Example 61 with PasswordGenerator
use of io.strimzi.operator.common.PasswordGenerator in project strimzi-kafka-operator by strimzi.
the class PartialRollingUpdateMockTest method beforeEach.
@BeforeEach
public void beforeEach(VertxTestContext context) throws InterruptedException, ExecutionException, TimeoutException {
this.cluster = new KafkaBuilder().withMetadata(new ObjectMetaBuilder().withName(CLUSTER_NAME).withNamespace(NAMESPACE).build()).withNewSpec().withNewKafka().withReplicas(5).withListeners(new GenericKafkaListenerBuilder().withName("plain").withPort(9092).withType(KafkaListenerType.INTERNAL).withTls(false).build(), new GenericKafkaListenerBuilder().withName("tls").withPort(9093).withType(KafkaListenerType.INTERNAL).withTls(true).build()).withNewPersistentClaimStorage().withSize("123").withStorageClass("foo").withDeleteClaim(true).endPersistentClaimStorage().endKafka().withNewZookeeper().withReplicas(3).withNewPersistentClaimStorage().withSize("123").withStorageClass("foo").withDeleteClaim(true).endPersistentClaimStorage().endZookeeper().endSpec().build();
// Configure the Kubernetes Mock
mockKube = new MockKube2.MockKube2Builder(client).withKafkaCrd().withInitialKafkas(cluster).withStrimziPodSetCrd().withDeploymentController().withPodController().withStatefulSetController().withServiceController().build();
mockKube.start();
ResourceOperatorSupplier supplier = supplier(client);
kco = new KafkaAssemblyOperator(vertx, new PlatformFeaturesAvailability(false, KubernetesVersion.V1_16), new MockCertManager(), new PasswordGenerator(10, "a", "a"), supplier, ResourceUtils.dummyClusterOperatorConfig(VERSIONS, 2_000));
LOGGER.info("Initial reconciliation");
CountDownLatch createAsync = new CountDownLatch(1);
kco.reconcile(new Reconciliation("initialization", Kafka.RESOURCE_KIND, NAMESPACE, CLUSTER_NAME)).onComplete(ar -> {
context.verify(() -> assertThat(ar.succeeded(), is(true)));
createAsync.countDown();
});
if (!createAsync.await(60, TimeUnit.SECONDS)) {
context.failNow(new Throwable("Test timeout"));
}
LOGGER.info("Initial reconciliation complete");
context.completeNow();
}
Also used :
KafkaBuilder(io.strimzi.api.kafka.model.KafkaBuilder)
ObjectMetaBuilder(io.fabric8.kubernetes.api.model.ObjectMetaBuilder)
CountDownLatch(java.util.concurrent.CountDownLatch)
ResourceOperatorSupplier(io.strimzi.operator.cluster.operator.resource.ResourceOperatorSupplier)
MockCertManager(io.strimzi.operator.common.operator.MockCertManager)
GenericKafkaListenerBuilder(io.strimzi.api.kafka.model.listener.arraylistener.GenericKafkaListenerBuilder)
MockKube2(io.strimzi.test.mockkube2.MockKube2)
PlatformFeaturesAvailability(io.strimzi.operator.PlatformFeaturesAvailability)
PasswordGenerator(io.strimzi.operator.common.PasswordGenerator)
Reconciliation(io.strimzi.operator.common.Reconciliation)
BeforeEach(org.junit.jupiter.api.BeforeEach)
Example 62 with PasswordGenerator
use of io.strimzi.operator.common.PasswordGenerator in project strimzi-kafka-operator by strimzi.
the class CruiseControl method generateCruiseControlApiCredentials.
/**
* Creates Cruise Control API auth usernames, passwords, and credentials file
*
* @return Map containing Cruise Control API auth credentials
*/
public static Map<String, String> generateCruiseControlApiCredentials() {
PasswordGenerator passwordGenerator = new PasswordGenerator(16);
String apiAdminPassword = passwordGenerator.generate();
String apiUserPassword = passwordGenerator.generate();
/*
* Create Cruise Control API auth credentials file following Jetty's
* HashLoginService's file format: username: password [,rolename ...]
