Merge pull request #92 from Yolean/1.8-kube-events

Stream kube events to topic, as opt-in folder instead of addon

3 files changed, 170 insertions, 0 deletions

diff --git a/events-kube/events-kube-kafka.yml b/events-kube/events-kube-kafka.yml
new file mode 100644
index 0000000..31703b4
--- /dev/null
+++ b/events-kube/events-kube-kafka.yml
@@ -0,0 +1,51 @@
+apiVersion: apps/v1beta2
+kind: Deployment
+metadata:
+  name: events-kube-kafka
+  namespace: kafka
+spec:
+  replicas: 1
+  strategy:
+    type: RollingUpdate
+    rollingUpdate:
+      # prefer duplicate events over missed
+      maxUnavailable: 0
+      maxSurge: 1
+  selector:
+    matchLabels:
+      app: events
+      from: kube
+      to: kafka
+  template:
+    metadata:
+      labels:
+        app: events
+        from: kube
+        to: kafka
+    spec:
+      containers:
+      - name: kafkacat-curl
+        image: solsson/kafkacat-curl@sha256:b5484379301937129e67550331782a0f7ac030a4b913a254d084faea4bcf44a2
+        env:
+        - name: BOOTSTRAP
+          value: bootstrap.kafka:9092
+        - name: TOPIC
+          value: ops.kube-events-all.stream.json.001
+        command:
+        - /bin/bash
+        - -ec
+        - >
+          curl
+          -f
+          -s
+          --cacert /run/secrets/kubernetes.io/serviceaccount/ca.crt
+          --header "Authorization: Bearer $(cat /run/secrets/kubernetes.io/serviceaccount/token)"
+          https://$KUBERNETES_SERVICE_HOST:$KUBERNETES_SERVICE_PORT/api/v1/watch/events
+          |
+          kafkacat
+          -b $BOOTSTRAP
+          -t $TOPIC
+          -P
+          -z snappy
+          -v
+          -d broker,topic
diff --git a/events-kube/rbac/cluster-events-watcher.yml b/events-kube/rbac/cluster-events-watcher.yml
new file mode 100644
index 0000000..c8384b6
--- /dev/null
+++ b/events-kube/rbac/cluster-events-watcher.yml
@@ -0,0 +1,30 @@
+# If events-kube-kafka-* goes crashlooping you probably need this
+---
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1beta1
+metadata:
+  name: events-watcher
+  labels:
+    origin: github.com_Yolean_kubernetes-kafka
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - events
+  verbs:
+  - watch
+---
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1beta1
+metadata:
+  name: kafka-events-watcher
+  labels:
+    origin: github.com_Yolean_kubernetes-kafka
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: events-watcher
+subjects:
+- kind: ServiceAccount
+  name: default
+  namespace: kafka
diff --git a/events-kube/test/events-topic.yml b/events-kube/test/events-topic.yml
new file mode 100644
index 0000000..0c48c36
--- /dev/null
+++ b/events-kube/test/events-topic.yml
@@ -0,0 +1,89 @@
+---
+kind: ConfigMap
+metadata:
+  name: events-topic
+  namespace: test-kafka
+apiVersion: v1
+data:
+
+  setup.sh: |-
+    touch /tmp/testlog
+
+    tail -f /tmp/testlog
+
+  test.sh: |-
+    exec >> /tmp/testlog
+    exec 2>&1
+
+    PREVIOUS=$(sha1sum /tmp/event 2>/dev/null || echo "")
+    kafkacat -b $BOOTSTRAP -t $TOPIC -C -o -1 -c 1 | tee /tmp/event
+    CURRENT=$(sha1sum /tmp/event)
+    [ "$PREVIOUS" == "$CURRENT" ] && echo "{\"test-result\": \"No new event in $TOPIC\"}" && exit 1
+
+    exit 0
+
+  quit-on-nonzero-exit.sh: |-
+    exec >> /tmp/testlog
+    exec 2>&1
+
+    exit 0
+
+---
+apiVersion: apps/v1beta2
+kind: Deployment
+metadata:
+  name: events-topic
+  namespace: test-kafka
+spec:
+  replicas: 1
+  strategy:
+    type: Recreate
+  selector:
+    matchLabels:
+      test-target: events-topic
+      test-type: readiness
+  template:
+    metadata:
+      labels:
+        test-target: events-topic
+        test-type: readiness
+        # for example:
+        # readonly - can be used in production
+        # isolated - read/write but in a manner that does not affect other services
+        # load - unsuitable for production because it uses significant resources
+        # chaos - unsuitable for production because it injects failure modes
+        #test-use:
+    spec:
+      containers:
+      - name: testcase
+        image: solsson/kafkacat@sha256:2c539e4f58960ab7872976ebc664dd92de18cf27e7cbbeb296d654a2351f6ca4
+        env:
+        - name: BOOTSTRAP
+          value: bootstrap.kafka:9092
+        - name: TOPIC
+          value: ops.kube-events-all.stream.json.001
+        command:
+        - /bin/bash
+        - -e
+        - /test/setup.sh
+        readinessProbe:
+          exec:
+            command:
+            - /bin/bash
+            - -e
+            - /test/test.sh
+          initialDelaySeconds: 10
+          periodSeconds: 60
+        livenessProbe:
+          exec:
+            command:
+            - /bin/bash
+            - -e
+            - /test/quit-on-nonzero-exit.sh
+        volumeMounts:
+        - name: config
+          mountPath: /test
+      volumes:
+      - name: config
+        configMap:
+          name: events-topic