rubenvp8510/collector cmd

## collector cmd
./jaeger-collector --collector.zipkin.http-port=9411 \
--span-storage.type kafka \
--kafka.producer.authentication=tls \
--kafka.producer.tls.ca=/home/rvargasp/kafka_2.12-2.2.1/config/ssl/ca-cert \
--kafka.producer.tls.cert=/home/rvargasp/kafka_2.12-2.2.1/config/ssl/cert-client-signed \
--kafka.producer.tls.key=/home/rvargasp/kafka_2.12-2.2.1/config/ssl/client_key.pem \
--kafka.producer.brokers=kafka:9093 \
--kafka.producer.topic=jaeger \
--kafka.producer.encoding=json

./jaeger-collector  version
2020/03/05 01:19:23 maxprocs: Leaving GOMAXPROCS=8: CPU quota undefined
{"gitCommit":"1c315785dddc80a39637c2b08b0a9bbe9ab1536c","GitVersion":"v1.16.0","BuildDate":"2019-12-17T12:05:18Z"}

## generate_certificates.sh
keytool -keystore kafka.server.keystore.jks -alias localhost -validity 365 -genkey -dname "CN=kafka" -storepass test1234 -keypass test1234 -keyalg RSA -ext SAN=DNS:kafka
openssl req -new -x509 -keyout ca-key -out ca-cert -days 365 -passin pass:test1234 -passout pass:test1234 -subj "/CN=kafka"
keytool -noprompt -keystore kafka.client.truststore.jks -alias CARoot -import -file ca-cert -storepass test1234
keytool -noprompt -keystore kafka.server.truststore.jks -alias CARoot -import -file ca-cert -storepass test1234

keytool -noprompt -keystore kafka.server.keystore.jks -alias localhost -certreq -file cert-server-unsigned -storepass test1234
openssl x509 -req -CA ca-cert -CAkey ca-key -in cert-server-unsigned -out cert-server-signed -days 365 -CAcreateserial -passin pass:test1234
keytool -noprompt -keystore kafka.server.keystore.jks -alias CARoot -import -file ca-cert  -storepass test1234
keytool -noprompt -keystore kafka.server.keystore.jks -alias localhost -import -file cert-server-signed  -storepass test1234

# Create client certificate for mutiual authentication using SSL.
keytool -noprompt -keystore kafka.client.keystore.jks  -alias localhost  -validity 365 -genkey -dname "CN=127.0.0.1" -storepass test1234 -keypass test1234 -keyalg RSA
## Sign client certificate
keytool -noprompt -keystore kafka.client.keystore.jks -alias localhost -certreq -file cert-client-unsigned -storepass test1234
openssl x509 -req -CA ca-cert -CAkey ca-key -in cert-client-unsigned -out cert-client-signed -days 365 -CAcreateserial -passin pass:test1234

##  Import CA and signed client certificate into client keystore
keytool -noprompt -keystore kafka.client.keystore.jks -alias CARoot -import -file ca-cert -storepass test1234
keytool -noprompt -keystore kafka.client.keystore.jks -alias localhost -import -file cert-client-signed -storepass test1234

### Extract client key
keytool -noprompt -srckeystore kafka.client.keystore.jks -importkeystore -srcalias localhost -destkeystore cert_and_key.p12 -deststoretype PKCS12 -srcstorepass test1234 -storepass test1234
openssl pkcs12 -in cert_and_key.p12 -nocerts -nodes -passin pass:test1234 -out client_key.pem

## ingester cmd
./jaeger-ingester  --span-storage.type elasticsearch \
--kafka.consumer.authentication=tls \
--kafka.consumer.tls.ca=/home/rvargasp/kafka_2.12-2.2.1/config/ssl/ca-cert \
--kafka.consumer.tls.cert=/home/rvargasp/kafka_2.12-2.2.1/config/ssl/cert-client-signed \
--kafka.consumer.tls.key=/home/rvargasp/kafka_2.12-2.2.1/config/ssl/client_key.pem  \
--kafka.consumer.brokers=kafka:9093 --kafka.consumer.topic=jaeger --kafka.consumer.encoding=json

