Example 21 with PasswordGenerator
use of io.strimzi.operator.common.PasswordGenerator in project strimzi by strimzi.
the class VolumeResizingTest method testVolumesResizing.
@Test
public void testVolumesResizing() {
Kafka kafka = getKafkaCrd();
KafkaCluster kafkaCluster = KafkaCluster.fromCrd(Reconciliation.DUMMY_RECONCILIATION, kafka, VERSIONS);
ResourceOperatorSupplier supplier = ResourceUtils.supplierWithMocks(false);
// Mock the PVC Operator
PvcOperator mockPvcOps = supplier.pvcOperations;
List<PersistentVolumeClaim> realPvcs = kafkaCluster.generatePersistentVolumeClaims(kafka.getSpec().getKafka().getStorage());
for (PersistentVolumeClaim pvc : realPvcs) {
pvc.setStatus(new PersistentVolumeClaimStatusBuilder().withPhase("Bound").withConditions(new PersistentVolumeClaimConditionBuilder().withStatus("True").withType("Resizing").build()).withCapacity(singletonMap("storage", new Quantity("10Gi"))).build());
}
when(mockPvcOps.getAsync(eq(namespace), ArgumentMatchers.startsWith("data-"))).thenAnswer(invocation -> {
String pvcName = invocation.getArgument(1);
return Future.succeededFuture(realPvcs.stream().filter(pvc -> pvcName.equals(pvc.getMetadata().getName())).findFirst().orElse(null));
});
ArgumentCaptor<PersistentVolumeClaim> pvcCaptor = ArgumentCaptor.forClass(PersistentVolumeClaim.class);
when(mockPvcOps.reconcile(any(), anyString(), anyString(), pvcCaptor.capture())).thenReturn(Future.succeededFuture());
// Mock the StorageClass Operator
StorageClassOperator mockSco = supplier.storageClassOperations;
when(mockSco.getAsync(eq("mysc"))).thenAnswer(invocation -> {
StorageClass sc = new StorageClassBuilder().withNewMetadata().withName("mysc").endMetadata().withAllowVolumeExpansion(true).build();
return Future.succeededFuture(sc);
});
MockKafkaAssemblyOperator kao = new MockKafkaAssemblyOperator(vertx, new PlatformFeaturesAvailability(false, kubernetesVersion), certManager, passwordGenerator, supplier, config);
kao.resizeVolumes(new Reconciliation("test-trigger", Kafka.RESOURCE_KIND, namespace, clusterName), kafka, kafkaCluster.generatePersistentVolumeClaims(kafka.getSpec().getKafka().getStorage()), kafkaCluster).onComplete(res -> {
assertThat(res.succeeded(), is(true));
// The volumes are resizing => no reconciliation
assertThat(pvcCaptor.getAllValues().size(), is(0));
});
}
Also used :
Quantity(io.fabric8.kubernetes.api.model.Quantity)
CoreMatchers.is(org.hamcrest.CoreMatchers.is)
ArgumentMatchers.any(org.mockito.ArgumentMatchers.any)
ArgumentMatchers(org.mockito.ArgumentMatchers)
ArgumentMatchers.eq(org.mockito.ArgumentMatchers.eq)
CertManager(io.strimzi.certs.CertManager)
KafkaBuilder(io.strimzi.api.kafka.model.KafkaBuilder)
PersistentVolumeClaimConditionBuilder(io.fabric8.kubernetes.api.model.PersistentVolumeClaimConditionBuilder)
AfterAll(org.junit.jupiter.api.AfterAll)
ArgumentCaptor(org.mockito.ArgumentCaptor)
KafkaCluster(io.strimzi.operator.cluster.model.KafkaCluster)
KafkaVersionTestUtils(io.strimzi.operator.cluster.KafkaVersionTestUtils)
BeforeAll(org.junit.jupiter.api.BeforeAll)
PersistentVolumeClaimStatusBuilder(io.fabric8.kubernetes.api.model.PersistentVolumeClaimStatusBuilder)
ResourceOperatorSupplier(io.strimzi.operator.cluster.operator.resource.ResourceOperatorSupplier)
Collections.singletonMap(java.util.Collections.singletonMap)
ResourceUtils(io.strimzi.operator.cluster.ResourceUtils)
MatcherAssert.assertThat(org.hamcrest.MatcherAssert.assertThat)
KafkaVersion(io.strimzi.operator.cluster.model.KafkaVersion)
KubernetesVersion(io.strimzi.operator.KubernetesVersion)
Vertx(io.vertx.core.Vertx)
StorageClassOperator(io.strimzi.operator.common.operator.resource.StorageClassOperator)
GenericKafkaListenerBuilder(io.strimzi.api.kafka.model.listener.arraylistener.GenericKafkaListenerBuilder)
Mockito.when(org.mockito.Mockito.when)
PvcOperator(io.strimzi.operator.common.operator.resource.PvcOperator)
Future(io.vertx.core.Future)
StorageClassBuilder(io.fabric8.kubernetes.api.model.storage.StorageClassBuilder)
Test(org.junit.jupiter.api.Test)
Reconciliation(io.strimzi.operator.common.Reconciliation)
List(java.util.List)
StorageClass(io.fabric8.kubernetes.api.model.storage.StorageClass)
KafkaListenerType(io.strimzi.api.kafka.model.listener.arraylistener.KafkaListenerType)
PasswordGenerator(io.strimzi.operator.common.PasswordGenerator)
PersistentVolumeClaim(io.fabric8.kubernetes.api.model.PersistentVolumeClaim)
Kafka(io.strimzi.api.kafka.model.Kafka)
PlatformFeaturesAvailability(io.strimzi.operator.PlatformFeaturesAvailability)
ClusterOperatorConfig(io.strimzi.operator.cluster.ClusterOperatorConfig)
MockCertManager(io.strimzi.operator.common.operator.MockCertManager)
ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)
PersistentVolumeClaimStatusBuilder(io.fabric8.kubernetes.api.model.PersistentVolumeClaimStatusBuilder)
KafkaCluster(io.strimzi.operator.cluster.model.KafkaCluster)
StorageClassOperator(io.strimzi.operator.common.operator.resource.StorageClassOperator)
StorageClass(io.fabric8.kubernetes.api.model.storage.StorageClass)
Kafka(io.strimzi.api.kafka.model.Kafka)
Quantity(io.fabric8.kubernetes.api.model.Quantity)
StorageClassBuilder(io.fabric8.kubernetes.api.model.storage.StorageClassBuilder)
ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)
PvcOperator(io.strimzi.operator.common.operator.resource.PvcOperator)
PersistentVolumeClaimConditionBuilder(io.fabric8.kubernetes.api.model.PersistentVolumeClaimConditionBuilder)
ResourceOperatorSupplier(io.strimzi.operator.cluster.operator.resource.ResourceOperatorSupplier)
PlatformFeaturesAvailability(io.strimzi.operator.PlatformFeaturesAvailability)
Reconciliation(io.strimzi.operator.common.Reconciliation)
PersistentVolumeClaim(io.fabric8.kubernetes.api.model.PersistentVolumeClaim)
Test(org.junit.jupiter.api.Test)
Example 22 with PasswordGenerator
use of io.strimzi.operator.common.PasswordGenerator in project strimzi by strimzi.
the class KafkaCluster method generateJmxSecret.
/**
* Generate the Secret containing the username and password to secure the jmx port on the kafka brokers
*
* @return The generated Secret
*/
public Secret generateJmxSecret() {
Map<String, String> data = new HashMap<>(2);
String[] keys = { SECRET_JMX_USERNAME_KEY, SECRET_JMX_PASSWORD_KEY };
PasswordGenerator passwordGenerator = new PasswordGenerator(16);
for (String key : keys) {
data.put(key, Base64.getEncoder().encodeToString(passwordGenerator.generate().getBytes(StandardCharsets.US_ASCII)));
}
return createJmxSecret(KafkaCluster.jmxSecretName(cluster), data);
}
Also used :
HashMap(java.util.HashMap)
PasswordGenerator(io.strimzi.operator.common.PasswordGenerator)
Example 23 with PasswordGenerator
use of io.strimzi.operator.common.PasswordGenerator in project strimzi by strimzi.
the class KafkaCluster method generateJmxSecret.
/**
* Generate the Secret containing the username and password to secure the jmx port on the Kafka brokers.
*
* @param currentSecret The existing Secret with the current JMX credentials. Null if no secret exists yet.
*
* @return The generated Secret
*/
public Secret generateJmxSecret(Secret currentSecret) {
if (isJmxAuthenticated) {
PasswordGenerator passwordGenerator = new PasswordGenerator(16);
Map<String, String> data = new HashMap<>(2);
if (currentSecret != null && currentSecret.getData() != null) {
data.put(SECRET_JMX_USERNAME_KEY, currentSecret.getData().computeIfAbsent(SECRET_JMX_USERNAME_KEY, (key) -> Util.encodeToBase64(passwordGenerator.generate())));
data.put(SECRET_JMX_PASSWORD_KEY, currentSecret.getData().computeIfAbsent(SECRET_JMX_PASSWORD_KEY, (key) -> Util.encodeToBase64(passwordGenerator.generate())));
} else {
data.put(SECRET_JMX_USERNAME_KEY, Util.encodeToBase64(passwordGenerator.generate()));
data.put(SECRET_JMX_PASSWORD_KEY, Util.encodeToBase64(passwordGenerator.generate()));
}
return createJmxSecret(KafkaResources.kafkaJmxSecretName(cluster), data);
} else {
return null;
}
}
Also used :
VolumeMount(io.fabric8.kubernetes.api.model.VolumeMount)
ExternalTrafficPolicy(io.strimzi.api.kafka.model.template.ExternalTrafficPolicy)
KafkaClusterSpec(io.strimzi.api.kafka.model.KafkaClusterSpec)
KafkaExporterResources(io.strimzi.api.kafka.model.KafkaExporterResources)
Storage(io.strimzi.api.kafka.model.storage.Storage)
HTTPIngressPath(io.fabric8.kubernetes.api.model.networking.v1.HTTPIngressPath)
Rack(io.strimzi.api.kafka.model.Rack)
ServicePort(io.fabric8.kubernetes.api.model.ServicePort)
Annotations(io.strimzi.operator.common.Annotations)
IngressTLS(io.fabric8.kubernetes.api.model.networking.v1.IngressTLS)
PodDisruptionBudget(io.fabric8.kubernetes.api.model.policy.v1.PodDisruptionBudget)
Collections.singletonList(java.util.Collections.singletonList)
NetworkPolicyIngressRule(io.fabric8.kubernetes.api.model.networking.v1.NetworkPolicyIngressRule)
Route(io.fabric8.openshift.api.model.Route)
IngressRule(io.fabric8.kubernetes.api.model.networking.v1.IngressRule)
KafkaResources(io.strimzi.api.kafka.model.KafkaResources)
IngressTLSBuilder(io.fabric8.kubernetes.api.model.networking.v1.IngressTLSBuilder)
KafkaClusterTemplate(io.strimzi.api.kafka.model.template.KafkaClusterTemplate)
Map(java.util.Map)
ContainerBuilder(io.fabric8.kubernetes.api.model.ContainerBuilder)
JsonObject(io.vertx.core.json.JsonObject)
ContainerEnvVar(io.strimzi.api.kafka.model.ContainerEnvVar)
KafkaSpec(io.strimzi.api.kafka.model.KafkaSpec)
Affinity(io.fabric8.kubernetes.api.model.Affinity)
IngressBuilder(io.fabric8.kubernetes.api.model.networking.v1.IngressBuilder)
ProbeBuilder(io.strimzi.api.kafka.model.ProbeBuilder)
Probe(io.strimzi.api.kafka.model.Probe)
StatusUtils(io.strimzi.operator.common.operator.resource.StatusUtils)
SubjectBuilder(io.fabric8.kubernetes.api.model.rbac.SubjectBuilder)
RouteBuilder(io.fabric8.openshift.api.model.RouteBuilder)
ListenersUtils.isListenerWithOAuth(io.strimzi.operator.cluster.model.ListenersUtils.isListenerWithOAuth)
Set(java.util.Set)
RoleRefBuilder(io.fabric8.kubernetes.api.model.rbac.RoleRefBuilder)
HasMetadata(io.fabric8.kubernetes.api.model.HasMetadata)
Collectors(java.util.stream.Collectors)
CruiseControlResources(io.strimzi.api.kafka.model.CruiseControlResources)
RoleRef(io.fabric8.kubernetes.api.model.rbac.RoleRef)
List(java.util.List)
Labels(io.strimzi.operator.common.model.Labels)
StrimziPodSet(io.strimzi.api.kafka.model.StrimziPodSet)
Collections.addAll(java.util.Collections.addAll)
Ingress(io.fabric8.kubernetes.api.model.networking.v1.Ingress)
