Die Cruise Control Reporter greifen über abgesicherte Adresse zu

[demos/kafka/training] / docker / docker-compose.yml

diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml
index bd6fa06..37a5fd0 100644 (file)
--- a/docker/docker-compose.yml
+++ b/docker/docker-compose.yml
@@ -29,12 +29,17 @@ services:
         -Dcom.sun.management.jmxremote.port=9101
         -Dcom.sun.management.jmxremote.authenticate=false
       KAFKA_METRIC_REPORTERS: com.linkedin.kafka.cruisecontrol.metricsreporter.CruiseControlMetricsReporter
-      KAFKA_CRUISE_CONTROL_METRICS_REPORTER_BOOTSTRAP_SERVERS: localhost:9091
+      KAFKA_CRUISE_CONTROL_METRICS_REPORTER_BOOTSTRAP_SERVERS: localhost:9092
+      KAFKA_CRUISE_CONTROL_METRICS_REPORTER_SECURITY_PROTOCOL: SASL_PLAINTEXT
+      KAFKA_CRUISE_CONTROL_METRICS_REPORTER_SASL_MECHANISM: PLAIN
+      KAFKA_CRUISE_CONTROL_METRICS_REPORTER_SASL_JAAS_CONFIG: org.apache.kafka.common.security.plain.PlainLoginModule required username="ccreporter" password="ccreporter-secret";
       KAFKA_LISTENER_NAME_DOCKER_SASL_ENABLED_MECHANISMS: PLAIN
       KAFKA_LISTENER_NAME_DOCKER_PLAIN_SASL_JAAS_CONFIG: |
         org.apache.kafka.common.security.plain.PlainLoginModule required \
         user_schemaregistry="schemaregistry-secret" \
         user_connect="connect-secret" \
+        user_ccreporter="ccreporter-secret" \
+        user_ui="ui-secret" \
         user_client="client-secret";
       KAFKA_LISTENER_NAME_LOCALHOST_SASL_ENABLED_MECHANISMS: PLAIN
       KAFKA_LISTENER_NAME_LOCALHOST_PLAIN_SASL_JAAS_CONFIG: |
@@ -71,12 +76,17 @@ services:
         -Dcom.sun.management.jmxremote.port=9101
         -Dcom.sun.management.jmxremote.authenticate=false
       KAFKA_METRIC_REPORTERS: com.linkedin.kafka.cruisecontrol.metricsreporter.CruiseControlMetricsReporter
-      KAFKA_CRUISE_CONTROL_METRICS_REPORTER_BOOTSTRAP_SERVERS: localhost:9091
+      KAFKA_CRUISE_CONTROL_METRICS_REPORTER_BOOTSTRAP_SERVERS: localhost:9092
+      KAFKA_CRUISE_CONTROL_METRICS_REPORTER_SECURITY_PROTOCOL: SASL_PLAINTEXT
+      KAFKA_CRUISE_CONTROL_METRICS_REPORTER_SASL_MECHANISM: PLAIN
+      KAFKA_CRUISE_CONTROL_METRICS_REPORTER_SASL_JAAS_CONFIG: org.apache.kafka.common.security.plain.PlainLoginModule required username="ccreporter" password="ccreporter-secret";
       KAFKA_LISTENER_NAME_DOCKER_SASL_ENABLED_MECHANISMS: PLAIN
       KAFKA_LISTENER_NAME_DOCKER_PLAIN_SASL_JAAS_CONFIG: |
         org.apache.kafka.common.security.plain.PlainLoginModule required \
         user_schemaregistry="schemaregistry-secret" \
         user_connect="connect-secret" \
+        user_ccreporter="ccreporter-secret" \
+        user_ui="ui-secret" \
         user_client="client-secret";
       KAFKA_LISTENER_NAME_LOCALHOST_SASL_ENABLED_MECHANISMS: PLAIN
       KAFKA_LISTENER_NAME_LOCALHOST_PLAIN_SASL_JAAS_CONFIG: |
@@ -118,12 +128,17 @@ services:
         -Dcom.sun.management.jmxremote.port=9101
         -Dcom.sun.management.jmxremote.authenticate=false
       KAFKA_METRIC_REPORTERS: com.linkedin.kafka.cruisecontrol.metricsreporter.CruiseControlMetricsReporter
-      KAFKA_CRUISE_CONTROL_METRICS_REPORTER_BOOTSTRAP_SERVERS: localhost:9091
+      KAFKA_CRUISE_CONTROL_METRICS_REPORTER_BOOTSTRAP_SERVERS: localhost:9092
+      KAFKA_CRUISE_CONTROL_METRICS_REPORTER_SECURITY_PROTOCOL: SASL_PLAINTEXT
+      KAFKA_CRUISE_CONTROL_METRICS_REPORTER_SASL_MECHANISM: PLAIN
+      KAFKA_CRUISE_CONTROL_METRICS_REPORTER_SASL_JAAS_CONFIG: org.apache.kafka.common.security.plain.PlainLoginModule required username="ccreporter" password="ccreporter-secret";
       KAFKA_LISTENER_NAME_DOCKER_SASL_ENABLED_MECHANISMS: PLAIN
       KAFKA_LISTENER_NAME_DOCKER_PLAIN_SASL_JAAS_CONFIG: |
         org.apache.kafka.common.security.plain.PlainLoginModule required \
         user_schemaregistry="schemaregistry-secret" \
         user_connect="connect-secret" \
+        user_ccreporter="ccreporter-secret" \
+        user_ui="ui-secret" \
         user_client="client-secret";
       KAFKA_LISTENER_NAME_LOCALHOST_SASL_ENABLED_MECHANISMS: PLAIN
       KAFKA_LISTENER_NAME_LOCALHOST_PLAIN_SASL_JAAS_CONFIG: |
@@ -160,12 +175,17 @@ services:
         -Dcom.sun.management.jmxremote.port=9101
         -Dcom.sun.management.jmxremote.authenticate=false
       KAFKA_METRIC_REPORTERS: com.linkedin.kafka.cruisecontrol.metricsreporter.CruiseControlMetricsReporter
-      KAFKA_CRUISE_CONTROL_METRICS_REPORTER_BOOTSTRAP_SERVERS: localhost:9091
+      KAFKA_CRUISE_CONTROL_METRICS_REPORTER_BOOTSTRAP_SERVERS: localhost:9092
+      KAFKA_CRUISE_CONTROL_METRICS_REPORTER_SECURITY_PROTOCOL: SASL_PLAINTEXT
+      KAFKA_CRUISE_CONTROL_METRICS_REPORTER_SASL_MECHANISM: PLAIN
+      KAFKA_CRUISE_CONTROL_METRICS_REPORTER_SASL_JAAS_CONFIG: org.apache.kafka.common.security.plain.PlainLoginModule required username="ccreporter" password="ccreporter-secret";
       KAFKA_LISTENER_NAME_DOCKER_SASL_ENABLED_MECHANISMS: PLAIN
       KAFKA_LISTENER_NAME_DOCKER_PLAIN_SASL_JAAS_CONFIG: |
         org.apache.kafka.common.security.plain.PlainLoginModule required \
         user_schemaregistry="schemaregistry-secret" \
         user_connect="connect-secret" \
+        user_ccreporter="ccreporter-secret" \
+        user_ui="ui-secret" \
         user_client="client-secret";
       KAFKA_LISTENER_NAME_LOCALHOST_SASL_ENABLED_MECHANISMS: PLAIN
       KAFKA_LISTENER_NAME_LOCALHOST_PLAIN_SASL_JAAS_CONFIG: |
@@ -338,7 +358,10 @@ services:
           connections:
             docker-kafka-server:
               properties:
-                bootstrap.servers: "kafka:9091"
+                bootstrap.servers: "kafka:9092"
+                security.protocol: SASL_PLAINTEXT
+                sasl.mechanism: PLAIN
+                sasl.jaas.config: org.apache.kafka.common.security.plain.PlainLoginModule required username="ui" password="ui-secret";
               schema-registry:
                 url: "http://schema-registry:8085"
               connect: