Skip to content

Commit

Permalink
Merge pull request #159 from mlbiam/master
Browse files Browse the repository at this point in the history 
enable HA amq
  • Loading branch information
@mlbiam
mlbiam authored Jul 22, 2024
2 parents 3a6f2d2 + ccbcc71 commit 3f7a5de
Show file tree
Hide file tree
Showing 16 changed files with 164 additions and 62 deletions.
2 changes: 1 addition & 1 deletion openunison-k8s-cluster-management/templates/workflows/create-new-namespace.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -221,7 +221,7 @@ spec:
attributes: ["uid"]
{{ end }}

{{ if .Values.openunison.naas.workflows.new_namespace.pre_run_workflow }}
{{ if .Values.openunison.naas.workflows.new_namespace.pre_provision_workflow }}
- taskType: callWorkflow
name: {{ .Values.openunison.naas.workflows.new_namespace.pre_provision_workflow }}
{{ end }}
Expand Down
2 changes: 1 addition & 1 deletion openunison-operator/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ type: application

# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
version: 3.0.11
version: 3.0.12

# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application.
Expand Down
2 changes: 1 addition & 1 deletion openunison-operator/templates/deployments/openunison-operator.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -206,7 +206,7 @@ spec:
name: kerb-config
- name: krb-keytab
secret:
secretName: kerb-keytab
secretName: kerb-keytab{{ .Values.openunison.secret_ext }}
{{ end }}
{{ end }}
{{ $length := len .Values.services.node_selectors }}
Expand Down
2 changes: 1 addition & 1 deletion orchestra-login-portal-argocd/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 2.3.56
version: 2.3.57

# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
Expand Down
3 changes: 2 additions & 1 deletion orchestra-login-portal-argocd/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -115,6 +115,7 @@ operator:
cpu: 1.0

openunison:
secret_ext: ""
apps: []
imagePullPolicy: Always
replicas: 1
Expand All @@ -129,7 +130,7 @@ openunison:
refresh_token:
grace_period_millis: 0
html:
image: ghcr.io/openunison/openunison-k8s-html:1.0.0
image: ghcr.io/openunison/openunison-k8s-react:1.0.0
legacy: false
theme:
startPage: front-page
Expand Down
2 changes: 1 addition & 1 deletion orchestra-login-portal/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 2.3.51
version: 2.3.52

# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
Expand Down
2 changes: 1 addition & 1 deletion orchestra-login-portal/templates/openunison/applications/activemq.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{{ if and .Values.openunison.enable_provisioning .Values.openunison.enable_activemq }}
{{ if and .Values.openunison.enable_provisioning .Values.openunison.amq.enabled }}
---
apiVersion: openunison.tremolo.io/v1
kind: Application
Expand Down
2 changes: 1 addition & 1 deletion orchestra-login-portal/templates/openunison/urls/naas-urls.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{{ if .Values.openunison.enable_provisioning }}
{{ if .Values.openunison.enable_activemq }}
{{ if .Values.openunison.amq.enabled }}
---
apiVersion: openunison.tremolo.io/v1
kind: PortalUrl
Expand Down
10 changes: 5 additions & 5 deletions orchestra/templates/infrastructure/activemq-config-mysql.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{{ if and .Values.openunison.enable_provisioning .Values.openunison.enable_activemq }}
{{ if not .Values.openunison.activemq_use_pvc }}
{{ if or (and .Values.openunison.enable_provisioning .Values.openunison.amq.enabled) (and .Values.openunison.enable_provisioning .Values.openunison.enable_activemq ) }}
{{ if not (or .Values.openunison.amq.pvc.enabled .Values.openunison.activemq_use_pvc) }}
{{ if or (eq (substr 0 10 .Values.database.url) "jdbc:mysql") (eq (substr 0 12 .Values.database.url) "jdbc:mariadb")}}
apiVersion: v1
kind: ConfigMap
Expand Down Expand Up @@ -148,10 +148,10 @@ data:
<bean xmlns="http://www.springframework.org/schema/beans" class="org.apache.activemq.hooks.SpringContextHook" />
</shutdownHooks>
<networkConnectors>
{{ if .Values.openunison.activemq_remote }}
{{ if .Values.openunison.amq.remote_brokers }}
{{ $remote_queue_num := 0 }}
{{ $remote_queues := splitList "," .Values.openunison.non_secret_data.K8S_DR_QUEUES }}
{{ range $host := .Values.openunison.activemq_remote}}
{{ range $host := .Values.openunison.amq.remote_brokers}}
<networkConnector uri="static:(ssl://{{ $host }})" >
<dynamicallyIncludedDestinations>
<queue physicalName="{{ index $remote_queues $remote_queue_num }}" />
Expand Down Expand Up @@ -300,7 +300,7 @@ data:
<bean id="SecureConnector" class="org.eclipse.jetty.server.ServerConnector">
<constructor-arg ref="Server" />
<constructor-arg>
<bean id="handlers" class="org.eclipse.jetty.util.ssl.SslContextFactory">
<bean id="handlers" class="org.eclipse.jetty.util.ssl.SslContextFactory$Server">

<property name="keyStorePath" value="/etc/activemq-secrets/amq.p12" />
<property name="keyStorePassword" value="${TLS_KS_PWD}" />
Expand Down
10 changes: 5 additions & 5 deletions orchestra/templates/infrastructure/activemq-config-postgresql.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{{ if and .Values.openunison.enable_provisioning .Values.openunison.enable_activemq }}
{{ if not .Values.openunison.activemq_use_pvc }}
{{ if or (and .Values.openunison.enable_provisioning .Values.openunison.amq.enabled) (and .Values.openunison.enable_provisioning .Values.openunison.enable_activemq ) }}
{{ if not (or .Values.openunison.amq.pvc.enabled .Values.openunison.activemq_use_pvc) }}
{{ if eq (substr 0 15 .Values.database.url) "jdbc:postgresql"}}
apiVersion: v1
kind: ConfigMap
Expand Down Expand Up @@ -148,10 +148,10 @@ data:
<bean xmlns="http://www.springframework.org/schema/beans" class="org.apache.activemq.hooks.SpringContextHook" />
</shutdownHooks>
<networkConnectors>
{{ if .Values.openunison.activemq_remote }}
{{ if .Values.openunison.amq.remote_brokers }}
{{ $remote_queue_num := 0 }}
{{ $remote_queues := splitList "," .Values.openunison.non_secret_data.K8S_DR_QUEUES }}
{{ range $host := .Values.openunison.activemq_remote}}
{{ range $host := .Values.openunison.amq.remote_brokers}}
<networkConnector uri="static:(ssl://{{ $host }})" >
<dynamicallyIncludedDestinations>
<queue physicalName="{{ index $remote_queues $remote_queue_num }}" />
Expand Down Expand Up @@ -299,7 +299,7 @@ data:
<bean id="SecureConnector" class="org.eclipse.jetty.server.ServerConnector">
<constructor-arg ref="Server" />
<constructor-arg>
<bean id="handlers" class="org.eclipse.jetty.util.ssl.SslContextFactory">
<bean id="handlers" class="org.eclipse.jetty.util.ssl.SslContextFactory$Server">

<property name="keyStorePath" value="/etc/activemq-secrets/amq.p12" />
<property name="keyStorePassword" value="${TLS_KS_PWD}" />
Expand Down
62 changes: 46 additions & 16 deletions orchestra/templates/infrastructure/activemq-config-pvc.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
{{ if and .Values.openunison.enable_provisioning .Values.openunison.enable_activemq }}
{{ if .Values.openunison.activemq_use_pvc }}
{{ if or (and .Values.openunison.enable_provisioning .Values.openunison.amq.enabled) (and .Values.openunison.enable_provisioning .Values.openunison.enable_activemq ) }}
{{ if or .Values.openunison.amq.pvc.enabled .Values.openunison.activemq_use_pvc }}
{{- $root := . -}}
apiVersion: v1
kind: ConfigMap
metadata:
Expand Down Expand Up @@ -45,16 +46,26 @@ data:
<!-- Allows accessing the server log -->
<bean id="logQuery" class="io.fabric8.insight.log.log4j.Log4jLogQuery"
<!-- <bean id="logQuery" class="io.fabric8.insight.log.log4j.Log4jLogQuery"
lazy-init="false" scope="singleton"
init-method="start" destroy-method="stop">
</bean>
</bean> -->
<!--
The <broker> element is used to configure the ActiveMQ broker.
-->
<broker xmlns="http://activemq.apache.org/schema/core" brokerName="localhost" dataDirectory="${activemq.data}">
{{ if .Values.openunison.amq.use_token }}
<plugins>
<simpleAuthenticationPlugin anonymousAccessAllowed="false">
<users>
<authenticationUser username="openunison" password="${AMQ_TOKEN}" groups="users,admins"/>
<authenticationUser username="system" password="${AMQ_TOKEN}" groups="users,admins"/>
</users>
</simpleAuthenticationPlugin>
</plugins>
{{ end }}
<destinationPolicy>
<policyMap>
<policyEntries>
Expand Down Expand Up @@ -112,10 +123,18 @@ data:
<memoryUsage percentOfJvmHeap="70" />
</memoryUsage>
<storeUsage>
<storeUsage limit="{{ .Values.openunison.activemq_pvc_size | default "1G" }}"/>
{{ if .Values.openunison.activemq_pvc_size }}
<storeUsage limit="{{ .Values.openunison.activemq_pvc_size }}"/>
{{ else }}
<storeUsage limit="{{ .Values.openunison.amq.pvc.size | default "1G" }}"/>
{{ end }}
</storeUsage>
<tempUsage>
<tempUsage limit="{{ .Values.openunison.activemq_pvc_size | default "1G" }}"/>
{{ if .Values.openunison.activemq_pvc_size }}
<tempUsage limit="{{ .Values.openunison.activemq_pvc_size }}"/>
{{ else }}
<tempUsage limit="{{ .Values.openunison.amq.pvc.size | default "1G" }}"/>
{{ end }}
</tempUsage>
</systemUsage>
</systemUsage>
Expand All @@ -133,7 +152,12 @@ data:
</sslContext>
<transportConnectors>
<!-- DOS protection, limit concurrent connections to 1000 and frame size to 100MB -->
{{ if .Values.openunison.amq.use_token }}
<transportConnector name="openwire" uri="ssl://0.0.0.0:61616?maximumConnections=1000&amp;wireFormat.maxFrameSize=104857600"/>
{{ else }}
<transportConnector name="openwire" uri="ssl://0.0.0.0:61616?maximumConnections=1000&amp;wireFormat.maxFrameSize=104857600&amp;needClientAuth=true"/>
{{ end }}
</transportConnectors>
<!-- destroy the spring context on shutdown to stop jetty -->
Expand All @@ -142,14 +166,15 @@ data:
</shutdownHooks>
<networkConnectors>
{{ if .Values.openunison.activemq_remote }}
{{ if .Values.openunison.amq.remote_brokers }}
{{ $remote_queue_num := 0 }}
{{ $remote_queues := splitList "," .Values.openunison.non_secret_data.K8S_DR_QUEUES }}
{{ range $host := .Values.openunison.activemq_remote}}
<networkConnector uri="static:(ssl://{{ $host }})" >
{{ range $host := .Values.openunison.amq.remote_brokers}}
<networkConnector {{ if $root.Values.openunison.amq.use_token}}userName="openunison" password="${AMQ_TOKEN}"{{ end }} uri="static:(ssl://{{ $host }})" >
<dynamicallyIncludedDestinations>
<queue physicalName="{{ index $remote_queues $remote_queue_num }}" />
{{ $remote_queue_num := add1 $remote_queue_num }}
{{ range $remote_queue_name := $remote_queues }}
<queue physicalName="{{ $remote_queue_name }}" />
{{ end }}
</dynamicallyIncludedDestinations>
<excludedDestinations>
<queue physicalName="ActiveMQ.DLQ" />
Expand Down Expand Up @@ -294,7 +319,7 @@ data:
<bean id="SecureConnector" class="org.eclipse.jetty.server.ServerConnector">
<constructor-arg ref="Server" />
<constructor-arg>
<bean id="handlers" class="org.eclipse.jetty.util.ssl.SslContextFactory">
<bean id="handlers" class="org.eclipse.jetty.util.ssl.SslContextFactory$Server">

<property name="keyStorePath" value="/etc/activemq-secrets/amq.p12" />
<property name="keyStorePassword" value="${TLS_KS_PWD}" />
Expand All @@ -304,7 +329,6 @@ data:
<property name="trustStorePassword" value="${TLS_KS_PWD}" />
<property name="trustStoreType" value="pkcs12" />
<property name="needClientAuth" value="true" />

<property name="endpointIdentificationAlgorithm">
<null></null>
</property>
Expand Down Expand Up @@ -343,11 +367,17 @@ metadata:
spec:
{{ if .Values.openunison.activemq_storageclass }}
storageClassName: {{ .Values.openunison.activemq_storageclass }}
{{ else if .Values.openunison.amq.pvc.storageclass }}
storageClassName: {{ .Values.openunison.amq.pvc.storageclass }}
{{ end }}
accessModes:
- {{ .Values.openunison.activemq_accessmode | default "ReadWriteOnce" }}
- {{ .Values.openunison.amq.pvc.accessmode | default "ReadWriteOnce" }}
resources:
requests:
storage: {{ .Values.openunison.activemq_pvc_size | default "1G" }}
{{ if .Values.openunison.activemq_pvc_size }}
storage: {{ .Values.openunison.activemq_pvc_size }}
{{ else }}
storage: {{ .Values.openunison.amq.pvc.size | default "1G" }}
{{ end }}
{{ end }}
{{ end }}
10 changes: 5 additions & 5 deletions orchestra/templates/infrastructure/activemq-config-sqlserver.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{{ if and .Values.openunison.enable_provisioning .Values.openunison.enable_activemq }}
{{ if not .Values.openunison.activemq_use_pvc }}
{{ if or (and .Values.openunison.enable_provisioning .Values.openunison.amq.enabled) (and .Values.openunison.enable_provisioning .Values.openunison.enable_activemq ) }}
{{ if not (or .Values.openunison.amq.pvc.enabled .Values.openunison.activemq_use_pvc) }}
{{ if eq (substr 0 14 .Values.database.url) "jdbc:sqlserver"}}
apiVersion: v1
kind: ConfigMap
Expand Down Expand Up @@ -149,10 +149,10 @@ data:
<bean xmlns="http://www.springframework.org/schema/beans" class="org.apache.activemq.hooks.SpringContextHook" />
</shutdownHooks>
<networkConnectors>
{{ if .Values.openunison.activemq_remote }}
{{ if .Values.openunison.amq.remote_brokers }}
{{ $remote_queue_num := 0 }}
{{ $remote_queues := splitList "," .Values.openunison.non_secret_data.K8S_DR_QUEUES }}
{{ range $host := .Values.openunison.activemq_remote}}
{{ range $host := .Values.openunison.amq.remote_brokers}}
<networkConnector uri="static:(ssl://{{ $host }})" >
<dynamicallyIncludedDestinations>
<queue physicalName="{{ index $remote_queues $remote_queue_num }}" />
Expand Down Expand Up @@ -300,7 +300,7 @@ data:
<bean id="SecureConnector" class="org.eclipse.jetty.server.ServerConnector">
<constructor-arg ref="Server" />
<constructor-arg>
<bean id="handlers" class="org.eclipse.jetty.util.ssl.SslContextFactory">
<bean id="handlers" class="org.eclipse.jetty.util.ssl.SslContextFactory$Server">

<property name="keyStorePath" value="/etc/activemq-secrets/amq.p12" />
<property name="keyStorePassword" value="${TLS_KS_PWD}" />
Expand Down
Loading

0 comments on commit 3f7a5de

Please sign in to comment.