aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAndreas Geissler <andreas-geissler@telekom.de>2023-02-23 11:09:01 +0100
committerFiachra Corcoran <fiachra.corcoran@est.tech>2023-03-09 18:21:34 +0000
commiteb68c405edd326112581ad901f1ce1d3d2e2b98b (patch)
treee88910646a90f3190d39640af145fe142a9319af
parent5c0678f7cc26241252692d84b4a31862c1204237 (diff)
[STRIMZI] External Kafka Access via Ingress
Add Ingress configuration for Kafka brokers and bootstrap service and add advertized host/port settings Change the _service.tpl to modify a Nodeport to a ClusterIP depending in the usage of Ingress Issue-ID: OOM-3109 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: I19a405b7fb9c06ce40322e7af824e1aad5baaa90
-rw-r--r--kubernetes/common/common/templates/_ingress.tpl15
-rw-r--r--kubernetes/common/common/templates/_service.tpl2
-rw-r--r--kubernetes/strimzi/templates/ingress.yaml17
-rw-r--r--kubernetes/strimzi/templates/strimzi-kafka.yaml16
-rw-r--r--kubernetes/strimzi/values.yaml28
5 files changed, 76 insertions, 2 deletions
diff --git a/kubernetes/common/common/templates/_ingress.tpl b/kubernetes/common/common/templates/_ingress.tpl
index 7065338cf9..30ef02295f 100644
--- a/kubernetes/common/common/templates/_ingress.tpl
+++ b/kubernetes/common/common/templates/_ingress.tpl
@@ -15,6 +15,21 @@
# limitations under the License.
*/}}
{{/*
+ Helper function to check, if Ingress is globally enabled
+*/}}
+{{- define "common.ingressEnabled" -}}
+{{- $dot := default . .dot -}}
+{{- if $dot.Values.ingress -}}
+{{- if $dot.Values.global.ingress -}}
+{{- if (default false $dot.Values.global.ingress.enabled) -}}
+true
+{{- end -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+
+{{/*
Create the hostname as concatination <baseaddr>.<baseurl>
- baseaddr: from component values: ingress.service.baseaddr
- baseurl: from values: global.ingress.virtualhost.baseurl
diff --git a/kubernetes/common/common/templates/_service.tpl b/kubernetes/common/common/templates/_service.tpl
index 4b6e0a1aae..3db01396ca 100644
--- a/kubernetes/common/common/templates/_service.tpl
+++ b/kubernetes/common/common/templates/_service.tpl
@@ -250,7 +250,7 @@ spec:
{{- $both_tls_and_plain:= default false $dot.Values.service.both_tls_and_plain }}
{{- $labels := default (dict) .labels -}}
{{- $matchLabels := default (dict) .matchLabels -}}
-{{- if and (include "common.onServiceMesh" $dot) (eq $serviceType "NodePort") }}
+{{- if and (include "common.ingressEnabled" $dot) (eq $serviceType "NodePort") -}}
{{- $serviceType = "ClusterIP" }}
{{- end }}
diff --git a/kubernetes/strimzi/templates/ingress.yaml b/kubernetes/strimzi/templates/ingress.yaml
new file mode 100644
index 0000000000..bcc60a0953
--- /dev/null
+++ b/kubernetes/strimzi/templates/ingress.yaml
@@ -0,0 +1,17 @@
+{{/*
+# Copyright © 2023 Deutsche Telekom
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.ingress" . }}
diff --git a/kubernetes/strimzi/templates/strimzi-kafka.yaml b/kubernetes/strimzi/templates/strimzi-kafka.yaml
index b35485f11c..99252ec3e6 100644
--- a/kubernetes/strimzi/templates/strimzi-kafka.yaml
+++ b/kubernetes/strimzi/templates/strimzi-kafka.yaml
@@ -35,20 +35,34 @@ spec:
type: tls
- name: external
port: 9094
- type: nodeport
+ type: {{ if (include "common.ingressEnabled" .) }}cluster-ip{{ else }}nodeport{{ end }}
tls: true
authentication:
type: tls
configuration:
+ {{- if not (include "common.ingressEnabled" .) }}
bootstrap:
nodePort: {{ .Values.global.nodePortPrefixExt }}93
+ {{- end }}
brokers:
- broker: 0
+ advertisedHost: {{ .Values.config.advertisedHost }}
+ advertisedPort: {{ .Values.config.advertizedPortBroker0 }}
+ {{- if not (include "common.ingressEnabled" .) }}
nodePort: {{ .Values.global.nodePortPrefixExt }}90
+ {{- end }}
- broker: 1
+ advertisedHost: {{ .Values.config.advertisedHost }}
+ advertisedPort: {{ .Values.config.advertizedPortBroker1 }}
+ {{- if not (include "common.ingressEnabled" .) }}
nodePort: {{ .Values.global.nodePortPrefixExt }}91
+ {{- end }}
- broker: 2
+ advertisedHost: {{ .Values.config.advertisedHost }}
+ advertisedPort: {{ .Values.config.advertizedPortBroker2 }}
+ {{- if not (include "common.ingressEnabled" .) }}
nodePort: {{ .Values.global.nodePortPrefixExt }}92
+ {{- end }}
authorization:
type: {{ .Values.config.authType }}
superUsers:
diff --git a/kubernetes/strimzi/values.yaml b/kubernetes/strimzi/values.yaml
index e6da1d55db..ec1ed887a7 100644
--- a/kubernetes/strimzi/values.yaml
+++ b/kubernetes/strimzi/values.yaml
@@ -29,6 +29,10 @@ config:
saslMechanism: &saslMech scram-sha-512
kafkaInternalPort: &plainPort 9092
strimziKafkaAdminUser: &adminUser strimzi-kafka-admin
+ advertisedHost: kafka-api.simpledemo.onap.org
+ advertizedPortBroker0: &advertizedPortBroker0 9000
+ advertizedPortBroker1: &advertizedPortBroker1 9001
+ advertizedPortBroker2: &advertizedPortBroker2 9002
persistence:
enabled: &pvenabled true
@@ -56,6 +60,30 @@ serviceAccount:
roles:
- read
+ingress:
+ enabled: false
+ service:
+ - baseaddr: "kafka-bootstrap-api"
+ name: "onap-strimzi-kafka-external-bootstrap"
+ port: 9094
+ exposedPort: 9010
+ exposedProtocol: TLS
+ - baseaddr: "kafka-0-api"
+ name: "onap-strimzi-kafka-0"
+ port: 9094
+ exposedPort: *advertizedPortBroker0
+ exposedProtocol: TLS
+ - baseaddr: "kafka-1-api"
+ name: "onap-strimzi-kafka-1"
+ port: 9094
+ exposedPort: *advertizedPortBroker1
+ exposedProtocol: TLS
+ - baseaddr: "kafka-2-api"
+ name: "onap-strimzi-kafka-2"
+ port: 9094
+ exposedPort: *advertizedPortBroker2
+ exposedProtocol: TLS
+
######################
# Component overrides
######################