Month: January 2021

  • SASL config issue on latest Kafka versions

    Hello,

    Today I want to share with you a problem that we needed to fix when we decided to activate SASL.

    Normally, the steps are pretty straight forward and you can use Confluent doku or the general Apache Kafka.

    The main catch is that if you have a certain property in your config file, the following error will appear in a loop:

    [2021-01-11 09:17:28,052] ERROR Processor [0..n] closed connection from null (kafka.network.Processor)
java.io.IOException: Channel could not be created for socket java.nio.channels.SocketChannel[closed]
	at org.apache.kafka.common.network.Selector.buildAndAttachKafkaChannel(Selector.java:348)
	at org.apache.kafka.common.network.Selector.registerChannel(Selector.java:329)
	at org.apache.kafka.common.network.Selector.register(Selector.java:311)
	at kafka.network.Processor.configureNewConnections(SocketServer.scala:1024)
	at kafka.network.Processor.run(SocketServer.scala:757)
	at java.base/java.lang.Thread.run(Thread.java:834)
Caused by: org.apache.kafka.common.KafkaException: java.lang.NullPointerException
	at org.apache.kafka.common.network.SaslChannelBuilder.buildChannel(SaslChannelBuilder.java:228)
	at org.apache.kafka.common.network.Selector.buildAndAttachKafkaChannel(Selector.java:338)
	... 5 more
Caused by: java.lang.NullPointerException
	at java.base/java.util.Objects.requireNonNull(Objects.java:221)
	at org.apache.kafka.common.security.authenticator.DefaultKafkaPrincipalBuilder.fromOldPrincipalBuilder(DefaultKafkaPrincipalBuilder.java:77)
	at org.apache.kafka.common.network.ChannelBuilders.createPrincipalBuilder(ChannelBuilders.java:216)
	at org.apache.kafka.common.security.authenticator.SaslServerAuthenticator.<init>(SaslServerAuthenticator.java:183)
	at org.apache.kafka.common.network.SaslChannelBuilder.buildServerAuthenticator(SaslChannelBuilder.java:262)
	at org.apache.kafka.common.network.SaslChannelBuilder.lambda$buildChannel$0(SaslChannelBuilder.java:207)
	at org.apache.kafka.common.network.KafkaChannel.<init>(KafkaChannel.java:143)
	at org.apache.kafka.common.network.SaslChannelBuilder.buildChannel(SaslChannelBuilder.java:224)
	... 6 more

    The cause for this is property:

    principal.builder.class=org.apache.kafka.common.security.auth.DefaultPrincipalBuilder

    Normally, for the latest versions of Apache Kafka like 2.x.x, it should not be set at all so that when the process starts it will be like:

    principal.builder.class=null