I have a valid keytab, recieve a valid ticket and I can connect to kafka via kafka-client (for test)
But when I connect via kafka-exporter I have an error in log below
[sarama] 2022/09/29 14:57:28 Error while performing GSSAPI Kerberos Authentication: wrong Token ID. Expected 0504, was 6030
[sarama] 2022/09/29 14:57:28 Closed connection to broker kafka-host.domain.local:9092
[sarama] 2022/09/29 14:57:28 client/metadata got error from broker -1 while fetching metadata: wrong Token ID. Expected 0504, was 6030
[sarama] 2022/09/29 14:57:28 client/metadata no available broker to send metadata request to
[sarama] 2022/09/29 14:57:28 client/brokers resurrecting 1 dead seed brokers
[sarama] 2022/09/29 14:57:28 Closing Client
F0929 14:57:28.828568 15038 kafka_exporter.go:893] Error Init Kafka Client: kafka: client has run out of available brokers to talk to: wrong Token ID. Expected 0504, was 6030
Looks like a problem similar to the tickets about incorrect Kerberos auth working for golang applications.
Related search across related issues in Sarama & gokrb5 libraries repositories shows me some solutions but they didn't work for me.
I also tried to specify many options with different encryption types in /etc/krb5.conf, but that also did not help.
Tried to run on different versions of Kafka - 1.0.2 and 2.8.1. It does not affect the result.
Hello. I ran into a problem connecting kafka-exporter to Kafka with Kerberos auth
I have a valid keytab, recieve a valid ticket and I can connect to kafka via kafka-client (for test) But when I connect via kafka-exporter I have an error in log below
Looks like a problem similar to the tickets about incorrect Kerberos auth working for golang applications. Related search across related issues in Sarama & gokrb5 libraries repositories shows me some solutions but they didn't work for me. I also tried to specify many options with different encryption types in /etc/krb5.conf, but that also did not help. Tried to run on different versions of Kafka - 1.0.2 and 2.8.1. It does not affect the result.
Any help is welcome. I still don't understand what exactly is the reason.