sarama icon indicating copy to clipboard operation
sarama copied to clipboard

Published 20 hours ago verified publisher icon IBM

createAcls error: failed to create one or more acl rules: kafka server: unexpected (unknown?) server error

Open hupeipei888 opened this issue 1 year ago • 6 comments

Description

there was an error when create acl with sarama client and no log output for kafka server server.log

config := sarama.NewConfig()

config.Version = sarama.V3_4_0_0
config.Net.SASL.Enable = true
config.Net.SASL.Mechanism = sarama.SASLTypePlaintext
config.Net.SASL.User = "admin"
config.Net.SASL.Password = "admin"

admin, err := sarama.NewClusterAdmin([]string{"192.168.0.176:9092"}, config)
if err != nil {
panic(err)
}

rACLs := []*sarama.ResourceAcls{
{
	Resource: sarama.Resource{ResourceType: sarama.AclResourceTopic, ResourceName: "test"},
	Acls: []*sarama.Acl{
		{Host: "localhost", Operation: sarama.AclOperationAlter, PermissionType: sarama.AclPermissionAllow, Principal: "test"},
	},
},
{
	Resource: sarama.Resource{ResourceType: sarama.AclResourceGroup, ResourceName: "test"},
	Acls: []*sarama.Acl{
		{Host: "localhost", Operation: sarama.AclOperationAlter, PermissionType: sarama.AclPermissionAllow, Principal: "test"},
	},
},
}

err = admin.CreateACLs(rACLs)
if err != nil {
panic(err)
}
Versions
Sarama Kafka Go
1.41.1 kafka-2.13_3.4.0 1.20.6
Configuration

image

image

sasl info for kafka kafka_server_jaas.conf

KafkaServer {
        org.apache.kafka.common.security.plain.PlainLoginModule required
        username="admin"
        password="admin"
        user_admin="admin";
};

KafkaClient {
        org.apache.kafka.common.security.plain.PlainLoginModule required
        username="admin"
        password="admin";
};


Client {
        org.apache.zookeeper.server.auth.DigestLoginModule required
        username="admin"
        password="admin";
};

Server {
        org.apache.kafka.common.security.plain.PlainLoginModule required
        username="admin"
        password="admin"
        user_admin="admin";
};

sasl info for zookeeper zoo_jaas.conf

Server {
    org.apache.zookeeper.server.auth.DigestLoginModule required
    username="admin"
    password="admin"
    user_admin="admin"
    user_kafka="kafka123";
};
Client {
  org.apache.zookeeper.server.auth.DigestLoginModule required
  username="admin"
  password="admin";
};
Logs

image

logs: CLICK ME

Additional Context

hupeipei888 avatar Sep 06 '23 12:09 hupeipei888

Solved?

dnwe avatar Sep 06 '23 12:09 dnwe

Solved?

So far, it has not been resolved

hupeipei888 avatar Sep 06 '23 12:09 hupeipei888

OK, I was wondering why you closed the GitHub issue then? 😄

Happy to take a look into this. From your output, the error code in the CreateACLs response is -1 which (as shown) is an Unknown Error. However, the CreateACLsResponse struct does additionally have an ErrMsg field that should contain more information and it doesn't appear that we expose that in the admin.go response at the moment

dnwe avatar Sep 06 '23 12:09 dnwe

image tthis is the returned response for createAcls. The error should output some message in the kafka server, but there was nothing.

hupeipei888 avatar Sep 07 '23 01:09 hupeipei888

image I change kafka log level to debug, there is some exception

hupeipei888 avatar Sep 07 '23 06:09 hupeipei888

Thank you for taking the time to raise this issue. However, it has not had any activity on it in the past 90 days and will be closed in 30 days if no updates occur. Please check if the main branch has already resolved the issue since it was raised. If you believe the issue is still valid and you would like input from the maintainers then please comment to ask for it to be reviewed.

github-actions[bot] avatar Feb 01 '24 22:02 github-actions[bot]