Phase 2: Mit 3 Controllern
authorKai Moritz <kai@juplo.de>
Thu, 17 Apr 2025 20:37:27 +0000 (22:37 +0200)
committerKai Moritz <kai@juplo.de>
Sun, 25 May 2025 21:34:26 +0000 (23:34 +0200)
* Aktualisierung des Setups notwendig:
+
[source]
--
docker compose up setup
--
* Dies genügt hier, weil die `depends_on` entsprechend angepasst wurden

docker-compose.yml

index d92f9b0..582302b 100644 (file)
@@ -14,6 +14,114 @@ services:
       timeout: 0s
       retries: 30
 
+  controller-1:
+    image: confluentinc/cp-kafka:7.9.0
+    environment:
+      CLUSTER_ID: 8e-KqCzwQPqK7EibrzJE5g
+      KAFKA_PROCESS_ROLES: controller
+      KAFKA_NODE_ID: 101
+      KAFKA_CONTROLLER_QUORUM_VOTERS: 101@controller-1:9092,102@controller-2:9092,103@controller-3:9092
+      KAFKA_CONTROLLER_LISTENER_NAMES: CONTROLLER
+      KAFKA_LISTENERS: CONTROLLER://:9092
+      KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: CONTROLLER:SASL_PLAINTEXT
+      KAFKA_ZOOKEEPER_METADATA_MIGRATION_ENABLE: true
+      KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
+      KAFKA_SUPER_USERS: User:controller;User:broker
+      KAFKA_AUTHORIZER_CLASS_NAME: kafka.security.authorizer.AclAuthorizer
+      KAFKA_ALLOW_EVERYONE_IF_NO_ACL_FOUND: "false"
+      KAFKA_LISTENER_NAME_CONTROLLER_PLAIN_SASL_JAAS_CONFIG: >-
+        org.apache.kafka.common.security.plain.PlainLoginModule required
+        user_controller="controller-secret"
+        username="controller"
+        password="controller-secret";
+      KAFKA_SASL_MECHANISM_CONTROLLER_PROTOCOL: PLAIN
+      KAFKA_SASL_ENABLED_MECHANISMS: PLAIN
+      KAFKA_LOG4J_LOGGERS: "org.apache.kafka.metadata.migration=TRACE"
+    volumes:
+      - controller-1-data:/var/lib/kafka/data
+      - ./admin.properties:/mnt/admin.properties:ro
+    healthcheck:
+      test: "echo /dev/tcp/localhost/9092"
+      interval: 1s
+      timeout: 0s
+      retries: 30
+    stop_grace_period: 120s
+    depends_on:
+      zookeeper:
+        condition: service_healthy
+
+  controller-2:
+    image: confluentinc/cp-kafka:7.9.0
+    environment:
+      CLUSTER_ID: 8e-KqCzwQPqK7EibrzJE5g
+      KAFKA_PROCESS_ROLES: controller
+      KAFKA_NODE_ID: 102
+      KAFKA_CONTROLLER_QUORUM_VOTERS: 101@controller-1:9092,102@controller-2:9092,103@controller-3:9092
+      KAFKA_CONTROLLER_LISTENER_NAMES: CONTROLLER
+      KAFKA_LISTENERS: CONTROLLER://:9092
+      KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: CONTROLLER:SASL_PLAINTEXT
+      KAFKA_ZOOKEEPER_METADATA_MIGRATION_ENABLE: true
+      KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
+      KAFKA_SUPER_USERS: User:controller;User:broker
+      KAFKA_AUTHORIZER_CLASS_NAME: kafka.security.authorizer.AclAuthorizer
+      KAFKA_ALLOW_EVERYONE_IF_NO_ACL_FOUND: "false"
+      KAFKA_LISTENER_NAME_CONTROLLER_PLAIN_SASL_JAAS_CONFIG: >-
+        org.apache.kafka.common.security.plain.PlainLoginModule required
+        user_controller="controller-secret"
+        username="controller"
+        password="controller-secret";
+      KAFKA_SASL_MECHANISM_CONTROLLER_PROTOCOL: PLAIN
+      KAFKA_SASL_ENABLED_MECHANISMS: PLAIN
+      KAFKA_LOG4J_LOGGERS: "org.apache.kafka.metadata.migration=TRACE"
+    volumes:
+      - controller-2-data:/var/lib/kafka/data
+      - ./admin.properties:/mnt/admin.properties:ro
+    healthcheck:
+      test: "echo /dev/tcp/localhost/9092"
+      interval: 1s
+      timeout: 0s
+      retries: 30
+    stop_grace_period: 120s
+    depends_on:
+      zookeeper:
+        condition: service_healthy
+
+  controller-3:
+    image: confluentinc/cp-kafka:7.9.0
+    environment:
+      CLUSTER_ID: 8e-KqCzwQPqK7EibrzJE5g
+      KAFKA_PROCESS_ROLES: controller
+      KAFKA_NODE_ID: 103
+      KAFKA_CONTROLLER_QUORUM_VOTERS: 101@controller-1:9092,102@controller-2:9092,103@controller-3:9092
+      KAFKA_CONTROLLER_LISTENER_NAMES: CONTROLLER
+      KAFKA_LISTENERS: CONTROLLER://:9092
+      KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: CONTROLLER:SASL_PLAINTEXT
+      KAFKA_ZOOKEEPER_METADATA_MIGRATION_ENABLE: true
+      KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
+      KAFKA_SUPER_USERS: User:controller;User:broker
+      KAFKA_AUTHORIZER_CLASS_NAME: kafka.security.authorizer.AclAuthorizer
+      KAFKA_ALLOW_EVERYONE_IF_NO_ACL_FOUND: "false"
+      KAFKA_LISTENER_NAME_CONTROLLER_PLAIN_SASL_JAAS_CONFIG: >-
+        org.apache.kafka.common.security.plain.PlainLoginModule required
+        user_controller="controller-secret"
+        username="controller"
+        password="controller-secret";
+      KAFKA_SASL_MECHANISM_CONTROLLER_PROTOCOL: PLAIN
+      KAFKA_SASL_ENABLED_MECHANISMS: PLAIN
+      KAFKA_LOG4J_LOGGERS: "org.apache.kafka.metadata.migration=TRACE"
+    volumes:
+      - controller-3-data:/var/lib/kafka/data
+      - ./admin.properties:/mnt/admin.properties:ro
+    healthcheck:
+      test: "echo /dev/tcp/localhost/9092"
+      interval: 1s
+      timeout: 0s
+      retries: 30
+    stop_grace_period: 120s
+    depends_on:
+      zookeeper:
+        condition: service_healthy
+
   kafka-1:
     image: confluentinc/cp-kafka:7.9.0
     environment:
@@ -308,6 +416,9 @@ services:
 volumes:
   zookeeper-data:
   zookeeper-log:
+  controller-1-data:
+  controller-2-data:
+  controller-3-data:
   kafka-1-data:
   kafka-2-data:
   kafka-3-data: