asdc-connections:
asdc-controller1:
user: mso
- consumerGroup: {{ .Values.config.kafka.sdcTopic.consumerGroup }}
- consumerId: {{ .Values.config.kafka.sdcTopic.clientId }}
+ {{ with (first .Values.kafkaUser.acls) }}
+ consumerId: {{ .name }}-sdc-controller
+ consumerGroup: {{ .name }}
+ {{ end }}
environmentName: AUTO
sdcAddress: sdc-be.{{ include "common.namespace" . }}:8080
password: {{ index .Values "mso" "asdc-connections" "asdc-controller1" "password" }}
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "login") | indent 10 }}
- name: DB_ADMIN_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "password") | indent 10 }}
- - name: SECURITY_PROTOCOL
- value: {{ .Values.config.kafka.securityProtocol }}
- - name: SASL_MECHANISM
- value: {{ .Values.config.kafka.saslMechanism }}
- name: SASL_JAAS_CONFIG
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-sdc-kafka-secret" "key" "sasl.jaas.config") | indent 10 }}
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "common.name" . }}-ku
+ key: sasl.jaas.config
envFrom:
- configMapRef:
name: {{ include "common.fullname" . }}-configmap
--- /dev/null
+{{/*
+# Copyright © 2023 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+{{ include "common.kafkauser" . }}
+++ /dev/null
-{{/*
-# Copyright © 2022 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-apiVersion: kafka.strimzi.io/v1beta2
-kind: KafkaUser
-metadata:
- name: {{ include "common.release" . }}-{{ .Values.global.soSdcListenerKafkaUser }}
- labels:
- strimzi.io/cluster: {{ include "common.release" . }}-strimzi
-spec:
- authentication:
- type: {{ .Values.config.kafka.saslMechanism | lower }}
- authorization:
- type: {{ .Values.config.kafka.authType }}
- acls:
- - resource:
- type: group
- name: {{ .Values.config.kafka.sdcTopic.consumerGroup }}
- operation: All
- - resource:
- type: topic
- patternType: prefix
- name: {{ .Values.config.kafka.sdcTopic.pattern }}
- operation: All
login: '{{ .Values.db.adminName }}'
password: '{{ .Values.db.adminPassword }}'
passwordPolicy: required
- - uid: so-sdc-kafka-secret
- externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}'
- type: genericKV
- envs:
- - name: sasl.jaas.config
- value: '{{ .Values.config.someConfig }}'
- policy: generate
#secretsFilePaths: |
# - 'my file 1'
asdc-connections:
asdc-controller1:
password: 76966BDD3C7414A03F7037264FF2E6C8EEC6C28F2B67F2840A1ED857C0260FEE731D73F47F828E5527125D29FD25D3E0DE39EE44C058906BF1657DE77BF897EECA93BDC07FA64F
-config:
- someConfig: blah
- kafka:
- securityProtocol: SASL_PLAINTEXT
- saslMechanism: SCRAM-SHA-512
- authType: simple
- sdcTopic:
- pattern: SDC-DIST
- consumerGroup: so
- clientId: SO-sdc-controller
replicaCount: 1
minReadySeconds: 10
containerPort: &containerPort 8085
logPath: ./logs/sdc/
app: sdc-controller
+
service:
type: ClusterIP
ports:
- name: http
port: *containerPort
+
updateStrategy:
type: RollingUpdate
maxUnavailable: 1
memory: 2Gi
cpu: 1000m
unlimited: {}
+
livenessProbe:
path: /manage/health
port: 8085
timeoutSeconds: 10
successThreshold: 1
failureThreshold: 3
+
ingress:
enabled: false
+
nodeSelector: {}
tolerations: []
affinity: {}
+# Strimzi KafkaUser config
+kafkaUser:
+ acls:
+ - name: SO
+ type: group
+ operations: [Read]
+ - name: SDC-DISTR
+ type: topic
+ patternType: prefix
+ operations: [Read, Write]
+
#Pods Service Account
serviceAccount:
nameOverride: so-sdc-controller
auth: 3EDC974C5CD7FE54C47C7490AF4D3B474CDD7D0FFA35A7ACDE3E209631E45F428976EAC0858874F17390A13149E63C90281DD8D20456
defaultCloudOwner: onap
- soSdcListenerKafkaUser: so-sdc-list-user
-
readinessCheck:
wait_for:
jobs:
db:
<<: *dbSecrets
logConfigMapNamePrefix: '{{ include "common.release" . }}-so'
- config:
- jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.soSdcListenerKafkaUser }}'
so-sdnc-adapter:
enabled: true
Code Review / oom.git / commitdiff