github.com/fafucoder/cilium@v1.6.11/examples/kubernetes-istio/kafka-v1.yaml (about) 1 apiVersion: v1 2 kind: Service 3 metadata: 4 name: kafka 5 spec: 6 ports: 7 - port: 9092 8 name: client 9 clusterIP: None 10 selector: 11 app: kafka 12 --- 13 apiVersion: "cilium.io/v2" 14 kind: CiliumNetworkPolicy 15 metadata: 16 name: kafka-authaudit 17 specs: 18 - endpointSelector: 19 matchLabels: 20 "k8s:app": kafka 21 ingress: 22 - fromEndpoints: 23 - matchLabels: 24 "k8s:app": productpage 25 "k8s:version": v2 26 toPorts: 27 - ports: 28 - port: "9092" 29 protocol: TCP 30 rules: 31 kafka: 32 - apiKey: "produce" 33 topic: "authaudit" 34 - apiKey: "apiversions" 35 - apiKey: "metadata" 36 - apiKey: "heartbeat" 37 - fromEndpoints: 38 - matchLabels: 39 app: kafka 40 - fromEndpoints: 41 - matchLabels: 42 "k8s:app": authaudit-logger 43 toPorts: 44 - ports: 45 - port: "9092" 46 protocol: TCP 47 rules: 48 kafka: 49 - apiKey: "fetch" 50 topic: "authaudit" 51 - apiKey: "apiversions" 52 - apiKey: "metadata" 53 - apiKey: "findcoordinator" 54 - apiKey: "joingroup" 55 - apiKey: "leavegroup" 56 - apiKey: "syncgroup" 57 - apiKey: "offsets" 58 - apiKey: "offsetcommit" 59 - apiKey: "offsetfetch" 60 - apiKey: "heartbeat" 61 --- 62 apiVersion: apps/v1 63 kind: StatefulSet 64 metadata: 65 name: kafka-v1 66 spec: 67 selector: 68 matchLabels: 69 app: kafka 70 serviceName: kafka 71 replicas: 1 72 template: 73 metadata: 74 annotations: 75 sidecar.istio.io/inject: "false" 76 labels: 77 app: kafka 78 version: v1 79 spec: 80 containers: 81 - name: kafka 82 image: docker.io/spotify/kafka:latest 83 ports: 84 - containerPort: 9092 85 name: kafka 86 env: 87 - name: ADVERTISED_HOST 88 value: kafka.default.svc.cluster.local 89 - name: ADVERTISED_PORT 90 value: "9092" 91 - name: ZK_CHROOT 92 value: kafka 93 - name: LOG_RETENTION_HOURS 94 value: "2" 95 - name: LOG_RETENTION_BYTES 96 value: "1073741824" 97 - name: NUM_PARTITIONS 98 value: "1" 99 - name: AUTO_CREATE_TOPICS 100 value: "true"