| # |
| # Licensed to the Apache Software Foundation (ASF) under one |
| # or more contributor license agreements. See the NOTICE file |
| # distributed with this work for additional information |
| # regarding copyright ownership. The ASF licenses this file |
| # to you under the Apache License, Version 2.0 (the |
| # "License"); you may not use this file except in compliance |
| # with the License. You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, |
| # software distributed under the License is distributed on an |
| # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| # KIND, either express or implied. See the License for the |
| # specific language governing permissions and limitations |
| # under the License. |
| # |
| |
| {{- if .Values.components.broker }} |
| apiVersion: apps/v1 |
| kind: StatefulSet |
| metadata: |
| name: "{{ template "pulsar.fullname" . }}-{{ .Values.broker.component }}" |
| namespace: {{ .Values.namespace }} |
| labels: |
| {{- include "pulsar.standardLabels" . | nindent 4 }} |
| component: {{ .Values.broker.component }} |
| spec: |
| serviceName: "{{ template "pulsar.fullname" . }}-{{ .Values.broker.component }}" |
| replicas: {{ .Values.broker.replicaCount }} |
| selector: |
| matchLabels: |
| {{- include "pulsar.matchLabels" . | nindent 6 }} |
| component: {{ .Values.broker.component }} |
| updateStrategy: |
| type: RollingUpdate |
| podManagementPolicy: Parallel |
| template: |
| metadata: |
| labels: |
| {{- include "pulsar.template.labels" . | nindent 8 }} |
| component: {{ .Values.broker.component }} |
| annotations: |
| prometheus.io/scrape: "true" |
| prometheus.io/port: "{{ .Values.broker.ports.http }}" |
| {{- with .Values.broker.annotations }} |
| {{ toYaml . | indent 8 }} |
| {{- end }} |
| spec: |
| serviceAccountName: "{{ template "pulsar.fullname" . }}-{{ .Values.broker.component }}-acct" |
| {{- if .Values.broker.nodeSelector }} |
| nodeSelector: |
| {{ toYaml .Values.broker.nodeSelector | indent 8 }} |
| {{- end }} |
| {{- if .Values.broker.tolerations }} |
| tolerations: |
| {{ toYaml .Values.broker.tolerations | indent 8 }} |
| {{- end }} |
| affinity: |
| {{- if and .Values.affinity.anti_affinity .Values.broker.affinity.anti_affinity}} |
| podAntiAffinity: |
| {{ if eq .Values.broker.affinity.type "requiredDuringSchedulingIgnoredDuringExecution"}} |
| {{ .Values.broker.affinity.type }}: |
| - labelSelector: |
| matchExpressions: |
| - key: "app" |
| operator: In |
| values: |
| - "{{ template "pulsar.name" . }}" |
| - key: "release" |
| operator: In |
| values: |
| - {{ .Release.Name }} |
| - key: "component" |
| operator: In |
| values: |
| - {{ .Values.broker.component }} |
| topologyKey: "kubernetes.io/hostname" |
| {{ else }} |
| {{ .Values.broker.affinity.type }}: |
| - weight: 100 |
| podAffinityTerm: |
| labelSelector: |
| matchExpressions: |
| - key: "app" |
| operator: In |
| values: |
| - "{{ template "pulsar.name" . }}" |
| - key: "release" |
| operator: In |
| values: |
| - {{ .Release.Name }} |
| - key: "component" |
| operator: In |
| values: |
| - {{ .Values.broker.component }} |
| topologyKey: "kubernetes.io/hostname" |
| {{ end }} |
| {{- end }} |
| terminationGracePeriodSeconds: {{ .Values.broker.gracePeriod }} |
| initContainers: |
| # This init container will wait for zookeeper to be ready before |
| # deploying the bookies |
| - name: wait-zookeeper-ready |
| image: "{{ .Values.images.broker.repository }}:{{ .Values.images.broker.tag }}" |
| imagePullPolicy: {{ .Values.images.broker.pullPolicy }} |
| command: ["sh", "-c"] |
| args: |
| - >- |
| {{- include "pulsar.broker.zookeeper.tls.settings" . | nindent 12 }} |
| {{- if .Values.pulsar_metadata.configurationStore }} |
| until bin/bookkeeper org.apache.zookeeper.ZooKeeperMain -server {{ template "pulsar.configurationStore.connect" . }} get {{ .Values.configurationStoreMetadataPrefix }}/admin/clusters/{{ template "pulsar.cluster.name" . }}; do |
| {{- end }} |
| {{- if not .Values.pulsar_metadata.configurationStore }} |
| until bin/bookkeeper org.apache.zookeeper.ZooKeeperMain -server {{ template "pulsar.zookeeper.connect" . }} get {{ .Values.metadataPrefix }}/admin/clusters/{{ template "pulsar.cluster.name" . }}; do |
| {{- end }} |
| echo "pulsar cluster {{ template "pulsar.cluster.name" . }} isn't initialized yet ... check in 3 seconds ..." && sleep 3; |
| done; |
| volumeMounts: |
| {{- include "pulsar.broker.certs.volumeMounts" . | nindent 8 }} |
| # This init container will wait for bookkeeper to be ready before |
| # deploying the broker |
| - name: wait-bookkeeper-ready |
| image: "{{ .Values.images.broker.repository }}:{{ .Values.images.broker.tag }}" |
| imagePullPolicy: {{ .Values.images.broker.pullPolicy }} |
| command: ["sh", "-c"] |
| args: |
| - > |
| {{- include "pulsar.broker.zookeeper.tls.settings" . | nindent 12 }} |
| bin/apply-config-from-env.py conf/bookkeeper.conf; |
| until bin/bookkeeper shell whatisinstanceid; do |
| echo "bookkeeper cluster is not initialized yet. backoff for 3 seconds ..."; |
| sleep 3; |
| done; |
| echo "bookkeeper cluster is already initialized"; |
| bookieServiceNumber="$(nslookup -timeout=10 {{ template "pulsar.fullname" . }}-{{ .Values.bookkeeper.component }} | grep Name | wc -l)"; |
| until [ ${bookieServiceNumber} -ge {{ .Values.broker.configData.managedLedgerDefaultEnsembleSize }} ]; do |
| echo "bookkeeper cluster {{ template "pulsar.cluster.name" . }} isn't ready yet ... check in 10 seconds ..."; |
| sleep 10; |
| bookieServiceNumber="$(nslookup -timeout=10 {{ template "pulsar.fullname" . }}-{{ .Values.bookkeeper.component }} | grep Name | wc -l)"; |
| done; |
| echo "bookkeeper cluster is ready"; |
| envFrom: |
| - configMapRef: |
| name: "{{ template "pulsar.fullname" . }}-{{ .Values.bookkeeper.component }}" |
| volumeMounts: |
| {{- include "pulsar.broker.certs.volumeMounts" . | nindent 10 }} |
| containers: |
| - name: "{{ template "pulsar.fullname" . }}-{{ .Values.broker.component }}" |
| image: "{{ .Values.images.broker.repository }}:{{ .Values.images.broker.tag }}" |
| imagePullPolicy: {{ .Values.images.broker.pullPolicy }} |
| {{- if .Values.broker.probe.liveness.enabled }} |
| livenessProbe: |
| httpGet: |
| path: /status.html |
| port: {{ .Values.broker.ports.http }} |
| initialDelaySeconds: {{ .Values.broker.probe.liveness.initialDelaySeconds }} |
| periodSeconds: {{ .Values.broker.probe.liveness.periodSeconds }} |
| failureThreshold: {{ .Values.broker.probe.liveness.failureThreshold }} |
| {{- end }} |
| {{- if .Values.broker.probe.readiness.enabled }} |
| readinessProbe: |
| httpGet: |
| path: /status.html |
| port: {{ .Values.broker.ports.http }} |
| initialDelaySeconds: {{ .Values.broker.probe.readiness.initialDelaySeconds }} |
| periodSeconds: {{ .Values.broker.probe.readiness.periodSeconds }} |
| failureThreshold: {{ .Values.broker.probe.readiness.failureThreshold }} |
| {{- end }} |
| {{- if .Values.broker.probe.startup.enabled }} |
| startupProbe: |
| httpGet: |
| path: /status.html |
| port: {{ .Values.broker.ports.http }} |
| initialDelaySeconds: {{ .Values.broker.probe.startup.initialDelaySeconds }} |
| periodSeconds: {{ .Values.broker.probe.startup.periodSeconds }} |
| failureThreshold: {{ .Values.broker.probe.startup.failureThreshold }} |
| {{- end }} |
| {{- if .Values.broker.resources }} |
| resources: |
| {{ toYaml .Values.broker.resources | indent 10 }} |
| {{- end }} |
| command: ["sh", "-c"] |
| args: |
| - > |
| bin/apply-config-from-env.py conf/broker.conf; |
| bin/gen-yml-from-env.py conf/functions_worker.yml; |
| echo "OK" > status; |
| {{- include "pulsar.broker.zookeeper.tls.settings" . | nindent 10 }} |
| bin/pulsar zookeeper-shell -server {{ template "pulsar.zookeeper.connect" . }} get {{ template "pulsar.broker.znode" . }}; |
| while [ $? -eq 0 ]; do |
| echo "broker {{ template "pulsar.broker.hostname" . }} znode still exists ... check in 10 seconds ..."; |
| sleep 10; |
| bin/pulsar zookeeper-shell -server {{ template "pulsar.zookeeper.connect" . }} get {{ template "pulsar.broker.znode" . }}; |
| done; |
| cat conf/pulsar_env.sh; |
| exec bin/pulsar broker; |
| ports: |
| # prometheus needs to access /metrics endpoint |
| - name: http |
| containerPort: {{ .Values.broker.ports.http }} |
| {{- if or (not .Values.tls.enabled) (not .Values.tls.broker.enabled) }} |
| - name: pulsar |
| containerPort: {{ .Values.broker.ports.pulsar }} |
| {{- end }} |
| {{- if and .Values.tls.enabled .Values.tls.broker.enabled }} |
| - name: https |
| containerPort: {{ .Values.broker.ports.https }} |
| - name: pulsarssl |
| containerPort: {{ .Values.broker.ports.pulsarssl }} |
| {{- end }} |
| envFrom: |
| - configMapRef: |
| name: "{{ template "pulsar.fullname" . }}-{{ .Values.broker.component }}" |
| volumeMounts: |
| {{- if .Values.auth.authentication.enabled }} |
| {{- if eq .Values.auth.authentication.provider "jwt" }} |
| - mountPath: "/pulsar/keys" |
| name: token-keys |
| readOnly: true |
| - mountPath: "/pulsar/tokens" |
| name: broker-token |
| readOnly: true |
| {{- end }} |
| {{- end }} |
| {{- include "pulsar.broker.certs.volumeMounts" . | nindent 10 }} |
| volumes: |
| {{- if .Values.auth.authentication.enabled }} |
| {{- if eq .Values.auth.authentication.provider "jwt" }} |
| - name: token-keys |
| secret: |
| {{- if not .Values.auth.authentication.jwt.usingSecretKey }} |
| secretName: "{{ .Release.Name }}-token-asymmetric-key" |
| {{- end}} |
| {{- if .Values.auth.authentication.jwt.usingSecretKey }} |
| secretName: "{{ .Release.Name }}-token-symmetric-key" |
| {{- end}} |
| items: |
| {{- if .Values.auth.authentication.jwt.usingSecretKey }} |
| - key: SECRETKEY |
| path: token/secret.key |
| {{- else }} |
| - key: PUBLICKEY |
| path: token/public.key |
| {{- end}} |
| - name: broker-token |
| secret: |
| secretName: "{{ .Release.Name }}-token-{{ .Values.auth.superUsers.broker }}" |
| items: |
| - key: TOKEN |
| path: broker/token |
| {{- end}} |
| {{- end}} |
| {{- include "pulsar.broker.certs.volumes" . | nindent 6 }} |
| {{- end }} |
