oauth-keycloak-authorizer doesn't support kraft cluster #178
Comments
|
Thank you for reporting this issue. We'll look into it. |
|
best wishes ! |
Closed
|
hey, i would like to ask what's next on this issue? |
|
See: #188 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The kafka cluster has two mode: zk-based, kraft.
The KeycloakRBACAuthorizer class extends AclAuthorizer, but AclAuthorizer is a zk-based cluster implement, which store acl state info zk. When we use it in a zk-based cluster, there is nothing wrong. If we use it in a kraft cluster, there will be a NPE when the cluster starts up, because there has no zk.
According kafka's official document and the source code, there seem to be a default implement class, which store acl state into cluster metadata log for kraft cluster, called StandardAuthorizer. A pr about it is in apache/kafka#11649
is there any plain for supporting kraft cluster, because the kraft cluster is all ready for production since 3.3, zk-based cluster will be marked deprecation since 3.4, and there is a plain which removes zk-based cluster since 4.0
Thanks
The text was updated successfully, but these errors were encountered: