apiVersion: {{ include "common.capabilities.statefulset.apiVersion" . }} kind: StatefulSet metadata: name: {{ template "common.names.fullname" . }} namespace: {{ template "zookeeper.namespace" . }} labels: {{- include "common.labels.standard" . | nindent 4 }} app.kubernetes.io/component: zookeeper role: zookeeper {{- if .Values.commonLabels }} {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} {{- end }} {{- if .Values.commonAnnotations }} annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} {{- end }} spec: serviceName: {{ template "common.names.fullname" . }}-headless replicas: {{ .Values.replicaCount }} podManagementPolicy: {{ .Values.podManagementPolicy }} updateStrategy: type: {{ .Values.updateStrategy }} {{- if (eq "Recreate" .Values.updateStrategy) }} rollingUpdate: null {{- else if .Values.rollingUpdatePartition }} rollingUpdate: partition: {{ .Values.rollingUpdatePartition }} {{- end }} selector: matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }} app.kubernetes.io/component: zookeeper template: metadata: name: {{ template "common.names.fullname" . }} labels: {{- include "common.labels.standard" . | nindent 8 }} app.kubernetes.io/component: zookeeper {{- if .Values.podLabels }} {{- include "common.tplvalues.render" (dict "value" .Values.podLabels "context" $) | nindent 8 }} {{- end }} {{- if .Values.podAnnotations }} annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.podAnnotations "context" $) | nindent 8 }} {{- end }} spec: {{- if .Values.schedulerName }} schedulerName: {{ .Values.schedulerName }} {{- end }} {{- include "zookeeper.imagePullSecrets" . | nindent 6 }} serviceAccountName: {{ template "zookeeper.serviceAccountName" . }} {{- if .Values.securityContext.enabled }} securityContext: fsGroup: {{ .Values.securityContext.fsGroup }} {{- end }} {{- if .Values.hostAliases }} hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.hostAliases "context" $) | nindent 8 }} {{- end }} {{- if .Values.affinity }} affinity: {{- include "common.tplvalues.render" (dict "value" .Values.affinity "context" $) | nindent 8 }} {{- else }} affinity: podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAffinityPreset "component" "zookeeper" "context" $) | nindent 10 }} podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAntiAffinityPreset "component" "zookeeper" "context" $) | nindent 10 }} nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.nodeAffinityPreset.type "key" .Values.nodeAffinityPreset.key "values" .Values.nodeAffinityPreset.values) | nindent 10 }} {{- end }} {{- if .Values.nodeSelector }} nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.nodeSelector "context" $) | nindent 8 }} {{- end }} {{- if .Values.tolerations }} tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.tolerations "context" $) | nindent 8 }} {{- end }} {{- if .Values.priorityClassName }} priorityClassName: {{ .Values.priorityClassName }} {{- end }} {{- if or .Values.initContainers (and .Values.volumePermissions.enabled .Values.persistence.enabled) }} initContainers: {{- if .Values.initContainers }} {{ include "common.tplvalues.render" (dict "value" .Values.initContainers "context" $) | trim | nindent 8 }} {{- end }} {{- if and .Values.volumePermissions.enabled .Values.persistence.enabled }} - name: volume-permissions image: {{ template "zookeeper.volumePermissions.image" . }} imagePullPolicy: {{ default "" .Values.volumePermissions.image.pullPolicy | quote }} command: - chown args: - -R - {{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.fsGroup }} - /bitnami/zookeeper {{- if .Values.dataLogDir }} - {{ .Values.dataLogDir }} {{- end }} securityContext: runAsUser: 0 {{- if .Values.volumePermissions.resources }} resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }} {{- end }} volumeMounts: - name: data mountPath: /bitnami/zookeeper {{- if .Values.dataLogDir }} - name: data-log mountPath: {{ .Values.dataLogDir }} {{- end }} {{- end }} {{- end }} containers: - name: zookeeper image: {{ template "zookeeper.image" . }} imagePullPolicy: {{ .Values.image.pullPolicy | quote }} {{- if .Values.securityContext.enabled }} securityContext: runAsUser: {{ .Values.securityContext.runAsUser }} {{- end }} command: - bash - -ec - | # Execute entrypoint as usual after obtaining ZOO_SERVER_ID # check ZOO_SERVER_ID in persistent volume via myid # if not present, set based on POD hostname if [[ -f "/bitnami/zookeeper/data/myid" ]]; then export ZOO_SERVER_ID="$(cat /bitnami/zookeeper/data/myid)" else HOSTNAME=`hostname -s` if [[ $HOSTNAME =~ (.*)-([0-9]+)$ ]]; then ORD=${BASH_REMATCH[2]} export ZOO_SERVER_ID=$((ORD + {{ .Values.minServerId }} )) else echo "Failed to get index from hostname $HOST" exit 1 fi fi exec /entrypoint.sh /run.sh {{- if .Values.resources }} resources: {{- toYaml .Values.resources | nindent 12 }} {{- end }} env: - name: ZOO_DATA_LOG_DIR value: {{ .Values.dataLogDir | quote }} - name: ZOO_PORT_NUMBER value: {{ .Values.service.port | quote }} - name: ZOO_TICK_TIME value: {{ .Values.tickTime | quote }} - name: ZOO_INIT_LIMIT value: {{ .Values.initLimit | quote }} - name: ZOO_SYNC_LIMIT value: {{ .Values.syncLimit | quote }} - name: ZOO_MAX_CLIENT_CNXNS value: {{ .Values.maxClientCnxns | quote }} - name: ZOO_4LW_COMMANDS_WHITELIST value: {{ .Values.fourlwCommandsWhitelist | quote }} - name: ZOO_LISTEN_ALLIPS_ENABLED value: {{ ternary "yes" "no" .Values.listenOnAllIPs | quote }} - name: ZOO_AUTOPURGE_INTERVAL value: {{ .Values.autopurge.purgeInterval | quote }} - name: ZOO_AUTOPURGE_RETAIN_COUNT value: {{ .Values.autopurge.snapRetainCount | quote }} - name: ZOO_MAX_SESSION_TIMEOUT value: {{ .Values.maxSessionTimeout | quote }} - name: ZOO_SERVERS {{- $replicaCount := int .Values.replicaCount }} {{- $minServerId := int .Values.minServerId }} {{- $followerPort := int .Values.service.followerPort }} {{- $electionPort := int .Values.service.electionPort }} {{- $releaseNamespace := include "zookeeper.namespace" . }} {{- $zookeeperFullname := include "common.names.fullname" . }} {{- $zookeeperHeadlessServiceName := printf "%s-%s" $zookeeperFullname "headless" | trunc 63 }} {{- $clusterDomain := .Values.clusterDomain }} value: {{ range $i, $e := until $replicaCount }}{{ $zookeeperFullname }}-{{ $e }}.{{ $zookeeperHeadlessServiceName }}.{{ $releaseNamespace }}.svc.{{ $clusterDomain }}:{{ $followerPort }}:{{ $electionPort }}::{{ add $e $minServerId }} {{ end }} - name: ZOO_ENABLE_AUTH value: {{ ternary "yes" "no" .Values.auth.enabled | quote }} {{- if .Values.auth.enabled }} - name: ZOO_CLIENT_USER value: {{ .Values.auth.clientUser | quote }} - name: ZOO_CLIENT_PASSWORD valueFrom: secretKeyRef: name: {{ if .Values.auth.existingSecret }}{{ .Values.auth.existingSecret }}{{ else }}{{ template "common.names.fullname" . }}{{ end }} key: client-password - name: ZOO_SERVER_USERS value: {{ .Values.auth.serverUsers | quote }} - name: ZOO_SERVER_PASSWORDS valueFrom: secretKeyRef: name: {{ if .Values.auth.existingSecret }}{{ .Values.auth.existingSecret }}{{ else }}{{ template "common.names.fullname" . }}{{ end }} key: server-password {{- end }} - name: ZOO_HEAP_SIZE value: {{ .Values.heapSize | quote }} - name: ZOO_LOG_LEVEL value: {{ .Values.logLevel | quote }} - name: ALLOW_ANONYMOUS_LOGIN value: {{ ternary "yes" "no" .Values.allowAnonymousLogin | quote }} {{- if .Values.jvmFlags }} - name: JVMFLAGS value: {{ .Values.jvmFlags | quote }} {{- end }} {{- if .Values.metrics.enabled }} - name: ZOO_ENABLE_PROMETHEUS_METRICS value: "yes" - name: ZOO_PROMETHEUS_METRICS_PORT_NUMBER value: {{ .Values.metrics.containerPort | quote }} {{- end }} {{- if .Values.service.tls.client_enable }} - name: ZOO_TLS_CLIENT_ENABLE value: {{ .Values.service.tls.client_enable | quote }} - name: ZOO_TLS_CLIENT_KEYSTORE_FILE value: {{ .Values.service.tls.client_keystore_path | quote }} - name: ZOO_TLS_CLIENT_KEYSTORE_PASSWORD value: {{ .Values.service.tls.client_keystore_password | quote }} - name: ZOO_TLS_CLIENT_TRUSTSTORE_FILE value: {{ .Values.service.tls.client_truststore_path | quote }} - name: ZOO_TLS_CLIENT_TRUSTSTORE_PASSWORD value: {{ .Values.service.tls.client_truststore_password | quote }} {{ end }} {{- if .Values.service.tls.quorum_enable }} - name: ZOO_TLS_QUORUM_ENABLE value: {{ .Values.service.tls.quorum_enable | quote }} - name: ZOO_TLS_QUORUM_KEYSTORE_FILE value: {{ .Values.service.tls.quorum_keystore_path | quote }} - name: ZOO_TLS_QUORUM_KEYSTORE_PASSWORD value: {{ .Values.service.tls.quorum_keystore_password | quote }} - name: ZOO_TLS_QUORUM_TRUSTSTORE_FILE value: {{ .Values.service.tls.quorum_truststore_path | quote }} - name: ZOO_TLS_QUORUM_TRUSTSTORE_PASSWORD value: {{ .Values.service.tls.quorum_truststore_password | quote }} {{ end }} - name: POD_NAME valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.name {{- if .Values.extraEnvVars }} {{- toYaml .Values.extraEnvVars | nindent 12 }} {{- end }} ports: {{ if not .Values.service.tls.disable_base_client_port }} - name: client containerPort: {{ .Values.service.port }} {{ end }} {{ if .Values.service.tls.client_enable }} - name: client-tls containerPort: {{ .Values.service.tls.client_port }} {{ end }} - name: follower containerPort: {{ .Values.service.followerPort }} - name: election containerPort: {{ .Values.service.electionPort }} {{- if .Values.metrics.enabled }} - name: metrics containerPort: {{ .Values.metrics.containerPort }} {{- end }} {{- if .Values.livenessProbe.enabled }} livenessProbe: exec: {{- if not .Values.service.tls.disable_base_client_port }} command: ['/bin/bash', '-c', 'echo "ruok" | timeout {{ .Values.livenessProbe.probeCommandTimeout }} nc -w {{ .Values.livenessProbe.probeCommandTimeout }} localhost {{ .Values.service.port }} | grep imok'] {{- else }} {{- if not .Values.service.tls.client_enable }} command: ['/bin/bash', '-c', 'echo "ruok" | timeout {{ .Values.livenessProbe.probeCommandTimeout }} openssl s_client -quiet -crlf -connect localhost:{{ .Values.service.tls.client_port }} | grep imok'] {{- else }} command: ['/bin/bash', '-c', 'echo "ruok" | timeout {{ .Values.livenessProbe.probeCommandTimeout }} openssl s_client -quiet -crlf -connect localhost:{{ .Values.service.tls.client_port }} -cert {{ .Values.service.tls.client_cert_pem_path }} -key {{ .Values.service.tls.client_key_pem_path }} | grep imok'] {{- end }} {{- end }} initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.livenessProbe.periodSeconds }} timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} successThreshold: {{ .Values.livenessProbe.successThreshold }} failureThreshold: {{ .Values.livenessProbe.failureThreshold }} {{- end }} {{- if .Values.readinessProbe.enabled }} readinessProbe: exec: {{- if not .Values.service.tls.disable_base_client_port }} command: ['/bin/bash', '-c', 'echo "ruok" | timeout {{ .Values.readinessProbe.probeCommandTimeout }} nc -w {{ .Values.readinessProbe.probeCommandTimeout }} localhost {{ .Values.service.port }} | grep imok'] {{- else }} {{- if not .Values.service.tls.client_enable }} command: ['/bin/bash', '-c', 'echo "ruok" | timeout {{ .Values.livenessProbe.probeCommandTimeout }} openssl s_client -quiet -crlf -connect localhost:{{ .Values.service.tls.client_port }} | grep imok'] {{- else }} command: ['/bin/bash', '-c', 'echo "ruok" | timeout {{ .Values.livenessProbe.probeCommandTimeout }} openssl s_client -quiet -crlf -connect localhost:{{ .Values.service.tls.client_port }} -cert {{ .Values.service.tls.client_cert_pem_path }} -key {{ .Values.service.tls.client_key_pem_path }} | grep imok'] {{- end }} {{- end }} initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.readinessProbe.periodSeconds }} timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} successThreshold: {{ .Values.readinessProbe.successThreshold }} failureThreshold: {{ .Values.readinessProbe.failureThreshold }} {{- end }} volumeMounts: - name: data mountPath: /bitnami/zookeeper {{- if .Values.dataLogDir }} - name: data-log mountPath: {{ .Values.dataLogDir }} {{- end }} {{- if .Values.config }} - name: config mountPath: /opt/bitnami/zookeeper/conf/zoo.cfg subPath: zoo.cfg {{- end }} {{- if .Values.extraVolumeMounts }} {{- toYaml .Values.extraVolumeMounts | nindent 12 }} {{- end }} volumes: {{- if .Values.config }} - name: config configMap: name: {{ template "common.names.fullname" . }} {{- end }} {{- if and .Values.persistence.enabled .Values.persistence.existingClaim }} - name: data persistentVolumeClaim: claimName: {{ printf "%s" (tpl .Values.persistence.existingClaim .) }} {{- else if not .Values.persistence.enabled }} - name: data emptyDir: {} {{- end }} {{- if and .Values.persistence.enabled .Values.persistence.dataLogDir.existingClaim }} - name: data-log persistentVolumeClaim: claimName: {{ printf "%s" (tpl .Values.persistence.dataLogDir.existingClaim .) }} {{- else if and ( not .Values.persistence.enabled ) .Values.dataLogDir }} - name: data-log emptyDir: {} {{- end }} {{- if .Values.extraVolumes }} {{- toYaml .Values.extraVolumes | nindent 8 }} {{- end }} {{- if and .Values.persistence.enabled (not (and .Values.persistence.existingClaim .Values.persistence.dataLogDir.existingClaim) )}} volumeClaimTemplates: {{- if not .Values.persistence.existingClaim }} - metadata: name: data annotations: {{- range $key, $value := .Values.persistence.annotations }} {{ $key }}: {{ $value }} {{- end }} spec: accessModes: {{- range .Values.persistence.accessModes }} - {{ . | quote }} {{- end }} resources: requests: storage: {{ .Values.persistence.size | quote }} {{- include "common.storage.class" (dict "persistence" .Values.persistence "global" .Values.global) | nindent 8 }} {{- end }} {{- if and (not .Values.persistence.dataLogDir.existingClaim) .Values.dataLogDir }} - metadata: name: data-log annotations: {{- range $key, $value := .Values.persistence.annotations }} {{ $key }}: {{ $value }} {{- end }} spec: accessModes: {{- range .Values.persistence.accessModes }} - {{ . | quote }} {{- end }} resources: requests: storage: {{ .Values.persistence.dataLogDir.size | quote }} {{- include "common.storage.class" (dict "persistence" .Values.persistence "global" .Values.global) | nindent 8 }} {{- end }} {{- end }}