-
Notifications
You must be signed in to change notification settings - Fork 64
/
docker-compose-cluster.yml
128 lines (124 loc) · 5.73 KB
/
docker-compose-cluster.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
version: '3'
services:
rabbitmq:
image: 'rabbitmq:3.8.2-management-alpine'
ports:
- '5672:5672'
- '15672:15672'
container_name: 'ziggurat_rabbitmq'
zookeeper:
image: confluentinc/cp-zookeeper:5.5.0
hostname: zookeeper
ports:
- "2181:2181"
environment:
ZOOKEEPER_CLIENT_PORT: 2181
KAFKA_OPTS: "-Djava.security.auth.login.config=/etc/kafka/zookeeper_server_jaas.conf
-Dzookeeper.authProvider.1=org.apache.zookeeper.server.auth.SASLAuthenticationProvider
-Dzookeeper.allowSaslFailedClients=true
-Dzookeeper.requireClientAuthScheme=sasl"
volumes:
- ./zookeeper_server_jaas.conf:/etc/kafka/zookeeper_server_jaas.conf
- /tmp/ziggurat_kafka_cluster_data/zookeeper/data:/data
- /tmp/ziggurat_kafka_cluster_data/zookeeper/datalog:/datalog
kafka1:
image: 'confluentinc/cp-kafka:${CONFLUENT_VERSION}'
cap_add:
- NET_ADMIN
- SYS_ADMIN
hostname: kafka1
ports:
- "9094:9094"
- "9095:9095"
environment:
KAFKA_ADVERTISED_LISTENERS: LISTENER_DOCKER_INTERNAL://kafka1:19094,LISTENER_DOCKER_EXTERNAL://${DOCKER_HOST_IP:-127.0.0.1}:9094,SASL_PLAINTEXT://${DOCKER_HOST_IP:-127.0.0.1}:9095
KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: LISTENER_DOCKER_INTERNAL:PLAINTEXT,LISTENER_DOCKER_EXTERNAL:PLAINTEXT,SASL_PLAINTEXT:SASL_PLAINTEXT
KAFKA_INTER_BROKER_LISTENER_NAME: LISTENER_DOCKER_INTERNAL
KAFKA_ZOOKEEPER_CONNECT: "zookeeper:2181"
KAFKA_ZOOKEEPER_CONNECTION_TIMEOUT_MS: 60000
KAFKA_BROKER_ID: 1
KAFKA_DEFAULT_REPLICATION_FACTOR: 3
KAFKA_NUM_PARTITIONS: 3
KAFKA_SASL_ENABLED_MECHANISMS: SCRAM-SHA-256
KAFKA_SASL_JAAS_CONFIG: "org.apache.kafka.common.security.scram.ScramLoginModule required \
username=\"client\" \
password=\"client-secret\";"
KAFKA_AUTHORIZER_CLASS_NAME: kafka.security.auth.SimpleAclAuthorizer
KAFKA_SUPER_USERS: User:ANONYMOUS;User:admin
KAFKA_ALLOW_EVERYONE_IF_NO_ACL_FOUND: "false"
KAFKA_SECURITY_PROTOCOL: SASL_PLAINTEXT
KAFKA_OPTS: "-Djava.security.auth.login.config=/etc/kafka/secrets/kafka_server_jaas.conf -Dzookeeper.sasl.client=true -Dzookeeper.sasl.clientconfig=Client"
KAFKA_ZOOKEEPER_SET_ACL: "true"
KAFKA_ZOOKEEPER_SASL_ENABLED: "true"
volumes:
- /tmp/ziggurat_kafka_cluster_data/kafka1/data:/var/lib/kafka/data
- ./kafka_server_jaas.conf:/etc/kafka/secrets/kafka_server_jaas.conf
- ./config-admin.properties:/etc/kafka/secrets/config-admin.properties
depends_on:
- zookeeper
kafka2:
image: 'confluentinc/cp-kafka:${CONFLUENT_VERSION}'
cap_add:
- NET_ADMIN
- SYS_ADMIN
hostname: kafka2
ports:
- "9092:9092"
- "9096:9096"
environment:
KAFKA_ADVERTISED_LISTENERS: LISTENER_DOCKER_INTERNAL://kafka2:19092,LISTENER_DOCKER_EXTERNAL://${DOCKER_HOST_IP:-127.0.0.1}:9092,SASL_PLAINTEXT://${DOCKER_HOST_IP:-127.0.0.1}:9096
KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: LISTENER_DOCKER_INTERNAL:PLAINTEXT,LISTENER_DOCKER_EXTERNAL:PLAINTEXT,SASL_PLAINTEXT:SASL_PLAINTEXT
KAFKA_INTER_BROKER_LISTENER_NAME: LISTENER_DOCKER_INTERNAL
KAFKA_ZOOKEEPER_CONNECT: "zookeeper:2181"
KAFKA_ZOOKEEPER_CONNECTION_TIMEOUT_MS: 60000
KAFKA_BROKER_ID: 2
KAFKA_DEFAULT_REPLICATION_FACTOR: 3
KAFKA_NUM_PARTITIONS: 3
KAFKA_SASL_ENABLED_MECHANISMS: SCRAM-SHA-256
KAFKA_SASL_JAAS_CONFIG: "org.apache.kafka.common.security.scram.ScramLoginModule required \
username=\"client\" \
password=\"client-secret\";"
KAFKA_AUTHORIZER_CLASS_NAME: kafka.security.auth.SimpleAclAuthorizer
KAFKA_SUPER_USERS: User:ANONYMOUS;User:admin
KAFKA_ALLOW_EVERYONE_IF_NO_ACL_FOUND: "false"
KAFKA_SECURITY_PROTOCOL: SASL_PLAINTEXT
KAFKA_OPTS: "-Djava.security.auth.login.config=/etc/kafka/secrets/kafka_server_jaas.conf"
volumes:
- /tmp/ziggurat_kafka_cluster_data/kafka2/data:/var/lib/kafka/data
- ./kafka_server_jaas.conf:/etc/kafka/secrets/kafka_server_jaas.conf
- ./config-admin.properties:/etc/kafka/secrets/config-admin.properties
depends_on:
- zookeeper
kafka3:
image: 'confluentinc/cp-kafka:${CONFLUENT_VERSION}'
cap_add:
- NET_ADMIN
- SYS_ADMIN
hostname: kafka3
ports:
- "9093:9093"
- "9097:9097"
environment:
KAFKA_ADVERTISED_LISTENERS: LISTENER_DOCKER_INTERNAL://kafka3:19093,LISTENER_DOCKER_EXTERNAL://${DOCKER_HOST_IP:-127.0.0.1}:9093,SASL_PLAINTEXT://${DOCKER_HOST_IP:-127.0.0.1}:9097
KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: LISTENER_DOCKER_INTERNAL:PLAINTEXT,LISTENER_DOCKER_EXTERNAL:PLAINTEXT,SASL_PLAINTEXT:SASL_PLAINTEXT
KAFKA_INTER_BROKER_LISTENER_NAME: LISTENER_DOCKER_INTERNAL
KAFKA_ZOOKEEPER_CONNECT: "zookeeper:2181"
KAFKA_ZOOKEEPER_CONNECTION_TIMEOUT_MS: 60000
KAFKA_BROKER_ID: 3
KAFKA_DEFAULT_REPLICATION_FACTOR: 3
KAFKA_NUM_PARTITIONS: 3
KAFKA_SASL_ENABLED_MECHANISMS: SCRAM-SHA-256
KAFKA_SASL_JAAS_CONFIG: "org.apache.kafka.common.security.scram.ScramLoginModule required \
username=\"client\" \
password=\"client-secret\";"
KAFKA_AUTHORIZER_CLASS_NAME: kafka.security.auth.SimpleAclAuthorizer
KAFKA_SUPER_USERS: User:ANONYMOUS;User:admin
KAFKA_ALLOW_EVERYONE_IF_NO_ACL_FOUND: "false"
KAFKA_SECURITY_PROTOCOL: SASL_PLAINTEXT
KAFKA_OPTS: "-Djava.security.auth.login.config=/etc/kafka/secrets/kafka_server_jaas.conf"
volumes:
- /tmp/ziggurat_kafka_cluster_data/kafka3/data:/var/lib/kafka/data
- ./kafka_server_jaas.conf:/etc/kafka/secrets/kafka_server_jaas.conf
- ./config-admin.properties:/etc/kafka/secrets/config-admin.properties
depends_on:
- zookeeper