summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--.gitignore2
-rw-r--r--docs/helm-search.txt1
-rw-r--r--docs/oom_quickstart_guide.rst12
-rw-r--r--docs/oom_setup_paas.rst46
-rw-r--r--docs/oom_user_guide.rst17
-rw-r--r--kubernetes/common/repositoryGenerator/templates/_repository.tpl9
-rw-r--r--kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl4
-rw-r--r--kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml4
-rw-r--r--kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml4
-rwxr-xr-xkubernetes/helm/plugins/deploy/deploy.sh121
-rw-r--r--kubernetes/onap/Chart.yaml4
-rw-r--r--kubernetes/onap/resources/overrides/onap-all-ingress-nginx-vhost.yaml2
-rw-r--r--kubernetes/onap/resources/overrides/onap-all.yaml2
-rw-r--r--kubernetes/onap/resources/overrides/onap-vfw.yaml2
-rw-r--r--kubernetes/onap/resources/overrides/sm-onap.yaml2
-rwxr-xr-xkubernetes/onap/values.yaml2
-rw-r--r--kubernetes/strimzi/.helmignore22
-rw-r--r--kubernetes/strimzi/Chart.yaml33
-rw-r--r--kubernetes/strimzi/Makefile51
-rw-r--r--kubernetes/strimzi/templates/pv-kafka.yaml16
-rw-r--r--kubernetes/strimzi/templates/pv-zk.yaml17
-rw-r--r--kubernetes/strimzi/templates/strimzi-kafka.yaml90
-rw-r--r--kubernetes/strimzi/values.yaml52
23 files changed, 460 insertions, 55 deletions
diff --git a/.gitignore b/.gitignore
index 71fed48208..bb11f06df9 100644
--- a/.gitignore
+++ b/.gitignore
@@ -14,7 +14,7 @@ kubernetes/config/onap-parameters.yaml
kubernetes/dist/*
kubernetes/common/dist/*
Chart.lock
-#**/charts/*.tgz
+**/charts/*.tgz
*.orig
# AAI Schema
diff --git a/docs/helm-search.txt b/docs/helm-search.txt
index 035b9a6b91..4e357b6dc8 100644
--- a/docs/helm-search.txt
+++ b/docs/helm-search.txt
@@ -35,6 +35,7 @@ local/sdnc 10.0.0 SDN Controller
local/sdnc-prom 10.0.0 ONAP SDNC Policy Driven Ownership Management
local/sniro-emulator 10.0.0 ONAP Mock Sniro Emulator
local/so 10.0.0 ONAP Service Orchestrator
+local/strimzi 10.0.0 ONAP Strimzi Apache Kafka
local/uui 10.0.0 ONAP uui
local/vfc 10.0.0 ONAP Virtual Function Controller (VF-C)
local/vid 10.0.0 ONAP Virtual Infrastructure Deployment
diff --git a/docs/oom_quickstart_guide.rst b/docs/oom_quickstart_guide.rst
index 79a30567fb..a38c6f48bd 100644
--- a/docs/oom_quickstart_guide.rst
+++ b/docs/oom_quickstart_guide.rst
@@ -53,6 +53,18 @@ where <BRANCH> can be an official release tag, such as
More details can be found :doc:`here <oom_setup_paas>`.
+**Step 4.1** Install Strimzi Kafka Operator:
+
+- Add the helm repo::
+
+ > helm repo add strimzi https://strimzi.io/charts/
+
+- Install the operator::
+
+ > helm install strimzi-kafka-operator strimzi/strimzi-kafka-operator --namespace strimzi-system --version 0.28.0 --set watchAnyNamespace=true --create-namespace
+
+More details can be found :doc:`here <oom_setup_paas>`.
+
**Step 5.** Customize the Helm charts like `oom/kubernetes/onap/values.yaml` or
an override file like `onap-all.yaml`, `onap-vfw.yaml` or `openstack.yaml` file
to suit your deployment with items like the OpenStack tenant information.
diff --git a/docs/oom_setup_paas.rst b/docs/oom_setup_paas.rst
index ed632dac36..2dabcb1aea 100644
--- a/docs/oom_setup_paas.rst
+++ b/docs/oom_setup_paas.rst
@@ -6,6 +6,7 @@
.. Links
.. _Cert-Manager Installation documentation: https://cert-manager.io/docs/installation/kubernetes/
.. _Cert-Manager kubectl plugin documentation: https://cert-manager.io/docs/usage/kubectl-plugin/
+.. _Strimzi Apache Kafka Operator helm Installation documentation: https://strimzi.io/docs/operators/in-development/deploying.html#deploying-cluster-operator-helm-chart-str
.. _oom_setup_paas:
@@ -15,17 +16,20 @@ ONAP PaaS set-up
Starting from Honolulu release, Cert-Manager and Prometheus Stack are a part
of k8s PaaS for ONAP operations and can be installed to provide
additional functionality for ONAP engineers.
+Starting from Jakarta release, Strimzi Apache Kafka is deployed to provide
+Apache kafka as the default messaging bus for ONAP.
The versions of PaaS components that are supported by OOM are as follows:
.. table:: ONAP PaaS components
- ============== ============= =================
- Release Cert-Manager Prometheus Stack
- ============== ============= =================
+ ============== ============= ================= =======
+ Release Cert-Manager Prometheus Stack Strimzi
+ ============== ============= ================= =======
honolulu 1.2.0 13.x
istanbul 1.5.4 19.x
- ============== ============= =================
+ jakarta 0.28.0
+ ============== ============= ================= =======
This guide provides instructions on how to install the PaaS
components for ONAP.
@@ -35,6 +39,40 @@ components for ONAP.
:local:
..
+Strimzi Apache Kafka Operator
+=============================
+
+Strimzi provides a way to run an Apache Kafka cluster on Kubernetes
+in various deployment configurations by using kubernetes operators.
+Operators are a method of packaging, deploying, and managing a
+Kubernetes application.
+Strimzi Operators extend Kubernetes functionality, automating common
+and complex tasks related to a Kafka deployment. By implementing
+knowledge of Kafka operations in code, Kafka administration
+tasks are simplified and require less manual intervention.
+
+Installation steps
+------------------
+
+The recommended version of Strimzi for Kubernetes 1.19 is v0.28.0.
+The Strimzi cluster operator is deployed using helm to install the parent chart
+containing all of the required custom resource definitions. This should be done
+by a kubernetes administrator to allow for deployment of custom resources in to
+any kubernetes namespace within the cluster.
+
+Full installation instructions can be found in the
+`Strimzi Apache Kafka Operator helm Installation documentation`_.
+
+Installation can be as simple as:
+
+- Add the helm repo::
+
+ > helm repo add strimzi https://strimzi.io/charts/
+
+- Install the operator::
+
+ > helm install strimzi-kafka-operator strimzi/strimzi-kafka-operator --namespace strimzi-system --version 0.28.0 --set watchAnyNamespace=true --create-namespace
+
Cert-Manager
============
diff --git a/docs/oom_user_guide.rst b/docs/oom_user_guide.rst
index 019d84363f..10b57dc5a7 100644
--- a/docs/oom_user_guide.rst
+++ b/docs/oom_user_guide.rst
@@ -55,7 +55,7 @@ ONAP with a few simple commands.
Pre-requisites
--------------
-Your environment must have the Kubernetes `kubectl` with Cert-Manager
+Your environment must have the Kubernetes `kubectl` with Strimzi Apache Kafka, Cert-Manager
and Helm setup as a one time activity.
Install Kubectl
@@ -78,11 +78,6 @@ Verify that the Kubernetes config is correct::
At this point you should see Kubernetes pods running.
-Install Cert-Manager
-~~~~~~~~~~~~~~~~~~~~
-Details on how to install Cert-Manager can be found
-:doc:`here <oom_setup_paas>`.
-
Install Helm
~~~~~~~~~~~~
Helm is used by OOM for package and configuration management. To install Helm,
@@ -96,6 +91,16 @@ Verify the Helm version with::
> helm version
+Install Strimzi Apache Kafka Operator
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+Details on how to install Strimzi Apache Kafka can be found
+:doc:`here <oom_setup_paas>`.
+
+Install Cert-Manager
+~~~~~~~~~~~~~~~~~~~~
+Details on how to install Cert-Manager can be found
+:doc:`here <oom_setup_paas>`.
