Gitiles
Code Review Sign In
gerrit.nordix.org / onap / oom / a00b9036625fb914bc4164aac0017f645442919f / . / kubernetes / strimzi / values.yaml
blob: fe3ca852a9d78dd70429426dd947d2ee51fa818d [file] [log] [blame]
efiacor5c573312022-01-27 13:46:56 +0000[diff] [blame]1# Copyright © 2022 Nordix Foundation
2#
3# Licensed under the Apache License, Version 2.0 (the "License");
4# you may not use this file except in compliance with the License.
5# You may obtain a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS,
11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12# See the License for the specific language governing permissions and
13# limitations under the License.
14
15#################################################################
16# Global configuration defaults.
17#################################################################
18global:
efiacoraf68a7e2022-04-08 10:59:52 +0100[diff] [blame]19 nodePortPrefixExt: 304
efiacor5c573312022-01-27 13:46:56 +0000[diff] [blame]20 persistence:
21 mountPath: /dockerdata-nfs
Andreas Geissler29007652023-03-23 14:05:45 +0100[diff] [blame]22 ingress:
23 virtualhost:
24 baseurl: &baseurl "simpledemo.onap.org"
25 preaddr: &preaddr ""
26 postaddr: &postaddr ""
27
efiacor5c573312022-01-27 13:46:56 +0000[diff] [blame]28#################################################################
29# Application configuration defaults.
30#################################################################
efiacor1cfa2fb2022-06-01 16:02:39 +0100[diff] [blame]31replicaCount: 3
Andreas Geissler64f95b12023-11-17 11:35:18 +0100[diff] [blame]32affinity:
33 podAntiAffinity:
34 enabled: true
efiacor57901a92022-11-14 16:17:15 +0000[diff] [blame]35config:
Andreas Geissler4b5e5842024-08-19 16:30:45 +0200[diff] [blame]36 kafkaVersion: 3.8.0
efiacor57901a92022-11-14 16:17:15 +0000[diff] [blame]37 authType: simple
38 saslMechanism: &saslMech scram-sha-512
39 kafkaInternalPort: &plainPort 9092
40 strimziKafkaAdminUser: &adminUser strimzi-kafka-admin
Andreas Geisslereb68c402023-02-23 11:09:01 +0100[diff] [blame]41 advertisedHost: kafka-api.simpledemo.onap.org
42 advertizedPortBroker0: &advertizedPortBroker0 9000
43 advertizedPortBroker1: &advertizedPortBroker1 9001
44 advertizedPortBroker2: &advertizedPortBroker2 9002
Lukasz Rajewski3d097d92023-10-02 13:10:15 +0200[diff] [blame]45 autoCreateTopics: true
efiacor5c573312022-01-27 13:46:56 +0000[diff] [blame]46
efiacor57901a92022-11-14 16:17:15 +0000[diff] [blame]47persistence:
48 enabled: &pvenabled true
efiacor5c573312022-01-27 13:46:56 +0000[diff] [blame]49 mountPath: /dockerdata-nfs
efiacor57901a92022-11-14 16:17:15 +0000[diff] [blame]50 kafka:
51 enabled: *pvenabled
52 # default values of 2Gi for dev env.
53 # Production values should be dimensioned according to requirements. ie >= 10Gi
54 size: 2Gi
55 volumeReclaimPolicy: Retain
56 accessMode: ReadWriteOnce
57 mountPath: /dockerdata-nfs
58 mountSubPath: strimzi-kafka/kafka
59 zookeeper:
60 enabled: *pvenabled
61 size: 1Gi
62 volumeReclaimPolicy: Retain
63 accessMode: ReadWriteOnce
64 mountPath: /dockerdata-nfs
65 mountSubPath: strimzi-kafka/zk
efiacor5c573312022-01-27 13:46:56 +0000[diff] [blame]66
67#Pods Service Account
68serviceAccount:
69 nameOverride: strimzi-kafka
70 roles:
71 - read
efiacor57901a92022-11-14 16:17:15 +0000[diff] [blame]72
Andreas Geisslereb68c402023-02-23 11:09:01 +0100[diff] [blame]73ingress:
74 enabled: false
75 service:
76 - baseaddr: "kafka-bootstrap-api"
77 name: "onap-strimzi-kafka-external-bootstrap"
78 port: 9094
Andreas Geissler29007652023-03-23 14:05:45 +0100[diff] [blame]79 protocol: tcp
Andreas Geisslereb68c402023-02-23 11:09:01 +0100[diff] [blame]80 exposedPort: 9010
81 exposedProtocol: TLS
Andreas Geissler29007652023-03-23 14:05:45 +0100[diff] [blame]82 - baseaddr: "kafka-api"
83 tcpRoutes:
84 - name: "onap-strimzi-kafka-0"
85 port: 9094
86 exposedPort: *advertizedPortBroker0
87 exposedProtocol: TLS
88 - name: "onap-strimzi-kafka-1"
89 port: 9094
90 exposedPort: *advertizedPortBroker1
91 exposedProtocol: TLS
92 - name: "onap-strimzi-kafka-2"
93 port: 9094
94 exposedPort: *advertizedPortBroker2
95 exposedProtocol: TLS
Andreas Geisslereb68c402023-02-23 11:09:01 +0100[diff] [blame]96
miroslavmasarykaa5f0fa2023-03-20 10:21:36 +0100[diff] [blame]97# Kafka Exporter for metrics
98metrics:
99 enabled: false
100 kafkaExporter:
101 enabled: false
102 metricsConfig:
103 type: jmxPrometheusExporter
104 topicRegex: ".*"
105 groupRegex: ".*"
106 resources:
107 requests:
Andreas Geissler47537432024-02-27 08:55:23 +0100[diff] [blame]108 cpu: "2"
Andreas Geissler8cbb3d92024-03-12 16:44:56 +0100[diff] [blame]109 memory: "600Mi"
miroslavmasarykaa5f0fa2023-03-20 10:21:36 +0100[diff] [blame]110 limits:
Andreas Geissler47537432024-02-27 08:55:23 +0100[diff] [blame]111 cpu: "5"
112 memory: "1.5Gi"
miroslavmasarykaa5f0fa2023-03-20 10:21:36 +0100[diff] [blame]113 logging: debug
114 enableSaramaLogging: true
115 readinessProbe:
116 initialDelaySeconds: 15
117 timeoutSeconds: 5
118 livenessProbe:
119 initialDelaySeconds: 15
120 timeoutSeconds: 5
121 podMonitor:
122 # Prometheus pre requisite. Currently an optional addon in the OOM docs
123 enabled: false
124 # default port for strimzi metrics
125 port: "tcp-prometheus"
126 # podMonitor labels for prometheus to pick up the podMonitor
127 # dummy value
128 labels:
129 release: dummy
130 relabelings: []
131 metricRelabelings: []
132
133cruiseControl:
134## Cruise Control provides a Kafka metrics reporter implementation
135## once installed into the Kafka brokers, filters and records a wide range of metrics provided by the brokers themselves.
136## pre requisite is having 2 or more broker nodes
137 enabled: false
138 metricsConfig:
139 type: jmxPrometheusExporter
140 ## Custom resource for Kafka that can rebalance your cluster
141 # ref. https://strimzi.io/blog/2020/06/15/cruise-control/
142 kafkaRebalance:
143 enabled: false
Andreas Geissler4b5e5842024-08-19 16:30:45 +0200[diff] [blame]144 template:
145 pod:
146 securityContext:
147 seccompProfile:
148 type: RuntimeDefault
149 cruiseControlContainer:
150 securityContext:
151 allowPrivilegeEscalation: false
152 readOnlyRootFilesystem: true
153 runAsGroup: 1001
154 runAsNonRoot: true
155 runAsUser: 1001
156 capabilities:
157 drop:
158 - ALL
159 - CAP_NET_RAW
160 resources:
161 limits:
162 cpu: '2'
163 memory: 2Gi
164 requests:
165 cpu: 100m
166 memory: 1Gi
miroslavmasarykaa5f0fa2023-03-20 10:21:36 +0100[diff] [blame]167
efiacor57901a92022-11-14 16:17:15 +0000[diff] [blame]168######################
169# Component overrides
170######################
171strimzi-kafka-bridge:
172 enabled: true
173 config:
174 saslMechanism: *saslMech
175 kafkaInternalPort: *plainPort
Andreas Geisslerbc950b52023-05-30 16:40:49 +0200[diff] [blame]176 strimziKafkaAdminUser: *adminUser
Andreas Geissler4b5e5842024-08-19 16:30:45 +0200[diff] [blame]177
178kafka:
179 template:
180 pod:
181 securityContext:
182 runAsUser: 1001
183 runAsGroup: 1001
184 fsGroup: 1001
185 seccompProfile:
186 type: RuntimeDefault
187 kafkaContainer:
188 securityContext:
189 allowPrivilegeEscalation: false
190 readOnlyRootFilesystem: true
191 #runAsGroup: 1001
192 runAsNonRoot: true
193 runAsUser: 1001
194 capabilities:
195 drop:
196 - ALL
197 - CAP_NET_RAW
198 resources:
199 limits:
200 cpu: '2'
201 memory: 2Gi
202 requests:
203 cpu: 100m
204 memory: 1Gi
205
206zookeeper:
207 template:
208 pod:
209 securityContext:
210 runAsUser: 1001
211 runAsGroup: 1001
212 fsGroup: 1001
213 seccompProfile:
214 type: RuntimeDefault
215 zookeeperContainer:
216 securityContext:
217 allowPrivilegeEscalation: false
218 readOnlyRootFilesystem: true
219 #runAsGroup: 1001
220 runAsNonRoot: true
221 runAsUser: 1001
222 capabilities:
223 drop:
224 - ALL
225 - CAP_NET_RAW
226 resources:
227 limits:
228 cpu: '2'
229 memory: 2Gi
230 requests:
231 cpu: 100m
232 memory: 1Gi
233
234entityOperator:
235 template:
236 pod:
237 securityContext:
238 seccompProfile:
239 type: RuntimeDefault
240 topicOperatorContainer:
241 securityContext:
242 allowPrivilegeEscalation: false
243 readOnlyRootFilesystem: true
244 runAsGroup: 1001
245 runAsNonRoot: true
246 runAsUser: 1001
247 capabilities:
248 drop:
249 - ALL
250 - CAP_NET_RAW
251 userOperatorContainer:
252 securityContext:
253 allowPrivilegeEscalation: false
254 readOnlyRootFilesystem: true
255 runAsGroup: 1001
256 runAsNonRoot: true
257 runAsUser: 1001
258 capabilities:
259 drop:
260 - ALL
261 - CAP_NET_RAW
262 topicOperator:
263 resources:
264 limits:
265 cpu: '2'
266 memory: 2Gi
267 requests:
268 cpu: 100m
269 memory: 1Gi
270 userOperator:
271 resources:
272 limits:
273 cpu: '2'
274 memory: 2Gi
275 requests:
276 cpu: 100m
277 memory: 1Gi
278
279kafkaExporter:
280 template:
281 pod:
282 securityContext:
283 seccompProfile:
284 type: RuntimeDefault
285 container:
286 securityContext:
287 allowPrivilegeEscalation: false
288 readOnlyRootFilesystem: true
289 runAsGroup: 1001
290 runAsNonRoot: true
291 runAsUser: 1001
292 capabilities:
293 drop:
294 - ALL
295 - CAP_NET_RAW