先前在半兽人指导下,使用新producer和consumer,却产生新的错误,
[root@vmw201 /]# kafka-console-producer --broker-list 172.16.18.201:9093 --topic test2 --producer.config /etc/kafka/conf/producer.properties
[2016-08-31 14:12:15,267] ERROR The TGT cannot be renewed beyond the next expiry date: Thu Sep 01 14:04:14 CST 2016.This process will not be able to authenticate new SASL connections after that time (for example, it will not be able to authenticate a new connection with a Kafka Broker). Ask your system administrator to either increase the 'renew until' time by doing : 'modprinc -maxrenewlife null ' within kadmin, or instead, to generate a keytab for null. Because the TGT's expiry cannot be further extended by refreshing, exiting refresh thread now. (org.apache.kafka.common.security.kerberos.Login)
[2016-08-31 14:12:15,281] WARN The configuration sasl.mechanism = GSSAPI was supplied but isn't a known config. (org.apache.kafka.clients.producer.ProducerConfig)
^Z
[16]+ Stopped kafka-console-producer --broker-list 172.16.18.201:9093 --topic test2 --producer.config /etc/kafka/conf/producer.properties
这个问题令我百思不得其解,这是配置文件krb5.conf
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = BEIJING.COM
dns_lookup_realm = false
dns_lookup_kdc = false
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true
udp_preference_limit = 1
[realms]
BEIJING.COM = {
kdc = vmw201:88
admin_server = vmw201:749
}
[domain_realm]
.beijing.com=BEIJING.COM
beijing.com=BEIJING.COM
[kdc]
profile=/var/kerberos/krb5kdc/kdc.conf
配置文件
kdc.conf
[kdcdefaults]
kdc_tcp_ports = 88
kdc_ports = 88
[realms]
BEIJING.COM = {
**#master_key_type = aes256-cts**
acl_file = /var/kerberos/krb5kdc/kadm5.acl
dict_file = /usr/share/dict/words
admin_keytab = /var/kerberos/krb5kdc/kadm5.keytab
supported_enctypes = aes128-cts:normal des3-hmac-sha1:normal arcfour-hmac:normal
max_life = 25h
max_renewable_life = 8d
}
该配的我都赔了,应该是可以renew的,可为什么说不行呢?
后来我在网上找了一下,说brokers没在zk中配置,似乎是这个问题
[zk: vmw201:2181(CONNECTED) 2] get /kafka/brokers/ids/396
{"jmx_port":9393,"timestamp":"1472623834388","endpoints":["SASL_PLAINTEXT://vmw201:9092"],"host":null,"version":2,"port":-1}
cZxid = 0x3d00008764
ctime = Wed Aug 31 14:10:34 CST 2016
mZxid = 0x3d00008764
mtime = Wed Aug 31 14:10:34 CST 2016
pZxid = 0x3d00008764
cversion = 0
dataVersion = 0
aclVersion = 0
ephemeralOwner = 0x256db1222920633
dataLength = 124
numChildren = 0
host的值为null,感觉不应该啊,所以我认为问题出在这,可否有前辈赐教。
你看下kerberos的日志。有没有异常。还有broker的启动日志,是否配置成功。
你的答案