Found no example in the official repo https://github.com/apache/kafka/tree/trunk/docker/examples
Trying to set up Authentication on a docker-compose kafka raft cluster using official apache/kafka:3.7.0 docker image using SASL_PLAINTEXT SCRAM-SHA-256.
But cannot find a way to format log before startup of the brokers correctly using kafka-storage.sh command.
The command takes these parameters :
kafka-storage format [-h] --config CONFIG --cluster-id CLUSTER_ID --add-scram SCRAM_CREDENTIAL --release-version RELEASE_VERSION] --ignore-formatted]
However checking apache kafka repository we can see in https://github.com/apache/kafka/blob/trunk/docker/jvm/launch that a wrapper is used to format logs
# Invoke the docker wrapper to setup property files and format storage result=$(/opt/kafka/bin/kafka-run-class.sh kafka.docker.KafkaDockerWrapper setup --default-configs-dir /etc/kafka/docker --mounted-configs-dir /mnt/shared/config --final-configs-dir /opt/kafka/config 2>&1) || echo $result | grep -i "already formatted" || { echo $result && (exit 1) }
Here is the script related to the wrapper https://github.com/apache/kafka/blob/trunk/core/src/main/scala/kafka/docker/KafkaDockerWrapper.scala
private[docker] def formatStorageCmd(configsPath: Path, env: Map[String, String]): Array[String] = { val clusterId = env.get("CLUSTER_ID") match { case Some(str) => str case None => throw new RuntimeException("CLUSTER_ID environment variable is not set.") } Array("format", "--cluster-id=" + clusterId, "-c", s"${configsPath.toString}/server.properties") }
Seems it does not allow to use the –add-scarm parameter.
Tried to sed this the launch file to add a –add-scram parameter the wrapper does not allow this parameter. To me it should be added for the formatting to work well before startup but maybe I am missing something (–add-scram parameter parsed there some maybe just an issue of parameter forwarding from the wrapper https://github.com/apache/kafka/blob/trunk/core/src/main/scala/kafka/tools/StorageTool.scala).
Was anyone able to set-up SASL_PLAINTEXT with SRAM-SHA-256 Authentication using official kafka docker image ?
Tried to:
- sed the launch file https://github.com/apache/kafka/blob/trunk/docker/jvm/launch in order to add –add-scram ‘SCRAM-SHA-256=[name=admin,password=admin-secret]’ in the wrapper parameter but didn’t work
- sed the launch file to format the logs before / after with the kafka-storage.sh format command but didn’t work (Getting auth exception when trying to publish messages from a consumer).
Tarkhog is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.