k8s/efk-7.10.2/filebeat/kafka/values.yaml

## Global Docker image parameters
## Please, note that this will override the image parameters, including dependencies, configured to use the global value
## Current available global Docker image parameters: imageRegistry and imagePullSecrets
##
# global:
#   imageRegistry: myRegistryName
#   imagePullSecrets:
#     - myRegistryKeySecretName
#   storageClass: myStorageClass

## Bitnami Kafka image version
## ref: https://hub.docker.com/r/bitnami/kafka/tags/
##
image:
  registry: docker.io
  repository: bitnami/kafka
  tag: 2.8.0-debian-10-r30
  ## Specify a imagePullPolicy
  ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
  ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
  ##
  pullPolicy: IfNotPresent
  ## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace)
  ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
  ## Example:
  ## pullSecrets:
  ##   - myRegistryKeySecretName
  ##
  pullSecrets: []

  ## Set to true if you would like to see extra information on logs
  ##
  debug: false

## String to partially override kafka.fullname template (will maintain the release name)
##
# nameOverride:

## String to fully override kafka.fullname template
##
# fullnameOverride:

## Deployment pod host aliases
## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
##
hostAliases: []

## Use an alternate scheduler, e.g. "stork".
## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
##
# schedulerName:

## StatefulSet controller supports relax its ordering guarantees while preserving its uniqueness and identity guarantees. There are two valid pod management policies: OrderedReady and Parallel
## ref: https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#pod-management-policy
##
podManagementPolicy: Parallel

## Kubernetes Cluster Domain
##
clusterDomain: cluster.local

## Add labels to all the deployed resources
##
commonLabels: {}

## Add annotations to all the deployed resources
##
commonAnnotations: {}

## Kafka Configuration
## Specify content for server.properties
## NOTE: This will override any KAFKA_CFG_ environment variables (including those set by the chart)
## The server.properties is auto-generated based on other parameters when this parameter is not specified
##
## Example:
## config: |-
##   broker.id=-1
##   listeners=PLAINTEXT://:9092
##   advertised.listeners=PLAINTEXT://KAFKA_IP:9092
##   num.network.threads=3
##   num.io.threads=8
##   socket.send.buffer.bytes=102400
##   socket.receive.buffer.bytes=102400
##   socket.request.max.bytes=104857600
##   log.dirs=/bitnami/kafka/data
##   num.partitions=1
##   num.recovery.threads.per.data.dir=1
##   offsets.topic.replication.factor=1
##   transaction.state.log.replication.factor=1
##   transaction.state.log.min.isr=1
##   log.flush.interval.messages=10000
##   log.flush.interval.ms=1000
##   log.retention.hours=168
##   log.retention.bytes=1073741824
##   log.segment.bytes=1073741824
##   log.retention.check.interval.ms=300000
##   zookeeper.connect=ZOOKEEPER_SERVICE_NAME
##   zookeeper.connection.timeout.ms=6000
##   group.initial.rebalance.delay.ms=0
##
# config:

## ConfigMap with Kafka Configuration
## NOTE: This will override config AND any KAFKA_CFG_ environment variables.
##
# existingConfigmap:

## Kafka Log4J Configuration
## An optional log4j.properties file to overwrite the default of the Kafka brokers.
## See an example log4j.properties at:
## https://github.com/apache/kafka/blob/trunk/config/log4j.properties
##
# log4j:

## Kafka Log4j ConfigMap
## The name of an existing ConfigMap containing a log4j.properties file.
## NOTE: this will override log4j.
##
# existingLog4jConfigMap:

## Kafka's Java Heap size
##
heapOpts: -Xmx1024m -Xms1024m

## Switch to enable topic deletion or not.
##
deleteTopicEnable: false

## Switch to enable auto creation of topics.
## Enabling auto creation of topics not recommended for production or similar environments.
##
autoCreateTopicsEnable: true

## The number of messages to accept before forcing a flush of data to disk.
##
logFlushIntervalMessages: _10000

## The maximum amount of time a message can sit in a log before we force a flush.
##
logFlushIntervalMs: 1000

## A size-based retention policy for logs.
##
logRetentionBytes: _1073741824

## The interval at which log segments are checked to see if they can be deleted.
##
logRetentionCheckIntervalMs: 300000

## The minimum age of a log file to be eligible for deletion due to age.
##
logRetentionHours: 168

## The maximum size of a log segment file. When this size is reached a new log segment will be created.
##
logSegmentBytes: _1073741824

## A comma separated list of directories under which to store log files.
##
logsDirs: /bitnami/kafka/data

## The largest record batch size allowed by Kafka
##
maxMessageBytes: _1000012

## Default replication factors for automatically created topics
##
defaultReplicationFactor: 1

## The replication factor for the offsets topic
##
offsetsTopicReplicationFactor: 1

## The replication factor for the transaction topic
##
transactionStateLogReplicationFactor: 1

## Overridden min.insync.replicas config for the transaction topic
##
transactionStateLogMinIsr: 1

## The number of threads doing disk I/O.
##
numIoThreads: 8

## The number of threads handling network requests.
##
numNetworkThreads: 3

## The default number of log partitions per topic.
##
numPartitions: 1

## The number of threads per data directory to be used for log recovery at startup and flushing at shutdown.
##
numRecoveryThreadsPerDataDir: 1

## The receive buffer (SO_RCVBUF) used by the socket server.
##
socketReceiveBufferBytes: 102400

## The maximum size of a request that the socket server will accept (protection against OOM).
##
socketRequestMaxBytes: _104857600

## The send buffer (SO_SNDBUF) used by the socket server.
##
socketSendBufferBytes: 102400

## Timeout in ms for connecting to zookeeper.
##
zookeeperConnectionTimeoutMs: 6000

## Command and args for running the container. Use array form
##
command:
  - /scripts/setup.sh
args: []

## All the parameters from the configuration file can be overwritten by using environment variables with this format: KAFKA_CFG_{KEY}
## ref: https://github.com/bitnami/bitnami-docker-kafka#configuration
## Example:
## extraEnvVars:
##   - name: KAFKA_CFG_BACKGROUND_THREADS
##     value: "10"
##
extraEnvVars: []

## extraVolumes and extraVolumeMounts allows you to mount other volumes
## Examples:
# extraVolumes:
#   - name: kafka-jaas
#     secret:
#       secretName: kafka-jaas
# extraVolumeMounts:
#   - name: kafka-jaas
#     mountPath: /bitnami/kafka/config/kafka_jaas.conf
#     subPath: kafka_jaas.conf
extraVolumes: []
extraVolumeMounts: []

## Extra objects to deploy (value evaluated as a template)
##
extraDeploy: []

## Authentication parameteres
## https://github.com/bitnami/bitnami-docker-kafka#security
##
auth:
  ## Authentication protocol for client and inter-broker communications
  ## Supported values: 'plaintext', 'tls', 'mtls', 'sasl' and 'sasl_tls'
  ## This table shows the security provided on each protocol:
  ## | Method    | Authentication                | Encryption via TLS |
  ## | plaintext | None                          | No                 |
  ## | tls       | None                          | Yes                |
  ## | mtls      | Yes (two-way authentication)  | Yes                |
  ## | sasl      | Yes (via SASL)                | No                 |
  ## | sasl_tls  | Yes (via SASL)                | Yes                |
  ##
  clientProtocol: plaintext
  interBrokerProtocol: plaintext

  ## SASL configuration
  ##
  sasl:
    ## Comma separated list of allowed SASL mechanisms.
    ## Note: ignored unless `auth.clientProtocol` or `auth.interBrokerProtocol` are using either `sasl` or `sasl_tls`
    ##
    mechanisms: plain,scram-sha-256,scram-sha-512
    ## SASL mechanism for inter broker communication.
    ##
    interBrokerMechanism: plain
    ## JAAS configuration for SASL authentication.
    ##
    jaas:
      ## Kafka client user list
      ##
      ## clientUsers:
      ##   - user1
      ##   - user2
      ##
      clientUsers:
        - user
      ## Kafka client passwords. This is mandatory if more than one user is specified in clientUsers.
      ##
      ## clientPasswords:
      ##   - password1
      ##   - password2"
      ##
      clientPasswords: []
      ## Kafka inter broker communication user
      ##
      interBrokerUser: admin
      ## Kafka inter broker communication password
      ##
      interBrokerPassword: ""
      ## Kafka Zookeeper user
      ##
      zookeeperUser: ""
      ## Kafka Zookeeper password
      ##
      zookeeperPassword: ""
      ## Name of the existing secret containing credentials for clientUsers, interBrokerUser and zookeeperUser.
      ## Create this secret running the command below where SECRET_NAME is the name of the secret you want to create:
      ##       kubectl create secret generic SECRET_NAME --from-literal=client-passwords=CLIENT_PASSWORD1,CLIENT_PASSWORD2 --from-literal=inter-broker-password=INTER_BROKER_PASSWORD --from-literal=zookeeper-password=ZOOKEEPER_PASSWORD
      ##
      existingSecret: ""

