I am trying to use SASL_SSL for external clients, connecting to controller as an authentication mechanism, but its erring out.
docker-compose.yml
version: "2"
services:
kafka:
image: bitnami/kafka:latest
ports:
- 9092:9092
- 2181:2181
volumes:
- "kafka_data:/bitnami/kafka"
environment:
- KAFKA_ENABLE_KRAFT=yes
- KAFKA_CFG_PROCESS_ROLES=broker,controller
- KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP=CONTROLLER:SASL_SSL,PLAINTEXT:PLAINTEXT
- KAFKA_CFG_LISTENERS=PLAINTEXT://:9092,CONTROLLER://:2181
- KAFKA_CFG_ADVERTISED_LISTENERS=PLAINTEXT://127.0.0.1:9092
- KAFKA_CFG_CONTROLLER_LISTENER_NAMES=CONTROLLER
- KAFKA_CFG_SASL_ENABLED_MECHANISMS=PLAIN,SCRAM-SHA-256,SCRAM-SHA-512
- KAFKA_CLIENTS_USER=user
- KAFKA_CLIENTS_PASSWORD=password
- KAFKA_TLS_CLIENT_AUTH=none
- KAFKA_CFG_SSL_ENDPOINT_IDENTIFICATION_ALGORITHM=
- KAFKA_CERTIFICATE_PASSWORD=password
- KAFKA_BROKER_ID=1
- KAFKA_CFG_CONTROLLER_QUORUM_VOTERS=1@127.0.0.1:2181
- ALLOW_PLAINTEXT_LISTENER=yes
volumes:
- './kafka.keystore.jks:/opt/bitnami/kafka/config/certs/kafka.keystore.jks:ro'
- './kafka.truststore.jks:/opt/bitnami/kafka/config/certs/kafka.truststore.jks:ro'
- './kafka_jaas.conf:/opt/bitnami/kafka/conf/kafka_jaas.conf:ro'
volumes:
kafka_data:
driver: local
kafka_jaas.conf
KafkaServer {
org.apache.kafka.common.security.plain.PlainLoginModule required
username="kafka"
password="password";
};
Error
41-kafka-1 | [2022-12-05 21:28:08,493] ERROR Exiting Kafka due to fatal exception (kafka.Kafka$)
41-kafka-1 | org.apache.kafka.common.KafkaException: java.lang.IllegalArgumentException: No serviceName defined in either JAAS or Kafka config
I tried,
