Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
3.6k views
in Technique[技术] by (71.8m points)

How to specify TLS auth for kafka connect which has debezium mysql connector?

Kafka Connector

https://gist.github.com/alok87/d5b2cac48aa5d616a76fdcf2b18cd766

Kafka Connect

https://gist.github.com/alok87/5a8e6533906ce2c164f98f101c223f46

Kafka

 kafka:
    authorization:
      superUsers:
      - CN=kafka-connect
      type: simple
    listeners:
      external:
        authentication:
          type: tls
        tls: true
        type: loadbalancer

Kafka User (super user)

spec:
  authentication:
    type: tls

With the above configurations, kafka starts in TLS mode, Kafka connect comes up! But as soon as I create the Kafka connector, the connector fails trying to talk to Kafka and the logs of the kafka pods has the following SSL Handshake failed error:

2021-01-12 15:03:24,891 INFO [SocketServer brokerId=0] Failed authentication with /10.2.21.9 (SSL handshake failed) (org.apache.kafka.common.network.Selector) [data-plane-kafka-network-thread-0-ListenerName(EXTERNAL-9094)-SSL-4]

TLS is working perfectly from a Golang process using the same certs and keys (same user cert).

Do we need to specify SSL configurations for the Connector as well like mentioned here https://debezium.io/documentation/reference/1.3/connectors/mysql.html#mysql-connector-pass-through-properties? If yes, why do we need to specify both in Kafka connect and connector. I expected the connector to be plugins running inside a single process that is Kafka connect.

https://github.com/strimzi/strimzi-kafka-operator/discussions/4229

Thanks for the help.


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)
等待大神答复

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...