{{/* # Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2018 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. */}} apiVersion: apps/v1 kind: StatefulSet metadata: name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ include "common.release" . }} heritage: {{ .Release.Service }} spec: selector: matchLabels: app: {{ include "common.name" . }} serviceName: {{ .Values.service.name }} replicas: {{ .Values.replicaCount }} updateStrategy: type: RollingUpdate rollingUpdate: maxUnavailable: {{ .Values.maxUnavailable }} podManagementPolicy: Parallel template: metadata: labels: app: {{ include "common.name" . }} release: {{ include "common.release" . }} {{- if .Values.prometheus.jmx.enabled }} annotations: prometheus.io/scrape: "true" prometheus.io/port: {{ .Values.prometheus.jmx.port | quote }} {{- end }} spec: {{- if .Values.nodeAffinity }} nodeAffinity: {{ toYaml .Values.nodeAffinity | indent 10 }} {{- end }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" initContainers: - name: {{ include "common.name" . }}-permission-fixer command: - sh - -exec - > chown -R 1000:0 /tmp/zookeeper/apikeys; image: {{ include "repositoryGenerator.image.busybox" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - mountPath: /tmp/zookeeper/apikeys name: zookeeper-data - command: - sh args: - -c - "cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/etc/zookeeper/secrets/jaas/${PFILE}; done" env: - name: ZK_ADMIN {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "zk-admin" "key" "login") | indent 10 }} - name: ZK_PSWD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "zk-admin" "key" "password") | indent 10 }} volumeMounts: - mountPath: /etc/zookeeper/secrets/jaas name: jaas-config - mountPath: /config-input name: jaas image: {{ include "repositoryGenerator.image.envsubst" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-update-config containers: {{- if .Values.prometheus.jmx.enabled }} - name: prometheus-jmx-exporter image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.prometheus.jmx.image }}:{{ .Values.prometheus.jmx.imageTag }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: - java - -XX:+UnlockExperimentalVMOptions - -XX:+UseCGroupMemoryLimitForHeap - -XX:MaxRAMFraction=1 - -XshowSettings:vm - -jar - jmx_prometheus_httpserver.jar - {{ .Values.prometheus.jmx.port | quote }} - /etc/jmx-zookeeper/jmx-zookeeper-prometheus.yml ports: - containerPort: {{ .Values.prometheus.jmx.port }} resources: {{ toYaml .Values.prometheus.jmx.resources | indent 10 }} volumeMounts: - name: jmx-config mountPath: /etc/jmx-zookeeper {{- end }} - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} resources: {{ include "common.resources" . | indent 12 }} ports: - containerPort: {{ .Values.service.clientPort }} name: {{ .Values.service.clientPortName }} - containerPort: {{ .Values.service.serverPort }} name: {{ .Values.service.serverPortName }} - containerPort: {{ .Values.service.leaderElectionPort }} name: {{ .Values.service.leaderElectionPortName }} {{- if .Values.prometheus.jmx.enabled }} - containerPort: {{ .Values.jmx.port }} name: jmx {{- end }} {{ if eq .Values.liveness.enabled true }} livenessProbe: exec: command: ['/bin/bash', '-c', 'echo "ruok" | nc -w 2 -q 2 localhost 2181 | grep imok'] initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} {{ end }} readinessProbe: exec: command: ['/bin/bash', '-c', 'echo "ruok" | nc -w 2 -q 2 localhost 2181 | grep imok'] initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} resources: {{ include "common.resources" . | indent 10 }} env: - name : KAFKA_HEAP_OPTS value: "{{ .Values.zkConfig.heapOptions }}" {{- if .Values.jmx.port }} - name : KAFKA_JMX_PORT value: "{{ .Values.jmx.port }}" {{- end }} - name : ZOOKEEPER_REPLICAS value: "{{ .Values.replicaCount }}" - name : ZOOKEEPER_TICK_TIME value: "{{ .Values.zkConfig.tickTime }}" - name : ZOOKEEPER_SYNC_LIMIT value: "{{ .Values.zkConfig.syncLimit }}" - name : ZOOKEEPER_INIT_LIMIT value: "{{ .Values.zkConfig.initLimit }}" - name : ZOOKEEPER_MAX_CLIENT_CNXNS value: "{{ .Values.zkConfig.maxClientCnxns }}" - name : ZOOKEEPER_AUTOPURGE_SNAP_RETAIN_COUNT value: "{{ .Values.zkConfig.autoPurgeSnapRetainCount}}" - name : ZOOKEEPER_AUTOPURGE_PURGE_INTERVAL value: "{{ .Values.zkConfig.autoPurgePurgeInterval}}" - name: ZOOKEEPER_CLIENT_PORT value: "{{ .Values.zkConfig.clientPort }}" - name: KAFKA_OPTS value: "{{ .Values.zkConfig.kafkaOpts }}" - name: ZOOKEEPER_QUORUM_LISTEN_ON_ALL_IPS value: "true" - name: ZOOKEEPER_SERVER_ID valueFrom: fieldRef: fieldPath: metadata.name command: - "bash" - "-c" - | ZOOKEEPER_SERVER_ID=$((${HOSTNAME##*-}+1)) \ /etc/confluent/docker/run volumeMounts: - mountPath: /etc/localtime name: localtime readOnly: true - mountPath: /var/lib/zookeeper/data name: zookeeper-data - name: jaas-config mountPath: /etc/zookeeper/secrets/jaas {{- if .Values.tolerations }} tolerations: {{ toYaml .Values.tolerations | indent 10 }} {{- end }} serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: - name: localtime hostPath: path: /etc/localtime - name: jaas-config emptyDir: medium: Memory - name: docker-socket hostPath: path: /var/run/docker.sock - name: jaas configMap: name: {{ include "common.fullname" . }}-jaas-configmap {{- if .Values.prometheus.jmx.enabled }} - name: jmx-config configMap: name: {{ include "common.fullname" . }}-prometheus-configmap {{- end }} {{ if not .Values.persistence.enabled }} - name: zookeeper-data emptyDir: {} {{ else }} volumeClaimTemplates: - metadata: name: zookeeper-data labels: app: {{ include "common.fullname" . }} chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ include "common.release" . }}" heritage: "{{ .Release.Service }}" spec: accessModes: - {{ .Values.persistence.accessMode | quote }} storageClassName: {{ include "common.storageClass" . }} resources: requests: storage: {{ .Values.persistence.size | quote }} {{ end }}