-
Notifications
You must be signed in to change notification settings - Fork 381
feat: Add Helm Chart for NATS S3 #1079
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. Weβll occasionally send you account related emails.
Already on GitHub? Sign in to your account
base: main
Are you sure you want to change the base?
Changes from 2 commits
1338c45
43aca32
dabb5b4
941e7ad
951da71
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,10 @@ | ||
| apiVersion: v2 | ||
| version: 0.15.4 | ||
| appVersion: 1.4.2 | ||
| type: application | ||
| name: nats-s3 | ||
| description: S3-compatible object storage powered by NATS JetStream | ||
| maintainers: | ||
| - email: info@nats.io | ||
| name: Community Effort | ||
| url: https://github.com/wpnpeiris/nats-s3 | ||
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,126 @@ | ||
| # nats-kafka | ||
|
ashupednekar marked this conversation as resolved.
Outdated
|
||
|
|
||
| ## TL;DR; | ||
|
|
||
| ``` | ||
| helm repo add nats https://nats-io.github.io/k8s/helm/charts/ | ||
| helm install -f my-values.yaml my-nats-kafka nats/nats-kafka | ||
|
Member
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. docs here are from nats kafka?
Author
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Thanks for pointing out, the docs commits were unpushed, my bad... updated |
||
| ``` | ||
|
|
||
| ## Configuration | ||
|
|
||
| The following example configurations can be set with `-f`. | ||
|
|
||
| **Basic** | ||
|
|
||
| ```yaml | ||
| natskafka: | ||
| nats: | ||
| servers: | ||
| - "nats://1.2.3.4:4222" | ||
| connect: | ||
| - type: "NATSToKafka" | ||
| brokers: | ||
| - 1.2.3.4:9092 | ||
| id: whizz | ||
| topic: bar | ||
| subject: bang | ||
| - type: "KafkaToNATS" | ||
| brokers: | ||
| - 1.2.3.4:9092 | ||
| id: foo | ||
| topic: bar | ||
| subject: baz | ||
| ``` | ||
|
|
||
| **Monitoring** | ||
|
|
||
| ```yaml | ||
| natskafka: | ||
| monitoring: | ||
| httpPort: 8222 | ||
| nats: | ||
| servers: | ||
| - "nats://1.2.3.4:4222" | ||
| connect: | ||
| - type: "NATSToKafka" | ||
| brokers: | ||
| - "1.2.3.4:9092" | ||
| id: whizz | ||
| topic: bar | ||
| subject: bang | ||
| - type: "KafkaToNATS" | ||
| brokers: | ||
| - "1.2.3.4:9092" | ||
| id: foo | ||
| topic: bar | ||
| subject: baz | ||
| ``` | ||
|
|
||
| **Monitoring with TLS** | ||
|
|
||
| First, create a secret in Kubernetes with certs and keys. | ||
|
|
||
| ``` | ||
| kubectl create secret generic monitor-tls \ | ||
| --from-file=ca-cert.pem \ | ||
| --from-file=user-key.pem \ | ||
| --from-file=user-cert.pem | ||
| ``` | ||
|
|
||
| Then use the data in the secret in the configuration. | ||
|
|
||
| ```yaml | ||
| natskafka: | ||
| monitoring: | ||
| httpsPort: 8222 | ||
| tls: | ||
| secret: monitor-tls | ||
| root: ca-cert.pem | ||
| cert: user-cert.pem | ||
| key: user-key.pem | ||
| nats: | ||
| servers: | ||
| - "nats://1.2.3.4:4222" | ||
| connect: | ||
| - type: "NATSToKafka" | ||
| brokers: | ||
| - "1.2.3.4:9092" | ||
| id: whizz | ||
| topic: bar | ||
| subject: bang | ||
| - type: "KafkaToNATS" | ||
| brokers: | ||
| - "1.2.3.4:9092" | ||
| id: foo | ||
| topic: bar | ||
| subject: baz | ||
| ``` | ||
|
|
||
| **Using Nats Credentials** | ||
|
|
||
| If you need a nats credential for authentication: | ||
|
|
||
| ```yaml | ||
| natskafka: | ||
| nats: | ||
| servers: | ||
| - "nats://1.2.3.4:4222" | ||
| credentials: | ||
| secret: | ||
| name: nats-sys-creds | ||
| key: sys.creds | ||
| connect: | ||
| - type: "NATSToKafka" | ||
| brokers: | ||
| - "1.2.3.4:9092" | ||
| id: whizz | ||
| topic: bar | ||
| subject: bang | ||
| - type: "KafkaToNATS" | ||
| brokers: | ||
| - "1.2.3.4:9092" | ||
| id: foo | ||
| topic: bar | ||
| subject: baz | ||
| ``` | ||
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,90 @@ | ||
| {{/* | ||
| Expand the name of the chart. | ||
| */}} | ||
| {{- define "nats-s3.name" -}} | ||
| {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} | ||
| {{- end }} | ||
|
|
||
| {{/* | ||
| Expand the namespace of the chart. | ||
| */}} | ||
| {{- define "nats-s3.namespace" -}} | ||
| {{- default .Release.Namespace .Values.namespaceOverride | trunc 63 | trimSuffix "-" }} | ||
| {{- end }} | ||
|
|
||
| {{/* | ||
| Create a default fully qualified app name. | ||
| We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). | ||
| If release name contains chart name it will be used as a full name. | ||
| */}} | ||
| {{- define "nats-s3.fullname" -}} | ||
| {{- if .Values.fullnameOverride }} | ||
| {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} | ||
| {{- else }} | ||
| {{- $name := default .Chart.Name .Values.nameOverride }} | ||
| {{- if contains $name .Release.Name }} | ||
| {{- .Release.Name | trunc 63 | trimSuffix "-" }} | ||
| {{- else }} | ||
| {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} | ||
| {{- end }} | ||
| {{- end }} | ||
| {{- end }} | ||
|
|
||
| {{/* | ||
| Create chart name and version as used by the chart label. | ||
| */}} | ||
| {{- define "nats-s3.chart" -}} | ||
| {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} | ||
| {{- end }} | ||
|
|
||
| {{/* | ||
| Common labels | ||
| */}} | ||
| {{- define "nats-s3.labels" -}} | ||
| helm.sh/chart: {{ include "nats-s3.chart" . }} | ||
| {{ include "nats-s3.selectorLabels" . }} | ||
| {{- if .Chart.AppVersion }} | ||
| app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} | ||
| {{- end }} | ||
| app.kubernetes.io/managed-by: {{ .Release.Service }} | ||
| {{- end }} | ||
|
|
||
| {{/* | ||
| Selector labels | ||
| */}} | ||
| {{- define "nats-s3.selectorLabels" -}} | ||
| app.kubernetes.io/name: {{ include "nats-s3.name" . }} | ||
| app.kubernetes.io/instance: {{ .Release.Name }} | ||
| {{- end }} | ||
|
|
||
| {{/* | ||
| Create the name of the service account to use | ||
| */}} | ||
| {{- define "nats-s3.serviceAccountName" -}} | ||
| {{- if .Values.serviceAccount.create }} | ||
| {{- default (include "nats-s3.fullname" .) .Values.serviceAccount.name }} | ||
| {{- else }} | ||
| {{- default "default" .Values.serviceAccount.name }} | ||
| {{- end }} | ||
| {{- end }} | ||
|
|
||
| {{/* | ||
| Fix image keys for chart versions <= 0.13.1 | ||
| */}} | ||
| {{- define "nats-s3.fixImage" -}} | ||
| {{- if .tagOverride }} | ||
| {{- $_ := set . "tag" .tagOverride }} | ||
| {{- $_ := unset . "tagOverride" }} | ||
| {{- end }} | ||
| {{- end }} | ||
|
|
||
| {{/* | ||
| Print the image | ||
| */}} | ||
| {{- define "nats-s3.image" -}} | ||
| {{- $image := printf "%s:%s" .repository .tag }} | ||
| {{- if .registry }} | ||
| {{- $image = printf "%s/%s" .registry $image }} | ||
| {{- end }} | ||
| {{- $image -}} | ||
| {{- end }} |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,45 @@ | ||
| apiVersion: apps/v1 | ||
| kind: Deployment | ||
| metadata: | ||
| name: {{ include "nats-s3.fullname" . }} | ||
| namespace: {{ .Values.namespaceOverride | default .Release.Namespace }} | ||
| labels: | ||
| app: nats-s3 | ||
| {{- include "nats-s3.labels" . | nindent 4 }} | ||
| spec: | ||
| replicas: {{ .Values.replicaCount }} | ||
| selector: | ||
| matchLabels: | ||
