icecheng/freeleaps-ops
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
c8b68afc75
freeleaps-ops/cluster/manifests/freeleaps-data-platform/pinot/values.yaml
zhenyus c8b68afc75 feat: Update Pinot configuration and RBAC rules 
- Enhanced the Pinot Helm chart values.yaml with comprehensive configurations for controller, broker, server, minion, and zookeeper components.
- Added support for pod disruption budgets and custom resource definitions in RBAC rules.
- Introduced a new script for managing Kubernetes service port forwarding, allowing users to easily forward, stop, and list active services.
- Updated helm repository list to ensure proper access to necessary charts.

Signed-off-by: zhenyus <zhenyus@mathmast.com>
2025-05-20 16:00:32 +08:00

804 lines
23 KiB
YAML
Raw Blame History

#
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
#
# Default values for Pinot.
namespaceOverride:
namespaceAnnotations: {}
image:
repository: apachepinot/pinot
# Pinot docker images are available at https://hub.docker.com/r/apachepinot/pinot/tags
# - `latest` tag is always available and points to the nightly pinot master branch build
# - `release-x.y.z` or `x.y.z` tags are available for each release, e.g. release-1.0.0, release-0.12.1, 1.0.0, 0.12.1, etc.
#
# Default JDK comes with Amazon Corretto 11, here are also images with different JDKs:
# - Amazon Corretto 11, e.g. `latest-11`, `1.0.0-11`, `latest-11-amazoncorretto`, `1.0.0-11-amazoncorretto`
# - Amazon Corretto 17, e.g. `latest-17-amazoncorretto`, `1.0.0-17-amazoncorretto`
# - MS OpenJDK 11, e.g. `latest-11-ms-openjdk`, `1.0.0-11-ms-openjdk`
# - MS OpenJDK 17, e.g. `latest-17-ms-openjdk`, `1.0.0-17-ms-openjdk`
# - OpenJDK 21, e.g. `latest-21-openjdk`, `1.0.0-21-openjdk`
tag: latest # 1.0.0, 0.12.1, latest
pullPolicy: Always # Use IfNotPresent when you pinged a version of image tag
cluster:
name: freeleaps
imagePullSecrets: []
terminationGracePeriodSeconds: 30
securityContext: {}
# capabilities:
# drop:
# - ALL
# readOnlyRootFilesystem: true
# runAsNonRoot: true
# runAsUser: 1000
# default values of the probes i.e. liveness and readiness.
# customization of values is present at the component level.
probes:
initialDelaySeconds: 60
periodSeconds: 10
failureThreshold: 10
# should be 1 for liveness and startup probe, as per K8s doc.
successThreshold: 1
timeoutSeconds: 10
serviceAccount:
# Specifies whether a service account should be created
create: true
# Annotations to add to the service account
annotations: {}
# The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
name: ""
additionalMatchLabels: {}
pinotAuth:
enabled: false
controllerFactoryClass: org.apache.pinot.controller.api.access.BasicAuthAccessControlFactory
brokerFactoryClass: org.apache.pinot.broker.broker.BasicAuthAccessControlFactory
configs:
# - access.control.principals=admin,user
# - access.control.principals.admin.password=verysecret
# - access.control.principals.user.password=secret
# - access.control.principals.user.tables=baseballStats,otherstuff
# - access.control.principals.user.permissions=READ
# ------------------------------------------------------------------------------
# Pinot Controller:
# ------------------------------------------------------------------------------
controller:
