apiVersion: v1 kind: Service metadata: name: kafka spec: ports: - port: 9092 name: client clusterIP: None selector: app: kafka --- apiVersion: "cilium.io/v2" kind: CiliumNetworkPolicy metadata: name: kafka-authaudit specs: - endpointSelector: matchLabels: "k8s:app": kafka ingress: - fromEndpoints: - matchLabels: "k8s:app": productpage "k8s:version": v2 toPorts: - ports: - port: "9092" protocol: TCP rules: kafka: - apiKey: "produce" topic: "authaudit" - apiKey: "apiversions" - apiKey: "metadata" - apiKey: "heartbeat" - fromEndpoints: - matchLabels: app: kafka - fromEndpoints: - matchLabels: "k8s:app": authaudit-logger toPorts: - ports: - port: "9092" protocol: TCP rules: kafka: - apiKey: "fetch" topic: "authaudit" - apiKey: "apiversions" - apiKey: "metadata" - apiKey: "findcoordinator" - apiKey: "joingroup" - apiKey: "leavegroup" - apiKey: "syncgroup" - apiKey: "offsets" - apiKey: "offsetcommit" - apiKey: "offsetfetch" - apiKey: "heartbeat" --- apiVersion: apps/v1beta1 kind: StatefulSet metadata: name: kafka-v1 spec: serviceName: kafka replicas: 1 template: metadata: annotations: sidecar.istio.io/inject: "false" labels: app: kafka version: v1 spec: containers: - name: kafka image: docker.io/spotify/kafka:latest ports: - containerPort: 9092 name: kafka env: - name: ADVERTISED_HOST value: kafka.default.svc.cluster.local - name: ADVERTISED_PORT value: "9092" - name: ZK_CHROOT value: kafka - name: LOG_RETENTION_HOURS value: "2" - name: LOG_RETENTION_BYTES value: "1073741824" - name: NUM_PARTITIONS value: "1" - name: AUTO_CREATE_TOPICS value: "true"