Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

KIP-368 implementation connection disconnects during re-auth or OOM #2233

Closed
k-wall opened this issue May 23, 2022 · 1 comment
Closed

KIP-368 implementation connection disconnects during re-auth or OOM #2233

k-wall opened this issue May 23, 2022 · 1 comment

Comments

@k-wall
Copy link
Contributor

k-wall commented May 23, 2022
edited
Loading

Versions

Sarama: 1.33.0

Configuration

Any sarama based application connecting to Kafka brokers with SASL connection re-auth enabled. The Issue was detected testing out the Strimzi Canary 0.3.0 RC

Logs
[Sarama] 2022/05/23 08:36:42 Completed pre-auth SASL handshake. Available mechanisms: [SCRAM-SHA-512 PLAIN]
[Sarama] 2022/05/23 08:36:42 Session expiration in 10000 ms and session re-authentication on or after 8680 ms
[Sarama] 2022/05/23 08:36:42 Connected to broker at localhost:9092 (registered as #0)
[Sarama] 2022/05/23 08:36:42 Closed connection to broker localhost:9092
Problem Description

Issue is with the KIP-368 implementation added by PR #2197. The defect means that sometimes the re-auth fails to function correctly. The client application may suffer unexpected disconnections, or worse suffer an OOM condition. The problem worsens under load.

The issue is with the new implementation. It fails to account for the the I/O model of sarama correctly. Its calling of authenticateViaSASL results in input contention between the receiver Go routine and the itself. One my steal bytes from the other, resulting in unexpected connection state. The OOM is a result of incorrect bytes being interpreted as payload lengths.
@k-wall
Copy link
Contributor Author

k-wall commented May 23, 2022

Apologies for the defect, I intend to open an PR soon.

@k-wall k-wall changed the title KIP-386 implementation connection disconnects during re-auth or OOM KIP-368 implementation connection disconnects during re-auth or OOM May 23, 2022
k-wall added a commit to k-wall/sarama that referenced this issue May 23, 2022
@k-wall
fix: IBM#2233 use receiver goroutine to process all sasl v1 responses
ded41f0 
fixes defect in kip-368 implementation where existing incoming wire traffic would get confused with re-authentication traffic
leading to unexpected disconnects and OOM errors.
k-wall added a commit to k-wall/sarama that referenced this issue May 23, 2022
@k-wall
fix: IBM#2233 use receiver goroutine to process all sasl v1 responses
7063e4f 
fixes defect in kip-368 implementation where existing incoming wire traffic would get confused with re-authentication traffic
leading to unexpected disconnects and OOM errors.
@k-wall k-wall mentioned this issue May 23, 2022
Merged
@dnwe dnwe closed this as completed in 8e58c77 May 30, 2022
@ppatierno ppatierno mentioned this issue May 31, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@k-wall