From db49eee25689e36549ba2c11c04452d4360f57cb Mon Sep 17 00:00:00 2001 From: Kai Moritz Date: Sun, 27 Apr 2025 12:34:07 +0200 Subject: [PATCH] WIP:sasl-client --- README.sh | 20 ++++++++++++++++++++ client.properties | 5 +++++ docker-compose.yml | 25 ++++++++++++++++++++++++- 3 files changed, 49 insertions(+), 1 deletion(-) create mode 100755 README.sh create mode 100644 client.properties diff --git a/README.sh b/README.sh new file mode 100755 index 0000000..accfe4a --- /dev/null +++ b/README.sh @@ -0,0 +1,20 @@ +#!/bin/bash + +docker compose up -d zookeeper +sleep 10 +docker compose exec zookeeper zookeeper-shell zookeeper:2181 create /cluster +docker compose exec zookeeper zookeeper-shell zookeeper:2181 create /cluster/id +docker compose exec zookeeper zookeeper-shell zookeeper:2181 set /cluster/id '{"version":"1","id":"8e-KqCzwQPqK7EibrzJE5g"}' +docker compose exec zookeeper zookeeper-shell zookeeper:2181 get /cluster/id + +docker compose up -d producer consumer +docker compose up setup + +# client +docker-compose -f docker/docker-compose.yml exec cli kafka-acls \ + --authorizer-properties zookeeper.connect=zookeeper \ + --add \ + --allow-principal User:client \ + --topic test \ + --consumer --group=my-group \ + --producer diff --git a/client.properties b/client.properties new file mode 100644 index 0000000..356f041 --- /dev/null +++ b/client.properties @@ -0,0 +1,5 @@ +sasl.mechanism=PLAIN +security.protocol=SASL_PLAINTEXT +sasl.jaas.config=org.apache.kafka.common.security.plain.PlainLoginModule required \ + username="client" \ + password="geheim"; diff --git a/docker-compose.yml b/docker-compose.yml index 6c5e27a..e6c6534 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -27,6 +27,7 @@ services: KAFKA_LISTENER_NAME_BROKER_PLAIN_SASL_JAAS_CONFIG: | org.apache.kafka.common.security.plain.PlainLoginModule required \ user_broker="geheim" \ + user_client="geheim" \ username="broker" \ password="geheim"; \ KAFKA_SASL_MECHANISM_INTER_BROKER_PROTOCOL: PLAIN @@ -113,6 +114,8 @@ services: cli: image: juplo/toolbox command: sleep infinity + volumes: + - ./client.properties:/mnt/client.properties:ro stop_grace_period: 0s depends_on: - kafka-1 @@ -121,6 +124,8 @@ services: setup: image: juplo/toolbox + volumes: + - ./client.properties:/mnt/client.properties:ro command: - bash - -c @@ -133,17 +138,19 @@ services: kafka-topics --bootstrap-server kafka:9092 --describe --topic test else kafka-topics --bootstrap-server kafka:9092 \ + --command-config /mnt/client.properties \ --delete \ --if-exists \ --topic test kafka-topics --bootstrap-server kafka:9092 \ + --command-config /mnt/client.properties \ --create \ --topic test \ --partitions 2 \ --replication-factor 3 \ --config min.insync.replicas=2 \ && echo Das Topic \'test\' wurde erfolgreich angelegt: \ - && kafka-topics --bootstrap-server kafka:9092 --describe --topic test \ + && kafka-topics --bootstrap-server kafka:9092 --command-config /mnt/client.properties --describe --topic test \ && date > INITIALIZED fi stop_grace_period: 0s @@ -176,6 +183,10 @@ services: environment: spring.kafka.bootstrap-servers: kafka-1:9092,kafka-2:9092,kafka-3:9092 spring.kafka.client-id: producer + spring.kafka.jaas.enabled: "true" + spring.kafka.properties.security.protocol: SASL_PLAINTEXT + spring.kafka.properties.sasl.mechanism: PLAIN + spring.kafka.properties.sasl.jaas.config: org.apache.kafka.common.security.plain.PlainLoginModule required username="client" password="geheim"; juplo.producer.topic: test consumer: @@ -183,6 +194,10 @@ services: environment: spring.kafka.bootstrap-servers: kafka-1:9092,kafka-2:9092,kafka-3:9092 spring.kafka.client-id: consumer + spring.kafka.jaas.enabled: "true" + spring.kafka.properties.security.protocol: SASL_PLAINTEXT + spring.kafka.properties.sasl.mechanism: PLAIN + spring.kafka.properties.sasl.jaas.config: org.apache.kafka.common.security.plain.PlainLoginModule required username="client" password="geheim"; spring.kafka.consumer.auto-offset-reset: earliest logging.level.org.apache.kafka.clients.consumer: INFO juplo.consumer.topic: test @@ -192,6 +207,10 @@ services: environment: spring.kafka.bootstrap-servers: kafka-1:9092,kafka-2:9092,kafka-3:9092 spring.kafka.client-id: peter + spring.kafka.jaas.enabled: "true" + spring.kafka.properties.security.protocol: SASL_PLAINTEXT + spring.kafka.properties.sasl.mechanism: PLAIN + spring.kafka.properties.sasl.jaas.config: org.apache.kafka.common.security.plain.PlainLoginModule required username="client" password="geheim"; spring.kafka.consumer.auto-offset-reset: earliest logging.level.org.apache.kafka.clients.consumer: INFO juplo.consumer.topic: test @@ -201,6 +220,10 @@ services: environment: spring.kafka.bootstrap-servers: kafka-1:9092,kafka-2:9092,kafka-3:9092 spring.kafka.client-id: ute + spring.kafka.jaas.enabled: "true" + spring.kafka.properties.security.protocol: SASL_PLAINTEXT + spring.kafka.properties.sasl.mechanism: PLAIN + spring.kafka.properties.sasl.jaas.config: org.apache.kafka.common.security.plain.PlainLoginModule required username="client" password="geheim"; spring.kafka.consumer.auto-offset-reset: earliest logging.level.org.apache.kafka.clients.consumer: INFO juplo.consumer.topic: test -- 2.20.1