Name:         zookeeper-pi-config-map
Namespace:    sf
Labels:       <none>
Annotations:  <none>

Data
====
logback.xml:
----
<!--
 Copyright 2022 The Apache Software Foundation

 Licensed to the Apache Software Foundation (ASF) under one
 or more contributor license agreements.  See the NOTICE file
 distributed with this work for additional information
 regarding copyright ownership.  The ASF licenses this file
 to you under the Apache License, Version 2.0 (the
 "License"); you may not use this file except in compliance
 with the License.  You may obtain a copy of the License at

     http://www.apache.org/licenses/LICENSE-2.0

 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.

 Define some default values that can be overridden by system properties
-->
<configuration>
    <!-- Uncomment this if you would like to expose Logback JMX beans -->
    <!--jmxConfigurator
    /-->

    <property name="zookeeper.console.threshold" value="INFO" />

    <property name="zookeeper.log.dir" value="/var/log/" />
    <property name="zookeeper.log.file" value="zookeeper.log" />
    <property name="zookeeper.log.threshold" value="INFO" />
    <property name="zookeeper.log.maxfilesize" value="256MB" />
    <property name="zookeeper.log.maxbackupindex" value="2" />

    <!--
    console
    Add "console" to root logger if you want to use this
  -->
    <appender name="CONSOLE" class="ch.qos.logback.core.ConsoleAppender">
        <encoder>
            <pattern>%d{ISO8601} [myid:%X{myid}] - %-5p [%t:%C{1}@%L] - %m%n</pattern>
        </encoder>
        <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
            <level>${zookeeper.console.threshold}</level>
        </filter>
    </appender>

    <!--
    Add ROLLINGFILE to root logger to get log file output
  -->
    <appender name="ROLLINGFILE" class="ch.qos.logback.core.rolling.RollingFileAppender">
        <File>${zookeeper.log.dir}/${zookeeper.log.file}</File>
        <encoder>
            <pattern>%d{ISO8601} [myid:%X{myid}] - %-5p [%t:%C{1}@%L] - %m%n</pattern>
        </encoder>
        <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
            <level>${zookeeper.log.threshold}</level>
        </filter>
        <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
            <maxIndex>${zookeeper.log.maxbackupindex}</maxIndex>
            <FileNamePattern>${zookeeper.log.dir}/${zookeeper.log.file}.%i</FileNamePattern>
        </rollingPolicy>
        <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
            <MaxFileSize>${zookeeper.log.maxfilesize}</MaxFileSize>
        </triggeringPolicy>
    </appender>

    <!--
    Add TRACEFILE to root logger to get log file output
    Log TRACE level and above messages to a log file
  -->
    <!--property
    name="zookeeper.tracelog.dir" value="${zookeeper.log.dir}" />
  <property name="zookeeper.tracelog.file" value="zookeeper_trace.log" />
  <appender name="TRACEFILE" class="ch.qos.logback.core.FileAppender">
    <File>${zookeeper.tracelog.dir}/${zookeeper.tracelog.file}</File>
    <encoder>
      <pattern>%d{ISO8601} [myid:%X{myid}] - %-5p [%t:%C{1}@%L] - %m%n</pattern>
    </encoder>
    <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
      <level>TRACE</level>
    </filter>
  </appender-->

    <!--
    zk audit logging
  -->
    <!--property
    name="zookeeper.auditlog.file" value="zookeeper_audit.log" />
  <property name="zookeeper.auditlog.threshold" value="INFO" />
  <property name="audit.logger" value="INFO, RFAAUDIT" />

  <appender name="RFAAUDIT" class="ch.qos.logback.core.rolling.RollingFileAppender">
    <File>${zookeeper.log.dir}/${zookeeper.auditlog.file}</File>
    <encoder>
      <pattern>%d{ISO8601} %p %c{2}: %m%n</pattern>
    </encoder>
    <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
      <level>${zookeeper.auditlog.threshold}</level>
    </filter>
    <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
      <maxIndex>10</maxIndex>
      <FileNamePattern>${zookeeper.log.dir}/${zookeeper.auditlog.file}.%i</FileNamePattern>
    </rollingPolicy>
    <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
      <MaxFileSize>10MB</MaxFileSize>
    </triggeringPolicy>
  </appender>

  <logger name="org.apache.zookeeper.audit.Slf4jAuditLogger" additivity="false"
    level="${audit.logger}">
    <appender-ref ref="RFAAUDIT" />
  </logger-->

    <root level="INFO">
        <appender-ref ref="CONSOLE" />
        <appender-ref ref="ROLLINGFILE" />
    </root>
</configuration>

probe.sh:
----
#!/bin/sh

echo "ruok" | openssl s_client -CAfile /tls/client/ca.crt -cert /tls/client/tls.crt -key /tls/client/tls.key \
  -connect 127.0.0.1:2281 -quiet 2>/dev/null | grep "imok"


