search

linkedin / cruise-control

Cruise-control is the first of its kind to fully automate the dynamic workload rebalance and self-healing of a Kafka cluster. It provides great value to Kafka users by simplifying the operation of Kafka clusters.
https://github.com/linkedin/cruise-control/tags
BSD 2-Clause "Simplified" License
2.68k stars 573 forks source link

Cruise control not able to communicate with Kafka brokers when SSL is enabled for kafka brokers #2063

Open Phani2811 opened 9 months ago

Phani2811 commented 9 months ago

Hi, I have added all the required parameters cruise.control.metrics.reporter.ssl* in server.properties of kafka to ensure cruise control connects to SSL enabled kafka brokers. but it is not working.

Cruise control logs are always throws this error message. i am not sure what is this?

[2023-09-22 08:28:12,797] INFO [AdminClient clientId=adminclient-2] Node -2 disconnected. (clients.NetworkClient) [2023-09-22 08:28:12,797] INFO [AdminClient clientId=adminclient-2] Cancelled in-flight API_VERSIONS request with correlation id 2421 due to node -2 being disconnected (elapsed time since creation: 44ms, elapsed time since send: 44ms, request timeout: 3600000ms) (clients.NetworkClient) [2023-09-22 08:28:12,825] INFO [AdminClient clientId=adminclient-1] Node -3 disconnected. (clients.NetworkClient) [2023-09-22 08:28:12,825] INFO [AdminClient clientId=adminclient-1] Cancelled in-flight API_VERSIONS request with correlation id 2415 due to node -3 being disconnected (elapsed time since creation: 29ms, elapsed time since send: 29ms, request timeout: 3600000ms) (clients.NetworkClient) [2023-09-22 08:28:12,827] INFO [AdminClient clientId=adminclient-2] Node -3 disconnected. (clients.NetworkClient) [2023-09-22 08:28:12,827] INFO [AdminClient clientId=adminclient-2] Cancelled in-flight API_VERSIONS request with correlation id 2422 due to node -3 being disconnected (elapsed time since creation: 29ms, elapsed time since send: 29ms, request timeout: 3600000ms) (clients.NetworkClient)

and Kafka logs always throws this error: INFO [SocketServer listenerType=ZK_BROKER, nodeId=1001] Failed authentication with /10.0.0.97 (channelId=10.0.0.186:9092-10.0.0.97:38240-344) (SSL handshake failed) (org.apache.kafka.common.network.Selector) INFO [SocketServer listenerType=ZK_BROKER, nodeId=1001] Failed authentication with /10.0.0.51 (channelId=10.0.0.186:9092-10.0.0.51:38286-344) (SSL handshake failed) (org.apache.kafka.common.network.Selector) INFO [SocketServer listenerType=ZK_BROKER, nodeId=1001] Failed authentication with /10.0.0.51 (channelId=10.0.0.186:9092-10.0.0.51:38302-345) (SSL handshake failed) (org.apache.kafka.common.network.Selector)

This looks to be SSL handshake error. but not sure what is the actual problem. Could you please help. am using kafka version 3.5.1. tried in 3.4.1 also but getting same error. Thanks!

@efeg - FYI. Please help if you are aware of this issue.

Sourabh-Dilraj commented 3 months ago

Hi, I am facing the same issue as mentioned in the above comment. Please help if you are aware of this issue.