Hello, Having trouble when publishing and consuming from a topic with SASL_PLAINTEXT.
Both ZK and Kafka start successfully, in logs I see SASL_PLAINTEXT on 9093 as being available. kafka.log:[2018-08-20 03:31:08,202] INFO Registered broker 1 at path /brokers/ids/1 with addresses: EndPoint(kafkabroker1,9092,ListenerName(SSL),SSL),EndPoint(kafkabroker1,9093,ListenerName(SASL_PLAINTEXT),SASL_PLAINTEXT) (kafka.utils.ZkUtils:70) When i try to publish, e.g. bin/kafka-console-producer --broker-list kafkabroker1:9093 \ --topic testtopic1 --producer.config /tmp/sasl-producer.properties I get: [2018-08-20 08:37:35,075] WARN Error while fetching metadata with correlation id 3 : {testtopic1=UNKNOWN_TOPIC_OR_PARTITION} (org.apache.kafka.clients.NetworkClient) [2018-08-20 08:37:35,176] WARN Error while fetching metadata with correlation id 4 : {testtopic1=UNKNOWN_TOPIC_OR_PARTITION} (org.apache.kafka.clients.NetworkClient) [2018-08-20 08:37:35,277] WARN Error while fetching metadata with correlation id 5 : {testtopic1=UNKNOWN_TOPIC_OR_PARTITION} (org.apache.kafka.clients.NetworkClient) What I've verified: 1) Client can resolve advertisted.listeners on all brokers. (prior to enabling SASL, PLAINTEXT and SSL work with my set advertisted.listerners) 2) In my sasl-producer.properties, im authenticating with user Kafka. Kafka has been set as super user and in kafka-authorizer.log, I see " [2018-08-20 08:27:19,971] DEBUG principal = User:kafka is a super user, allowing operation without checking acls. (kafka.authorizer.logger) [2018-08-20 08:27:19,971] DEBUG Principal = User:kafka is Allowed Operation = Describe from host = 10.10.52.1 on resource = Topic:testtopic1 (kafka.authorizer.logger) [2018-08-20 08:27:20,072] DEBUG operation = Read on resource = Topic: testtopic1 from host = 10.10.52.1 is Allow based on acl = User:kafka has Allow permission for operations: All from hosts: * (kafka.authorizer.logger) and from the kafka.log's in DEBUG: [2018-08-20 09:35:48,364] DEBUG principal = User:kafka is a super user, allowing operation without checking acls. (kafka.authorizer.logger:159) [2018-08-20 09:35:48,364] DEBUG Principal = User:kafka is Allowed Operation = Describe from host = 10.89.64.7 on resource = Topic:kerbtest1 (kafka.authorizer.logger:251) [2018-08-20 09:35:48,364] DEBUG Completed request:{api_key=3,api_version=4,correlation_id=186,client_id=console-producer} -- {topics=[kerbtest1],allow_auto_topic_creation=true} from connection 10.10.52.1:9093-10.10.52.1:42752;totalTime:0.461000,requestQueueTime:0.033000,localTime:0.346000,remoteTime:0.000000,throttleTime:0.033000,responseQueueTime:0.030000,sendTime:0.066000,securityProtocol:SASL_PLAINTEXT,principal:User:kafka,listener:SASL_PLAINTEXT (kafka.request.logger:193) I'm assuming everything is okay from an ACL standpoint but when the client cannot get the topic metadata from the returned advertisted listeners? Any ideas on what I could be missing? Could this be something with ZK setup/any authentication I am missing there? I had even tried " skipACL=yes" but that did not change anything. Thanks!