Home Explore Help
Sign In
cecf
/
deploy
5
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: e4538f3d9b
Branches Tags
deploy
/
bak_kafka
/
templates
/
statefulset.yaml

statefulset.yaml 9.2 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221 
  1. apiVersion: apps/v1
    2. 

  2. kind: StatefulSet
    3. 

  3. metadata:
    4. 

  4.   name: {{ include "kafka.fullname" . }}
    5. 

  5.   labels:
    6. 

  6.     {{- include "kafka.labels" . | nindent 4 }}
    7. 

  7. spec:
    8. 

  8.   selector:
    9. 

  9.     matchLabels:
    10. 

  10.       {{- include "kafka.selectorLabels" . | nindent 6 }}
    11. 

  11.   serviceName: {{ include "kafka.fullname" . }}-headless
    12. 

  12.   replicas: {{ .Values.replicaCount }}
    13. 

  13.   updateStrategy:
    14. 

  14.     type: RollingUpdate
    15. 

  15.   podManagementPolicy: Parallel
    16. 

  16.   template:
    17. 

  17.     metadata:
    18. 

  18.       labels:
    19. 

  19.         {{- include "kafka.selectorLabels" . | nindent 8 }}
    20. 

  20.     spec:
    21. 

  21.       serviceAccountName: {{ include "kafka.fullname" . }}-sa
    22. 

  22.       securityContext:
    23. 

  23.         {{- toYaml .Values.podSecurityContext | nindent 8 }}
    24. 

  24.       affinity:
    25. 

  25.       {{- if .Values.affinity }}
    26. 

  26.         {{ toYaml .Values.affinity | indent 8 }}
    27. 

  27.       {{- else }}
    28. 

  28.         podAntiAffinity:
    29. 

  29.           preferredDuringSchedulingIgnoredDuringExecution:
    30. 

  30.           - podAffinityTerm:
    31. 

  31.               labelSelector:
    32. 

  32.                 matchExpressions:
    33. 

  33.                 - key: app
    34. 

  34.                   operator: In
    35. 

  35.                   values:
    36. 

  36.                   - {{ include "kafka.name" . }}
    37. 

  37.               topologyKey: kubernetes.io/hostname
    38. 

  38.             weight: 1
    39. 

  39.      {{- end }}
    40. 

  40.       containers:
    41. 

  41.       - name: {{ .Chart.Name }}
    42. 

  42.       {{- with .Values.imagePullSecrets }}
    43. 

  43.       imagePullSecrets:
    44. 

  44.         {{- toYaml . | nindent 8 }}
    45. 

  45.       {{- end }}
    46. 

  46.         imagePullPolicy: {{ .Values.image.pullPolicy }}
    47. 

  47.         image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
    48. 

  48.         env:
    49. 

  49.         - name: POD_IP
    50. 

  50.           valueFrom:
    51. 

  51.             fieldRef:
    52. 

  52.               apiVersion: v1
    53. 

  53.               fieldPath: status.podIP
    54. 

  54.         - name: HOST_IP
    55. 

  55.           valueFrom:
    56. 

  56.             fieldRef:
    57. 

  57.               apiVersion: v1
    58. 

  58.               fieldPath: status.hostIP
    59. 

  59.         - name: POD_NAME
    60. 

  60.           valueFrom:
    61. 

  61.             fieldRef:
    62. 

  62.               apiVersion: v1
    63. 

  63.               fieldPath: metadata.name
    64. 

  64.         - name: POD_NAMESPACE
    65. 

  65.           valueFrom:
    66. 

  66.             fieldRef:
    67. 

  67.               apiVersion: v1
    68. 

  68.               fieldPath: metadata.namespace
    69. 

  69.         - name: KAFKA_ZOOKEEPER_CONNECT
    70. 

  70.           value: {{ include "kafka.zookeeper.ensemble" . | quote }}
    71. 

  71.         - name: KAFKA_HEAP_OPTS
    72. 

  72.           value: {{ .Values.heapOpts | quote }}
    73. 

  73.         - name: KAFKA_CONFLUENT_SUPPORT_METRICS_ENABLE
    74. 

  74.           value: {{ .Values.confluentSupportMetricsEnable | quote }}
    75. 

  75.         - name: KAFKA_LOG_DIRS
    76. 

  76.           value: "/var/lib/kafka/data"
    77. 

  77.         - name: KAFKA_AUTO_CREATE_TOPICS_ENABLE
    78. 

  78.           value: {{ .Values.autoCreateTopicsEnable | quote }}
    79. 

  79.         - name: KAFKA_DELETE_TOPIC_ENABLE
    80. 

  80.           value: {{ .Values.deleteTopicEnable | quote }}
    81. 

  81.         - name: KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR
    82. 

  82.           value: {{ .Values.offsetsTopicReplicationFactor | int | quote }}
    83. 

  83.         - name: KAFKA_NUM_PARTITIONS
    84. 

  84.           value: {{ .Values.numPartitions | int | quote }}
    85. 