+
Install the Helm Repo
---------------------
Once kubectl and Helm are setup, one needs to setup a local Helm server to
diff --git a/kubernetes/common/repositoryGenerator/templates/_repository.tpl b/kubernetes/common/repositoryGenerator/templates/_repository.tpl
index f57d390477..1b99285a80 100644
--- a/kubernetes/common/repositoryGenerator/templates/_repository.tpl
+++ b/kubernetes/common/repositoryGenerator/templates/_repository.tpl
@@ -154,6 +154,7 @@
mail: email (optional)
You can also set the same things for dockerHub, elastic and googleK8s if
needed.
+ if not needed, set global.repositoryCred.user to empty value.
*/}}
{{- define "repositoryGenerator.secret" -}}
{{- $dot := default . .dot -}}
@@ -164,9 +165,11 @@
{{- if $subchartDot.Values.global.repositoryCred }}
{{- $repo := $subchartDot.Values.global.repository }}
{{- $cred := $subchartDot.Values.global.repositoryCred }}
- {{- $mail := default "@" $cred.mail }}
- {{- $auth := printf "%s:%s" $cred.user $cred.password | b64enc }}
- {{- $repoCreds = printf "\"%s\": {\"username\":\"%s\",\"password\":\"%s\",\"email\":\"%s\",\"auth\":\"%s\"}" $repo $cred.user $cred.password $mail $auth }}
+ {{- if $cred.user }}
+ {{- $mail := default "@" $cred.mail }}
+ {{- $auth := printf "%s:%s" $cred.user $cred.password | b64enc }}
+ {{- $repoCreds = printf "\"%s\": {\"username\":\"%s\",\"password\":\"%s\",\"email\":\"%s\",\"auth\":\"%s\"}" $repo $cred.user $cred.password $mail $auth }}
+ {{- end }}
{{- end }}
{{- if $subchartDot.Values.global.dockerHubRepositoryCred }}
{{- $dhRepo := $subchartDot.Values.global.dockerHubRepository }}
diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl
index 5a45fa1004..fbaaedf0dd 100644
--- a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl
+++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl
@@ -366,12 +366,12 @@ spec:
- name: POLICY_SYNC_PDP_USER
valueFrom:
secretKeyRef:
- name: {{ $policyRls }}-policy-xacml-pdp-api-creds
+ name: {{ $policyRls }}-policy-xacml-pdp-restserver-creds
key: login
- name: POLICY_SYNC_PDP_PASS
valueFrom:
secretKeyRef:
- name: {{ $policyRls }}-policy-xacml-pdp-api-creds
+ name: {{ $policyRls }}-policy-xacml-pdp-restserver-creds
key: password
- name: POLICY_SYNC_PDP_URL
value : http{{ if (include "common.needTLS" .) }}s{{ end }}://policy-xacml-pdp:6969
diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml
index be0de969c1..c998e9ec67 100644
--- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml
+++ b/kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml
@@ -60,7 +60,7 @@ pullPolicy: Always
zookeeper:
name: message-router-zookeeper
port: 2181
- replicaCount: 3
+ replicaCount: 1
kafka:
heapOptions: -Xmx5G -Xms1G
@@ -129,7 +129,7 @@ secrets:
debugEnabled: false
# default number of instances
-replicaCount: 3
+replicaCount: 1
# To access Kafka outside cluster, this value must be set to hard and the number of nodes in K8S cluster must be equal or greater then replica count
diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml
index fae361a4c8..79ced4dde2 100644
--- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml
+++ b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml
@@ -32,9 +32,9 @@ debugEnabled: false
# default number of instances
-replicaCount: 3
+replicaCount: 1
-zookeeperServers: 3
+zookeeperServers: 1
nodeSelector: {}
diff --git a/kubernetes/helm/plugins/deploy/deploy.sh b/kubernetes/helm/plugins/deploy/deploy.sh
index 13b0ed86e2..51438ad7ea 100755
--- a/kubernetes/helm/plugins/deploy/deploy.sh
+++ b/kubernetes/helm/plugins/deploy/deploy.sh
@@ -87,6 +87,54 @@ resolve_deploy_flags() {
echo "$DEPLOY_FLAGS"
}
+
+check_for_dep() {
+ try=0
+ retries=30
+ until (kubectl get deployment -n $RELEASE | grep -P "\b$1\b") &>/dev/null; do
+ (( ++try > retries )) && exit 1
+ echo "$1 not found. Retry $try/$retries"
+ sleep 5
+ done
+ echo "$1 found. Waiting for pod intialisation"
+ sleep 15
+}
+
+deploy_strimzi() {
+ #Deploy the srtimzi-kafka chart in advance. Dependent charts require the entity-operator
+ #for management of the strimzi crds
+ deploy_subchart
+ echo "waiting for ${RELEASE}-strimzi-entity-operator to be deployed"
+ check_for_dep ${RELEASE}-strimzi-entity-operator
+}
+
+deploy_subchart() {
+ if [ -z "$SUBCHART_RELEASE" ] || [ "$SUBCHART_RELEASE" = "$subchart" ]; then
+ LOG_FILE=$LOG_DIR/"${RELEASE}-${subchart}".log
+ :> $LOG_FILE
+
+ helm upgrade -i "${RELEASE}-${subchart}" $CACHE_SUBCHART_DIR/$subchart \
+ $DEPLOY_FLAGS -f $GLOBAL_OVERRIDES -f $SUBCHART_OVERRIDES \
+ > $LOG_FILE 2>&1
+
+ if [ "$VERBOSE" = "true" ]; then
+ cat $LOG_FILE
+ else
+ echo "release \"${RELEASE}-${subchart}\" deployed"
+ fi
+ # Add annotation last-applied-configuration if set-last-applied flag is set
+ if [ "$SET_LAST_APPLIED" = "true" ]; then
+ helm get manifest "${RELEASE}-${subchart}" \
+ | kubectl apply set-last-applied --create-annotation -n onap -f - \
+ > $LOG_FILE.log 2>&1
+ fi
+ fi
+ if [ "$DELAY" = "true" ]; then
+ echo sleep 3m
+ sleep 180
+ fi
+}
+
deploy() {
# validate params
if [ -z "$1" ] || [ -z "$2" ]; then
@@ -219,47 +267,50 @@ deploy() {
#“helm ls” is an expensive command in that it can take a long time to execute.
#So cache the results to prevent repeated execution.
ALL_HELM_RELEASES=$(helm ls -q)
- for subchart in * ; do
- SUBCHART_OVERRIDES=$CACHE_SUBCHART_DIR/$subchart/subchart-overrides.yaml
- SUBCHART_ENABLED=0
- if [ -f $SUBCHART_OVERRIDES ]; then
- SUBCHART_ENABLED=$(cat $SUBCHART_OVERRIDES | grep -c "^enabled: true")
- fi
+ for subchart in strimzi cassandra mariadb-galera postgres ; do
+ SUBCHART_OVERRIDES=$CACHE_SUBCHART_DIR/$subchart/subchart-overrides.yaml
- if [ $SUBCHART_ENABLED -eq 1 ]; then
- if [ -z "$SUBCHART_RELEASE" ] || [ "$SUBCHART_RELEASE" = "$subchart" ]; then
- LOG_FILE=$LOG_DIR/"${RELEASE}-${subchart}".log
- :> $LOG_FILE
+ SUBCHART_ENABLED=0
+ if [ -f $SUBCHART_OVERRIDES ]; then
+ SUBCHART_ENABLED=$(cat $SUBCHART_OVERRIDES | grep -c "^enabled: true")
+ fi
+ if [ "${subchart}" = "strimzi" ] && [ $SUBCHART_ENABLED -eq 1 ]; then
+ deploy_strimzi
+ fi
+ # Deploy them at first
+ if [ $SUBCHART_ENABLED -eq 1 ]; then
+ deploy_subchart
+ else
+ array=($(echo "$ALL_HELM_RELEASES" | grep "${RELEASE}-${subchart}"))
+ n=${#array[*]}
+ for i in $(seq $(($n-1)) -1 0); do
+ helm del "${array[i]}"
+ done
+ fi
+ done
- helm upgrade -i "${RELEASE}-${subchart}" $CACHE_SUBCHART_DIR/$subchart \
- $DEPLOY_FLAGS -f $GLOBAL_OVERRIDES -f $SUBCHART_OVERRIDES \
- > $LOG_FILE 2>&1
+ for subchart in * ; do
+ SUBCHART_OVERRIDES=$CACHE_SUBCHART_DIR/$subchart/subchart-overrides.yaml
- if [ "$VERBOSE" = "true" ]; then
- cat $LOG_FILE
- else
- echo "release \"${RELEASE}-${subchart}\" deployed"
- fi
- # Add annotation last-applied-configuration if set-last-applied flag is set
- if [ "$SET_LAST_APPLIED" = "true" ]; then
- helm get manifest "${RELEASE}-${subchart}" \
- | kubectl apply set-last-applied --create-annotation -n onap -f - \
- > $LOG_FILE.log 2>&1
- fi
+ SUBCHART_ENABLED=0
+ if [ -f $SUBCHART_OVERRIDES ]; then
+ SUBCHART_ENABLED=$(cat $SUBCHART_OVERRIDES | grep -c "^enabled: true")
fi
- if [ "$DELAY" = "true" ]; then
- echo sleep 3m
- sleep 180
+ if [ "${subchart}" = "strimzi" ] || [ "${subchart}" = "cassandra" ] || [ "${subchart}" = "mariadb-galera" ] || [ "${subchart}" = "postgres" ]; then
+ SUBCHART_ENABLED=0
fi
- else
- array=($(echo "$ALL_HELM_RELEASES" | grep "${RELEASE}-${subchart}"))
- n=${#array[*]}
- for i in $(seq $(($n-1)) -1 0); do
- helm del "${array[i]}"
- done
- fi
- done
+ # Deploy the others
+ if [ $SUBCHART_ENABLED -eq 1 ]; then
+ deploy_subchart
+ else
+ array=($(echo "$ALL_HELM_RELEASES" | grep "${RELEASE}-${subchart}"))
+ n=${#array[*]}
+ for i in $(seq $(($n-1)) -1 0); do
+ helm del "${array[i]}"
+ done
+ fi
+ done
# report on success/failures of installs/upgrades
helm ls --all-namespaces | grep -i FAILED | grep $RELEASE
diff --git a/kubernetes/onap/Chart.yaml b/kubernetes/onap/Chart.yaml
index 4754f9fd2f..371bc7167e 100644
--- a/kubernetes/onap/Chart.yaml
+++ b/kubernetes/onap/Chart.yaml
@@ -143,6 +143,10 @@ dependencies:
version: ~10.x-0
repository: '@local'
condition: so.enabled
+ - name: strimzi
+ version: ~10.x-0
+ repository: '@local'
+ condition: strimzi.enabled
- name: uui
version: ~10.x-0
repository: '@local'
diff --git a/kubernetes/onap/resources/overrides/onap-all-ingress-nginx-vhost.yaml b/kubernetes/onap/resources/overrides/onap-all-ingress-nginx-vhost.yaml
index 528cd2c687..a56126a093 100644
--- a/kubernetes/onap/resources/overrides/onap-all-ingress-nginx-vhost.yaml
+++ b/kubernetes/onap/resources/overrides/onap-all-ingress-nginx-vhost.yaml
@@ -74,6 +74,8 @@ so:
so-vnfm-adapter:
ingress:
enabled: true
+strimzi:
+ enabled: true
uui:
enabled: true
vfc:
diff --git a/kubernetes/onap/resources/overrides/onap-all.yaml b/kubernetes/onap/resources/overrides/onap-all.yaml
index 9306985d33..6d08d01139 100644
--- a/kubernetes/onap/resources/overrides/onap-all.yaml
+++ b/kubernetes/onap/resources/overrides/onap-all.yaml
@@ -82,6 +82,8 @@ sdnc:
enabled: true
so:
enabled: true
+strimzi:
+ enabled: true
uui:
enabled: true
vfc:
diff --git a/kubernetes/onap/resources/overrides/onap-vfw.yaml b/kubernetes/onap/resources/overrides/onap-vfw.yaml
index 181a1d18e4..f9da136043 100644
--- a/kubernetes/onap/resources/overrides/onap-vfw.yaml
+++ b/kubernetes/onap/resources/overrides/onap-vfw.yaml
@@ -57,5 +57,7 @@ sdnc:
enabled: true
so:
enabled: true
+strimzi:
+ enabled: true
vid:
enabled: true
diff --git a/kubernetes/onap/resources/overrides/sm-onap.yaml b/kubernetes/onap/resources/overrides/sm-onap.yaml
index b07b6d3aa2..37080b8290 100644
--- a/kubernetes/onap/resources/overrides/sm-onap.yaml
+++ b/kubernetes/onap/resources/overrides/sm-onap.yaml
@@ -134,6 +134,8 @@ so:
openStackKeyStoneUrl: "$OPENSTACK_KEYSTONE_URL"
openStackServiceTenantName: "$OPENSTACK_TENANT_NAME"
openStackEncryptedPasswordHere: "$OPENSTACK_ENCRYPTED_PASSWORD"
+strimzi:
+ enabled: false
uui:
enabled: false
vid:
diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml
index f5b5c8ed7d..0e8dd21994 100755
--- a/kubernetes/onap/values.yaml
+++ b/kubernetes/onap/values.yaml
@@ -372,6 +372,8 @@ so:
# server:
# monitoring:
# password: demo123456!
+strimzi:
+ enabled: false
uui:
enabled: false
vfc:
diff --git a/kubernetes/strimzi/.helmignore b/kubernetes/strimzi/.helmignore
new file mode 100644
index 0000000000..0f976e9ff3
--- /dev/null
+++ b/kubernetes/strimzi/.helmignore
@@ -0,0 +1,22 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+Chart.lock
diff --git a/kubernetes/strimzi/Chart.yaml b/kubernetes/strimzi/Chart.yaml
new file mode 100644
index 0000000000..6ce866bdeb
--- /dev/null
+++ b/kubernetes/strimzi/Chart.yaml
@@ -0,0 +1,33 @@
+# Copyright © 2022 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v2
+description: ONAP Strimzi kafka
+name: strimzi
+version: 10.0.0
+
+dependencies:
+ - name: common
+ version: ~10.x-0
+ # local reference to common chart, as it is
+ # a part of this chart's package and will not
+ # be published independently to a repo (at this point)
+ repository: '@local'
+ - name: repositoryGenerator
+ version: ~10.x-0
+ repository: '@local'
+ - name: serviceAccount
+ version: ~10.x-0
+ repository: '@local'
+
diff --git a/kubernetes/strimzi/Makefile b/kubernetes/strimzi/Makefile
new file mode 100644
index 0000000000..51d7de122c
--- /dev/null
+++ b/kubernetes/strimzi/Makefile
@@ -0,0 +1,51 @@
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
+OUTPUT_DIR := $(ROOT_DIR)/../dist
+PACKAGE_DIR := $(OUTPUT_DIR)/packages
+SECRET_DIR := $(OUTPUT_DIR)/secrets
+
+EXCLUDES := dist resources templates charts docker
+HELM_BIN := helm
+HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
+
+.PHONY: $(EXCLUDES) $(HELM_CHARTS)
+
+all: $(HELM_CHARTS)
+
+$(HELM_CHARTS):
+ @echo "\n[$@]"
+ @make package-$@
+
+make-%:
+ @if [ -f $*/Makefile ]; then make -C $*; fi
+
+dep-%: make-%
+ @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) dep up $*; fi
+
+lint-%: dep-%
+ @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) lint $*; fi
+
+package-%: lint-%
+ @mkdir -p $(PACKAGE_DIR)
+ @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi
+ @$(HELM_BIN) repo index $(PACKAGE_DIR)
+
+clean:
+ @rm -f */Chart.lock
+ @rm -f *tgz */charts/*tgz
+ @rm -rf $(PACKAGE_DIR)
+%:
+ @:
diff --git a/kubernetes/strimzi/templates/pv-kafka.yaml b/kubernetes/strimzi/templates/pv-kafka.yaml
new file mode 100644
index 0000000000..616f03e788
--- /dev/null
+++ b/kubernetes/strimzi/templates/pv-kafka.yaml
@@ -0,0 +1,16 @@
+{{/*
+# Copyright © 2022 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+{{ include "common.replicaPV" (dict "dot" . "suffix" "kafka" "persistenceInfos" .Values.persistenceKafka) }}
diff --git a/kubernetes/strimzi/templates/pv-zk.yaml b/kubernetes/strimzi/templates/pv-zk.yaml
new file mode 100644
index 0000000000..60f4ca6e79
--- /dev/null
+++ b/kubernetes/strimzi/templates/pv-zk.yaml
@@ -0,0 +1,17 @@
+{{/*
+# Copyright © 2022 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.replicaPV" (dict "dot" . "suffix" "zk" "persistenceInfos" .Values.persistenceZk) }}
diff --git a/kubernetes/strimzi/templates/strimzi-kafka.yaml b/kubernetes/strimzi/templates/strimzi-kafka.yaml
new file mode 100644
index 0000000000..cfd2ef13cc
--- /dev/null
+++ b/kubernetes/strimzi/templates/strimzi-kafka.yaml
@@ -0,0 +1,90 @@
+{{/*
+# Copyright © 2022 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+apiVersion: kafka.strimzi.io/v1beta2
+kind: Kafka
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+spec:
+ kafka:
+ version: {{ .Values.version }}
+ replicas: {{ .Values.replicaCount }}
+ listeners:
+ - name: plain
+ port: {{ .Values.kafkaInternalPort }}
+ type: internal
+ tls: false
+ authentication:
+ type: {{ .Values.saslMechanism }}
+ - name: tls
+ port: 9093
+ type: internal
+ tls: true
+ authentication:
+ type: tls
+ - name: external
+ port: 9094
+ type: nodeport
+ tls: true
+ authentication:
+ type: tls
+ authorization:
+ type: simple
+ superUsers:
+ - {{ include "common.release" . }}-{{ .Values.kafkaStrimziAdminUser }}
+ template:
+ pod:
+ securityContext:
+ runAsUser: 0
+ fsGroup: 0
+ config:
+ offsets.topic.replication.factor: {{ .Values.replicaCount }}
+ transaction.state.log.replication.factor: {{ .Values.replicaCount }}
+ transaction.state.log.min.isr: 2
+ log.message.format.version: "3.0"
+ inter.broker.protocol.version: "3.0"
+ storage:
+ type: jbod
+ class: {{ include "common.storageClass" (dict "dot" . "suffix" "kafka" "persistenceInfos" .Values.persistenceKafka) }}
+ volumes:
+ - id: 0
+ type: persistent-claim
+ size: {{ .Values.persistenceKafka.size }}
+ deleteClaim: true
+ class: {{ include "common.storageClass" (dict "dot" . "suffix" "kafka" "persistenceInfos" .Values.persistenceKafka) }}
+ zookeeper:
+ template:
+ pod:
+ securityContext:
+ runAsUser: 0
+ fsGroup: 0
+ replicas: {{ .Values.replicaCount }}
+ config:
+ ssl.hostnameVerification: false
+ storage:
+ type: persistent-claim
+ size: {{ .Values.persistenceZk.size }}
+ deleteClaim: true
+ class: {{ include "common.storageClass" (dict "dot" . "suffix" "zk" "persistenceInfos" .Values.persistenceZk) }}
+ entityOperator:
+ topicOperator: {}
+ userOperator: {}
+
diff --git a/kubernetes/strimzi/values.yaml b/kubernetes/strimzi/values.yaml
new file mode 100644
index 0000000000..e8db803f94
--- /dev/null
+++ b/kubernetes/strimzi/values.yaml
@@ -0,0 +1,52 @@
+# Copyright © 2022 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ persistence:
+ mountPath: /dockerdata-nfs
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+replicaCount: 2
+kafkaInternalPort: 9092
+saslMechanism: scram-sha-512
+version: 3.0.0
+kafkaStrimziAdminUser: strimzi-kafka-admin
+persistence: {}
+
+persistenceKafka:
+ enabled: true
+ size: 2Gi
+ volumeReclaimPolicy: Retain
+ accessMode: ReadWriteOnce
+ mountPath: /dockerdata-nfs
+ mountSubPath: strimzi-kafka/kafka
+persistenceZk:
+ enabled: true
+ size: 2Gi
+ volumeReclaimPolicy: Retain
+ accessMode: ReadWriteOnce
+ mountPath: /dockerdata-nfs
+ mountSubPath: strimzi-kafka/zk
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: strimzi-kafka
+ roles:
+ - read