X-Git-Url: http://juplo.de/gitweb/?a=blobdiff_plain;f=docker%2Fdocker-compose.yml;h=f4a4e98134fb3eeaa3ffd0b30206c90ecabf5e4a;hb=9e40d480716c71977b2ce81a010f9450c67fc238;hp=e2de5a5488b6e8382883134b650c3b98e8b4c7e5;hpb=4490e8ca536b331931f148ac0391186cd0ae81c5;p=demos%2Fkafka%2Ftraining diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml index e2de5a5..f4a4e98 100644 --- a/docker/docker-compose.yml +++ b/docker/docker-compose.yml @@ -14,17 +14,37 @@ services: image: confluentinc/cp-kafka:7.5.1 environment: KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181 - KAFKA_LISTENERS: BROKER://:9092, LOCALHOST://:9081 - KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: BROKER:PLAINTEXT, LOCALHOST:PLAINTEXT - KAFKA_ADVERTISED_LISTENERS: BROKER://kafka-1:9092, LOCALHOST://localhost:9081 + KAFKA_LISTENERS: BROKER://:9091, DOCKER://:9092, LOCALHOST://:9081 + KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: BROKER:PLAINTEXT, DOCKER:SASL_PLAINTEXT, LOCALHOST:SASL_PLAINTEXT + KAFKA_ADVERTISED_LISTENERS: BROKER://kafka-1:9091, DOCKER://kafka-1:9092, LOCALHOST://localhost:9081 KAFKA_BROKER_ID: 1 KAFKA_INTER_BROKER_LISTENER_NAME: BROKER KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 3 KAFKA_AUTO_CREATE_TOPICS_ENABLE: "false" + KAFKA_AUTHORIZER_CLASS_NAME: kafka.security.authorizer.AclAuthorizer + KAFKA_ALLOW_EVERYONE_IF_NO_ACL_FOUND: "false" + KAFKA_SUPER_USERS: User:ANONYMOUS + KAFKA_LOG4J_LOGGERS: kafka.authorizer.logger=INFO + KAFKA_OPTS: + -javaagent:/usr/share/java/cp-base-new/jmx_prometheus_javaagent-0.18.0.jar=0.0.0.0:80:/etc/jmx-exporter.yml + -Dcom.sun.management.jmxremote=true + -Dcom.sun.management.jmxremote.port=9101 + -Dcom.sun.management.jmxremote.authenticate=false + KAFKA_METRIC_REPORTERS: com.linkedin.kafka.cruisecontrol.metricsreporter.CruiseControlMetricsReporter + KAFKA_CRUISE_CONTROL_METRICS_REPORTER_BOOTSTRAP_SERVERS: localhost:9091 + KAFKA_LISTENER_NAME_DOCKER_SASL_ENABLED_MECHANISMS: SCRAM-SHA-512 + KAFKA_LISTENER_NAME_DOCKER_SCRAM-SHA-512_SASL_JAAS_CONFIG: org.apache.kafka.common.security.scram.ScramLoginModule required; + KAFKA_LISTENER_NAME_LOCALHOST_SASL_ENABLED_MECHANISMS: SCRAM-SHA-512 + KAFKA_LISTENER_NAME_LOCALHOST_SCRAM-SHA-512_SASL_JAAS_CONFIG: org.apache.kafka.common.security.scram.ScramLoginModule required; + KAFKA_INTER_BROKER_LISTENER_NAME: BROKER + KAFKA_SASL_ENABLED_MECHANISMS: PLAIN, SCRAM-SHA-256, SCRAM-SHA-512 volumes: + - ./jmx-exporter.yml:/etc/jmx-exporter.yml:ro + - ./cruise-control-metrics-reporter.jar:/usr/share/java/kafka/cruise-control-metrics-reporter.jar:ro - kafka-1-data:/var/lib/kafka/data ports: - 9081:9081 + stop_grace_period: 120s depends_on: - zookeeper @@ -32,14 +52,33 @@ services: image: confluentinc/cp-kafka:7.5.1 environment: KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181 - KAFKA_LISTENERS: BROKER://:9092, LOCALHOST://:9082 - KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: BROKER:PLAINTEXT, LOCALHOST:PLAINTEXT - KAFKA_ADVERTISED_LISTENERS: BROKER://kafka-2:9092, LOCALHOST://localhost:9082 + KAFKA_LISTENERS: BROKER://:9091, DOCKER://:9092, LOCALHOST://:9082 + KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: BROKER:PLAINTEXT, DOCKER:SASL_PLAINTEXT, LOCALHOST:SASL_PLAINTEXT + KAFKA_ADVERTISED_LISTENERS: BROKER://kafka-2:9091, DOCKER://kafka-2:9092, LOCALHOST://localhost:9082 KAFKA_BROKER_ID: 2 KAFKA_INTER_BROKER_LISTENER_NAME: BROKER KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 3 KAFKA_AUTO_CREATE_TOPICS_ENABLE: "false" + KAFKA_AUTHORIZER_CLASS_NAME: kafka.security.authorizer.AclAuthorizer + KAFKA_ALLOW_EVERYONE_IF_NO_ACL_FOUND: "false" + KAFKA_SUPER_USERS: User:ANONYMOUS + KAFKA_LOG4J_LOGGERS: kafka.authorizer.logger=INFO + KAFKA_OPTS: + -javaagent:/usr/share/java/cp-base-new/jmx_prometheus_javaagent-0.18.0.jar=0.0.0.0:80:/etc/jmx-exporter.yml + -Dcom.sun.management.jmxremote=true + -Dcom.sun.management.jmxremote.port=9101 + -Dcom.sun.management.jmxremote.authenticate=false + KAFKA_METRIC_REPORTERS: com.linkedin.kafka.cruisecontrol.metricsreporter.CruiseControlMetricsReporter + KAFKA_CRUISE_CONTROL_METRICS_REPORTER_BOOTSTRAP_SERVERS: localhost:9091 + KAFKA_LISTENER_NAME_DOCKER_SASL_ENABLED_MECHANISMS: SCRAM-SHA-512 + KAFKA_LISTENER_NAME_DOCKER_SCRAM-SHA-512_SASL_JAAS_CONFIG: org.apache.kafka.common.security.scram.ScramLoginModule required; + KAFKA_LISTENER_NAME_LOCALHOST_SASL_ENABLED_MECHANISMS: SCRAM-SHA-512 + KAFKA_LISTENER_NAME_LOCALHOST_SCRAM-SHA-512_SASL_JAAS_CONFIG: org.apache.kafka.common.security.scram.ScramLoginModule required; + KAFKA_INTER_BROKER_LISTENER_NAME: BROKER + KAFKA_SASL_ENABLED_MECHANISMS: PLAIN, SCRAM-SHA-256, SCRAM-SHA-512 volumes: + - ./jmx-exporter.yml:/etc/jmx-exporter.yml:ro + - ./cruise-control-metrics-reporter.jar:/usr/share/java/kafka/cruise-control-metrics-reporter.jar:ro - kafka-2-data:/var/lib/kafka/data ports: - 9092:9082 @@ -48,6 +87,7 @@ services: default: aliases: - kafka + stop_grace_period: 120s depends_on: - zookeeper @@ -55,49 +95,221 @@ services: image: confluentinc/cp-kafka:7.5.1 environment: KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181 - KAFKA_LISTENERS: BROKER://:9092, LOCALHOST://:9083 - KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: BROKER:PLAINTEXT, LOCALHOST:PLAINTEXT - KAFKA_ADVERTISED_LISTENERS: BROKER://kafka-3:9092, LOCALHOST://localhost:9083 + KAFKA_LISTENERS: BROKER://:9091, DOCKER://:9092, LOCALHOST://:9083 + KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: BROKER:PLAINTEXT, DOCKER:SASL_PLAINTEXT, LOCALHOST:SASL_PLAINTEXT + KAFKA_ADVERTISED_LISTENERS: BROKER://kafka-3:9091, DOCKER://kafka-3:9092, LOCALHOST://localhost:9083 KAFKA_BROKER_ID: 3 KAFKA_INTER_BROKER_LISTENER_NAME: BROKER KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 3 KAFKA_AUTO_CREATE_TOPICS_ENABLE: "false" + KAFKA_AUTHORIZER_CLASS_NAME: kafka.security.authorizer.AclAuthorizer + KAFKA_ALLOW_EVERYONE_IF_NO_ACL_FOUND: "false" + KAFKA_SUPER_USERS: User:ANONYMOUS + KAFKA_LOG4J_LOGGERS: kafka.authorizer.logger=INFO + KAFKA_OPTS: + -javaagent:/usr/share/java/cp-base-new/jmx_prometheus_javaagent-0.18.0.jar=0.0.0.0:80:/etc/jmx-exporter.yml + -Dcom.sun.management.jmxremote=true + -Dcom.sun.management.jmxremote.port=9101 + -Dcom.sun.management.jmxremote.authenticate=false + KAFKA_METRIC_REPORTERS: com.linkedin.kafka.cruisecontrol.metricsreporter.CruiseControlMetricsReporter + KAFKA_CRUISE_CONTROL_METRICS_REPORTER_BOOTSTRAP_SERVERS: localhost:9091 + KAFKA_LISTENER_NAME_DOCKER_SASL_ENABLED_MECHANISMS: SCRAM-SHA-512 + KAFKA_LISTENER_NAME_DOCKER_SCRAM-SHA-512_SASL_JAAS_CONFIG: org.apache.kafka.common.security.scram.ScramLoginModule required; + KAFKA_LISTENER_NAME_LOCALHOST_SASL_ENABLED_MECHANISMS: SCRAM-SHA-512 + KAFKA_LISTENER_NAME_LOCALHOST_SCRAM-SHA-512_SASL_JAAS_CONFIG: org.apache.kafka.common.security.scram.ScramLoginModule required; + KAFKA_INTER_BROKER_LISTENER_NAME: BROKER + KAFKA_SASL_ENABLED_MECHANISMS: PLAIN, SCRAM-SHA-256, SCRAM-SHA-512 volumes: + - ./jmx-exporter.yml:/etc/jmx-exporter.yml:ro + - ./cruise-control-metrics-reporter.jar:/usr/share/java/kafka/cruise-control-metrics-reporter.jar:ro - kafka-3-data:/var/lib/kafka/data ports: - 9083:9083 + stop_grace_period: 120s + depends_on: + - zookeeper + + kafka-4: + image: confluentinc/cp-kafka:7.5.1 + environment: + KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181 + KAFKA_LISTENERS: BROKER://:9091, DOCKER://:9092, LOCALHOST://:9084 + KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: BROKER:PLAINTEXT, DOCKER:SASL_PLAINTEXT, LOCALHOST:SASL_PLAINTEXT + KAFKA_ADVERTISED_LISTENERS: BROKER://kafka-4:9091, DOCKER://kafka-4:9092, LOCALHOST://localhost:9084 + KAFKA_BROKER_ID: 4 + KAFKA_INTER_BROKER_LISTENER_NAME: BROKER + KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 3 + KAFKA_AUTO_CREATE_TOPICS_ENABLE: "false" + KAFKA_AUTHORIZER_CLASS_NAME: kafka.security.authorizer.AclAuthorizer + KAFKA_ALLOW_EVERYONE_IF_NO_ACL_FOUND: "false" + KAFKA_SUPER_USERS: User:ANONYMOUS + KAFKA_LOG4J_LOGGERS: kafka.authorizer.logger=INFO + KAFKA_OPTS: + -javaagent:/usr/share/java/cp-base-new/jmx_prometheus_javaagent-0.18.0.jar=0.0.0.0:80:/etc/jmx-exporter.yml + -Dcom.sun.management.jmxremote=true + -Dcom.sun.management.jmxremote.port=9101 + -Dcom.sun.management.jmxremote.authenticate=false + KAFKA_METRIC_REPORTERS: com.linkedin.kafka.cruisecontrol.metricsreporter.CruiseControlMetricsReporter + KAFKA_CRUISE_CONTROL_METRICS_REPORTER_BOOTSTRAP_SERVERS: localhost:9091 + KAFKA_LISTENER_NAME_DOCKER_SASL_ENABLED_MECHANISMS: SCRAM-SHA-512 + KAFKA_LISTENER_NAME_DOCKER_SCRAM-SHA-512_SASL_JAAS_CONFIG: org.apache.kafka.common.security.scram.ScramLoginModule required; + KAFKA_LISTENER_NAME_LOCALHOST_SASL_ENABLED_MECHANISMS: SCRAM-SHA-512 + KAFKA_LISTENER_NAME_LOCALHOST_SCRAM-SHA-512_SASL_JAAS_CONFIG: org.apache.kafka.common.security.scram.ScramLoginModule required; + KAFKA_INTER_BROKER_LISTENER_NAME: BROKER + KAFKA_SASL_ENABLED_MECHANISMS: PLAIN, SCRAM-SHA-256, SCRAM-SHA-512 + volumes: + - ./jmx-exporter.yml:/etc/jmx-exporter.yml:ro + - ./cruise-control-metrics-reporter.jar:/usr/share/java/kafka/cruise-control-metrics-reporter.jar:ro + - kafka-4-data:/var/lib/kafka/data + ports: + - 9084:9084 + stop_grace_period: 120s depends_on: - zookeeper + cruise-control: + image: juplo/cruise-control + environment: + BOOTSTRAP_SERVERS: kafka-1:9091,kafka-2:9091,kafka-3:9091 + ZOOKEEPER_CONNECT: zookeeper:2181/ + ports: + - "9090:9090" + + schema-registry: + image: confluentinc/cp-schema-registry:7.5.1 + environment: + SCHEMA_REGISTRY_KAFKASTORE_BOOTSTRAP_SERVERS: kafka-1:9092,kafka-2:9092,kafka-3:9092 + SCHEMA_REGISTRY_HOST_NAME: schema-registry + SCHEMA_REGISTRY_LISTENERS: http://0.0.0.0:8085 + SCHEMA_REGISTRY_LOG4J_ROOT_LOGLEVEL: INFO + SCHEMA_REGISTRY_KAFKASTORE_SECURITY_PROTOCOL: SASL_PLAINTEXT + SCHEMA_REGISTRY_KAFKASTORE_SASL_MECHANISM: SCRAM-SHA-512 + SCHEMA_REGISTRY_KAFKASTORE_SASL_JAAS_CONFIG: > + org.apache.kafka.common.security.scram.ScramLoginModule required + username="schemaregistry" + password="schemaregistry-secret"; + ports: + - 8085:8085 + depends_on: + - kafka-1 + - kafka-2 + - kafka-3 + + connect: + image: confluentinc/cp-kafka-connect:7.5.1 + environment: + CONNECT_BOOTSTRAP_SERVERS: kafka-1:9092,kafka-2:9092,kafka-3:9092 + CONNECT_REST_PORT: 8083 + CONNECT_REST_LISTENERS: http://0.0.0.0:8083 + CONNECT_REST_ADVERTISED_HOST_NAME: connect + CONNECT_CONFIG_STORAGE_TOPIC: __connect-config + CONNECT_OFFSET_STORAGE_TOPIC: __connect-offsets + CONNECT_STATUS_STORAGE_TOPIC: __connect-status + CONNECT_GROUP_ID: kafka-connect + CONNECT_KEY_CONVERTER_SCHEMAS_ENABLE: "true" + CONNECT_KEY_CONVERTER: io.confluent.connect.avro.AvroConverter + CONNECT_KEY_CONVERTER_SCHEMA_REGISTRY_URL: http://schema-registry:8085 + CONNECT_VALUE_CONVERTER_SCHEMAS_ENABLE: "true" + CONNECT_VALUE_CONVERTER: io.confluent.connect.avro.AvroConverter + CONNECT_VALUE_CONVERTER_SCHEMA_REGISTRY_URL: http://schema-registry:8085 + CONNECT_INTERNAL_KEY_CONVERTER: org.apache.kafka.connect.json.JsonConverter + CONNECT_INTERNAL_VALUE_CONVERTER: org.apache.kafka.connect.json.JsonConverter + CONNECT_OFFSET_STORAGE_REPLICATION_FACTOR: 1 + CONNECT_CONFIG_STORAGE_REPLICATION_FACTOR: 1 + CONNECT_STATUS_STORAGE_REPLICATION_FACTOR: 1 + CONNECT_PLUGIN_PATH: /usr/share/java/ + # Configure the Connect