Errorwhile executing ACLcommand: org.apache.zookeeper.KeeperException$NoAuthException:KeeperErrorCode = NoAuthfor /kafka-acl/Topic
org.I0Itec.zkclient.exception.ZkException: org.apache.zookeeper.KeeperException$NoAuthException:KeeperErrorCode = NoAuthfor /kafka-acl/Topic
at org.I0Itec.zkclient.exception.ZkException.create(ZkException.java:68)
at org.I0Itec.zkclient.ZkClient.retryUntilConnected(ZkClient.java:1000)
at org.I0Itec.zkclient.ZkClient.create(ZkClient.java:527)
at org.I0Itec.zkclient.ZkClient.createPersistent(ZkClient.java:293)
at kafka.utils.ZkPath$.createPersistent(ZkUtils.scala:965)
at kafka.utils.ZkUtils.createParentPath(ZkUtils.scala:437)
at kafka.utils.ZkUtils.createPersistentPath(ZkUtils.scala:488)
at kafka.security.auth.SimpleAclAuthorizer.updatePath(SimpleAclAuthorizer.scala:322)
at kafka.security.auth.SimpleAclAuthorizer.kafka$security$auth$SimpleAclAuthorizer$$updateResourceAcls(SimpleAclAuthorizer.scala:279)
at kafka.security.auth.SimpleAclAuthorizer$$anonfun$addAcls$1.apply$mcZ$sp(SimpleAclAuthorizer.scala:178)
at kafka.security.auth.SimpleAclAuthorizer$$anonfun$addAcls$1.apply(SimpleAclAuthorizer.scala:178)
at kafka.security.auth.SimpleAclAuthorizer$$anonfun$addAcls$1.apply(SimpleAclAuthorizer.scala:178)
at kafka.utils.CoreUtils$.inLock(CoreUtils.scala:234)
at kafka.utils.CoreUtils$.inWriteLock(CoreUtils.scala:242)
at kafka.security.auth.SimpleAclAuthorizer.addAcls(SimpleAclAuthorizer.scala:177)
at kafka.admin.AclCommand$$anonfun$addAcl$1$$anonfun$apply$3.apply(AclCommand.scala:89)
at kafka.admin.AclCommand$$anonfun$addAcl$1$$anonfun$apply$3.apply(AclCommand.scala:86)
at scala.collection.TraversableLike$WithFilter$$anonfun$foreach$1.apply(TraversableLike.scala:733)
at scala.collection.immutable.Map$Map2.foreach(Map.scala:137)
at scala.collection.TraversableLike$WithFilter.foreach(TraversableLike.scala:732)
at kafka.admin.AclCommand$$anonfun$addAcl$1.apply(AclCommand.scala:86)
at kafka.admin.AclCommand$$anonfun$addAcl$1.apply(AclCommand.scala:80)
at kafka.admin.AclCommand$.withAuthorizer(AclCommand.scala:74)
at kafka.admin.AclCommand$.addAcl(AclCommand.scala:80)
at kafka.admin.AclCommand$.main(AclCommand.scala:48)
at kafka.admin.AclCommand.main(AclCommand.scala)
Causedby: org.apache.zookeeper.KeeperException$NoAuthException:KeeperErrorCode = NoAuthfor /kafka-acl/Topic
at org.apache.zookeeper.KeeperException.create(KeeperException.java:113)
at org.apache.zookeeper.KeeperException.create(KeeperException.java:51)
at org.apache.zookeeper.ZooKeeper.create(ZooKeeper.java:783)
at org.I0Itec.zkclient.ZkConnection.create(ZkConnection.java:99)
at org.I0Itec.zkclient.ZkClient$3.call(ZkClient.java:530)
at org.I0Itec.zkclient.ZkClient$3.call(ZkClient.java:527)
at org.I0Itec.zkclient.ZkClient.retryUntilConnected(ZkClient.java:990)
... 24 more
查了zk的日志,报很多结点没有,很奇怪啊,集群都是正常的:
2017-03-1015:27:33,735 [myid:] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:SaslServerCallbackHandler@118] - Successfully authenticated client: authenticationID=kafka/tzcdh103@TEST; authorizationID=kafka/tzcdh103@TEST.
