zookeeper设置了ACL,kafka操作节点(NoAuth)

zookeeper所有节点都通过以下方式设置了ACL

1)增加一个认证用户
addauth digest 用户名:密码明文
eg. addauth digest user1:password1
2)设置权限
setAcl /path auth:用户名:密码明文:权限

eg. setAcl /test auth:user1:password1:cdrwa

zookeeper日志

2018-02-26 13:40:55,262 [myid:] - INFO  [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:NIOServerCnxnFactory@192] - Accepted socket connection from /10.33.46.133:41572
2018-02-26 13:40:55,267 [myid:] - INFO  [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:ZooKeeperServer@942] - Client attempting to establish new session at /10.33.46.133:41572
2018-02-26 13:40:55,268 [myid:] - INFO  [SyncThread:0:ZooKeeperServer@687] - Established session 0x161d08851fb0002 with negotiated timeout 6000 for client /10.33.46.133:41572
2018-02-26 13:40:55,279 [myid:] - INFO  [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:SaslServerCallbackHandler@120] - Successfully authenticated client: authenticationID=hosp;  authorizationID=hosp.
2018-02-26 13:40:55,279 [myid:] - INFO  [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:SaslServerCallbackHandler@136] - Setting authorizedID: hosp
2018-02-26 13:40:55,279 [myid:] - INFO  [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:ZooKeeperServer@1038] - adding SASL authorization for authorizationID: hosp
2018-02-26 13:40:55,320 [myid:] - INFO  [ProcessThread(sid:0 cport:2181)::PrepRequestProcessor@486] - Processed session termination for sessionid: 0x161d08851fb0002
2018-02-26 13:40:55,321 [myid:] - INFO  [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:NIOServerCnxn@1044] - Closed socket connection for client /10.33.46.133:41572 which had sessionid 0x161d08851fb0002

kafka日志

[2018-02-26 13:40:55,274] INFO zookeeper state changed (SyncConnected) (org.I0Itec.zkclient.ZkClient)
[2018-02-26 13:40:55,284] INFO zookeeper state changed (SaslAuthenticated) (org.I0Itec.zkclient.ZkClient)
[2018-02-26 13:40:55,312] FATAL Fatal error during KafkaServer startup. Prepare to shutdown (kafka.server.KafkaServer)
org.I0Itec.zkclient.exception.ZkException: org.apache.zookeeper.KeeperException$NoAuthException: KeeperErrorCode = NoAuth for /cluster/id
        at org.I0Itec.zkclient.exception.ZkException.create(ZkException.java:68)
        at org.I0Itec.zkclient.ZkClient.retryUntilConnected(ZkClient.java:1001)
        at org.I0Itec.zkclient.ZkClient.readData(ZkClient.java:1100)
        at org.I0Itec.zkclient.ZkClient.readData(ZkClient.java:1095)
        at kafka.utils.ZkUtils.readDataMaybeNull(ZkUtils.scala:660)
        at kafka.utils.ZkUtils.getClusterId(ZkUtils.scala:278)
        at kafka.server.KafkaServer.getOrGenerateClusterId(KafkaServer.scala:347)
        at kafka.server.KafkaServer.startup(KafkaServer.scala:194)
        at kafka.server.KafkaServerStartable.startup(KafkaServerStartable.scala:38)
        at kafka.Kafka$.main(Kafka.scala:65)
        at kafka.Kafka.main(Kafka.scala)
Caused by: org.apache.zookeeper.KeeperException$NoAuthException: KeeperErrorCode = NoAuth for /cluster/id
        at org.apache.zookeeper.KeeperException.create(KeeperException.java:113)
        at org.apache.zookeeper.KeeperException.create(KeeperException.java:51)
        at org.apache.zookeeper.ZooKeeper.getData(ZooKeeper.java:1212)
        at org.apache.zookeeper.ZooKeeper.getData(ZooKeeper.java:1241)
        at org.I0Itec.zkclient.ZkConnection.readData(ZkConnection.java:125)
        at org.I0Itec.zkclient.ZkClient$12.call(ZkClient.java:1104)
        at org.I0Itec.zkclient.ZkClient$12.call(ZkClient.java:1100)
        at org.I0Itec.zkclient.ZkClient.retryUntilConnected(ZkClient.java:991)
        ... 9 more
[2018-02-26 13:40:55,315] INFO shutting down (kafka.server.KafkaServer)





发表于: 9月前   最后更新时间: 3月前   游览量:2421
上一条: kafka根据时间戳消费或者消费指定时间内的数据
下一条: kafka学了也有2个月了,但是一直不清楚SDK是怎么作为生产者来使用的,能否简单解释一下

评论…


  • 你好,请问这个你解决了吗,能分享一下吗,1157136367,我的qq能指点一下吗
    你好,请问下最终你的这个问题解决掉了吗,kafka怎么配置才能连接到设置了ACL权限的zk上
    很明显,kafka端到zookeeper端没有拿到权限。
    你的kafka_server_sasl.conf 内缺东西,可以看下我的 https://blog.csdn.net/u010416101/article/details/79562214
    • 你好,我按照你的方法做了一下,zk加了acl后,还是连接不了,1157136367,能加下qq指点一下吗
      • 评论…
        • in this conversation