自动秒收录

kafka是做什么的 (kafka)


文章编号:597 / 更新时间:2023-11-08 14:06:34 / 浏览:
开发者

kafka-manager

# 要求
Kafka 0.8.. or 0.9.. or 0.10.. or 0.11..
Java 11+
[root@kafka ~]# https://github.com/yahoo/CMAK/releases/download/3.0.0.5/cmak-3.0.0.5.zip
[root@kafka ~]# cd /usr/local
[root@kafka localhost]# unzip -o cmak-3.0.0.5.zip
[root@kafka localhost]# cd cmak/conf
[root@kafka conf]# cp application.conf{,.bak}
[root@kafka conf]# vim application.conf
# kafka-manager.zkhosts="kafka-manager-zookeeper:2181" 
# kafka-manager.zkhosts=${?ZK_HOSTS}
  cmak.zkhosts="192.168.57.130:12181,192.168.57.131:12181,192.168.57.132:12181"
# cmak.zkhosts=${?ZK_HOSTS}
[root@kafka conf]# ../bin/cmak    # 启动

# 默认情况下,它将选择端口9000。这是可覆盖的,配置文件的位置也是如此
[root@kafka bin]# ./cmak -Dconfig.file=/path/to/application.conf -Dhttp.port=8080
# 如果java不在您的路径中,或者您需要针对其他版本的Java运行,请添加-java-home选项
[root@kafka bin]# ./cmak -java-home /usr/lib/jvm/zulu-11-amd64
# 通过安全性启动服务,要为SASL添加JAAS配置(注意:确保运行CMAK(pka kafka管理器)的用户具有jaas配置文件的读取权限)
[root@kafka bin]# ./cmak -Djava.security.auth.login.config=/path/to/my-jaas.conf

配置文件解释(从github上拉取的)

#版权所有2015 Yahoo Inc.。已获得Apache许可,版本2.0
#请参阅随附的LICENSE文件。
#这是应用程序的主要配置文件。
# 密钥
#密钥用于保护密码功能。
#如果将应用程序部署到多个实例,请确保使用相同的密钥!
play.crypto.secret =“ ^ play.crypto.secret = $ {?APPLICATION_SECRET}
play.http.session.maxAge =“ 1h”
#应用语言
play.i18n.langs = [“ en”]
play.http.requestHandler =“ play.http.DefaultHttpRequestHandler”
play.http.context =“ /”
play.application.loader = loader.KafkaManagerLoader
# 以'kafka-manager'开头的设置。将不推荐使用,请使用“ cmak”。代替。
# https://github.com/yahoo/CMAK/issues/713
kafka-manager.zkhosts =“ kafka-manager-zookeeper:2181”
kafka-manager.zkhosts = $ {?ZK_HOSTS}
cmak.zkhosts =“ kafka-manager-zookeeper:2181”
cmak.zkhosts = $ {?ZK_HOSTS}
pinned-dispatcher.type =“ PinnedDispatcher”
pinned-dispatcher.executor =“线程池执行器”
application.features = [“” KMClusterManagerFeature“,” KMTopicManagerFeature“,” KMPreferredReplicaElectionFeature“,” KMReassignPartitionsFeature“,” KMScheduleLeaderElectionFeature“]
阿卡{
  记录器= [“ akka.event.slf4j.Slf4jLogger”]
  loglevel =“ INFO”
akka.logger-startup-timeout = 60s
basicAuthentication.enabled = false
basicAuthentication.enabled = $ {?KAFKA_MANAGER_AUTH_ENABLED}
basicAuthentication.ldap.enabled = false
basicAuthentication.ldap.enabled = $ {?KAFKA_MANAGER_LDAP_ENABLED}
basicAuthentication.ldap.server =“”
basicAuthentication.ldap.server = $ {?KAFKA_MANAGER_LDAP_SERVER}
basicAuthentication.ldap.port = 389
basicAuthentication.ldap.port = $ {?KAFKA_MANAGER_LDAP_PORT}
basicAuthentication.ldap.username =“”
basicAuthentication.ldap.username = $ {?KAFKA_MANAGER_LDAP_USERNAME}
basicAuthentication.ldap.password =“”
basicAuthentication.ldap.password = $ {?KAFKA_MANAGER_LDAP_PASSWORD}
basicAuthentication.ldap.search-base-dn =“”
basicAuthentication.ldap.search-base-dn = $ {?KAFKA_MANAGER_LDAP_SEARCH_BASE_DN}
basicAuthentication.ldap.search-filter =“(uid = $ capturedLogin $)”
basicAuthentication.ldap.search-filter = $ {?KAFKA_MANAGER_LDAP_SEARCH_FILTER}
basicAuthentication.ldap.group-filter =“”
basicAuthentication.ldap.group-filter = $ {?KAFKA_MANAGER_LDAP_GROUP_FILTER}
basicAuthentication.ldap.connection-pool-size = 10
basicAuthentication.ldap.connection-pool-size = $ {?KAFKA_MANAGER_LDAP_CONNECTION_POOL_SIZE}
basicAuthentication.ldap.ssl = false
basicAuthentication.ldap.ssl = $ {?KAFKA_MANAGER_LDAP_SSL}
basicAuthentication.ldap.ssl-trust-all = false
basicAuthentication.ldap.ssl-trust-all = $ {?KAFKA_MANAGER_LDAP_SSL_TRUST_ALL}
basicAuthentication.username =“ admin”
basicAuthentication.username = $ {?KAFKA_MANAGER_USERNAME}
basicAuthentication.password =“密码”
basicAuthentication.password = $ {?KAFKA_MANAGER_PASSWORD}
basicAuthentication.realm =“ Kafka-管理器”
basicAuthentication.excluded = [“ / api / health”]#ping不经过身份验证的实例的运行状况
kafka-manager.consumer.properties.file = $ {?CONSUMER_PROPERTIES_FILE}

cmak.zkhosts="my.zookeeper.host.com:2181"
# 您可以通过逗号分隔来指定多个zookeeper主机,如下所示:
cmak.zkhosts="my.zookeeper.host.com:2181,other.zookeeper.host.com:2181"
# 另外,ZK_HOSTS如果您不想对任何值进行硬编码,请使用环境变量。
ZK_HOSTS="my.zookeeper.host.com:2181"

# 您可以选择通过修改application.conf中的默认列表来启用/禁用以下功能:
application.features=["KMClusterManagerFeature","KMTopicManagerFeature","KMPreferredReplicaElectionFeature","KMReassignPartitionsFeature"]
KMClusterManagerFeature-'允许从CMAK添加,更新,删除集群(pka Kafka Manager)
KMTopicManagerFeature-'允许从Kafka集群添加,更新,删除主题
KMPreferredReplicaElectionFeature-'允许运行Kafka集群的首选副本选举
KMReassignPartitionsFeature-'允许生成分区分配并重新分配分区

# 考虑为启用了jmx的较大群集设置这些参数:
cmak.broker-view-thread-pool-size = <3 '经纪人人数'>
cmak.broker-view-max-queue-size = <3 '所有主题的分区总数'>
cmak.broker-view-update-seconds = 
# 这是一个具有10个代理,100个主题的kafka集群的示例,每个主题有10个分区,其中启用了JMX的分区总数为1000:
cmak.broker-view-thread-pool-size = 30
cmak.broker-view-max-queue-size = 3000
cmak.broker-view-update-seconds = 30

# follow控制使用者偏移缓存的线程池和队列:
cmak.offset-cache-thread-pool-size = <'默认为处理器数量'>
cmak.offset-cache-max-queue-size = <'默认值为1000'>
cmak.kafka-admin-client-thread-pool-size = <'默认为处理器数量'>
cmak.kafka-admin-client-max-queue-size = <'默认值为1000'>
# 对于启用了消费者轮询的大量消费者,您应该增加上述值。尽管它主要影响基于ZK的用户轮询。
# Kafka管理的使用者偏移量现在由KafkaManagedOffsetCache从"__consumer_offsets"主题中使用。请注意,这尚未经过大量偏移量的测试。每个群集只有一个线程在使用该主题,因此它可能无法跟上大量推送到该主题的偏移量。

使用LDAP验证用户
# 警告
  您需要使用CMAK(pka Kafka管理器)配置SSL,以确保您的凭据不会未经加密地传递。通过将用户凭据与Authorization标头一起传递,可以使用LDAP验证用户。首次访问时会进行LDAP身份验证,如果成功,则会设置一个cookie。在下一个请求时,将cookie值与Authorization标头中的凭据进行比较。LDAP支持通过基本身份验证过滤器进行。
# 配置基本身份验证
basicAuthentication.enabled = true
basicAuthentication.realm = <'基本身份验证领域'>
# 加密参数(可选,否则在启动时随机生成):
basicAuthentication.salt ='某些十六进制字符串表示字节数组'
basicAuthentication.iv ="某些十六进制字符串表示字节数组"
basicAuthentication.secret ="my-secret-string"
# 配置LDAP / LDAPS身份验证
basicAuthentication.ldap.enabled = <'用于启用/禁用ldap认证的布尔标志'>
basicAuthentication.ldap.server = <'LDAP服务器的fqdn'>
basicAuthentication.ldap.port = <'LDAP服务器的端口'>
basicAuthentication.ldap.username = <'LDAP搜索用户名'>
basicAuthentication.ldap.password = <'LDAP搜索密码'>
basicAuthentication.ldap.search-base-dn = <'LDAP搜索库'>
basicAuthentication.ldap.search-filter = <'LDAP搜索过滤器'>
basicAuthentication.ldap.connection-pool-size = <'与LDAP服务器的连接数'>
basicAuthentication.ldap.ssl = <'用于启用/禁用LDAPS的布尔标志'>
# (可选)限制对特定LDAP组的访问
basicAuthentication.ldap.group-filter = <'LDAP组过滤器'>
basicAuthentication.ldap.ssl-trust-all = <'用于允许未过期无效证书的布尔标志'>
# 示例(在线LDAP测试服务器):
basicAuthentication.ldap.enabled = true
basicAuthentication.ldap.server =“ ldap.forumsys.com”
basicAuthentication.ldap.port = 389
basicAuthentication.ldap.username =“ cn =只读管理员,dc =示例,dc = com”
basicAuthentication.ldap.password =“密码”
basicAuthentication.ldap.search-base-dn =“ dc = example,dc = com”
basicAuthentication.ldap.search-filter =“(uid = $ capturedLogin $)”
basicAuthentication.ldap.group-filter =“ cn =允许组,ou =组,dc =示例,dc = com”
basicAuthentication.ldap.connection-pool-size = 10
basicAuthentication.ldap.ssl = false
basicAuthentication.ldap.ssl-trust-all = false



相关标签: 云计算云原生阿里云开发者开源

本文地址:https://www.0558.la/article/635ec0380a8b86549d34.html

上一篇:docker是干什么的Docker基于一个tomcat镜像...
下一篇:新注册的域名多久可以备案新注册的域名要如...

温馨提示

做上本站友情链接,在您站上点击一次,即可自动收录并自动排在本站第一位!
<a href="https://www.0558.la/" target="_blank">自动秒收录</a>
相关推荐
网址推荐
文章推荐

Copyright @ 2021 自动秒收录 此内容系本站根据来路自动抓取的结果,不代表本站赞成被显示网站的内容或立场。

技术支持:自动秒收录