tag | bf37bf4c31efe61ce056a3b20b4e2706cfc33bfa | |
---|---|---|
tagger | Lari Hotari <lhotari@users.noreply.github.com> | Thu Jan 25 17:27:36 2024 +0200 |
object | a75508862f5df26094a4a984d9e3cb2f0daf5915 |
Apache Pulsar Helm Chart 3.2.0
commit | a75508862f5df26094a4a984d9e3cb2f0daf5915 | [log] [tgz] |
---|---|---|
author | Lari Hotari <lhotari@apache.org> | Fri Jan 19 20:26:39 2024 +0200 |
committer | Lari Hotari <lhotari@apache.org> | Fri Jan 19 20:26:39 2024 +0200 |
tree | 932e97cf0bba5aeb5711c03e17dc32f53706dc89 | |
parent | e058aa581d880df74d0f3552916b313ceb58baae [diff] |
Update helm version requirement in docs
This project provides Helm Charts for installing Apache Pulsar on Kubernetes.
Read Deploying Pulsar on Kubernetes for more details.
:warning: This helm chart is updated outside of the regular Pulsar release cycle and might lag behind a bit. It only supports basic Kubernetes features now. Currently, it can be used as no more than a template and starting point for a Kubernetes deployment. In many cases, it would require some customizations.
This Helm Chart includes all the components of Apache Pulsar for a complete experience.
It includes support for:
In order to use this chart to deploy Apache Pulsar on Kubernetes, the followings are required.
Before proceeding to deploying Pulsar, you need to prepare your environment.
helm
and kubectl
need to be installed on your computer.
To add this chart to your local Helm repository:
helm repo add apache https://pulsar.apache.org/charts
You need a Kubernetes cluster whose version is 1.21 or higher in order to use this chart, due to the usage of certain Kubernetes features.
We provide some instructions to guide you through the preparation: http://pulsar.apache.org/docs/helm-prepare/
Configure your values file. The best way to know which values are available is to read the values.yaml.
Install the chart:
helm install <release-name> -n <namespace> -f your-values.yaml apache/pulsar
Access the Pulsar cluster
The default values will create a ClusterIP
for the proxy you can use to interact with the cluster. To find the IP address of proxy use:
kubectl get service -n <k8s-namespace>
For more information, please follow our detailed quick start guide.
We provide a detailed guideline for you to customize the Helm Chart for a production-ready deployment.
You can also checkout out the example values file for different deployments.
In order to disable the kube-prometheus-stack fully, it is necessary to add the following to your values.yaml
:
kube-prometheus-stack: enabled: false prometheusOperator: enabled: false grafana: enabled: false alertmanager: enabled: false prometheus: enabled: false
Otherwise, the helm chart installation will attempt to install the CRDs for the kube-prometheus-stack. Additionally, you‘ll need to disable each of the component’s PodMonitors
. This is shown in some examples and is verified in some tests.
The Apache Pulsar Helm Chart uses the kube-prometheus-stack
Helm Chart to deploy Grafana. Dashboards are loaded via a Kubernetes ConfigMap
. Please see their documentation for loading those dashboards.
The apache/pulsar
GitHub repo contains some dashboards here.
Note: if you have third party dashboards that you would like included in this list, please open a pull request.
Once your Pulsar Chart is installed, configuration changes and chart updates should be done using helm upgrade
.
helm repo add apache https://pulsar.apache.org/charts helm repo update helm get values <pulsar-release-name> > pulsar.yaml helm upgrade -f pulsar.yaml \ <pulsar-release-name> apache/pulsar
For more detailed information, see our Upgrading guide.
The 2.10.0+ Apache Pulsar docker image is a non-root container, by default. That complicates an upgrade to 2.10.0 because the existing files are owned by the root user but are not writable by the root group. In order to leverage this new security feature, the Bookkeeper and Zookeeper StatefulSet securityContexts are configurable in the values.yaml
. They default to:
securityContext: fsGroup: 0 fsGroupChangePolicy: "OnRootMismatch"
This configuration is ideal for regular Kubernetes clusters where the UID is stable across restarts. If the process UID is subject to change (like it is in OpenShift), you'll need to set fsGroupChangePolicy: "Always"
.
The official docker image assumes that it is run as a member of the root group.
If you upgrade to the latest version of the helm chart before upgrading to Pulsar 2.10.0, then when you perform your first upgrade to version >= 2.10.0, you will need to set fsGroupChangePolicy: "Always"
on the first upgrade and then set it back to fsGroupChangePolicy: "OnRootMismatch"
on subsequent upgrades. This is because the root file won't mismatch permissions, but the RocksDB lock file will. If you have direct access to the persistent volumes, you can alternatively run chgrp -R g+w /pulsar/data
before upgrading.
Here is a sample error you can expect if the RocksDB lock file is not correctly owned by the root group:
2022-05-14T03:45:06,903+0000 ERROR org.apache.bookkeeper.server.Main - Failed to build bookie server java.io.IOException: Error open RocksDB database at org.apache.bookkeeper.bookie.storage.ldb.KeyValueStorageRocksDB.<init>(KeyValueStorageRocksDB.java:199) ~[org.apache.bookkeeper-bookkeeper-server-4.14.4.jar:4.14.4] at org.apache.bookkeeper.bookie.storage.ldb.KeyValueStorageRocksDB.<init>(KeyValueStorageRocksDB.java:88) ~[org.apache.bookkeeper-bookkeeper-server-4.14.4.jar:4.14.4] at org.apache.bookkeeper.bookie.storage.ldb.KeyValueStorageRocksDB.lambda$static$0(KeyValueStorageRocksDB.java:62) ~[org.apache.bookkeeper-bookkeeper-server-4.14.4.jar:4.14.4] at org.apache.bookkeeper.bookie.storage.ldb.LedgerMetadataIndex.<init>(LedgerMetadataIndex.java:68) ~[org.apache.bookkeeper-bookkeeper-server-4.14.4.jar:4.14.4] at org.apache.bookkeeper.bookie.storage.ldb.SingleDirectoryDbLedgerStorage.<init>(SingleDirectoryDbLedgerStorage.java:169) ~[org.apache.bookkeeper-bookkeeper-server-4.14.4.jar:4.14.4] at org.apache.bookkeeper.bookie.storage.ldb.DbLedgerStorage.newSingleDirectoryDbLedgerStorage(DbLedgerStorage.java:150) ~[org.apache.bookkeeper-bookkeeper-server-4.14.4.jar:4.14.4] at org.apache.bookkeeper.bookie.storage.ldb.DbLedgerStorage.initialize(DbLedgerStorage.java:129) ~[org.apache.bookkeeper-bookkeeper-server-4.14.4.jar:4.14.4] at org.apache.bookkeeper.bookie.Bookie.<init>(Bookie.java:818) ~[org.apache.bookkeeper-bookkeeper-server-4.14.4.jar:4.14.4] at org.apache.bookkeeper.proto.BookieServer.newBookie(BookieServer.java:152) ~[org.apache.bookkeeper-bookkeeper-server-4.14.4.jar:4.14.4] at org.apache.bookkeeper.proto.BookieServer.<init>(BookieServer.java:120) ~[org.apache.bookkeeper-bookkeeper-server-4.14.4.jar:4.14.4] at org.apache.bookkeeper.server.service.BookieService.<init>(BookieService.java:52) ~[org.apache.bookkeeper-bookkeeper-server-4.14.4.jar:4.14.4] at org.apache.bookkeeper.server.Main.buildBookieServer(Main.java:304) ~[org.apache.bookkeeper-bookkeeper-server-4.14.4.jar:4.14.4] at org.apache.bookkeeper.server.Main.doMain(Main.java:226) [org.apache.bookkeeper-bookkeeper-server-4.14.4.jar:4.14.4] at org.apache.bookkeeper.server.Main.main(Main.java:208) [org.apache.bookkeeper-bookkeeper-server-4.14.4.jar:4.14.4] Caused by: org.rocksdb.RocksDBException: while open a file for lock: /pulsar/data/bookkeeper/ledgers/current/ledgers/LOCK: Permission denied at org.rocksdb.RocksDB.open(Native Method) ~[org.rocksdb-rocksdbjni-6.10.2.jar:?] at org.rocksdb.RocksDB.open(RocksDB.java:239) ~[org.rocksdb-rocksdbjni-6.10.2.jar:?] at org.apache.bookkeeper.bookie.storage.ldb.KeyValueStorageRocksDB.<init>(KeyValueStorageRocksDB.java:196) ~[org.apache.bookkeeper-bookkeeper-server-4.14.4.jar:4.14.4] ... 13 more
helm upgrade
error “unable to build kubernetes objects from current release manifest”Example of the error message:
Error: UPGRADE FAILED: unable to build kubernetes objects from current release manifest: [resource mapping not found for name: "pulsar-bookie" namespace: "pulsar" from "": no matches for kind "PodDisruptionBudget" in version "policy/v1beta1" ensure CRDs are installed first, resource mapping not found for name: "pulsar-broker" namespace: "pulsar" from "": no matches for kind "PodDisruptionBudget" in version "policy/v1beta1" ensure CRDs are installed first, resource mapping not found for name: "pulsar-zookeeper" namespace: "pulsar" from "": no matches for kind "PodDisruptionBudget" in version "policy/v1beta1" ensure CRDs are installed first]
Helm documentation explains issues with managing releases deployed using outdated APIs when the Kubernetes cluster has been upgraded to a version where these APIs are removed. This happens regardless of whether the chart in the upgrade includes supported API versions. In this case, you can use the following workaround:
Install the Helm mapkubeapis plugin:
helm plugin install https://github.com/helm/helm-mapkubeapis
Run the helm mapkubeapis
command with the appropriate namespace and release name. In this example, we use the namespace “pulsar” and release name “pulsar”:
helm mapkubeapis --namespace pulsar pulsar
This workaround addresses the issue by updating in-place Helm release metadata that contains deprecated or removed Kubernetes APIs to a new instance with supported Kubernetes APIs and should allow for a successful Helm upgrade.
To uninstall the Pulsar Chart, run the following command:
helm uninstall <pulsar-release-name>
For the purposes of continuity, these charts have some Kubernetes objects that are not removed when performing helm uninstall
. These items we require you to conciously remove them, as they affect re-deployment should you choose to.
We‘ve done our best to make these charts as seamless as possible, occasionally troubles do surface outside of our control. We’ve collected tips and tricks for troubleshooting common issues. Please examine these first before raising an issue, and feel free to add to them by raising a Pull Request!
See RELEASE.md