我需要在apache Kafka和zookeeper中启用SSL安全?有任何教程吗?我面临着信任库路径的问题。
0aydgbwb1#
you can go through below links to set SSL: https://docs.confluent.io/platform/current/security/security_tutorial.html#generating-keys-certs https://docs.confluent.io/3.0.0/kafka/ssl.htmlThis is the docker i m currently using: version: '3' services: zookeeper: image: confluentinc/cp-zookeeper:latest container_name: zookeeper hostname: zookeeper ports: - 2181:2181 environment: ZOOKEEPER_SERVER_ID: 1 ZOOKEEPER_CLIENT_PORT: 2181broker: image: confluentinc/cp-kafka:latest container_name: broker hostname: broker depends_on: - zookeeper environment: KAFKA_BROKER_ID: 1 KAFKA_ZOOKEEPER_CONNECT: 'zookeeper:2181' KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: PLAINTEXT:PLAINTEXT,SSL:SSL KAFKA_ADVERTISED_LISTENERS: PLAINTEXT://broker:9092,SSL://broker:9093 KAFKA_SSL_KEYSTORE_FILENAME: kafka.server.keystore.jks KAFKA_SSL_KEYSTORE_CREDENTIALS: kafka.key KAFKA_SSL_KEY_CREDENTIALS: kafka.key KAFKA_SSL_TRUSTSTORE_FILENAME: kafka.server.truststore.jks KAFKA_SSL_TRUSTSTORE_CREDENTIALS: kafka.key KAFKA_MIN_INSYNC_REPLICAS: 1 KAFKA_NUM_PARTITIONS: 1 KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1 KAFKA_GROUP_INITIAL_REBALANCE_DELAY_MS: 500 KAFKA_DEFAULT_REPLICATION_FACTOR: 1 KAFKA_CONFLUENT_LICENSE_TOPIC_REPLICATION_FACTOR: 1 KAFKA_CONFLUENT_BALANCER_TOPIC_REPLICATION_FACTOR: 1 KAFKA_TRANSACTION_STATE_LOG_MIN_ISR: 1 KAFKA_TRANSACTION_STATE_LOG_REPLICATION_FACTOR: 1 CONFLUENT_METRICS_ENABLE: 'false' volumes: - ./se:/etc/kafka/secrets
1条答案
按热度按时间0aydgbwb1#
you can go through below links to set SSL: https://docs.confluent.io/platform/current/security/security_tutorial.html#generating-keys-certs https://docs.confluent.io/3.0.0/kafka/ssl.html
This is the docker i m currently using: version: '3' services: zookeeper: image: confluentinc/cp-zookeeper:latest container_name: zookeeper hostname: zookeeper ports: - 2181:2181 environment: ZOOKEEPER_SERVER_ID: 1 ZOOKEEPER_CLIENT_PORT: 2181
broker: image: confluentinc/cp-kafka:latest container_name: broker hostname: broker depends_on: - zookeeper environment: KAFKA_BROKER_ID: 1 KAFKA_ZOOKEEPER_CONNECT: 'zookeeper:2181' KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: PLAINTEXT:PLAINTEXT,SSL:SSL KAFKA_ADVERTISED_LISTENERS: PLAINTEXT://broker:9092,SSL://broker:9093 KAFKA_SSL_KEYSTORE_FILENAME: kafka.server.keystore.jks KAFKA_SSL_KEYSTORE_CREDENTIALS: kafka.key KAFKA_SSL_KEY_CREDENTIALS: kafka.key KAFKA_SSL_TRUSTSTORE_FILENAME: kafka.server.truststore.jks KAFKA_SSL_TRUSTSTORE_CREDENTIALS: kafka.key KAFKA_MIN_INSYNC_REPLICAS: 1 KAFKA_NUM_PARTITIONS: 1 KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1 KAFKA_GROUP_INITIAL_REBALANCE_DELAY_MS: 500 KAFKA_DEFAULT_REPLICATION_FACTOR: 1 KAFKA_CONFLUENT_LICENSE_TOPIC_REPLICATION_FACTOR: 1 KAFKA_CONFLUENT_BALANCER_TOPIC_REPLICATION_FACTOR: 1 KAFKA_TRANSACTION_STATE_LOG_MIN_ISR: 1 KAFKA_TRANSACTION_STATE_LOG_REPLICATION_FACTOR: 1 CONFLUENT_METRICS_ENABLE: 'false' volumes: - ./se:/etc/kafka/secrets