特性 | KRaft 模式 | Zookeeper 模式 |
---|---|---|
使用共识算法 | Raft | Zookeeper |
可用性 | 高 | 高 |
扩展性 | 高 | 高 |
安全性 | 高 | 高 |
复杂度 | 低 | 高 |
helm repo add bitnami https://charts.bitnami.com/bitnami
helm pull bitnami/kafka --untar
helm install kafka kafka --values ./kafka/values.yaml \
--set replicaCount=1 \
--set kafka.kafkaConfigOverrides=transaction.state.log.replication.factor=1 \
--set kafka.kafkaConfigOverrides=transaction.state.log.min.isr=1 \
--set kafka.kafkaConfigOverrides=default.replication.factor=1 \
--set kafka.kafkaConfigOverrides=num.io.threads=2 \
--set kafka.kafkaConfigOverrides=num.network.threads=2 \
--set kafka.kafkaConfigOverrides=inter.broker.protocol.version=3.5.1 \
--set kafka.kafkaConfigOverrides=offsets.topic.replication.factor=1 \
--set kafka.kafkaConfigOverrides=transaction.state.log.num.partitions=50
kafka-controller-0.kafka-controller-headless.openim-dev.svc.cluster.local:9092
kafka-controller-1.kafka-controller-headless.openim-dev.svc.cluster.local:9092
kafka-controller-2.kafka-controller-headless.openim-dev.svc.cluster.local:9092
The CLIENT listener for Kafka client connections from within your cluster have been configured with the following security settings:
- SASL authentication
To connect a client to your Kafka, you need to create the 'client.properties' configuration files with the content below:
security.protocol=SASL_PLAINTEXT
sasl.mechanism=SCRAM-SHA-256
sasl.jaas.config=org.apache.kafka.common.security.scram.ScramLoginModule required \
username="user1" \
password="$(kubectl get secret kafka-user-passwords --namespace openim-dev -o jsonpath='{.data.client-passwords}' | base64 -d | cut -d , -f 1)";
在安装一个kafka-web
apiVersion: apps/v1
kind: Deployment
metadata:
name: kafka-ui
labels:
app: kafka-ui
spec:
replicas: 1
selector:
matchLabels:
app: kafka-ui
template:
metadata:
labels:
app: kafka-ui
spec:
containers:
- name: kafka-ui
image: provectuslabs/kafka-ui:latest
env:
- name: KAFKA_CLUSTERS_0_NAME
value: '可以自定义名字 Kafka Cluster'
- name: KAFKA_CLUSTERS_0_BOOTSTRAPSERVERS
value: 'kafka-controller-0:9092,kafka-controller-1:9092,kafka-controller-2:9092'
- name: KAFKA_CLUSTERS_0_PROPERTIES_SECURITY_PROTOCOL
value: 'SASL_PLAINTEXT'
- name: KAFKA_CLUSTERS_0_PROPERTIES_SASL_MECHANISM
value: 'PLAIN'
- name: KAFKA_CLUSTERS_0_PROPERTIES_SASL_JAAS_CONFIG
value: 'org.apache.kafka.common.security.plain.PlainLoginModule required username="user1" password="19fJTxgwnD";'
resources:
requests:
memory: "256Mi"
cpu: "100m"
ports:
- containerPort: 8080
---
apiVersion: v1
kind: Service
metadata:
name: kafka-ui
spec:
selector:
app: kafka-ui
type: NodePort
ports:
- protocol: TCP
port: 8080
targetPort: 8080