We use cookies to ensure you get the best experience on our website
Home Explore Help
Register Sign In
0ct0pu5
/
kafka-ui
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: partitions_reassignment
Branches Tags
kafka-ui
/
documentation
/
compose
/
kafka-ssl-components.yaml

kafka-ssl-components.yaml 6.7 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144 
  1. ---
    2. 

  2. version: '3.4'
    3. 

  3. services:
    4. 

  4.   kafka-ui:
    5. 

  5.     container_name: kafka-ui
    6. 

  6.     image: provectuslabs/kafka-ui:latest
    7. 

  7.     ports:
    8. 

  8.       - 8080:8080
    9. 

  9.     depends_on:
    10. 

  10.       - kafka0
    11. 

  11.       - schemaregistry0
    12. 

  12.       - kafka-connect0
    13. 

  13.     environment:
    14. 

  14.       KAFKA_CLUSTERS_0_NAME: local
    15. 

  15.       KAFKA_CLUSTERS_0_PROPERTIES_SECURITY_PROTOCOL: SSL
    16. 

  16.       KAFKA_CLUSTERS_0_BOOTSTRAPSERVERS: kafka0:29092 # SSL LISTENER!
    17. 

  17.       KAFKA_CLUSTERS_0_PROPERTIES_SSL_TRUSTSTORE_LOCATION: /kafka.truststore.jks
    18. 

  18.       KAFKA_CLUSTERS_0_PROPERTIES_SSL_TRUSTSTORE_PASSWORD: secret
    19. 

  19.       KAFKA_CLUSTERS_0_PROPERTIES_SSL_KEYSTORE_LOCATION: /kafka.keystore.jks
    20. 

  20.       KAFKA_CLUSTERS_0_PROPERTIES_SSL_KEYSTORE_PASSWORD: secret
    21. 

  21.       KAFKA_CLUSTERS_0_PROPERTIES_SSL_ENDPOINT_IDENTIFICATION_ALGORITHM: '' # DISABLE COMMON NAME VERIFICATION
    22. 

  22.       KAFKA_CLUSTERS_0_SCHEMAREGISTRY: https://schemaregistry0:8085
    23. 

  23.       KAFKA_CLUSTERS_0_SCHEMAREGISTRYSSL_KEYSTORELOCATION: /kafka.keystore.jks
    24. 

  24.       KAFKA_CLUSTERS_0_SCHEMAREGISTRYSSL_KEYSTOREPASSWORD: "secret"
    25. 

  25.       KAFKA_CLUSTERS_0_SCHEMAREGISTRYSSL_TRUSTSTORELOCATION: /kafka.truststore.jks
    26. 

  26.       KAFKA_CLUSTERS_0_SCHEMAREGISTRYSSL_TRUSTSTOREPASSWORD: "secret"
    27. 

  27.       KAFKA_CLUSTERS_0_KAFKACONNECT_0_NAME: local
    28. 

  28.       KAFKA_CLUSTERS_0_KAFKACONNECT_0_ADDRESS: https://kafka-connect0:8083
    29. 

  29.       KAFKA_CLUSTERS_0_KAFKACONNECT_0_KEYSTORELOCATION: /kafka.keystore.jks
    30. 

  30.       KAFKA_CLUSTERS_0_KAFKACONNECT_0_KEYSTOREPASSWORD: "secret"
    31. 

  31.       KAFKA_CLUSTERS_0_KAFKACONNECT_0_TRUSTSTORELOCATION: /kafka.truststore.jks
    32. 

  32.       KAFKA_CLUSTERS_0_KAFKACONNECT_0_TRUSTSTOREPASSWORD: "secret"
    33. 

  33.     volumes:
    34. 

  34.       - ./ssl/kafka.truststore.jks:/kafka.truststore.jks
    35. 

  35.       - ./ssl/kafka.keystore.jks:/kafka.keystore.jks
    36. 

  36. 

  37.   kafka0:
    38. 

  38.     image: confluentinc/cp-kafka:7.2.1
    39. 

  39.     hostname: kafka0
    40. 

  40.     container_name: kafka0
    41. 

  41.     ports:
    42. 

  42.       - "9092:9092"
    43. 

  43.       - "9997:9997"
    44. 

  44.     environment:
    45. 

  45.       KAFKA_BROKER_ID: 1
    46. 

  46.       KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: 'CONTROLLER:PLAINTEXT,SSL:SSL,PLAINTEXT_HOST:PLAINTEXT'
    47. 

  47.       KAFKA_ADVERTISED_LISTENERS: 'SSL://kafka0:29092,PLAINTEXT_HOST://localhost:9092'
    48. 

  48.       KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1
    49. 

  49.       KAFKA_GROUP_INITIAL_REBALANCE_DELAY_MS: 0
    50. 

  50.       KAFKA_TRANSACTION_STATE_LOG_MIN_ISR: 1
    51. 

  51.       KAFKA_TRANSACTION_STATE_LOG_REPLICATION_FACTOR: 1
    52. 

  52.       KAFKA_JMX_PORT: 9997
    53. 

  53.       KAFKA_JMX_HOSTNAME: localhost
    54. 

  54.       KAFKA_PROCESS_ROLES: 'broker,controller'
    55. 

  55.       KAFKA_NODE_ID: 1
    56. 

  56.       KAFKA_CONTROLLER_QUORUM_VOTERS: '1@kafka0:29093'
    57. 

  57.       KAFKA_LISTENERS: 'SSL://kafka0:29092,CONTROLLER://kafka0:29093,PLAINTEXT_HOST://0.0.0.0:9092'
    58. 

  58.       KAFKA_INTER_BROKER_LISTENER_NAME: 'SSL'
    59. 

  59.       KAFKA_CONTROLLER_LISTENER_NAMES: 'CONTROLLER'
    60. 

  60.       KAFKA_LOG_DIRS: '/tmp/kraft-combined-logs'
    61. 

  61.       KAFKA_SECURITY_PROTOCOL: SSL
    62. 

  62.       KAFKA_SSL_ENABLED_MECHANISMS: PLAIN,SSL
    63. 

  63.       KAFKA_SSL_KEYSTORE_FILENAME: kafka.keystore.jks
    64. 

  64.       KAFKA_SSL_KEYSTORE_CREDENTIALS: creds
    65. 

  65.       KAFKA_SSL_KEY_CREDENTIALS: creds
    66. 

  66.       KAFKA_SSL_TRUSTSTORE_FILENAME: kafka.truststore.jks
    67. 

  67.       KAFKA_SSL_TRUSTSTORE_CREDENTIALS: creds
    68. 

  68.       #KAFKA_SSL_CLIENT_AUTH: 'required'
    69. 

  69.       KAFKA_SSL_CLIENT_AUTH: 'requested'
    70. 

  70.       KAFKA_SSL_ENDPOINT_IDENTIFICATION_ALGORITHM: '' # COMMON NAME VERIFICATION IS DISABLED SERVER-SIDE
    71. 

  71.     volumes:
    72. 

  72.       - ./scripts/update_run.sh:/tmp/update_run.sh
    73. 

  73.       - ./ssl/creds:/etc/kafka/secrets/creds
    74. 

  74.       - ./ssl/kafka.truststore.jks:/etc/kafka/secrets/kafka.truststore.jks
    75. 

  75.       - ./ssl/kafka.keystore.jks:/etc/kafka/secrets/kafka.keystore.jks
    76. 

  76.     command: "bash -c 'if [ ! -f /tmp/update_run.sh ]; then echo \"ERROR: Did you forget the update_run.sh file that came with this docker-compose.yml file?\" && exit 1 ; else /tmp/update_run.sh && /etc/confluent/docker/run ; fi'"
    77. 

  77. 

  78.   schemaregistry0:
    79. 

  79.     image: confluentinc/cp-schema-registry:7.2.1
    80. 

  80.     depends_on:
    81. 

  81.       - kafka0
    82. 

  82.     environment:
    83. 

  83.       SCHEMA_REGISTRY_KAFKASTORE_BOOTSTRAP_SERVERS: SSL://kafka0:29092
    84. 

  84.       SCHEMA_REGISTRY_KAFKASTORE_SECURITY_PROTOCOL: SSL
    85. 

  85.       SCHEMA_REGISTRY_KAFKASTORE_SSL_TRUSTSTORE_LOCATION: /kafka.truststore.jks
    86. 

  86.       SCHEMA_REGISTRY_KAFKASTORE_SSL_TRUSTSTORE_PASSWORD: secret
    87. 

  87.       SCHEMA_REGISTRY_KAFKASTORE_SSL_KEYSTORE_LOCATION: /kafka.keystore.jks
    88. 

  88.       SCHEMA_REGISTRY_KAFKASTORE_SSL_KEYSTORE_PASSWORD: secret
    89. 

  89.       SCHEMA_REGISTRY_KAFKASTORE_SSL_KEY_PASSWORD: secret
    90. 

  90.       SCHEMA_REGISTRY_HOST_NAME: schemaregistry0
    91. 

  91.       SCHEMA_REGISTRY_LISTENERS: https://schemaregistry0:8085
    92. 

  92.       SCHEMA_REGISTRY_INTER_INSTANCE_PROTOCOL: https
    93. 

  93. 

