0

I build a docker container based on alpine linux. I try to send messages to an external kafka broker using the symfony messenger.

This is my messenger config:

    messenger:
        transports:
            de_fadi_criminal_charges_public_criminal_charge_created:
                dsn: '%env(KAFKA_DSN)%'
                serializer: App\Serializer\Avro\CriminalChargeCreatedSerializer
                options:
                    flushTimeout: 10000
                    flushRetries: 5
                    topic:
                        name: 'de.fadi.criminal_charges.public.criminal_charge_created'
                    kafka_conf:
                        security.protocol: 'sasl_ssl'
                        ssl.ca.location: '%kernel.project_dir%/config/kafka/ca.pem'
                        sasl.username: '%env(KAFKA_SASL_USERNAME)%'
                        sasl.password: '%env(KAFKA_SASL_PASSWORD)%'
                        sasl.mechanism: 'PLAIN'

and these are the relevant lines in my Docker file:


ARG LIBRDKAFKA_GIT_SHA1=1f7417d4796e036b8c19f17373f8290ff5c7561f
RUN apk add --update --no-cache alpine-sdk bash python autoconf openssl \
  && git clone -o ${LIBRDKAFKA_GIT_SHA1} https://github.com/edenhill/librdkafka.git /tmp/librdkafka \
  && cd /tmp/librdkafka/  \
  && ./configure \
  && make  \
  && make install

When I check after the build if Open SSL is available I get this:

$ openssl version
OpenSSL 1.1.1l  24 Aug 2021

When I try to send messages to the configured server I get this error message:

Unsupported value "sasl_ssl" for configuration property "security.protocol": OpenSSL not available at build time

All answers I found pointed to the fact that you first have to install openssl, then build rdkafka which I did. What am I missing?

Calamity Jane
  • 2,189
  • 5
  • 36
  • 68
  • 1
    I don't use alpine but most Linuxes (and other Unixes) have **separate packages** for merely running a library versus the info needed **to compile** (C,C++) programs using it, usually called development devel or dev. Since edge appears to have gone to 3.0.0, I'll guess you're on 3.14 and [the website](https://pkgs.alpinelinux.org/packages?name=openssl*&branch=v3.14&repo=main&arch=x86_64) shows an openssl-dev package that includes header files, pc files (used for compiling&linking) and what might be actual libraries (maybe with symbols?) or just links. – dave_thompson_085 Oct 28 '21 at 10:05
  • You could also try looking at the output of the `./configure` step. That usually tells you what it found, and didn't find. – dave_thompson_085 Oct 28 '21 at 10:08
  • @dave_thompson_085 that did it! Do you want to post it as answer? – Calamity Jane Oct 28 '21 at 11:07

1 Answers1

1

as @dave_thompson_085 pointed out it isn't sufficient to include the openssl library, if you are going to use it to build software

Replacing openssl with openssl-dev did the trick:

RUN apk add --update --no-cache alpine-sdk bash python autoconf openssl-dev \
  && git clone -o ${LIBRDKAFKA_GIT_SHA1} https://github.com/edenhill/librdkafka.git /tmp/librdkafka \
  && cd /tmp/librdkafka/  \
  && ./configure \
  && make  \
  && make install
Calamity Jane
  • 2,189
  • 5
  • 36
  • 68