version: "3"
services:
zookeeper:
image: wurstmeister/zookeeper
hostname: zookeeper_sasl
container_name: zookeeper_sasl
restart: always
ports:
- 32182:2181
environment:
ZOOKEEPER_CLIENT_PORT: 2181
SERVER_JVMFLAGS: -Djava.security.auth.login.config=/opt/zookeeper-3.4.13/secrets/server_jaas.conf
volumes:
- /home/tool/kafka-sasl/conf:/opt/zookeeper-3.4.13/conf
- /home/tool/kafka-sasl/conf/:/opt/zookeeper-3.4.13/secrets/
kafka:
image: wurstmeister/kafka:2.11-0.11.0.3
restart: always
hostname: broker
container_name: kafka_sasl
depends_on:
- zookeeper
ports:
- 59091:9092
environment:
KAFKA_BROKER_ID: 0
KAFKA_ADVERTISED_LISTENERS: SASL_PLAINTEXT://10.18.104.202:59091
KAFKA_ADVERTISED_PORT: 59091
KAFKA_LISTENERS: SASL_PLAINTEXT://0.0.0.0:9092
KAFKA_SECURITY_INTER_BROKER_PROTOCOL: SASL_PLAINTEXT
KAFKA_PORT: 59091
KAFKA_SASL_MECHANISM_INTER_BROKER_PROTOCOL: PLAIN
KAFKA_SASL_ENABLED_MECHANISMS: PLAIN
KAFKA_AUTHORIZER_CLASS_NAME: kafka.security.auth.SimpleAclAuthorizer
KAFKA_SUPER_USERS: User:admin
KAFKA_ALLOW_EVERYONE_IF_NO_ACL_FOUND: "true" #設置為true,ACL機制為黑名單機制,只有黑名單中的用戶無法訪問,默認為false,ACL機制為白名單機制,只有白名單中的用戶可以訪問
KAFKA_ZOOKEEPER_CONNECT: zookeeper_sasl:2181
KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1
KAFKA_GROUP_INITIAL_REBALANCE_DELAY_MS: 0
KAFKA_OPTS: -Djava.security.auth.login.config=/opt/kafka/secrets/server_jaas.conf
volumes:
- /home/tool/kafka-sasl/conf/:/opt/kafka/secrets/
配合第一篇文章的conf文件夾里的配置文件使用