# # Licensed to the Apache Software Foundation (ASF) under one # or more contributor license agreements. See the NOTICE file # distributed with this work for additional information # regarding copyright ownership. The ASF licenses this file # to you under the Apache License, Version 2.0 (the # "License"); you may not use this file except in compliance # with the License. You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, # software distributed under the License is distributed on an # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY # KIND, either express or implied. See the License for the # specific language governing permissions and limitations # under the License. # {{- if .Values.components.broker }} apiVersion: v1 kind: ConfigMap metadata: name: "{{ template "pulsar.fullname" . }}-{{ .Values.broker.component }}" namespace: {{ template "pulsar.namespace" . }} labels: {{- include "pulsar.standardLabels" . | nindent 4 }} component: {{ .Values.broker.component }} data: # Metadata settings zookeeperServers: "{{ template "pulsar.zookeeper.connect" . }}{{ .Values.metadataPrefix }}" {{- if .Values.pulsar_metadata.configurationStore }} configurationStoreServers: "{{ template "pulsar.configurationStore.connect" . }}{{ .Values.pulsar_metadata.configurationStoreMetadataPrefix }}" {{- end }} {{- if not .Values.pulsar_metadata.configurationStore }} configurationStoreServers: "{{ template "pulsar.zookeeper.connect" . }}{{ .Values.metadataPrefix }}" {{- end }} # Broker settings clusterName: {{ template "pulsar.cluster.name" . }} exposeTopicLevelMetricsInPrometheus: "true" numHttpServerThreads: "8" zooKeeperSessionTimeoutMillis: "30000" statusFilePath: "{{ template "pulsar.home" . }}/status" # Function Worker Settings # function worker configuration {{- if not (or .Values.components.functions .Values.extra.functionsAsPods) }} functionsWorkerEnabled: "false" {{- end }} {{- if or .Values.components.functions .Values.extra.functionsAsPods }} functionsWorkerEnabled: "true" PF_functionRuntimeFactoryClassName: "org.apache.pulsar.functions.runtime.kubernetes.KubernetesRuntimeFactory" PF_pulsarFunctionsCluster: {{ template "pulsar.cluster.name" . }} PF_connectorsDirectory: ./connectors PF_containerFactory: k8s PF_numFunctionPackageReplicas: "{{ .Values.broker.configData.managedLedgerDefaultEnsembleSize }}" # support version >= 2.5.0 PF_functionRuntimeFactoryConfigs_pulsarRootDir: {{ template "pulsar.home" . }} PF_kubernetesContainerFactory_pulsarRootDir: {{ template "pulsar.home" . }} PF_functionRuntimeFactoryConfigs_pulsarDockerImageName: "{{ template "pulsar.imageFullName" (dict "image" .Values.images.functions "root" .) }}" PF_functionRuntimeFactoryConfigs_submittingInsidePod: "true" PF_functionRuntimeFactoryConfigs_installUserCodeDependencies: "true" PF_functionRuntimeFactoryConfigs_jobNamespace: {{ template "pulsar.namespace" . }} PF_functionRuntimeFactoryConfigs_expectedMetricsCollectionInterval: "30" {{- if not (and .Values.tls.enabled .Values.tls.broker.enabled) }} PF_functionRuntimeFactoryConfigs_pulsarAdminUrl: "http://{{ template "pulsar.fullname" . }}-{{ .Values.broker.component }}:{{ .Values.broker.ports.http }}/" PF_functionRuntimeFactoryConfigs_pulsarServiceUrl: "pulsar://{{ template "pulsar.fullname" . }}-{{ .Values.broker.component }}:{{ .Values.broker.ports.pulsar }}/" {{- end }} {{- if and .Values.tls.enabled .Values.tls.broker.enabled }} PF_functionRuntimeFactoryConfigs_pulsarAdminUrl: "https://{{ template "pulsar.fullname" . }}-{{ .Values.broker.component }}:{{ .Values.broker.ports.https }}/" PF_functionRuntimeFactoryConfigs_pulsarServiceUrl: "pulsar+ssl://{{ template "pulsar.fullname" . }}-{{ .Values.broker.component }}:{{ .Values.broker.ports.pulsarssl }}/" {{- end }} PF_functionRuntimeFactoryConfigs_changeConfigMap: "{{ template "pulsar.fullname" . }}-{{ .Values.functions.component }}-config" PF_functionRuntimeFactoryConfigs_changeConfigMapNamespace: {{ template "pulsar.namespace" . }} # support version < 2.5.0 PF_kubernetesContainerFactory_pulsarDockerImageName: "{{ template "pulsar.imageFullName" (dict "image" .Values.images.functions "root" .) }}" PF_kubernetesContainerFactory_submittingInsidePod: "true" PF_kubernetesContainerFactory_installUserCodeDependencies: "true" PF_kubernetesContainerFactory_jobNamespace: {{ template "pulsar.namespace" . }} PF_kubernetesContainerFactory_expectedMetricsCollectionInterval: "30" {{- if not (and .Values.tls.enabled .Values.tls.broker.enabled) }} PF_kubernetesContainerFactory_pulsarAdminUrl: "http://{{ template "pulsar.fullname" . }}-{{ .Values.broker.component }}:{{ .Values.broker.ports.http }}/" PF_kubernetesContainerFactory_pulsarServiceUrl: "pulsar://{{ template "pulsar.fullname" . }}-{{ .Values.broker.component }}:{{ .Values.broker.ports.pulsar }}/" {{- end }} {{- if and .Values.tls.enabled .Values.tls.broker.enabled }} PF_kubernetesContainerFactory_pulsarAdminUrl: "https://{{ template "pulsar.fullname" . }}-{{ .Values.broker.component }}:{{ .Values.broker.ports.https }}/" PF_kubernetesContainerFactory_pulsarServiceUrl: "pulsar+ssl://{{ template "pulsar.fullname" . }}-{{ .Values.broker.component }}:{{ .Values.broker.ports.pulsarssl }}/" {{- end }} PF_kubernetesContainerFactory_changeConfigMap: "{{ template "pulsar.fullname" . }}-{{ .Values.functions.component }}-config" PF_kubernetesContainerFactory_changeConfigMapNamespace: {{ template "pulsar.namespace" . }} {{- end }} # prometheus needs to access /metrics endpoint webServicePort: "{{ .Values.broker.ports.http }}" {{- if or (not .Values.tls.enabled) (not .Values.tls.broker.enabled) }} brokerServicePort: "{{ .Values.broker.ports.pulsar }}" {{- end }} {{- if and .Values.tls.enabled .Values.tls.broker.enabled }} brokerServicePortTls: "{{ .Values.broker.ports.pulsarssl }}" webServicePortTls: "{{ .Values.broker.ports.https }}" # TLS Settings tlsCertificateFilePath: "/pulsar/certs/broker/tls.crt" tlsKeyFilePath: "/pulsar/certs/broker/tls.key" tlsTrustCertsFilePath: "/pulsar/certs/ca/ca.crt" {{- end }} # Authentication Settings {{- if .Values.auth.authentication.enabled }} authenticationEnabled: "true" {{- if .Values.auth.authorization.enabled }} authorizationEnabled: "true" superUserRoles: {{ .Values.auth.superUsers | values | sortAlpha | join "," }} {{- end }} {{- if eq .Values.auth.authentication.provider "jwt" }} # token authentication configuration authenticationProviders: "org.apache.pulsar.broker.authentication.AuthenticationProviderToken" brokerClientAuthenticationParameters: "file:///pulsar/tokens/broker/token" brokerClientAuthenticationPlugin: "org.apache.pulsar.client.impl.auth.AuthenticationToken" {{- if .Values.auth.authentication.jwt.usingSecretKey }} tokenSecretKey: "file:///pulsar/keys/token/secret.key" {{- else }} tokenPublicKey: "file:///pulsar/keys/token/public.key" {{- end }} {{- end }} {{- end }} {{- if and .Values.tls.enabled .Values.tls.bookie.enabled }} # bookkeeper tls settings bookkeeperTLSClientAuthentication: "true" bookkeeperTLSKeyFileType: "PEM" bookkeeperTLSKeyFilePath: "/pulsar/certs/broker/tls.key" bookkeeperTLSCertificateFilePath: "/pulsar/certs/broker/tls.crt" bookkeeperTLSTrustCertsFilePath: "/pulsar/certs/ca/ca.crt" bookkeeperTLSTrustCertTypes: "PEM" PULSAR_PREFIX_bookkeeperTLSClientAuthentication: "true" PULSAR_PREFIX_bookkeeperTLSKeyFileType: "PEM" PULSAR_PREFIX_bookkeeperTLSKeyFilePath: "/pulsar/certs/broker/tls.key" PULSAR_PREFIX_bookkeeperTLSCertificateFilePath: "/pulsar/certs/broker/tls.crt" PULSAR_PREFIX_bookkeeperTLSTrustCertsFilePath: "/pulsar/certs/ca/ca.crt" PULSAR_PREFIX_bookkeeperTLSTrustCertTypes: "PEM" # https://github.com/apache/bookkeeper/pull/2300 bookkeeperUseV2WireProtocol: "false" {{- end }} {{ toYaml .Values.broker.configData | indent 2 }} {{- end }}