java - Kafka Kerberos SASL 无法连接到代理
问题描述
我正在为 Kafka 服务器使用Kerberos GSSAPI SASL_PLAINTEXT身份验证。当我尝试使用 Kafka 生产者时,我得到了这个错误。我无法理解此异常的含义。你能告诉我这个EOF异常的原因是什么吗?
Kerberos 能够获得票证并在调试日志中找到服务和客户端主体,但它仍然没有进行身份验证。我正在使用带有 Java 8 的 Kafka 2.13-2.8.0
[2021-07-25 16:19:18,665] DEBUG [Producer clientId=console-producer] Initialize connection to node <<hostname>>:9094 (id: -1 rack: null) for sending metadata request (org.apache.kafka.clients.NetworkClient)
[2021-07-25 16:19:18,665] DEBUG [Producer clientId=console-producer] Initiating connection to node <<hostname>>:9094 (id: -1 rack: null) using address <<hostname>>/<<ip address>> (org.apache.kafka.clients.NetworkClient)
[2021-07-25 16:19:18,666] DEBUG [Producer clientId=console-producer] Set SASL client state to SEND_APIVERSIONS_REQUEST (org.apache.kafka.common.security.authenticator.SaslClientAuthenticator)
[2021-07-25 16:19:18,666] DEBUG [Producer clientId=console-producer] Creating SaslClient: client=admin@KAFKA.SECURE;service=kafka;serviceHostname=<<hostname>>;mechs=[GSSAPI] (org.apache.kafka.common.security.authenticator.SaslClientAuthenticator)
[2021-07-25 16:19:18,667] DEBUG [Producer clientId=console-producer] Created socket with SO_RCVBUF = 32768, SO_SNDBUF = 102400, SO_TIMEOUT = 0 to node -1 (org.apache.kafka.common.network.Selector)
[2021-07-25 16:19:18,667] DEBUG [Producer clientId=console-producer] Set SASL client state to RECEIVE_APIVERSIONS_RESPONSE (org.apache.kafka.common.security.authenticator.SaslClientAuthenticator)
[2021-07-25 16:19:18,667] DEBUG [Producer clientId=console-producer] Completed connection to node -1. Fetching API versions. (org.apache.kafka.clients.NetworkClient)
[2021-07-25 16:19:18,668] DEBUG [Producer clientId=console-producer] Set SASL client state to SEND_HANDSHAKE_REQUEST (org.apache.kafka.common.security.authenticator.SaslClientAuthenticator)
[2021-07-25 16:19:18,668] DEBUG [Producer clientId=console-producer] Set SASL client state to RECEIVE_HANDSHAKE_RESPONSE (org.apache.kafka.common.security.authenticator.SaslClientAuthenticator)
[2021-07-25 16:19:18,669] DEBUG [Producer clientId=console-producer] Set SASL client state to INITIAL (org.apache.kafka.common.security.authenticator.SaslClientAuthenticator)
[2021-07-25 16:19:18,671] DEBUG [Producer clientId=console-producer] Set SASL client state to INTERMEDIATE (org.apache.kafka.common.security.authenticator.SaslClientAuthenticator)
[2021-07-25 16:19:18,672] DEBUG [Producer clientId=console-producer] Connection with <<hostname>>/<<ip address>> disconnected (org.apache.kafka.common.network.Selector)
java.io.EOFException
at org.apache.kafka.common.network.NetworkReceive.readFrom(NetworkReceive.java:97)
at org.apache.kafka.common.security.authenticator.SaslClientAuthenticator.receiveResponseOrToken(SaslClientAuthenticator.java:475)
at org.apache.kafka.common.security.authenticator.SaslClientAuthenticator.receiveKafkaResponse(SaslClientAuthenticator.java:572)
at org.apache.kafka.common.security.authenticator.SaslClientAuthenticator.receiveToken(SaslClientAuthenticator.java:508)
at org.apache.kafka.common.security.authenticator.SaslClientAuthenticator.authenticate(SaslClientAuthenticator.java:302)
at org.apache.kafka.common.network.KafkaChannel.prepare(KafkaChannel.java:181)
at org.apache.kafka.common.network.Selector.pollSelectionKeys(Selector.java:543)
at org.apache.kafka.common.network.Selector.poll(Selector.java:481)
at org.apache.kafka.clients.NetworkClient.poll(NetworkClient.java:561)
at org.apache.kafka.clients.producer.internals.Sender.runOnce(Sender.java:327)
at org.apache.kafka.clients.producer.internals.Sender.run(Sender.java:242)
at java.lang.Thread.run(Thread.java:748)
[2021-07-25 16:19:18,565] DEBUG [Producer clientId=console-producer] Node -1 disconnected. (org.apache.kafka.clients.NetworkClient)
[2021-07-25 16:19:18,565] WARN [Producer clientId=console-producer] Connection to node -1 (<<hostname>>/<<ip address>>:9094) terminated during authentication. This may happen due to any of the following reasons: (1) Authentication failed due to invalid credentials with brokers older than 1.0.0, (2) Firewall blocking Kafka TLS traffic (eg it may only allow HTTPS traffic), (3) Transient network issue. (org.apache.kafka.clients.NetworkClient)
[2021-07-25 16:19:18,566] WARN [Producer clientId=console-producer] Bootstrap broker <<hostname>>:9094 (id: -1 rack: null) disconnected (org.apache.kafka.clients.NetworkClient)
解决方案
推荐阅读
- amazon-web-services - AWS 雅典娜 | CSV 与实木复合地板 | 扫描数据的大小
- python - 运行 Argpars 但收到此错误 SystemExit 2
- python - Django,IIS。我无法使用 IIS 发布 django
- javascript - 需要 React 代码获取请求删除操作的帮助
- puppeteer - puppeteer 可以用来自动点击子菜单吗?
- c++ - 在我的 c++ 简单缓冲区代码中,出口 3 和 4 的错误语句应该是什么?
- swift - 将 @State 属性切换为 @Binding 属性会干扰动画
- javascript - Discord.js V12 静音角色问题
- excel - 从 ComboBox 选择中解析子字符串
- python - 如何按不同大小的组执行线性回归?