dockerapache-kafkaopensslalpine-linuxlibrdkafka

Alpine Kafka "OpenSSL not available at build time"


I build a docker container based on alpine linux. I try to send messages to an external kafka broker using the symfony messenger.

This is my messenger config:

    messenger:
        transports:
            de_fadi_criminal_charges_public_criminal_charge_created:
                dsn: '%env(KAFKA_DSN)%'
                serializer: App\Serializer\Avro\CriminalChargeCreatedSerializer
                options:
                    flushTimeout: 10000
                    flushRetries: 5
                    topic:
                        name: 'de.fadi.criminal_charges.public.criminal_charge_created'
                    kafka_conf:
                        security.protocol: 'sasl_ssl'
                        ssl.ca.location: '%kernel.project_dir%/config/kafka/ca.pem'
                        sasl.username: '%env(KAFKA_SASL_USERNAME)%'
                        sasl.password: '%env(KAFKA_SASL_PASSWORD)%'
                        sasl.mechanism: 'PLAIN'

and these are the relevant lines in my Docker file:


ARG LIBRDKAFKA_GIT_SHA1=1f7417d4796e036b8c19f17373f8290ff5c7561f
RUN apk add --update --no-cache alpine-sdk bash python autoconf openssl \
  && git clone -o ${LIBRDKAFKA_GIT_SHA1} https://github.com/edenhill/librdkafka.git /tmp/librdkafka \
  && cd /tmp/librdkafka/  \
  && ./configure \
  && make  \
  && make install

When I check after the build if Open SSL is available I get this:

$ openssl version
OpenSSL 1.1.1l  24 Aug 2021

When I try to send messages to the configured server I get this error message:

Unsupported value "sasl_ssl" for configuration property "security.protocol": OpenSSL not available at build time

All answers I found pointed to the fact that you first have to install openssl, then build rdkafka which I did. What am I missing?


Solution

  • as @dave_thompson_085 pointed out it isn't sufficient to include the openssl library, if you are going to use it to build software

    Replacing openssl with openssl-dev did the trick:

    RUN apk add --update --no-cache alpine-sdk bash python autoconf openssl-dev \
      && git clone -o ${LIBRDKAFKA_GIT_SHA1} https://github.com/edenhill/librdkafka.git /tmp/librdkafka \
      && cd /tmp/librdkafka/  \
      && ./configure \
      && make  \
      && make install