From 4610dc01946b122acffabeb1b729599aa34d30d6 Mon Sep 17 00:00:00 2001
From: Steve Wilkerson <sw5822@att.com>
Date: Fri, 30 Aug 2019 09:32:28 -0500
Subject: [PATCH] Fluentd: Add support for Kafka outputs

This updates the fluentd chart to add support for leveraging a
Kafka output. This required adding a kafka endpoint entry to the
chart's values.yaml, as well as the required template updates to
the fluentd deployment template and the addition of a secret for
kafka credentials

Depends-On: https://review.opendev.org/#/c/679297/

Change-Id: I80a487a0538f0b3704fb598da38c07feedaccb0e
Signed-off-by: Steve Wilkerson <sw5822@att.com>
---
 fluentd/templates/deployment-fluentd.yaml | 19 ++++++++++++++-
 fluentd/templates/secret-kafka-creds.yaml | 28 +++++++++++++++++++++++
 fluentd/values.yaml                       | 20 ++++++++++++++++
 3 files changed, 66 insertions(+), 1 deletion(-)
 create mode 100644 fluentd/templates/secret-kafka-creds.yaml

diff --git a/fluentd/templates/deployment-fluentd.yaml b/fluentd/templates/deployment-fluentd.yaml
index eb5ef086f..10270e421 100644
--- a/fluentd/templates/deployment-fluentd.yaml
+++ b/fluentd/templates/deployment-fluentd.yaml
@@ -19,8 +19,11 @@ limitations under the License.
 
 {{- $mounts_fluentd := .Values.pod.mounts.fluentd.fluentd }}
 
-{{- $rcControllerName := printf "%s-%s" $envAll.Release.Name "fluentd"  }}
+{{- $kafkaBroker := tuple "kafka" "public" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
+{{- $kafkaBrokerPort := tuple "kafka" "public" "broker" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
+{{- $kafkaBrokerURI := printf "%s:%s" $kafkaBroker $kafkaBrokerPort }}
 
+{{- $rcControllerName := printf "%s-%s" $envAll.Release.Name "fluentd"  }}
 {{ tuple $envAll "fluentd" $rcControllerName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
 ---
 apiVersion: rbac.authorization.k8s.io/v1beta1
@@ -156,6 +159,8 @@ spec:
               value: {{ tuple "elasticsearch" "internal" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" | quote }}
             - name: ELASTICSEARCH_PORT
               value: {{ tuple "elasticsearch" "internal" "http" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | quote }}
+            - name: KAFKA_BROKER
+              value: {{ $kafkaBrokerURI }}
             - name: ELASTICSEARCH_USERNAME
               valueFrom:
                 secretKeyRef:
@@ -166,6 +171,18 @@ spec:
                 secretKeyRef:
                   name: {{ printf "%s-%s" $envAll.Release.Name "elasticsearch-user" | quote }}
                   key: ELASTICSEARCH_PASSWORD
+{{- if .Values.manifests.secret_kafka }}
+            - name: KAFKA_USERNAME
+              valueFrom:
+                secretKeyRef:
+                  name: {{ printf "%s-%s" $envAll.Release.Name "kafka-user" | quote }}
+                  key: KAFKA_USERNAME
+            - name: KAFKA_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: {{ printf "%s-%s" $envAll.Release.Name "kafka-user" | quote }}
+                  key: KAFKA_PASSWORD
+{{- end }}
           volumeMounts:
             - name: pod-tmp
               mountPath: /tmp
diff --git a/fluentd/templates/secret-kafka-creds.yaml b/fluentd/templates/secret-kafka-creds.yaml
new file mode 100644
index 000000000..b85899874
--- /dev/null
+++ b/fluentd/templates/secret-kafka-creds.yaml
@@ -0,0 +1,28 @@
+{{/*
+Copyright 2019 The Openstack-Helm Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+{{- if .Values.manifests.secret_kafka }}
+{{- $envAll := . }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ printf "%s-%s" $envAll.Release.Name "kafka-user" | quote }}
+type: Opaque
+data:
+  KAFKA_USERNAME: {{ .Values.endpoints.kafka.auth.admin.username | b64enc }}
+  KAFKA_PASSWORD: {{ .Values.endpoints.kafka.auth.admin.password | b64enc }}
+{{- end }}
diff --git a/fluentd/values.yaml b/fluentd/values.yaml
index c7cca4e11..1725057c1 100644
--- a/fluentd/values.yaml
+++ b/fluentd/values.yaml
@@ -347,6 +347,25 @@ endpoints:
         default: 24224
       metrics:
         default: 24220
+  kafka:
+    namespace: null
+    name: kafka
+    auth:
+      admin:
+        username: admin
+        password: changeme
+    hosts:
+      default: kafka-broker
+      public: kafka
+    host_fqdn_override:
+      default: null
+    path:
+      default: null
+    scheme:
+      default: kafka
+    port:
+      broker:
+        default: 9092
   prometheus_fluentd_exporter:
     namespace: null
     hosts:
@@ -461,4 +480,5 @@ manifests:
       service_exporter: true
   network_policy: false
   secret_elasticsearch: true
+  secret_kafka: false
   service_fluentd: true