diff options
Diffstat (limited to 'kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml')
-rw-r--r-- | kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml | 163 |
1 files changed, 126 insertions, 37 deletions
diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml index aa97e32a9a..ab3a6bf852 100644 --- a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml @@ -1,4 +1,3 @@ -# Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2018 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -32,6 +31,11 @@ spec: labels: app: {{ include "common.name" . }} release: {{ include "common.release" . }} + {{- if .Values.prometheus.jmx.enabled }} + annotations: + prometheus.io/scrape: "true" + prometheus.io/port: {{ .Values.prometheus.jmx.port | quote }} + {{- end }} spec: podAntiAffinity: {{if eq .Values.podAntiAffinityType "hard" -}} @@ -47,10 +51,14 @@ spec: operator: In values: - {{ include "common.name" . }} + - key: "release" + operator: In + values: + - {{ include "common.release" . }} topologyKey: "kubernetes.io/hostname" {{- if .Values.nodeAffinity }} nodeAffinity: - {{ toYaml .Values.nodeAffinity | indent 10 }} + {{ toYaml .Values.nodeAffinity | indent 10 }} {{- end }} initContainers: - name: {{ include "common.name" . }}-initcontainer @@ -74,24 +82,58 @@ spec: - sh - -exec - | - chown -R 1000:1000 /opt/kafka/data; - rm -rf '/opt/kafka/data/lost+found'; - cp /opt/kafka/tmpconfig/server.properties /opt/kafka/config/; - chown 1000:1000 /opt/kafka/config/server.properties; - cd /opt/kafka/config; - ls; + chown -R 1000:0 /var/lib/kafka/data; image: "{{ .Values.busyBoxRepository }}/{{ .Values.busyBoxImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - - mountPath: /opt/kafka/data + - mountPath: /var/lib/kafka/data name: kafka-data - - mountPath: /opt/kafka/tmpconfig/server.properties - subPath: server.properties - name: server - - mountPath: /opt/kafka/config - name: config-data name: {{ include "common.name" . }}-permission-fixer + - command: + - sh + args: + - -c + - "cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/etc/kafka/secrets/jaas/${PFILE}; done" + env: + - name: ZK_ADMIN + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "zk-client" "key" "login") | indent 10 }} + - name: ZK_PSWD + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "zk-client" "key" "password") | indent 10 }} + - name: KAFKA_ADMIN + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "kafka-admin" "key" "login") | indent 10 }} + - name: KAFKA_PSWD + {{- include "common.secret.envFromSecret" (dict "global" . "uid" "kafka-admin" "key" "password") | indent 10 }} + volumeMounts: + - mountPath: /etc/kafka/secrets/jaas + name: jaas-config + - mountPath: /config-input + name: jaas + image: "{{ .Values.global.envsubstImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-update-config containers: + {{- if .Values.prometheus.jmx.enabled }} + - name: prometheus-jmx-exporter + image: "{{ .Values.prometheus.jmx.imageRepository }}/{{ .Values.prometheus.jmx.image }}:{{ .Values.prometheus.jmx.imageTag }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - java + - -XX:+UnlockExperimentalVMOptions + - -XX:+UseCGroupMemoryLimitForHeap + - -XX:MaxRAMFraction=1 + - -XshowSettings:vm + - -jar + - jmx_prometheus_httpserver.jar + - {{ .Values.prometheus.jmx.port | quote }} + - /etc/jmx-kafka/jmx-kafka-prometheus.yml + ports: + - containerPort: {{ .Values.prometheus.jmx.port }} + resources: +{{ toYaml .Values.prometheus.jmx.resources | indent 10 }} + volumeMounts: + - name: jmx-config + mountPath: /etc/jmx-kafka + {{- end }} - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} @@ -100,14 +142,21 @@ spec: - -exc - | export KAFKA_BROKER_ID=${HOSTNAME##*-} && \ - export ENDPOINT_PORT=$(( $KAFKA_BROKER_ID + {{ .Values.service.baseNodePort }} )) && \ + {{- if .Values.global.aafEnabled }} export KAFKA_ADVERTISED_LISTENERS=EXTERNAL_SASL_PLAINTEXT://$(HOST_IP):$(( $KAFKA_BROKER_ID + {{ .Values.service.baseNodePort }} )),INTERNAL_SASL_PLAINTEXT://:{{ .Values.service.internalPort }} && \ - exec start-kafka.sh + {{ else }} + export KAFKA_ADVERTISED_LISTENERS=EXTERNAL_PLAINTEXT://$(HOST_IP):$(( $KAFKA_BROKER_ID + {{ .Values.service.baseNodePort }} )),INTERNAL_PLAINTEXT://:{{ .Values.service.internalPort }} && \ + {{- end }} + exec /etc/confluent/docker/run resources: {{ include "common.resources" . | indent 12 }} ports: - containerPort: {{ .Values.service.internalPort }} - containerPort: {{ .Values.service.externalPort }} + {{- if .Values.prometheus.jmx.enabled }} + - containerPort: {{ .Values.jmx.port }} + name: jmx + {{- end }} {{ if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: @@ -128,28 +177,63 @@ spec: fieldRef: apiVersion: v1 fieldPath: status.hostIP + - name: KAFKA_ZOOKEEPER_CONNECT + value: {{ include "common.release" . }}-{{.Values.zookeeper.name}}-0.{{.Values.zookeeper.name}}.{{.Release.Namespace}}.svc.cluster.local:{{.Values.zookeeper.port}},{{ include "common.release" . }}-{{.Values.zookeeper.name}}-1.{{.Values.zookeeper.name}}.{{.Release.Namespace}}.svc.cluster.local:{{.Values.zookeeper.port}},{{ include "common.release" . }}-{{.Values.zookeeper.name}}-2.{{.Values.zookeeper.name}}.{{.Release.Namespace}}.svc.cluster.local:{{.Values.zookeeper.port}} + - name: KAFKA_CONFLUENT_SUPPORT_METRICS_ENABLE + value: "{{ .Values.kafka.enableSupport }}" + - name: KAFKA_OPTS + value: "{{ .Values.kafka.jaasOptions }}" + {{- if .Values.global.aafEnabled }} + - name: KAFKA_OPTS + value: "{{ .Values.kafka.jaasOptionsAaf }}" - name: aaf_locate_url value: https://aaf-locate.{{ include "common.namespace" . }}:8095 - + - name: KAFKA_LISTENER_SECURITY_PROTOCOL_MAP + value: "{{ .Values.kafka.protocolMapAaf }}" + - name: KAFKA_LISTENERS + value: "{{ .Values.kafka.listenersAaf }}" + - name: KAFKA_SASL_ENABLED_MECHANISMS + value: "{{ .Values.kafka.saslMech }}" + - name: KAFKA_INTER_BROKER_LISTENER_NAME + value: "{{ .Values.kafka.interBrokerListernerAaf }}" + - name: KAFKA_SASL_MECHANISM_INTER_BROKER_PROTOCOL + value: "{{ .Values.kafka.saslInterBrokerProtocol }}" + - name: KAFKA_AUTHORIZER_CLASS_NAME + value: "{{ .Values.kafka.authorizer }}" + {{ else }} + - name: KAFKA_OPTS + value: "{{ .Values.kafka.jaasOptions }}" + - name: KAFKA_LISTENER_SECURITY_PROTOCOL_MAP + value: "{{ .Values.kafka.protocolMap }}" + - name: KAFKA_LISTENERS + value: "{{ .Values.kafka.listeners }}" + - name: KAFKA_INTER_BROKER_LISTENER_NAME + value: "{{ .Values.kafka.interBrokerListerner }}" + {{- end }} + {{- range $key, $value := .Values.configurationOverrides }} + - name: {{ printf "KAFKA_%s" $key | replace "." "_" | upper | quote }} + value: {{ $value | quote }} + {{- end }} + {{- if .Values.jmx.port }} + - name: KAFKA_JMX_PORT + value: "{{ .Values.jmx.port }}" + {{- end }} + - name: enableCadi + value: "{{ .Values.global.aafEnabled }}" volumeMounts: - mountPath: /etc/localtime name: localtime readOnly: true - mountPath: /var/run/docker.sock name: docker-socket - - mountPath: /opt/kafka/tmpconfig/server.properties - subPath: server.properties - name: server - - mountPath: /opt/kafka/config/server.properties - subPath: server.properties - name: config-data - - mountPath: /opt/kafka/config/log4j.properties - subPath: log4j.properties - name: log4j - - mountPath: /opt/kafka/config/cadi.properties + {{- if .Values.global.aafEnabled }} + - mountPath: /etc/kafka/data/cadi.properties subPath: cadi.properties name: cadi - - mountPath: /opt/kafka/data + {{ end }} + - name: jaas-config + mountPath: /etc/kafka/secrets/jaas + - mountPath: /var/lib/kafka/data name: kafka-data {{- if .Values.tolerations }} tolerations: @@ -159,20 +243,25 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: config-data - emptyDir: {} + - name: jaas-config + emptyDir: + medium: Memory - name: docker-socket hostPath: path: /var/run/docker.sock - - name: server - configMap: - name: {{ include "common.fullname" . }}-server-prop-configmap - - name: log4j - configMap: - name: {{ include "common.fullname" . }}-log4j-prop-configmap + {{- if .Values.global.aafEnabled }} - name: cadi configMap: name: {{ include "common.fullname" . }}-cadi-prop-configmap + {{ end }} + - name: jaas + configMap: + name: {{ include "common.fullname" . }}-jaas-configmap + {{- if .Values.prometheus.jmx.enabled }} + - name: jmx-config + configMap: + name: {{ include "common.fullname" . }}-prometheus-configmap + {{- end }} {{ if not .Values.persistence.enabled }} - name: kafka-data emptyDir: {} @@ -194,4 +283,4 @@ spec: storage: {{ .Values.persistence.size | quote }} {{ end }} imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" + - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file |