diff --git a/.check-schema/zilla-schema.json b/.check-schema/zilla-schema.json index f1b69406..90b3032a 100644 --- a/.check-schema/zilla-schema.json +++ b/.check-schema/zilla-schema.json @@ -93,6 +93,9 @@ "title": "Type", "type": "string", "enum": [ + "aws-acm", + "aws-secrets", + "aws", "filesystem" ] }, @@ -106,6 +109,46 @@ "type" ], "allOf": [ + { + "if": { + "properties": { + "type": { + "const": "aws-acm" + } + } + }, + "then": { + "properties": { + "type": { + "const": "aws-acm" + }, + "options": false + } + } + }, + { + "if": { + "properties": { + "type": { + "enum": [ + "aws-secrets", + "aws" + ] + } + } + }, + "then": { + "properties": { + "type": { + "enum": [ + "aws-secrets", + "aws" + ] + }, + "options": false + } + } + }, { "if": { "properties": { @@ -258,6 +301,11 @@ "challenge": { "title": "Challenge", "type": "integer" + }, + "identity": { + "title": "Identity", + "type": "string", + "default": "sub" } }, "additionalProperties": false @@ -307,9 +355,11 @@ "title": "Type", "type": "string", "enum": [ + "aws-cloudwatch", "otlp", "prometheus", - "stdout" + "stdout", + "syslog" ] } }, @@ -317,6 +367,77 @@ "type" ], "allOf": [ + { + "if": { + "properties": { + "type": { + "const": "aws-cloudwatch" + } + } + }, + "then": { + "properties": { + "type": { + "const": "aws-cloudwatch" + }, + "options": { + "type": "object", + "properties": { + "metrics": { + "type": "object", + "properties": { + "namespace": { + "type": "string" + }, + "interval": { + "title": "Interval", + "type": "number", + "default": 30 + } + }, + "required": [ + "namespace" + ], + "additionalProperties": false + }, + "logs": { + "type": "object", + "properties": { + "group": { + "type": "string" + }, + "stream": { + "type": "string" + } + }, + "required": [ + "group", + "stream" + ], + "additionalProperties": false + } + }, + "anyOf": [ + { + "required": [ + "metrics" + ] + }, + { + "required": [ + "logs" + ] + } + ], + "additionalProperties": false + }, + "additionalProperties": false + }, + "required": [ + "options" + ] + } + }, { "if": { "properties": { @@ -456,6 +577,66 @@ } } } + }, + { + "if": { + "properties": { + "type": { + "const": "syslog" + } + } + }, + "then": { + "properties": { + "type": { + "const": "syslog" + }, + "options": { + "type": "object", + "properties": { + "host": { + "type": "string" + }, + "port": { + "type": "integer" + }, + "protocol": { + "type": "string", + "enum": [ + "udp", + "tcp", + "tls" + ] + } + }, + "if": { + "properties": { + "protocol": { + "const": "tls" + } + } + }, + "then": { + "properties": { + "trustcacerts": { + "type": "boolean" + }, + "trust": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "required": [ + "host", + "port", + "protocol" + ] + } + } + } } ] } @@ -470,6 +651,8 @@ "enum": [ "apicurio-registry", "apicurio", + "aws-glue", + "confluent-schema-registry", "filesystem", "inline", "karapace-schema-registry", @@ -543,6 +726,62 @@ "additionalProperties": false } }, + { + "if": { + "properties": { + "type": { + "const": "aws-glue" + } + } + }, + "then": { + "properties": { + "type": { + "const": "aws-glue" + }, + "options": { + "properties": { + "registry": { + "type": "string" + }, + "max-age": { + "title": "Max Age", + "type": "number", + "default": 300 + }, + "compression": { + "enum": [ + "none", + "zlib" + ] + } + }, + "additionalProperties": false + } + }, + "additionalProperties": false + } + }, + { + "if": { + "properties": { + "type": { + "const": "confluent-schema-registry" + } + } + }, + "then": { + "properties": { + "type": { + "const": "confluent-schema-registry" + }, + "options": { + "$ref": "#/$defs/options/catalog/schema-registry" + } + }, + "additionalProperties": false + } + }, { "if": { "properties": { @@ -945,7 +1184,7 @@ "extract-headers": { "type": "object", "patternProperties": { - "^[a-zA-Z]+[a-zA-Z0-9\\._\\-]*$": { + "^[a-zA-Z:]+[a-zA-Z0-9\\._\\-:]*$": { "type": "string", "pattern": "^\\$\\{message\\.(key|value)\\.([A-Za-z_][A-Za-z0-9_]*)\\}$" } @@ -967,7 +1206,7 @@ "extract-headers": { "type": "object", "patternProperties": { - "^[a-zA-Z]+[a-zA-Z0-9\\._\\-]*$": { + "^[a-zA-Z:]+[a-zA-Z0-9\\._\\-:]*$": { "type": "string", "pattern": "^\\$\\{message\\.(key|value)\\.([A-Za-z_][A-Za-z0-9_]*)\\}$" } @@ -1236,11 +1475,13 @@ "http-kafka", "kafka", "kafka-grpc", + "kafka-proxy", "mqtt", "mqtt-kafka", "openapi", "openapi-asyncapi", "pgsql", + "pgsql-kafka", "proxy", "risingwave", "sse", @@ -3094,6 +3335,85 @@ ] } }, + { + "if": { + "properties": { + "type": { + "const": "kafka-proxy" + } + } + }, + "then": { + "properties": { + "type": { + "const": "kafka-proxy" + }, + "kind": { + "enum": [ + "proxy" + ] + }, + "vault": false, + "options": { + "properties": { + "external": { + "type": "object", + "properties": { + "host": { + "title": "Host", + "type": "string", + "pattern": "^[^:]+(?::(\\d+)\\+)?$" + }, + "port": { + "title": "Port", + "type": "integer" + } + }, + "required": [ + "host", + "port" + ], + "additionalProperties": false + }, + "internal": { + "type": "object", + "properties": { + "host": { + "title": "Host", + "type": "string", + "pattern": "^[^:]+$" + }, + "port": { + "title": "Port", + "type": "integer" + }, + "default": { + "title": "Default", + "type": "string", + "pattern": "^[^:]+$" + } + }, + "required": [ + "host", + "port" + ], + "additionalProperties": false + } + }, + "additionalProperties": false, + "required": [ + "internal", + "external" + ] + }, + "routes": false + }, + "required": [ + "options", + "exit" + ] + } + }, { "if": { "properties": { @@ -3151,7 +3471,8 @@ "properties": { "topic": { "title": "Topic", - "type": "string" + "type": "string", + "pattern": "^(\\/?([\\w{}-]*|\\+)(\\/((?![-_])[\\w{}-]*|\\+))*(\\/#)?|#|\\/|\\$SYS(\\/((?![-_])[\\w{}-]*|\\+))*(\\/#)?)$" } } } @@ -3165,7 +3486,8 @@ "properties": { "topic": { "title": "Topic", - "type": "string" + "type": "string", + "pattern": "^(\\/?([\\w{}-]*|\\+)(\\/((?![-_])[\\w{}-]*|\\+))*(\\/#)?|#|\\/|\\$SYS(\\/((?![-_])[\\w{}-]*|\\+))*(\\/#)?)$" } } } @@ -3366,13 +3688,15 @@ "properties": { "topic": { "title": "Topic", - "type": "string" + "type": "string", + "pattern": "^(\\/?([\\w{}-]*|\\+)(\\/((?![-_])[\\w{}-]*|\\+))*(\\/#)?|#|\\/|\\$SYS(\\/((?![-_])[\\w{}-]*|\\+))*(\\/#)?)$" } }, "additionalProperties": false } } - } + }, + "additionalProperties": false }, { "properties": { @@ -3384,13 +3708,15 @@ "properties": { "topic": { "title": "Topic", - "type": "string" + "type": "string", + "pattern": "^(\\/?([\\w{}-]*|\\+)(\\/((?![-_])[\\w{}-]*|\\+))*(\\/#)?|#|\\/|\\$SYS(\\/((?![-_])[\\w{}-]*|\\+))*(\\/#)?)$" } }, "additionalProperties": false } } - } + }, + "additionalProperties": false } ] } @@ -3742,6 +4068,34 @@ ] } }, + { + "if": { + "properties": { + "type": { + "const": "pgsql-kafka" + } + } + }, + "then": { + "properties": { + "type": { + "const": "pgsql-kafka" + }, + "kind": { + "enum": [ + "proxy" + ] + }, + "vault": false, + "options": false, + "routes": false, + "required": [ + "catalog", + "exit" + ] + } + } + }, { "if": { "properties": { @@ -3931,6 +4285,31 @@ "$ref": "#/$defs/converter" } } + }, + "udf": { + "title": "UDF", + "type": "array", + "items": { + "type": "object", + "properties": { + "server": { + "title": "Server", + "type": "string", + "pattern": "^([a-zA-Z0-9\\\\.-]+)(:(\\\\{[a-zA-Z_]+\\\\}|[0-9]+))?$" + }, + "language": { + "title": "Language", + "type": "string", + "default": "java", + "enum": [ + "java", + "python" + ] + } + }, + "additionalProperties": false + }, + "minItems": 1 } }, "additionalProperties": false @@ -3948,7 +4327,8 @@ "items": { "type": "string", "enum": [ - "CREATE TOPIC" + "CREATE TOPIC", + "DROP TOPIC" ] } } diff --git a/src/how-tos/zilla-plus-aws-ecs-fargate.md b/src/how-tos/zilla-plus-aws-ecs-fargate.md index 70c1a7cb..1b017157 100644 --- a/src/how-tos/zilla-plus-aws-ecs-fargate.md +++ b/src/how-tos/zilla-plus-aws-ecs-fargate.md @@ -38,85 +38,90 @@ This Guide will walk you through deploying your first service on AW - Create the below `Dockerfile` with the container image using the version tag you got from the previous steps. Use the `COPY` instruction to add the `zilla.yaml` below to your container image. -::: code-tabs -@tab Dockerfile + ::: code-tabs + + @tab Dockerfile + + ```Dockerfile + FROM 709825985650.dkr.ecr.us-east-1.amazonaws.com/aklivity/zilla-plus-ecr:-alpine + + COPY ./zilla.yaml /etc/zilla/zilla.yaml + ``` + + @tab zilla.yaml + + ```yaml + --- + name: http-echo + bindings: + north_tcp_server: + type: tcp + kind: server + options: + host: 0.0.0.0 + port: + - 7114 + routes: + - when: + - port: 7114 + exit: north_http_server + north_http_server: + type: http + kind: server + routes: + - when: + - headers: + :scheme: http + exit: north_echo_server + north_echo_server: + type: echo + kind: server + telemetry: + exporters: + stdout_logs_exporter: + type: stdout + ``` + + ::: + +- Optionally add files, any other files used in your `zilla.yaml` can be added to the container in the same directory as the `zilla.yaml` config. + + ```Dockerfile + COPY ./zilla.yaml /etc/zilla/zilla.yaml + COPY ./tls /etc/zilla/tls + COPY ./specs /etc/zilla/specs + ``` -```Dockerfile -FROM 709825985650.dkr.ecr.us-east-1.amazonaws.com/aklivity/zilla-plus-ecr:-alpine - -COPY ./zilla.yaml /etc/zilla/zilla.yaml -``` - -@tab zilla.yaml - -```yaml ---- -name: http-echo -bindings: - north_tcp_server: - type: tcp - kind: server - options: - host: 0.0.0.0 - port: - - 7114 - routes: - - when: - - port: 7114 - exit: north_http_server - north_http_server: - type: http - kind: server - routes: - - when: - - headers: - :scheme: http - exit: north_echo_server - north_echo_server: - type: echo - kind: server -telemetry: - exporters: - stdout_logs_exporter: - type: stdout -``` +- Build your image to be pushed to [Amazon ECR](https://docs.aws.amazon.com/AmazonECR/latest/userguide/docker-push-ecr-image.html) or another registry. -::: + ::: important Before you build -::: note Adding other files + - Make sure you are logged in to the `Zilla Plus` registry to pull the base image. This is a separate log in action from any other registries (ex. If you are pushing the built image to Amazon ECR). -Any other files used in your `zilla.yaml` can be added to the container in the same directory as the `zilla.yaml` config. + ```bash + aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin 709825985650.dkr.ecr.us-east-1.amazonaws.com + ``` -```Dockerfile -COPY ./zilla.yaml /etc/zilla/zilla.yaml -COPY ./tls /etc/zilla/tls -COPY ./specs /etc/zilla/specs -``` + - Confirm the CPU Architecture you need. Use the `docker build --platform` option to match the desired [cpuArchitecture](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RuntimePlatform.html#API_RuntimePlatform_Contents) that you can configure in your ECS task. -::: + ::: -- Build your image to be pushed to [Amazon ECR](https://docs.aws.amazon.com/AmazonECR/latest/userguide/docker-push-ecr-image.html) or another registry. - -```bash -docker build -t zp-example/http-echo:v1 . -``` - -::: important Build with the correct Architecture -Use the `docker build --platform` option to match the desired [cpuArchitecture](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RuntimePlatform.html#API_RuntimePlatform_Contents) that you can configure in your ECS task. -::: + ```bash + docker build -t zp-example/http-echo:v1 . + ``` - Tag your image with the remote repository name and tag. -```bash -docker tag zp-example/http-echo:v1 [your-registry-url]/zp-example/http-echo:v1 -``` + ```bash + docker tag zp-example/http-echo:v1 [your-registry-url]/zp-example/http-echo:v1 + ``` - Push your image to your remote repository. -```bash -docker push [your-registry-url]/zp-example/http-echo:v1 -``` + ```bash + docker push [your-registry-url]/zp-example/http-echo:v1 + ``` ## Create an AWS ECS Fargate Task for your service @@ -124,93 +129,93 @@ docker push [your-registry-url]/zp-example/http-echo:v1 - Create an IAM role for the Task. This role will be used by the running container. -::: tabs + ::: tabs -@tab Task role + @tab Task role -Name: + Name: -```text -ecsTaskRole_ZillaPlus -``` + ```text + ecsTaskRole_ZillaPlus + ``` -Policies: + Policies: -```text -AWSMarketplaceMeteringFullAccess -AWSMarketplaceMeteringRegisterUsage -``` + ```text + AWSMarketplaceMeteringFullAccess + AWSMarketplaceMeteringRegisterUsage + ``` -::: + ::: - If you used the Amazon ECR as your image repository, create a role with the `AmazonECSTaskExecutionRolePolicy` permission and use it as the `Task execution role` when creating the Task. -::: tabs + ::: tabs -@tab Task execution role + @tab Task execution role -Name: + Name: -```text -ecsTaskExecutionRole -``` + ```text + ecsTaskExecutionRole + ``` -Policies: + Policies: -```text -AmazonECSTaskExecutionRolePolicy -``` + ```text + AmazonECSTaskExecutionRolePolicy + ``` -::: + ::: - [Create a new Task Definition](https://us-east-1.console.aws.amazon.com/ecs/v2/create-task-definition-with-json) from JSON - Substitute ``, ``, and `` for their respective values. -::: code-tabs - -@tab Task Definition JSON - -```json -{ - "family": "zilla-plus-http-echo-fargate", - "networkMode": "awsvpc", - "containerDefinitions": [ - { - "name": "zp-http-echo", - "image": "/zp-example/http-echo:v1", - "portMappings": [ - { - "name": "http", - "containerPort": 7114, - "hostPort": 7114, - "protocol": "tcp", - "appProtocol": "http" - } - ], - "essential": true, - "command": ["start", "-v", "-e"], - "logConfiguration": { - "logDriver": "awslogs", - "options": { - "awslogs-group": "/ecs/", - "mode": "non-blocking", - "awslogs-create-group": "true", - "max-buffer-size": "25m", - "awslogs-region": "us-east-1", - "awslogs-stream-prefix": "ecs" + ::: code-tabs + + @tab Task Definition JSON + + ```json + { + "family": "zilla-plus-http-echo-fargate", + "networkMode": "awsvpc", + "containerDefinitions": [ + { + "name": "zp-http-echo", + "image": "/zp-example/http-echo:v1", + "portMappings": [ + { + "name": "http", + "containerPort": 7114, + "hostPort": 7114, + "protocol": "tcp", + "appProtocol": "http" + } + ], + "essential": true, + "command": ["start", "-v", "-e"], + "logConfiguration": { + "logDriver": "awslogs", + "options": { + "awslogs-group": "/ecs/", + "mode": "non-blocking", + "awslogs-create-group": "true", + "max-buffer-size": "25m", + "awslogs-region": "us-east-1", + "awslogs-stream-prefix": "ecs" + } } } - } - ], - "requiresCompatibilities": ["FARGATE"], - "taskRoleArn": "", - "executionRoleArn": "", - "cpu": "1 vCPU", - "memory": "3 GB" -} -``` + ], + "requiresCompatibilities": ["FARGATE"], + "taskRoleArn": "", + "executionRoleArn": "", + "cpu": "1 vCPU", + "memory": "3 GB" + } + ``` -::: + ::: ## Create a Service from your AWS ECS Fargate Task @@ -219,12 +224,14 @@ AmazonECSTaskExecutionRolePolicy - [Create a Service](https://us-east-1.console.aws.amazon.com/ecs/v2/clusters/my-ecs-cluster/create-service) from your new task. - Deployment configuration: - Family: `zilla-plus-http-echo-fargate` - - Service name: `Your Zilla Plus HTTP Echo service` + - Service name: `my_zilla_plus_service` - Network configuration: - Set the VPC to be the Same as your ECS Cluster. - - Make sure the security group allows traffic over the ports defined `portMappings` of the service. - Select the Public subnets. - Make sure the `Public IP` flag to true. + ::: important Open Service Ports + Make sure the security group allows traffic over the ports defined in the `portMappings` of the service. + ::: - `Create` the Service. ## Verify your service is running @@ -236,13 +243,13 @@ Once the service has started with all tasks succeeding, you will see the