WIP

author Kai Moritz <kai@juplo.de>

Thu, 24 Apr 2025 13:57:29 +0000 (15:57 +0200)

committer Kai Moritz <kai@juplo.de>

Sat, 26 Apr 2025 08:48:06 +0000 (10:48 +0200)
author Kai Moritz <kai@juplo.de>
Thu, 24 Apr 2025 13:57:29 +0000 (15:57 +0200)
committer Kai Moritz <kai@juplo.de>
Sat, 26 Apr 2025 08:48:06 +0000 (10:48 +0200)
diff --git a/docker-compose.yml b/docker-compose.yml

index 93bd7ad..03e3e45 100644 (file)
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -14,12 +14,25 @@ services:
      environment:
        KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
        KAFKA_LISTENERS: BROKER://:9091, DOCKER://:9092, LOCALHOST://:9081
-      KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: BROKER:PLAINTEXT, DOCKER:PLAINTEXT, LOCALHOST:PLAINTEXT
+      KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: BROKER:SASL_PLAINTEXT, DOCKER:PLAINTEXT, LOCALHOST:PLAINTEXT
        KAFKA_ADVERTISED_LISTENERS: BROKER://kafka-1:9091, DOCKER://kafka-1:9092, LOCALHOST://localhost:9081
        KAFKA_BROKER_ID: 1
        KAFKA_INTER_BROKER_LISTENER_NAME: BROKER
        KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 3
        KAFKA_AUTO_CREATE_TOPICS_ENABLE: "false"
+      KAFKA_AUTHORIZER_CLASS_NAME: kafka.security.authorizer.AclAuthorizer
+      KAFKA_ALLOW_EVERYONE_IF_NO_ACL_FOUND: "true"
+      KAFKA_LISTENER_NAME_BROKER_ENABLED_MECHANISMS: PLAIN
+      KAFKA_LISTENER_NAME_BROKER_PLAIN_SASL_JAAS_CONFIG: >-
+        KafkaServer {
+          org.apache.kafka.common.security.plain.PlainLoginModule
+            required
+            user_broker="geheim"
+            username="broker"
+            password="geheim";
+        };
+      KAFKA_SASL_MECHANISM_INTER_BROKER_PROTOCOL: PLAIN
+      KAFKA_SASL_ENABLED_MECHANISMS: PLAIN, SCRAM-SHA-256, SCRAM-SHA-512
        KAFKA_LOG_RETENTION_CHECK_INTERVAL_MS: 1000
        KAFKA_LOG4J_LOGGERS: "org.apache.kafka.metadata.migration=TRACE"
      volumes:
@@ -35,7 +48,7 @@ services:
      environment:
        KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
        KAFKA_LISTENERS: BROKER://:9091, DOCKER://:9092, LOCALHOST://:9082
-      KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: BROKER:PLAINTEXT, DOCKER:PLAINTEXT, LOCALHOST:PLAINTEXT
+      KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: BROKER:SASL_PLAINTEXT, DOCKER:PLAINTEXT, LOCALHOST:PLAINTEXT
        KAFKA_ADVERTISED_LISTENERS: BROKER://kafka-2:9091, DOCKER://kafka-2:9092, LOCALHOST://localhost:9082
        KAFKA_BROKER_ID: 2
        KAFKA_INTER_BROKER_LISTENER_NAME: BROKER
@@ -61,7 +74,7 @@ services:
      environment:
        KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
        KAFKA_LISTENERS: BROKER://:9091, DOCKER://:9092, LOCALHOST://:9083
-      KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: BROKER:PLAINTEXT, DOCKER:PLAINTEXT, LOCALHOST:PLAINTEXT
+      KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: BROKER:SASL_PLAINTEXT, DOCKER:PLAINTEXT, LOCALHOST:PLAINTEXT
        KAFKA_ADVERTISED_LISTENERS: BROKER://kafka-3:9091, DOCKER://kafka-3:9092, LOCALHOST://localhost:9083
        KAFKA_BROKER_ID: 3
        KAFKA_INTER_BROKER_LISTENER_NAME: BROKER
author	Kai Moritz <kai@juplo.de>
	Thu, 24 Apr 2025 13:57:29 +0000 (15:57 +0200)
committer	Kai Moritz <kai@juplo.de>
	Sat, 26 Apr 2025 08:48:06 +0000 (10:48 +0200)