diff --git a/example/config-br-default-jsm.yaml b/example/config-br-default-jsm.yaml deleted file mode 100644 index 907c132c..00000000 --- a/example/config-br-default-jsm.yaml +++ /dev/null @@ -1,25 +0,0 @@ -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-natjsm-channel - namespace: nats - labels: - eventing.knative.dev/release: devel -data: - channelTemplateSpec: | - apiVersion: messaging.knative.dev/v1alpha1 - kind: NatsJetStreamChannel \ No newline at end of file diff --git a/example/config-br-defaults.yaml b/example/config-br-defaults.yaml deleted file mode 100644 index 674765e5..00000000 --- a/example/config-br-defaults.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-br-defaults - namespace: knative-eventing -data: - default-br-config: | - # This is the cluster-wide default broker channel. - clusterDefault: - brokerClass: MTChannelBasedBroker - apiVersion: v1 - kind: ConfigMap - name: imc-channel - namespace: knative-eventing \ No newline at end of file diff --git a/example/config-broker.yaml b/example/config-broker.yaml deleted file mode 100644 index 93b43965..00000000 --- a/example/config-broker.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: eventing.knative.dev/v1 -kind: Broker -metadata: - annotations: - eventing.knative.dev/broker.class: MTChannelBasedBroker - name: imc-broker - namespace: default -spec: - config: - apiVersion: v1 - kind: ConfigMap - name: imc-channel - namespace: knative-eventing \ No newline at end of file diff --git a/example/config-event-success-capture.yaml b/example/config-event-success-capture.yaml deleted file mode 100644 index a6a6f619..00000000 --- a/example/config-event-success-capture.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: serving.knative.dev/v1 -kind: Service -metadata: - name: event-success-capture -spec: - template: - metadata: - annotations: - autoscaling.knative.dev/min-scale: "1" - spec: - containers: - - image: gcr.io/knative-releases/knative.dev/eventing/cmd/event_display \ No newline at end of file diff --git a/example/config-event-success-trigger.yaml b/example/config-event-success-trigger.yaml deleted file mode 100644 index 96a5fd3e..00000000 --- a/example/config-event-success-trigger.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: eventing.knative.dev/v1 -kind: Trigger -metadata: - name: demo-to-display -spec: - broker: imc-broker - subscriber: - ref: - apiVersion: serving.knative.dev/v1 - kind: Service - name: event-success-capture - namespace: default \ No newline at end of file diff --git a/example/config-imc-channel.yaml b/example/config-imc-channel.yaml deleted file mode 100644 index 94783783..00000000 --- a/example/config-imc-channel.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: imc-channel - namespace: knative-eventing -data: - channel-template-spec: | - apiVersion: messaging.knative.dev/v1 - kind: InMemoryChannel \ No newline at end of file diff --git a/example/config-jsm-crd.yaml b/example/config-jsm-crd.yaml deleted file mode 100644 index a67e9cf5..00000000 --- a/example/config-jsm-crd.yaml +++ /dev/null @@ -1,1438 +0,0 @@ -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: nats-webhook-admission - labels: - nats.eventing.knative.dev/release: "v1.10.7" -rules: - # webhook deployment watches these to - - apiGroups: - - admissionregistration.k8s.io - resources: - - "mutatingwebhookconfigurations" - - "validatingwebhookconfigurations" - verbs: - - get - - list - - watch - - update - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: nats-webhook - namespace: knative-eventing - labels: - nats.eventing.knative.dev/release: "v1.10.7" -rules: - # webhook requires access to manage the nats-webhook-cert, the informers uses the system namespace scope so only - # requires to be a Role and not a ClusterRole - - apiGroups: - - "" - resources: - - "secrets" - verbs: - - get - - list - - watch - - update - # required for leader election in case of multiple controller replicas - - apiGroups: - - "coordination.k8s.io" - resources: - - "leases" - verbs: - - get - - list - - create - - update - - delete - - patch - - watch - - apiGroups: - - "" - resources: - - "namespaces" - verbs: - - get - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: nats-webhook - namespace: knative-eventing - labels: - nats.eventing.knative.dev/release: "v1.10.7" - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: nats-webhook-admission -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: nats-webhook-admission -subjects: - - kind: ServiceAccount - name: nats-webhook - namespace: knative-eventing - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: nats-webhook-configmap-reader - namespace: knative-eventing -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: eventing-config-reader -subjects: - - kind: ServiceAccount - name: nats-webhook - namespace: knative-eventing - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: nats-webhook - namespace: knative-eventing -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: nats-webhook -subjects: - - kind: ServiceAccount - name: nats-webhook - namespace: knative-eventing - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: nats-webhook-certs - namespace: knative-eventing - labels: - nats.messaging.knative.dev/release: devel -# The data is populated at install time. - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: defaulting.webhook.nats.messaging.knative.dev - labels: - nats.eventing.knative.dev/release: "v1.10.7" -webhooks: - - admissionReviewVersions: ["v1beta1"] - clientConfig: - service: - name: nats-webhook - namespace: knative-eventing - sideEffects: None - failurePolicy: Fail - name: defaulting.webhook.nats.messaging.knative.dev - timeoutSeconds: 2 - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: nats-webhook - namespace: knative-eventing - labels: - nats.eventing.knative.dev/release: "v1.10.7" -spec: - replicas: 1 - selector: - matchLabels: - app: nats-webhook - role: nats-webhook - template: - metadata: - labels: - app: nats-webhook - role: nats-webhook - spec: - # To avoid node becoming SPOF, spread our replicas to different nodes. - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: nats-webhook - role: nats-webhook - topologyKey: kubernetes.io/hostname - weight: 100 - serviceAccountName: nats-webhook - containers: - - name: nats-webhook - terminationMessagePolicy: FallbackToLogsOnError - # This is the Go import path for the binary that is containerized - # and substituted here. - image: gcr.io/knative-releases/knative.dev/eventing-natss/cmd/webhook@sha256:ace1396c647bf32f56ff54f6bc0fea196667dcad2db42eab98ee60d83415f5e5 - resources: - requests: - # taken from serving. - cpu: 20m - memory: 20Mi - limits: - # taken from serving. - cpu: 200m - memory: 200Mi - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: METRICS_DOMAIN - value: knative.dev/channels - - name: WEBHOOK_NAME - value: nats-webhook - - name: WEBHOOK_PORT - value: "8443" - securityContext: - allowPrivilegeEscalation: false - ports: - - name: https-webhook - containerPort: 8443 - - name: metrics - containerPort: 9090 - - name: profiling - containerPort: 8008 - readinessProbe: - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: https-webhook - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - livenessProbe: - periodSeconds: 1 - httpGet: - scheme: HTTPS - port: https-webhook - httpHeaders: - - name: k-kubelet-probe - value: "webhook" - initialDelaySeconds: 120 - # Our webhook should gracefully