charts/pulsar/templates/zookeeper-statefulset.yaml

# # Licensed to the Apache Software Foundation (ASF) under one # or more contributor license agreements. See the NOTICE file # distributed with this work for additional information # regarding copyright ownership. The ASF licenses this file # to you under the Apache License, Version 2.0 (the # "License"); you may not use this file except in compliance # with the License. You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, # software distributed under the License is distributed on an # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY # KIND, either express or implied. See the License for the # specific language governing permissions and limitations # under the License. # # deploy zookeeper only when `components.zookeeper` is true {{- if .Values.components.zookeeper }} apiVersion: apps/v1 kind: StatefulSet metadata: name: "{{ template "pulsar.fullname" . }}-{{ .Values.zookeeper.component }}" namespace: {{ template "pulsar.namespace" . }} annotations: {{ .Values.zookeeper.appAnnotations | toYaml | nindent 4 }} labels: {{- include "pulsar.standardLabels" . | nindent 4 }} component: {{ .Values.zookeeper.component }} spec: serviceName: "{{ template "pulsar.fullname" . }}-{{ .Values.zookeeper.component }}" replicas: {{ .Values.zookeeper.replicaCount }} selector: matchLabels: {{- include "pulsar.matchLabels" . | nindent 6 }} component: {{ .Values.zookeeper.component }} updateStrategy: {{ toYaml .Values.zookeeper.updateStrategy | indent 4 }} podManagementPolicy: {{ .Values.zookeeper.podManagementPolicy }} template: metadata: labels: {{- include "pulsar.template.labels" . | nindent 8 }} component: {{ .Values.zookeeper.component }} annotations: {{- if not .Values.zookeeper.podMonitor.enabled }} prometheus.io/scrape: "true" prometheus.io/port: "{{ .Values.zookeeper.ports.http }}" {{- end }} {{- if .Values.zookeeper.restartPodsOnConfigMapChange }} checksum/config: {{ include (print $.Template.BasePath "/zookeeper-configmap.yaml") . | sha256sum }} {{- end }} {{- with .Values.zookeeper.annotations }} {{ toYaml . | indent 8 }} {{- end }} spec: {{- if .Values.zookeeper.nodeSelector }} nodeSelector: {{ toYaml .Values.zookeeper.nodeSelector | indent 8 }} {{- end }} {{- if .Values.zookeeper.tolerations }} tolerations: {{ toYaml .Values.zookeeper.tolerations | indent 8 }} {{- end }} {{- if .Values.zookeeper.topologySpreadConstraints }} topologySpreadConstraints: {{- toYaml .Values.zookeeper.topologySpreadConstraints | nindent 8 }} {{- end }} affinity: {{- if and .Values.affinity.anti_affinity .Values.zookeeper.affinity.anti_affinity}} podAntiAffinity: {{ if eq .Values.zookeeper.affinity.type "requiredDuringSchedulingIgnoredDuringExecution"}} {{ .Values.zookeeper.affinity.type }}: - labelSelector: matchExpressions: - key: "app" operator: In values: - "{{ template "pulsar.name" . }}" - key: "release" operator: In values: - {{ .Release.Name }} - key: "component" operator: In values: - {{ .Values.zookeeper.component }} topologyKey: {{ .Values.zookeeper.affinity.anti_affinity_topology_key }} {{ else }} {{ .Values.zookeeper.affinity.type }}: - weight: 100 podAffinityTerm: labelSelector: matchExpressions: - key: "app" operator: In values: - "{{ template "pulsar.name" . }}" - key: "release" operator: In values: - {{ .Release.Name }} - key: "component" operator: In values: - {{ .Values.zookeeper.component }} topologyKey: {{ .Values.zookeeper.affinity.anti_affinity_topology_key }} {{ end }} {{- end }} terminationGracePeriodSeconds: {{ .Values.zookeeper.gracePeriod }} serviceAccountName: "{{ template "pulsar.fullname" . }}-{{ .Values.zookeeper.component }}" {{- if .Values.zookeeper.securityContext }} securityContext: {{ toYaml .Values.zookeeper.securityContext | indent 8 }} {{- end }} {{- if .Values.zookeeper.initContainers }} initContainers: {{- toYaml .Values.zookeeper.initContainers | nindent 6 }} {{- end }} containers: - name: "{{ template "pulsar.fullname" . }}-{{ .Values.zookeeper.component }}" image: "{{ template "pulsar.imageFullName" (dict "image" .Values.images.zookeeper "root" .) }}" imagePullPolicy: "{{ template "pulsar.imagePullPolicy" (dict "image" .Values.images.zookeeper "root" .) }}" {{- if .Values.zookeeper.resources }} resources: {{ toYaml .Values.zookeeper.resources | indent 10 }} {{- end }} command: ["sh", "-c"] args: - | {{- if .Values.zookeeper.additionalCommand }} {{ .Values.zookeeper.additionalCommand }} {{- end }} bin/apply-config-from-env.py conf/zookeeper.conf; {{- include "pulsar.zookeeper.tls.settings" . | nindent 10 }} bin/generate-zookeeper-config.sh conf/zookeeper.conf; OPTS="${OPTS} -Dlog4j2.formatMsgNoLookups=true" exec bin/pulsar zookeeper; ports: # prometheus needs to access /metrics endpoint - name: http containerPort: {{ .Values.zookeeper.ports.http }} - name: client containerPort: {{ .Values.zookeeper.ports.client }} - name: follower containerPort: {{ .Values.zookeeper.ports.follower }} - name: leader-election containerPort: {{ .Values.zookeeper.ports.leaderElection }} {{- if .Values.zookeeper.ports.admin }} - name: admin containerPort: {{ .Values.zookeeper.ports.admin }} {{- end }} {{- if and .Values.tls.enabled .Values.tls.zookeeper.enabled }} - name: client-tls containerPort: {{ .Values.zookeeper.ports.clientTls }} {{- end }} env: - name: ZOOKEEPER_SERVERS {{- if .Values.zookeeper.externalZookeeperServerList }} value: {{ .Values.zookeeper.externalZookeeperServerList }} {{- else }} {{- $global := . }} value: {{ range $i, $e := until (.Values.zookeeper.replicaCount | int) }}{{ if ne $i 0 }},{{ end }}{{ template "pulsar.fullname" $global }}-{{ $global.Values.zookeeper.component }}-{{ printf "%d" $i }}{{ end }} {{- end }} - name: EXTERNAL_PROVIDED_SERVERS {{- if .Values.zookeeper.externalZookeeperServerList }} value: "true" {{- else }} value: "false" {{- end }} envFrom: - configMapRef: name: "{{ template "pulsar.fullname" . }}-{{ .Values.zookeeper.component }}" {{- $zkConnectCommand := "" -}} {{- if and .Values.tls.enabled .Values.tls.zookeeper.enabled }} {{- $zkConnectCommand = print "openssl s_client -quiet -crlf -connect 127.0.0.1:" .Values.zookeeper.ports.clientTls " -cert /pulsar/certs/zookeeper/tls.crt -key /pulsar/certs/zookeeper/tls.key" -}} {{- else -}} {{- $zkConnectCommand = print "nc 127.0.0.1 " .Values.zookeeper.ports.client -}} {{- end }} {{- if .Values.zookeeper.probe.readiness.enabled }} readinessProbe: exec: command: - bash - -c - '{ echo ruok; sleep 1; } | {{ $zkConnectCommand }} | grep imok' initialDelaySeconds: {{ .Values.zookeeper.probe.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.zookeeper.probe.readiness.periodSeconds }} timeoutSeconds: {{ .Values.zookeeper.probe.readiness.timeoutSeconds }} failureThreshold: {{ .Values.zookeeper.probe.readiness.failureThreshold }} {{- end }} {{- if .Values.zookeeper.probe.liveness.enabled }} livenessProbe: exec: command: - bash - -c - '{ echo ruok; sleep 1; } | {{ $zkConnectCommand }} | grep imok' initialDelaySeconds: {{ .Values.zookeeper.probe.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.zookeeper.probe.liveness.periodSeconds }} timeoutSeconds: {{ .Values.zookeeper.probe.liveness.timeoutSeconds }} failureThreshold: {{ .Values.zookeeper.probe.liveness.failureThreshold }} {{- end }} {{- if .Values.zookeeper.probe.startup.enabled }} startupProbe: exec: command: - bash - -c - '{ echo ruok; sleep 1; } | {{ $zkConnectCommand }} | grep imok' initialDelaySeconds: {{ .Values.zookeeper.probe.startup.initialDelaySeconds }} periodSeconds: {{ .Values.zookeeper.probe.startup.periodSeconds }} timeoutSeconds: {{ .Values.zookeeper.probe.startup.timeoutSeconds }} failureThreshold: {{ .Values.zookeeper.probe.startup.failureThreshold }} {{- end }} volumeMounts: - name: "{{ template "pulsar.fullname" . }}-{{ .Values.zookeeper.component }}-{{ .Values.zookeeper.volumes.data.name }}" mountPath: /pulsar/data {{- if .Values.zookeeper.volumes.useSeparateDiskForTxlog }} - name: "{{ template "pulsar.fullname" . }}-{{ .Values.zookeeper.component }}-{{ .Values.zookeeper.volumes.datalog.name }}" mountPath: /pulsar/data-log {{- end }} {{- if and .Values.tls.enabled .Values.tls.zookeeper.enabled }} - mountPath: "/pulsar/certs/zookeeper" name: zookeeper-certs readOnly: true - mountPath: "/pulsar/certs/ca" name: ca readOnly: true - name: keytool mountPath: "/pulsar/keytool/keytool.sh" subPath: keytool.sh {{- end }} {{- if .Values.zookeeper.extraVolumeMounts }} {{ toYaml .Values.zookeeper.extraVolumeMounts | indent 8 }} {{- end }} volumes: {{- if not (and (and .Values.volumes.persistence .Values.volumes.persistence) .Values.zookeeper.volumes.persistence) }} - name: "{{ template "pulsar.fullname" . }}-{{ .Values.zookeeper.component }}-{{ .Values.zookeeper.volumes.data.name }}" emptyDir: {} {{- end }} {{- if .Values.zookeeper.extraVolumes }} {{ toYaml .Values.zookeeper.extraVolumes | indent 6 }} {{- end }} {{- if and .Values.tls.enabled .Values.tls.zookeeper.enabled }} - name: zookeeper-certs secret: secretName: "{{ .Release.Name }}-{{ .Values.tls.zookeeper.cert_name }}" items: - key: tls.crt path: tls.crt - key: tls.key path: tls.key - name: ca secret: {{- if eq .Values.certs.internal_issuer.type "selfsigning" }} secretName: "{{ .Release.Name }}-{{ .Values.tls.ca_suffix }}" {{- end }} {{- if eq .Values.certs.internal_issuer.type "ca" }} secretName: "{{ .Values.certs.issuers.ca.secretName }}" {{- end }} items: - key: ca.crt path: ca.crt - name: keytool configMap: name: "{{ template "pulsar.fullname" . }}-keytool-configmap" defaultMode: 0755 {{- end}} {{- include "pulsar.imagePullSecrets" . | nindent 6}} {{- if and (and .Values.persistence .Values.volumes.persistence) .Values.zookeeper.volumes.persistence }} volumeClaimTemplates: - metadata: name: "{{ template "pulsar.fullname" . }}-{{ .Values.zookeeper.component }}-{{ .Values.zookeeper.volumes.data.name }}" spec: accessModes: [ "ReadWriteOnce" ] resources: requests: storage: {{ .Values.zookeeper.volumes.data.size }} {{- if .Values.zookeeper.volumes.data.storageClassName }} storageClassName: "{{ .Values.zookeeper.volumes.data.storageClassName }}" {{- else if and (not (and .Values.volumes.local_storage .Values.zookeeper.volumes.data.local_storage)) .Values.zookeeper.volumes.data.storageClass }} storageClassName: "{{ template "pulsar.fullname" . }}-{{ .Values.zookeeper.component }}-{{ .Values.zookeeper.volumes.data.name }}" {{- else if and .Values.volumes.local_storage .Values.zookeeper.volumes.data.local_storage }} storageClassName: "local-storage" {{- end }} {{- with .Values.zookeeper.volumes.data.selector }} selector: {{- toYaml . | nindent 8 }} {{- end }} {{- if .Values.zookeeper.volumes.useSeparateDiskForTxlog }} - metadata: name: "{{ template "pulsar.fullname" . }}-{{ .Values.zookeeper.component }}-{{ .Values.zookeeper.volumes.datalog.name }}" spec: accessModes: [ "ReadWriteOnce" ] resources: requests: storage: {{ .Values.zookeeper.volumes.datalog.size }} {{- if .Values.zookeeper.volumes.datalog.storageClassName }} storageClassName: "{{ .Values.zookeeper.volumes.datalog.storageClassName }}" {{- else if and (not (and .Values.volumes.local_storage .Values.zookeeper.volumes.datalog.local_storage)) .Values.zookeeper.volumes.datalog.storageClass }} storageClassName: "{{ template "pulsar.fullname" . }}-{{ .Values.zookeeper.component }}-{{ .Values.zookeeper.volumes.datalog.name }}" {{- else if and .Values.volumes.local_storage .Values.zookeeper.volumes.datalog.local_storage }} storageClassName: "local-storage" {{- end }} {{- with .Values.zookeeper.volumes.datalog.selector }} selector: {{- toYaml . | nindent 8 }} {{- end }} {{- end }} {{- end }} {{- end }}

charts/pulsar/templates/zookeeper-statefulset.yaml (291 lines of code) (raw):