environment:
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
KAFKA_LISTENERS: BROKER://:9091, DOCKER://:9092, LOCALHOST://:9081
- KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: BROKER:PLAINTEXT, DOCKER:PLAINTEXT, LOCALHOST:PLAINTEXT
+ KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: BROKER:PLAINTEXT, DOCKER:SASL_PLAINTEXT, LOCALHOST:SASL_PLAINTEXT
KAFKA_ADVERTISED_LISTENERS: BROKER://kafka-1:9091, DOCKER://kafka-1:9092, LOCALHOST://localhost:9081
KAFKA_BROKER_ID: 1
KAFKA_INTER_BROKER_LISTENER_NAME: BROKER
-Dcom.sun.management.jmxremote.port=9101
-Dcom.sun.management.jmxremote.authenticate=false
KAFKA_METRIC_REPORTERS: com.linkedin.kafka.cruisecontrol.metricsreporter.CruiseControlMetricsReporter
- KAFKA_CRUISE_CONTROL_METRICS_REPORTER_BOOTSTRAP_SERVERS: localhost:9092
+ KAFKA_CRUISE_CONTROL_METRICS_REPORTER_BOOTSTRAP_SERVERS: localhost:9091
+ KAFKA_LISTENER_NAME_DOCKER_SASL_ENABLED_MECHANISMS: PLAIN
+ KAFKA_LISTENER_NAME_DOCKER_PLAIN_SASL_JAAS_CONFIG: |
+ org.apache.kafka.common.security.plain.PlainLoginModule required \
+ user_schemaregistry="schemaregistry-secret" \
+ user_connect="connect-secret" \
+ user_client="client-secret";
+ KAFKA_LISTENER_NAME_LOCALHOST_SASL_ENABLED_MECHANISMS: PLAIN
+ KAFKA_LISTENER_NAME_LOCALHOST_PLAIN_SASL_JAAS_CONFIG: |
+ org.apache.kafka.common.security.plain.PlainLoginModule required \
+ user_client="client-secret";
+ KAFKA_INTER_BROKER_LISTENER_NAME: BROKER
+ KAFKA_SASL_ENABLED_MECHANISMS: PLAIN, SCRAM-SHA-256, SCRAM-SHA-512
volumes:
- ./jmx-exporter.yml:/etc/jmx-exporter.yml:ro
- ./cruise-control-metrics-reporter.jar:/usr/share/java/kafka/cruise-control-metrics-reporter.jar:ro
environment:
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
KAFKA_LISTENERS: BROKER://:9091, DOCKER://:9092, LOCALHOST://:9082
- KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: BROKER:PLAINTEXT, DOCKER:PLAINTEXT, LOCALHOST:PLAINTEXT
+ KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: BROKER:PLAINTEXT, DOCKER:SASL_PLAINTEXT, LOCALHOST:SASL_PLAINTEXT
KAFKA_ADVERTISED_LISTENERS: BROKER://kafka-2:9091, DOCKER://kafka-2:9092, LOCALHOST://localhost:9082
KAFKA_BROKER_ID: 2
KAFKA_INTER_BROKER_LISTENER_NAME: BROKER
-Dcom.sun.management.jmxremote.port=9101
-Dcom.sun.management.jmxremote.authenticate=false
KAFKA_METRIC_REPORTERS: com.linkedin.kafka.cruisecontrol.metricsreporter.CruiseControlMetricsReporter
- KAFKA_CRUISE_CONTROL_METRICS_REPORTER_BOOTSTRAP_SERVERS: localhost:9092
+ KAFKA_CRUISE_CONTROL_METRICS_REPORTER_BOOTSTRAP_SERVERS: localhost:9091
+ KAFKA_LISTENER_NAME_DOCKER_SASL_ENABLED_MECHANISMS: PLAIN
+ KAFKA_LISTENER_NAME_DOCKER_PLAIN_SASL_JAAS_CONFIG: |
+ org.apache.kafka.common.security.plain.PlainLoginModule required \
+ user_schemaregistry="schemaregistry-secret" \
+ user_connect="connect-secret" \
+ user_client="client-secret";
+ KAFKA_LISTENER_NAME_LOCALHOST_SASL_ENABLED_MECHANISMS: PLAIN
+ KAFKA_LISTENER_NAME_LOCALHOST_PLAIN_SASL_JAAS_CONFIG: |
+ org.apache.kafka.common.security.plain.PlainLoginModule required \
+ user_client="client-secret";
+ KAFKA_INTER_BROKER_LISTENER_NAME: BROKER
+ KAFKA_SASL_ENABLED_MECHANISMS: PLAIN, SCRAM-SHA-256, SCRAM-SHA-512
volumes:
- ./jmx-exporter.yml:/etc/jmx-exporter.yml:ro
- ./cruise-control-metrics-reporter.jar:/usr/share/java/kafka/cruise-control-metrics-reporter.jar:ro
environment:
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
KAFKA_LISTENERS: BROKER://:9091, DOCKER://:9092, LOCALHOST://:9083
- KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: BROKER:PLAINTEXT, DOCKER:PLAINTEXT, LOCALHOST:PLAINTEXT
+ KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: BROKER:PLAINTEXT, DOCKER:SASL_PLAINTEXT, LOCALHOST:SASL_PLAINTEXT
