summaryrefslogtreecommitdiffstats
path: root/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml')
-rw-r--r--kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml163
1 files changed, 126 insertions, 37 deletions
diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml
index aa97e32a9a..ab3a6bf852 100644
--- a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml
+++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml
@@ -1,4 +1,3 @@
-# Copyright © 2017 Amdocs, Bell Canada
# Modifications Copyright © 2018 AT&T
#
# Licensed under the Apache License, Version 2.0 (the "License");
@@ -32,6 +31,11 @@ spec:
labels:
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
+ {{- if .Values.prometheus.jmx.enabled }}
+ annotations:
+ prometheus.io/scrape: "true"
+ prometheus.io/port: {{ .Values.prometheus.jmx.port | quote }}
+ {{- end }}
spec:
podAntiAffinity:
{{if eq .Values.podAntiAffinityType "hard" -}}
@@ -47,10 +51,14 @@ spec:
operator: In
values:
- {{ include "common.name" . }}
+ - key: "release"
+ operator: In
+ values:
+ - {{ include "common.release" . }}
topologyKey: "kubernetes.io/hostname"
{{- if .Values.nodeAffinity }}
nodeAffinity:
- {{ toYaml .Values.nodeAffinity | indent 10 }}
+ {{ toYaml .Values.nodeAffinity | indent 10 }}
{{- end }}
initContainers:
- name: {{ include "common.name" . }}-initcontainer
@@ -74,24 +82,58 @@ spec:
- sh
- -exec
- |
- chown -R 1000:1000 /opt/kafka/data;
- rm -rf '/opt/kafka/data/lost+found';
- cp /opt/kafka/tmpconfig/server.properties /opt/kafka/config/;
- chown 1000:1000 /opt/kafka/config/server.properties;
- cd /opt/kafka/config;
- ls;
+ chown -R 1000:0 /var/lib/kafka/data;
image: "{{ .Values.busyBoxRepository }}/{{ .Values.busyBoxImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
volumeMounts:
- - mountPath: /opt/kafka/data
+ - mountPath: /var/lib/kafka/data
name: kafka-data
- - mountPath: /opt/kafka/tmpconfig/server.properties
- subPath: server.properties
- name: server
- - mountPath: /opt/kafka/config
- name: config-data
name: {{ include "common.name" . }}-permission-fixer
+ - command:
+ - sh
+ args:
+ - -c
+ - "cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/etc/kafka/secrets/jaas/${PFILE}; done"
+ env:
+ - name: ZK_ADMIN
+ {{- include "common.secret.envFromSecret" (dict "global" . "uid" "zk-client" "key" "login") | indent 10 }}
+ - name: ZK_PSWD
+ {{- include "common.secret.envFromSecret" (dict "global" . "uid" "zk-client" "key" "password") | indent 10 }}
+ - name: KAFKA_ADMIN
+ {{- include "common.secret.envFromSecret" (dict "global" . "uid" "kafka-admin" "key" "login") | indent 10 }}
+ - name: KAFKA_PSWD
+ {{- include "common.secret.envFromSecret" (dict "global" . "uid" "kafka-admin" "key" "password") | indent 10 }}
+ volumeMounts:
+ - mountPath: /etc/kafka/secrets/jaas
+ name: jaas-config
+ - mountPath: /config-input
+ name: jaas
+ image: "{{ .Values.global.envsubstImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-update-config
containers:
+ {{- if .Values.prometheus.jmx.enabled }}
+ - name: prometheus-jmx-exporter
+ image: "{{ .Values.prometheus.jmx.imageRepository }}/{{ .Values.prometheus.jmx.image }}:{{ .Values.prometheus.jmx.imageTag }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - java
+ - -XX:+UnlockExperimentalVMOptions
+ - -XX:+UseCGroupMemoryLimitForHeap
+ - -XX:MaxRAMFraction=1
+ - -XshowSettings:vm
+ - -jar
+ - jmx_prometheus_httpserver.jar
+ - {{ .Values.prometheus.jmx.port | quote }}
+ - /etc/jmx-kafka/jmx-kafka-prometheus.yml
+ ports:
+ - containerPort: {{ .Values.prometheus.jmx.port }}
+ resources:
+{{ toYaml .Values.prometheus.jmx.resources | indent 10 }}
+ volumeMounts:
+ - name: jmx-config
+ mountPath: /etc/jmx-kafka
+ {{- end }}
- name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
@@ -100,14 +142,21 @@ spec:
- -exc
- |
export KAFKA_BROKER_ID=${HOSTNAME##*-} && \
- export ENDPOINT_PORT=$(( $KAFKA_BROKER_ID + {{ .Values.service.baseNodePort }} )) && \
+ {{- if .Values.global.aafEnabled }}
export KAFKA_ADVERTISED_LISTENERS=EXTERNAL_SASL_PLAINTEXT://$(HOST_IP):$(( $KAFKA_BROKER_ID + {{ .Values.service.baseNodePort }} )),INTERNAL_SASL_PLAINTEXT://:{{ .Values.service.internalPort }} && \
- exec start-kafka.sh
+ {{ else }}
+ export KAFKA_ADVERTISED_LISTENERS=EXTERNAL_PLAINTEXT://$(HOST_IP):$(( $KAFKA_BROKER_ID + {{ .Values.service.baseNodePort }} )),INTERNAL_PLAINTEXT://:{{ .Values.service.internalPort }} && \
+ {{- end }}
+ exec /etc/confluent/docker/run
resources:
{{ include "common.resources" . | indent 12 }}
ports:
- containerPort: {{ .Values.service.internalPort }}
- containerPort: {{ .Values.service.externalPort }}
+ {{- if .Values.prometheus.jmx.enabled }}
+ - containerPort: {{ .Values.jmx.port }}
+ name: jmx
+ {{- end }}
{{ if eq .Values.liveness.enabled true }}
livenessProbe:
tcpSocket:
@@ -128,28 +177,63 @@ spec:
fieldRef:
apiVersion: v1
fieldPath: status.hostIP
+ - name: KAFKA_ZOOKEEPER_CONNECT
+ value: {{ include "common.release" . }}-{{.Values.zookeeper.name}}-0.{{.Values.zookeeper.name}}.{{.Release.Namespace}}.svc.cluster.local:{{.Values.zookeeper.port}},{{ include "common.release" . }}-{{.Values.zookeeper.name}}-1.{{.Values.zookeeper.name}}.{{.Release.Namespace}}.svc.cluster.local:{{.Values.zookeeper.port}},{{ include "common.release" . }}-{{.Values.zookeeper.name}}-2.{{.Values.zookeeper.name}}.{{.Release.Namespace}}.svc.cluster.local:{{.Values.zookeeper.port}}
+ - name: KAFKA_CONFLUENT_SUPPORT_METRICS_ENABLE
+ value: "{{ .Values.kafka.enableSupport }}"
+ - name: KAFKA_OPTS
+ value: "{{ .Values.kafka.jaasOptions }}"
+ {{- if .Values.global.aafEnabled }}
+ - name: KAFKA_OPTS
+ value: "{{ .Values.kafka.jaasOptionsAaf }}"
- name: aaf_locate_url
value: https://aaf-locate.{{ include "common.namespace" . }}:8095
-
+ - name: KAFKA_LISTENER_SECURITY_PROTOCOL_MAP
+ value: "{{ .Values.kafka.protocolMapAaf }}"
+ - name: KAFKA_LISTENERS
+ value: "{{ .Values.kafka.listenersAaf }}"
+ - name: KAFKA_SASL_ENABLED_MECHANISMS
+ value: "{{ .Values.kafka.saslMech }}"
+ - name: KAFKA_INTER_BROKER_LISTENER_NAME
+ value: "{{ .Values.kafka.interBrokerListernerAaf }}"
+ - name: KAFKA_SASL_MECHANISM_INTER_BROKER_PROTOCOL
+ value: "{{ .Values.kafka.saslInterBrokerProtocol }}"
+ - name: KAFKA_AUTHORIZER_CLASS_NAME
+ value: "{{ .Values.kafka.authorizer }}"
+ {{ else }}
+ - name: KAFKA_OPTS
+ value: "{{ .Values.kafka.jaasOptions }}"
+ - name: KAFKA_LISTENER_SECURITY_PROTOCOL_MAP
+ value: "{{ .Values.kafka.protocolMap }}"
+ - name: KAFKA_LISTENERS
+ value: "{{ .Values.kafka.listeners }}"
+ - name: KAFKA_INTER_BROKER_LISTENER_NAME
+ value: "{{ .Values.kafka.interBrokerListerner }}"
+ {{- end }}
+ {{- range $key, $value := .Values.configurationOverrides }}
+ - name: {{ printf "KAFKA_%s" $key | replace "." "_" | upper | quote }}
+ value: {{ $value | quote }}
+ {{- end }}
+ {{- if .Values.jmx.port }}
+ - name: KAFKA_JMX_PORT
+ value: "{{ .Values.jmx.port }}"
+ {{- end }}
+ - name: enableCadi
+ value: "{{ .Values.global.aafEnabled }}"
volumeMounts:
- mountPath: /etc/localtime
name: localtime
readOnly: true
- mountPath: /var/run/docker.sock
name: docker-socket
- - mountPath: /opt/kafka/tmpconfig/server.properties
- subPath: server.properties
- name: server
- - mountPath: /opt/kafka/config/server.properties
- subPath: server.properties
- name: config-data
- - mountPath: /opt/kafka/config/log4j.properties
- subPath: log4j.properties
- name: log4j
- - mountPath: /opt/kafka/config/cadi.properties
+ {{- if .Values.global.aafEnabled }}
+ - mountPath: /etc/kafka/data/cadi.properties
subPath: cadi.properties
name: cadi
- - mountPath: /opt/kafka/data
+ {{ end }}
+ - name: jaas-config
+ mountPath: /etc/kafka/secrets/jaas
+ - mountPath: /var/lib/kafka/data
name: kafka-data
{{- if .Values.tolerations }}
tolerations:
@@ -159,20 +243,25 @@ spec:
- name: localtime
hostPath:
path: /etc/localtime
- - name: config-data
- emptyDir: {}
+ - name: jaas-config
+ emptyDir:
+ medium: Memory
- name: docker-socket
hostPath:
path: /var/run/docker.sock
- - name: server
- configMap:
- name: {{ include "common.fullname" . }}-server-prop-configmap
- - name: log4j
- configMap:
- name: {{ include "common.fullname" . }}-log4j-prop-configmap
+ {{- if .Values.global.aafEnabled }}
- name: cadi
configMap:
name: {{ include "common.fullname" . }}-cadi-prop-configmap
+ {{ end }}
+ - name: jaas
+ configMap:
+ name: {{ include "common.fullname" . }}-jaas-configmap
+ {{- if .Values.prometheus.jmx.enabled }}
+ - name: jmx-config
+ configMap:
+ name: {{ include "common.fullname" . }}-prometheus-configmap
+ {{- end }}
{{ if not .Values.persistence.enabled }}
- name: kafka-data
emptyDir: {}
@@ -194,4 +283,4 @@ spec:
storage: {{ .Values.persistence.size | quote }}
{{ end }}
imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
+ - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file