Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

MINOR: KAFKA-18280 follow up #18358

Open
wants to merge 1 commit into
base: trunk
Choose a base branch
from
Open

MINOR: KAFKA-18280 follow up #18358

wants to merge 1 commit into from
+3 −0

Conversation

TaiJuWu
Copy link
Contributor

@TaiJuWu TaiJuWu commented Dec 31, 2024

see #18308 (comment)

Committer Checklist (excluded from commit message)

  • Verify design and implementation
  • Verify test coverage and CI build status
  • Verify documentation (including upgrade notes)

@github-actions github-actions bot added triage PRs from the community tests Test fixes (including flaky tests) small Small PRs labels Dec 31, 2024
@TaiJuWu
Copy link
Contributor Author

TaiJuWu commented Dec 31, 2024

@chia7712 @ijuma Could you take a look when you are available?

@TaiJuWu TaiJuWu force-pushed the sec_followup branch 4 times, most recently from 60bc20d to 4355ee0 Compare December 31, 2024 02:33
ijuma
ijuma reviewed Dec 31, 2024
View reviewed changes
tests/kafkatest/services/kafka/kafka.py
@@ -593,6 +593,9 @@ def close_port(self, listener_name):

def start_minikdc_if_necessary(self, add_principals=""):
has_sasl = self.security_config.has_sasl
# Since KafkaService is utilized by both controller and broker, we do not set miniKDC to None.
# This avoids the creation of an additional miniKDC, which could result in a mismatch
# between client and server tokens if two miniKDC instances are running concurrently.
if has_sasl:
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One question: this implies that has_sasl returns false for one of the controller or broker?

Copy link
Contributor Author

@TaiJuWu TaiJuWu Dec 31, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This depend on KafkaService config.
When controller or broker is created, it will check their configs and decide to wherther utilize SASL.

That means we will check both configurations of broker and controller.

@github-actions github-actions bot removed the triage PRs from the community label Jan 1, 2025
@TaiJuWu TaiJuWu requested a review from ijuma January 2, 2025 01:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ijuma ijuma Awaiting requested review from ijuma

Assignees
No one assigned
Labels
ci-approved small Small PRs tests Test fixes (including flaky tests)
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@TaiJuWu @ijuma @chia7712