Giter Site home page Giter Site logo

Comments (6)

axel-sirota avatar axel-sirota commented on August 16, 2024 1

As a comment, for GCS it did not work just adding

broker: configData: managedLedgerOffloadDriver: google-cloud-storage gcsManagedLedgerOffloadBucket: pulsar-tiered gcsManagedLedgerOffloadRegion: us-east1 managedLedgerOffloadAutoTriggerSizeThresholdBytes: "262144000"

because it was lacking the service account key file, which needs to be mounted. I added by hand in the statefulset of the broker the following volumes and volumeMounts and worked adding a field:

gcsManagedLedgerOffloadServiceAccountKeyFile: "/pulsar/gcp-service-account/{{ .Values.broker.configData.gcsServiceAccountJsonFile }}"

+++ b/charts/pulsar/templates/broker-statefulset.yaml
@@ -225,7 +225,19 @@ spec:
           {{- end }}
           {{- end }}
           {{- include "pulsar.broker.certs.volumeMounts" . | nindent 10 }}
+          {{- if .Values.broker.configData.managedLedgerOffloadDriver }}
+          {{- if eq .Values.broker.configData.managedLedgerOffloadDriver "google-cloud-storage" }}
+          - name: gcp-service-account
+            readOnly: true
+            mountPath: /pulsar/gcp-service-account
+          {{- end }}
+          {{- end }}
       volumes:
+      {{- if eq .Values.broker.configData.managedLedgerOffloadDriver "google-cloud-storage" }}
+      - name: gcp-service-account
+        secret:
+          secretName: {{ .Values.broker.configData.gcsServiceAccountSecret }}
+      {{- end }}
       {{- if .Values.auth.authentication.enabled }}
       {{- if eq .Values.auth.authentication.provider "jwt" }}
       - name: token-keys

from pulsar-helm-chart.

DonghunLouisLee avatar DonghunLouisLee commented on August 16, 2024

As a comment, for GCS it did not work just adding

broker: configData: managedLedgerOffloadDriver: google-cloud-storage gcsManagedLedgerOffloadBucket: pulsar-tiered gcsManagedLedgerOffloadRegion: us-east1 managedLedgerOffloadAutoTriggerSizeThresholdBytes: "262144000"

because it was lacking the service account key file, which needs to be mounted. I added by hand in the statefulset of the broker the following volumes and volumeMounts and worked adding a field:

gcsManagedLedgerOffloadServiceAccountKeyFile: "/pulsar/gcp-service-account/{{ .Values.broker.configData.gcsServiceAccountJsonFile }}"

+++ b/charts/pulsar/templates/broker-statefulset.yaml
@@ -225,7 +225,19 @@ spec:
           {{- end }}
           {{- end }}
           {{- include "pulsar.broker.certs.volumeMounts" . | nindent 10 }}
+          {{- if .Values.broker.configData.managedLedgerOffloadDriver }}
+          {{- if eq .Values.broker.configData.managedLedgerOffloadDriver "google-cloud-storage" }}
+          - name: gcp-service-account
+            readOnly: true
+            mountPath: /pulsar/gcp-service-account
+          {{- end }}
+          {{- end }}
       volumes:
+      {{- if eq .Values.broker.configData.managedLedgerOffloadDriver "google-cloud-storage" }}
+      - name: gcp-service-account
+        secret:
+          secretName: {{ .Values.broker.configData.gcsServiceAccountSecret }}
+      {{- end }}
       {{- if .Values.auth.authentication.enabled }}
       {{- if eq .Values.auth.authentication.provider "jwt" }}
       - name: token-keys

is it possible to know how you applied the new b/charts/pulsar/templates/broker-statefulset.yaml? did you use helm upgrade?

from pulsar-helm-chart.

axel-sirota avatar axel-sirota commented on August 16, 2024

Nono, when you change the charts you cannot use the same chart, so I repackaged locally and applied those! Not as fancy haha Ideally these should go into the official charts! If I find time I will submit a PR. I think is following this path but adding AWS and Azure? @sijie ?

from pulsar-helm-chart.

DonghunLouisLee avatar DonghunLouisLee commented on August 16, 2024

Nono, when you change the charts you cannot use the same chart, so I repackaged locally and applied those! Not as fancy haha Ideally these should go into the official charts! If I find time I will submit a PR. I think is following this path but adding AWS and Azure? @sijie ?

Thanks, that's what i thought too.

as far as i know, tiered storage support for azure will be available in pulsar 2.7.0 so i guess you could first submit a PR for gcp and aws? although aws works fine without other configurations. Cheers

from pulsar-helm-chart.

truthtrap avatar truthtrap commented on August 16, 2024

i am trying to get GCS tiered storage to work with the pulsar helm charts 2.7.1. the above pointers are too difficult for me. can you help me answer a couple of questions i have

  • where to put the keyfile so it get's mounted properly?
  • do i need to set broker.configData.gcsServiceAccountSecret and broker.configData.gcsServiceAccountJsonFile in values.yaml as well?
  • how to package and install the helm with these changes?

i think i got the last question answered. but my statefulset failes with the following error

create Pod production-pulsar-broker-0 in StatefulSet production-pulsar-broker failed error: Pod "production-pulsar-broker-0" is invalid: [spec.volumes[0].secret.secretName: Required value, spec.containers[0].volumeMounts[0].name: Not found: "gcp-service-account"]

thanks in advance for the help!

from pulsar-helm-chart.

truthtrap avatar truthtrap commented on August 16, 2024

well, i got it to work. the broker.configData in values.yaml part looks like this

# tiered storage to gcs
managedLedgerOffloadDriver: google-cloud-storage
gcsManagedLedgerOffloadBucket: pulsar
gcsManagedLedgerOffloadRegion: europe-west1
managedLedgerOffloadAutoTriggerSizeThresholdBytes: "262144000"
gcsServiceAccountSecret: "pulsar-broker-service-account"
gcsServiceAccountJsonFile: "serviceaccount.json"
gcsManagedLedgerOffloadServiceAccountKeyFile: "/pulsar/gcp-service-account/serviceaccount.json"

for this to work with the diff above you need create the service account json as per the documentation. add the resulting json file with the credentials (serviceaccount.json) as a secret to your k8s cluster (make sure to add it to the right namespace)

$ kubectl -n pulsar create secret generic pulsar-broker-service-account --from-file=serviceaccount.json

in case of an existing release, upgrade your helm deployment and roll over your broker statefulset

$ helm upgrade <your-release-name> charts/pulsar
$ kubectl -n pulsar rollout restart statefulset production-pulsar-broker

from pulsar-helm-chart.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.