文档建议反馈控制台
首页
学习
活动
专区
圈层
工具
MCP广场
文章/答案/技术大牛
发布
社区首页 >问答首页 >如何将包含SSL信息的目录复制到kafka-ui docker映像中?

如何将包含SSL信息的目录复制到kafka-ui docker映像中?
EN

Stack Overflow用户
提问于 2022-06-13 08:17:19
回答 1查看 296关注 0票数 0

我有以下配置:

代码语言:javascript
复制
  ssl-kafka-ui:
    image: provectuslabs/kafka-ui
    container_name: ssl-webui
    logging:
      driver: "json-file"
      options:
        max-size: "2048m"
    ports:
      - "8080:8080"
    volumes:
      - ./ssl/:/var/private/ssl
    restart: always
    depends_on: 
      - ssl-broker-one
      - ssl-zookeeper
    environment:
      - KAFKA_CLUSTERS_0_NAME=local
      - KAFKA_CLUSTERS_0_BOOTSTRAPSERVERS=bud48:9092
      - KAFKA_CLUSTERS_0_ZOOKEEPER=ssl-zookeeper=2181
      - KAFKA_CLUSTERS_0_PROPERTIES_SECURITY_PROTOCOL=SSL
      - KAFKA_CLUSTERS_0_PROPERTIES_SSL_KEYSTORE_LOCATION=/var/private/ssl/kafka.server.keystore.jks
      - KAFKA_CLUSTERS_0_PROPERTIES_SSL_KEYSTORE_PASSWORD=MyServerPassword123
      - KAFKA_CLUSTERS_0_PROPERTIES_SSL_KEYSTORE_TYPE=JKS
      - KAFKA_CLUSTERS_0_PROPERTIES_SSL_TRUSTSTORE_LOCATION=/var/private/ssl/kafka.server.truststore.jks
      - KAFKA_CLUSTERS_0_PROPERTIES_SSL_TRUSTSTORE_PASSWORD=MyServerPassword123
      - KAFKA_CLUSTERS_0_PROPERTIES_SSL_TRUSTSTORE_TYPE=JKS

但是,当我运行它时,docker容器找不到包含键的目录。

代码语言:javascript
复制
ssl-webui                   | java.lang.IllegalStateException: Error while creating AdminClient for Cluster local
ssl-webui                   |   at com.provectus.kafka.ui.service.AdminClientServiceImpl.lambda$createAdminClient$3(AdminClientServiceImpl.java:45)
ssl-webui                   |   at reactor.core.publisher.Mono.lambda$onErrorMap$31(Mono.java:3733)
ssl-webui                   |   at reactor.core.publisher.FluxOnErrorResume$ResumeSubscriber.onError(FluxOnErrorResume.java:94)
ssl-webui                   |   at reactor.core.publisher.Operators.error(Operators.java:198)
ssl-webui                   |   at reactor.core.publisher.FluxFlatMap.trySubscribeScalarMap(FluxFlatMap.java:135)
ssl-webui                   |   at reactor.core.publisher.MonoFlatMap.subscribeOrReturn(MonoFlatMap.java:53)
ssl-webui                   |   at reactor.core.publisher.Mono.subscribe(Mono.java:4385)
ssl-webui                   |   at reactor.core.publisher.FluxSwitchIfEmpty$SwitchIfEmptySubscriber.onComplete(FluxSwitchIfEmpty.java:82)
ssl-webui                   |   at reactor.core.publisher.Operators.complete(Operators.java:137)
ssl-webui                   |   at reactor.core.publisher.MonoEmpty.subscribe(MonoEmpty.java:46)
ssl-webui                   |   at reactor.core.publisher.Mono.subscribe(Mono.java:4400)
ssl-webui                   |   at reactor.core.publisher.FluxFlatMap$FlatMapMain.onNext(FluxFlatMap.java:426)
ssl-webui                   |   at reactor.core.publisher.FluxPublishOn$PublishOnSubscriber.runAsync(FluxPublishOn.java:440)
ssl-webui                   |   at reactor.core.publisher.FluxPublishOn$PublishOnSubscriber.run(FluxPublishOn.java:527)
ssl-webui                   |   at reactor.core.scheduler.WorkerTask.call(WorkerTask.java:84)
ssl-webui                   |   at reactor.core.scheduler.WorkerTask.call(WorkerTask.java:37)
ssl-webui                   |   at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
ssl-webui                   |   at java.base/java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:304)
ssl-webui                   |   at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
ssl-webui                   |   at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
ssl-webui                   |   at java.base/java.lang.Thread.run(Thread.java:830)
ssl-webui                   | Caused by: org.apache.kafka.common.KafkaException: Failed to create new KafkaAdminClient
ssl-webui                   |   at org.apache.kafka.clients.admin.KafkaAdminClient.createInternal(KafkaAdminClient.java:540)
ssl-webui                   |   at org.apache.kafka.clients.admin.Admin.create(Admin.java:134)
ssl-webui                   |   at org.apache.kafka.clients.admin.AdminClient.create(AdminClient.java:39)
ssl-webui                   |   at com.provectus.kafka.ui.service.AdminClientServiceImpl.lambda$createAdminClient$2(AdminClientServiceImpl.java:41)
ssl-webui                   |   at reactor.core.publisher.MonoSupplier.call(MonoSupplier.java:86)
ssl-webui                   |   at reactor.core.publisher.FluxFlatMap.trySubscribeScalarMap(FluxFlatMap.java:127)
ssl-webui                   |   ... 16 common frames omitted
ssl-webui                   | Caused by: org.apache.kafka.common.KafkaException: Failed to load SSL keystore /var/private/ssl/kafka.server.keystore.jks of type JKS
ssl-webui                   |   at org.apache.kafka.common.security.ssl.DefaultSslEngineFactory$FileBasedStore.load(DefaultSslEngineFactory.java:377)
ssl-webui                   |   at org.apache.kafka.common.security.ssl.DefaultSslEngineFactory$FileBasedStore.<init>(DefaultSslEngineFactory.java:349)
ssl-webui                   |   at org.apache.kafka.common.security.ssl.DefaultSslEngineFactory.createKeystore(DefaultSslEngineFactory.java:299)
ssl-webui                   |   at org.apache.kafka.common.security.ssl.DefaultSslEngineFactory.configure(DefaultSslEngineFactory.java:161)
ssl-webui                   |   at org.apache.kafka.common.security.ssl.SslFactory.instantiateSslEngineFactory(SslFactory.java:138)
ssl-webui                   |   at org.apache.kafka.common.security.ssl.SslFactory.configure(SslFactory.java:95)
ssl-webui                   |   at org.apache.kafka.common.network.SslChannelBuilder.configure(SslChannelBuilder.java:74)
ssl-webui                   |   at org.apache.kafka.common.network.ChannelBuilders.create(ChannelBuilders.java:192)
ssl-webui                   |   at org.apache.kafka.common.network.ChannelBuilders.clientChannelBuilder(ChannelBuilders.java:81)
ssl-webui                   |   at org.apache.kafka.clients.ClientUtils.createChannelBuilder(ClientUtils.java:105)
ssl-webui                   |   at org.apache.kafka.clients.admin.KafkaAdminClient.createInternal(KafkaAdminClient.java:513)
ssl-webui                   |   ... 21 common frames omitted
ssl-webui                   | Caused by: java.nio.file.AccessDeniedException: /var/private/ssl/kafka.server.keystore.jks
ssl-webui                   |   at java.base/sun.nio.fs.UnixException.translateToIOException(UnixException.java:90)
ssl-webui                   |   at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:111)
ssl-webui                   |   at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:116)
ssl-webui                   |   at java.base/sun.nio.fs.UnixFileSystemProvider.newByteChannel(UnixFileSystemProvider.java:219)
ssl-webui                   |   at java.base/java.nio.file.Files.newByteChannel(Files.java:374)
ssl-webui                   |   at java.base/java.nio.file.Files.newByteChannel(Files.java:425)
ssl-webui                   |   at java.base/java.nio.file.spi.FileSystemProvider.newInputStream(FileSystemProvider.java:420)
ssl-webui                   |   at java.base/java.nio.file.Files.newInputStream(Files.java:159)
ssl-webui                   |   at org.apache.kafka.common.security.ssl.DefaultSslEngineFactory$FileBasedStore.load(DefaultSslEngineFactory.java:370)

我也尝试进入容器来确认,但是一旦输入命令,它就会锁定(参见下面)。巴什壳也不起作用。

代码语言:javascript
复制
docker exec -t ssl-webui /bin/sh

是否有其他方法将ssl信息导入容器,或找到可访问的默认位置?

docker
ssl
apache-kafka
jks
EN

回答 1

Stack Overflow用户

回答已采纳

发布于 2022-06-14 01:24:40

将此添加到docker-compose.yml中

代码语言:javascript
复制
    user: "0:0"

解决了权限问题

票数 1
EN
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:

https://stackoverflow.com/questions/72599653

复制
相关文章

相似问题

领券

腾讯云开发者

扫码关注腾讯云开发者

扫码关注腾讯云开发者

领取腾讯云代金券

热门产品

热门推荐

更多推荐

Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有 

深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 粤公网安备44030502008569号

腾讯云计算(北京)有限责任公司 京ICP证150476号 |  京ICP备11018762号

问题归档专栏文章快讯文章归档关键词归档开发者手册归档开发者手册 Section 归档