Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[bitnami/schema-registry] SASL_SSL is not working #70483

Closed
miguelbirdie opened this issue Aug 1, 2024 · 3 comments · May be fixed by #71059
Closed

[bitnami/schema-registry] SASL_SSL is not working #70483

miguelbirdie opened this issue Aug 1, 2024 · 3 comments · May be fixed by #71059
Assignees
@dgomezleon
Labels
schema-registry solved stale 15 days without activity tech-issues The user has a technical issue about an application

Comments

@miguelbirdie
Copy link

Name and Version

bitnami/schema-registry

What architecture are you using?

None

What steps will reproduce the bug?

  1. Having the following configuration for schema registry
          - name: SCHEMA_REGISTRY_KAFKA_BROKERS
          value: SASL_SSL://b-1:9096,SASL_SSL://b-2:9096,SASL_SSL://b-3:9096
        - name: SCHEMA_REGISTRY_KAFKA_SASL_MECHANISM
          value: SCRAM-SHA-512
        - name: SCHEMA_REGISTRY_KAFKA_SASL_USERS
          value: confluent-registry
        - name: SCHEMA_REGISTRY_KAFKA_SASL_PASSWORDS
          value: password
        - name: SCHEMA_REGISTRY_LISTENERS
          value: http://0.0.0.0:8081
        - name: SCHEMA_REGISTRY_AVRO_COMPATIBILY_LEVEL
          value: NONE
        - name: SCHEMA_REGISTRY_HEAP_OPTS
          value: -XX:InitialRAMPercentage=80.0 -XX:MaxRAMPercentage=80.0
        - name: SCHEMA_REGISTRY_JVM_PERFORMANCE_OPTS
          value: -XX:MetaspaceSize=96m -XX:+UseG1GC -XX:MaxGCPauseMillis=20 -XX:InitiatingHeapOccupancyPercent=35
            -XX:G1HeapRegionSize=16M -XX:MinMetaspaceFreeRatio=50 -XX:MaxMetaspaceFreeRatio=80
        - name: SCHEMA_REGISTRY_JMX_OPTS
          value: -javaagent:/opt/jmx_prometheus_javaagent.jar=5556:/etc/jmx-schema-registry/jmx-schema-registry-prometheus.yml
            -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.authenticate=false
            -Dcom.sun.management.jmxremote.ssl=false
        image: bitnami/schema-registry:7.6.2
  1. We are getting this issue:
In order to configure the TLS encryption for communication with Kafka brokers, you must mount your schema-registry.keystore.jks and schema-registry.truststore.jks certificates to the /opt/bitnami/schema-registry/certs directory.

What is the expected behavior?

This configuration has been tested with confluentic docker image and it works. keystore is not needed for SASL_SSL

What do you see instead?

keystore is required

Additional information

I've tested this using Kafka in AWS MSK
@miguelbirdie miguelbirdie added the tech-issues The user has a technical issue about an application label Aug 1, 2024
@github-actions github-actions bot added the triage Triage is needed label Aug 1, 2024
@miguelbirdie miguelbirdie changed the title SASL_SSL failing Schema Registry - SASL_SSL is not working Aug 1, 2024
@miguelbirdie miguelbirdie changed the title Schema Registry - SASL_SSL is not working [bitnami/schema-registry]- SASL_SSL is not working Aug 1, 2024
@miguelbirdie miguelbirdie changed the title [bitnami/schema-registry]- SASL_SSL is not working [bitnami/schema-registry] SASL_SSL is not working Aug 1, 2024
@github-actions github-actions bot assigned dgomezleon and unassigned javsalgar Aug 5, 2024
@github-actions github-actions bot removed the triage Triage is needed label Aug 5, 2024
@dgomezleon
Copy link
Member

Thank you for bringing this issue to our attention. Since it seems you are familiar with the cause of the error, would you like to create a PR to implement a solution? The Bitnami team will be excited to review your submission and offer feedback. You can find the contributing guidelines here.

Your contribution will greatly benefit the community. Feel free to reach out if you have any questions or need assistance.

@masfworld masfworld mentioned this issue Aug 20, 2024
Open
@github-actions GitHub Actions
Copy link

This Issue has been automatically marked as "stale" because it has not had recent activity (for 15 days). It will be closed if no further activity occurs. Thanks for the feedback.

@github-actions github-actions bot added the stale 15 days without activity label Aug 22, 2024
@github-actions GitHub Actions
Copy link

Due to the lack of activity in the last 5 days since it was marked as "stale", we proceed to close this Issue. Do not hesitate to reopen it later if necessary.

@bitnami-bot bitnami-bot closed this as not planned Won't fix, can't repro, duplicate, stale Aug 27, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dgomezleon dgomezleon

Labels
schema-registry solved stale 15 days without activity tech-issues The user has a technical issue about an application
Projects
None yet
Milestone
No milestone
4 participants
@javsalgar @dgomezleon @bitnami-bot @miguelbirdie