Hi All,
I trying to enable ACL with SSL protocol and It is giving me below
exceptions(LEADER_NOT_AVAILABLE)
*[2016-12-19 16:16:47,078] WARN Error while fetching metadata with
correlation id 16 : {my-ssl-topic4=LEADER_NOT_AVAILABLE}
(org.apache.kafka.clients.NetworkClient)*
*[2016-12-19 16:16:47,231] WARN Error while fetching metadata with
correlation id 17 : {my-ssl-topic4=LEADER_NOT_AVAILABLE}
(org.apache.kafka.clients.NetworkClient)*
Did most of the debugging but no luck and I am able to send and receive
messages by using Super.User i.e when I configure in server.properties file
super.users=User:"CN=Unknown,OU=Unknown,O=Unknown,L=Unknown,ST=Unknown,C=Unknown"
but If I give any specific ACL's from command line, it is not working i.e
Eg: bin/kafka-acls.sh --authorizer-properties
zookeeper.connect=localhost:2181 --allow-principal User:ANONYMOUS
--allow-host 172.28.91.4 --consumer --topic my-ssl-topic4 --add --group
group4
Permissions given correctly and in kafka-authorizer.log I can see these
permissions
[2016-12-20 00:16:47,521] DEBUG Principal = User:ANONYMOUS is Allowed
Operation = Describe from host = 172.28.91.4 on resource =
Topic:my-ssl-topic4 (kafka.authorizer.logger)
[2016-12-20 00:16:47,522] DEBUG operation = Create on resource =
Cluster:kafka-cluster from host = 172.28.91.4 is Allow based on acl =
User:ANONYMOUS has Allow permission for operations: All from hosts:
172.28.91.4 (kafka.authorizer.logger)
[2016-12-20 00:16:47,522] DEBUG Principal = User:ANONYMOUS is Allowed
Operation = Create from host = 172.28.91.4 on resource =
Cluster:kafka-cluster (kafka.authorizer.logger)
Do I need to config any JAAS files for Zookeeper ?
Looks like I am missing something between *Kafka & Zookeeper *
Please suggest me, How can I Enable the ACL with SSL.
Thanks in advance.
