[jira] [Created] (KAFKA-14182) KRaft and ACL + GSSAPI

Thu, 25 Aug 2022 06:43:55 -0700 

Svyatoslav created KAFKA-14182:
----------------------------------

             Summary: KRaft and ACL + GSSAPI
                 Key: KAFKA-14182
                 URL: https://issues.apache.org/jira/browse/KAFKA-14182
             Project: Kafka
          Issue Type: Bug
          Components: kraft
    Affects Versions: 3.2.1
            Reporter: Svyatoslav


In KRaft mode with GSSAPI and ACL when i am adding any new ACL in log file i am 
always have some information like this:
{code:java}

[2022-08-24 18:04:41,830] ERROR [StandardAuthorizer 1] addAcl error 
(org.apache.kafka.metadata.authorizer.StandardAuthorizerData)
java.lang.RuntimeException: An ACL with ID Gk-Hx0tvQIS8B1RT8R-odw already 
exists.
    at 
org.apache.kafka.metadata.authorizer.StandardAuthorizerData.addAcl(StandardAuthorizerData.java:169)
    at 
org.apache.kafka.metadata.authorizer.StandardAuthorizer.addAcl(StandardAuthorizer.java:83)
    at 
kafka.server.metadata.BrokerMetadataPublisher.$anonfun$publish$19(BrokerMetadataPublisher.scala:234)
    at java.util.LinkedHashMap$LinkedEntrySet.forEach(LinkedHashMap.java:671)
    at 
kafka.server.metadata.BrokerMetadataPublisher.$anonfun$publish$18(BrokerMetadataPublisher.scala:232)
    at 
kafka.server.metadata.BrokerMetadataPublisher.$anonfun$publish$18$adapted(BrokerMetadataPublisher.scala:221)
    at scala.Option.foreach(Option.scala:437)
    at 
kafka.server.metadata.BrokerMetadataPublisher.publish(BrokerMetadataPublisher.scala:221)
    at 
kafka.server.metadata.BrokerMetadataListener.kafka$server$metadata$BrokerMetadataListener$$publish(BrokerMetadataListener.scala:258)
    at 
kafka.server.metadata.BrokerMetadataListener$HandleCommitsEvent.$anonfun$run$2(BrokerMetadataListener.scala:119)
    at 
kafka.server.metadata.BrokerMetadataListener$HandleCommitsEvent.$anonfun$run$2$adapted(BrokerMetadataListener.scala:119)
    at scala.Option.foreach(Option.scala:437)
    at 
kafka.server.metadata.BrokerMetadataListener$HandleCommitsEvent.run(BrokerMetadataListener.scala:119)
    at 
org.apache.kafka.queue.KafkaEventQueue$EventContext.run(KafkaEventQueue.java:121)
    at 
org.apache.kafka.queue.KafkaEventQueue$EventHandler.handleEvents(KafkaEventQueue.java:200)
    at 
org.apache.kafka.queue.KafkaEventQueue$EventHandler.run(KafkaEventQueue.java:173)
    at java.lang.Thread.run(Thread.java:750)
[2022-08-24 18:04:41,858] ERROR [BrokerMetadataPublisher id=1] Error publishing 
broker metadata at OffsetAndEpoch(offset=500, epoch=4) 
(kafka.server.metadata.BrokerMetadataPublisher)
java.lang.RuntimeException: An ACL with ID Gk-Hx0tvQIS8B1RT8R-odw already 
exists.
    at 
org.apache.kafka.metadata.authorizer.StandardAuthorizerData.addAcl(StandardAuthorizerData.java:169)
    at 
org.apache.kafka.metadata.authorizer.StandardAuthorizer.addAcl(StandardAuthorizer.java:83)
    at 
kafka.server.metadata.BrokerMetadataPublisher.$anonfun$publish$19(BrokerMetadataPublisher.scala:234)
    at java.util.LinkedHashMap$LinkedEntrySet.forEach(LinkedHashMap.java:671)
    at 
kafka.server.metadata.BrokerMetadataPublisher.$anonfun$publish$18(BrokerMetadataPublisher.scala:232)
    at 
kafka.server.metadata.BrokerMetadataPublisher.$anonfun$publish$18$adapted(BrokerMetadataPublisher.scala:221)
    at scala.Option.foreach(Option.scala:437)
    at 
