Open cavemenlife opened 5 years ago
docker configuration
version: '3'
services:
zookeeper1: image: confluentinc/cp-zookeeper:5.1.0 hostname: zookeeper1 ports:
"3888:3888"
environment:
ZOOKEEPER_SERVER_ID: 1
ZOOKEEPER_SERVERS: 0.0.0.0:2888:3888
ZOOKEEPER_CLIENT_PORT: 2181
ZOOKEEPER_TICK_TIME: 2000
logging:
driver: "json-file"
options:
max-size: "10m"
max-file: "3"
volumes:
zookeeper-log:/var/lib/zookeeper/log
kafka-broker1: image: confluentinc/cp-kafka:5.1.0 hostname: kafka-broker1: ports:
volumes: zookeeper-data: zookeeper-log: kafka-data:
@cavemenlife : have you seen https://github.com/confluentinc/cp-demo ? It is a good reference for a Kafka setup in Docker with SSL enabled.
I am also trying to configure SSL and got the same error. Did you get the solution?
Hello! Im trying to go through instruction to setup cp-demo and get the same error. Where in the docs I can read about additional instructions?
Is it suitable for Windows users?
I am using this configuration as documentation suggested and keep getting the same error referenced above.
KAFKA_SSL_KEYSTORE_LOCATION: /home/ssl/kafka.server.keystore.jks KAFKA_SSL_KEYSTORE_PASSWORD:
see this file line https://github.com/confluentinc/cp-docker-images/blob/fec6d0a8635cea1dd860e610ac19bd3ece8ad9f4/debian/kafka/include/etc/confluent/docker/configure#L70
KAFKA_SSL_KEYSTORE_LOCATION is hard coded to
export KAFKA_SSL_KEYSTORE_LOCATION="/etc/kafka/secrets/$KAFKA_SSL_KEYSTORE_FILENAME"
Meaning, you can't customize the value for KAFKA_SSL_KEYSTORE_LOCATION
These steps worked for me in Windows:
1 - Generate keys using Windows WSL:
cd $(pwd)/examples/kafka-cluster-ssl/secrets
./create-certs.sh
(Type yes for all "Trust this certificate? [no]:" prompts.)
2 - Set the environment variable KAFKA_SSL_SECRETS_DIR using PowerShell:
$env:KAFKA_SSL_SECRETS_DIR= "xxxx\cp-docker-images\examples\kafka-cluster-ssl\secrets"
3 - Use the environment variable to run kafka-ssl cluster node:
docker run -d --net=host --name=kafka-ssl-1 -e
KAFKA_ZOOKEEPER_CONNECT=localhost:22181,localhost:32181,localhost:42181 -e
KAFKA_ADVERTISED_LISTENERS=SSL://localhost:29092 -e KAFKA_SSL_KEYSTORE_FILENAME=kafka.broker1.keystore.jks -e
KAFKA_SSL_KEYSTORE_CREDENTIALS=broker1_keystore_creds -e KAFKA_SSL_KEY_CREDENTIALS=broker1_sslkey_creds -e
KAFKA_SSL_TRUSTSTORE_FILENAME=kafka.broker1.truststore.jks -e
KAFKA_SSL_TRUSTSTORE_CREDENTIALS=broker1_truststore_creds -e KAFKA_SECURITY_INTER_BROKER_PROTOCOL=SSL -v
${env:KAFKA_SSL_SECRETS_DIR}:/etc/kafka/secrets confluentinc/cp-kafka:5.0.0
Hello, I am trying to configure ssl to confluent kafka docker platform and getting an error while starting saying
Logs:
Command [/usr/local/bin/dub path /etc/kafka/secrets/kafka.server.keystore.jks exists] FAILED ! kafka_kafka-broker1_1_13d7835ad32d exited with code 1