PasswordGenerator(io.strimzi.operator.common.PasswordGenerator)
PersistentVolumeClaim(io.fabric8.kubernetes.api.model.PersistentVolumeClaim)
Secret(io.fabric8.kubernetes.api.model.Secret)
NetworkPolicyPeerBuilder(io.fabric8.kubernetes.api.model.networking.v1.NetworkPolicyPeerBuilder)
Condition(io.strimzi.api.kafka.model.status.Condition)
ClusterOperatorConfig(io.strimzi.operator.cluster.ClusterOperatorConfig)
Uuid(org.apache.kafka.common.Uuid)
ClusterRoleBinding(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBinding)
EnvVar(io.fabric8.kubernetes.api.model.EnvVar)
GenericKafkaListener(io.strimzi.api.kafka.model.listener.arraylistener.GenericKafkaListener)
Container(io.fabric8.kubernetes.api.model.Container)
Subject(io.fabric8.kubernetes.api.model.rbac.Subject)
HashMap(java.util.HashMap)
LocalObjectReference(io.fabric8.kubernetes.api.model.LocalObjectReference)
CertAndKey(io.strimzi.certs.CertAndKey)
Function(java.util.function.Function)
MetricsAndLogging(io.strimzi.operator.common.MetricsAndLogging)
ArrayList(java.util.ArrayList)
HashSet(java.util.HashSet)
SecurityContext(io.fabric8.kubernetes.api.model.SecurityContext)
KafkaAuthorization(io.strimzi.api.kafka.model.KafkaAuthorization)
InlineLogging(io.strimzi.api.kafka.model.InlineLogging)
ListenersUtils.isListenerWithCustomAuth(io.strimzi.operator.cluster.model.ListenersUtils.isListenerWithCustomAuth)
Collections.singletonMap(java.util.Collections.singletonMap)
Service(io.fabric8.kubernetes.api.model.Service)
NetworkPolicyBuilder(io.fabric8.kubernetes.api.model.networking.v1.NetworkPolicyBuilder)
KafkaSpecChecker(io.strimzi.operator.cluster.operator.resource.KafkaSpecChecker)
Volume(io.fabric8.kubernetes.api.model.Volume)
NetworkPolicyIngressRuleBuilder(io.fabric8.kubernetes.api.model.networking.v1.NetworkPolicyIngressRuleBuilder)
CertAndKeySecretSource(io.strimzi.api.kafka.model.CertAndKeySecretSource)
CruiseControlConfigurationParameters(io.strimzi.operator.cluster.operator.resource.cruisecontrol.CruiseControlConfigurationParameters)
KafkaAuthorizationKeycloak(io.strimzi.api.kafka.model.KafkaAuthorizationKeycloak)
KafkaListenerAuthenticationCustom(io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationCustom)
IOException(java.io.IOException)
StatefulSet(io.fabric8.kubernetes.api.model.apps.StatefulSet)
KafkaListenerAuthenticationOAuth(io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationOAuth)
ConfigMap(io.fabric8.kubernetes.api.model.ConfigMap)
AffinityBuilder(io.fabric8.kubernetes.api.model.AffinityBuilder)
ContainerPort(io.fabric8.kubernetes.api.model.ContainerPort)
Logging(io.strimzi.api.kafka.model.Logging)
Reconciliation(io.strimzi.operator.common.Reconciliation)
JsonArray(io.vertx.core.json.JsonArray)
IngressRuleBuilder(io.fabric8.kubernetes.api.model.networking.v1.IngressRuleBuilder)
Util(io.strimzi.operator.common.Util)
KafkaListenerType(io.strimzi.api.kafka.model.listener.arraylistener.KafkaListenerType)
NetworkPolicyPeer(io.fabric8.kubernetes.api.model.networking.v1.NetworkPolicyPeer)
NetworkPolicy(io.fabric8.kubernetes.api.model.networking.v1.NetworkPolicy)
CruiseControlSpec(io.strimzi.api.kafka.model.CruiseControlSpec)
Kafka(io.strimzi.api.kafka.model.Kafka)
CRUISE_CONTROL_METRIC_REPORTER(io.strimzi.operator.cluster.model.CruiseControl.CRUISE_CONTROL_METRIC_REPORTER)
HTTPIngressPathBuilder(io.fabric8.kubernetes.api.model.networking.v1.HTTPIngressPathBuilder)
Collections(java.util.Collections)
HashMap(java.util.HashMap)
PasswordGenerator(io.strimzi.operator.common.PasswordGenerator)
Example 24 with PasswordGenerator
use of io.strimzi.operator.common.PasswordGenerator in project strimzi by strimzi.
the class Main method run.
static CompositeFuture run(Vertx vertx, KubernetesClient client, PlatformFeaturesAvailability pfa, ClusterOperatorConfig config) {
Util.printEnvInfo();
ResourceOperatorSupplier resourceOperatorSupplier = new ResourceOperatorSupplier(vertx, client, pfa, config.getOperationTimeoutMs());
KafkaAssemblyOperator kafkaClusterOperations = null;
KafkaConnectAssemblyOperator kafkaConnectClusterOperations = null;
KafkaMirrorMaker2AssemblyOperator kafkaMirrorMaker2AssemblyOperator = null;
KafkaMirrorMakerAssemblyOperator kafkaMirrorMakerAssemblyOperator = null;
KafkaBridgeAssemblyOperator kafkaBridgeAssemblyOperator = null;
KafkaRebalanceAssemblyOperator kafkaRebalanceAssemblyOperator = null;
if (!config.isPodSetReconciliationOnly()) {
OpenSslCertManager certManager = new OpenSslCertManager();
PasswordGenerator passwordGenerator = new PasswordGenerator(12, "abcdefghijklmnopqrstuvwxyz" + "ABCDEFGHIJKLMNOPQRSTUVWXYZ", "abcdefghijklmnopqrstuvwxyz" + "ABCDEFGHIJKLMNOPQRSTUVWXYZ" + "0123456789");
kafkaClusterOperations = new KafkaAssemblyOperator(vertx, pfa, certManager, passwordGenerator, resourceOperatorSupplier, config);
kafkaConnectClusterOperations = new KafkaConnectAssemblyOperator(vertx, pfa, resourceOperatorSupplier, config);
kafkaMirrorMaker2AssemblyOperator = new KafkaMirrorMaker2AssemblyOperator(vertx, pfa, resourceOperatorSupplier, config);
kafkaMirrorMakerAssemblyOperator = new KafkaMirrorMakerAssemblyOperator(vertx, pfa, certManager, passwordGenerator, resourceOperatorSupplier, config);
kafkaBridgeAssemblyOperator = new KafkaBridgeAssemblyOperator(vertx, pfa, certManager, passwordGenerator, resourceOperatorSupplier, config);
kafkaRebalanceAssemblyOperator = new KafkaRebalanceAssemblyOperator(vertx, resourceOperatorSupplier, config);
}
@SuppressWarnings({ "rawtypes" }) List<Future> futures = new ArrayList<>(config.getNamespaces().size());
for (String namespace : config.getNamespaces()) {
Promise<String> prom = Promise.promise();
futures.add(prom.future());
ClusterOperator operator = new ClusterOperator(namespace, config, client, kafkaClusterOperations, kafkaConnectClusterOperations, kafkaMirrorMakerAssemblyOperator, kafkaMirrorMaker2AssemblyOperator, kafkaBridgeAssemblyOperator, kafkaRebalanceAssemblyOperator, resourceOperatorSupplier);
vertx.deployVerticle(operator, res -> {
if (res.succeeded()) {
if (config.getCustomResourceSelector() != null) {
LOGGER.info("Cluster Operator verticle started in namespace {} with label selector {}", namespace, config.getCustomResourceSelector());
} else {
LOGGER.info("Cluster Operator verticle started in namespace {} without label selector", namespace);
}
} else {
LOGGER.error("Cluster Operator verticle in namespace {} failed to start", namespace, res.cause());
System.exit(1);
}
prom.handle(res);
});
}
return CompositeFuture.join(futures);
}
Also used :
KafkaAssemblyOperator(io.strimzi.operator.cluster.operator.assembly.KafkaAssemblyOperator)