2017-03-1015:27:33,735 [myid:] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:SaslServerCallbackHandler@134] - SettingauthorizedID: kafka/tzcdh103@TEST2017-03-1015:27:33,736 [myid:] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:ZooKeeperServer@1024] - adding SASL authorization forauthorizationID: kafka/tzcdh103@TEST2017-03-1015:27:35,674 [myid:] - INFO [ProcessThread(sid:0cport:2181)::PrepRequestProcessor@649] - Got user-level KeeperExceptionwhen processing sessionid:0x15ab6febb5e0009type:delete cxid:0x2ezxid:0x40txntype:-1reqpath:n/a ErrorPath:/admin/preferred_replica_electionError:KeeperErrorCode = NoNodefor /admin/preferred_replica_election
2017-03-1015:27:35,734 [myid:] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:NIOServerCnxnFactory@192] - Accepted socket connection from /192.168.103.103:153212017-03-1015:27:35,737 [myid:] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:ZooKeeperServer@928] - Client attempting to establish new session at /192.168.103.103:153212017-03-1015:27:35,738 [myid:] - INFO [SyncThread:0:ZooKeeperServer@673] - Established session 0x15ab6febb5e000a with negotiated timeout 6000for client /192.168.103.103:153212017-03-1015:27:35,756 [myid:] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:SaslServerCallbackHandler@118] - Successfully authenticated client: authenticationID=kafka/tzcdh103@TEST; authorizationID=kafka/tzcdh103@TEST.
2017-03-1015:27:35,756 [myid:] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:SaslServerCallbackHandler@134] - SettingauthorizedID: kafka/tzcdh103@TEST2017-03-1015:27:35,756 [myid:] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:ZooKeeperServer@1024] - adding SASL authorization forauthorizationID: kafka/tzcdh103@TEST2017-03-1015:27:35,875 [myid:] - INFO [ProcessThread(sid:0cport:2181)::PrepRequestProcessor@649] - Got user-level KeeperExceptionwhen processing sessionid:0x15ab6febb5e0009type:create cxid:0x3azxid:0x42txntype:-1reqpath:n/a ErrorPath:/brokersError:KeeperErrorCode = NodeExistsfor /brokers
2017-03-1015:27:35,875 [myid:] - INFO [ProcessThread(sid:0cport:2181)::PrepRequestProcessor@649] - Got user-level KeeperExceptionwhen processing sessionid:0x15ab6febb5e0009type:create cxid:0x3bzxid:0x43txntype:-1reqpath:n/a ErrorPath:/brokers/idsError:KeeperErrorCode = NodeExistsfor /brokers/ids
我也遇到这个问题了,后来参考 https://blog.csdn.net/ahzsg1314/article/details/54140909 ,发现没有在broker之间设置ACL访问权限;然后给每一个broker设置一个超级用户就可以了。
sasl.kerberos.service.name=kafka super.users=User:kafka
升级zookeeper到3.4.9。
我目前的zk版本是3.4.6,前面有一天是可以的,可以的这个情况出现的也很偶然,是我将kafka的日志级别调整为debug后,重启kafka就突然可以了
但第二天将zk和kafka重启后就又不行了,我先试试升级一下zk吧
升级到3.4.9后连acl都加不了了,直接报:
Error while executing ACL command: org.apache.zookeeper.KeeperException$NoAuthException: KeeperErrorCode = NoAuth for /kafka-acl/Topic org.I0Itec.zkclient.exception.ZkException: org.apache.zookeeper.KeeperException$NoAuthException: KeeperErrorCode = NoAuth for /kafka-acl/Topic at org.I0Itec.zkclient.exception.ZkException.create(ZkException.java:68) at org.I0Itec.zkclient.ZkClient.retryUntilConnected(ZkClient.java:1000) at org.I0Itec.zkclient.ZkClient.create(ZkClient.java:527) at org.I0Itec.zkclient.ZkClient.createPersistent(ZkClient.java:293) at kafka.utils.ZkPath$.createPersistent(ZkUtils.scala:965) at kafka.utils.ZkUtils.createParentPath(ZkUtils.scala:437) at kafka.utils.ZkUtils.createPersistentPath(ZkUtils.scala:488) at kafka.security.auth.SimpleAclAuthorizer.updatePath(SimpleAclAuthorizer.scala:322) at kafka.security.auth.SimpleAclAuthorizer.kafka$security$auth$SimpleAclAuthorizer$$updateResourceAcls(SimpleAclAuthorizer.scala:279) at kafka.security.auth.SimpleAclAuthorizer$$anonfun$addAcls$1.apply$mcZ$sp(SimpleAclAuthorizer.scala:178) at kafka.security.auth.SimpleAclAuthorizer$$anonfun$addAcls$1.apply(SimpleAclAuthorizer.scala:178) at kafka.security.auth.SimpleAclAuthorizer$$anonfun$addAcls$1.apply(SimpleAclAuthorizer.scala:178) at kafka.utils.CoreUtils$.inLock(CoreUtils.scala:234) at kafka.utils.CoreUtils$.inWriteLock(CoreUtils.scala:242) at kafka.security.auth.SimpleAclAuthorizer.addAcls(SimpleAclAuthorizer.scala:177) at