ycz
/
OKR
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

kafka

main
ycz008 2023-11-08 18:12:24 +08:00
parent e3956d96c9
commit efe28eb804
2 changed files with 188 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

184
tcs-upgrade/kafka/kafka-1.yml Normal file
View File

@ -0,0 +1,184 @@
apiVersion: platform.confluent.io/v1beta1
kind: Zookeeper
metadata:
name: zookeeper
namespace: confluent
spec:
replicas: 3
oneReplicaPerNode: true
configOverrides:
jvm:
- "-Xmx128m"
podTemplate:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: app.kubernetes.io/name
operator: In
values:
- tcs
image:
application: confluentinc/cp-zookeeper:7.5.0
init: confluentinc/confluent-init-container:2.7.0
dataVolumeCapacity: 10Gi
logVolumeCapacity: 10Gi
storageClass:
name: tcs-kafka
authentication:
type: digest
jaasConfig:
secretRef: credential
tls:
secretRef: tls-group1
---
apiVersion: platform.confluent.io/v1beta1
kind: Kafka
metadata:
name: kafka
namespace: confluent
spec:
replicas: 3
oneReplicaPerNode: true
configOverrides:
server:
- auto.create.topics.enable=true
- default.replication.factor=3
jvm:
- "-Xmx512m"
podTemplate:
resources:
requests:
memory: "256Mi"
cpu: "100m"
limits:
memory: "4G"
cpu: "1"
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: app.kubernetes.io/name
operator: In
values:
- tcs
image:
application: confluentinc/cp-server:7.5.0
init: confluentinc/confluent-init-container:2.7.0
dataVolumeCapacity: 10Gi
storageClass:
name: tcs-kafka
tls:
secretRef: tls-group1
listeners:
internal:
authentication:
type: ldap
jaasConfig:
secretRef: credential
tls:
enabled: true
external:
externalAccess:
type: nodePort
nodePort:
host: kafka-tcs.beaconfireinc.com
nodePortOffset: 30001
authentication:
type: ldap
jaasConfig:
secretRef: credential
tls:
enabled: true
authorization:
type: rbac
superUsers:
- User:kafka
services:
mds:
tls:
enabled: true
tokenKeyPair:
secretRef: mds-token
provider:
type: ldap
ldap:
address: ldap://ldap.tcs.svc.cluster.local:389
authentication:
type: simple
simple:
secretRef: credential
configurations:
groupNameAttribute: cn
groupObjectClass: group
groupMemberAttribute: member
groupMemberAttributePattern: CN=(.*),DC=test,DC=com
groupSearchBase: dc=test,dc=com
userNameAttribute: cn
userMemberOfAttributePattern: CN=(.*),DC=test,DC=com
userObjectClass: organizationalRole
userSearchBase: dc=test,dc=com
dependencies:
zookeeper:
endpoint: zookeeper.tcs.svc.cluster.local:2182
authentication:
type: digest
jaasConfig:
secretRef: credential
tls:
enabled: true
---
apiVersion: platform.confluent.io/v1beta1
kind: SchemaRegistry
metadata:
name: schemaregistry
namespace: confluent
spec:
replicas: 1
oneReplicaPerNode: true
configOverrides:
jvm:
- "-Xmx128m"
podTemplate:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: app.kubernetes.io/name
operator: In
values:
- tcs
image:
application: confluentinc/cp-schema-registry:7.5.0
init: confluentinc/confluent-init-container:2.7.0
tls:
secretRef: tls-group1
externalAccess:
type: nodePort
nodePort:
host: kafka-tcs.beaconfireinc.com
nodePortOffset: 30005
authorization:
type: rbac
dependencies:
kafka:
bootstrapEndpoint: kafka.tcs.svc.cluster.local:9071
authentication:
type: plain
jaasConfig:
secretRef: credential
tls:
enabled: true
mds:
endpoint: https://kafka.tcs.svc.cluster.local:8090
tokenKeyPair:
secretRef: mds-token
authentication:
type: bearer
bearer:
secretRef: sr-mds-client
tls:
enabled: true

8
tcs-upgrade/kafka/kafka.yaml
View File

@ -67,10 +67,10 @@ spec:
enabled: true
listeners:
external:
# authentication:
# type: plain
# jaasConfig:
# secretRef: credentials
authentication:
type: plain
jaasConfigPassThrough:
secretRef: credentials
externalAccess:
type: nodePort
nodePort: