forked from conduktor/kafka-security-manager
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdocker-compose.yml
55 lines (50 loc) · 2.09 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
version: '2.1'
services:
zoo1:
image: zookeeper:3.4.13
hostname: zoo1
ports:
- "2181:2181"
environment:
ZOO_MY_ID: 1
ZOO_PORT: 2181
ZOO_SERVERS: server.1=zoo1:2888:3888
kafka1:
image: confluentinc/cp-kafka:5.3.0
hostname: kafka1
ports:
- "9092:9092"
environment:
KAFKA_ADVERTISED_LISTENERS: LISTENER_DOCKER_INTERNAL://kafka1:19092,LISTENER_DOCKER_EXTERNAL://${DOCKER_HOST_IP:-127.0.0.1}:9092
KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: LISTENER_DOCKER_INTERNAL:PLAINTEXT,LISTENER_DOCKER_EXTERNAL:PLAINTEXT
KAFKA_INTER_BROKER_LISTENER_NAME: LISTENER_DOCKER_INTERNAL
KAFKA_ZOOKEEPER_CONNECT: "zoo1:2181"
KAFKA_BROKER_ID: 1
KAFKA_LOG4J_LOGGERS: "kafka.controller=INFO,kafka.producer.async.DefaultEventHandler=INFO,state.change.logger=INFO"
KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1
depends_on:
- zoo1
kafka-security-manager:
image: conduktor/kafka-security-manager:latest
environment:
KSM_READONLY: "false"
AUTHORIZER_ZOOKEEPER_CONNECT: "zoo1:2181"
# FILE:
SOURCE_CLASS: "io.conduktor.ksm.source.FileSourceAcl"
SOURCE_FILE_FILENAME: "example/acls.csv"
# GITHUB:
# SOURCE_CLASS: "io.conduktor.ksm.source.GitHubSourceAcl"
# SOURCE_GITHUB_USER: "conduktor"
# SOURCE_GITHUB_REPO: "kafka-security-manager-example"
# SOURCE_GITHUB_FILEPATH: "acls.csv"
# SOURCE ACLS FROM KAFKA INSTEAD
# THIS WON't WORK WITH THIS DOCKER COMPOSE FILE AS IT
# REQUIRES KAFKA TO BE CONFIGURED IN SECURED MODE
# PR ACCEPTED :)
# AUTHORIZER_CLASS: "io.conduktor.ksm.compat.AdminClientAuthorizer"
# ADMIN_CLIENT_BOOTSTRAP_SERVERS: "kafka1:19092"
# set ADMIN_CLIENT_SECURITY_PROTOCOL, ADMIN_CLIENT_SASL_JAAS_CONFIG, ADMIN_CLIENT_SASL_MECHANISM, ADMIN_CLIENT_SSL_KEY_PASSWORD, ADMIN_CLIENT_SSL_KEYSTORE_LOCATION, ADMIN_CLIENT_SSL_KEYSTORE_PASSWORD, ADMIN_CLIENT_SSL_TRUSTSTORE_LOCATION, ADMIN_CLIENT_SSL_TRUSTSTORE_PASSWORD for a secure Kafka setup
volumes:
- ${PWD}/example:/opt/docker/example:ro
depends_on:
- kafka1