From jakub at scholz.cz Thu Jul 18 15:07:15 2019 From: jakub at scholz.cz (Jakub Scholz) Date: Thu, 18 Jul 2019 17:07:15 +0200 Subject: [Strimzi] [Release] Strimzi 0.12.2 Message-ID: Strimzi 0.12.2 with several bugfixes has been released: * Fix deprecated Topic Operator to work with new images * Fix null check in EU/UO role binding management * Fix plugin isolation in Kafka Connect S2I * Fix validation of invalid Kafka versions For more details go to http://strimzi.io/ and/or https://github.com/strimzi/strimzi-kafka-operator/releases/tag/0.12.2 Thanks & Regards Jakub -------------- next part -------------- An HTML attachment was scrubbed... URL: From csenge.maruzsi at cloudera.com Mon Jul 22 11:46:00 2019 From: csenge.maruzsi at cloudera.com (=?UTF-8?Q?Csenge_Vir=C3=A1g_Maruzsi?=) Date: Mon, 22 Jul 2019 13:46:00 +0200 Subject: [Strimzi] Kafka brokers won't start Message-ID: Hi all, I am getting to know with Strimzi and reading the documentation . I deployed Cluster operator and then deployed a Kafka cluster (both with Kubernetes). So my problem is that after deploying the cluster, my kafka broker's status is CrashLoopBackOff because it can not connect to the zookeeper server. Can you help me what I am doing wrong? Thanks, Csenge -------------- next part -------------- An HTML attachment was scrubbed... URL: From jakub at scholz.cz Mon Jul 22 11:54:36 2019 From: jakub at scholz.cz (Jakub Scholz) Date: Mon, 22 Jul 2019 13:54:36 +0200 Subject: [Strimzi] Kafka brokers won't start In-Reply-To: References: Message-ID: Hi Csenge, Could you please share more about the environment? Which version of Kubernetes are you using, which version of Strimzi are you using, the logs, the Kafka custom resource which you used to create the cluster etc.? We have this bash script in our GitHub which should be able to collect most of the logs and details for you: https://github.com/strimzi/strimzi-kafka-operator/blob/master/tools/report.sh Thanks & Regards Jakub On Mon, Jul 22, 2019 at 1:46 PM Csenge Vir?g Maruzsi < csenge.maruzsi at cloudera.com> wrote: > Hi all, > I am getting to know with Strimzi and reading the documentation > . > I deployed Cluster operator and then deployed a Kafka cluster (both with > Kubernetes). > So my problem is that after deploying the cluster, my kafka broker's > status is CrashLoopBackOff because it can not connect to the zookeeper > server. > Can you help me what I am doing wrong? > > Thanks, > Csenge > _______________________________________________ > Strimzi mailing list > Strimzi at redhat.com > https://www.redhat.com/mailman/listinfo/strimzi > -------------- next part -------------- An HTML attachment was scrubbed... URL: From csenge.maruzsi at cloudera.com Mon Jul 22 12:47:21 2019 From: csenge.maruzsi at cloudera.com (=?UTF-8?Q?Csenge_Vir=C3=A1g_Maruzsi?=) Date: Mon, 22 Jul 2019 14:47:21 +0200 Subject: [Strimzi] Kafka brokers won't start In-Reply-To: References: Message-ID: Hi Jakub, Kubernetes version: 1.15 Strimzi version: 0.12.1 I have 1 master and 4 worker nodes with ubuntu 18.04. To create the cluster I used this: https://github.com/strimzi/strimzi-kafka-operator/blob/master/examples/kafka/kafka-ephemeral.yaml I attached the logs. Thanks, Csenge On Mon, Jul 22, 2019 at 1:54 PM Jakub Scholz wrote: > Hi Csenge, > > Could you please share more about the environment? Which version of > Kubernetes are you using, which version of Strimzi are you using, the logs, > the Kafka custom resource which you used to create the cluster etc.? We > have this bash script in our GitHub which should be able to collect most of > the logs and details for you: > https://github.com/strimzi/strimzi-kafka-operator/blob/master/tools/report.sh > > Thanks & Regards > Jakub > > On Mon, Jul 22, 2019 at 1:46 PM Csenge Vir?g Maruzsi < > csenge.maruzsi at cloudera.com> wrote: > >> Hi all, >> I am getting to know with Strimzi and reading the documentation >> . >> I deployed Cluster operator and then deployed a Kafka cluster (both with >> Kubernetes). >> So my problem is that after deploying the cluster, my kafka broker's >> status is CrashLoopBackOff because it can not connect to the zookeeper >> server. >> Can you help me what I am doing wrong? >> >> Thanks, >> Csenge >> _______________________________________________ >> Strimzi mailing list >> Strimzi at redhat.com >> https://www.redhat.com/mailman/listinfo/strimzi >> > -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: report-22-07-2019_14-44-46.zip Type: application/zip Size: 487480 bytes Desc: not available URL: From jakub at scholz.cz Mon Jul 22 12:58:42 2019 From: jakub at scholz.cz (Jakub Scholz) Date: Mon, 22 Jul 2019 14:58:42 +0200 Subject: [Strimzi] Kafka brokers won't start In-Reply-To: References: Message-ID: Hmm, interesting. From the logs it looks like it cannot resolve any of the DNS names. Does the DNS work properly in your cluster? Can you resolve the names of services etc. in other pods? Thanks & regards Jakub On Mon, Jul 22, 2019 at 2:47 PM Csenge Vir?g Maruzsi < csenge.maruzsi at cloudera.com> wrote: > Hi Jakub, > > Kubernetes version: 1.15 > Strimzi version: 0.12.1 > I have 1 master and 4 worker nodes with ubuntu 18.04. > To create the cluster I used this: > https://github.com/strimzi/strimzi-kafka-operator/blob/master/examples/kafka/kafka-ephemeral.yaml > I attached the logs. > > Thanks, > Csenge > > On Mon, Jul 22, 2019 at 1:54 PM Jakub Scholz wrote: > >> Hi Csenge, >> >> Could you please share more about the environment? Which version of >> Kubernetes are you using, which version of Strimzi are you using, the logs, >> the Kafka custom resource which you used to create the cluster etc.? We >> have this bash script in our GitHub which should be able to collect most of >> the logs and details for you: >> https://github.com/strimzi/strimzi-kafka-operator/blob/master/tools/report.sh >> >> Thanks & Regards >> Jakub >> >> On Mon, Jul 22, 2019 at 1:46 PM Csenge Vir?g Maruzsi < >> csenge.maruzsi at cloudera.com> wrote: >> >>> Hi all, >>> I am getting to know with Strimzi and reading the documentation >>> . >>> I deployed Cluster operator and then deployed a Kafka cluster (both with >>> Kubernetes). >>> So my problem is that after deploying the cluster, my kafka broker's >>> status is CrashLoopBackOff because it can not connect to the zookeeper >>> server. >>> Can you help me what I am doing wrong? >>> >>> Thanks, >>> Csenge >>> _______________________________________________ >>> Strimzi mailing list >>> Strimzi at redhat.com >>> https://www.redhat.com/mailman/listinfo/strimzi >>> >> -------------- next part -------------- An HTML attachment was scrubbed... URL: From csenge.maruzsi at cloudera.com Mon Jul 22 13:48:59 2019 From: csenge.maruzsi at cloudera.com (=?UTF-8?Q?Csenge_Vir=C3=A1g_Maruzsi?=) Date: Mon, 22 Jul 2019 15:48:59 +0200 Subject: [Strimzi] Kafka brokers won't start In-Reply-To: References: Message-ID: I found out that none of the pods can resolve any kind of DNS, so we can say that DNS does not work properly in my cluster. Is it because of some Strimzi configuration or I did something wrong previously? Thanks, Csenge On Mon, Jul 22, 2019 at 2:58 PM Jakub Scholz wrote: > Hmm, interesting. From the logs it looks like it cannot resolve any of the > DNS names. Does the DNS work properly in your cluster? Can you resolve the > names of services etc. in other pods? > > Thanks & regards > Jakub > > On Mon, Jul 22, 2019 at 2:47 PM Csenge Vir?g Maruzsi < > csenge.maruzsi at cloudera.com> wrote: > >> Hi Jakub, >> >> Kubernetes version: 1.15 >> Strimzi version: 0.12.1 >> I have 1 master and 4 worker nodes with ubuntu 18.04. >> To create the cluster I used this: >> https://github.com/strimzi/strimzi-kafka-operator/blob/master/examples/kafka/kafka-ephemeral.yaml >> I attached the logs. >> >> Thanks, >> Csenge >> >> On Mon, Jul 22, 2019 at 1:54 PM Jakub Scholz wrote: >> >>> Hi Csenge, >>> >>> Could you please share more about the environment? Which version of >>> Kubernetes are you using, which version of Strimzi are you using, the logs, >>> the Kafka custom resource which you used to create the cluster etc.? We >>> have this bash script in our GitHub which should be able to collect most of >>> the logs and details for you: >>> https://github.com/strimzi/strimzi-kafka-operator/blob/master/tools/report.sh >>> >>> Thanks & Regards >>> Jakub >>> >>> On Mon, Jul 22, 2019 at 1:46 PM Csenge Vir?g Maruzsi < >>> csenge.maruzsi at cloudera.com> wrote: >>> >>>> Hi all, >>>> I am getting to know with Strimzi and reading the documentation >>>> . >>>> I deployed Cluster operator and then deployed a Kafka cluster (both >>>> with Kubernetes). >>>> So my problem is that after deploying the cluster, my kafka broker's >>>> status is CrashLoopBackOff because it can not connect to the zookeeper >>>> server. >>>> Can you help me what I am doing wrong? >>>> >>>> Thanks, >>>> Csenge >>>> _______________________________________________ >>>> Strimzi mailing list >>>> Strimzi at redhat.com >>>> https://www.redhat.com/mailman/listinfo/strimzi >>>> >>> -------------- next part -------------- An HTML attachment was scrubbed... URL: From jakub at scholz.cz Mon Jul 22 14:15:47 2019 From: jakub at scholz.cz (Jakub Scholz) Date: Mon, 22 Jul 2019 16:15:47 +0200 Subject: [Strimzi] Kafka brokers won't start In-Reply-To: References: Message-ID: Honestly, I think this would be something related to your cluster. Strimzi doesn't do anything special about DNS - it just expects it to work. I didn't had time yet to update my own Kubernetes clusters to 1.15. So I'm not sure whether there are any significant changes or now with regards to DNS. I had only done some tests on Minikube with 1.15 and there it worked fine. I will try to update my big cluster to see if I have any similar issues. Thanks & Regards Jakub On Mon, Jul 22, 2019 at 3:49 PM Csenge Vir?g Maruzsi < csenge.maruzsi at cloudera.com> wrote: > I found out that none of the pods can resolve any kind of DNS, so we can > say that DNS does not work properly in my cluster. > Is it because of some Strimzi configuration or I did something wrong > previously? > > Thanks, > Csenge > > On Mon, Jul 22, 2019 at 2:58 PM Jakub Scholz wrote: > >> Hmm, interesting. From the logs it looks like it cannot resolve any of >> the DNS names. Does the DNS work properly in your cluster? Can you resolve >> the names of services etc. in other pods? >> >> Thanks & regards >> Jakub >> >> On Mon, Jul 22, 2019 at 2:47 PM Csenge Vir?g Maruzsi < >> csenge.maruzsi at cloudera.com> wrote: >> >>> Hi Jakub, >>> >>> Kubernetes version: 1.15 >>> Strimzi version: 0.12.1 >>> I have 1 master and 4 worker nodes with ubuntu 18.04. >>> To create the cluster I used this: >>> https://github.com/strimzi/strimzi-kafka-operator/blob/master/examples/kafka/kafka-ephemeral.yaml >>> I attached the logs. >>> >>> Thanks, >>> Csenge >>> >>> On Mon, Jul 22, 2019 at 1:54 PM Jakub Scholz wrote: >>> >>>> Hi Csenge, >>>> >>>> Could you please share more about the environment? Which version of >>>> Kubernetes are you using, which version of Strimzi are you using, the logs, >>>> the Kafka custom resource which you used to create the cluster etc.? We >>>> have this bash script in our GitHub which should be able to collect most of >>>> the logs and details for you: >>>> https://github.com/strimzi/strimzi-kafka-operator/blob/master/tools/report.sh >>>> >>>> Thanks & Regards >>>> Jakub >>>> >>>> On Mon, Jul 22, 2019 at 1:46 PM Csenge Vir?g Maruzsi < >>>> csenge.maruzsi at cloudera.com> wrote: >>>> >>>>> Hi all, >>>>> I am getting to know with Strimzi and reading the documentation >>>>> . >>>>> I deployed Cluster operator and then deployed a Kafka cluster (both >>>>> with Kubernetes). >>>>> So my problem is that after deploying the cluster, my kafka broker's >>>>> status is CrashLoopBackOff because it can not connect to the zookeeper >>>>> server. >>>>> Can you help me what I am doing wrong? >>>>> >>>>> Thanks, >>>>> Csenge >>>>> _______________________________________________ >>>>> Strimzi mailing list >>>>> Strimzi at redhat.com >>>>> https://www.redhat.com/mailman/listinfo/strimzi >>>>> >>>> -------------- next part -------------- An HTML attachment was scrubbed... URL: From csenge.maruzsi at cloudera.com Mon Jul 22 14:23:25 2019 From: csenge.maruzsi at cloudera.com (=?UTF-8?Q?Csenge_Vir=C3=A1g_Maruzsi?=) Date: Mon, 22 Jul 2019 16:23:25 +0200 Subject: [Strimzi] Kafka brokers won't start In-Reply-To: References: Message-ID: Thank you very much for the answer and help! I only asked if this has something to do with Strimzi, because before installing it, I manually installed Zookeeper and Kafka brokers, and they worked just fine and did not have such problem. Can you maybe think of any configuration that I did but Strimzi does not like? Thanks. Csenge On Mon, Jul 22, 2019 at 4:15 PM Jakub Scholz wrote: > Honestly, I think this would be something related to your cluster. Strimzi > doesn't do anything special about DNS - it just expects it to work. > > I didn't had time yet to update my own Kubernetes clusters to 1.15. So I'm > not sure whether there are any significant changes or now with regards to > DNS. I had only done some tests on Minikube with 1.15 and there it worked > fine. I will try to update my big cluster to see if I have any similar > issues. > > Thanks & Regards > Jakub > > On Mon, Jul 22, 2019 at 3:49 PM Csenge Vir?g Maruzsi < > csenge.maruzsi at cloudera.com> wrote: > >> I found out that none of the pods can resolve any kind of DNS, so we can >> say that DNS does not work properly in my cluster. >> Is it because of some Strimzi configuration or I did something wrong >> previously? >> >> Thanks, >> Csenge >> >> On Mon, Jul 22, 2019 at 2:58 PM Jakub Scholz wrote: >> >>> Hmm, interesting. From the logs it looks like it cannot resolve any of >>> the DNS names. Does the DNS work properly in your cluster? Can you resolve >>> the names of services etc. in other pods? >>> >>> Thanks & regards >>> Jakub >>> >>> On Mon, Jul 22, 2019 at 2:47 PM Csenge Vir?g Maruzsi < >>> csenge.maruzsi at cloudera.com> wrote: >>> >>>> Hi Jakub, >>>> >>>> Kubernetes version: 1.15 >>>> Strimzi version: 0.12.1 >>>> I have 1 master and 4 worker nodes with ubuntu 18.04. >>>> To create the cluster I used this: >>>> https://github.com/strimzi/strimzi-kafka-operator/blob/master/examples/kafka/kafka-ephemeral.yaml >>>> I attached the logs. >>>> >>>> Thanks, >>>> Csenge >>>> >>>> On Mon, Jul 22, 2019 at 1:54 PM Jakub Scholz wrote: >>>> >>>>> Hi Csenge, >>>>> >>>>> Could you please share more about the environment? Which version of >>>>> Kubernetes are you using, which version of Strimzi are you using, the logs, >>>>> the Kafka custom resource which