Support Article
Unable to connect to Kafka cluster using Data-Admin-Kafka
SA-67645
Summary
Error occurs when connecting to a Kafka cluster using the out-of-the-box Data-Admin-Kafka functionality. This occurs after updating the JAAS files on the application server and following all configuration in the Pega application.
Error Messages
On Rule Form:
This record has 1 error(s) in 1 place(s) .
—
Error connecting to Kafka. Failed to construct kafka consumer. java.lang.IllegalArgumentException: No serviceName defined in either JAAS or Kafka config. No serviceName defined in either JAAS or Kafka config
com.pega.dsm.dnode.impl.dataset.kafka.KafkaConnectivityException: Error connecting to Kafka
at com.pega.dsm.dnode.impl.dataset.kafka.KafkaConnectivityChecker.checkConnectivity(KafkaConnectivityChecker.java:20) ~[dnode-7.3.1.jar:?]
at com.pegarules.generated.activity.ra_action_validate_9bd6f9fc9d1aa379ae710d084aeee710.step4_circum0(ra_action_validate_9bd6f9fc9d1aa379ae710d084aeee710.java:394) ~[?:?]
at com.pegarules.generated.activity.ra_action_validate_9bd6f9fc9d1aa379ae710d084aeee710.perform(ra_action_validate_9bd6f9fc9d1aa379ae710d084aeee710.java:121) ~[?:?]
Caused by: java.lang.IllegalArgumentException: No serviceName defined in either JAAS or Kafka config
at org.apache.kafka.common.security.kerberos.KerberosLogin.getServiceName(KerberosLogin.java:298) ~[kafka-clients-0.11.0.1.jar:?]
at org.apache.kafka.common.security.kerberos.KerberosLogin.configure(KerberosLogin.java:87) ~[kafka-clients-0.11.0.1.jar:?]
at org.apache.kafka.common.security.authenticator.LoginManager.<init>(LoginManager.java:53) ~[kafka-clients-0.11.0.1.jar:?]
at org.apache.kafka.common.security.authenticator.LoginManager.acquireLoginManager(LoginManager.java:83) ~[kafka-clients-0.11.0.1.jar:?]
at org.apache.kafka.common.network.SaslChannelBuilder.configure(SaslChannelBuilder.java:90) ~[kafka-clients-0.11.0.1.jar:?]
at org.apache.kafka.common.network.ChannelBuilders.create(ChannelBuilders.java:112) ~[kafka-clients-0.11.0.1.jar:?]
at org.apache.kafka.common.network.ChannelBuilders.clientChannelBuilder(ChannelBuilders.java:58) ~[kafka-clients-0.11.0.1.jar:?]
at org.apache.kafka.clients.ClientUtils.createChannelBuilder(ClientUtils.java:88) ~[kafka-clients-0.11.0.1.jar:?]
at org.apache.kafka.clients.consumer.KafkaConsumer.<init>(KafkaConsumer.java:695) ~[kafka-clients-0.11.0.1.jar:?]
at org.apache.kafka.clients.consumer.KafkaConsumer.<init>(KafkaConsumer.java:633) ~[kafka-clients-0.11.0.1.jar:?]
at org.apache.kafka.clients.consumer.KafkaConsumer.<init>(KafkaConsumer.java:615) ~[kafka-clients-0.11.0.1.jar:?]
at com.pega.dsm.dnode.impl.dataset.kafka.KafkaInstanceImplementation.getConsumer(KafkaInstanceImplementation.java:340) ~[dnode-7.3.1.jar:?]
at com.pega.dsm.dnode.impl.dataset.kafka.KafkaInstanceImplementation.getConsumer(KafkaInstanceImplementation.java:24) ~[dnode-7.3.1.jar:?]
at com.pega.dsm.dnode.impl.dataset.kafka.KafkaConnectivityChecker.checkConnectivity(KafkaConnectivityChecker.java:16) ~[dnode-7.3.1.jar:?]
Steps to Reproduce
- Create a Kafka configuration instance and fill out the information: Host, SSL configuration, Authentication = Kerberos
- Add a keytab file to the wsjaas.conf directory in which the file is.
- Update the wsjaas.conf file on the application server with the below setting:
KafkaClient {
com.ibm.security.auth.module.Krb5LoginModule required
useKeyTab = "/etc/security/keytabs/kafka_server.keytab"
principal= "kafka/kafka1.[email protected]";
};
- Save the Data-Admin-Kafka instance.
Root Cause
A defect or configuration issue in the operating environment.
The keyword portion of the principal and the security protocol were not provided to the Pega engine.
Resolution
Add the below Dynamic System Settings (DSS) entries in the prconfig file to set the Consumer and Producer properties:
<pegarules>
....
<!-- Kerberized Kafka settings -->
<env name="security.protocol" value="SASL_SSL" />
<env name="sasl.kerberos.service.name" value="kafka" />
</pegarules>
Published December 2, 2018 - Updated October 8, 2020
Have a question? Get answers now.
Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.