ycz
/
OKR
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
OKR/tcs-upgrade/kafka/kafka-ldap.yaml

182 lines
4.2 KiB
YAML
Raw Blame History

apiVersion: platform.confluent.io/v1beta1
kind: Zookeeper
metadata:
name: zookeeper
spec:
replicas: 3
oneReplicaPerNode: true
configOverrides:
jvm:
- "-Xmx128m"
podTemplate:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: app.kubernetes.io/name
operator: In
values:
- tcs
image:
application: confluentinc/cp-zookeeper:7.5.0
init: confluentinc/confluent-init-container:2.7.0
dataVolumeCapacity: 10Gi
logVolumeCapacity: 10Gi
storageClass:
name: tcs-kafka
authentication:
type: digest
jaasConfig:
secretRef: credential
tls:
secretRef: tls-group1
---
apiVersion: platform.confluent.io/v1beta1
kind: Kafka
metadata:
name: kafka
spec:
replicas: 3
oneReplicaPerNode: true
configOverrides:
server:
- auto.create.topics.enable=true
- default.replication.factor=3
jvm:
- "-Xmx512m"
podTemplate:
resources:
requests:
memory: "256Mi"
cpu: "100m"
limits:
memory: "4G"
cpu: "1"
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: app.kubernetes.io/name
operator: In
values:
- tcs
image:
application: confluentinc/cp-server:7.5.0
init: confluentinc/confluent-init-container:2.7.0
dataVolumeCapacity: 10Gi
storageClass:
name: tcs-kafka
tls:
secretRef: tls-group1
listeners:
internal:
authentication:
type: ldap
jaasConfig:
secretRef: credential
tls:
enabled: true
external:
externalAccess:
type: nodePort
nodePort:
host: kafka-tcs.beaconfireinc.com
nodePortOffset: 30001
authentication:
type: ldap
jaasConfig:
secretRef: credential
tls:
enabled: true
authorization:
type: rbac
superUsers:
- User:kafka
services:
mds:
tls:
enabled: true
tokenKeyPair:
secretRef: mds-token
provider:
type: ldap
ldap:
address: ldap://ldap.tcs.svc.cluster.local:389
authentication:
type: simple
simple:
secretRef: credential
configurations:
groupNameAttribute: cn
groupObjectClass: group
groupMemberAttribute: member
groupMemberAttributePattern: CN=(.*),DC=test,DC=com
groupSearchBase: dc=test,dc=com
userNameAttribute: cn
userMemberOfAttributePattern: CN=(.*),DC=test,DC=com
userObjectClass: organizationalRole
userSearchBase: dc=test,dc=com
dependencies:
zookeeper:
endpoint: zookeeper.tcs.svc.cluster.local:2182
authentication:
type: digest
jaasConfig:
secretRef: credential
tls:
enabled: true
---
apiVersion: platform.confluent.io/v1beta1
kind: SchemaRegistry
metadata:
name: schemaregistry
spec:
replicas: 1
oneReplicaPerNode: true
configOverrides:
jvm:
- "-Xmx128m"
podTemplate:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: app.kubernetes.io/name
operator: In
values:
- tcs
image:
application: confluentinc/cp-schema-registry:7.5.0
init: confluentinc/confluent-init-container:2.7.0
tls:
secretRef: tls-group1
externalAccess:
type: nodePort
nodePort:
host: kafka-tcs.beaconfireinc.com
nodePortOffset: 30005
authorization:
type: rbac
dependencies:
kafka:
bootstrapEndpoint: kafka.tcs.svc.cluster.local:9071
authentication:
type: plain
jaasConfig:
secretRef: credential
tls:
enabled: true
mds:
endpoint: https://kafka.tcs.svc.cluster.local:8090
tokenKeyPair:
secretRef: mds-token
authentication:
type: bearer
bearer:
secretRef: sr-mds-client
tls:
enabled: true
Reference in New Issue View Git Blame Copy Permalink