[Bug]: Kafkauser is not getting ready state

[sonukumar0205]

Bug Description

We are trying to install Kafka using strimzi 0.43 operator but kafkauser gets stuck with Not Ready state. As a result of this when we are trying to do kafka configuration in Maximo application suite getting error as Broken Transport Failure error. We are trying to install this on AWS ROSA (4.14.x) using ansible playbook. Below is the yaml file getting created for kafka and kafkauser:

**Kafka***** apiVersion: kafka.strimzi.io/v1beta2 kind: Kafka metadata: annotations: kubectl.kubernetes.io/last-applied-configuration: '{"apiVersion":"kafka.strimzi.io/v1beta2","kind":"Kafka","metadata":{"name":"maskafka","namespace":"strimzi"},"spec":{"entityOperator":{"template":{"pod":{"tmpDirSizeLimit":"1024Mi"}},"tlsSidecar":{"resources":{"limits":{"cpu":"500m","memory":"128Mi"},"requests":{"cpu":"200m","memory":"64Mi"}}},"topicOperator":{"logging":{"loggers":{"rootLogger.level":"INFO"},"type":"inline"},"resources":{"limits":{"cpu":"500m","memory":"512Mi"},"requests":{"cpu":"250m","memory":"512Mi"}},"zookeeperSessionTimeoutSeconds":30},"userOperator":{"logging":{"loggers":{"rootLogger.level":"INFO"},"type":"inline"},"resources":{"limits":{"cpu":"500m","memory":"512Mi"},"requests":{"cpu":"250m","memory":"512Mi"}}}},"kafka":{"authorization":{"superUsers":["admin"],"type":"simple"},"config":{"auto.create.topics.enable":false,"default.replication.factor":3,"log.cleaner.enable":true,"log.cleanup.policy":"delete","log.message.format.version":"3.7.0","log.retention.bytes":1073741824,"log.retention.hours":24,"log.segment.bytes":268435456,"min.insync.replicas":2,"offsets.topic.replication.factor":3,"transaction.state.log.min.isr":2,"transaction.state.log.replication.factor":3,"unclean.leader.election.enable":true},"jvmOptions":{"-Xms":"3072m","-Xmx":"3072m"},"listeners":[{"authentication":{"type":"scram-sha-512"},"name":"tls","port":9094,"tls":true,"type":"route"},{"authentication":{"type":"scram-sha-512"},"name":"internal","networkPolicyPeers":[{"namespaceSelector":{}}],"port":9093,"tls":true,"type":"internal"}],"logging":{"type":"external","valueFrom":{"configMapKeyRef":{"key":"kafka-log4j.properties","name":"kafka-logging-config"}}},"metricsConfig":{"type":"jmxPrometheusExporter","valueFrom":{"configMapKeyRef":{"key":"kafka-metrics-config.yml","name":"kafka-metrics-config"}}},"replicas":3,"resources":{"limits":{"cpu":"2","memory":"4Gi"},"requests":{"cpu":"1","memory":"4Gi"}},"storage":{"type":"jbod","volumes":[{"class":"gp3-csi","deleteClaim":true,"id":0,"size":"100Gi","type":"persistent-claim"}]},"template":{"pod":{"affinity":{"podAntiAffinity":{"preferredDuringSchedulingIgnoredDuringExecution":[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"strimzi.io/name","operator":"In","values":["maskafka-kafka"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]}},"tmpDirSizeLimit":"100Mi"}},"version":"3.7.0"},"kafkaExporter":{"enableSaramaLogging":true,"groupRegex":".","logging":"debug","resources":{"limits":{"cpu":"500m","memory":"128Mi"},"requests":{"cpu":"200m","memory":"64Mi"}},"topicRegex":"."},"zookeeper":{"jvmOptions":{"-Xms":"768m","-Xmx":"768m"},"metricsConfig":{"type":"jmxPrometheusExporter","valueFrom":{"configMapKeyRef":{"key":"zookeeper-metrics-config.yml","name":"kafka-metrics-config"}}},"replicas":3,"resources":{"limits":{"cpu":"1","memory":"1Gi"},"requests":{"cpu":"0.5","memory":"1Gi"}},"storage":{"class":"gp3-csi","deleteClaim":true,"size":"10Gi","type":"persistent-claim"},"template":{"pod":{"affinity":{"podAntiAffinity":{"preferredDuringSchedulingIgnoredDuringExecution":[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"strimzi.io/name","operator":"In","values":["maskafka-zookeeper"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]}},"tmpDirSizeLimit":"100Mi"}}}}}' creationTimestamp: '2024-09-12T17:19:41Z' generation: 1 managedFields:

• apiVersion: kafka.strimzi.io/v1beta2 fieldsType: FieldsV1 fieldsV1: 'f:metadata': 'f:annotations': .: {} 'f:kubectl.kubernetes.io/last-applied-configuration': {} 'f:spec': .: {} 'f:entityOperator': .: {} 'f:template': .: {} 'f:pod': .: {} 'f:tmpDirSizeLimit': {} 'f:tlsSidecar': .: {} 'f:resources': .: {} 'f:limits': .: {} 'f:cpu': {} 'f:memory': {} 'f:requests': .: {} 'f:cpu': {} 'f:memory': {} 'f:topicOperator': .: {} 'f:logging': .: {} 'f:loggers': .: {} 'f:rootLogger.level': {} 'f:type': {} 'f:resources': .: {} 'f:limits': .: {} 'f:cpu': {} 'f:memory': {} 'f:requests': .: {} 'f:cpu': {} 'f:memory': {} 'f:zookeeperSessionTimeoutSeconds': {} 'f:userOperator': .: {} 'f:logging': .: {} 'f:loggers': .: {} 'f:rootLogger.level': {} 'f:type': {} 'f:resources': .: {} 'f:limits': .: {} 'f:cpu': {} 'f:memory': {} 'f:requests': .: {} 'f:cpu': {} 'f:memory': {} 'f:kafka': 'f:version': {} 'f:authorization': .: {} 'f:superUsers': {} 'f:type': {} 'f:storage': .: {} 'f:type': {} 'f:volumes': {} 'f:listeners': {} 'f:logging': .: {} 'f:type': {} 'f:valueFrom': .: {} 'f:configMapKeyRef': .: {} 'f:key': {} 'f:name': {} .: {} 'f:template': .: {} 'f:pod': .: {} 'f:affinity': .: {} 'f:podAntiAffinity': .: {} 'f:preferredDuringSchedulingIgnoredDuringExecution': {} 'f:tmpDirSizeLimit': {} 'f:replicas': {} 'f:resources': .: {} 'f:limits': .: {} 'f:cpu': {} 'f:memory': {} 'f:requests': .: {} 'f:cpu': {} 'f:memory': {} 'f:metricsConfig': .: {} 'f:type': {} 'f:valueFrom': .: {} 'f:configMapKeyRef': .: {} 'f:key': {} 'f:name': {} 'f:jvmOptions': .: {} 'f:-Xms': {} 'f:-Xmx': {} 'f:config': 'f:log.retention.hours': {} 'f:transaction.state.log.min.isr': {} 'f:unclean.leader.election.enable': {} 'f:log.message.format.version': {} 'f:auto.create.topics.enable': {} .: {} 'f:offsets.topic.replication.factor': {} 'f:default.replication.factor': {} 'f:log.segment.bytes': {} 'f:log.cleaner.enable': {} 'f:min.insync.replicas': {} 'f:log.cleanup.policy': {} 'f:transaction.state.log.replication.factor': {} 'f:log.retention.bytes': {} 'f:kafkaExporter': .: {} 'f:enableSaramaLogging': {} 'f:groupRegex': {} 'f:logging': {} 'f:resources': .: {} 'f:limits': .: {} 'f:cpu': {} 'f:memory': {} 'f:requests': .: {} 'f:cpu': {} 'f:memory': {} 'f:topicRegex': {} 'f:zookeeper': .: {} 'f:jvmOptions': .: {} 'f:-Xms': {} 'f:-Xmx': {} 'f:metricsConfig': .: {} 'f:type': {} 'f:valueFrom': .: {} 'f:configMapKeyRef': .: {} 'f:key': {} 'f:name': {} 'f:replicas': {} 'f:resources': .: {} 'f:limits': .: {} 'f:cpu': {} 'f:memory': {} 'f:requests': .: {} 'f:cpu': {} 'f:memory': {} 'f:storage': .: {} 'f:class': {} 'f:deleteClaim': {} 'f:size': {} 'f:type': {} 'f:template': .: {} 'f:pod': .: {} 'f:affinity': .: {} 'f:podAntiAffinity': .: {} 'f:preferredDuringSchedulingIgnoredDuringExecution': {} 'f:tmpDirSizeLimit': {} manager: OpenAPI-Generator operation: Update time: '2024-09-12T17:19:41Z'
• apiVersion: kafka.strimzi.io/v1beta2 fieldsType: FieldsV1 fieldsV1: 'f:status': 'f:registeredNodeIds': {} 'f:clusterId': {} 'f:kafkaVersion': {} 'f:listeners': {} 'f:conditions': {} .: {} 'f:kafkaMetadataState': {} 'f:operatorLastSuccessfulVersion': {} 'f:observedGeneration': {} manager: strimzi-cluster-operator operation: Update subresource: status time: '2024-09-12T17:21:58Z' name: maskafka namespace: strimzi resourceVersion: '45256740' uid: 0019f55e-15f0-47de-a927-ece4e4750205 spec: entityOperator: template: pod: tmpDirSizeLimit: 1024Mi tlsSidecar: resources: limits: cpu: 500m memory: 128Mi requests: cpu: 200m memory: 64Mi topicOperator: logging: loggers: rootLogger.level: INFO type: inline resources: limits: cpu: 500m memory: 512Mi requests: cpu: 250m memory: 512Mi zookeeperSessionTimeoutSeconds: 30 userOperator: logging: loggers: rootLogger.level: INFO type: inline resources: limits: cpu: 500m memory: 512Mi requests: cpu: 250m memory: 512Mi kafka: config: log.cleaner.enable: true log.segment.bytes: 268435456 log.cleanup.policy: delete transaction.state.log.replication.factor: 3 min.insync.replicas: 2 unclean.leader.election.enable: true log.retention.bytes: 1073741824 log.message.format.version: 3.7.0 transaction.state.log.min.isr: 2 log.retention.hours: 24 auto.create.topics.enable: false offsets.topic.replication.factor: 3 default.replication.factor: 3 metricsConfig: type: jmxPrometheusExporter valueFrom: configMapKeyRef: key: kafka-metrics-config.yml name: kafka-metrics-config resources: limits: cpu: '2' memory: 4Gi requests: cpu: '1' memory: 4Gi version: 3.7.0 authorization: superUsers:
  • admin type: simple template: pod: affinity: podAntiAffinity: preferredDuringSchedulingIgnoredDuringExecution:
    • podAffinityTerm: labelSelector: matchExpressions:
      • key: strimzi.io/name operator: In values:
        • maskafka-kafka topologyKey: kubernetes.io/hostname weight: 100 tmpDirSizeLimit: 100Mi storage: type: jbod volumes:
  • class: gp3-csi deleteClaim: true id: 0 size: 100Gi type: persistent-claim replicas: 3 jvmOptions: '-Xms': 3072m '-Xmx': 3072m listeners:
    • authentication: type: scram-sha-512 name: tls port: 9094 tls: true type: route
    • authentication: type: scram-sha-512 name: internal networkPolicyPeers:
      • namespaceSelector: {} port: 9093 tls: true type: internal logging: type: external valueFrom: configMapKeyRef: key: kafka-log4j.properties name: kafka-logging-config kafkaExporter: enableSaramaLogging: true groupRegex: . logging: debug resources: limits: cpu: 500m memory: 128Mi requests: cpu: 200m memory: 64Mi topicRegex: . zookeeper: jvmOptions: '-Xms': 768m '-Xmx': 768m metricsConfig: type: jmxPrometheusExporter valueFrom: configMapKeyRef: key: zookeeper-metrics-config.yml name: kafka-metrics-config replicas: 3 resources: limits: cpu: '1' memory: 1Gi requests: cpu: '0.5' memory: 1Gi storage: class: gp3-csi deleteClaim: true size: 10Gi type: persistent-claim template: pod: affinity: podAntiAffinity: preferredDuringSchedulingIgnoredDuringExecution:
        • podAffinityTerm: labelSelector: matchExpressions:
          • key: strimzi.io/name operator: In values:
            • maskafka-zookeeper topologyKey: kubernetes.io/hostname weight: 100 tmpDirSizeLimit: 100Mi status: clusterId: UFi7v6iITdmKccqDWXeUOA conditions:
• lastTransitionTime: '2024-09-12T17:21:58.200971431Z' status: 'True' type: Ready
• lastTransitionTime: '2024-09-12T17:19:41.877827346Z' message: In resource Kafka(strimzi/maskafka) in API version kafka.strimzi.io/v1beta2 the tlsSidecar property at path spec.entityOperator.tlsSidecar has been deprecated. TLS sidecar was removed in Strimzi 0.41.0. This property is ignored. reason: DeprecatedFields status: 'True' type: Warning
• lastTransitionTime: '2024-09-12T17:19:41.877827346Z' message: In resource Kafka(strimzi/maskafka) in API version kafka.strimzi.io/v1beta2 the object tlsSidecar at path spec.entityOperator.tlsSidecar has been deprecated. This object has been replaced with void. reason: DeprecatedObjects status: 'True' type: Warning
• lastTransitionTime: '2024-09-12T17:19:41.877827346Z' message: In resource Kafka(strimzi/maskafka) in API version kafka.strimzi.io/v1beta2 the zookeeperSessionTimeoutSeconds property at path spec.entityOperator.topicOperator.zookeeperSessionTimeoutSeconds has been deprecated. This property is not used anymore in Strimzi 0.41.0 and it is ignored. reason: DeprecatedFields status: 'True' type: Warning kafkaMetadataState: ZooKeeper kafkaVersion: 3.7.0 listeners:
• addresses:
  • host: maskafka-kafka-bootstrap.strimzi.svc port: 9093 bootstrapServers: 'maskafka-kafka-bootstrap.strimzi.svc:9093' certificates:
  • | -----BEGIN CERTIFICATE----- MIIFLTCCAxWgAwIBAgIUPhjCJXsGiHGtppGUTEFjibOqZuYwDQYJKoZIhvcNAQEN BQAwLTETMBEGA1UECgwKaW8uc3RyaW16aTEWMBQGA1UEAwwNY2x1c3Rlci1jYSB2 MDAeFw0yNDA5MTIxNzE5NDJaFw0yNTA5MTIxNzE5NDJaMC0xEzARBgNVBAoMCmlv LnN0cmltemkxFjAUBgNVBAMMDWNsdXN0ZXItY2EgdjAwggIiMA0GCSqGSIb3DQEB AQUAA4ICDwAwggIKAoICAQC115cW38IIoRb7deLwhI6jmkjZzHRNoM3rIgNEUIzt k/SkSoI2kZCYNJjNO9DM9m0m3sO1LYZUTl2Ihx2I+iVD2V6k/JAHnKCdzuSPp1qX 9l7tTpl+A/jPtJ9Ps8+KpuU6QQycqLxs/bAmw6w11vg++5q3uNS6g+9Su2jttmHb Mo/ITyiRJoNUMezNKWWt0t58vOqu/UK773bwE4ejvjIOAfUeSRgRHi7pg+sqj7sb olkI5q0gg8hy8z0Mhwr/69mu/RydLIiN+wufsR5CyDUXXAPieHRWR2jBcwTHueTB e/6u30U/YauDwbRp4dJSZdajhtxvgEtQyrGBB7zG4i1FK694BMkCW7CKQJMcSsZv lgf+zUpyrvfpmzPyRDMaWcIMrqc7kLnjeVEuRvKRm7grNphIAYXdjWU9XSFIk8Ed PoTq9pauyo5Eyh7SCvyaTV7Kud6pklTVxJLNqmx+nB3f2yU2Z3rI6WkRWjD9y/IF kcogjBNoLeGnBwRlFxpT1UpzAEP7lgALX8MjqOHD7gVeDUvwlu1Lti1WoSzn65no jMYuq1OVMMnokQkcxTcjxFkPxo4CthxE+8YmKHAL9vi/et9Pmlv0hKMARTPKWWJH GnyMyjT7+/bMGt5VWaxsMGE3CfsV7jWSXaibnwdNN/uYIyHUTcie360vYxDTy+oh fQIDAQABo0UwQzAdBgNVHQ4EFgQUpAM7XyQt6DsFJeCRtR/WjTv1VbMwEgYDVR0T AQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQENBQADggIB AIx8HR5L1HbSt/uMI/1SOHZbH1zpNFDDx2N7ILhzeRO3OclYydBUtGuzuxrAKe7p A098QJjuJqxucjVhtuBatrgbJNSPCABSm4tOY/2+rr1oJV6H68/fFuxyZ1tDS0Q8 AjR6bDValT3rUKXqmVcNOOfAILkKj2uLo7M/3U9v8F3+OcQXPbVOxFUcrfglDE/D OzLOrf67/MUwjt90hMMSPuyPJWCGFKKkl7SS2zPx6mg4kqnHcJIIFAj08iPow90O 66YIQWOZsi6TOZWGPVR/tjcgsUNd50B96/UNW43riHYV1ZvMuiEKYLb1w0vbOxAC zyWz+9bWoLWhJX7sUX/4X9EhomFbB4xaEbCa94BxYCAZZPKno+8cR3c0TJ/48X9Z fGY3GUPQ5JPMtgeAb6FHc9bUqjcPywyucM6XTZVZoDzj6Cv+nASdaNnygP5QB4y4 nybREYlzWuYaLKTyV78My8kDW73wV7Tr5RKZPXyDwqFZPWMVnzA6Fx40L5aNfcwH 8ta1PNeUGyhNJ4Ag2iwJf7+W6cS3pJka/Dm4yZ3ezqH8oBDUV1xqyOtUvNv6g5Wj JJrjo/yVjQMwJVc9c4tIsxMf8HcE45OOY7ocQj6oy7jLZA6+SqLe83IRorY3fduo 94oUccCGK6DXl4o3fxHd63+a6WJzigZ8Z4c1yjhwxc0m -----END CERTIFICATE----- name: internal
• addresses:
  • host: maskafka-kafka-tls-bootstrap-strimzi.apps.rosa1.8a6m.p1.openshiftapps.com port: 443 bootstrapServers: 'maskafka-kafka-tls-bootstrap-strimzi.apps.rosa1.8a6m.p1.openshiftapps.com:443' certificates:
  • | -----BEGIN CERTIFICATE----- MIIFLTCCAxWgAwIBAgIUPhjCJXsGiHGtppGUTEFjibOqZuYwDQYJKoZIhvcNAQEN BQAwLTETMBEGA1UECgwKaW8uc3RyaW16aTEWMBQGA1UEAwwNY2x1c3Rlci1jYSB2 MDAeFw0yNDA5MTIxNzE5NDJaFw0yNTA5MTIxNzE5NDJaMC0xEzARBgNVBAoMCmlv LnN0cmltemkxFjAUBgNVBAMMDWNsdXN0ZXItY2EgdjAwggIiMA0GCSqGSIb3DQEB AQUAA4ICDwAwggIKAoICAQC115cW38IIoRb7deLwhI6jmkjZzHRNoM3rIgNEUIzt k/SkSoI2kZCYNJjNO9DM9m0m3sO1LYZUTl2Ihx2I+iVD2V6k/JAHnKCdzuSPp1qX 9l7tTpl+A/jPtJ9Ps8+KpuU6QQycqLxs/bAmw6w11vg++5q3uNS6g+9Su2jttmHb Mo/ITyiRJoNUMezNKWWt0t58vOqu/UK773bwE4ejvjIOAfUeSRgRHi7pg+sqj7sb olkI5q0gg8hy8z0Mhwr/69mu/RydLIiN+wufsR5CyDUXXAPieHRWR2jBcwTHueTB e/6u30U/YauDwbRp4dJSZdajhtxvgEtQyrGBB7zG4i1FK694BMkCW7CKQJMcSsZv lgf+zUpyrvfpmzPyRDMaWcIMrqc7kLnjeVEuRvKRm7grNphIAYXdjWU9XSFIk8Ed PoTq9pauyo5Eyh7SCvyaTV7Kud6pklTVxJLNqmx+nB3f2yU2Z3rI6WkRWjD9y/IF kcogjBNoLeGnBwRlFxpT1UpzAEP7lgALX8MjqOHD7gVeDUvwlu1Lti1WoSzn65no jMYuq1OVMMnokQkcxTcjxFkPxo4CthxE+8YmKHAL9vi/et9Pmlv0hKMARTPKWWJH GnyMyjT7+/bMGt5VWaxsMGE3CfsV7jWSXaibnwdNN/uYIyHUTcie360vYxDTy+oh fQIDAQABo0UwQzAdBgNVHQ4EFgQUpAM7XyQt6DsFJeCRtR/WjTv1VbMwEgYDVR0T AQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQENBQADggIB AIx8HR5L1HbSt/uMI/1SOHZbH1zpNFDDx2N7ILhzeRO3OclYydBUtGuzuxrAKe7p A098QJjuJqxucjVhtuBatrgbJNSPCABSm4tOY/2+rr1oJV6H68/fFuxyZ1tDS0Q8 AjR6bDValT3rUKXqmVcNOOfAILkKj2uLo7M/3U9v8F3+OcQXPbVOxFUcrfglDE/D OzLOrf67/MUwjt90hMMSPuyPJWCGFKKkl7SS2zPx6mg4kqnHcJIIFAj08iPow90O 66YIQWOZsi6TOZWGPVR/tjcgsUNd50B96/UNW43riHYV1ZvMuiEKYLb1w0vbOxAC zyWz+9bWoLWhJX7sUX/4X9EhomFbB4xaEbCa94BxYCAZZPKno+8cR3c0TJ/48X9Z fGY3GUPQ5JPMtgeAb6FHc9bUqjcPywyucM6XTZVZoDzj6Cv+nASdaNnygP5QB4y4 nybREYlzWuYaLKTyV78My8kDW73wV7Tr5RKZPXyDwqFZPWMVnzA6Fx40L5aNfcwH 8ta1PNeUGyhNJ4Ag2iwJf7+W6cS3pJka/Dm4yZ3ezqH8oBDUV1xqyOtUvNv6g5Wj JJrjo/yVjQMwJVc9c4tIsxMf8HcE45OOY7ocQj6oy7jLZA6+SqLe83IRorY3fduo 94oUccCGK6DXl4o3fxHd63+a6WJzigZ8Z4c1yjhwxc0m -----END CERTIFICATE----- name: tls observedGeneration: 1 operatorLastSuccessfulVersion: 0.43.0 registeredNodeIds:
• 0
• 1
• 2

  ---

  Kafkauser:

apiVersion: kafka.strimzi.io/v1beta2 kind: KafkaUser metadata: annotations: kubectl.kubernetes.io/last-applied-configuration: '{"apiVersion":"kafka.strimzi.io/v1beta2","kind":"KafkaUser","metadata":{"labels":{"strimzi.io/cluster":"maskafka"},"name":"masuser","namespace":"strimzi"},"spec":{"authentication":{"password":{"valueFrom":{"secretKeyRef":{"key":"password","name":"maskafka-credentials"}}},"type":"scram-sha-512"},"authorization":{"acls":[{"host":"","operation":"All","resource":{"name":"","patternType":"prefix","type":"topic"}},{"host":"","operation":"All","resource":{"name":"","patternType":"prefix","type":"group"}},{"host":"","operation":"All","resource":{"name":"","patternType":"prefix","type":"cluster"}},{"host":"","operation":"All","resource":{"name":"","patternType":"literal","type":"topic"}},{"host":"","operation":"All","resource":{"name":"","patternType":"literal","type":"group"}},{"host":"","operation":"All","resource":{"name":"","patternType":"literal","type":"cluster"}}],"type":"simple"}}}' resourceVersion: '45255504' name: masuser uid: 99676939-50c2-4146-b4e3-23421360f3d9 creationTimestamp: '2024-09-12T17:19:43Z' generation: 1 managedFields:

• apiVersion: kafka.strimzi.io/v1beta2 fieldsType: FieldsV1 fieldsV1: 'f:metadata': 'f:annotations': .: {} 'f:kubectl.kubernetes.io/last-applied-configuration': {} 'f:labels': .: {} 'f:strimzi.io/cluster': {} 'f:spec': .: {} 'f:authentication': .: {} 'f:password': .: {} 'f:valueFrom': .: {} 'f:secretKeyRef': .: {} 'f:key': {} 'f:name': {} 'f:type': {} 'f:authorization': .: {} 'f:acls': {} 'f:type': {} manager: OpenAPI-Generator operation: Update time: '2024-09-12T17:19:43Z'
• apiVersion: kafka.strimzi.io/v1beta2 fieldsType: FieldsV1 fieldsV1: 'f:status': .: {} 'f:conditions': {} 'f:observedGeneration': {} manager: strimzi-user-operator operation: Update subresource: status time: '2024-09-12T17:21:17Z' namespace: strimzi labels: strimzi.io/cluster: maskafka spec: authentication: password: valueFrom: secretKeyRef: key: password name: maskafka-credentials type: scram-sha-512 authorization: acls:
  • host: '' operation: All resource: name: '' patternType: prefix type: topic
  • host: '' operation: All resource: name: '' patternType: prefix type: group
  • host: '' operation: All resource: name: '' patternType: prefix type: cluster
  • host: '' operation: All resource: name: '' patternType: literal type: topic
  • host: '' operation: All resource: name: '' patternType: literal type: group
  • host: '' operation: All resource: name: '' patternType: literal type: cluster type: simple status: conditions:
• lastTransitionTime: '2024-09-12T17:21:17.797870806Z' message: 'java.util.concurrent.CompletionException: org.apache.kafka.common.errors.UnacceptableCredentialException: init() failed' reason: ExecutionException status: 'True' type: NotReady
• lastTransitionTime: '2024-09-12T17:21:17.614634760Z' message: 'In resource KafkaUser(strimzi/masuser) in API version kafka.strimzi.io/v1beta2 the operation property at path spec.authorization.acls.operation has been deprecated, and should now be configured using spec.authorization.acls[*].operations.' reason: DeprecatedFields status: 'True' type: Warning
• lastTransitionTime: '2024-09-12T17:21:17.614634760Z' message: 'Resource KafkaUser(strimzi/masuser) contains object at path spec.authorization.acls.resource with unknown properties: name, patternType' reason: UnknownFields status: 'True' type: Warning observedGeneration: 1

Steps to reproduce

No response

Expected behavior

No response

Strimzi version

0.43.0

Kubernetes version

kubernetes v1.29/openshift 4.14

Installation method

YAML File

Infrastructure

AWS ROSA

Configuration files and logs

No response

Additional context

No response

[sonukumar0205]

Below is the secret that is getting created but kafkauser is not able to take those secrets:

kind: Secret apiVersion: v1 metadata: name: maskafka-credentials namespace: strimzi uid: 08ca0efd-428a-4815-ba75-44283e2fc87d resourceVersion: '45252109' annotations: kubectl.kubernetes.io/last-applied-configuration: '{"apiVersion":"v1","data":{"password":"MDQxMjNxeWtrYng1M2Z2cA==","username":"bWFzdXNlcg=="},"kind":"Secret","metadata":{"name":"maskafka-credentials","namespace":"strimzi"},"type":"Opaque"}' managedFields:

• manager: OpenAPI-Generator operation: Update apiVersion: v1 time: '2024-09-12T17:19:43Z' fieldsType: FieldsV1 fieldsV1: 'f:data': .: {} 'f:password': {} 'f:username': {} 'f:metadata': 'f:annotations': .: {} 'f:kubectl.kubernetes.io/last-applied-configuration': {} 'f:type': {} data: password: MDQxMjNxeWtrYng1M2Z2cA== username: bWFzdXNlcg== type: Opaque