  94.       SCHEMA_REGISTRY_SCHEMA_REGISTRY_INTER_INSTANCE_PROTOCOL: "https"
    95. 

  95.       SCHEMA_REGISTRY_LOG4J_ROOT_LOGLEVEL: INFO
    96. 

  96.       SCHEMA_REGISTRY_KAFKASTORE_TOPIC: _schemas
    97. 

  97.       SCHEMA_REGISTRY_SSL_CLIENT_AUTHENTICATION: "REQUIRED"
    98. 

  98.       SCHEMA_REGISTRY_SSL_TRUSTSTORE_LOCATION: /kafka.truststore.jks
    99. 

  99.       SCHEMA_REGISTRY_SSL_TRUSTSTORE_PASSWORD: secret
    100. 

  100.       SCHEMA_REGISTRY_SSL_KEYSTORE_LOCATION: /kafka.keystore.jks
    101. 

  101.       SCHEMA_REGISTRY_SSL_KEYSTORE_PASSWORD: secret
    102. 

  102.       SCHEMA_REGISTRY_SSL_KEY_PASSWORD: secret
    103. 

  103.     ports:
    104. 

  104.       - 8085:8085
    105. 

  105.     volumes:
    106. 

  106.       - ./ssl/kafka.truststore.jks:/kafka.truststore.jks
    107. 

  107.       - ./ssl/kafka.keystore.jks:/kafka.keystore.jks
    108. 

  108. 

  109.   kafka-connect0:
    110. 

  110.     image: confluentinc/cp-kafka-connect:7.2.1
    111. 

  111.     ports:
    112. 

  112.       - 8083:8083
    113. 

  113.     depends_on:
    114. 

  114.       - kafka0
    115. 

  115.       - schemaregistry0
    116. 

  116.     environment:
    117. 

  117.       CONNECT_BOOTSTRAP_SERVERS: kafka0:29092
    118. 

  118.       CONNECT_GROUP_ID: compose-connect-group
    119. 

  119.       CONNECT_CONFIG_STORAGE_TOPIC: _connect_configs
    120. 

  120.       CONNECT_CONFIG_STORAGE_REPLICATION_FACTOR: 1
    121. 

  121.       CONNECT_OFFSET_STORAGE_TOPIC: _connect_offset
    122. 

  122.       CONNECT_OFFSET_STORAGE_REPLICATION_FACTOR: 1
    123. 

  123.       CONNECT_STATUS_STORAGE_TOPIC: _connect_status
    124. 

  124.       CONNECT_STATUS_STORAGE_REPLICATION_FACTOR: 1
    125. 

  125.       CONNECT_KEY_CONVERTER: org.apache.kafka.connect.storage.StringConverter
    126. 

  126.       CONNECT_KEY_CONVERTER_SCHEMA_REGISTRY_URL: https://schemaregistry0:8085
    127. 

  127.       CONNECT_VALUE_CONVERTER: org.apache.kafka.connect.storage.StringConverter
    128. 

  128.       CONNECT_VALUE_CONVERTER_SCHEMA_REGISTRY_URL: https://schemaregistry0:8085
    129. 

  129.       CONNECT_INTERNAL_KEY_CONVERTER: org.apache.kafka.connect.json.JsonConverter
    130. 

  130.       CONNECT_INTERNAL_VALUE_CONVERTER: org.apache.kafka.connect.json.JsonConverter
    131. 

  131.       CONNECT_REST_ADVERTISED_HOST_NAME: kafka-connect0
    132. 

  132.       CONNECT_PLUGIN_PATH: "/usr/share/java,/usr/share/confluent-hub-components"
    133. 

  133.       CONNECT_SECURITY_PROTOCOL: "SSL"
    134. 

  134.       CONNECT_SSL_KEYSTORE_LOCATION: "/kafka.keystore.jks"
    135. 

  135.       CONNECT_SSL_KEY_PASSWORD: "secret"
    136. 

  136.       CONNECT_SSL_KEYSTORE_PASSWORD: "secret"
    137. 

  137.       CONNECT_SSL_TRUSTSTORE_LOCATION: "/kafka.truststore.jks"
    138. 

  138.       CONNECT_SSL_TRUSTSTORE_PASSWORD: "secret"
    139. 

  139.       CONNECT_SSL_CLIENT_AUTH: "requested"
    140. 

  140.       CONNECT_REST_ADVERTISED_LISTENER: "https"
    141. 

  141.       CONNECT_LISTENERS: "https://kafka-connect0:8083"
    142. 

  142.     volumes:
    143. 

  143.       - ./ssl/kafka.truststore.jks:/kafka.truststore.jks
    144. 

  144.       - ./ssl/kafka.keystore.jks:/kafka.keystore.jks
    145.

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5