kafka.server.metadata.BrokerMetadataPublisher.publish(BrokerMetadataPublisher.scala:221)
    at 
kafka.server.metadata.BrokerMetadataListener.kafka$server$metadata$BrokerMetadataListener$$publish(BrokerMetadataListener.scala:258)
    at 
kafka.server.metadata.BrokerMetadataListener$HandleCommitsEvent.$anonfun$run$2(BrokerMetadataListener.scala:119)
    at 
kafka.server.metadata.BrokerMetadataListener$HandleCommitsEvent.$anonfun$run$2$adapted(BrokerMetadataListener.scala:119)
    at scala.Option.foreach(Option.scala:437)
    at 
kafka.server.metadata.BrokerMetadataListener$HandleCommitsEvent.run(BrokerMetadataListener.scala:119)
    at 
org.apache.kafka.queue.KafkaEventQueue$EventContext.run(KafkaEventQueue.java:121)
    at 
org.apache.kafka.queue.KafkaEventQueue$EventHandler.handleEvents(KafkaEventQueue.java:200)
    at 
org.apache.kafka.queue.KafkaEventQueue$EventHandler.run(KafkaEventQueue.java:173)
    at java.lang.Thread.run(Thread.java:750)
[2022-08-24 18:04:41,859] ERROR [BrokerMetadataListener id=1] Unexpected error 
handling HandleCommitsEvent (kafka.server.metadata.BrokerMetadataListener)
java.lang.RuntimeException: An ACL with ID Gk-Hx0tvQIS8B1RT8R-odw already 
exists.
    at 
org.apache.kafka.metadata.authorizer.StandardAuthorizerData.addAcl(StandardAuthorizerData.java:169)
    at 
org.apache.kafka.metadata.authorizer.StandardAuthorizer.addAcl(StandardAuthorizer.java:83)
    at 
kafka.server.metadata.BrokerMetadataPublisher.$anonfun$publish$19(BrokerMetadataPublisher.scala:234)
    at java.util.LinkedHashMap$LinkedEntrySet.forEach(LinkedHashMap.java:671)
    at 
kafka.server.metadata.BrokerMetadataPublisher.$anonfun$publish$18(BrokerMetadataPublisher.scala:232)
    at 
kafka.server.metadata.BrokerMetadataPublisher.$anonfun$publish$18$adapted(BrokerMetadataPublisher.scala:221)
    at scala.Option.foreach(Option.scala:437)
    at 
kafka.server.metadata.BrokerMetadataPublisher.publish(BrokerMetadataPublisher.scala:221)
    at 
kafka.server.metadata.BrokerMetadataListener.kafka$server$metadata$BrokerMetadataListener$$publish(BrokerMetadataListener.scala:258)
    at 
kafka.server.metadata.BrokerMetadataListener$HandleCommitsEvent.$anonfun$run$2(BrokerMetadataListener.scala:119)
    at 
kafka.server.metadata.BrokerMetadataListener$HandleCommitsEvent.$anonfun$run$2$adapted(BrokerMetadataListener.scala:119)
    at scala.Option.foreach(Option.scala:437)
    at 
kafka.server.metadata.BrokerMetadataListener$HandleCommitsEvent.run(BrokerMetadataListener.scala:119)
    at 
org.apache.kafka.queue.KafkaEventQueue$EventContext.run(KafkaEventQueue.java:121)
    at 
org.apache.kafka.queue.KafkaEventQueue$EventHandler.handleEvents(KafkaEventQueue.java:200)
    at 
org.apache.kafka.queue.KafkaEventQueue$EventHandler.run(KafkaEventQueue.java:173)
    at java.lang.Thread.run(Thread.java:750)
 {code}

The main problem is here:
https://github.com/apache/kafka/blob/4878653016c32e55d6e829ea1b4f80a825459706/metadata/src/main/java/org/apache/kafka/metadata/authorizer/StandardAuthorizerData.java
            if (prevAcl != null) {
                throw new RuntimeException("An ACL with ID " + id + " already 
exists.");
            }
Do we need an exeption or may be just change it to:
            if (prevAcl != null) {
                log.trace("An ACL with ID " + id + " already exists.");
            }
?




--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to