Closed dainesj closed 3 years ago
For Kafka Brokers with Jolokia Basic Auth configured upgrade_kafka_broker.yml fails. The Get ActiveControllerCount play is failing as URL module is missing Basic Auth settings.
upgrade_kafka_broker.yml
Get ActiveControllerCount
cat /etc/systemd/system/confluent-server.service.d/override.conf
[Service] Environment="KAFKA_OPTS=-javaagent:/opt/jolokia/jolokia.jar=config=/etc/kafka/kafka_jolokia.properties" Environment="KAFKA_HEAP_OPTS=-Xms6g -Xmx6g -XX:MetaspaceSize=96m -XX:+UseG1GC -XX:MaxGCPauseMillis=20 -XX:InitiatingHeapOccupancyPercent=35 -XX:G1HeapRegionSize=16M -XX:MinMetaspaceFreeRatio=50 -XX:MaxMetaspaceFreeRatio=80" Environment="KAFKA_LOG4J_OPTS=-Dlog4j.configuration=file:/etc/kafka/kafka_server_log4j.properties" Environment="LOG_DIR=/var/log/kafka/"
cat /etc/kafka/kafka_jolokia.properties
port=7771 host=0.0.0.0 authMode=basic user=<USER> password=<PASSWORD>
TASK [Get ActiveControllerCount] **************************************************************************************************************************************************************************************************** task path: /home/ec2-user/cp-ansible/tasks/create_ordered_kafka_groups.yml:8 Wednesday 20 January 2021 07:15:20 +0000 (0:00:00.716) 0:00:18.611 ***** *** ommitted details *** fatal: [ip-172-31-86-77.ec2.internal]: FAILED! => { "changed": false, "content": "", "content_length": "0", "date": "Wed, 20 Jan 2021 07:15:20 GMT", "elapsed": 0, "invocation": { "module_args": { "attributes": null, "backup": null, "body": null, "body_format": "raw", "client_cert": null, "client_key": null, "content": null, "creates": null, "delimiter": null, "dest": null, "directory_mode": null, "follow": false, "follow_redirects": "safe", "force": false, "force_basic_auth": false, "group": null, "headers": {}, "http_agent": "ansible-httpget", "method": "GET", "mode": null, "owner": null, "regexp": null, "remote_src": null, "removes": null, "return_content": true, "selevel": null, "serole": null, "setype": null, "seuser": null, "src": null, "status_code": [ "200" ], "timeout": 30, "unix_socket": null, "unsafe_writes": null, "url": "http://ip-172-31-86-77.ec2.internal:7771/jolokia/read/kafka.controller:type=KafkaController,name=ActiveControllerCount", "url_password": null, "url_username": null, "use_proxy": true, "validate_certs": false } }, "msg": "Status code was 401 and not [200]: HTTP Error 401: Unauthorized", For Kafka Brokers with Jolokia Basic Auth configured `upgrade_kafka_broker.yml` fails. The `Get ActiveControllerCount` play is failing as URL module is missing Basic Auth settings. "redirected": false, "status": 401, "url": "http://ip-172-31-86-77.ec2.internal:7771/jolokia/read/kafka.controller:type=KafkaController,name=ActiveControllerCount", "www_authenticate": "Basic realm=\"jolokia\"" }
Updated Handler as below :
- name: Get ActiveControllerCount uri: url: "{{ kafka_broker_jolokia_active_controller_url }}" validate_certs: false return_content: true status_code: 200 # included basic auth information url_username: "{{kafka_broker_jolokia_user}}" url_password: "{{kafka_broker_jolokia_password}}" force_basic_auth: true register: active_controller_count_query check_mode: false
TASK [Get ActiveControllerCount] **************************************************************************************************************************************************************************************************** task path: /home/ec2-user/cp-ansible/tasks/create_ordered_kafka_groups.yml:8 *** ommitted details *** ok: [ip-172-31-86-77.ec2.internal] => { "cache_control": "no-cache", "changed": false, "content": "{\"request\":{\"mbean\":\"kafka.controller:name=ActiveControllerCount,type=KafkaController\",\"type\":\"read\"},\"value\":{\"Value\":1},\"timestamp\":1611126806,\"status\":200}", "content_type": "text/plain; charset=utf-8", "cookies": {}, "cookies_string": "", "date": "Wed, 20 Jan 2021 07:13:26 GMT", "elapsed": 0, "expires": "Wed, 20 Jan 2021 06:13:26 GMT", "invocation": { "module_args": { "attributes": null, "backup": null, "body": null, "body_format": "raw", "client_cert": null, "client_key": null, "content": null, "creates": null, "delimiter": null, "dest": null, "directory_mode": null, "follow": false, "follow_redirects": "safe", "force": false, "force_basic_auth": true, "group": null, "headers": {}, "http_agent": "ansible-httpget", "method": "GET", "mode": null, "owner": null, "regexp": null, "remote_src": null, "removes": null, "return_content": true, "selevel": null, "serole": null, "setype": null, "seuser": null, "src": null, "status_code": [ "200" ], "timeout": 30, "unix_socket": null, "unsafe_writes": null, "url": "http://ip-172-31-86-77.ec2.internal:7771/jolokia/read/kafka.controller:type=KafkaController,name=ActiveControllerCount", "url_password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", "url_username": "justin", "use_proxy": true, "validate_certs": false } }, "json": { "request": { "mbean": "kafka.controller:name=ActiveControllerCount,type=KafkaController", "type": "read" }, "status": 200, "timestamp": 1611126806, "value": { "Value": 1 } }, "msg": "OK (unknown bytes)", "pragma": "no-cache", "redirected": false, "status": 200, "transfer_encoding": "chunked", "url": "http://ip-172-31-86-77.ec2.internal:7771/jolokia/read/kafka.controller:type=KafkaController,name=ActiveControllerCount" }
Looks like the fix was added: https://github.com/confluentinc/cp-ansible/blob/6.0.1-post/tasks/create_ordered_kafka_groups.yml#L13
I'll close this unless you have objections
For Kafka Brokers with Jolokia Basic Auth configured
upgrade_kafka_broker.yml
fails. TheGet ActiveControllerCount
play is failing as URL module is missing Basic Auth settings.Broker Jolokia settings :
cat /etc/systemd/system/confluent-server.service.d/override.conf
cat /etc/kafka/kafka_jolokia.properties
Failure
Expected behavior :
Updated Handler as below :
Output :