[ https://issues.apache.org/jira/browse/KAFKA-14781?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Chris Egerton reassigned KAFKA-14781: ------------------------------------- Assignee: Chris Egerton > MM2 logs misleading error during topic ACL sync when broker does not have > authorizer configured > ----------------------------------------------------------------------------------------------- > > Key: KAFKA-14781 > URL: https://issues.apache.org/jira/browse/KAFKA-14781 > Project: Kafka > Issue Type: Bug > Components: mirrormaker > Reporter: Chris Egerton > Assignee: Chris Egerton > Priority: Major > > When there is no broker-side authorizer configured on a Kafka cluster > targeted by MirrorMaker 2, users see error-level log messages like this > one:{{{}{}}} > {quote}[2023-03-06 10:53:57,488] ERROR [MirrorSourceConnector|worker] > Scheduler for MirrorSourceConnector caught exception in scheduled task: > syncing topic ACLs (org.apache.kafka.connect.mirror.Scheduler:102) > java.util.concurrent.ExecutionException: > org.apache.kafka.common.errors.SecurityDisabledException: No Authorizer is > configured on the broker > at > java.base/java.util.concurrent.CompletableFuture.reportGet(CompletableFuture.java:395) > at > java.base/java.util.concurrent.CompletableFuture.get(CompletableFuture.java:1999) > at > org.apache.kafka.common.internals.KafkaFutureImpl.get(KafkaFutureImpl.java:165) > at > org.apache.kafka.connect.mirror.MirrorSourceConnector.listTopicAclBindings(MirrorSourceConnector.java:456) > at > org.apache.kafka.connect.mirror.MirrorSourceConnector.syncTopicAcls(MirrorSourceConnector.java:342) > at org.apache.kafka.connect.mirror.Scheduler.run(Scheduler.java:93) > at > org.apache.kafka.connect.mirror.Scheduler.executeThread(Scheduler.java:112) > at > org.apache.kafka.connect.mirror.Scheduler.lambda$scheduleRepeating$0(Scheduler.java:50) > at > java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515) > at > java.base/java.util.concurrent.FutureTask.runAndReset(FutureTask.java:305) > at > java.base/java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:305) > at > java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) > at > java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) > at java.base/java.lang.Thread.run(Thread.java:829) > Caused by: org.apache.kafka.common.errors.SecurityDisabledException: No > Authorizer is configured on the broker > {quote} > This can be misleading as it looks like something is wrong with MM2 or the > Kafka cluster. In reality, it's usually fine, since topic ACL syncing is > enabled by default and it's reasonable for Kafka clusters (especially in > testing/dev environments) to not have authorizers enabled. > We should try to catch this specific case and downgrade the severity of the > log message from {{ERROR}} to either {{INFO}} or {{{}DEBUG{}}}. We may also > consider suggesting to users that they disable topic ACL syncing if their > Kafka cluster doesn't have authorization set up, but this should probably > only be emitted once over the lifetime of the connector in order to avoid > generating log spam. -- This message was sent by Atlassian Jira (v8.20.10#820010)