KafkaBridgeAssemblyOperator(io.strimzi.operator.cluster.operator.assembly.KafkaBridgeAssemblyOperator)
KafkaMirrorMaker2AssemblyOperator(io.strimzi.operator.cluster.operator.assembly.KafkaMirrorMaker2AssemblyOperator)
ArrayList(java.util.ArrayList)
KafkaConnectAssemblyOperator(io.strimzi.operator.cluster.operator.assembly.KafkaConnectAssemblyOperator)
OpenSslCertManager(io.strimzi.certs.OpenSslCertManager)
ResourceOperatorSupplier(io.strimzi.operator.cluster.operator.resource.ResourceOperatorSupplier)
PasswordGenerator(io.strimzi.operator.common.PasswordGenerator)
CompositeFuture(io.vertx.core.CompositeFuture)
Future(io.vertx.core.Future)
KafkaMirrorMakerAssemblyOperator(io.strimzi.operator.cluster.operator.assembly.KafkaMirrorMakerAssemblyOperator)
KafkaRebalanceAssemblyOperator(io.strimzi.operator.cluster.operator.assembly.KafkaRebalanceAssemblyOperator)
Example 25 with PasswordGenerator
use of io.strimzi.operator.common.PasswordGenerator in project strimzi by strimzi.
the class KafkaConnectCluster method generateJmxSecret.
/**
* Generate the Secret containing the username and password to secure the jmx port on the kafka connect workers
*
* @return The generated Secret
*/
public Secret generateJmxSecret() {
Map<String, String> data = new HashMap<>(2);
String[] keys = { SECRET_JMX_USERNAME_KEY, SECRET_JMX_PASSWORD_KEY };
PasswordGenerator passwordGenerator = new PasswordGenerator(16);
for (String key : keys) {
data.put(key, Base64.getEncoder().encodeToString(passwordGenerator.generate().getBytes(StandardCharsets.US_ASCII)));
}
return createJmxSecret(KafkaConnectCluster.jmxSecretName(cluster), data);
}
Also used :
HashMap(java.util.HashMap)
PasswordGenerator(io.strimzi.operator.common.PasswordGenerator)
Aggregations
PasswordGenerator (io.strimzi.operator.common.PasswordGenerator)136
ResourceOperatorSupplier (io.strimzi.operator.cluster.operator.resource.ResourceOperatorSupplier)110
Reconciliation (io.strimzi.operator.common.Reconciliation)104
PlatformFeaturesAvailability (io.strimzi.operator.PlatformFeaturesAvailability)102
Future (io.vertx.core.Future)96
ResourceUtils (io.strimzi.operator.cluster.ResourceUtils)94
MatcherAssert.assertThat (org.hamcrest.MatcherAssert.assertThat)94
ArgumentMatchers.any (org.mockito.ArgumentMatchers.any)94
ArgumentMatchers.eq (org.mockito.ArgumentMatchers.eq)94
Mockito.when (org.mockito.Mockito.when)94
KafkaVersionTestUtils (io.strimzi.operator.cluster.KafkaVersionTestUtils)92
KubernetesVersion (io.strimzi.operator.KubernetesVersion)90
Vertx (io.vertx.core.Vertx)90
CoreMatchers.is (org.hamcrest.CoreMatchers.is)88
AfterAll (org.junit.jupiter.api.AfterAll)88
BeforeAll (org.junit.jupiter.api.BeforeAll)88
Test (org.junit.jupiter.api.Test)86
ArgumentCaptor (org.mockito.ArgumentCaptor)86
MockCertManager (io.strimzi.operator.common.operator.MockCertManager)84
Checkpoint (io.vertx.junit5.Checkpoint)82