workers to use SASL/PLAIN. + CONNECT_SASL_MECHANISM: SCRAM-SHA-512 + CONNECT_SECURITY_PROTOCOL: SASL_PLAINTEXT + # JAAS + CONNECT_SASL_JAAS_CONFIG: > + org.apache.kafka.common.security.scram.ScramLoginModule required + username="connect" + password="connect-secret"; + # producer + CONNECT_PRODUCER_SASL_MECHANISM: SCRAM-SHA-512 + CONNECT_PRODUCER_SECURITY_PROTOCOL: SASL_PLAINTEXT + CONNECT_PRODUCER_SASL_JAAS_CONFIG: > + org.apache.kafka.common.security.scram.ScramLoginModule required + username="connect" + password="connect-secret"; + # consumer + CONNECT_CONSUMER_SASL_MECHANISM: SCRAM-SHA-512 + CONNECT_CONSUMER_SECURITY_PROTOCOL: SASL_PLAINTEXT + CONNECT_CONSUMER_SASL_JAAS_CONFIG: > + org.apache.kafka.common.security.scram.ScramLoginModule required + username="connect" + password="connect-secret"; + + ports: + - 8083:8083 + depends_on: + - schema-registry + + cli: + image: juplo/toolbox + command: sleep infinity + stop_grace_period: 0s + depends_on: + - kafka-1 + - kafka-2 + - kafka-3 + setup: image: juplo/toolbox - command: > - bash -c " + command: + - bash + - -c + - | + cub kafka-ready -b kafka-1:9091,kafka-2:9091,kafka-3:9091 3 60 > /dev/null 2>&1 || exit 1 if [ -e INITIALIZED ] then echo -n Bereits konfiguriert: cat INITIALIZED - kafka-topics --bootstrap-server kafka:9092 --describe --topic test + kafka-topics --bootstrap-server kafka:9091 --describe --topic test + kafka-topics --bootstrap-server kafka:9091 --describe --topic __CruiseControlMetrics else - kafka-topics --bootstrap-server kafka:9092 \ + kafka-topics --bootstrap-server kafka:9091 \ --delete \ --if-exists \ --topic test - kafka-topics --bootstrap-server kafka:9092 \ + kafka-topics --bootstrap-server kafka:9091 \ --create \ --topic test \ --partitions 2 \ --replication-factor 3 \ --config min.insync.replicas=2 \ && echo Das Topic \'test\' wurde erfolgreich angelegt: \ - && kafka-topics --bootstrap-server kafka:9092 --describe --topic test \ - && date > INITIALIZED - fi - " + && kafka-topics --bootstrap-server kafka:9091 --describe --topic test + kafka-topics --bootstrap-server kafka:9091 \ + --delete \ + --if-exists \ + --topic __CruiseControlMetrics + kafka-topics --bootstrap-server kafka:9091 \ + --create \ + --topic __CruiseControlMetrics \ + --partitions 2 \ + --replication-factor 3 \ + --config min.insync.replicas=2 \ + && echo Das Topic \'__CruiseControlMetrics\' wurde erfolgreich angelegt: \ + && kafka-topics --bootstrap-server kafka:9091 --describe --topic __CruiseControlMetrics + fi \ + && date > INITIALIZED + stop_grace_period: 0s depends_on: - - kafka-1 - - kafka-2 - - kafka-3 + - cli + + zoonavigator: + image: elkozmon/zoonavigator:1.1.2 + ports: + - "8000:80" + environment: + HTTP_PORT: 80 + CONNECTION_JUPLO_NAME: juplo + CONNECTION_JUPLO_CONN: zookeeper:2181 + AUTO_CONNECT_CONNECTION_ID: JUPLO + depends_on: + - zookeeper akhq: image: tchiotludo/akhq:0.23.0 @@ -110,16 +322,61 @@ services: docker-kafka-server: properties: bootstrap.servers: "kafka:9092" + security.protocol: SASL_PLAINTEXT + sasl.mechanism: SCRAM-SHA-512 + sasl.jaas.config: org.apache.kafka.common.security.scram.ScramLoginModule required username="ui" password="ui-secret"; + schema-registry: + url: "http://schema-registry:8085" + connect: + - name: "connect" + url: "http://connect:8083" depends_on: - kafka-1 - kafka-2 - kafka-3 - cli: - image: juplo/toolbox - command: sleep infinity - depends_on: - - setup + producer: + image: juplo/endless-stream-spring-producer:1.0-SNAPSHOT + environment: + producer.throttle-ms: 1 + spring.kafka.bootstrap-servers: kafka-1:9092, kafka-2:9092, kafka-3:9092 + spring.kafka.client-id: producer + spring.kafka.template.default-topic: test + spring.kafka.producer.properties.linger.ms: 100 + spring.kafka.jaas.enabled: "true" + spring.kafka.properties.security.protocol: SASL_PLAINTEXT + spring.kafka.properties.sasl.mechanism: SCRAM-SHA-512 + spring.kafka.properties.sasl.jaas.config: org.apache.kafka.common.security.scram.ScramLoginModule required username="client" password="client-secret"; + + consumer-1: + image: juplo/spring-consumer:1.0-SNAPSHOT + environment: + spring.kafka.bootstrap-servers: kafka-1:9092, kafka-2:9092, kafka-3:9092 + spring.kafka.client-id: consumer-1 + spring.kafka.jaas.enabled: "true" + spring.kafka.properties.security.protocol: SASL_PLAINTEXT + spring.kafka.properties.sasl.mechanism: SCRAM-SHA-512 + spring.kafka.properties.sasl.jaas.config: org.apache.kafka.common.security.scram.ScramLoginModule required username="client" password="client-secret"; + + consumer-2: + image: juplo/spring-consumer:1.0-SNAPSHOT + environment: + spring.kafka.bootstrap-servers: kafka-1:9092, kafka-2:9092, kafka-3:9092 + spring.kafka.client-id: consumer-1 + spring.kafka.jaas.enabled: "true" + spring.kafka.properties.security.protocol: SASL_PLAINTEXT + spring.kafka.properties.sasl.mechanism: SCRAM-SHA-512 + spring.kafka.properties.sasl.jaas.config: org.apache.kafka.common.security.scram.ScramLoginModule required username="client" password="client-secret"; + + consumer-3: + image: juplo/spring-consumer:1.0-SNAPSHOT + environment: + spring.kafka.bootstrap-servers: kafka-1:9092, kafka-2:9092, kafka-3:9092 + spring.kafka.client-id: consumer-1 + spring.kafka.jaas.enabled: "true" + spring.kafka.properties.security.protocol: SASL_PLAINTEXT + spring.kafka.properties.sasl.mechanism: SCRAM-SHA-512 + spring.kafka.properties.sasl.jaas.config: org.apache.kafka.common.security.scram.ScramLoginModule required username="client" password="client-secret"; volumes: zookeeper-data: @@ -127,3 +384,4 @@ volumes: kafka-1-data: kafka-2-data: kafka-3-data: + kafka-4-data: