docker
安装 kafak
及外部链接配置
一:应用
1.根据官方链接下载docker-compose.yml配置
curl -sSL https://raw.githubusercontent.com/bitnami/containers/main/bitnami/kafka/docker-compose.yml > docker-compose.yml
# Copyright VMware, Inc.
# SPDX-License-Identifier: APACHE-2.0
version: "2"
services:
kafka:
image: docker.io/bitnami/kafka:3.5
ports:
- "9092:9092"
volumes:
- "kafka_data:/bitnami"
environment:
# KRaft settings
- KAFKA_CFG_NODE_ID=0
- KAFKA_CFG_PROCESS_ROLES=controller,broker
- KAFKA_CFG_CONTROLLER_QUORUM_VOTERS=0@kafka:9093
# Listeners
- KAFKA_CFG_LISTENERS=PLAINTEXT://:9092,CONTROLLER://:9093
- KAFKA_CFG_ADVERTISED_LISTENERS=PLAINTEXT://:9092
- KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP=CONTROLLER:PLAINTEXT,PLAINTEXT:PLAINTEXT
- KAFKA_CFG_CONTROLLER_LISTENER_NAMES=CONTROLLER
- KAFKA_CFG_INTER_BROKER_LISTENER_NAME=PLAINTEXT
volumes:
kafka_data:
driver: local
2.配置外部链接,新增下面几个参数
- 2.1 新增端口号:
9094:9094
- 2.2
listeners
:listener
名称://主机名:端口 - 2.3
advertised.listeners
:listener
名称://主机名:端口 - 2.4
listener.security.protocol.map
:EXTERNAL:PLAINTEXT
二.参数解释
1.listeners
Listener List - Comma-separated list of URIs we will listen on and the listener names. If the listener name is not a security protocol, listener.security.protocol.map must also be set. Specify hostname as 0.0.0.0 to bind to all interfaces. Leave hostname empty to bind to default interface. Examples of legal listener lists: PLAINTEXT://myhost:9092,SSL://:9091 CLIENT://0.0.0.0:9092,REPLICATION://localhost:9093
简要说明
- 配置需要监听的URI
参数格式
- 使用逗号分隔的URI列表
- 协议名称://主机名:端口、listener名称://主机名:端口
- 不同主机名可以绑定相同端口
附加说明
- 如果列表中存在使用相同协议的listener,必须要在listener.security.protocol.map中定义不同的名称
- 可以使用0.0.0.0的ip绑定所有网卡
2.advertised.listeners
Listeners to publish to ZooKeeper for clients to use, if different than the listeners config property. In IaaS environments, this may need to be different from the interface to which the broker binds. If this is not set, the value for listeners will be used. Unlike listeners it is not valid to advertise the 0.0.0.0 meta-address.
简要说明
该参数是将listener发布到Zk中,供client使用
参数格式
- 参数值必须为listeners中定义的某个listener 或者 对应name的listener在listeners中的定义使用了0.0.0.0作为host,在advertised.listeners中可以指定某个网卡ip
- 不能使用host为0.0.0.0的listener
3.listener.security.protocol.map
Map between listener names and security protocols. This must be defined for the same security protocol to be usable in more than one port or IP. For example, internal and external traffic can be separated even if SSL is required for both. Concretely, the user could define listeners with names INTERNAL and EXTERNAL and this property as: INTERNAL:SSL,EXTERNAL:SSL. As shown, key and value are separated by a colon and map entries are separated by commas. Each listener name should only appear once in the map. Different security (SSL and SASL) settings can be configured for each listener by adding a normalised prefix (the listener name is lowercased) to the config name. For example, to set a different keystore for the INTERNAL listener, a config with name listener.name.internal.ssl.keystore.location would be set. If the config for the listener name is not set, the config will fallback to the generic config (i.e. ssl.keystore.location)
简单说明
- 该参数用于listener name与安全协议之间进行映射。
参数格式
- 键值是通过冒号进行分隔的,键值对之间通过逗号进行分隔。协议的合法取值为:PLAINTEXT, SSL, SASL_PLAINTEXT, SASL_SSL
附加说明
- 安全参数的配置通过添加前缀进行设置,比如配置LISTENER_A的ssl.keystore.location的参数:listener.name.listener_a.ssl.keystore.location,listener name需要转成小写。
4.inter.broker.listener.name
Name of listener used for communication between brokers. If this is unset, the listener name is defined by security.inter.broker.protocol. It is an error to set this and security.inter.broker.protocol properties at the same time
简单说明
- 该参数是用来设置broker之间进行通信时采用的listener名称
参数格式
- listener name
附加说明
- 如果该参数没有设置,则采用security.inter.broker.protocol配置。同时设置inter.broker.listener.name和security.inter.broker.protocol会出现错误。listener必须要在advertised.listeners中进行配置,否则会出现inter.broker.listener.name must be a listener name defined in advertised.listeners. The valid options based on currently configured listeners are A,B的错误。