nomad
/
kafka
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Some more work on the kafka stack

This commit is contained in:
Daniel Berteaud 2024-04-04 11:53:44 +02:00
parent d7fba42552
commit fd1fdf985a
7 changed files with 18 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
images/kafka-broker/Dockerfile
View File

@ -26,7 +26,7 @@ RUN set -ex &&\
FROM [[ .docker.repo ]][[ .docker.base_images.java17.image ]]
MAINTAINER [[ .docker.maintainer ]]
ENV PATH=$PATH:/opt/kafka/bin \
ENV PATH=/opt/kafka/bin:$PATH \
KAFKA_DATA_DIR=/data \
KAFKA_CONF_DIR=/opt/kafka/config \
KAFKA_HEAP_OPTS="-Xmx1G -Xms1G" \

0
images/kafka-broker/root/entrypoint.d/10-kafka.env → images/kafka-broker/root/entrypoint.d/40-kafka.env
View File

9
kafka-jikkou.nomad.hcl
View File

@ -24,10 +24,11 @@ job "[[ .instance ]]-jikkou" {
driver = "[[ $c.nomad.driver ]]"
config {
image = "[[ $c.image ]]"
image = "[[ $c.image ]]"
readonly_rootfs = true
pids_limit = 100
command = "/local/jikkou"
pids_limit = 100
command = "/local/jikkou"
[[ template "common/tmpfs" "/root" ]]
}
[[ template "common/vault.policies" $c ]]
@ -67,7 +68,7 @@ _EOT
[[ template "kafka/jikkou/jikkou.conf" $c ]]
_EOT
destination = "local/jikkou.conf"
perms = 755
perms = 755
}
# Kafka topics definition

2
templates/brokers/server.properties
View File

@ -5,7 +5,7 @@ broker.id={{ env "NOMAD_ALLOC_INDEX" }}
listeners=CLIENT://:{{ env "NOMAD_PORT_client" }},BROKER://:{{ env "NOMAD_PORT_broker" }}
listener.security.protocol.map=CLIENT:SSL,BROKER:SSL
inter.broker.listener.name=BROKER
advertised.listeners=CLIENT://broker-{{ env "NOMAD_ALLOC_INDEX" }}.exchange-broker{{ env "ENV_SUFFIX" }}.service.{{ env "CT_DOMAIN" }}:{{ env "NOMAD_HOST_PORT_client" }},BROKER://{{ env "NOMAD_ADDR_broker" }}
advertised.listeners=CLIENT://broker-{{ env "NOMAD_ALLOC_INDEX" }}.[[ .instance ]]-broker[[ .consul.suffix ]].service.[[ .consul.domain ]]:{{ env "NOMAD_HOST_PORT_client" }},BROKER://{{ env "NOMAD_ADDR_broker" }}
# TLS Settings
ssl.keystore.location=/secrets/kafka.p12

2
templates/jikkou/jikkou.conf
View File

@ -2,7 +2,7 @@ jikkou {
kafka {
client {
bootstrap.servers = "
{{- range $index, $instance := service "[[ .instance ]]-broker[ .consul.suffix ]]" -}}
{{- range $index, $instance := service "[[ .instance ]]-broker[[ .consul.suffix ]]" -}}
{{ if ne $index 0 }},{{ end }}{{ $instance.Address }}:{{ $instance.Port }}
{{- end -}}
"

8
variables.yml
View File

@ -11,7 +11,7 @@ kafka:
broker:
count: 3
version: 3.7.0
image: '[[ .docker.repo ]]kafka-broker:[[ .kafka.broker.version ]]-1'
image: '[[ .docker.repo ]]kafka-broker:[[ .kafka.broker.version ]]-2'
env: {}
resources:
cpu: 100
@ -20,9 +20,13 @@ kafka:
enabled: '[[ .prometheus.available ]]'
# static_client_port: 9092
# static_broker_port: 9095
nomad:
constraints:
- operator: distinct_hosts
value: true
consul:
meta:
broker: 'broker-${NOMAD_ALLOC_INDEX}.[[ .instance ]][[ .consul.suffix ]].service.[[ .consul.domain ]]'
broker: 'broker-${NOMAD_ALLOC_INDEX}.[[ .instance ]]-broker[[ .consul.suffix ]].service.[[ .consul.domain ]]'
connect:
upstreams:
- destination_name: zookeeper[[ .consul.suffix ]]

4
vault/policies/kafka-brokers.hcl → vault/policies/kafka-broker.hcl
View File

@ -2,3 +2,7 @@
path "[[ $c.vault.pki.path ]]/issue/[[ .instance ]]-broker" {
capabilities = ["update"]
}
path "[[ $c.vault.root ]]kv/data/service/[[ .instance ]]/broker" {
capabilities = ["read"]
}