terminate by lame ducking first, set this to a sufficiently - # high value that we respect whatever value it has configured for the lame duck grace period. - terminationGracePeriodSeconds: 300 - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: validation.webhook.nats.messaging.knative.dev - labels: - nats.eventing.knative.dev/release: "v1.10.7" -webhooks: - - admissionReviewVersions: ["v1beta1"] - clientConfig: - service: - name: nats-webhook - namespace: knative-eventing - sideEffects: None - failurePolicy: Fail - name: validation.webhook.nats.messaging.knative.dev - timeoutSeconds: 2 - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - labels: - nats.eventing.knative.dev/release: "v1.10.7" - role: nats-webhook - name: nats-webhook - namespace: knative-eventing -spec: - ports: - - name: https-webhook - port: 443 - targetPort: https-webhook - selector: - role: nats-webhook - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: nats-jsm-addressable-resolver - labels: - nats.eventing.knative.dev/release: "v1.10.7" - duck.knative.dev/addressable: "true" -# Do not use this role directly. These rules will be added to the "addressable-resolver" role. -rules: - - apiGroups: - - messaging.knative.dev - resources: - - natsjetstreamchannels - - natsjetstreamchannels/status - verbs: - - get - - list - - watch - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: nats-jsm-channelable-manipulator - labels: - nats.eventing.knative.dev/release: "v1.10.7" - duck.knative.dev/channelable: "true" -# Do not use this role directly. These rules will be added to the "channelable-manipulator" role. -rules: - - apiGroups: - - messaging.knative.dev - resources: - - natsjetstreamchannels - - natsjetstreamchannels/status - verbs: - - create - - get - - list - - watch - - update - - patch - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: jetstream-ch-controller -rules: - # get/list/watch to trigger reconciles, and update for adding subscribers - - apiGroups: - - messaging.knative.dev - resources: - - natsjetstreamchannels - verbs: - - get - - list - - watch - - update - # update status and finalizers - - apiGroups: - - messaging.knative.dev - resources: - - natsjetstreamchannels/status - - natsjetstreamchannels/finalizers - verbs: - - update - # list and watch all deployments - - apiGroups: - - apps - resources: - - deployments - verbs: - - get - - list - - watch - - create - - update - - apiGroups: - - "" - resources: - - endpoints - - pods - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - serviceaccounts - verbs: - - create - - get - - list - - watch - - update - - apiGroups: - - "" - resources: - - services - verbs: - - create - - get - - list - - watch - - update - - apiGroups: - - rbac.authorization.k8s.io - resources: - - rolebindings - verbs: - - create - - get - - list - - watch - - update - # required to log events - - apiGroups: - - "" - resources: - - "events" - verbs: - - create - - patch - - update - - apiGroups: - - rbac.authorization.k8s.io - resources: - - clusterroles - verbs: - - get - resourceNames: - - jetstream-ch-controller - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: jetstream-ch-controller - namespace: knative-eventing -rules: - # required for leader election in case of multiple controller replicas - - apiGroups: - - "coordination.k8s.io" - resources: - - "leases" - verbs: - - get - - list - - create - - update - - delete - - patch - - watch - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: jetstream-ch-controller - namespace: knative-eventing - labels: - nats.eventing.knative.dev/release: "v1.10.7" - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# This ClusterRole needs a ClusterRoleBinding to the dispatcher when running in cluster-scoped mode, and a RoleBinding -# to the target namespace when running in namespace-scoped mode. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: jetstream-ch-dispatcher -rules: - - apiGroups: - - messaging.knative.dev - resources: - - natsjetstreamchannels - verbs: - - get - - list - - watch - - update - - patch - - apiGroups: - - messaging.knative.dev - resources: - - natsjetstreamchannels/status - - natsjetstreamchannels/finalizers - verbs: - - update - - patch - - apiGroups: - - "" - resources: - - secrets - verbs: - - get - - list - - watch - # required to log events - - apiGroups: - - "" - resources: - - "events" - verbs: - - create - - patch - - update - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# This Role is to grant the dispatcher ServiceAccount any necessary permissions within the knative-eventing namespace -# when the dispatcher is scoped to another namespace -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: jetstream-ch-dispatcher-eventing - namespace: knative-eventing -rules: - # required for leader election in case of multiple controller replicas - - apiGroups: - - "coordination.k8s.io" - resources: - - "leases" - verbs: - - get - - list - - create - - update - - delete - - patch - - watch - # copy/paste of eventing-configmap-reader - saves us creating an extra RoleBinding during reconcile. - - apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: jetstream-ch-dispatcher - namespace: knative-eventing - labels: - nats.eventing.knative.dev/release: "v1.10.7" - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# jetstream-ch-controller requires the permissions to do its own job -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: jetstream-ch-controller -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: jetstream-ch-controller -subjects: - - kind: ServiceAccount - name: jetstream-ch-controller - namespace: knative-eventing ---- -# then it also requires the permissions for the dispatcher, in order to grant RBAC permissions to scoped dispatchers -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: jetstream-ch-controller-grant -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: jetstream-ch-dispatcher -subjects: - - kind: ServiceAccount - name: jetstream-ch-controller - namespace: knative-eventing - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: jetstream-ch-controller-configmap-reader - namespace: knative-eventing -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: eventing-config-reader -subjects: - - kind: ServiceAccount - name: jetstream-ch-controller - namespace: knative-eventing - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: jetstream-ch-controller - namespace: knative-eventing -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: jetstream-ch-controller -subjects: - - kind: ServiceAccount - name: jetstream-ch-controller - namespace: knative-eventing - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: jetstream-ch-dispatcher - namespace: knative-eventing -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: jetstream-ch-dispatcher -subjects: - - kind: ServiceAccount - name: jetstream-ch-dispatcher - namespace: knative-eventing - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: jetstream-ch-dispatcher-configmap-reader - namespace: knative-eventing -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: eventing-config-reader -subjects: - - kind: ServiceAccount - name: jetstream-ch-dispatcher - namespace: knative-eventing - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: jetstream-ch-dispatcher-eventing - namespace: knative-eventing -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: jetstream-ch-dispatcher-eventing -subjects: - - kind: ServiceAccount - name: jetstream-ch-dispatcher - namespace: knative-eventing - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: natsjetstreamchannels.messaging.knative.dev - labels: - nats.eventing.knative.dev/release: "v1.10.7" - knative.dev/crd-install: "true" - messaging.knative.dev/subscribable: "true" - duck.knative.dev/addressable: "true" -spec: - scope: Namespaced - group: messaging.knative.dev - names: - kind: NatsJetStreamChannel - plural: natsjetstreamchannels - singular: natsjetstreamchannel - categories: - - all - - knative - - messaging - - channel - shortNames: - - natsjsmc - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - properties: - spec: - description: Spec defines the desired state of the Channel. - type: object - properties: - deploymentSpecTemplate: - description: Deployment configurations to apply to programmatically created dispatcher. - type: object - properties: - resources: - type: object - x-kubernetes-preserve-unknown-fields: true - affinity: - type: object - x-kubernetes-preserve-unknown-fields: true - nodeSelector: - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - type: object - x-kubernetes-preserve-unknown-fields: true - annotations: - type: object - x-kubernetes-preserve-unknown-fields: true - consumerConfigTemplate: - type: object - properties: - ackWait: - description: AckWait denotes the duration for which delivered messages should wait for an acknowledgement before attempting redelivery. - type: string - deliverPolicy: - description: DeliverPolicy defines the DeliverPolicy for the consumer. - type: string - filterSubject: - description: FilterSubject configures the source to only include messages matching this subject. - type: string - maxAckPending: - description: MaxAckPending is the maximum number of messages without an acknowledgement that can be outstanding, once this limit is reached message delivery will be suspended. - type: integer - format: int32 - maxDeliver: - description: MaxDeliver denotes the maximum number of times a message will be redelivered before being dropped (or delivered to the dead-letter queue if configured). - type: integer - format: int32 - optStartSeq: - description: OptStartSeq denotes the message sequence number which this consumer should start from. This is only applicable when DeliverPolicy is set to ByStartSequenceDeliverPolicy. - type: integer - format: int64 - minimum: 0 - optStartTime: - description: OptStartTime configures the consumer to deliver messages from the stream starting at the first message after this timestamp. This is only applicable when DeliverPolicy is set to ByStartTimeDeliverPolicy. - type: string - rateLimitBPS: - description: RateLimitBPS will throttle delivery to the client in bits-per-second. - type: integer - format: int64 - minimum: 0 - replayPolicy: - description: ReplayPolicy defines the ReplayPolicy for the consumer. - type: string - sampleFrequency: - description: SampleFrequency sets the percentage of acknowledgements that should be sampled for observability. Valid values are in the range 0-100 and, for example, allows both formats of "30" and "30%". - type: string - delivery: - description: DeliverySpec contains the default delivery spec for each subscription to this Channelable. Each subscription delivery spec, if any, overrides this global delivery spec. - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - group: - description: 'Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - timeout: - description: 'Timeout is the timeout of each single request. The value must be greater than 0. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5148' - type: string - stream: - type: object - properties: - config: - description: Config defines the StreamConfig for the stream. - type: object - properties: - additionalSubjects: - description: AdditionalSubjects allows adding additional subjects which this stream will subscribe to. The stream will always subscribe to a generated subject which the eventing-jetstream controller uses internally. - type: array - items: - type: string - discard: - description: Discard defines the DiscardPolicy for this stream. - type: string - duplicateWindow: - description: DuplicateWindow defines the duration of which messages should be tracked for detecting duplicates. - type: string - maxAge: - description: MaxAge defines the maximum age of a message which is allowed in the stream. - type: string - maxBytes: - description: MaxBytes defines how many bytes this stream can store spanning all messages in the stream. - type: integer - format: int64 - maxConsumers: - description: MaxConsumers defines how many consumers this stream can be bound to it. - type: integer - format: int32 - maxMsgSize: - description: MaxMsgSize defines the maximum size in bytes of an individual message. JetStream includes a hard-limit of 1MB so if defined should be less than 2^20=1048576. - type: integer - format: int32 - maxMsgs: - description: MaxMsgs defines how many messages this stream can store. - type: integer - format: int64 - mirror: - description: Mirror configures the stream to mirror another stream. - type: object - properties: - filterSubject: - description: FilterSubject configures the source to only include messages matching this subject. - type: string - name: - description: Name is the stream name which this source is referencing - type: string - optStartSeq: - description: OptStartSeq denotes the message sequence number which this source should start from. This takes precedence over OptStartTime if defined. - type: integer - format: int64 - minimum: 0 - optStartTime: - description: OptStartTime configures the source to deliver messages from the stream starting at the first message after this timestamp. - type: string - noAck: - description: NoAck disables acknowledgement of messages when true. - type: boolean - placement: - description: Placement allows configuring which JetStream server the stream should be placed on. - type: object - properties: - cluster: - description: Cluster denotes the cluster name which this stream should be placed on. - type: string - tags: - description: Tags will restrict this stream to only be stored on servers matching these tags. - type: array - items: - type: string - replicas: - description: Replicas defines how many replicas of each message should be stored. This is only applicable for clustered JetStream instances. - type: integer - format: int32 - retention: - description: Retention defines the RetentionPolicy for this stream. - type: string - sources: - description: Sources allows aggregating messages from other streams into a new stream. - type: array - items: - type: object - properties: - filterSubject: - description: FilterSubject configures the source to only include messages matching this subject. - type: string - name: - description: Name is the stream name which this source is referencing - type: string - optStartSeq: - description: OptStartSeq denotes the message sequence number which this source should start from. This takes precedence over OptStartTime if defined. - type: integer - format: int64 - minimum: 0 - optStartTime: - description: OptStartTime configures the source to deliver messages from the stream starting at the first message after this timestamp. - type: string - storage: - description: Storage defines the Storage mechanism for this stream. - type: string - overrideName: - description: OverrideName allows defining a custom stream name, by default a generated name