CDP 717环境使用kafka-console-consumer
命令消费kafka报错如下
23/03/28 09:19:07 WARN clients.NetworkClient: [Consumer clientId=consumer-console-consumer-52833-1, groupId=console-consumer-52833] Bootstrap broker xx.xx.xx.xx:9092 (id: -1 rack: null) disconnected
原因
是因为kafka开启了kerberos
具体检查可见
1、In Cloudera Manager, navigate to Kafka > Configuration.
2、Set SSL Client Authentication to none.
3、Set Inter Broker Protocol to SASL_PLAINTEXT.
解决方式
1、创建文件jaas.conf
KafkaClient {
com.sun.security.auth.module.Krb5LoginModule required
useKeyTab=true
keyTab="/var/run/cloudera-scm-agent/process/11111-kafka-KAFKA_BROKER/kafka.keytab"
principal="kafka/[email protected]";
};
注意:这里principal
不清楚的话可以先执行kinit认证后,klist查看对应信息填入即可
2、创建文件client.properties
security.protocol=SASL_PLAINTEXT
sasl.kerberos.service.name=kafka
3、执行命令
这里的jaas文件路径参考上面1存放路径
export KAFKA_OPTS="-Djava.security.auth.login.config=/home/user/jaas.conf"
4、执行消费命令
/opt/cloudera/parcels/CDH/bin/kafka-console-consumer --topic mytpoic --bootstrap-server brokerip:9092 --consumer.config client.properties --from-beginning
参考链接
https://docs.cloudera.com/cdp-private-cloud-base/7.1.7/kafka-securing/topics/kafka-secure-kerberos-enable.html