---
apiVersion: v1
kind: Service
metadata:
labels:
app: zookeeper-sasl
name: zookeeper-sasl
namespace: exadb-dev
spec:
type: NodePort
ports:
- name: zookeeper-sasl
port: 2181
protocol: TCP
targetPort: 2181
nodePort: 31181
selector:
app: zookeeper-sasl
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: zookeeper-sasl
namespace: exadb-dev
spec:
selector:
matchLabels:
app: zookeeper-sasl
serviceName: "zookeeper-sasl"
replicas: 1
template:
metadata:
labels:
app: zookeeper-sasl
spec:
nodeSelector:
kafka-sasl: dev
tolerations:
- effect: NoSchedule
operator: Exists
containers:
- name: zookeeper-sasl
image: docker.io/bitnami/zookeeper:3.9
imagePullPolicy: IfNotPresent
securityContext:
runAsUser: 0
env:
# - name: ZOO_ENABLE_AUTH
# value: "yes"
- name: ALLOW_ANONYMOUS_LOGIN
value: "yes"
# - name: ZOO_SERVER_USERS
# value: "user"
# - name: ZOO_SERVER_PASSWORDS
# value: "pass123"
# - name: ZOO_CLIENT_USER
# value: "user"
# - name: ZOO_CLIENT_PASSWORD
# value: "pass123"
ports:
- name: client
containerPort: 2181
resources:
limits:
cpu: 512m
memory: 4Gi
requests:
cpu: 100m
memory: 256Mi
volumeMounts:
- name: zookeeper-sasl-data
mountPath: /bitnami/zookeeper
volumes:
- name: zookeeper-sasl-data
persistentVolumeClaim:
claimName: zookeeper-sasl-pvc
readOnly: falseapiVersion: v1
kind: PersistentVolume
metadata:
name: zookeeper-sasl-dev-pv
labels:
app: zookeeper-sasl
spec:
capacity:
storage: 50Gi
volumeMode: Filesystem
accessModes:
- ReadWriteMany
persistentVolumeReclaimPolicy: Retain
storageClassName: local-storage
hostPath:
path: /data/zookeeper-sasl-dev
nodeAffinity:
required:
nodeSelectorTerms:
- matchExpressions:
- key: kafka-sasl
operator: In
values:
- dev
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: zookeeper-sasl-pvc
namespace: exadb-dev
labels:
app: zookeeper-sasl
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 50Gi
storageClassName: local-storage
selector:
matchLabels:
app: zookeeper-saslapiVersion: v1
kind: PersistentVolume
metadata:
name: kafka-sasl-dev-pv
labels:
app: kafka-sasl
spec:
capacity:
storage: 50Gi
volumeMode: Filesystem
accessModes:
- ReadWriteMany
persistentVolumeReclaimPolicy: Retain
storageClassName: local-storage
hostPath:
path: /data/kafka-sasl-dev
nodeAffinity:
required:
nodeSelectorTerms:
- matchExpressions:
- key: kafka-sasl
operator: In
values:
- dev
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: kafka-sasl-pvc
namespace: exadb-dev
labels:
app: kafka-sasl
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 50Gi
storageClassName: local-storage
selector:
matchLabels:
app: kafka-sasl---
kind: Service
apiVersion: v1
metadata:
name: kafka-ui
namespace: exadb-dev
spec:
type: NodePort
ports:
- protocol: TCP
port: 8080
targetPort: 8080
nodePort: 31080
selector:
app: kafka-ui
---
kind: Deployment
apiVersion: apps/v1
metadata:
name: kafka-ui
namespace: exadb-dev
labels:
name: kafka-ui
spec:
replicas: 1
selector:
matchLabels:
name: kafka-ui
template:
metadata:
labels:
app: kafka-ui
name: kafka-ui
spec:
imagePullSecrets:
- name: aliyun
containers:
- name: kafka-ui
image: provectuslabs/kafka-ui:v0.7.1
ports:
- containerPort: 8080
protocol: TCP
env:
- name: KAFKA_CLUSTERS_0_NAME
value: "kafka-sasl"
- name: KAFKA_CLUSTERS_0_BOOTSTRAPSERVERS
value: "kafka-sasl:9092"
imagePullPolicy: IfNotPresent
restartPolicy: Always---
apiVersion: v1
kind: Service
metadata:
labels:
app: kafka-sasl
name: kafka-sasl
namespace: exadb-dev
spec:
type: NodePort
ports:
- name: kafka-sasl
port: 9092
protocol: TCP
targetPort: 9092
nodePort: 32702
- name: kafka-ctl-sasl
port: 9093
protocol: TCP
targetPort: 9093
nodePort: 32703
- name: kafka-ext-sasl
port: 9094
protocol: TCP
targetPort: 9094
nodePort: 32704
selector:
app: kafka-sasl
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: kafka-sasl
namespace: exadb-dev
spec:
selector:
matchLabels:
app: kafka-sasl
serviceName: "kafka-sasl"
replicas: 1
template:
metadata:
labels:
app: kafka-sasl
spec:
nodeSelector:
kafka-sasl: dev
tolerations:
- effect: NoSchedule
operator: Exists
securityContext:
fsGroup: 0
containers:
- name: kafka-sasl
image: docker.io/bitnami/kafka:3.6.0
imagePullPolicy: IfNotPresent
securityContext:
runAsUser: 0
ports:
- containerPort: 9092
name: kafka-sasl
- containerPort: 9093
name: kafka-ctl-sasl
- containerPort: 9094
name: kafka-ext-sasl
resources:
limits:
cpu: 1
memory: 4Gi
requests:
cpu: 200m
memory: 1Gi
env:
- name: KAFKA_CFG_ADVERTISED_LISTENERS
value: INSIDE://kafka-sasl:9092,EXTERNAL://172.16.0.65:32704
- name: KAFKA_CFG_SASL_ENABLED_MECHANISMS
value: SCRAM-SHA-256
- name: KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP
value: EXTERNAL:SASL_PLAINTEXT,INSIDE:PLAINTEXT,CONTROLLER:PLAINTEXT
- name: KAFKA_CFG_SASL_MECHANISM_INTER_BROKER_PROTOCOL
value: SASL_PLAINTEXT
- name: KAFKA_LISTENERS
value: INSIDE://0.0.0.0:9092,EXTERNAL://0.0.0.0:9094,CONTROLLER://0.0.0.0:9093
- name: KAFKA_INTER_BROKER_LISTENER_NAME
value: INSIDE
- name: KAFKA_ZOOKEEPER_CONNECT
value: zookeeper-sasl:2181
- name: KAFKA_CFG_AUTHORIZER_CLASS_NAME
value: "kafka.security.authorizer.AclAuthorizer"
# - name: KAFKA_BROKER_ID
# value: "1"
# - name: KAFKA_ENABLE_KRAFT
# value: "no"
# - name: KAFKA_CFG_ZOOKEEPER_CONNECT
# value: "zookeeper-sasl:2181"
# - name: KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP
# value: "PLAINTEXT:PLAINTEXT,CONTROLLER:SASL"
# - name: KAFKA_CFG_SASL_ENABLED_MECHANISMS
# value: "SCRAM-SHA-256"
# - name: KAFKA_CFG_SASL_MECHANISM_INTER_BROKER_PROTOCOL
# value: "SASL_PLAINTEXT"
volumeMounts:
- name: kafka-sasl-data
mountPath: /bitnami/kafka
# - name: kafka-sasl-config
# mountPath: /opt/bitnami/kafka/conf/server.properties
# subPath: server.properties
# # - name: kafka-sasl-config
# # mountPath: /opt/bitnami/kafka/conf/kafka_jaas.conf
# # subPath: kafka_jaas.conf
volumes:
- name: kafka-sasl-data
persistentVolumeClaim:
claimName: kafka-sasl-pvc
readOnly: false
# - name: kafka-sasl-config
# configMap:
# name: kafka-sasl-config参考:https://cloud.tencent.com/developer/article/2097755?areaSourc...
**粗体** _斜体_ [链接](http://example.com) `代码` - 列表 > 引用。你还可以使用@来通知其他用户。