3.8.1版本kafka使用traft协议授权报错

谁能凭爱意将富士山私有丶 发表于: 2024-11-01   最后更新时间: 2024-11-04 09:34:34   177 游览

我在安装3.8.1版本kafka,使用traft协议,在授权的时候,出现了问题

server.properties

log.dirs=/portal/data/kafka
process.roles=broker,controller
node.id=1
controller.quorum.voters=1@192.168.1.41:9093,2@192.168.1.42:9093,3@192.168.1.43:9093,4@192.168.1.44:9093
controller.listener.names=CONTROLLER
######## 认证配置
listeners=SASL_PLAINTEXT://:9092,CONTROLLER://:9093      
inter.broker.listener.name=SASL_PLAINTEXT  
listener.security.protocol.map=CONTROLLER:SASL_PLAINTEXT,PLAINTEXT:PLAINTEXT,SSL:SSL,SASL_PLAINTEXT:SASL_PLAINTEXT,SASL_SSL:SASL_SSL,CONTROLLER:PLAINTEXT
######## 认证机制 配置
sasl.enabled.mechanisms=SCRAM-SHA-512                    
sasl.mechanism.inter.broker.protocol=SCRAM-SHA-512       
super.users=User:kafkaadmin
allow.everyone.if.no.acl.found=true
#authorizer.class.name=org.apache.kafka.metadata.authorizer.StandardAuthorizer
authorizer.class.name=kafka.security.authorizer.

broker-jaas

KafkaServer {
    org.apache.kafka.common.security.scram.ScramLoginModule required username="kafkaadmin" password="kafkaadmin123456";
};

报错信息如下:

[2024-11-01 18:00:07,867] ERROR [RaftManager id=1] Unexpected error UNKNOWN_SERVER_ERROR in VOTE response: InboundResponse(correlationId=214, data=VoteResponseData(errorCode=-1, topics=[]), source=192.168.1.44:9093 (id: 4 rack: null)) (org.apache.kafka.raft.KafkaRaftClient)
[2024-11-01 18:00:07,867] ERROR [ControllerApis nodeId=1] Unexpected error handling request RequestHeader(apiKey=VOTE, apiVersion=0, clientId=raft-client-4, correlationId=451, headerVersion=2) -- VoteRequestData(clusterId='vzMSFzFgScuDNNJ2YSFyjw', topics=[TopicData(topicName='__cluster_metadata', partitions=[PartitionData(partitionIndex=0, candidateEpoch=3, candidateId=4, lastOffsetEpoch=0, lastOffset=0)])]) with context RequestContext(header=RequestHeader(apiKey=VOTE, apiVersion=0, clientId=raft-client-4, correlationId=451, headerVersion=2), connectionId='192.168.1.41:9093-192.168.1.44:51936-0', clientAddress=/192.168.1.44, principal=User:ANONYMOUS, listenerName=ListenerName(CONTROLLER), securityProtocol=PLAINTEXT, clientInformation=ClientInformation(softwareName=apache-kafka-java, softwareVersion=3.8.1), fromPrivilegedListener=false, principalSerde=Optional[org.apache.kafka.common.security.authenticator.DefaultKafkaPrincipalBuilder@27b7bcf3]) (kafka.server.ControllerApis)
org.apache.kafka.common.errors.AuthorizerNotReadyException

该如何解决?

添加评论

首先,缺少

security.inter.broker.protocol=SASL_PLAINTEXT

其次

listener.security.protocol.map=CONTROLLER:SASL_PLAINTEXT,PLAINTEXT:PLAINTEXT,SSL:SSL,SASL_PLAINTEXT:SASL_PLAINTEXT,SASL_SSL:SASL_SSL,CONTROLLER:PLAINTEXT

CONTROLLER你配置了2个,看日志用的最后的的策略PLAINTEXT,而你并没有定义它。

你这个很多没有用,我给你精简了一下

listener.security.protocol.map=CONTROLLER:PLAINTEXT,SASL_PLAINTEXT:SASL_PLAINTEXT

我在文件中使用了inter.broker.listener.name=SASL_PLAINTEXT,
就不需要使用security.inter.broker.protocol=SASL_PLAINTEXT
这个属性了

我也遇到同样的问题,请问解决了没

你看我最新提问的,那个是已经解决了这个问题的版本,但是遇到了新的问题。

你的答案

查看kafka相关的其他问题或提一个您自己的问题