  ## DEPRECATED: use `auth.sasl.mechanisms` instead.
  saslMechanisms: plain,scram-sha-256,scram-sha-512
  ## DEPRECATED: use `auth.sasl.interBrokerMechanism` instead.
  saslInterBrokerMechanism: plain
  ## DEPRECATED: use `auth.sasl.jaas` instead.
  jaas:
    clientUsers:
      - user
    clientPasswords: []
    interBrokerUser: admin
    interBrokerPassword: ""
    zookeeperUser: ""
    zookeeperPassword: ""
    existingSecret: ""

  ## TLS configuration
  ##
  tls:
    ## Format to use for TLS certificates
    ## Supported values: 'jks' and 'pem'
    ##
    type: jks
    ## Name of an existing secret containing the TLS certificates
    ##
    ## When using 'jks' format for certificates, the secret should contain:
    ##  - A truststore
    ##  - One keystore per Kafka broker you have in the cluster
    ## Create this secret following the steps below:
    ## 1) Generate your trustore and keystore files. Helpful script: https://raw.githubusercontent.com/confluentinc/confluent-platform-security-tools/master/kafka-generate-ssl.sh
    ## 2) Rename your truststore to `kafka.truststore.jks`.
    ## 3) Rename your keystores to `kafka-X.keystore.jks` where X is the ID of each Kafka broker.
    ## 4) Run the command below where SECRET_NAME is the name of the secret you want to create:
    ##       kubectl create secret generic SECRET_NAME --from-file=./kafka.truststore.jks --from-file=./kafka-0.keystore.jks --from-file=./kafka-1.keystore.jks ...
    ##
    ## When using 'pem' format for certificates, the secret should contain:
    ##  - A public CA certificate
    ##  - One public certificate and one private key per Kafka broker you have in the cluster
    ## Create this secret following the steps below:
    ## 1) Create a certificate key and signing request per Kafka broker, and sign the signing request with your CA
    ## 2) Rename your CA file to `kafka.truststore.pem`.
    ## 3) Rename your certificates to `kafka-X.keystore.pem` where X is the ID of each Kafka broker.
    ## 3) Rename your keys to `kafka-X.keystore.key` where X is the ID of each Kafka broker.
    ## 5) Run the command below where SECRET_NAME is the name of the secret you want to create:
    ##       kubectl create secret generic SECRET_NAME --from-file=./kafka.truststore.pem --from-file=./kafka-0.keystore.pem --from-file=./kafka-0.keystore.key --from-file=./kafka-1.keystore.pem --from-file=./kafka-1.keystore.key ...
    ##
    existingSecret: ""
    ## Create self-signed TLS certificates. Currently only supported for 'pem' format.
    ## Note: ignored when using 'jks' format or `auth.tls.existingSecret` is not empty
    ##
    autoGenerated: false
    ## Password to access the JKS files or PEM key when they are password-protected.
    ##
    password: ""
    ## Name of an existing secret containing your JKS truststore if the JKS truststore doesn't exist
    ## or is different from the one in the `auth.tls.existingSecret`.
    ## Note: ignored when using 'pem' format for certificates .
    ##
    jksTruststoreSecret: ""
    ## The secret key from the `auth.tls.existingSecret` containing the keystore with a SAN certificate.
    ## The SAN certificate in it should be issued with Subject Alternative Names for all headless services:
    ##  - kafka-0.kafka-headless.kafka.svc.cluster.local
    ##  - kafka-1.kafka-headless.kafka.svc.cluster.local
    ##  - kafka-2.kafka-headless.kafka.svc.cluster.local
    ## Note: ignored when using 'pem' format for certificates.
    ##
    jksKeystoreSAN: ""
    ## The secret key from the `auth.tls.existingSecret` or `auth.tls.jksTruststoreSecret` containing the truststore.
    ## Note: ignored when using 'pem' format for certificates.
    ##
    jksTruststore: ""
    ## The endpoint identification algorithm used by clients to validate server host name.
    ## Disable server host name verification by setting it to an empty string.
    ## ref: https://docs.confluent.io/current/kafka/authentication_ssl.html#optional-settings
    ##
    endpointIdentificationAlgorithm: https

  ## DEPRECATED: use `auth.tls.existingSecret` instead.
  jksSecret: ""
  ## DEPRECATED: use `auth.tls.jksTruststoreSecret` instead.
  jksTruststoreSecret: ""
  ## DEPRECATED: use `auth.tls.jksKeystoreSAN` instead.
  jksKeystoreSAN: ""
  ## DEPRECATED: use `auth.tls.jksTruststore` instead.
  jksTruststore: ""
  ## DEPRECATED: use `auth.tls.password` instead.
  jksPassword: ""
  ## DEPRECATED: use `auth.tls.endpointIdentificationAlgorithm` instead.
  tlsEndpointIdentificationAlgorithm: https

## The address(es) the socket server listens on.
## When it's set to an empty array, the listeners will be configured
## based on the authentication protocols (auth.clientProtocol and auth.interBrokerProtocol parameters)
##
listeners: []

## The address(es) (hostname:port) the brokers will advertise to producers and consumers.
## When it's set to an empty array, the advertised listeners will be configured
## based on the authentication protocols (auth.clientProtocol and auth.interBrokerProtocol parameters)
##
advertisedListeners: []

## The listener->protocol mapping
## When it's nil, the listeners will be configured
## based on the authentication protocols (auth.clientProtocol and auth.interBrokerProtocol parameters)
##
# listenerSecurityProtocolMap:

## Allow to use the PLAINTEXT listener.
##
allowPlaintextListener: true

## Name of listener used for communication between brokers.
##
interBrokerListenerName: INTERNAL

## Number of Kafka brokers to deploy
##
replicaCount: 1

## Minimal broker.id value
## Brokers increment their ID starting at this minimal value.
## E.g., with `minBrokerId=100` and 3 nodes, IDs will be 100, 101, 102 for brokers 0, 1, and 2, respectively.
##
minBrokerId: 0

## StrategyType, can be set to RollingUpdate or OnDelete by default.
## ref: https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#updating-statefulsets
##
updateStrategy: RollingUpdate

## Partition update strategy
## https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#partitions
##
# rollingUpdatePartition:

## Pod labels. Evaluated as a template
## Ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
##
podLabels: {}

## Pod annotations. Evaluated as a template
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
##
podAnnotations: {}

## Name of the priority class to be used by kafka pods, priority class needs to be created beforehand
## Ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
##
priorityClassName: ""

## Pod affinity preset
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
## Allowed values: soft, hard
##
podAffinityPreset: ""

## Pod anti-affinity preset
## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
## Allowed values: soft, hard
##
podAntiAffinityPreset: soft

## Node affinity preset
## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
## Allowed values: soft, hard
##
nodeAffinityPreset:
  ## Node affinity type
  ## Allowed values: soft, hard
  ##
  type: ""
  ## Node label key to match
  ## E.g.
  ## key: "kubernetes.io/e2e-az-name"
  ##
  key: ""
  ## Node label values to match
  ## E.g.
  ## values:
  ##   - e2e-az1
  ##   - e2e-az2
  ##
  values: []

## Affinity for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
## Note: podAffinityPreset, podAntiAffinityPreset, and  nodeAffinityPreset will be ignored when it's set
##
affinity: {}

## Node labels for pod assignment
## Ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}

## Tolerations for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []

## Configure the grace time period for sig term
## ref: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#hook-handler-execution
##
# terminationGracePeriodSeconds: 30

## Kafka pods' Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
##
podSecurityContext:
  enabled: true
  fsGroup: 1001
  runAsUser: 1001

## Kafka containers' Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
## Example:
##   containerSecurityContext:
##     capabilities:
##       drop: ["NET_RAW"]
##     readOnlyRootFilesystem: true
##
containerSecurityContext: {}

## Kafka containers' resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
  # We usually recommend not to specify default resources and to leave this as a conscious
  # choice for the user. This also increases chances charts run on environments with little
  # resources, such as Minikube. If you do want to specify resources, uncomment the following
  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
  limits: {}
  #   cpu: 250m
  #   memory: 1Gi
  requests: {}
  #   cpu: 250m
  #   memory: 256Mi

## Kafka containers' liveness and readiness probes. Evaluated as a template.
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
##
livenessProbe:
  enabled: true
  initialDelaySeconds: 10
  timeoutSeconds: 5
  # failureThreshold: 3
  # periodSeconds: 10
  # successThreshold: 1
readinessProbe:
  enabled: true
  initialDelaySeconds: 5
  failureThreshold: 6
  timeoutSeconds: 5
  # periodSeconds: 10
  # successThreshold: 1

## Custom liveness/readiness probes that will override the default ones
##
customLivenessProbe: {}
customReadinessProbe: {}

## Pod Disruption Budget configuration
## The PDB will only be created if replicaCount is greater than 1
## ref: https://kubernetes.io/docs/concepts/workloads/pods/disruptions
##
pdb:
  create: false
  ## Min number of pods that must still be available after the eviction
  ##
  # minAvailable: 1
  ## Max number of pods that can be unavailable after the eviction
  ##
  maxUnavailable: 1

