X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fstrimzi%2Ftemplates%2Fstrimzi-kafka.yaml;h=aee4696fe0abf8ba81a7e0cf1b60a6fcd075de6c;hb=refs%2Fheads%2Fmaster;hp=b35485f11c39cdecc4c3aef35cdfdd02f477e6bb;hpb=d51b5408da62e418132803b5738d0e1755654ba8;p=oom.git diff --git a/kubernetes/strimzi/templates/strimzi-kafka.yaml b/kubernetes/strimzi/templates/strimzi-kafka.yaml index b35485f11c..630d6c8109 100644 --- a/kubernetes/strimzi/templates/strimzi-kafka.yaml +++ b/kubernetes/strimzi/templates/strimzi-kafka.yaml @@ -1,5 +1,6 @@ {{/* # Copyright © 2022 Nordix Foundation +# Modifications Copyright © 2025 Deutsche Telekom # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,12 +15,112 @@ # limitations under the License. */}} apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaNodePool +metadata: + name: {{ include "common.fullname" . }}-controller + labels: + strimzi.io/cluster: {{ include "common.fullname" . }} +spec: + replicas: {{ .Values.replicaCount }} + roles: + - controller + resources: + limits: + cpu: {{ .Values.controller.resources.limits.cpu }} + memory: {{ .Values.controller.resources.limits.memory }} + requests: + cpu: {{ .Values.controller.resources.requests.cpu }} + memory: {{ .Values.controller.resources.requests.memory }} + template: + pod: + {{- include "common.imagePullSecrets" . | nindent 6 }} + securityContext: + {{- toYaml .Values.controller.template.pod.securityContext | nindent 8 }} + {{- if .Values.affinity.podAntiAffinity.enabled }} + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: strimzi.io/name + operator: In + values: + - {{ include "common.fullname" . }}-controller + topologyKey: "kubernetes.io/hostname" + {{- end }} + kafkaContainer: + securityContext: + {{- toYaml .Values.controller.template.kafkaContainer.securityContext | nindent 10 }} + storage: + type: jbod + volumes: + - id: 0 + type: persistent-claim + size: {{ .Values.persistence.controller.size }} + kraftMetadata: shared + deleteClaim: true + class: {{ include "common.storageClass" (dict "dot" . "suffix" "controller" "persistenceInfos" .Values.persistence.controller) }} +--- +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaNodePool +metadata: + name: {{ include "common.fullname" . }}-broker + labels: + strimzi.io/cluster: {{ include "common.fullname" . }} +spec: + replicas: {{ .Values.replicaCount }} + roles: + - broker + resources: + limits: + cpu: {{ .Values.broker.resources.limits.cpu }} + memory: {{ .Values.broker.resources.limits.memory }} + requests: + cpu: {{ .Values.broker.resources.requests.cpu }} + memory: {{ .Values.broker.resources.requests.memory }} + template: + pod: + {{- include "common.imagePullSecrets" . | nindent 6 }} + securityContext: + {{- toYaml .Values.broker.template.pod.securityContext | nindent 8 }} + {{- if .Values.affinity.podAntiAffinity.enabled }} + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: strimzi.io/name + operator: In + values: + - {{ include "common.fullname" . }}-broker + topologyKey: "kubernetes.io/hostname" + {{- end }} + kafkaContainer: + securityContext: + {{- toYaml .Values.broker.template.kafkaContainer.securityContext | nindent 8 }} + storage: + type: jbod + volumes: + - id: 0 + type: persistent-claim + size: {{ .Values.persistence.broker.size }} + kraftMetadata: shared + deleteClaim: true + class: {{ include "common.storageClass" (dict "dot" . "suffix" "kafka" "persistenceInfos" .Values.persistence.broker) }} +--- +apiVersion: kafka.strimzi.io/v1beta2 kind: Kafka -metadata: {{- include "common.resourceMetadata" . | nindent 2 }} +metadata: + name: {{ include "common.fullname" . }} + annotations: + strimzi.io/node-pools: enabled + strimzi.io/kraft: enabled spec: kafka: version: {{ .Values.config.kafkaVersion }} - replicas: {{ .Values.replicaCount }} + {{- if .Values.config.kafkaMetadataVersion }} + metadataVersion: {{ .Values.config.kafkaMetadataVersion }} + {{- end }} listeners: - name: plain port: {{ .Values.config.kafkaInternalPort }} @@ -35,29 +136,38 @@ spec: type: tls - name: external port: 9094 - type: nodeport - tls: true + type: {{ if (include "common.ingressEnabled" .) }}cluster-ip{{ else }}nodeport{{ end }} + tls: {{ if (include "common.ingressEnabled" .) }}false{{ else }}true{{ end }} authentication: - type: tls + type: {{ if (include "common.ingressEnabled" .) }}{{ .Values.config.saslMechanism }}{{ else }}tls{{ end }} configuration: + {{- if not (include "common.ingressEnabled" .) }} bootstrap: nodePort: {{ .Values.global.nodePortPrefixExt }}93 + {{- end }} brokers: - broker: 0 + advertisedHost: {{ .Values.config.advertisedHost }} + advertisedPort: {{ .Values.config.advertizedPortBroker0 }} + {{- if not (include "common.ingressEnabled" .) }} nodePort: {{ .Values.global.nodePortPrefixExt }}90 + {{- end }} - broker: 1 + advertisedHost: {{ .Values.config.advertisedHost }} + advertisedPort: {{ .Values.config.advertizedPortBroker1 }} + {{- if not (include "common.ingressEnabled" .) }} nodePort: {{ .Values.global.nodePortPrefixExt }}91 + {{- end }} - broker: 2 + advertisedHost: {{ .Values.config.advertisedHost }} + advertisedPort: {{ .Values.config.advertizedPortBroker2 }} + {{- if not (include "common.ingressEnabled" .) }} nodePort: {{ .Values.global.nodePortPrefixExt }}92 + {{- end }} authorization: type: {{ .Values.config.authType }} superUsers: - {{ .Values.config.strimziKafkaAdminUser }} - template: - pod: - securityContext: - runAsUser: 0 - fsGroup: 0 config: default.replication.factor: {{ .Values.replicaCount }} min.insync.replicas: {{ (eq 1.0 (.Values.replicaCount)) | ternary 1 (sub .Values.replicaCount 1) }} @@ -67,33 +177,92 @@ spec: transaction.state.log.min.isr: {{ (eq 1.0 (.Values.replicaCount)) | ternary 1 (sub .Values.replicaCount 1) }} log.message.format.version: {{ .Values.config.kafkaVersion }} inter.broker.protocol.version: {{ .Values.config.kafkaVersion }} - storage: - type: jbod - volumes: - - id: 0 - type: persistent-claim - size: {{ .Values.persistence.kafka.size }} - deleteClaim: true - class: {{ include "common.storageClass" (dict "dot" . "suffix" "kafka" "persistenceInfos" .Values.persistence.kafka) }} - zookeeper: + auto.create.topics.enable: {{ .Values.config.autoCreateTopics }} + {{- if .Values.metrics.kafkaExporter.enabled }} + metricsConfig: + type: {{ .Values.metrics.kafkaExporter.metricsConfig.type }} + valueFrom: + configMapKeyRef: + name: {{ include "common.fullname" . }} + key: kafka-metrics-config.yml + {{- end }} + entityOperator: template: pod: + {{- include "common.imagePullSecrets" . | nindent 8 }} securityContext: - runAsUser: 0 - fsGroup: 0 - replicas: {{ .Values.replicaCount }} - config: - ssl.hostnameVerification: false - ssl.quorum.hostnameVerification: false - {{- if (include "common.onServiceMesh" .) }} - sslQuorum: false - {{- end }} - storage: - type: persistent-claim - size: {{ .Values.persistence.zookeeper.size }} - deleteClaim: true - class: {{ include "common.storageClass" (dict "dot" . "suffix" "zk" "persistenceInfos" .Values.persistence.zookeeper) }} - entityOperator: - topicOperator: {} - userOperator: {} - + {{- toYaml .Values.entityOperator.template.pod.securityContext | nindent 10 }} + topicOperatorContainer: + securityContext: + {{- toYaml .Values.entityOperator.template.topicOperatorContainer.securityContext | nindent 10 }} + userOperatorContainer: + securityContext: + {{- toYaml .Values.entityOperator.template.userOperatorContainer.securityContext | nindent 10 }} + topicOperator: + resources: + limits: + cpu: {{ .Values.entityOperator.template.topicOperator.resources.limits.cpu }} + memory: {{ .Values.entityOperator.template.topicOperator.resources.limits.memory }} + requests: + cpu: {{ .Values.entityOperator.template.topicOperator.resources.requests.cpu }} + memory: {{ .Values.entityOperator.template.topicOperator.resources.requests.memory }} + userOperator: + resources: + limits: + cpu: {{ .Values.entityOperator.template.userOperator.resources.limits.cpu }} + memory: {{ .Values.entityOperator.template.userOperator.resources.limits.memory }} + requests: + cpu: {{ .Values.entityOperator.template.userOperator.resources.requests.cpu }} + memory: {{ .Values.entityOperator.template.userOperator.resources.requests.memory }} + {{- if .Values.cruiseControl.enabled }} + cruiseControl: + template: + pod: + {{- include "common.imagePullSecrets" . | nindent 8 }} + securityContext: + {{- toYaml .Values.cruiseControl.template.pod.securityContext | nindent 10 }} + cruiseControlContainer: + securityContext: + {{- toYaml .Values.cruiseControl.template.cruiseControlContainer.securityContext | nindent 10 }} + metricsConfig: + type: {{ .Values.cruiseControl.metricsConfig.type }} + valueFrom: + configMapKeyRef: + name: {{ include "common.fullname" . }} + key: cruisecontrol-metrics-config.yml + resources: + limits: + cpu: {{ .Values.cruiseControl.template.resources.limits.cpu }} + memory: {{ .Values.cruiseControl.template.resources.limits.memory }} + requests: + cpu: {{ .Values.cruiseControl.template.resources.requests.cpu }} + memory: {{ .Values.cruiseControl.template.resources.requests.memory }} + {{- end }} + {{- if .Values.metrics.kafkaExporter.enabled }} + kafkaExporter: + template: + pod: + {{- include "common.imagePullSecrets" . | nindent 8 }} + securityContext: + {{- toYaml .Values.cruiseControl.template.pod.securityContext | nindent 10 }} + container: + securityContext: + {{- toYaml .Values.kafkaExporter.template.container.securityContext | nindent 10 }} + topicRegex: {{ .Values.metrics.kafkaExporter.topicRegex }} + groupRegex: {{ .Values.metrics.kafkaExporter.groupRegex }} + resources: + requests: + cpu: {{ .Values.metrics.kafkaExporter.resources.requests.cpu }} + memory: {{ .Values.metrics.kafkaExporter.resources.requests.memory }} + limits: + cpu: {{ .Values.metrics.kafkaExporter.resources.limits.cpu }} + memory: {{ .Values.metrics.kafkaExporter.resources.limits.memory }} + logging: {{ .Values.metrics.kafkaExporter.logging }} + enableSaramaLogging: {{ .Values.metrics.kafkaExporter.enableSaramaLogging }} + readinessProbe: + initialDelaySeconds: {{ .Values.metrics.kafkaExporter.readinessProbe.initialDelaySeconds }} + timeoutSeconds: {{ .Values.metrics.kafkaExporter.readinessProbe.timeoutSeconds }} + livenessProbe: + initialDelaySeconds: {{ .Values.metrics.kafkaExporter.livenessProbe.initialDelaySeconds }} + timeoutSeconds: {{ .Values.metrics.kafkaExporter.livenessProbe.timeoutSeconds }} + {{- end }}