KafkaUsers do not show any ready state when there is no authorization type on the cluster CR
See original GitHub issueWith Strimzi 0.26+
Creating a Kafkas
cluster, pretty much like:
https://github.com/strimzi/strimzi-kafka-operator/blob/main/examples/kafka/kafka-ephemeral.yaml
And than adding a user, pretty much like:
apiVersion: kafka.strimzi.io/v1beta2
kind: KafkaUser
metadata:
name: my-tls-user
labels:
strimzi.io/cluster: my-cluster
spec:
authentication:
type: tls
authorization:
type: simple
acls:
- resource:
type: topic
name: "*"
operation: Read
host: "*"
- resource:
type: topic
name: "*"
operation: Describe
host: "*"
- resource:
type: group
name: "*"
operation: Read
host: "*"
- resource:
type: topic
name: "*"
operation: Write
host: "*"
- resource:
type: topic
name: "*"
operation: Create
host: "*"
- resource:
type: topic
name: "*"
operation: Describe
host: "*"
The user does not render any READY
state - they stay idle (I know the cluster is not setup for this):
k get kafkausers.kafka.strimzi.io -A
NAMESPACE NAME CLUSTER AUTHENTICATION AUTHORIZATION READY
default my-tls-user my-cluster tls simple
➜ ~
Given that the cluster is not correct configured, and lacks the authorization type, I was expecting those users turn into READY:FALSE, also with a reason on the why it is not ready.
E.g. like:
- name: Reason
type: string
jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason"
on the additionalPrinterColumns
section
Issue Analytics
- State:
- Created a year ago
- Comments:6 (6 by maintainers)
Top Results From Across the Web
Configuring Strimzi (In Development)
Strimzi provides a way to run an Apache Kafka cluster on Kubernetes in various deployment configurations.
Read more >Configuring AMQ Streams on OpenShift
Configuring Red Hat Single Sign-On as an OAuth 2.0 authorization server ... AMQ Streams does not require OpenShift raw block volumes.
Read more >Select proper KafkaUser authentication type? - Stack Overflow
We use TLS authentication listeners in Kafka cluster (this can be changed, we can add new type of listeners). When connect to Kafka...
Read more >Custom resources - IBM
IBM® Automation foundation uses Kubernetes custom resources (CRs) for configuration. All the CRs are in the API groups that end with automation.ibm.com.
Read more >How to set up Kafka on Kubernetes with Strimzi in 5 minutes
Strimzi is a tool with which a full-fledged Apache Kafka cluster including Apache ZooKeeper can be set up on Kubernetes or OpenShift. Today,...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
Well, I don’t know if I would call it better. But if you feel it helps we can easily implement it. Changing the conditions on the other hand would not be easy as they are also part of the API.
Triaged on 7.6.2022: We do not want to add the additional column. But a better docs explaining this should be done. Should be kept open.