Skip to content

Commit

Permalink
Redhat kraft (#88)
Browse files Browse the repository at this point in the history 
* Fix flaky test by deleting nodeports explicitly (#67)

* Upgrade Kafka to 3.6.0 (#69)

* Upgrade dependencies

* Fix wrong port on expectEnvoyWithConfigAz2Tls test (#70)

* Upgrade Kafka to 3.6.1 (#71)

Co-authored-by: Petruț™ <cpetrache@adobe.com>

* Upgrade Kafka image to use Java v21 (#72)

* Added arm64 to docker build platforms (#73)

* Added arm64 to docker build platforms

* Regenerated headers for 2024

* Upgrading Kafka to 3.7.0 (#77)

* Update codeql-analysis.yml (#78)

* [INTERNAL] Create uniq leader ID per operator deployment (#76)

* [INTERNAL] Get watched namespaces from env variable (#75)

(cherry picked from commit de6500b)

* [CORE-106517] Fix outdated config in the sample (#83)

* Cross-compile koperator for arm and intel. (#84)

* Adding Contour Ingress support (#82)

* Allow property security-inter-broker-protocol  (#85)

* adding the ability to use security-inter-broker-protocol in koperator

* updating util.go to remove _ for generated names

* adding replace all for external listener port name

* fixing other places where externallistener name is used to not have _

* adding an alternative way to identify which port to use for kafka administration and cc connection

* taking out comments for pr push

* fixing kafka crd

* setting omitempty so it will not be required

* adding generated crds

* adding comments with context for new flag UsedForKafkaAdminCommunication

* Use getBrokerReadOnlyConfig function to get properties and update unit test - security_inter_broker_protocol_Set

* Update crds to match generated manifest

---------

Co-authored-by: Cameron Wright <red82277@adobe.com>
Co-authored-by: Ha Van <red83362@adobe.com>

---------

Co-authored-by: ctrlaltluc <96051211+ctrlaltluc@users.noreply.github.com>
Co-authored-by: Adi Muraru <amuraru@adobe.com>
Co-authored-by: Razvan Dobre <dobre@adobe.com>
Co-authored-by: Cristian-Petrut Petrache <cristianpetrache@gmail.com>
Co-authored-by: Petruț™ <cpetrache@adobe.com>
Co-authored-by: Adrian Muraru <adi.muraru@gmail.com>
Co-authored-by: Adrian <1664229+azun@users.noreply.github.com>
Co-authored-by: aguzovatii <guzovatii.anatolii@gmail.com>
Co-authored-by: cawright-rh <cawright@redhat.com>
Co-authored-by: Cameron Wright <red82277@adobe.com>
Co-authored-by: Ha Van <red83362@adobe.com>
Co-authored-by: Daniel Vaseekaran <red10447@adobe.com>
  • Loading branch information
@dvaseekara @ctrlaltluc
@amuraru @dobrerazvan @cristianpetrache @azun @aguzovatii @cawright-rh
13 people authored Nov 13, 2024
1 parent 20be375 commit c740d2e
Show file tree
Hide file tree
Showing 36 changed files with 10,183 additions and 86 deletions.
7 changes: 5 additions & 2 deletions .github/workflows/build-push-kafka-docker.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,18 +24,21 @@ jobs:
echo ::set-output name=version::${VERSION}
echo ::set-output name=tags::${TAGS}
echo ::set-output name=created::$(date -u +'%Y-%m-%dT%H:%M:%SZ')
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
uses: docker/setup-buildx-action@v3
- name: Login to DockerHub
if: startsWith(github.ref, 'refs/tags/')
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Build and push
uses: docker/build-push-action@v2
uses: docker/build-push-action@v5
with:
context: docker/kafka
platforms: linux/amd64,linux/arm64
push: ${{ startsWith(github.ref, 'refs/tags/') }}
tags: ${{ steps.prep.outputs.tags }}
labels: |
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/codeql-analysis.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ jobs:

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v1
uses: github/codeql-action/init@v2
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
Expand All @@ -54,7 +54,7 @@ jobs:
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@v1
uses: github/codeql-action/autobuild@v2

# ℹ️ Command-line programs to run using the OS shell.
# 📚 https://git.io/JvXDl
Expand All @@ -68,4 +68,4 @@ jobs:
# make release

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v1
uses: github/codeql-action/analyze@v2
14 changes: 14 additions & 0 deletions Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -156,6 +156,20 @@ docker-build: ## Build the operator docker image.
docker-push: ## Push the operator docker image.
docker push ${IMG}

# PLATFORMS defines the target platforms for the manager image be built to provide support to multiple
# architectures. (i.e. make docker-buildx IMG=myregistry/mypoperator:0.0.1). To use this option you need to:
# - be able to use docker buildx. More info: https://docs.docker.com/build/buildx/
# - have enabled BuildKit. More info: https://docs.docker.com/develop/develop-images/build_enhancements/
# - be able to push the image to your registry (i.e. if you do not set a valid value via IMG=<myregistry/image:<tag>> then the export will fail)
# To adequately provide solutions that are compatible with multiple platforms, you should consider using this option.
PLATFORMS ?= linux/arm64,linux/amd64
.PHONY: docker-buildx
docker-buildx: ## Build and push docker image for the manager for cross-platform support
- docker buildx create --name koperator-builder
docker buildx use koperator-builder
docker buildx build --push --platform=$(PLATFORMS) --tag ${IMG} -f Dockerfile .
- docker buildx rm koperator-builder

bin/controller-gen: bin/controller-gen-$(CONTROLLER_GEN_VERSION) ## Symlink controller-gen-<version> into versionless controller-gen.
@ln -sf controller-gen-$(CONTROLLER_GEN_VERSION) bin/controller-gen

Expand Down
2 changes: 1 addition & 1 deletion api/go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ require (
golang.org/x/net v0.18.0 // indirect
golang.org/x/text v0.14.0 // indirect
gopkg.in/inf.v0 v0.9.1 // indirect
gopkg.in/yaml.v2 v2.4.0 // indirect
// gopkg.in/yaml.v2 v2.4.0 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
k8s.io/klog/v2 v2.110.1 // indirect
k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect
Expand Down
38 changes: 27 additions & 11 deletions api/v1beta1/kafkacluster_types.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -178,7 +178,7 @@ type KafkaClusterSpec struct {
RollingUpgradeConfig RollingUpgradeConfig `json:"rollingUpgradeConfig"`
// Selector for broker pods that need to be recycled/reconciled
TaintedBrokersSelector *metav1.LabelSelector `json:"taintedBrokersSelector,omitempty"`
// +kubebuilder:validation:Enum=envoy;istioingress
// +kubebuilder:validation:Enum=envoy;contour;istioingress
// IngressController specifies the type of the ingress controller to be used for external listeners. The `istioingress` ingress controller type requires the `spec.istioControlPlane` field to be populated as well.
IngressController string `json:"ingressController,omitempty"`
// IstioControlPlane is a reference to the IstioControlPlane resource for envoy configuration. It must be specified if istio ingress is used.
Expand All @@ -190,13 +190,14 @@ type KafkaClusterSpec struct {
// when false, they will be kept so the Kafka cluster remains available for those Kafka clients which are still using the previous ingress setting.
// +kubebuilder:default=false
// +optional
RemoveUnusedIngressResources bool `json:"removeUnusedIngressResources,omitempty"`
PropagateLabels bool `json:"propagateLabels,omitempty"`
CruiseControlConfig CruiseControlConfig `json:"cruiseControlConfig"`
EnvoyConfig EnvoyConfig `json:"envoyConfig,omitempty"`
MonitoringConfig MonitoringConfig `json:"monitoringConfig,omitempty"`
AlertManagerConfig *AlertManagerConfig `json:"alertManagerConfig,omitempty"`
IstioIngressConfig IstioIngressConfig `json:"istioIngressConfig,omitempty"`
RemoveUnusedIngressResources bool `json:"removeUnusedIngressResources,omitempty"`
PropagateLabels bool `json:"propagateLabels,omitempty"`
CruiseControlConfig CruiseControlConfig `json:"cruiseControlConfig"`
EnvoyConfig EnvoyConfig `json:"envoyConfig,omitempty"`
ContourIngressConfig ContourIngressConfig `json:"contourIngressConfig,omitempty"`
MonitoringConfig MonitoringConfig `json:"monitoringConfig,omitempty"`
AlertManagerConfig *AlertManagerConfig `json:"alertManagerConfig,omitempty"`
IstioIngressConfig IstioIngressConfig `json:"istioIngressConfig,omitempty"`
// Envs defines environment variables for Kafka broker Pods.
// Adding the "+" prefix to the name prepends the value to that environment variable instead of overwriting it.
// Add the "+" suffix to append.
Expand Down Expand Up @@ -622,6 +623,10 @@ func (c IngressServiceSettings) GetServiceType() corev1.ServiceType {
return c.ServiceType
}

func (c ContourIngressConfig) GetBrokerFqdn(brokerId int32) string {
return strings.Replace(c.BrokerFQDNTemplate, "%id", strconv.Itoa(int(brokerId)), 1)
}

// Replace %id in brokerHostnameTemplate with actual broker id
func (c EnvoyConfig) GetBrokerHostname(brokerId int32) string {
return strings.Replace(c.BrokerHostnameTemplate, "%id", strconv.Itoa(int(brokerId)), 1)
Expand Down Expand Up @@ -702,7 +707,7 @@ type ExternalListenerConfig struct {
// IngressControllerTargetPort defines the container port that the ingress controller uses for handling external traffic.
// If not defined, 29092 will be used as the default IngressControllerTargetPort value.
IngressControllerTargetPort *int32 `json:"ingressControllerTargetPort,omitempty"`
// +kubebuilder:validation:Enum=LoadBalancer;NodePort
// +kubebuilder:validation:Enum=LoadBalancer;NodePort;ClusterIP
// accessMethod defines the method which the external listener is exposed through.
// Two types are supported LoadBalancer and NodePort.
// The recommended and default is the LoadBalancer.
Expand All @@ -725,8 +730,16 @@ type Config struct {

type IngressConfig struct {
IngressServiceSettings `json:",inline"`
IstioIngressConfig *IstioIngressConfig `json:"istioIngressConfig,omitempty"`
EnvoyConfig *EnvoyConfig `json:"envoyConfig,omitempty"`
IstioIngressConfig *IstioIngressConfig `json:"istioIngressConfig,omitempty"`
EnvoyConfig *EnvoyConfig `json:"envoyConfig,omitempty"`
ContourIngressConfig *ContourIngressConfig `json:"contourIngressConfig,omitempty"`
}

type ContourIngressConfig struct {
// TLS secret used for Contour IngressRoute resource
TLSSecretName string `json:"tlsSecretName"`
// Broker hostname template for Contour IngressRoute resource to generate broker hostnames.
BrokerFQDNTemplate string `json:"brokerFQDNTemplate"`
}

// InternalListenerConfig defines the internal listener config for Kafka
Expand Down Expand Up @@ -764,6 +777,9 @@ type CommonListenerSpec struct {
// At least one of the listeners should have this flag enabled
// +optional
UsedForInnerBrokerCommunication bool `json:"usedForInnerBrokerCommunication"`
// UsedForKafkaAdminCommunication allows for a different port to be returned when the koperator is checking for the port to use to check if kafka is operating.
// +optional
UsedForKafkaAdminCommunication bool `json:"usedForKafkaAdminCommunication,omitempty"`
}

func (c *CommonListenerSpec) GetServerSSLCertSecretName() string {
Expand Down
21 changes: 21 additions & 0 deletions api/v1beta1/zz_generated.deepcopy.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

40 changes: 40 additions & 0 deletions charts/kafka-operator/crds/kafkaclusters.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12919,6 +12919,19 @@ spec:
type: string
clusterWideConfig:
type: string
contourIngressConfig:
properties:
brokerFQDNTemplate:
description: Broker hostname template for Contour IngressRoute
resource to generate broker hostnames.
type: string
tlsSecretName:
description: TLS secret used for Contour IngressRoute resource
type: string
required:
- brokerFQDNTemplate
- tlsSecretName
type: object
cruiseControlConfig:
description: CruiseControlConfig defines the config for Cruise Control
properties:
Expand Down Expand Up @@ -18837,6 +18850,7 @@ spec:
as well.
enum:
- envoy
- contour
- istioingress
type: string
istioControlPlane:
Expand Down Expand Up @@ -19197,6 +19211,7 @@ spec:
enum:
- LoadBalancer
- NodePort
- ClusterIP
type: string
anyCastPort:
description: configuring AnyCastPort allows kafka cluster
Expand All @@ -19216,6 +19231,21 @@ spec:
ingressConfig:
additionalProperties:
properties:
contourIngressConfig:
properties:
brokerFQDNTemplate:
description: Broker hostname template for
Contour IngressRoute resource to generate
broker hostnames.
type: string
tlsSecretName:
description: TLS secret used for Contour IngressRoute
resource
type: string
required:
- brokerFQDNTemplate
- tlsSecretName
type: object
envoyConfig:
description: EnvoyConfig defines the config for
Envoy
Expand Down Expand Up @@ -21673,6 +21703,11 @@ spec:
description: At least one of the listeners should have this
flag enabled
type: boolean
usedForKafkaAdminCommunication:
description: UsedForKafkaAdminCommunication allows for a
different port to be returned when the koperator is checking
for the port to use to check if kafka is operating.
type: boolean
required:
- containerPort
- externalStartingPort
Expand Down Expand Up @@ -21749,6 +21784,11 @@ spec:
description: At least one of the listeners should have this
flag enabled
type: boolean
usedForKafkaAdminCommunication:
description: UsedForKafkaAdminCommunication allows for a
different port to be returned when the koperator is checking
for the port to use to check if kafka is operating.
type: boolean
required:
- containerPort
- name
Expand Down
40 changes: 40 additions & 0 deletions config/base/crds/kafka.banzaicloud.io_kafkaclusters.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12919,6 +12919,19 @@ spec:
type: string
clusterWideConfig:
type: string
contourIngressConfig:
properties:
brokerFQDNTemplate:
description: Broker hostname template for Contour IngressRoute
resource to generate broker hostnames.
type: string
tlsSecretName:
description: TLS secret used for Contour IngressRoute resource
type: string
required:
- brokerFQDNTemplate
- tlsSecretName
type: object
cruiseControlConfig:
description: CruiseControlConfig defines the config for Cruise Control
properties:
Expand Down Expand Up @@ -18837,6 +18850,7 @@ spec:
as well.
enum:
- envoy
- contour
- istioingress
type: string
istioControlPlane:
Expand Down Expand Up @@ -19197,6 +19211,7 @@ spec:
enum:
- LoadBalancer
- NodePort
- ClusterIP
type: string
anyCastPort:
description: configuring AnyCastPort allows kafka cluster
Expand All @@ -19216,6 +19231,21 @@ spec:
ingressConfig:
additionalProperties:
properties:
contourIngressConfig:
properties:
brokerFQDNTemplate:
description: Broker hostname template for
Contour IngressRoute resource to generate
broker hostnames.
type: string
tlsSecretName:
description: TLS secret used for Contour IngressRoute
resource
type: string
required:
- brokerFQDNTemplate
- tlsSecretName
type: object
envoyConfig:
description: EnvoyConfig defines the config for
Envoy
Expand Down Expand Up @@ -21673,6 +21703,11 @@ spec:
description: At least one of the listeners should have this
flag enabled
type: boolean
usedForKafkaAdminCommunication:
description: UsedForKafkaAdminCommunication allows for a
different port to be returned when the koperator is checking
for the port to use to check if kafka is operating.
type: boolean
required:
- containerPort
- externalStartingPort
Expand Down Expand Up @@ -21749,6 +21784,11 @@ spec:
description: At least one of the listeners should have this
flag enabled
type: boolean
usedForKafkaAdminCommunication:
description: UsedForKafkaAdminCommunication allows for a
different port to be returned when the koperator is checking
for the port to use to check if kafka is operating.
type: boolean
required:
- containerPort
- name
Expand Down
4 changes: 2 additions & 2 deletions config/samples/banzaicloud_v1beta1_kafkacluster.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,13 +59,13 @@ spec:
# alerts with 'rollingupgrade'
# failureThreshold: 1

# concurrentBrokerRestartsAllowed controls how many brokers can be restarted in parallel during a rolling upgrade. If
# concurrentBrokerRestartCountPerRack controls how many brokers can be restarted in parallel during a rolling upgrade. If
# it is set to a value greater than 1, the operator will restart up to that amount of brokers in parallel, if the
# brokers are within the same AZ (as specified by "broker.rack" in broker read-only configs). Since using Kafka broker
# racks spreads out the replicas, we know that restarting multiple brokers in the same rack will not cause more than
# 1/Nth of the replicas of a topic-partition to be unavailable at the same time, where N is the number of racks used.
# This is a safe way to speed up the rolling upgrade.
# concurrentBrokerRestartsAllowed: 1
# concurrentBrokerRestartCountPerRack: 1

# brokerConfigGroups specifies multiple broker configs with unique name
brokerConfigGroups:
Expand Down
Loading

0 comments on commit c740d2e

Please sign in to comment.