Issue to load JAAS file on docker-compose

Mon, 13 Jan 2025 11:30:43 -0800 

Hey, guys. How you doing? My name is Fabio and i need a little help.

I need to enable authentication on my kafka broker (using bitnami/kafka
image) using SASL. I've followed the examples of the documentation, but i
got a strange error when i try to up the compose file.
I mounted the jaas file on the correct path on the kafka container (a
simple cat command validating this mounting).
The error is below:
Error: Could not find or load main class
"-Djava.security.auth.login.config=.etc.kafka.kafka_server_jaas.conf" kafka
Caused by: java.lang.ClassNotFoundException:
"-Djava.security.auth.login.config=.etc.kafka.kafka_server_jaas.conf"

My kafka_server_jaas.conf:
#####################
KafkaServer {
  org.apache.kafka.common.security.plain.PlainLoginModule required
  username="admin"
  password="admin-123"
  user_admin="admin123"
  user_user123="user123";
};
Client {};
#####################

My entire docker-compose file:

#####################
services:
  zookeeper:
    image: bitnami/zookeeper:latest
    container_name: zookeeper
    restart: always
    ports:
      - "2181:2181"
    volumes:
      - "zookeeper_data:/bitnami"
    environment:
      - ZOOKEEPER_CLIENT_PORT=2181
      - ZOOKEEPER_TICK_TIME=2000
      - ZOOKEEPER_SYNC_LIMIT=2
      - ZOOKEEPER_INIT_LIMIT=5
      - ALLOW_ANONYMOUS_LOGIN=yes
    deploy:
      resources:
        limits:
          memory: 2G
        reservations:
          memory: 1G

  kafka:
    image: bitnami/kafka:latest
    container_name: kafka
    restart: always
    ports:
      - "9092:9092"
    environment:
      - KAFKA_LISTENERS=SASL_PLAINTEXT://:9092
      - KAFKA_ADVERTISED_LISTENERS=SASL_PLAINTEXT://:9092
      - KAFKA_ZOOKEEPER_CONNECT=zookeeper:2181
      - KAFKA_SASL_ENABLED_MECHANISMS=PLAIN
      - KAFKA_SASL_MECHANISM_INTER_BROKER_PROTOCOL=PLAIN
      - KAFKA_CFG_SASL_MECHANISM_INTER_BROKER_PROTOCOL=PLAIN
      - KAFKA_INTER_BROKER_LISTENER_NAME=SASL_PLAINTEXT
      - KAFKA_CFG_ALLOW_EVERYONE_IF_NO_ACL_FOUND=false
      -
KAFKA_CFG_AUTHORIZER_CLASS_NAME=kafka.security.auth.SimpleAclAuthorizer
      - KAFKA_CFG_SUPER_USERS=User:admin
      - KAFKA_OPTS=
"-Djava.security.auth.login.config=/etc/kafka/kafka_server_jaas.conf
-Dzookeeper.sasl.client=false"

    volumes:
      - "kafka_data:/bitnami"
      - "./kafka_server_jaas.conf:/etc/kafka/kafka_server_jaas.conf"

    depends_on:
      - zookeeper

  kafka-ui:
    image: provectuslabs/kafka-ui:latest
    container_name: kafka-ui
    restart: unless-stopped
    ports:
      - "8080:8080"
    environment:
      - KAFKA_CLUSTERS_0_NAME=local
      - KAFKA_CLUSTERS_0_BOOTSTRAPSERVERS=localhost:9092
volumes:
  kafka_data:
    driver: local
  zookeeper_data:
    driver: local
####################################

I've searched a lot, but i cant find what i'm doing wrong.
Any help will be appreciated.

Thanks,

Fabio

--

Reply via email to