devbox
小舞很执着
这个屌丝很懒,什么也没留下!
关注作者
热门标签
热门文章
当前位置:   article > 正文

kafka集群及SASL认证设置_sasl.jaas.config

作者:小舞很执着 | 2024-06-26 09:51:00

sasl.jaas.config

server.properties

  1. #listeners=SASL_PLAINTEXT://172.19.115.1000.0.0.0):9092
  2. listeners=PLAINTEXT://172.19.115.100:9092
  3. advertised.listeners=PLAINTEXT://172.19.115.100:9092
  4. #SASL开始
  5. security.inter.broker.protocol=SASL_PLAINTEXT
  6. sasl.mechanism.inter.broker.protocol=PLAIN
  7. sasl.enabled.mechanisms=PLAIN
  8.  
  9.  
  10. allow.everyone.if.no.acl.found=false
  11. #超级管理员权限用户
  12. super.users=User:admin
  13. advertised.listeners=SASL_PLAINTEXT://172.19.115.100:9092
  14. #结束

zookeeper.properties

  1. dataDir=/tmp/zookeeper
  2. # the port at which the clients will connect
  3. clientPort=2181
  4. # disable the per-ip limit on the number of connections since this is a non-production config
  5. maxClientCnxns=0
  6. # Disable the adminserver by default to avoid port conflicts.
  7. # Set the port to something non-conflicting if choosing to enable this
  8. admin.enableServer=false
  9. # admin.serverPort=8080
  10. tickTime=2000
  11. initLimit=10
  12. syncLimit=5
  13. server.0=172.19.115.100:2888:3888
  14. server.1=172.19.115.98:2888:3888
  15. server.2=172.19.115.99:2888:3888
  16.  
  17.  
  18. #SASL开始
  19. authProvider.1=org.apache.zookeeper.server.auth.SASLAuthenticationProvider
  20. requireClientAuthScheme=sasl
  21. jaasLoginRenew=3600000
  22. #zookeeper.sasl.client=true
  23. #结束

kafka_server_jaas.conf

  1. KafkaServer {
  2.  org.apache.kafka.common.security.plain.PlainLoginModule required
  3.  username="admin"
  4.  password="admin"
  5.  user_admin="admin"
  6.  user_producer="producer@123"
  7.  user_consumer="consumer@123";
  8. };
  9.  
  10. Client {
  11.  org.apache.kafka.common.security.plain.PlainLoginModule required
  12.  username="admin"
  13.  password="admin";
  14. };

consumer.properties

  1. bootstrap.servers=localhost:9092
  2.  
  3. # consumer group id
  4. group.id=test-consumer-group
  5.  
  6. #SASL开始
  7. ##username 和 password 对应kafka_server_jaas.conf中的用户名密码
  8. sasl.jaas.config=org.apache.kafka.common.security.plain.PlainLoginModule required username="admin" password="admin";
  9. security.protocol=SASL_PLAINTEXT
  10. sasl.mechanism=PLAIN

producer.properties

  1. bootstrap.servers=localhost:9092
  2.  
  3. # specify the compression codec for all data generated: none, gzip, snappy, lz4, zstd
  4. compression.type=none
  5.  
  6. #SASL开始
  7. sasl.jaas.config=org.apache.kafka.common.security.plain.PlainLoginModule required username="producer" password="producer@123";
  8. security.protocol=SASL_PLAINTEXT
  9. sasl.mechanism=PLAIN

zookeeper.properties

  1. dataDir=/tmp/zookeeper
  2. # the port at which the clients will connect
  3. clientPort=2181
  4. # disable the per-ip limit on the number of connections since this is a non-production config
  5. maxClientCnxns=0
  6. # Disable the adminserver by default to avoid port conflicts.
  7. # Set the port to something non-conflicting if choosing to enable this
  8. admin.enableServer=false
  9. # admin.serverPort=8080
  10. tickTime=2000
  11. initLimit=10
  12. syncLimit=5
  13. server.0=172.19.115.100:2888:3888
  14. server.1=172.19.115.98:2888:3888
  15. server.2=172.19.115.99:2888:3888
  16.  
  17.  
  18. #SASL开始
  19. authProvider.1=org.apache.zookeeper.server.auth.SASLAuthenticationProvider
  20. requireClientAuthScheme=sasl
  21. jaasLoginRenew=3600000
  22. #zookeeper.sasl.client=true

kafka_consumer_jaas.conf

  1. Client { 
  2. org.apache.kafka.common.security.plain.PlainLoginModule required 
  3. username="consumer" 
  4. password="consumer@123"; 
  5. };

kafka_producer_jaas.conf

  1. Client { 
  2. org.apache.kafka.common.security.plain.PlainLoginModule required 
  3. username="producer" 
  4. password="producer@123"; 
  5. };

zoo_jaas.conf

  1. ZKServer {
  2.   org.apache.kafka.common.security.plain.PlainLoginModule required
  3.   username="admin"
  4.   password="admin"
  5.   user_admin="admin";
  6. };

sasl.properties

  1. security.protocol=SASL_PLAINTEXT
  2. sasl.mechanism=PLAIN
  3. sasl.jaas.config=org.apache.kafka.common.security.scram.ScramLoginModule required username="admin" password="admin";

bin命令

  1. #zookeeper-server-start.sh
  2.  
  3. export KAFKA_OPTS="-Djava.security.auth.login.config=/usr/local/kafka_2.13-3.1.0/config/zoo_jaas.conf"
  4. #exec $base_dir/kafka-run-class.sh $EXTRA_ARGS -Djava.security.auth.login.config=/usr/local/kafka_2.13-3.1.0/config/zoo_jaas.conf org.apache.zookeeper.server.quorum.QuorumPeerMain "$@"
  5. exec $base_dir/kafka-run-class.sh $EXTRA_ARGS  org.apache.zookeeper.server.quorum.QuorumPeerMain "$@"
  6.  
  7.  
  8. #kafka-server-start.sh
  9.  
  10. export KAFKA_OPTS="-Djava.security.auth.login.config=/usr/local/kafka_2.13-3.1.0/config/kafka_server_jaas.conf"
  11. exec $base_dir/kafka-run-class.sh $EXTRA_ARGS kafka.Kafka "$@"
  12. #exec $base_dir/kafka-run-class.sh $EXTRA_ARGS -Djava.security.auth.login.config=/usr/local/kafka_2.13-3.1.0/config/kafka_server_jaas.conf kafka.Kafka "$@"
  13.  
  14.  
  15. #kafka-console-consumer.sh
  16.  
  17. export KAFKA_OPTS="-Djava.security.auth.login.config=/usr/local/kafka_2.13-3.1.0/config/kafka_server_jaas.conf"
  18. #exec $(dirname $0)/kafka-run-class.sh -Djava.security.auth.login.config=/usr/local/kafka_2.13-3.1.0/config/kafka_consumer_jaas.conf  kafka.tools.ConsoleConsumer "$@"
  19. exec $(dirname $0)/kafka-run-class.sh  kafka.tools.ConsoleConsumer "$@"
  20.  
  21.  
  22.  
  23. #kafka-console-producer.sh
  24.  
  25. export KAFKA_OPTS="-Djava.security.auth.login.config=/usr/local/kafka_2.13-3.1.0/config/kafka_server_jaas.conf"
  26. #exec $(dirname $0)/kafka-run-class.sh -Djava.security.auth.login.config=/usr/local/kafka_2.13-3.1.0/config/kafka_producer_jaas.conf  kafka.tools.ConsoleProducer "$@"
  27. exec $(dirname $0)/kafka-run-class.sh kafka.tools.ConsoleProducer "$@"
  28.  
  29.  
  30.  
  31. #kafka-topics.sh
  32.  
  33. export KAFKA_OPTS="-Xmx1G -Xms1G -Djava.security.auth.login.config=/usr/local/kafka_2.13-3.1.0/config/kafka_server_jaas.conf"
  34. exec $(dirname $0)/kafka-run-class.sh kafka.admin.TopicCommand "$@"

kafka命令

  1. ./bin/kafka-console-producer.sh --broker-list 172.19.115.100:9092 --topic topic001 -producer.config ./config/producer.properties
  2.  
  3.  
  4. ./bin/kafka-console-consumer.sh --bootstrap-server 172.19.115.100:9092 --topic topic-test --from-beginning --consumer.config ./config/consumer.properties
  5. ./bin/kafka-console-consumer.sh --bootstrap-server localhost:9092 --topic topic-test --from-beginning --consumer.config ./config/consumer.properties
  6.  
  7. ./bin/kafka-console-consumer.sh --bootstrap-server 172.19.115.100:9092 --topic test --from-beginning --consumer.config ./config/consumer.properties
  8.  
  9.  
  10. ./bin/kafka-topics.sh --create --bootstrap-server 172.19.115.100:9092 --replication-factor 3 --partitions 1 --topic test123
  11.  
  12.  
  13. ./bin/kafka-topics.sh --list --bootstrap-server localhost:9092 --command-config ./config/sasl.properties
  14.  
  15.  
  16. cd /usr/local/kafka_2.13-3.1.0/
  17.  
  18. ./bin/zookeeper-server-start.sh ./config/zookeeper.properties
  19.  
  20. ./bin/kafka-server-start.sh ./config/server.properties

声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/小舞很执着/article/detail/758989
推荐阅读
相关标签

Copyright © 2003-2013 www.wpsshop.cn 版权所有,并保留所有权利。

  

闽ICP备14008679号