Versions Compared

Old Version 15

changes.mady.by.user Andreas Geissler

Saved on

compared with

New Version 16

changes.mady.by.user Andreas Geissler

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

https://strimzi.io/blog/2019/04/23/accessing-kafka-part-2/

https://github.com/strimzi/strimzi-kafka-operator/blob/main/documentation/api/io.strimzi.api.kafka.model.listener.arraylistener.GenericKafkaListener.adoc

Current Setup - no Ingress (Kohn):

...

draw.io Diagram
bordertrue
diagramNameIngress2Kafka
simpleViewerfalse
width
linksauto
tbstyletop
lboxtrue
diagramWidth857
revision5

Test steps on an existing ServiceMesh cluster

  1. Add custom ports to istio-ingressgateway service
    (https://www.dangtrinh.com/2019/09/how-to-open-custom-port-on-istio.html)
  2. Modify "external" pods onap-strimzi-kafka pods and services to disable TLS and set advertizedHosts
  3. Add "ingress" services to onap_strimzi

...

Code Block
1. Export existing service definition:
	kubectl -n istio-ingress get service istio-ingressgateway -o yaml > istio_ingressgateway.yaml
2. Check existing Nodeports (The range of valid ports is 30000-32767)
	kubectl get svc -A |grep Load
	kubectl get svc -A |grep NodePort
3. Choose 4 free ports (e.g. 30900, 30901,30902, 30903)
4. Edit istio_ingressgateway.yaml and add:
  - port: 9003
    nodePort: 30903
    targetPort: 9003
    name: kafka-bootstrap
    protocol: TCP
  - port: 9000
    nodePort: 30900
    targetPort: 9000
    name: kafka-0
    protocol: TCP
  - port: 9001
    nodePort: 30901
    targetPort: 9001
    name: kafka-1
    protocol: TCP
  - port: 9002
    nodePort: 30902
    targetPort: 9002
    name: kafka-2
    protocol: TCP
5. Apply changes:
     kubectl apply -f ./istio_ingressgateway.yaml
  • "Modify onap-strimzi-kafka pods and services to disable TLS and set advertizedHosts"
Code Block
1. Login to the K8S Control Node and set the helm environment
	helm repo add local http://127.0.0.1:8879
	helm plugin install --version v0.10.3 https://github.com/chartmuseum/helm-push.git
	git config --global --add safe.directory /opt/oom

2. Modify the onap-strimzi config
	cd /opt/oom/kubernetes
	vi strimzi/templates/strimzi-kafka.yaml
	Update "tls" and "authentication.type" of the "external" kafka listener:
    ---
      - name: external
        port: 9094
        type: nodeport
        tls: false
        authentication:
          type: {{ .Values.config.saslMechanism }}
        configuration:
          brokers:
            - broker: 0
              advertisedHost: kafka-api.simpledemo.onap.org
              advertisedPort: 9000
            - broker: 1
              advertisedHost: kafka-api.simpledemo.onap.org
              advertisedPort: 9001
            - broker: 2
              advertisedHost: kafka-api.simpledemo.onap.org
              advertisedPort: 9002

3. Apply the changes to onap-strimzi
    helm upgrade -i onap-strimzi local/strimzi --namespace onap --version 12.0.0 --values /opt/oom/kubernetes/onap/values.yaml --values /opt/oom/kubernetes/onap/resources/overrides/onap-all-ingress-istio.yaml --values /opt/oom/kubernetes/onap/resources/overrides/environment.yaml --values /home/ubuntu/oom/master/onap-overrides.yaml --timeout '900s'