docker-compose创建kafka支持SASL_PLAINTEXT_kafka配置sasl_plaintext认证在docker-compose

clientPort=2181

the maximum number of client connections.

increase this if you need to handle more clients

#maxClientCnxns=60

Be sure to read the maintenance section of the

administrator guide before turning on autopurge.

http://zookeeper.apache.org/doc/current/zookeeperAdmin.html#sc_maintenance

The number of snapshots to retain in dataDir

autopurge.snapRetainCount=3

Purge task interval in hours

Set to “0” to disable auto purge feature

autopurge.purgeInterval=1
authProvider.1=org.apache.zookeeper.server.auth.SASLAuthenticationProvider
requireClientAuthScheme=sasl
jaasLoginRenew=3600000
zookeeper.sasl.client=true
EOF

3 create file server_jaas.conf

cat > conf/server_jaas.conf <<-“EOF”
Client {
org.apache.zookeeper.server.auth.DigestLoginModule required
username=“admin”
password=“12345678”;
};
Server {
org.apache.zookeeper.server.auth.DigestLoginModule required
username=“admin”
password=“12345678”
user_super=“12345678”
user_admin=“12345678”;
};
KafkaServer {
org.apache.kafka.common.security.plain.PlainLoginModule required
username=“admin”
password=“12345678”
user_admin=“12345678”;
};
KafkaClient {
org.apache.kafka.common.security.plain.PlainLoginModule required
username=“admin”
password=“12345678”;
};
EOF

4 create file .env

cat > .env <<-“EOF”
HOSTIP=10.10.10.1
KAFKA_PORT=9092
EOF

5 create file docker-compose.yaml

cat > docker-compose.yml <<-“EOF”
name: “P1”
version: “3”
networks:
net:
driver: bridge

services:
zookeeper_sasl:
image: wurstmeister/zookeeper
networks:
- net
restart: always
environment:
SERVER_JVMFLAGS: ‘-Djava.security.auth.login.config=/opt/zookeeper-3.4.13/secrets/server_jaas.conf’
volumes:
- ./conf/zoo.cfg:/opt/zookeeper-3.4.13/conf/zoo.cfg
- ./conf/server_jaas.conf:/opt/zookeeper-3.4.13/secrets/server_jaas.conf
ports:
- “2181:2181”
deploy:
resources:
limits:
cpus: ‘4’
memory: 4G
reservations:
cpus: ‘0.5’
memory: 200M

kafka_sasl:
image: wurstmeister/kafka
networks:
- net
restart: always
environment:
KAFKA_OPTS: ‘-Djava.security.auth.login.config=/opt/kafka/secrets/server_jaas.conf’
KAFKA_BROKER_ID: 0
KAFKA_ADVERTISED_LISTENERS: SASL_PLAINTEXT://HOSTIP:{HOSTIP}:HOSTIP:{KAFKA_PORT}
KAFKA_ADVERTISED_PORT: KAFKAPORTKAFKALISTENERS:SASLPLAINTEXT://0.0.0.0:{KAFKA_PORT} KAFKA_LISTENERS: SASL_PLAINTEXT://0.0.0.0:KAFKAPORTKAFKALISTENERS:SASLPLAINTEXT://0.0.0.0:{KAFKA_PORT}
KAFKA_SECURITY_INTER_BROKER_PROTOCOL: SASL_PLAINTEXT
KAFKA_PORT: KAFKAPORTKAFKASASLMECHANISMINTERBROKERPROTOCOL:PLAINKAFKASASLENABLEDMECHANISMS:PLAINKAFKAAUTHORIZERCLASSNAME:kafka.security.auth.SimpleAclAuthorizerKAFKASUPERUSERS:User:adminKAFKAALLOWEVERYONEIFNOACLFOUND:falseKAFKAZOOKEEPERCONNECT:′zookeepersasl:2181′KAFKAOFFSETSTOPICREPLICATIONFACTOR:1KAFKAGROUPINITIALREBALANCEDELAYMS:0volumes:−./conf/serverjaas.conf:/opt/kafka/secrets/serverjaas.confports:−"{KAFKA_PORT} KAFKA_SASL_MECHANISM_INTER_BROKER_PROTOCOL: PLAIN KAFKA_SASL_ENABLED_MECHANISMS: PLAIN KAFKA_AUTHORIZER_CLASS_NAME: kafka.security.auth.SimpleAclAuthorizer KAFKA_SUPER_USERS: User:admin KAFKA_ALLOW_EVERYONE_IF_NO_ACL_FOUND: false KAFKA_ZOOKEEPER_CONNECT: 'zookeeper_sasl:2181' KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1 KAFKA_GROUP_INITIAL_REBALANCE_DELAY_MS: 0 volumes: - ./conf/server_jaas.conf:/opt/kafka/secrets/server_jaas.conf ports: - "KAFKAPORTKAFKASASLMECHANISMINTERBROKERPROTOCOL:PLAINKAFKASASLENABLEDMECHANISMS:PLAINKAFKAAUTHORIZERCLASSNAME:kafka.security.auth.SimpleAclAuthorizerKAFKASUPERUSERS:User:adminKAFKAALLOWEVERYONEIFNOACLFOUND:falseKAFKAZOOKEEPERCONNECT:zookeepersasl:2181KAFKAOFFSETSTOPICREPLICATIONFACTOR:1KAFKAGROUPINITIALREBALANCEDELAYMS:0volumes:./conf/serverjaas.conf:/opt/kafka/secrets/serverjaas.confports:"{KAFKA_PORT}😒{KAFKA_PORT}"
deploy:
resources:
limits:
cpus: ‘4’
memory: 4G
reservations:
cpus: ‘0.5’
memory: 200M
depends_on:
- zookeeper_sasl

评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值