X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fdmaap%2Fcomponents%2Fmessage-router%2Fcharts%2Fmessage-router-kafka%2Ftemplates%2Fstatefulset.yaml;h=e08c78a58272a14f93ff89edbf11c403623621f4;hb=b1ee058f941a9c9ff27467054d98b8a56c988797;hp=30e4c77576c468ee1faeab02345b0230b50de6a0;hpb=069a2274c2c108c201872e612a4dad22be397c98;p=oom.git diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml index 30e4c77576..e08c78a582 100644 --- a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml @@ -1,4 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada +{{/* # Modifications Copyright © 2018 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -12,8 +12,9 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} -apiVersion: apps/v1beta1 +apiVersion: apps/v1 kind: StatefulSet metadata: name: {{ include "common.fullname" . }} @@ -24,6 +25,9 @@ metadata: release: {{ include "common.release" . }} heritage: {{ .Release.Service }} spec: + selector: + matchLabels: + app: {{ include "common.name" . }} serviceName: {{ .Values.service.name }} replicas: {{ .Values.replicaCount }} podManagementPolicy: Parallel @@ -32,32 +36,24 @@ spec: labels: app: {{ include "common.name" . }} release: {{ include "common.release" . }} + {{- if .Values.prometheus.jmx.enabled }} + annotations: + prometheus.io/scrape: "true" + prometheus.io/port: {{ .Values.prometheus.jmx.port | quote }} + {{- end }} spec: - podAntiAffinity: - {{if eq .Values.podAntiAffinityType "hard" -}} - requiredDuringSchedulingIgnoredDuringExecution: - {{- else -}} - preferredDuringSchedulingIgnoredDuringExecution: - {{- end}} - - weight: 1 - podAffinityTerm: - labelSelector: - matchExpressions: - - key: "app" - operator: In - values: - - {{ include "common.name" . }} - topologyKey: "kubernetes.io/hostname" {{- if .Values.nodeAffinity }} nodeAffinity: - {{ toYaml .Values.nodeAffinity | indent 10 }} + {{ toYaml .Values.nodeAffinity | indent 10 }} {{- end }} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" initContainers: - name: {{ include "common.name" . }}-initcontainer image: "{{ .Values.global.ubuntuInitRepository }}/{{ .Values.ubuntuInitImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: - - /root/ready.py + - /app/ready.py args: - --container-name - {{ .Values.zookeeper.name }} @@ -67,30 +63,66 @@ spec: fieldRef: apiVersion: v1 fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-readiness - command: - sh - -exec - | - chown -R 1000:1000 /opt/kafka/data; - cp /opt/kafka/tmpconfig/server.properties /opt/kafka/config/; - chown 1000:1000 /opt/kafka/config/server.properties; - cd /opt/kafka/config; - ls; + rm -rf '/var/lib/kafka/data/lost+found'; + chown -R 1000:0 /var/lib/kafka/data; image: "{{ .Values.busyBoxRepository }}/{{ .Values.busyBoxImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - - mountPath: /opt/kafka/data + - mountPath: /var/lib/kafka/data name: kafka-data - - mountPath: /opt/kafka/tmpconfig/server.properties - subPath: server.properties - name: server - - mountPath: /opt/kafka/config - name: config-data name: {{ include "common.name" . }}-permission-fixer + - command: + - sh + args: + - -c + - "cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/etc/kafka/secrets/jaas/${PFILE}; done" + env: + - name: ZK_ADMIN + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "zk-client" "key" "login") | indent 10 }} + - name: ZK_PSWD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "zk-client" "key" "password") | indent 10 }} + - name: KAFKA_ADMIN + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "kafka-admin" "key" "login") | indent 10 }} + - name: KAFKA_PSWD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "kafka-admin" "key" "password") | indent 10 }} + volumeMounts: + - mountPath: /etc/kafka/secrets/jaas + name: jaas-config + - mountPath: /config-input + name: jaas + image: "{{ .Values.global.envsubstImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-update-config containers: + {{- if .Values.prometheus.jmx.enabled }} + - name: prometheus-jmx-exporter + image: "{{ .Values.prometheus.jmx.imageRepository }}/{{ .Values.prometheus.jmx.image }}:{{ .Values.prometheus.jmx.imageTag }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - java + - -XX:+UnlockExperimentalVMOptions + - -XX:+UseCGroupMemoryLimitForHeap + - -XX:MaxRAMFraction=1 + - -XshowSettings:vm + - -jar + - jmx_prometheus_httpserver.jar + - {{ .Values.prometheus.jmx.port | quote }} + - /etc/jmx-kafka/jmx-kafka-prometheus.yml + ports: + - containerPort: {{ .Values.prometheus.jmx.port }} + resources: +{{ toYaml .Values.prometheus.jmx.resources | indent 10 }} + volumeMounts: + - name: jmx-config + mountPath: /etc/jmx-kafka + {{- end }} - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} @@ -99,14 +131,21 @@ spec: - -exc - | export KAFKA_BROKER_ID=${HOSTNAME##*-} && \ - export ENDPOINT_PORT=$(( $KAFKA_BROKER_ID + {{ .Values.service.baseNodePort }} )) && \ + {{- if .Values.global.aafEnabled }} export KAFKA_ADVERTISED_LISTENERS=EXTERNAL_SASL_PLAINTEXT://$(HOST_IP):$(( $KAFKA_BROKER_ID + {{ .Values.service.baseNodePort }} )),INTERNAL_SASL_PLAINTEXT://:{{ .Values.service.internalPort }} && \ - exec start-kafka.sh + {{ else }} + export KAFKA_ADVERTISED_LISTENERS=EXTERNAL_PLAINTEXT://$(HOST_IP):$(( $KAFKA_BROKER_ID + {{ .Values.service.baseNodePort }} )),INTERNAL_PLAINTEXT://:{{ .Values.service.internalPort }} && \ + {{- end }} + exec /etc/confluent/docker/run resources: {{ include "common.resources" . | indent 12 }} ports: - containerPort: {{ .Values.service.internalPort }} - containerPort: {{ .Values.service.externalPort }} + {{- if .Values.prometheus.jmx.enabled }} + - containerPort: {{ .Values.jmx.port }} + name: jmx + {{- end }} {{ if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: @@ -127,28 +166,63 @@ spec: fieldRef: apiVersion: v1 fieldPath: status.hostIP + - name: KAFKA_ZOOKEEPER_CONNECT + value: {{ include "common.release" . }}-{{.Values.zookeeper.name}}-0.{{.Values.zookeeper.name}}.{{.Release.Namespace}}.svc.cluster.local:{{.Values.zookeeper.port}},{{ include "common.release" . }}-{{.Values.zookeeper.name}}-1.{{.Values.zookeeper.name}}.{{.Release.Namespace}}.svc.cluster.local:{{.Values.zookeeper.port}},{{ include "common.release" . }}-{{.Values.zookeeper.name}}-2.{{.Values.zookeeper.name}}.{{.Release.Namespace}}.svc.cluster.local:{{.Values.zookeeper.port}} + - name: KAFKA_CONFLUENT_SUPPORT_METRICS_ENABLE + value: "{{ .Values.kafka.enableSupport }}" + - name: KAFKA_OPTS + value: "{{ .Values.kafka.jaasOptions }}" + {{- if .Values.global.aafEnabled }} + - name: KAFKA_OPTS + value: "{{ .Values.kafka.jaasOptionsAaf }}" - name: aaf_locate_url value: https://aaf-locate.{{ include "common.namespace" . }}:8095 - + - name: KAFKA_LISTENER_SECURITY_PROTOCOL_MAP + value: "{{ .Values.kafka.protocolMapAaf }}" + - name: KAFKA_LISTENERS + value: "{{ .Values.kafka.listenersAaf }}" + - name: KAFKA_SASL_ENABLED_MECHANISMS + value: "{{ .Values.kafka.saslMech }}" + - name: KAFKA_INTER_BROKER_LISTENER_NAME + value: "{{ .Values.kafka.interBrokerListernerAaf }}" + - name: KAFKA_SASL_MECHANISM_INTER_BROKER_PROTOCOL + value: "{{ .Values.kafka.saslInterBrokerProtocol }}" + - name: KAFKA_AUTHORIZER_CLASS_NAME + value: "{{ .Values.kafka.authorizer }}" + {{ else }} + - name: KAFKA_OPTS + value: "{{ .Values.kafka.jaasOptions }}" + - name: KAFKA_LISTENER_SECURITY_PROTOCOL_MAP + value: "{{ .Values.kafka.protocolMap }}" + - name: KAFKA_LISTENERS + value: "{{ .Values.kafka.listeners }}" + - name: KAFKA_INTER_BROKER_LISTENER_NAME + value: "{{ .Values.kafka.interBrokerListerner }}" + {{- end }} + {{- range $key, $value := .Values.configurationOverrides }} + - name: {{ printf "KAFKA_%s" $key | replace "." "_" | upper | quote }} + value: {{ $value | quote }} + {{- end }} + {{- if .Values.jmx.port }} + - name: KAFKA_JMX_PORT + value: "{{ .Values.jmx.port }}" + {{- end }} + - name: enableCadi + value: "{{ .Values.global.aafEnabled }}" volumeMounts: - mountPath: /etc/localtime name: localtime readOnly: true - mountPath: /var/run/docker.sock name: docker-socket - - mountPath: /opt/kafka/tmpconfig/server.properties - subPath: server.properties - name: server - - mountPath: /opt/kafka/config/server.properties - subPath: server.properties - name: config-data - - mountPath: /opt/kafka/config/log4j.properties - subPath: log4j.properties - name: log4j - - mountPath: /opt/kafka/config/cadi.properties + {{- if .Values.global.aafEnabled }} + - mountPath: /etc/kafka/data/cadi.properties subPath: cadi.properties name: cadi - - mountPath: /opt/kafka/data + {{ end }} + - name: jaas-config + mountPath: /etc/kafka/secrets/jaas + - mountPath: /var/lib/kafka/data name: kafka-data {{- if .Values.tolerations }} tolerations: @@ -158,20 +232,25 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: config-data - emptyDir: {} + - name: jaas-config + emptyDir: + medium: Memory - name: docker-socket hostPath: path: /var/run/docker.sock - - name: server - configMap: - name: {{ include "common.fullname" . }}-server-prop-configmap - - name: log4j - configMap: - name: {{ include "common.fullname" . }}-log4j-prop-configmap + {{- if .Values.global.aafEnabled }} - name: cadi configMap: name: {{ include "common.fullname" . }}-cadi-prop-configmap + {{ end }} + - name: jaas + configMap: + name: {{ include "common.fullname" . }}-jaas-configmap + {{- if .Values.prometheus.jmx.enabled }} + - name: jmx-config + configMap: + name: {{ include "common.fullname" . }}-prometheus-configmap + {{- end }} {{ if not .Values.persistence.enabled }} - name: kafka-data emptyDir: {} @@ -192,5 +271,3 @@ spec: requests: storage: {{ .Values.persistence.size | quote }} {{ end }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key"