0

We encountered a problem in Zookeeper when upgrading log4j from 1.2.17 to 2.17 in order to avoid a vulnerability caused by Log4j. The zookeeper is not starting with the upgraded version and removing the old jar file of the old log4j, so we need to know what version of Apache Kafka is recommended that I upgrade to.

zookeeper error

We simply removed the old jar file and replaced it with the newly installed latest jar files for log4j and SLF4j in the libs directory, but this did not resolve the problem.

Amira Hussein
  • 13
  • 4

1 Answers1

0

Latest Kafka and Zookeeper already have addressed log4j issues by migrating to reload4j. Upgrade those instead, following their own upgrade and release notes

You cannot simply replace logging jar files and expect anything continue to work, as neither project is compiled with log4j2 libraries

OneCricketeer
  • 179,855
  • 19
  • 132
  • 245
  • What exactly do you mean by upgrading those (kafka and zookeeper)? If so, what is your recommended version of Apache Kafka? I mentioned in the question that the currently used and installed version of Apache Kafka is 2.1.1. – Amira Hussein Apr 18 '23 at 12:32
  • Upgrade to the latest of both yes. See https://stackoverflow.com/questions/76012351/failed-to-instantiate-slf4j-loggerfactory-while-upgrading-log4j-version – OneCricketeer Apr 18 '23 at 12:34
  • I upgraded Kafka to 3.3.2 and discovered the jar files in the lib directory. [root@spark kafka]# bin/kafka-topics.sh --version 3.3.2 (Commit:b66af662e61082cb) [root@spark kafka]# cd libs/ [root@spark libs]# ll |grep -i 4j argparse4j-0.7.0.jar jose4j-0.7.9.jar kafka-log4j-appender-3.3.2.jar reload4j-1.2.19.jar slf4j-api-1.7.36.jar slf4j-reload4j-1.7.36.jar – Amira Hussein Apr 18 '23 at 13:34
  • Okay. What is your question? [reload4j](https://reload4j.qos.ch/) is used there – OneCricketeer Apr 18 '23 at 19:29
  • Thank you, Crick. I have one more question: is there a problem if I run two versions of Apache Kafka on the same machine? as i installed the new version of Kafka 3.3.2 without removing the old one (2.1.1) – Amira Hussein Apr 27 '23 at 10:04
  • They should share nothing. They should run a different ports, and should be configured to store data in different disks... so what's your issue? And why can you not upgrade following instructions from Kafka website? – OneCricketeer Apr 27 '23 at 14:26
  • I uninstalled the old kafka version and then installed the new one, and everything worked fine for me. Could you please assist with another question? Is there a way to confirm that the zookeeper and kafka are up and running while using a python script as producer, as both services have been down since Thursday, and the producer has also been down. – Amira Hussein Apr 30 '23 at 06:00
  • Use `jps` command to see running Java processes – OneCricketeer Apr 30 '23 at 13:37