## Add sidecars to the pod.
## Example:
## sidecars:
##   - name: your-image-name
##     image: your-image
##     imagePullPolicy: Always
##     ports:
##       - name: portname
##         containerPort: 1234
##
sidecars: {}

## Service parameters
##
service:
  ## Service type
  ##
  type: ClusterIP
  ## Kafka port for client connections
  ##
  port: 9092
  ## Kafka port for inter-broker connections
  ##
  internalPort: 9093
  ## Kafka port for external connections
  ##
  externalPort: 9094
  ## Specify the nodePort value for the LoadBalancer and NodePort service types.
  ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
  ##
  nodePorts:
    client: ""
    external: ""
  ## Set the LoadBalancer service type to internal only.
  ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
  ##
  # loadBalancerIP:
  ## Load Balancer sources
  ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
  ## Example:
  ## loadBalancerSourceRanges:
  ## - 10.10.10.0/24
  ##
  loadBalancerSourceRanges: []
  ## Provide any additional annotations which may be required. Evaluated as a template
  ##
  annotations: {}

## External Access to Kafka brokers configuration
##
externalAccess:
  ## Enable Kubernetes external cluster access to Kafka brokers
  ##
  enabled: false

  ## External IPs auto-discovery configuration
  ## An init container is used to auto-detect LB IPs or node ports by querying the K8s API
  ## Note: RBAC might be required
  ##
  autoDiscovery:
    ## Enable external IP/ports auto-discovery
    ##
    enabled: false
    ## Bitnami Kubectl image
    ## ref: https://hub.docker.com/r/bitnami/kubectl/tags/
    ##
    image:
      registry: docker.io
      repository: bitnami/kubectl
      tag: 1.19.11-debian-10-r14
      ## Specify a imagePullPolicy
      ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
      ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
      ##
      pullPolicy: IfNotPresent
      ## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace)
      ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
      ## Example:
      ## pullSecrets:
      ##   - myRegistryKeySecretName
      ##
      pullSecrets: []
    ## Init Container resource requests and limits
    ## ref: http://kubernetes.io/docs/user-guide/compute-resources/
    ##
    resources:
      # We usually recommend not to specify default resources and to leave this as a conscious
      # choice for the user. This also increases chances charts run on environments with little
      # resources, such as Minikube. If you do want to specify resources, uncomment the following
      # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
      limits: {}
      #   cpu: 100m
      #   memory: 128Mi
      requests: {}
      #   cpu: 100m
      #   memory: 128Mi

  ## Parameters to configure K8s service(s) used to externally access Kafka brokers
  ## A new service per broker will be created
  ##
  service:
    ## Service type. Allowed values: LoadBalancer or NodePort
    ##
    type: LoadBalancer
    ## Port used when service type is LoadBalancer
    ##
    port: 9094
    ## Array of load balancer IPs for each Kafka broker. Length must be the same as replicaCount
    ## Example:
    ## loadBalancerIPs:
    ##   - X.X.X.X
    ##   - Y.Y.Y.Y
    ##
    loadBalancerIPs: []
    ## Load Balancer sources
    ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
    ## Example:
    ## loadBalancerSourceRanges:
    ## - 10.10.10.0/24
    ##
    loadBalancerSourceRanges: []
    ## Array of node ports used for each Kafka broker. Length must be the same as replicaCount
    ## Example:
    ## nodePorts:
    ##   - 30001
    ##   - 30002
    ##
    nodePorts: []
    ## Use worker host ips
    useHostIPs: false
    ## When service type is NodePort, you can specify the domain used for Kafka advertised listeners.
    ## If not specified, the container will try to get the kubernetes node external IP
    ##
    # domain: mydomain.com
    ## Provide any additional annotations which may be required. Evaluated as a template
    ##
    annotations: {}

## Persistence parameters
##
persistence:
  enabled: false
  ## A manually managed Persistent Volume and Claim
  ## If defined, PVC must be created manually before volume will be bound
  ## The value is evaluated as a template
  ##
  # existingClaim:
  ## PV Storage Class
  ## If defined, storageClassName: <storageClass>
  ## If set to "-", storageClassName: "", which disables dynamic provisioning
  ## If undefined (the default) or set to null, no storageClassName spec is
  ## set, choosing the default provisioner.
  ##
  # storageClass: "-"
  ## PV Access Mode
  ##
  accessModes:
    - ReadWriteOnce
  ## PVC size
  ##
  size: 8Gi
  ## PVC annotations
  ##
  annotations: {}
  ## selector can be used to match an existing PersistentVolume
  ## selector:
  ##   matchLabels:
  ##     app: my-app
  selector: {}
  ## Mount point for persistence
  ##
  mountPath: /bitnami/kafka

