search

datastax / pulsar-helm-chart

Apache Pulsar Helm chart
Apache License 2.0
46 stars 38 forks source link

Broker fails when using examples/dev-values-keycloak-auth.yaml #242

Closed michaeljmarshall closed 2 years ago

michaeljmarshall commented 2 years ago

Problem

When using the examples/dev-values-keycloak-auth.yaml values file, the broker fails with this error:

21:16:56.286 [main] INFO  com.datastax.oss.pulsar.auth.ConfigUtils - Configuration for [openIDAllowedAudience] is [null]
21:16:56.286 [main] INFO  com.datastax.oss.pulsar.auth.ConfigUtils - Configuration for [openIDAcceptedTimeLeewaySeconds] is using the default value: [0]
21:16:56.286 [main] INFO  com.datastax.oss.pulsar.auth.ConfigUtils - Configuration for [openIDJwkCacheSize] is using the default value: [10]
21:16:56.287 [main] INFO  com.datastax.oss.pulsar.auth.ConfigUtils - Configuration for [openIDJwkExpiresMinutes] is using the default value: [5]
21:16:56.287 [main] INFO  com.datastax.oss.pulsar.auth.ConfigUtils - Configuration for [openIDAllowedTokenIssuers] is [http://test-keycloak.default:<nil>/auth/realms/pulsar, http://test-keycloak:<nil>/auth/realms/pulsar, http://test-keycloak.default.svc.cluster.local:<nil>/auth/realms/pulsar].
21:16:56.292 [main] ERROR org.apache.pulsar.broker.PulsarService - Failed to start Pulsar service: Failed to load an authentication provider.
org.apache.pulsar.broker.PulsarServerException: Failed to load an authentication provider.
    at org.apache.pulsar.broker.authentication.AuthenticationService.<init>(AuthenticationService.java:81) ~[com.datastax.oss-pulsar-broker-common-2.8.3.1.0.11.jar:2.8.3.1.0.11]
    at org.apache.pulsar.broker.service.BrokerService.<init>(BrokerService.java:336) ~[com.datastax.oss-pulsar-broker-2.8.3.1.0.11.jar:2.8.3.1.0.11]
    at org.apache.pulsar.broker.PulsarService.newBrokerService(PulsarService.java:1709) ~[com.datastax.oss-pulsar-broker-2.8.3.1.0.11.jar:2.8.3.1.0.11]
    at org.apache.pulsar.broker.PulsarService.start(PulsarService.java:670) [com.datastax.oss-pulsar-broker-2.8.3.1.0.11.jar:2.8.3.1.0.11]
    at org.apache.pulsar.PulsarBrokerStarter$BrokerStarter.start(PulsarBrokerStarter.java:259) [com.datastax.oss-pulsar-broker-2.8.3.1.0.11.jar:2.8.3.1.0.11]
    at org.apache.pulsar.PulsarBrokerStarter.main(PulsarBrokerStarter.java:331) [com.datastax.oss-pulsar-broker-2.8.3.1.0.11.jar:2.8.3.1.0.11]
Caused by: java.lang.IllegalArgumentException: Invalid JWKS uri
    at com.datastax.oss.pulsar.auth.AuthenticationProviderOpenID.urlForDomain(AuthenticationProviderOpenID.java:377) ~[pulsar-openid-connect-plugin-1.0.0-beta.jar:?]
    at com.datastax.oss.pulsar.auth.AuthenticationProviderOpenID.lambda$initialize$0(AuthenticationProviderOpenID.java:116) ~[pulsar-openid-connect-plugin-1.0.0-beta.jar:?]
    at java.lang.Iterable.forEach(Iterable.java:75) ~[?:?]
    at com.datastax.oss.pulsar.auth.AuthenticationProviderOpenID.initialize(AuthenticationProviderOpenID.java:115) ~[pulsar-openid-connect-plugin-1.0.0-beta.jar:?]
    at org.apache.pulsar.broker.authentication.AuthenticationProviderList.initialize(AuthenticationProviderList.java:146) ~[com.datastax.oss-pulsar-broker-common-2.8.3.1.0.11.jar:2.8.3.1.0.11]
