php-rdkafka icon indicating copy to clipboard operation
php-rdkafka copied to clipboard
verified publisher icon arnaud-lb

SASL authentication error: SaslAuthenticateRequest failed: Local: Broker handle destroyed

Open Waldeedle opened this issue 8 months ago • 4 comments

Description

I am able to connect to my cluster and publish events but I keep seeing errors logged related to SASL. I did see a previous comment by @arnaud-lb about Local: Broker handle destroyed just being a debug log:

The following code:

<?php

$conf = new Conf();
$conf->set('acks', 'all');
$conf->set('bootstrap.servers', implode(',', $brokers));
$conf->set('queue.buffering.max.ms', 50);
$conf->set('batch.num.messages', 1000);
$conf->set('message.send.max.retries', 10);
$conf->set('reconnect.backoff.ms', 100);
$conf->set('reconnect.backoff.max.ms', 10000);
$conf->set('compression.type', 'lz4');
$conf->set('socket.timeout.ms', 300);
$conf->set('max.in.flight.requests.per.connection', 5);
$conf->set('topic.metadata.refresh.interval.ms', 600000);
$conf->set('topic.metadata.refresh.sparse', "true");
$conf->set('security.protocol', 'SASL_SSL');
$conf->set('sasl.mechanisms', 'OAUTHBEARER');

//Thread termination improvement (https://github.com/arnaud-lb/php-rdkafka#performance--low-latency-settings)
if (function_exists('pcntl_sigprocmask')) {
    pcntl_sigprocmask(SIG_BLOCK, array(SIGIO));
    $conf->set('internal.termination.signal', SIGIO);
} else {
    $conf->set('queue.buffering.max.ms', 50);
}


$provider = new MskAuthTokenProvider();
$token = $provider->generateAuthToken();

$producer = new Producer($conf);
$conf->setOauthbearerTokenRefreshCb(function () use ($provider, $producer) {
    $token = $provider->generateAuthToken();
    $producer->oauthbearerSetToken($token->tokenValue, $token->expiresAt, 'principalClaimName=azp');
});
$producer->oauthbearerSetToken($token->tokenValue, $token->expiresAt, 'kafka-cluster', ['one' => 'two']);

The MskAuthTokenProvider is similar to the class provided here: https://github.com/arnaud-lb/php-rdkafka/pull/547

Resulted in this output:

1742246063.799|FAIL|rdkafka#producer-16| [thrd:sasl_ssl://____.kafka.us-east-1]: sasl_ssl://____.kafka.us-east-1.amazonaws.com:9098/bootstrap: SASL authentication error: SaslAuthenticateRequest failed: Local: Broker handle destroyed (after 0ms in state DOWN)

But I expected no errors being logged

php-rdkafka Version

6.0.5

librdkafka Version

1.6.0

PHP Version

8.2.27

Operating System

Debian GNU/Linux 11 (bullseye)

Kafka Version

3.5.1

Waldeedle avatar Mar 17 '25 21:03 Waldeedle