summaryrefslogtreecommitdiffstats
path: root/kubernetes/sdc/components
diff options
context:
space:
mode:
authorefiacor <fiachra.corcoran@est.tech>2022-11-29 11:39:41 +0000
committerFiachra Corcoran <fiachra.corcoran@est.tech>2022-12-06 11:33:13 +0000
commit2f1c2a20f251a5106be6c28a8e96f5e9943cf4bb (patch)
tree084f53e343655e47f572969bb0facdfc9b2342e4 /kubernetes/sdc/components
parente0259590627cd9e7925b6912ac2203091dbb54bf (diff)
[STRIMZI] Add strimzi kafka templates
Add template for strimzi KafkaUser and topic Move sdc-be to use given templates Signed-off-by: efiacor <fiachra.corcoran@est.tech> Change-Id: Idc3c5af7f4945466f8419fed7d2f43de36aacd13 Issue-ID: DMAAP-1836
Diffstat (limited to 'kubernetes/sdc/components')
-rw-r--r--kubernetes/sdc/components/sdc-be/Chart.yaml3
-rw-r--r--kubernetes/sdc/components/sdc-be/templates/deployment.yaml5
-rw-r--r--kubernetes/sdc/components/sdc-be/templates/kafkauser.yaml (renamed from kubernetes/sdc/components/sdc-be/templates/secret.yaml)5
-rw-r--r--kubernetes/sdc/components/sdc-be/templates/sdc-be-kafka-user.yaml39
-rw-r--r--kubernetes/sdc/components/sdc-be/templates/sdc-distro-topics.yaml40
-rw-r--r--kubernetes/sdc/components/sdc-be/values.yaml41
6 files changed, 25 insertions, 108 deletions
diff --git a/kubernetes/sdc/components/sdc-be/Chart.yaml b/kubernetes/sdc/components/sdc-be/Chart.yaml
index e4052afc3d..fe9f39108b 100644
--- a/kubernetes/sdc/components/sdc-be/Chart.yaml
+++ b/kubernetes/sdc/components/sdc-be/Chart.yaml
@@ -21,6 +21,9 @@ name: sdc-be
version: 12.0.0
dependencies:
+ - name: common
+ version: ~12.x-0
+ repository: '@local'
- name: certInitializer
version: ~12.x-0
repository: '@local'
diff --git a/kubernetes/sdc/components/sdc-be/templates/deployment.yaml b/kubernetes/sdc/components/sdc-be/templates/deployment.yaml
index 16fc57aa92..d50a83b2fd 100644
--- a/kubernetes/sdc/components/sdc-be/templates/deployment.yaml
+++ b/kubernetes/sdc/components/sdc-be/templates/deployment.yaml
@@ -163,7 +163,10 @@ spec:
fieldPath: status.podIP
{{- if .Values.global.kafka.useKafka }}
- name: SASL_JAAS_CONFIG
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "sdc-be-kafka-secret" "key" "sasl.jaas.config") | indent 12 }}
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "common.name" . }}-ku
+ key: sasl.jaas.config
- name: USE_KAFKA
value: {{ .Values.global.kafka.useKafka | quote }}
{{- end }}
diff --git a/kubernetes/sdc/components/sdc-be/templates/secret.yaml b/kubernetes/sdc/components/sdc-be/templates/kafkauser.yaml
index bb5091f01a..5033d9d9aa 100644
--- a/kubernetes/sdc/components/sdc-be/templates/secret.yaml
+++ b/kubernetes/sdc/components/sdc-be/templates/kafkauser.yaml
@@ -13,5 +13,6 @@
# See the License for the specific language governing permissions and
# limitations under the License.
*/}}
-
-{{ include "common.secretFast" . }}
+{{- if .Values.global.kafka.useKafka }}
+{{ include "common.kafkauser" . }}
+{{- end }}
diff --git a/kubernetes/sdc/components/sdc-be/templates/sdc-be-kafka-user.yaml b/kubernetes/sdc/components/sdc-be/templates/sdc-be-kafka-user.yaml
deleted file mode 100644
index 6cd7f93c5a..0000000000
--- a/kubernetes/sdc/components/sdc-be/templates/sdc-be-kafka-user.yaml
+++ /dev/null
@@ -1,39 +0,0 @@
-{{/*
-# Copyright © 2022 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- if .Values.global.kafka.useKafka }}
-apiVersion: kafka.strimzi.io/v1beta2
-kind: KafkaUser
-metadata:
- name: {{ include "common.release" . }}-{{ .Values.global.kafka.sdcBeKafkaUser }}
- labels:
- strimzi.io/cluster: {{ include "common.release" . }}-strimzi
-spec:
- authentication:
- type: {{ .Values.config.kafka.saslMech }}
- authorization:
- type: {{ .Values.config.kafka.authType }}
- acls:
- - resource:
- type: group
- name: {{ .Values.config.kafka.topicConsumer.groupId }}-{{ .Values.env.name }}
- operation: Read
- - resource:
- type: topic
- patternType: prefix
- name: {{ .Values.config.kafka.topicConsumer.pattern }}
- operation: All
-{{- end }}
diff --git a/kubernetes/sdc/components/sdc-be/templates/sdc-distro-topics.yaml b/kubernetes/sdc/components/sdc-be/templates/sdc-distro-topics.yaml
deleted file mode 100644
index 9a6f7579e8..0000000000
--- a/kubernetes/sdc/components/sdc-be/templates/sdc-distro-topics.yaml
+++ /dev/null
@@ -1,40 +0,0 @@
-{{/*
-# Copyright © 2022 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-{{- if .Values.global.kafka.useKafka }}
-apiVersion: kafka.strimzi.io/v1beta2
-kind: KafkaTopic
-metadata:
- name: sdc-distro-notif-topic
- labels:
- strimzi.io/cluster: {{ include "common.release" . }}-strimzi
-spec:
- topicName: {{ .Values.global.kafka.topics.sdcDistNotifTopic }}-{{ .Values.env.name }}
- config:
- retention.ms: {{ .Values.config.kafka.topicRetentionMs }}
- segment.bytes: {{ .Values.config.kafka.topicSegmentBytes }}
----
-apiVersion: kafka.strimzi.io/v1beta2
-kind: KafkaTopic
-metadata:
- name: sdc-distro-status-topic
- labels:
- strimzi.io/cluster: {{ include "common.release" . }}-strimzi
-spec:
- topicName: {{ .Values.global.kafka.topics.sdcDistStatusTopic }}-{{ .Values.env.name }}
- config:
- retention.ms: {{ .Values.config.kafka.topicRetentionMs }}
- segment.bytes: {{ .Values.config.kafka.topicSegmentBytes }}
-{{- end }} \ No newline at end of file
diff --git a/kubernetes/sdc/components/sdc-be/values.yaml b/kubernetes/sdc/components/sdc-be/values.yaml
index faf46e5549..b7b3acd909 100644
--- a/kubernetes/sdc/components/sdc-be/values.yaml
+++ b/kubernetes/sdc/components/sdc-be/values.yaml
@@ -31,13 +31,10 @@ global:
replicaCount: 3
clusterName: cassandra
dataCenter: Pod
- # Strimzi kafka config
+ # Global Strimzi kafka config overridden
+ # from parent values.yaml
kafka:
useKafka: overridden-from-parent-values-yaml
- sdcBeKafkaUser: overridden-from-parent-values-yaml
- topics:
- sdcDistNotifTopic: overridden-from-parent-values-yaml
- sdcDistStatusTopic: overridden-from-parent-values-yaml
#################################################################
# Application configuration defaults.
@@ -53,7 +50,7 @@ debugEnabled: false
#environment file
env:
- name: AUTO
+ name: &env AUTO
certInitializer:
nameOverride: sdc-be-cert-init
@@ -78,29 +75,21 @@ certInitializer:
#################################################################
# SDC Config part
#################################################################
-
-secrets:
- - uid: sdc-be-kafka-secret
- externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}'
- type: genericKV
- envs:
- - name: sasl.jaas.config
- value: '{{ .Values.config.someConfig }}'
- policy: generate
-
config:
javaOptions: "-Xmx1536m -Xms1536m"
cassandraSslEnabled: "false"
- # Strimzi kafka config
- kafka:
- saslMech: scram-sha-512
- securityProtocol: SASL_PLAINTEXT
- authType: simple
- topicRetentionMs: 7200000
- topicSegmentBytes: 1073741824
- topicConsumer:
- pattern: SDC-DIST
- groupId: sdc
+
+kafkaUser:
+ acls:
+ - name: sdc
+ suffix: *env
+ type: group
+ operations: [Read]
+ - name: SDC-DISTR
+ type: topic
+ patternType: prefix
+ operations: [Read, Write]
+
# default number of instances
replicaCount: 1