KAFKA_ADVERTISED_LISTENERS: BROKER://kafka-3:9091, DOCKER://kafka-3:9092, LOCALHOST://localhost:9083
KAFKA_BROKER_ID: 3
KAFKA_INTER_BROKER_LISTENER_NAME: BROKER
-Dcom.sun.management.jmxremote.port=9101
-Dcom.sun.management.jmxremote.authenticate=false
KAFKA_METRIC_REPORTERS: com.linkedin.kafka.cruisecontrol.metricsreporter.CruiseControlMetricsReporter
- KAFKA_CRUISE_CONTROL_METRICS_REPORTER_BOOTSTRAP_SERVERS: localhost:9092
+ KAFKA_CRUISE_CONTROL_METRICS_REPORTER_BOOTSTRAP_SERVERS: localhost:9091
+ KAFKA_LISTENER_NAME_DOCKER_SASL_ENABLED_MECHANISMS: PLAIN
+ KAFKA_LISTENER_NAME_DOCKER_PLAIN_SASL_JAAS_CONFIG: |
+ org.apache.kafka.common.security.plain.PlainLoginModule required \
+ user_schemaregistry="schemaregistry-secret" \
+ user_connect="connect-secret" \
+ user_client="client-secret";
+ KAFKA_LISTENER_NAME_LOCALHOST_SASL_ENABLED_MECHANISMS: PLAIN
+ KAFKA_LISTENER_NAME_LOCALHOST_PLAIN_SASL_JAAS_CONFIG: |
+ org.apache.kafka.common.security.plain.PlainLoginModule required \
+ user_client="client-secret";
+ KAFKA_INTER_BROKER_LISTENER_NAME: BROKER
+ KAFKA_SASL_ENABLED_MECHANISMS: PLAIN, SCRAM-SHA-256, SCRAM-SHA-512
volumes:
- ./jmx-exporter.yml:/etc/jmx-exporter.yml:ro
- ./cruise-control-metrics-reporter.jar:/usr/share/java/kafka/cruise-control-metrics-reporter.jar:ro
environment:
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
KAFKA_LISTENERS: BROKER://:9091, DOCKER://:9092, LOCALHOST://:9084
- KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: BROKER:PLAINTEXT, DOCKER:PLAINTEXT, LOCALHOST:PLAINTEXT
+ KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: BROKER:PLAINTEXT, DOCKER:SASL_PLAINTEXT, LOCALHOST:SASL_PLAINTEXT
KAFKA_ADVERTISED_LISTENERS: BROKER://kafka-4:9091, DOCKER://kafka-4:9092, LOCALHOST://localhost:9084
KAFKA_BROKER_ID: 4
KAFKA_INTER_BROKER_LISTENER_NAME: BROKER
-Dcom.sun.management.jmxremote.port=9101
-Dcom.sun.management.jmxremote.authenticate=false
KAFKA_METRIC_REPORTERS: com.linkedin.kafka.cruisecontrol.metricsreporter.CruiseControlMetricsReporter
- KAFKA_CRUISE_CONTROL_METRICS_REPORTER_BOOTSTRAP_SERVERS: localhost:9092
+ KAFKA_CRUISE_CONTROL_METRICS_REPORTER_BOOTSTRAP_SERVERS: localhost:9091
+ KAFKA_LISTENER_NAME_DOCKER_SASL_ENABLED_MECHANISMS: PLAIN
+ KAFKA_LISTENER_NAME_DOCKER_PLAIN_SASL_JAAS_CONFIG: |
+ org.apache.kafka.common.security.plain.PlainLoginModule required \
+ user_schemaregistry="schemaregistry-secret" \
+ user_connect="connect-secret" \
+ user_client="client-secret";
+ KAFKA_LISTENER_NAME_LOCALHOST_SASL_ENABLED_MECHANISMS: PLAIN
+ KAFKA_LISTENER_NAME_LOCALHOST_PLAIN_SASL_JAAS_CONFIG: |
+ org.apache.kafka.common.security.plain.PlainLoginModule required \
+ user_client="client-secret";
+ KAFKA_INTER_BROKER_LISTENER_NAME: BROKER
+ KAFKA_SASL_ENABLED_MECHANISMS: PLAIN, SCRAM-SHA-256, SCRAM-SHA-512
volumes:
- ./jmx-exporter.yml:/etc/jmx-exporter.yml:ro
- ./cruise-control-metrics-reporter.jar:/usr/share/java/kafka/cruise-control-metrics-reporter.jar:ro
schema-registry:
image: confluentinc/cp-schema-registry:7.5.1
environment:
- SCHEMA_REGISTRY_KAFKASTORE_BOOTSTRAP_SERVERS: kafka-1:9091,kafka-2:9091,kafka-3:9091
+ SCHEMA_REGISTRY_KAFKASTORE_BOOTSTRAP_SERVERS: kafka-1:9092,kafka-2:9092,kafka-3:9092
SCHEMA_REGISTRY_HOST_NAME: schema-registry
SCHEMA_REGISTRY_LISTENERS: http://0.0.0.0:8085
SCHEMA_REGISTRY_LOG4J_ROOT_LOGLEVEL: INFO
+ SCHEMA_REGISTRY_KAFKASTORE_SECURITY_PROTOCOL: SASL_PLAINTEXT
+ SCHEMA_REGISTRY_KAFKASTORE_SASL_MECHANISM: PLAIN
+ SCHEMA_REGISTRY_KAFKASTORE_SASL_JAAS_CONFIG: >
+ org.apache.kafka.common.security.plain.PlainLoginModule
+ required
+ username="schemaregistry"
+ password="schemaregistry-secret";
ports:
- 8085:8085
depends_on: