admin管理员组文章数量:1345728
I have kafka cluster configuration as below:-
apiVersion: kafka.strimzi.io/v1beta2
kind: Kafka
metadata:
name: kafka-cluster
annotations:
strimzi.io/node-pools: enabled
strimzi.io/kraft: enabled
spec:
kafka:
version: 3.8.0
metadataVersion: 3.8-IV0
listeners:
- name: plain
port: 9092
type: internal
tls: false
- name: tls
port: 9093
type: internal
tls: true
configuration:
brokerCertChainAndKey:
secretName: kafka-tls
certificate: tls.crt
key: tls.key
config:
default.replication.factor: 3
min.insync.replicas: 2
auto.create.topics.enable: "false"
entityOperator:
topicOperator: {}
userOperator: {}
On client side I connect to cluster using below configuration
security.protocol=ssl
enable.ssl.certificate.verification=false
and this works.
Now I am trying to enable authorization by adding below configuration to existing cluster
authorization:
type: simple
and Kafka user
apiVersion: kafka.strimzi.io/v1beta2
kind: KafkaUser
metadata:
name: kafka-admin
namespace: kafka
labels:
strimzi.io/cluster: kafka-cluster
spec:
authorization:
type: simple
acls:
- resource:
type: topic
name: "*"
patternType: literal
operations:
- All
- resource:
type: group
name: "*"
patternType: literal
operations:
- All
- resource:
type: cluster
operations:
- All
in application logs I see
"Broker: Topic authorization failed"
I am trying access the cluster in TLS mode. what configuration I am missing ?
版权声明:本文标题:apache kafka - Principal = User:ANONYMOUS is Denied operation = DESCRIBE from host = 10.42.1.76 on resource - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1743789849a2539363.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论