apiVersion: platform.confluent.io/v1beta1 kind: Zookeeper metadata: name: zookeeper namespace: confluent spec: replicas: 3 oneReplicaPerNode: true configOverrides: jvm: - "-Xmx128m" podTemplate: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: app.kubernetes.io/name operator: In values: - tcs image: application: confluentinc/cp-zookeeper:7.5.0 init: confluentinc/confluent-init-container:2.7.0 dataVolumeCapacity: 10Gi logVolumeCapacity: 10Gi storageClass: name: tcs-kafka authentication: type: digest jaasConfig: secretRef: credential tls: secretRef: tls-group1 --- apiVersion: platform.confluent.io/v1beta1 kind: Kafka metadata: name: kafka namespace: confluent spec: replicas: 3 oneReplicaPerNode: true configOverrides: server: - auto.create.topics.enable=true - default.replication.factor=3 jvm: - "-Xmx512m" podTemplate: resources: requests: memory: "256Mi" cpu: "100m" limits: memory: "4G" cpu: "1" affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: app.kubernetes.io/name operator: In values: - tcs image: application: confluentinc/cp-server:7.5.0 init: confluentinc/confluent-init-container:2.7.0 dataVolumeCapacity: 10Gi storageClass: name: tcs-kafka tls: secretRef: tls-group1 listeners: internal: authentication: type: ldap jaasConfig: secretRef: credential tls: enabled: true external: externalAccess: type: nodePort nodePort: host: kafka-tcs.beaconfireinc.com nodePortOffset: 30001 authentication: type: ldap jaasConfig: secretRef: credential tls: enabled: true authorization: type: rbac superUsers: - User:kafka services: mds: tls: enabled: true tokenKeyPair: secretRef: mds-token provider: type: ldap ldap: address: ldap://ldap.tcs.svc.cluster.local:389 authentication: type: simple simple: secretRef: credential configurations: groupNameAttribute: cn groupObjectClass: group groupMemberAttribute: member groupMemberAttributePattern: CN=(.*),DC=test,DC=com groupSearchBase: dc=test,dc=com userNameAttribute: cn userMemberOfAttributePattern: CN=(.*),DC=test,DC=com userObjectClass: organizationalRole userSearchBase: dc=test,dc=com dependencies: zookeeper: endpoint: zookeeper.tcs.svc.cluster.local:2182 authentication: type: digest jaasConfig: secretRef: credential tls: enabled: true --- apiVersion: platform.confluent.io/v1beta1 kind: SchemaRegistry metadata: name: schemaregistry namespace: confluent spec: replicas: 1 oneReplicaPerNode: true configOverrides: jvm: - "-Xmx128m" podTemplate: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: app.kubernetes.io/name operator: In values: - tcs image: application: confluentinc/cp-schema-registry:7.5.0 init: confluentinc/confluent-init-container:2.7.0 tls: secretRef: tls-group1 externalAccess: type: nodePort nodePort: host: kafka-tcs.beaconfireinc.com nodePortOffset: 30005 authorization: type: rbac dependencies: kafka: bootstrapEndpoint: kafka.tcs.svc.cluster.local:9071 authentication: type: plain jaasConfig: secretRef: credential tls: enabled: true mds: endpoint: https://kafka.tcs.svc.cluster.local:8090 tokenKeyPair: secretRef: mds-token authentication: type: bearer bearer: secretRef: sr-mds-client tls: enabled: true