Example 1 with RackBuilder
use of io.strimzi.api.kafka.model.RackBuilder in project strimzi by strimzi.
the class ZookeeperClusterTest method testImagePullPolicy.
@ParallelTest
public void testImagePullPolicy() {
Kafka kafkaAssembly = ResourceUtils.createKafka(namespace, cluster, replicas, image, healthDelay, healthTimeout, jmxMetricsConfig, configurationJson, emptyMap());
kafkaAssembly.getSpec().getKafka().setRack(new RackBuilder().withTopologyKey("topology-key").build());
ZookeeperCluster kc = ZookeeperCluster.fromCrd(Reconciliation.DUMMY_RECONCILIATION, kafkaAssembly, VERSIONS);
StatefulSet sts = zc.generateStatefulSet(true, ImagePullPolicy.ALWAYS, null);
assertThat(sts.getSpec().getTemplate().getSpec().getContainers().get(0).getImagePullPolicy(), is(ImagePullPolicy.ALWAYS.toString()));
sts = zc.generateStatefulSet(true, ImagePullPolicy.IFNOTPRESENT, null);
assertThat(sts.getSpec().getTemplate().getSpec().getContainers().get(0).getImagePullPolicy(), is(ImagePullPolicy.IFNOTPRESENT.toString()));
}
Also used :
RackBuilder(io.strimzi.api.kafka.model.RackBuilder)
Kafka(io.strimzi.api.kafka.model.Kafka)
StatefulSet(io.fabric8.kubernetes.api.model.apps.StatefulSet)
ParallelTest(io.strimzi.test.annotations.ParallelTest)
Example 2 with RackBuilder
use of io.strimzi.api.kafka.model.RackBuilder in project strimzi by strimzi.
the class KafkaConnectAssemblyOperatorTest method testCreateOrUpdateFailsWhenClusterRoleBindingRightsAreMissingButRequired.
@Test
public void testCreateOrUpdateFailsWhenClusterRoleBindingRightsAreMissingButRequired(VertxTestContext context) {
ResourceOperatorSupplier supplier = ResourceUtils.supplierWithMocks(true);
var mockConnectOps = supplier.connectOperator;
DeploymentOperator mockDcOps = supplier.deploymentOperations;
PodDisruptionBudgetOperator mockPdbOps = supplier.podDisruptionBudgetOperator;
ConfigMapOperator mockCmOps = supplier.configMapOperations;
ServiceOperator mockServiceOps = supplier.serviceOperations;
NetworkPolicyOperator mockNetPolOps = supplier.networkPolicyOperator;
ClusterRoleBindingOperator mockCrbOps = supplier.clusterRoleBindingOperator;
SecretOperator mockSecretOps = supplier.secretOperations;
String kcName = "foo";
String kcNamespace = "test";
KafkaConnect kc = ResourceUtils.createEmptyKafkaConnect(kcNamespace, kcName);
kc.getSpec().setRack(new RackBuilder().withTopologyKey("some-node-label").build());
KafkaConnectCluster connect = KafkaConnectCluster.fromCrd(Reconciliation.DUMMY_RECONCILIATION, kc, VERSIONS);
when(mockConnectOps.get(kcNamespace, kcName)).thenReturn(kc);
when(mockConnectOps.getAsync(anyString(), anyString())).thenReturn(Future.succeededFuture(kc));
when(mockConnectOps.updateStatusAsync(any(), any(KafkaConnect.class))).thenReturn(Future.succeededFuture());
when(mockServiceOps.get(kcNamespace, connect.getName())).thenReturn(connect.generateService());
when(mockDcOps.readiness(any(), anyString(), anyString(), anyLong(), anyLong())).thenReturn(Future.succeededFuture());
when(mockDcOps.waitForObserved(any(), anyString(), anyString(), anyLong(), anyLong())).thenReturn(Future.succeededFuture());
when(mockSecretOps.reconcile(any(), anyString(), anyString(), any())).thenReturn(Future.succeededFuture());
when(mockCrbOps.reconcile(any(), any(), any())).thenReturn(Future.failedFuture("Message: Forbidden!"));
when(mockServiceOps.reconcile(any(), any(), any(), any())).thenReturn(Future.succeededFuture());
when(mockDcOps.reconcile(any(), any(), any(), any())).thenReturn(Future.succeededFuture());
when(mockDcOps.scaleUp(any(), any(), any(), anyInt())).thenReturn(Future.succeededFuture());
when(mockDcOps.scaleDown(any(), any(), any(), anyInt())).thenReturn(Future.succeededFuture());
when(mockNetPolOps.reconcile(any(), eq(kc.getMetadata().getNamespace()), eq(KafkaConnectResources.deploymentName(kc.getMetadata().getName())), any())).thenReturn(Future.succeededFuture(ReconcileResult.created(new NetworkPolicy())));
when(mockConnectOps.reconcile(any(), anyString(), any(), any())).thenReturn(Future.succeededFuture(ReconcileResult.created(new KafkaConnect())));
when(mockCmOps.reconcile(any(), anyString(), any(), any())).thenReturn(Future.succeededFuture(ReconcileResult.created(new ConfigMap())));
when(mockPdbOps.reconcile(any(), anyString(), any(), any())).thenReturn(Future.succeededFuture(ReconcileResult.created(new PodDisruptionBudget())));
KafkaConnectAssemblyOperator ops = new KafkaConnectAssemblyOperator(vertx, new PlatformFeaturesAvailability(true, kubernetesVersion), supplier, ResourceUtils.dummyClusterOperatorConfig(VERSIONS));
Checkpoint async = context.checkpoint();
ops.createOrUpdate(new Reconciliation("test-trigger", KafkaConnect.RESOURCE_KIND, kcNamespace, kcName), kc).onComplete(context.failing(v -> {
assertThat(v.getMessage(), containsString("Message: Forbidden!"));
async.flag();
}));
}
Also used :
CoreMatchers.is(org.hamcrest.CoreMatchers.is)
KafkaConnectorList(io.strimzi.api.kafka.KafkaConnectorList)
ConnectorPluginBuilder(io.strimzi.api.kafka.model.connect.ConnectorPluginBuilder)
OrderedProperties(io.strimzi.operator.common.model.OrderedProperties)
ArgumentMatchers.eq(org.mockito.ArgumentMatchers.eq)
Annotations(io.strimzi.operator.common.Annotations)
PodDisruptionBudget(io.fabric8.kubernetes.api.model.policy.v1.PodDisruptionBudget)
KafkaConnector(io.strimzi.api.kafka.model.KafkaConnector)
ClusterRoleBindingOperator(io.strimzi.operator.common.operator.resource.ClusterRoleBindingOperator)
Collections.singletonList(java.util.Collections.singletonList)
CoreMatchers.notNullValue(org.hamcrest.CoreMatchers.notNullValue)
AfterAll(org.junit.jupiter.api.AfterAll)
ExtendWith(org.junit.jupiter.api.extension.ExtendWith)
BeforeAll(org.junit.jupiter.api.BeforeAll)
Arrays.asList(java.util.Arrays.asList)
KafkaConnectStatus(io.strimzi.api.kafka.model.status.KafkaConnectStatus)
Map(java.util.Map)
Mockito.doAnswer(org.mockito.Mockito.doAnswer)
PodOperator(io.strimzi.operator.common.operator.resource.PodOperator)
ResourceOperatorSupplier(io.strimzi.operator.cluster.operator.resource.ResourceOperatorSupplier)
ResourceUtils(io.strimzi.operator.cluster.ResourceUtils)
AbstractModel(io.strimzi.operator.cluster.model.AbstractModel)
KafkaJmxOptionsBuilder(io.strimzi.api.kafka.model.KafkaJmxOptionsBuilder)
KafkaConnect(io.strimzi.api.kafka.model.KafkaConnect)
CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString)
Collections.emptyList(java.util.Collections.emptyList)
DeploymentOperator(io.strimzi.operator.common.operator.resource.DeploymentOperator)
KafkaVersion(io.strimzi.operator.cluster.model.KafkaVersion)
SecretOperator(io.strimzi.operator.common.operator.resource.SecretOperator)
Set(java.util.Set)
VertxExtension(io.vertx.junit5.VertxExtension)
CopyOnWriteArraySet(java.util.concurrent.CopyOnWriteArraySet)
Future(io.vertx.core.Future)
Test(org.junit.jupiter.api.Test)
KafkaConnectCluster(io.strimzi.operator.cluster.model.KafkaConnectCluster)
List(java.util.List)
Labels(io.strimzi.operator.common.model.Labels)
RackBuilder(io.strimzi.api.kafka.model.RackBuilder)
Optional(java.util.Optional)
Checkpoint(io.vertx.junit5.Checkpoint)
PodDisruptionBudgetOperator(io.strimzi.operator.common.operator.resource.PodDisruptionBudgetOperator)
PlatformFeaturesAvailability(io.strimzi.operator.PlatformFeaturesAvailability)
Mockito.mock(org.mockito.Mockito.mock)
VertxTestContext(io.vertx.junit5.VertxTestContext)
ArgumentMatchers.any(org.mockito.ArgumentMatchers.any)
ClusterRoleBinding(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBinding)
ArgumentMatchers.anyLong(org.mockito.ArgumentMatchers.anyLong)
NetworkPolicyOperator(io.strimzi.operator.common.operator.resource.NetworkPolicyOperator)
HashMap(java.util.HashMap)
ServiceOperator(io.strimzi.operator.common.operator.resource.ServiceOperator)
ArgumentCaptor(org.mockito.ArgumentCaptor)
KafkaVersionTestUtils(io.strimzi.operator.cluster.KafkaVersionTestUtils)
ConfigMapOperator(io.strimzi.operator.common.operator.resource.ConfigMapOperator)
CrdOperator(io.strimzi.operator.common.operator.resource.CrdOperator)
BuildConfigOperator(io.strimzi.operator.common.operator.resource.BuildConfigOperator)
TestUtils(io.strimzi.test.TestUtils)
Matchers.hasSize(org.hamcrest.Matchers.hasSize)
ReconcileResult(io.strimzi.operator.common.operator.resource.ReconcileResult)
Service(io.fabric8.kubernetes.api.model.Service)
MatcherAssert.assertThat(org.hamcrest.MatcherAssert.assertThat)
ArgumentMatchers.anyInt(org.mockito.ArgumentMatchers.anyInt)
CoreMatchers.nullValue(org.hamcrest.CoreMatchers.nullValue)
KafkaJmxAuthenticationPasswordBuilder(io.strimzi.api.kafka.model.KafkaJmxAuthenticationPasswordBuilder)
Promise(io.vertx.core.Promise)
KubernetesVersion(io.strimzi.operator.KubernetesVersion)
Vertx(io.vertx.core.Vertx)
ConnectorPlugin(io.strimzi.api.kafka.model.connect.ConnectorPlugin)
Mockito.times(org.mockito.Mockito.times)
Mockito.when(org.mockito.Mockito.when)
ConfigMap(io.fabric8.kubernetes.api.model.ConfigMap)
Mockito.verify(org.mockito.Mockito.verify)
ConfigMapBuilder(io.fabric8.kubernetes.api.model.ConfigMapBuilder)
Reconciliation(io.strimzi.operator.common.Reconciliation)
Mockito(org.mockito.Mockito)
Mockito.never(org.mockito.Mockito.never)
Util(io.strimzi.operator.common.Util)
KubernetesClient(io.fabric8.kubernetes.client.KubernetesClient)
NetworkPolicy(io.fabric8.kubernetes.api.model.networking.v1.NetworkPolicy)
Deployment(io.fabric8.kubernetes.api.model.apps.Deployment)
Collections(java.util.Collections)
KafkaConnectResources(io.strimzi.api.kafka.model.KafkaConnectResources)
ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)
RackBuilder(io.strimzi.api.kafka.model.RackBuilder)
ConfigMap(io.fabric8.kubernetes.api.model.ConfigMap)
PodDisruptionBudget(io.fabric8.kubernetes.api.model.policy.v1.PodDisruptionBudget)
NetworkPolicy(io.fabric8.kubernetes.api.model.networking.v1.NetworkPolicy)
PodDisruptionBudgetOperator(io.strimzi.operator.common.operator.resource.PodDisruptionBudgetOperator)
ClusterRoleBindingOperator(io.strimzi.operator.common.operator.resource.ClusterRoleBindingOperator)
KafkaConnectCluster(io.strimzi.operator.cluster.model.KafkaConnectCluster)
CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString)
ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)
KafkaConnect(io.strimzi.api.kafka.model.KafkaConnect)
ServiceOperator(io.strimzi.operator.common.operator.resource.ServiceOperator)
NetworkPolicyOperator(io.strimzi.operator.common.operator.resource.NetworkPolicyOperator)
SecretOperator(io.strimzi.operator.common.operator.resource.SecretOperator)
ResourceOperatorSupplier(io.strimzi.operator.cluster.operator.resource.ResourceOperatorSupplier)
Checkpoint(io.vertx.junit5.Checkpoint)
PlatformFeaturesAvailability(io.strimzi.operator.PlatformFeaturesAvailability)
Reconciliation(io.strimzi.operator.common.Reconciliation)
ConfigMapOperator(io.strimzi.operator.common.operator.resource.ConfigMapOperator)
DeploymentOperator(io.strimzi.operator.common.operator.resource.DeploymentOperator)
Test(org.junit.jupiter.api.Test)
Example 3 with RackBuilder
use of io.strimzi.api.kafka.model.RackBuilder in project strimzi-kafka-operator by strimzi.
the class ZookeeperClusterTest method testNetworkPolicyNewKubernetesVersions.
@ParallelTest
public void testNetworkPolicyNewKubernetesVersions() {
Kafka kafkaAssembly = ResourceUtils.createKafka(namespace, cluster, replicas, image, healthDelay, healthTimeout, jmxMetricsConfig, configurationJson, emptyMap());
kafkaAssembly.getSpec().getKafka().setRack(new RackBuilder().withTopologyKey("topology-key").build());
ZookeeperCluster zc = ZookeeperCluster.fromCrd(Reconciliation.DUMMY_RECONCILIATION, kafkaAssembly, VERSIONS);
// Check Network Policies => Other namespace
NetworkPolicy np = zc.generateNetworkPolicy("operator-namespace", null);
LabelSelector podSelector = new LabelSelector();
podSelector.setMatchLabels(Collections.singletonMap(Labels.STRIMZI_NAME_LABEL, ZookeeperCluster.zookeeperClusterName(zc.getCluster())));
assertThat(np.getSpec().getPodSelector(), is(podSelector));
List<NetworkPolicyIngressRule> rules = np.getSpec().getIngress();
assertThat(rules.size(), is(3));
// Ports 2888 and 3888
NetworkPolicyIngressRule zooRule = rules.get(0);
assertThat(zooRule.getPorts().size(), is(2));
assertThat(zooRule.getPorts().get(0).getPort(), is(new IntOrString(2888)));
assertThat(zooRule.getPorts().get(1).getPort(), is(new IntOrString(3888)));
assertThat(zooRule.getFrom().size(), is(1));
podSelector = new LabelSelector();
podSelector.setMatchLabels(Collections.singletonMap(Labels.STRIMZI_NAME_LABEL, ZookeeperCluster.zookeeperClusterName(zc.getCluster())));
assertThat(zooRule.getFrom().get(0), is(new NetworkPolicyPeerBuilder().withPodSelector(podSelector).build()));
// Port 2181
NetworkPolicyIngressRule clientsRule = rules.get(1);
assertThat(clientsRule.getPorts().size(), is(1));
assertThat(clientsRule.getPorts().get(0).getPort(), is(new IntOrString(ZookeeperCluster.CLIENT_TLS_PORT)));
assertThat(clientsRule.getFrom().size(), is(5));
podSelector = new LabelSelector();
podSelector.setMatchLabels(Collections.singletonMap(Labels.STRIMZI_NAME_LABEL, KafkaCluster.kafkaClusterName(zc.getCluster())));
assertThat(clientsRule.getFrom().get(0), is(new NetworkPolicyPeerBuilder().withPodSelector(podSelector).build()));
podSelector = new LabelSelector();
podSelector.setMatchLabels(Collections.singletonMap(Labels.STRIMZI_NAME_LABEL, ZookeeperCluster.zookeeperClusterName(zc.getCluster())));
assertThat(clientsRule.getFrom().get(1), is(new NetworkPolicyPeerBuilder().withPodSelector(podSelector).build()));
podSelector = new LabelSelector();
podSelector.setMatchLabels(Collections.singletonMap(Labels.STRIMZI_NAME_LABEL, EntityOperator.entityOperatorName(zc.getCluster())));
assertThat(clientsRule.getFrom().get(2), is(new NetworkPolicyPeerBuilder().withPodSelector(podSelector).build()));
podSelector = new LabelSelector();
podSelector.setMatchLabels(Collections.singletonMap(Labels.STRIMZI_KIND_LABEL, "cluster-operator"));
assertThat(clientsRule.getFrom().get(3), is(new NetworkPolicyPeerBuilder().withPodSelector(podSelector).withNamespaceSelector(new LabelSelector()).build()));
podSelector = new LabelSelector();
podSelector.setMatchLabels(Collections.singletonMap(Labels.STRIMZI_NAME_LABEL, CruiseControl.cruiseControlName(zc.getCluster())));
assertThat(clientsRule.getFrom().get(4), is(new NetworkPolicyPeerBuilder().withPodSelector(podSelector).build()));
// Port 9404
NetworkPolicyIngressRule metricsRule = rules.get(2);
assertThat(metricsRule.getPorts().size(), is(1));
assertThat(metricsRule.getPorts().get(0).getPort(), is(new IntOrString(9404)));
assertThat(metricsRule.getFrom().size(), is(0));
// Check Network Policies => The same namespace
np = zc.generateNetworkPolicy(namespace, null);
podSelector = new LabelSelector();
podSelector.setMatchLabels(Collections.singletonMap(Labels.STRIMZI_KIND_LABEL, "cluster-operator"));
assertThat(np.getSpec().getIngress().get(1).getFrom().get(3), is(new NetworkPolicyPeerBuilder().withPodSelector(podSelector).build()));
// Check Network Policies => The same namespace with namespace labels
np = zc.generateNetworkPolicy(namespace, Labels.fromMap(Collections.singletonMap("nsLabelKey", "nsLabelValue")));
podSelector = new LabelSelector();
podSelector.setMatchLabels(Collections.singletonMap(Labels.STRIMZI_KIND_LABEL, "cluster-operator"));
assertThat(np.getSpec().getIngress().get(1).getFrom().get(3), is(new NetworkPolicyPeerBuilder().withPodSelector(podSelector).build()));
// Check Network Policies => Other namespace with namespace labels
np = zc.generateNetworkPolicy("operator-namespace", Labels.fromMap(Collections.singletonMap("nsLabelKey", "nsLabelValue")));
podSelector = new LabelSelector();
podSelector.setMatchLabels(Collections.singletonMap(Labels.STRIMZI_KIND_LABEL, "cluster-operator"));
LabelSelector namespaceSelector = new LabelSelector();
namespaceSelector.setMatchLabels(Collections.singletonMap("nsLabelKey", "nsLabelValue"));
assertThat(np.getSpec().getIngress().get(1).getFrom().get(3), is(new NetworkPolicyPeerBuilder().withPodSelector(podSelector).withNamespaceSelector(namespaceSelector).build()));
}
Also used :
RackBuilder(io.strimzi.api.kafka.model.RackBuilder)
NetworkPolicyIngressRule(io.fabric8.kubernetes.api.model.networking.v1.NetworkPolicyIngressRule)
NetworkPolicy(io.fabric8.kubernetes.api.model.networking.v1.NetworkPolicy)
IntOrString(io.fabric8.kubernetes.api.model.IntOrString)
Kafka(io.strimzi.api.kafka.model.Kafka)
LabelSelector(io.fabric8.kubernetes.api.model.LabelSelector)
NetworkPolicyPeerBuilder(io.fabric8.kubernetes.api.model.networking.v1.NetworkPolicyPeerBuilder)
ParallelTest(io.strimzi.test.annotations.ParallelTest)
Example 4 with RackBuilder
use of io.strimzi.api.kafka.model.RackBuilder in project strimzi-kafka-operator by strimzi.
the class KafkaConnectAssemblyOperatorTest method testCreateOrUpdateFailsWhenClusterRoleBindingRightsAreMissingButRequired.
@Test
public void testCreateOrUpdateFailsWhenClusterRoleBindingRightsAreMissingButRequired(VertxTestContext context) {
ResourceOperatorSupplier supplier = ResourceUtils.supplierWithMocks(true);
var mockConnectOps = supplier.connectOperator;
DeploymentOperator mockDcOps = supplier.deploymentOperations;
PodDisruptionBudgetOperator mockPdbOps = supplier.podDisruptionBudgetOperator;
ConfigMapOperator mockCmOps = supplier.configMapOperations;
ServiceOperator mockServiceOps = supplier.serviceOperations;
NetworkPolicyOperator mockNetPolOps = supplier.networkPolicyOperator;
ClusterRoleBindingOperator mockCrbOps = supplier.clusterRoleBindingOperator;
SecretOperator mockSecretOps = supplier.secretOperations;
String kcName = "foo";
String kcNamespace = "test";
KafkaConnect kc = ResourceUtils.createEmptyKafkaConnect(kcNamespace, kcName);
kc.getSpec().setRack(new RackBuilder().withTopologyKey("some-node-label").build());
KafkaConnectCluster connect = KafkaConnectCluster.fromCrd(Reconciliation.DUMMY_RECONCILIATION, kc, VERSIONS);
when(mockConnectOps.get(kcNamespace, kcName)).thenReturn(kc);
when(mockConnectOps.getAsync(anyString(), anyString())).thenReturn(Future.succeededFuture(kc));
when(mockConnectOps.updateStatusAsync(any(), any(KafkaConnect.class))).thenReturn(Future.succeededFuture());
when(mockServiceOps.get(kcNamespace, connect.getName())).thenReturn(connect.generateService());
when(mockDcOps.readiness(any(), anyString(), anyString(), anyLong(), anyLong())).thenReturn(Future.succeededFuture());
when(mockDcOps.waitForObserved(any(), anyString(), anyString(), anyLong(), anyLong())).thenReturn(Future.succeededFuture());
when(mockSecretOps.reconcile(any(), anyString(), anyString(), any())).thenReturn(Future.succeededFuture());
when(mockCrbOps.reconcile(any(), any(), any())).thenReturn(Future.failedFuture("Message: Forbidden!"));
when(mockServiceOps.reconcile(any(), any(), any(), any())).thenReturn(Future.succeededFuture());
when(mockDcOps.reconcile(any(), any(), any(), any())).thenReturn(Future.succeededFuture());
when(mockDcOps.scaleUp(any(), any(), any(), anyInt())).thenReturn(Future.succeededFuture());
when(mockDcOps.scaleDown(any(), any(), any(), anyInt())).thenReturn(Future.succeededFuture());
when(mockNetPolOps.reconcile(any(), eq(kc.getMetadata().getNamespace()), eq(KafkaConnectResources.deploymentName(kc.getMetadata().getName())), any())).thenReturn(Future.succeededFuture(ReconcileResult.created(new NetworkPolicy())));
when(mockConnectOps.reconcile(any(), anyString(), any(), any())).thenReturn(Future.succeededFuture(ReconcileResult.created(new KafkaConnect())));
when(mockCmOps.reconcile(any(), anyString(), any(), any())).thenReturn(Future.succeededFuture(ReconcileResult.created(new ConfigMap())));
when(mockPdbOps.reconcile(any(), anyString(), any(), any())).thenReturn(Future.succeededFuture(ReconcileResult.created(new PodDisruptionBudget())));
KafkaConnectAssemblyOperator ops = new KafkaConnectAssemblyOperator(vertx, new PlatformFeaturesAvailability(true, kubernetesVersion), supplier, ResourceUtils.dummyClusterOperatorConfig(VERSIONS));
Checkpoint async = context.checkpoint();
ops.createOrUpdate(new Reconciliation("test-trigger", KafkaConnect.RESOURCE_KIND, kcNamespace, kcName), kc).onComplete(context.failing(v -> {
assertThat(v.getMessage(), containsString("Message: Forbidden!"));
async.flag();
}));
}
Also used :
CoreMatchers.is(org.hamcrest.CoreMatchers.is)
KafkaConnectorList(io.strimzi.api.kafka.KafkaConnectorList)
ConnectorPluginBuilder(io.strimzi.api.kafka.model.connect.ConnectorPluginBuilder)
OrderedProperties(io.strimzi.operator.common.model.OrderedProperties)
ArgumentMatchers.eq(org.mockito.ArgumentMatchers.eq)
Annotations(io.strimzi.operator.common.Annotations)
PodDisruptionBudget(io.fabric8.kubernetes.api.model.policy.v1.PodDisruptionBudget)
KafkaConnector(io.strimzi.api.kafka.model.KafkaConnector)
ClusterRoleBindingOperator(io.strimzi.operator.common.operator.resource.ClusterRoleBindingOperator)
Collections.singletonList(java.util.Collections.singletonList)
CoreMatchers.notNullValue(org.hamcrest.CoreMatchers.notNullValue)
AfterAll(org.junit.jupiter.api.AfterAll)
ExtendWith(org.junit.jupiter.api.extension.ExtendWith)
BeforeAll(org.junit.jupiter.api.BeforeAll)
Arrays.asList(java.util.Arrays.asList)
KafkaConnectStatus(io.strimzi.api.kafka.model.status.KafkaConnectStatus)
Map(java.util.Map)
Mockito.doAnswer(org.mockito.Mockito.doAnswer)
PodOperator(io.strimzi.operator.common.operator.resource.PodOperator)
ResourceOperatorSupplier(io.strimzi.operator.cluster.operator.resource.ResourceOperatorSupplier)
ResourceUtils(io.strimzi.operator.cluster.ResourceUtils)
AbstractModel(io.strimzi.operator.cluster.model.AbstractModel)
KafkaJmxOptionsBuilder(io.strimzi.api.kafka.model.KafkaJmxOptionsBuilder)
KafkaConnect(io.strimzi.api.kafka.model.KafkaConnect)
CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString)
Collections.emptyList(java.util.Collections.emptyList)
DeploymentOperator(io.strimzi.operator.common.operator.resource.DeploymentOperator)
KafkaVersion(io.strimzi.operator.cluster.model.KafkaVersion)
SecretOperator(io.strimzi.operator.common.operator.resource.SecretOperator)
Set(java.util.Set)
VertxExtension(io.vertx.junit5.VertxExtension)
CopyOnWriteArraySet(java.util.concurrent.CopyOnWriteArraySet)
Future(io.vertx.core.Future)
Test(org.junit.jupiter.api.Test)
KafkaConnectCluster(io.strimzi.operator.cluster.model.KafkaConnectCluster)
List(java.util.List)
Labels(io.strimzi.operator.common.model.Labels)
RackBuilder(io.strimzi.api.kafka.model.RackBuilder)
Optional(java.util.Optional)
Checkpoint(io.vertx.junit5.Checkpoint)
PodDisruptionBudgetOperator(io.strimzi.operator.common.operator.resource.PodDisruptionBudgetOperator)
PlatformFeaturesAvailability(io.strimzi.operator.PlatformFeaturesAvailability)
Mockito.mock(org.mockito.Mockito.mock)
VertxTestContext(io.vertx.junit5.VertxTestContext)
ArgumentMatchers.any(org.mockito.ArgumentMatchers.any)
ClusterRoleBinding(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBinding)
ArgumentMatchers.anyLong(org.mockito.ArgumentMatchers.anyLong)
NetworkPolicyOperator(io.strimzi.operator.common.operator.resource.NetworkPolicyOperator)
HashMap(java.util.HashMap)
ServiceOperator(io.strimzi.operator.common.operator.resource.ServiceOperator)
ArgumentCaptor(org.mockito.ArgumentCaptor)
KafkaVersionTestUtils(io.strimzi.operator.cluster.KafkaVersionTestUtils)
ConfigMapOperator(io.strimzi.operator.common.operator.resource.ConfigMapOperator)
CrdOperator(io.strimzi.operator.common.operator.resource.CrdOperator)
BuildConfigOperator(io.strimzi.operator.common.operator.resource.BuildConfigOperator)
TestUtils(io.strimzi.test.TestUtils)
Matchers.hasSize(org.hamcrest.Matchers.hasSize)
ReconcileResult(io.strimzi.operator.common.operator.resource.ReconcileResult)
Service(io.fabric8.kubernetes.api.model.Service)
MatcherAssert.assertThat(org.hamcrest.MatcherAssert.assertThat)
ArgumentMatchers.anyInt(org.mockito.ArgumentMatchers.anyInt)
CoreMatchers.nullValue(org.hamcrest.CoreMatchers.nullValue)
KafkaJmxAuthenticationPasswordBuilder(io.strimzi.api.kafka.model.KafkaJmxAuthenticationPasswordBuilder)
Promise(io.vertx.core.Promise)
KubernetesVersion(io.strimzi.operator.KubernetesVersion)
Vertx(io.vertx.core.Vertx)
ConnectorPlugin(io.strimzi.api.kafka.model.connect.ConnectorPlugin)
Mockito.times(org.mockito.Mockito.times)
Mockito.when(org.mockito.Mockito.when)
ConfigMap(io.fabric8.kubernetes.api.model.ConfigMap)
Mockito.verify(org.mockito.Mockito.verify)
ConfigMapBuilder(io.fabric8.kubernetes.api.model.ConfigMapBuilder)
Reconciliation(io.strimzi.operator.common.Reconciliation)
Mockito(org.mockito.Mockito)
Mockito.never(org.mockito.Mockito.never)
Util(io.strimzi.operator.common.Util)
KubernetesClient(io.fabric8.kubernetes.client.KubernetesClient)
NetworkPolicy(io.fabric8.kubernetes.api.model.networking.v1.NetworkPolicy)
Deployment(io.fabric8.kubernetes.api.model.apps.Deployment)
Collections(java.util.Collections)
KafkaConnectResources(io.strimzi.api.kafka.model.KafkaConnectResources)
ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)
RackBuilder(io.strimzi.api.kafka.model.RackBuilder)
ConfigMap(io.fabric8.kubernetes.api.model.ConfigMap)
PodDisruptionBudget(io.fabric8.kubernetes.api.model.policy.v1.PodDisruptionBudget)
