mirror of https://github.com/certusone/dc4bc.git
58 lines
2.2 KiB
YAML
58 lines
2.2 KiB
YAML
version: '3.4'
|
|
services:
|
|
|
|
zookeeper:
|
|
image: confluentinc/cp-zookeeper:5.3.1
|
|
container_name: zookeeper
|
|
hostname: zookeeper
|
|
environment:
|
|
ZOOKEEPER_CLIENT_PORT: 2181
|
|
ZOOKEEPER_TICK_TIME: 2000
|
|
|
|
kafka:
|
|
image: confluentinc/cp-kafka:5.3.1
|
|
container_name: kafka
|
|
hostname: kafka
|
|
domainname: confluent.local
|
|
networks:
|
|
default:
|
|
aliases:
|
|
- kafka.confluent.local
|
|
depends_on:
|
|
- zookeeper
|
|
ports:
|
|
- 9093:9093
|
|
environment:
|
|
KAFKA_BROKER_ID: 1
|
|
KAFKA_ZOOKEEPER_CONNECT: 'zookeeper:2181'
|
|
KAFKA_LISTENER: INTERNAL://kafka.confluent.local:9092,OUTSIDE://localhost:9093
|
|
KAFKA_ADVERTISED_LISTENERS: INTERNAL://kafka.confluent.local:9092,OUTSIDE://localhost:9093
|
|
KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: INTERNAL:SASL_SSL,OUTSIDE:SASL_SSL
|
|
KAFKA_INTER_BROKER_LISTENER_NAME: INTERNAL
|
|
KAFKA_SASL_MECHANISM_INTER_BROKER_PROTOCOL: PLAIN
|
|
KAFKA_LISTENER_NAME_INTERNAL_SASL_ENABLED_MECHANISMS: PLAIN
|
|
KAFKA_LISTENER_NAME_OUTSIDE_SASL_ENABLED_MECHANISMS: PLAIN
|
|
|
|
KAFKA_SSL_ENDPOINT_IDENTIFICATION_ALGORITHM: "HTTPS"
|
|
KAFKA_SSL_CLIENT_AUTH: requested
|
|
KAFKA_SSL_KEYSTORE_LOCATION: /var/lib/secret/server.keystore.jks
|
|
KAFKA_SSL_KEYSTORE_PASSWORD: ${KEYSTORE_PASSWORD}
|
|
KAFKA_SSL_TRUSTSTORE_LOCATION: /var/lib/secret/truststore.jks
|
|
KAFKA_SSL_TRUSTSTORE_PASSWORD: ${KEYSTORE_PASSWORD}
|
|
|
|
KAFKA_LISTENER_NAME_INTERNAL_PLAIN_SASL_JAAS_CONFIG: org.apache.kafka.common.security.plain.PlainLoginModule required \
|
|
username="admin" \
|
|
password="admin-secret" \
|
|
user_admin="admin-secret" ;
|
|
KAFKA_LISTENER_NAME_OUTSIDE_PLAIN_SASL_JAAS_CONFIG: org.apache.kafka.common.security.plain.PlainLoginModule required \
|
|
username="admin" \
|
|
password="admin-secret" \
|
|
user_admin="admin-secret" \
|
|
user_producer="producerpass" \
|
|
user_consumer="consumerpass" ;
|
|
KAFKA_SASL_JAAS_CONFIG: org.apache.kafka.common.security.plain.PlainLoginModule required \
|
|
username="admin" \
|
|
password="admin-secret" ;
|
|
KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1
|
|
volumes:
|
|
- ./certs/:/var/lib/secret |