Skip to content
/ kafka-sasl-opa Public
forked from llofberg/kafka-sasl-opa

Kafka in Docker with SSL/SASL and OPA authorization

0 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

flolas/kafka-sasl-opa

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

17 Commits
docker
docker
 
 
kafka-sasl-opa-clients
kafka-sasl-opa-clients
 
 
secrets
secrets
 
 
.editorconfig
.editorconfig
 
 
.env
.env
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
docker-compose.yml
docker-compose.yml
 
 
kafka_authz.rego
kafka_authz.rego
 
 
kafka_message.rego
kafka_message.rego
 
 
pom.xml
pom.xml
 
 

Repository files navigation

Kafka in Docker with SSL/SASL and OPA authorization

Create certificates for SSL/SASL/Kerberos

(cd secrets ; ./create-certs.sh)

Build Java clients

mvn clean package

Start OPA, Kerberos, Zookeeper, Kafka broker, a producer and a consumer.

docker-compose up -d
docker logs producer

OPA policy stops producer and consumer from creating the topic "X" so they keep failing.

Create the topic from the broker box (as user kafka).

docker exec -it broker bash -c "kafka-topics --zookeeper zookeeper --create --topic X --partitions 1 --replication-factor 1"

Soon after the topic is created the producer and the consumer can access it.

Note that consumer also queries OPA for policy decision on the received message.

docker logs consumer

docker-compose down

About

Kafka in Docker with SSL/SASL and OPA authorization

Resources

Readme
Activity

Stars

0 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Shell 50.6%
  • Java 49.4%