添加用户权限后 ./kafka-consumer-groups.sh 命令执行失败

tiiimo 发表于: 2021-03-09   最后更新时间: 2021-03-09 17:52:38   4,263 游览

问题??

[root@host-192-168-51-9 kafka_2.12-2.5.1]# bin/kafka-consumer-groups.sh --bootstrap-server 172.19.27.16:9092,172.19.27.46:9092,172.19.27.65:9092 --list

Error: Executing consumer group command failed due to org.apache.kafka.common.KafkaException: Failed to find brokers to send ListGroups
java.util.concurrent.ExecutionException: org.apache.kafka.common.KafkaException: Failed to find brokers to send ListGroups
    at org.apache.kafka.common.internals.KafkaFutureImpl.wrapAndThrow(KafkaFutureImpl.java:45)
    at org.apache.kafka.common.internals.KafkaFutureImpl.access$000(KafkaFutureImpl.java:32)
    at org.apache.kafka.common.internals.KafkaFutureImpl$SingleWaiter.await(KafkaFutureImpl.java:89)
    at org.apache.kafka.common.internals.KafkaFutureImpl.get(KafkaFutureImpl.java:260)
    at kafka.admin.ConsumerGroupCommand$ConsumerGroupService.listGroups(ConsumerGroupCommand.scala:183)
    at kafka.admin.ConsumerGroupCommand$.main(ConsumerGroupCommand.scala:63)
    at kafka.admin.ConsumerGroupCommand.main(ConsumerGroupCommand.scala)
Caused by: org.apache.kafka.common.KafkaException: Failed to find brokers to send ListGroups
    at org.apache.kafka.clients.admin.KafkaAdminClient$25.handleFailure(KafkaAdminClient.java:3040)
    at org.apache.kafka.clients.admin.KafkaAdminClient$Call.failWithTimeout(KafkaAdminClient.java:757)
    at org.apache.kafka.clients.admin.KafkaAdminClient$Call.fail(KafkaAdminClient.java:728)
    at org.apache.kafka.clients.admin.KafkaAdminClient$TimeoutProcessor.handleTimeouts(KafkaAdminClient.java:850)
    at org.apache.kafka.clients.admin.KafkaAdminClient$AdminClientRunnable.timeoutPendingCalls(KafkaAdminClient.java:918)
    at org.apache.kafka.clients.admin.KafkaAdminClient$AdminClientRunnable.processRequests(KafkaAdminClient.java:1239)
    at org.apache.kafka.clients.admin.KafkaAdminClient$AdminClientRunnable.run(KafkaAdminClient.java:1203)
    at java.lang.Thread.run(Thread.java:748)
Caused by: org.apache.kafka.common.errors.TimeoutException: Call(callName=findAllBrokers, deadlineMs=1615283298166) timed out at 1615283298167 after 1 attempt(s)
Caused by: org.apache.kafka.common.errors.TimeoutException: Timed out waiting for a node assignment.

zoo.cfg

# The number of milliseconds of each tick
tickTime=2000
# The number of ticks that the initial 
# synchronization phase can take
initLimit=10
# The number of ticks that can pass between 
# sending a request and getting an acknowledgement
syncLimit=5
# the directory where the snapshot is stored.
# do not use /tmp for storage, /tmp here is just 
# example sakes.
dataDir=/opt/kafka/zookeeper-3.4.12/data
# the port at which the clients will connect
clientPort=2181

quorumListenOnAllIPs=true
#支持SASL认证
authProvider.1=org.apache.zookeeper.server.auth.SASLAuthenticationProvider
requireClientAuthScheme=sasl


# 增加这个配置,其中的2888是kafka集群之间的通讯和数据同步端口,3888是集群节点leader的选举通信端口。
server.1=172.19.27.16:2888:3888
server.2=172.19.27.46:2888:3888
server.3=172.19.27.65:2888:3888

server.properties

broker.id=0

############################# Socket Server Settings #############################

# The address the socket server listens on. It will get the value returned from 
# java.net.InetAddress.getCanonicalHostName() if not configured.
#   FORMAT:
#     listeners = listener_name://host_name:port
#   EXAMPLE:
#     listeners = PLAINTEXT://your.host.name:9092
#listeners=PLAINTEXT://:9092
listener.security.protocol.map=INSIDE:SASL_PLAINTEXT
inter.broker.listener.name=INSIDE
advertised.listeners=INSIDE://172.19.27.16:9092
listeners=INSIDE://:9092

############################     SASL/SCRAM相关配置如下    ##############################
#Broker内部联络使用的security协议
#security.inter.broker.protocol=SASL_PLAINTEXT
#Broker内部联络使用的sasl协议,这里也可以配置多个,比如SCRAM-SHA-512,SCRAM-SHA-256并列使用
sasl.mechanism.inter.broker.protocol=SCRAM-SHA-512
#Broker允许使用的sasl协议,这里也可以配多个PLAIN,SCRAM-SHA-512,SCRAM-SHA-256
sasl.enabled.mechanisms=SCRAM-SHA-512

#设置zookeeper是否使用ACL
zookeeper.set.acl=true
#设置ACL类(低于 2.4.0 版本推荐使用 SimpleAclAuthorizer)
#authorizer.class.name=kafka.security.auth.SimpleAclAuthorizer
#设置ACL类(高于 2.4.0 版本推荐使用 AclAuthorizer)
authorizer.class.name=kafka.security.authorizer.AclAuthorizer
#设置Kafka超级用户账号,这两个分别对应zookeeper_jaas.conf中的user_super="super1234"和user_kafka="kafka1234";
super.users=User:admin;User:kafka

kafka-broker-jaas.conf

KafkaServer {
    org.apache.kafka.common.security.scram.ScramLoginModule required
    username="admin"
    password="admin";
};
Client {
    org.apache.zookeeper.server.auth.DigestLoginModule required
    username="kafka"
    password="kafka";
};
发表于 2021-03-09
添加评论
advertised.listeners

去掉吧,我不想在看到它,另外:

listener.security.protocol.map=INSIDE:SASL_PLAINTEXT
inter.broker.listener.name=INSIDE

哪里抄来的...INSIDE
按教程来吧,这配置读起来,就是希望broker之间内部交互无需证书,但外部却没有提供需要认证端口。
我是觉得你读一读,不要瞎配。。。
https://www.orchome.com/170

tiiimo -> 半兽人 3年前

对对 现在是在内部测,还没外网ip, 之后会加上外部

tiiimo -> 半兽人 3年前

我这个网络有点复杂,是通过vpn 来访问的 的这三个ip 而且这三个ip还不是一个网段的

半兽人 -> tiiimo 3年前

kafka对网段没有要求,你先读一下我提供给你的教程,很多配置你就理解了。

你的答案

查看kafka相关的其他问题或提一个您自己的问题