Apache Kafka with Strimzi operator on Openshift - cannot connect

5/16/2019

I've been following this tutorial step by step to set up Kafka on Openshift using the strmizi operator:

https://developers.redhat.com/blog/2018/10/29/how-to-run-kafka-on-openshift-the-enterprise-kubernetes-with-amq-streams/

but instead of the sample application I prepared my own, very simple Kafka producer. Here is the code:

@RestController
@RequestMapping("/kafka")
public class KafkaController {

    @GetMapping
    public void ok(){
        final Properties props = new Properties();
        props.put("bootstrap.servers", "my-cluster-kafka-bootstrap-kafka-test.ocapp-pg.domain.com:443");
        props.put("acks", "all");
        props.put("retries", 0);
        props.put("batch.size", 16384);
        props.put("linger.ms", 1);
        props.put("key.serializer", "org.apache.kafka.common.serialization.StringSerializer");
        props.put("value.serializer", "org.apache.kafka.common.serialization.StringSerializer");

        props.put("security.protocol", "SSL");
        props.put("ssl.keystore.location", "src/main/resources/keystore.jks");
        props.put("ssl.keystore.password", "password");
        props.put("ssl.truststore.location", "src/main/resources/keystore.jks");
        props.put("ssl.truststore.password", "password");

        try (final Producer<String, String> producer = new KafkaProducer<>(props)) {
            while (true) {
                final String date = new Date().toString();
                System.out.println("Sending message: " + date);
                producer.send(new ProducerRecord<>("tag-topic", "date", date));
                Thread.sleep(2000);
            }
        } catch (InterruptedException e) {
            e.printStackTrace();
        }
    }
}

When trying to send messages to kafka this is what I get in the logs:

2019-05-16 19:55:13.960 DEBUG 21476 --- [ad | producer-1] org.apache.kafka.clients.NetworkClient   : [Producer clientId=producer-1] Initiating connection to node my-cluster-kafka-2-kafka-test.ocapp-pg.domain.com:443 (id: 2 rack: )
2019-05-16 19:55:14.037 DEBUG 21476 --- [ad | producer-1] o.apache.kafka.common.network.Selector   : [Producer clientId=producer-1] Created socket with SO_RCVBUF = 32768, SO_SNDBUF = 131072, SO_TIMEOUT = 0 to node 2
2019-05-16 19:55:14.038 DEBUG 21476 --- [ad | producer-1] org.apache.kafka.clients.NetworkClient   : [Producer clientId=producer-1] Completed connection to node 2. Fetching API versions.
2019-05-16 19:55:14.111 DEBUG 21476 --- [ad | producer-1] o.apache.kafka.common.network.Selector   : [Producer clientId=producer-1] Connection with my-cluster-kafka-2-kafka-test.ocapp-pg.domain.com/52.215.40.40 disconnected

java.io.EOFException: EOF during handshake, handshake status is NEED_UNWRAP
    at org.apache.kafka.common.network.SslTransportLayer.handshakeUnwrap(SslTransportLayer.java:489) ~[kafka-clients-2.0.1.jar:na]
    at org.apache.kafka.common.network.SslTransportLayer.doHandshake(SslTransportLayer.java:337) ~[kafka-clients-2.0.1.jar:na]
    at org.apache.kafka.common.network.SslTransportLayer.handshake(SslTransportLayer.java:264) ~[kafka-clients-2.0.1.jar:na]
    at org.apache.kafka.common.network.KafkaChannel.prepare(KafkaChannel.java:125) ~[kafka-clients-2.0.1.jar:na]
    at org.apache.kafka.common.network.Selector.pollSelectionKeys(Selector.java:489) [kafka-clients-2.0.1.jar:na]
    at org.apache.kafka.common.network.Selector.poll(Selector.java:427) [kafka-clients-2.0.1.jar:na]
    at org.apache.kafka.clients.NetworkClient.poll(NetworkClient.java:510) [kafka-clients-2.0.1.jar:na]
    at org.apache.kafka.clients.producer.internals.Sender.run(Sender.java:239) [kafka-clients-2.0.1.jar:na]
    at org.apache.kafka.clients.producer.internals.Sender.run(Sender.java:163) [kafka-clients-2.0.1.jar:na]
    at java.lang.Thread.run(Thread.java:748) [na:1.8.0_201]

2019-05-16 19:55:14.112 DEBUG 21476 --- [ad | producer-1] org.apache.kafka.clients.NetworkClient   : [Producer clientId=producer-1] Node 2 disconnected.
2019-05-16 19:55:14.112  WARN 21476 --- [ad | producer-1] org.apache.kafka.clients.NetworkClient   : [Producer clientId=producer-1] Connection to node 2 terminated during authentication. This may indicate that authentication failed due to invalid credentials.
2019-05-16 19:55:14.112 DEBUG 21476 --- [ad | producer-1] org.apache.kafka.clients.NetworkClient   : [Producer clientId=producer-1] Give up sending metadata request since no node is available
2019-05-16 19:55:14.162 DEBUG 21476 --- [ad | producer-1] org.apache.kafka.clients.NetworkClient   : [Producer clientId=producer-1] Give up sending metadata request since no node is available

Seems like something with the truststore maybe? But I download the cacert and import it into the trust store just like in the blog post. I even tried to copyin the cert manually. Still the same. What am I doing wrong here?

-- Matt
apache-kafka
java
kubernetes
openshift

1 Answer

6/6/2019

I encountered the same error when my service was wrongly configured and didn't select any pod. Check if your service is listing any pods.

-- StepanOrt
Source: StackOverflow