based on the namespace and name of the NatsJetStreamChannel is used. - type: string - subscribers: - description: This is the list of subscriptions for this subscribable. - type: array - items: - type: object - properties: - delivery: - description: DeliverySpec contains options controlling the event delivery - type: object - properties: - backoffDelay: - description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' - type: string - backoffPolicy: - description: BackoffPolicy is the retry backoff policy (linear, exponential). - type: string - deadLetterSink: - description: DeadLetterSink is the sink receiving event that could not be sent to a destination. - type: object - properties: - ref: - description: Ref points to an Addressable. - type: object - properties: - apiVersion: - description: API version of the referent. - type: string - group: - description: 'Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' - type: string - uri: - description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. - type: string - retry: - description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. - type: integer - format: int32 - timeout: - description: 'Timeout is the timeout of each single request. The value must be greater than 0. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5148' - type: string - generation: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - replyUri: - description: ReplyURI is the endpoint for the reply - type: string - subscriberUri: - description: SubscriberURI is the endpoint for the subscriber - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - status: - description: Status represents the current state of the NatssChannel. This data may be out of date. - type: object - properties: - address: - type: object - required: - - url - properties: - url: - type: string - annotations: - description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. - type: object - x-kubernetes-preserve-unknown-fields: true - conditions: - description: Conditions the latest available observations of a resource's current state. - type: array - items: - type: object - required: - - type - - status - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - severity: - description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - deadLetterSinkUri: - description: DeadLetterSink is a KReference that is the reference to the native, platform specific channel where failed events are sent to. - type: string - observedGeneration: - description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. - type: integer - format: int64 - subscribers: - description: This is the list of subscription's statuses for this channel. - type: array - items: - type: object - properties: - message: - description: A human readable message indicating details of Ready status. - type: string - observedGeneration: - description: Generation of the origin of the subscriber with uid:UID. - type: integer - format: int64 - ready: - description: Status of the subscriber. - type: string - uid: - description: UID is used to understand the origin of the subscriber. - type: string - additionalPrinterColumns: - - name: Ready - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" - - name: Reason - type: string - jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason" - - name: URL - type: string - jsonPath: .status.address.url - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - ---- -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: jetstream-ch-controller - namespace: knative-eventing - labels: - nats.eventing.knative.dev/release: "v1.10.7" - messaging.knative.dev/channel: nats-jetstream-channel - messaging.knative.dev/role: controller -spec: - replicas: 1 - selector: - matchLabels: - messaging.knative.dev/channel: nats-jetstream-channel - messaging.knative.dev/role: controller - template: - metadata: - labels: - messaging.knative.dev/channel: nats-jetstream-channel - messaging.knative.dev/role: controller - spec: - serviceAccountName: jetstream-ch-controller - containers: - - name: controller - image: gcr.io/knative-releases/knative.dev/eventing-natss/cmd/jetstream/controller@sha256:77e1ef98304888021116fa01b78cbe7dbc99d35ed92cc5bb981630454ab0d533 - env: - - name: CONFIG_LOGGING_NAME - value: config-logging - - name: METRICS_DOMAIN - value: knative.dev/eventing - - name: DISPATCHER_IMAGE - value: gcr.io/knative-releases/knative.dev/eventing-natss/cmd/jetstream/dispatcher@sha256:122ddecb07d7674f594b5ed89bc461a9fb85a88d8d9a50dfc4e91c5b82ee957b - - name: DISPATCHER_SERVICE_ACCOUNT - value: jetstream-ch-dispatcher - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - ports: - - containerPort: 9090 - name: metrics - volumeMounts: - - name: config-logging - mountPath: /etc/config-logging - volumes: - - name: config-logging - configMap: - name: config-logging - ---- diff --git a/example/config-jsm.yaml b/example/config-jsm.yaml deleted file mode 100644 index f79cba8f..00000000 --- a/example/config-jsm.yaml +++ /dev/null @@ -1,127 +0,0 @@ -# Copyright 2021 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: v1 -kind: Namespace -metadata: - labels: - kubernetes.io/metadata.name: nats - name: nats - ---- - -apiVersion: v1 -kind: ConfigMap -metadata: - labels: - app: nats-jetstream - name: nats-jetstream - namespace: nats -data: - gnatsd.conf: | - # configuration file used to override default NATS server settings - jetstream.conf: | - # enables jetstream, an empty block will enable and use defaults - jetstream { - # jetstream data will be in /data/nats-server/jetstream - store_dir: "/data/nats-server" - - # 1GB - max_memory_store: 1073741824 - - # 10GB - max_file_store: 10737418240 - } ---- - -apiVersion: v1 -kind: Service -metadata: - name: jetstream - namespace: nats - labels: - app: nats-jetstream -spec: - type: ClusterIP - ports: - - name: tcp-client - port: 4222 - protocol: TCP - targetPort: client - selector: - app: nats-jetstream - sessionAffinity: None - ---- - -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: nats-jetstream - namespace: nats - labels: - app: nats-jetstream -spec: - serviceName: nats-jetstream - replicas: 1 - selector: - matchLabels: &labels - app: nats-jetstream - template: - metadata: - labels: *labels - spec: - containers: - - name: nats-jetstream - image: nats:2.3.4 - imagePullPolicy: IfNotPresent - args: - - -D - - --jetstream - - --port=4222 - - --config=/etc/nats-jetstream/jetstream.conf - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - ports: - - containerPort: 4222 - name: client - protocol: TCP - - containerPort: 8222 - name: monitoring - protocol: TCP - volumeMounts: - - mountPath: /data/nats-server - name: datadir - - mountPath: /etc/nats-jetstream/ - name: config-volume - resources: - requests: - cpu: "100m" - limits: - memory: "32M" - volumes: - - configMap: - name: nats-jetstream - name: config-volume - volumeClaimTemplates: - - metadata: - name: datadir - spec: - accessModes: - - "ReadWriteOnce" - resources: - requests: - storage: "1Gi" \ No newline at end of file diff --git a/example/knative-eventing-config-nats.yaml b/example/knative-eventing-config-nats.yaml new file mode 100644 index 00000000..eb371849 --- /dev/null +++ b/example/knative-eventing-config-nats.