confluent-kafka-python icon indicating copy to clipboard operation
confluent-kafka-python copied to clipboard

Published 20 hours ago verified publisher icon confluentinc

Cannot create local docker-compose file for Confluent Cloud env replication

Open nilansaha opened this issue 4 years ago • 3 comments

Description

I want to create a local kafka setup using docker-compose that replicates very closely the secured kafka setup in confluent cloud.

The cluster I have in Confluent Cloud can be connected to using

c = Consumer(
    {
        "bootstrap.servers": "broker_url",
        "sasl.mechanism": "PLAIN",
        "security.protocol": "SASL_SSL",
        "sasl.username": "key",
        "sasl.password": "secret",
        "group.id": "consumer-name",
    }
)

But I am unable to create a docker-compose.yml locally that has the same config and can be connected to using the same code.

version: '3'
services:
    zookeeper:
        image: confluentinc/cp-zookeeper:6.2.0
        ports:
            - "2181:2181"
        environment:
            ZOOKEEPER_CLIENT_PORT: 2181

    kafka:
        image: confluentinc/cp-kafka:6.2.0
        depends_on:
            - zookeeper
        ports:
            - '9092:9092'
            - '19092:19092'
        expose:
            - '29092'
        environment:
            KAFKA_ZOOKEEPER_CONNECT: 'zookeeper:2181'
            KAFKA_LISTENERS: INSIDE-DOCKER-NETWORK://0.0.0.0:29092,OTHER-DOCKER-NETWORK://0.0.0.0:19092,HOST://0.0.0.0:9092
            KAFKA_ADVERTISED_LISTENERS: INSIDE-DOCKER-NETWORK://kafka:29092,OTHER-DOCKER-NETWORK://host.docker.internal:19092,HOST://localhost:9092
            KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: INSIDE-DOCKER-NETWORK:PLAINTEXT,OTHER-DOCKER-NETWORK:PLAINTEXT,HOST:PLAINTEXT
            KAFKA_INTER_BROKER_LISTENER_NAME: INSIDE-DOCKER-NETWORK
            KAFKA_AUTO_CREATE_TOPICS_ENABLE: 'true'
            KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1
            # Allow to swiftly purge the topics using retention.ms
            KAFKA_LOG_RETENTION_CHECK_INTERVAL_MS: 100
            # Security Stuff
            KAFKA_LISTENER_NAME_EXTERNAL_PLAIN_SASL_JAAS_CONFIG: |
                org.apache.kafka.common.security.plain.PlainLoginModule required \
                username="broker" \
                password="broker" \
                user_alice="alice-secret";
            KAFKA_SASL_ENABLED_MECHANISMS: PLAIN
            KAFKA_SASL_MECHANISM_INTER_BROKER_PROTOCOL: SASL_SSL

Here is what I have in terms of the local docker-compose file but its not working This is the error I get when I try connecting using the same code

%3|1628019607.757|FAIL|rdkafka#consumer-1| [thrd:sasl_ssl://localhost:9092/bootstrap]: sasl_ssl://localhost:9092/bootstrap: SSL handshake failed: Disconnected: connecting to a PLAINTEXT broker listener? (after 9ms in state SSL_HANDSHAKE)

Checklist

Please provide the following information:

  • [ ] confluent-kafka-python and librdkafka version (confluent_kafka.version() and confluent_kafka.libversion()):
  • [ ] Apache Kafka broker version:
  • [ ] Client configuration: {...}
  • [ ] Operating system:
  • [ ] Provide client logs (with 'debug': '..' as necessary)
  • [ ] Provide broker log excerpts
  • [ ] Critical issue

nilansaha avatar Aug 03 '21 19:08 nilansaha

Can you please fill up the checklist above?

jliunyu avatar Mar 28 '22 19:03 jliunyu

https://rmoff.net/2018/08/02/kafka-listeners-explained/

edenhill avatar Mar 29 '22 08:03 edenhill

@nilansaha can this be closed?

nhaq-confluent avatar Mar 05 '24 22:03 nhaq-confluent