赞
踩
kafka tool 2.1连接kerberos的kafka(cdh6.3.2)集群。
kafka tools 下载连接:https://www.kafkatool.com/download.html
当cdh开启kerberos 后,kafka的监控工具就很难配置了,kafkatool 我也是配置了很久。偶然间配置成功了。kafka tools从2.1开始改名为offsetexplorer 。暂时不影响使用。kafka是cdh6.3.2版本的。已经开启sasl_PLAINTEXT.
kafka tools连接kafka配置:
1.创建kafka tool 快捷方式,并修改属性增加以下配置:
krb5.conf是从服务器(/etc/krb5.conf)下载下来的。让kafka tool 加载kerberos配置
-J-Djava.security.krb5.conf=D:/krb5.conf
2.修改界面配置:
2.1 zookeeper配置
2.2 secunity配置。由于kafka配置为sasl。这里选sasl plaintext
2.3 advanced 高级配置:
因为采用keytab进行kerberos 验证,所以配置为GSSAPI,如果是用户密码方式验证 就是PLAIN
2.4 JAAS config 配置
可以在这个界面进行配置,也可以在kafkatools 启动属性里配置jaas config 文件的路径。
serviceName必须配置,否则报错找不到service 名字的错误
keyTab 文件建议放在上层目录,否则很容易找不到。
com.sun.security.auth.module.Krb5LoginModule required
serviceName="kafka"
useKeyTab=true
keyTab="D:/user001.keytab"
principal="user001/admin";
2.5 成功连接:
3.排错:
报错不要慌,从kafka tool 安装目录查看error.log文件:
org.apache.kafka.common.KafkaException:Failed to create new KafkaAdminClient atorg.apache.kafka.clients.admin.KafkaAdminClient.createInternal(KafkaAdminClient.java:451) atorg.apache.kafka.clients.admin.Admin.create(Admin.java:59) atorg.apache.kafka.clients.admin.AdminClient.create(AdminClient.java:39) atcom.kafkatool.model.KafkaMapper.getBrokersKafka(KafkaMapper.java:349) atcom.kafkatool.model.KafkaMapper.getBrokers(KafkaMapper.java:336) atcom.kafkatool.model.ServerConnection.getBrokers(ServerConnection.java:198) atcom.kafkatool.model.ServerConnection.connectInt(ServerConnection.java:351) atcom.kafkatool.model.ServerConnection.connect(ServerConnection.java:332) atcom.kafkatool.common.AsyncServerConnector.run(AsyncServerConnector.java:43) atjava.lang.Thread.run(Thread.java:748) Caused by:org.apache.kafka.common.KafkaException:javax.security.auth.login.LoginException: Could not login: the client is beingasked for a password, but the Kafka client code does not currently supportobtaining a password from the user. not available to garner authentication information from the user atorg.apache.kafka.common.network.SaslChannelBuilder.configure(SaslChannelBuilder.java:158) atorg.apache.kafka.common.network.ChannelBuilders.create(ChannelBuilders.java:146) atorg.apache.kafka.common.network.ChannelBuilders.clientChannelBuilder(ChannelBuilders.java:67) atorg.apache.kafka.clients.ClientUtils.createChannelBuilder(ClientUtils.java:99) atorg.apache.kafka.clients.admin.KafkaAdminClient.createInternal(KafkaAdminClient.java:426) ...9 more afkaAdminClient.java:426) ...9 more
以上错误很可能是kafka tool 加载不到keytab 文件路径,查看权限,适当移动下keytab文件路径。
Copyright © 2003-2013 www.wpsshop.cn 版权所有,并保留所有权利。