Hey, guys.
I’m trying to get Kafka in “kraft” mode up n’ running with SASL_PLAINTEXT
I’ve been able to get a functioning kafka broker/controller up n’ running locally, with this
config/kraft/server.properties
process.roles=broker,controller
node.id=1
controller.quorum.voters=1@localhost:9093
listeners=PLAINTEXT://:9092,CONTROLLER://:9093
inter.broker.listener.name=PLAINTEXT
advertised.listeners=PLAINTEXT://:9092
controller.listener.names=CONTROLLER
listener.security.protocol.map=CONTROLLER:PLAINTEXT,PLAINTEXT:PLAINTEXT
I’ve bound ports from the kafka docker container 9092
to 9092
on the host
kafka-topics.sh --list --bootstrap-server localhost:9092
and
kafka-topics.sh --bootstrap-server localhost:9092 --topic test --create --partitions 2 --replication-factor 1
works like a charm.
docker container logs
looks like they should.
I need some users to handle ACL on our topics, so I thought it was easy to just replace all PLAINTEXT
fields with SASL_PLAINTEXT
, I was wrong
We handle encryption on another level, so SASL_PLAINTEXT
is sufficient.
config/kraft/sasl_server.properties
process.roles=broker,controller
node.id=1
controller.quorum.voters=1@localhost:9094
listeners=SASL_PLAINTEXT://:9092,CONTROLLER://:9094
;advertised.listeners=SASL_PLAINTEXT://:9092
controller.listener.names=CONTROLLER
listener.security.protocol.map=CONTROLLER:SASL_PLAINTEXT,SASL_PLAINTEXT:SASL_PLAINTEXT
sasl.enabled.mechanisms=PLAIN
sasl.mechanism.inter.broker.protocol=PLAIN
security.inter.broker.protocol=SASL_PLAINTEXT
sasl.mechanism=PLAIN
security.protocol=SASL_PLAINTEXT
listener.name.controller.plain.sasl.jaas.config=org.apache.kafka.common.security.plain.PlainLoginModule required \
username="admin" \
password="admin-secret" \
user_admin="admin-secret";
plain.sasl.jaas.config=org.apache.kafka.common.security.plain.PlainLoginModule required \
username="admin" \
password="admin-secret";
I’m getting this error
java.lang.IllegalArgumentException: Could not find a 'KafkaServer' or 'controller.KafkaServer' entry in the JAAS configuration. System property 'java.security.auth.login.config' is not set