-
Notifications
You must be signed in to change notification settings - Fork 0
/
zk-kafka-single-node-sasl-stack.yml
122 lines (116 loc) · 4.1 KB
/
zk-kafka-single-node-sasl-stack.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
# Copyright 2023 The original authors
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
version: '3.8'
services:
grafana:
image: "grafana/grafana:${GRAFANA_VERSION}"
ports:
- "3000:3000"
environment:
GF_PATHS_DATA : /var/lib/grafana
GF_SECURITY_ADMIN_PASSWORD : kafka
volumes:
- ./grafana/provisioning:/etc/grafana/provisioning
- ./grafana/dashboards:/var/lib/grafana/dashboards
container_name: grafana
depends_on:
- prometheus
networks:
- kafka-platform
prometheus:
image: "prom/prometheus:${PROMETHEUS_VERSION}"
ports:
- "9090:9090"
volumes:
- ./etc/prometheus/prometheus.yml:/etc/prometheus/prometheus.yml
command: "--config.file=/etc/prometheus/prometheus.yml"
container_name: prometheus
networks:
- kafka-platform
jmx-kafka101:
image: "sscaling/jmx-prometheus-exporter"
ports:
- "5556:5556"
environment:
CONFIG_YML : "/etc/jmx_exporter/config.yml"
volumes:
- ./etc/jmx_exporter/config_kafka101.yml:/etc/jmx_exporter/config.yml
container_name: jmx-kafka101
depends_on:
- kafka101
networks:
- kafka-platform
zk1:
image: confluentinc/cp-zookeeper:${CONFLUENT_VERSION}
environment:
ZOOKEEPER_CLIENT_PORT: 2181
ZOOKEEPER_TICK_TIME: 2000
ZOOKEEPER_INIT_LIMIT: 5
ZOOKEEPER_SYNC_LIMIT: 2
#ZOOKEEPER_LOG4J_ROOT_LOGLEVEL: DEBUG
EXTRA_ARGS: -Djava.security.auth.login.config=/etc/kafka/zookeeper_jaas.conf
volumes:
- ./etc/secrets/zookeeper_jaas.conf:/etc/kafka/zookeeper_jaas.conf
- ./etc/zookeeper.properties:/etc/confluent/docker/zookeeper.properties.template
ports:
- "2181:2181"
container_name: zookeeper1
networks:
- kafka-platform
kafka101:
image: confluentinc/cp-kafka:${CONFLUENT_VERSION}
depends_on:
- zk1
ports:
- "9092:9092"
- "9093:9093"
- "9991:9991"
container_name: kafka101
volumes:
- ./etc/secrets/kafka_server_jaas.conf:/etc/kafka/kafka_server_jaas.conf
environment:
KAFKA_BROKER_ID: 101
KAFKA_JMX_PORT: 9991
KAFKA_ZOOKEEPER_CONNECT: zookeeper1:2181
KAFKA_ADVERTISED_LISTENERS: SASL_PLAINTEXT://kafka101:29092,PLAINTEXT_HOST://localhost:9092,SASL_HOST://localhost:9093
KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: SASL_PLAINTEXT:SASL_PLAINTEXT,PLAINTEXT_HOST:PLAINTEXT,SASL_HOST:SASL_PLAINTEXT
KAFKA_INTER_BROKER_LISTENER_NAME: SASL_PLAINTEXT
KAFKA_AUTHORIZER_CLASS_NAME: kafka.security.authorizer.AclAuthorizer
KAFKA_SUPER_USERS: User:kafka
KAFKA_ALLOW_EVERYONE_IF_NO_ACL_FOUND: "true"
KAFKA_SASL_ENABLED_MECHANISMS: SCRAM-SHA-256
KAFKA_SASL_MECHANISM_INTER_BROKER_PROTOCOL: SCRAM-SHA-256
KAFKA_OPTS: -Djava.security.auth.login.config=/etc/kafka/kafka_server_jaas.conf -Dzookeeper.sasl.clientconfig=ZkClient
KAFKA_HEAP_OPTS: ${KAFKA_BROKER_HEAP_OPTS}
KAFKA_LOG4J_LOGGERS: "kafka.authorizer.logger=DEBUG"
#KAFKA_LOG4J_ROOT_LOGLEVEL: DEBUG
#KAFKA_TOOLS_LOG4J_LOGLEVEL: DEBUG
KAFKA_ZOOKEEPER_SET_ACL: "true"
KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1
KAFKA_TRANSACTION_STATE_LOG_REPLICATION_FACTOR: 1
KAFKA_TRANSACTION_STATE_LOG_MIN_ISR: 1
CONFLUENT_METRICS_REPORTER_BOOTSTRAP_SERVERS: kafka101:29092
CONFLUENT_METRICS_REPORTER_ZOOKEEPER_CONNECT: zookeeper1:2181
CONFLUENT_METRICS_REPORTER_TOPIC_REPLICAS: 1
CONFLUENT_METRICS_ENABLE: 'false'
deploy:
resources:
limits:
memory: ${KAFKA_BROKER_MEM_LIMIT}
networks:
- kafka-platform
networks:
kafka-platform:
name: kafka-platform
driver: bridge