thiagodiasb91
11/28/2018 - 1:00 PM

kafka com acls

readme.md
content_copyfile_download
  • Rendered
  • Source

Kafka com acls

config/server.properties

security.inter.broker.protocol=SASL_PLAINTEXT
sasl.mechanism.inter.broker.protocol=PLAIN
sasl.enabled.mechanisms=PLAIN

authorizer.class.name=kafka.security.auth.SimpleAclAuthorizer
allow.everyone.if.no.acl.found=true
auto.create.topics.enable=false
broker.id=0
listeners=SASL_PLAINTEXT://localhost:9092
advertised.listeners=SASL_PLAINTEXT://localhost:9092
num.network.threads=3
num.io.threads=8
socket.send.buffer.bytes=102400
socket.receive.buffer.bytes=102400
socket.request.max.bytes=104857600

advertised.host.name=localhost
num.partitions=1
num.recovery.threads.per.data.dir=1
log.flush.interval.messages=30000000
log.flush.interval.ms=1800000
log.retention.minutes=30
log.segment.bytes=1073741824
log.retention.check.interval.ms=300000
delete.topic.enable=true
zookeeper.connect=localhost:2181
zookeeper.connection.timeout.ms=6000
super.users=User:admin

config/zookeeper.properties

dataDir=/tmp/zookeeper
clientPort=2181
maxClientCnxns=0
authProvider.1=org.apache.zookeeper.server.auth.SASLAuthenticationProvider
requireClientAuthScheme=sasl
jaasLoginRenew=3600000

config/producer.properties

security.protocol=SASL_PLAINTEXT
sasl.mechanism=PLAIN
bootstrap.servers=localhost:9092
compression.type=none

config/consumer.properties

security.protocol=SASL_PLAINTEXT
sasl.mechanism=PLAIN
zookeeper.connect=localhost:2181
zookeeper.connection.timeout.ms=6000
group.id=test-consumer-group

config/zookeeper_jaas.conf

Server {
   org.apache.kafka.common.security.plain.PlainLoginModule required
   username="admin"
   password="admin-secret"
   user_admin="admin-secret";
};

config/kafka_server_jaas.conf

KafkaServer {
   org.apache.kafka.common.security.plain.PlainLoginModule required
   username="admin"
   password="admin-secret"
   user_admin="admin-secret";
};

Client {
   org.apache.kafka.common.security.plain.PlainLoginModule required
   username="admin"
   password="admin-secret";
};

kafka_client_jaas.conf

KafkaClient {
  org.apache.kafka.common.security.plain.PlainLoginModule required
  username="admin"
  password="admin-secret";
};

Criando tópico

bin/kafka-topics.sh --create --zookeeper localhost:2181 --replication-factor 1 --partitions 1 --topic topw

Terminal 1

export KAFKA_OPTS="-Djava.security.auth.login.config=/home/thiagodiasb/kafka/my-config/zookeeper_jaas.conf"
bin/zookeeper-server-start.sh my-config/zookeeper.properties

Terminal 2

export KAFKA_OPTS="-Djava.security.auth.login.config=/home/thiagodiasb/kafka/my-config/kafka_server_jaas.conf"
bin/kafka-server-start.sh my-config/server.properties

Terminal 3 - Producer

export KAFKA_OPTS="-Djava.security.auth.login.config=/home/thiagodiasb/kafka/my-config/kafka_client_jaas.conf"
./bin/kafka-console-producer.sh --broker-list localhost:9092 --topic topw --producer.config=my-config/producer.properties

Terminal 4 - Consumer

export KAFKA_OPTS="-Djava.security.auth.login.config=/home/thiagodiasb/kafka/my-config/kafka_client_jaas.conf"
./bin/kafka-console-consumer.sh --topic topw --from-beginning --consumer.config=my-config/consumer.properties  --bootstrap-server=localhost:9092