1

I have set up an MSK Kafka Cluster with SCRAM security. The VPC allows all incoming and outgoing connections.

I'm attempting to connect to the cluster using the following steps:

mechanism, err := scram.Mechanism(scram.SHA512, "user", "user-secret")
if err != nil {
    panic(err)
}

dialer := &kafka.Dialer{
    Timeout:       100 * time.Second,
    DualStack:     true,
    SASLMechanism: mechanism,
}

conn, err := dialer.Dial("tcp", "z-2.<cluster-name>.<extra-info>.us-east-2.amazonaws.com:2182")
if err != nil {
    fmt.Println(err.Error())
}

The connection is not established, and the error returned is

"failed to dial: failed to open connection to z-2...us-east-2.amazonaws.com:2182: dial tcp 172.<>.<>.<>:2182: i/o timeout"

Why does this return the error even though the secret is added in the dialer mechanism?

OneCricketeer
  • 179,855
  • 19
  • 132
  • 245
Raisa A
  • 437
  • 7
  • 21
  • Is that actually a Kafka broker you're trying to connect with? It's timing out because that might not be the correct port for **Kafka**, not Zookeeper. https://docs.aws.amazon.com/msk/latest/developerguide/port-info.html – OneCricketeer Dec 03 '22 at 20:57
  • 1
    @OneCricketeer I tried using the Private Endpoint (from client information on MSK console) b-2.<>cluster.<>.<>.kafka.us-east-2.amazonaws.com:9094, but it's still returning the same error. The Public Endpoint option is empty on the console. – Raisa A Dec 04 '22 at 15:23
  • I haven't used MSK, but your go client does need to connect to kafka, rather than zookeeper. If you're trying to run code outside your VPC, you'll need to [get a public endpoint](https://docs.aws.amazon.com/msk/latest/developerguide/public-access.html) – OneCricketeer Dec 05 '22 at 15:43

0 Answers0