Skip to content

Commit 4e44ea4

Browse files
ssingudasussingudasu
authored
Convert wurstmeister images to bitnami images (#168)
* Convert wurstmeister images to bitnami images * Modified ci workflows * Minor changes to README.md * Minor changes to environment variable * ci test271 enable scram * ci changing to SASL_PLAINTEXT * modifying advertized listeners * reverting test271 * modifying test271 authroizer class name * removing listeners * Bumping the Kafka version to 2.7.0 for SCRAM * Minor README.md fixtures * Minor README.md fixtures * Fixtures for kafka versions, KAFKA_IMAGE_TAG * ci fixture for kafka version 0.10.2.1 * Minor README changes * Minor README changes
1 parent d5c5b3a commit 4e44ea4

File tree

4 files changed

+187
-146
lines changed

4 files changed

+187
-146
lines changed

.github/workflows/ci.yml

Lines changed: 80 additions & 64 deletions
Original file line numberDiff line numberDiff line change
@@ -50,78 +50,86 @@ jobs:
5050

5151
services:
5252
zookeeper:
53-
image: wurstmeister/zookeeper
53+
image: bitnami/zookeeper:latest
5454
ports:
5555
- "2181:2181"
56+
env:
57+
ALLOW_ANONYMOUS_LOGIN: yes
5658

5759
kafka1:
58-
image: wurstmeister/kafka:2.11-0.10.2.2
60+
image: bitnami/kafka:0.10.2.1
5961
ports:
6062
- "9092:9092"
6163
env:
6264
KAFKA_BROKER_ID: 1
6365
KAFKA_BROKER_RACK: zone1
66+
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
67+
ALLOW_PLAINTEXT_LISTENER: yes
6468
KAFKA_ADVERTISED_HOST_NAME: kafka1
6569
KAFKA_ADVERTISED_PORT: 9092
66-
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
6770

6871
kafka2:
69-
image: wurstmeister/kafka:2.11-0.10.2.2
72+
image: bitnami/kafka:0.10.2.1
7073
ports:
7174
- "9093:9092"
7275
env:
7376
KAFKA_BROKER_ID: 2
7477
KAFKA_BROKER_RACK: zone1
78+
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
79+
ALLOW_PLAINTEXT_LISTENER: yes
7580
KAFKA_ADVERTISED_HOST_NAME: kafka2
7681
KAFKA_ADVERTISED_PORT: 9092
77-
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
7882

7983
kafka3:
80-
image: wurstmeister/kafka:2.11-0.10.2.2
84+
image: bitnami/kafka:0.10.2.1
8185
ports:
8286
- "9094:9092"
8387
env:
8488
KAFKA_BROKER_ID: 3
8589
KAFKA_BROKER_RACK: zone2
90+
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
91+
ALLOW_PLAINTEXT_LISTENER: yes
8692
KAFKA_ADVERTISED_HOST_NAME: kafka3
8793
KAFKA_ADVERTISED_PORT: 9092
88-
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
8994

9095
kafka4:
91-
image: wurstmeister/kafka:2.11-0.10.2.2
96+
image: bitnami/kafka:0.10.2.1
9297
ports:
9398
- "9095:9092"
94-
env:
99+
env:
95100
KAFKA_BROKER_ID: 4
96101
KAFKA_BROKER_RACK: zone2
102+
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
103+
ALLOW_PLAINTEXT_LISTENER: yes
97104
KAFKA_ADVERTISED_HOST_NAME: kafka4
98105
KAFKA_ADVERTISED_PORT: 9092
99-
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
100106

101107
kafka5:
102-
image: wurstmeister/kafka:2.11-0.10.2.2
108+
image: bitnami/kafka:0.10.2.1
103109
ports:
104110
- "9096:9092"
105-
env:
111+
env:
106112
KAFKA_BROKER_ID: 5
107113
KAFKA_BROKER_RACK: zone3
114+
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
115+
ALLOW_PLAINTEXT_LISTENER: yes
108116
KAFKA_ADVERTISED_HOST_NAME: kafka5
109117
KAFKA_ADVERTISED_PORT: 9092
110-
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
111118

112119
kafka6:
113-
image: wurstmeister/kafka:2.11-0.10.2.2
120+
image: bitnami/kafka:0.10.2.1
114121
ports:
115122
- "9097:9092"
116-
env:
123+
env:
117124
KAFKA_BROKER_ID: 6
118125
KAFKA_BROKER_RACK: zone3
126+
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
127+
ALLOW_PLAINTEXT_LISTENER: yes
119128
KAFKA_ADVERTISED_HOST_NAME: kafka6
120129
KAFKA_ADVERTISED_PORT: 9092
121-
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
122130

123131

124-
test271:
132+
test270:
125133
runs-on: ubuntu-latest
126134
container:
127135
image: cimg/go:1.19
@@ -147,91 +155,99 @@ jobs:
147155

148156
services:
149157
zookeeper:
150-
image: wurstmeister/zookeeper
158+
image: bitnami/zookeeper:latest
151159
ports:
152160
- "2181:2181"
161+
env:
162+
ALLOW_ANONYMOUS_LOGIN: yes
153163

154164
kafka1:
155-
image: wurstmeister/kafka:2.13-2.7.1
165+
image: bitnami/kafka:2.7.0
156166
ports:
157167
- "9092:9092"
158168
env:
159-
KAFKA_BROKER_ID: 1
160-
KAFKA_BROKER_RACK: zone1
161-
KAFKA_ADVERTISED_HOST_NAME: kafka1
162-
KAFKA_ADVERTISED_PORT: 9092
169+
KAFKA_CFG_BROKER_ID: 1
170+
KAFKA_CFG_BROKER_RACK: zone1
163171
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
164-
KAFKA_AUTHORIZER_CLASS_NAME: kafka.security.auth.SimpleAclAuthorizer
165-
KAFKA_ALLOW_EVERYONE_IF_NO_ACL_FOUND: true
172+
ALLOW_PLAINTEXT_LISTENER: yes
173+
KAFKA_CFG_ADVERTISED_HOST_NAME: kafka1
174+
KAFKA_CFG_ADVERTISED_PORT: 9092
175+
KAFKA_CFG_AUTHORIZER_CLASS_NAME: kafka.security.authorizer.AclAuthorizer
176+
KAFKA_CFG_ALLOW_EVERYONE_IF_NO_ACL_FOUND: true
166177

167178
kafka2:
168-
image: wurstmeister/kafka:2.13-2.7.1
179+
image: bitnami/kafka:2.7.0
169180
ports:
170181
- "9093:9092"
171182
env:
172-
KAFKA_BROKER_ID: 2
173-
KAFKA_BROKER_RACK: zone1
174-
KAFKA_ADVERTISED_HOST_NAME: kafka2
175-
KAFKA_ADVERTISED_PORT: 9092
183+
KAFKA_CFG_BROKER_ID: 2
184+
KAFKA_CFG_BROKER_RACK: zone1
176185
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
177-
KAFKA_AUTHORIZER_CLASS_NAME: kafka.security.auth.SimpleAclAuthorizer
178-
KAFKA_ALLOW_EVERYONE_IF_NO_ACL_FOUND: true
186+
ALLOW_PLAINTEXT_LISTENER: yes
187+
KAFKA_CFG_ADVERTISED_HOST_NAME: kafka2
188+
KAFKA_CFG_ADVERTISED_PORT: 9092
189+
KAFKA_CFG_AUTHORIZER_CLASS_NAME: kafka.security.authorizer.AclAuthorizer
190+
KAFKA_CFG_ALLOW_EVERYONE_IF_NO_ACL_FOUND: true
179191

180192
kafka3:
181-
image: wurstmeister/kafka:2.13-2.7.1
193+
image: bitnami/kafka:2.7.0
182194
ports:
183195
- "9094:9092"
184196
env:
185-
KAFKA_BROKER_ID: 3
186-
KAFKA_BROKER_RACK: zone2
187-
KAFKA_ADVERTISED_HOST_NAME: kafka3
188-
KAFKA_ADVERTISED_PORT: 9092
197+
KAFKA_CFG_BROKER_ID: 3
198+
KAFKA_CFG_BROKER_RACK: zone2
189199
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
190-
KAFKA_AUTHORIZER_CLASS_NAME: kafka.security.auth.SimpleAclAuthorizer
191-
KAFKA_ALLOW_EVERYONE_IF_NO_ACL_FOUND: true
200+
ALLOW_PLAINTEXT_LISTENER: yes
201+
KAFKA_CFG_ADVERTISED_HOST_NAME: kafka3
202+
KAFKA_CFG_ADVERTISED_PORT: 9092
203+
KAFKA_CFG_AUTHORIZER_CLASS_NAME: kafka.security.authorizer.AclAuthorizer
204+
KAFKA_CFG_ALLOW_EVERYONE_IF_NO_ACL_FOUND: true
192205

193206
kafka4:
194-
image: wurstmeister/kafka:2.13-2.7.1
207+
image: bitnami/kafka:2.7.0
195208
ports:
196209
- "9095:9092"
197-
env:
198-
KAFKA_BROKER_ID: 4
199-
KAFKA_BROKER_RACK: zone2
200-
KAFKA_ADVERTISED_HOST_NAME: kafka4
201-
KAFKA_ADVERTISED_PORT: 9092
210+
env:
211+
KAFKA_CFG_BROKER_ID: 4
212+
KAFKA_CFG_BROKER_RACK: zone2
202213
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
203-
KAFKA_AUTHORIZER_CLASS_NAME: kafka.security.auth.SimpleAclAuthorizer
204-
KAFKA_ALLOW_EVERYONE_IF_NO_ACL_FOUND: true
214+
ALLOW_PLAINTEXT_LISTENER: yes
215+
KAFKA_CFG_ADVERTISED_HOST_NAME: kafka4
216+
KAFKA_CFG_ADVERTISED_PORT: 9092
217+
KAFKA_CFG_AUTHORIZER_CLASS_NAME: kafka.security.authorizer.AclAuthorizer
218+
KAFKA_CFG_ALLOW_EVERYONE_IF_NO_ACL_FOUND: true
205219

206220
kafka5:
207-
image: wurstmeister/kafka:2.13-2.7.1
221+
image: bitnami/kafka:2.7.0
208222
ports:
209223
- "9096:9092"
210-
env:
211-
KAFKA_BROKER_ID: 5
212-
KAFKA_BROKER_RACK: zone3
213-
KAFKA_ADVERTISED_HOST_NAME: kafka5
214-
KAFKA_ADVERTISED_PORT: 9092
224+
env:
225+
KAFKA_CFG_BROKER_ID: 5
226+
KAFKA_CFG_BROKER_RACK: zone3
215227
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
216-
KAFKA_AUTHORIZER_CLASS_NAME: kafka.security.auth.SimpleAclAuthorizer
217-
KAFKA_ALLOW_EVERYONE_IF_NO_ACL_FOUND: true
228+
ALLOW_PLAINTEXT_LISTENER: yes
229+
KAFKA_CFG_ADVERTISED_HOST_NAME: kafka5
230+
KAFKA_CFG_ADVERTISED_PORT: 9092
231+
KAFKA_CFG_AUTHORIZER_CLASS_NAME: kafka.security.authorizer.AclAuthorizer
232+
KAFKA_CFG_ALLOW_EVERYONE_IF_NO_ACL_FOUND: true
218233

219234
kafka6:
220-
image: wurstmeister/kafka:2.13-2.7.1
235+
image: bitnami/kafka:2.7.0
221236
ports:
222237
- "9097:9092"
223-
env:
224-
KAFKA_BROKER_ID: 6
225-
KAFKA_BROKER_RACK: zone3
226-
KAFKA_ADVERTISED_HOST_NAME: kafka6
227-
KAFKA_ADVERTISED_PORT: 9092
238+
env:
239+
KAFKA_CFG_BROKER_ID: 6
240+
KAFKA_CFG_BROKER_RACK: zone3
228241
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
229-
KAFKA_AUTHORIZER_CLASS_NAME: kafka.security.auth.SimpleAclAuthorizer
230-
KAFKA_ALLOW_EVERYONE_IF_NO_ACL_FOUND: true
242+
ALLOW_PLAINTEXT_LISTENER: yes
243+
KAFKA_CFG_ADVERTISED_HOST_NAME: kafka6
244+
KAFKA_CFG_ADVERTISED_PORT: 9092
245+
KAFKA_CFG_AUTHORIZER_CLASS_NAME: kafka.security.authorizer.AclAuthorizer
246+
KAFKA_CFG_ALLOW_EVERYONE_IF_NO_ACL_FOUND: true
231247

