From 3e25ba018ec904633eb0db96c5abc9e3ecc82759 Mon Sep 17 00:00:00 2001 From: Ivan Ivic Date: Wed, 30 Mar 2022 17:31:24 +0200 Subject: [PATCH] OSS preparation (#10) * OSS preparation * release workflow * master * order * envtest rollback * badges (some of them temp until approve) * kafka testcontainer probe * remove duplicate line * updated badge id --- .github/ISSUE_TEMPLATE/bug_report.md | 26 ++ .github/ISSUE_TEMPLATE/change_request.md | 20 ++ .github/ISSUE_TEMPLATE/feature_request.md | 20 ++ .github/PULL_REQUEST_TEMPLATE.md | 5 + .github/workflows/chart.yaml | 42 ++++ .github/workflows/e2e.yaml | 27 ++- .github/workflows/rebase.yaml | 21 ++ .github/workflows/release-chart.yaml | 26 ++ .github/workflows/release.yaml | 89 +++++++ .github/workflows/size-labeler.yaml | 10 + .goreleaser.yaml | 23 ++ CHANGELOG.md | 7 + CONTRIBUTING.md | 18 ++ Jenkinsfile | 118 --------- LICENSE | 201 ++++++++++++++++ Makefile | 25 +- PROJECT | 4 +- README.md | 8 + chart/k8skafka-controller/Chart.yaml | 7 +- chart/k8skafka-controller/README.md | 8 +- .../kafka.infra.doodle.com_kafkatopics.yaml | 224 ++++++++++++++++++ chart/k8skafka-controller/templates/NOTES.txt | 14 +- .../templates/deployment.yaml | 2 +- .../{servicemonitor.yaml => podmonitor.yaml} | 24 +- .../templates/service.yaml | 24 -- .../templates/tests/test-connection.yaml | 18 -- chart/k8skafka-controller/values.yaml | 30 +-- .../kafka.infra.doodle.com_kafkatopics.yaml | 215 +++-------------- config/default/kustomization.yaml | 2 +- .../manager/{manager.yaml => deployment.yaml} | 22 +- config/manager/kustomization.yaml | 9 +- config/rbac/kafkatopic_editor_role.yaml | 24 ++ config/rbac/kafkatopic_viewer_role.yaml | 20 ++ config/rbac/kustomization.yaml | 3 + config/samples/infra_v1beta1_kafkatopic.yaml | 13 + controllers/suite_test.go | 20 +- controllers/testing_kafka_cluster.go | 31 ++- 37 files changed, 980 insertions(+), 420 deletions(-) create mode 100644 .github/ISSUE_TEMPLATE/bug_report.md create mode 100644 .github/ISSUE_TEMPLATE/change_request.md create mode 100644 .github/ISSUE_TEMPLATE/feature_request.md create mode 100644 .github/PULL_REQUEST_TEMPLATE.md create mode 100644 .github/workflows/chart.yaml create mode 100644 .github/workflows/rebase.yaml create mode 100644 .github/workflows/release-chart.yaml create mode 100644 .github/workflows/release.yaml create mode 100644 .github/workflows/size-labeler.yaml create mode 100644 .goreleaser.yaml create mode 100644 CHANGELOG.md create mode 100644 CONTRIBUTING.md delete mode 100644 Jenkinsfile create mode 100644 LICENSE create mode 100644 chart/k8skafka-controller/crds/kafka.infra.doodle.com_kafkatopics.yaml rename chart/k8skafka-controller/templates/{servicemonitor.yaml => podmonitor.yaml} (57%) delete mode 100644 chart/k8skafka-controller/templates/service.yaml delete mode 100644 chart/k8skafka-controller/templates/tests/test-connection.yaml rename config/manager/{manager.yaml => deployment.yaml} (51%) create mode 100644 config/rbac/kafkatopic_editor_role.yaml create mode 100644 config/rbac/kafkatopic_viewer_role.yaml create mode 100644 config/samples/infra_v1beta1_kafkatopic.yaml diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md new file mode 100644 index 0000000..8218be4 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -0,0 +1,26 @@ +--- +name: Bug report +about: Create a report to help us improve +title: '' +labels: bug +assignees: '' + +--- + +#### Describe the bug +A clear and concise description of what the bug is. + +#### To Reproduce +Steps to reproduce the behavior: + +#### Expected behavior +A clear and concise description of what you expected to happen. + +#### Environment + - controller version: [e.g. v0.0.1] + - kafka version: [e.g. v2.5.0] + - zookeeper version: [e.g. v5.0.0] + - kubernetes version: [e.g. v1.20.14] + +#### Additional context +Add any other context about the problem here. diff --git a/.github/ISSUE_TEMPLATE/change_request.md b/.github/ISSUE_TEMPLATE/change_request.md new file mode 100644 index 0000000..5f7fc44 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/change_request.md @@ -0,0 +1,20 @@ +--- +name: Change request +about: Propose a change for an already implemented solution +title: '' +labels: change +assignees: '' + +--- + +#### Describe the change +A clear and concise description of what the change is about. + +#### Current situation +Describe the current situation. + +#### Should +Describe the changes you would like to propose. + +#### Additional context +Add any other context about the problem here. diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md new file mode 100644 index 0000000..c8b1ea1 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature_request.md @@ -0,0 +1,20 @@ +--- +name: Feature request +about: Suggest an idea for this project +title: '' +labels: feature +assignees: '' + +--- + +#### Is your feature request related to a problem? Please describe +A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] + +#### Describe the solution you'd like +A clear and concise description of what you want to happen. + +#### Describe alternatives you've considered +A clear and concise description of any alternative solutions or features you've considered. + +#### Additional context +Add any other context or screenshots about the feature request here. diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md new file mode 100644 index 0000000..79d3ba1 --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -0,0 +1,5 @@ +## Current situation + + +## Proposal + diff --git a/.github/workflows/chart.yaml b/.github/workflows/chart.yaml new file mode 100644 index 0000000..6d0e225 --- /dev/null +++ b/.github/workflows/chart.yaml @@ -0,0 +1,42 @@ +name: Lint and Test Charts + +on: pull_request + +jobs: + lint-test: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + + - name: Set up Helm + uses: azure/setup-helm@v1 + with: + version: v3.4.0 + + - uses: actions/setup-python@v2 + with: + python-version: 3.7 + + - name: Set up chart-testing + uses: helm/chart-testing-action@v2.1.0 + + - name: Run chart-testing (list-changed) + id: list-changed + run: | + changed=$(ct list-changed --chart-dirs chart) + if [[ -n "$changed" ]]; then + echo "::set-output name=changed::true" + fi + + - name: Run chart-testing (lint) + run: ct lint --chart-dirs chart + + - name: Create kind cluster + uses: helm/kind-action@v1.2.0 + if: steps.list-changed.outputs.changed == 'true' + + - name: Run chart-testing (install) + run: ct install --chart-dirs chart diff --git a/.github/workflows/e2e.yaml b/.github/workflows/e2e.yaml index bdae010..b0bf89f 100644 --- a/.github/workflows/e2e.yaml +++ b/.github/workflows/e2e.yaml @@ -4,7 +4,7 @@ on: pull_request: push: branches: - - main + - master jobs: kind: @@ -12,6 +12,13 @@ jobs: steps: - name: Checkout uses: actions/checkout@v2 + - name: Setup QEMU + uses: docker/setup-qemu-action@v1 + with: + platforms: all + - name: Setup Docker Buildx + id: buildx + uses: docker/setup-buildx-action@v1 - name: Restore Go cache uses: actions/cache@v1 with: @@ -19,6 +26,14 @@ jobs: key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} restore-keys: | ${{ runner.os }}-go- + - name: Cache Docker layers + uses: actions/cache@v2 + id: cache + with: + path: /tmp/.buildx-cache + key: ${{ runner.os }}-buildx-ghcache-${{ github.sha }} + restore-keys: | + ${{ runner.os }}-buildx-ghcache- - name: Setup Go uses: actions/setup-go@v2 with: @@ -40,14 +55,20 @@ jobs: run: make test - name: Check if working tree is dirty run: | - go version if [[ $(git diff --stat) != '' ]]; then git --no-pager diff echo 'run make test and commit changes' exit 1 fi - name: Build container image - run: make docker-build-without-tests IMG=test/k8skafka-controller:latest BUILD_PLATFORMS=linux/amd64 BUILD_ARGS=--load + run: | + make docker-build IMG=test/k8skafka-controller:latest BUILD_PLATFORMS=linux/amd64 \ + BUILD_ARGS="--cache-from=type=local,src=/tmp/.buildx-cache \ + --cache-to=type=local,dest=/tmp/.buildx-cache-new,mode=max" + - name: Move cache + run: | + rm -rf /tmp/.buildx-cache + mv /tmp/.buildx-cache-new /tmp/.buildx-cache - name: Load test image run: kind load docker-image test/k8skafka-controller:latest - name: Deploy controller diff --git a/.github/workflows/rebase.yaml b/.github/workflows/rebase.yaml new file mode 100644 index 0000000..74a9049 --- /dev/null +++ b/.github/workflows/rebase.yaml @@ -0,0 +1,21 @@ +name: rebase + +on: + pull_request: + types: [opened] + issue_comment: + types: [created] + +jobs: + rebase: + if: github.event.issue.pull_request != '' && contains(github.event.comment.body, '/rebase') && (github.event.comment.author_association == 'CONTRIBUTOR' || github.event.comment.author_association == 'MEMBER' || github.event.comment.author_association == 'OWNER') + runs-on: ubuntu-latest + steps: + - name: Checkout the latest code + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Automatic Rebase + uses: cirrus-actions/rebase@1.3.1 + env: + GITHUB_TOKEN: ${{ secrets.BOT_GITHUB_TOKEN }} diff --git a/.github/workflows/release-chart.yaml b/.github/workflows/release-chart.yaml new file mode 100644 index 0000000..efc9501 --- /dev/null +++ b/.github/workflows/release-chart.yaml @@ -0,0 +1,26 @@ +name: Release Chart + +on: + push: + branches: + - master + +jobs: + release: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + + - name: Configure Git + run: | + git config user.name "$GITHUB_ACTOR" + git config user.email "$GITHUB_ACTOR@users.noreply.github.com" + - name: Run chart-releaser + uses: helm/chart-releaser-action@v1.3.0 + with: + charts_dir: ./chart + env: + CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml new file mode 100644 index 0000000..af8bf40 --- /dev/null +++ b/.github/workflows/release.yaml @@ -0,0 +1,89 @@ +name: release +on: + push: + tags: + - 'v*' + workflow_dispatch: + inputs: + tag: + description: 'image tag prefix' + default: 'rc' + required: true + +permissions: + contents: write # needed to write releases + id-token: write # needed for keyless signing + packages: write # needed for ghcr access + +env: + CONTROLLER: ${{ github.event.repository.name }} + +jobs: + build-push: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - name: Setup Kustomize + uses: fluxcd/pkg/actions/kustomize@main + - name: Prepare + id: prep + run: | + VERSION="${{ github.event.inputs.tag }}-${GITHUB_SHA::8}" + if [[ $GITHUB_REF == refs/tags/* ]]; then + VERSION=${GITHUB_REF/refs\/tags\//} + fi + echo ::set-output name=BUILD_DATE::$(date -u +'%Y-%m-%dT%H:%M:%SZ') + echo ::set-output name=VERSION::${VERSION} + - name: Setup QEMU + uses: docker/setup-qemu-action@v1 + with: + platforms: all + - name: Setup Docker Buildx + id: buildx + uses: docker/setup-buildx-action@v1 + with: + buildkitd-flags: "--debug" + - name: Login to GitHub Container Registry + uses: docker/login-action@v1 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Generate images meta + id: meta + uses: docker/metadata-action@v3 + with: + images: | + ghcr.io/doodlescheduling/${{ env.CONTROLLER }} + tags: | + type=raw,value=${{ steps.prep.outputs.VERSION }} + - name: Publish multi-arch container image + uses: docker/build-push-action@v2 + with: + push: true + builder: ${{ steps.buildx.outputs.name }} + context: . + file: ./Dockerfile + platforms: linux/amd64,linux/arm/v7,linux/arm64 + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + - name: Check images + run: | + docker buildx imagetools inspect ghcr.io/doodlescheduling/${{ env.CONTROLLER }}:${{ steps.prep.outputs.VERSION }} + docker pull ghcr.io/doodlescheduling/${{ env.CONTROLLER }}:${{ steps.prep.outputs.VERSION }} + - name: Generate release manifests + if: startsWith(github.ref, 'refs/tags/v') + run: | + mkdir -p config/release + kustomize build ./config/crd > ./config/release/${{ env.CONTROLLER }}.crds.yaml + kustomize build ./config/manager > ./config/release/${{ env.CONTROLLER }}.deployment.yaml + echo '[CHANGELOG](https://github.com/DoodleScheduling/${{ env.CONTROLLER }}/blob/master/CHANGELOG.md)' > ./config/release/notes.md + - uses: anchore/sbom-action/download-syft@v0 + - name: Create release and SBOM + if: startsWith(github.ref, 'refs/tags/v') + uses: goreleaser/goreleaser-action@v2 + with: + version: latest + args: release --release-notes=config/release/notes.md --rm-dist --skip-validate + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/size-labeler.yaml b/.github/workflows/size-labeler.yaml new file mode 100644 index 0000000..47498e5 --- /dev/null +++ b/.github/workflows/size-labeler.yaml @@ -0,0 +1,10 @@ +name: size-label +on: pull_request +jobs: + size-label: + runs-on: ubuntu-latest + steps: + - name: size-label + uses: "pascalgn/size-label-action@851c37f157f7d64e56f41ff5d2d80316299b2d47" + env: + GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.goreleaser.yaml b/.goreleaser.yaml new file mode 100644 index 0000000..220b355 --- /dev/null +++ b/.goreleaser.yaml @@ -0,0 +1,23 @@ +project_name: k8skafka-controller + +builds: + - skip: true + +release: + prerelease: "true" + extra_files: + - glob: config/release/*.yaml + +checksum: + extra_files: + - glob: config/release/*.yaml + +source: + enabled: true + name_template: "{{ .ProjectName }}_{{ .Version }}_source_code" + +sboms: + - id: source + artifacts: source + documents: + - "{{ .ProjectName }}_{{ .Version }}_sbom.spdx.json" diff --git a/CHANGELOG.md b/CHANGELOG.md new file mode 100644 index 0000000..b1fcb4c --- /dev/null +++ b/CHANGELOG.md @@ -0,0 +1,7 @@ +# Changelog + +## 0.1.0 + +**Release date:** 2022-03-07 + +Initial oss release diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 0000000..6a10d64 --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,18 @@ +## Release process + +### Controller release +1. Merge all pr's to master which need to be part of the new release +2. Create pr to master with these changes: + 1. Bump kustomization + 2. Create CHANGELOG.md entry with release and date +3. Merge pr +4. Push a tag following semantic versioning prefixed by 'v'. Do not create a github release, this is done automatically. +5. Create new branch and add the following changes: + 1. Bump chart version + 2. Bump charts app version +6. Create pr to master and merge + +### Helm chart change only +1. Create branch with changes +2. Bump chart version +3. Create pr to master and merge diff --git a/Jenkinsfile b/Jenkinsfile deleted file mode 100644 index fc7a16a..0000000 --- a/Jenkinsfile +++ /dev/null @@ -1,118 +0,0 @@ -import java.util.regex.Pattern -import org.jenkinsci.plugins.pipeline.modeldefinition.Utils - -podTemplate(label: 'k8skafka-controller', - containers: [ - containerTemplate( - name: 'golang', - image: 'bitnami/golang:1.16', - ttyEnabled: true - ), - containerTemplate( - name: 'kaniko', - command: '/busybox/cat', - image: 'gcr.io/kaniko-project/executor:debug', - ttyEnabled: true - ), - containerTemplate( - name: 'helm', - command: '/bin/ash', - image: 'alpine/helm:latest', - ttyEnabled: true - ), - ], - volumes: [ - secretVolume(secretName: 'dockerauth', mountPath: '/root/dockerauth') - ] -) { - node ('k8skafka-controller') { - ansiColor("xterm") { - stage('checkout') { - checkout(scm) - } - - stage("build") { - container('golang') { - sh 'make all' - } - - container('helm') { - sh 'helm lint chart/k8skafka-controller' - } - } - - stage("publish") { - if (!env.TAG_NAME) { - echo "skip packaging for no tagged release" - } else { - def (_,major,minor,patch,group,label,build) = (env.TAG_NAME =~ /^v(\d{1,3})\.(\d{1,3})\.(\d{1,3})(?:(-([A-Za-z0-9]+)))?$/)[0] - - if (!major && !minor && !patch) { - throw new Exception("Invalid tag detected, requires semantic version") - } - - version = "$major.$minor.$patch$group" - - container(name: 'kaniko', shell: '/busybox/sh') { - sh "cp /root/dockerauth/.dockerconfigjson /kaniko/.docker/config.json" - sh "/kaniko/executor -f `pwd`/Dockerfile -c `pwd` --destination='nexus.doodle.com:5000/devops/k8skafka-controller:${env.TAG_NAME}'" - } - - container('helm') { - bumpChartVersion(version) - bumpImageVersion(env.TAG_NAME) - - tgz="k8skafka-controller-${version}.tgz" - sh "mkdir chart/k8skafka-controller/crds" - sh "cp config/crd/bases/* chart/k8skafka-controller/crds" - sh "helm package chart/k8skafka-controller" - } - - container('golang') { - if (label) { - publish(tgz, "helm-staging") - } else { - publish(tgz, "helm-staging") - publish(tgz, "helm-production") - } - } - } - } - } - } -} - -def bumpImageVersion(String version) { - echo "Update image tag" - def valuesFile = "./chart/k8skafka-controller/values.yaml" - def valuesData = readYaml file: valuesFile - valuesData.image.tag = version - - sh "rm $valuesFile" - writeYaml file: valuesFile, data: valuesData -} - -def bumpChartVersion(String version) { - // Bump chart version - echo "Update chart version" - def chartFile = "./chart/k8skafka-controller/Chart.yaml" - def chartData = readYaml file: chartFile - chartData.version = version - chartData.appVersion = version - - sh "rm $chartFile" - writeYaml file: chartFile, data: chartData -} - -def publish(String tgz, String repository) { - echo "Push chart ${tgz} to helm repository ${repository}" - - withCredentials([[ - $class : 'UsernamePasswordMultiBinding', - credentialsId : 'nexus', - usernameVariable: 'NEXUS_USER', - passwordVariable: 'NEXUS_PASSWORD' - ]]) { - sh "curl -u \"${env.NEXUS_USER}:${env.NEXUS_PASSWORD}\" https://nexus.doodle.com/repository/${repository}/ --upload-file $tgz --fail" - } -} diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..261eeb9 --- /dev/null +++ b/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/Makefile b/Makefile index a8cc539..c3c262a 100644 --- a/Makefile +++ b/Makefile @@ -1,10 +1,13 @@ # Image URL to use all building/pushing image targets -IMG ?= controller:latest +IMG ?= ghcr.io/doodlescheduling/k8skafka-controller:latest # Produce CRDs that work back to Kubernetes 1.16 CRD_OPTIONS ?= crd:crdVersions=v1 +# API (doc) generation utilities +CONTROLLER_GEN_VERSION ?= v0.5.0 + # Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set) ifeq (,$(shell go env GOBIN)) GOBIN=$(shell go env GOPATH)/bin @@ -12,11 +15,11 @@ else GOBIN=$(shell go env GOBIN) endif -all: test manager +all: manager # Run tests test: generate fmt vet manifests - go test ./... -test.v -coverprofile cover.out + go test -v ./... -coverprofile cover.out # Build manager binary manager: generate fmt vet @@ -36,12 +39,13 @@ uninstall: manifests # Deploy controller in the configured Kubernetes cluster in ~/.kube/config deploy: manifests - cd config/manager && kustomize edit set image controller=${IMG} + cd config/manager && kustomize edit set image ghcr.io/doodlescheduling/k8skafka-controller=${IMG} kustomize build config/default | kubectl apply -f - # Generate manifests e.g. CRD, RBAC etc. manifests: controller-gen $(CONTROLLER_GEN) $(CRD_OPTIONS) rbac:roleName=manager-role webhook paths="./..." output:crd:artifacts:config=config/crd/bases + cp config/crd/bases/* chart/k8skafka-controller/crds/ # Run go fmt against code fmt: @@ -56,11 +60,12 @@ generate: controller-gen $(CONTROLLER_GEN) object:headerFile="hack/boilerplate.go.txt" paths="./..." # Build the docker image -docker-build: test - docker build . -t ${IMG} - -docker-build-without-tests: generate fmt vet manifests - docker build . -t ${IMG} +docker-build: + docker buildx build \ + --platform=$(BUILD_PLATFORMS) \ + -t ${IMG} \ + --load \ + ${BUILD_ARGS} . # Push the docker image docker-push: @@ -75,7 +80,7 @@ ifeq (, $(shell which controller-gen)) CONTROLLER_GEN_TMP_DIR=$$(mktemp -d) ;\ cd $$CONTROLLER_GEN_TMP_DIR ;\ go mod init tmp ;\ - go get sigs.k8s.io/controller-tools/cmd/controller-gen@v0.2.5 ;\ + go get sigs.k8s.io/controller-tools/cmd/controller-gen@$(CONTROLLER_GEN_VERSION); \ rm -rf $$CONTROLLER_GEN_TMP_DIR ;\ } CONTROLLER_GEN=$(GOBIN)/controller-gen diff --git a/PROJECT b/PROJECT index c2d3949..9e74f50 100644 --- a/PROJECT +++ b/PROJECT @@ -1,7 +1,7 @@ -domain: infra.doodle.com +domain: doodle.com repo: github.com/DoodleScheduling/k8skafka-controller resources: -- group: kafka +- group: kafka.infra.doodle.com kind: KafkaTopic version: v1beta1 version: "2" diff --git a/README.md b/README.md index 8832719..6f40528 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,15 @@ # k8skafka-controller +[![CII Best Practices](https://bestpractices.coreinfrastructure.org/projects/5865/badge)](https://bestpractices.coreinfrastructure.org/projects/5643) +[![e2e](https://github.com/DoodleScheduling/k8skafka-controller/workflows/e2e/badge.svg)](https://github.com/DoodleScheduling/k8skafka-controller/actions) +[![report](https://goreportcard.com/badge/github.com/DoodleScheduling/k8skafka-controller)](https://goreportcard.com/report/github.com/DoodleScheduling/k8skafka-controller) +[![license](https://img.shields.io/github/license/DoodleScheduling/k8skafka-controller.svg)](https://github.com/DoodleScheduling/k8skafka-controller/blob/master/LICENSE) +[![release](https://img.shields.io/github/release/DoodleScheduling/k8skafka-controller/all.svg)](https://github.com/DoodleScheduling/k8skafka-controller/releases) + Kubernetes controller that can manage Kafka Topics. +Controller assumes you already have a working Kafka installation. How Kafka brokers are actually managed is outside of the scope of this project for the moment. + ## Features ### Supported - creating topics diff --git a/chart/k8skafka-controller/Chart.yaml b/chart/k8skafka-controller/Chart.yaml index 6d6d62f..104535f 100644 --- a/chart/k8skafka-controller/Chart.yaml +++ b/chart/k8skafka-controller/Chart.yaml @@ -1,7 +1,10 @@ apiVersion: v2 -appVersion: 0.0.0 +appVersion: v0.0.1 description: Manage Kafka Topics and related settings home: https://github.com/DoodleScheduling/k8skafka-controller +maintainers: +- name: devops + email: devops@doodle.com keywords: - kubernetes-controller - kafka @@ -9,4 +12,4 @@ keywords: name: k8skafka-controller sources: - https://github.com/DoodleScheduling/k8skafka-controller -version: 0.0.0 +version: 0.1.1 diff --git a/chart/k8skafka-controller/README.md b/chart/k8skafka-controller/README.md index d7afcdf..bf6edc9 100644 --- a/chart/k8skafka-controller/README.md +++ b/chart/k8skafka-controller/README.md @@ -7,6 +7,7 @@ Installs the [k8skafka-controller](https://github.com/DoodleScheduling/k8skafka- To install the chart with the release name `k8skafka-controller`: ```console +helm repo add k8skafka-controller https://doodlescheduling.github.io/k8skafka-controller/ helm upgrade --install k8skafka-controller chart/k8skafka-controller ``` @@ -14,9 +15,8 @@ This command deploys the k8skafka-controller with the default configuration. The ## Using the Chart -The chart comes with a ServiceMonitor for use with the [Prometheus Operator](https://github.com/helm/charts/tree/master/stable/prometheus-operator). -If you're not using the Prometheus Operator, you can disable the ServiceMonitor by setting `serviceMonitor.enabled` to `false` and instead -populate the `podAnnotations` as below: +The chart comes with a Pod``Monitor for use with the [Prometheus Operator](https://github.com/helm/charts/tree/master/stable/prometheus-operator). +If you're not using the Prometheus Operator, you can populate the `podAnnotations` as below: ```yaml podAnnotations: @@ -30,5 +30,5 @@ podAnnotations: See Customizing the Chart Before Installing. To see all configurable options with detailed comments, visit the chart's values.yaml, or run the configuration command: ```sh -$ helm show values chart/k8skafka-controller +$ helm show values k8skafka-controller/k8skafka-controller ``` diff --git a/chart/k8skafka-controller/crds/kafka.infra.doodle.com_kafkatopics.yaml b/chart/k8skafka-controller/crds/kafka.infra.doodle.com_kafkatopics.yaml new file mode 100644 index 0000000..54610d7 --- /dev/null +++ b/chart/k8skafka-controller/crds/kafka.infra.doodle.com_kafkatopics.yaml @@ -0,0 +1,224 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.5.0 + creationTimestamp: null + name: kafkatopics.kafka.infra.doodle.com +spec: + group: kafka.infra.doodle.com + names: + kind: KafkaTopic + listKind: KafkaTopicList + plural: kafkatopics + shortNames: + - kt + singular: kafkatopic + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: KafkaTopic is the Schema for the kafkatopics API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KafkaTopicSpec defines the desired state of KafkaTopic + properties: + address: + description: The connect URI + type: string + config: + description: Additional topic configuration + properties: + cleanupPolicy: + description: Designates the retention policy to use on old log segments. Either "delete" or "compact" or both ("delete,compact"). The default policy ("delete") will discard old segments when their retention time or size limit has been reached. The "compact" setting will enable log compaction on the topic. + type: string + compressionType: + description: 'Final compression type for a given topic. Supported are standard compression codecs: ''gzip'', ''snappy'', ''lz4'', ''zstd''). It additionally accepts ''uncompressed'' which is equivalent to no compression; and ''producer'' which means retain the original compression codec set by the producer.' + type: string + deleteRetentionMs: + description: The amount of time to retain delete tombstone markers for log compacted topics. Specified in milliseconds. This setting also gives a bound on the time in which a consumer must complete a read if they begin from offset 0 to ensure that they get a valid snapshot of the final stage (otherwise delete tombstones may be collected before they complete their scan). + format: int64 + type: integer + fileDeleteDelayMs: + description: The time to wait before deleting a file from the filesystems + format: int64 + type: integer + flushMessages: + description: This setting allows specifying an interval at which there will be a force if an fsync of data written to the log. For example, if this was set to 1 there would be a fsync after every message; if it were 5 there would be a fsync after every five messages. In general, it is recommended not to set this and use replication for durability and allow the operating system's background flush capabilities as it is more efficient. + format: int64 + type: integer + flushMs: + description: This setting allows specifying a time interval at which there will be a force of an fsync of data written to the log. For example if this was set to 1000 there would be a fsync after 1000 ms had passed. In general, it is not recommended to set this and instead use replication for durability and allow the operating system's background flush capabilities as it is more efficient. + format: int64 + type: integer + followerReplicationThrottledReplicas: + description: A list of replicas for which log replication should be throttled on the follower side. The list should describe a set of replicas in the form [PartitionId]:[BrokerId],[PartitionId]:[BrokerId]:... or alternatively the wildcard '*' can be used to throttle all replicas for this topic. + type: string + indexIntervalBytes: + description: This setting controls how frequently Kafka adds an index entry to its offset index. The default setting ensures that a messages is indexed roughly every 4096 bytes. More indexing allows reads to jump closer to the exact position in the log but makes the index larger. You probably don't need to change this. + format: int64 + type: integer + leaderReplicationThrottledReplicas: + description: A list of replicas for which log replication should be throttled on the leader side. The list should describe a set of replicas in the form [PartitionId]:[BrokerId],[PartitionId]:[BrokerId]:... or alternatively the wildcard '*' can be used to throttle all replicas for this topic. + type: string + maxCompactionLagMs: + description: The maximum time a message will remain ineligible for compaction in the log. Only applicable for logs that are being compacted. + format: int64 + type: integer + maxMessageBytes: + description: The largest record batch size allowed by Kafka. If this is increased and there are consumers older than 0.10.2, the consumers' fetch size must also be increased so that the they can fetch record batches this large. In the latest message format version, records are always grouped into batches for efficiency. In previous message format versions, uncompressed records are not grouped into batches and this limit only applies to a single record in that case. + format: int64 + type: integer + messageDownconversionEnable: + description: This configuration controls whether down-conversion of message formats is enabled to satisfy consume requests. When set to false, broker will not perform down-conversion for consumers expecting an older message format. The broker responds with UNSUPPORTED_VERSION error for consume requests from such older clients. This configuration does not apply to any message format conversion that might be required for replication to followers. + type: boolean + messageFormatVersion: + description: 'Specify the message format version the broker will use to append messages to the logs. The value should be a valid ApiVersion. Some examples are: 0.8.2, 0.9.0.0, 0.10.0, check ApiVersion for more details. By setting a particular message format version, the user is certifying that all the existing messages on disk are smaller or equal than the specified version. Setting this value incorrectly will cause consumers with older versions to break as they will receive messages with a format that they don''t understand.' + type: string + messageTimestampDifferenceMaxMs: + description: The maximum difference allowed between the timestamp when a broker receives a message and the timestamp specified in the message. If MessageTimestampType=CreateTime, a message will be rejected if the difference in timestamp exceeds this threshold. This configuration is ignored if MessageTimestampType=LogAppendTime. + format: int64 + type: integer + messageTimestampType: + description: Define whether the timestamp in the message is message create time or log append time. The value should be either `CreateTime` or `LogAppendTime` + type: string + minCleanableDirtyRatio: + anyOf: + - type: integer + - type: string + description: 'This configuration controls how frequently the log compactor will attempt to clean the log (assuming LogCompaction is enabled). By default we will avoid cleaning a log where more than 50% of the log has been compacted. This ratio bounds the maximum space wasted in the log by duplicates (at 50% at most 50% of the log could be duplicates). A higher ratio will mean fewer, more efficient cleanings but will mean more wasted space in the log. If the MaxCompactionLagMs or the MinCompactionLagMs configurations are also specified, then the log compactor considers the log to be eligible for compaction as soon as either: (i) the dirty ratio threshold has been met and the log has had dirty (uncompacted) records for at least the MinCompactionLagMs duration, or (ii) if the log has had dirty (uncompacted) records for at most the MaxCompactionLagMs period.' + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + minCompactionLagMs: + description: The minimum time a message will remain uncompacted in the log. Only applicable for logs that are being compacted. + format: int64 + type: integer + minInsyncReplicas: + description: When a producer sets acks to "all" (or "-1"), this configuration specifies the minimum number of replicas that must acknowledge a write for the write to be considered successful. If this minimum cannot be met, then the producer will raise an exception (either NotEnoughReplicas or NotEnoughReplicasAfterAppend). When used together, MinInsyncReplicas and acks allow you to enforce greater durability guarantees. A typical scenario would be to create a topic with a replication factor of 3, set MinInsyncReplicas to 2, and produce with ack of "all". This will ensure that the producer raises an exception if a majority of replicas do not receive a write. + format: int64 + type: integer + preallocate: + description: True if we should preallocate the file on disk when creating a new log segment. + type: boolean + retentionBytes: + description: This configuration controls the maximum size a partition (which consists of log segments) can grow to before we will discard old log segments to free up space if we are using the "delete" retention policy. By default there is no size limit only a time limit. Since this limit is enforced at the partition level, multiply it by the number of partitions to compute the topic retention in bytes. + format: int64 + type: integer + retentionMs: + description: This configuration controls the maximum time we will retain a log before we will discard old log segments to free up space if we are using the "delete" retention policy. This represents an SLA on how soon consumers must read their data. If set to -1, no time limit is applied. + format: int64 + type: integer + segmentBytes: + description: This configuration controls the segment file size for the log. Retention and cleaning is always done a file at a time so a larger segment size means fewer files but less granular control over retention. + format: int64 + type: integer + segmentIndexBytes: + description: This configuration controls the size of the index that maps offsets to file positions. We preallocate this index file and shrink it only after log rolls. You generally should not need to change this setting. + format: int64 + type: integer + segmentJitterMs: + description: The maximum random jitter subtracted from the scheduled segment roll time to avoid thundering herds of segment rolling + format: int64 + type: integer + segmentMs: + description: This configuration controls the period of time after which Kafka will force the log to roll even if the segment file isn't full to ensure that retention can delete or compact old data. + format: int64 + type: integer + uncleanLeaderElectionEnable: + description: Indicates whether to enable replicas not in the ISR set to be elected as leader as a last resort, even though doing so may result in data loss. + type: boolean + type: object + name: + description: Name is by default the same as metata.name + type: string + partitions: + description: Number of partitions + format: int64 + type: integer + replicationFactor: + description: Replication factor + format: int64 + type: integer + required: + - address + type: object + status: + description: KafkaTopicStatus defines the observed state of KafkaTopic + properties: + conditions: + description: Conditions holds the conditions for the KafkaTopic. + items: + description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/chart/k8skafka-controller/templates/NOTES.txt b/chart/k8skafka-controller/templates/NOTES.txt index f335bb3..caf380e 100644 --- a/chart/k8skafka-controller/templates/NOTES.txt +++ b/chart/k8skafka-controller/templates/NOTES.txt @@ -1,13 +1 @@ -Verify the application is working by running these commands: -{{if contains "NodePort" .Values.service.type }} - NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") - NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "k8skafka-controller.fullname" . }}) - curl http://$NODE_IP:$NODE_PORT/healthz -{{- else if contains "LoadBalancer" .Values.service.type }} - # NOTE: It may take a few minutes for the LoadBalancer IP to be available. - SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "k8skafka-controller.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - curl http://$SERVICE_IP:{{ .Values.probesPort }}/healthz -{{- else if contains "ClusterIP" .Values.service.type }} - kubectl port-forward service/{{ include "k8skafka-controller.fullname" . }} {{ .Values.probesPort }} - curl http://127.0.0.1:{{ .Values.probesPort }}/healthz -{{- end }} +Controller installed successfully. diff --git a/chart/k8skafka-controller/templates/deployment.yaml b/chart/k8skafka-controller/templates/deployment.yaml index 42d284b..1010b60 100644 --- a/chart/k8skafka-controller/templates/deployment.yaml +++ b/chart/k8skafka-controller/templates/deployment.yaml @@ -47,7 +47,7 @@ spec: - secretRef: name: {{ .Values.envFromSecret }} {{- end }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + image: "{{ .Values.image.repository }}:{{ default .Chart.AppVersion .Values.image.tag }}" imagePullPolicy: {{ .Values.image.pullPolicy }} args: {{- if .Values.extraArgs }} diff --git a/chart/k8skafka-controller/templates/servicemonitor.yaml b/chart/k8skafka-controller/templates/podmonitor.yaml similarity index 57% rename from chart/k8skafka-controller/templates/servicemonitor.yaml rename to chart/k8skafka-controller/templates/podmonitor.yaml index 21dd9d0..c816daa 100644 --- a/chart/k8skafka-controller/templates/servicemonitor.yaml +++ b/chart/k8skafka-controller/templates/podmonitor.yaml @@ -1,6 +1,6 @@ -{{ if .Values.serviceMonitor.enabled }} +{{ if .Values.podMonitor.enabled }} apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor +kind: PodMonitor metadata: name: {{ include "k8skafka-controller.fullname" . }} labels: @@ -8,11 +8,11 @@ metadata: app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} helm.sh/chart: {{ include "k8skafka-controller.chart" . }} - {{- range $key, $value := .Values.serviceMonitor.additionalLabels }} + {{- range $key, $value := .Values.podMonitor.additionalLabels }} {{ $key }}: {{ $value | quote }} {{- end }} - {{- if .Values.serviceMonitor.namespace }} - namespace: {{ .Values.serviceMonitor.namespace }} + {{- if .Values.podMonitor.namespace }} + namespace: {{ .Values.podMonitor.namespace }} {{- end }} annotations: {{- toYaml .Values.annotations | nindent 4 }} @@ -20,10 +20,10 @@ spec: endpoints: - port: metrics path: {{ .Values.metricsPath }} - interval: {{ .Values.serviceMonitor.interval }} - scrapeTimeout: {{ .Values.serviceMonitor.scrapeTimeout }} - {{- if .Values.serviceMonitor.metricRelabelings }} - metricRelabelings: {{ toYaml .Values.serviceMonitor.metricRelabelings | nindent 4 }} + interval: {{ .Values.podMonitor.interval }} + scrapeTimeout: {{ .Values.podMonitor.scrapeTimeout }} + {{- if .Values.podMonitor.metricRelabelings }} + metricRelabelings: {{ toYaml .Values.podMonitor.metricRelabelings | nindent 4 }} {{- end }} namespaceSelector: @@ -33,11 +33,11 @@ spec: matchLabels: app.kubernetes.io/name: {{ include "k8skafka-controller.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} -{{- if .Values.serviceMonitor.targetLabels }} +{{- if .Values.podMonitor.targetLabels }} targetLabels: -{{- range .Values.serviceMonitor.targetLabels }} +{{- range .Values.podMonitor.targetLabels }} - {{ . }} {{- end }} {{- end }} - sampleLimit: {{ .Values.serviceMonitor.sampleLimit }} + sampleLimit: {{ .Values.podMonitor.sampleLimit }} {{- end }} diff --git a/chart/k8skafka-controller/templates/service.yaml b/chart/k8skafka-controller/templates/service.yaml deleted file mode 100644 index 2e1e336..0000000 --- a/chart/k8skafka-controller/templates/service.yaml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ include "k8skafka-controller.fullname" . }} - labels: - app.kubernetes.io/name: {{ include "k8skafka-controller.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - helm.sh/chart: {{ include "k8skafka-controller.chart" . }} -{{- if .Values.service.labels }} -{{ toYaml .Values.service.labels | indent 4 }} -{{- end }} - annotations: - {{- toYaml .Values.service.annotations | nindent 4 }} -spec: - ports: - - port: {{ .Values.metricsPort }} - targetPort: metrics - protocol: TCP - name: metrics - selector: - app.kubernetes.io/name: {{ include "k8skafka-controller.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - type: {{ .Values.service.type }} diff --git a/chart/k8skafka-controller/templates/tests/test-connection.yaml b/chart/k8skafka-controller/templates/tests/test-connection.yaml deleted file mode 100644 index 0aa282c..0000000 --- a/chart/k8skafka-controller/templates/tests/test-connection.yaml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: "{{ include "k8skafka-controller.fullname" . }}-test-connection" - labels: - app.kubernetes.io/name: {{ include "k8skafka-controller.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - helm.sh/chart: {{ include "k8skafka-controller.chart" . }} - annotations: - "helm.sh/hook": test-success -spec: - containers: - - name: wget - image: busybox - command: ['wget'] - args: ['-qO-', '{{ include "k8skafka-controller.fullname" . }}:{{ .Values.service.port }}{{ .Values.metricsPath }}'] - restartPolicy: Never diff --git a/chart/k8skafka-controller/values.yaml b/chart/k8skafka-controller/values.yaml index 4714e4c..ab5d9fb 100644 --- a/chart/k8skafka-controller/values.yaml +++ b/chart/k8skafka-controller/values.yaml @@ -8,8 +8,8 @@ fullnameOverride: "" image: pullPolicy: IfNotPresent - repository: nexus.doodle.com:5000/devops/k8skafka-controller - tag: 0.0.0 + repository: ghcr.io/doodlescheduling/k8skafka-controller + tag: imagePullSecrets: [] @@ -30,7 +30,7 @@ secretMounts: [] # secretName: secret # path: /secrets -#Add additional containers (sidecars) +# Add additional containers (sidecars) extraContainers: podAnnotations: {} @@ -55,17 +55,14 @@ replicas: 1 resources: {} # limits: -# cpu: 50m -# memory: 50Mi +# cpu: 250m +# memory: 192Mi # requests: -# cpu: 20m -# memory: 30Mi +# cpu: 100m +# memory: 128Mi # Extra environment variables that will be passed into the exporter pod env: {} -# env: -# NAMESPACES: default -# CONCURRENT: "10" ## The name of a secret in the same kubernetes namespace which contain values to be added to the environment ## This can be useful for auth tokens, etc @@ -88,11 +85,6 @@ securityContext: runAsNonRoot: true runAsUser: 10000 -service: - labels: {} - annotations: {} - type: ClusterIP - serviceAccount: create: true # If create is true and name is not set, then a name is generated using the @@ -107,11 +99,11 @@ clusterRBAC: # Creates a PodSecurityPolicy and the role/rolebinding # allowing the serviceaccount to use it podSecurityPolicy: - enabled: true + enabled: false -# Prometheus operator ServiceMonitor -serviceMonitor: - enabled: true +# Prometheus operator PodMonitor +podMonitor: + enabled: false interval: 30s scrapeTimeout: 10s namespace: diff --git a/config/crd/bases/kafka.infra.doodle.com_kafkatopics.yaml b/config/crd/bases/kafka.infra.doodle.com_kafkatopics.yaml index c2f9e8e..54610d7 100644 --- a/config/crd/bases/kafka.infra.doodle.com_kafkatopics.yaml +++ b/config/crd/bases/kafka.infra.doodle.com_kafkatopics.yaml @@ -4,7 +4,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.2.5 + controller-gen.kubebuilder.io/version: v0.5.0 creationTimestamp: null name: kafkatopics.kafka.infra.doodle.com spec: @@ -34,14 +34,10 @@ spec: description: KafkaTopic is the Schema for the kafkatopics API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object @@ -55,217 +51,102 @@ spec: description: Additional topic configuration properties: cleanupPolicy: - description: Designates the retention policy to use on old log - segments. Either "delete" or "compact" or both ("delete,compact"). - The default policy ("delete") will discard old segments when - their retention time or size limit has been reached. The "compact" - setting will enable log compaction on the topic. + description: Designates the retention policy to use on old log segments. Either "delete" or "compact" or both ("delete,compact"). The default policy ("delete") will discard old segments when their retention time or size limit has been reached. The "compact" setting will enable log compaction on the topic. type: string compressionType: - description: 'Final compression type for a given topic. Supported - are standard compression codecs: ''gzip'', ''snappy'', ''lz4'', - ''zstd''). It additionally accepts ''uncompressed'' which is - equivalent to no compression; and ''producer'' which means retain - the original compression codec set by the producer.' + description: 'Final compression type for a given topic. Supported are standard compression codecs: ''gzip'', ''snappy'', ''lz4'', ''zstd''). It additionally accepts ''uncompressed'' which is equivalent to no compression; and ''producer'' which means retain the original compression codec set by the producer.' type: string deleteRetentionMs: - description: The amount of time to retain delete tombstone markers - for log compacted topics. Specified in milliseconds. This setting - also gives a bound on the time in which a consumer must complete - a read if they begin from offset 0 to ensure that they get a - valid snapshot of the final stage (otherwise delete tombstones - may be collected before they complete their scan). + description: The amount of time to retain delete tombstone markers for log compacted topics. Specified in milliseconds. This setting also gives a bound on the time in which a consumer must complete a read if they begin from offset 0 to ensure that they get a valid snapshot of the final stage (otherwise delete tombstones may be collected before they complete their scan). format: int64 type: integer fileDeleteDelayMs: - description: The time to wait before deleting a file from the - filesystems + description: The time to wait before deleting a file from the filesystems format: int64 type: integer flushMessages: - description: This setting allows specifying an interval at which - there will be a force if an fsync of data written to the log. - For example, if this was set to 1 there would be a fsync after - every message; if it were 5 there would be a fsync after every - five messages. In general, it is recommended not to set this - and use replication for durability and allow the operating system's - background flush capabilities as it is more efficient. + description: This setting allows specifying an interval at which there will be a force if an fsync of data written to the log. For example, if this was set to 1 there would be a fsync after every message; if it were 5 there would be a fsync after every five messages. In general, it is recommended not to set this and use replication for durability and allow the operating system's background flush capabilities as it is more efficient. format: int64 type: integer flushMs: - description: This setting allows specifying a time interval at - which there will be a force of an fsync of data written to the - log. For example if this was set to 1000 there would be a fsync - after 1000 ms had passed. In general, it is not recommended - to set this and instead use replication for durability and allow - the operating system's background flush capabilities as it is - more efficient. + description: This setting allows specifying a time interval at which there will be a force of an fsync of data written to the log. For example if this was set to 1000 there would be a fsync after 1000 ms had passed. In general, it is not recommended to set this and instead use replication for durability and allow the operating system's background flush capabilities as it is more efficient. format: int64 type: integer followerReplicationThrottledReplicas: - description: A list of replicas for which log replication should - be throttled on the follower side. The list should describe - a set of replicas in the form [PartitionId]:[BrokerId],[PartitionId]:[BrokerId]:... - or alternatively the wildcard '*' can be used to throttle all - replicas for this topic. + description: A list of replicas for which log replication should be throttled on the follower side. The list should describe a set of replicas in the form [PartitionId]:[BrokerId],[PartitionId]:[BrokerId]:... or alternatively the wildcard '*' can be used to throttle all replicas for this topic. type: string indexIntervalBytes: - description: This setting controls how frequently Kafka adds an - index entry to its offset index. The default setting ensures - that a messages is indexed roughly every 4096 bytes. More indexing - allows reads to jump closer to the exact position in the log - but makes the index larger. You probably don't need to change - this. + description: This setting controls how frequently Kafka adds an index entry to its offset index. The default setting ensures that a messages is indexed roughly every 4096 bytes. More indexing allows reads to jump closer to the exact position in the log but makes the index larger. You probably don't need to change this. format: int64 type: integer leaderReplicationThrottledReplicas: - description: A list of replicas for which log replication should - be throttled on the leader side. The list should describe a - set of replicas in the form [PartitionId]:[BrokerId],[PartitionId]:[BrokerId]:... - or alternatively the wildcard '*' can be used to throttle all - replicas for this topic. + description: A list of replicas for which log replication should be throttled on the leader side. The list should describe a set of replicas in the form [PartitionId]:[BrokerId],[PartitionId]:[BrokerId]:... or alternatively the wildcard '*' can be used to throttle all replicas for this topic. type: string maxCompactionLagMs: - description: The maximum time a message will remain ineligible - for compaction in the log. Only applicable for logs that are - being compacted. + description: The maximum time a message will remain ineligible for compaction in the log. Only applicable for logs that are being compacted. format: int64 type: integer maxMessageBytes: - description: The largest record batch size allowed by Kafka. If - this is increased and there are consumers older than 0.10.2, - the consumers' fetch size must also be increased so that the - they can fetch record batches this large. In the latest message - format version, records are always grouped into batches for - efficiency. In previous message format versions, uncompressed - records are not grouped into batches and this limit only applies - to a single record in that case. + description: The largest record batch size allowed by Kafka. If this is increased and there are consumers older than 0.10.2, the consumers' fetch size must also be increased so that the they can fetch record batches this large. In the latest message format version, records are always grouped into batches for efficiency. In previous message format versions, uncompressed records are not grouped into batches and this limit only applies to a single record in that case. format: int64 type: integer messageDownconversionEnable: - description: This configuration controls whether down-conversion - of message formats is enabled to satisfy consume requests. When - set to false, broker will not perform down-conversion for consumers - expecting an older message format. The broker responds with - UNSUPPORTED_VERSION error for consume requests from such older - clients. This configuration does not apply to any message format - conversion that might be required for replication to followers. + description: This configuration controls whether down-conversion of message formats is enabled to satisfy consume requests. When set to false, broker will not perform down-conversion for consumers expecting an older message format. The broker responds with UNSUPPORTED_VERSION error for consume requests from such older clients. This configuration does not apply to any message format conversion that might be required for replication to followers. type: boolean messageFormatVersion: - description: 'Specify the message format version the broker will - use to append messages to the logs. The value should be a valid - ApiVersion. Some examples are: 0.8.2, 0.9.0.0, 0.10.0, check - ApiVersion for more details. By setting a particular message - format version, the user is certifying that all the existing - messages on disk are smaller or equal than the specified version. - Setting this value incorrectly will cause consumers with older - versions to break as they will receive messages with a format - that they don''t understand.' + description: 'Specify the message format version the broker will use to append messages to the logs. The value should be a valid ApiVersion. Some examples are: 0.8.2, 0.9.0.0, 0.10.0, check ApiVersion for more details. By setting a particular message format version, the user is certifying that all the existing messages on disk are smaller or equal than the specified version. Setting this value incorrectly will cause consumers with older versions to break as they will receive messages with a format that they don''t understand.' type: string messageTimestampDifferenceMaxMs: - description: The maximum difference allowed between the timestamp - when a broker receives a message and the timestamp specified - in the message. If MessageTimestampType=CreateTime, a message - will be rejected if the difference in timestamp exceeds this - threshold. This configuration is ignored if MessageTimestampType=LogAppendTime. + description: The maximum difference allowed between the timestamp when a broker receives a message and the timestamp specified in the message. If MessageTimestampType=CreateTime, a message will be rejected if the difference in timestamp exceeds this threshold. This configuration is ignored if MessageTimestampType=LogAppendTime. format: int64 type: integer messageTimestampType: - description: Define whether the timestamp in the message is message - create time or log append time. The value should be either `CreateTime` - or `LogAppendTime` + description: Define whether the timestamp in the message is message create time or log append time. The value should be either `CreateTime` or `LogAppendTime` type: string minCleanableDirtyRatio: anyOf: - type: integer - type: string - description: 'This configuration controls how frequently the log - compactor will attempt to clean the log (assuming LogCompaction - is enabled). By default we will avoid cleaning a log where more - than 50% of the log has been compacted. This ratio bounds the - maximum space wasted in the log by duplicates (at 50% at most - 50% of the log could be duplicates). A higher ratio will mean - fewer, more efficient cleanings but will mean more wasted space - in the log. If the MaxCompactionLagMs or the MinCompactionLagMs - configurations are also specified, then the log compactor considers - the log to be eligible for compaction as soon as either: (i) - the dirty ratio threshold has been met and the log has had dirty - (uncompacted) records for at least the MinCompactionLagMs duration, - or (ii) if the log has had dirty (uncompacted) records for at - most the MaxCompactionLagMs period.' + description: 'This configuration controls how frequently the log compactor will attempt to clean the log (assuming LogCompaction is enabled). By default we will avoid cleaning a log where more than 50% of the log has been compacted. This ratio bounds the maximum space wasted in the log by duplicates (at 50% at most 50% of the log could be duplicates). A higher ratio will mean fewer, more efficient cleanings but will mean more wasted space in the log. If the MaxCompactionLagMs or the MinCompactionLagMs configurations are also specified, then the log compactor considers the log to be eligible for compaction as soon as either: (i) the dirty ratio threshold has been met and the log has had dirty (uncompacted) records for at least the MinCompactionLagMs duration, or (ii) if the log has had dirty (uncompacted) records for at most the MaxCompactionLagMs period.' pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true minCompactionLagMs: - description: The minimum time a message will remain uncompacted - in the log. Only applicable for logs that are being compacted. + description: The minimum time a message will remain uncompacted in the log. Only applicable for logs that are being compacted. format: int64 type: integer minInsyncReplicas: - description: When a producer sets acks to "all" (or "-1"), this - configuration specifies the minimum number of replicas that - must acknowledge a write for the write to be considered successful. - If this minimum cannot be met, then the producer will raise - an exception (either NotEnoughReplicas or NotEnoughReplicasAfterAppend). - When used together, MinInsyncReplicas and acks allow you to - enforce greater durability guarantees. A typical scenario would - be to create a topic with a replication factor of 3, set MinInsyncReplicas - to 2, and produce with ack of "all". This will ensure that the - producer raises an exception if a majority of replicas do not - receive a write. + description: When a producer sets acks to "all" (or "-1"), this configuration specifies the minimum number of replicas that must acknowledge a write for the write to be considered successful. If this minimum cannot be met, then the producer will raise an exception (either NotEnoughReplicas or NotEnoughReplicasAfterAppend). When used together, MinInsyncReplicas and acks allow you to enforce greater durability guarantees. A typical scenario would be to create a topic with a replication factor of 3, set MinInsyncReplicas to 2, and produce with ack of "all". This will ensure that the producer raises an exception if a majority of replicas do not receive a write. format: int64 type: integer preallocate: - description: True if we should preallocate the file on disk when - creating a new log segment. + description: True if we should preallocate the file on disk when creating a new log segment. type: boolean retentionBytes: - description: This configuration controls the maximum size a partition - (which consists of log segments) can grow to before we will - discard old log segments to free up space if we are using the - "delete" retention policy. By default there is no size limit - only a time limit. Since this limit is enforced at the partition - level, multiply it by the number of partitions to compute the - topic retention in bytes. + description: This configuration controls the maximum size a partition (which consists of log segments) can grow to before we will discard old log segments to free up space if we are using the "delete" retention policy. By default there is no size limit only a time limit. Since this limit is enforced at the partition level, multiply it by the number of partitions to compute the topic retention in bytes. format: int64 type: integer retentionMs: - description: This configuration controls the maximum time we will - retain a log before we will discard old log segments to free - up space if we are using the "delete" retention policy. This - represents an SLA on how soon consumers must read their data. - If set to -1, no time limit is applied. + description: This configuration controls the maximum time we will retain a log before we will discard old log segments to free up space if we are using the "delete" retention policy. This represents an SLA on how soon consumers must read their data. If set to -1, no time limit is applied. format: int64 type: integer segmentBytes: - description: This configuration controls the segment file size - for the log. Retention and cleaning is always done a file at - a time so a larger segment size means fewer files but less granular - control over retention. + description: This configuration controls the segment file size for the log. Retention and cleaning is always done a file at a time so a larger segment size means fewer files but less granular control over retention. format: int64 type: integer segmentIndexBytes: - description: This configuration controls the size of the index - that maps offsets to file positions. We preallocate this index - file and shrink it only after log rolls. You generally should - not need to change this setting. + description: This configuration controls the size of the index that maps offsets to file positions. We preallocate this index file and shrink it only after log rolls. You generally should not need to change this setting. format: int64 type: integer segmentJitterMs: - description: The maximum random jitter subtracted from the scheduled - segment roll time to avoid thundering herds of segment rolling + description: The maximum random jitter subtracted from the scheduled segment roll time to avoid thundering herds of segment rolling format: int64 type: integer segmentMs: - description: This configuration controls the period of time after - which Kafka will force the log to roll even if the segment file - isn't full to ensure that retention can delete or compact old - data. + description: This configuration controls the period of time after which Kafka will force the log to roll even if the segment file isn't full to ensure that retention can delete or compact old data. format: int64 type: integer uncleanLeaderElectionEnable: - description: Indicates whether to enable replicas not in the ISR - set to be elected as leader as a last resort, even though doing - so may result in data loss. + description: Indicates whether to enable replicas not in the ISR set to be elected as leader as a last resort, even though doing so may result in data loss. type: boolean type: object name: @@ -288,45 +169,23 @@ spec: conditions: description: Conditions holds the conditions for the KafkaTopic. items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type - \ // +patchStrategy=merge // +listType=map // +listMapKey=type - \ Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` - \n // other fields }" + description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. + description: message is a human readable message indicating details about the transition. This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ @@ -339,11 +198,7 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string diff --git a/config/default/kustomization.yaml b/config/default/kustomization.yaml index 8334219..fa89f4d 100644 --- a/config/default/kustomization.yaml +++ b/config/default/kustomization.yaml @@ -1,6 +1,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1 namespace: k8skafka-system -bases: +resources: - ../crd - ../rbac - ../manager diff --git a/config/manager/manager.yaml b/config/manager/deployment.yaml similarity index 51% rename from config/manager/manager.yaml rename to config/manager/deployment.yaml index 0667685..f33e579 100644 --- a/config/manager/manager.yaml +++ b/config/manager/deployment.yaml @@ -17,11 +17,27 @@ spec: containers: - command: - /manager -# args: -# - --enable-leader-election - image: controller:latest + image: ghcr.io/doodlescheduling/k8skafka-controller:latest imagePullPolicy: IfNotPresent + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true name: manager + ports: + - containerPort: 9557 + name: healthz + protocol: TCP + - containerPort: 9556 + name: metrics + protocol: TCP + readinessProbe: + httpGet: + path: /readyz + port: healthz + livenessProbe: + httpGet: + path: /healthz + port: healthz resources: limits: cpu: 100m diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml index baa69a5..9ff911f 100644 --- a/config/manager/kustomization.yaml +++ b/config/manager/kustomization.yaml @@ -1,8 +1,7 @@ -resources: -- manager.yaml apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +resources: +- deployment.yaml images: -- name: controller - newName: test/k8skafka-controller - newTag: latest +- name: ghcr.io/doodlescheduling/k8skafka-controller + newTag: v0.0.1 \ No newline at end of file diff --git a/config/rbac/kafkatopic_editor_role.yaml b/config/rbac/kafkatopic_editor_role.yaml new file mode 100644 index 0000000..ff139fa --- /dev/null +++ b/config/rbac/kafkatopic_editor_role.yaml @@ -0,0 +1,24 @@ +# permissions for end users to edit kafkatopics. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: kafkatopic-editor-role +rules: +- apiGroups: + - kafka.infra.doodle.com + resources: + - kafkatopics + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - kafka.infra.doodle.com + resources: + - kafkatopics/status + verbs: + - get diff --git a/config/rbac/kafkatopic_viewer_role.yaml b/config/rbac/kafkatopic_viewer_role.yaml new file mode 100644 index 0000000..d4f4438 --- /dev/null +++ b/config/rbac/kafkatopic_viewer_role.yaml @@ -0,0 +1,20 @@ +# permissions for end users to view kafkatopics. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: kafkatopic-viewer-role +rules: +- apiGroups: + - kafka.infra.doodle.com + resources: + - kafkatopics + verbs: + - get + - list + - watch +- apiGroups: + - kafka.infra.doodle.com + resources: + - kafkatopics/status + verbs: + - get diff --git a/config/rbac/kustomization.yaml b/config/rbac/kustomization.yaml index c887f9f..df589b9 100644 --- a/config/rbac/kustomization.yaml +++ b/config/rbac/kustomization.yaml @@ -1,3 +1,6 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namePrefix: k8skafka- resources: - role.yaml - role_binding.yaml diff --git a/config/samples/infra_v1beta1_kafkatopic.yaml b/config/samples/infra_v1beta1_kafkatopic.yaml new file mode 100644 index 0000000..30ffb74 --- /dev/null +++ b/config/samples/infra_v1beta1_kafkatopic.yaml @@ -0,0 +1,13 @@ +apiVersion: kafka.infra.doodle.com/v1beta1 +kind: KafkaTopic +metadata: + name: my-topic + namespace: default +spec: + address: "kafka-client.default:9092" + config: + cleanupPolicy: delete + deleteRetentionMs: 604800000 + minInsyncReplicas: 2 + partitions: 16 + replicationFactor: 3 diff --git a/controllers/suite_test.go b/controllers/suite_test.go index e22c4b8..72460be 100644 --- a/controllers/suite_test.go +++ b/controllers/suite_test.go @@ -56,6 +56,8 @@ var ( const ( numberOfConcurrentReconcilers = 1 + kafkaClusterReadyWaitTimeout = time.Second * 30 + kafkaClusterReadyWaitInterval = time.Second ) func TestAPIs(t *testing.T) { @@ -127,7 +129,12 @@ var _ = BeforeSuite(func(done Done) { CRDDirectoryPaths: []string{filepath.Join("..", "config", "crd", "bases")}, } + By("starting up env") var err error + cfg, err = testEnv.Start() + Expect(err).ToNot(HaveOccurred()) + Expect(cfg).ToNot(BeNil()) + By("setting up kafka cluster") kafkaCluster, err = NewTestingKafkaCluster() Expect(err).NotTo(HaveOccurred()) @@ -141,10 +148,6 @@ var _ = BeforeSuite(func(done Done) { Expect(err).ToNot(HaveOccurred()) Expect(TestingKafkaClusterHost).ToNot(BeEmpty()) - cfg, err = testEnv.Start() - Expect(err).ToNot(HaveOccurred()) - Expect(cfg).ToNot(BeNil()) - err = infrav1beta1.AddToScheme(scheme.Scheme) Expect(err).NotTo(HaveOccurred()) @@ -157,6 +160,15 @@ var _ = BeforeSuite(func(done Done) { Expect(err).ToNot(HaveOccurred()) Expect(k8sClient).ToNot(BeNil()) + By("ensuring the kafka cluster is started") + Eventually(func() bool { + if s, err := kafkaCluster.IsAlive(); err != nil { + return false + } else { + return s + } + }, kafkaClusterReadyWaitTimeout, kafkaClusterReadyWaitInterval).Should(BeTrue()) + k8sManager, err := ctrl.NewManager(cfg, ctrl.Options{ Scheme: scheme.Scheme, }) diff --git a/controllers/testing_kafka_cluster.go b/controllers/testing_kafka_cluster.go index 94a1e26..b1c80b2 100644 --- a/controllers/testing_kafka_cluster.go +++ b/controllers/testing_kafka_cluster.go @@ -13,6 +13,7 @@ const ( ZOOKEEPER_PORT = "2181" KAFKA_BROKER_PORT = "9092" KAFKA_CLIENT_PORT = "9093" + KAFKA_BROKER_ID = "1" ZOOKEEPER_IMAGE = "confluentinc/cp-zookeeper:5.5.2" KAFKA_IMAGE = "confluentinc/cp-kafka:5.5.2" ) @@ -30,6 +31,9 @@ func (kc *TestingKafkaCluster) StartCluster() error { if err := kc.kafkaContainer.Start(ctx); err != nil { return err } + if err := kc.createProbe(); err != nil { + return err + } return kc.startKafka() } @@ -57,6 +61,19 @@ func (kc *TestingKafkaCluster) GetKafkaHost() (string, error) { return host + ":" + port.Port(), nil } +func (kc *TestingKafkaCluster) createProbe() error { + probeScript, err := ioutil.TempFile("", "probe.sh") + if err != nil { + return err + } + defer os.Remove(probeScript.Name()) + probeScript.WriteString("#!/bin/bash \n") + probeScript.WriteString(fmt.Sprintf("id=$(zookeeper-shell localhost:%s ls /brokers/ids | grep \"\\[%s\") \n", ZOOKEEPER_PORT, KAFKA_BROKER_ID)) + probeScript.WriteString(fmt.Sprintf("if [ $id = \"[%s]\" ]; then exit 0; else exit 1; fi", KAFKA_BROKER_ID)) + + return kc.zookeeperContainer.CopyFileToContainer(context.Background(), probeScript.Name(), "probe.sh", 0700) +} + func (kc *TestingKafkaCluster) startKafka() error { ctx := context.Background() kafkaStartFile, err := ioutil.TempFile("", "testcontainers_start.sh") @@ -102,6 +119,18 @@ func NewTestingKafkaCluster() (*TestingKafkaCluster, error) { }, nil } +func (kc *TestingKafkaCluster) IsAlive() (bool, error) { + if s, err := kc.zookeeperContainer.Exec(context.Background(), []string{ + "/probe.sh", + }); err != nil { + return false, err + } else if s == 0 { + return true, nil + } else { + return false, nil + } +} + func createZookeeperContainer(network *testcontainers.DockerNetwork) (testcontainers.Container, error) { ctx := context.Background() @@ -124,7 +153,7 @@ func createKafkaContainer(network *testcontainers.DockerNetwork) (testcontainers Image: KAFKA_IMAGE, ExposedPorts: []string{KAFKA_CLIENT_PORT}, Env: map[string]string{ - "KAFKA_BROKER_ID": "1", + "KAFKA_BROKER_ID": KAFKA_BROKER_ID, "KAFKA_ZOOKEEPER_CONNECT": fmt.Sprintf("zookeeper:%s", ZOOKEEPER_PORT), "KAFKA_LISTENERS": fmt.Sprintf("PLAINTEXT://0.0.0.0:%s,BROKER://0.0.0.0:%s", KAFKA_CLIENT_PORT, KAFKA_BROKER_PORT), "KAFKA_LISTENER_SECURITY_PROTOCOL_MAP": "BROKER:PLAINTEXT,PLAINTEXT:PLAINTEXT",