zk-kafka-multiple-nodes-sasl-stack.yml

#  Copyright 2023 The original authors
#
#  Licensed under the Apache License, Version 2.0 (the "License");
#  you may not use this file except in compliance with the License.
#  You may obtain a copy of the License at

#  http://www.apache.org/licenses/LICENSE-2.0
#
#  Unless required by applicable law or agreed to in writing, software
#  distributed under the License is distributed on an "AS IS" BASIS,
#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
#  See the License for the specific language governing permissions and
#  limitations under the License.
#
version: '3.8'
services:
  grafana:
    image: "grafana/grafana:${GRAFANA_VERSION}"
    ports:
     - "3000:3000"
    environment:
      GF_PATHS_DATA : /var/lib/grafana
      GF_SECURITY_ADMIN_PASSWORD : kafka
    volumes:
     - ./grafana/provisioning:/etc/grafana/provisioning
     - ./grafana/dashboards:/var/lib/grafana/dashboards
    container_name: grafana
    depends_on:
     - prometheus

  prometheus:
    image: "prom/prometheus:${PROMETHEUS_VERSION}"
    ports:
     - "9090:9090"
    volumes:
     - ./etc/prometheus/prometheus.yml:/etc/prometheus/prometheus.yml
    command: "--config.file=/etc/prometheus/prometheus.yml"
    container_name: prometheus

  jmx-kafka101:
    image: "sscaling/jmx-prometheus-exporter"
    ports:
     - "5556:5556"
    environment:
     CONFIG_YML : "/etc/jmx_exporter/config.yml"
     JVM_OPTS: ${PROMETHEUS_JMX_AGENT_JVM_OPTS}
    volumes:
     - ./etc/jmx_exporter/config_kafka101.yml:/etc/jmx_exporter/config.yml
    container_name: jmx-kafka101
    depends_on:
     - kafka101

  jmx-exporter102:
    image: "sscaling/jmx-prometheus-exporter"
    ports:
     - "5557:5556"
    environment:
     CONFIG_YML : "/etc/jmx_exporter/config.yml"
     JVM_OPTS: ${PROMETHEUS_JMX_AGENT_JVM_OPTS}
    volumes:
     - ./etc/jmx_exporter/config_kafka102.yml:/etc/jmx_exporter/config.yml
    container_name: jmx-kafka102
    depends_on:
     - kafka102

  jmx-exporter103:
    image: "sscaling/jmx-prometheus-exporter"
    ports:
     - "5558:5556"
    environment:
     CONFIG_YML : "/etc/jmx_exporter/config.yml"
     JVM_OPTS: ${PROMETHEUS_JMX_AGENT_JVM_OPTS}
    volumes:
     - ./etc/jmx_exporter/config_kafka103.yml:/etc/jmx_exporter/config.yml
    container_name: jmx-kafka103
    depends_on:
     - kafka103        

  zk1:
    image: confluentinc/cp-zookeeper:${CONFLUENT_VERSION}
    environment:
      ZOOKEEPER_CLIENT_PORT: 2181
      ZOOKEEPER_TICK_TIME: 2000
      ZOOKEEPER_INIT_LIMIT: 5
      ZOOKEEPER_SYNC_LIMIT: 2
      #ZOOKEEPER_LOG4J_ROOT_LOGLEVEL: DEBUG
      EXTRA_ARGS: -Djava.security.auth.login.config=/etc/kafka/zookeeper_jaas.conf
    volumes:
     - ./etc/secrets/zookeeper_jaas.conf:/etc/kafka/zookeeper_jaas.conf
     - ./etc/zookeeper.properties:/etc/confluent/docker/zookeeper.properties.template
    ports:
     - 2181:2181
    container_name: zookeeper1

  kafka101:
    image: confluentinc/cp-kafka:${CONFLUENT_VERSION}
    depends_on:
      - zk1
    ports:
      - "9091:9091"
      - "9991:9991"
    container_name: kafka101
    volumes:
     - ./etc/secrets/kafka_server_jaas.conf:/etc/kafka/kafka_server_jaas.conf
    environment:
      KAFKA_BROKER_ID: 101
      KAFKA_JMX_PORT: 9991
      KAFKA_ZOOKEEPER_CONNECT: zookeeper1:2181
      KAFKA_ADVERTISED_LISTENERS: SASL_PLAINTEXT://kafka101:29092,PLAINTEXT_HOST://localhost:9091
      KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: SASL_PLAINTEXT:SASL_PLAINTEXT,PLAINTEXT_HOST:SASL_PLAINTEXT
      KAFKA_INTER_BROKER_LISTENER_NAME: SASL_PLAINTEXT
      KAFKA_AUTHORIZER_CLASS_NAME: kafka.security.authorizer.AclAuthorizer
      KAFKA_SUPER_USERS: User:kafka
      KAFKA_ALLOW_EVERYONE_IF_NO_ACL_FOUND: "true" 
      KAFKA_SASL_ENABLED_MECHANISMS: SCRAM-SHA-256
      KAFKA_SASL_MECHANISM_INTER_BROKER_PROTOCOL: SCRAM-SHA-256
      KAFKA_OPTS: -Djava.security.auth.login.config=/etc/kafka/kafka_server_jaas.conf -Dzookeeper.sasl.clientconfig=ZkClient
      KAFKA_HEAP_OPTS: ${KAFKA_BROKER_HEAP_OPTS}
      #KAFKA_LOG4J_ROOT_LOGLEVEL: DEBUG
      #KAFKA_TOOLS_LOG4J_LOGLEVEL: DEBUG
      KAFKA_ZOOKEEPER_SET_ACL: "true"
      KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1
      KAFKA_TRANSACTION_STATE_LOG_REPLICATION_FACTOR: 1
      CONFLUENT_METRICS_REPORTER_BOOTSTRAP_SERVERS: kafka101:29092
      CONFLUENT_METRICS_REPORTER_ZOOKEEPER_CONNECT: zookeeper1:2181
      CONFLUENT_METRICS_REPORTER_TOPIC_REPLICAS: 1
      CONFLUENT_METRICS_ENABLE: 'false'
    deploy:
      resources:
        limits:
          memory: ${KAFKA_BROKER_MEM_LIMIT}

  kafka102:
    image: confluentinc/cp-kafka:${CONFLUENT_VERSION}
    depends_on:
      - zk1
    ports:
      - "9092:9092"
      - "9992:9992"
    container_name: kafka102
    volumes:
     - ./etc/secrets/kafka_server_jaas.conf:/etc/kafka/kafka_server_jaas.conf
    environment:
      KAFKA_BROKER_ID: 102
      KAFKA_JMX_PORT: 9092
      KAFKA_ZOOKEEPER_CONNECT: zookeeper1:2181
      KAFKA_ADVERTISED_LISTENERS: SASL_PLAINTEXT://kafka102:29092,PLAINTEXT_HOST://localhost:9092
      KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: SASL_PLAINTEXT:SASL_PLAINTEXT,PLAINTEXT_HOST:SASL_PLAINTEXT
      KAFKA_INTER_BROKER_LISTENER_NAME: SASL_PLAINTEXT
      KAFKA_AUTHORIZER_CLASS_NAME: kafka.security.authorizer.AclAuthorizer
      KAFKA_SUPER_USERS: User:kafka
      KAFKA_ALLOW_EVERYONE_IF_NO_ACL_FOUND: "true" 
      KAFKA_SASL_ENABLED_MECHANISMS: SCRAM-SHA-256
      KAFKA_SASL_MECHANISM_INTER_BROKER_PROTOCOL: SCRAM-SHA-256
      KAFKA_OPTS: -Djava.security.auth.login.config=/etc/kafka/kafka_server_jaas.conf -Dzookeeper.sasl.clientconfig=ZkClient
      KAFKA_HEAP_OPTS: ${KAFKA_BROKER_HEAP_OPTS}
      #KAFKA_LOG4J_ROOT_LOGLEVEL: DEBUG
      #KAFKA_TOOLS_LOG4J_LOGLEVEL: DEBUG
      KAFKA_ZOOKEEPER_SET_ACL: "true"
      KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1
      KAFKA_TRANSACTION_STATE_LOG_REPLICATION_FACTOR: 1
      CONFLUENT_METRICS_REPORTER_BOOTSTRAP_SERVERS: kafka102:29092
      CONFLUENT_METRICS_REPORTER_ZOOKEEPER_CONNECT: zookeeper1:2181
      CONFLUENT_METRICS_REPORTER_TOPIC_REPLICAS: 1
      CONFLUENT_METRICS_ENABLE: 'false'
    deploy:
      resources:
        limits:
          memory: ${KAFKA_BROKER_MEM_LIMIT}

  kafka103:
    image: confluentinc/cp-kafka:${CONFLUENT_VERSION}
    depends_on:
      - zk1
    ports:
      - "9093:9093"
      - "9993:9993"
    container_name: kafka103
    volumes:
     - ./etc/secrets/kafka_server_jaas.conf:/etc/kafka/kafka_server_jaas.conf
    environment:
      KAFKA_BROKER_ID: 103
      KAFKA_JMX_PORT: 9993
      KAFKA_ZOOKEEPER_CONNECT: zookeeper1:2181
      KAFKA_ADVERTISED_LISTENERS: SASL_PLAINTEXT://kafka103:29092,PLAINTEXT_HOST://localhost:9993
      KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: SASL_PLAINTEXT:SASL_PLAINTEXT,PLAINTEXT_HOST:SASL_PLAINTEXT
      KAFKA_INTER_BROKER_LISTENER_NAME: SASL_PLAINTEXT
      KAFKA_AUTHORIZER_CLASS_NAME: kafka.security.authorizer.AclAuthorizer
      KAFKA_SUPER_USERS: User:kafka
      KAFKA_ALLOW_EVERYONE_IF_NO_ACL_FOUND: "true"
      KAFKA_SASL_ENABLED_MECHANISMS: SCRAM-SHA-256
      KAFKA_SASL_MECHANISM_INTER_BROKER_PROTOCOL: SCRAM-SHA-256
      KAFKA_OPTS: -Djava.security.auth.login.config=/etc/kafka/kafka_server_jaas.conf -Dzookeeper.sasl.clientconfig=ZkClient
      KAFKA_HEAP_OPTS: ${KAFKA_BROKER_HEAP_OPTS}
      #KAFKA_LOG4J_ROOT_LOGLEVEL: DEBUG
      #KAFKA_TOOLS_LOG4J_LOGLEVEL: DEBUG
      KAFKA_ZOOKEEPER_SET_ACL: "true"
      KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1
      KAFKA_TRANSACTION_STATE_LOG_REPLICATION_FACTOR: 1
      CONFLUENT_METRICS_REPORTER_BOOTSTRAP_SERVERS: kafka103:29092
      CONFLUENT_METRICS_REPORTER_ZOOKEEPER_CONNECT: zookeeper1:2181
      CONFLUENT_METRICS_REPORTER_TOPIC_REPLICAS: 1
      CONFLUENT_METRICS_ENABLE: 'false'
    deploy:
      resources:
        limits:
          memory: ${KAFKA_BROKER_MEM_LIMIT}