diff --git a/.circleci/config.yml b/.circleci/config.yml new file mode 100644 index 00000000..b478f764 --- /dev/null +++ b/.circleci/config.yml @@ -0,0 +1,97 @@ +version: 2.1 +orbs: + moneysmart-orb: moneysmartco/circleci-orb@1.0.5 + aws-cli: circleci/aws-cli@3.1 + helm: circleci/helm@1.0 +defaults: &defaults + working_directory: ~/app + docker: + # the Docker image with Cypress dependencies + - image: cypress/base:16.14.0 + environment: + ## this enables colors in the output + TERM: xterm +aliases: + - &prod_aws_creds + aws-cli/setup: + aws-access-key-id: AWS_ACCESS_KEY + aws-secret-access-key: AWS_SECRET_ACCESS_KEY + aws-region: AWS_REGION + - &stg_aws_creds + aws-cli/setup: + aws-access-key-id: STAGING_AWS_ACCESS_KEY + aws-secret-access-key: STAGING_AWS_SECRET_ACCESS_KEY + aws-region: AWS_REGION +default-image: &default-image + machine: + image: ubuntu-2004:current + docker_layer_caching: true +jobs: + deploy_to_sg_staging_eks: + docker: + - image: 'cimg/python:3.10' + steps: + - checkout + - *stg_aws_creds + - attach_workspace: + at: /tmp/workspace + - moneysmart-orb/pull_helm_charts: + cluster-name: product-listing-staging + chart-name: kafka-rest + branch-name: production + - helm/upgrade-helm-chart: + chart: charts/cp-kafka-rest + release-name: kafka-rest-sg + namespace: kafka-client + values-to-override: appLabels.region=sg + values: charts/cp-kafka-rest/values-dev.yaml + timeout: 600s + helm-version: v3.9.0 +#--------------------------------------------- +# kakfa-rest SG and +#-------------------------------------------- + deploy_to_sg_prod_eks: + docker: + - image: 'cimg/python:3.10' + steps: + - checkout + - *prod_aws_creds + - attach_workspace: + at: /tmp/workspace + - moneysmart-orb/pull_helm_charts: + cluster-name: product-listing-prod + chart-name: kafka-rest + branch-name: production + - helm/upgrade-helm-chart: + chart: charts/cp-kafka-rest + release-name: kafka-rest-sg + namespace: kafka-client + values-to-override: appLabels.region=sg + values: charts/cp-kafka-rest/values-prod.yaml + timeout: 600s + helm-version: v3.9.0 +workflows: + version: 2.1 +#--------------------------------------------- +# kafka-rest SG and HK Staging Pipeline +#--------------------------------------------- + staging-build-deploy: + jobs: + - deploy_to_sg_prod_eks: + context: common-eks-vars + filters: + branches: + only: + - update-cicd +#--------------------------------------------- +# campaign_service SG and HK Production Pipeline +#--------------------------------------------- + prod-build-deploy: + jobs: + - deploy_to_sg_prod_eks: + context: common-eks-vars + filters: + tags: + only: /^v.*/ + branches: + ignore: /.*/ diff --git a/charts/cp-kafka-rest/templates/deployment.yaml b/charts/cp-kafka-rest/templates/deployment.yaml index 39bca499..c2ef628d 100644 --- a/charts/cp-kafka-rest/templates/deployment.yaml +++ b/charts/cp-kafka-rest/templates/deployment.yaml @@ -58,6 +58,8 @@ spec: {{- end }} - name: {{ template "cp-kafka-rest.name" . }}-server image: "{{ .Values.image }}:{{ .Values.imageTag }}" + command: ["/bin/bash", "-c"] + args: ["kafka-rest-start /etc/kafka-rest-cloud/kafka-rest.properties"] imagePullPolicy: "{{ .Values.imagePullPolicy }}" ports: - name: rest-proxy @@ -67,6 +69,10 @@ spec: - containerPort: {{ .Values.jmx.port }} name: jmx {{- end }} + volumeMounts: + - name: kafka-rest-config + mountPath: /etc/kafka-rest-cloud/ + readOnly: true resources: {{ toYaml .Values.resources | indent 12 }} env: @@ -102,6 +108,9 @@ spec: configMap: name: {{ template "cp-kafka-rest.fullname" . }}-jmx-configmap {{- end }} + - name: kafka-rest-config + secret: + secretName: kafka-rest-config {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 8 }} diff --git a/charts/cp-kafka-rest/templates/ingress.yml b/charts/cp-kafka-rest/templates/ingress.yml new file mode 100644 index 00000000..9e95f5ab --- /dev/null +++ b/charts/cp-kafka-rest/templates/ingress.yml @@ -0,0 +1,31 @@ +{{- $fullName := include "cp-kafka-rest.fullname" . -}} +{{- $ingressPath := .Values.envs.kafka_rest.paths -}} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + alb.ingress.kubernetes.io/certificate-arn: {{ .Values.envs.kafka_rest.certificate_arn }} + alb.ingress.kubernetes.io/group.name: eks-lb-{{ .Values.appLabels.region }} + alb.ingress.kubernetes.io/healthcheck-path: /_ping + alb.ingress.kubernetes.io/group.order: '150' + kubernetes.io/ingress.class: alb + nginx.ingress.kubernetes.io/use-regex: "true" + labels: + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/name: {{ .Release.Name }} + region: {{ .Values.appLabels.region }} + name: {{ .Release.Name }} +spec: + rules: + - host: event-proxy.{{ .Values.domain }} + http: + paths: + {{- range $ingressPath }} + - path: {{ . }} + backend: + service: + name: {{ $fullName }} + port: + number: 8082 + pathType: ImplementationSpecific + {{- end }} diff --git a/charts/cp-kafka-rest/templates/service.yaml b/charts/cp-kafka-rest/templates/service.yaml index 4d9765f9..971d5c41 100644 --- a/charts/cp-kafka-rest/templates/service.yaml +++ b/charts/cp-kafka-rest/templates/service.yaml @@ -18,3 +18,4 @@ spec: selector: app: {{ template "cp-kafka-rest.name" . }} release: {{ .Release.Name }} + type: {{ .Values.serviceType }} diff --git a/charts/cp-kafka-rest/values.yaml b/charts/cp-kafka-rest/values-dev.yaml similarity index 86% rename from charts/cp-kafka-rest/values.yaml rename to charts/cp-kafka-rest/values-dev.yaml index d73ed033..51bfc66b 100644 --- a/charts/cp-kafka-rest/values.yaml +++ b/charts/cp-kafka-rest/values-dev.yaml @@ -1,6 +1,13 @@ # Default values for cp-kafka-rest. # This is a YAML-formatted file. # Declare variables to be passed into your templates. +envs: + kafka_rest: + ingress_host: event-proxy.mssgdev.com + name: kafka-client + certificate_arn: arn:aws:acm:ap-southeast-1:856075066843:certificate/3d8d374c-c52f-4e59-8deb-e5b44c615db3 + paths: + - /* replicaCount: 1 @@ -19,6 +26,7 @@ imagePullPolicy: IfNotPresent imagePullSecrets: servicePort: 8082 +serviceType: NodePort ## Kafka rest JVM Heap Option heapOptions: "-Xms512M -Xmx512M" @@ -92,7 +100,7 @@ external: ## If the Kafka Chart is disabled a URL of zookeeper are required to connect ## e.g. ungaged-sparrow-cp-zookeeper:2181 cp-zookeeper: - url: "" + url: "z-1.mskproductlisting.cya0qq.c3.kafka.ap-southeast-1.amazonaws.com:2181" ## If the Kafka Chart is disabled a URL and port are required to connect ## e.g. gnoble-panther-cp-schema-registry:8081 @@ -100,4 +108,4 @@ cp-schema-registry: url: "" cp-kafka: - bootstrapServers: "" + bootstrapServers: "b-2.mskproductlisting.cya0qq.c3.kafka.ap-southeast-1.amazonaws.com:9096,b-1.mskproductlisting.cya0qq.c3.kafka.ap-southeast-1.amazonaws.com:9096" diff --git a/charts/cp-kafka-rest/values-prod.yaml b/charts/cp-kafka-rest/values-prod.yaml new file mode 100644 index 00000000..2456f0ec --- /dev/null +++ b/charts/cp-kafka-rest/values-prod.yaml @@ -0,0 +1,113 @@ +# Default values for cp-kafka-rest. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +envs: + kafka_rest: + ingress_host: event-proxy.moneysmart.sg + name: kafka-client + certificate_arn: arn:aws:acm:ap-southeast-1:814507470717:certificate/989bd44a-305f-47ab-acb9-574fd7a4dd9e + paths: + - /* + +replicaCount: 1 + +domain: moneysmart.sg + +## Image Info +## ref: https://hub.docker.com/r/confluentinc/cp-kafka/ +image: confluentinc/cp-kafka-rest +imageTag: 6.1.0 + +## Specify a imagePullPolicy +## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images +imagePullPolicy: IfNotPresent + +## Specify an array of imagePullSecrets. +## Secrets must be manually created in the namespace. +## ref: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod +imagePullSecrets: + +servicePort: 8082 +serviceType: NodePort + +## Kafka rest JVM Heap Option +heapOptions: "-Xms512M -Xmx512M" + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +## Custom pod annotations +podAnnotations: {} + +## Node labels for pod assignment +## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ +nodeSelector: {} + +## Taints to tolerate on node assignment: +## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +tolerations: [] + +## Pod scheduling constraints +## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity +affinity: {} + +## Kafka REST configuration options +## ref: https://docs.confluent.io/current/kafka-rest/docs/config.html +configurationOverrides: + # "consumer.request.timeout.ms": 5000 + +## Additional env variables +customEnv: {} + # ZOOKEEPER_SASL_ENABLED: "false" + +## Monitoring +## Kafka REST JMX Settings +## ref: https://docs.confluent.io/current/kafka-rest/docs/monitoring.html +jmx: + port: 5555 + +## Prometheus Exporter Configuration +## ref: https://prometheus.io/docs/instrumenting/exporters/ +prometheus: + ## JMX Exporter Configuration + ## ref: https://github.com/prometheus/jmx_exporter + jmx: + enabled: true + image: solsson/kafka-prometheus-jmx-exporter@sha256 + imageTag: 6f82e2b0464f50da8104acd7363fb9b995001ddff77d248379f8788e78946143 + imagePullPolicy: IfNotPresent + port: 5556 + + ## Resources configuration for the JMX exporter container. + ## See the `resources` documentation above for details. + resources: {} + +## External Access +## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer +external: + enabled: false + type: LoadBalancer + externalTrafficPolicy: Cluster + port: 8082 + +## If the Kafka Chart is disabled a URL of zookeeper are required to connect +## e.g. ungaged-sparrow-cp-zookeeper:2181 +cp-zookeeper: + url: "z-1.mskproductlisting.x95avm.c3.kafka.ap-southeast-1.amazonaws.com:2181" + +## If the Kafka Chart is disabled a URL and port are required to connect +## e.g. gnoble-panther-cp-schema-registry:8081 +cp-schema-registry: + url: "" + +cp-kafka: + bootstrapServers: "b-1.mskproductlisting.x95avm.c3.kafka.ap-southeast-1.amazonaws.com:9096,b-2.mskproductlisting.x95avm.c3.kafka.ap-southeast-1.amazonaws.com"