Merge pull request #2 from paddycarey/expose-ssl-port

Expose SSL Port
paddycarey · Feb 24, 2017 · 7604537 · 7604537
2 parents 7551477 + a539f49
commit 7604537
Show file tree

Hide file tree

Showing 4 changed files with 11 additions and 8 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -19,5 +19,6 @@ COPY config/kafka/jaas.conf /etc/kafka/jaas.conf
 COPY scripts/start_kafka.sh /usr/local/bin/start_kafka
 
 EXPOSE 9092
+EXPOSE 9093
 EXPOSE 9193
 CMD ["start_kafka"]
diff --git a/README.md b/README.md
@@ -13,10 +13,10 @@ Running Zookeeper and Kafka and configuring them to work together is a pain. Thi
 
 ## Running Kafka
 
-By default Kafka will be accessible on `localhost:9092` and `localhost:9193` so long as the port is exposed at runtime:
+By default Kafka will be accessible on `localhost:9092`, `localhost:9093` and `localhost:9193` so long as the port is exposed at runtime:
 
 ```bash
-$ docker run -ti -p 9092:9092 -p 9193:9193 paddycarey/kafka
+$ docker run -ti -p 9092:9092 -p 9093:9093 -p 9193:9193 paddycarey/kafka
 ```
 
 Kafka comes with a command line client that will take input from a file or from standard input and send it out as messages to the Kafka cluster. By default, each line will be sent as a separate message. You can use this client to test that Kafka is working. Run the producer and then type a few messages into the console to send to the server:
@@ -39,10 +39,10 @@ If you have each of the above commands running in a different terminal then you
 
 ### Accessing kafka on something other than localhost
 
-This image is configured so that it can be accessed on `localhost:9092` for a PLAIN connection or `localhost:9193` for SSL + SASL. If you need to access Kafka using a different hostname you can set the `KAFKA_ADVERTISED_HOST` environment variable.
+This image is configured so that it can be accessed on `localhost:9092` for a PLAIN connection or `localhost:9093` for a SSL connection or `localhost:9193` for SSL + SASL. If you need to access Kafka using a different hostname you can set the `KAFKA_ADVERTISED_HOST` environment variable.
 
 ```bash
-$ docker run -ti -e "KAFKA_ADVERTISED_HOST=somehostname" -p 9092:9092 -p 9193:9193 paddycarey/kafka
+$ docker run -ti -e "KAFKA_ADVERTISED_HOST=somehostname" -p 9092:9092 -p 9093:9093 -p 9193:9193 paddycarey/kafka
 ```
 
 Or if using Docker compose, your `docker-compose.yml` might look something like:
@@ -52,6 +52,7 @@ kafka:
     image: paddycarey/kafka # or whatever your built
     ports:
         - "9092:9092"
+        - "9093:9093"
         - "9193:9193"
     environment:
       KAFKA_ADVERTISED_HOST: kafka
@@ -68,7 +69,7 @@ consumer:
 This image stores log data in `/var/lib/kafka`. You can use a Docker volume to persist this directory beyond the lifetime of a single container.
 
 ```bash
-$ docker run -ti -v `pwd`/.data/:/var/lib/kafka -p 9092:9092 -p 9193:9193 paddycarey/kafka
+$ docker run -ti -v `pwd`/.data/:/var/lib/kafka -p 9092:9092 -p 9093:9093 -p 9193:9193 paddycarey/kafka
 ```
 
 ## Building the image

diff --git a/config/kafka/server.properties b/config/kafka/server.properties
@@ -27,12 +27,12 @@ broker.id=0
 #     listeners = security_protocol://host_name:port
 #   EXAMPLE:
 #     listeners = PLAINTEXT://your.host.name:9092
-listeners=PLAINTEXT://0.0.0.0:9092,SASL_SSL://0.0.0.0:9193
+listeners=PLAINTEXT://0.0.0.0:9092,SSL://0.0.0.0:9093,SASL_SSL://0.0.0.0:9193
 
 # Hostname and port the broker will advertise to producers and consumers. If not set,
 # it uses the value for "listeners" if configured.  Otherwise, it will use the value
 # returned from java.net.InetAddress.getCanonicalHostName().
-advertised.listeners=PLAINTEXT://localhost:9092,SASL_SSL://localhost:9193
+advertised.listeners=PLAINTEXT://localhost:9092,SSL://localhost:9093,SASL_SSL://localhost:9193
 
 # The number of threads handling network requests
 num.network.threads=3

diff --git a/scripts/start_kafka.sh b/scripts/start_kafka.sh
@@ -3,9 +3,10 @@ set -e
 
 # Set the advertised host value (if set)
 if [ ! -z "$KAFKA_ADVERTISED_HOST" ]; then
-    echo "Setting advertised.listeners value to: PLAINTEXT://$KAFKA_ADVERTISED_HOST:9092 or SASL_SSL://$KAFKA_ADVERTISED_HOST:9193"
+    echo "Setting advertised.listeners value to: PLAINTEXT://$KAFKA_ADVERTISED_HOST:9092 or SSL://$KAFKA_ADVERTISED_HOST:9093 or SASL_SSL://$KAFKA_ADVERTISED_HOST:9193"
     sed -i.bak "s/advertised.listeners=PLAINTEXT:\/\/localhost:9092/advertised.listeners=PLAINTEXT:\/\/$KAFKA_ADVERTISED_HOST:9092/g" /etc/kafka/server.properties
     sed -i.bak "s/SASL_SSL:\/\/localhost:9193/SASL_SSL:\/\/$KAFKA_ADVERTISED_HOST:9193/g" /etc/kafka/server.properties
+    sed -i.bak "s/SSL:\/\/localhost:9093/SSL:\/\/$KAFKA_ADVERTISED_HOST:9093/g" /etc/kafka/server.properties
     echo "127.0.0.1 $KAFKA_ADVERTISED_HOST" >> /etc/hosts
 fi