Examples with KafkaMirrorMaker2ClusterSpec io.strimzi.api.kafka.model.KafkaMirrorMaker2ClusterSpec used on opensource projects

Example 41 with KafkaMirrorMaker2ClusterSpec

use of io.strimzi.api.kafka.model.KafkaMirrorMaker2ClusterSpec in project strimzi by strimzi.

the class KafkaMirrorMaker2ClusterTest method testGenerateDeploymentWithOAuthWithMissingUri.

@ParallelTest
public void testGenerateDeploymentWithOAuthWithMissingUri() {
    assertThrows(InvalidResourceException.class, () -> {
        KafkaMirrorMaker2ClusterSpec targetClusterWithOAuthWithMissingUri = new KafkaMirrorMaker2ClusterSpecBuilder(this.targetCluster).withAuthentication(new KafkaClientAuthenticationOAuthBuilder().withClientId("my-client-id").withNewClientSecret().withSecretName("my-secret-secret").withKey("my-secret-key").endClientSecret().build()).build();
        KafkaMirrorMaker2 resource = new KafkaMirrorMaker2Builder(this.resource).editSpec().withClusters(targetClusterWithOAuthWithMissingUri).endSpec().build();
        KafkaMirrorMaker2Cluster kmm2 = KafkaMirrorMaker2Cluster.fromCrd(Reconciliation.DUMMY_RECONCILIATION, resource, VERSIONS);
    });
}

Example 42 with KafkaMirrorMaker2ClusterSpec

use of io.strimzi.api.kafka.model.KafkaMirrorMaker2ClusterSpec in project strimzi by strimzi.

the class KafkaMirrorMaker2ClusterTest method testGenerateDeploymentWithTlsWithoutCerts.

@ParallelTest
public void testGenerateDeploymentWithTlsWithoutCerts() {
    KafkaMirrorMaker2ClusterSpec targetClusterWithTls = new KafkaMirrorMaker2ClusterSpecBuilder(this.targetCluster).withNewTls().endTls().build();
    KafkaMirrorMaker2 resource = new KafkaMirrorMaker2Builder(this.resource).editSpec().withClusters(targetClusterWithTls).endSpec().build();
    KafkaMirrorMaker2Cluster kmm2 = KafkaMirrorMaker2Cluster.fromCrd(Reconciliation.DUMMY_RECONCILIATION, resource, VERSIONS);
    Deployment dep = kmm2.generateDeployment(emptyMap(), true, null, null);
    Container cont = getContainer(dep);
    assertThat(AbstractModel.containerEnvVars(cont).get(KafkaMirrorMaker2Cluster.ENV_VAR_KAFKA_CONNECT_TRUSTED_CERTS), is(nullValue()));
    assertThat(AbstractModel.containerEnvVars(cont).get(KafkaMirrorMaker2Cluster.ENV_VAR_KAFKA_CONNECT_TLS), is("true"));
    assertThat(AbstractModel.containerEnvVars(cont).get(KafkaMirrorMaker2Cluster.ENV_VAR_KAFKA_MIRRORMAKER_2_TLS_CLUSTERS), is("true"));
    assertThat(AbstractModel.containerEnvVars(cont).get(KafkaMirrorMaker2Cluster.ENV_VAR_KAFKA_MIRRORMAKER_2_TRUSTED_CERTS_CLUSTERS), is(nullValue()));
}

Example 43 with KafkaMirrorMaker2ClusterSpec

use of io.strimzi.api.kafka.model.KafkaMirrorMaker2ClusterSpec in project strimzi by strimzi.

the class KafkaMirrorMaker2ClusterTest method testGenerateDeploymentWithScramSha256AuthAndTLSSameSecret.

/**
 * This test uses the same secret to hold the certs for TLS and the credentials for SCRAM SHA 256 client authentication. It checks that
 * the volumes and volume mounts that reference the secret are correctly created and that each volume name is only created once - volumes
 * with duplicate names will cause Kubernetes to reject the deployment.
 */
@ParallelTest
public void testGenerateDeploymentWithScramSha256AuthAndTLSSameSecret() {
    KafkaMirrorMaker2ClusterSpec targetClusterWithScramSha256Auth = new KafkaMirrorMaker2ClusterSpecBuilder(this.targetCluster).editOrNewTls().addToTrustedCertificates(new CertSecretSourceBuilder().withSecretName("my-secret").withCertificate("cert.crt").build()).endTls().withNewKafkaClientAuthenticationScramSha256().withUsername("user1").withNewPasswordSecret().withSecretName("my-secret").withPassword("user1.password").endPasswordSecret().endKafkaClientAuthenticationScramSha256().build();
    KafkaMirrorMaker2 resource = new KafkaMirrorMaker2Builder(this.resource).editSpec().withClusters(targetClusterWithScramSha256Auth).endSpec().build();
    KafkaMirrorMaker2Cluster kmm2 = KafkaMirrorMaker2Cluster.fromCrd(Reconciliation.DUMMY_RECONCILIATION, resource, VERSIONS);
    Deployment dep = kmm2.generateDeployment(emptyMap(), true, null, null);
    assertThat(dep.getSpec().getTemplate().getSpec().getVolumes().size(), is(4));
    assertThat(dep.getSpec().getTemplate().getSpec().getVolumes().get(0).getName(), is(AbstractModel.STRIMZI_TMP_DIRECTORY_DEFAULT_VOLUME_NAME));
    assertThat(dep.getSpec().getTemplate().getSpec().getVolumes().get(1).getName(), is("kafka-metrics-and-logging"));
    assertThat(dep.getSpec().getTemplate().getSpec().getVolumes().get(2).getName(), is("my-secret"));
    assertThat(dep.getSpec().getTemplate().getSpec().getVolumes().get(3).getName(), is("target-my-secret"));
    Container cont = getContainer(dep);
    assertThat(cont.getVolumeMounts().size(), is(6));
    assertThat(cont.getVolumeMounts().get(0).getName(), is(AbstractModel.STRIMZI_TMP_DIRECTORY_DEFAULT_VOLUME_NAME));
    assertThat(cont.getVolumeMounts().get(0).getMountPath(), is(AbstractModel.STRIMZI_TMP_DIRECTORY_DEFAULT_MOUNT_PATH));
    assertThat(cont.getVolumeMounts().get(1).getName(), is("kafka-metrics-and-logging"));
    assertThat(cont.getVolumeMounts().get(1).getMountPath(), is("/opt/kafka/custom-config/"));
    assertThat(cont.getVolumeMounts().get(2).getName(), is("my-secret"));
    assertThat(cont.getVolumeMounts().get(2).getMountPath(), is(KafkaMirrorMaker2Cluster.TLS_CERTS_BASE_VOLUME_MOUNT + "my-secret"));
    assertThat(cont.getVolumeMounts().get(3).getName(), is("my-secret"));
    assertThat(cont.getVolumeMounts().get(3).getMountPath(), is(KafkaMirrorMaker2Cluster.PASSWORD_VOLUME_MOUNT + "my-secret"));
    assertThat(cont.getVolumeMounts().get(4).getName(), is("target-my-secret"));
    assertThat(cont.getVolumeMounts().get(4).getMountPath(), is(KafkaMirrorMaker2Cluster.MIRRORMAKER_2_TLS_CERTS_BASE_VOLUME_MOUNT + targetClusterAlias + "/my-secret"));
    assertThat(cont.getVolumeMounts().get(5).getName(), is("target-my-secret"));
    assertThat(cont.getVolumeMounts().get(5).getMountPath(), is(KafkaMirrorMaker2Cluster.MIRRORMAKER_2_PASSWORD_VOLUME_MOUNT + targetClusterAlias + "/my-secret"));
    assertThat(AbstractModel.containerEnvVars(cont), hasEntry(KafkaMirrorMaker2Cluster.ENV_VAR_KAFKA_CONNECT_SASL_PASSWORD_FILE, "my-secret/user1.password"));
    assertThat(AbstractModel.containerEnvVars(cont), hasEntry(KafkaMirrorMaker2Cluster.ENV_VAR_KAFKA_CONNECT_SASL_USERNAME, "user1"));
    assertThat(AbstractModel.containerEnvVars(cont), hasEntry(KafkaMirrorMaker2Cluster.ENV_VAR_KAFKA_CONNECT_SASL_MECHANISM, "scram-sha-256"));
    assertThat(AbstractModel.containerEnvVars(cont), hasEntry(KafkaMirrorMaker2Cluster.ENV_VAR_KAFKA_CONNECT_TLS, "true"));
}

Example 44 with KafkaMirrorMaker2ClusterSpec

use of io.strimzi.api.kafka.model.KafkaMirrorMaker2ClusterSpec in project strimzi by strimzi.

the class KafkaMirrorMaker2ClusterTest method testGenerateDeploymentWithTlsAuth.

@ParallelTest
public void testGenerateDeploymentWithTlsAuth() {
    KafkaMirrorMaker2ClusterSpec targetClusterWithTlsAuth = new KafkaMirrorMaker2ClusterSpecBuilder(this.targetCluster).editOrNewTls().addToTrustedCertificates(new CertSecretSourceBuilder().withSecretName("my-secret").withCertificate("cert.crt").build()).endTls().withAuthentication(new KafkaClientAuthenticationTlsBuilder().withNewCertificateAndKey().withSecretName("user-secret").withCertificate("user.crt").withKey("user.key").endCertificateAndKey().build()).build();
    KafkaMirrorMaker2 resource = new KafkaMirrorMaker2Builder(this.resource).editSpec().withClusters(targetClusterWithTlsAuth).endSpec().build();
    KafkaMirrorMaker2Cluster kmm2 = KafkaMirrorMaker2Cluster.fromCrd(Reconciliation.DUMMY_RECONCILIATION, resource, VERSIONS);
    Deployment dep = kmm2.generateDeployment(emptyMap(), true, null, null);
    assertThat(dep.getSpec().getTemplate().getSpec().getVolumes().get(3).getName(), is("user-secret"));
    Container cont = getContainer(dep);
    assertThat(cont.getVolumeMounts().get(3).getMountPath(), is(KafkaMirrorMaker2Cluster.TLS_CERTS_BASE_VOLUME_MOUNT + "user-secret"));
    assertThat(AbstractModel.containerEnvVars(cont).get(KafkaMirrorMaker2Cluster.ENV_VAR_KAFKA_CONNECT_TLS_AUTH_CERT), is("user-secret/user.crt"));
    assertThat(AbstractModel.containerEnvVars(cont).get(KafkaMirrorMaker2Cluster.ENV_VAR_KAFKA_CONNECT_TLS_AUTH_KEY), is("user-secret/user.key"));
    assertThat(AbstractModel.containerEnvVars(cont).get(KafkaMirrorMaker2Cluster.ENV_VAR_KAFKA_CONNECT_TLS), is("true"));
}

Example 45 with KafkaMirrorMaker2ClusterSpec

use of io.strimzi.api.kafka.model.KafkaMirrorMaker2ClusterSpec in project strimzi by strimzi.

the class KafkaMirrorMaker2Cluster method getVolumeMounts.

@Override
protected List<VolumeMount> getVolumeMounts() {
    List<VolumeMount> volumeMountList = super.getVolumeMounts();
    for (KafkaMirrorMaker2ClusterSpec mirrorMaker2Cluster : clusters) {
        String alias = mirrorMaker2Cluster.getAlias();
        String tlsVolumeMountPath = buildClusterVolumeMountPath(MIRRORMAKER_2_TLS_CERTS_BASE_VOLUME_MOUNT, alias);
        ClientTls kafkaMirrorMaker2Tls = mirrorMaker2Cluster.getTls();
        if (kafkaMirrorMaker2Tls != null) {
            VolumeUtils.createSecretVolumeMount(volumeMountList, kafkaMirrorMaker2Tls.getTrustedCertificates(), tlsVolumeMountPath, alias);
        }
        String passwordVolumeMountPath = buildClusterVolumeMountPath(MIRRORMAKER_2_PASSWORD_VOLUME_MOUNT, alias);
        String oauthTlsVolumeMountPath = buildClusterVolumeMountPath(MIRRORMAKER_2_OAUTH_TLS_CERTS_BASE_VOLUME_MOUNT, alias);
        String oauthVolumeMountPath = buildClusterVolumeMountPath(MIRRORMAKER_2_OAUTH_SECRETS_BASE_VOLUME_MOUNT, alias);
        AuthenticationUtils.configureClientAuthenticationVolumeMounts(mirrorMaker2Cluster.getAuthentication(), volumeMountList, tlsVolumeMountPath, passwordVolumeMountPath, oauthTlsVolumeMountPath, mirrorMaker2Cluster.getAlias() + "-oauth-certs", mirrorMaker2Cluster.getAlias() + '-', true, oauthVolumeMountPath);
    }
    return volumeMountList;
}