From 23361a3aedd49902f50792cf8ac1f659b0391567 Mon Sep 17 00:00:00 2001 From: efiacor Date: Mon, 14 Mar 2022 13:44:02 +0000 Subject: [CPS-STRIMZI] Migrate cps to use strimzi kafka Add strimzi kafka config Signed-off-by: efiacor Change-Id: Ib6af32bae9f85cbc2e3c9484b970229d63c299b1 Issue-ID: DMAAP-1681 --- .../resources/config/application-helm.yml | 29 ++++++++++++++------ .../cps-temporal/templates/deployment.yaml | 5 ++++ kubernetes/cps/components/cps-temporal/values.yaml | 32 +++++++++++++++++----- 3 files changed, 51 insertions(+), 15 deletions(-) (limited to 'kubernetes/cps/components/cps-temporal') diff --git a/kubernetes/cps/components/cps-temporal/resources/config/application-helm.yml b/kubernetes/cps/components/cps-temporal/resources/config/application-helm.yml index 32ae51b51a..6e80843949 100644 --- a/kubernetes/cps/components/cps-temporal/resources/config/application-helm.yml +++ b/kubernetes/cps/components/cps-temporal/resources/config/application-helm.yml @@ -1,6 +1,7 @@ {{/* # ============LICENSE_START======================================================= # Copyright (c) 2021 Bell Canada. +# Modifications Copyright © 2022 Nordix Foundation # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -24,19 +25,31 @@ spring: username: ${DB_USERNAME} password: ${DB_PASSWORD} -security: - auth: - username: ${APP_USERNAME} - password: ${APP_PASSWORD} + kafka: + consumer: + group-id: {{ .Values.config.kafka.consumer.groupId }} + +app: + listener: + data-updated: + topic: {{ .Values.config.app.listener.dataUpdatedTopic }} -# Event consumption properties (kafka) -{{- if .Values.config.eventConsumption }} -{{ toYaml .Values.config.eventConsumption | nindent 2 }} +{{- if .Values.config.useStrimziKafka }} +spring.kafka.bootstrap-servers: {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 +spring.kafka.security.protocol: SASL_PLAINTEXT +spring.kafka.properties.sasl.mechanism: SCRAM-SHA-512 +spring.kafka.properties.sasl.jaas.config: ${JAASLOGIN} +{{ else }} +{{ toYaml .Values.config.eventPublisher | nindent 2 }} {{- end }} -# Additional properties {{- if .Values.config.additional }} {{ toYaml .Values.config.additional | nindent 2 }} {{- end }} +security: + auth: + username: ${APP_USERNAME} + password: ${APP_PASSWORD} + # Last empty line is required otherwise the last property will be missing from application.yml file in the pod. diff --git a/kubernetes/cps/components/cps-temporal/templates/deployment.yaml b/kubernetes/cps/components/cps-temporal/templates/deployment.yaml index 806e65a865..71ff37193b 100644 --- a/kubernetes/cps/components/cps-temporal/templates/deployment.yaml +++ b/kubernetes/cps/components/cps-temporal/templates/deployment.yaml @@ -1,6 +1,7 @@ {{/* # ============LICENSE_START======================================================= # Copyright (c) 2021 Bell Canada. +# Modifications Copyright © 2022 Nordix Foundation # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -53,6 +54,10 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "app-user-creds" "key" "login") | indent 12 }} - name: APP_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "app-user-creds" "key" "password") | indent 12 }} + {{- if .Values.config.useStrimziKafka }} + - name: JAASLOGIN + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cps-kafka-user" "key" "sasl.jaas.config") | indent 12 }} + {{- end }} volumeMounts: - mountPath: /config-input name: init-data-input diff --git a/kubernetes/cps/components/cps-temporal/values.yaml b/kubernetes/cps/components/cps-temporal/values.yaml index 68bc2a7e8a..a92791e019 100644 --- a/kubernetes/cps/components/cps-temporal/values.yaml +++ b/kubernetes/cps/components/cps-temporal/values.yaml @@ -1,5 +1,6 @@ # ============LICENSE_START======================================================= # Copyright (c) 2021 Bell Canada. +# Modifications Copyright © 2022 Nordix Foundation # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -39,6 +40,13 @@ secrets: login: '{{ .Values.config.appUserName }}' password: '{{ .Values.config.appUserPassword }}' passwordPolicy: generate + - uid: cps-kafka-user + externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}' + type: genericKV + envs: + - name: sasl.jaas.config + value: '{{ .Values.config.someConfig }}' + policy: generate image: onap/cps-temporal:1.1.0 containerPort: &svc_port 8080 @@ -139,13 +147,23 @@ config: profile: helm #appUserPassword: - # Event consumption (kafka) properties - # All Kafka properties must be in "key: value" format instead of yaml. - eventConsumption: - spring.kafka.bootstrap-servers: message-router-kafka:9092 - spring.kafka.security.protocol: PLAINTEXT - spring.kafka.consumer.group-id: cps-temporal-group - app.listener.data-updated.topic: cps.data-updated-events +# Event consumption (kafka) properties + useStrimziKafka: true + kafkaBootstrap: strimzi-kafka-bootstrap + kafka: + consumer: + groupId: cps-temporal-group + app: + listener: + dataUpdatedTopic: cps.data-updated-events +# If targeting a custom kafka cluster, ie useStrimziKakfa: false +# uncomment below config and target your kafka bootstrap servers, +# along with any other security config. + +# eventConsumption: +# spring.kafka.bootstrap-servers: :9092 +# spring.kafka.security.protocol: PLAINTEXT +# spring.kafka.consumer.group-id: cps-temporal-group # Any new property can be added in the env by setting in overrides in the format mentioned below # All the added properties must be in "key: value" format instead of yaml. -- cgit 1.2.3-korg