-
Notifications
You must be signed in to change notification settings - Fork 183
/
Copy pathconfluent-platform-separate-listener.yaml
216 lines (216 loc) · 5.44 KB
/
confluent-platform-separate-listener.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
apiVersion: platform.confluent.io/v1beta1
kind: Zookeeper
metadata:
name: zookeeper
namespace: confluent
spec:
replicas: 3
image:
application: confluentinc/cp-zookeeper:7.9.0
init: confluentinc/confluent-init-container:2.11.0
dataVolumeCapacity: 10Gi
logVolumeCapacity: 10Gi
tls:
# For this component, Confluent for Kubernetes will autogenerate and
# configure server certs, using a certificate authority specified in
# the secret `ca-pair-sslcerts`.
# This same configuration is specified for all other components.
autoGeneratedCerts: true
---
apiVersion: platform.confluent.io/v1beta1
kind: Kafka
metadata:
name: kafka
namespace: confluent
spec:
replicas: 3
image:
application: confluentinc/cp-server:7.9.0
init: confluentinc/confluent-init-container:2.11.0
dataVolumeCapacity: 10Gi
tls:
autoGeneratedCerts: true
listeners:
internal:
# The `internal` listener will be TLS enabled.
tls:
enabled: true
# Since no secretRef is specified, the Kafka auto-generated tls
# configuration specified above will be used for this listener.
metricReporter:
enabled: true
bootstrapEndpoint: kafka:9071
tls:
enabled: true
services:
kafkaRest:
tls:
enabled: true
listeners:
internal:
# Since no secretRef is specified, the kafkaRest internal listener
# tls will piggyback kafkaRest.tls which also has no secretRef specified,
# so the Kafka auto-generated tls configuration will be used for this listener.
tls:
enabled: true
external:
tls:
enabled: true
secretRef: tls-kafka-rest
externalAccess:
type: loadBalancer
loadBalancer:
domain: my.domain
dependencies:
zookeeper:
endpoint: zookeeper.confluent.svc.cluster.local:2182
tls:
enabled: true
---
apiVersion: platform.confluent.io/v1beta1
kind: Connect
metadata:
name: connect
namespace: confluent
spec:
replicas: 2
image:
application: confluentinc/cp-server-connect:7.9.0
init: confluentinc/confluent-init-container:2.11.0
tls:
autoGeneratedCerts: true
dependencies:
kafka:
bootstrapEndpoint: kafka:9071
tls:
enabled: true
---
apiVersion: platform.confluent.io/v1beta1
kind: KsqlDB
metadata:
name: ksqldb
namespace: confluent
spec:
replicas: 2
image:
application: confluentinc/cp-ksqldb-server:7.9.0
init: confluentinc/confluent-init-container:2.11.0
dataVolumeCapacity: 10Gi
tls:
autoGeneratedCerts: true
listeners:
internal:
# Since no secretRef is specified for the ksqldb internal listener,
# the auto-generated tls configuration will be used for this listener.
tls:
enabled: true
external:
tls:
enabled: true
secretRef: tls-ksqldb
externalAccess:
type: loadBalancer
loadBalancer:
domain: my.domain
dependencies:
kafka:
bootstrapEndpoint: kafka:9071
tls:
enabled: true
---
apiVersion: platform.confluent.io/v1beta1
kind: SchemaRegistry
metadata:
name: schemaregistry
namespace: confluent
spec:
replicas: 1
image:
application: confluentinc/cp-schema-registry:7.9.0
init: confluentinc/confluent-init-container:2.11.0
tls:
autoGeneratedCerts: true
listeners:
internal:
# Since no secretRef is specified for the schemaregistry internal listener,
# the auto-generated tls configuration will be used for this listener.
tls:
enabled: true
external:
tls:
enabled: true
secretRef: tls-sr
externalAccess:
type: loadBalancer
loadBalancer:
domain: my.domain
dependencies:
kafka:
bootstrapEndpoint: kafka:9071
tls:
enabled: true
---
apiVersion: platform.confluent.io/v1beta1
kind: ControlCenter
metadata:
name: controlcenter
namespace: confluent
spec:
replicas: 1
image:
application: confluentinc/cp-enterprise-control-center:7.9.0
init: confluentinc/confluent-init-container:2.11.0
dataVolumeCapacity: 10Gi
tls:
autoGeneratedCerts: true
dependencies:
kafka:
bootstrapEndpoint: kafka.confluent.svc.cluster.local:9071
tls:
enabled: true
schemaRegistry:
# talk to schemaRegistry via its internal listener port
url: https://schemaregistry.confluent.svc.cluster.local:9081
tls:
enabled: true
ksqldb:
- name: ksql
# talk to ksqldb via its internal listener port
url: https://ksqldb.confluent.svc.cluster.local:9088
tls:
enabled: true
connect:
- name: connect-dev
url: https://connect.confluent.svc.cluster.local:8083
tls:
enabled: true
---
apiVersion: platform.confluent.io/v1beta1
kind: KafkaRestProxy
metadata:
name: kafkarestproxy
namespace: confluent
spec:
replicas: 1
image:
application: confluentinc/cp-kafka-rest:7.9.0
init: confluentinc/confluent-init-container:2.11.0
tls:
autoGeneratedCerts: true
dependencies:
schemaRegistry:
url: https://schemaregistry.confluent.svc.cluster.local:9081
tls:
enabled: true
---
apiVersion: platform.confluent.io/v1beta1
kind: KafkaRestClass
metadata:
name: default
namespace: confluent
spec:
kafkaRest:
# talk to kafkaRest via its internal listener port
endpoint: http://kafka.confluent.svc.cluster.local:9090
tls:
enabled: true