232248
snyk:
233249
runs-on: ubuntu-latest
234-
needs: [test010, test271]
250+
needs: [test010, test270]
235251
steps:
236252
- uses: actions/checkout@v3
237253
- name: Run Snyk to check for vulnerabilities

README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -554,7 +554,7 @@ make test
554554

555555
You can change the Kafka version of the local cluster by setting the
556556
`KAFKA_IMAGE_TAG` environment variable when running `docker-compose up -d`. See the
557-
[`wurstmeister/kafka` dockerhub page](https://hub.docker.com/r/wurstmeister/kafka/tags) for more
557+
[`bitnami/kafka` dockerhub page](https://hub.docker.com/r/bitnami/kafka/tags) for more
558558
details on the available versions.
559559

560560
#### Run against local cluster

docker-compose-auth.yml

Lines changed: 43 additions & 27 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,8 @@
1+
# By default, this docker-compose setup uses Kafka 2.7.0. This version can
2+
# be overwritten by setting the KAFKA_IMAGE_TAG environment variable.
3+
#
4+
# See https://hub.docker.com/r/bitnami/kafka/tags for the complete list.
5+
#
16
# This config sets up a simple, single-node cluster that's equipped to use SSL/TLS and/or SASL.
27
# It exposes access on four separate ports:
38
#
@@ -7,46 +12,57 @@
712
# 4. 9095: SASL over SSL
813
#
914
# See examples/auth for the associated cluster configs and certs.
10-
version: '2'
15+
version: '3'
1116

1217
services:
1318
zookeeper:
14-
image: "wurstmeister/zookeeper:latest"
19+
container_name: zookeeper
20+
hostname: zookeeper
21+
image: bitnami/zookeeper:latest
1522
ports:
1623
- "2181:2181"
24+
environment:
25+
ALLOW_ANONYMOUS_LOGIN: yes
1726

1827
kafka:
19-
image: wurstmeister/kafka:2.13-2.7.1
28+
container_name: kafka
29+
hostname: kafka
30+
image: bitnami/kafka:${KAFKA_IMAGE_TAG:-2.7.0}
31+
depends_on:
32+
- zookeeper
2033
restart: on-failure:3
21-
links:
22-
- zookeeper
2334
ports:
2435
- 9092:9092
2536
- 9093:9093
2637
- 9094:9094
2738
- 9095:9095
2839
environment:
29-
KAFKA_BROKER_ID: 1
30-
KAFKA_ADVERTISED_HOST_NAME: localhost
31-
KAFKA_ADVERTISED_PORT: 9092
32-
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
33-
KAFKA_MESSAGE_MAX_BYTES: 200000000
34-
KAFKA_LISTENERS: "PLAINTEXT://:9092,SSL://:9093,SASL_PLAINTEXT://:9094,SASL_SSL://:9095"
35-
KAFKA_ADVERTISED_LISTENERS: "PLAINTEXT://localhost:9092,SSL://localhost:9093,SASL_PLAINTEXT://localhost:9094,SASL_SSL://localhost:9095"
36-
KAFKA_SASL_ENABLED_MECHANISMS: "PLAIN,SCRAM-SHA-256,SCRAM-SHA-512"
37-
KAFKA_AUTHORIZER_CLASS_NAME: 'kafka.security.auth.SimpleAclAuthorizer'
38-
KAFKA_ALLOW_EVERYONE_IF_NO_ACL_FOUND: 'true'
39-
KAFKA_SSL_KEYSTORE_LOCATION: /certs/kafka.keystore.jks
40-
KAFKA_SSL_KEYSTORE_PASSWORD: test123
41-
KAFKA_SSL_KEY_PASSWORD: test123
42-
KAFKA_SSL_TRUSTSTORE_LOCATION: /certs/kafka.truststore.jks
43-
KAFKA_SSL_TRUSTSTORE_PASSWORD: test123
44-
KAFKA_SSL_CLIENT_AUTH: none
45-
KAFKA_SSL_ENDPOINT_IDENTIFICATION_ALGORITHM: ""
46-
KAFKA_OPTS: "-Djava.security.auth.login.config=/opt/kafka/config/kafka_server_jaas.conf"
47-
CUSTOM_INIT_SCRIPT: |-
48-
echo -e 'KafkaServer {\norg.apache.kafka.common.security.scram.ScramLoginModule required\n username="adminscram"\n password="admin-secret";\n org.apache.kafka.common.security.plain.PlainLoginModule required\n username="adminplain"\n password="admin-secret"\n user_adminplain="admin-secret";\n };' > /opt/kafka/config/kafka_server_jaas.conf;
49-
/opt/kafka/bin/kafka-configs.sh --zookeeper zookeeper:2181 --alter --add-config 'SCRAM-SHA-256=[password=admin-secret-256],SCRAM-SHA-512=[password=admin-secret-512]' --entity-type users --entity-name adminscram
40+
KAFKA_CFG_BROKER_ID: 1
41+
KAFKA_CFG_BROKER_RACK: zone1
42+
KAFKA_CFG_ZOOKEEPER_CONNECT: zookeeper:2181
43+
KAFKA_CFG_MESSAGE_MAX_BYTES: 200000000
44+
KAFKA_CFG_LISTENERS: "PLAINTEXT://:9092,SSL://:9093,SASL_PLAINTEXT://:9094,SASL_SSL://:9095"
45+
KAFKA_CFG_ADVERTISED_LISTENERS: "PLAINTEXT://localhost:9092,SSL://localhost:9093,SASL_PLAINTEXT://localhost:9094,SASL_SSL://localhost:9095"
46+
KAFKA_CFG_SASL_ENABLED_MECHANISMS: "PLAIN,SCRAM-SHA-256,SCRAM-SHA-512"
47+
KAFKA_CFG_AUTHORIZER_CLASS_NAME: "kafka.security.auth.SimpleAclAuthorizer"
48+
49+
KAFKA_CFG_ALLOW_EVERYONE_IF_NO_ACL_FOUND: "true"
50+
51+
KAFKA_CFG_SSL_KEYSTORE_LOCATION: /opt/bitnami/kafka/config/certs/kafka.truststore.jks
52+
KAFKA_CFG_SSL_KEYSTORE_PASSWORD: test123
53+
54+
KAFKA_CFG_SSL_TRUSTSTORE_LOCATION: /opt/bitnami/kafka/config/certs/kafka.truststore.jks
55+
KAFKA_CFG_SSL_TRUSTSTORE_PASSWORD: test123
56+
57+
58+
KAFKA_CFG_SSL_CLIENT_AUTH: none
59+
KAFKA_CFG_SSL_ENDPOINT_IDENTIFICATION_ALGORITHM: ""
60+
KAFKA_OPTS: "-Djava.security.auth.login.config=/opt/bitnami/kafka/config/kafka_jaas.conf"
61+
ALLOW_PLAINTEXT_LISTENER: "yes"
62+
entrypoint:
63+
- "/bin/bash"
64+
- "-c"
65+
- echo -e 'KafkaServer {\norg.apache.kafka.common.security.scram.ScramLoginModule required\n username="adminscram"\n password="admin-secret";\n org.apache.kafka.common.security.plain.PlainLoginModule required\n username="adminplain"\n password="admin-secret"\n user_adminplain="admin-secret";\n };' > /opt/bitnami/kafka/config/kafka_jaas.conf; /opt/bitnami/kafka/bin/kafka-configs.sh --zookeeper zookeeper:2181 --alter --add-config "SCRAM-SHA-256=[password=admin-secret-256],SCRAM-SHA-512=[password=admin-secret-512]" --entity-type users --entity-name adminscram; exec /entrypoint.sh /run.sh
5066
volumes:
5167
- /var/run/docker.sock:/var/run/docker.sock
52-
- ./examples/auth/certs:/certs
68+
- ./examples/auth/certs:/opt/bitnami/kafka/config/certs

0 commit comments

Comments
 (0)