kafka.admin.AclCommand$$anonfun$addAcl$1$$anonfun$apply$3.apply(AclCommand.scala:89) at kafka.admin.AclCommand$$anonfun$addAcl$1$$anonfun$apply$3.apply(AclCommand.scala:86) at scala.collection.TraversableLike$WithFilter$$anonfun$foreach$1.apply(TraversableLike.scala:733) at scala.collection.immutable.Map$Map2.foreach(Map.scala:137) at scala.collection.TraversableLike$WithFilter.foreach(TraversableLike.scala:732) at kafka.admin.AclCommand$$anonfun$addAcl$1.apply(AclCommand.scala:86) at kafka.admin.AclCommand$$anonfun$addAcl$1.apply(AclCommand.scala:80) at kafka.admin.AclCommand$.withAuthorizer(AclCommand.scala:74) at kafka.admin.AclCommand$.addAcl(AclCommand.scala:80) at kafka.admin.AclCommand$.main(AclCommand.scala:48) at kafka.admin.AclCommand.main(AclCommand.scala) Caused by: org.apache.zookeeper.KeeperException$NoAuthException: KeeperErrorCode = NoAuth for /kafka-acl/Topic at org.apache.zookeeper.KeeperException.create(KeeperException.java:113) at org.apache.zookeeper.KeeperException.create(KeeperException.java:51) at org.apache.zookeeper.ZooKeeper.create(ZooKeeper.java:783) at org.I0Itec.zkclient.ZkConnection.create(ZkConnection.java:99) at org.I0Itec.zkclient.ZkClient$3.call(ZkClient.java:530) at org.I0Itec.zkclient.ZkClient$3.call(ZkClient.java:527) at org.I0Itec.zkclient.ZkClient.retryUntilConnected(ZkClient.java:990) ... 24 more
查了zk的日志,报很多结点没有,很奇怪啊,集群都是正常的:
2017-03-10 15:27:33,735 [myid:] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:SaslServerCallbackHandler@118] - Successfully authenticated client: authenticationID=kafka/tzcdh103@TEST; authorizationID=kafka/tzcdh103@TEST. 2017-03-10 15:27:33,735 [myid:] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:SaslServerCallbackHandler@134] - Setting authorizedID: kafka/tzcdh103@TEST 2017-03-10 15:27:33,736 [myid:] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:ZooKeeperServer@1024] - adding SASL authorization for authorizationID: kafka/tzcdh103@TEST 2017-03-10 15:27:35,674 [myid:] - INFO [ProcessThread(sid:0 cport:2181)::PrepRequestProcessor@649] - Got user-level KeeperException when processing sessionid:0x15ab6febb5e0009 type:delete cxid:0x2e zxid:0x40 txntype:-1 reqpath:n/a Error Path:/admin/preferred_replica_election Error:KeeperErrorCode = NoNode for /admin/preferred_replica_election 2017-03-10 15:27:35,734 [myid:] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:NIOServerCnxnFactory@192] - Accepted socket connection from /192.168.103.103:15321 2017-03-10 15:27:35,737 [myid:] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:ZooKeeperServer@928] - Client attempting to establish new session at /192.168.103.103:15321 2017-03-10 15:27:35,738 [myid:] - INFO [SyncThread:0:ZooKeeperServer@673] - Established session 0x15ab6febb5e000a with negotiated timeout 6000 for client /192.168.103.103:15321 2017-03-10 15:27:35,756 [myid:] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:SaslServerCallbackHandler@118] - Successfully authenticated client: authenticationID=kafka/tzcdh103@TEST; authorizationID=kafka/tzcdh103@TEST. 2017-03-10 15:27:35,756 [myid:] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:SaslServerCallbackHandler@134] - Setting authorizedID: kafka/tzcdh103@TEST 2017-03-10 15:27:35,756 [myid:] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:ZooKeeperServer@1024] - adding SASL authorization for authorizationID: kafka/tzcdh103@TEST 2017-03-10 15:27:35,875 [myid:] - INFO [ProcessThread(sid:0 cport:2181)::PrepRequestProcessor@649] - Got user-level KeeperException when processing sessionid:0x15ab6febb5e0009 type:create cxid:0x3a zxid:0x42 txntype:-1 reqpath:n/a Error Path:/brokers Error:KeeperErrorCode = NodeExists for /brokers 2017-03-10 15:27:35,875 [myid:] - INFO [ProcessThread(sid:0 cport:2181)::PrepRequestProcessor@649] - Got user-level KeeperException when processing sessionid:0x15ab6febb5e0009 type:create cxid:0x3b zxid:0x43 txntype:-1 reqpath:n/a Error Path:/brokers/ids Error:KeeperErrorCode = NodeExists for /brokers/ids
之前遇到过一次,重启后会不正常,最后查出来是zookeeper版本低。
现象是第一次是ok的,之后重启后就不正常了,无限的刷LEADER_NOT_AVAILABLE。
你的答案