## Log Persistence parameters
##
logPersistence:
  enabled: false
  ## A manually managed Persistent Volume and Claim
  ## If defined, PVC must be created manually before volume will be bound
  ## The value is evaluated as a template
  ##
  # existingClaim:
  ## PV Storage Class
  ## If defined, storageClassName: <storageClass>
  ## If set to "-", storageClassName: "", which disables dynamic provisioning
  ## If undefined (the default) or set to null, no storageClassName spec is
  ## set, choosing the default provisioner.
  # existingLogClaim:
  ## PV Storage Class
  ## It getted from persistence.storageClass
  ##
  ## PV Access Mode
  ##
  accessModes:
    - ReadWriteOnce
  ## PVC size
  ##
  size: 8Gi
  ## PVC annotations
  ##
  annotations: {}
  ## selector can be used to match an existing PersistentVolume
  ## selector:
  ##   matchLabels:
  ##     app: my-app
  selector: {}
  ## Mount path for persistent logs
  ##
  mountPath: /opt/bitnami/kafka/logs

## Init Container parameters
## Change the owner and group of the persistent volume(s) mountpoint(s) to 'runAsUser:fsGroup' on each component
## values from the securityContext section of the component
##
volumePermissions:
  enabled: false
  ## The security context for the volumePermissions init container
  ##
  securityContext:
    runAsUser: 0
  image:
    registry: docker.io
    repository: bitnami/bitnami-shell
    tag: 10-debian-10-r98
    ## Specify a imagePullPolicy
    ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
    ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
    ##
    pullPolicy: Always
    ## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace)
    ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
    ## Example:
    ## pullSecrets:
    ##   - myRegistryKeySecretName
    ##
    pullSecrets: []
  ## Init Container resource requests and limits
  ## ref: http://kubernetes.io/docs/user-guide/compute-resources/
  ##
  resources:
    # We usually recommend not to specify default resources and to leave this as a conscious
    # choice for the user. This also increases chances charts run on environments with little
    # resources, such as Minikube. If you do want to specify resources, uncomment the following
    # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
    limits: {}
    #   cpu: 100m
    #   memory: 128Mi
    requests: {}
    #   cpu: 100m
    #   memory: 128Mi

## Kafka pods ServiceAccount
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
##
serviceAccount:
  ## Specifies whether a ServiceAccount should be created
  ##
  create: true
  ## The name of the ServiceAccount to use.
  ## If not set and create is true, a name is generated using the kafka.serviceAccountName template
  ##
  # name:
  # Allows auto mount of ServiceAccountToken on the serviceAccount created
  # Can be set to false if pods using this serviceAccount do not need to use K8s API
  automountServiceAccountToken: true

## Role Based Access
## ref: https://kubernetes.io/docs/admin/authorization/rbac/
##
rbac:
  ## Specifies whether RBAC rules should be created
  ## binding Kafka ServiceAccount to a role
  ## that allows Kafka pods querying the K8s API
  ##
  create: false

## Kafka provisioning
##
provisioning:
  enabled: false

  image:
    registry: docker.io
    repository: bitnami/kafka
    tag: 2.8.0-debian-10-r29
    ## Specify a imagePullPolicy
    ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
    ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
    ##
    pullPolicy: IfNotPresent
    ## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace)
    ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
    ## Example:
    ## pullSecrets:
    ##   - myRegistryKeySecretName
    ##
    pullSecrets: []

    ## Set to true if you would like to see extra information on logs
    ##
    debug: false

  # provisioning.numPartitions: Number of partitions for the topic when it does not specify.
  numPartitions: 1

  # provisioning.replicationFactor: Replication factor for the topic when it does not specify.
  replicationFactor: 1

  ## Use an alternate scheduler, e.g. "stork".
  ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
  ##
  # schedulerName:

  podAnnotations: {}

  resources:
    # We usually recommend not to specify default resources and to leave this as a conscious
    # choice for the user. This also increases chances charts run on environments with little
    # resources, such as Minikube. If you do want to specify resources, uncomment the following
    # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
    limits: {}
    #   cpu: 250m
    #   memory: 1Gi
    requests: {}
    #   cpu: 250m
    #   memory: 256Mi

  ## Command and args for running the container (set to default if not set). Use array form
  ##
  command: []
  args: []

  topics: []
  # - name: topic-name
  #   partitions: 1
  #   replicationFactor: 1
  #   # https://kafka.apache.org/documentation/#topicconfigs
  #   config:
  #     max.message.bytes: 64000
  #     flush.messages: 1

## Prometheus Exporters / Metrics
##
metrics:
  ## Prometheus Kafka Exporter: exposes complimentary metrics to JMX Exporter
  ##
  kafka:
    enabled: false

    ## Bitnami Kafka exporter image
    ## ref: https://hub.docker.com/r/bitnami/kafka-exporter/tags/
    ##
    image:
      registry: docker.io
      repository: bitnami/kafka-exporter
      tag: 1.3.1-debian-10-r14
      ## Specify a imagePullPolicy
      ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
      ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
      ##
      pullPolicy: IfNotPresent
      ## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace)
      ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
      ## Example:
      ## pullSecrets:
      ##   - myRegistryKeySecretName
      ##
      pullSecrets: []

    ## Use an alternate scheduler, e.g. "stork".
    ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
    ##
    # schedulerName:

    ## Extra flags to be passed to Kafka exporter
    ## Example:
    ## extraFlags:
    ##   tls.insecure-skip-tls-verify: ""
    ##   web.telemetry-path: "/metrics"
    ##
    extraFlags: {}

    ## Name of the existing secret containing the optional certificate and key files
    ## for Kafka Exporter client authentication
    ##
    # certificatesSecret:

    ## The secret key from the certificatesSecret if 'client-cert' key different from the default (cert-file)
    ##
    tlsCert: cert-file

    ## The secret key from the certificatesSecret if 'client-key' key different from the default (key-file)
    ##
    tlsKey: key-file

    ## Name of the existing secret containing the optional ca certificate
    ## for Kafka Exporter client authentication
    ##
    # tlsCaSecret:

    ## The secret key from the certificatesSecret or tlsCaSecret if 'ca-cert' key different from the default (ca-file)
    ##
    tlsCaCert: ca-file

    ## Prometheus Kafka Exporter' resource requests and limits
    ## ref: http://kubernetes.io/docs/user-guide/compute-resources/
    ##
    resources:
      # We usually recommend not to specify default resources and to leave this as a conscious
      # choice for the user. This also increases chances charts run on environments with little
      # resources, such as Minikube. If you do want to specify resources, uncomment the following
      # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
      limits: {}
      #   cpu: 100m
      #   memory: 128Mi
      requests: {}
      #   cpu: 100m
      #   memory: 128Mi

    ## Affinity for pod assignment
    ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
    ## Note: podAffinityPreset, podAntiAffinityPreset, and  nodeAffinityPreset will be ignored when it's set
    ##
    affinity: {}

    ## Node labels for pod assignment
    ## Ref: https://kubernetes.io/docs/user-guide/node-selection/
    ##
    nodeSelector: {}

    ## Tolerations for pod assignment
    ## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
    ##
    tolerations: []

    ## Add init containers to the Kafka exporter pods.
    ## Example:
    ## initContainers:
    ##   - name: your-image-name
    ##     image: your-image
    ##     imagePullPolicy: Always
    ##     ports:
    ##       - name: portname
    ##         containerPort: 1234
    ##
    initContainers: {}

    ## Service configuration
    ##
    service:
      ## Kafka Exporter Service type
      ##
      type: ClusterIP
      ## Kafka Exporter Prometheus port
      ##
      port: 9308
      ## Specify the nodePort value for the LoadBalancer and NodePort service types.
      ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
      ##
      nodePort: ""
      ## Set the LoadBalancer service type to internal only.
      ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
      ##
      # loadBalancerIP:
      ## Load Balancer sources
      ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
      ## Example:
      ## loadBalancerSourceRanges:
      ## - 10.10.10.0/24
      ##
      loadBalancerSourceRanges: []
      ## Set the Cluster IP to use
      ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#choosing-your-own-ip-address
      ##
      # clusterIP: None
      ## Annotations for the Kafka Exporter Prometheus metrics service
      ##
      annotations:
        prometheus.io/scrape: "true"
        prometheus.io/port: "{{ .Values.metrics.kafka.service.port }}"
        prometheus.io/path: "/metrics"

  ## Prometheus JMX Exporter: exposes the majority of Kafkas metrics
  ##
  jmx:
    enabled: false

    ## Bitnami JMX exporter image
    ## ref: https://hub.docker.com/r/bitnami/jmx-exporter/tags/
    ##
    image:
      registry: docker.io
      repository: bitnami/jmx-exporter
      tag: 0.15.0-debian-10-r121
      ## Specify a imagePullPolicy
      ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
      ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
      ##
      pullPolicy: IfNotPresent
      ## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace)
      ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
      ## Example:
      ## pullSecrets:
      ##   - myRegistryKeySecretName
      ##
      pullSecrets: []

    ## Prometheus JMX Exporter' resource requests and limits
    ## ref: http://kubernetes.io/docs/user-guide/compute-resources/
    ##
    resources:
      # We usually recommend not to specify default resources and to leave this as a conscious
      # choice for the user. This also increases chances charts run on environments with little
      # resources, such as Minikube. If you do want to specify resources, uncomment the following
      # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
      limits: {}
      #   cpu: 100m
      #   memory: 128Mi
      requests: {}
      #   cpu: 100m
      #   memory: 128Mi

    ## Service configuration
    ##
    service:
      ## JMX Exporter Service type
      ##
      type: ClusterIP
      ## JMX Exporter Prometheus port
      ##
      port: 5556
      ## Specify the nodePort value for the LoadBalancer and NodePort service types.
      ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
      ##
      nodePort: ""
      ## Set the LoadBalancer service type to internal only.
      ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
      ##
      # loadBalancerIP:
      ## Load Balancer sources
      ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
      ## Example:
      ## loadBalancerSourceRanges:
      ## - 10.10.10.0/24
      ##
      loadBalancerSourceRanges: []
      ## Set the Cluster IP to use
      ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#choosing-your-own-ip-address
      ##
      # clusterIP: None
      ## Annotations for the JMX Exporter Prometheus metrics service
      ##
      annotations:
        prometheus.io/scrape: "true"
        prometheus.io/port: "{{ .Values.metrics.jmx.service.port }}"
        prometheus.io/path: "/"

    ## JMX Whitelist Objects, can be set to control which JMX metrics are exposed. Only whitelisted
    ## values will be exposed via JMX Exporter. They must also be exposed via Rules. To expose all metrics
    ## (warning its crazy excessive and they aren't formatted in a prometheus style) (1) `whitelistObjectNames: []`
    ## (2) commented out above `overrideConfig`.
    ##
    whitelistObjectNames:
      - kafka.controller:*
      - kafka.server:*
      - java.lang:*
      - kafka.network:*
      - kafka.log:*

    ## Prometheus JMX exporter configuration
    ## Specify content for jmx-kafka-prometheus.yml. Evaluated as a template
    ##
    ## Credits to the incubator/kafka chart for the JMX configuration.
    ## https://github.com/helm/charts/tree/master/incubator/kafka
    ##
    config: |-
      jmxUrl: service:jmx:rmi:///jndi/rmi://127.0.0.1:5555/jmxrmi
      lowercaseOutputName: true
      lowercaseOutputLabelNames: true
      ssl: false
      {{- if .Values.metrics.jmx.whitelistObjectNames }}
      whitelistObjectNames: ["{{ join "\",\"" .Values.metrics.jmx.whitelistObjectNames }}"]
      {{- end }}

    ## ConfigMap with Prometheus JMX exporter configuration
    ## NOTE: This will override metrics.jmx.config
    ##
    # existingConfigmap:

  ## Prometheus Operator ServiceMonitor configuration
  ##
  serviceMonitor:
    enabled: false
    ## Namespace in which Prometheus is running
    ##
    # namespace: monitoring

    ## Interval at which metrics should be scraped.
    ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
    ##
    # interval: 10s

    ## Timeout after which the scrape is ended
    ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
    ##
    # scrapeTimeout: 10s

    ## ServiceMonitor selector labels
    ## ref: https://github.com/bitnami/charts/tree/master/bitnami/prometheus-operator#prometheus-configuration
    ##
    # selector:
    #   prometheus: my-prometheus

    ## Relabel configuration for the metrics.
    ##
    # relabelings: []

    # MetricRelabelConfigs to apply to samples before ingestion.
    ##
    # metricRelabelings: []

##
## Zookeeper chart configuration
##
## https://github.com/bitnami/charts/blob/master/bitnami/zookeeper/values.yaml
##
zookeeper:
  enabled: false
  auth:
    ## Enable Zookeeper auth
    ##
    enabled: false
    ## User that will use Zookeeper clients to auth
    ##
    # clientUser:
    ## Password that will use Zookeeper clients to auth
    ##
    # clientPassword:
    ## Comma, semicolon or whitespace separated list of user to be created. Specify them as a string, for example: "user1,user2,admin"
    ##
    # serverUsers:
    ## Comma, semicolon or whitespace separated list of passwords to assign to users when created. Specify them as a string, for example: "pass4user1, pass4user2, pass4admin"
    ##
    # serverPasswords:

## This value is only used when zookeeper.enabled is set to false
##
externalZookeeper:
  ## Server or list of external zookeeper servers to use.
  ##
  servers: zookeeper 

## Extra init containers to add to the deployment
##
initContainers: []