[GitHub] [pulsar-helm-chart] eolivelli commented on a change in pull request #119: Update to Pulsar 2.7.2
eolivelli commented on a change in pull request #119: URL: https://github.com/apache/pulsar-helm-chart/pull/119#discussion_r644581568 ## File path: dev-func-k8s-values.yaml ## @@ -0,0 +1,109 @@ +# +# Copyright 2021 DataStax, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# + +enableAntiAffinity: no +enableTls: no +enableTokenAuth: no +restartOnConfigMapChange: + enabled: yes +extra: + function: yes + burnell: yes + burnellLogCollector: yes Review comment: I committed unintentionally other files on my work directory. Removed ## File path: examples/test-kube-functions-minikube.yaml ## @@ -0,0 +1,78 @@ +# +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# + +extra: + functionsAsPods: yes + +## deployed withh emptyDir +volumes: + persistence: false + +# disabled AntiAffinity +affinity: + anti_affinity: false + +# disable auto recovery +components: + autorecovery: false + functions: yes + +zookeeper: + replicaCount: 1 + +bookkeeper: + replicaCount: 1 + +broker: + replicaCount: 1 + configData: +## Enable `autoSkipNonRecoverableData` since bookkeeper is running +## without persistence +autoSkipNonRecoverableData: "true" +# storage settings +managedLedgerDefaultEnsembleSize: "1" +managedLedgerDefaultWriteQuorum: "1" +managedLedgerDefaultAckQuorum: "1" + +proxy: + replicaCount: 1 + +functions: + replicaCount: 1 + runtime: kubernetes + +image: + zookeeper: +repository: apachepulsar/pulsar-all +tag: 2.8.0-SNAPSHOT + bookie: +repository: apachepulsar/pulsar-all +tag: 2.8.0-SNAPSHOT + autorecovery: +repository: apachepulsar/pulsar-all +tag: 2.8.0-SNAPSHOT + broker: +repository: apachepulsar/pulsar-all +tag: 2.8.0-SNAPSHOT + functions: +repository: apachepulsar/pulsar-all +tag: 2.8.0-SNAPSHOT + proxy: +repository: apachepulsar/pulsar-all +tag: 2.8.0-SNAPSHOT Review comment: I committed unintentionally other files on my work directory. Removed ## File path: dev-func-k8s-values.yaml ## @@ -0,0 +1,109 @@ +# +# Copyright 2021 DataStax, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# + +enableAntiAffinity: no +enableTls: no +enableTokenAuth: no +restartOnConfigMapChange: + enabled: yes +extra: + function: yes + burnell: yes + burnellLogCollector: yes + pulsarHeartbeat: yes + pulsarAdminConsole: yes + +zookeeper: + replicaCount: 1 + resources: +requests: + memory: 300Mi + cpu: 0.3 + configData: +PULSAR_MEM: "\"-Xms300m -Xmx300m -Djute.maxbuffer=10485760 -XX:+ExitOnOutOfMemoryError\"" + +bookkeeper: + replicaCount: 1 + resources: +requests: + memory: 512Mi + cpu: 0.3 + configData: +BOOKIE_MEM: "\"-Xms312m -Xmx312m -XX:MaxDirectMemorySize=200m -XX:+ExitOnOutOfMemoryError\"" + +broker: + component: broker + replicaCount: 1 + ledger: +defaultEnsembleSize: 1 +defaultAckQuorum: 1 +defaultWriteQuorum: 1 + resources: +requests: + memory: 600Mi + cpu: 0.3 + configData: +PULSAR_MEM: "\"-Xms400m -Xmx400m -XX:MaxDirectMemorySize=200m -XX:+ExitOnOutOfMemoryError\"" + +auto
[GitHub] [pulsar-helm-chart] eolivelli commented on pull request #119: Update to Pulsar 2.7.2
eolivelli commented on pull request #119: URL: https://github.com/apache/pulsar-helm-chart/pull/119#issuecomment-853676432 @lhotari PTAL again please -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [pulsar-helm-chart] lhotari merged pull request #119: Update to Pulsar 2.7.2
lhotari merged pull request #119: URL: https://github.com/apache/pulsar-helm-chart/pull/119 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[ANNOUNCE] Apache Pulsar 2.6.4 released
The Apache Pulsar team is proud to announce Apache Pulsar version 2.6.4. Pulsar is a highly scalable, low latency messaging platform running on commodity hardware. It provides simple pub-sub semantics over topics, guaranteed at-least-once delivery of messages, automatic cursor management for subscribers, and cross-datacenter replication. For Pulsar release details and downloads, visit: https://pulsar.apache.org/download Release Notes are at: http://pulsar.apache.org/release-notes We would like to thank the contributors that made the release possible. Regards, The Pulsar Team
[Pulsar Community Weekly Update] 2021-05-24 ~ 2021-05-30
Dear Pulsar enthusiast, This is the Pulsar community weekly update for 2021-05-24 ~ 2021-05-30, with updates on Pulsar client, broker, and so on. This Pulsar community weekly update is also available at https://streamnative.io/weekly/2021/2021-05/2021-05-31-pulsar-weekly. All Pulsar community weekly updates are available at https://streamnative.io/weekly/. === *Development* - Refactor the try-lock code pattern. https://github.com/apache/pulsar/pull/10742 ([@fantapsody]( https://github.com/fantapsody)) - [C++] Reduce the redundant `redeliverMessages` when the message listener is enabled. https://github.com/apache/pulsar/pull/10726 ([@saosir]( https://github.com/saosir)) - [Transaction] Add the transaction Admin API `getPendingAckInternalStats`. https://github.com/apache/pulsar/pull/10725 ([@congbobo184]( https://github.com/congbobo184)) - [Schema] Support using `AutoProduceBytesSchema` as the function output schema. https://github.com/apache/pulsar/pull/10716 ([@gaoran10]( https://github.com/gaoran10)) - [Common] Fix the inconsistent behavior in `LongPairRangeSet`. https://github.com/apache/pulsar/pull/10713 ([@315157973]( https://github.com/315157973)) - [C++] Add the C++ single file logger factory. https://github.com/apache/pulsar/pull/10712 ([@BewareMyPower]( https://github.com/BewareMyPower)) - [Transaction] Fix the `WriteFail` state of the ManagedLedger in the transaction log. https://github.com/apache/pulsar/pull/10711 ([@congbobo184]( https://github.com/congbobo184)) - [Java Client] On multi-topic consumers, do not keep checking the partitioned metadata. https://github.com/apache/pulsar/pull/10708 ([@merlimat]( https://github.com/merlimat)) - [Transaction] Add the transaction Admin APIs `getSlowTransactions` and `getSlowTransactionsByCoordinatorId`. https://github.com/apache/pulsar/pull/10701 ([@congbobo184]( https://github.com/congbobo184)) - [Schema] In `AutoConsumeSchema.decode`, proxy the call to `decode(payload, schemaversion)` correctly to the wrapped Schema. https://github.com/apache/pulsar/pull/10700 ([@eolivelli]( https://github.com/eolivelli)) - [Broker] Avoid making copies of internal maps when iterating the custom HASH map. https://github.com/apache/pulsar/pull/10691 ([@merlimat]( https://github.com/merlimat)) - [Transaction] Add the transaction Admin API `getTransactionMetadata`. https://github.com/apache/pulsar/pull/10690 ([@congbobo184]( https://github.com/congbobo184)) - [Pulsar Proxy] Adjust the location of `logger.debug`. https://github.com/apache/pulsar/pull/10684 ([@mantuliu]( https://github.com/mantuliu)) - [Broker] Optimize `getTopicPolicies` to avoid throwing an unnecessary exception. https://github.com/apache/pulsar/pull/10683 ([@michaeljmarshall]( https://github.com/michaeljmarshall)) - [Transaction] Add the transaction Admin API `getCoordinatorInternalStats`. https://github.com/apache/pulsar/pull/10653 ([@congbobo184]( https://github.com/congbobo184)) - [Transaction] Add the transaction Admin APIs `getTransactionBufferStatus` and `getPendingAckStatus`. https://github.com/apache/pulsar/pull/10650 ([@congbobo184]( https://github.com/congbobo184)) - [Transaction] Add the transaction Admin API `getTransactionInPendingAckStats`. https://github.com/apache/pulsar/pull/10648 ([@congbobo184]( https://github.com/congbobo184)) - [Transaction] Add the transaction Admin API `getTransactionInBufferStats`. https://github.com/apache/pulsar/pull/10642 ([@congbobo184]( https://github.com/congbobo184)) - [Function] Add `--batch-source-config` switch to the Pulsar Admin source API. https://github.com/apache/pulsar/pull/10593 ([@david-streamlio]( https://github.com/david-streamlio)) - [Broker] Migrate `NamespaceService` to use `MetadataStore`. https://github.com/apache/pulsar/pull/10532 ([@merlimat]( https://github.com/merlimat)) === *Notable Bug Fix* - [Function] Use the default Kubernetes secret mount permission to allow non-root users to read the authentication token. https://github.com/apache/pulsar/pull/10743 ([@zzzming]( https://github.com/zzzming)) - [ManagedLedger] Fix the original solution which is used to prevent race conditions between timeout and completion. https://github.com/apache/pulsar/pull/10740 ([@lhotari]( https://github.com/lhotari)) - [ManagedLedger] Fix the scheduled task cancellation operation to make it happen earlier in the `asyncClose` method. https://github.com/apache/pulsar/pull/10739 ([@lhotari]( https://github.com/lhotari)) - [Java Client] Add error message to `setMaxPendingMessagesAcrossPartitions`. https://github.com/apache/pulsar/pull/10709 ([@wenbingshen]( https://github.com/wenbingshen)) - [Broker] Asynchronize the method `onManagedLedgerLastLedgerInitialize` for `ManagedLedgerInterceptor`. https://github.com/apache/pulsar/pull/10706 ([@
Re: Standardize authentication and authorization terms
Hi Chris, This is a good idea! We are intermixing a lot of terms in the code which might cause confusion and bugs in the future. Please formalize what you are proposing in a PIP. Thank you! Best, Jerry On Tue, Jun 1, 2021 at 11:45 PM r...@apache.org wrote: > Hello Chris: > > This is a good idea. If possible, you can submit a PIP to list the > confusion of the current terminology and if we want to unify, do we need to > make some changes to the current structure? > > In this case, it is convenient for us to further evaluate whether the > current idea can be better implemented. > > -- > Thanks > Xiaolong Ran > > > Chris Kellogg 于2021年6月2日周三 上午6:04写道: > > > The Pulsar code base uses different terms (principal, role, client-id, > > app-id, etc..) when referring to authentication and authorization. > > Different places use different terms that may or may not mean the same > > thing. All these different terms get overloaded and make it confusing to > > reason about the code. Additionally, it makes it challenging to > > talk/discuss code related to authentication/authorization. > > > > I propose we standardize on a few terms and then clean up the code and > docs > > to reflect this. I suggest the following terms: > > > > principal => this identifies a client and is a unique value. > > role => a role or roles are associated with a principal and the role(s) > are > > used to determine whether or not the principal can perform a certain > > action. > > > > Based on these definitions I think the job of the two auth interfaces > are. > > > > AuthenticationProvider => identify the client and return the principal > > AuthorizationProvider => determine whether or not the principal can > perform > > a certain action. > > > > Thoughts? > > >
