-
Notifications
You must be signed in to change notification settings - Fork 0
/
kafka-kraft.yml
144 lines (126 loc) · 5.73 KB
/
kafka-kraft.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
version: "3.5"
services:
kafka-1:
image: confluentinc/cp-kafka@sha256:620734d9fc0bb1f9886932e5baf33806074469f40e3fe246a3fdbb59309535fa
ports:
- "19092:9092"
volumes:
- kafka-1:/var/lib/kafka/data
- ./creds/brokers/kafka-1:/etc/kafka/secrets
environment:
KAFKA_NODE_ID: 1
CLUSTER_ID: 'ciWo7IWazngRchmPES6q5A'
KAFKA_PROCESS_ROLES: 'broker,controller'
KAFKA_CONTROLLER_QUORUM_VOTERS: '1@kafka-1:29093,2@kafka-2:29093'
KAFKA_LISTENERS: 'INTERNAL://0.0.0.0:29092,CONTROLLER://0.0.0.0:29093,EXTERNAL://0.0.0.0:9092'
KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: 'CONTROLLER:SSL,INTERNAL:SSL,EXTERNAL:SSL'
KAFKA_ADVERTISED_LISTENERS: 'INTERNAL://kafka-1:29092,EXTERNAL://kafka-1:9092'
KAFKA_INTER_BROKER_LISTENER_NAME: 'INTERNAL'
KAFKA_CONTROLLER_LISTENER_NAMES: 'CONTROLLER'
KAFKA_SSL_KEYSTORE_LOCATION: /etc/kafka/secrets/kafka.keystore.pkcs12
KAFKA_SSL_KEYSTORE_TYPE: PKCS12
KAFKA_SSL_KEYSTORE_PASSWORD: cc2023
KAFKA_SSL_KEY_PASSWORD: cc2023
KAFKA_SSL_TRUSTSTORE_LOCATION: /etc/kafka/secrets/kafka.truststore.jks
KAFKA_SSL_TRUSTSTORE_PASSWORD: cc2023
KAFKA_SSL_ENDPOINT_IDENTIFICATION_ALGORITHM: ""
KAFKA_SSL_PRINCIPAL_MAPPING_RULES: "RULE:^.*[Cc][Nn]=([a-zA-Z0-9-.]*).*$$/$$1/L,DEFAULT"
KAFKA_SSL_CLIENT_AUTH: "required"
KAFKA_AUTHORIZER_CLASS_NAME: org.apache.kafka.metadata.authorizer.StandardAuthorizer
KAFKA_LOG_RETENTION_MS: 3600000
KAFKA_LOG_RETENTION_CHECK_INTERVAL_MS: 300000
KAFKA_SUPER_USERS: User:landau;User:kafka-1;User:kafka-2;User:kafka-3
KAFKA_GROUP_INITIAL_REBALANCE_DELAY_MS: 0
KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1
KAFKA_TRANSACTION_STATE_LOG_REPLICATION_FACTOR: 1
KAFKA_AUTO_CREATE_TOPICS_ENABLE: "true"
KAFKA_DELETE_TOPIC_ENABLE: "true"
logging:
driver: "json-file"
options:
max-size: "100m"
max-file: 5
kafka-2:
image: confluentinc/cp-kafka@sha256:620734d9fc0bb1f9886932e5baf33806074469f40e3fe246a3fdbb59309535fa
ports:
- "29092:9092"
volumes:
- kafka-2:/var/lib/kafka/data
- ./creds/brokers/kafka-2:/etc/kafka/secrets
environment:
KAFKA_NODE_ID: 2
CLUSTER_ID: 'ciWo7IWazngRchmPES6q5A'
KAFKA_PROCESS_ROLES: 'broker,controller'
KAFKA_CONTROLLER_QUORUM_VOTERS: '1@kafka-1:29093,2@kafka-2:29093'
KAFKA_LISTENERS: 'CONTROLLER://0.0.0.0:29093,INTERNAL://0.0.0.0:29092,EXTERNAL://0.0.0.0:9092'
KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: 'CONTROLLER:SSL,INTERNAL:SSL,EXTERNAL:SSL'
KAFKA_ADVERTISED_LISTENERS: 'INTERNAL://kafka-2:29092,EXTERNAL://kafka-2:9092'
KAFKA_INTER_BROKER_LISTENER_NAME: 'INTERNAL'
KAFKA_CONTROLLER_LISTENER_NAMES: 'CONTROLLER'
KAFKA_SSL_KEYSTORE_LOCATION: /etc/kafka/secrets/kafka.keystore.pkcs12
KAFKA_SSL_KEYSTORE_TYPE: PKCS12
KAFKA_SSL_KEYSTORE_PASSWORD: cc2023
KAFKA_SSL_KEY_PASSWORD: cc2023
KAFKA_SSL_TRUSTSTORE_LOCATION: /etc/kafka/secrets/kafka.truststore.jks
KAFKA_SSL_TRUSTSTORE_PASSWORD: cc2023
KAFKA_SSL_ENDPOINT_IDENTIFICATION_ALGORITHM: ""
KAFKA_SSL_PRINCIPAL_MAPPING_RULES: "RULE:^.*[Cc][Nn]=([a-zA-Z0-9-.]*).*$$/$$1/L,DEFAULT"
KAFKA_SSL_CLIENT_AUTH: "required"
KAFKA_AUTHORIZER_CLASS_NAME: org.apache.kafka.metadata.authorizer.StandardAuthorizer
KAFKA_LOG_RETENTION_MS: 3600000
KAFKA_LOG_RETENTION_CHECK_INTERVAL_MS: 300000
KAFKA_SUPER_USERS: User:landau;User:kafka-1;User:kafka-2;User:kafka-3
KAFKA_GROUP_INITIAL_REBALANCE_DELAY_MS: 0
KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1
KAFKA_TRANSACTION_STATE_LOG_REPLICATION_FACTOR: 1
KAFKA_AUTO_CREATE_TOPICS_ENABLE: "true"
KAFKA_DELETE_TOPIC_ENABLE: "true"
logging:
driver: "json-file"
options:
max-size: "100m"
max-file: 5
kafka-3:
image: confluentinc/cp-kafka@sha256:620734d9fc0bb1f9886932e5baf33806074469f40e3fe246a3fdbb59309535fa
ports:
- "39092:9092"
volumes:
- kafka-3:/var/lib/kafka/data
- ./creds/brokers/kafka-3:/etc/kafka/secrets
environment:
KAFKA_NODE_ID: 3
CLUSTER_ID: 'ciWo7IWazngRchmPES6q5A'
KAFKA_PROCESS_ROLES: 'broker,controller'
KAFKA_CONTROLLER_QUORUM_VOTERS: '1@kafka-1:29093,2@kafka-2:29093,3@kafka-3:29093'
KAFKA_LISTENERS: 'CONTROLLER://0.0.0.0:29093,INTERNAL://0.0.0.0:29092,EXTERNAL://0.0.0.0:9092'
KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: 'CONTROLLER:SSL,INTERNAL:SSL,EXTERNAL:SSL'
KAFKA_ADVERTISED_LISTENERS: 'INTERNAL://kafka-3:29092,EXTERNAL://kafka-3:9092'
KAFKA_INTER_BROKER_LISTENER_NAME: 'INTERNAL'
KAFKA_CONTROLLER_LISTENER_NAMES: 'CONTROLLER'
KAFKA_SSL_KEYSTORE_LOCATION: /etc/kafka/secrets/kafka.keystore.pkcs12
KAFKA_SSL_KEYSTORE_TYPE: PKCS12
KAFKA_SSL_KEYSTORE_PASSWORD: cc2023
KAFKA_SSL_KEY_PASSWORD: cc2023
KAFKA_SSL_TRUSTSTORE_LOCATION: /etc/kafka/secrets/kafka.truststore.jks
KAFKA_SSL_TRUSTSTORE_PASSWORD: cc2023
KAFKA_SSL_ENDPOINT_IDENTIFICATION_ALGORITHM: ""
KAFKA_SSL_PRINCIPAL_MAPPING_RULES: "RULE:^.*[Cc][Nn]=([a-zA-Z0-9-.]*).*$$/$$1/L,DEFAULT"
KAFKA_SSL_CLIENT_AUTH: "required"
KAFKA_AUTHORIZER_CLASS_NAME: org.apache.kafka.metadata.authorizer.StandardAuthorizer
KAFKA_LOG_RETENTION_MS: 3600000
KAFKA_LOG_RETENTION_CHECK_INTERVAL_MS: 300000
KAFKA_SUPER_USERS: User:landau;User:kafka-1;User:kafka-2;User:kafka-3
KAFKA_GROUP_INITIAL_REBALANCE_DELAY_MS: 0
KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1
KAFKA_TRANSACTION_STATE_LOG_REPLICATION_FACTOR: 1
KAFKA_AUTO_CREATE_TOPICS_ENABLE: "true"
KAFKA_DELETE_TOPIC_ENABLE: "true"
logging:
driver: "json-file"
options:
max-size: "100m"
max-file: 5
volumes:
kafka-1:
kafka-2:
kafka-3: