Reputation: 21
Erlang SASL GSSAPI error: Cannot contact any KDC for realm
Sorry, if I'm not providing the right detail, I'm fairly new at this and it's the first time I'm trying to consume from kafka through kerberos authentication. I'm using the brod_gssapi ([https://github.com/kafka4beam/brod_gssapi.git]) so that I can connect with Brod to kafka using sasl gssapi authentication. The code is running under red hat linux 7.9.
That realm is defined under my krb5.conf, which is located under /etc I have also set this environment variable: export KAFKA_OPTS="-Djava.security.krb5.conf=/etc/krb5.conf"
I have also installed the proper dependencies to use with brod_gssapi: cyrus-sasl-devel, cyrus-sasl-libs, cyrus-sasl-gssapi, krb5-devel krb5-libs
Do I need to load this file somewhere else?
These are the line of codes that I'm currently running in erlang:
Config =
[
{ssl, true},
{sasl, {callback, brod_gssapi, {gssapi, <<"FileKeytab.keytab">>, <<"[email protected]">>}}}
].
Args =
[
{bootstrap_endpoints, [{"server_name", port}]},
{topic, <<"topic_name">>},
{partition, all},
{config, Config},
{begin_offset, latest},
{client_id, test_kafka}
].
Bootstrap_endpoints = proplists:get_value(bootstrap_endpoints, Args),
Topic = proplists:get_value(topic, Args),
Config = proplists:get_value(config, Args),
Partition = proplists:get_value(partition, Args),
Begin_offset = proplists:get_value(begin_offset, Args),
Client_id = proplists:get_value(client_id, Args).
{ok, _} = application:ensure_all_started(brod).
ok = application:load(brod_gssapi).
application:set_env(brod_gssapi,default_handshake_vsn,1).
ok = brod:start_client(Bootstrap_endpoints, Client_id, Config).
After running the last line of code, I get the error below: The realm BELLDEV.DEV.BCE.CA is defined under the krb5.conf file. Any insight you might have would really help.
Thank you!
{{sasl_auth_error,{sasl_fail,<<"SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Cannot contact any KDC for realm 'BELLDEV.DEV.BCE.CA')">>}},
[{kpro_sasl,auth,7,
[{file,"/home/med/bm/ossfm/server/fm/_build/default/lib/kafka_protocol/src/kpro_sasl.erl"},
{line,43}]},
{kpro_connection,init_connection,2,
[{file,"/home/med/bm/ossfm/server/fm/_build/default/lib/kafka_protocol/src/kpro_connection.erl"},
{line,240}]},
{kpro_connection,init,4,
[{file,"/home/med/bm/ossfm/server/fm/_build/default/lib/kafka_protocol/src/kpro_connection.erl"},
{line,170}]},
{proc_lib,init_p_do_apply,3,[{file,"proc_lib.erl"},{line,247}]}]}}],
[{brod_client,ensure_metadata_connection,1,
[{file,"/home/med/bm/ossfm/server/fm/_build/default/lib/brod/src/brod_client.erl"},
{line,554}]},
{brod_client,handle_info,2,
[{file,"/home/med/bm/ossfm/server/fm/_build/default/lib/brod/src/brod_client.erl"},
{line,300}]},
{gen_server,try_dispatch,4,[{file,"gen_server.erl"},{line,616}]},
{gen_server,handle_msg,6,[{file,"gen_server.erl"},{line,686}]},
{proc_lib,init_p_do_apply,3,[{file,"proc_lib.erl"},{line,247}]}]}
Upvotes: 1
Views: 234
Answers (0)
Related Questions
- kinit: Cannot find KDC for realm
- SASL GSSAPI: ldap_sasl_interactive_bind : Other error (80) no credentials supplied
- Rundeck Node Authentication with domain account
- kpasswd - Cannot contact any KDC for requested realm changing password
- Cowboy POST handler
- cowboy for REST based services using mongoDB. Getting the error BSON value to JSON conversion
- Hue Beeswax / HCat no longer working (kerberos default user) after migration to HDP2.2
- erlang-sqlite3 sqlite3:table_info error
- Erlang: What are strategies for dealing with huge SASL crash reports?