Does the Kafka logger Support Kerberos authentication? #12371
Replies: 1 comment 1 reply
-
|
Hi @LEICHUAN123456! I'm Dosu and I’m helping the apisix team. The Kafka logger plugin in APISIX does not support Kerberos authentication. It only supports SASL authentication with the PLAIN mechanism, which requires a username and password—Kerberos (SASL/GSSAPI) is not available as an option in the plugin’s configuration or code. You can see this in the official documentation and implementation details: the only supported SASL mechanism is "PLAIN" docs code. If your Kafka cluster only allows Kerberos authentication, a common workaround is to deploy a Kafka proxy (such as Kafka REST Proxy, MirrorMaker, or a custom bridge) that authenticates with Kerberos and exposes a SASL/PLAIN or unauthenticated endpoint for APISIX to use. APISIX can then send logs to this proxy, which forwards them to your secured Kafka cluster. If you need help with the Kafka logger plugin’s supported configuration, let me know! To reply, just mention @dosu. How did I do? Good | Irrelevant | Incorrect | Verbose | Hallucination | Report 🐛 | Other |
Beta Was this translation helpful? Give feedback.
-
|
Thank you for your reply! |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
In my project, Kafka cluster is authenticated by Kerberos. We will put the log of apisix into Kafka cluster. How can I config the Kakfa logger plugin that the log has been entered into the Kafka cluster?
Beta Was this translation helpful? Give feedback.
All reactions