郑州淘宝网站推广 汉狮网络一个网站用多个域名
2026/1/16 10:48:45
创建一个网站多少钱自己做qq头像的网站
创建一个网站多少钱,自己做qq头像的网站,文案素材网站,网站建设设计平台在单台服务器上使用 Docker Compose 部署 Kafka 3.7 KRaft 集群#xff08;3 节点#xff09; 。所有 3 个 Kafka 节点#xff08;combined mode#xff1a;broker controller#xff09;运行在同一台物理机上#xff0c;通过不同端口区分#xff0c;适用于开发、测试或…在单台服务器上使用 Docker Compose 部署 Kafka 3.7 KRaft 集群3 节点。所有 3 个 Kafka 节点combined modebroker controller运行在同一台物理机上通过不同端口区分适用于开发、测试或轻量级生产场景。特点单机部署无需多台云服务器使用官方apache/kafka:3.7.0镜像内置 JDK 17启用SASL/PLAIN 认证支持从本机外部如本地电脑访问 Kafka环境要求操作系统CentOS 7/8/9、Ubuntu 等本例以 CentOS 为例Docker ≥ 20.10Docker Compose ≥ v2.0或docker-compose可用内存 ≥ 4GB建议 6GB目录结构kafka-cluster/ ├── docker-compose.yml ├── kafka/ │ └── kafka_server_jaas.conf └── client/ ├── kafka_admin_client_jaas.conf └── client.properties第一步创建配置文件1. 创建 JAAS 文件服务端mkdir-p /opt/kafka-cluster/{kafka,client}cd/opt/kafka-clustercatkafka/kafka_server_jaas.confEOF KafkaServer { org.apache.kafka.common.security.plain.PlainLoginModule required usernameadmin passwordStrongPassword123! user_adminStrongPassword123! user_producerStrongPassword456! user_consumerStrongPassword789!; }; EOF密码请按需修改但所有节点必须一致。2. 客户端认证文件用于测试catclient/kafka_admin_client_jaas.confEOF KafkaClient { org.apache.kafka.common.security.plain.PlainLoginModule required usernameadmin passwordStrongPassword123!; }; EOFcatclient/client.propertiesEOF security.protocolSASL_PLAINTEXT sasl.mechanismPLAIN sasl.jaas.configorg.apache.kafka.common.security.plain.PlainLoginModule required usernameadmin passwordStrongPassword123!; EOF第二步编写docker-compose.yml单机 3 节点vi docker-compose.yml内容如下version:3.8services:kafka1:image:apache/kafka:3.7.0container_name:kafka1ports:-9092:9092environment:KAFKA_NODE_ID:1KAFKA_PROCESS_ROLES:broker,controllerKAFKA_LISTENERS:SASL_PLAINTEXT://:9092,PLAINTEXT://:9094,CONTROLLER://:9093KAFKA_ADVERTISED_LISTENERS:SASL_PLAINTEXT://host.docker.internal:9092,PLAINTEXT://kafka1:9094KAFKA_LISTENER_SECURITY_PROTOCOL_MAP:SASL_PLAINTEXT:SASL_PLAINTEXT,PLAINTEXT:PLAINTEXT,CONTROLLER:PLAINTEXTKAFKA_CONTROLLER_QUORUM_VOTERS:1kafka1:9093,2kafka2:9093,3kafka3:9093KAFKA_CONTROLLER_LISTENER_NAMES:CONTROLLERKAFKA_INTER_BROKER_LISTENER_NAME:PLAINTEXTKAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR:3KAFKA_TRANSACTION_STATE_LOG_REPLICATION_FACTOR:3KAFKA_CFG_AUTHORIZER_CLASS_NAME:org.apache.kafka.metadata.authorizer.StandardAuthorizerKAFKA_SASL_ENABLED_MECHANISMS:PLAINKAFKA_SASL_MECHANISM_CONTROLLER_PROTOCOL:PLAINKAFKA_OPTS:-Djava.security.auth.login.config/opt/kafka/config/kafka_server_jaas.confvolumes:-./kafka/kafka_server_jaas.conf:/opt/kafka/config/kafka_server_jaas.confnetworks:-kafka-netextra_hosts:-host.docker.internal:host-gatewaykafka2:image:apache/kafka:3.7.0container_name:kafka2ports:-9093:9092environment:KAFKA_NODE_ID:2KAFKA_PROCESS_ROLES:broker,controllerKAFKA_LISTENERS:SASL_PLAINTEXT://:9092,PLAINTEXT://:9094,CONTROLLER://:9093KAFKA_ADVERTISED_LISTENERS:SASL_PLAINTEXT://host.docker.internal:9093,PLAINTEXT://kafka2:9094KAFKA_LISTENER_SECURITY_PROTOCOL_MAP:SASL_PLAINTEXT:SASL_PLAINTEXT,PLAINTEXT:PLAINTEXT,CONTROLLER:PLAINTEXTKAFKA_CONTROLLER_QUORUM_VOTERS:1kafka1:9093,2kafka2:9093,3kafka3:9093KAFKA_CONTROLLER_LISTENER_NAMES:CONTROLLERKAFKA_INTER_BROKER_LISTENER_NAME:PLAINTEXTKAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR:3KAFKA_TRANSACTION_STATE_LOG_REPLICATION_FACTOR:3KAFKA_CFG_AUTHORIZER_CLASS_NAME:org.apache.kafka.metadata.authorizer.StandardAuthorizerKAFKA_SASL_ENABLED_MECHANISMS:PLAINKAFKA_SASL_MECHANISM_CONTROLLER_PROTOCOL:PLAINKAFKA_OPTS:-Djava.security.auth.login.config/opt/kafka/config/kafka_server_jaas.confvolumes:-./kafka/kafka_server_jaas.conf:/opt/kafka/config/kafka_server_jaas.confnetworks:-kafka-netextra_hosts:-host.docker.internal:host-gatewaykafka3:image:apache/kafka:3.7.0container_name:kafka3ports:-9094:9092environment:KAFKA_NODE_ID:3KAFKA_PROCESS_ROLES:broker,controllerKAFKA_LISTENERS:SASL_PLAINTEXT://:9092,PLAINTEXT://:9094,CONTROLLER://:9093KAFKA_ADVERTISED_LISTENERS:SASL_PLAINTEXT://host.docker.internal:9094,PLAINTEXT://kafka3:9094KAFKA_LISTENER_SECURITY_PROTOCOL_MAP:SASL_PLAINTEXT:SASL_PLAINTEXT,PLAINTEXT:PLAINTEXT,CONTROLLER:PLAINTEXTKAFKA_CONTROLLER_QUORUM_VOTERS:1kafka1:9093,2kafka2:9093,3kafka3:9093KAFKA_CONTROLLER_LISTENER_NAMES:CONTROLLERKAFKA_INTER_BROKER_LISTENER_NAME:PLAINTEXTKAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR:3KAFKA_TRANSACTION_STATE_LOG_REPLICATION_FACTOR:3KAFKA_CFG_AUTHORIZER_CLASS_NAME:org.apache.kafka.metadata.authorizer.StandardAuthorizerKAFKA_SASL_ENABLED_MECHANISMS:PLAINKAFKA_SASL_MECHANISM_CONTROLLER_PROTOCOL:PLAINKAFKA_OPTS:-Djava.security.auth.login.config/opt/kafka/config/kafka_server_jaas.confvolumes:-./kafka/kafka_server_jaas.conf:/opt/kafka/config/kafka_server_jaas.confnetworks:-kafka-netextra_hosts:-host.docker.internal:host-gatewaynetworks:kafka-net:driver:bridge关键说明配置说明host.docker.internal线下想使用且没有域名的话可以替换成公网ip(在实验时博主是配置的公网IP)端口映射9092→9092,9093→9092,9094→9092→ 外部通过宿主机IP:9092/9093/9094访问KAFKA_ADVERTISED_LISTENERS必须设为host.docker.internal否则客户端连错地址所有节点共用同一 JAAS 文件用户密码一致第三步启动集群cd/opt/kafka-cluster docker compose up -d如果提示docker compose不存在请安装sudocurl-Lhttps://github.com/docker/compose/releases/latest/download/docker-compose-$(uname-s)-$(uname-m)-o /usr/local/bin/docker-composesudochmodx /usr/local/bin/docker-compose查看日志docker compose logs -f kafka1成功标志[main] INFO ... Kafka is now ready to serve requests首次启动可能需要 30~60 秒完成 controller 选举。第四步验证集群从宿主机外部访问假设你的服务器公网 IP 是142.12.153.25则外部可通过142.12.153.25:9092142.12.153.25:9093142.12.153.25:9094连接 Kafka。1. 创建 Topic在服务器本地执行使用 PLAINTEXT 端口 9094 创建 topic无需认证内部专用docker run --rm -it\--network kafka-cluster_kafka-net\apache/kafka:3.7.0\/opt/kafka/bin/kafka-topics.sh\--create\--topic test-single-host\--partitions3\--replication-factor3\--bootstrap-server kafka1:9094,kafka2:9094,kafka3:9094#列出topicdocker run --rm -it\--network kafka-cluster_kafka-net\-v$(pwd)/client/kafka_admin_client_jaas.conf:/tmp/jaas.conf\-v$(pwd)/client/client.properties:/tmp/client.properties\apache/kafka:3.7.0bash-c export KAFKA_OPTS-Djava.security.auth.login.config/tmp/jaas.conf \ /opt/kafka/bin/kafka-topics.sh \ --list \ --bootstrap-server kafka1:9092,kafka2:9092,kafka3:9092 \ --command-config /tmp/client.properties #生产者生产消息echoHello Kafka|docker run --rm -i\--network kafka-cluster_kafka-net\-v$(pwd)/client/kafka_admin_client_jaas.conf:/tmp/jaas.conf\-v$(pwd)/client/client.properties:/tmp/client.properties\apache/kafka:3.7.0bash-c export KAFKA_OPTS-Djava.security.auth.login.config/tmp/jaas.conf \ /opt/kafka/bin/kafka-console-producer.sh \ --bootstrap-server kafka1:9092 \ --producer.config /tmp/client.properties \ --topic test-single-host #消费者消费消息docker run --rm -it\--network kafka-cluster_kafka-net\-v$(pwd)/client/kafka_admin_client_jaas.conf:/tmp/jaas.conf\-v$(pwd)/client/client.properties:/tmp/client.properties\apache/kafka:3.7.0bash-c export KAFKA_OPTS-Djava.security.auth.login.config/tmp/jaas.conf \ /opt/kafka/bin/kafka-console-consumer.sh \ --bootstrap-server kafka1:9092,kafka2:9092,kafka3:9092 \ --consumer.config /tmp/client.properties \ --topic test-single-host \ --from-beginning 2. 从本地电脑线下测试生产消息# 替换 YOUR_SERVER_PUBLIC_IPSERVER_IP142.12.153.25echoHello from local!|docker run --rm -i\-v$(pwd)/client/kafka_admin_client_jaas.conf:/tmp/jaas.conf\-v$(pwd)/client/client.properties:/tmp/client.properties\apache/kafka:3.7.0bash-c export KAFKA_OPTS-Djava.security.auth.login.config/tmp/jaas.conf \ /opt/kafka/bin/kafka-console-producer.sh \ --bootstrap-server 115.159.155.193:9092 \ --producer.config /tmp/client.properties \ --topic test-single-host 3. 消费消息本地docker run --rm -it\-v$(pwd)/client/kafka_admin_client_jaas.conf:/tmp/jaas.conf\-v$(pwd)/client/client.properties:/tmp/client.properties\apache/kafka:3.7.0bash-c export KAFKA_OPTS-Djava.security.auth.login.config/tmp/jaas.conf \ /opt/kafka/bin/kafka-console-consumer.sh \ --bootstrap-server${SERVER_IP}:9092 \ --consumer.config /tmp/client.properties \ --topic test-single-host \ --from-beginning \ --timeout-ms 10000 如果看到消息说明单机 Kafka 集群工作正常上面23均未检验仅在本地客户端通过过公网ip的方式连上kafka并进行生产和消费消息安全与网络建议防火墙只开放9092-9094给可信 IPsudofirewall-cmd --permanent --add-port9092-9094/tcpsudofirewall-cmd --reload不要用于公网生产环境建议仅限内网或测试升级为 SASL_SSL如需加密传输停止容器docker compose down