    at org.apache.pulsar.broker.authentication.AuthenticationService.<init>(AuthenticationService.java:70) ~[com.datastax.oss-pulsar-broker-common-2.8.3.1.0.11.jar:2.8.3.1.0.11]
    ... 5 more
Caused by: java.net.URISyntaxException: Illegal character in authority at index 7: http://test-keycloak.default:<nil>/auth/realms/pulsar/protocol/openid-connect/certs
    at java.net.URI$Parser.fail(URI.java:2913) ~[?:?]
    at java.net.URI$Parser.parseAuthority(URI.java:3247) ~[?:?]
    at java.net.URI$Parser.parseHierarchical(URI.java:3158) ~[?:?]
    at java.net.URI$Parser.parse(URI.java:3114) ~[?:?]
    at java.net.URI.<init>(URI.java:600) ~[?:?]
    at com.datastax.oss.pulsar.auth.AuthenticationProviderOpenID.urlForDomain(AuthenticationProviderOpenID.java:374) ~[pulsar-openid-connect-plugin-1.0.0-beta.jar:?]
    at com.datastax.oss.pulsar.auth.AuthenticationProviderOpenID.lambda$initialize$0(AuthenticationProviderOpenID.java:116) ~[pulsar-openid-connect-plugin-1.0.0-beta.jar:?]
    at java.lang.Iterable.forEach(Iterable.java:75) ~[?:?]
    at com.datastax.oss.pulsar.auth.AuthenticationProviderOpenID.initialize(AuthenticationProviderOpenID.java:115) ~[pulsar-openid-connect-plugin-1.0.0-beta.jar:?]
    at org.apache.pulsar.broker.authentication.AuthenticationProviderList.initialize(AuthenticationProviderList.java:146) ~[com.datastax.oss-pulsar-broker-common-2.8.3.1.0.11.jar:2.8.3.1.0.11]
    at org.apache.pulsar.broker.authentication.AuthenticationService.<init>(AuthenticationService.java:70) ~[com.datastax.oss-pulsar-broker-common-2.8.3.1.0.11.jar:2.8.3.1.0.11]
    ... 5 more
21:16:56.313 [main] ERROR org.apache.pulsar.PulsarBrokerStarter - Failed to start pulsar service.
org.apache.pulsar.broker.PulsarServerException: org.apache.pulsar.broker.PulsarServerException: Failed to load an authentication provider.
    at org.apache.pulsar.broker.PulsarService.start(PulsarService.java:795) ~[com.datastax.oss-pulsar-broker-2.8.3.1.0.11.jar:2.8.3.1.0.11]
    at org.apache.pulsar.PulsarBrokerStarter$BrokerStarter.start(PulsarBrokerStarter.java:259) ~[com.datastax.oss-pulsar-broker-2.8.3.1.0.11.jar:2.8.3.1.0.11]
    at org.apache.pulsar.PulsarBrokerStarter.main(PulsarBrokerStarter.java:331) [com.datastax.oss-pulsar-broker-2.8.3.1.0.11.jar:2.8.3.1.0.11]
Caused by: org.apache.pulsar.broker.PulsarServerException: Failed to load an authentication provider.
    at org.apache.pulsar.broker.authentication.AuthenticationService.<init>(AuthenticationService.java:81) ~[com.datastax.oss-pulsar-broker-common-2.8.3.1.0.11.jar:2.8.3.1.0.11]
    at org.apache.pulsar.broker.service.BrokerService.<init>(BrokerService.java:336) ~[com.datastax.oss-pulsar-broker-2.8.3.1.0.11.jar:2.8.3.1.0.11]
    at org.apache.pulsar.broker.PulsarService.newBrokerService(PulsarService.java:1709) ~[com.datastax.oss-pulsar-broker-2.8.3.1.0.11.jar:2.8.3.1.0.11]
    at org.apache.pulsar.broker.PulsarService.start(PulsarService.java:670) ~[com.datastax.oss-pulsar-broker-2.8.3.1.0.11.jar:2.8.3.1.0.11]
    ... 2 more
Caused by: java.lang.IllegalArgumentException: Invalid JWKS uri
    at com.datastax.oss.pulsar.auth.AuthenticationProviderOpenID.urlForDomain(AuthenticationProviderOpenID.java:377) ~[pulsar-openid-connect-plugin-1.0.0-beta.jar:?]
    at com.datastax.oss.pulsar.auth.AuthenticationProviderOpenID.lambda$initialize$0(AuthenticationProviderOpenID.java:116) ~[pulsar-openid-connect-plugin-1.0.0-beta.jar:?]
    at java.lang.Iterable.forEach(Iterable.java:75) ~[?:?]
    at com.datastax.oss.pulsar.auth.AuthenticationProviderOpenID.initialize(AuthenticationProviderOpenID.java:115) ~[pulsar-openid-connect-plugin-1.0.0-beta.jar:?]
    at org.apache.pulsar.broker.authentication.AuthenticationProviderList.initialize(AuthenticationProviderList.java:146) ~[com.datastax.oss-pulsar-broker-common-2.8.3.1.0.11.jar:2.8.3.1.0.11]
    at org.apache.pulsar.broker.authentication.AuthenticationService.<init>(AuthenticationService.java:70) ~[com.datastax.oss-pulsar-broker-common-2.8.3.1.0.11.jar:2.8.3.1.0.11]
    at org.apache.pulsar.broker.service.BrokerService.<init>(BrokerService.java:336) ~[com.datastax.oss-pulsar-broker-2.8.3.1.0.11.jar:2.8.3.1.0.11]
    at org.apache.pulsar.broker.PulsarService.newBrokerService(PulsarService.java:1709) ~[com.datastax.oss-pulsar-broker-2.8.3.1.0.11.jar:2.8.3.1.0.11]
    at org.apache.pulsar.broker.PulsarService.start(PulsarService.java:670) ~[com.datastax.oss-pulsar-broker-2.8.3.1.0.11.jar:2.8.3.1.0.11]
    ... 2 more
Caused by: java.net.URISyntaxException: Illegal character in authority at index 7: http://test-keycloak.default:<nil>/auth/realms/pulsar/protocol/openid-connect/certs
    at java.net.URI$Parser.fail(URI.java:2913) ~[?:?]
    at java.net.URI$Parser.parseAuthority(URI.java:3247) ~[?:?]
    at java.net.URI$Parser.parseHierarchical(URI.java:3158) ~[?:?]
    at java.net.URI$Parser.parse(URI.java:3114) ~[?:?]
    at java.net.URI.<init>(URI.java:600) ~[?:?]
    at com.datastax.oss.pulsar.auth.AuthenticationProviderOpenID.urlForDomain(AuthenticationProviderOpenID.java:374) ~[pulsar-openid-connect-plugin-1.0.0-beta.jar:?]
    at com.datastax.oss.pulsar.auth.AuthenticationProviderOpenID.lambda$initialize$0(AuthenticationProviderOpenID.java:116) ~[pulsar-openid-connect-plugin-1.0.0-beta.jar:?]
    at java.lang.Iterable.forEach(Iterable.java:75) ~[?:?]
    at com.datastax.oss.pulsar.auth.AuthenticationProviderOpenID.initialize(AuthenticationProviderOpenID.java:115) ~[pulsar-openid-connect-plugin-1.0.0-beta.jar:?]
    at org.apache.pulsar.broker.authentication.AuthenticationProviderList.initialize(AuthenticationProviderList.java:146) ~[com.datastax.oss-pulsar-broker-common-2.8.3.1.0.11.jar:2.8.3.1.0.11]
    at org.apache.pulsar.broker.authentication.AuthenticationService.<init>(AuthenticationService.java:70) ~[com.datastax.oss-pulsar-broker-common-2.8.3.1.0.11.jar:2.8.3.1.0.11]
    at org.apache.pulsar.broker.service.BrokerService.<init>(BrokerService.java:336) ~[com.datastax.oss-pulsar-broker-2.8.3.1.0.11.jar:2.8.3.1.0.11]
    at org.apache.pulsar.broker.PulsarService.newBrokerService(PulsarService.java:1709) ~[com.datastax.oss-pulsar-broker-2.8.3.1.0.11.jar:2.8.3.1.0.11]
    at org.apache.pulsar.broker.PulsarService.start(PulsarService.java:670) ~[com.datastax.oss-pulsar-broker-2.8.3.1.0.11.jar:2.8.3.1.0.11]
    ... 2 more