you used to create the cluster etc.? We >>>>> have this bash script in our GitHub which should be able to collect most of >>>>> the logs and details for you: >>>>> https://github.com/strimzi/strimzi-kafka-operator/blob/master/tools/report.sh >>>>> >>>>> Thanks & Regards >>>>> Jakub >>>>> >>>>> On Mon, Jul 22, 2019 at 1:46 PM Csenge Vir?g Maruzsi < >>>>> csenge.maruzsi at cloudera.com> wrote: >>>>> >>>>>> Hi all, >>>>>> I am getting to know with Strimzi and reading the documentation >>>>>> . >>>>>> I deployed Cluster operator and then deployed a Kafka cluster (both >>>>>> with Kubernetes). >>>>>> So my problem is that after deploying the cluster, my kafka broker's >>>>>> status is CrashLoopBackOff because it can not connect to the zookeeper >>>>>> server. >>>>>> Can you help me what I am doing wrong? >>>>>> >>>>>> Thanks, >>>>>> Csenge >>>>>> _______________________________________________ >>>>>> Strimzi mailing list >>>>>> Strimzi at redhat.com >>>>>> https://www.redhat.com/mailman/listinfo/strimzi >>>>>> >>>>> -------------- next part -------------- An HTML attachment was scrubbed... URL: From debdeep.das at in.unisys.com Wed Jul 24 15:19:05 2019 From: debdeep.das at in.unisys.com (Das, Debdeep) Date: Wed, 24 Jul 2019 15:19:05 +0000 Subject: [Strimzi] KafkaUser operator Message-ID: Hello All, I am trying to implement a use case with the Strimzi KafkaUser operator. What I am looking for is certain clients, of kafka cluster, is authorized to a produce/consume to a set of topics and another set of clients is authorized to a different set of topics. For example if I have topicA, topicB, topicC and topicD, I want a set of clients producing/consuming to topicA and TopicB, while the other set producing/consuming to topicC and topicD. Can we restrict the access of the first set of client to topicC and topicD ? I have the cluster deployed on Kubernetes. If you can help with a sample YAML, it will be helpful. Regards Debdeep Debdeep Das | Lead Engineer | Communication Products - InTC Unisys | +91 9980101186 | debdeep.das at in.unisys.com THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all devices. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.png Type: image/png Size: 4550 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.jpg Type: image/jpeg Size: 778 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image003.jpg Type: image/jpeg Size: 776 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image004.jpg Type: image/jpeg Size: 775 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image005.jpg Type: image/jpeg Size: 755 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image006.jpg Type: image/jpeg Size: 1737 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image007.jpg Type: image/jpeg Size: 791 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 7855 bytes Desc: not available URL: From jakub at scholz.cz Wed Jul 24 18:00:44 2019 From: jakub at scholz.cz (Jakub Scholz) Date: Wed, 24 Jul 2019 20:00:44 +0200 Subject: [Strimzi] KafkaUser operator In-Reply-To: References: Message-ID: Hi Debdeep, The User Operator supports management of ACL rules for the SimpleAclAutohizer plugin which is part of Kafka. You can enable it in your Kafka cluster and manage the ACL rules using the User Operator. For example to produce to a topic you can set it like this: apiVersion: kafka.strimzi.io/v1beta1 kind: KafkaUser metadata: name: kafka-test-apps-producer labels: strimzi.io/cluster: my-cluster spec: authentication: type: tls* authorization: type: simple acls: - resource: type: topic name: kafka-test-apps operation: Write - resource: type: topic name: kafka-test-apps operation: Create - resource: type: topic name: kafka-test-apps operation: Describe* This will let the user send messages to topic names kafka-test-apps. Or you can let it consume form a topic: apiVersion: kafka.strimzi.io/v1beta1 kind: KafkaUser metadata: name: kafka-test-apps-consumer labels: strimzi.io/cluster: my-cluster spec: authentication: type: tls* authorization: type: simple acls: - resource: type: topic name: kafka-test-apps operation: Read - resource: type: topic name: kafka-test-apps operation: Describe - resource: type: group name: my-kafka-consum*er operation: Read Hope this helps. Thanks & Regards Jakub On Wed, Jul 24, 2019 at 5:52 PM Das, Debdeep wrote: > Hello All, > > I am trying to implement a use case with the Strimzi KafkaUser operator. > > > > What I am looking for is certain clients, of kafka cluster, is authorized > to a produce/consume to a set of topics and another set of clients is > authorized to a different set of topics. > > > > For example if I have topicA, topicB, topicC and topicD, I want a set of > clients producing/consuming to topicA and TopicB, while the other set > producing/consuming to topicC and topicD. Can we restrict the access of > the first set of client to topicC and topicD ? I have the cluster deployed > on Kubernetes. If you can help with a sample YAML, it will be helpful. > > > > Regards > > Debdeep > > > > *Debdeep Das* | Lead Engineer | Communication Products - InTC > > Unisys | +91 9980101186 | debdeep.das at in.unisys.com > > > > [image: unisys_logo] > > > > THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY > MATERIAL and is for use only by the intended recipient. If you received > this in error, please contact the sender and delete the e-mail and its > attachments from all devices. > > [image: Grey_LI] [image: > Grey_TW] [image: Grey_YT] > [image: Grey_FB] > [image: Grey_Vimeo] > [image: Grey_UB] > > > _______________________________________________ > Strimzi mailing list > Strimzi at redhat.com > https://www.redhat.com/mailman/listinfo/strimzi > -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.png Type: image/png Size: 4550 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.jpg Type: image/jpeg Size: 778 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image003.jpg Type: image/jpeg Size: 776 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image004.jpg Type: image/jpeg Size: 775 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image005.jpg Type: image/jpeg Size: 755 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image006.jpg Type: image/jpeg Size: 1737 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image007.jpg Type: image/jpeg Size: 791 bytes Desc: not available URL: From debdeep.das at in.unisys.com Thu Jul 25 06:35:49 2019 From: debdeep.das at in.unisys.com (Das, Debdeep) Date: Thu, 25 Jul 2019 06:35:49 +0000 Subject: [Strimzi] KafkaUser operator In-Reply-To: References: Message-ID: Hi Jakub, Thank you for the information. I will try your suggestions. Best Regards Debdeep Debdeep Das | Lead Engineer | Communication Products - InTC Unisys | +91 9980101186 | debdeep.das at in.unisys.com THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all devices. From: Jakub Scholz [mailto:jakub at scholz.cz] Sent: Wednesday, July 24, 2019 11:31 PM To: Das, Debdeep Cc: strimzi at redhat.com Subject: Re: [Strimzi] KafkaUser operator Hi Debdeep, The User Operator supports management of ACL rules for the SimpleAclAutohizer plugin which is part of Kafka. You can enable it in your Kafka cluster and manage the ACL rules using the User Operator. For example to produce to a topic you can set it like this: apiVersion: kafka.strimzi.io/v1beta1 kind: KafkaUser metadata: name: kafka-test-apps-producer labels: strimzi.io/cluster : my-cluster spec: authentication: type: tls authorization: type: simple acls: - resource: type: topic name: kafka-test-apps operation: Write - resource: type: topic name: kafka-test-apps operation: Create - resource: type: topic name: kafka-test-apps operation: Describe This will let the user send messages to topic names kafka-test-apps. Or you can let it consume form a topic: apiVersion: kafka.strimzi.io/v1beta1 kind: KafkaUser metadata: name: kafka-test-apps-consumer labels: strimzi.io/cluster : my-cluster spec: authentication: type: tls authorization: type: simple acls: - resource: type: topic name: kafka-test-apps operation: Read - resource: type: topic name: kafka-test-apps operation: Describe - resource: type: group name: my-kafka-consumer operation: Read Hope this helps. Thanks & Regards Jakub On Wed, Jul 24, 2019 at 5:52 PM Das, Debdeep > wrote: Hello All, I am trying to implement a use case with the Strimzi KafkaUser operator. What I am looking for is certain clients, of kafka cluster, is authorized to a produce/consume to a set of topics and another set of clients is authorized to a different set of topics. For example if I have topicA, topicB, topicC and topicD, I want a set of clients producing/consuming to topicA and TopicB, while the other set producing/consuming to topicC and topicD. Can we restrict the access of the first set of client to topicC and topicD ? I have the cluster deployed on Kubernetes. If you can help with a sample YAML, it will be helpful. Regards Debdeep Debdeep Das | Lead Engineer | Communication Products - InTC Unisys | +91 9980101186 | debdeep.das at in.unisys.com THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all devices. _______________________________________________ Strimzi mailing list Strimzi at redhat.com https://www.redhat.com/mailman/listinfo/strimzi -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.png Type: image/png Size: 4550 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.jpg Type: image/jpeg Size: 778 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image003.jpg Type: image/jpeg Size: 776 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image004.jpg Type: image/jpeg Size: 775 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image005.jpg Type: image/jpeg Size: 755 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image006.jpg Type: image/jpeg Size: 1737 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image007.jpg Type: image/jpeg Size: 791 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 7855 bytes Desc: not available URL: From ephillip at redhat.com Thu Jul 25 22:31:34 2019 From: ephillip at redhat.com (Elsie Phillips) Date: Thu, 25 Jul 2019 15:31:34 -0700 Subject: [Strimzi] Operator Blog? Message-ID: Congratulations on having your Operator included on OperatorHub! We?re excited to watch OperatorHub grow and are eager to help the larger Kubernetes community understand the benefits of building and using Operators. We?d like to highlight your Operator on the OpenShift.com blog and invite you to write a post that could cover any of the following topics: - Why you decided to build an Operator - How you built it - How to use it - Tips and tricks We ask that your blog not include any vendor pitches or customer use cases and remain purely instructional. I would be happy to jump on a call to discuss further. If you have any questions or are interested in discussing next steps, please let me know. Cheers, -- Elsie Phillips Product Marketing Manager Red Hat -------------- next part -------------- An HTML attachment was scrubbed... URL: From jakub at scholz.cz Fri Jul 26 14:14:28 2019 From: jakub at scholz.cz (Jakub Scholz) Date: Fri, 26 Jul 2019 16:14:28 +0200 Subject: [Strimzi] RC1 for Strimzi 0.13.0 Message-ID: Hi, The Release Candidate 1 for Strimzi Kafka Operators and Strimzi Bridge is now available. The main changes in the operators include: * Allow users to manually configure ACL rules (for example, using `kafka-acls.sh`) for special Kafka users `*` and `ANONYMOUS` without them being deleted by the User Operator * Add support for configuring a Priority Class name for Pods deployed by Strimzi * Add support for Kafka 2.3.0 * Add support for Kafka User resource status * Add support for Kafka Connect resource status * Add support for Kafka Connect S2I resource status * Add support for Kafka Bridge resource status * Add support for Kafka Mirror Maker resource status * Add support for DNS annotations to `nodeport` type external listeners For more details and the upgrade procedure, go to: https://github.com/strimzi/strimzi-kafka-operator/releases/tag/0.13.0-rc1 The main changes in the Bridge include: * Exposed "healthy" and "ready" endpoints as part of the OpenAPI specification * Added support for handling API gateway/proxy path routing to the bridge * Fixed OpenAPI v2 validation errors For more details, go to: https://github.com/strimzi/strimzi-kafka-bridge/releases/tag/0.13.0-rc1 Thanks & Regards Jakub -------------- next part -------------- An HTML attachment was scrubbed... URL: From jakub at scholz.cz Sat Jul 27 20:49:19 2019 From: jakub at scholz.cz (Jakub Scholz) Date: Sat, 27 Jul 2019 22:49:19 +0200 Subject: [Strimzi] Kafka brokers won't start In-Reply-To: References: Message-ID: I finally found some time to update my Kubernetes cluster to 1.15. So I tried if I can see something similar. But it seems to work fine on my cluster. So I'm afraid this has to be somehow related to the setup of your Kubernetes cluster. Thanks & Regards Jakub On Mon, Jul 22, 2019 at 4:23 PM Csenge Vir?g Maruzsi < csenge.maruzsi at cloudera.com> wrote: > Thank you very much for the answer and help! > I only asked if this has something to do with Strimzi, because before > installing it, I manually installed Zookeeper and Kafka brokers, and they > worked just fine and did not have such problem. > Can you maybe think of any configuration that I did but Strimzi does not > like? > > Thanks. > Csenge > > On Mon, Jul 22, 2019 at 4:15 PM Jakub Scholz wrote: > >> Honestly, I think this would be something related to your cluster. >> Strimzi doesn't do anything special about DNS - it just expects it to work. >> >> I didn't had time yet to update my own Kubernetes clusters to 1.15. So >> I'm not sure whether there are any significant changes or now with regards >> to DNS. I had only done some tests on Minikube with 1.15 and there it >> worked fine. I will try to update my big cluster to see if I have any >> similar issues. >> >> Thanks & Regards >> Jakub >> >> On Mon, Jul 22, 2019 at 3:49 PM Csenge Vir?g Maruzsi < >> csenge.maruzsi at cloudera.com> wrote: >> >>> I found out that none of the pods can resolve any kind of DNS, so we can >>> say that DNS does not work properly in my cluster. >>> Is it because of some Strimzi configuration or I did something wrong >>> previously? >>> >>> Thanks, >>> Csenge >>> >>> On Mon, Jul 22, 2019 at 2:58 PM Jakub Scholz wrote: >>> >>>> Hmm, interesting. From the logs it looks like it cannot resolve any of >>>> the DNS names. Does the DNS work properly in your cluster? Can you resolve >>>> the names of services etc. in other pods? >>>> >>>> Thanks & regards >>>> Jakub >>>> >>>> On Mon, Jul 22, 2019 at 2:47 PM Csenge Vir?g Maruzsi < >>>> csenge.maruzsi at cloudera.com> wrote: >>>> >>>>> Hi Jakub, >>>>> >>>>> Kubernetes version: 1.15 >>>>> Strimzi version: 0.12.1 >>>>> I have 1 master and 4 worker nodes with ubuntu 18.04. >>>>> To create the cluster I used this: >>>>> https://github.com/strimzi/strimzi-kafka-operator/blob/master/examples/kafka/kafka-ephemeral.yaml >>>>> I attached the logs. >>>>> >>>>> Thanks, >>>>> Csenge >>>>> >>>>> On Mon, Jul 22, 2019 at 1:54 PM Jakub Scholz wrote: >>>>> >>>>>> Hi Csenge, >>>>>> >>>>>> Could you please share more about the environment? Which version of >>>>>> Kubernetes are you using, which version of Strimzi are you using, the logs, >>>>>> the Kafka custom resource which you used to create the cluster etc.? We >>>>>> have this bash script in our GitHub which should be able to collect most of >>>>>> the logs and details for you: >>>>>> https://github.com/strimzi/strimzi-kafka-operator/blob/master/tools/report.sh >>>>>> >>>>>> Thanks & Regards >>>>>> Jakub >>>>>> >>>>>> On Mon, Jul 22, 2019 at 1:46 PM Csenge Vir?g Maruzsi < >>>>>> csenge.maruzsi at cloudera.com> wrote: >>>>>> >>>>>>> Hi all, >>>>>>> I am getting to know with Strimzi and reading the documentation >>>>>>> . >>>>>>> I deployed Cluster operator and then deployed a Kafka cluster (both >>>>>>> with Kubernetes). >>>>>>> So my problem is that after deploying the cluster, my kafka broker's >>>>>>> status is CrashLoopBackOff because it can not connect to the zookeeper >>>>>>> server. >>>>>>> Can you help me what I am doing wrong? >>>>>>> >>>>>>> Thanks, >>>>>>> Csenge >>>>>>> _______________________________________________ >>>>>>> Strimzi mailing list >>>>>>> Strimzi at redhat.com >>>>>>> https://www.redhat.com/mailman/listinfo/strimzi >>>>>>> >>>>>> -------------- next part -------------- An HTML attachment was scrubbed... URL: From debdeep.das at in.unisys.com Mon Jul 29 15:36:08 2019 From: debdeep.das at in.unisys.com (Das, Debdeep) Date: Mon, 29 Jul 2019 15:36:08 +0000 Subject: [Strimzi] Strimzi with Prometheus Message-ID: Hello, I have a Kubernetes environment with Strimzi and Kafka deployed. I am able to produce and consume successfully. I want to use Prometheus and Grafana to report metrics. The environment already has Prometheus Operator and Grafana installed, but in a different namespace than where I installed the Strimzi + Kafka. I used the instructions here https://strimzi.io/docs/latest/#prometheus to add the rules. I used the following instructions under the namespace where Strimzi-Kafka is installed, but I don't see the Rules under Prometheus. The metrics are already added in the YAML to deploy the Kafka(+zookeper) kubectl apply -f strimzi-service-monitor.yaml kubectl apply -f prometheus-rules.yaml kubectl apply -f prometheus.yaml Can you please help what needs to be done to get the rules. I guess because the rules are not getting to Prometheus, the Grafana is not reporting anything on the Dashboard. Regards Debdeep Debdeep Das | Lead Engineer | Communication Products - InTC Unisys | +91 9980101186 | debdeep.das at in.unisys.com THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all devices. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.png Type: image/png Size: 4550 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.jpg Type: image/jpeg Size: 778 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image003.jpg Type: image/jpeg Size: 776 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image004.jpg Type: image/jpeg Size: 775 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image005.jpg Type: image/jpeg Size: 755 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image006.jpg Type: image/jpeg Size: 1737 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image007.jpg Type: image/jpeg Size: 791 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 7855 bytes Desc: not available URL: From jakub at scholz.cz Mon Jul 29 20:48:24 2019 From: jakub at scholz.cz (Jakub Scholz) Date: Mon, 29 Jul 2019 22:48:24 +0200 Subject: [Strimzi] [Release] Strimzi 0.13.0 Message-ID: The 0.13.0 release for Strimzi Kafka Operators and Strimzi Bridge is now available. The main changes in the operators include: * Allow users to manually configure ACL rules (for example, using `kafka-acls.sh`) for special Kafka users `*` and `ANONYMOUS` without them being deleted by the User Operator * Add support for configuring a Priority Class name for Pods deployed by Strimzi * Add support for Kafka 2.3.0 * Add support for Kafka User resource status * Add support for Kafka Connect resource status * Add support for Kafka Connect S2I resource status * Add support for Kafka Bridge resource status * Add support for Kafka Mirror Maker resource status * Add support for DNS annotations to `nodeport` type external listeners For more details and the upgrade procedure, go to: https://github.com/strimzi/strimzi-kafka-operator/releases/tag/0.13.0 The main changes in the Bridge include: * Exposed "healthy" and "ready" endpoints as part of the OpenAPI specification * Added support for handling API gateway/proxy path routing to the bridge * Fixed OpenAPI v2 validation errors For more details, go to: https://github.com/strimzi/strimzi-kafka-bridge/ releases/tag/0.13.0 Thanks to everyone who contributed to this release. Special thanks also to Paolo for driving the Bridge release. Thanks & Regards Jakub -------------- next part -------------- An HTML attachment was scrubbed... URL: From csenge.maruzsi at cloudera.com Tue Jul 30 08:34:05 2019 From: csenge.maruzsi at cloudera.com (=?UTF-8?Q?Csenge_Vir=C3=A1g_Maruzsi?=) Date: Tue, 30 Jul 2019 10:34:05 +0200 Subject: [Strimzi] Kafka brokers won't start In-Reply-To: References: Message-ID: I realized that my Docker's configuration must be the problem and after reinstalling it, Strimzi works fine on my cluster too. Thank you very much for your help! Have a nice day, Csenge On Sat, Jul 27, 2019 at 10:49 PM Jakub Scholz wrote: > I finally found some time to update my Kubernetes cluster to 1.15. So I > tried if I can see something similar. But it seems to work fine on my > cluster. So I'm afraid this has to be somehow related to the setup of your > Kubernetes cluster. > > Thanks & Regards > Jakub > > On Mon, Jul 22, 2019 at 4:23 PM Csenge Vir?g Maruzsi < > csenge.maruzsi at cloudera.com> wrote: > >> Thank you very much for the answer and help! >> I only asked if this has something to do with Strimzi, because before >> installing it, I manually installed Zookeeper and Kafka brokers, and they >> worked just fine and did not have such problem. >> Can you maybe think of any configuration that I did but Strimzi does not >> like? >> >> Thanks. >> Csenge >> >> On Mon, Jul 22, 2019 at 4:15 PM Jakub Scholz wrote: >> >>> Honestly, I think this would be something related to your cluster. >>> Strimzi doesn't do anything special about DNS - it just expects it to work. >>> >>> I didn't had time yet to update my own Kubernetes clusters to 1.15. So >>> I'm not sure whether there are any significant changes or now with regards >>> to DNS. I had only done some tests on Minikube with 1.15 and there it >>> worked fine. I will try to update my big cluster to see if I have any >>> similar issues. >>> >>> Thanks & Regards >>> Jakub >>> >>> On Mon, Jul 22, 2019 at 3:49 PM Csenge Vir?g Maruzsi < >>> csenge.maruzsi at cloudera.com> wrote: >>> >>>> I found out that none of the pods can resolve any kind of DNS, so we >>>> can say that DNS does not work properly in my cluster. >>>> Is it because of some Strimzi configuration or I did something wrong >>>> previously? >>>> >>>> Thanks, >>>> Csenge >>>> >>>> On Mon, Jul 22, 2019 at 2:58 PM Jakub Scholz wrote: >>>> >>>>> Hmm, interesting. From the logs it looks like it cannot resolve any of >>>>> the DNS names. Does the DNS work properly in your cluster? Can you resolve >>>>> the names of services etc. in other pods? >>>>> >>>>> Thanks & regards >>>>> Jakub >>>>> >>>>> On Mon, Jul 22, 2019 at 2:47 PM Csenge Vir?g Maruzsi < >>>>> csenge.maruzsi at cloudera.com> wrote: >>>>> >>>>>> Hi Jakub, >>>>>> >>>>>> Kubernetes version: 1.15 >>>>>> Strimzi version: 0.12.1 >>>>>> I have 1 master and 4 worker nodes with ubuntu 18.04. >>>>>> To create the cluster I used this: >>>>>> https://github.com/strimzi/strimzi-kafka-operator/blob/master/examples/kafka/kafka-ephemeral.yaml >>>>>> I attached the logs. >>>>>> >>>>>> Thanks, >>>>>> Csenge >>>>>> >>>>>> On Mon, Jul 22, 2019 at 1:54 PM Jakub Scholz wrote: >>>>>> >>>>>>> Hi Csenge, >>>>>>> >>>>>>> Could you please share more about the environment? Which version of >>>>>>> Kubernetes are you using, which version of Strimzi are you using, the logs, >>>>>>> the Kafka custom resource which you used to create the cluster etc.? We >>>>>>> have this bash script in our GitHub which should be able to collect most of >>>>>>> the logs and details for you: >>>>>>> https://github.com/strimzi/strimzi-kafka-operator/blob/master/tools/report.sh >>>>>>> >>>>>>> Thanks & Regards >>>>>>> Jakub >>>>>>> >>>>>>> On Mon, Jul 22, 2019 at 1:46 PM Csenge Vir?g Maruzsi < >>>>>>> csenge.maruzsi at cloudera.com> wrote: >>>>>>> >>>>>>>> Hi all, >>>>>>>> I am getting to know with Strimzi and reading the documentation >>>>>>>> . >>>>>>>> I deployed Cluster operator and then deployed a Kafka cluster (both >>>>>>>> with Kubernetes). >>>>>>>> So my problem is that after deploying the cluster, my kafka >>>>>>>> broker's status is CrashLoopBackOff because it can not connect to the >>>>>>>> zookeeper server. >>>>>>>> Can you help me what I am doing wrong? >>>>>>>> >>>>>>>> Thanks, >>>>>>>> Csenge >>>>>>>> _______________________________________________ >>>>>>>> Strimzi mailing list >>>>>>>> Strimzi at redhat.com >>>>>>>> https://www.redhat.com/mailman/listinfo/strimzi >>>>>>>> >>>>>>> -------------- next part -------------- An HTML attachment was scrubbed... URL: