Why Ambari is setting the security protocol of the kafka to PLAINTEXTSASL instead of SASL_PLAINTEXT?
Why Ambari is setting the security protocol of the kafka to PLAINTEXTSASL instead of SASL_PLAINTEXT?
Hi All ,
During Kerboraizing the kafka using the Ambari , it is setting the kafka security protocol to PLAINTEXTSASL instead of SASL_PLAINTEXT, but everywhere in the document is it mentioned that it must be SASL_PLAINTEXT , I have few questions regarding this .
1. Why Ambari setting the security protocol to PLAINTEXTSASL , is it a bug ?
2. Even though we are able to produce and consume the messages from program written in java.
But in the producer we are setting the security protocol to PLAINTEXTSASL, and in the consumer SASL_PLAINTEXT , it is working fine , Question is how come it is working fine when actual protocol is just PLAINTEXTSASL.
Thanks in Advance ,
Param.
个解答,截止Sriharsha Chintalapani · 2017年02月26日 18:20
@Param NC Kafka security is developed by Hortonworks. Before it shipped into Apache Kafka we shipped it in HDP. At that time we called the SASL protocol as PLAINTEXTSASL which later changed SASL_PLAINTEXT. These protocols are synonymous so you can use them interchangeably. Older version of AMBARI still calls it as PLAINTEXTSASL which will be changing to SASL_PLAINTEXT in upcoming version.
In your case, producer & consumer are working because PLAINTEXTSASL or SASL_PLAINTEXT means the same thing and can be used interchangeably. For consistency purpose , we recommend you to use SASL_PLAINTEXT everywhere.
Hello Sriharsha, just a quick question. When I use confluentinc kafka rest proxy in company's HDP 2.5.3 cluster, I run into the error "No security protocol defined for listener PLAINTEXTSASL" and "broker info from zookeeper cannot be parsed". I guess that is because PLAINTEXTSASL cannot be recognized by other frameworks, though producer and consumer can work within HDP. Is there any way solving this problem?
个解答,截止bpreachuk · 2017年06月28日 11:17
We encountered a similar issue when upgrading our Ambari from 2.4 to 2.5. Our Kafka brokers would not restart.
Here was the error message:
- /var/log/kafka/server.log.2017-06-27-19:java.lang.IllegalArgumentException: requirement failed: security.inter.broker.protocol must be a protocol in the configured set of advertised.listeners. The valid options based on currently configured protocols are Set(SASL_PLAINTEXT)
We had specified PLAINTEXTSASL as the SASL protocol in the configuration.
To fix this we changed the following configuration in Custom kafka-broker:
- security.inter.broker.protocol=SASL_PLAINTEXT
个解答,截止Sriharsha Chintalapani · 2017年03月14日 21:38
Kafka rest proxy uses old client apis, which are not supported in secure cluster in Apache. However HDP kafka supports security in old consumer apis. To enable this you need to build kafka rest proxy code with HDP kafka_core dependency and pass a KafkaClient jaas config to your kafka rest server JVM.
Why Ambari is setting the security protocol of the kafka to PLAINTEXTSASL instead of SASL_PLAINTEXT?的更多相关文章
- Scyther-Semantics and verification of Security Protocol
1 .本书前一节主要是介作者自己的生平经历(读完感觉作者是个神童),目标明确作者13岁代码已经写的很溜了.自己也开了网络公司,但是后面又专注于自己的计算机基础理论,修了哲学的博士学位(不得不说很多专业 ...
- Scyther-Semantics and verification of Security Protocol 翻译 (第二章 2.2.2----2.3)
2.2.2 事件顺序 协议中的每个角色对应于事件列表,换句话说, 在属于角色 R 的协议事件集上施加结构,总的排序表示为 $ \prec $ , 如此任何角色 R∈Role 和 $\varepsil ...
- 【翻译】Flume 1.8.0 User Guide(用户指南) Sink
翻译自官网flume1.8用户指南,原文地址:Flume 1.8.0 User Guide 篇幅限制,分为以下5篇: [翻译]Flume 1.8.0 User Guide(用户指南) [翻译]Flum ...
- flume1.9 用户指南(中文版)
概述 Apache Flume是一个分布式,可靠且可用的系统,用于有效地从许多不同的source收集,聚合和移动大量日志数据到集中式数据存储. Apache Flume的使用不仅限于日志数据聚合.由于 ...
- 一次flume exec source采集日志到kafka因为单条日志数据非常大同步失败的踩坑带来的思考
本次遇到的问题描述,日志采集同步时,当单条日志(日志文件中一行日志)超过2M大小,数据无法采集同步到kafka,分析后,共踩到如下几个坑.1.flume采集时,通过shell+EXEC(tail -F ...
- Internet protocol security (ipsec) packet processing for multiple clients sharing a single network address
Embodiments of the present invention address deficiencies of the art in respect to secure communicat ...
- IBM developer:Setting up the Kafka plugin for Ranger
Follow these steps to enable and configure the Kafka plugin for Ranger. Before you begin The default ...
- Configuring Apache Kafka Security
This topic describes additional steps you can take to ensure the safety and integrity of your data s ...
- [不错]A step-by-step guide to enabling security, TLS/SSL, and PKI authentication in Elasticsearch
Now posted on the Elastic blog December 12, 2018 update: This article has been published on Elastic’ ...
随机推荐
- Postgresql数据库部署之:Postgresql本机启动和Postgresql注册成windows 服务
1.初始化并创建数据库(一次即可) initdb \data --locale=chs -U postgres -W You can now start the database server u ...
- 6.[leetcode] ZigZag Conversion
The string "PAYPALISHIRING" is written in a zigzag pattern on a given number of rows like ...
- linux中使用docker-compose部署软件配置分享
本篇将分享一些 docker-compose 的配置,可参考其总结自己的一套基于docker的开发/生产环境配置. 安装docker及docker-compose install docker cur ...
- 【原创开源】网络版二代双通道示波器开源发布,支持电脑,手机和Pad等各种OS平台访问
前言感谢大家的支持,提前奉上今年的国庆福利. 一代示波器发布于3年前,去年年底的时候发布了二代示波器,软件性能已经比较强劲,但依然有值得升级改进的地方,经过今年这半年多努力,在二代示波器的基础上再推出 ...
- webpack打包The 'mode' option has not been set,错误提示
学习到webpack打包这个工具的时候,总是报错.在这里记录一下...... 我是window系统 当使用npm安装好webpack后,你去查看如果出现一下问题. 出现以上问题,我的做法是 先将web ...
- vue 传值 概述 个人理解
1 父传子 子组件 props:[‘自定义属性名’] 父组件 v-bind:自定义属性名="值" 理解 子组件创建一个自定属性 父组件使用vue指令绑定到 自定义 ...
- Redhat 平台下 LVM 管理说明
Redhat 平台下 LVM 管理说明 LVM 是 Logical Volume Manager(逻辑卷管理器)的简写,它为主机提供了更高层次的磁盘存储管理能力.LVM 可以帮助系统管理员为应用与用 ...
- Windows下SVN服务器搭建和基本操作(服务端、客户端)
自己打算打一个SVN服务器了解一下,所以顺便记录一下整个的过程 下载 服务端 https://www.visualsvn.com/server/download/ 客户端 https://www.vi ...
- [翻译] 使用 Python 创建你自己的 Shell:Part I
目录 使用 Python 创建你自己的 Shell:Part I 原文链接与说明 步骤 0:项目结构 步骤 1:Shell 循环 步骤 2:命令切分 步骤 3:执行 运行 使用 Python 创建你自 ...
- 1分钟解决VS每次运行都显示“正在还原nuget程序包”问题
VS一直停留在“正在还原nuget程序包” 在开发中,运行不同版本的vs会显示还原nuget程序包,还原需要不短的时间,并且不一定还原成功. 或者其他什么原因导致需要还原nuget程序包,这样很烦的有 ...