| app: nats-s3 | ||
| {{- include "nats-s3.selectorLabels" . | nindent 6 }} | ||
| strategy: {} | ||
| template: | ||
| metadata: | ||
| labels: | ||
| app: nats-s3 | ||
| {{- include "nats-s3.selectorLabels" . | nindent 8 }} | ||
| spec: | ||
| containers: | ||
| - name: nats-s3 | ||
| image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" | ||
| imagePullPolicy: {{ .Values.image.pullPolicy }} | ||
| args: | ||
| - "--listen" | ||
| - "0.0.0.0:{{ .Values.service.targetPort }}" | ||
| - "--natsServers" | ||
| - "{{ .Values.nats.servers }}" | ||
| - "--s3.credentials" | ||
| - "/etc/nats-s3/credentials.json" | ||
| ports: | ||
| - containerPort: {{ .Values.service.targetPort }} | ||
| protocol: TCP | ||
| volumeMounts: | ||
| - name: credentials | ||
| mountPath: /etc/nats-s3 | ||
| readOnly: true | ||
| resources: {} | ||
| volumes: | ||
| - name: credentials | ||
| secret: | ||
| secretName: {{ .Values.auth.existingSecret | default "nats-s3-credentials" }} | ||
| status: {} |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,25 @@ | ||
| {{- if not .Values.auth.existingSecret }} | ||
| apiVersion: v1 | ||
| kind: Secret | ||
| metadata: | ||
| name: nats-s3-credentials | ||
| namespace: {{ .Release.Namespace }} | ||
| labels: | ||
| app.kubernetes.io/name: {{ include "nats-s3.name" . }} | ||
| helm.sh/chart: {{ include "nats-s3.chart" . }} | ||
| app.kubernetes.io/instance: {{ .Release.Name }} | ||
| app.kubernetes.io/managed-by: {{ .Release.Service }} | ||
| type: Opaque | ||
| stringData: | ||
| credentials.json: | | ||
| { | ||
| "credentials": [ | ||
| {{- if .Values.auth.enabled }} | ||
| { | ||
| "accessKey": {{ .Values.auth.username | quote }}, | ||
| "secretKey": {{ .Values.auth.password | quote }} | ||
| } | ||
| {{- end }} | ||
| ] | ||
| } | ||
| {{- end }} |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,21 @@ | ||
| apiVersion: v1 | ||
| kind: Service | ||
| metadata: | ||
| name: {{ include "nats-s3.fullname" . }} | ||
| namespace: {{ .Values.namespaceOverride | default .Release.Namespace }} | ||
| labels: | ||
| app: nats-s3 | ||
| {{- include "nats-s3.labels" . | nindent 4 }} | ||
| spec: | ||
| type: {{ .Values.service.type }} | ||
| ports: | ||
| - port: {{ .Values.service.port }} | ||
| targetPort: {{ .Values.service.targetPort }} | ||
| protocol: TCP | ||
| name: http | ||
| {{- if and (eq .Values.service.type "NodePort") .Values.service.nodePort }} | ||
| nodePort: {{ .Values.service.nodePort }} | ||
| {{- end }} | ||
| selector: | ||
| app: nats-s3 | ||
| {{- include "nats-s3.selectorLabels" . | nindent 4 }} |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,29 @@ | ||
| nameOverride: "" | ||
| fullnameOverride: "" | ||
| namespaceOverride: "" | ||
| replicaCount: 1 | ||
|
|
||
| image: | ||
| repository: ghcr.io/wpnpeiris/nats-s3 | ||
| tag: latest | ||
| pullPolicy: IfNotPresent | ||
|
|
||
| service: | ||
| type: NodePort | ||
| port: 5222 | ||
| targetPort: 5222 | ||
| nodePort: 30222 # Uncomment if using NodePort | ||
|
|
||
| nats: | ||
| servers: "nats://nats:4222" | ||
|
|
||
| auth: | ||
| # Enable authentication (disabled by default) | ||
| enabled: true | ||
|
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. it is commented as |
||
|
|
||
| # Use existing secret (takes precedence if set) | ||
| existingSecret: "" | ||
|
|
||
| # Username/Password authentication | ||
| username: "natsadmin" | ||
| password: "natsadmin" | ||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this should be version of latest
nats-s3?, latest we have 0.3.3