## server.properties
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements.  See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License.  You may obtain a copy of the License at
#
#    http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

# see kafka.server.KafkaConfig for additional details and defaults

############################# Server Basics #############################

# The id of the broker. This must be set to a unique integer for each broker.
broker.id=0

############################# Socket Server Settings #############################

# The address the socket server listens on. It will get the value returned from
# java.net.InetAddress.getCanonicalHostName() if not configured.
#   FORMAT:
#     listeners = listener_name://host_name:port
#   EXAMPLE:
#     listeners = PLAINTEXT://your.host.name:9092
#listeners=PLAINTEXT://:9092

listeners=PLAINTEXT://localhost:9092,SSL://:9093
advertised.listeners=PLAINTEXT://:9092,SSL://:9093

#security.inter.broker.protocol=SSL
# Hostname and port the broker will advertise to producers and consumers. If not set,
# it uses the value for "listeners" if configured.  Otherwise, it will use the value
# returned from java.net.InetAddress.getCanonicalHostName().
#advertised.listeners=PLAINTEXT://your.host.name:9092

# Maps listener names to security protocols, the default is for them to be the same. See the config documentation for more details
# listener.security.protocol.map=SSL:SSL

# The number of threads that the server uses for receiving requests from the network and sending responses to the network
num.network.threads=3

# The number of threads that the server uses for processing requests, which may include disk I/O
num.io.threads=8

# The send buffer (SO_SNDBUF) used by the socket server
socket.send.buffer.bytes=102400

# The receive buffer (SO_RCVBUF) used by the socket server
socket.receive.buffer.bytes=102400

# The maximum size of a request that the socket server will accept (protection against OOM)
socket.request.max.bytes=104857600


############################# Log Basics #############################

# A comma separated list of directories under which to store log files
log.dirs=/tmp/kafka-logs

# The default number of log partitions per topic. More partitions allow greater
# parallelism for consumption, but this will also result in more files across
# the brokers.
num.partitions=1

# The number of threads per data directory to be used for log recovery at startup and flushing at shutdown.
# This value is recommended to be increased for installations with data dirs located in RAID array.
num.recovery.threads.per.data.dir=1

############################# Internal Topic Settings  #############################
# The replication factor for the group metadata internal topics "__consumer_offsets" and "__transaction_state"
# For anything other than development testing, a value greater than 1 is recommended for to ensure availability such as 3.
offsets.topic.replication.factor=1
transaction.state.log.replication.factor=1
transaction.state.log.min.isr=1

############################# Log Flush Policy #############################

# Messages are immediately written to the filesystem but by default we only fsync() to sync
# the OS cache lazily. The following configurations control the flush of data to disk.
# There are a few important trade-offs here:
#    1. Durability: Unflushed data may be lost if you are not using replication.
#    2. Latency: Very large flush intervals may lead to latency spikes when the flush does occur as there will be a lot of data to flush.
#    3. Throughput: The flush is generally the most expensive operation, and a small flush interval may lead to excessive seeks.
# The settings below allow one to configure the flush policy to flush data after a period of time or
# every N messages (or both). This can be done globally and overridden on a per-topic basis.

# The number of messages to accept before forcing a flush of data to disk
#log.flush.interval.messages=10000

# The maximum amount of time a message can sit in a log before we force a flush
#log.flush.interval.ms=1000

############################# Log Retention Policy #############################

# The following configurations control the disposal of log segments. The policy can
# be set to delete segments after a period of time, or after a given size has accumulated.
# A segment will be deleted whenever *either* of these criteria are met. Deletion always happens
# from the end of the log.

# The minimum age of a log file to be eligible for deletion due to age
log.retention.hours=168

# A size-based retention policy for logs. Segments are pruned from the log unless the remaining
# segments drop below log.retention.bytes. Functions independently of log.retention.hours.
#log.retention.bytes=1073741824

# The maximum size of a log segment file. When this size is reached a new log segment will be created.
log.segment.bytes=1073741824

# The interval at which log segments are checked to see if they can be deleted according
# to the retention policies
log.retention.check.interval.ms=300000

############################# Zookeeper #############################

# Zookeeper connection string (see zookeeper docs for details).
# This is a comma separated host:port pairs, each corresponding to a zk
# server. e.g. "127.0.0.1:3000,127.0.0.1:3001,127.0.0.1:3002".
# You can also append an optional chroot string to the urls to specify the
# root directory for all kafka znodes.
zookeeper.connect=localhost:2181

# Timeout in ms for connecting to zookeeper
zookeeper.connection.timeout.ms=6000


############################# Group Coordinator Settings #############################

# The following configuration specifies the time, in milliseconds, that the GroupCoordinator will delay the initial consumer rebalance.
# The rebalance will be further delayed by the value of group.initial.rebalance.delay.ms as new members join the group, up to a maximum of max.poll.interval.ms.
# The default value for this is 3 seconds.
# We override this to 0 here as it makes for a better out-of-the-box experience for development and testing.
# However, in production environments the default value of 3 seconds is more suitable as this will help to avoid unnecessary, and potentially expensive, rebalances during application startup.
group.initial.rebalance.delay.ms=0

ssl.truststore.location=/home/rvargasp/kafka/config/ssl/kafka.server.truststore.jks
ssl.truststore.password=test1234
ssl.keystore.location=/home/rvargasp/kafka/config/ssl/kafka.server.keystore.jks
ssl.keystore.password=test1234
ssl.key.password=test1234
ssl.client.auth=required
# ssl.endpoint.identification.algorithm=
	./jaeger-collector --collector.zipkin.http-port=9411 \
	--span-storage.type kafka \
	--kafka.producer.authentication=tls \
	--kafka.producer.tls.ca=/home/rvargasp/kafka_2.12-2.2.1/config/ssl/ca-cert \
	--kafka.producer.tls.cert=/home/rvargasp/kafka_2.12-2.2.1/config/ssl/cert-client-signed \
	--kafka.producer.tls.key=/home/rvargasp/kafka_2.12-2.2.1/config/ssl/client_key.pem \
	--kafka.producer.brokers=kafka:9093 \
	--kafka.producer.topic=jaeger \
	--kafka.producer.encoding=json

	./jaeger-collector version
	2020/03/05 01:19:23 maxprocs: Leaving GOMAXPROCS=8: CPU quota undefined
	{"gitCommit":"1c315785dddc80a39637c2b08b0a9bbe9ab1536c","GitVersion":"v1.16.0","BuildDate":"2019-12-17T12:05:18Z"}
	keytool -keystore kafka.server.keystore.jks -alias localhost -validity 365 -genkey -dname "CN=kafka" -storepass test1234 -keypass test1234 -keyalg RSA -ext SAN=DNS:kafka
	openssl req -new -x509 -keyout ca-key -out ca-cert -days 365 -passin pass:test1234 -passout pass:test1234 -subj "/CN=kafka"
	keytool -noprompt -keystore kafka.client.truststore.jks -alias CARoot -import -file ca-cert -storepass test1234
	keytool -noprompt -keystore kafka.server.truststore.jks -alias CARoot -import -file ca-cert -storepass test1234

	keytool -noprompt -keystore kafka.server.keystore.jks -alias localhost -certreq -file cert-server-unsigned -storepass test1234
	openssl x509 -req -CA ca-cert -CAkey ca-key -in cert-server-unsigned -out cert-server-signed -days 365 -CAcreateserial -passin pass:test1234
	keytool -noprompt -keystore kafka.server.keystore.jks -alias CARoot -import -file ca-cert -storepass test1234
	keytool -noprompt -keystore kafka.server.keystore.jks -alias localhost -import -file cert-server-signed -storepass test1234

	# Create client certificate for mutiual authentication using SSL.
	keytool -noprompt -keystore kafka.client.keystore.jks -alias localhost -validity 365 -genkey -dname "CN=127.0.0.1" -storepass test1234 -keypass test1234 -keyalg RSA
	## Sign client certificate
	keytool -noprompt -keystore kafka.client.keystore.jks -alias localhost -certreq -file cert-client-unsigned -storepass test1234
	openssl x509 -req -CA ca-cert -CAkey ca-key -in cert-client-unsigned -out cert-client-signed -days 365 -CAcreateserial -passin pass:test1234

	## Import CA and signed client certificate into client keystore
	keytool -noprompt -keystore kafka.client.keystore.jks -alias CARoot -import -file ca-cert -storepass test1234
	keytool -noprompt -keystore kafka.client.keystore.jks -alias localhost -import -file cert-client-signed -storepass test1234

	### Extract client key
	keytool -noprompt -srckeystore kafka.client.keystore.jks -importkeystore -srcalias localhost -destkeystore cert_and_key.p12 -deststoretype PKCS12 -srcstorepass test1234 -storepass test1234
	openssl pkcs12 -in cert_and_key.p12 -nocerts -nodes -passin pass:test1234 -out client_key.pem
	./jaeger-ingester --span-storage.type elasticsearch \
	--kafka.consumer.authentication=tls \
	--kafka.consumer.tls.ca=/home/rvargasp/kafka_2.12-2.2.1/config/ssl/ca-cert \
	--kafka.consumer.tls.cert=/home/rvargasp/kafka_2.12-2.2.1/config/ssl/cert-client-signed \
	--kafka.consumer.tls.key=/home/rvargasp/kafka_2.12-2.2.1/config/ssl/client_key.pem \
	--kafka.consumer.brokers=kafka:9093 --kafka.consumer.topic=jaeger --kafka.consumer.encoding=json
	# Licensed to the Apache Software Foundation (ASF) under one or more
	# contributor license agreements. See the NOTICE file distributed with
	# this work for additional information regarding copyright ownership.
	# The ASF licenses this file to You under the Apache License, Version 2.0
	# (the "License"); you may not use this file except in compliance with
	# the License. You may obtain a copy of the License at
	#
	# http://www.apache.org/licenses/LICENSE-2.0
	#
	# Unless required by applicable law or agreed to in writing, software
	# distributed under the License is distributed on an "AS IS" BASIS,
	# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	# See the License for the specific language governing permissions and
	# limitations under the License.

	# see kafka.server.KafkaConfig for additional details and defaults

	############################# Server Basics #############################

	# The id of the broker. This must be set to a unique integer for each broker.
	broker.id=0

	############################# Socket Server Settings #############################

	# The address the socket server listens on. It will get the value returned from
	# java.net.InetAddress.getCanonicalHostName() if not configured.
	# FORMAT:
	# listeners = listener_name://host_name:port
	# EXAMPLE:
	# listeners = PLAINTEXT://your.host.name:9092
	#listeners=PLAINTEXT://:9092

	listeners=PLAINTEXT://localhost:9092,SSL://:9093
	advertised.listeners=PLAINTEXT://:9092,SSL://:9093

	#security.inter.broker.protocol=SSL
	# Hostname and port the broker will advertise to producers and consumers. If not set,
	# it uses the value for "listeners" if configured. Otherwise, it will use the value
	# returned from java.net.InetAddress.getCanonicalHostName().
	#advertised.listeners=PLAINTEXT://your.host.name:9092

	# Maps listener names to security protocols, the default is for them to be the same. See the config documentation for more details
	# listener.security.protocol.map=SSL:SSL

	# The number of threads that the server uses for receiving requests from the network and sending responses to the network
	num.network.threads=3

	# The number of threads that the server uses for processing requests, which may include disk I/O
	num.io.threads=8

	# The send buffer (SO_SNDBUF) used by the socket server
	socket.send.buffer.bytes=102400

	# The receive buffer (SO_RCVBUF) used by the socket server
	socket.receive.buffer.bytes=102400

	# The maximum size of a request that the socket server will accept (protection against OOM)
	socket.request.max.bytes=104857600


	############################# Log Basics #############################

	# A comma separated list of directories under which to store log files
	log.dirs=/tmp/kafka-logs

	# The default number of log partitions per topic. More partitions allow greater
	# parallelism for consumption, but this will also result in more files across
	# the brokers.
	num.partitions=1

	# The number of threads per data directory to be used for log recovery at startup and flushing at shutdown.
	# This value is recommended to be increased for installations with data dirs located in RAID array.
	num.recovery.threads.per.data.dir=1

	############################# Internal Topic Settings #############################
	# The replication factor for the group metadata internal topics "__consumer_offsets" and "__transaction_state"
	# For anything other than development testing, a value greater than 1 is recommended for to ensure availability such as 3.
	offsets.topic.replication.factor=1
	transaction.state.log.replication.factor=1
	transaction.state.log.min.isr=1

	############################# Log Flush Policy #############################

	# Messages are immediately written to the filesystem but by default we only fsync() to sync
	# the OS cache lazily. The following configurations control the flush of data to disk.
	# There are a few important trade-offs here:
	# 1. Durability: Unflushed data may be lost if you are not using replication.
	# 2. Latency: Very large flush intervals may lead to latency spikes when the flush does occur as there will be a lot of data to flush.
	# 3. Throughput: The flush is generally the most expensive operation, and a small flush interval may lead to excessive seeks.
	# The settings below allow one to configure the flush policy to flush data after a period of time or
	# every N messages (or both). This can be done globally and overridden on a per-topic basis.

	# The number of messages to accept before forcing a flush of data to disk
	#log.flush.interval.messages=10000

	# The maximum amount of time a message can sit in a log before we force a flush
	#log.flush.interval.ms=1000

	############################# Log Retention Policy #############################

	# The following configurations control the disposal of log segments. The policy can
	# be set to delete segments after a period of time, or after a given size has accumulated.
	# A segment will be deleted whenever either of these criteria are met. Deletion always happens
	# from the end of the log.

	# The minimum age of a log file to be eligible for deletion due to age
	log.retention.hours=168

	# A size-based retention policy for logs. Segments are pruned from the log unless the remaining
	# segments drop below log.retention.bytes. Functions independently of log.retention.hours.
	#log.retention.bytes=1073741824

	# The maximum size of a log segment file. When this size is reached a new log segment will be created.
	log.segment.bytes=1073741824

	# The interval at which log segments are checked to see if they can be deleted according
	# to the retention policies
	log.retention.check.interval.ms=300000

	############################# Zookeeper #############################

	# Zookeeper connection string (see zookeeper docs for details).
	# This is a comma separated host:port pairs, each corresponding to a zk
	# server. e.g. "127.0.0.1:3000,127.0.0.1:3001,127.0.0.1:3002".
	# You can also append an optional chroot string to the urls to specify the
	# root directory for all kafka znodes.
	zookeeper.connect=localhost:2181

	# Timeout in ms for connecting to zookeeper
	zookeeper.connection.timeout.ms=6000


	############################# Group Coordinator Settings #############################

	# The following configuration specifies the time, in milliseconds, that the GroupCoordinator will delay the initial consumer rebalance.
	# The rebalance will be further delayed by the value of group.initial.rebalance.delay.ms as new members join the group, up to a maximum of max.poll.interval.ms.
	# The default value for this is 3 seconds.
	# We override this to 0 here as it makes for a better out-of-the-box experience for development and testing.
	# However, in production environments the default value of 3 seconds is more suitable as this will help to avoid unnecessary, and potentially expensive, rebalances during application startup.
	group.initial.rebalance.delay.ms=0

	ssl.truststore.location=/home/rvargasp/kafka/config/ssl/kafka.server.truststore.jks
	ssl.truststore.password=test1234
	ssl.keystore.location=/home/rvargasp/kafka/config/ssl/kafka.server.keystore.jks
	ssl.keystore.password=test1234
	ssl.key.password=test1234
	ssl.client.auth=required
	# ssl.endpoint.identification.algorithm=