name: controller
# Controls whether controller.port is included in the configuration.
# Set to false to exclude controller.port when using TLS-only mode or when
# you want to specify the port in controller.access.protocols.https.port instead.
configureControllerPort: true
replicaCount: 1
podManagementPolicy: Parallel
podSecurityContext: {}
# fsGroup: 2000
securityContext: {}
startCommand: "StartController"
probes:
endpoint: "/health"
livenessEnabled: false
readinessEnabled: false
startupEnabled: false
liveness:
initialDelaySeconds: 60
failureThreshold: 10
timeoutSeconds: 10
successThreshold: 1
periodSeconds: 10
readiness:
initialDelaySeconds: 60
failureThreshold: 10
timeoutSeconds: 10
successThreshold: 1
periodSeconds: 10
startup:
initialDelaySeconds: 60
failureThreshold: 10
timeoutSeconds: 10
successThreshold: 1
periodSeconds: 10
persistence:
enabled: true
accessMode: ReadWriteOnce
size: 1G
mountPath: /var/pinot/controller/data
storageClass: ""
extraVolumes: []
extraVolumeMounts: []
data:
dir: /var/pinot/controller/data
vip:
enabled: false
host: pinot-controller
port: 9000
jvmOpts: "-XX:ActiveProcessorCount=2 -Xms256M -Xmx1G -XX:+UseG1GC -XX:MaxGCPauseMillis=200 -Xlog:gc*:file=/opt/pinot/gc-pinot-controller.log -Djute.maxbuffer=4000000"
log4j2ConfFile: /opt/pinot/etc/conf/pinot-controller-log4j2.xml
pluginsDir: /opt/pinot/plugins
pdb:
enabled: false
minAvailable: ""
maxUnavailable: 50%
service:
annotations: {}
clusterIP: "None"
externalIPs: []
loadBalancerIP: ""
loadBalancerSourceRanges: []
type: ClusterIP
port: 9000
nodePort: ""
protocol: TCP
name: controller
extraPorts: []
# - containerPort: 1234
# protocol: PROTOCOL
# name: extra-port
external:
enabled: true
type: LoadBalancer
port: 9000
annotations: {}
ingress:
v1beta1:
enabled: false
annotations: { }
tls: { }
path: /
hosts: [ ]
# port: 9433
v1:
enabled: false
ingressClassName: ""
annotations: {}
tls: []
path: /
hosts: []
# port: 9433
resources:
requests:
memory: "1.25Gi"
nodeSelector: {}
tolerations: []
initContainers: []
affinity: {}
podAnnotations: {}
# set enabled as true, to automatically roll controller stateful set for configmap change
automaticReload:
enabled: false
updateStrategy:
type: RollingUpdate
# Use envFrom to define all of the ConfigMap or Secret data as container environment variables.
# ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables
# ref: https://kubernetes.io/docs/tasks/inject-data-application/distribute-credentials-secure/#configure-all-key-value-pairs-in-a-secret-as-container-environment-variables
envFrom: []
# - configMapRef:
# name: special-config
# - secretRef:
# name: test-secret
# Use extraEnv to add individual key value pairs as container environment variables.
# ref: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/
extraEnv:
- name: LOG4J_CONSOLE_LEVEL
value: info
# - name: PINOT_CUSTOM_ENV
# value: custom-value
# Extra configs will be appended to pinot-controller.conf file
extra:
configs: |-
pinot.set.instance.id.to.hostname=true
controller.task.scheduler.enabled=true
# ------------------------------------------------------------------------------
# Pinot Broker:
# ------------------------------------------------------------------------------
broker:
name: broker
# Controls whether pinot.broker.client.queryPort is included in the configuration.
# Set to false to exclude pinot.broker.client.queryPort when using TLS-only mode or when
# you want to specify the port in pinot.broker.access.protocols.https.port instead.
configureBrokerPort: true
replicaCount: 1
podManagementPolicy: Parallel
podSecurityContext: {}
# fsGroup: 2000
securityContext: {}
startCommand: "StartBroker"
jvmOpts: "-XX:ActiveProcessorCount=2 -Xms256M -Xmx1G -XX:+UseG1GC -XX:MaxGCPauseMillis=200 -Xlog:gc*:file=/opt/pinot/gc-pinot-broker.log -Djute.maxbuffer=4000000"
log4j2ConfFile: /opt/pinot/etc/conf/pinot-broker-log4j2.xml
pluginsDir: /opt/pinot/plugins
routingTable:
builderClass: random
probes:
endpoint: "/health"
livenessEnabled: true
readinessEnabled: true
startupEnabled: false
liveness:
initialDelaySeconds: 60
failureThreshold: 10
timeoutSeconds: 10
successThreshold: 1
periodSeconds: 10
readiness:
initialDelaySeconds: 60
failureThreshold: 10
timeoutSeconds: 10
successThreshold: 1
periodSeconds: 10
startup:
initialDelaySeconds: 60
failureThreshold: 10
timeoutSeconds: 10
successThreshold: 1
periodSeconds: 10
persistence:
extraVolumes: []
extraVolumeMounts: []
pdb:
enabled: false
minAvailable: ""
maxUnavailable: 50%
service:
annotations: {}
clusterIP: "None"
externalIPs: []
loadBalancerIP: ""
loadBalancerSourceRanges: []
type: ClusterIP
protocol: TCP
port: 8099
name: broker
nodePort: ""
extraPorts: []
# - containerPort: 1234
# protocol: PROTOCOL
# name: extra-port
external:
enabled: true
type: LoadBalancer
port: 8099
# For example, in private GKE cluster, you might add cloud.google.com/load-balancer-type: Internal
annotations: {}
ingress:
v1beta1:
enabled: false
annotations: {}
tls: {}
path: /
hosts: []
# port: 8443
v1:
enabled: false
ingressClassName: ""
annotations: {}
tls: []
path: /
hosts: []
# port: 8443
resources:
requests:
memory: "1.25Gi"
nodeSelector: {}
affinity: {}
tolerations: []
initContainers: []
podAnnotations: {}
# set enabled as true, to automatically roll broker stateful set for configmap change
automaticReload:
enabled: false
updateStrategy:
type: RollingUpdate
# Use envFrom to define all of the ConfigMap or Secret data as container environment variables.
# ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables
# ref: https://kubernetes.io/docs/tasks/inject-data-application/distribute-credentials-secure/#configure-all-key-value-pairs-in-a-secret-as-container-environment-variables
envFrom: []
# - configMapRef:
# name: special-config
# - secretRef:
# name: test-secret
# Use extraEnv to add individual key value pairs as container environment variables.
# ref: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/
extraEnv:
- name: LOG4J_CONSOLE_LEVEL
value: info
# - name: PINOT_CUSTOM_ENV
# value: custom-value
# Extra configs will be appended to pinot-broker.conf file
extra:
configs: |-
pinot.set.instance.id.to.hostname=true
pinot.query.server.port=7321
pinot.query.runner.port=7732
# ------------------------------------------------------------------------------
# Pinot Server:
# ------------------------------------------------------------------------------
server:
name: server
# Controls whether pinot.server.netty.port is included in the configuration.
# Set to false to exclude pinot.server.netty.port when using TLS-only mode or when
# you want to specify the port in pinot.server.nettytls.port instead.
configureServerPort: true
replicaCount: 1
podManagementPolicy: Parallel
podSecurityContext: {}
# fsGroup: 2000
securityContext: {}
startCommand: "StartServer"
probes:
endpoint: "/health"
livenessEnabled: false
readinessEnabled: false
startupEnabled: false
liveness:
endpoint: "/health/liveness"
initialDelaySeconds: 60
failureThreshold: 10
timeoutSeconds: 10
successThreshold: 1
periodSeconds: 10
readiness:
endpoint: "/health/readiness"
initialDelaySeconds: 60
failureThreshold: 10
timeoutSeconds: 10
successThreshold: 1
periodSeconds: 10
startup:
endpoint: "/health/liveness"
initialDelaySeconds: 60
failureThreshold: 10
timeoutSeconds: 10
successThreshold: 1
periodSeconds: 10
dataDir: /var/pinot/server/data/index
segmentTarDir: /var/pinot/server/data/segment
persistence:
enabled: true
accessMode: ReadWriteOnce
size: 4G
mountPath: /var/pinot/server/data
storageClass: ""
#storageClass: "ssd"
extraVolumes: []
extraVolumeMounts: []
jvmOpts: "-Xms512M -Xmx1G -XX:+UseG1GC -XX:MaxGCPauseMillis=200 -Xlog:gc*:file=/opt/pinot/gc-pinot-server.log -Djute.maxbuffer=4000000"
log4j2ConfFile: /opt/pinot/etc/conf/pinot-server-log4j2.xml
pluginsDir: /opt/pinot/plugins
pdb:
enabled: false
minAvailable: ""
maxUnavailable: 1
service:
annotations: {}
clusterIP: ""
externalIPs: []
loadBalancerIP: ""
loadBalancerSourceRanges: []
type: ClusterIP
nettyPort: 8098
nettyPortName: netty
adminPort: 8097
adminExposePort: 80
adminPortName: admin
nodePort: ""
protocol: TCP
extraPorts: []
# - containerPort: 1234
# protocol: PROTOCOL
# name: extra-port
resources:
requests:
memory: "1.25Gi"
nodeSelector: {}
affinity: {}
tolerations: []
initContainers: []
podAnnotations: {}
# set enabled as true, to automatically roll server stateful set for configmap change
automaticReload:
enabled: false
updateStrategy:
type: RollingUpdate
# Use envFrom to define all of the ConfigMap or Secret data as container environment variables.
# ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables
# ref: https://kubernetes.io/docs/tasks/inject-data-application/distribute-credentials-secure/#configure-all-key-value-pairs-in-a-secret-as-container-environment-variables
envFrom: []
# - configMapRef:
# name: special-config
# - secretRef:
# name: test-secret
# Use extraEnv to add individual key value pairs as container environment variables.
# ref: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/
extraEnv:
- name: LOG4J_CONSOLE_LEVEL
value: info
# - name: PINOT_CUSTOM_ENV
# value: custom-value
# Extra configs will be appended to pinot-server.conf file
extra:
configs: |-
pinot.set.instance.id.to.hostname=true
pinot.server.instance.realtime.alloc.offheap=true
pinot.query.server.port=7321
pinot.query.runner.port=7732
# ------------------------------------------------------------------------------
# Pinot Minion:
# ------------------------------------------------------------------------------
minion:
enabled: false
name: minion
# Controls whether pinot.minion.port is included in the configuration.
# Set to false to exclude pinot.minion.port when using TLS-only mode
# or when you're configuring ports through another mechanism.
configureMinionPort: true
replicaCount: 0
podManagementPolicy: Parallel
podSecurityContext: {}
# fsGroup: 2000
securityContext: {}
startCommand: "StartMinion"
probes:
endpoint: "/health"
livenessEnabled: true
readinessEnabled: true
startupEnabled: false
liveness:
initialDelaySeconds: 60
failureThreshold: 10
timeoutSeconds: 10
successThreshold: 1
periodSeconds: 10
readiness:
initialDelaySeconds: 60
failureThreshold: 10
timeoutSeconds: 10
successThreshold: 1
periodSeconds: 10
startup:
initialDelaySeconds: 60
failureThreshold: 10
timeoutSeconds: 10
successThreshold: 1
periodSeconds: 10
dataDir: /var/pinot/minion/data
jvmOpts: "-XX:ActiveProcessorCount=2 -Xms256M -Xmx1G -XX:+UseG1GC -XX:MaxGCPauseMillis=200 -Xlog:gc*:file=/opt/pinot/gc-pinot-minion.log -Djute.maxbuffer=4000000"
log4j2ConfFile: /opt/pinot/etc/conf/pinot-minion-log4j2.xml
pluginsDir: /opt/pinot/plugins
persistence:
enabled: true
accessMode: ReadWriteOnce
size: 4G
mountPath: /var/pinot/minion/data
storageClass: ""
#storageClass: "ssd"
extraVolumes: []
extraVolumeMounts: []
service:
annotations: {}
clusterIP: ""
externalIPs: []
loadBalancerIP: ""
loadBalancerSourceRanges: []
type: ClusterIP
port: 9514
nodePort: ""
protocol: TCP
name: minion
extraPorts: []
# - containerPort: 1234
# protocol: PROTOCOL
# name: extra-port
resources:
requests:
memory: "1.25Gi"
nodeSelector: {}
affinity: {}
tolerations: []
initContainers: []
podAnnotations: {}
automaticReload:
enabled: false
updateStrategy:
type: RollingUpdate
# Use envFrom to define all of the ConfigMap or Secret data as container environment variables.
# ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables
# ref: https://kubernetes.io/docs/tasks/inject-data-application/distribute-credentials-secure/#configure-all-key-value-pairs-in-a-secret-as-container-environment-variables
envFrom: []
# - configMapRef:
# name: special-config
# - secretRef:
# name: test-secret
# Use extraEnv to add individual key value pairs as container environment variables.
# ref: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/
extraEnv:
- name: LOG4J_CONSOLE_LEVEL
value: info
# - name: PINOT_CUSTOM_ENV
# value: custom-value
# Extra configs will be appended to pinot-minion.conf file
extra:
configs: |-
pinot.set.instance.id.to.hostname=true
# ------------------------------------------------------------------------------
# Pinot Minion Stateless:
# ------------------------------------------------------------------------------
minionStateless:
enabled: true
name: minion-stateless
# Controls whether pinot.minion.port is included in the configuration.
# Set to false to exclude pinot.minion.port when using TLS-only mode
# or when you're configuring ports through another mechanism.
configureMinionStatelessPort: true
replicaCount: 1
podSecurityContext: {}
# fsGroup: 2000
securityContext: {}
startCommand: "StartMinion"
probes:
endpoint: "/health"
livenessEnabled: true
readinessEnabled: true
startupEnabled: true
liveness:
initialDelaySeconds: 60
failureThreshold: 10
timeoutSeconds: 10
successThreshold: 1
periodSeconds: 10
readiness:
initialDelaySeconds: 60
failureThreshold: 10
timeoutSeconds: 10
successThreshold: 1
periodSeconds: 10
startup:
initialDelaySeconds: 60
failureThreshold: 10
timeoutSeconds: 10
successThreshold: 1
periodSeconds: 10
dataDir: /var/pinot/minion/data
jvmOpts: "-XX:ActiveProcessorCount=2 -Xms256M -Xmx1G -XX:+UseG1GC -XX:MaxGCPauseMillis=200 -Xlog:gc*:file=/opt/pinot/gc-pinot-minion.log -Djute.maxbuffer=4000000"
log4j2ConfFile: /opt/pinot/etc/conf/pinot-minion-log4j2.xml
pluginsDir: /opt/pinot/plugins
persistence:
enabled: false
pvcName: minion-data-vol
accessMode: ReadWriteOnce
size: 4G
mountPath: /var/pinot/minion/data
storageClass: ""
#storageClass: "ssd"
extraVolumes: []
extraVolumeMounts: []
service:
port: 9514
protocol: TCP
name: minion
extraPorts: []
# - containerPort: 1234
# protocol: PROTOCOL
# name: extra-port
resources:
requests:
memory: "1.25Gi"
nodeSelector: {}
affinity: {}
tolerations: []
initContainers: []
podAnnotations: {}
# Use envFrom to define all of the ConfigMap or Secret data as container environment variables.
# ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables
# ref: https://kubernetes.io/docs/tasks/inject-data-application/distribute-credentials-secure/#configure-all-key-value-pairs-in-a-secret-as-container-environment-variables
envFrom: []
# - configMapRef:
# name: special-config
# - secretRef:
# name: test-secret
# Use extraEnv to add individual key value pairs as container environment variables.
# ref: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/
extraEnv:
- name: LOG4J_CONSOLE_LEVEL
value: info
# - name: PINOT_CUSTOM_ENV
# value: custom-value
# Extra configs will be appended to pinot-minion.conf file
extra:
configs: |-
pinot.set.instance.id.to.hostname=true
# ------------------------------------------------------------------------------
# Zookeeper:
# NOTE: IN PRODUCTION USE CASES, IT's BEST TO USE ZOOKEEPER K8S OPERATOR
# ref: https://github.com/pravega/zookeeper-operator#install-the-operator
# ------------------------------------------------------------------------------
zookeeper:
## If true, install the Zookeeper chart alongside Pinot
## ref: https://github.com/bitnami/charts/tree/master/bitnami/zookeeper
enabled: true
## If the Zookeeper Chart is disabled a URL override is required to connect
urlOverride: "my-zookeeper:2181/my-pinot"
## Zookeeper port
port: 2181
## Configure Zookeeper resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
resources:
requests:
memory: "1.25Gi"
## Replicas
replicaCount: 1
## Ongoing data directory cleanup configuration
autopurge:
## The time interval (in hours) for which the purge task has to be triggered
## Set to a positive integer to enable the auto purging
purgeInterval: 1
## The most recent snapshots amount (and corresponding transaction logs) to retain
snapRetainCount: 5
## Size (in MB) for the Java Heap options (Xmx and Xms)
## This env var is ignored if Xmx an Xms are configured via `zookeeper.jvmFlags`
heapSize: "1024"
## Extra JVM Flags for Zookeeper
jvmFlags: "-Djute.maxbuffer=4000000"
persistence:
enabled: true
storageClass: ""
#storageClass: "ssd"
## The amount of PV storage allocated to each Zookeeper pod in the statefulset
size: "8Gi"
## Specify a Zookeeper imagePullPolicy
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
image:
PullPolicy: "IfNotPresent"
## Pod scheduling preferences (by default keep pods within a release on separate nodes).
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
## By default we don't set affinity:
affinity: {} # Criteria by which pod label-values influence scheduling for zookeeper pods.
# podAntiAffinity:
# requiredDuringSchedulingIgnoredDuringExecution:
# - topologyKey: "kubernetes.io/hostname"
# labelSelector:
# matchLabels:
# release: zookeeper
Reference in New Issue View Git Blame Copy Permalink