*/
String authCredentialsFile = API_ADMIN_NAME + ": " + apiAdminPassword + "," + API_ADMIN_ROLE + "\n" + API_USER_NAME + ": " + apiUserPassword + "," + API_USER_ROLE + "\n";
Map<String, String> data = new HashMap<>(3);
data.put(API_ADMIN_PASSWORD_KEY, Util.encodeToBase64(apiAdminPassword));
data.put(API_USER_PASSWORD_KEY, Util.encodeToBase64(apiUserPassword));
data.put(API_AUTH_FILE_KEY, Util.encodeToBase64(authCredentialsFile));
return data;
}
Also used :
HashMap(java.util.HashMap)
PasswordGenerator(io.strimzi.operator.common.PasswordGenerator)
IntOrString(io.fabric8.kubernetes.api.model.IntOrString)
Example 63 with PasswordGenerator
use of io.strimzi.operator.common.PasswordGenerator in project strimzi-kafka-operator by strimzi.
the class Main method run.
static CompositeFuture run(Vertx vertx, KubernetesClient client, PlatformFeaturesAvailability pfa, ClusterOperatorConfig config) {
Util.printEnvInfo();
ResourceOperatorSupplier resourceOperatorSupplier = new ResourceOperatorSupplier(vertx, client, pfa, config.getOperationTimeoutMs());
KafkaAssemblyOperator kafkaClusterOperations = null;
KafkaConnectAssemblyOperator kafkaConnectClusterOperations = null;
KafkaMirrorMaker2AssemblyOperator kafkaMirrorMaker2AssemblyOperator = null;
KafkaMirrorMakerAssemblyOperator kafkaMirrorMakerAssemblyOperator = null;
KafkaBridgeAssemblyOperator kafkaBridgeAssemblyOperator = null;
KafkaRebalanceAssemblyOperator kafkaRebalanceAssemblyOperator = null;
if (!config.isPodSetReconciliationOnly()) {
OpenSslCertManager certManager = new OpenSslCertManager();
PasswordGenerator passwordGenerator = new PasswordGenerator(12, "abcdefghijklmnopqrstuvwxyz" + "ABCDEFGHIJKLMNOPQRSTUVWXYZ", "abcdefghijklmnopqrstuvwxyz" + "ABCDEFGHIJKLMNOPQRSTUVWXYZ" + "0123456789");
kafkaClusterOperations = new KafkaAssemblyOperator(vertx, pfa, certManager, passwordGenerator, resourceOperatorSupplier, config);
kafkaConnectClusterOperations = new KafkaConnectAssemblyOperator(vertx, pfa, resourceOperatorSupplier, config);
kafkaMirrorMaker2AssemblyOperator = new KafkaMirrorMaker2AssemblyOperator(vertx, pfa, resourceOperatorSupplier, config);
kafkaMirrorMakerAssemblyOperator = new KafkaMirrorMakerAssemblyOperator(vertx, pfa, certManager, passwordGenerator, resourceOperatorSupplier, config);
kafkaBridgeAssemblyOperator = new KafkaBridgeAssemblyOperator(vertx, pfa, certManager, passwordGenerator, resourceOperatorSupplier, config);
kafkaRebalanceAssemblyOperator = new KafkaRebalanceAssemblyOperator(vertx, resourceOperatorSupplier, config);
}
@SuppressWarnings({ "rawtypes" }) List<Future> futures = new ArrayList<>(config.getNamespaces().size());
for (String namespace : config.getNamespaces()) {
Promise<String> prom = Promise.promise();
futures.add(prom.future());
ClusterOperator operator = new ClusterOperator(namespace, config, client, kafkaClusterOperations, kafkaConnectClusterOperations, kafkaMirrorMakerAssemblyOperator, kafkaMirrorMaker2AssemblyOperator, kafkaBridgeAssemblyOperator, kafkaRebalanceAssemblyOperator, resourceOperatorSupplier);
vertx.deployVerticle(operator, res -> {
if (res.succeeded()) {
if (config.getCustomResourceSelector() != null) {
LOGGER.info("Cluster Operator verticle started in namespace {} with label selector {}", namespace, config.getCustomResourceSelector());
} else {
LOGGER.info("Cluster Operator verticle started in namespace {} without label selector", namespace);
}
} else {
LOGGER.error("Cluster Operator verticle in namespace {} failed to start", namespace, res.cause());
System.exit(1);
}
prom.handle(res);
});
}
return CompositeFuture.join(futures);
}
Also used :
KafkaAssemblyOperator(io.strimzi.operator.cluster.operator.assembly.KafkaAssemblyOperator)
KafkaBridgeAssemblyOperator(io.strimzi.operator.cluster.operator.assembly.KafkaBridgeAssemblyOperator)
KafkaMirrorMaker2AssemblyOperator(io.strimzi.operator.cluster.operator.assembly.KafkaMirrorMaker2AssemblyOperator)
ArrayList(java.util.ArrayList)
KafkaConnectAssemblyOperator(io.strimzi.operator.cluster.operator.assembly.KafkaConnectAssemblyOperator)
OpenSslCertManager(io.strimzi.certs.OpenSslCertManager)
ResourceOperatorSupplier(io.strimzi.operator.cluster.operator.resource.ResourceOperatorSupplier)
PasswordGenerator(io.strimzi.operator.common.PasswordGenerator)
CompositeFuture(io.vertx.core.CompositeFuture)
Future(io.vertx.core.Future)
KafkaMirrorMakerAssemblyOperator(io.strimzi.operator.cluster.operator.assembly.KafkaMirrorMakerAssemblyOperator)
KafkaRebalanceAssemblyOperator(io.strimzi.operator.cluster.operator.assembly.KafkaRebalanceAssemblyOperator)
Example 64 with PasswordGenerator
use of io.strimzi.operator.common.PasswordGenerator in project strimzi-kafka-operator by strimzi.
the class KafkaClusterTest method generateBrokerSecret.
private Secret generateBrokerSecret(Set<String> externalBootstrapAddress, Map<Integer, Set<String>> externalAddresses) {
ClusterCa clusterCa = new ClusterCa(Reconciliation.DUMMY_RECONCILIATION, new OpenSslCertManager(), new PasswordGenerator(10, "a", "a"), cluster, null, null);
clusterCa.createRenewOrReplace(namespace, cluster, emptyMap(), emptyMap(), emptyMap(), null, true);
ClientsCa clientsCa = new ClientsCa(Reconciliation.DUMMY_RECONCILIATION, new OpenSslCertManager(), new PasswordGenerator(10, "a", "a"), null, null, null, null, 365, 30, true, CertificateExpirationPolicy.RENEW_CERTIFICATE);
clientsCa.createRenewOrReplace(namespace, cluster, emptyMap(), emptyMap(), emptyMap(), null, true);
return kc.generateCertificatesSecret(clusterCa, clientsCa, externalBootstrapAddress, externalAddresses, true);
}
Also used :
OpenSslCertManager(io.strimzi.certs.OpenSslCertManager)
PasswordGenerator(io.strimzi.operator.common.PasswordGenerator)
Example 65 with PasswordGenerator
use of io.strimzi.operator.common.PasswordGenerator in project strimzi-kafka-operator by strimzi.
the class CertificateRenewalTest method reconcileCa.
private Future<ArgumentCaptor<Secret>> reconcileCa(Vertx vertx, Kafka kafka, Supplier<Date> dateSupplier) {
ResourceOperatorSupplier supplier = ResourceUtils.supplierWithMocks(false);
SecretOperator secretOps = supplier.secretOperations;
DeploymentOperator deploymentOps = supplier.deploymentOperations;
StatefulSetOperator stsOps = supplier.stsOperations;
PodOperator podOps = supplier.podOperations;
when(secretOps.list(eq(NAMESPACE), any())).thenAnswer(invocation -> {
Map<String, String> requiredLabels = ((Labels) invocation.getArgument(1)).toMap();
return secrets.stream().filter(s -> {
Map<String, String> labels = s.getMetadata().getLabels();
labels.keySet().retainAll(requiredLabels.keySet());
return labels.equals(requiredLabels);
}).collect(Collectors.toList());
});
ArgumentCaptor<Secret> c = ArgumentCaptor.forClass(Secret.class);
when(secretOps.reconcile(any(), eq(NAMESPACE), eq(AbstractModel.clusterCaCertSecretName(NAME)), c.capture())).thenAnswer(i -> Future.succeededFuture(ReconcileResult.noop(i.getArgument(0))));
when(secretOps.reconcile(any(), eq(NAMESPACE), eq(AbstractModel.clusterCaKeySecretName(NAME)), c.capture())).thenAnswer(i -> Future.succeededFuture(ReconcileResult.noop(i.getArgument(0))));
when(secretOps.reconcile(any(), eq(NAMESPACE), eq(KafkaResources.clientsCaCertificateSecretName(NAME)), c.capture())).thenAnswer(i -> Future.succeededFuture(ReconcileResult.noop(i.getArgument(0))));
when(secretOps.reconcile(any(), eq(NAMESPACE), eq(KafkaResources.clientsCaKeySecretName(NAME)), c.capture())).thenAnswer(i -> Future.succeededFuture(ReconcileResult.noop(i.getArgument(0))));
when(secretOps.reconcile(any(), eq(NAMESPACE), eq(ClusterOperator.secretName(NAME)), any())).thenAnswer(i -> Future.succeededFuture(ReconcileResult.created(i.getArgument(0))));
when(deploymentOps.getAsync(eq(NAMESPACE), any())).thenReturn(Future.succeededFuture());
when(stsOps.getAsync(eq(NAMESPACE), any())).thenReturn(Future.succeededFuture());
when(podOps.listAsync(eq(NAMESPACE), any(Labels.class))).thenReturn(Future.succeededFuture(List.of()));
KafkaAssemblyOperator op = new KafkaAssemblyOperator(vertx, new PlatformFeaturesAvailability(false, KubernetesVersion.V1_16), certManager, passwordGenerator, supplier, ResourceUtils.dummyClusterOperatorConfig(1L));
Reconciliation reconciliation = new Reconciliation("test-trigger", Kafka.RESOURCE_KIND, NAMESPACE, NAME);
Promise<ArgumentCaptor<Secret>> reconcileCasComplete = Promise.promise();
op.new ReconciliationState(reconciliation, kafka).reconcileCas(dateSupplier).onComplete(ar -> {
// If failed then return the throwable of the reconcileCas
if (ar.succeeded()) {
reconcileCasComplete.complete(c);
} else {
reconcileCasComplete.fail(ar.cause());
}
});
return reconcileCasComplete.future();
}
Also used :
X509Certificate(java.security.cert.X509Certificate)
CoreMatchers.is(org.hamcrest.CoreMatchers.is)
BeforeEach(org.junit.jupiter.api.BeforeEach)
CertificateFactory(java.security.cert.CertificateFactory)
CA_KEY(io.strimzi.operator.cluster.model.Ca.CA_KEY)
Date(java.util.Date)
ArgumentMatchers.eq(org.mockito.ArgumentMatchers.eq)
KeyStoreException(java.security.KeyStoreException)
CoreMatchers.notNullValue(org.hamcrest.CoreMatchers.notNullValue)
CoreMatchers.instanceOf(org.hamcrest.CoreMatchers.instanceOf)
ExtendWith(org.junit.jupiter.api.extension.ExtendWith)
ByteArrayInputStream(java.io.ByteArrayInputStream)
Collections.singleton(java.util.Collections.singleton)
KafkaResources(io.strimzi.api.kafka.model.KafkaResources)
Ca(io.strimzi.operator.cluster.model.Ca)
Map(java.util.Map)
PodOperator(io.strimzi.operator.common.operator.resource.PodOperator)
ResourceOperatorSupplier(io.strimzi.operator.cluster.operator.resource.ResourceOperatorSupplier)
ResourceUtils(io.strimzi.operator.cluster.ResourceUtils)
Path(java.nio.file.Path)
AbstractModel(io.strimzi.operator.cluster.model.AbstractModel)
StatefulSetOperator(io.strimzi.operator.cluster.operator.resource.StatefulSetOperator)
ModelUtils(io.strimzi.operator.cluster.model.ModelUtils)
DeploymentOperator(io.strimzi.operator.common.operator.resource.DeploymentOperator)
SecretOperator(io.strimzi.operator.common.operator.resource.SecretOperator)
KeyStore(java.security.KeyStore)
VertxExtension(io.vertx.junit5.VertxExtension)
Instant(java.time.Instant)
Future(io.vertx.core.Future)
Collectors(java.util.stream.Collectors)
StandardCharsets(java.nio.charset.StandardCharsets)
Subject(io.strimzi.certs.Subject)
Test(org.junit.jupiter.api.Test)
Objects(java.util.Objects)
Base64(java.util.Base64)
List(java.util.List)
Labels(io.strimzi.operator.common.model.Labels)
PasswordGenerator(io.strimzi.operator.common.PasswordGenerator)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
CA_STORE_PASSWORD(io.strimzi.operator.cluster.model.Ca.CA_STORE_PASSWORD)
Secret(io.fabric8.kubernetes.api.model.Secret)
CA_STORE(io.strimzi.operator.cluster.model.Ca.CA_STORE)
Checkpoint(io.vertx.junit5.Checkpoint)
ClusterCa(io.strimzi.operator.cluster.model.ClusterCa)
PlatformFeaturesAvailability(io.strimzi.operator.PlatformFeaturesAvailability)
Mockito.mock(org.mockito.Mockito.mock)
VertxTestContext(io.vertx.junit5.VertxTestContext)
ArgumentMatchers.any(org.mockito.ArgumentMatchers.any)
Matchers.aMapWithSize(org.hamcrest.Matchers.aMapWithSize)
CoreMatchers.not(org.hamcrest.CoreMatchers.not)
OwnerReference(io.fabric8.kubernetes.api.model.OwnerReference)
CertAndKey(io.strimzi.certs.CertAndKey)
Supplier(java.util.function.Supplier)
KafkaBuilder(io.strimzi.api.kafka.model.KafkaBuilder)
ArrayList(java.util.ArrayList)
ArgumentCaptor(org.mockito.ArgumentCaptor)
ClusterOperator(io.strimzi.operator.cluster.ClusterOperator)
TestUtils(io.strimzi.test.TestUtils)
Matchers.hasSize(org.hamcrest.Matchers.hasSize)
ReconcileResult(io.strimzi.operator.common.operator.resource.ReconcileResult)
MatcherAssert.assertThat(org.hamcrest.MatcherAssert.assertThat)
CertificateExpirationPolicy(io.strimzi.api.kafka.model.CertificateExpirationPolicy)
Matchers.hasEntry(org.hamcrest.Matchers.hasEntry)
CertificateAuthority(io.strimzi.api.kafka.model.CertificateAuthority)
Files(java.nio.file.Files)
InvalidResourceException(io.strimzi.operator.cluster.model.InvalidResourceException)
Promise(io.vertx.core.Promise)
KubernetesVersion(io.strimzi.operator.KubernetesVersion)
Vertx(io.vertx.core.Vertx)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
TestUtils.set(io.strimzi.test.TestUtils.set)
Mockito.when(org.mockito.Mockito.when)
Reconciliation(io.strimzi.operator.common.Reconciliation)
CA_CRT(io.strimzi.operator.cluster.model.Ca.CA_CRT)
SecretBuilder(io.fabric8.kubernetes.api.model.SecretBuilder)
Kafka(io.strimzi.api.kafka.model.Kafka)
OpenSslCertManager(io.strimzi.certs.OpenSslCertManager)
CertificateAuthorityBuilder(io.strimzi.api.kafka.model.CertificateAuthorityBuilder)
ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)
ArgumentCaptor(org.mockito.ArgumentCaptor)
PodOperator(io.strimzi.operator.common.operator.resource.PodOperator)
Labels(io.strimzi.operator.common.model.Labels)
ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)
StatefulSetOperator(io.strimzi.operator.cluster.operator.resource.StatefulSetOperator)
SecretOperator(io.strimzi.operator.common.operator.resource.SecretOperator)
Secret(io.fabric8.kubernetes.api.model.Secret)
ResourceOperatorSupplier(io.strimzi.operator.cluster.operator.resource.ResourceOperatorSupplier)
PlatformFeaturesAvailability(io.strimzi.operator.PlatformFeaturesAvailability)
Reconciliation(io.strimzi.operator.common.Reconciliation)
DeploymentOperator(io.strimzi.operator.common.operator.resource.DeploymentOperator)
Map(java.util.Map)
Aggregations
PasswordGenerator (io.strimzi.operator.common.PasswordGenerator)136
ResourceOperatorSupplier (io.strimzi.operator.cluster.operator.resource.ResourceOperatorSupplier)110
Reconciliation (io.strimzi.operator.common.Reconciliation)104
PlatformFeaturesAvailability (io.strimzi.operator.PlatformFeaturesAvailability)102
Future (io.vertx.core.Future)96
ResourceUtils (io.strimzi.operator.cluster.ResourceUtils)94
MatcherAssert.assertThat (org.hamcrest.MatcherAssert.assertThat)94
ArgumentMatchers.any (org.mockito.ArgumentMatchers.any)94
ArgumentMatchers.eq (org.mockito.ArgumentMatchers.eq)94
Mockito.when (org.mockito.Mockito.when)94
KafkaVersionTestUtils (io.strimzi.operator.cluster.KafkaVersionTestUtils)92
KubernetesVersion (io.strimzi.operator.KubernetesVersion)90
Vertx (io.vertx.core.Vertx)90
CoreMatchers.is (org.hamcrest.CoreMatchers.is)88
AfterAll (org.junit.jupiter.api.AfterAll)88
BeforeAll (org.junit.jupiter.api.BeforeAll)88
Test (org.junit.jupiter.api.Test)86
ArgumentCaptor (org.mockito.ArgumentCaptor)86
MockCertManager (io.strimzi.operator.common.operator.MockCertManager)84
Checkpoint (io.vertx.junit5.Checkpoint)82
