-
Notifications
You must be signed in to change notification settings - Fork 0
/
docker-compose.yaml
102 lines (93 loc) · 3.96 KB
/
docker-compose.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
version: "3"
services:
zookeeper:
image: docker.io/bitnami/zookeeper:3.7
restart: always
hostname: zookeeper
ports:
- "3181:3181"
volumes:
- "zookeeper_data:/bitnami"
- "./keys/truststore/kafka.truststore.jks:/opt/bitnami/zookeeper/config/certs/zookeeper.truststore.jks:ro"
- "./keys/keystore/zookeeper.keystore.jks:/opt/bitnami/zookeeper/config/certs/zookeeper.keystore.jks:ro"
environment:
- ZOO_ENABLE_AUTH=yes
- ZOO_SERVER_USERS=${KAFKA_DOCKER_ZOO_USER}
- ZOO_SERVER_PASSWORDS=${KAFKA_DOCKER_ZOO_PASSWORD}
- ZOO_CLIENT_USER=${KAFKA_DOCKER_ZOO_USER}
- ZOO_CLIENT_PASSWORD=${KAFKA_DOCKER_ZOO_PASSWORD}
- ZOO_TLS_CLIENT_ENABLE=yes
- ZOO_TLS_CLIENT_KEYSTORE_PASSWORD=${KAFKA_DOCKER_CERTIFICATE_PASSWORD}
- ZOO_TLS_CLIENT_KEYSTORE_FILE=/opt/bitnami/zookeeper/config/certs/zookeeper.keystore.jks
- ZOO_TLS_CLIENT_TRUSTSTORE_PASSWORD=${KAFKA_DOCKER_CERTIFICATE_PASSWORD}
- ZOO_TLS_CLIENT_TRUSTSTORE_FILE=/opt/bitnami/zookeeper/config/certs/zookeeper.truststore.jks
kafka-0:
image: docker.io/bitnami/kafka:2
restart: always
hostname: kafka-0
ports:
- "9092:9092"
volumes:
- "./keys/truststore/kafka.truststore.jks:/opt/bitnami/kafka/config/certs/kafka.truststore.jks:ro"
- "./keys/keystore/kafka-0.keystore.jks:/opt/bitnami/kafka/config/certs/kafka.keystore.jks:ro"
- "./keys/truststore/kafka.truststore.jks:/opt/bitnami/kafka/config/certs/zookeeper.truststore.jks:ro"
- "./keys/keystore/zookeeper.keystore.jks:/opt/bitnami/kafka/config/certs/zookeeper.keystore.jks:ro"
- "kafka_0_data:/bitnami/kafka"
- "./keys/client.properties:/properties/client.properties"
environment:
- KAFKA_CFG_ZOOKEEPER_CONNECT=zookeeper:3181
- KAFKA_ZOOKEEPER_PROTOCOL=SASL_SSL
- KAFKA_ZOOKEEPER_TLS_KEYSTORE_PASSWORD=${KAFKA_DOCKER_CERTIFICATE_PASSWORD}
- KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_PASSWORD=${KAFKA_DOCKER_CERTIFICATE_PASSWORD}
- KAFKA_ZOOKEEPER_USER=${KAFKA_DOCKER_ZOO_USER}
- KAFKA_ZOOKEEPER_PASSWORD=${KAFKA_DOCKER_ZOO_PASSWORD}
- KAFKA_CFG_BROKER_ID=0
- KAFKA_CFG_SASL_ENABLED_MECHANISMS=PLAIN
- ALLOW_PLAINTEXT_LISTENER=yes
- KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP=INTERNAL:SSL,CLIENT:SASL_SSL
- KAFKA_CFG_LISTENERS=INTERNAL://:9093,CLIENT://:9092
- KAFKA_CFG_ADVERTISED_LISTENERS=INTERNAL://kafka-0:9093,CLIENT://localhost:9092
- KAFKA_INTER_BROKER_LISTENER_NAME=INTERNAL
- KAFKA_CERTIFICATE_PASSWORD=${KAFKA_DOCKER_CERTIFICATE_PASSWORD}
- KAFKA_CLIENT_USERS=${KAFKA_DOCKER_SASL_USER}
- KAFKA_CLIENT_PASSWORDS=${KAFKA_DOCKER_SASL_PASSWORD}
depends_on:
- zookeeper
akhq:
image: tchiotludo/akhq
restart: always
hostname: akhq
ports:
- 8080:8080
volumes:
- "./keys/truststore/kafka.truststore.jks:/certs/akhq.truststore.jks:ro"
- "./keys/keystore/akhq.keystore.jks:/certs/akhq.keystore.jks:ro"
environment:
AKHQ_CONFIGURATION: |
akhq:
connections:
kafka:
properties:
bootstrap.servers: "kafka-0:9093"
security.protocol: SSL
ssl.truststore.location: /certs/akhq.truststore.jks
ssl.truststore.password: ${KAFKA_DOCKER_CERTIFICATE_PASSWORD}
ssl.keystore.type: PKCS12
ssl.keystore.location: /certs/akhq.keystore.jks
ssl.keystore.password: ${KAFKA_DOCKER_CERTIFICATE_PASSWORD}
ssl.key.password: ${KAFKA_DOCKER_CERTIFICATE_PASSWORD}
security:
default-group: no-roles
basic-auth:
- username: admin
password: 03ac674216f3e15c761ee1a5e255f067953623c8b388b4459e13f978d7c846f4
groups:
- admin
micronaut:
security:
enabled: true
volumes:
zookeeper_data:
driver: local
kafka_0_data:
driver: local