Kafka publish to broker error

Rez_S · November 21, 2024, 12:46pm

Hi.

I developed an ignition module that connects to the Kafka Broker(Confluent.io) and publishes messages to the topics. but get this errors:

[Producer clientId=producer-1] Connection to node -1 (bootstrap_server:9092) terminated during authentication. This may happen due to any of the following reasons: (1) Authentication failed due to invalid credentials with brokers older than 1.0.0, (2) Firewall blocking Kafka TLS traffic (eg it may only allow HTTPS traffic), (3) Transient network issue.

do I need to use truststore and keystore?

PGriffith · November 21, 2024, 4:15pm

This seems entirely like a problem between your code and your Kafka server.

We have a first party Kafka client module coming in 8.3, for what it's worth.

pturmel · November 21, 2024, 5:10pm

Pssst! That's a terrible topic title--making our eyes glaze will not attract attention from helpful people.

Rez_S · November 21, 2024, 7:35pm

I am so sorry! and thank you for correcting the title

Rez_S · November 21, 2024, 7:38pm

Oh, nice! that's good news.
but as this is a custom module, I was wondering what part could be wrong @PGriffith
this is my Kafka producer config:

 put("bootstrap.servers", settingsRecord.getKafkaServer());
            put("sasl.jaas.config", String.format("org.apache.kafka.common.security.plain.PlainLoginModule required username='%s' password='%s';", settingsRecord.getSaslUsername(), settingsRecord.getSaslPassword()));
            put("client.dns.lookup", "use_all_dns_ips");
            put("session.timeout.ms", 45000);
            put("acks", "all");
            put("security.protocol", "SASL_SSL");
            put("sasl.mechanism", "PLAIN");

could it be, that port 9092 is not open on the server ignition is running on?

PGriffith · November 21, 2024, 9:09pm

I dunno, maybe?

My point is you're connecting a client you're authoring to a server you own/control. Ignition has ~nothing to do with this process. You're making an outbound connection, so Ignition's ports (which you're in control of also) are almost certainly not relevant unless Kafka works in some particularly weird way.

jimender2 · December 2, 2024, 5:55am

Might be worth checking this out. I know when we did implemented kafka (not in the above code), we did have to provide references to the correct trust stores and keystores.