Closed stammaja closed 6 months ago
This Issue has been automatically marked as "stale" because it has not had recent activity (for 15 days). It will be closed if no further activity occurs. Thanks for the feedback.
Hi @stammaja,
Let me shed some light here.
KAFKA_CFG_*
means they will be set inside kafka.properties
file.3.5.1-debian-11-r4, 3.4.1-debian-11-r50, 3.3.2-debian-11-r176 and 3.2.3-debian-11-r161
we adopted Kafka recommendations to use JAAS configuration inside kafka.properties . A description of all the changes can be found in the README.mdkafka_jaas.conf
is still supported, and KAFKA_OPTS should be automatically set if the file is mounted: https://github.com/bitnami/containers/blob/f7ff2144f293d73b50f80eebb495d24b31da0495/bitnami/kafka/3.6/debian-12/rootfs/opt/bitnami/scripts/kafka/run.sh#L19-L21Now, considering the above, I have noticed several issues:
KAFKA_CFG_*
are rendered into kafka.properties at the beginning of the initialization, it is not possible to override settings such has listener.name.<listener>.plain.sasl.jaas.config
, because they will be overridden later on the initialization logic.To fix this issue, I will release an image with the following changes:
kafka_configure_from_environment_variables
will be executed at the end of the initialization logic, instead of at the beginning, so users can override automatically configured settings.kafka_configure_server_jaas
will be omitted if kafka_jaas.conf
was provided.Therefore, you should be able to address this issue by either setting KAFKA_CFG_LISTENER_NAME_LISTENERSASLEXTERNAL_PLAIN_SASL_JAAS_CONFIG
or by mounting your kafka_jaas.config
(no need to set KAFKA_OPTS
).
I will let you know once a new version of bitnami/kafka is released including those changes.
This Issue has been automatically marked as "stale" because it has not had recent activity (for 15 days). It will be closed if no further activity occurs. Thanks for the feedback.
Due to the lack of activity in the last 5 days since it was marked as "stale", we proceed to close this Issue. Do not hesitate to reopen it later if necessary.
Name and Version
bitnami/kafka:3.6
What architecture are you using?
amd64
What steps will reproduce the bug?
When starting docker-compose.yaml with any of the options noted below: 1.
This version breaks with
KAFKA_CFG_OPTS
instead ofKAFKA_OPTS
KafkaServer
instead oflistenersaslexternal.KafkaServer
- KAFKA_LISTENER_NAME_LISTENERSASLEXTERNAL_PLAIN_SASL_JAAS_CONFIG=org.apache.kafka.common.security.plain.PlainLoginModule required serviceName="kafka" username="admin" password="adminsecret123" user_local="local_kafka_pw";
instead of using
kafka_jaas.config
Options 2,3,4 behave like there was no variable set, cat /opt/bitnami/kafka/config/server.properties gives result `listener.name.listenersaslexternal.plain.sasl.jaas.config=org.apache.kafka.common.security.plain.PlainLoginModule required user_user="bitnami";
What is the expected behavior?
There is a way to set the listener's jaas config without mounting the whole
server.properties
fileWhat do you see instead?
In any of the tested scenarios, cat /opt/bitnami/kafka/config/server.properties gives result
listener.name.listenersaslexternal.plain.sasl.jaas.config=org.apache.kafka.common.security.plain.PlainLoginModule required user_user="bitnami";
The application gets 'Authentication failed: Invalid username or password'
Additional information
Only option which works is:
with
listener.name.listenersaslexternal.plain.sasl.jaas.config=org.apache.kafka.common.security.plain.PlainLoginModule required serviceName="kafka" username="admin" password="adminsecret123" user_local="local_kafka_pw";