run.sh:
----
#!/bin/bash

set -a
export HOME=/data
ROOT=/zookeeper
ZK_LOG_LEVEL="INFO"
ZK_DATA_DIR="/data"
ZK_DATA_LOG_DIR="/data/log"
ZK_CONF_DIR="/conf"
ZK_CLIENT_PORT=${ZK_CLIENT_PORT:-2181}
ZK_SSL_CLIENT_PORT=${ZK_SSL_CLIENT_PORT:-2281}
ZK_SERVER_SERVICE=${ZK_SERVER_PORT:-"zookeeper-headless"}
ZK_SERVER_PORT=${ZK_SERVER_PORT:-2888}
ZK_ELECTION_PORT=${ZK_ELECTION_PORT:-3888}
ZK_TICK_TIME=${ZK_TICK_TIME:-2000}
ZK_INIT_LIMIT=${ZK_INIT_LIMIT:-10}
ZK_SYNC_LIMIT=${ZK_SYNC_LIMIT:-5}
ZK_MAX_HEAP_SIZE=${ZK_MAX_HEAP_SIZE:-2G}
ZK_MIN_HEAP_SIZE=${ZK_MIN_HEAP_SIZE:-128M}
ZK_MAX_CLIENT_CNXNS=${ZK_MAX_CLIENT_CNXNS:-60}
ZK_MIN_SESSION_TIMEOUT=${ZK_MIN_SESSION_TIMEOUT:-$((ZK_TICK_TIME*2))}
ZK_MAX_SESSION_TIMEOUT=${ZK_MAX_SESSION_TIMEOUT:-$((ZK_TICK_TIME*20))}
ZK_SNAP_RETAIN_COUNT=${ZK_SNAP_RETAIN_COUNT:-3}
ZK_PURGE_INTERVAL=${ZK_PURGE_INTERVAL:-3}
JMXPORT=1099
JMXSSL=false
JMXAUTH=false
JMXDISABLE=${JMXDISABLE:-false}
ID_FILE="$ZK_DATA_DIR/myid"
ZK_CONFIG_FILE="$ZK_CONF_DIR/zoo.cfg"
HOST=$(hostname)
DOMAIN=$(hostname -d)
JVMFLAGS="-Xmx$ZK_MAX_HEAP_SIZE -Xms$ZK_MIN_HEAP_SIZE"

APPJAR=$(echo $ROOT/*jar)
CLASSPATH="${ROOT}/lib/*:${APPJAR}:${ZK_CONF_DIR}:"

if [[ $HOST =~ (.*)-([0-9]+)$ ]]; then
    NAME=${BASH_REMATCH[1]}
    ORD=${BASH_REMATCH[2]}
    MY_ID=$((ORD+1))
else
    echo "Failed to extract ordinal from hostname $HOST"
    exit 1
fi

mkdir -p "$ZK_DATA_LOG_DIR"
echo $MY_ID >> "$ID_FILE"

if [[ -f /tls/server/ca.crt ]]; then
  cp /tls/server/ca.crt /data/server-ca.pem
  cat /tls/server/${ORD}-tls.crt /tls/server/${ORD}-tls.key > /data/server.pem
fi
if [[ -f /tls/client/ca.crt ]]; then
  cp /tls/client/ca.crt /data/client-ca.pem
  cat /tls/client/tls.crt /tls/client/tls.key > /data/client.pem
fi

cat << EOF >> "$ZK_CONFIG_FILE"
dataDir=$ZK_DATA_DIR
dataLogDir=$ZK_DATA_LOG_DIR
tickTime=$ZK_TICK_TIME
initLimit=$ZK_INIT_LIMIT
syncLimit=$ZK_SYNC_LIMIT
maxClientCnxns=$ZK_MAX_CLIENT_CNXNS
minSessionTimeout=$ZK_MIN_SESSION_TIMEOUT
maxSessionTimeout=$ZK_MAX_SESSION_TIMEOUT
autopurge.snapRetainCount=$ZK_SNAP_RETAIN_COUNT
autopurge.purgeInterval=$ZK_PURGE_INTERVAL
4lw.commands.whitelist=*
zookeeper.tcpKeepAlive=true
EOF

# Client TLS configuration
if [[ -f /tls/client/ca.crt ]]; then

cat << EOF >> "$ZK_CONFIG_FILE"
secureClientPort=$ZK_SSL_CLIENT_PORT
ssl.keyStore.location=/data/client.pem
ssl.trustStore.location=/data/client-ca.pem
EOF

# Add helper script to use zkCli.sh
cat << EOF >> /tmp/zkCli
#!/bin/sh
CLIENT_JVMFLAGS="
-Dzookeeper.clientCnxnSocket=org.apache.zookeeper.ClientCnxnSocketNetty
-Dzookeeper.client.secure=true
-Dzookeeper.ssl.keyStore.location=/data/client.pem
-Dzookeeper.ssl.trustStore.location=/data/client-ca.pem" /zookeeper/bin/zkCli.sh -server localhost:2281
EOF
chmod +x /tmp/zkCli

else
  echo "clientPort=$ZK_CLIENT_PORT" >> "$ZK_CONFIG_FILE"
fi

# Server TLS configuration
if [[ -f /tls/server/ca.crt ]]; then

cat << EOF >> "$ZK_CONFIG_FILE"
serverCnxnFactory=org.apache.zookeeper.server.NettyServerCnxnFactory
sslQuorum=true
ssl.quorum.keyStore.location=/data/server.pem
ssl.quorum.trustStore.location=/data/server-ca.pem
EOF

fi

for (( i=1; i<=$ZK_REPLICAS; i++ ))
do
    echo "server.$i=$NAME-$((i-1)).$DOMAIN:$ZK_SERVER_PORT:$ZK_ELECTION_PORT" >> "$ZK_CONFIG_FILE"
done

cp /config-scripts/logback.xml /conf

if [ -n "$JMXDISABLE" ]
then
    MAIN=org.apache.zookeeper.server.quorum.QuorumPeerMain
else
    MAIN="-Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.port=$JMXPORT -Dcom.sun.management.jmxremote.authenticate=$JMXAUTH -Dcom.sun.management.jmxremote.ssl=$JMXSSL -Dzookeeper.jmx.log4j.disable=$JMXLOG4J org.apache.zookeeper.server.quorum.QuorumPeerMain"
fi

set -x
exec java -cp "$CLASSPATH" $JVMFLAGS $MAIN $ZK_CONFIG_FILE



BinaryData
====

Events:  <none>