid:] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:NIOServerCnxn@1044] - Closed socket connection for client /10.33.46.133:41572 which had sessionid 0x161d08851fb0002
kafka日志
[2018-02-26 13:40:55,274] INFO zookeeper state changed (SyncConnected) (org.I0Itec.zkclient.ZkClient)
[2018-02-26 13:40:55,284] INFO zookeeper state changed (SaslAuthenticated) (org.I0Itec.zkclient.ZkClient)
[2018-02-26 13:40:55,312] FATAL Fatal error during KafkaServer startup. Prepare to shutdown (kafka.server.KafkaServer)
org.I0Itec.zkclient.exception.ZkException: org.apache.zookeeper.KeeperException$NoAuthException: KeeperErrorCode = NoAuth for /cluster/id
at org.I0Itec.zkclient.exception.ZkException.create(ZkException.java:68)
at org.I0Itec.zkclient.ZkClient.retryUntilConnected(ZkClient.java:1001)
at org.I0Itec.zkclient.ZkClient.readData(ZkClient.java:1100)
at org.I0Itec.zkclient.ZkClient.readData(ZkClient.java:1095)
at kafka.utils.ZkUtils.readDataMaybeNull(ZkUtils.scala:660)
at kafka.utils.ZkUtils.getClusterId(ZkUtils.scala:278)
at kafka.server.KafkaServer.getOrGenerateClusterId(KafkaServer.scala:347)
at kafka.server.KafkaServer.startup(KafkaServer.scala:194)
at kafka.server.KafkaServerStartable.startup(KafkaServerStartable.scala:38)
at kafka.Kafka$.main(Kafka.scala:65)
at kafka.Kafka.main(Kafka.scala)
Caused by: org.apache.zookeeper.KeeperException$NoAuthException: KeeperErrorCode = NoAuth for /cluster/id
at org.apache.zookeeper.KeeperException.create(KeeperException.java:113)
at org.apache.zookeeper.KeeperException.create(KeeperException.java:51)
at org.apache.zookeeper.ZooKeeper.getData(ZooKeeper.java:1212)
at org.apache.zookeeper.ZooKeeper.getData(ZooKeeper.java:1241)
at org.I0Itec.zkclient.ZkConnection.readData(ZkConnection.java:125)
at org.I0Itec.zkclient.ZkClient$12.call(ZkClient.java:1104)
at org.I0Itec.zkclient.ZkClient$12.call(ZkClient.java:1100)
at org.I0Itec.zkclient.ZkClient.retryUntilConnected(ZkClient.java:991)
... 9 more
[2018-02-26 13:40:55,315] INFO shutting down (kafka.server.KafkaServer)
很明显,kafka端到zookeeper端没有拿到权限。
你的kafka_server_sasl.conf 内缺东西,可以看下我的 https://blog.csdn.net/u010416101/article/details/79562214
你好,我按照你的方法做了一下,zk加了acl后,还是连接不了,1157136367,能加下qq指点一下吗
你好,请问这个你解决了吗,能分享一下吗,1157136367,我的qq能指点一下吗
你好,这个问题你解决了嘛!
你好,请问下最终你的这个问题解决掉了吗,kafka怎么配置才能连接到设置了ACL权限的zk上
你好,请问这个你解决了吗,能分享一下吗,1157136367,我的qq能指点一下吗
https://blog.csdn.net/sammory/article/details/82592994 这是我解决完之后整理的一些东西,希望能帮到你
方便在发一遍嘛,连接失效了
你的答案