From 478eadba4e5ca05a990b810380e98ae513bd08f9 Mon Sep 17 00:00:00 2001 From: obaydullahmhs Date: Wed, 22 Nov 2023 12:15:29 +0600 Subject: [PATCH 1/2] Remove broker and controller service kafka helpers Signed-off-by: obaydullahmhs --- apis/kubedb/v1alpha2/constants.go | 8 +++----- apis/kubedb/v1alpha2/kafka_helpers.go | 8 -------- apis/kubedb/v1alpha2/kafka_types.go | 3 +-- 3 files changed, 4 insertions(+), 15 deletions(-) diff --git a/apis/kubedb/v1alpha2/constants.go b/apis/kubedb/v1alpha2/constants.go index 57263cbe81..6ec3af4d6a 100644 --- a/apis/kubedb/v1alpha2/constants.go +++ b/apis/kubedb/v1alpha2/constants.go @@ -518,15 +518,13 @@ const ( KafkaPortNameCruiseControlREST = "cc-rest" KafkaBrokerClientPortName = "broker" KafkaControllerClientPortName = "controller" - KafkaPortNameInternal = "internal" - KafkaPortNameExternal = "external" + KafkaPortNameLocal = "local" KafkaTopicNameHealth = "kafka-health" KafkaTopicDeletionThresholdOffset = 1000 - KafkaControllerMaxID = 1000 + KafkaBrokerMaxID = 1000 KafkaRESTPort = 9092 KafkaControllerRESTPort = 9093 - KafkaInternalRESTPort = 29092 - KafkaExternalRESTPort = 19092 + KafkaLocalRESTPort = 29092 KafkaCruiseControlRESTPort = 9090 KafkaCruiseControlListenerPort = 9094 KafkaCCDefaultInNetwork = 500000 diff --git a/apis/kubedb/v1alpha2/kafka_helpers.go b/apis/kubedb/v1alpha2/kafka_helpers.go index fed6097bfb..6a0cd37470 100644 --- a/apis/kubedb/v1alpha2/kafka_helpers.go +++ b/apis/kubedb/v1alpha2/kafka_helpers.go @@ -80,14 +80,6 @@ func (k *Kafka) GoverningServiceName() string { return meta_util.NameWithSuffix(k.ServiceName(), "pods") } -func (k *Kafka) GoverningServiceNameController() string { - return meta_util.NameWithSuffix(k.ServiceName(), KafkaNodeRolesController) -} - -func (k *Kafka) GoverningServiceNameBroker() string { - return meta_util.NameWithSuffix(k.ServiceName(), KafkaNodeRolesBrokers) -} - func (k *Kafka) GoverningServiceNameCruiseControl() string { return meta_util.NameWithSuffix(k.ServiceName(), KafkaNodeRolesCruiseControl) } diff --git a/apis/kubedb/v1alpha2/kafka_types.go b/apis/kubedb/v1alpha2/kafka_types.go index d36890c3d3..266183607c 100644 --- a/apis/kubedb/v1alpha2/kafka_types.go +++ b/apis/kubedb/v1alpha2/kafka_types.go @@ -218,8 +218,7 @@ type KafkaListenerType string const ( KafkaListenerBroker KafkaListenerType = "BROKER" KafkaListenerController KafkaListenerType = "CONTROLLER" - KafkaListenerInternal KafkaListenerType = "INTERNAL" - KafkaListenerExternal KafkaListenerType = "EXTERNAL" + KafkaListenerLocal KafkaListenerType = "LOCAL" KafkaListenerCC KafkaListenerType = "CC" ) From e698ba48b53b43f9470f96915b2cd6e45ef11e27 Mon Sep 17 00:00:00 2001 From: obaydullahmhs Date: Thu, 23 Nov 2023 15:21:27 +0600 Subject: [PATCH 2/2] Add security related webhook validator for kafka Signed-off-by: obaydullahmhs --- apis/kubedb/v1alpha2/kafka_webhook.go | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/apis/kubedb/v1alpha2/kafka_webhook.go b/apis/kubedb/v1alpha2/kafka_webhook.go index af05f17089..be55e2baa1 100644 --- a/apis/kubedb/v1alpha2/kafka_webhook.go +++ b/apis/kubedb/v1alpha2/kafka_webhook.go @@ -86,6 +86,19 @@ func (k *Kafka) ValidateDelete() error { func (k *Kafka) ValidateCreateOrUpdate() error { var allErr field.ErrorList // TODO(user): fill in your validation logic upon object creation. + if k.Spec.EnableSSL { + if k.Spec.TLS == nil { + allErr = append(allErr, field.Invalid(field.NewPath("spec").Child("enableSSL"), + k.Name, + ".spec.tls can't be nil, if .spec.enableSSL is true")) + } + } else { + if k.Spec.TLS != nil { + allErr = append(allErr, field.Invalid(field.NewPath("spec").Child("enableSSL"), + k.Name, + ".spec.tls must be nil, if .spec.enableSSL is disabled")) + } + } if k.Spec.Topology != nil { if k.Spec.Topology.Controller == nil { allErr = append(allErr, field.Invalid(field.NewPath("spec").Child("topology").Child("controller"), @@ -195,6 +208,7 @@ var availableVersions = []string{ "3.4.0", "3.4.1", "3.5.1", + "3.6.0", } func validateVersion(db *Kafka) error {