You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@rocketmq.apache.org by "ljtnono (via GitHub)" <gi...@apache.org> on 2023/05/05 06:32:07 UTC
[GitHub] [rocketmq-operator] ljtnono commented on issue #156: 如何禁用console?
ljtnono commented on issue #156:
URL: https://github.com/apache/rocketmq-operator/issues/156#issuecomment-1535777487
> Have you deployed the Console CR?
no, I haven't. This is my deployment yaml file.
```yaml
# sa定义
apiVersion: v1
kind: ServiceAccount
metadata:
name: rocketmq-operator
namespace: common
---
# role定义
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: rocketmq-operator
rules:
- apiGroups:
- ""
resources:
- configmaps
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
- apiGroups:
- ""
resources:
- pods
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- pods/exec
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- services
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- apps
resources:
- deployments
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- apps
resources:
- statefulsets
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- rocketmq.apache.org
resources:
- brokers
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- rocketmq.apache.org
resources:
- brokers/finalizers
verbs:
- update
- apiGroups:
- rocketmq.apache.org
resources:
- brokers/status
verbs:
- get
- patch
- update
- apiGroups:
- rocketmq.apache.org
resources:
- consoles
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- rocketmq.apache.org
resources:
- consoles/finalizers
verbs:
- update
- apiGroups:
- rocketmq.apache.org
resources:
- consoles/status
verbs:
- get
- patch
- update
- apiGroups:
- rocketmq.apache.org
resources:
- controllers
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- rocketmq.apache.org
resources:
- controllers/finalizers
verbs:
- update
- apiGroups:
- rocketmq.apache.org
resources:
- controllers/status
verbs:
- get
- patch
- update
- apiGroups:
- rocketmq.apache.org
resources:
- nameservices
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- rocketmq.apache.org
resources:
- nameservices/finalizers
verbs:
- update
- apiGroups:
- rocketmq.apache.org
resources:
- nameservices/status
verbs:
- get
- patch
- update
- apiGroups:
- rocketmq.apache.org
resources:
- topictransfers
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- rocketmq.apache.org
resources:
- topictransfers/finalizers
verbs:
- update
- apiGroups:
- rocketmq.apache.org
resources:
- topictransfers/status
verbs:
- get
- patch
- update
---
# roleBinding
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: rocketmq-operator
subjects:
- kind: ServiceAccount
name: rocketmq-operator
namespace: common
roleRef:
kind: ClusterRole
name: rocketmq-operator
apiGroup: rbac.authorization.k8s.io
---
# deployment
apiVersion: apps/v1
kind: Deployment
metadata:
name: rocketmq-operator
namespace: common
spec:
replicas: 1
selector:
matchLabels:
name: rocketmq-operator
template:
metadata:
labels:
name: rocketmq-operator
spec:
serviceAccountName: rocketmq-operator
terminationGracePeriodSeconds: 10
containers:
- name: manager
image: apache/rocketmq-operator:latest
command:
- /manager
args:
- --leader-elect
imagePullPolicy: IfNotPresent
securityContext:
allowPrivilegeEscalation: false
livenessProbe:
httpGet:
path: /healthz
port: 8081
initialDelaySeconds: 15
periodSeconds: 20
readinessProbe:
httpGet:
path: /readyz
port: 8081
initialDelaySeconds: 5
periodSeconds: 10
env:
- name: WATCH_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: OPERATOR_NAME
value: "rocketmq-operator"
- name: ENABLE_ROCKETMQ_CONSOLE
value: "false"
---
apiVersion: v1
kind: ConfigMap
metadata:
name: broker-config
namespace: common
data:
# BROKER_MEM sets the broker JVM, if set to "" then Xms = Xmx = max(min(1/2 ram, 1024MB), min(1/4 ram, 8GB))
BROKER_MEM: " -Xms512m -Xmx512m -Xmn512m "
broker-common.conf: |
# brokerClusterName, brokerName, brokerId are automatically generated by the operator and do not set it manually!!!
deleteWhen=04
fileReservedTime=48
flushDiskType=ASYNC_FLUSH
# set brokerRole to ASYNC_MASTER or SYNC_MASTER. DO NOT set to SLAVE because the replica instance will automatically be set!!!
brokerRole=ASYNC_MASTER
---
apiVersion: rocketmq.apache.org/v1alpha1
kind: Broker
metadata:
name: broker
namespace: common
spec:
size: 1
nameServers: ""
replicaPerGroup: 2
brokerImage: apacherocketmq/rocketmq-broker:4.5.0-alpine-operator-0.3.0
imagePullPolicy: Always
resources:
requests:
memory: "2048Mi"
cpu: "250m"
limits:
memory: "12288Mi"
cpu: "500m"
allowRestart: true
storageMode: StorageClass
hostPath: ""
scalePodName: broker-0-master-0
env:
- name: BROKER_MEM
valueFrom:
configMapKeyRef:
name: broker-config
key: BROKER_MEM
volumes:
- name: broker-config
configMap:
name: broker-config
items:
- key: broker-common.conf
path: broker-common.conf
volumeClaimTemplates:
- metadata:
name: broker-storage
namespace: common
annotations:
nfs.io/storage-path: rocketmq/broker
spec:
accessModes:
- ReadWriteOnce
storageClassName: nfs-sc
resources:
requests:
storage: 4Gi
---
apiVersion: rocketmq.apache.org/v1alpha1
kind: NameService
metadata:
name: name-service
namespace: common
spec:
size: 1
nameServiceImage: apacherocketmq/rocketmq-nameserver:4.5.0-alpine-operator-0.3.0
imagePullPolicy: Always
hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet
resources:
requests:
memory: "512Mi"
cpu: "250m"
limits:
memory: "1024Mi"
cpu: "500m"
storageMode: StorageClass
hostPath: ""
volumeClaimTemplates:
- metadata:
name: namesrv-storage
namespace: common
annotations:
nfs.io/storage-path: rocketmq/nameserver
spec:
accessModes:
- ReadWriteOnce
storageClassName: nfs-sc
resources:
requests:
storage: 1Gi
---
# namesrv service服务暴露
apiVersion: v1
kind: Service
metadata:
name: rocketmq-namesrv-extern
namespace: common
spec:
type: NodePort
ports:
- port: 9876
name: namesrv
nodePort: 30160
targetPort: 9876
selector:
app: name_service
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@rocketmq.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org