X-Git-Url: http://juplo.de/gitweb/?a=blobdiff_plain;f=docker%2Fdocker-compose.yml;h=37a5fd0d2f18d7c65e156f14c8a447b09492f8f0;hb=31d2104a8eeae79747552d84bb622053844180c3;hp=1d3172b6a9821ae52fe3e82c46eb20dc8e38928c;hpb=015d988cf6961eb3a2f05a346bf453755d58f70b;p=demos%2Fkafka%2Ftraining

diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml
index 1d3172b..37a5fd0 100644
--- a/docker/docker-compose.yml
+++ b/docker/docker-compose.yml
@@ -29,12 +29,17 @@ services:
         -Dcom.sun.management.jmxremote.port=9101
         -Dcom.sun.management.jmxremote.authenticate=false
       KAFKA_METRIC_REPORTERS: com.linkedin.kafka.cruisecontrol.metricsreporter.CruiseControlMetricsReporter
-      KAFKA_CRUISE_CONTROL_METRICS_REPORTER_BOOTSTRAP_SERVERS: localhost:9091
+      KAFKA_CRUISE_CONTROL_METRICS_REPORTER_BOOTSTRAP_SERVERS: localhost:9092
+      KAFKA_CRUISE_CONTROL_METRICS_REPORTER_SECURITY_PROTOCOL: SASL_PLAINTEXT
+      KAFKA_CRUISE_CONTROL_METRICS_REPORTER_SASL_MECHANISM: PLAIN
+      KAFKA_CRUISE_CONTROL_METRICS_REPORTER_SASL_JAAS_CONFIG: org.apache.kafka.common.security.plain.PlainLoginModule required username="ccreporter" password="ccreporter-secret";
       KAFKA_LISTENER_NAME_DOCKER_SASL_ENABLED_MECHANISMS: PLAIN
       KAFKA_LISTENER_NAME_DOCKER_PLAIN_SASL_JAAS_CONFIG: |
         org.apache.kafka.common.security.plain.PlainLoginModule required \
         user_schemaregistry="schemaregistry-secret" \
         user_connect="connect-secret" \
+        user_ccreporter="ccreporter-secret" \
+        user_ui="ui-secret" \
         user_client="client-secret";
       KAFKA_LISTENER_NAME_LOCALHOST_SASL_ENABLED_MECHANISMS: PLAIN
       KAFKA_LISTENER_NAME_LOCALHOST_PLAIN_SASL_JAAS_CONFIG: |
@@ -71,12 +76,17 @@ services:
         -Dcom.sun.management.jmxremote.port=9101
         -Dcom.sun.management.jmxremote.authenticate=false
       KAFKA_METRIC_REPORTERS: com.linkedin.kafka.cruisecontrol.metricsreporter.CruiseControlMetricsReporter
-      KAFKA_CRUISE_CONTROL_METRICS_REPORTER_BOOTSTRAP_SERVERS: localhost:9091
+      KAFKA_CRUISE_CONTROL_METRICS_REPORTER_BOOTSTRAP_SERVERS: localhost:9092
+      KAFKA_CRUISE_CONTROL_METRICS_REPORTER_SECURITY_PROTOCOL: SASL_PLAINTEXT
+      KAFKA_CRUISE_CONTROL_METRICS_REPORTER_SASL_MECHANISM: PLAIN
+      KAFKA_CRUISE_CONTROL_METRICS_REPORTER_SASL_JAAS_CONFIG: org.apache.kafka.common.security.plain.PlainLoginModule required username="ccreporter" password="ccreporter-secret";
       KAFKA_LISTENER_NAME_DOCKER_SASL_ENABLED_MECHANISMS: PLAIN
       KAFKA_LISTENER_NAME_DOCKER_PLAIN_SASL_JAAS_CONFIG: |
         org.apache.kafka.common.security.plain.PlainLoginModule required \
         user_schemaregistry="schemaregistry-secret" \
         user_connect="connect-secret" \
+        user_ccreporter="ccreporter-secret" \
+        user_ui="ui-secret" \
         user_client="client-secret";
       KAFKA_LISTENER_NAME_LOCALHOST_SASL_ENABLED_MECHANISMS: PLAIN
       KAFKA_LISTENER_NAME_LOCALHOST_PLAIN_SASL_JAAS_CONFIG: |
@@ -118,12 +128,17 @@ services:
         -Dcom.sun.management.jmxremote.port=9101
         -Dcom.sun.management.jmxremote.authenticate=false
       KAFKA_METRIC_REPORTERS: com.linkedin.kafka.cruisecontrol.metricsreporter.CruiseControlMetricsReporter
-      KAFKA_CRUISE_CONTROL_METRICS_REPORTER_BOOTSTRAP_SERVERS: localhost:9091
+      KAFKA_CRUISE_CONTROL_METRICS_REPORTER_BOOTSTRAP_SERVERS: localhost:9092
+      KAFKA_CRUISE_CONTROL_METRICS_REPORTER_SECURITY_PROTOCOL: SASL_PLAINTEXT
+      KAFKA_CRUISE_CONTROL_METRICS_REPORTER_SASL_MECHANISM: PLAIN
+      KAFKA_CRUISE_CONTROL_METRICS_REPORTER_SASL_JAAS_CONFIG: org.apache.kafka.common.security.plain.PlainLoginModule required username="ccreporter" password="ccreporter-secret";
       KAFKA_LISTENER_NAME_DOCKER_SASL_ENABLED_MECHANISMS: PLAIN
       KAFKA_LISTENER_NAME_DOCKER_PLAIN_SASL_JAAS_CONFIG: |
         org.apache.kafka.common.security.plain.PlainLoginModule required \
         user_schemaregistry="schemaregistry-secret" \
         user_connect="connect-secret" \
+        user_ccreporter="ccreporter-secret" \
+        user_ui="ui-secret" \
         user_client="client-secret";
       KAFKA_LISTENER_NAME_LOCALHOST_SASL_ENABLED_MECHANISMS: PLAIN
       KAFKA_LISTENER_NAME_LOCALHOST_PLAIN_SASL_JAAS_CONFIG: |
@@ -160,12 +175,17 @@ services:
         -Dcom.sun.management.jmxremote.port=9101
         -Dcom.sun.management.jmxremote.authenticate=false
       KAFKA_METRIC_REPORTERS: com.linkedin.kafka.cruisecontrol.metricsreporter.CruiseControlMetricsReporter
-      KAFKA_CRUISE_CONTROL_METRICS_REPORTER_BOOTSTRAP_SERVERS: localhost:9091
+      KAFKA_CRUISE_CONTROL_METRICS_REPORTER_BOOTSTRAP_SERVERS: localhost:9092
+      KAFKA_CRUISE_CONTROL_METRICS_REPORTER_SECURITY_PROTOCOL: SASL_PLAINTEXT
+      KAFKA_CRUISE_CONTROL_METRICS_REPORTER_SASL_MECHANISM: PLAIN
+      KAFKA_CRUISE_CONTROL_METRICS_REPORTER_SASL_JAAS_CONFIG: org.apache.kafka.common.security.plain.PlainLoginModule required username="ccreporter" password="ccreporter-secret";
       KAFKA_LISTENER_NAME_DOCKER_SASL_ENABLED_MECHANISMS: PLAIN
       KAFKA_LISTENER_NAME_DOCKER_PLAIN_SASL_JAAS_CONFIG: |
         org.apache.kafka.common.security.plain.PlainLoginModule required \
         user_schemaregistry="schemaregistry-secret" \
         user_connect="connect-secret" \
+        user_ccreporter="ccreporter-secret" \
+        user_ui="ui-secret" \
         user_client="client-secret";
       KAFKA_LISTENER_NAME_LOCALHOST_SASL_ENABLED_MECHANISMS: PLAIN
       KAFKA_LISTENER_NAME_LOCALHOST_PLAIN_SASL_JAAS_CONFIG: |
@@ -215,7 +235,7 @@ services:
   connect:
     image: confluentinc/cp-kafka-connect:7.5.1
     environment:
-      CONNECT_BOOTSTRAP_SERVERS: kafka-1:9091,kafka-2:9091,kafka-3:9091
+      CONNECT_BOOTSTRAP_SERVERS: kafka-1:9092,kafka-2:9092,kafka-3:9092
       CONNECT_REST_PORT: 8083
       CONNECT_REST_LISTENERS: http://0.0.0.0:8083
       CONNECT_REST_ADVERTISED_HOST_NAME: connect
@@ -235,6 +255,29 @@ services:
       CONNECT_CONFIG_STORAGE_REPLICATION_FACTOR: 1
       CONNECT_STATUS_STORAGE_REPLICATION_FACTOR: 1
       CONNECT_PLUGIN_PATH: /usr/share/java/
+      # Configure the Connect workers to use SASL/PLAIN.
+      CONNECT_SASL_MECHANISM: PLAIN
+      CONNECT_SECURITY_PROTOCOL: SASL_PLAINTEXT
+      # JAAS
+      CONNECT_SASL_JAAS_CONFIG: >
+        org.apache.kafka.common.security.plain.PlainLoginModule required
+        username="connect"
+        password="connect-secret";
+      # producer
+      CONNECT_PRODUCER_SASL_MECHANISM: PLAIN
+      CONNECT_PRODUCER_SECURITY_PROTOCOL: SASL_PLAINTEXT
+      CONNECT_PRODUCER_SASL_JAAS_CONFIG: >
+        org.apache.kafka.common.security.plain.PlainLoginModule required
+        username="connect"
+        password="connect-secret";
+      # consumer
+      CONNECT_CONSUMER_SASL_MECHANISM: PLAIN
+      CONNECT_CONSUMER_SECURITY_PROTOCOL: SASL_PLAINTEXT
+      CONNECT_CONSUMER_SASL_JAAS_CONFIG: >
+        org.apache.kafka.common.security.plain.PlainLoginModule required
+        username="connect"
+        password="connect-secret";
+
     ports:
       - 8083:8083
     depends_on:
@@ -315,7 +358,10 @@ services:
           connections:
             docker-kafka-server:
               properties:
-                bootstrap.servers: "kafka:9091"
+                bootstrap.servers: "kafka:9092"
+                security.protocol: SASL_PLAINTEXT
+                sasl.mechanism: PLAIN
+                sasl.jaas.config: org.apache.kafka.common.security.plain.PlainLoginModule required username="ui" password="ui-secret";
               schema-registry:
                 url: "http://schema-registry:8085"
               connect: