Hi I've got a 3 broker kerberised Kafka 0.10 install running in Cloudera and I'm trying to authenticate with SASL/PLAIN
I'm passing kafka_server_jaas.conf into the JVM on each of the brokers. KafkaServer { org.apache.kafka.common.security.plain.PlainLoginModule required username=admin password=password1 user_admin=password1 user_remote=password1; }; My server.properties (or kafka.properties as Cloudera renames it) is set as below; listeners=SASL_SSL://10.10.3.47:9093 # ip set for each broker advertised.listeners=SASL_SSL://10.10.3.47:9093 # ip set for each broker sasl.enabled.mechanisms=GSSAPI,PLAIN security.inter.broker.protocol=SASL_SSL sasl.mechanism.inter.broker.protocol=GSSAPI When Kafka starts up, the inter-broker communication is all fine, but when I try to connect using the console producer I get a Timeout failed to update metadata bin/kafka-consolproducer --broker-list 10.10.3.161:9093 --topic test1 --producer.config client.properties.plain client.properties.plain is set to security.protocol=SASL_SSL sasl.mechanism=PLAIN finally, the client side jaas.conf KafkaClient { org.apache.kafka.common.security.plain.PlainLoginModule required username="remote" password="password1"; }; As far as I can tell I've followed all instructions correctly, can anyone see anything wrong? Thanks, Owen