login: '{{ .Values.db.adminName }}'
password: '{{ .Values.db.adminPassword }}'
passwordPolicy: required
- - uid: so-sdc-kafka-secret
- externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}'
- type: genericKV
- envs:
- - name: sasl.jaas.config
- value: '{{ .Values.config.someConfig }}'
- policy: generate
#secretsFilePaths: |
# - 'my file 1'
asdc-connections:
asdc-controller1:
password: 76966BDD3C7414A03F7037264FF2E6C8EEC6C28F2B67F2840A1ED857C0260FEE731D73F47F828E5527125D29FD25D3E0DE39EE44C058906BF1657DE77BF897EECA93BDC07FA64F
-config:
- someConfig: blah
- kafka:
- securityProtocol: SASL_PLAINTEXT
- saslMechanism: SCRAM-SHA-512
- authType: simple
- sdcTopic:
- pattern: SDC-DIST
- consumerGroup: so
- clientId: SO-sdc-controller
replicaCount: 1
minReadySeconds: 10
containerPort: &containerPort 8085
logPath: ./logs/sdc/
app: sdc-controller
+
service:
type: ClusterIP
ports:
- name: http
port: *containerPort
+
updateStrategy:
type: RollingUpdate
maxUnavailable: 1
memory: 2Gi
cpu: 1000m
unlimited: {}
+
livenessProbe:
path: /manage/health
port: 8085
timeoutSeconds: 10
successThreshold: 1
failureThreshold: 3
+
ingress:
enabled: false
+
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals:
+ - serviceAccount: robot-read
+ - serviceAccount: so-read
+
nodeSelector: {}
tolerations: []
affinity: {}
+# Strimzi KafkaUser config
+kafkaUser:
+ acls:
+ - name: SO
+ type: group
+ operations: [Read]
+ - name: SDC-DISTR
+ type: topic
+ patternType: prefix
+ operations: [Read, Write]
+
#Pods Service Account
serviceAccount:
nameOverride: so-sdc-controller
Code Review / oom.git / blobdiff