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: config-nats + namespace: knative-eventing +data: + eventing-nats: | + url: nats://nats.nats-io.svc.cluster.local + connOpts: + retryOnFailedConnect: true + maxReconnects: 5 + reconnectWaitMilliseconds: 2000 + reconnectJitterMilliseconds: 100 + reconnectJitterTLSMilliseconds: 1000 \ No newline at end of file diff --git a/example/knative-eventing-default-channel.yaml b/example/knative-eventing-default-channel.yaml new file mode 100644 index 00000000..2df711fc --- /dev/null +++ b/example/knative-eventing-default-channel.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: default-ch-webhook + namespace: knative-eventing + labels: + eventing.knative.dev/release: devel + app.kubernetes.io/version: devel + app.kubernetes.io/part-of: knative-eventing +data: + default-ch-config: | + clusterDefault: + apiVersion: messaging.knative.dev/v1 + kind: NatsJetStreamChannel + namespaceDefaults: + default: + apiVersion: messaging.knative.dev/v1 + kind: NatsJetStreamChannel \ No newline at end of file diff --git a/example/knative-eventing-jetstream-crds.yaml b/example/knative-eventing-jetstream-crds.yaml new file mode 100644 index 00000000..4d00bc9d --- /dev/null +++ b/example/knative-eventing-jetstream-crds.yaml @@ -0,0 +1,823 @@ +type: object +properties: + spec: + description: Spec defines the desired state of the Channel. + type: object + properties: + consumerConfigTemplate: + type: object + properties: + ackWait: + description: AckWait denotes the duration for which delivered messages should wait for an acknowledgement before attempting redelivery. + type: string + deliverPolicy: + description: DeliverPolicy defines the DeliverPolicy for the consumer. + type: string + filterSubject: + description: FilterSubject configures the source to only include messages matching this subject. + type: string + maxAckPending: + description: MaxAckPending is the maximum number of messages without an acknowledgement that can be outstanding, once this limit is reached message delivery will be suspended. + type: integer + format: int32 + maxDeliver: + description: MaxDeliver denotes the maximum number of times a message will be redelivered before being dropped (or delivered to the dead-letter queue if configured). + type: integer + format: int32 + optStartSeq: + description: OptStartSeq denotes the message sequence number which this consumer should start from. This is only applicable when DeliverPolicy is set to ByStartSequenceDeliverPolicy. + type: integer + format: int64 + minimum: 0 + optStartTime: + description: OptStartTime configures the consumer to deliver messages from the stream starting at the first message after this timestamp. This is only applicable when DeliverPolicy is set to ByStartTimeDeliverPolicy. + type: string + rateLimitBPS: + description: RateLimitBPS will throttle delivery to the client in bits-per-second. + type: integer + format: int64 + minimum: 0 + replayPolicy: + description: ReplayPolicy defines the ReplayPolicy for the consumer. + type: string + sampleFrequency: + description: SampleFrequency sets the percentage of acknowledgements that should be sampled for observability. Valid values are in the range 0-100 and, for example, allows both formats of "30" and "30%". + type: string + delivery: + description: DeliverySpec contains the default delivery spec for each subscription to this Channelable. Each subscription delivery spec, if any, overrides this global delivery spec. + type: object + properties: + backoffDelay: + description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' + type: string + backoffPolicy: + description: BackoffPolicy is the retry backoff policy (linear, exponential). + type: string + deadLetterSink: + description: DeadLetterSink is the sink receiving event that could not be sent to a destination. + type: object + properties: + CACerts: + description: CACerts are Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. If set, these CAs are appended to the set of CAs provided by the Addressable target, if any. + type: string + audience: + description: Audience is the OIDC audience. This need only be set, if the target is not an Addressable and thus the Audience can't be received from the Addressable itself. In case the Addressable specifies an Audience too, the Destinations Audience takes preference. + type: string + ref: + description: Ref points to an Addressable. + type: object + properties: + address: + description: Address points to a specific Address Name. + type: string + apiVersion: + description: API version of the referent. + type: string + group: + description: 'Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' + type: string + uri: + description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. + type: string + retry: + description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. + type: integer + format: int32 + retryAfterMax: + description: 'RetryAfterMax provides an optional upper bound on the duration specified in a "Retry-After" header when calculating backoff times for retrying 429 and 503 response codes. Setting the value to zero ("PT0S") can be used to opt-out of respecting "Retry-After" header values altogether. This value only takes effect if "Retry" is configured, and also depends on specific implementations (Channels, Sources, etc.) choosing to provide this capability. Note: This API is EXPERIMENTAL and might be changed at anytime. While this experimental feature is in the Alpha/Beta stage, you must provide a valid value to opt-in for supporting "Retry-After" headers. When the feature becomes Stable/GA "Retry-After" headers will be respected by default, and you can choose to specify "PT0S" to opt-out of supporting "Retry-After" headers. For more details: https://github.com/knative/eventing/issues/5811 More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 ' + type: string + timeout: + description: 'Timeout is the timeout of each single request. The value must be greater than 0. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5148' + type: string + deploymentSpecTemplate: + type: object + required: + - affinity + properties: + affinity: + type: object + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for the pod. + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + type: array + items: + type: object + properties: + preference: + description: A node selector term, associated with the corresponding weight. + type: object + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + type: array + items: + type: object + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchFields: + description: A list of node selector requirements by node's fields. + type: array + items: + type: object + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + weight: + description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + type: object + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The terms are ORed. + type: array + items: + type: object + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + type: array + items: + type: object + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchFields: + description: A list of node selector requirements by node's fields. + type: array + items: + type: object + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + podAffinity: + description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + type: array + items: + type: object + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + type: object + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + type: object + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + x-kubernetes-preserve-unknown-fields: true + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + type: object + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + x-kubernetes-preserve-unknown-fields: true + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + type: array + items: + type: object + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + type: object + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + x-kubernetes-preserve-unknown-fields: true + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + type: object + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + x-kubernetes-preserve-unknown-fields: true + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + type: array + items: + type: object + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + type: object + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + type: object + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + x-kubernetes-preserve-unknown-fields: true + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + type: object + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + x-kubernetes-preserve-unknown-fields: true + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + type: array + items: + type: object + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + type: object + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + x-kubernetes-preserve-unknown-fields: true + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + type: object + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + x-kubernetes-preserve-unknown-fields: true + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + annotations: + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + type: object + x-kubernetes-preserve-unknown-fields: true + nodeSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + resources: + type: object + properties: + claims: + description: 'Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. ' + type: array + items: + type: object + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + type: string + limits: + description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + x-kubernetes-preserve-unknown-fields: true + requests: + description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + x-kubernetes-preserve-unknown-fields: true + stream: + type: object + properties: + config: + description: Config defines the StreamConfig for the stream. + type: object + properties: + additionalSubjects: + description: AdditionalSubjects allows adding additional subjects which this stream will subscribe to. The stream will always subscribe to a generated subject which the eventing-jetstream controller uses internally. + type: array + items: + type: string + discard: + description: Discard defines the DiscardPolicy for this stream. + type: string + duplicateWindow: + description: DuplicateWindow defines the duration of which messages should be tracked for detecting duplicates. + type: string + maxAge: + description: MaxAge defines the maximum age of a message which is allowed in the stream. + type: string + maxBytes: + description: MaxBytes defines how many bytes this stream can store spanning all messages in the stream. + type: integer + format: int64 + maxConsumers: + description: MaxConsumers defines how many consumers this stream can be bound to it. + type: integer + format: int32 + maxMsgSize: + description: MaxMsgSize defines the maximum size in bytes of an individual message. JetStream includes a hard-limit of 1MB so if defined should be less than 2^20=1048576. + type: integer + format: int32 + maxMsgs: + description: MaxMsgs defines how many messages this stream can store. + type: integer + format: int64 + mirror: + description: Mirror configures the stream to mirror another stream. + type: object + properties: + filterSubject: + description: FilterSubject configures the source to only include messages matching this subject. + type: string + name: + description: Name is the stream name which this source is referencing + type: string + optStartSeq: + description: OptStartSeq denotes the message sequence number which this source should start from. This takes precedence over OptStartTime if defined. + type: integer + format: int64 + minimum: 0 + optStartTime: + description: OptStartTime configures the source to deliver messages from the stream starting at the first message after this timestamp. + type: string + noAck: + description: NoAck disables acknowledgement of messages when true. + type: boolean + placement: + description: Placement allows configuring which JetStream server the stream should be placed on. + type: object + properties: + cluster: + description: Cluster denotes the cluster name which this stream should be placed on. + type: string + tags: + description: Tags will restrict this stream to only be stored on servers matching these tags. + type: array + items: + type: string + replicas: + description: Replicas defines how many replicas of each message should be stored. This is only applicable for clustered JetStream instances. + type: integer + format: int32 + retention: + description: Retention defines the RetentionPolicy for this stream. + type: string + sources: + description: Sources allows aggregating messages from other streams into a new stream. + type: array + items: + type: object + properties: + filterSubject: + description: FilterSubject configures the source to only include messages matching this subject. + type: string + name: + description: Name is the stream name which this source is referencing + type: string + optStartSeq: + description: OptStartSeq denotes the message sequence number which this source should start from. This takes precedence over OptStartTime if defined. + type: integer + format: int64 + minimum: 0 + optStartTime: + description: OptStartTime configures the source to deliver messages from the stream starting at the first message after this timestamp. + type: string + storage: + description: Storage defines the Storage mechanism for this stream. + type: string + overrideName: + description: OverrideName allows defining a custom stream name, by default a generated name based on the namespace and name of the NatsJetStreamChannel is used. + type: string + subscribers: + description: This is the list of subscriptions for this subscribable. + type: array + items: + type: object + properties: + auth: + description: Auth contains the service account name for the subscription + type: object + required: + - serviceAccountName + properties: + serviceAccountName: + description: ServiceAccountName is the name of the generated service account used for this components OIDC authentication. + type: string + delivery: + description: DeliverySpec contains options controlling the event delivery + type: object + properties: + backoffDelay: + description: 'BackoffDelay is the delay before retrying. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 For linear policy, backoff delay is backoffDelay*. For exponential policy, backoff delay is backoffDelay*2^.' + type: string + backoffPolicy: + description: BackoffPolicy is the retry backoff policy (linear, exponential). + type: string + deadLetterSink: + description: DeadLetterSink is the sink receiving event that could not be sent to a destination. + type: object + properties: + CACerts: + description: CACerts are Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. If set, these CAs are appended to the set of CAs provided by the Addressable target, if any. + type: string + audience: + description: Audience is the OIDC audience. This need only be set, if the target is not an Addressable and thus the Audience can't be received from the Addressable itself. In case the Addressable specifies an Audience too, the Destinations Audience takes preference. + type: string + ref: + description: Ref points to an Addressable. + type: object + properties: + address: + description: Address points to a specific Address Name. + type: string + apiVersion: + description: API version of the referent. + type: string + group: + description: 'Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' + type: string + uri: + description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. + type: string + retry: + description: Retry is the minimum number of retries the sender should attempt when sending an event before moving it to the dead letter sink. + type: integer + format: int32 + retryAfterMax: + description: 'RetryAfterMax provides an optional upper bound on the duration specified in a "Retry-After" header when calculating backoff times for retrying 429 and 503 response codes. Setting the value to zero ("PT0S") can be used to opt-out of respecting "Retry-After" header values altogether. This value only takes effect if "Retry" is configured, and also depends on specific implementations (Channels, Sources, etc.) choosing to provide this capability. Note: This API is EXPERIMENTAL and might be changed at anytime. While this experimental feature is in the Alpha/Beta stage, you must provide a valid value to opt-in for supporting "Retry-After" headers. When the feature becomes Stable/GA "Retry-After" headers will be respected by default, and you can choose to specify "PT0S" to opt-out of supporting "Retry-After" headers. For more details: https://github.com/knative/eventing/issues/5811 More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 ' + type: string + timeout: + description: 'Timeout is the timeout of each single request. The value must be greater than 0. More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html - https://en.wikipedia.org/wiki/ISO_8601 Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5148' + type: string + generation: + description: Generation of the origin of the subscriber with uid:UID. + type: integer + format: int64 + replyAudience: + description: ReplyAudience is the OIDC audience for the replyUri. + type: string + replyCACerts: + description: ReplyCACerts is the Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468 for the replyUri. + type: string + replyUri: + description: ReplyURI is the endpoint for the reply + type: string + subscriberAudience: + description: SubscriberAudience is the OIDC audience for the subscriberUri. + type: string + subscriberCACerts: + description: SubscriberCACerts is the Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468 for the subscriberUri + type: string + subscriberUri: + description: SubscriberURI is the endpoint for the subscriber + type: string + uid: + description: UID is used to understand the origin of the subscriber. + type: string + status: + description: Status represents the current state of the NatssChannel. This data may be out of date. + type: object + properties: + address: + description: Address is a single Addressable address. If Addresses is present, Address will be ignored by clients. + type: object + required: + - url + properties: + CACerts: + description: CACerts is the Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. + type: string + audience: + description: Audience is the OIDC audience for this address. + type: string + name: + description: Name is the name of the address. + type: string + url: + type: string + addresses: + description: Addresses is a list of addresses for different protocols (HTTP and HTTPS) If Addresses is present, Address must be ignored by clients. + type: array + items: + type: object + required: + - url + properties: + CACerts: + description: CACerts is the Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. + type: string + audience: + description: Audience is the OIDC audience for this address. + type: string + name: + description: Name is the name of the address. + type: string + url: + type: string + annotations: + description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. + type: object + x-kubernetes-preserve-unknown-fields: true + conditions: + description: Conditions the latest available observations of a resource's current state. + type: array + items: + type: object + required: + - type + - status + properties: + lastTransitionTime: + description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). + type: string + message: + description: A human readable message indicating details about the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + severity: + description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition. + type: string + deadLetterSinkAudience: + description: DeadLetterSinkAudience is the OIDC audience of the DeadLetterSink + type: string + deadLetterSinkCACerts: + description: DeadLetterSinkCACerts are Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. + type: string + deadLetterSinkUri: + description: DeadLetterSink is a KReference that is the reference to the native, platform specific channel where failed events are sent to. + type: string + observedGeneration: + description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. + type: integer + format: int64 + subscribers: + description: This is the list of subscription's statuses for this channel. + type: array + items: + type: object + properties: + auth: + description: Auth provides the relevant information for OIDC authentication. + type: object + required: + - serviceAccountName + properties: + serviceAccountName: + description: ServiceAccountName is the name of the generated service account used for this components OIDC authentication. + type: string + message: + description: A human readable message indicating details of Ready status. + type: string + observedGeneration: + description: Generation of the origin of the subscriber with uid:UID. + type: integer + format: int64 + ready: + description: Status of the subscriber. + type: string + uid: + description: UID is used to understand the origin of the subscriber. + type: string diff --git a/example/knative-nats.yaml b/example/knative-nats.yaml new file mode 100644 index 00000000..5e38924c --- /dev/null +++ b/example/knative-nats.yaml @@ -0,0 +1,173 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: nats-io +--- +apiVersion: v1 +data: + nats.conf: | + # PID file shared with configuration reloader. + pid_file: "/var/run/nats/nats.pid" + + http: 8222 + server_name: $POD_NAME + + jetstream: { + max_mem: 1Gi + store_dir: /data/ + + max_file: 126Gi + } +kind: ConfigMap +metadata: + labels: + app.kubernetes.io/name: nats + app.kubernetes.io/version: 2.3.4 + name: nats-config + namespace: nats-io +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/name: nats + app.kubernetes.io/version: 2.3.4 + name: nats + namespace: nats-io +spec: + ports: + - appProtocol: tcp + name: client + port: 4222 + - appProtocol: tcp + name: monitor + port: 8222 + - appProtocol: http + name: metrics + port: 7777 + selector: + app.kubernetes.io/name: nats + app.kubernetes.io/version: 2.3.4 +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/name: nats + app.kubernetes.io/version: 2.3.4 + name: nats-mgmt + namespace: nats-io +spec: + clusterIP: None + ports: + - appProtocol: tls + name: cluster + port: 6222 + selector: + app.kubernetes.io/name: nats + app.kubernetes.io/version: 2.3.4 +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + labels: + app.kubernetes.io/name: nats + app.kubernetes.io/version: 2.3.4 + name: nats + namespace: nats-io +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: nats + app.kubernetes.io/version: 2.3.4 + serviceName: nats-mgmt + template: + metadata: + labels: + app.kubernetes.io/name: nats + app.kubernetes.io/version: 2.3.4 + spec: + containers: + - command: + - nats-server + - --config + - /etc/nats-config/nats.conf + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: CLUSTER_ADVERTISE + value: $(POD_NAME).nats-mgmt.$(POD_NAMESPACE).svc.cluster.local. + image: nats:alpine + imagePullPolicy: IfNotPresent + lifecycle: + preStop: + exec: + command: + - /bin/sh + - -c + - nats-server -sl=ldm=/var/run/nats/nats.pid && /bin/sleep 60 + livenessProbe: + httpGet: + path: / + port: 8222 + initialDelaySeconds: 10 + timeoutSeconds: 5 + name: nats + ports: + - containerPort: 4222 + name: client + - containerPort: 7422 + name: leafnodes + - containerPort: 7522 + name: gateways + - containerPort: 6222 + name: cluster + - containerPort: 8222 + name: monitor + - containerPort: 7777 + name: metrics + readinessProbe: + httpGet: + path: / + port: 8222 + initialDelaySeconds: 10 + timeoutSeconds: 5 + volumeMounts: + - mountPath: /etc/nats-config + name: config-volume + - mountPath: /var/run/nats + name: pid + - mountPath: /data/ + name: nats-js-pvc + - command: + - nats-server-config-reloader + - -pid + - /var/run/nats/nats.pid + - -config + - /etc/nats-config/nats.conf + image: natsio/nats-server-config-reloader:0.6.2 + imagePullPolicy: IfNotPresent + name: reloader + resources: {} + volumeMounts: + - mountPath: /etc/nats-config + name: config-volume + - mountPath: /var/run/nats + name: pid + shareProcessNamespace: true + terminationGracePeriodSeconds: 60 + volumes: + - configMap: + name: nats-config + name: config-volume + - emptyDir: {} + name: pid + - emptyDir: {} + name: nats-js-pvc \ No newline at end of file diff --git a/example/ping-demo-default.yaml b/example/ping-demo-default.yaml new file mode 100644 index 00000000..63cebf0a --- /dev/null +++ b/example/ping-demo-default.yaml @@ -0,0 +1,74 @@ +apiVersion: messaging.knative.dev/v1alpha1 +kind: NatsJetStreamChannel +metadata: + name: my-default-channel + namespace: default +--- +apiVersion: serving.knative.dev/v1 +kind: Service +metadata: + name: event-display + namespace: default +spec: + template: + metadata: + annotations: + autoscaling.knative.dev/min-scale: "1" + spec: + containers: + - name: display + image: gcr.io/knative-releases/knative.dev/eventing/cmd/event_display + ports: + - containerPort: 8080 +--- +apiVersion: sources.knative.dev/v1 +kind: PingSource +metadata: + name: ping + namespace: default +spec: + schedule: "* * * * *" + contentType: "application/json" + data: | + { "message": "Hello, World!" } + sink: + ref: + apiVersion: messaging.knative.dev/v1alpha1 + kind: NatsJetStreamChannel + name: my-default-channel +--- +apiVersion: messaging.knative.dev/v1 +kind: Subscription +metadata: + name: subscription + namespace: default +spec: + channel: + apiVersion: messaging.knative.dev/v1alpha1 + kind: NatsJetStreamChannel + name: my-default-channel + subscriber: + ref: + apiVersion: serving.knative.dev/v1 + kind: Service + name: event-display + delivery: + deadLetterSink: + ref: + apiVersion: serving.knative.dev/v1 + kind: Service + name: dead-letter-display +--- +apiVersion: serving.knative.dev/v1 +kind: Service +metadata: + name: dead-letter-display + namespace: default +spec: + template: + spec: + containers: + - name: display + image: gcr.io/knative-releases/knative.dev/eventing/cmd/event_display + ports: + - containerPort: 8080 \ No newline at end of file diff --git a/example/config-ping-json.yaml b/example/typhoon-ping-json.yaml similarity index 78% rename from example/config-ping-json.yaml rename to example/typhoon-ping-json.yaml index 477b37f6..82054308 100644 --- a/example/config-ping-json.yaml +++ b/example/typhoon-ping-json.yaml @@ -1,3 +1,23 @@ +--- +apiVersion: serving.knative.dev/v1 +kind: Service +metadata: + name: event-display + namespace: default +spec: + template: + metadata: + annotations: + autoscaling.knative.dev/min-scale: "1" + spec: + containers: + - name: display + image: gcr.io/knative-releases/knative.dev/eventing/cmd/event_display + ports: + - containerPort: 8080 + +--- + apiVersion: sources.knative.dev/v1 kind: PingSource metadata: @@ -43,7 +63,7 @@ spec: ref: apiVersion: serving.knative.dev/v1 kind: Service - name: event-success-capture + name: event-display namespace: default context: diff --git a/example/config-ping-xml.yaml b/example/typhoon-ping-xml.yaml similarity index 59% rename from example/config-ping-xml.yaml rename to example/typhoon-ping-xml.yaml index a6d53f78..346a2394 100644 --- a/example/config-ping-xml.yaml +++ b/example/typhoon-ping-xml.yaml @@ -1,3 +1,23 @@ +--- +apiVersion: serving.knative.dev/v1 +kind: Service +metadata: + name: event-display + namespace: default +spec: + template: + metadata: + annotations: + autoscaling.knative.dev/min-scale: "1" + spec: + containers: + - name: display + image: gcr.io/knative-releases/knative.dev/eventing/cmd/event_display + ports: + - containerPort: 8080 + +--- + apiVersion: flow.typhoon.zeiss.com/v1alpha1 kind: XMLToJSONTransformation metadata: @@ -7,7 +27,7 @@ spec: ref: apiVersion: serving.knative.dev/v1 kind: Service - name: event-success-capture + name: event-display namespace: default --- @@ -15,7 +35,7 @@ spec: apiVersion: sources.knative.dev/v1 kind: PingSource metadata: - name: pingxml + name: xml-transformation-demo spec: schedule: "*/1 * * * *" contentType: application/xml diff --git a/natsjetstreamchannel.yaml b/natsjetstreamchannel.yaml new file mode 100644 index 00000000..e69de29b diff --git a/scripts/setupKnative.sh b/scripts/setupKnative.sh new file mode 100755 index 00000000..9dc74385 --- /dev/null +++ b/scripts/setupKnative.sh @@ -0,0 +1,30 @@ +#!/bin/bash + +set -x + +# Install Knative Serving +kubectl apply -f https://github.com/knative/serving/releases/download/knative-v1.13.1/serving-crds.yaml +kubectl apply -f https://github.com/knative/serving/releases/download/knative-v1.13.1/serving-core.yaml + +# Install Networking Layer +kubectl apply -f https://github.com/knative/net-kourier/releases/download/knative-v1.13.0/kourier.yaml +kubectl patch configmap/config-network \ + --namespace knative-serving \ + --type merge \ + --patch '{"data":{"ingress-class":"kourier.ingress.networking.knative.dev"}}' +kubectl --namespace kourier-system get service kourier +kubectl get pods -n knative-serving + +# Configure Magic DNS +kubectl apply -f https://github.com/knative/serving/releases/download/knative-v1.13.1/serving-default-domain.yaml + +# Install Knative Eventing +kubectl apply -f https://github.com/knative/eventing/releases/download/knative-v1.13.3/eventing-crds.yaml +kubectl apply -f https://github.com/knative/eventing/releases/download/knative-v1.13.3/eventing-core.yaml + +# Install NATS JetStream +kubectl apply -f example/knative-eventing-jetstream-crds.yaml +kubectl apply -f https://github.com/knative-extensions/eventing-natss/releases/latest/download/eventing-jsm.yaml +kubectl apply -f example/knative-nats.yaml +kubectl apply -f example/knative-eventing-config-nats.yaml +kubectl apply -f example/knative-eventing-default-channel.yaml \ No newline at end of file