2 # Modifications Copyright © 2018 AT&T
4 # Licensed under the Apache License, Version 2.0 (the "License");
5 # you may not use this file except in compliance with the License.
6 # You may obtain a copy of the License at
8 # http://www.apache.org/licenses/LICENSE-2.0
10 # Unless required by applicable law or agreed to in writing, software
11 # distributed under the License is distributed on an "AS IS" BASIS,
12 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 # See the License for the specific language governing permissions and
14 # limitations under the License.
20 name: {{ include "common.fullname" . }}
21 namespace: {{ include "common.namespace" . }}
23 app: {{ include "common.name" . }}
24 chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
25 release: {{ include "common.release" . }}
26 heritage: {{ .Release.Service }}
30 app: {{ include "common.name" . }}
31 serviceName: {{ .Values.service.name }}
32 replicas: {{ .Values.replicaCount }}
33 podManagementPolicy: Parallel
37 app: {{ include "common.name" . }}
38 release: {{ include "common.release" . }}
39 {{- if .Values.prometheus.jmx.enabled }}
41 prometheus.io/scrape: "true"
42 prometheus.io/port: {{ .Values.prometheus.jmx.port | quote }}
45 {{- if .Values.nodeAffinity }}
47 {{ toYaml .Values.nodeAffinity | indent 10 }}
50 - name: "{{ include "common.namespace" . }}-docker-registry-key"
56 - {{ .Values.zookeeper.name }}
62 fieldPath: metadata.namespace
63 image: {{ include "repositoryGenerator.image.readiness" . }}
64 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
65 name: {{ include "common.name" . }}-readiness
70 rm -rf '/var/lib/kafka/data/lost+found';
71 chown -R 1000:0 /var/lib/kafka/data;
72 image: {{ include "repositoryGenerator.image.busybox" . }}
73 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
75 - mountPath: /var/lib/kafka/data
77 name: {{ include "common.name" . }}-permission-fixer
82 - "cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/etc/kafka/secrets/jaas/${PFILE}; done"
85 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "zk-client" "key" "login") | indent 10 }}
87 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "zk-client" "key" "password") | indent 10 }}
89 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "kafka-admin" "key" "login") | indent 10 }}
91 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "kafka-admin" "key" "password") | indent 10 }}
93 - mountPath: /etc/kafka/secrets/jaas
95 - mountPath: /config-input
97 image: {{ include "repositoryGenerator.image.envsubst" . }}
98 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
99 name: {{ include "common.name" . }}-update-config
100 {{ include "common.certInitializer.initContainer" . | indent 6 | trim }}
102 {{- if .Values.prometheus.jmx.enabled }}
103 - name: prometheus-jmx-exporter
104 image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.prometheus.jmx.image }}:{{ .Values.prometheus.jmx.imageTag }}
105 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
108 - -XX:+UnlockExperimentalVMOptions
109 - -XX:+UseCGroupMemoryLimitForHeap
110 - -XX:MaxRAMFraction=1
113 - jmx_prometheus_httpserver.jar
114 - {{ .Values.prometheus.jmx.port | quote }}
115 - /etc/jmx-kafka/jmx-kafka-prometheus.yml
117 - containerPort: {{ .Values.prometheus.jmx.port }}
119 {{ toYaml .Values.prometheus.jmx.resources | indent 10 }}
122 mountPath: /etc/jmx-kafka
124 - name: {{ include "common.name" . }}
125 image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
126 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
131 export KAFKA_BROKER_ID=${HOSTNAME##*-} && \
132 {{- if .Values.global.aafEnabled }}
133 cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.final_cadi_files }} /etc/kafka/data/{{ .Values.certInitializer.final_cadi_files }} && \
134 export KAFKA_ADVERTISED_LISTENERS=EXTERNAL_SASL_PLAINTEXT://$(HOST_IP):$(( $KAFKA_BROKER_ID + {{ .Values.service.baseNodePort }} )),INTERNAL_SASL_PLAINTEXT://:{{ .Values.service.internalPort }} && \
136 export KAFKA_ADVERTISED_LISTENERS=EXTERNAL_PLAINTEXT://$(HOST_IP):$(( $KAFKA_BROKER_ID + {{ .Values.service.baseNodePort }} )),INTERNAL_PLAINTEXT://:{{ .Values.service.internalPort }} && \
138 exec /etc/confluent/docker/run
140 {{ include "common.resources" . | indent 12 }}
142 - containerPort: {{ .Values.service.internalPort }}
143 - containerPort: {{ .Values.service.externalPort }}
144 {{- if .Values.prometheus.jmx.enabled }}
145 - containerPort: {{ .Values.jmx.port }}
148 {{ if eq .Values.liveness.enabled true }}
151 port: {{ .Values.service.internalPort }}
152 initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
153 periodSeconds: {{ .Values.liveness.periodSeconds }}
154 timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
158 port: {{ .Values.service.internalPort }}
159 initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
160 periodSeconds: {{ .Values.readiness.periodSeconds }}
161 timeoutSeconds: {{ .Values.readiness.timeoutSeconds }}
167 fieldPath: status.hostIP
168 - name: KAFKA_ZOOKEEPER_CONNECT
169 value: "{{ include "common.kafkaNodes" (dict "dot" . "replicaCount" .Values.zookeeper.replicaCount "componentName" .Values.zookeeper.name "port" .Values.zookeeper.port ) }}"
170 - name: KAFKA_CONFLUENT_SUPPORT_METRICS_ENABLE
171 value: "{{ .Values.kafka.enableSupport }}"
172 {{- if .Values.global.aafEnabled }}
174 value: "{{ .Values.kafka.jaasOptionsAaf }}"
175 - name: aaf_locate_url
176 value: https://aaf-locate.{{ include "common.namespace" . }}:8095
177 - name: KAFKA_LISTENER_SECURITY_PROTOCOL_MAP
178 value: "{{ .Values.kafka.protocolMapAaf }}"
179 - name: KAFKA_LISTENERS
180 value: "{{ .Values.kafka.listenersAaf }}"
181 - name: KAFKA_SASL_ENABLED_MECHANISMS
182 value: "{{ .Values.kafka.saslMech }}"
183 - name: KAFKA_INTER_BROKER_LISTENER_NAME
184 value: "{{ .Values.kafka.interBrokerListernerAaf }}"
185 - name: KAFKA_SASL_MECHANISM_INTER_BROKER_PROTOCOL
186 value: "{{ .Values.kafka.saslInterBrokerProtocol }}"
187 - name: KAFKA_AUTHORIZER_CLASS_NAME
188 value: "{{ .Values.kafka.authorizer }}"
191 value: "{{ .Values.kafka.jaasOptions }}"
192 - name: KAFKA_LISTENER_SECURITY_PROTOCOL_MAP
193 value: "{{ .Values.kafka.protocolMap }}"
194 - name: KAFKA_LISTENERS
195 value: "{{ .Values.kafka.listeners }}"
196 - name: KAFKA_INTER_BROKER_LISTENER_NAME
197 value: "{{ .Values.kafka.interBrokerListerner }}"
199 {{- range $key, $value := .Values.configurationOverrides }}
200 - name: {{ printf "KAFKA_%s" $key | replace "." "_" | upper | quote }}
201 value: {{ $value | quote }}
203 {{- if .Values.jmx.port }}
204 - name: KAFKA_JMX_PORT
205 value: "{{ .Values.jmx.port }}"
208 value: "{{ .Values.global.aafEnabled }}"
209 volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }}
210 - mountPath: /etc/localtime
213 - mountPath: /var/run/docker.sock
216 mountPath: /etc/kafka/secrets/jaas
217 - mountPath: /var/lib/kafka/data
219 {{- if .Values.tolerations }}
221 {{ toYaml .Values.tolerations | indent 10 }}
223 serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
224 volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
231 - name: docker-socket
233 path: /var/run/docker.sock
236 name: {{ include "common.fullname" . }}-jaas-configmap
237 {{- if .Values.prometheus.jmx.enabled }}
240 name: {{ include "common.fullname" . }}-prometheus-configmap
242 {{ if not .Values.persistence.enabled }}
246 volumeClaimTemplates:
250 app: {{ include "common.fullname" . }}
251 chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
252 release: "{{ include "common.release" . }}"
253 heritage: "{{ .Release.Service }}"
256 - {{ .Values.persistence.accessMode | quote }}
257 storageClassName: {{ include "common.storageClass" . }}
260 storage: {{ .Values.persistence.size | quote }}