根据文档,wurstmeister/kafka docker的ssl配置将在 server.properties 文件,如下所示:
listeners=PLAINTEXT://host.name:port,SSL://host.name:port
# The following is only needed if the value is different from ``listeners``, but it should contain
# the same security protocols as ``listeners``
advertised.listeners=PLAINTEXT://host.name:port,SSL://host.name:port和
ssl.keystore.location=/var/private/ssl/kafka.server.keystore.jks
ssl.keystore.password=test1234
ssl.key.password=test1234
ssl.truststore.location=/var/private/ssl/kafka.server.truststore.jks
ssl.truststore.password=test1234资料来源:https://docs.confluent.io/3.0.0/kafka/ssl.html#configuring-Kafka经纪人
我还遵循了其余的文档,因此我还配置了ssl和端口9093:
listeners=PLAINTEXT://:9092,SSL://:9093
advertised.listeners=PLAINTEXT://localhost:9092,SSL://localhost:9093完成后,我尝试再次停止并启动服务器:
docker stop wurstmeister_kafka_1
docker start wurstmeister_kafka_1还有
docker restart wurstmeister_kafka_1但当我和 docker ps ,我看不到端口9093绑定:
λ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS
NAMES
b6c5685414ec wurstmeister/kafka:latest "start-kafka.sh" 3 days ago Up 6 minutes 0.0.0.0:9092->9092/tcp
wurstmeister_kafka_1
ded10e44873a wurstmeister/zookeeper:latest "/bin/sh -c '/usr/sb…" 3 days ago Up 3 days 22/tcp, 2888/tcp, 3888/tcp, 0.0.0.0:2181->2181/tcp wurstmeister_zookeeper_1以及以下命令 openssl s_client -debug -connect localhost:9093 -tls1 所说的错误:
λ openssl s_client -debug -connect localhost:9093 -tls1
20024:error:0200274D:system library:connect:reason(1869):../openssl-1.1.1a/crypto/bio/b_sock2.c:110:
20024:error:2008A067:BIO routines:BIO_connect:connect error:../openssl-1.1.1a/crypto/bio/b_sock2.c:111:
20024:error:0200274D:system library:connect:reason(1869):../openssl-1.1.1a/crypto/bio/b_sock2.c:110:
20024:error:2008A067:BIO routines:BIO_connect:connect error:../openssl-1.1.1a/crypto/bio/b_sock2.c:111:
connect:errno=0如何重新启动docker以便 server.properties 是否生效?如果这不是正确的方法,那是什么?
1条答案
按热度按时间omtl5h9j1#
docker不会在图像中保留文件更改。
你要么自己卷装
server.properties或者查看环境变量是否允许您在映像启动期间更新配置(类似于confluentinc/kafka图像)