-
Notifications
You must be signed in to change notification settings - Fork 803
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Burrow SASL_SSL configs #761
Comments
Added few SASL_SSL parms;
getting this error:
|
Hi @ashishvashisht1, you can check this comment. |
Thanks @gklp All Configs for Burrow below.. still getting errors:
`[general] [logging] [zookeeper] [client-profile.test] [tls.kafka-certs] noverify=true [sasl.SASL_SSL] [cluster.local] [consumer.local] [consumer.local_zk] [httpserver.default] [storage.default] |
I guess that documentation has missing points. There might be one more configuration. I've seen it in code. Burrow/core/internal/helpers/sarama.go Line 121 in be40f44
` #username=kafka security_protocol="SASL_SSL" sasl_mechanism="GSSAPI" /// should be "mechanism" and two options -> SCRAM-SHA-256 or SCRAM-SHA-512, you can see in the code ssl_cafile="/truststore.pem" handshake-first=false` |
Well, New Error now, seems like enabling SASL requires username & password
We don't use open user/pass and use connect via service principles that are specifically granted Roles. Not sure if we are the only ones doing it.. i assume SASL_SSL is default protocol used by everyone. |
@ashishvashisht1 did you try it without sasl part ? maybe you just need tls config. |
@gklp , Configs:
|
Hello
i am trying to configure Burrow to connect to our Kafka cluster which is kerberized and is SASL_SSL; is there any sample config/examples that i could follow to add specific configs in burrow.toml?
Thanks
Ashish
The text was updated successfully, but these errors were encountered: