diff options
-rw-r--r-- | events-kube/events-kube-kafka.yml | 51 | ||||
-rw-r--r-- | events-kube/rbac/cluster-events-watcher.yml | 30 | ||||
-rw-r--r-- | events-kube/test/events-topic.yml | 89 |
3 files changed, 170 insertions, 0 deletions
diff --git a/events-kube/events-kube-kafka.yml b/events-kube/events-kube-kafka.yml new file mode 100644 index 0000000..31703b4 --- /dev/null +++ b/events-kube/events-kube-kafka.yml @@ -0,0 +1,51 @@ +apiVersion: apps/v1beta2 +kind: Deployment +metadata: + name: events-kube-kafka + namespace: kafka +spec: + replicas: 1 + strategy: + type: RollingUpdate + rollingUpdate: + # prefer duplicate events over missed + maxUnavailable: 0 + maxSurge: 1 + selector: + matchLabels: + app: events + from: kube + to: kafka + template: + metadata: + labels: + app: events + from: kube + to: kafka + spec: + containers: + - name: kafkacat-curl + image: solsson/kafkacat-curl@sha256:b5484379301937129e67550331782a0f7ac030a4b913a254d084faea4bcf44a2 + env: + - name: BOOTSTRAP + value: bootstrap.kafka:9092 + - name: TOPIC + value: ops.kube-events-all.stream.json.001 + command: + - /bin/bash + - -ec + - > + curl + -f + -s + --cacert /run/secrets/kubernetes.io/serviceaccount/ca.crt + --header "Authorization: Bearer $(cat /run/secrets/kubernetes.io/serviceaccount/token)" + https://$KUBERNETES_SERVICE_HOST:$KUBERNETES_SERVICE_PORT/api/v1/watch/events + | + kafkacat + -b $BOOTSTRAP + -t $TOPIC + -P + -z snappy + -v + -d broker,topic diff --git a/events-kube/rbac/cluster-events-watcher.yml b/events-kube/rbac/cluster-events-watcher.yml new file mode 100644 index 0000000..c8384b6 --- /dev/null +++ b/events-kube/rbac/cluster-events-watcher.yml @@ -0,0 +1,30 @@ +# If events-kube-kafka-* goes crashlooping you probably need this +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1beta1 +metadata: + name: events-watcher + labels: + origin: github.com_Yolean_kubernetes-kafka +rules: +- apiGroups: + - "" + resources: + - events + verbs: + - watch +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1beta1 +metadata: + name: kafka-events-watcher + labels: + origin: github.com_Yolean_kubernetes-kafka +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: events-watcher +subjects: +- kind: ServiceAccount + name: default + namespace: kafka diff --git a/events-kube/test/events-topic.yml b/events-kube/test/events-topic.yml new file mode 100644 index 0000000..0c48c36 --- /dev/null +++ b/events-kube/test/events-topic.yml @@ -0,0 +1,89 @@ +--- +kind: ConfigMap +metadata: + name: events-topic + namespace: test-kafka +apiVersion: v1 +data: + + setup.sh: |- + touch /tmp/testlog + + tail -f /tmp/testlog + + test.sh: |- + exec >> /tmp/testlog + exec 2>&1 + + PREVIOUS=$(sha1sum /tmp/event 2>/dev/null || echo "") + kafkacat -b $BOOTSTRAP -t $TOPIC -C -o -1 -c 1 | tee /tmp/event + CURRENT=$(sha1sum /tmp/event) + [ "$PREVIOUS" == "$CURRENT" ] && echo "{\"test-result\": \"No new event in $TOPIC\"}" && exit 1 + + exit 0 + + quit-on-nonzero-exit.sh: |- + exec >> /tmp/testlog + exec 2>&1 + + exit 0 + +--- +apiVersion: apps/v1beta2 +kind: Deployment +metadata: + name: events-topic + namespace: test-kafka +spec: + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + test-target: events-topic + test-type: readiness + template: + metadata: + labels: + test-target: events-topic + test-type: readiness + # for example: + # readonly - can be used in production + # isolated - read/write but in a manner that does not affect other services + # load - unsuitable for production because it uses significant resources + # chaos - unsuitable for production because it injects failure modes + #test-use: + spec: + containers: + - name: testcase + image: solsson/kafkacat@sha256:2c539e4f58960ab7872976ebc664dd92de18cf27e7cbbeb296d654a2351f6ca4 + env: + - name: BOOTSTRAP + value: bootstrap.kafka:9092 + - name: TOPIC + value: ops.kube-events-all.stream.json.001 + command: + - /bin/bash + - -e + - /test/setup.sh + readinessProbe: + exec: + command: + - /bin/bash + - -e + - /test/test.sh + initialDelaySeconds: 10 + periodSeconds: 60 + livenessProbe: + exec: + command: + - /bin/bash + - -e + - /test/quit-on-nonzero-exit.sh + volumeMounts: + - name: config + mountPath: /test + volumes: + - name: config + configMap: + name: events-topic |