zookeeper设置了ACL,kafka操作节点(NoAuth)
kafka
zookeeper所有节点都通过以下方式设置了ACL
1)增加一个认证用户
addauth digest 用户名:密码明文
eg. addauth digest user1:password1
2)设置权限
setAcl /path auth:用户名:密码明文:权限
eg. setAcl /test auth:user1:password1:cdrwa
zookeeper日志
2018-02-26 13:40:55,262 [myid:] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:NIOServerCnxnFactory@192] - Accepted socket connection from /10.33.46.133:41572
2018-02-26 13:40:55,267 [myid:] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:ZooKeeperServer@942] - Client attempting to establish new session at /10.33.46.133:41572
2018-02-26 13:40:55,268 [myid:] - INFO [SyncThread:0:ZooKeeperServer@687] - Established session 0x161d08851fb0002 with negotiated timeout 6000 for client /10.33.46.133:41572
2018-02-26 13:40:55,279 [myid:] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:SaslServerCallbackHandler@120] - Successfully authenticated client: authenticationID=hosp; authorizationID=hosp.
2018-02-26 13:40:55,279 [myid:] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:SaslServerCallbackHandler@136] - Setting authorizedID: hosp
2018-02-26 13:40:55,279 [myid:] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:ZooKeeperServer@1038] - adding SASL authorization for authorizationID: hosp
2018-02-26 13:40:55,320 [myid:] - INFO [ProcessThread(sid:0 cport:2181)::PrepRequestProcessor@486] - Processed session termination for sessionid: 0x161d08851fb0002
2018-02-26 13:40:55,321 [myid:] - INFO [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:NIOServerCnxn@1044] - Closed socket connection for client /10.33.46.133:41572 which had sessionid 0x161d08851fb0002
kafka日志
[2018-02-26 13:40:55,274] INFO zookeeper state changed (SyncConnected) (org.I0Itec.zkclient.ZkClient)
[2018-02-26 13:40:55,284] INFO zookeeper state changed (SaslAuthenticated) (org.I0Itec.zkclient.ZkClient)
[2018-02-26 13:40:55,312] FATAL Fatal error during KafkaServer startup. Prepare to shutdown (kafka.server.KafkaServer)
org.I0Itec.zkclient.exception.ZkException: org.apache.zookeeper.KeeperException$NoAuthException: KeeperErrorCode = NoAuth for /cluster/id
at org.I0Itec.zkclient.exception.ZkException.create(ZkException.java:68)
at org.I0Itec.zkclient.ZkClient.retryUntilConnected(ZkClient.java:1001)
at org.I0Itec.zkclient.ZkClient.readData(ZkClient.java:1100)
at org.I0Itec.zkclient.ZkClient.readData(ZkClient.java:1095)
at kafka.utils.ZkUtils.readDataMaybeNull(ZkUtils.scala:660)
at kafka.utils.ZkUtils.getClusterId(ZkUtils.scala:278)
at kafka.server.KafkaServer.getOrGenerateClusterId(KafkaServer.scala:347)
at kafka.server.KafkaServer.startup(KafkaServer.scala:194)
at kafka.server.KafkaServerStartable.startup(KafkaServerStartable.scala:38)
at kafka.Kafka$.main(Kafka.scala:65)
at kafka.Kafka.main(Kafka.scala)
Caused by: org.apache.zookeeper.KeeperException$NoAuthException: KeeperErrorCode = NoAuth for /cluster/id
at org.apache.zookeeper.KeeperException.create(KeeperException.java:113)
at org.apache.zookeeper.KeeperException.create(KeeperException.java:51)
at org.apache.zookeeper.ZooKeeper.getData(ZooKeeper.java:1212)
at org.apache.zookeeper.ZooKeeper.getData(ZooKeeper.java:1241)
at org.I0Itec.zkclient.ZkConnection.readData(ZkConnection.java:125)
at org.I0Itec.zkclient.ZkClient$12.call(ZkClient.java:1104)
at org.I0Itec.zkclient.ZkClient$12.call(ZkClient.java:1100)
at org.I0Itec.zkclient.ZkClient.retryUntilConnected(ZkClient.java:991)
... 9 more
[2018-02-26 13:40:55,315] INFO shutting down (kafka.server.KafkaServer)