image: confluentinc/cp-kafka:7.5.1
environment:
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
- KAFKA_LISTENERS: BROKER://:9092, LOCALHOST://:9081
- KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: BROKER:PLAINTEXT, LOCALHOST:PLAINTEXT
- KAFKA_ADVERTISED_LISTENERS: BROKER://kafka-1:9092, LOCALHOST://localhost:9081
+ KAFKA_LISTENERS: BROKER://:9091, DOCKER://:9092, LOCALHOST://:9081
+ KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: BROKER:PLAINTEXT, DOCKER:SASL_PLAINTEXT, LOCALHOST:SASL_PLAINTEXT
+ KAFKA_ADVERTISED_LISTENERS: BROKER://kafka-1:9091, DOCKER://kafka-1:9092, LOCALHOST://localhost:9081
KAFKA_BROKER_ID: 1
KAFKA_INTER_BROKER_LISTENER_NAME: BROKER
KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 3
KAFKA_AUTO_CREATE_TOPICS_ENABLE: "false"
+ KAFKA_AUTHORIZER_CLASS_NAME: kafka.security.authorizer.AclAuthorizer
+ KAFKA_ALLOW_EVERYONE_IF_NO_ACL_FOUND: "true"
+ KAFKA_OPTS:
+ -javaagent:/usr/share/java/cp-base-new/jmx_prometheus_javaagent-0.18.0.jar=0.0.0.0:80:/etc/jmx-exporter.yml
+ -Dcom.sun.management.jmxremote=true
+ -Dcom.sun.management.jmxremote.port=9101
+ -Dcom.sun.management.jmxremote.authenticate=false
+ KAFKA_METRIC_REPORTERS: com.linkedin.kafka.cruisecontrol.metricsreporter.CruiseControlMetricsReporter
+ KAFKA_CRUISE_CONTROL_METRICS_REPORTER_BOOTSTRAP_SERVERS: localhost:9092
+ KAFKA_CRUISE_CONTROL_METRICS_REPORTER_SECURITY_PROTOCOL: SASL_PLAINTEXT
+ KAFKA_CRUISE_CONTROL_METRICS_REPORTER_SASL_MECHANISM: PLAIN
+ KAFKA_CRUISE_CONTROL_METRICS_REPORTER_SASL_JAAS_CONFIG: org.apache.kafka.common.security.plain.PlainLoginModule required username="ccreporter" password="ccreporter-secret";
+ KAFKA_LISTENER_NAME_DOCKER_SASL_ENABLED_MECHANISMS: PLAIN
+ KAFKA_LISTENER_NAME_DOCKER_PLAIN_SASL_JAAS_CONFIG: |
+ org.apache.kafka.common.security.plain.PlainLoginModule required \
+ user_schemaregistry="schemaregistry-secret" \
+ user_connect="connect-secret" \
+ user_ccreporter="ccreporter-secret" \
+ user_ui="ui-secret" \
+ user_client="client-secret";
+ KAFKA_LISTENER_NAME_LOCALHOST_SASL_ENABLED_MECHANISMS: PLAIN
+ KAFKA_LISTENER_NAME_LOCALHOST_PLAIN_SASL_JAAS_CONFIG: |
+ org.apache.kafka.common.security.plain.PlainLoginModule required \
+ user_client="client-secret";
+ KAFKA_INTER_BROKER_LISTENER_NAME: BROKER
+ KAFKA_SASL_ENABLED_MECHANISMS: PLAIN, SCRAM-SHA-256, SCRAM-SHA-512
volumes:
+ - ./jmx-exporter.yml:/etc/jmx-exporter.yml:ro
+ - ./cruise-control-metrics-reporter.jar:/usr/share/java/kafka/cruise-control-metrics-reporter.jar:ro
- kafka-1-data:/var/lib/kafka/data
ports:
- 9081:9081
+ stop_grace_period: 120s
depends_on:
- zookeeper
image: confluentinc/cp-kafka:7.5.1
environment:
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
- KAFKA_LISTENERS: BROKER://:9092, LOCALHOST://:9082
- KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: BROKER:PLAINTEXT, LOCALHOST:PLAINTEXT
- KAFKA_ADVERTISED_LISTENERS: BROKER://kafka-2:9092, LOCALHOST://localhost:9082
+ KAFKA_LISTENERS: BROKER://:9091, DOCKER://:9092, LOCALHOST://:9082
+ KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: BROKER:PLAINTEXT, DOCKER:SASL_PLAINTEXT, LOCALHOST:SASL_PLAINTEXT
+ KAFKA_ADVERTISED_LISTENERS: BROKER://kafka-2:9091, DOCKER://kafka-2:9092, LOCALHOST://localhost:9082
KAFKA_BROKER_ID: 2
KAFKA_INTER_BROKER_LISTENER_NAME: BROKER
KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 3
KAFKA_AUTO_CREATE_TOPICS_ENABLE: "false"
+ KAFKA_AUTHORIZER_CLASS_NAME: kafka.security.authorizer.AclAuthorizer
+ KAFKA_ALLOW_EVERYONE_IF_NO_ACL_FOUND: "true"
+ KAFKA_OPTS:
+ -javaagent:/usr/share/java/cp-base-new/jmx_prometheus_javaagent-0.18.0.jar=0.0.0.0:80:/etc/jmx-exporter.yml
+ -Dcom.sun.management.jmxremote=true
+ -Dcom.sun.management.jmxremote.port=9101
+ -Dcom.sun.management.jmxremote.authenticate=false
+ KAFKA_METRIC_REPORTERS: com.linkedin.kafka.cruisecontrol.metricsreporter.CruiseControlMetricsReporter
+ KAFKA_CRUISE_CONTROL_METRICS_REPORTER_BOOTSTRAP_SERVERS: localhost:9092
+ KAFKA_CRUISE_CONTROL_METRICS_REPORTER_SECURITY_PROTOCOL: SASL_PLAINTEXT
+ KAFKA_CRUISE_CONTROL_METRICS_REPORTER_SASL_MECHANISM: PLAIN
+ KAFKA_CRUISE_CONTROL_METRICS_REPORTER_SASL_JAAS_CONFIG: org.apache.kafka.common.security.plain.PlainLoginModule required username="ccreporter" password="ccreporter-secret";
+ KAFKA_LISTENER_NAME_DOCKER_SASL_ENABLED_MECHANISMS: PLAIN
+ KAFKA_LISTENER_NAME_DOCKER_PLAIN_SASL_JAAS_CONFIG: |
+ org.apache.kafka.common.security.plain.PlainLoginModule required \
+ user_schemaregistry="schemaregistry-secret" \
+ user_connect="connect-secret" \
+ user_ccreporter="ccreporter-secret" \
+ user_ui="ui-secret" \
+ user_client="client-secret";
+ KAFKA_LISTENER_NAME_LOCALHOST_SASL_ENABLED_MECHANISMS: PLAIN
+ KAFKA_LISTENER_NAME_LOCALHOST_PLAIN_SASL_JAAS_CONFIG: |
+ org.apache.kafka.common.security.plain.PlainLoginModule required \
+ user_client="client-secret";
+ KAFKA_INTER_BROKER_LISTENER_NAME: BROKER
+ KAFKA_SASL_ENABLED_MECHANISMS: PLAIN, SCRAM-SHA-256, SCRAM-SHA-512
volumes:
+ - ./jmx-exporter.yml:/etc/jmx-exporter.yml:ro
+ - ./cruise-control-metrics-reporter.jar:/usr/share/java/kafka/cruise-control-metrics-reporter.jar:ro
- kafka-2-data:/var/lib/kafka/data
ports:
- 9092:9082
default:
aliases:
- kafka
+ stop_grace_period: 120s
depends_on:
- zookeeper
image: confluentinc/cp-kafka:7.5.1
environment:
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
- KAFKA_LISTENERS: BROKER://:9092, LOCALHOST://:9083
- KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: BROKER:PLAINTEXT, LOCALHOST:PLAINTEXT
- KAFKA_ADVERTISED_LISTENERS: BROKER://kafka-3:9092, LOCALHOST://localhost:9083
+ KAFKA_LISTENERS: BROKER://:9091, DOCKER://:9092, LOCALHOST://:9083
+ KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: BROKER:PLAINTEXT, DOCKER:SASL_PLAINTEXT, LOCALHOST:SASL_PLAINTEXT
+ KAFKA_ADVERTISED_LISTENERS: BROKER://kafka-3:9091, DOCKER://kafka-3:9092, LOCALHOST://localhost:9083
KAFKA_BROKER_ID: 3
KAFKA_INTER_BROKER_LISTENER_NAME: BROKER
KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 3
KAFKA_AUTO_CREATE_TOPICS_ENABLE: "false"
+ KAFKA_AUTHORIZER_CLASS_NAME: kafka.security.authorizer.AclAuthorizer
+ KAFKA_ALLOW_EVERYONE_IF_NO_ACL_FOUND: "true"
+ KAFKA_OPTS:
+ -javaagent:/usr/share/java/cp-base-new/jmx_prometheus_javaagent-0.18.0.jar=0.0.0.0:80:/etc/jmx-exporter.yml
+ -Dcom.sun.management.jmxremote=true
+ -Dcom.sun.management.jmxremote.port=9101
+ -Dcom.sun.management.jmxremote.authenticate=false
+ KAFKA_METRIC_REPORTERS: com.linkedin.kafka.cruisecontrol.metricsreporter.CruiseControlMetricsReporter
+ KAFKA_CRUISE_CONTROL_METRICS_REPORTER_BOOTSTRAP_SERVERS: localhost:9092
+ KAFKA_CRUISE_CONTROL_METRICS_REPORTER_SECURITY_PROTOCOL: SASL_PLAINTEXT
+ KAFKA_CRUISE_CONTROL_METRICS_REPORTER_SASL_MECHANISM: PLAIN
+ KAFKA_CRUISE_CONTROL_METRICS_REPORTER_SASL_JAAS_CONFIG: org.apache.kafka.common.security.plain.PlainLoginModule required username="ccreporter" password="ccreporter-secret";
+ KAFKA_LISTENER_NAME_DOCKER_SASL_ENABLED_MECHANISMS: PLAIN
+ KAFKA_LISTENER_NAME_DOCKER_PLAIN_SASL_JAAS_CONFIG: |
+ org.apache.kafka.common.security.plain.PlainLoginModule required \
+ user_schemaregistry="schemaregistry-secret" \
+ user_connect="connect-secret" \
+ user_ccreporter="ccreporter-secret" \
+ user_ui="ui-secret" \
+ user_client="client-secret";
+ KAFKA_LISTENER_NAME_LOCALHOST_SASL_ENABLED_MECHANISMS: PLAIN
+ KAFKA_LISTENER_NAME_LOCALHOST_PLAIN_SASL_JAAS_CONFIG: |
+ org.apache.kafka.common.security.plain.PlainLoginModule required \
+ user_client="client-secret";
+ KAFKA_INTER_BROKER_LISTENER_NAME: BROKER
+ KAFKA_SASL_ENABLED_MECHANISMS: PLAIN, SCRAM-SHA-256, SCRAM-SHA-512
volumes:
+ - ./jmx-exporter.yml:/etc/jmx-exporter.yml:ro
+ - ./cruise-control-metrics-reporter.jar:/usr/share/java/kafka/cruise-control-metrics-reporter.jar:ro
- kafka-3-data:/var/lib/kafka/data
ports:
- 9083:9083
+ stop_grace_period: 120s
+ depends_on:
+ - zookeeper
+
+ kafka-4:
+ image: confluentinc/cp-kafka:7.5.1
+ environment:
+ KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
+ KAFKA_LISTENERS: BROKER://:9091, DOCKER://:9092, LOCALHOST://:9084
+ KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: BROKER:PLAINTEXT, DOCKER:SASL_PLAINTEXT, LOCALHOST:SASL_PLAINTEXT
+ KAFKA_ADVERTISED_LISTENERS: BROKER://kafka-4:9091, DOCKER://kafka-4:9092, LOCALHOST://localhost:9084
+ KAFKA_BROKER_ID: 4
+ KAFKA_INTER_BROKER_LISTENER_NAME: BROKER
+ KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 3
+ KAFKA_AUTO_CREATE_TOPICS_ENABLE: "false"
+ KAFKA_AUTHORIZER_CLASS_NAME: kafka.security.authorizer.AclAuthorizer
+ KAFKA_ALLOW_EVERYONE_IF_NO_ACL_FOUND: "true"
+ KAFKA_OPTS:
+ -javaagent:/usr/share/java/cp-base-new/jmx_prometheus_javaagent-0.18.0.jar=0.0.0.0:80:/etc/jmx-exporter.yml
+ -Dcom.sun.management.jmxremote=true
+ -Dcom.sun.management.jmxremote.port=9101
+ -Dcom.sun.management.jmxremote.authenticate=false
+ KAFKA_METRIC_REPORTERS: com.linkedin.kafka.cruisecontrol.metricsreporter.CruiseControlMetricsReporter
+ KAFKA_CRUISE_CONTROL_METRICS_REPORTER_BOOTSTRAP_SERVERS: localhost:9092
+ KAFKA_CRUISE_CONTROL_METRICS_REPORTER_SECURITY_PROTOCOL: SASL_PLAINTEXT
+ KAFKA_CRUISE_CONTROL_METRICS_REPORTER_SASL_MECHANISM: PLAIN
+ KAFKA_CRUISE_CONTROL_METRICS_REPORTER_SASL_JAAS_CONFIG: org.apache.kafka.common.security.plain.PlainLoginModule required username="ccreporter" password="ccreporter-secret";
+ KAFKA_LISTENER_NAME_DOCKER_SASL_ENABLED_MECHANISMS: PLAIN
+ KAFKA_LISTENER_NAME_DOCKER_PLAIN_SASL_JAAS_CONFIG: |
+ org.apache.kafka.common.security.plain.PlainLoginModule required \
+ user_schemaregistry="schemaregistry-secret" \
+ user_connect="connect-secret" \
+ user_ccreporter="ccreporter-secret" \
+ user_ui="ui-secret" \
+ user_client="client-secret";
+ KAFKA_LISTENER_NAME_LOCALHOST_SASL_ENABLED_MECHANISMS: PLAIN
+ KAFKA_LISTENER_NAME_LOCALHOST_PLAIN_SASL_JAAS_CONFIG: |
+ org.apache.kafka.common.security.plain.PlainLoginModule required \
+ user_client="client-secret";
+ KAFKA_INTER_BROKER_LISTENER_NAME: BROKER
+ KAFKA_SASL_ENABLED_MECHANISMS: PLAIN, SCRAM-SHA-256, SCRAM-SHA-512
+ volumes:
+ - ./jmx-exporter.yml:/etc/jmx-exporter.yml:ro
+ - ./cruise-control-metrics-reporter.jar:/usr/share/java/kafka/cruise-control-metrics-reporter.jar:ro
+ - kafka-4-data:/var/lib/kafka/data
+ ports:
+ - 9084:9084
+ stop_grace_period: 120s
depends_on:
- zookeeper
+ cruise-control:
+ image: juplo/cruise-control
+ environment:
+ BOOTSTRAP_SERVERS: kafka-1:9091,kafka-2:9091,kafka-3:9091
+ ZOOKEEPER_CONNECT: zookeeper:2181/
+ ports:
+ - "9090:9090"
+
schema-registry:
image: confluentinc/cp-schema-registry:7.5.1
environment:
SCHEMA_REGISTRY_HOST_NAME: schema-registry
SCHEMA_REGISTRY_LISTENERS: http://0.0.0.0:8085
SCHEMA_REGISTRY_LOG4J_ROOT_LOGLEVEL: INFO
+ SCHEMA_REGISTRY_KAFKASTORE_SECURITY_PROTOCOL: SASL_PLAINTEXT
+ SCHEMA_REGISTRY_KAFKASTORE_SASL_MECHANISM: PLAIN
+ SCHEMA_REGISTRY_KAFKASTORE_SASL_JAAS_CONFIG: >
+ org.apache.kafka.common.security.plain.PlainLoginModule
+ required
+ username="schemaregistry"
+ password="schemaregistry-secret";
ports:
- 8085:8085
depends_on:
CONNECT_CONFIG_STORAGE_REPLICATION_FACTOR: 1
CONNECT_STATUS_STORAGE_REPLICATION_FACTOR: 1
CONNECT_PLUGIN_PATH: /usr/share/java/
+ # Configure the Connect workers to use SASL/PLAIN.
+ CONNECT_SASL_MECHANISM: PLAIN
+ CONNECT_SECURITY_PROTOCOL: SASL_PLAINTEXT
+ # JAAS
+ CONNECT_SASL_JAAS_CONFIG: >
+ org.apache.kafka.common.security.plain.PlainLoginModule required
+ username="connect"
+ password="connect-secret";
+ # producer
+ CONNECT_PRODUCER_SASL_MECHANISM: PLAIN
+ CONNECT_PRODUCER_SECURITY_PROTOCOL: SASL_PLAINTEXT
+ CONNECT_PRODUCER_SASL_JAAS_CONFIG: >
+ org.apache.kafka.common.security.plain.PlainLoginModule required
+ username="connect"
+ password="connect-secret";
+ # consumer
+ CONNECT_CONSUMER_SASL_MECHANISM: PLAIN
+ CONNECT_CONSUMER_SECURITY_PROTOCOL: SASL_PLAINTEXT
+ CONNECT_CONSUMER_SASL_JAAS_CONFIG: >
+ org.apache.kafka.common.security.plain.PlainLoginModule required
+ username="connect"
+ password="connect-secret";
+
ports:
- 8083:8083
depends_on:
- schema-registry
+ cli:
+ image: juplo/toolbox
+ command: sleep infinity
+ stop_grace_period: 0s
+ depends_on:
+ - kafka-1
+ - kafka-2
+ - kafka-3
+
setup:
image: juplo/toolbox
command:
- bash
- -c
- |
+ cub kafka-ready -b kafka-1:9091,kafka-2:9091,kafka-3:9091 3 60 > /dev/null 2>&1 || exit 1
if [ -e INITIALIZED ]
then
echo -n Bereits konfiguriert:
cat INITIALIZED
- kafka-topics --bootstrap-server kafka:9092 --describe --topic test
+ kafka-topics --bootstrap-server kafka:9091 --describe --topic test
+ kafka-topics --bootstrap-server kafka:9091 --describe --topic __CruiseControlMetrics
else
- kafka-topics --bootstrap-server kafka:9092 \
+ kafka-topics --bootstrap-server kafka:9091 \
--delete \
--if-exists \
--topic test
- kafka-topics --bootstrap-server kafka:9092 \
+ kafka-topics --bootstrap-server kafka:9091 \
--create \
--topic test \
--partitions 2 \
--replication-factor 3 \
--config min.insync.replicas=2 \
&& echo Das Topic \'test\' wurde erfolgreich angelegt: \
- && kafka-topics --bootstrap-server kafka:9092 --describe --topic test \
- && date > INITIALIZED
- fi
+ && kafka-topics --bootstrap-server kafka:9091 --describe --topic test
+ kafka-topics --bootstrap-server kafka:9091 \
+ --delete \
+ --if-exists \
+ --topic __CruiseControlMetrics
+ kafka-topics --bootstrap-server kafka:9091 \
+ --create \
+ --topic __CruiseControlMetrics \
+ --partitions 2 \
+ --replication-factor 3 \
+ --config min.insync.replicas=2 \
+ && echo Das Topic \'__CruiseControlMetrics\' wurde erfolgreich angelegt: \
+ && kafka-topics --bootstrap-server kafka:9091 --describe --topic __CruiseControlMetrics
+ fi \
+ && date > INITIALIZED
+ stop_grace_period: 0s
depends_on:
- - kafka-1
- - kafka-2
- - kafka-3
+ - cli
+
+ zoonavigator:
+ image: elkozmon/zoonavigator:1.1.2
+ ports:
+ - "8000:80"
+ environment:
+ HTTP_PORT: 80
+ CONNECTION_JUPLO_NAME: juplo
+ CONNECTION_JUPLO_CONN: zookeeper:2181
+ AUTO_CONNECT_CONNECTION_ID: JUPLO
+ depends_on:
+ - zookeeper
akhq:
image: tchiotludo/akhq:0.23.0
docker-kafka-server:
properties:
bootstrap.servers: "kafka:9092"
+ security.protocol: SASL_PLAINTEXT
+ sasl.mechanism: PLAIN
+ sasl.jaas.config: org.apache.kafka.common.security.plain.PlainLoginModule required username="ui" password="ui-secret";
schema-registry:
url: "http://schema-registry:8085"
connect:
- kafka-2
- kafka-3
- cli:
- image: juplo/toolbox
- command: sleep infinity
- depends_on:
- - setup
+ producer:
+ image: juplo/endless-stream-spring-producer:1.0-SNAPSHOT
+ environment:
+ producer.throttle-ms: 1
+ spring.kafka.bootstrap-servers: kafka-1:9092, kafka-2:9092, kafka-3:9092
+ spring.kafka.client-id: producer
+ spring.kafka.template.default-topic: test
+ spring.kafka.producer.properties.linger.ms: 100
+ spring.kafka.jaas.enabled: "true"
+ spring.kafka.properties.security.protocol: SASL_PLAINTEXT
+ spring.kafka.properties.sasl.mechanism: PLAIN
+ spring.kafka.properties.sasl.jaas.config: org.apache.kafka.common.security.plain.PlainLoginModule required username="client" password="client-secret";
+
+ consumer-1:
+ image: juplo/spring-consumer:1.0-SNAPSHOT
+ environment:
+ spring.kafka.bootstrap-servers: kafka-1:9092, kafka-2:9092, kafka-3:9092
+ spring.kafka.client-id: consumer-1
+ spring.kafka.jaas.enabled: "true"
+ spring.kafka.properties.security.protocol: SASL_PLAINTEXT
+ spring.kafka.properties.sasl.mechanism: PLAIN
+ spring.kafka.properties.sasl.jaas.config: org.apache.kafka.common.security.plain.PlainLoginModule required username="client" password="client-secret";
+
+ consumer-2:
+ image: juplo/spring-consumer:1.0-SNAPSHOT
+ environment:
+ spring.kafka.bootstrap-servers: kafka-1:9092, kafka-2:9092, kafka-3:9092
+ spring.kafka.client-id: consumer-1
+ spring.kafka.jaas.enabled: "true"
+ spring.kafka.properties.security.protocol: SASL_PLAINTEXT
+ spring.kafka.properties.sasl.mechanism: PLAIN
+ spring.kafka.properties.sasl.jaas.config: org.apache.kafka.common.security.plain.PlainLoginModule required username="client" password="client-secret";
+
+ consumer-3:
+ image: juplo/spring-consumer:1.0-SNAPSHOT
+ environment:
+ spring.kafka.bootstrap-servers: kafka-1:9092, kafka-2:9092, kafka-3:9092
+ spring.kafka.client-id: consumer-1
+ spring.kafka.jaas.enabled: "true"
+ spring.kafka.properties.security.protocol: SASL_PLAINTEXT
+ spring.kafka.properties.sasl.mechanism: PLAIN
+ spring.kafka.properties.sasl.jaas.config: org.apache.kafka.common.security.plain.PlainLoginModule required username="client" password="client-secret";
volumes:
zookeeper-data:
kafka-1-data:
kafka-2-data:
kafka-3-data:
+ kafka-4-data: