How to run schema registry container for sasl plain kafka cluster

Question

I want to run the cp-schema-registry image on AWS ECS, so I am trying to get it to run on docker locally. I have a command like this:

docker run -e SCHEMA_REGISTRY_HOST_NAME=schema-registry 
-e SCHEMA_REGISTRY_KAFKASTORE_BOOTSTRAP_SERVERS="1.kafka.address:9092,2.kafka.address:9092,3.kafka.address:9092" 
-e SCHEMA_REGISTRY_KAFKASTORE_SECURITY_PROTOCOL=SASL_PLAINTEXT 
confluentinc/cp-schema-registry:5.5.3

(I have replaced the kafka urls).

My consumers/producers connect to the cluster with params:

["sasl.mechanism"] = "PLAIN"
["sasl.username"] = <username>
["sasl.password"] = <password>

Docs seem to indicate there is a file I can create with these parameters, but I don't know how to pass this into the docker run command. Can this be done?

question from:https://stackoverflow.com/questions/65931319/how-to-run-schema-registry-container-for-sasl-plain-kafka-cluster

Answer 1

Thanks to OneCricketeer for the help above with the SCHEMA_REGISTRY_KAFKASTORE_SASL_JAAS_CONFIG var. The command ended up like this (I added port 8081:8081 so I could test with curl):

docker run -p 8081:8081 -e SCHEMA_REGISTRY_HOST_NAME=schema-registry 
-e SCHEMA_REGISTRY_KAFKASTORE_BOOTSTRAP_SERVERS="1.kafka.broker:9092,2.kafka.broker:9092,3.kafka.broker:9092" 
-e SCHEMA_REGISTRY_KAFKASTORE_SECURITY_PROTOCOL=SASL_SSL 
-e SCHEMA_REGISTRY_KAFKASTORE_SASL_MECHANISM=PLAIN 
-e SCHEMA_REGISTRY_KAFKASTORE_SASL_JAAS_CONFIG='org.apache.kafka.common.security.plain.PlainLoginModule required username="user" password="pass";' confluentinc/cp-schema-registry:5.5.3

Then test with curl localhost:8081/subjects and get [] as a response.