NetworkPolicy(io.fabric8.kubernetes.api.model.networking.v1.NetworkPolicy)
PodDisruptionBudgetOperator(io.strimzi.operator.common.operator.resource.PodDisruptionBudgetOperator)
ClusterRoleBindingOperator(io.strimzi.operator.common.operator.resource.ClusterRoleBindingOperator)
KafkaConnectCluster(io.strimzi.operator.cluster.model.KafkaConnectCluster)
CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString)
ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)
KafkaConnect(io.strimzi.api.kafka.model.KafkaConnect)
ServiceOperator(io.strimzi.operator.common.operator.resource.ServiceOperator)
NetworkPolicyOperator(io.strimzi.operator.common.operator.resource.NetworkPolicyOperator)
SecretOperator(io.strimzi.operator.common.operator.resource.SecretOperator)
ResourceOperatorSupplier(io.strimzi.operator.cluster.operator.resource.ResourceOperatorSupplier)
Checkpoint(io.vertx.junit5.Checkpoint)
PlatformFeaturesAvailability(io.strimzi.operator.PlatformFeaturesAvailability)
Reconciliation(io.strimzi.operator.common.Reconciliation)
ConfigMapOperator(io.strimzi.operator.common.operator.resource.ConfigMapOperator)
DeploymentOperator(io.strimzi.operator.common.operator.resource.DeploymentOperator)
Test(org.junit.jupiter.api.Test)
Example 5 with RackBuilder
use of io.strimzi.api.kafka.model.RackBuilder in project strimzi by strimzi.
the class ZookeeperClusterTest method testNetworkPolicyNewKubernetesVersions.
@ParallelTest
public void testNetworkPolicyNewKubernetesVersions() {
Kafka kafkaAssembly = ResourceUtils.createKafka(namespace, cluster, replicas, image, healthDelay, healthTimeout, jmxMetricsConfig, configurationJson, emptyMap());
kafkaAssembly.getSpec().getKafka().setRack(new RackBuilder().withTopologyKey("topology-key").build());
ZookeeperCluster zc = ZookeeperCluster.fromCrd(Reconciliation.DUMMY_RECONCILIATION, kafkaAssembly, VERSIONS);
// Check Network Policies => Other namespace
NetworkPolicy np = zc.generateNetworkPolicy("operator-namespace", null);
LabelSelector podSelector = new LabelSelector();
podSelector.setMatchLabels(Collections.singletonMap(Labels.STRIMZI_NAME_LABEL, ZookeeperCluster.zookeeperClusterName(zc.getCluster())));
assertThat(np.getSpec().getPodSelector(), is(podSelector));
List<NetworkPolicyIngressRule> rules = np.getSpec().getIngress();
assertThat(rules.size(), is(3));
// Ports 2888 and 3888
NetworkPolicyIngressRule zooRule = rules.get(0);
assertThat(zooRule.getPorts().size(), is(2));
assertThat(zooRule.getPorts().get(0).getPort(), is(new IntOrString(2888)));
assertThat(zooRule.getPorts().get(1).getPort(), is(new IntOrString(3888)));
assertThat(zooRule.getFrom().size(), is(1));
podSelector = new LabelSelector();
podSelector.setMatchLabels(Collections.singletonMap(Labels.STRIMZI_NAME_LABEL, ZookeeperCluster.zookeeperClusterName(zc.getCluster())));
assertThat(zooRule.getFrom().get(0), is(new NetworkPolicyPeerBuilder().withPodSelector(podSelector).build()));
// Port 2181
NetworkPolicyIngressRule clientsRule = rules.get(1);
assertThat(clientsRule.getPorts().size(), is(1));
assertThat(clientsRule.getPorts().get(0).getPort(), is(new IntOrString(ZookeeperCluster.CLIENT_TLS_PORT)));
assertThat(clientsRule.getFrom().size(), is(5));
podSelector = new LabelSelector();
podSelector.setMatchLabels(Collections.singletonMap(Labels.STRIMZI_NAME_LABEL, KafkaCluster.kafkaClusterName(zc.getCluster())));
assertThat(clientsRule.getFrom().get(0), is(new NetworkPolicyPeerBuilder().withPodSelector(podSelector).build()));
podSelector = new LabelSelector();
podSelector.setMatchLabels(Collections.singletonMap(Labels.STRIMZI_NAME_LABEL, ZookeeperCluster.zookeeperClusterName(zc.getCluster())));
assertThat(clientsRule.getFrom().get(1), is(new NetworkPolicyPeerBuilder().withPodSelector(podSelector).build()));
podSelector = new LabelSelector();
podSelector.setMatchLabels(Collections.singletonMap(Labels.STRIMZI_NAME_LABEL, EntityOperator.entityOperatorName(zc.getCluster())));
assertThat(clientsRule.getFrom().get(2), is(new NetworkPolicyPeerBuilder().withPodSelector(podSelector).build()));
podSelector = new LabelSelector();
podSelector.setMatchLabels(Collections.singletonMap(Labels.STRIMZI_KIND_LABEL, "cluster-operator"));
assertThat(clientsRule.getFrom().get(3), is(new NetworkPolicyPeerBuilder().withPodSelector(podSelector).withNamespaceSelector(new LabelSelector()).build()));
podSelector = new LabelSelector();
podSelector.setMatchLabels(Collections.singletonMap(Labels.STRIMZI_NAME_LABEL, CruiseControl.cruiseControlName(zc.getCluster())));
assertThat(clientsRule.getFrom().get(4), is(new NetworkPolicyPeerBuilder().withPodSelector(podSelector).build()));
// Port 9404
NetworkPolicyIngressRule metricsRule = rules.get(2);
assertThat(metricsRule.getPorts().size(), is(1));
assertThat(metricsRule.getPorts().get(0).getPort(), is(new IntOrString(9404)));
assertThat(metricsRule.getFrom().size(), is(0));
// Check Network Policies => The same namespace
np = zc.generateNetworkPolicy(namespace, null);
podSelector = new LabelSelector();
podSelector.setMatchLabels(Collections.singletonMap(Labels.STRIMZI_KIND_LABEL, "cluster-operator"));
assertThat(np.getSpec().getIngress().get(1).getFrom().get(3), is(new NetworkPolicyPeerBuilder().withPodSelector(podSelector).build()));
// Check Network Policies => The same namespace with namespace labels
np = zc.generateNetworkPolicy(namespace, Labels.fromMap(Collections.singletonMap("nsLabelKey", "nsLabelValue")));
podSelector = new LabelSelector();
podSelector.setMatchLabels(Collections.singletonMap(Labels.STRIMZI_KIND_LABEL, "cluster-operator"));
assertThat(np.getSpec().getIngress().get(1).getFrom().get(3), is(new NetworkPolicyPeerBuilder().withPodSelector(podSelector).build()));
// Check Network Policies => Other namespace with namespace labels
np = zc.generateNetworkPolicy("operator-namespace", Labels.fromMap(Collections.singletonMap("nsLabelKey", "nsLabelValue")));
podSelector = new LabelSelector();
podSelector.setMatchLabels(Collections.singletonMap(Labels.STRIMZI_KIND_LABEL, "cluster-operator"));
LabelSelector namespaceSelector = new LabelSelector();
namespaceSelector.setMatchLabels(Collections.singletonMap("nsLabelKey", "nsLabelValue"));
assertThat(np.getSpec().getIngress().get(1).getFrom().get(3), is(new NetworkPolicyPeerBuilder().withPodSelector(podSelector).withNamespaceSelector(namespaceSelector).build()));
}
Also used :
RackBuilder(io.strimzi.api.kafka.model.RackBuilder)
NetworkPolicyIngressRule(io.fabric8.kubernetes.api.model.networking.v1.NetworkPolicyIngressRule)
NetworkPolicy(io.fabric8.kubernetes.api.model.networking.v1.NetworkPolicy)
IntOrString(io.fabric8.kubernetes.api.model.IntOrString)
Kafka(io.strimzi.api.kafka.model.Kafka)
LabelSelector(io.fabric8.kubernetes.api.model.LabelSelector)
NetworkPolicyPeerBuilder(io.fabric8.kubernetes.api.model.networking.v1.NetworkPolicyPeerBuilder)
ParallelTest(io.strimzi.test.annotations.ParallelTest)
Aggregations
RackBuilder (io.strimzi.api.kafka.model.RackBuilder)8
Kafka (io.strimzi.api.kafka.model.Kafka)6
NetworkPolicy (io.fabric8.kubernetes.api.model.networking.v1.NetworkPolicy)4
ParallelTest (io.strimzi.test.annotations.ParallelTest)4
StatefulSet (io.fabric8.kubernetes.api.model.apps.StatefulSet)3
ConfigMap (io.fabric8.kubernetes.api.model.ConfigMap)2
ConfigMapBuilder (io.fabric8.kubernetes.api.model.ConfigMapBuilder)2
Service (io.fabric8.kubernetes.api.model.Service)2
Deployment (io.fabric8.kubernetes.api.model.apps.Deployment)2
PodDisruptionBudget (io.fabric8.kubernetes.api.model.policy.v1.PodDisruptionBudget)2
ClusterRoleBinding (io.fabric8.kubernetes.api.model.rbac.ClusterRoleBinding)2
KubernetesClient (io.fabric8.kubernetes.client.KubernetesClient)2
KafkaConnectorList (io.strimzi.api.kafka.KafkaConnectorList)2
KafkaConnect (io.strimzi.api.kafka.model.KafkaConnect)2
KafkaConnectResources (io.strimzi.api.kafka.model.KafkaConnectResources)2
KafkaConnector (io.strimzi.api.kafka.model.KafkaConnector)2
KafkaJmxAuthenticationPasswordBuilder (io.strimzi.api.kafka.model.KafkaJmxAuthenticationPasswordBuilder)2
KafkaJmxOptionsBuilder (io.strimzi.api.kafka.model.KafkaJmxOptionsBuilder)2
ConnectorPlugin (io.strimzi.api.kafka.model.connect.ConnectorPlugin)2
ConnectorPluginBuilder (io.strimzi.api.kafka.model.connect.ConnectorPluginBuilder)2
