diff options
| author |   su622b <su622b@att.com> | 2020-03-09 07:14:03 -0400 |
|---|---|---|
| committer | su622b <su622b@att.com> | 2020-03-09 07:16:43 -0400 |
| commit | 96b4eae15f6e43154d47b1fc2442f1345f405c0b (patch) | |
| tree | fce85c2804f007a5afbb2ed6c4b1dff734617a13 /src/main/docker | |
| parent | d1118202d8eb04babd7fa1151a5d01d85c6e93dd (diff) | |
confluent based image
Issue-ID: DMAAP-1337
Change-Id: I242f13be3b36f0bc7fdbb5fcdb3f6ba7a92647cb
Signed-off-by: su622b <su622b@att.com>
Diffstat (limited to 'src/main/docker')
| -rw-r--r-- | src/main/docker/Dockerfile | 87 | ||||
| -rw-r--r-- | src/main/docker/cadi.properties | 8 | ||||
| -rw-r--r-- | src/main/docker/kafka_server_jaas.conf | 9 |
3 files changed, 47 insertions, 57 deletions
diff --git a/src/main/docker/Dockerfile b/src/main/docker/Dockerfile index ee39c76..1896aab 100644 --- a/src/main/docker/Dockerfile +++ b/src/main/docker/Dockerfile @@ -1,57 +1,40 @@ -FROM openjdk:8-jre-alpine3.9 +FROM confluentinc/cp-base:5.3.1 + +# allow arg override of required env params +ARG KAFKA_ZOOKEEPER_CONNECT +ENV KAFKA_ZOOKEEPER_CONNECT=${KAFKA_ZOOKEEPER_CONNECT} +ARG KAFKA_ADVERTISED_LISTENERS +ENV KAFKA_ADVERTISED_LISTENERS=${KAFKA_ADVERTISED_LISTENERS} + +ENV COMPONENT=kafka \ + KAFKA_USER=mrkafka + +RUN echo "===> installing ${COMPONENT}..." \ + && apt-get update && apt-get install -y confluent-kafka-${SCALA_VERSION}=${CONFLUENT_VERSION}${CONFLUENT_PLATFORM_LABEL}-${CONFLUENT_DEB_VERSION} \ + \ + && echo "===> clean up ..." \ + && apt-get clean && rm -rf /tmp/* /var/lib/apt/lists/* \ + \ + && echo "===> Setting up ${COMPONENT} dirs..." \ + && mkdir -p /var/lib/${COMPONENT}/data /etc/${COMPONENT}/secrets/cert /etc/${COMPONENT}/secrets/jaas /etc/${COMPONENT}/data /var/log/kafka /var/log/confluent \ + && chmod -R ag+w /etc/${COMPONENT} /var/lib/${COMPONENT}/data /etc/${COMPONENT}/secrets /etc/${COMPONENT}/data /var/log/kafka /var/log/confluent \ + && chown -R root:root /var/log/kafka /var/log/confluent /var/lib/kafka /var/lib/zookeeper + +COPY include/etc/confluent/docker /etc/confluent/docker +RUN chmod -R +x /etc/confluent/docker + +COPY org.onap.dmaap.mr.trust.jks \ + org.onap.dmaap.mr.p12 \ + org.onap.dmaap.mr.keyfile \ + /etc/${COMPONENT}/secrets/cert/ -ARG kafka_version=1.1.1 -ARG scala_version=2.12 +COPY kafka11aaf-jar-with-dependencies.jar /usr/share/java/${COMPONENT}/ -RUN apk add --update unzip wget curl jq coreutils bash +RUN useradd -u 1000 -g 0 $KAFKA_USER -ENV KAFKA_VERSION=$kafka_version SCALA_VERSION=$scala_version +USER $KAFKA_USER -COPY download-kafka.sh \ - kafka_server_jaas.conf \ - org.onap.dmaap.mr.trust.jks \ - org.onap.dmaap.mr.p12 \ - org.onap.dmaap.mr.keyfile \ - cadi.properties \ - kafka11aaf-jar-with-dependencies.jar \ - dmaapMMAgent.jar \ - kafka-run-class.sh \ - /tmp/ - -COPY mmagent.config \ - consumer.properties \ - producer.properties \ - /opt/etc/ - -RUN chmod a+x /tmp/download-kafka.sh && sync && /tmp/download-kafka.sh && tar xfz /tmp/kafka_${SCALA_VERSION}-${KAFKA_VERSION}.tgz -C /opt && rm /tmp/kafka_${SCALA_VERSION}-${KAFKA_VERSION}.tgz && ln -s /opt/kafka_${SCALA_VERSION}-${KAFKA_VERSION} /opt/kafka - -VOLUME ["/kafka"] - -ENV KAFKA_HOME /opt/kafka -ENV PATH ${PATH}:${KAFKA_HOME}/bin - -COPY start-kafka.sh \ - broker-list.sh \ - create-topics.sh \ - start-kafkaOrMirrorMaker.sh \ - start-mirrormaker.sh \ - /usr/bin/ - -RUN mkdir /opt/logs && \ - touch /opt/logs/mmagent.log - -# The scripts need to have executable permission -RUN chmod a+x /usr/bin/start-kafka.sh && \ - chmod a+x /usr/bin/broker-list.sh && \ - chmod a+x /usr/bin/start-kafkaOrMirrorMaker.sh && \ - chmod a+x /usr/bin/start-mirrormaker.sh && \ - chmod a+x /usr/bin/create-topics.sh -# Use "exec" form so that it runs as PID 1 (useful for graceful shutdown) -CMD ["start-kafkaOrMirrorMaker.sh"] - -RUN addgroup -S -g 1000 mrkafka \ - && adduser -S -u 1000 mrkafka mrkafka \ - && chown -R mrkafka:mrkafka /opt/kafka/ /opt/logs/ /opt/etc/ /kafka/ /usr/bin/ /tmp/ - -USER mrkafka +EXPOSE 9092 9093 + +CMD ["/etc/confluent/docker/run"]
\ No newline at end of file diff --git a/src/main/docker/cadi.properties b/src/main/docker/cadi.properties index a63a1bf..55d11c4 100644 --- a/src/main/docker/cadi.properties +++ b/src/main/docker/cadi.properties @@ -3,13 +3,13 @@ aaf_url=https://AAF_LOCATE_URL/onap.org.osaaf.aaf.service:2.1 aaf_env=DEV aaf_lur=org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm -cadi_truststore=/opt/kafka/config/org.onap.dmaap.mr.trust.jks +cadi_truststore=/etc/kafka/secrets/cert/org.onap.dmaap.mr.trust.jks cadi_truststore_password=enc:gvXm0E9p-_SRNw5_feOUE7wqXBxgxV3S_bdAyB08Sq9F35cCUZHWgQyKIDtTAbEw -cadi_keyfile=/opt/kafka/config/org.onap.dmaap.mr.keyfile +cadi_keyfile=/etc/kafka/secrets/cert/org.onap.dmaap.mr.keyfile cadi_alias=dmaapmr@mr.dmaap.onap.org -cadi_keystore=/opt/kafka/config/org.onap.dmaap.mr.p12 +cadi_keystore=/etc/kafka/secrets/cert/org.onap.dmaap.mr.p12 cadi_keystore_password=enc:pLMCzQzk-OP7IpYNi0TPtQSkNcraFAdarZG8HbdOKq4BycW6g_7mfhphLhOZo6ht cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US @@ -17,4 +17,4 @@ cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_ cadi_loglevel=INFO cadi_protocols=TLSv1.1,TLSv1.2 cadi_latitude=37.78187 -cadi_longitude=-122.26147
\ No newline at end of file +cadi_longitude=-122.26147 diff --git a/src/main/docker/kafka_server_jaas.conf b/src/main/docker/kafka_server_jaas.conf index 163041b..3e69fc6 100644 --- a/src/main/docker/kafka_server_jaas.conf +++ b/src/main/docker/kafka_server_jaas.conf @@ -1,5 +1,12 @@ KafkaServer { org.onap.dmaap.kafkaAuthorize.PlainLoginModule1 required username="admin" - password="admin_secret"; + password="admin_secret" + user_admin="admin_secret"; }; +Client { + org.apache.zookeeper.server.auth.DigestLoginModule required + username="kafka" + password="kafka_secret"; + }; + |