0

代理在启动时失败,我可以看到以下错误:

INFO Registered kafka:type=kafka.Log4jController MBean (kafka.utils.Log4jControllerRegistration$)
ERROR ClassNotFoundException exception occurred: io.confluent.kafka.security.config.provider.SecurePassConfigProvider (kafka.server.KafkaConfig)
INFO Registered kafka:type=kafka.Log4jController MBean (kafka.utils.Log4jControllerRegistration$)
ERROR ClassNotFoundException exception occurred: io.confluent.kafka.security.config.provider.SecurePassConfigProvider (kafka.server.KafkaConfig)
INFO Registered kafka:type=kafka.Log4jController MBean (kafka.utils.Log4jControllerRegistration$)
ERROR ClassNotFoundException exception occurred: io.confluent.kafka.security.config.provider.SecurePassConfigProvider (kafka.server.KafkaConfig)
INFO Registered kafka:type=kafka.Log4jController MBean (kafka.utils.Log4jControllerRegistration$)
ERROR ClassNotFoundException exception occurred: io.confluent.kafka.security.config.provider.SecurePassConfigProvider (kafka.server.KafkaConfig)
INFO Registered kafka:type=kafka.Log4jController MBean (kafka.utils.Log4jControllerRegistration$)
INFO KafkaConfig values:
----------------------------

我对文件中的一个属性(即ssl.truststore.password)进行了秘密设置,server.properties并尝试重新启动服务器并观察到上述错误。

任何帮助,将不胜感激。谢谢!!!

---server.properties---
##
ssl.truststore.password = ${securepass:/home/secret/secrets.txt:server.properties/ssl.truststore.password}

config.providers = securepass
config.providers.securepass.class = io.confluent.kafka.security.config.provider.SecurePassConfigProvider

Confluent Community version used - 5.5.2

4

1 回答 1

1

Confluent Platform 5.5.2的社区版没有这个类...

$ find ./confluent-5.5.2 -name 'kafka-client-plugins*.jar'

在此处下载文件并确保它位于 Kafka 代理类路径中,例如,/usr/share/java/kafka如果直接安装到操作系统或share/java/kafkaConfluent tarball 的文件夹中。

https://packages.confluent.io/maven/io/confluent/kafka-client-plugins/5.5.2-ce/kafka-client-plugins-5.5.2-ce.jar

已验证

$ jar -tf kafka-client-plugins-5.5.2-ce.jar| grep SecurePassConfigProvider
io/confluent/kafka/security/config/provider/SecurePassConfigProvider.class

总体而言,如果有人对您的代理具有文件系统访问权限,那么您将遇到更大的问题,并且通过直接引用另一个文件来隐藏文件是不“安全的”

于 2022-01-14T17:22:18.557 回答