feat: kubezero-mq NATS version bump
This commit is contained in:
parent
8e0e6a7eab
commit
99e5c91fc1
@ -2,7 +2,7 @@ apiVersion: v2
|
|||||||
name: kubezero-mq
|
name: kubezero-mq
|
||||||
description: KubeZero umbrella chart for MQ systems like NATS, RabbitMQ
|
description: KubeZero umbrella chart for MQ systems like NATS, RabbitMQ
|
||||||
type: application
|
type: application
|
||||||
version: 0.2.0
|
version: 0.2.1
|
||||||
home: https://kubezero.com
|
home: https://kubezero.com
|
||||||
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
|
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
|
||||||
keywords:
|
keywords:
|
||||||
@ -16,7 +16,7 @@ dependencies:
|
|||||||
version: ">= 0.1.3"
|
version: ">= 0.1.3"
|
||||||
repository: https://zero-down-time.github.io/kubezero/
|
repository: https://zero-down-time.github.io/kubezero/
|
||||||
- name: nats
|
- name: nats
|
||||||
version: 0.8.3
|
version: 0.8.4
|
||||||
#repository: https://nats-io.github.io/k8s/helm/charts/
|
#repository: https://nats-io.github.io/k8s/helm/charts/
|
||||||
condition: nats.enabled
|
condition: nats.enabled
|
||||||
- name: rabbitmq
|
- name: rabbitmq
|
||||||
|
22
charts/kubezero-mq/charts/nats/.helmignore
Normal file
22
charts/kubezero-mq/charts/nats/.helmignore
Normal file
@ -0,0 +1,22 @@
|
|||||||
|
# Patterns to ignore when building packages.
|
||||||
|
# This supports shell glob matching, relative path matching, and
|
||||||
|
# negation (prefixed with !). Only one pattern per line.
|
||||||
|
.DS_Store
|
||||||
|
# Common VCS dirs
|
||||||
|
.git/
|
||||||
|
.gitignore
|
||||||
|
.bzr/
|
||||||
|
.bzrignore
|
||||||
|
.hg/
|
||||||
|
.hgignore
|
||||||
|
.svn/
|
||||||
|
# Common backup files
|
||||||
|
*.swp
|
||||||
|
*.bak
|
||||||
|
*.tmp
|
||||||
|
*~
|
||||||
|
# Various IDEs
|
||||||
|
.project
|
||||||
|
.idea/
|
||||||
|
*.tmproj
|
||||||
|
.vscode/
|
@ -1,21 +1,19 @@
|
|||||||
apiVersion: v2
|
apiVersion: v2
|
||||||
appVersion: "2.1.9"
|
appVersion: 2.3.2
|
||||||
description: A Helm chart for the NATS.io High Speed Cloud Native Distributed Communications Technology.
|
description: A Helm chart for the NATS.io High Speed Cloud Native Distributed Communications
|
||||||
name: nats
|
Technology.
|
||||||
keywords:
|
|
||||||
- nats
|
|
||||||
- messaging
|
|
||||||
- cncf
|
|
||||||
version: 0.8.3
|
|
||||||
home: http://github.com/nats-io/k8s
|
home: http://github.com/nats-io/k8s
|
||||||
maintainers:
|
|
||||||
- name: Waldemar Quevedo
|
|
||||||
github: https://github.com/wallyqs
|
|
||||||
email: wally@nats.io
|
|
||||||
- name: Colin Sullivan
|
|
||||||
github: https://github.com/ColinSullivan1
|
|
||||||
email: colin@nats.io
|
|
||||||
- name: Jaime Piña
|
|
||||||
github: https://github.com/variadico
|
|
||||||
email: jaime@nats.io
|
|
||||||
icon: https://nats.io/img/nats-icon-color.png
|
icon: https://nats.io/img/nats-icon-color.png
|
||||||
|
keywords:
|
||||||
|
- nats
|
||||||
|
- messaging
|
||||||
|
- cncf
|
||||||
|
maintainers:
|
||||||
|
- email: wally@nats.io
|
||||||
|
name: Waldemar Quevedo
|
||||||
|
- email: colin@nats.io
|
||||||
|
name: Colin Sullivan
|
||||||
|
- email: jaime@nats.io
|
||||||
|
name: Jaime Piña
|
||||||
|
name: nats
|
||||||
|
version: 0.8.4
|
||||||
|
@ -109,6 +109,16 @@ leafnodes:
|
|||||||
enabled: true
|
enabled: true
|
||||||
remotes:
|
remotes:
|
||||||
- url: "tls://connect.ngs.global:7422"
|
- url: "tls://connect.ngs.global:7422"
|
||||||
|
# credentials:
|
||||||
|
# secret:
|
||||||
|
# name: leafnode-creds
|
||||||
|
# key: TA.creds
|
||||||
|
# tls:
|
||||||
|
# secret:
|
||||||
|
# name: nats-leafnode-tls
|
||||||
|
# ca: "ca.crt"
|
||||||
|
# cert: "tls.crt"
|
||||||
|
# key: "tls.key"
|
||||||
|
|
||||||
#######################
|
#######################
|
||||||
# #
|
# #
|
||||||
@ -194,7 +204,7 @@ The container image of the initializer can be customized via:
|
|||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
bootconfig:
|
bootconfig:
|
||||||
image: connecteverything/nats-boot-config:0.5.2
|
image: natsio/nats-boot-config:latest
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
```
|
```
|
||||||
|
|
||||||
@ -230,7 +240,7 @@ metadata:
|
|||||||
spec:
|
spec:
|
||||||
type: LoadBalancer
|
type: LoadBalancer
|
||||||
selector:
|
selector:
|
||||||
app: nats
|
app.kubernetes.io/name: nats
|
||||||
ports:
|
ports:
|
||||||
- protocol: TCP
|
- protocol: TCP
|
||||||
port: 4222
|
port: 4222
|
||||||
@ -349,7 +359,7 @@ auth:
|
|||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
nats:
|
nats:
|
||||||
image: synadia/nats-server:nightly
|
image: nats:alpine
|
||||||
|
|
||||||
jetstream:
|
jetstream:
|
||||||
enabled: true
|
enabled: true
|
||||||
@ -389,7 +399,7 @@ You can start JetStream so that one pod is bounded to it:
|
|||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
nats:
|
nats:
|
||||||
image: synadia/nats-server:nightly
|
image: nats:alpine
|
||||||
|
|
||||||
jetstream:
|
jetstream:
|
||||||
enabled: true
|
enabled: true
|
||||||
@ -406,7 +416,7 @@ nats:
|
|||||||
```yaml
|
```yaml
|
||||||
|
|
||||||
nats:
|
nats:
|
||||||
image: synadia/nats-server:nightly
|
image: nats:alpine
|
||||||
|
|
||||||
jetstream:
|
jetstream:
|
||||||
enabled: true
|
enabled: true
|
||||||
@ -438,7 +448,7 @@ You can find the image at: https://github.com/nats-io/nats-box
|
|||||||
```yaml
|
```yaml
|
||||||
natsbox:
|
natsbox:
|
||||||
enabled: true
|
enabled: true
|
||||||
image: synadia/nats-box:latest
|
image: nats:alpine
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
|
|
||||||
# credentials:
|
# credentials:
|
||||||
@ -454,7 +464,7 @@ The NATS config reloader image to use:
|
|||||||
```yaml
|
```yaml
|
||||||
reloader:
|
reloader:
|
||||||
enabled: true
|
enabled: true
|
||||||
image: connecteverything/nats-server-config-reloader:0.6.0
|
image: natsio/nats-server-config-reloader:latest
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
```
|
```
|
||||||
|
|
||||||
@ -465,7 +475,7 @@ You can toggle whether to start the sidecar that can be used to feed metrics to
|
|||||||
```yaml
|
```yaml
|
||||||
exporter:
|
exporter:
|
||||||
enabled: true
|
enabled: true
|
||||||
image: synadia/prometheus-nats-exporter:0.5.0
|
image: natsio/prometheus-nats-exporter:latest
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
```
|
```
|
||||||
|
|
||||||
|
21
charts/kubezero-mq/charts/nats/accounts.conf
Normal file
21
charts/kubezero-mq/charts/nats/accounts.conf
Normal file
@ -0,0 +1,21 @@
|
|||||||
|
// Operator "KO"
|
||||||
|
operator: eyJ0eXAiOiJqd3QiLCJhbGciOiJlZDI1NTE5In0.eyJqdGkiOiI0U09OUjZLT05FMzNFRFhRWE5IR1JUSEg2TEhPM0dFU0xXWlJYNlNENTQ2MjQyTE80QlVRIiwiaWF0IjoxNTgzNzg1MTMyLCJpc3MiOiJPQ0RHNk9ZUFdYRlNLTEdTSFBBUkdTUllDS0xKSVFJMklORUtVVkFGMzJNVzU2VlRMTDRGV0o0SSIsIm5hbWUiOiJLTyIsInN1YiI6Ik9DREc2T1lQV1hGU0tMR1NIUEFSR1NSWUNLTEpJUUkySU5FS1VWQUYzMk1XNTZWVExMNEZXSjRJIiwidHlwZSI6Im9wZXJhdG9yIiwibmF0cyI6e319.0039eTgLj-uyYFoWB3rivGP0WyIZkb_vrrE6tnqcNgIDM59o92nw_Rvb-hrvsK30QWqwm_W8BpVZHDMEY-CiBQ
|
||||||
|
|
||||||
|
system_account: ACLZ6OSWC7BXFT4VNVBDMWUFNBIVGHTUONOXI6TCBP3QHOD34JIDSRYW
|
||||||
|
|
||||||
|
resolver: MEMORY
|
||||||
|
|
||||||
|
resolver_preload: {
|
||||||
|
// Account "A"
|
||||||
|
AA3NXTHTXOHCTPIBKEDHNAYAHJ4CO7ERCOJFYCXOXVEOPZTMW55WX32Z: eyJ0eXAiOiJqd3QiLCJhbGciOiJlZDI1NTE5In0.eyJqdGkiOiJSM0QyWUM1UVlJWk4zS0hYR1FFRTZNQTRCRVU3WkFWQk5LSElJNTNOM0tLRVRTTVZEVVRRIiwiaWF0IjoxNTgzNzg1MTMyLCJpc3MiOiJPQ0RHNk9ZUFdYRlNLTEdTSFBBUkdTUllDS0xKSVFJMklORUtVVkFGMzJNVzU2VlRMTDRGV0o0SSIsIm5hbWUiOiJBIiwic3ViIjoiQUEzTlhUSFRYT0hDVFBJQktFREhOQVlBSEo0Q083RVJDT0pGWUNYT1hWRU9QWlRNVzU1V1gzMloiLCJ0eXBlIjoiYWNjb3VudCIsIm5hdHMiOnsiZXhwb3J0cyI6W3sibmFtZSI6InRlc3QiLCJzdWJqZWN0IjoidGVzdCIsInR5cGUiOiJzZXJ2aWNlIiwicmVzcG9uc2VfdHlwZSI6IlNpbmdsZXRvbiIsInNlcnZpY2VfbGF0ZW5jeSI6eyJzYW1wbGluZyI6MTAwLCJyZXN1bHRzIjoibGF0ZW5jeS5vbi50ZXN0In19XSwibGltaXRzIjp7InN1YnMiOi0xLCJjb25uIjotMSwibGVhZiI6LTEsImltcG9ydHMiOi0xLCJleHBvcnRzIjotMSwiZGF0YSI6LTEsInBheWxvYWQiOi0xLCJ3aWxkY2FyZHMiOnRydWV9fX0.W7oEjpQA986Hai3t8UOiJwCcVDYm2sj7L545oYZhQtYbydh_ragPn8pc0f1pA1krMz_ZDuBwKHLZRgXuNSysDQ
|
||||||
|
|
||||||
|
// Account "STAN"
|
||||||
|
AAYNFTMTKWXZEPPSEZLECMHE3VBULMIUO2QGVY3P4VCI7NNQC3TVX2PB: eyJ0eXAiOiJqd3QiLCJhbGciOiJlZDI1NTE5In0.eyJqdGkiOiJRSUozV0I0MjdSVU5RSlZFM1dRVEs3TlNaVlpaNkRQT01KWkdHMlhTMzQ2WFNQTVZERElBIiwiaWF0IjoxNTgzNzg1MTMyLCJpc3MiOiJPQ0RHNk9ZUFdYRlNLTEdTSFBBUkdTUllDS0xKSVFJMklORUtVVkFGMzJNVzU2VlRMTDRGV0o0SSIsIm5hbWUiOiJTVEFOIiwic3ViIjoiQUFZTkZUTVRLV1haRVBQU0VaTEVDTUhFM1ZCVUxNSVVPMlFHVlkzUDRWQ0k3Tk5RQzNUVlgyUEIiLCJ0eXBlIjoiYWNjb3VudCIsIm5hdHMiOnsibGltaXRzIjp7InN1YnMiOi0xLCJjb25uIjotMSwibGVhZiI6LTEsImltcG9ydHMiOi0xLCJleHBvcnRzIjotMSwiZGF0YSI6LTEsInBheWxvYWQiOi0xLCJ3aWxkY2FyZHMiOnRydWV9fX0.SPyQdAFmoON577s-eZP4K3-9QXYhTn9Xqy3aDGeHvHYRE9IVD47Eu7d38ZiySPlxgkdM_WXZn241_59d07axBA
|
||||||
|
|
||||||
|
// Account "SYS"
|
||||||
|
ACLZ6OSWC7BXFT4VNVBDMWUFNBIVGHTUONOXI6TCBP3QHOD34JIDSRYW: eyJ0eXAiOiJqd3QiLCJhbGciOiJlZDI1NTE5In0.eyJqdGkiOiJGSk1TSEROVlVGUEM0U0pSRlcyV0NZT1hRWUFDM1hNNUJaWTRKQUZWUTc1V0lEUkdDN0lBIiwiaWF0IjoxNTgzNzg1MTMyLCJpc3MiOiJPQ0RHNk9ZUFdYRlNLTEdTSFBBUkdTUllDS0xKSVFJMklORUtVVkFGMzJNVzU2VlRMTDRGV0o0SSIsIm5hbWUiOiJTWVMiLCJzdWIiOiJBQ0xaNk9TV0M3QlhGVDRWTlZCRE1XVUZOQklWR0hUVU9OT1hJNlRDQlAzUUhPRDM0SklEU1JZVyIsInR5cGUiOiJhY2NvdW50IiwibmF0cyI6eyJsaW1pdHMiOnsic3VicyI6LTEsImNvbm4iOi0xLCJsZWFmIjotMSwiaW1wb3J0cyI6LTEsImV4cG9ydHMiOi0xLCJkYXRhIjotMSwicGF5bG9hZCI6LTEsIndpbGRjYXJkcyI6dHJ1ZX19fQ.owW08dIa97STqgT0ux-5sD00Ad0I3HstJKTmh1CGVpsQwelaZdrBuia-4XgCgN88zuLokPMfWI_pkxXU_iB0BA
|
||||||
|
|
||||||
|
// Account "B"
|
||||||
|
ADOR7Q5KMWC2XIWRRRC4MZUDCPYG3UMAIWDRX6M2MFDY5SR6HQAAMHJA: eyJ0eXAiOiJqd3QiLCJhbGciOiJlZDI1NTE5In0.eyJqdGkiOiJRQjdIRFg3VUZYN01KUjZPS1E2S1dRSlVUUEpWWENTNkJCWjQ3SDVVTFdVVFNRUU1NQzJRIiwiaWF0IjoxNTgzNzg1MTMyLCJpc3MiOiJPQ0RHNk9ZUFdYRlNLTEdTSFBBUkdTUllDS0xKSVFJMklORUtVVkFGMzJNVzU2VlRMTDRGV0o0SSIsIm5hbWUiOiJCIiwic3ViIjoiQURPUjdRNUtNV0MyWElXUlJSQzRNWlVEQ1BZRzNVTUFJV0RSWDZNMk1GRFk1U1I2SFFBQU1ISkEiLCJ0eXBlIjoiYWNjb3VudCIsIm5hdHMiOnsiaW1wb3J0cyI6W3sibmFtZSI6InRlc3QiLCJzdWJqZWN0IjoidGVzdCIsImFjY291bnQiOiJBQTNOWFRIVFhPSENUUElCS0VESE5BWUFISjRDTzdFUkNPSkZZQ1hPWFZFT1BaVE1XNTVXWDMyWiIsInRvIjoidGVzdCIsInR5cGUiOiJzZXJ2aWNlIn1dLCJsaW1pdHMiOnsic3VicyI6LTEsImNvbm4iOi0xLCJsZWFmIjotMSwiaW1wb3J0cyI6LTEsImV4cG9ydHMiOi0xLCJkYXRhIjotMSwicGF5bG9hZCI6LTEsIndpbGRjYXJkcyI6dHJ1ZX19fQ.r5p_sGt_hmDfWWIJGrLodAM8VfXPeUzsbRtzrMTBGGkcLdi4jqAHXRu09CmFISEzX2VKeGuOonGuAMOFotvICg
|
||||||
|
|
||||||
|
}
|
24
charts/kubezero-mq/charts/nats/deploy.yaml
Normal file
24
charts/kubezero-mq/charts/nats/deploy.yaml
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
# Setup memory preload config.
|
||||||
|
auth:
|
||||||
|
enabled: true
|
||||||
|
resolver:
|
||||||
|
type: memory
|
||||||
|
preload: |
|
||||||
|
// Operator "KO"
|
||||||
|
operator: eyJ0eXAiOiJqd3QiLCJhbGciOiJlZDI1NTE5In0.eyJqdGkiOiI0U09OUjZLT05FMzNFRFhRWE5IR1JUSEg2TEhPM0dFU0xXWlJYNlNENTQ2MjQyTE80QlVRIiwiaWF0IjoxNTgzNzg1MTMyLCJpc3MiOiJPQ0RHNk9ZUFdYRlNLTEdTSFBBUkdTUllDS0xKSVFJMklORUtVVkFGMzJNVzU2VlRMTDRGV0o0SSIsIm5hbWUiOiJLTyIsInN1YiI6Ik9DREc2T1lQV1hGU0tMR1NIUEFSR1NSWUNLTEpJUUkySU5FS1VWQUYzMk1XNTZWVExMNEZXSjRJIiwidHlwZSI6Im9wZXJhdG9yIiwibmF0cyI6e319.0039eTgLj-uyYFoWB3rivGP0WyIZkb_vrrE6tnqcNgIDM59o92nw_Rvb-hrvsK30QWqwm_W8BpVZHDMEY-CiBQ
|
||||||
|
|
||||||
|
system_account: ACLZ6OSWC7BXFT4VNVBDMWUFNBIVGHTUONOXI6TCBP3QHOD34JIDSRYW
|
||||||
|
|
||||||
|
resolver_preload: {
|
||||||
|
// Account "A"
|
||||||
|
AA3NXTHTXOHCTPIBKEDHNAYAHJ4CO7ERCOJFYCXOXVEOPZTMW55WX32Z: eyJ0eXAiOiJqd3QiLCJhbGciOiJlZDI1NTE5In0.eyJqdGkiOiJSM0QyWUM1UVlJWk4zS0hYR1FFRTZNQTRCRVU3WkFWQk5LSElJNTNOM0tLRVRTTVZEVVRRIiwiaWF0IjoxNTgzNzg1MTMyLCJpc3MiOiJPQ0RHNk9ZUFdYRlNLTEdTSFBBUkdTUllDS0xKSVFJMklORUtVVkFGMzJNVzU2VlRMTDRGV0o0SSIsIm5hbWUiOiJBIiwic3ViIjoiQUEzTlhUSFRYT0hDVFBJQktFREhOQVlBSEo0Q083RVJDT0pGWUNYT1hWRU9QWlRNVzU1V1gzMloiLCJ0eXBlIjoiYWNjb3VudCIsIm5hdHMiOnsiZXhwb3J0cyI6W3sibmFtZSI6InRlc3QiLCJzdWJqZWN0IjoidGVzdCIsInR5cGUiOiJzZXJ2aWNlIiwicmVzcG9uc2VfdHlwZSI6IlNpbmdsZXRvbiIsInNlcnZpY2VfbGF0ZW5jeSI6eyJzYW1wbGluZyI6MTAwLCJyZXN1bHRzIjoibGF0ZW5jeS5vbi50ZXN0In19XSwibGltaXRzIjp7InN1YnMiOi0xLCJjb25uIjotMSwibGVhZiI6LTEsImltcG9ydHMiOi0xLCJleHBvcnRzIjotMSwiZGF0YSI6LTEsInBheWxvYWQiOi0xLCJ3aWxkY2FyZHMiOnRydWV9fX0.W7oEjpQA986Hai3t8UOiJwCcVDYm2sj7L545oYZhQtYbydh_ragPn8pc0f1pA1krMz_ZDuBwKHLZRgXuNSysDQ
|
||||||
|
|
||||||
|
// Account "STAN"
|
||||||
|
AAYNFTMTKWXZEPPSEZLECMHE3VBULMIUO2QGVY3P4VCI7NNQC3TVX2PB: eyJ0eXAiOiJqd3QiLCJhbGciOiJlZDI1NTE5In0.eyJqdGkiOiJRSUozV0I0MjdSVU5RSlZFM1dRVEs3TlNaVlpaNkRQT01KWkdHMlhTMzQ2WFNQTVZERElBIiwiaWF0IjoxNTgzNzg1MTMyLCJpc3MiOiJPQ0RHNk9ZUFdYRlNLTEdTSFBBUkdTUllDS0xKSVFJMklORUtVVkFGMzJNVzU2VlRMTDRGV0o0SSIsIm5hbWUiOiJTVEFOIiwic3ViIjoiQUFZTkZUTVRLV1haRVBQU0VaTEVDTUhFM1ZCVUxNSVVPMlFHVlkzUDRWQ0k3Tk5RQzNUVlgyUEIiLCJ0eXBlIjoiYWNjb3VudCIsIm5hdHMiOnsibGltaXRzIjp7InN1YnMiOi0xLCJjb25uIjotMSwibGVhZiI6LTEsImltcG9ydHMiOi0xLCJleHBvcnRzIjotMSwiZGF0YSI6LTEsInBheWxvYWQiOi0xLCJ3aWxkY2FyZHMiOnRydWV9fX0.SPyQdAFmoON577s-eZP4K3-9QXYhTn9Xqy3aDGeHvHYRE9IVD47Eu7d38ZiySPlxgkdM_WXZn241_59d07axBA
|
||||||
|
|
||||||
|
// Account "SYS"
|
||||||
|
ACLZ6OSWC7BXFT4VNVBDMWUFNBIVGHTUONOXI6TCBP3QHOD34JIDSRYW: eyJ0eXAiOiJqd3QiLCJhbGciOiJlZDI1NTE5In0.eyJqdGkiOiJGSk1TSEROVlVGUEM0U0pSRlcyV0NZT1hRWUFDM1hNNUJaWTRKQUZWUTc1V0lEUkdDN0lBIiwiaWF0IjoxNTgzNzg1MTMyLCJpc3MiOiJPQ0RHNk9ZUFdYRlNLTEdTSFBBUkdTUllDS0xKSVFJMklORUtVVkFGMzJNVzU2VlRMTDRGV0o0SSIsIm5hbWUiOiJTWVMiLCJzdWIiOiJBQ0xaNk9TV0M3QlhGVDRWTlZCRE1XVUZOQklWR0hUVU9OT1hJNlRDQlAzUUhPRDM0SklEU1JZVyIsInR5cGUiOiJhY2NvdW50IiwibmF0cyI6eyJsaW1pdHMiOnsic3VicyI6LTEsImNvbm4iOi0xLCJsZWFmIjotMSwiaW1wb3J0cyI6LTEsImV4cG9ydHMiOi0xLCJkYXRhIjotMSwicGF5bG9hZCI6LTEsIndpbGRjYXJkcyI6dHJ1ZX19fQ.owW08dIa97STqgT0ux-5sD00Ad0I3HstJKTmh1CGVpsQwelaZdrBuia-4XgCgN88zuLokPMfWI_pkxXU_iB0BA
|
||||||
|
|
||||||
|
// Account "B"
|
||||||
|
ADOR7Q5KMWC2XIWRRRC4MZUDCPYG3UMAIWDRX6M2MFDY5SR6HQAAMHJA: eyJ0eXAiOiJqd3QiLCJhbGciOiJlZDI1NTE5In0.eyJqdGkiOiJRQjdIRFg3VUZYN01KUjZPS1E2S1dRSlVUUEpWWENTNkJCWjQ3SDVVTFdVVFNRUU1NQzJRIiwiaWF0IjoxNTgzNzg1MTMyLCJpc3MiOiJPQ0RHNk9ZUFdYRlNLTEdTSFBBUkdTUllDS0xKSVFJMklORUtVVkFGMzJNVzU2VlRMTDRGV0o0SSIsIm5hbWUiOiJCIiwic3ViIjoiQURPUjdRNUtNV0MyWElXUlJSQzRNWlVEQ1BZRzNVTUFJV0RSWDZNMk1GRFk1U1I2SFFBQU1ISkEiLCJ0eXBlIjoiYWNjb3VudCIsIm5hdHMiOnsiaW1wb3J0cyI6W3sibmFtZSI6InRlc3QiLCJzdWJqZWN0IjoidGVzdCIsImFjY291bnQiOiJBQTNOWFRIVFhPSENUUElCS0VESE5BWUFISjRDTzdFUkNPSkZZQ1hPWFZFT1BaVE1XNTVXWDMyWiIsInRvIjoidGVzdCIsInR5cGUiOiJzZXJ2aWNlIn1dLCJsaW1pdHMiOnsic3VicyI6LTEsImNvbm4iOi0xLCJsZWFmIjotMSwiaW1wb3J0cyI6LTEsImV4cG9ydHMiOi0xLCJkYXRhIjotMSwicGF5bG9hZCI6LTEsIndpbGRjYXJkcyI6dHJ1ZX19fQ.r5p_sGt_hmDfWWIJGrLodAM8VfXPeUzsbRtzrMTBGGkcLdi4jqAHXRu09CmFISEzX2VKeGuOonGuAMOFotvICg
|
||||||
|
}
|
9
charts/kubezero-mq/charts/nats/deploy2.yaml
Normal file
9
charts/kubezero-mq/charts/nats/deploy2.yaml
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
|
||||||
|
# Setup memory preload config.
|
||||||
|
auth:
|
||||||
|
enabled: true
|
||||||
|
resolver:
|
||||||
|
type: memory
|
||||||
|
configMap:
|
||||||
|
name: nats-accounts
|
||||||
|
key: resolver.conf
|
0
charts/kubezero-mq/charts/nats/foo.conf
Normal file
0
charts/kubezero-mq/charts/nats/foo.conf
Normal file
9
charts/kubezero-mq/charts/nats/foo.dhall
Normal file
9
charts/kubezero-mq/charts/nats/foo.dhall
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
|
||||||
|
let accounts = ./accounts.conf as Text
|
||||||
|
|
||||||
|
in
|
||||||
|
''
|
||||||
|
port: 4222
|
||||||
|
|
||||||
|
${accounts}
|
||||||
|
''
|
21
charts/kubezero-mq/charts/nats/resolver.conf
Normal file
21
charts/kubezero-mq/charts/nats/resolver.conf
Normal file
@ -0,0 +1,21 @@
|
|||||||
|
// Operator "KO"
|
||||||
|
operator: eyJ0eXAiOiJqd3QiLCJhbGciOiJlZDI1NTE5In0.eyJqdGkiOiJKS0E2U0pKUUVOTFpYVDJEWTRWNE00UDZXUFRVUlhIQzNMU1pJWEZWRlFGV0I3U0tKVk9BIiwiaWF0IjoxNTgzODIyNjYwLCJpc3MiOiJPQkZCSEMzVTVXVVRFTVpKTzNYN0hZWTJCNjNQWUpQT0RYS0FWWUdHU0VNQTczTEtGTVg0TEYyQSIsIm5hbWUiOiJLTyIsInN1YiI6Ik9CRkJIQzNVNVdVVEVNWkpPM1g3SFlZMkI2M1BZSlBPRFhLQVZZR0dTRU1BNzNMS0ZNWDRMRjJBIiwidHlwZSI6Im9wZXJhdG9yIiwibmF0cyI6e319.60YToJe3Dz9OZES80jYXVgg7uCB1c3BsX6HglA8tsKKRe-Br3pMpn9yUPUujjB61MGqnA7Zmbx8qWnoj8CkuCw
|
||||||
|
|
||||||
|
system_account: ABL65FFQWUDHHTGMGRFVVSQDBAWHGEJ2CDRCMGBFV6SB4MLKFSUPN7GP
|
||||||
|
|
||||||
|
resolver: MEMORY
|
||||||
|
|
||||||
|
resolver_preload: {
|
||||||
|
// Account "B"
|
||||||
|
AAIJAGRSL2KCEPTRBP6DJCTAMSNOUXRILLZXIY6CTZ4GR27ISCZOP6QH: eyJ0eXAiOiJqd3QiLCJhbGciOiJlZDI1NTE5In0.eyJqdGkiOiJEVTdWV1BXQUtBSVdNNkhNUElDNE43TVRGTFEyV01JUFhFVU5aNVEzRE1YSTRKVkpLQU1BIiwiaWF0IjoxNTgzODIyNjYwLCJpc3MiOiJPQkZCSEMzVTVXVVRFTVpKTzNYN0hZWTJCNjNQWUpQT0RYS0FWWUdHU0VNQTczTEtGTVg0TEYyQSIsIm5hbWUiOiJCIiwic3ViIjoiQUFJSkFHUlNMMktDRVBUUkJQNkRKQ1RBTVNOT1VYUklMTFpYSVk2Q1RaNEdSMjdJU0NaT1A2UUgiLCJ0eXBlIjoiYWNjb3VudCIsIm5hdHMiOnsiaW1wb3J0cyI6W3sibmFtZSI6InRlc3QiLCJzdWJqZWN0IjoidGVzdCIsImFjY291bnQiOiJBQlhXNU9aV09LSzUzWDNWNUhSVkdPMlJXTlVUU1NQSU1HVDZORU9SMjNBQzRNTk1QTlFTUTZWTCIsInRvIjoidGVzdCIsInR5cGUiOiJzZXJ2aWNlIn1dLCJsaW1pdHMiOnsic3VicyI6LTEsImNvbm4iOi0xLCJsZWFmIjotMSwiaW1wb3J0cyI6LTEsImV4cG9ydHMiOi0xLCJkYXRhIjotMSwicGF5bG9hZCI6LTEsIndpbGRjYXJkcyI6dHJ1ZX19fQ.VLv3U7k8jJaIcGpDYXo0XQCYNVMNQd2PHVUOXGMvCU8ifiYpkaRJ4G0UXZHqlQl_0g3M_LEtJw0K-4HwgOeIAA
|
||||||
|
|
||||||
|
// Account "SYS"
|
||||||
|
ABL65FFQWUDHHTGMGRFVVSQDBAWHGEJ2CDRCMGBFV6SB4MLKFSUPN7GP: eyJ0eXAiOiJqd3QiLCJhbGciOiJlZDI1NTE5In0.eyJqdGkiOiJPSUpENkozTjdCVk0zSEY0M0NCTUhLMllUNlpXTlFCWkZBRzQ0VE5RSFA3SlVZT0hZR0dRIiwiaWF0IjoxNTgzODIyNjYwLCJpc3MiOiJPQkZCSEMzVTVXVVRFTVpKTzNYN0hZWTJCNjNQWUpQT0RYS0FWWUdHU0VNQTczTEtGTVg0TEYyQSIsIm5hbWUiOiJTWVMiLCJzdWIiOiJBQkw2NUZGUVdVREhIVEdNR1JGVlZTUURCQVdIR0VKMkNEUkNNR0JGVjZTQjRNTEtGU1VQTjdHUCIsInR5cGUiOiJhY2NvdW50IiwibmF0cyI6eyJsaW1pdHMiOnsic3VicyI6LTEsImNvbm4iOi0xLCJsZWFmIjotMSwiaW1wb3J0cyI6LTEsImV4cG9ydHMiOi0xLCJkYXRhIjotMSwicGF5bG9hZCI6LTEsIndpbGRjYXJkcyI6dHJ1ZX19fQ.Jei8psto5h35bFn4y1Unsk0Noh6MYJxkB8Hs-nnLuUBrkTppSwukEkM_ufNGA_lxsmPki3zBf8y6rsQ13Ec5AA
|
||||||
|
|
||||||
|
// Account "A"
|
||||||
|
ABXW5OZWOKK53X3V5HRVGO2RWNUTSSPIMGT6NEOR23AC4MNMPNQSQ6VL: eyJ0eXAiOiJqd3QiLCJhbGciOiJlZDI1NTE5In0.eyJqdGkiOiJSRFNRTE9GT0gzRUoyUUNLSkkyUEJXNkxLMllUVFJDUUdGV0tJRFJJRVRVMzZTT0RPT1FRIiwiaWF0IjoxNTgzODIyNjYwLCJpc3MiOiJPQkZCSEMzVTVXVVRFTVpKTzNYN0hZWTJCNjNQWUpQT0RYS0FWWUdHU0VNQTczTEtGTVg0TEYyQSIsIm5hbWUiOiJBIiwic3ViIjoiQUJYVzVPWldPS0s1M1gzVjVIUlZHTzJSV05VVFNTUElNR1Q2TkVPUjIzQUM0TU5NUE5RU1E2VkwiLCJ0eXBlIjoiYWNjb3VudCIsIm5hdHMiOnsiZXhwb3J0cyI6W3sibmFtZSI6InRlc3QiLCJzdWJqZWN0IjoidGVzdCIsInR5cGUiOiJzZXJ2aWNlIiwicmVzcG9uc2VfdHlwZSI6IlNpbmdsZXRvbiIsInNlcnZpY2VfbGF0ZW5jeSI6eyJzYW1wbGluZyI6MTAwLCJyZXN1bHRzIjoibGF0ZW5jeS5vbi50ZXN0In19XSwibGltaXRzIjp7InN1YnMiOi0xLCJjb25uIjotMSwibGVhZiI6LTEsImltcG9ydHMiOi0xLCJleHBvcnRzIjotMSwiZGF0YSI6LTEsInBheWxvYWQiOi0xLCJ3aWxkY2FyZHMiOnRydWV9fX0.lJfHHkbXeEf6DbHFju0zktCjWL0kgll17BdYJl6f2hcZxbUtiyf3H1mGfrzELgCuEO7p8X11UpRVy_eTQfnGAA
|
||||||
|
|
||||||
|
// Account "STAN"
|
||||||
|
ACLSVE2AZYTXOBIJXOV5XHAIIM7KLL777F7GAEWW5W5P4IAR2VZJSGID: eyJ0eXAiOiJqd3QiLCJhbGciOiJlZDI1NTE5In0.eyJqdGkiOiJJT1ZPSFBPV1hJRDI2U1JYVEJQTTVUQlVKWDJRU0FSSTJMQjJTM09aRFpMU0paS1BOVU9BIiwiaWF0IjoxNTgzODIyNjYwLCJpc3MiOiJPQkZCSEMzVTVXVVRFTVpKTzNYN0hZWTJCNjNQWUpQT0RYS0FWWUdHU0VNQTczTEtGTVg0TEYyQSIsIm5hbWUiOiJTVEFOIiwic3ViIjoiQUNMU1ZFMkFaWVRYT0JJSlhPVjVYSEFJSU03S0xMNzc3RjdHQUVXVzVXNVA0SUFSMlZaSlNHSUQiLCJ0eXBlIjoiYWNjb3VudCIsIm5hdHMiOnsibGltaXRzIjp7InN1YnMiOi0xLCJjb25uIjotMSwibGVhZiI6LTEsImltcG9ydHMiOi0xLCJleHBvcnRzIjotMSwiZGF0YSI6LTEsInBheWxvYWQiOi0xLCJ3aWxkY2FyZHMiOnRydWV9fX0.CE5_K9kAdAgxesJRiJYh3kK2f74_c7T3bNQhgfaXOMzI8X6VOWqn0_5gH9jOD0xzHXIYiUMwy7a4Ou63PizHCw
|
||||||
|
|
||||||
|
}
|
@ -31,6 +31,9 @@ Common labels
|
|||||||
*/}}
|
*/}}
|
||||||
{{- define "nats.labels" -}}
|
{{- define "nats.labels" -}}
|
||||||
helm.sh/chart: {{ include "nats.chart" . }}
|
helm.sh/chart: {{ include "nats.chart" . }}
|
||||||
|
{{- range $name, $value := .Values.commonLabels }}
|
||||||
|
{{ $name }}: {{ $value }}
|
||||||
|
{{- end }}
|
||||||
{{ include "nats.selectorLabels" . }}
|
{{ include "nats.selectorLabels" . }}
|
||||||
{{- if .Chart.AppVersion }}
|
{{- if .Chart.AppVersion }}
|
||||||
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
|
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
|
||||||
@ -51,16 +54,16 @@ app.kubernetes.io/instance: {{ .Release.Name }}
|
|||||||
Return the proper NATS image name
|
Return the proper NATS image name
|
||||||
*/}}
|
*/}}
|
||||||
{{- define "nats.clusterAdvertise" -}}
|
{{- define "nats.clusterAdvertise" -}}
|
||||||
{{- printf "$(POD_NAME).%s.$(POD_NAMESPACE).svc" (include "nats.fullname" . ) }}
|
{{- printf "$(POD_NAME).%s.$(POD_NAMESPACE).svc.%s." (include "nats.fullname" . ) $.Values.k8sClusterDomain }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
||||||
{{/*
|
{{/*
|
||||||
Return the NATS cluster routes.
|
Return the NATS cluster routes.
|
||||||
*/}}
|
*/}}
|
||||||
{{- define "nats.clusterRoutes" -}}
|
{{- define "nats.clusterRoutes" -}}
|
||||||
{{- $name := default .Release.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
|
{{- $name := (include "nats.fullname" . ) -}}
|
||||||
{{- range $i, $e := until (.Values.cluster.replicas | int) -}}
|
{{- range $i, $e := until (.Values.cluster.replicas | int) -}}
|
||||||
{{- printf "nats://%s-%d.%s.%s.svc:6222," $name $i $name $.Release.Namespace -}}
|
{{- printf "nats://%s-%d.%s.%s.svc.%s.:6222," $name $i $name $.Release.Namespace $.Values.k8sClusterDomain -}}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
||||||
|
15
charts/kubezero-mq/charts/nats/templates/_mem_resolver.yaml
Normal file
15
charts/kubezero-mq/charts/nats/templates/_mem_resolver.yaml
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
{{- if .Values.auth.enabled }}
|
||||||
|
{{- if eq .Values.auth.resolver.type "memory" }}
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: ConfigMap
|
||||||
|
metadata:
|
||||||
|
name: {{ template "nats.name" . }}-accounts
|
||||||
|
labels:
|
||||||
|
app: {{ template "nats.name" . }}
|
||||||
|
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
|
||||||
|
data:
|
||||||
|
accounts.conf: |-
|
||||||
|
{{- .Files.Get "accounts.conf" | indent 6 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
@ -3,6 +3,7 @@ apiVersion: v1
|
|||||||
kind: ConfigMap
|
kind: ConfigMap
|
||||||
metadata:
|
metadata:
|
||||||
name: {{ include "nats.fullname" . }}-config
|
name: {{ include "nats.fullname" . }}-config
|
||||||
|
namespace: {{ .Release.Namespace | quote }}
|
||||||
labels:
|
labels:
|
||||||
{{- include "nats.labels" . | nindent 4 }}
|
{{- include "nats.labels" . | nindent 4 }}
|
||||||
data:
|
data:
|
||||||
@ -55,6 +56,29 @@ data:
|
|||||||
{{- end }}
|
{{- end }}
|
||||||
}
|
}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
{{- if .Values.mqtt.enabled }}
|
||||||
|
###################################
|
||||||
|
# #
|
||||||
|
# NATS MQTT #
|
||||||
|
# #
|
||||||
|
###################################
|
||||||
|
mqtt {
|
||||||
|
port: 1883
|
||||||
|
|
||||||
|
{{- with .Values.mqtt.tls }}
|
||||||
|
{{- $mqtt_tls := merge (dict) . }}
|
||||||
|
{{- $_ := set $mqtt_tls "secretPath" "/etc/nats-certs/mqtt" }}
|
||||||
|
{{- include "nats.tlsConfig" $mqtt_tls | nindent 6}}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{- if .Values.mqtt.noAuthUser }}
|
||||||
|
no_auth_user: {{ .Values.mqtt.noAuthUser | quote }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
ack_wait: {{ .Values.mqtt.ackWait | quote }}
|
||||||
|
max_ack_pending: {{ .Values.mqtt.maxAckPending }}
|
||||||
|
}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
{{- if .Values.cluster.enabled }}
|
{{- if .Values.cluster.enabled }}
|
||||||
###################################
|
###################################
|
||||||
@ -83,6 +107,20 @@ data:
|
|||||||
{{- include "nats.tlsConfig" $cluster_tls | nindent 6}}
|
{{- include "nats.tlsConfig" $cluster_tls | nindent 6}}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
||||||
|
{{- if .Values.cluster.authorization }}
|
||||||
|
authorization {
|
||||||
|
{{- with .Values.cluster.authorization.user }}
|
||||||
|
user: {{ . }}
|
||||||
|
{{- end }}
|
||||||
|
{{- with .Values.cluster.authorization.password }}
|
||||||
|
password: {{ . }}
|
||||||
|
{{- end }}
|
||||||
|
{{- with .Values.cluster.authorization.timeout }}
|
||||||
|
timeout: {{ . }}
|
||||||
|
{{- end }}
|
||||||
|
}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
routes = [
|
routes = [
|
||||||
{{ include "nats.clusterRoutes" . }}
|
{{ include "nats.clusterRoutes" . }}
|
||||||
]
|
]
|
||||||
@ -135,6 +173,23 @@ data:
|
|||||||
{{- with .credentials }}
|
{{- with .credentials }}
|
||||||
credentials: "/etc/nats-creds/{{ .secret.name }}/{{ .secret.key }}"
|
credentials: "/etc/nats-creds/{{ .secret.name }}/{{ .secret.key }}"
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
||||||
|
{{- with .tls }}
|
||||||
|
{{ $secretName := .secret.name }}
|
||||||
|
tls: {
|
||||||
|
{{- with .cert }}
|
||||||
|
cert_file: /etc/nats-certs/leafnodes/{{ $secretName }}/{{ . }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{- with .key }}
|
||||||
|
key_file: /etc/nats-certs/leafnodes/{{ $secretName }}/{{ . }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{- with .ca }}
|
||||||
|
ca_file: /etc/nats-certs/leafnodes/{{ $secretName }}/{{ . }}
|
||||||
|
{{- end }}
|
||||||
|
}
|
||||||
|
{{- end }}
|
||||||
}
|
}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
]
|
]
|
||||||
@ -236,7 +291,7 @@ data:
|
|||||||
# Websocket #
|
# Websocket #
|
||||||
# #
|
# #
|
||||||
##################
|
##################
|
||||||
ws {
|
websocket {
|
||||||
port: {{ .Values.websocket.port }}
|
port: {{ .Values.websocket.port }}
|
||||||
{{- if .Values.websocket.tls }}
|
{{- if .Values.websocket.tls }}
|
||||||
{{ $secretName := .secret.name }}
|
{{ $secretName := .secret.name }}
|
||||||
@ -328,6 +383,12 @@ data:
|
|||||||
}
|
}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
||||||
|
{{- if .token }}
|
||||||
|
authorization {
|
||||||
|
token: "{{ .token }}"
|
||||||
|
}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
{{- with .accounts }}
|
{{- with .accounts }}
|
||||||
accounts: {{- toRawJson . }}
|
accounts: {{- toRawJson . }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
@ -4,6 +4,7 @@ apiVersion: apps/v1
|
|||||||
kind: Deployment
|
kind: Deployment
|
||||||
metadata:
|
metadata:
|
||||||
name: {{ include "nats.fullname" . }}-box
|
name: {{ include "nats.fullname" . }}-box
|
||||||
|
namespace: {{ .Release.Namespace | quote }}
|
||||||
labels:
|
labels:
|
||||||
app: {{ include "nats.fullname" . }}-box
|
app: {{ include "nats.fullname" . }}-box
|
||||||
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
|
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
|
||||||
@ -16,7 +17,17 @@ spec:
|
|||||||
metadata:
|
metadata:
|
||||||
labels:
|
labels:
|
||||||
app: {{ include "nats.fullname" . }}-box
|
app: {{ include "nats.fullname" . }}-box
|
||||||
|
{{- if .Values.natsbox.podAnnotations }}
|
||||||
|
annotations:
|
||||||
|
{{- range $key, $value := .Values.natsbox.podAnnotations }}
|
||||||
|
{{ $key }}: {{ $value | quote }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
spec:
|
spec:
|
||||||
|
{{- with .Values.natsbox.affinity }}
|
||||||
|
affinity:
|
||||||
|
{{- tpl (toYaml .) $ | nindent 8 }}
|
||||||
|
{{- end }}
|
||||||
volumes:
|
volumes:
|
||||||
{{- if .Values.natsbox.credentials }}
|
{{- if .Values.natsbox.credentials }}
|
||||||
- name: nats-sys-creds
|
- name: nats-sys-creds
|
||||||
@ -29,11 +40,16 @@ spec:
|
|||||||
secret:
|
secret:
|
||||||
secretName: {{ $secretName }}
|
secretName: {{ $secretName }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
{{- with .Values.imagePullSecrets }}
|
||||||
|
imagePullSecrets:
|
||||||
|
{{- toYaml . | nindent 8 }}
|
||||||
|
{{- end }}
|
||||||
containers:
|
containers:
|
||||||
- name: nats-box
|
- name: nats-box
|
||||||
image: {{ .Values.natsbox.image }}
|
image: {{ .Values.natsbox.image }}
|
||||||
imagePullPolicy: {{ .Values.natsbox.pullPolicy }}
|
imagePullPolicy: {{ .Values.natsbox.pullPolicy }}
|
||||||
|
resources:
|
||||||
|
{{- toYaml .Values.natsbox.resources | nindent 10 }}
|
||||||
env:
|
env:
|
||||||
- name: NATS_URL
|
- name: NATS_URL
|
||||||
value: {{ template "nats.fullname" . }}
|
value: {{ template "nats.fullname" . }}
|
||||||
@ -72,4 +88,8 @@ spec:
|
|||||||
- name: {{ $secretName }}-clients-volume
|
- name: {{ $secretName }}-clients-volume
|
||||||
mountPath: /etc/nats-certs/clients/{{ $secretName }}
|
mountPath: /etc/nats-certs/clients/{{ $secretName }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
{{- with .Values.securityContext }}
|
||||||
|
securityContext:
|
||||||
|
{{ toYaml . | indent 8 }}
|
||||||
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
@ -5,6 +5,7 @@ kind: PodDisruptionBudget
|
|||||||
metadata:
|
metadata:
|
||||||
labels:
|
labels:
|
||||||
name: {{ include "nats.fullname" . }}
|
name: {{ include "nats.fullname" . }}
|
||||||
|
namespace: {{ .Release.Namespace | quote }}
|
||||||
labels:
|
labels:
|
||||||
{{- include "nats.labels" . | nindent 4 }}
|
{{- include "nats.labels" . | nindent 4 }}
|
||||||
spec:
|
spec:
|
||||||
|
@ -3,6 +3,7 @@ apiVersion: v1
|
|||||||
kind: Service
|
kind: Service
|
||||||
metadata:
|
metadata:
|
||||||
name: {{ include "nats.fullname" . }}
|
name: {{ include "nats.fullname" . }}
|
||||||
|
namespace: {{ .Release.Namespace | quote }}
|
||||||
labels:
|
labels:
|
||||||
{{- include "nats.labels" . | nindent 4 }}
|
{{- include "nats.labels" . | nindent 4 }}
|
||||||
{{- if .Values.serviceAnnotations}}
|
{{- if .Values.serviceAnnotations}}
|
||||||
@ -23,16 +24,44 @@ spec:
|
|||||||
{{- if .Values.websocket.enabled }}
|
{{- if .Values.websocket.enabled }}
|
||||||
- name: websocket
|
- name: websocket
|
||||||
port: {{ .Values.websocket.port }}
|
port: {{ .Values.websocket.port }}
|
||||||
|
{{- if .Values.appProtocol.enabled }}
|
||||||
|
appProtocol: tcp
|
||||||
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
- name: client
|
- name: client
|
||||||
port: 4222
|
port: 4222
|
||||||
|
{{- if .Values.appProtocol.enabled }}
|
||||||
|
appProtocol: tcp
|
||||||
|
{{- end }}
|
||||||
- name: cluster
|
- name: cluster
|
||||||
port: 6222
|
port: 6222
|
||||||
|
{{- if .Values.appProtocol.enabled }}
|
||||||
|
appProtocol: tcp
|
||||||
|
{{- end }}
|
||||||
- name: monitor
|
- name: monitor
|
||||||
port: 8222
|
port: 8222
|
||||||
|
{{- if .Values.appProtocol.enabled }}
|
||||||
|
appProtocol: http
|
||||||
|
{{- end }}
|
||||||
- name: metrics
|
- name: metrics
|
||||||
port: 7777
|
port: 7777
|
||||||
|
{{- if .Values.appProtocol.enabled }}
|
||||||
|
appProtocol: http
|
||||||
|
{{- end }}
|
||||||
- name: leafnodes
|
- name: leafnodes
|
||||||
port: 7422
|
port: 7422
|
||||||
|
{{- if .Values.appProtocol.enabled }}
|
||||||
|
appProtocol: tcp
|
||||||
|
{{- end }}
|
||||||
- name: gateways
|
- name: gateways
|
||||||
port: 7522
|
port: 7522
|
||||||
|
{{- if .Values.appProtocol.enabled }}
|
||||||
|
appProtocol: tcp
|
||||||
|
{{- end }}
|
||||||
|
{{- if .Values.mqtt.enabled }}
|
||||||
|
- name: mqtt
|
||||||
|
port: 1883
|
||||||
|
{{- if .Values.appProtocol.enabled }}
|
||||||
|
appProtocol: tcp
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
@ -3,14 +3,15 @@ apiVersion: apps/v1
|
|||||||
kind: StatefulSet
|
kind: StatefulSet
|
||||||
metadata:
|
metadata:
|
||||||
name: {{ include "nats.fullname" . }}
|
name: {{ include "nats.fullname" . }}
|
||||||
|
namespace: {{ .Release.Namespace | quote }}
|
||||||
labels:
|
labels:
|
||||||
{{- include "nats.labels" . | nindent 4 }}
|
{{- include "nats.labels" . | nindent 4 }}
|
||||||
{{- if .Values.statefulSetAnnotations}}
|
{{- if .Values.statefulSetAnnotations}}
|
||||||
annotations:
|
annotations:
|
||||||
{{- range $key, $value := .Values.statefulSetAnnotations }}
|
{{- range $key, $value := .Values.statefulSetAnnotations }}
|
||||||
{{ $key }}: {{ $value | quote }}
|
{{ $key }}: {{ $value | quote }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
spec:
|
spec:
|
||||||
selector:
|
selector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
@ -115,6 +116,12 @@ spec:
|
|||||||
secret:
|
secret:
|
||||||
secretName: {{ $secretName }}
|
secretName: {{ $secretName }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
{{- with .Values.mqtt.tls }}
|
||||||
|
{{ $secretName := .secret.name }}
|
||||||
|
- name: {{ $secretName }}-mqtt-volume
|
||||||
|
secret:
|
||||||
|
secretName: {{ $secretName }}
|
||||||
|
{{- end }}
|
||||||
{{- with .Values.cluster.tls }}
|
{{- with .Values.cluster.tls }}
|
||||||
{{ $secretName := .secret.name }}
|
{{ $secretName := .secret.name }}
|
||||||
- name: {{ $secretName }}-cluster-volume
|
- name: {{ $secretName }}-cluster-volume
|
||||||
@ -182,6 +189,8 @@ spec:
|
|||||||
fieldPath: spec.nodeName
|
fieldPath: spec.nodeName
|
||||||
image: {{ .Values.bootconfig.image }}
|
image: {{ .Values.bootconfig.image }}
|
||||||
imagePullPolicy: {{ .Values.bootconfig.pullPolicy }}
|
imagePullPolicy: {{ .Values.bootconfig.pullPolicy }}
|
||||||
|
resources:
|
||||||
|
{{- toYaml .Values.bootconfig.resources | nindent 10 }}
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- mountPath: /etc/nats-config/advertise
|
- mountPath: /etc/nats-config/advertise
|
||||||
name: advertiseconfig
|
name: advertiseconfig
|
||||||
@ -222,6 +231,13 @@ spec:
|
|||||||
name: monitor
|
name: monitor
|
||||||
- containerPort: 7777
|
- containerPort: 7777
|
||||||
name: metrics
|
name: metrics
|
||||||
|
{{- if .Values.mqtt.enabled }}
|
||||||
|
- containerPort: 1883
|
||||||
|
name: mqtt
|
||||||
|
{{- if .Values.nats.externalAccess }}
|
||||||
|
hostPort: 1883
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
{{- if .Values.websocket.enabled }}
|
{{- if .Values.websocket.enabled }}
|
||||||
- containerPort: {{ .Values.websocket.port }}
|
- containerPort: {{ .Values.websocket.port }}
|
||||||
name: websocket
|
name: websocket
|
||||||
@ -297,6 +313,11 @@ spec:
|
|||||||
- name: {{ $secretName }}-clients-volume
|
- name: {{ $secretName }}-clients-volume
|
||||||
mountPath: /etc/nats-certs/clients/{{ $secretName }}
|
mountPath: /etc/nats-certs/clients/{{ $secretName }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
{{- with .Values.mqtt.tls }}
|
||||||
|
{{ $secretName := .secret.name }}
|
||||||
|
- name: {{ $secretName }}-mqtt-volume
|
||||||
|
mountPath: /etc/nats-certs/mqtt/{{ $secretName }}
|
||||||
|
{{- end }}
|
||||||
{{- with .Values.cluster.tls }}
|
{{- with .Values.cluster.tls }}
|
||||||
{{ $secretName := .secret.name }}
|
{{ $secretName := .secret.name }}
|
||||||
- name: {{ $secretName }}-cluster-volume
|
- name: {{ $secretName }}-cluster-volume
|
||||||
@ -369,6 +390,8 @@ spec:
|
|||||||
- name: reloader
|
- name: reloader
|
||||||
image: {{ .Values.reloader.image }}
|
image: {{ .Values.reloader.image }}
|
||||||
imagePullPolicy: {{ .Values.reloader.pullPolicy }}
|
imagePullPolicy: {{ .Values.reloader.pullPolicy }}
|
||||||
|
resources:
|
||||||
|
{{- toYaml .Values.reloader.resources | nindent 10 }}
|
||||||
command:
|
command:
|
||||||
- "nats-server-config-reloader"
|
- "nats-server-config-reloader"
|
||||||
- "-pid"
|
- "-pid"
|
||||||
@ -391,6 +414,8 @@ spec:
|
|||||||
- name: metrics
|
- name: metrics
|
||||||
image: {{ .Values.exporter.image }}
|
image: {{ .Values.exporter.image }}
|
||||||
imagePullPolicy: {{ .Values.exporter.pullPolicy }}
|
imagePullPolicy: {{ .Values.exporter.pullPolicy }}
|
||||||
|
resources:
|
||||||
|
{{- toYaml .Values.exporter.resources | nindent 10 }}
|
||||||
args:
|
args:
|
||||||
- -connz
|
- -connz
|
||||||
- -routez
|
- -routez
|
||||||
@ -398,6 +423,9 @@ spec:
|
|||||||
- -varz
|
- -varz
|
||||||
- -prefix=nats
|
- -prefix=nats
|
||||||
- -use_internal_server_id
|
- -use_internal_server_id
|
||||||
|
{{- if .Values.nats.jetstream.enabled }}
|
||||||
|
- -jsz=all
|
||||||
|
{{- end }}
|
||||||
- http://localhost:8222/
|
- http://localhost:8222/
|
||||||
ports:
|
ports:
|
||||||
- containerPort: 7777
|
- containerPort: 7777
|
||||||
|
@ -4,7 +4,7 @@
|
|||||||
# #
|
# #
|
||||||
###############################
|
###############################
|
||||||
nats:
|
nats:
|
||||||
image: nats:2.1.9-alpine3.12
|
image: nats:2.3.2-alpine
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
|
|
||||||
# Toggle whether to enable external access.
|
# Toggle whether to enable external access.
|
||||||
@ -103,7 +103,33 @@ nats:
|
|||||||
# cert: "tls.crt"
|
# cert: "tls.crt"
|
||||||
# key: "tls.key"
|
# key: "tls.key"
|
||||||
|
|
||||||
|
mqtt:
|
||||||
|
enabled: false
|
||||||
|
ackWait: 1m
|
||||||
|
maxAckPending: 100
|
||||||
|
|
||||||
|
#######################
|
||||||
|
# #
|
||||||
|
# TLS Configuration #
|
||||||
|
# #
|
||||||
|
#######################
|
||||||
|
#
|
||||||
|
# # You can find more on how to setup and trouble shoot TLS connnections at:
|
||||||
|
#
|
||||||
|
# # https://docs.nats.io/nats-server/configuration/securing_nats/tls
|
||||||
|
#
|
||||||
|
|
||||||
|
#
|
||||||
|
# tls:
|
||||||
|
# secret:
|
||||||
|
# name: nats-mqtt-tls
|
||||||
|
# ca: "ca.crt"
|
||||||
|
# cert: "tls.crt"
|
||||||
|
# key: "tls.key"
|
||||||
|
|
||||||
nameOverride: ""
|
nameOverride: ""
|
||||||
|
# An array of imagePullSecrets, and they have to be created manually in the same namespace
|
||||||
|
# ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
|
||||||
imagePullSecrets: []
|
imagePullSecrets: []
|
||||||
|
|
||||||
# Toggle whether to use setup a Pod Security Context
|
# Toggle whether to use setup a Pod Security Context
|
||||||
@ -154,6 +180,10 @@ cluster:
|
|||||||
enabled: false
|
enabled: false
|
||||||
replicas: 3
|
replicas: 3
|
||||||
noAdvertise: false
|
noAdvertise: false
|
||||||
|
# authorization:
|
||||||
|
# user: foo
|
||||||
|
# password: pwd
|
||||||
|
# timeout: 0.5
|
||||||
|
|
||||||
# Leafnode connections to extend a cluster:
|
# Leafnode connections to extend a cluster:
|
||||||
#
|
#
|
||||||
@ -222,7 +252,7 @@ gateway:
|
|||||||
# enabled, an initializer container will be used to gather
|
# enabled, an initializer container will be used to gather
|
||||||
# the public ips.
|
# the public ips.
|
||||||
bootconfig:
|
bootconfig:
|
||||||
image: connecteverything/nats-boot-config:0.5.2
|
image: natsio/nats-boot-config:0.5.3
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
|
|
||||||
# NATS Box
|
# NATS Box
|
||||||
@ -231,25 +261,40 @@ bootconfig:
|
|||||||
#
|
#
|
||||||
natsbox:
|
natsbox:
|
||||||
enabled: true
|
enabled: true
|
||||||
image: synadia/nats-box:0.4.0
|
image: natsio/nats-box:0.6.0
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
|
|
||||||
|
# An array of imagePullSecrets, and they have to be created manually in the same namespace
|
||||||
|
# ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
|
||||||
|
imagePullSecrets: []
|
||||||
|
# - name: dockerhub
|
||||||
|
|
||||||
# credentials:
|
# credentials:
|
||||||
# secret:
|
# secret:
|
||||||
# name: nats-sys-creds
|
# name: nats-sys-creds
|
||||||
# key: sys.creds
|
# key: sys.creds
|
||||||
|
|
||||||
|
# Annotations to add to the box pods
|
||||||
|
# ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
|
||||||
|
podAnnotations: {}
|
||||||
|
# key: "value"
|
||||||
|
|
||||||
|
# Affinity for nats box pod assignment
|
||||||
|
# ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
|
||||||
|
affinity: {}
|
||||||
|
|
||||||
# The NATS config reloader image to use.
|
# The NATS config reloader image to use.
|
||||||
reloader:
|
reloader:
|
||||||
enabled: true
|
enabled: true
|
||||||
image: connecteverything/nats-server-config-reloader:0.6.0
|
image: natsio/nats-server-config-reloader:0.6.1
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
|
|
||||||
# Prometheus NATS Exporter configuration.
|
# Prometheus NATS Exporter configuration.
|
||||||
exporter:
|
exporter:
|
||||||
enabled: true
|
enabled: true
|
||||||
image: synadia/prometheus-nats-exporter:0.5.0
|
image: natsio/prometheus-nats-exporter:0.8.0
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
|
resources: {}
|
||||||
# Prometheus operator ServiceMonitor support. Exporter has to be enabled
|
# Prometheus operator ServiceMonitor support. Exporter has to be enabled
|
||||||
serviceMonitor:
|
serviceMonitor:
|
||||||
enabled: false
|
enabled: false
|
||||||
@ -282,6 +327,9 @@ auth:
|
|||||||
# name: operator-jwt
|
# name: operator-jwt
|
||||||
# key: KO.jwt
|
# key: KO.jwt
|
||||||
|
|
||||||
|
# Token authentication
|
||||||
|
# token:
|
||||||
|
|
||||||
# Public key of the System Account
|
# Public key of the System Account
|
||||||
# systemAccount:
|
# systemAccount:
|
||||||
|
|
||||||
@ -345,3 +393,13 @@ auth:
|
|||||||
websocket:
|
websocket:
|
||||||
enabled: false
|
enabled: false
|
||||||
port: 443
|
port: 443
|
||||||
|
|
||||||
|
appProtocol:
|
||||||
|
enabled: false
|
||||||
|
|
||||||
|
# Cluster Domain configured on the kubelets
|
||||||
|
# https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/
|
||||||
|
k8sClusterDomain: cluster.local
|
||||||
|
|
||||||
|
# Add labels to all the deployed resources
|
||||||
|
commonLabels: {}
|
||||||
|
@ -1,14 +1,10 @@
|
|||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
set -ex
|
set -ex
|
||||||
|
|
||||||
### NATS
|
## NATS
|
||||||
|
|
||||||
# get latest chart until they have upstream repo fixed
|
NATS_VERSION=0.8.4
|
||||||
rm -rf charts/nats && mkdir -p charts/nats
|
rm -rf charts/nats && curl -L -s -o - https://github.com/nats-io/k8s/releases/download/v$NATS_VERSION/nats-$NATS_VERSION.tgz | tar xfz - -C charts
|
||||||
|
|
||||||
git clone --depth=1 https://github.com/nats-io/k8s.git
|
|
||||||
cp -r k8s/helm/charts/nats/* charts/nats/
|
|
||||||
rm -rf k8s
|
|
||||||
|
|
||||||
# Fetch dashboards
|
# Fetch dashboards
|
||||||
../kubezero-metrics/sync_grafana_dashboards.py dashboards-nats.yaml templates/nats/grafana-dashboards.yaml
|
../kubezero-metrics/sync_grafana_dashboards.py dashboards-nats.yaml templates/nats/grafana-dashboards.yaml
|
||||||
|
@ -3,8 +3,6 @@ nats:
|
|||||||
enabled: false
|
enabled: false
|
||||||
|
|
||||||
nats:
|
nats:
|
||||||
image: nats:2.2.1-alpine3.13
|
|
||||||
|
|
||||||
advertise: false
|
advertise: false
|
||||||
|
|
||||||
jetstream:
|
jetstream:
|
||||||
@ -17,6 +15,9 @@ nats:
|
|||||||
serviceMonitor:
|
serviceMonitor:
|
||||||
enabled: false
|
enabled: false
|
||||||
|
|
||||||
|
mqtt:
|
||||||
|
enabled: false
|
||||||
|
|
||||||
# rabbitmq
|
# rabbitmq
|
||||||
rabbitmq:
|
rabbitmq:
|
||||||
enabled: false
|
enabled: false
|
||||||
|
Loading…
Reference in New Issue
Block a user