[jira] [Resolved] (KAFKA-2731) Kerberos on same host with Kafka does not find server in it's database on Ubuntu

Wed, 04 Nov 2015 04:28:11 -0800 

     [ 
https://issues.apache.org/jira/browse/KAFKA-2731?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Flavio Junqueira resolved KAFKA-2731.
-------------------------------------
    Resolution: Not A Problem

No worries, thanks for checking [~mabbasi90.class].

> Kerberos on same host with Kafka does not find server in it's database on 
> Ubuntu
> --------------------------------------------------------------------------------
>
>                 Key: KAFKA-2731
>                 URL: https://issues.apache.org/jira/browse/KAFKA-2731
>             Project: Kafka
>          Issue Type: Bug
>    Affects Versions: 0.9.0.0
>            Reporter: Mohammad Abbasi
>
> Configuring Kafka to use keytab created in Kerberos, as it's said in 
> https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=61326390,
> Kerberos logs:
> Nov 02 17:25:13 myhost krb5kdc[3307](info): TGS_REQ (5 etypes {17 16 23 1 3}) 
> 192.168.18.241: LOOKING_UP_SERVER: authtime 0,  kafka/myh...@a.org for 
> <unknown server>, Server not found in Kerberos database
> Kafka's log:
> SASL Connection info:
> [2015-11-03 18:33:00,544] DEBUG creating sasl client: 
> client=kafka/myh...@a.org;service=zookeeper;serviceHostname=myhost 
> (org.apache.zookeeper.client.ZooKeeperSaslClient)
> and error:
> [2015-11-03 18:33:00,607] ERROR An error: 
> (java.security.PrivilegedActionException: javax.security.sasl.SaslException: 
> GSS initiate failed [Caused by GSSException: No valid credentials provided 
> (Mechanism level: Server not found in Kerberos database (7) - 
> LOOKING_UP_SERVER)]) occurred when evaluating Zookeeper Quorum Member's  
> received SASL token. Zookeeper Client will go to AUTH_FAILED state. 
> (org.apache.zookeeper.client.ZooKeeperSaslClient)
> [2015-11-03 18:33:00,607] ERROR SASL authentication with Zookeeper Quorum 
> member failed: javax.security.sasl.SaslException: An error: 
> (java.security.PrivilegedActionException: javax.security.sasl.SaslException: 
> GSS initiate failed [Caused by GSSException: No valid credentials provided 
> (Mechanism level: Server not found in Kerberos database (7) - 
> LOOKING_UP_SERVER)]) occurred when evaluating Zookeeper Quorum Member's  
> received SASL token. Zookeeper Client will go to AUTH_FAILED state. 
> (org.apache.zookeeper.ClientCnxn)
> Kerberos works ok in kinit and kvno with the keytab.
> Some people said it's DNS or /etc/hosts problem, but nslookup was ok with ip 
> and hostname
> and /etc/hosts is: 
> 127.0.0.1       myhost localhost
> # The following lines are desirable for IPv6 capable hosts
> ::1     ip6-localhost ip6-loopback
> fe00::0 ip6-localnet
> ff00::0 ip6-mcastprefix
> ff02::1 ip6-allnodes
> ff02::2 ip6-allrouters
> I tested it with the host's ip too.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to