Skip to content

Commit 6ad8338

Browse files
committed
fix bugs
1 parent b2bb3ae commit 6ad8338

File tree

9 files changed

+63
-30
lines changed

9 files changed

+63
-30
lines changed

addons-cluster/kafka/templates/_helpers.tpl

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -93,6 +93,8 @@ kafka2-external-zk
9393
{{- define "kafka-cluster.brokerCommonEnv" -}}
9494
- name: KB_CLUSTER_VERSION
9595
value: "{{ .Values.version }}"
96+
- name: KB_CLUSTER_WITH_ZK
97+
value: "{{- if hasPrefix "withZookeeper" .Values.mode }}true{{- else }}false{{- end }}"
9698
{{/*
9799
will deprecated:
98100
- KB_KAFKA_ENABLE_SASL

addons-cluster/kafka/templates/account-secret.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
{{- if and (.Values.sasl.enable) (eq .Values.sasl.useKBBuildInSasl "true") }}
1+
{{- if and (.Values.sasl.enable) .Values.sasl.useKBBuildInSasl }}
22
apiVersion: v1
33
kind: Secret
44
metadata:

addons-cluster/kafka/values.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
## @param version Kafka cluster version
22
##
3-
version: 3.3.2
3+
version: 3.9.0
44

55
## @param mode for Kafka cluster mode, 'combined' is combined Kafka controller (KRaft) and broker,
66
## 'separated' is a Kafka KRaft and Kafka broker cluster.

addons/kafka/scripts/common.sh

Lines changed: 28 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -66,19 +66,16 @@ build_server_jaas_config() {
6666
if [ "$(is_sasl_build_in_enabled)" == "true" ]; then
6767
# build-in only support plain yet
6868
login_module="org.apache.kafka.common.security.plain.PlainLoginModule required"
69-
# encode password
70-
admin_password=$(build_encode_password "${admin_password}")
71-
client_password=$(build_encode_password "${client_password}")
7269
fi
7370

7471
cat << EOF > /opt/bitnami/kafka/config/kafka_jaas.conf
7572
KafkaServer {
76-
${login_module}"
73+
${login_module}
7774
username="$KAFKA_ADMIN_USER"
7875
password="$admin_password";
7976
};
8077
KafkaClient {
81-
${login_module}"
78+
${login_module}
8279
username="$KAFKA_CLIENT_USER"
8380
password="$client_password";
8481
};
@@ -114,6 +111,30 @@ build_if_build_in_enabled() {
114111
return 1
115112
fi
116113

117-
export KAFKA_CFG_LISTENER_NAME_SASL_SSL_PLAIN_SASL_SERVER_CALLBACK_HANDLER_CLASS=${jar_path}
118-
echo "[sasl]export KAFKA_CFG_LISTENER_NAME_SASL_SSL_PLAIN_SASL_SERVER_CALLBACK_HANDLER_CLASS=${KAFKA_CFG_LISTENER_NAME_SASL_SSL_PLAIN_SASL_SERVER_CALLBACK_HANDLER_CLASS}"
114+
export KAFKA_CFG_LISTENER_NAME_CLIENT_PLAIN_SASL_SERVER_CALLBACK_HANDLER_CLASS=${jar_path}
115+
echo "[sasl]export KAFKA_CFG_LISTENER_NAME_CLIENT_PLAIN_SASL_SERVER_CALLBACK_HANDLER_CLASS=${KAFKA_CFG_LISTENER_NAME_CLIENT_PLAIN_SASL_SERVER_CALLBACK_HANDLER_CLASS}"
116+
117+
export KAFKA_CFG_LISTENER_NAME_INTERNAL_PLAIN_SASL_SERVER_CALLBACK_HANDLER_CLASS=${jar_path}
118+
echo "[sasl]export KAFKA_CFG_LISTENER_NAME_INTERNAL_PLAIN_SASL_SERVER_CALLBACK_HANDLER_CLASS=${KAFKA_CFG_LISTENER_NAME_INTERNAL_PLAIN_SASL_SERVER_CALLBACK_HANDLER_CLASS}"
119+
}
120+
121+
get_client_default_mechanism() {
122+
isZkOrNot="$1"
123+
if [[ "$(is_sasl_enabled)" == "false" ]]; then
124+
echo ""
125+
return 0
126+
fi
127+
if [[ -n "$KB_KAFKA_SASL_MECHANISMS" ]]; then
128+
if [[ "$KB_KAFKA_SASL_MECHANISMS" == *,* ]]; then
129+
echo "${KB_KAFKA_SASL_MECHANISMS%%,*}"
130+
else
131+
echo "$KB_KAFKA_SASL_MECHANISMS"
132+
fi
133+
return 0
134+
fi
135+
if [[ "${isZkOrNot}" == "true" ]] && [[ "${KB_KAFKA_ENABLE_SASL_SCRAM}" == "true" ]]; then
136+
echo "SCRAM-SHA-512"
137+
return 0
138+
fi
139+
echo "PLAIN"
119140
}

addons/kafka/scripts/kafka-exporter-setup.sh

Lines changed: 26 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,5 @@
11
#!/bin/bash
2+
set -e
23

34
# shellcheck disable=SC2034
45
ut_mode="false"
@@ -45,10 +46,12 @@ get_start_kafka_exporter_cmd() {
4546
fi
4647

4748
saslArgs=""
48-
if [[ $KB_KAFKA_ENABLE_SASL_SCRAM == "true" ]]; then
49+
if [[ "$(is_sasl_enabled)" == true ]]; then
4950
echo "sasl is enabled, setting sasl args" >&2
50-
saslArgs="--sasl.enabled --sasl.mechanism=scram-sha512 --sasl.username=$KAFKA_ADMIN_USER --sasl.password=$KAFKA_ADMIN_PASSWORD"
51-
fi
51+
local default_mechanism=$(get_client_default_mechanism ${KB_CLUSTER_WITH_ZK:-false})
52+
echo "sasl mechanism from config: $default_mechanism"
53+
saslArgs=$(get_kafka_exporter_sasl_args_by_mechanism "$default_mechanism")
54+
fi
5255

5356
if [[ -n "$TLS_ENABLED" ]]; then
5457
echo "TLS_ENABLED is set to true, start kafka_exporter with tls enabled." >&2
@@ -60,6 +63,26 @@ get_start_kafka_exporter_cmd() {
6063
return 0
6164
}
6265

66+
get_kafka_exporter_sasl_args_by_mechanism() {
67+
local mechanism="$1"
68+
case "$mechanism" in
69+
"scram-sha512")
70+
echo "--sasl.enabled --sasl.mechanism=scram-sha512 --sasl.username=$KAFKA_ADMIN_USER --sasl.password=$KAFKA_ADMIN_PASSWORD"
71+
;;
72+
"scram-sha256")
73+
echo "--sasl.enabled --sasl.mechanism=scram-sha256 --sasl.username=$KAFKA_ADMIN_USER --sasl.password=$KAFKA_ADMIN_PASSWORD"
74+
;;
75+
"plain")
76+
echo "--sasl.enabled --sasl.mechanism=plain --sasl.username=$KAFKA_ADMIN_USER --sasl.password=$KAFKA_ADMIN_PASSWORD"
77+
;;
78+
*)
79+
echo "invalid or not supported sasl mechanism: $mechanism" >&2
80+
return 1
81+
;;
82+
esac
83+
}
84+
85+
6386
start_kafka_exporter() {
6487
local cmd
6588
cmd=$(get_start_kafka_exporter_cmd)

addons/kafka/templates/cmpd-combine.yaml

Lines changed: 1 addition & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -90,15 +90,6 @@ spec:
9090
enabled: Optional
9191
## serial is not used because rsm currently does not support kafka's role detection. The lack of role label during restart will affect the pod restart.
9292
updateStrategy: BestEffortParallel
93-
volumes:
94-
- name: data
95-
needSnapshot: true
96-
- name: metadata
97-
needSnapshot: true
98-
{{- if .Values.customVolume.enabled }}
99-
- name: {{ .Values.customVolume.name | default "custom-volume" }}
100-
needSnapshot: {{ .Values.customVolume.needSnapshot | default false }}
101-
{{- end }}
10293
configs:
10394
- name: kafka-configuration-tpl
10495
template: {{ include "kafka.configurationTplName" . }}
@@ -134,7 +125,7 @@ spec:
134125
{{- toYaml .Values.securityContext | nindent 6 }}
135126
{{- end }}
136127
initContainers:
137-
- name: kafkatools
128+
- name: kafkatool
138129
imagePullPolicy: {{ default "IfNotPresent" .Values.images.pullPolicy }}
139130
command:
140131
- sh
@@ -253,10 +244,6 @@ spec:
253244
mountPath: /shared-tools
254245
- name: accounts
255246
mountPath: /accounts/accounts-mount
256-
{{- if .Values.customVolume.enabled }}
257-
- name: {{ .Values.customVolume.name | default "custom-volume" }}
258-
mountPath: {{ .Values.customVolume.mountPath | default "/custom" }}
259-
{{- end }}
260247
{{- with .Values.extraVolumeMounts.kafka }}
261248
{{- toYaml . | nindent 10}}
262249
{{- end }}

addons/kafka/templates/cmpv-broker.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,7 @@ spec:
2828
images:
2929
kafka: {{ $.Values.images.registry | default "docker.io" }}/{{ $.Values.images.kafka.repository }}:{{ .tag }}
3030
jmx-exporter: {{ $.Values.images.registry | default "docker.io" }}/{{ $.Values.images.jmxExporter.repository }}:{{ $.Values.images.jmxExporter.tag }}
31-
kafkatools: {{ $.Values.images.registry | default "docker.io" }}/{{ $.Values.images.kafkatools.repository }}:{{ $.Values.images.kafkatools.tag }}
31+
kafkatool: {{ $.Values.images.registry | default "docker.io" }}/{{ $.Values.images.kafkatool.repository }}:{{ $.Values.images.kafkatool.tag }}
3232
{{- if eq $key "v2" }}
3333
accountProvision: {{ $.Values.images.registry | default "docker.io" }}/{{ $.Values.images.kafka.repository }}:{{ .tag }}
3434
{{- end }}

addons/kafka/templates/cmpv-combine.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -21,5 +21,5 @@ spec:
2121
images:
2222
kafka: {{ $.Values.images.registry | default "docker.io" }}/{{ $.Values.images.kafka.repository }}:{{ .tag }}
2323
jmx-exporter: {{ $.Values.images.registry | default "docker.io" }}/{{ $.Values.images.jmxExporter.repository }}:{{ $.Values.images.jmxExporter.tag }}
24-
kafkatools: {{ $.Values.images.registry | default "docker.io" }}/{{ $.Values.images.kafkatools.repository }}:{{ $.Values.images.kafkatools.tag }}
24+
kafkatool: {{ $.Values.images.registry | default "docker.io" }}/{{ $.Values.images.kafkatool.repository }}:{{ $.Values.images.kafkatool.tag }}
2525
{{- end }}

addons/kafka/values.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -41,8 +41,8 @@ images:
4141
jmxExporter:
4242
repository: apecloud/jmx-exporter
4343
tag: 0.18.0-debian-11-r20
44-
kafkatools:
45-
repository: apecloud/kafkatools
44+
kafkatool:
45+
repository: apecloud/kafkatool
4646
tag: 0.1.0
4747

4848
## @param define default serviceVersion of each Component

0 commit comments

Comments
 (0)