feat: kafka producer and consumer brokers (#12)

* feat: kafka producer and consumer brokers

* feat: tls ingress example with a test cert

* feat: add consumer parameter for kafka

* feat: update use cases

* feat: update README

* feat: update version

* feat: update README.md

README.md

@@ -48,11 +48,11 @@ Helm's [documentation](https://helm.sh/docs)
 
 To use FeatBit, three services must be exposed from the internal network of Kubernetes:
 
-* ui: FeatBit frontend (http://127.0.0.1:8081).
-* api: FeatBit api server (http://127.0.0.1:5000).
-* evaluation server(els): FeatBit data synchronization and data evaluation server (http://127.0.0.1:5100).
+* ui: FeatBit frontend
+* api: FeatBit api server
+* evaluation server(els): FeatBit data synchronization and data evaluation server
 
-If you cannot access the services using localhost and their default ports, `apiExternalUrl` and `evaluationServerExternalUrl` **_SHOULD_** be reset in the [values.yaml](https://helm.sh/docs/chart_template_guide/values_files/)
+If you cannot access the services using localhost and their default ports, `apiExternalUrl` and `evaluationServerExternalUrl` **_SHOULD_** be reset in the [values.yaml or your own values file with -f flag](https://helm.sh/docs/chart_template_guide/values_files/)
 
 ### ClusterIP
 
@@ -82,10 +82,9 @@ Exposes the Services on each k8s cluster Node's IP at a static port:
 * api: http://NODE_IP:30050
 * evaluation server(els): http://NODE_IP:30100
 
-Set your [values.yaml](https://helm.sh/docs/chart_template_guide/values_files/) as following:
+Set your [values.yaml](https://helm.sh/docs/chart_template_guide/values_files/) as the following [example](./charts/featbit/examples/standard/expose-services-via-nodeport.yaml)
 
 ```yaml
-# charts/featbit/examples/expose-services-via-nodeport.yaml
 
 apiExternalUrl: "http://NODE_IP:30050"
 evaluationServerExternalUrl: "http://NODE_IP:30100"
@@ -120,34 +119,58 @@ Exposes the Service externally using an external load balancer. K8s does not dir
 The 3 services must be assigned an IP before deployment. Especially, we **_MUST_** know the IPs of api and evaluation server in advance.
 If the load balancer randomly assigns external IP addresses to services, it can make it difficult to preconfigure parameters. Therefore, we currently **_DO NOT_** recommend to use this approach.
 
-Here is a LoadBalancer examples if you can bind static IPs to services:
+#### Static IP
+To expose service, we recommend you to bind static external IPs to services, as the following [example](./charts/featbit/examples/standard/expose-services-via-lb-static-ip.yaml)
 
 ```yaml
-# charts/featbit/examples/expose-services-via-lb.yaml
 
 apiExternalUrl: "http://API_EXTERNAL_IP:5000"
 evaluationServerExternalUrl: "http://ELS_EXTERNAL_IP:5100"
 
 ui:
   service:
     type: LoadBalancer
+    staticIP: {UI_EXTERNAL_IP}
 
 api:
   service:
     type: LoadBalancer
+    staticIP: {API_EXTERNAL_IP}
 
 els:
   service:
     type: LoadBalancer
+    staticIP: {ELS_EXTERNAL_IP}
 ```
-In the next version, we will support the automatic discovery of Load Balancer service IPs. 
-But if you are using a k8s cluster from a cloud provider, the allocation of Load Balancer IPs may take a significant amount of time. 
-In such cases, the automatic discovery feature may not fundamentally solve the problem.
+K8s provided by Cloud (AKS, GKE, EKS etc.):
 
+* [AKS bind static ip with special annotation for load balancer service](./aks/README.md)
+* [GKE create and set Static IP for load balancer service](https://cloud.google.com/kubernetes-engine/docs/tutorials/configuring-domain-name-static-ip#step_2b_using_an_ingress)
+* [EKS assign elastic ip for load balancer service](https://stackoverflow.com/questions/60095864/how-can-i-assign-a-static-ip-to-my-eks-service)
 
-#### Azure Kubernetes Service (AKS) + Azure Load Balancer
+#### IP Auto Discovery 
 
-[Visit README in ask subdirectory for more details.](./aks/README.md)
+We also provide a support to discovery automatically Load Balancer service IPs, as the following [example](./charts/featbit/examples/standard/expose-services-via-lb-auto-discovery-ip.yaml):
+
+```yaml
+
+apiExternalUrl: ""
+evaluationServerExternalUrl: ""
+autoDiscovery: true
+
+ui:
+  service:
+    type: LoadBalancer
+
+api:
+  service:
+    type: LoadBalancer
+
+els:
+  service:
+    type: LoadBalancer
+```
+Use `kubectl get svc` to obtain the IP addresses.
 
 ### Ingress
 
@@ -186,53 +209,43 @@ K3D deploys traefik as the default ingress controller, pleae read the [doc for e
 * [GKE](https://cloud.google.com/kubernetes-engine/docs/concepts/ingress)
 * [EKS](https://docs.aws.amazon.com/eks/latest/userguide/alb-ingress.html)
 
-Here is a simple example that show how to use ingress to expose services:
+Here is a simple [example](./charts/featbit/examples/standard/expose-services-via-ingress.yaml) that show how to use ingress to expose services:
 ```yaml
-# charts/featbit/examples/expose-services-via-ingress.yaml
 
-apiExternalUrl: "http://api.featbit.test"
-evaluationServerExternalUrl: "http://els.featbit.test"
+apiExternalUrl: "http:/{API host name}"
+evaluationServerExternalUrl: "http://{Evaluation Server host name}"
 
 ui:
   ingress:
     enabled: true
-    hosts:
-      - host: ui.featbit.test
-        paths:
-          - path: /
-            pathType: ImplementationSpecific
+    host: {UI host name}
+
 
 api:
   ingress:
     enabled: true
-    hosts:
-      - host: api.featbit.test
-        paths:
-          - path: /
-            pathType: ImplementationSpecific
+    host: {API host name}
+
 
 els:
   ingress:
     enabled: true
-    hosts:
-      - host: els.featbit.test
-        paths:
-          - path: /
-            pathType: ImplementationSpecific
+    host: {Evaluation Server host name}
 
 
 ```
 
 Note that:
 * you should bind the host names that can be resolved by DNS server or map the IPs and host names in the dns hosts file(/etc/hosts in linux and macox) in your local cluster.
-* the default ingress class is nginx, set your value in `<service>.ingress.className` if needed
+* the default ingress class is nginx, set your value in `global.ingressClassName` if needed
 * set the annotations in the `<service>.ingress.annotations`, if needed
     for example:
     ``` yaml
-    ...  
+    ... 
     ui:
       ingress:
           enabled: true
+          host: {UI host name}
           annotations:
               nginx.ingress.kubernetes.io/use-regex: "true"
               nginx.ingress.kubernetes.io/rewrite-target: /$2

aks/README.md

@@ -68,71 +68,63 @@ Clone and navigate to the Helm chart repository:
 
 ```bash
 git clone https://github.com/featbit/featbit-charts
-
-cd ./featbit-charts/charts/featbit
 ```
 
-In the `featbit-charts/charts/featbit/examples` directory, locate the AKS example file, `expose-services-via-azurelb.yaml`. Replace placeholders ({}) with the appropriate values:
+In the `featbit-charts/charts/featbit/examples/azure` directory, locate the AKS example file, `expose-services-via-azure-static-ip.yaml`. Replace placeholders ({}) with the appropriate values:
 
 - `apiExternalUrl`, the URL the UI portal utilizes to retrieve feature flags.
 - `evaluationServerExternalUrl`, the URL the SDK accesses to obtain variations or rules for feature flags.
-- `staticIP` of `ui.service`, `api.service` and `els.service`, the public IPs you created in previous step.
+- `service.beta.kubernetes.io/azure-load-balancer-ipv4`, bind the public IPs you created in previous step to each service
 - `service.beta.kubernetes.io/azure-load-balancer-resource-group`, the name of the resource group where your public IPs are situated.
 
 ```yaml
-apiExternalUrl: "http://{API Service Public IP Address, ex. 4.194.69.254}"
-evaluationServerExternalUrl: "http://{Evaluation Service Public IP Address, ex. 4.193.158.12}"
-# autoDiscovery: true
+apiExternalUrl: "http://{API Service Public IP Address with port if not 80, ex. 4.194.69.254}"
+evaluationServerExternalUrl: "http://{Evaluation Service Public IP Address with port if not 80, ex. 4.193.158.12}"
 
 ui:
   service:
     type: LoadBalancer
     port: 80
-    annotations: 
+    annotations:
       service.beta.kubernetes.io/azure-load-balancer-resource-group: {Resource Group where your Public IP located in, ex. myNetworkResourceGroup}
-    staticIP: {UI Portal Public IP Address, ex. 4.194.13.155}
+      service.beta.kubernetes.io/azure-load-balancer-ipv4: {UI Portal Public IP Address, ex. 4.194.13.155}
 
 api:
   service:
     type: LoadBalancer
     port: 80
-    annotations: 
+    annotations:
       service.beta.kubernetes.io/azure-load-balancer-resource-group: {Resource Group where your Public IP located in, ex. myNetworkResourceGroup}
-    staticIP: {API Service Public IP Address, ex. 4.194.69.254}
+      service.beta.kubernetes.io/azure-load-balancer-ipv4: {API Service Public IP Address, ex. 4.194.69.254}
 
 els:
   service:
     type: LoadBalancer
     port: 80
-    annotations: 
+    annotations:
       service.beta.kubernetes.io/azure-load-balancer-resource-group: {Resource Group where your Public IP located in, ex. myNetworkResourceGroup}
-    staticIP: {Evaluation Service Public IP Address, ex. 4.193.158.12}
+      service.beta.kubernetes.io/azure-load-balancer-ipv4: {Evaluation Service Public IP Address, ex. 4.193.158.12}
 ```
 
-> Note: API server and Evaluation server are optional. If you set `autoDiscovery` to `true` and keep delete `staticIP` values in `api` and `els` services, the IP addresses of these two services will be created automatically by Azure. But in this tutorial, we won't demonstrate it.
-
 Preview the Helm installation:
 
 ```bash
-helm install featbit featbit/featbit -f ./examples/expose-services-via-azurelb.yaml --dry-run
+helm install featbit featbit/featbit -f featbit-charts/charts/featbit/examples/azure/expose-services-via-azure-static-ip.yaml --dry-run
 ```
 
 If all looks well, install the Helm chart:
 
 ```bash
-helm install featbit featbit/featbit -f ./examples/expose-services-via-azurelb.yaml
+helm install featbit featbit/featbit -f featbit-charts/charts/featbit/examples/azure/expose-services-via-azure-static-ip.yaml
 
 # or to upgrade
-helm upgrade --install featbit . -f ./examples/expose-services-via-azurelb.yaml
+helm upgrade --install featbit featbit/featbit -f featbit-charts/charts/featbit/examples/azure/expose-services-via-azure-static-ip.yaml
 ```
 
 NOTE: 
 
-- Ensure you run the command from the directory containing `expose-services-via-azurelb.yaml`.
+- Ensure you run the command from the directory containing `expose-services-via-azure-static-ip.yaml`.
 - Specify a namespace with `--namespace` option during installation if needed.
-- Adjust replica counts or disable autoscaling in the YAML file as desired in `expose-services-via-azurelb.yaml` file:
-  - `.Values.{service name， ex. api | ui | els | das }.replicaCount`, the default value is 1
-  - `.Values.api.autoscaling.enabled`, set the value to `false`
 
 # Verification
 

charts/featbit/Chart.yaml

@@ -15,13 +15,13 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.0.2
+version: 0.0.3
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "2.4.4-rc1"
+appVersion: "2.4.4"
 
 kubeVersion: ">=1.23-0"
 

charts/featbit/examples/expose-services-via-azurelb.yaml → charts/featbit/examples/azure/expose-services-via-azure-static-ip.yaml

@@ -1,5 +1,5 @@
-apiExternalUrl: "http://{API Service Public IP Address, ex. 4.194.69.254}"
-evaluationServerExternalUrl: "http://{Evaluation Service Public IP Address, ex. 4.193.158.12}"
+apiExternalUrl: "http://{API Service Public IP Address with port if not 80, ex. 4.194.69.254}"
+evaluationServerExternalUrl: "http://{Evaluation Service Public IP Address with port if not 80, ex. 4.193.158.12}"
 
 ui:
   service:

charts/featbit/examples/certs/ca-issuer.yaml

@@ -0,0 +1,24 @@
+apiVersion: cert-manager.io/v1
+kind: Issuer
+metadata:
+  name: ca-issuer
+spec:
+  ca:
+    secretName: ca-key-pair
+
+---
+
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: featbit-com-cert
+spec:
+  secretName: featbit-com-tls-secret
+  issuerRef:
+    name: ca-issuer
+    kind: Issuer
+    group: cert-manager.io
+  commonName: "*.featbit.com"
+  dnsNames:
+    - "featbit.com"
+    - "*.featbit.com"

charts/featbit/examples/certs/ca.crt

@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDXDCCAkSgAwIBAgIQAJmb/0oiTRZ0ms66/Tij9TANBgkqhkiG9w0BAQsFADAY
+MRYwFAYDVQQDDA0qLmZlYXRiaXQuY29tMB4XDTIzMDgyNjEyNDM1N1oXDTI0MDgy
+NTEyNDM1N1owGDEWMBQGA1UEAwwNKi5mZWF0Yml0LmNvbTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBALA84Y3IlNT2EIz4KtnGI/1JJCyDtIQtVOLNhZhF
+juPxY3LqEmK/IIW3dV4pCElBfDlj3hGSxvdG/Y2pqF/X99LolVpevN0vXoOr8G6/
+rBF5Ffg0SF/W70UgLG3d0fELv86M9TWZ9bC8QtBOPMp40ijZ5x3ysu/eVAlDBXot
+Q5Skp0wyGAgFmB7jl8XnuOYYTrKVcHzR5hTOXUUBC6jyEnnWYgCjonpc7rayc+L5
+8yGuKpRjiP4+U5Sj6sMYtyaVUtkXxgbcOMAtmzeGJY44htiBSog19gj12A8P9cpR
+0sqZyjEIjTqqKduEHMAympOTEfunl4+m0s/dmMrqYDLVxr8CAwEAAaOBoTCBnjAd
+BgNVHQ4EFgQUpTJKTz1FHf+3CuKkMjQM137B+CwwDgYDVR0PAQH/BAQDAgGGMA8G
+A1UdEwEB/wQFMAMBAf8wOwYDVR0lBDQwMgYIKwYBBQUHAwIGCCsGAQUFBwMBBggr
+BgEFBQcDAwYIKwYBBQUHAwQGCCsGAQUFBwMIMB8GA1UdIwQYMBaAFKUySk89RR3/
+twripDI0DNd+wfgsMA0GCSqGSIb3DQEBCwUAA4IBAQA5VAopEOCSBHN7uEUL8VXW
+gGXsYMJBSaz1wTD0AQrgUQp/i3J2pDimL9rALUgtPJ8czn9RYbyoG655cuPqUgSX
+Rm1qA8M6mJVWUMSlOJr0OxxpQB/BWertNo7cmOFu5W+UNoTgDySQx4WAtW4e1Gfq
+Rk9t4INXSgkmfLpWpVnZBF4lo01exQg359hxhbwH+AbeyqrpWRi029L5mXC5erg4
+EqZUbBXIElN9IFSaRXgx25poSoU8RlHv4GL2OXfwuit/UKD92JbquCUaapJAfpOu
+qIQVc2ZVh9diwMpW7jiwr2ER7htH9OM8CpLxUcMj/Mwx0lp6u8xHjEAojgH1DQg2
+-----END CERTIFICATE-----

charts/featbit/examples/certs/ca.key

@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQCwPOGNyJTU9hCM
++CrZxiP9SSQsg7SELVTizYWYRY7j8WNy6hJivyCFt3VeKQhJQXw5Y94Rksb3Rv2N
+qahf1/fS6JVaXrzdL16Dq/Buv6wReRX4NEhf1u9FICxt3dHxC7/OjPU1mfWwvELQ
+TjzKeNIo2ecd8rLv3lQJQwV6LUOUpKdMMhgIBZge45fF57jmGE6ylXB80eYUzl1F
+AQuo8hJ51mIAo6J6XO62snPi+fMhriqUY4j+PlOUo+rDGLcmlVLZF8YG3DjALZs3
+hiWOOIbYgUqINfYI9dgPD/XKUdLKmcoxCI06qinbhBzAMpqTkxH7p5ePptLP3ZjK
+6mAy1ca/AgMBAAECggEADSNiFpAhyu/TyLPmJeP9N4WmBQzbKTtj56CLWWWzbaTH
+gCqZAkmIos9MGEqWITfuNde5wgpKJjxhl0JS7go19xV7BN3+gGgRSLRJsUfoC57A
+7NxLmkbLVuuQxFlUAanu5kwLKlrMPnJachhTCdkQpGungiEKBpMcJVtHY5X6QsYV
+PeUZU1Cx+608LcEOUpuwnLM9c/fiu2eZDIcRwgOx/gwTzRCAClFWVM+ilY1LZZz1
+kp6BOaDL5pZrOOmUpDhgUDKr1n3YZ9/znAmXd4oXZO3Z3HgFpBOKF+X5LXJsvsj/
+pJMwB0n+Yn0tud6PPSDgZGjBPezDrqKSbtoXZqyuYQKBgQDVSi1u6xmtA3GhnD6U
+kIs5ijHffztKDYXtuOgcyOeHrNEBkdeg+NrS/xO26Rvn/XTrKEKhkzv6VKP7e4fZ
+0bQ6jm35nr0ej+XLzfpx9cI5zPpXktAQzHBcLO37X42fOxO6po7Q5561pd1zfWaB
+6RyeLs+EWTDgZqcBkmTdiZByrwKBgQDTh1GawGuUYt6yAsBinkdzjw/p1FnGAGtB
+uiqp5bYcZNmLeqzto5mDgqE7ivJgbt9Sn0hVQUyRsphjbc8086USLvIJRHR23FZe
+dbn6RhkNm3O627qikDWV1Rl8V63sD6IWuW7kfSMD6Zd9R2SxDlzNZ05fm8xoMth2
+ai9aw3cw8QKBgQDRzd+XJefhymtyP1FHrk9lUEzyviLCGz9MsgCQoAcv7IzDcISd
+MW1+866e0/rBXw4tazLv4Pa0raGIdOETIDabCxOe4cjCUWYH7huXEdn2JW1zy1Sj
+0ZYM9Z07Eakrol8r0T7Wu5/gqsGFIys8SuP9raovU9TCR/erkidpzDGsvQKBgQCZ
+zkoK8SEIOz/cRd3nl1ky8HJMvsgsDb/vgdNlyA675KS+I4w8GvoTwtdDuUt1zQh7
+RjBNNXbcdfUSTxUcVpDPgO0iyfC5QItYkdeR4Ih0+XSUCRNTAvLDqLioTgS7ob5l
+MZ4ta8QbIy2wvUm86EmYXSaCpIFjvpzgtWMLZxdysQKBgQCA6I0A1tZ2f7EhBPIl
+wSPQvJiuNRPHUun14S1lD/hHs2q+QZHJt5CAAUK4aWwjqsAH9jYBFoHR9UUQH/fN
+6N5WjBV9WGKb+mvf0n+3tm25M0gE6oCkIzQ416zBj2GHikFN7B6Nnh18hEryqizj
+W3x+zm/l8t9CMkm04aOMnSKOdQ==
+-----END PRIVATE KEY-----

charts/featbit/examples/certs/create-ca-secret.sh

@@ -0,0 +1,8 @@
+#!/bin/sh
+
+ns=${1:-default}
+
+kubectl create secret tls ca-key-pair \
+   --cert=ca.crt \
+   --key=ca.key \
+   --namespace=$ns