Hi, >From the entry "ERROR SASL authentication failed using login context 'Client'."
It seems your ZK cluster is guarded by SASL authentication mechanism, but your brokers which are talking to ZK are not "authenticated". Guozhang On Sat, Jul 23, 2016 at 12:06 PM, 無名 <[email protected]> wrote: > HI, My Frends: > Sorry,Just send pictures don't show.I change to text. > I come from China, > I had a problem, I try to solve for a long time can not be resolved. > I also found to a similar article, but did not answer. > http://permalink.gmane.org/gmane.comp.apache.kafka.devel/18545 > > My problems are as follows: > > zookeeper log: > [2016-07-24 02:23:23,935] INFO Accepted socket connection from / > 10.211.55.5:41176 (org.apache.zookeeper.server.NIOServerCnxnFactory) > [2016-07-24 02:23:23,944] DEBUG Session establishment request from client / > 10.211.55.5:41176 client's lastZxid is 0x0 > (org.apache.zookeeper.server.ZooKeeperServer) [2016-07-24 02:23:23,944] > INFO Client attempting to establish new session at /10.211.55.5:41176 > (org.apache.zookeeper.server.ZooKeeperServer) [2016-07-24 02:23:23,949] > DEBUG Processing request:: sessionid:0x15618f30b890001 type:createSession > cxid:0x0 zxid:0x424b txntype:-10 reqpath:n/a > (org.apache.zookeeper.server.FinalRequestProcessor) [2016-07-24 > 02:23:23,950] DEBUG sessionid:0x15618f30b890001 type:createSession cxid:0x0 > zxid:0x424b txntype:-10 reqpath:n/a > (org.apache.zookeeper.server.FinalRequestProcessor) [2016-07-24 > 02:23:23,950] INFO Established session 0x15618f30b890001 with negotiated > timeout 6000 for client /10.211.55.5:41176 > (org.apache.zookeeper.server.ZooKeeperServer) [2016-07-24 02:23:23,973] > DEBUG Responding to client SASL token. > (org.apache.zookeeper.server.ZooKeeperServer) [2016-07-24 02:23:23,973] > DEBUG Size of client SASL token: 573 > (org.apache.zookeeper.server.ZooKeeperServer) [2016-07-24 02:23:23,973] > ERROR cnxn.saslServer is null: cnxn object did not initialize its > saslServer properly. (org.apache.zookeeper.server.ZooKeeperServer) > [2016-07-24 02:23:24,318] WARN caught end of stream exception > (org.apache.zookeeper.server.NIOServerCnxn) EndOfStreamException: Unable to > read additional data from client sessionid 0x15618f30b890001, likely client > has closed socket at > org.apache.zookeeper.server.NIOServerCnxn.doIO(NIOServerCnxn.java:228) > at > org.apache.zookeeper.server.NIOServerCnxnFactory.run(NIOServerCnxnFactory.java:208) > at java.lang.Thread.run(Thread.java:745) [2016-07-24 02:23:24,318] INFO > Closed socket connection for client /10.211.55.5:41176 which had > sessionid 0x15618f30b890001 (org.apache.zookeeper.server.NIOServerCnxn) > [2016-07-24 02:23:30,000] INFO Expiring session 0x15618f30b890001, timeout > of 6000ms exceeded (org.apache.zookeeper.server.ZooKeeperServer) > [2016-07-24 02:23:30,001] INFO Processed session termination for sessionid: > 0x15618f30b890001 (org.apache.zookeeper.server.PrepRequestProcessor) > [2016-07-24 02:23:30,004] DEBUG Processing request:: > sessionid:0x15618f30b890001 type:closeSession cxid:0x0 zxid:0x424c > txntype:-11 reqpath:n/a (org.apache.zookeeper.server.FinalRequestProcessor) > kafka log: > [2016-07-24 02:23:23,954] INFO zookeeper state changed (SyncConnected) > (org.I0Itec.zkclient.ZkClient) [2016-07-24 02:23:23,954] DEBUG Leaving > process event (org.I0Itec.zkclient.ZkClient) [2016-07-24 02:23:23,954] > DEBUG ClientCnxn:sendSaslPacket:length=0 > (org.apache.zookeeper.client.ZooKeeperSaslClient) [2016-07-24 02:23:23,955] > DEBUG saslClient.evaluateChallenge(len=0) > (org.apache.zookeeper.client.ZooKeeperSaslClient) [2016-07-24 02:23:23,973] > ERROR SASL authentication failed using login context 'Client'. > (org.apache.zookeeper.client.ZooKeeperSaslClient) [2016-07-24 02:23:23,974] > DEBUG Received event: WatchedEvent state:AuthFailed type:None path:null > (org.I0Itec.zkclient.ZkClient) [2016-07-24 02:23:23,974] INFO zookeeper > state changed (AuthFailed) (org.I0Itec.zkclient.ZkClient) [2016-07-24 > 02:23:23,974] DEBUG Leaving process event (org.I0Itec.zkclient.ZkClient) > [2016-07-24 02:23:23,974] DEBUG Closing ZkClient... > (org.I0Itec.zkclient.ZkClient) [2016-07-24 02:23:23,974] INFO Terminate > ZkClient event thread. (org.I0Itec.zkclient.ZkEventThread) [2016-07-24 > 02:23:23,974] DEBUG Closing ZooKeeper connected to 10.211.55.5:2181 > (org.I0Itec.zkclient.ZkConnection) [2016-07-24 02:23:23,974] DEBUG Close > called on already closed client (org.apache.zookeeper.ZooKeeper) > [2016-07-24 02:23:23,974] DEBUG Closing ZkClient...done > (org.I0Itec.zkclient.ZkClient) [2016-07-24 02:23:23,975] FATAL Fatal error > during KafkaServer startup. Prepare to shutdown (kafka.server.KafkaServer) > org.I0Itec.zkclient.exception.ZkAuthFailedException: Authentication > failure at > org.I0Itec.zkclient.ZkClient.waitForKeeperState(ZkClient.java:946) at > org.I0Itec.zkclient.ZkClient.waitUntilConnected(ZkClient.java:923) at > org.I0Itec.zkclient.ZkClient.connect(ZkClient.java:1230) at > org.I0Itec.zkclient.ZkClient.<init>(ZkClient.java:156) at > org.I0Itec.zkclient.ZkClient.<init>(ZkClient.java:130) at > kafka.utils.ZkUtils$.createZkClientAndConnection(ZkUtils.scala:75) at > kafka.utils.ZkUtils$.apply(ZkUtils.scala:57) at > kafka.server.KafkaServer.initZk(KafkaServer.scala:294) at > kafka.server.KafkaServer.startup(KafkaServer.scala:180) at > kafka.server.KafkaServerStartable.startup(KafkaServerStartable.scala:37) > at kafka.Kafka$.main(Kafka.scala:67) at kafka.Kafka.main(Kafka.scala) > [2016-07-24 02:23:23,978] INFO shutting down (kafka.server.KafkaServer) > [2016-07-24 02:23:23,979] DEBUG Shutting down task scheduler. > (kafka.utils.KafkaScheduler) [2016-07-24 02:23:23,981] INFO shut down > completed (kafka.server.KafkaServer) [2016-07-24 02:23:23,982] FATAL Fatal > error during KafkaServerStartable startup. Prepare to shutdown > (kafka.server.KafkaServerStartable) > org.I0Itec.zkclient.exception.ZkAuthFailedException: Authentication > failure at > org.I0Itec.zkclient.ZkClient.waitForKeeperState(ZkClient.java:946) at > org.I0Itec.zkclient.ZkClient.waitUntilConnected(ZkClient.java:923) at > org.I0Itec.zkclient.ZkClient.connect(ZkClient.java:1230) at > org.I0Itec.zkclient.ZkClient.<init>(ZkClient.java:156) at > org.I0Itec.zkclient.ZkClient.<init>(ZkClient.java:130) at > kafka.utils.ZkUtils$.createZkClientAndConnection(ZkUtils.scala:75) at > kafka.utils.ZkUtils$.apply(ZkUtils.scala:57) at > kafka.server.KafkaServer.initZk(KafkaServer.scala:294) at > kafka.server.KafkaServer.startup(KafkaServer.scala:180) at > kafka.server.KafkaServerStartable.startup(KafkaServerStartable.scala:37) > at kafka.Kafka$.main(Kafka.scala:67) at kafka.Kafka.main(Kafka.scala) > [2016-07-24 02:23:23,985] INFO shutting down (kafka.server.KafkaServer) > krb5kdc log > Jul 24 02:23:23 weiwei krb5kdc[17652](info): AS_REQ (3 etypes {17 16 23}) > 10.211.55.5: ISSUE: authtime 1469298203, etypes {rep=17 tkt=18 ses=17}, > kafka/[email protected] for krbtgt/[email protected] Jul 24 > 02:23:23 weiwei krb5kdc[17652](info): TGS_REQ (3 etypes {17 16 23}) > 10.211.55.5: ISSUE: authtime 1469298203, etypes {rep=17 tkt=18 ses=17}, > kafka/[email protected] for zookeeper/[email protected] > My configuration is as follows: > > /etc/krb5.conf > [logging] default = FILE:/var/log/krb5libs.log kdc = > FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log > [libdefaults] default_realm = EXAMPLE.COM dns_lookup_realm = false > dns_lookup_kdc = false ticket_lifetime = 24h renew_lifetime = 7d > forwardable = true [realms] EXAMPLE.COM = { kdc = 10.211.55.5 > admin_server = 10.211.55.5 } [domain_realm] 10.211.55.5 = EXAMPLE.COM > /etc/kafka/kafkaserverjaas.conf > KafkaServer { com.sun.security.auth.module.Krb5LoginModule required > useKeyTab=true storeKey=true > keyTab="/var/kerberos/krb5kdc/kafka.keytab" principal="kafka/ > [email protected]"; }; // Zookeeper client authentication Client > { com.sun.security.auth.module.Krb5LoginModule required > useKeyTab=true storeKey=true > keyTab="/var/kerberos/krb5kdc/kafka.keytab" principal="kafka/ > [email protected]"; }; > kadmin.local > Authenticating as principal root/[email protected] with password. > kadmin.local: listprincs K/[email protected] kadmin/[email protected] kadmin/ > [email protected] kadmin/[email protected] kafka/ > [email protected] kafka/[email protected] krbtgt/ > [email protected] root/[email protected] zookeeper/ > [email protected] > JVM: > > start the process: > > zookeeper: > # ps -ef|grep zookeeper|grep --color=auto > /etc/kafka/kafka_server_jaas.conf root 6172 20094 39 03:02 pts/5 > 00:00:00 /usr/java/jdk1.8.0_60/bin/java -Xmx512M -Xms512M -server > -XX:+UseG1GC -XX:MaxGCPauseMillis=20 -XX:InitiatingHeapOccupancyPercent=35 > -XX:+DisableExplicitGC -Djava.security.krb5.conf=/etc/krb5.conf > -Djava.security.auth.login.config=/etc/kafka/kafka_server_jaas.conf > -Djava.awt.headless=true > -Xloggc:/tools/kafka_2.11-0.10.0.0/bin/../logs/zookeeper-gc.log -verbose:gc > -XX:+PrintGCDetails -XX:+PrintGCDateStamps -XX:+PrintGCTimeStamps > -Dcom.sun.management.jmxremote > -Dcom.sun.management.jmxremote.authenticate=false > -Dcom.sun.management.jmxremote.ssl=false > -Dkafka.logs.dir=/tools/kafka_2.11-0.10.0.0/bin/../logs > -Dlog4j.configuration=file:bin/../config/log4j.properties -cp > .:/usr/java/jdk1.8.0_60/lib/dt.jar:/usr/java/jdk1.8.0_60/lib/tools.jar:/usr/java/jdk1.8.0_60/bin/java:/tools/kafka_2.11-0.10.0.0/bin/../libs/aopalliance-repackaged-2.4.0-b34.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/argparse4j-0.5.0.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/connect-api-0.10.0.0.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/connect-file-0.10.0.0.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/connect-json-0.10.0.0.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/connect-runtime-0.10.0.0.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/guava-18.0.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/hk2-api-2.4.0-b34.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/hk2-locator-2.4.0-b34.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/hk2-utils-2.4.0-b34.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/jackson-annotations-2.6.0.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/jackson-core-2.6.3.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/jackson-databind-2.6.3.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/jackson-jaxrs-base-2.6.3.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/jackson-jaxrs-json-provider-2.6.3.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/jackson-module-jaxb-annotations-2.6.3.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/javassist-3.18.2-GA.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/javax.annotation-api-1.2.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/javax.inject-1.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/javax.inject-2.4.0-b34.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/javax.servlet-api-3.1.0.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/javax.ws.rs-api-2.0.1.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/jersey-client-2.22.2.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/jersey-common-2.22.2.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/jersey-container-servlet-2.22.2.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/jersey-container-servlet-core-2.22.2.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/jersey-guava-2.22.2.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/jersey-media-jaxb-2.22.2.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/jersey-server-2.22.2.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/jetty-continuation-9.2.15.v20160210.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/jetty-http-9.2.15.v20160210.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/jetty-io-9.2.15.v20160210.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/jetty-security-9.2.15.v20160210.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/jetty-server-9.2.15.v20160210.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/jetty-servlet-9.2.15.v20160210.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/jetty-servlets-9.2.15.v20160210.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/jetty-util-9.2.15.v20160210.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/jopt-simple-4.9.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/kafka_2.11-0.10.0.0.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/kafka_2.11-0.10.0.0-sources.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/kafka_2.11-0.10.0.0-test-sources.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/kafka-clients-0.10.0.0.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/kafka-log4j-appender-0.10.0.0.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/kafka-streams-0.10.0.0.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/kafka-streams-examples-0.10.0.0.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/kafka-tools-0.10.0.0.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/log4j-1.2.17.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/lz4-1.3.0.jar:/tools/kafka_2.11-0.10.0.0/bin/../libs/metrics-core-2.2.0.jar:/tools/kafka_2.11-0.10. > My environment: > > jdk > java -version java version "1.8.0_60" Java(TM) SE Runtime Environment > (build 1.8.0_60-b27) Java HotSpot(TM) 64-Bit Server VM (build 25.60-b23, > mixed mode) > System: > [root@weiwei kafka_2.11-0.10.0.0]# uname -a Linux weiwei > 2.6.32-358.el6.x86_64 #1 SMP Fri Feb 22 00:31:26 UTC 2013 x86_64 x86_64 > x86_64 GNU/Linux > ip > [root@weiwei kafka_2.11-0.10.0.0]# ifconfig eth0 Link > encap:Ethernet HWaddr 00:1C:42:E4:B6:1E inet addr:10.211.55.5 > Bcast:10.211.55.255 Mask:255.255.255.0 inet6 addr: > fdb2:2c26:f4e4:0:21c:42ff:fee4:b61e/64 Scope:Global inet6 addr: > fe80::21c:42ff:fee4:b61e/64 Scope:Link UP BROADCAST RUNNING > MULTICAST MTU:1500 Metric:1 RX packets:80270 errors:0 dropped:0 > overruns:0 frame:0 TX packets:45714 errors:0 dropped:0 overruns:0 > carrier:0 collisions:0 txqueuelen:1000 RX > bytes:37037138 (35.3 MiB) TX bytes:7155183 (6.8 MiB) lo Link > encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 > inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 > Metric:1 RX packets:40532 errors:0 dropped:0 overruns:0 frame:0 > TX packets:40532 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:0 RX bytes:2811173 (2.6 MiB) TX > bytes:2811173 (2.6 MiB) virbr0 Link encap:Ethernet HWaddr > 52:54:00:56:6D:C8 inet addr:192.168.122.1 Bcast:192.168.122.255 > Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 > Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 > TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:0 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) > I was the first to write a message to foreign countries for help, I really > have no idea of. Please help me, thanks very much!! > > > 2016-07-13 > 段誉/魏巍 > > > 产品研发部 > 电话:13818659987 > > > 宝付网络科技(上海)有限公司 > Baofoo Internet Technology (Shanghai) Co., Ltd. > 官网:www.baofoo.com > 地址: 上海市浦东新区居里路99号 -- -- Guozhang
