Created
November 10, 2021 08:29
-
-
Save pierDipi/0e2f7156c791ec47cf5970d936cd18b9 to your computer and use it in GitHub Desktop.
Eventing Kafka Broker artifacts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Copyright 2020 The Knative Authors | |
# | |
# Licensed under the Apache License, Version 2.0 (the "License"); | |
# you may not use this file except in compliance with the License. | |
# You may obtain a copy of the License at | |
# | |
# http://www.apache.org/licenses/LICENSE-2.0 | |
# | |
# Unless required by applicable law or agreed to in writing, software | |
# distributed under the License is distributed on an "AS IS" BASIS, | |
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
# See the License for the specific language governing permissions and | |
# limitations under the License. | |
apiVersion: v1 | |
kind: ConfigMap | |
metadata: | |
name: config-kafka-broker-data-plane | |
namespace: knative-eventing | |
labels: | |
kafka.eventing.knative.dev/release: devel | |
data: | |
config-kafka-broker-producer.properties: | | |
key.serializer=org.apache.kafka.common.serialization.StringSerializer | |
value.serializer=io.cloudevents.kafka.CloudEventSerializer | |
acks=all | |
buffer.memory=33554432 | |
# compression.type=snappy | |
retries=2147483647 | |
batch.size=16384 | |
client.dns.lookup=use_all_dns_ips | |
connections.max.idle.ms=600000 | |
delivery.timeout.ms=120000 | |
linger.ms=0 | |
max.block.ms=60000 | |
max.request.size=1048576 | |
partitioner.class=org.apache.kafka.clients.producer.internals.DefaultPartitioner | |
receive.buffer.bytes=-1 | |
request.timeout.ms=30000 | |
enable.idempotence=false | |
max.in.flight.requests.per.connection=5 | |
metadata.max.age.ms=300000 | |
# metric.reporters="" | |
metrics.num.samples=2 | |
metrics.recording.level=INFO | |
metrics.sample.window.ms=30000 | |
reconnect.backoff.max.ms=1000 | |
reconnect.backoff.ms=50 | |
retry.backoff.ms=100 | |
# transaction.timeout.ms=60000 | |
# transactional.id=null | |
config-kafka-broker-consumer.properties: | | |
key.deserializer=org.apache.kafka.common.serialization.StringDeserializer | |
value.deserializer=io.cloudevents.kafka.CloudEventDeserializer | |
fetch.min.bytes=1 | |
heartbeat.interval.ms=3000 | |
max.partition.fetch.bytes=1048576 | |
session.timeout.ms=10000 | |
# ssl.key.password= | |
# ssl.keystore.location= | |
# ssl.keystore.password= | |
# ssl.truststore.location= | |
# ssl.truststore.password= | |
allow.auto.create.topics=true | |
auto.offset.reset=earliest | |
client.dns.lookup=use_all_dns_ips | |
connections.max.idle.ms=540000 | |
default.api.timeout.ms=60000 | |
enable.auto.commit=false | |
exclude.internal.topics=true | |
fetch.max.bytes=52428800 | |
isolation.level=read_uncommitted | |
max.poll.interval.ms=300000 | |
max.poll.records=500 | |
# partition.assignment.strategy=org.apache.kafka.clients.consumer.CooperativeStickyAssignor | |
receive.buffer.bytes=65536 | |
request.timeout.ms=30000 | |
# sasl.client.callback.handler.class= | |
# sasl.jaas.config= | |
# sasl.kerberos.service.name= | |
# sasl.login.callback.handler.class | |
# sasl.login.class | |
# sasl.mechanism | |
security.protocol=PLAINTEXT | |
send.buffer.bytes=131072 | |
# ssl.enabled.protocols= | |
# ssl.keystore.type= | |
# ssl.protocol= | |
# ssl.provider= | |
auto.commit.interval.ms=5000 | |
check.crcs=true | |
# client.rack= | |
fetch.max.wait.ms=500 | |
# interceptor.classes= | |
metadata.max.age.ms=600000 | |
# metrics.reporters= | |
# metrics.num.samples= | |
# metrics.recording.level=INFO | |
# metrics.sample.window.ms= | |
reconnect.backoff.max.ms=1000 | |
retry.backoff.ms=100 | |
# sasl.kerberos.kinit.cmd= | |
# sasl.kerberos.min.time.before.relogin= | |
# sasl.kerberos.ticket.renew.jitter= | |
# sasl.login.refresh.buffer.seconds= | |
# sasl.login.refresh.min.period.seconds= | |
# sasl.login.refresh.window.factor | |
# sasl.login.refresh.window.jitter | |
# security.providers | |
# ssl.cipher.suites | |
# ssl.endpoint.identification.algorithm | |
# ssl.keymanager.algorithm | |
# ssl.secure.random.implementation | |
# ssl.trustmanager.algorithm | |
config-kafka-broker-webclient.properties: | | |
idleTimeout=10000 | |
config-kafka-broker-httpserver.properties: | | |
idleTimeout=0 | |
--- | |
# Copyright 2020 The Knative Authors | |
# | |
# Licensed under the Apache License, Version 2.0 (the "License"); | |
# you may not use this file except in compliance with the License. | |
# You may obtain a copy of the License at | |
# | |
# http://www.apache.org/licenses/LICENSE-2.0 | |
# | |
# Unless required by applicable law or agreed to in writing, software | |
# distributed under the License is distributed on an "AS IS" BASIS, | |
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
# See the License for the specific language governing permissions and | |
# limitations under the License. | |
apiVersion: rbac.authorization.k8s.io/v1 | |
kind: ClusterRole | |
metadata: | |
name: knative-kafka-broker-data-plane | |
labels: | |
kafka.eventing.knative.dev/release: devel | |
rules: | |
- apiGroups: | |
- "*" | |
resources: | |
- secrets | |
verbs: | |
- get | |
- list | |
- watch | |
--- | |
# Copyright 2020 The Knative Authors | |
# | |
# Licensed under the Apache License, Version 2.0 (the "License"); | |
# you may not use this file except in compliance with the License. | |
# You may obtain a copy of the License at | |
# | |
# http://www.apache.org/licenses/LICENSE-2.0 | |
# | |
# Unless required by applicable law or agreed to in writing, software | |
# distributed under the License is distributed on an "AS IS" BASIS, | |
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
# See the License for the specific language governing permissions and | |
# limitations under the License. | |
apiVersion: v1 | |
kind: ServiceAccount | |
metadata: | |
name: knative-kafka-broker-data-plane | |
namespace: knative-eventing | |
labels: | |
kafka.eventing.knative.dev/release: devel | |
--- | |
# Copyright 2020 The Knative Authors | |
# | |
# Licensed under the Apache License, Version 2.0 (the "License"); | |
# you may not use this file except in compliance with the License. | |
# You may obtain a copy of the License at | |
# | |
# http://www.apache.org/licenses/LICENSE-2.0 | |
# | |
# Unless required by applicable law or agreed to in writing, software | |
# distributed under the License is distributed on an "AS IS" BASIS, | |
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
# See the License for the specific language governing permissions and | |
# limitations under the License. | |
apiVersion: rbac.authorization.k8s.io/v1 | |
kind: ClusterRoleBinding | |
metadata: | |
name: knative-kafka-broker-data-plane | |
labels: | |
kafka.eventing.knative.dev/release: devel | |
subjects: | |
- kind: ServiceAccount | |
name: knative-kafka-broker-data-plane | |
namespace: knative-eventing | |
roleRef: | |
kind: ClusterRole | |
name: knative-kafka-broker-data-plane | |
apiGroup: rbac.authorization.k8s.io | |
--- | |
--- | |
# Copyright 2020 The Knative Authors | |
# | |
# Licensed under the Apache License, Version 2.0 (the "License"); | |
# you may not use this file except in compliance with the License. | |
# You may obtain a copy of the License at | |
# | |
# http://www.apache.org/licenses/LICENSE-2.0 | |
# | |
# Unless required by applicable law or agreed to in writing, software | |
# distributed under the License is distributed on an "AS IS" BASIS, | |
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
# See the License for the specific language governing permissions and | |
# limitations under the License. | |
apiVersion: apps/v1 | |
kind: Deployment | |
metadata: | |
name: kafka-broker-dispatcher | |
namespace: knative-eventing | |
labels: | |
app: kafka-broker-dispatcher | |
kafka.eventing.knative.dev/release: devel | |
spec: | |
selector: | |
matchLabels: | |
app: kafka-broker-dispatcher | |
template: | |
metadata: | |
name: kafka-broker-dispatcher | |
labels: | |
app: kafka-broker-dispatcher | |
kafka.eventing.knative.dev/release: devel | |
spec: | |
serviceAccountName: knative-kafka-broker-data-plane | |
securityContext: | |
runAsNonRoot: true | |
containers: | |
- name: kafka-broker-dispatcher | |
image: docker.io/pierdipi/knative-kafka-broker-dispatcher:e0d1f434-41fe-11ec-8699-14857f6f674c | |
imagePullPolicy: IfNotPresent | |
volumeMounts: | |
- mountPath: /etc/config | |
name: config-kafka-broker-data-plane | |
readOnly: true | |
- mountPath: /etc/brokers-triggers | |
name: kafka-broker-brokers-triggers | |
readOnly: true | |
- mountPath: /tmp | |
name: cache | |
- mountPath: /etc/logging | |
name: kafka-broker-config-logging | |
readOnly: true | |
- mountPath: /etc/tracing | |
name: config-tracing | |
readOnly: true | |
ports: | |
- containerPort: 9090 | |
name: http-metrics | |
protocol: TCP | |
env: | |
- name: SERVICE_NAME | |
value: "kafka-broker-dispatcher" | |
- name: SERVICE_NAMESPACE | |
valueFrom: | |
fieldRef: | |
fieldPath: metadata.namespace | |
- name: PRODUCER_CONFIG_FILE_PATH | |
value: /etc/config/config-kafka-broker-producer.properties | |
- name: CONSUMER_CONFIG_FILE_PATH | |
value: /etc/config/config-kafka-broker-consumer.properties | |
- name: WEBCLIENT_CONFIG_FILE_PATH | |
value: /etc/config/config-kafka-broker-webclient.properties | |
- name: DATA_PLANE_CONFIG_FILE_PATH | |
value: /etc/brokers-triggers/data | |
- name: EGRESSES_INITIAL_CAPACITY | |
value: "20" | |
- name: INSTANCE_ID | |
valueFrom: | |
fieldRef: | |
fieldPath: metadata.uid | |
- name: METRICS_PATH | |
value: /metrics | |
- name: METRICS_PORT | |
value: "9090" | |
- name: METRICS_PUBLISH_QUANTILES | |
value: "false" | |
- name: METRICS_JVM_ENABLED | |
value: "false" | |
- name: CONFIG_TRACING_PATH | |
value: "/etc/tracing" | |
# https://github.com/fabric8io/kubernetes-client/issues/2212 | |
- name: HTTP2_DISABLE | |
value: "true" | |
# This should be set according to initial delay seconds | |
- name: WAIT_STARTUP_SECONDS | |
value: "8" | |
command: | |
- "java" | |
args: | |
- "-Dlogback.configurationFile=/etc/logging/config.xml" | |
- "-jar" | |
- "/app/app.jar" | |
# TODO set resources (limits and requests) | |
livenessProbe: | |
failureThreshold: 3 | |
httpGet: | |
port: 9090 | |
path: /metrics | |
scheme: HTTP | |
initialDelaySeconds: 10 | |
periodSeconds: 3 | |
successThreshold: 1 | |
timeoutSeconds: 1 | |
readinessProbe: | |
failureThreshold: 3 | |
httpGet: | |
port: 9090 | |
path: /metrics | |
scheme: HTTP | |
initialDelaySeconds: 10 | |
periodSeconds: 3 | |
successThreshold: 1 | |
timeoutSeconds: 1 | |
terminationMessagePolicy: FallbackToLogsOnError | |
terminationMessagePath: /dev/temination-log | |
securityContext: | |
allowPrivilegeEscalation: false | |
privileged: false | |
readOnlyRootFilesystem: true | |
volumes: | |
- name: config-kafka-broker-data-plane | |
configMap: | |
name: config-kafka-broker-data-plane | |
- name: kafka-broker-brokers-triggers | |
configMap: | |
name: kafka-broker-brokers-triggers | |
- name: cache | |
emptyDir: { } | |
- name: kafka-broker-config-logging | |
configMap: | |
name: kafka-config-logging | |
- name: config-tracing | |
configMap: | |
name: config-tracing | |
restartPolicy: Always | |
dnsConfig: | |
options: | |
- name: single-request-reopen | |
--- | |
# Copyright 2020 The Knative Authors | |
# | |
# Licensed under the Apache License, Version 2.0 (the "License"); | |
# you may not use this file except in compliance with the License. | |
# You may obtain a copy of the License at | |
# | |
# http://www.apache.org/licenses/LICENSE-2.0 | |
# | |
# Unless required by applicable law or agreed to in writing, software | |
# distributed under the License is distributed on an "AS IS" BASIS, | |
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
# See the License for the specific language governing permissions and | |
# limitations under the License. | |
apiVersion: apps/v1 | |
kind: Deployment | |
metadata: | |
name: kafka-broker-receiver | |
namespace: knative-eventing | |
labels: | |
app: kafka-broker-receiver | |
kafka.eventing.knative.dev/release: devel | |
spec: | |
selector: | |
matchLabels: | |
app: kafka-broker-receiver | |
template: | |
metadata: | |
name: kafka-broker-receiver | |
labels: | |
app: kafka-broker-receiver | |
kafka.eventing.knative.dev/release: devel | |
spec: | |
serviceAccountName: knative-kafka-broker-data-plane | |
securityContext: | |
runAsNonRoot: true | |
# To avoid node becoming SPOF, spread our replicas to different nodes. | |
affinity: | |
podAntiAffinity: | |
preferredDuringSchedulingIgnoredDuringExecution: | |
- podAffinityTerm: | |
labelSelector: | |
matchLabels: | |
app: kafka-broker-receiver | |
topologyKey: kubernetes.io/hostname | |
weight: 100 | |
containers: | |
- name: kafka-broker-receiver | |
image: docker.io/pierdipi/knative-kafka-broker-receiver:e0d1f434-41fe-11ec-8699-14857f6f674c | |
imagePullPolicy: IfNotPresent | |
volumeMounts: | |
- mountPath: /etc/config | |
name: config-kafka-broker-data-plane | |
readOnly: true | |
- mountPath: /etc/brokers-triggers | |
name: kafka-broker-brokers-triggers | |
readOnly: true | |
- mountPath: /tmp | |
name: cache | |
- mountPath: /etc/logging | |
name: kafka-broker-config-logging | |
readOnly: true | |
- mountPath: /etc/tracing | |
name: config-tracing | |
readOnly: true | |
ports: | |
- containerPort: 9090 | |
name: http-metrics | |
protocol: TCP | |
- containerPort: 8080 | |
name: http | |
protocol: TCP | |
env: | |
- name: SERVICE_NAME | |
value: "kafka-broker-receiver" | |
- name: SERVICE_NAMESPACE | |
valueFrom: | |
fieldRef: | |
fieldPath: metadata.namespace | |
- name: INGRESS_PORT | |
value: "8080" | |
- name: PRODUCER_CONFIG_FILE_PATH | |
value: /etc/config/config-kafka-broker-producer.properties | |
- name: HTTPSERVER_CONFIG_FILE_PATH | |
value: /etc/config/config-kafka-broker-httpserver.properties | |
- name: DATA_PLANE_CONFIG_FILE_PATH | |
value: /etc/brokers-triggers/data | |
- name: LIVENESS_PROBE_PATH | |
value: /healthz | |
- name: READINESS_PROBE_PATH | |
value: /readyz | |
- name: METRICS_PATH | |
value: /metrics | |
- name: METRICS_PORT | |
value: "9090" | |
- name: METRICS_PUBLISH_QUANTILES | |
value: "false" | |
- name: METRICS_JVM_ENABLED | |
value: "false" | |
- name: CONFIG_TRACING_PATH | |
value: "/etc/tracing" | |
# https://github.com/fabric8io/kubernetes-client/issues/2212 | |
- name: HTTP2_DISABLE | |
value: "true" | |
# This should be set according to initial delay seconds | |
- name: WAIT_STARTUP_SECONDS | |
value: "8" | |
command: | |
- "java" | |
args: | |
- "-Dlogback.configurationFile=/etc/logging/config.xml" | |
- "-jar" | |
- "/app/app.jar" | |
# TODO set resources (limits and requests) | |
livenessProbe: | |
failureThreshold: 3 | |
httpGet: | |
port: 8080 | |
path: /healthz | |
scheme: HTTP | |
initialDelaySeconds: 10 | |
periodSeconds: 3 | |
successThreshold: 1 | |
timeoutSeconds: 1 | |
readinessProbe: | |
failureThreshold: 3 | |
httpGet: | |
port: 8080 | |
path: /readyz | |
scheme: HTTP | |
initialDelaySeconds: 10 | |
periodSeconds: 3 | |
successThreshold: 1 | |
timeoutSeconds: 1 | |
terminationMessagePolicy: FallbackToLogsOnError | |
terminationMessagePath: /dev/temination-log | |
securityContext: | |
allowPrivilegeEscalation: false | |
privileged: false | |
readOnlyRootFilesystem: true | |
volumes: | |
- name: kafka-broker-brokers-triggers | |
configMap: | |
name: kafka-broker-brokers-triggers | |
- name: config-kafka-broker-data-plane | |
configMap: | |
name: config-kafka-broker-data-plane | |
- name: cache | |
emptyDir: { } | |
- name: kafka-broker-config-logging | |
configMap: | |
name: kafka-config-logging | |
- name: config-tracing | |
configMap: | |
name: config-tracing | |
restartPolicy: Always | |
--- | |
apiVersion: v1 | |
kind: Service | |
metadata: | |
name: kafka-broker-ingress | |
namespace: knative-eventing | |
labels: | |
app: kafka-broker-receiver | |
kafka.eventing.knative.dev/release: devel | |
spec: | |
selector: | |
app: kafka-broker-receiver | |
ports: | |
- name: http | |
port: 80 | |
protocol: TCP | |
targetPort: 8080 | |
- name: http-metrics | |
port: 9090 | |
protocol: TCP | |
targetPort: 9090 | |
--- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Copyright 2020 The Knative Authors | |
# | |
# Licensed under the Apache License, Version 2.0 (the "License"); | |
# you may not use this file except in compliance with the License. | |
# You may obtain a copy of the License at | |
# | |
# http://www.apache.org/licenses/LICENSE-2.0 | |
# | |
# Unless required by applicable law or agreed to in writing, software | |
# distributed under the License is distributed on an "AS IS" BASIS, | |
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
# See the License for the specific language governing permissions and | |
# limitations under the License. | |
apiVersion: v1 | |
kind: ConfigMap | |
metadata: | |
name: kafka-broker-config | |
namespace: knative-eventing | |
labels: | |
kafka.eventing.knative.dev/release: devel | |
data: | |
default.topic.partitions: "10" | |
default.topic.replication.factor: "3" | |
bootstrap.servers: "my-cluster-kafka-bootstrap.kafka:9092" | |
--- | |
# Copyright 2020 The Knative Authors | |
# | |
# Licensed under the Apache License, Version 2.0 (the "License"); | |
# you may not use this file except in compliance with the License. | |
# You may obtain a copy of the License at | |
# | |
# http://www.apache.org/licenses/LICENSE-2.0 | |
# | |
# Unless required by applicable law or agreed to in writing, software | |
# distributed under the License is distributed on an "AS IS" BASIS, | |
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
# See the License for the specific language governing permissions and | |
# limitations under the License. | |
apiVersion: apiextensions.k8s.io/v1 | |
kind: CustomResourceDefinition | |
metadata: | |
name: kafkachannels.messaging.knative.dev | |
labels: | |
kafka.eventing.knative.dev/release: "v20211108-c5e12df13" | |
knative.dev/crd-install: "true" | |
messaging.knative.dev/subscribable: "true" | |
duck.knative.dev/addressable: "true" | |
spec: | |
group: messaging.knative.dev | |
versions: | |
- name: v1beta1 | |
served: true | |
storage: true | |
subresources: | |
status: {} | |
schema: | |
openAPIV3Schema: | |
description: 'KafkaChannel is a resource representing a Channel that is backed by a topic of an Apache Kafka cluster.' | |
type: object | |
properties: | |
spec: | |
description: Spec defines the desired state of the Channel. | |
type: object | |
properties: | |
numPartitions: | |
description: NumPartitions is the number of partitions of a Kafka topic. By default, it is set to 1. | |
type: integer | |
format: int32 | |
default: 1 | |
replicationFactor: | |
description: ReplicationFactor is the replication factor of a Kafka topic. By default, it is set to 1. | |
type: integer | |
maximum: 32767 | |
default: 1 | |
retentionDuration: | |
description: RetentionDuration is the retention time for events in a Kafka Topic represented as an ISO-8601 Duration. By default it is set to 168 hours, which is the precise form of 7 days. | |
type: string | |
delivery: | |
description: DeliverySpec contains the default delivery spec for each subscription to this Channelable. Each subscription delivery spec, if any, overrides this global delivery spec. | |
type: object | |
properties: | |
backoffDelay: | |
description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*<numberOfRetries>. For exponential policy, backoff delay is backoffDelay*2^<numberOfRetries>.' | |
type: string | |
backoffPolicy: | |
description: BackoffPolicy is the retry backoff policy (linear, exponential). | |
type: string | |
deadLetterSink: | |
description: DeadLetterSink is the sink receiving event that could not be sent to a destination. | |
type: object | |
properties: | |
ref: | |
description: Ref points to an Addressable. | |
type: object | |
properties: | |
apiVersion: | |
description: API version of the referent. | |
type: string | |
kind: | |
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' | |
type: string | |
name: | |
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' | |
type: string | |
namespace: | |
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' | |
type: string | |
uri: | |
description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. | |
type: string | |
retry: | |
description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. | |
type: integer | |
format: int32 | |
subscribers: | |
description: This is the list of subscriptions for this subscribable. | |
type: array | |
items: | |
type: object | |
properties: | |
delivery: | |
description: DeliverySpec contains options controlling the event delivery | |
type: object | |
properties: | |
backoffDelay: | |
description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*<numberOfRetries>. For exponential policy, backoff delay is backoffDelay*2^<numberOfRetries>.' | |
type: string | |
backoffPolicy: | |
description: BackoffPolicy is the retry backoff policy (linear, exponential). | |
type: string | |
deadLetterSink: | |
description: DeadLetterSink is the sink receiving event that could not be sent to a destination. | |
type: object | |
properties: | |
ref: | |
description: Ref points to an Addressable. | |
type: object | |
properties: | |
apiVersion: | |
description: API version of the referent. | |
type: string | |
kind: | |
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' | |
type: string | |
name: | |
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' | |
type: string | |
namespace: | |
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' | |
type: string | |
uri: | |
description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. | |
type: string | |
retry: | |
description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. | |
type: integer | |
format: int32 | |
generation: | |
description: Generation of the origin of the subscriber with uid:UID. | |
type: integer | |
format: int64 | |
replyUri: | |
description: ReplyURI is the endpoint for the reply | |
type: string | |
subscriberUri: | |
description: SubscriberURI is the endpoint for the subscriber | |
type: string | |
uid: | |
description: UID is used to understand the origin of the subscriber. | |
type: string | |
status: | |
description: Status represents the current state of the KafkaChannel. This data may be out of date. | |
type: object | |
properties: | |
address: | |
type: object | |
required: | |
- url | |
properties: | |
url: | |
type: string | |
annotations: | |
description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. | |
type: object | |
x-kubernetes-preserve-unknown-fields: true | |
conditions: | |
description: Conditions the latest available observations of a resource's current state. | |
type: array | |
items: | |
type: object | |
required: | |
- type | |
- status | |
properties: | |
lastTransitionTime: | |
description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). | |
type: string | |
message: | |
description: A human readable message indicating details about the transition. | |
type: string | |
reason: | |
description: The reason for the condition's last transition. | |
type: string | |
severity: | |
description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. | |
type: string | |
status: | |
description: Status of the condition, one of True, False, Unknown. | |
type: string | |
type: | |
description: Type of condition. | |
type: string | |
deadLetterChannel: | |
description: DeadLetterChannel is a KReference and is set by the channel when it supports native error handling via a channel Failed messages are delivered here. | |
type: object | |
properties: | |
apiVersion: | |
description: API version of the referent. | |
type: string | |
kind: | |
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' | |
type: string | |
name: | |
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' | |
type: string | |
namespace: | |
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' | |
type: string | |
observedGeneration: | |
description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. | |
type: integer | |
format: int64 | |
subscribers: | |
description: This is the list of subscription's statuses for this channel. | |
type: array | |
items: | |
type: object | |
properties: | |
message: | |
description: A human readable message indicating details of Ready status. | |
type: string | |
observedGeneration: | |
description: Generation of the origin of the subscriber with uid:UID. | |
type: integer | |
format: int64 | |
ready: | |
description: Status of the subscriber. | |
type: string | |
uid: | |
description: UID is used to understand the origin of the subscriber. | |
type: string | |
additionalPrinterColumns: | |
- name: Ready | |
type: string | |
jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" | |
- name: Reason | |
type: string | |
jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" | |
- name: URL | |
type: string | |
jsonPath: .status.address.url | |
- name: Age | |
type: date | |
jsonPath: .metadata.creationTimestamp | |
names: | |
kind: KafkaChannel | |
plural: kafkachannels | |
singular: kafkachannel | |
categories: | |
- all | |
- knative | |
- messaging | |
- channel | |
shortNames: | |
- kc | |
scope: Namespaced | |
conversion: | |
strategy: Webhook | |
webhook: | |
conversionReviewVersions: ["v1", "v1beta1"] | |
clientConfig: | |
service: | |
name: kafka-webhook | |
namespace: knative-eventing | |
--- | |
--- | |
# Copyright 2020 The Knative Authors | |
# | |
# Licensed under the Apache License, Version 2.0 (the "License"); | |
# you may not use this file except in compliance with the License. | |
# You may obtain a copy of the License at | |
# | |
# http://www.apache.org/licenses/LICENSE-2.0 | |
# | |
# Unless required by applicable law or agreed to in writing, software | |
# distributed under the License is distributed on an "AS IS" BASIS, | |
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
# See the License for the specific language governing permissions and | |
# limitations under the License. | |
apiVersion: apiextensions.k8s.io/v1 | |
kind: CustomResourceDefinition | |
metadata: | |
name: kafkasinks.eventing.knative.dev | |
labels: | |
duck.knative.dev/addressable: "true" | |
knative.dev/crd-install: "true" | |
kafka.eventing.knative.dev/release: devel | |
spec: | |
group: eventing.knative.dev | |
names: | |
kind: KafkaSink | |
plural: kafkasinks | |
singular: kafkasink | |
categories: | |
- all | |
- knative | |
- eventing | |
scope: Namespaced | |
versions: | |
- name: v1alpha1 | |
served: true | |
storage: true | |
subresources: | |
status: {} | |
schema: | |
openAPIV3Schema: | |
description: 'Kafka Sink is Addressable, it receives events and send them to a Kafka topic.' | |
type: object | |
properties: | |
spec: | |
description: 'Spec defines the desired state of the Kafka Sink.' | |
type: object | |
required: | |
- topic | |
- bootstrapServers | |
properties: | |
topic: | |
description: 'Topic name to send events.' | |
type: string | |
numPartitions: | |
description: 'Number of topic partitions. If not specified the topic isn''t automatically created, and the system supposes that the topic is already present.' | |
type: integer | |
format: int32 | |
replicationFactor: | |
description: 'Topic replication factor. If not specified the topic isn''t automatically created, and the system supposes that the topic is already present.' | |
type: integer | |
format: int32 | |
bootstrapServers: | |
description: 'A list of host/port pairs to use for establishing the initial connection to the Kafka cluster.' | |
type: array | |
minLength: 1 | |
items: | |
type: string | |
contentMode: | |
description: | | |
CloudEvent content mode of Kafka messages sent to the topic. | |
Possible values: [structured, binary] (default: structured) | |
- https://github.com/cloudevents/spec/blob/v1.0/spec.md#message | |
- https://github.com/cloudevents/spec/blob/v1.0/kafka-protocol-binding.md#33-structured-content-mode | |
- https://github.com/cloudevents/spec/blob/v1.0/kafka-protocol-binding.md#32-binary-content-mode | |
type: string | |
enum: | |
- structured | |
- binary | |
default: structured | |
auth: | |
description: 'Auth configurations' | |
type: object | |
properties: | |
secret: | |
description: 'Auth secret' | |
type: object | |
properties: | |
ref: | |
# TODO add format in description (?) | |
description: | | |
Secret reference. | |
type: object | |
required: | |
- name | |
properties: | |
name: | |
description: 'Secret name' | |
type: string | |
status: | |
description: 'Status represents the current state of the KafkaSink. This data may be out of date.' | |
type: object | |
properties: | |
address: | |
description: 'Kafka Sink is Addressable. It exposes the endpoint as an URI to get events delivered to a Kafka topic.' | |
type: object | |
properties: | |
url: | |
type: string | |
annotations: | |
description: 'Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.' | |
type: object | |
x-kubernetes-preserve-unknown-fields: true | |
conditions: | |
description: 'Conditions the latest available observations of a resource''s current state.' | |
type: array | |
items: | |
type: object | |
required: | |
- type | |
- status | |
properties: | |
lastTransitionTime: | |
description: 'LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).' | |
type: string | |
message: | |
description: 'A human readable message indicating details about the transition.' | |
type: string | |
reason: | |
description: 'The reason for the condition''s last transition.' | |
type: string | |
severity: | |
description: 'Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.' | |
type: string | |
status: | |
description: 'Status of the condition, one of True, False, Unknown.' | |
type: string | |
type: | |
description: 'Type of condition.' | |
type: string | |
observedGeneration: | |
description: 'ObservedGeneration is the ''Generation'' of the Service that was last processed by the controller.' | |
type: integer | |
format: int64 | |
additionalPrinterColumns: | |
- name: URL | |
type: string | |
jsonPath: .status.address.url | |
- name: Age | |
type: date | |
jsonPath: .metadata.creationTimestamp | |
- name: Ready | |
type: string | |
jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" | |
- name: Reason | |
type: string | |
jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" | |
# conversion: | |
# strategy: Webhook | |
# webhook: | |
# conversionReviewVersions: [ "v1alpha1" ] | |
# clientConfig: | |
# service: | |
# name: eventing-kafka-webhook | |
# namespace: knative-eventing | |
--- | |
# Copyright 2019 The Knative Authors | |
# | |
# Licensed under the Apache License, Version 2.0 (the "License"); | |
# you may not use this file except in compliance with the License. | |
# You may obtain a copy of the License at | |
# | |
# http://www.apache.org/licenses/LICENSE-2.0 | |
# | |
# Unless required by applicable law or agreed to in writing, software | |
# distributed under the License is distributed on an "AS IS" BASIS, | |
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
# See the License for the specific language governing permissions and | |
# limitations under the License. | |
apiVersion: apiextensions.k8s.io/v1 | |
kind: CustomResourceDefinition | |
metadata: | |
labels: | |
kafka.eventing.knative.dev/release: "v20211108-c5e12df13" | |
duck.knative.dev/binding: "true" | |
knative.dev/crd-install: "true" | |
name: kafkabindings.bindings.knative.dev | |
spec: | |
group: bindings.knative.dev | |
versions: | |
- name: v1beta1 | |
served: true | |
storage: true | |
subresources: | |
status: {} | |
schema: | |
openAPIV3Schema: | |
type: object | |
# this is a work around so we don't need to flush out the | |
# schema for each version at this time | |
# | |
# see issue: https://github.com/knative/serving/issues/912 | |
x-kubernetes-preserve-unknown-fields: true | |
additionalPrinterColumns: | |
- name: BootstrapServers | |
type: string | |
jsonPath: ".spec.bootstrapServers" | |
- name: Ready | |
type: string | |
jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" | |
- name: Reason | |
type: string | |
jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" | |
- name: Age | |
type: date | |
jsonPath: .metadata.creationTimestamp | |
names: | |
categories: | |
- all | |
- knative | |
- eventing | |
- bindings | |
kind: KafkaBinding | |
plural: kafkabindings | |
scope: Namespaced | |
conversion: | |
strategy: Webhook | |
webhook: | |
conversionReviewVersions: ["v1", "v1beta1"] | |
clientConfig: | |
service: | |
name: kafka-source-webhook | |
namespace: knative-eventing | |
# Copyright 2019 The Knative Authors | |
# | |
# Licensed under the Apache License, Version 2.0 (the "License"); | |
# you may not use this file except in compliance with the License. | |
# You may obtain a copy of the License at | |
# | |
# http://www.apache.org/licenses/LICENSE-2.0 | |
# | |
# Unless required by applicable law or agreed to in writing, software | |
# distributed under the License is distributed on an "AS IS" BASIS, | |
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
# See the License for the specific language governing permissions and | |
# limitations under the License. | |
--- | |
apiVersion: apiextensions.k8s.io/v1 | |
kind: CustomResourceDefinition | |
metadata: | |
labels: | |
kafka.eventing.knative.dev/release: "v20211108-c5e12df13" | |
eventing.knative.dev/source: "true" | |
duck.knative.dev/source: "true" | |
knative.dev/crd-install: "true" | |
annotations: | |
registry.knative.dev/eventTypes: | | |
[ | |
{ "type": "dev.knative.kafka.event" } | |
] | |
name: kafkasources.sources.knative.dev | |
spec: | |
group: sources.knative.dev | |
versions: | |
- name: v1beta1 | |
served: true | |
storage: true | |
schema: | |
openAPIV3Schema: | |
type: object | |
# this is a work around so we don't need to flush out the | |
# schema for each version at this time | |
# | |
# see issue: https://github.com/knative/serving/issues/912 | |
x-kubernetes-preserve-unknown-fields: true | |
subresources: | |
status: {} | |
scale: | |
# specReplicasPath defines the JSONPath inside of a custom resource that corresponds to Scale.Spec.Replicas. | |
specReplicasPath: .spec.consumers | |
# statusReplicasPath defines the JSONPath inside of a custom resource that corresponds to Scale.Status.Replicas. | |
statusReplicasPath: .status.consumers | |
# labelSelectorPath defines the JSONPath inside of a custom resource that corresponds to Scale.Status.Selector | |
labelSelectorPath: .status.selector | |
additionalPrinterColumns: | |
- name: Topics | |
type: string | |
jsonPath: ".spec.topics" | |
- name: BootstrapServers | |
type: string | |
jsonPath: ".spec.bootstrapServers" | |
- name: Ready | |
type: string | |
jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" | |
- name: Reason | |
type: string | |
jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" | |
- name: Age | |
type: date | |
jsonPath: .metadata.creationTimestamp | |
names: | |
categories: | |
- all | |
- knative | |
- eventing | |
- sources | |
kind: KafkaSource | |
plural: kafkasources | |
scope: Namespaced | |
conversion: | |
strategy: Webhook | |
webhook: | |
conversionReviewVersions: ["v1", "v1beta1"] | |
clientConfig: | |
service: | |
name: kafka-source-webhook | |
namespace: knative-eventing | |
--- | |
--- | |
# Copyright 2020 The Knative Authors | |
# | |
# Licensed under the Apache License, Version 2.0 (the "License"); | |
# you may not use this file except in compliance with the License. | |
# You may obtain a copy of the License at | |
# | |
# http://www.apache.org/licenses/LICENSE-2.0 | |
# | |
# Unless required by applicable law or agreed to in writing, software | |
# distributed under the License is distributed on an "AS IS" BASIS, | |
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
# See the License for the specific language governing permissions and | |
# limitations under the License. | |
apiVersion: v1 | |
kind: ConfigMap | |
metadata: | |
name: kafka-config-logging | |
namespace: knative-eventing | |
labels: | |
kafka.eventing.knative.dev/release: devel | |
data: | |
config.xml: | | |
<configuration> | |
<appender name="jsonConsoleAppender" class="ch.qos.logback.core.ConsoleAppender"> | |
<encoder class="net.logstash.logback.encoder.LogstashEncoder"/> | |
</appender> | |
<root level="INFO"> | |
<appender-ref ref="jsonConsoleAppender"/> | |
</root> | |
</configuration> | |
--- | |
# Copyright 2019 The Knative Authors | |
# | |
# Licensed under the Apache License, Version 2.0 (the "License"); | |
# you may not use this file except in compliance with the License. | |
# You may obtain a copy of the License at | |
# | |
# https://www.apache.org/licenses/LICENSE-2.0 | |
# | |
# Unless required by applicable law or agreed to in writing, software | |
# distributed under the License is distributed on an "AS IS" BASIS, | |
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
# See the License for the specific language governing permissions and | |
# limitations under the License. | |
apiVersion: v1 | |
kind: ConfigMap | |
metadata: | |
name: config-tracing | |
namespace: knative-eventing | |
labels: | |
kafka.eventing.knative.dev/release: devel | |
knative.dev/config-propagation: original | |
knative.dev/config-category: eventing | |
annotations: | |
knative.dev/example-checksum: "4002b4c2" | |
data: | |
_example: | | |
################################ | |
# # | |
# EXAMPLE CONFIGURATION # | |
# # | |
################################ | |
# This block is not actually functional configuration, | |
# but serves to illustrate the available configuration | |
# options and document them in a way that is accessible | |
# to users that `kubectl edit` this config map. | |
# | |
# These sample configuration options may be copied out of | |
# this example block and unindented to be in the data block | |
# to actually change the configuration. | |
# | |
# This may be "zipkin" or "stackdriver", the default is "none" | |
backend: "none" | |
# URL to zipkin collector where traces are sent. | |
# This must be specified when backend is "zipkin" | |
zipkin-endpoint: "http://zipkin.istio-system.svc.cluster.local:9411/api/v2/spans" | |
# The GCP project into which stackdriver metrics will be written | |
# when backend is "stackdriver". If unspecified, the project-id | |
# is read from GCP metadata when running on GCP. | |
stackdriver-project-id: "my-project" | |
# Enable zipkin debug mode. This allows all spans to be sent to the server | |
# bypassing sampling. | |
debug: "false" | |
# Percentage (0-1) of requests to trace | |
sample-rate: "0.1" | |
--- | |
# Copyright 2021 The Knative Authors | |
# | |
# Licensed under the Apache License, Version 2.0 (the "License"); | |
# you may not use this file except in compliance with the License. | |
# You may obtain a copy of the License at | |
# | |
# http://www.apache.org/licenses/LICENSE-2.0 | |
# | |
# Unless required by applicable law or agreed to in writing, software | |
# distributed under the License is distributed on an "AS IS" BASIS, | |
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
# See the License for the specific language governing permissions and | |
# limitations under the License. | |
kind: ClusterRole | |
apiVersion: rbac.authorization.k8s.io/v1 | |
metadata: | |
name: knative-kafka-addressable-resolver | |
labels: | |
kafka.eventing.knative.dev/release: devel | |
duck.knative.dev/addressable: "true" | |
# Do not use this role directly. These rules will be added to the "addressable-resolver" role. | |
rules: | |
- apiGroups: | |
- eventing.knative.dev | |
resources: | |
- kafkasinks | |
- kafkasinks/status | |
verbs: | |
- get | |
- list | |
- watch | |
- apiGroups: | |
- messaging.knative.dev | |
resources: | |
- kafkachannels | |
- kafkachannels/status | |
verbs: | |
- get | |
- list | |
- watch | |
--- | |
# Copyright 2021 The Knative Authors | |
# | |
# Licensed under the Apache License, Version 2.0 (the "License"); | |
# you may not use this file except in compliance with the License. | |
# You may obtain a copy of the License at | |
# | |
# http://www.apache.org/licenses/LICENSE-2.0 | |
# | |
# Unless required by applicable law or agreed to in writing, software | |
# distributed under the License is distributed on an "AS IS" BASIS, | |
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
# See the License for the specific language governing permissions and | |
# limitations under the License. | |
apiVersion: rbac.authorization.k8s.io/v1 | |
kind: ClusterRole | |
metadata: | |
name: knative-kafka-channelable-manipulator | |
labels: | |
kafka.eventing.knative.dev/release: devel | |
duck.knative.dev/channelable: "true" | |
# Do not use this role directly. These rules will be added to the "channelable-manipulator" role. | |
rules: | |
- apiGroups: | |
- messaging.knative.dev | |
resources: | |
- kafkachannels | |
- kafkachannels/status | |
verbs: | |
- create | |
- get | |
- list | |
- watch | |
- update | |
- patch | |
- delete | |
--- | |
# Copyright 2020 The Knative Authors | |
# | |
# Licensed under the Apache License, Version 2.0 (the "License"); | |
# you may not use this file except in compliance with the License. | |
# You may obtain a copy of the License at | |
# | |
# http://www.apache.org/licenses/LICENSE-2.0 | |
# | |
# Unless required by applicable law or agreed to in writing, software | |
# distributed under the License is distributed on an "AS IS" BASIS, | |
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
# See the License for the specific language governing permissions and | |
# limitations under the License. | |
apiVersion: rbac.authorization.k8s.io/v1 | |
kind: ClusterRole | |
metadata: | |
name: kafka-controller | |
labels: | |
kafka.eventing.knative.dev/release: devel | |
rules: | |
- apiGroups: | |
- "*" | |
resources: | |
- configmaps | |
verbs: | |
- get | |
- list | |
- watch | |
- update | |
- create | |
- apiGroups: | |
- "*" | |
resources: | |
- pods | |
verbs: | |
- list | |
- update | |
- get | |
- watch | |
- apiGroups: | |
- "*" | |
resources: | |
- events | |
verbs: | |
- patch | |
- create | |
- apiGroups: | |
- "coordination.k8s.io" | |
resources: | |
- "leases" | |
verbs: | |
- get | |
- list | |
- create | |
- update | |
- delete | |
- patch | |
- watch | |
- apiGroups: | |
- "*" | |
resources: | |
- secrets | |
verbs: | |
- list | |
- get | |
- watch | |
# Eventing resources and statuses we care about | |
- apiGroups: | |
- "eventing.knative.dev" | |
resources: | |
- "brokers" | |
- "brokers/status" | |
- "triggers" | |
- "triggers/status" | |
- "kafkasinks" | |
- "kafkasinks/status" | |
verbs: | |
- list | |
- get | |
- watch | |
- patch | |
- update | |
# eventing.knative.dev resources and finalizers we care about. | |
- apiGroups: | |
- "eventing.knative.dev" | |
resources: | |
- "brokers/finalizers" | |
- "triggers/finalizers" | |
- "kafkasinks/finalizers" | |
verbs: | |
- update | |
# messaging.knative.dev resources and finalizers we care about. | |
- apiGroups: | |
- messaging.knative.dev | |
resources: | |
- kafkachannels | |
- kafkachannels/status | |
verbs: | |
- get | |
- list | |
- watch | |
- update | |
- patch | |
- apiGroups: | |
- messaging.knative.dev | |
resources: | |
- kafkachannels/finalizers | |
verbs: | |
- update | |
# sources.knative.dev resources and finalizers we care about. | |
- apiGroups: | |
- sources.knative.dev | |
resources: | |
- kafkasources | |
- kafkasources/status | |
verbs: | |
- get | |
- list | |
- watch | |
- update | |
- patch | |
- apiGroups: | |
- sources.knative.dev | |
resources: | |
- kafkasources/finalizers | |
verbs: | |
- update | |
--- | |
# Copyright 2020 The Knative Authors | |
# | |
# Licensed under the Apache License, Version 2.0 (the "License"); | |
# you may not use this file except in compliance with the License. | |
# You may obtain a copy of the License at | |
# | |
# http://www.apache.org/licenses/LICENSE-2.0 | |
# | |
# Unless required by applicable law or agreed to in writing, software | |
# distributed under the License is distributed on an "AS IS" BASIS, | |
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
# See the License for the specific language governing permissions and | |
# limitations under the License. | |
apiVersion: v1 | |
kind: ServiceAccount | |
metadata: | |
name: kafka-controller | |
namespace: knative-eventing | |
labels: | |
kafka.eventing.knative.dev/release: devel | |
--- | |
# Copyright 2020 The Knative Authors | |
# | |
# Licensed under the Apache License, Version 2.0 (the "License"); | |
# you may not use this file except in compliance with the License. | |
# You may obtain a copy of the License at | |
# | |
# http://www.apache.org/licenses/LICENSE-2.0 | |
# | |
# Unless required by applicable law or agreed to in writing, software | |
# distributed under the License is distributed on an "AS IS" BASIS, | |
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
# See the License for the specific language governing permissions and | |
# limitations under the License. | |
apiVersion: rbac.authorization.k8s.io/v1 | |
kind: ClusterRoleBinding | |
metadata: | |
name: kafka-controller | |
labels: | |
kafka.eventing.knative.dev/release: devel | |
subjects: | |
- kind: ServiceAccount | |
name: kafka-controller | |
namespace: knative-eventing | |
roleRef: | |
kind: ClusterRole | |
name: kafka-controller | |
apiGroup: rbac.authorization.k8s.io | |
--- | |
apiVersion: rbac.authorization.k8s.io/v1 | |
kind: ClusterRoleBinding | |
metadata: | |
name: kafka-controller-addressable-resolver | |
labels: | |
kafka.eventing.knative.dev/release: devel | |
subjects: | |
- kind: ServiceAccount | |
name: kafka-controller | |
namespace: knative-eventing | |
roleRef: | |
apiGroup: rbac.authorization.k8s.io | |
kind: ClusterRole | |
name: addressable-resolver | |
--- | |
# Copyright 2020 The Knative Authors | |
# | |
# Licensed under the Apache License, Version 2.0 (the "License"); | |
# you may not use this file except in compliance with the License. | |
# You may obtain a copy of the License at | |
# | |
# http://www.apache.org/licenses/LICENSE-2.0 | |
# | |
# Unless required by applicable law or agreed to in writing, software | |
# distributed under the License is distributed on an "AS IS" BASIS, | |
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
# See the License for the specific language governing permissions and | |
# limitations under the License. | |
apiVersion: apps/v1 | |
kind: Deployment | |
metadata: | |
name: kafka-controller | |
namespace: knative-eventing | |
labels: | |
app: kafka-controller | |
kafka.eventing.knative.dev/release: devel | |
spec: | |
selector: | |
matchLabels: | |
app: kafka-controller | |
template: | |
metadata: | |
name: kafka-controller | |
labels: | |
app: kafka-controller | |
kafka.eventing.knative.dev/release: devel | |
spec: | |
securityContext: | |
runAsNonRoot: true | |
serviceAccountName: kafka-controller | |
# To avoid node becoming SPOF, spread our replicas to different nodes. | |
affinity: | |
podAntiAffinity: | |
preferredDuringSchedulingIgnoredDuringExecution: | |
- podAffinityTerm: | |
labelSelector: | |
matchLabels: | |
app: kafka-controller | |
topologyKey: kubernetes.io/hostname | |
weight: 100 | |
containers: | |
- name: controller | |
image: docker.io/pierdipi/kafka-controller-409c76cb00d7d7c46941c7e4c366e4a6@sha256:748dc7616ea06d3d7b862de36d5f0321568da23acd32211bf6aea95c0543717e | |
imagePullPolicy: IfNotPresent | |
env: | |
- name: BROKER_DATA_PLANE_CONFIG_MAP_NAMESPACE | |
value: knative-eventing | |
- name: CHANNEL_DATA_PLANE_CONFIG_MAP_NAMESPACE | |
value: knative-eventing | |
- name: SINK_DATA_PLANE_CONFIG_MAP_NAMESPACE | |
value: knative-eventing | |
- name: SOURCE_DATA_PLANE_CONFIG_MAP_NAMESPACE | |
value: knative-eventing | |
- name: BROKER_DATA_PLANE_CONFIG_MAP_NAME | |
value: kafka-broker-brokers-triggers | |
- name: CHANNEL_DATA_PLANE_CONFIG_MAP_NAME | |
value: kafka-channel-channels-subscriptions | |
- name: SINK_DATA_PLANE_CONFIG_MAP_NAME | |
value: kafka-sink-sinks | |
- name: SOURCE_DATA_PLANE_CONFIG_MAP_NAME | |
value: kafka-source-sources | |
- name: BROKER_DATA_PLANE_CONFIG_FORMAT | |
value: json | |
- name: CHANNEL_DATA_PLANE_CONFIG_FORMAT | |
value: json | |
- name: SINK_DATA_PLANE_CONFIG_FORMAT | |
value: json | |
- name: SOURCE_DATA_PLANE_CONFIG_FORMAT | |
value: json | |
- name: BROKER_INGRESS_NAME | |
value: kafka-broker-ingress | |
- name: CHANNEL_INGRESS_NAME | |
value: kafka-channel-ingress | |
- name: SINK_INGRESS_NAME | |
value: kafka-sink-ingress | |
- name: SOURCE_INGRESS_NAME | |
value: kafka-source-ingress | |
- name: BROKER_GENERAL_CONFIG_MAP_NAME | |
value: kafka-broker-config | |
- name: CHANNEL_GENERAL_CONFIG_MAP_NAME | |
value: kafka-broker-config | |
- name: SINK_GENERAL_CONFIG_MAP_NAME | |
value: kafka-broker-config | |
- name: SOURCE_GENERAL_CONFIG_MAP_NAME | |
value: kafka-broker-config | |
- name: BROKER_SYSTEM_NAMESPACE | |
valueFrom: | |
fieldRef: | |
fieldPath: metadata.namespace | |
- name: CHANNEL_SYSTEM_NAMESPACE | |
valueFrom: | |
fieldRef: | |
fieldPath: metadata.namespace | |
- name: SINK_SYSTEM_NAMESPACE | |
valueFrom: | |
fieldRef: | |
fieldPath: metadata.namespace | |
- name: SOURCE_SYSTEM_NAMESPACE | |
valueFrom: | |
fieldRef: | |
fieldPath: metadata.namespace | |
- name: BROKER_DEFAULT_BACKOFF_DELAY_MS | |
value: "1000" # 1 second | |
- name: SYSTEM_NAMESPACE | |
valueFrom: | |
fieldRef: | |
fieldPath: metadata.namespace | |
- name: CONFIG_LOGGING_NAME | |
value: config-logging | |
- name: CONFIG_OBSERVABILITY_NAME | |
value: config-observability | |
- name: METRICS_DOMAIN | |
value: knative.dev/eventing | |
- name: POD_NAME | |
valueFrom: | |
fieldRef: | |
fieldPath: metadata.name | |
ports: | |
- containerPort: 9090 | |
name: metrics | |
terminationMessagePolicy: FallbackToLogsOnError | |
terminationMessagePath: /dev/temination-log | |
securityContext: | |
allowPrivilegeEscalation: false | |
privileged: false | |
readOnlyRootFilesystem: true | |
restartPolicy: Always | |
--- | |
# Copyright 2020 The Knative Authors | |
# | |
# Licensed under the Apache License, Version 2.0 (the "License"); | |
# you may not use this file except in compliance with the License. | |
# You may obtain a copy of the License at | |
# | |
# http://www.apache.org/licenses/LICENSE-2.0 | |
# | |
# Unless required by applicable law or agreed to in writing, software | |
# distributed under the License is distributed on an "AS IS" BASIS, | |
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
# See the License for the specific language governing permissions and | |
# limitations under the License. | |
apiVersion: rbac.authorization.k8s.io/v1 | |
kind: ClusterRole | |
metadata: | |
name: kafka-webhook-eventing | |
labels: | |
kafka.eventing.knative.dev/release: devel | |
rules: | |
# For watching logging configuration and getting certs. | |
- apiGroups: | |
- "" | |
resources: | |
- "configmaps" | |
verbs: | |
- "get" | |
- "list" | |
- "watch" | |
# For manipulating certs into secrets. | |
- apiGroups: | |
- "" | |
resources: | |
- "secrets" | |
- "namespaces" | |
verbs: | |
- "get" | |
- "create" | |
- "update" | |
- "list" | |
- "watch" | |
- "patch" | |
# For getting our Deployment so we can decorate with ownerref. | |
- apiGroups: | |
- "apps" | |
resources: | |
- "deployments" | |
verbs: | |
- "get" | |
- apiGroups: | |
- "apps" | |
resources: | |
- "deployments/finalizers" | |
verbs: | |
- update | |
# For actually registering our webhook. | |
- apiGroups: | |
- "admissionregistration.k8s.io" | |
resources: | |
- "mutatingwebhookconfigurations" | |
- "validatingwebhookconfigurations" | |
verbs: &everything | |
- "get" | |
- "list" | |
- "create" | |
- "update" | |
- "delete" | |
- "patch" | |
- "watch" | |
# For leader election | |
- apiGroups: | |
- "coordination.k8s.io" | |
resources: | |
- "leases" | |
verbs: *everything | |
# finalizers are needed for the owner reference of the webhook | |
- apiGroups: | |
- "" | |
resources: | |
- "namespaces/finalizers" | |
verbs: | |
- "update" | |
--- | |
# Copyright 2020 The Knative Authors | |
# | |
# Licensed under the Apache License, Version 2.0 (the "License"); | |
# you may not use this file except in compliance with the License. | |
# You may obtain a copy of the License at | |
# | |
# http://www.apache.org/licenses/LICENSE-2.0 | |
# | |
# Unless required by applicable law or agreed to in writing, software | |
# distributed under the License is distributed on an "AS IS" BASIS, | |
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
# See the License for the specific language governing permissions and | |
# limitations under the License. | |
apiVersion: v1 | |
kind: ServiceAccount | |
metadata: | |
name: kafka-webhook-eventing | |
namespace: knative-eventing | |
labels: | |
kafka.eventing.knative.dev/release: devel | |
--- | |
# Copyright 2020 The Knative Authors | |
# | |
# Licensed under the Apache License, Version 2.0 (the "License"); | |
# you may not use this file except in compliance with the License. | |
# You may obtain a copy of the License at | |
# | |
# http://www.apache.org/licenses/LICENSE-2.0 | |
# | |
# Unless required by applicable law or agreed to in writing, software | |
# distributed under the License is distributed on an "AS IS" BASIS, | |
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
# See the License for the specific language governing permissions and | |
# limitations under the License. | |
apiVersion: rbac.authorization.k8s.io/v1 | |
kind: ClusterRoleBinding | |
metadata: | |
name: kafka-webhook-eventing | |
labels: | |
kafka.eventing.knative.dev/release: devel | |
subjects: | |
- kind: ServiceAccount | |
name: kafka-webhook-eventing | |
namespace: knative-eventing | |
roleRef: | |
kind: ClusterRole | |
name: kafka-webhook-eventing | |
apiGroup: rbac.authorization.k8s.io | |
--- | |
# Copyright 2020 The Knative Authors | |
# | |
# Licensed under the Apache License, Version 2.0 (the "License"); | |
# you may not use this file except in compliance with the License. | |
# You may obtain a copy of the License at | |
# | |
# https://www.apache.org/licenses/LICENSE-2.0 | |
# | |
# Unless required by applicable law or agreed to in writing, software | |
# distributed under the License is distributed on an "AS IS" BASIS, | |
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
# See the License for the specific language governing permissions and | |
# limitations under the License. | |
apiVersion: admissionregistration.k8s.io/v1 | |
kind: MutatingWebhookConfiguration | |
metadata: | |
name: defaulting.webhook.kafka.eventing.knative.dev | |
labels: | |
kafka.eventing.knative.dev/release: devel | |
webhooks: | |
- admissionReviewVersions: ["v1", "v1beta1"] | |
clientConfig: | |
service: | |
name: kafka-webhook-eventing | |
namespace: knative-eventing | |
sideEffects: None | |
failurePolicy: Fail | |
name: defaulting.webhook.kafka.eventing.knative.dev | |
timeoutSeconds: 2 | |
--- | |
# Copyright 2020 The Knative Authors | |
# | |
# Licensed under the Apache License, Version 2.0 (the "License"); | |
# you may not use this file except in compliance with the License. | |
# You may obtain a copy of the License at | |
# | |
# https://www.apache.org/licenses/LICENSE-2.0 | |
# | |
# Unless required by applicable law or agreed to in writing, software | |
# distributed under the License is distributed on an "AS IS" BASIS, | |
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
# See the License for the specific language governing permissions and | |
# limitations under the License. | |
apiVersion: v1 | |
kind: Secret | |
metadata: | |
name: kafka-webhook-eventing-certs | |
namespace: knative-eventing | |
labels: | |
kafka.eventing.knative.dev/release: devel | |
# The data is populated at install time. | |
--- | |
# Copyright 2020 The Knative Authors | |
# | |
# Licensed under the Apache License, Version 2.0 (the "License"); | |
# you may not use this file except in compliance with the License. | |
# You may obtain a copy of the License at | |
# | |
# https://www.apache.org/licenses/LICENSE-2.0 | |
# | |
# Unless required by applicable law or agreed to in writing, software | |
# distributed under the License is distributed on an "AS IS" BASIS, | |
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
# See the License for the specific language governing permissions and | |
# limitations under the License. | |
apiVersion: admissionregistration.k8s.io/v1 | |
kind: ValidatingWebhookConfiguration | |
metadata: | |
name: validation.webhook.kafka.eventing.knative.dev | |
labels: | |
kafka.eventing.knative.dev/release: devel | |
webhooks: | |
- admissionReviewVersions: ["v1", "v1beta1"] | |
clientConfig: | |
service: | |
name: kafka-webhook-eventing | |
namespace: knative-eventing | |
sideEffects: None | |
failurePolicy: Fail | |
name: validation.webhook.kafka.eventing.knative.dev | |
timeoutSeconds: 2 | |
--- | |
# Copyright 2020 The Knative Authors | |
# | |
# Licensed under the Apache License, Version 2.0 (the "License"); | |
# you may not use this file except in compliance with the License. | |
# You may obtain a copy of the License at | |
# | |
# https://www.apache.org/licenses/LICENSE-2.0 | |
# | |
# Unless required by applicable law or agreed to in writing, software | |
# distributed under the License is distributed on an "AS IS" BASIS, | |
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
# See the License for the specific language governing permissions and | |
# limitations under the License. | |
apiVersion: apps/v1 | |
kind: Deployment | |
metadata: | |
name: kafka-webhook-eventing | |
namespace: knative-eventing | |
labels: | |
app: kafka-webhook-eventing | |
kafka.eventing.knative.dev/release: devel | |
spec: | |
selector: | |
matchLabels: | |
app: kafka-webhook-eventing | |
template: | |
metadata: | |
labels: | |
app: kafka-webhook-eventing | |
kafka.eventing.knative.dev/release: devel | |
spec: | |
# To avoid node becoming SPOF, spread our replicas to different nodes. | |
affinity: | |
podAntiAffinity: | |
preferredDuringSchedulingIgnoredDuringExecution: | |
- podAffinityTerm: | |
labelSelector: | |
matchLabels: | |
app: kafka-webhook-eventing | |
topologyKey: kubernetes.io/hostname | |
weight: 100 | |
serviceAccountName: kafka-webhook-eventing | |
securityContext: | |
runAsNonRoot: true | |
containers: | |
- name: kafka-webhook-eventing | |
terminationMessagePolicy: FallbackToLogsOnError | |
image: docker.io/pierdipi/webhook-kafka-a0744e57e2361781824e0eef2db067de@sha256:e4e91710c8c819da6b006e316b6d431f4587398fcb0734ca0abf7d47c8ed1a4d | |
resources: | |
requests: | |
cpu: 20m | |
memory: 20Mi | |
limits: | |
cpu: 200m | |
memory: 200Mi | |
env: | |
- name: SYSTEM_NAMESPACE | |
valueFrom: | |
fieldRef: | |
fieldPath: metadata.namespace | |
- name: CONFIG_LOGGING_NAME | |
value: config-logging | |
- name: METRICS_DOMAIN | |
value: knative.dev/eventing | |
- name: WEBHOOK_NAME | |
value: kafka-webhook-eventing | |
- name: WEBHOOK_PORT | |
value: "8443" | |
- name: POD_NAME | |
valueFrom: | |
fieldRef: | |
fieldPath: metadata.name | |
securityContext: | |
allowPrivilegeEscalation: false | |
ports: | |
- name: https-webhook | |
containerPort: 8443 | |
- name: metrics | |
containerPort: 9090 | |
- name: profiling | |
containerPort: 8008 | |
readinessProbe: &probe | |
periodSeconds: 1 | |
httpGet: | |
scheme: HTTPS | |
port: 8443 | |
httpHeaders: | |
- name: k-kubelet-probe | |
value: "webhook" | |
livenessProbe: | |
!!merge <<: *probe | |
initialDelaySeconds: 20 | |
# Our webhook should gracefully terminate by lame ducking first, set this to a sufficiently | |
# high value that we respect whatever value it has configured for the lame duck grace period. | |
terminationGracePeriodSeconds: 300 | |
--- | |
apiVersion: v1 | |
kind: Service | |
metadata: | |
name: kafka-webhook-eventing | |
namespace: knative-eventing | |
labels: | |
app: kafka-webhook-eventing | |
kafka.eventing.knative.dev/release: devel | |
spec: | |
ports: | |
- name: https-webhook | |
port: 443 | |
targetPort: 8443 | |
selector: | |
app: kafka-webhook-eventing | |
--- |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment