We use cookies to ensure you get the best experience on our website
Home Explore Help
Register Sign In
0ct0pu5
/
kafka-ui
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: c1d9f0183d
Branches Tags
kafka-ui
/
documentation
/
compose
/
kafka-ssl.yml

kafka-ssl.yml 2.2 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061 
  1. ---
    2. 

  2. version: '3.4'
    3. 

  3. services:
    4. 

  4.   kafka-ui:
    5. 

  5.     container_name: kafka-ui
    6. 

  6.     image: provectuslabs/kafka-ui:latest
    7. 

  7.     ports:
    8. 

  8.       - 8080:8080
    9. 

  9.     depends_on:
    10. 

  10.       - zookeeper0
    11. 

  11.       - kafka0
    12. 

  12.     environment:
    13. 

  13.       KAFKA_CLUSTERS_0_NAME: local
    14. 

  14.       KAFKA_CLUSTERS_0_PROPERTIES_SECURITY_PROTOCOL: SSL
    15. 

  15.       KAFKA_CLUSTERS_0_BOOTSTRAPSERVERS: kafka0:29092 # SSL LISTENER!
    16. 

  16.       KAFKA_CLUSTERS_0_ZOOKEEPER: zookeeper0:2181
    17. 

  17.       KAFKA_CLUSTERS_0_PROPERTIES_SSL_TRUSTSTORE_LOCATION: /kafka.truststore.jks
    18. 

  18.       KAFKA_CLUSTERS_0_PROPERTIES_SSL_TRUSTSTORE_PASSWORD: secret
    19. 

  19.       KAFKA_CLUSTERS_0_PROPERTIES_SSL_KEYSTORE_LOCATION: /kafka.keystore.jks
    20. 

  20.       KAFKA_CLUSTERS_0_PROPERTIES_SSL_KEYSTORE_PASSWORD: secret
    21. 

  21.       KAFKA_CLUSTERS_0_PROPERTIES_SSL_ENDPOINT_IDENTIFICATION_ALGORITHM: '' # DISABLE COMMON NAME VERIFICATION
    22. 

  22.     volumes:
    23. 

  23.       - ./ssl/kafka.truststore.jks:/kafka.truststore.jks
    24. 

  24.       - ./ssl/kafka.keystore.jks:/kafka.keystore.jks
    25. 

  25. 

  26.   zookeeper0:
    27. 

  27.     image: confluentinc/cp-zookeeper:6.0.1
    28. 

  28.     environment:
    29. 

  29.       ZOOKEEPER_CLIENT_PORT: 2181
    30. 

  30.       ZOOKEEPER_TICK_TIME: 2000
    31. 

  31.     ports:
    32. 

  32.       - 2181:2181
    33. 

  33. 

  34.   kafka0:
    35. 

  35.     image: confluentinc/cp-kafka:6.0.1
    36. 

  36.     hostname: kafka0
    37. 

  37.     depends_on:
    38. 

  38.       - zookeeper0
    39. 

  39.     ports:
    40. 

  40.       - '9092:9092'
    41. 

  41.     environment:
    42. 

  42.       KAFKA_BROKER_ID: 1
    43. 

  43.       KAFKA_ZOOKEEPER_CONNECT: zookeeper0:2181
    44. 

  44.       KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1
    45. 

  45.       KAFKA_ADVERTISED_LISTENERS: SSL://kafka0:29092,PLAINTEXT_HOST://localhost:9092
    46. 

  46.       KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: SSL:SSL,PLAINTEXT_HOST:PLAINTEXT
    47. 

  47.       KAFKA_INTER_BROKER_LISTENER_NAME: SSL
    48. 

  48.       KAFKA_SECURITY_PROTOCOL: SSL
    49. 

  49.       KAFKA_SSL_ENABLED_MECHANISMS: PLAIN,SSL
    50. 

  50.       KAFKA_SSL_KEYSTORE_FILENAME: kafka.keystore.jks
    51. 

  51.       KAFKA_SSL_KEYSTORE_CREDENTIALS: creds
    52. 

  52.       KAFKA_SSL_KEY_CREDENTIALS: creds
    53. 

  53.       KAFKA_SSL_TRUSTSTORE_FILENAME: kafka.truststore.jks
    54. 

  54.       KAFKA_SSL_TRUSTSTORE_CREDENTIALS: creds
    55. 

  55.       #KAFKA_SSL_CLIENT_AUTH: 'required'
    56. 

  56.       KAFKA_SSL_CLIENT_AUTH: 'requested'
    57. 

  57.       KAFKA_SSL_ENDPOINT_IDENTIFICATION_ALGORITHM: '' # COMMON NAME VERIFICATION IS DISABLED SERVER-SIDE
    58. 

  58.     volumes:
    59. 

  59.       - ./ssl/creds:/etc/kafka/secrets/creds
    60. 

  60.       - ./ssl/kafka.truststore.jks:/etc/kafka/secrets/kafka.truststore.jks
    61. 

  61.       - ./ssl/kafka.keystore.jks:/etc/kafka/secrets/kafka.keystore.jks
    62.

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5