0

我正在尝试使用confluent-kafka-dotnet创建一个 dockerfile,它是一个 kafka 客户端。它必须使用 Kerberos 密钥表进行连接,因此我已经阅读了这个 Github wiki

这是我的码头文件:

# ---- dotnet build stage ----
FROM mcr.microsoft.com/dotnet/core/sdk:3.1 as build

ARG BUILDCONFIG=RELEASE
ARG VERSION=1.0.0

# Installing dependencies for li
RUN apt-get update && apt-get install libsasl2-modules-gssapi-mit libsasl2-dev unzip build-essential -y

COPY ./lib/ /
RUN unzip librdkafka-1.4.4.zip && \
    cd librdkafka-1.4.4 && \
    ./configure && \
    make && \
    make install

WORKDIR /build/

COPY ./DashboardServer/DashboardServer.csproj ./DashboardServer.csproj
RUN dotnet nuget add source https://ci.appveyor.com/nuget/docker-dotnet-hojfmn6hoed7 && \
    dotnet restore ./DashboardServer.csproj

COPY ./DashboardServer ./

RUN dotnet build && dotnet publish ./DashboardServer.csproj -c ${BUILDCONFIG} -o out /p:Version=${VERSION}

# ---- final stage ----

FROM ubuntu:20.04

LABEL Maintainer=""

ENV PROGRAM_HOME=/opt/DashboardServer
ENV ASPNETCORE_ENVIRONMENT=Production

RUN apt-get update && \
    apt-get install -y wget && wget https://packages.microsoft.com/config/ubuntu/19.10/packages-microsoft-prod.deb -O packages-microsoft-prod.deb && \
    dpkg --purge packages-microsoft-prod && dpkg -i packages-microsoft-prod.deb && \
    apt-get update && \
    apt-get install aspnetcore-runtime-3.1 curl -y

RUN export DEBIAN_FRONTEND=noninteractive && apt-get install libsasl2-modules-gssapi-mit libsasl2-dev -y krb5-user

# Kafka SASL directory (keytab is placed here)
RUN mkdir /sasl/

ENV KEYTAB_LOCATION=/sasl/dashboards.service.keytab

COPY --from=build /build/out ${PROGRAM_HOME}

# Copy necessary scripts + configuration
COPY scripts /tmp/
RUN chmod +x /tmp/*.sh && \
    mv /tmp/* /usr/bin && \
    rm -rf /tmp/*

CMD [ "docker-entrypoint.sh" ]

我的 C# 消费者配置代码如下:

var consumerConfig = new ConsumerConfig {
                GroupId = "command-server" + KafkaHelpers.Servername,
                BootstrapServers = KafkaHelpers.BootstrapServers,
                AutoOffsetReset = AutoOffsetReset.Latest,
                SecurityProtocol = SecurityProtocol.SaslPlaintext,
                SaslKerberosServiceName = "kafka",
                SaslKerberosKeytab = Environment.GetEnvironmentVariable("KEYTAB_LOCATION"),
                SaslKerberosPrincipal = "dashboardserver/<<IPAddress>>"
            };

但是当我启动我的客户端时出现以下异常

Unhandled exception. Unhandled exception. System.InvalidOperationException: No provider for SASL 
mechanism GSSAPI: recompile librdkafka with libsasl2 or openssl support. Current build options: PLAIN SASL_SCRAM OAUTHBEARER

任何人都可以帮助我或指出我正确的方向吗?我在 GitHub 上找到了这个,但我似乎无法让它工作。

我不知道如何一步一步安装librdkafka。

4

1 回答 1

0

confluent-kafka-dotnet 依赖于 librdkafka.redist,默认情况下从那里加载 librdkafka。librdkafka.redist 中的构建缺乏对大多数平台的 SASL/GSSAPI 支持(由于 libsasl2 及其所有支持库的依赖性问题),因此您构建自己的 librdkafka 版本的方法是正确的,但您需要告诉 confluent- kafka-dotnet 加载您构建的 librdkafka 而不是 librdkafka.redist 的构建,您可以通过调用

Confluent.Kafka.Library.Load("/usr/local/lib/librdkafka.so");

在调用任何其他 confluent-kafka-dotnet API 之前。

于 2020-07-22T06:34:29.930 回答