KAFKA_LOG4J_LOGGERS: kafka.authorizer.logger=INFO
KAFKA_METRIC_REPORTERS: com.linkedin.kafka.cruisecontrol.metricsreporter.CruiseControlMetricsReporter
KAFKA_CRUISE_CONTROL_METRICS_REPORTER_BOOTSTRAP_SERVERS: localhost:9091
- KAFKA_LISTENER_NAME_DOCKER_SASL_ENABLED_MECHANISMS: PLAIN
- KAFKA_LISTENER_NAME_DOCKER_PLAIN_SASL_JAAS_CONFIG: |
- org.apache.kafka.common.security.plain.PlainLoginModule required \
- user_schemaregistry="schemaregistry-secret" \
- user_connect="connect-secret" \
- user_ui="ui-secret" \
- user_client="client-secret";
- KAFKA_LISTENER_NAME_LOCALHOST_SASL_ENABLED_MECHANISMS: PLAIN
- KAFKA_LISTENER_NAME_LOCALHOST_PLAIN_SASL_JAAS_CONFIG: |
- org.apache.kafka.common.security.plain.PlainLoginModule required \
- user_client="client-secret";
+ KAFKA_LISTENER_NAME_DOCKER_SASL_ENABLED_MECHANISMS: SCRAM-SHA-512
+ KAFKA_LISTENER_NAME_DOCKER_SCRAM-SHA-512_SASL_JAAS_CONFIG: org.apache.kafka.common.security.scram.ScramLoginModule required;
+ KAFKA_LISTENER_NAME_LOCALHOST_SASL_ENABLED_MECHANISMS: SCRAM-SHA-512
+ KAFKA_LISTENER_NAME_LOCALHOST_SCRAM-SHA-512_SASL_JAAS_CONFIG: org.apache.kafka.common.security.scram.ScramLoginModule required;
KAFKA_SASL_ENABLED_MECHANISMS: PLAIN, SCRAM-SHA-256, SCRAM-SHA-512
volumes:
- kafka-1-data:/var/lib/kafka/data
KAFKA_LOG4J_LOGGERS: kafka.authorizer.logger=INFO
KAFKA_METRIC_REPORTERS: com.linkedin.kafka.cruisecontrol.metricsreporter.CruiseControlMetricsReporter
KAFKA_CRUISE_CONTROL_METRICS_REPORTER_BOOTSTRAP_SERVERS: localhost:9091
- KAFKA_LISTENER_NAME_DOCKER_SASL_ENABLED_MECHANISMS: PLAIN
- KAFKA_LISTENER_NAME_DOCKER_PLAIN_SASL_JAAS_CONFIG: |
- org.apache.kafka.common.security.plain.PlainLoginModule required \
- user_schemaregistry="schemaregistry-secret" \
- user_connect="connect-secret" \
- user_ui="ui-secret" \
- user_client="client-secret";
- KAFKA_LISTENER_NAME_LOCALHOST_SASL_ENABLED_MECHANISMS: PLAIN
- KAFKA_LISTENER_NAME_LOCALHOST_PLAIN_SASL_JAAS_CONFIG: |
- org.apache.kafka.common.security.plain.PlainLoginModule required \
- user_client="client-secret";
+ KAFKA_LISTENER_NAME_DOCKER_SASL_ENABLED_MECHANISMS: SCRAM-SHA-512
+ KAFKA_LISTENER_NAME_DOCKER_SCRAM-SHA-512_SASL_JAAS_CONFIG: org.apache.kafka.common.security.scram.ScramLoginModule required;
+ KAFKA_LISTENER_NAME_LOCALHOST_SASL_ENABLED_MECHANISMS: SCRAM-SHA-512
+ KAFKA_LISTENER_NAME_LOCALHOST_SCRAM-SHA-512_SASL_JAAS_CONFIG: org.apache.kafka.common.security.scram.ScramLoginModule required;
KAFKA_SASL_ENABLED_MECHANISMS: PLAIN, SCRAM-SHA-256, SCRAM-SHA-512
volumes:
- kafka-2-data:/var/lib/kafka/data
KAFKA_LOG4J_LOGGERS: kafka.authorizer.logger=INFO
KAFKA_METRIC_REPORTERS: com.linkedin.kafka.cruisecontrol.metricsreporter.CruiseControlMetricsReporter
KAFKA_CRUISE_CONTROL_METRICS_REPORTER_BOOTSTRAP_SERVERS: localhost:9091
- KAFKA_LISTENER_NAME_DOCKER_SASL_ENABLED_MECHANISMS: PLAIN
- KAFKA_LISTENER_NAME_DOCKER_PLAIN_SASL_JAAS_CONFIG: |
- org.apache.kafka.common.security.plain.PlainLoginModule required \
- user_schemaregistry="schemaregistry-secret" \
- user_connect="connect-secret" \
- user_ui="ui-secret" \
- user_client="client-secret";
- KAFKA_LISTENER_NAME_LOCALHOST_SASL_ENABLED_MECHANISMS: PLAIN
- KAFKA_LISTENER_NAME_LOCALHOST_PLAIN_SASL_JAAS_CONFIG: |
- org.apache.kafka.common.security.plain.PlainLoginModule required \
- user_client="client-secret";
+ KAFKA_LISTENER_NAME_DOCKER_SASL_ENABLED_MECHANISMS: SCRAM-SHA-512
+ KAFKA_LISTENER_NAME_DOCKER_SCRAM-SHA-512_SASL_JAAS_CONFIG: org.apache.kafka.common.security.scram.ScramLoginModule required;
+ KAFKA_LISTENER_NAME_LOCALHOST_SASL_ENABLED_MECHANISMS: SCRAM-SHA-512
+ KAFKA_LISTENER_NAME_LOCALHOST_SCRAM-SHA-512_SASL_JAAS_CONFIG: org.apache.kafka.common.security.scram.ScramLoginModule required;
KAFKA_SASL_ENABLED_MECHANISMS: PLAIN, SCRAM-SHA-256, SCRAM-SHA-512
volumes:
- kafka-3-data:/var/lib/kafka/data
KAFKA_LOG4J_LOGGERS: kafka.authorizer.logger=INFO
KAFKA_METRIC_REPORTERS: com.linkedin.kafka.cruisecontrol.metricsreporter.CruiseControlMetricsReporter
KAFKA_CRUISE_CONTROL_METRICS_REPORTER_BOOTSTRAP_SERVERS: localhost:9091
- KAFKA_LISTENER_NAME_DOCKER_SASL_ENABLED_MECHANISMS: PLAIN
- KAFKA_LISTENER_NAME_DOCKER_PLAIN_SASL_JAAS_CONFIG: |
- org.apache.kafka.common.security.plain.PlainLoginModule required \
- user_schemaregistry="schemaregistry-secret" \
- user_connect="connect-secret" \
- user_ui="ui-secret" \
- user_client="client-secret";
- KAFKA_LISTENER_NAME_LOCALHOST_SASL_ENABLED_MECHANISMS: PLAIN
- KAFKA_LISTENER_NAME_LOCALHOST_PLAIN_SASL_JAAS_CONFIG: |
- org.apache.kafka.common.security.plain.PlainLoginModule required \
- user_client="client-secret";
+ KAFKA_LISTENER_NAME_DOCKER_SASL_ENABLED_MECHANISMS: SCRAM-SHA-512
+ KAFKA_LISTENER_NAME_DOCKER_SCRAM-SHA-512_SASL_JAAS_CONFIG: org.apache.kafka.common.security.scram.ScramLoginModule required;
+ KAFKA_LISTENER_NAME_LOCALHOST_SASL_ENABLED_MECHANISMS: SCRAM-SHA-512
+ KAFKA_LISTENER_NAME_LOCALHOST_SCRAM-SHA-512_SASL_JAAS_CONFIG: org.apache.kafka.common.security.scram.ScramLoginModule required;
KAFKA_SASL_ENABLED_MECHANISMS: PLAIN, SCRAM-SHA-256, SCRAM-SHA-512
volumes:
- kafka-4-data:/var/lib/kafka/data
SCHEMA_REGISTRY_LISTENERS: http://0.0.0.0:8085
SCHEMA_REGISTRY_LOG4J_ROOT_LOGLEVEL: INFO
SCHEMA_REGISTRY_KAFKASTORE_SECURITY_PROTOCOL: SASL_PLAINTEXT
- SCHEMA_REGISTRY_KAFKASTORE_SASL_MECHANISM: PLAIN
+ SCHEMA_REGISTRY_KAFKASTORE_SASL_MECHANISM: SCRAM-SHA-512
SCHEMA_REGISTRY_KAFKASTORE_SASL_JAAS_CONFIG: >
- org.apache.kafka.common.security.plain.PlainLoginModule
- required
+ org.apache.kafka.common.security.scram.ScramLoginModule required
username="schemaregistry"
password="schemaregistry-secret";
ports:
CONNECT_STATUS_STORAGE_REPLICATION_FACTOR: 1
CONNECT_PLUGIN_PATH: /usr/share/java/
# Configure the Connect workers to use SASL/PLAIN.
- CONNECT_SASL_MECHANISM: PLAIN
+ CONNECT_SASL_MECHANISM: SCRAM-SHA-512
CONNECT_SECURITY_PROTOCOL: SASL_PLAINTEXT
# JAAS
CONNECT_SASL_JAAS_CONFIG: >
- org.apache.kafka.common.security.plain.PlainLoginModule required
+ org.apache.kafka.common.security.scram.ScramLoginModule required
username="connect"
password="connect-secret";
# producer
- CONNECT_PRODUCER_SASL_MECHANISM: PLAIN
+ CONNECT_PRODUCER_SASL_MECHANISM: SCRAM-SHA-512
CONNECT_PRODUCER_SECURITY_PROTOCOL: SASL_PLAINTEXT
CONNECT_PRODUCER_SASL_JAAS_CONFIG: >
- org.apache.kafka.common.security.plain.PlainLoginModule required
+ org.apache.kafka.common.security.scram.ScramLoginModule required
username="connect"
password="connect-secret";
# consumer
- CONNECT_CONSUMER_SASL_MECHANISM: PLAIN
+ CONNECT_CONSUMER_SASL_MECHANISM: SCRAM-SHA-512
CONNECT_CONSUMER_SECURITY_PROTOCOL: SASL_PLAINTEXT
CONNECT_CONSUMER_SASL_JAAS_CONFIG: >
- org.apache.kafka.common.security.plain.PlainLoginModule required
+ org.apache.kafka.common.security.scram.ScramLoginModule required
username="connect"
password="connect-secret";
properties:
bootstrap.servers: "kafka:9092"
security.protocol: SASL_PLAINTEXT
- sasl.mechanism: PLAIN
- sasl.jaas.config: org.apache.kafka.common.security.plain.PlainLoginModule required username="ui" password="ui-secret";
+ sasl.mechanism: SCRAM-SHA-512
+ sasl.jaas.config: org.apache.kafka.common.security.scram.ScramLoginModule required username="ui" password="ui-secret";
schema-registry:
url: "http://schema-registry:8085"
connect:
spring.kafka.producer.properties.linger.ms: 100
spring.kafka.jaas.enabled: "true"
spring.kafka.properties.security.protocol: SASL_PLAINTEXT
- spring.kafka.properties.sasl.mechanism: PLAIN
- spring.kafka.properties.sasl.jaas.config: org.apache.kafka.common.security.plain.PlainLoginModule required username="client" password="client-secret";
+ spring.kafka.properties.sasl.mechanism: SCRAM-SHA-512
+ spring.kafka.properties.sasl.jaas.config: org.apache.kafka.common.security.scram.ScramLoginModule required username="client" password="client-secret";
consumer-1:
image: juplo/spring-consumer:1.0-SNAPSHOT
spring.kafka.client-id: consumer-1
spring.kafka.jaas.enabled: "true"
spring.kafka.properties.security.protocol: SASL_PLAINTEXT
- spring.kafka.properties.sasl.mechanism: PLAIN
- spring.kafka.properties.sasl.jaas.config: org.apache.kafka.common.security.plain.PlainLoginModule required username="client" password="client-secret";
+ spring.kafka.properties.sasl.mechanism: SCRAM-SHA-512
+ spring.kafka.properties.sasl.jaas.config: org.apache.kafka.common.security.scram.ScramLoginModule required username="client" password="client-secret";
consumer-2:
image: juplo/spring-consumer:1.0-SNAPSHOT
spring.kafka.client-id: consumer-2
spring.kafka.jaas.enabled: "true"
spring.kafka.properties.security.protocol: SASL_PLAINTEXT
- spring.kafka.properties.sasl.mechanism: PLAIN
- spring.kafka.properties.sasl.jaas.config: org.apache.kafka.common.security.plain.PlainLoginModule required username="client" password="client-secret";
+ spring.kafka.properties.sasl.mechanism: SCRAM-SHA-512
+ spring.kafka.properties.sasl.jaas.config: org.apache.kafka.common.security.scram.ScramLoginModule required username="client" password="client-secret";
consumer-3:
image: juplo/spring-consumer:1.0-SNAPSHOT
spring.kafka.client-id: consumer-3
spring.kafka.jaas.enabled: "true"
spring.kafka.properties.security.protocol: SASL_PLAINTEXT
- spring.kafka.properties.sasl.mechanism: PLAIN
- spring.kafka.properties.sasl.jaas.config: org.apache.kafka.common.security.plain.PlainLoginModule required username="client" password="client-secret";
+ spring.kafka.properties.sasl.mechanism: SCRAM-SHA-512
+ spring.kafka.properties.sasl.jaas.config: org.apache.kafka.common.security.scram.ScramLoginModule required username="client" password="client-secret";
volumes:
zookeeper-data:
projects / demos / kafka / training / commitdiff