  85.         - name: KAFKA_DEFAULT_REPLICATION_FACTOR
    86. 

  86.           value: {{ .Values.defaultReplicationFactor | int | quote }}
    87. 

  87.         - name: KAFKA_MIN_INSYNC_REPLICAS
    88. 

  88.           value: {{ .Values.minInsyncReplicas | int | quote }}
    89. 

  89.         - name: KAFKA_UNCLEAN_LEADER_ELECTION.ENABLE
    90. 

  90.           value: {{ .Values.uncleanLeaderElectionEnable | quote }}
    91. 

  91.         - name: KAFKA_LOG_FLUSH_INTERVAL_MESSAGES
    92. 

  92.           value: {{ .Values.logFlushIntervalMessages | int | quote }}
    93. 

  93.         - name: KAFKA_LOG_FLUSH_INTERVAL_MS
    94. 

  94.           value: {{ .Values.logFlushIntervalMs | int | quote }}
    95. 

  95.         - name: KAFKA_LOG_RETENTION_BYTES
    96. 

  96.           value: {{ .Values.logRetentionBytes | int | quote }}
    97. 

  97.         - name: KAFKA_LOG_RETENTION_CHECK_INTERVAL_MS
    98. 

  98.           value: {{ .Values.logRetentionCheckIntervalMs | int | quote }}
    99. 

  99.         - name: KAFKA_LOG_RETENTION_HOURS
    100. 

  100.           value: {{ .Values.logRetentionHours | int | quote }}
    101. 

  101.         - name: KAFKA_LOG_SEGMENT_BYTES
    102. 

  102.           value: {{ .Values.logSegmentBytes | int | quote }}
    103. 

  103.         - name: KAFKA_MESSAGE_MAX_BYTES
    104. 

  104.           value: {{ .Values.messageMaxBytes | int | quote }}
    105. 

  105.         - name: KAFKA_LOG4J_ROOT_LOGLEVEL
    106. 

  106.           value: {{ .Values.log4jRootLoglevel | quote }}
    107. 

  107.         - name: KAFKA_LOG4J_LOGGERS
    108. 

  108.           value: {{ .Values.log4jLoggers | quote }}
    109. 

  109.         {{- if .Values.kerberos.enabled }}
    110. 

  110.         - name: KAFKA_SECURITY_INTER_BROKER_PROTOCOL
    111. 

  111.           value: SASL_PLAINTEXT
    112. 

  112.         - name: KAFKA_SASL_KERBEROS_SERVICE_NAME
    113. 

  113.           value: "kafka"
    114. 

  114.         - name: KAFKA_LISTENERS
    115. 

  115.           value: "SASL_PLAINTEXT://:{{ .Values.port.kafkaInternal }},EXTERNAL://:{{ .Values.port.kafkaExternal }}"
    116. 

  116.         - name: KAFKA_LISTENER_SECURITY_PROTOCOL_MAP
    117. 

  117.           value: "SASL_PLAINTEXT:SASL_PLAINTEXT,EXTERNAL:SASL_PLAINTEXT"
    118. 

  118.         {{- else }}
    119. 

  119.         - name: KAFKA_LISTENERS
    120. 

  120.           value: "PLAINTEXT://:{{ .Values.port.kafkaInternal }},EXTERNAL://:{{ .Values.port.kafkaExternal }}"
    121. 

  121.         - name: KAFKA_LISTENER_SECURITY_PROTOCOL_MAP
    122. 

  122.           value: "PLAINTEXT:PLAINTEXT,EXTERNAL:PLAINTEXT"
    123. 

  123.         {{- end }}
    124. 

  124.         - name: ZOOKEEPER_SASL_ENABLED
    125. 

  125.           value: {{ .Values.zookeeper.kerberos.enabled | quote }}
    126. 

  126.         {{- if .Values.acls.enabled }}
    127. 

  127.         - name: KAFKA_ZOOKEEPER_SET_ACL
    128. 

  128.           value: "true"
    129. 

  129.         - name: KAFKA_SUPER_USERS
    130. 

  130.           value: "User:kafka"
    131. 

  131.         - name: KAFKA_ALLOW_EVERYONE_IF_NO_ACL_FOUND
    132. 

  132.           value: "false"
    133. 

  133.         - name: KAFKA_AUTHORIZER_CLASS_NAME
    134. 

  134.           value: "kafka.security.authorizer.AclAuthorizer"
    135. 

  135.         {{- end }}
    136. 

  136.         command:
    137. 

  137.         - "sh"
    138. 

  138.         - "-exc"
    139. 

  139.         - |
    140. 

  140.           export KAFKA_BROKER_ID=${HOSTNAME##*-} && \
    141. 

  141.           {{- if .Values.isDocker }}
    142. 

  142.           export KAFKA_ADVERTISED_LISTENERS=PLAINTEXT://{{ include "kafka.listener" . }}:{{ .Values.port.kafkaInternal }},EXTERNAL://172.24.100.101:$(({{ .Values.externalAccess.initNodePort }} + ${KAFKA_BROKER_ID})) && \
    143. 

  143.           {{- else if .Values.kerberos.enabled }}
    144. 

  144.           export KAFKA_ADVERTISED_LISTENERS=SASL_PLAINTEXT://{{ include "kafka.listener" . }}:{{ .Values.port.kafkaInternal }},EXTERNAL://{{ include "kafka.listener" . }}:$(({{ .Values.externalAccess.initNodePort }} + ${KAFKA_BROKER_ID})) && \
    145. 

  145.           export KAFKA_OPTS="-Djava.security.krb5.conf=/etc/krb5.conf -Djava.security.auth.login.config=/jaas/${POD_NAME}_jaas.conf -Dsun.security.krb5.debug=false" && \
    146. 

  146.           {{- else }}
    147. 

  147.           export KAFKA_ADVERTISED_LISTENERS=PLAINTEXT://{{ include "kafka.listener" . }}:{{ .Values.port.kafkaInternal }},EXTERNAL://${HOST_IP}:$(({{ .Values.externalAccess.initNodePort }} + ${KAFKA_BROKER_ID})) && \
    148. 

  148.           {{- end }}
    149. 

  149.           exec /etc/confluent/docker/run
    150. 

  150.         ports:
    151. 

  151.         - name: tcp-kafka-int
    152. 

  152.           containerPort: {{ .Values.port.kafkaInternal }}
    153. 

  153.         - name: tcp-kafka-ext
    154. 

  154.           containerPort: {{ .Values.port.kafkaExternal }}
    155. 

  155.         {{- if .Values.livenessProbe.enabled }}
    156. 

  156.         livenessProbe:
    157. 

  157.           tcpSocket:
    158. 

  158.             port: tcp-kafka-int
    159. 

  159.           initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
    160. 

  160.           periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
    161. 

  161.           timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
    162. 

  162.           successThreshold: {{ .Values.livenessProbe.successThreshold }}
    163. 

  163.           failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
    164. 

  164.         {{- end }}
    165. 

  165.         {{- if .Values.readinessProbe.enabled }}
    166. 

  166.         readinessProbe:
    167. 

  167.           tcpSocket:
    168. 

  168.             port: tcp-kafka-int
    169. 

  169.           initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
    170. 

  170.           periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
    171. 

  171.           timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }}
    172. 

  172.           successThreshold: {{ .Values.readinessProbe.successThreshold }}
    173. 

  173.           failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
    174. 

  174.         {{- end }}
    175. 

  175.         volumeMounts:
    176. 

  176.         - name: data
    177. 

  177.           mountPath: /var/lib/kafka/data
    178. 

  178.         - name: config
    179. 

  179.           mountPath: /etc/kafka
    180. 

  180.         - name: logs
    181. 

  181.           mountPath: /var/log
    182. 

  182.         {{- if or .Values.kerberos.enabled .Values.zookeeper.kerberos.enabled }}
    183. 

  183.         - name: krb5
    184. 

  184.           mountPath: /etc/krb5.conf
    185. 

  185.           subPath: krb5.conf
    186. 

  186.         - name: keytabs
    187. 

  187.           mountPath: /keytabs
    188. 

  188.           readOnly: true
    189. 

  189.         - name: jaas
    190. 

  190.           mountPath: /jaas
    191. 

  191.           readOnly: true
    192. 

  192.         {{- end }}
    193. 

  193.         securityContext:
    194. 

  194.           {{- toYaml .Values.securityContext | nindent 12 }}
    195. 

  195.         resources:
    196. 

  196.           {{- toYaml .Values.resources | nindent 12 }}
    197. 

  197.       volumes:
    198. 

  198.       - name: config
    199. 

  199.         emptyDir: {}
    200. 

  200.       - name: logs
    201. 

  201.         emptyDir: {}
    202. 

  202.       {{- if .Values.kerberos.enabled }}
    203. 

  203.       - name: krb5
    204. 

  204.         configMap:
    205. 

  205.           name: {{ required "The .Values.kerberos.krb5Conf is required when kerberos enabled!" .Values.kerberos.krb5Conf }}
    206. 

  206.       - name: keytabs
    207. 

  207.         secret:
    208. 

  208.           secretName: {{ required "The .Values.kerberos.keyTabSecret is required when kerberos enabled!" .Values.kerberos.keyTabSecret }}
    209. 

  209.       - name: jaas
    210. 

  210.         configMap:
    211. 

  211.           name: {{ required "The .Values.kerberos.jaasConf is required when kerberos enabled!" .Values.kerberos.jaasConf }}
    212. 

  212.       {{- end }}
    213. 

  213.   volumeClaimTemplates:
    214. 

  214.   - metadata:
    215. 

  215.       name: data
    216. 

  216.     spec:
    217. 

  217.       storageClassName: {{ .Values.data.storageClass | quote }}
    218. 

  218.       accessModes: [ "ReadWriteOnce" ]
    219. 

  219.       resources:
    220. 

  220.         requests:
    221. 

  221.           storage: {{ .Values.data.storageSize | quote }}
    222.