librd Kafka config settings for kerberos authentication

Question

My target cluster is kerberos enabled. From the console, the producer connection is working.

./kafka-console-producer.sh --broker-list targetHost:port --topic test --producer.config /path/to/client.properties

I have added below entry in my bash_profile to pass jaas.conf and krb5.conf

export KAFKA_OPTS="-Djava.security.auth.login.config=/path/to/jaas.conf -Djava.security.krb5.conf=/path/to/krb5.conf"

Here is the client.properties settings.

security.protocol=SASL_PLAINTEXT

sasl.kerberos.service.name=kafka

I am using librdkafka to produce the messages to Kafka and configured security.protocol and sasl.kerberos.service.name for kafka configmap object. But the connection is not happening.

How do I integrate jaas.conf and krb5.conf through GoLang.

Error:

[thrd:sasl_plaintext://targetHost:port/bootstrap]: sasl_plaintext://targetHost:port/bootstrap: Failed to initialize SASL authentication: SASL handshake failed (start (-1)): SASL(-1): generic failure: GSSAPI Error: Miscellaneous failure (see text (Server (kafka/targetHost) unknown while looking up 'targetHost' (cached result, timeout in 128 sec)

Answer 1

This has been resolved after adding the below environment variable.

export KRB5_CONFIG="/path/to/krb5.conf

Additionally added the below kafka config option

sasl.kerberos.keytab: /path/to/keytab/file.keytab