拉代码
# 拉取代码
git clone https://github.com/apache/gravitino.git
# 进入
gravitino/dev/charts/gravitino
创建数据库
CREATE DATABASE gravitino; -- 主服务用
CREATE DATABASE iceberg; -- Iceberg REST用
-- 1. 先创建用户(如果已存在会提示,忽略即可)
CREATE USER IF NOT EXISTS 'gravitino'@'%' IDENTIFIED BY 'gravitino';
CREATE USER IF NOT EXISTS 'iceberg'@'%' IDENTIFIED BY 'iceberg';
-- 2. 授权 gravitino,iceberg 库(主服务用)
GRANT ALL PRIVILEGES ON gravitino.* TO 'iceberg'@'%';
GRANT ALL PRIVILEGES ON iceberg.* TO 'iceberg'@'%';
GRANT ALL PRIVILEGES ON gravitino.* TO 'gravitino'@'%';
GRANT ALL PRIVILEGES ON iceberg.* TO 'gravitino'@'%';
-- 4. 刷新权限(必须执行!)
FLUSH PRIVILEGES;
部署gravition
gravitino 和 iceberg restcatalog 我要分开部署。因为两个服务互不影响。
gravitino的数据库
使用外部的数据库需要初始化
values.yaml
#
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
#
global:
# Set if you want to change the default docker registry, e.g. a private one.
# imageRegistry: myRegistryName
## Optionally specify an array of pullSecrets (secrets must be manually created in the namespace)
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
## Example:
## imagePullSecrets:
## - name: my-registry-secret
##
imagePullSecrets: []
image:
registry: docker.io
repository: apache/gravitino
tag: 1.3.0-SNAPSHOT
pullPolicy: IfNotPresent
## MySQL chart configuration
## ref: https://github.com/bitnami/charts/blob/main/bitnami/mysql/values.yaml
##
mysql:
## @param mysql.enabled Deploy MySQL container(s)
##
enabled: false
## Bitnami MySQL image version
## ref: https://hub.docker.com/r/bitnami/mysql/tags/
## @param image.registry MySQL image registry
## @param image.repository MySQL image repository
## @param image.tag MySQL image tag
##
image:
repository: bitnamilegacy/mysql
tag: 8.0.36-debian-12-r12
## MySQL Authentication parameters
##
auth:
## @param auth.rootPassword Password for the `root` user.
##
rootPassword: admin
## @param auth.createDatabase Whether to create the .Values.auth.database or not
##
createDatabase: true
## @param auth.database Name for a custom database to create
##
database: gravitino
## @param auth.username Name for a custom user to create
##
username: gravitino
## @param auth.password Password for the new user.
##
password: gravitino
## PostgreSQL chart configuration
## ref: https://github.com/bitnami/charts/blob/master/bitnami/postgresql/values.yaml
##
postgresql:
## @param postgresql.enabled Deploy PostgreSQL container(s)
##
enabled: false
## Bitnami PostgreSQL image version
## ref: https://hub.docker.com/r/bitnami/postgresql/tags/
## @param image.registry PostgreSQL image registry
## @param image.repository PostgreSQL image repository
## @param image.tag PostgreSQL image tag (immutable tags are recommended)
##
image:
registry: docker.io
repository: bitnamilegacy/postgresql
tag: 16.3.0-debian-12-r10
auth:
## @param auth.username Name for a custom user to create
##
username: gravitino
## @param auth.password Password for the custom user to create
##
password: gravitino
## @param auth.database Name for a custom database to create
##
database: gravitino
## @param auth.existingSecret Name of existing secret to use for PostgreSQL credentials
## `auth.postgresPassword`, `auth.password`, and `auth.replicationPassword` will be ignored and picked up from this secret
## The secret must contain the keys `postgres-password` (which is the password for "postgres" admin user),
## `password` (which is the password for the custom user to create when `auth.username` is set),
## and `replication-password` (which is the password for replication user).
## The secret might also contains the key `ldap-password` if LDAP is enabled. `ldap.bind_password` will be ignored and
## picked from this secret in this case.
## The value is evaluated as a template.
##
existingSecret: ""
## THE CONFIGURATION FOR Gravitino ENTITY STORE
##
entity:
## The entity store to use, we only supports relational
##
store: relational
maxTransactionSkewTimeMs: 2000
deleteAfterTimeMs: 604800000
versionRetentionCount: 1
## The backend for the entity store, we only supports JDBC
##
relationalBackend: JDBCBackend
## The JDBC URL for the entity store
##
jdbcUrl: jdbc:mysql://10.0.0.2:3306/gravitino?useSSL=false&allowPublicKeyRetrieval=true
## The JDBC driver class name
##
jdbcDriver: com.mysql.cj.jdbc.Driver
## The JDBC user name
##
jdbcUser: gravitino
## The JDBC password
##
jdbcPassword: gravitino
storagePath: /root/gravitino/data/jdbc
## THE CONFIGURATION FOR Gravitino SERVER
##
server:
shutdownTimeout: 3000
rest:
extensionPackages: ""
## THE CONFIGURATION FOR Gravitino WEB SERVER
##
webserver:
## The host name of the built-in web server
##
host: 0.0.0.0
## The http port number of the built-in web server
##
httpPort: 8090
## The min thread size of the built-in web server
##
minThreads: 24
## The max thread size of the built-in web server
##
maxThreads: 200
## The stop timeout of the built-in web server
##
stopTimeout: 30000
## The timeout of idle connections
##
idleTimeout: 30000
## The executor thread pool work queue size of the built-in web server
##
threadPoolWorkQueueSize: 100
## The request header size of the built-in web server
##
requestHeaderSize: 131072
## The response header size of the built-in web server
##
responseHeaderSize: 131072
customFilters: ""
## THE CONFIGURATION FOR Gravitino CATALOG
##
catalog:
## The interval in milliseconds to evict the catalog cache
##
cacheEvictionIntervalMs: 3600000
## THE CONFIGURATION FOR Gravitino ENTITY CACHE
##
cache:
## Enable/disable the entity cache
##
enabled: true
## Max number of cache entries
##
maxEntries: 10000
## TTL for cache entries in ms
##
expireTimeInMs: 3600000
## Enable cache hit/miss stats logging
##
enableStats: false
## Use weight-based eviction
##
enableWeigher: true
## Cache backend implementation
##
implementation: caffeine
## THE CONFIGURATION FOR authorization
##
authorization:
## Whether Gravitino enable authorization or not
##
enable: false
## The admins of Gravitino service, multiple admins are spitted by comma.
##
serviceAdmins: anonymous
## THE CONFIGURATION FOR AUXILIARY SERVICE
##
auxService:
## Auxiliary service names, separate by ','
##
names: iceberg-rest
icebergRest:
## Iceberg REST service classpath
##
classpath: "iceberg-rest-server/libs, iceberg-rest-server/conf"
## Iceberg REST service host
##
host: 0.0.0.0
## Iceberg REST service http port
##
httpPort: 9001
## The backend Iceberg catalog for Iceberg REST service, it's recommended to change to hive or jdbc
##
catalogBackend: memory
## The warehouse directory of Iceberg catalog for Iceberg REST service
##
warehouse: /tmp/
## Name of the Iceberg catalog backend
##
# catalogBackendName: memory
## URI for connecting to the catalog backend (e.g., Hive Metastore Thrift URI)
##
# uri: thrift://localhost:9083
## JDBC connection configuration for jdbc catalog backend (if applicable)
##
# jdbc:
# user: "user name"
# password: "password"
# ## Whether to initialize the Iceberg meta tables in RDBMS
# ##
# initialize: True
# ## JDBC driver class name
# ##
# driver: "com.mysql.cj.jdbc.Driver"
# ## Schema version for JDBC catalog (required for view support)
# ##
# schemaVersion: "V1"
## Implementation class for Iceberg file I/O operations
##
# ioImpl: "org.apache.iceberg.aws.s3.S3FileIO"
## Comma-separated list of credential providers.
##
# credentialProviders: "s3-token"
## S3 storage configuration
##
# s3:
# accessKeyId: ""
# secretAccessKey: ""
# ## Whether to use path-style access instead of virtual hosted-style access
# ##
# pathStyleAccess:
# roleArn:
# endpoint:
# region:
# externalId:
# tokenServiceEndpoint:
## OSS storage configuration
##
# oss:
# accessKeyId: ""
# secretAccessKey: ""
# endpoint: ""
# region: ""
# roleArn:
# externalId:
## Azure Blob Storage configuration
##
# azure:
# storageAccountName: ""
# storageAccountKey: ""
# tenantId: ""
# clientId: ""
# clientSecret: ""
## No need to configure extra Google Cloud Storage configuration
##
## Catalog configuration provider class name
##
# catalogConfigProvider: "static-config-provider"
## Dynamic configuration provider settings
##
# dynamicConfigProvider:
# ## URI of the Gravitino server
# ##
# uri: "http://localhost:8090"
# ## Name of the metalake
# ##
# metalake: "test"
# ## Default catalog name for operations
# ##
# defaultCatalogName: "catalog name"
## Authentication mechanisms configuration. Support simple, OAuth and Kerberos.
##
authenticators: simple
## OAuth mode configuration
##
authenticator:
oauth:
serviceAudience: test
defaultSignKey: ""
serverUri: ""
tokenPath: /realms/myrealm/protocol/openid-connect/token
## Audit log configuration
##
audit:
enabled: false
writer:
file:
fileName: gravitino_audit.log
flushIntervalSecs: 10
append: true
## Metrics configuration
##
metrics:
timeSlidingWindowSecs: 60
## Custom Gravitino configuration items
##
visibleConfigs: ""
# visibleConfigs: "gravitino.datastrato.custom.authorization.ranger.admin.url,gravitino.datastrato.custom.authorization.ranger.username,gravitino.datastrato.custom.authorization.ranger.password,gravitino.datastrato.custom.authorization.ranger.auth.type"
visibleConfigsItems: {}
# gravitino.datastrato.custom.authorization.ranger.admin.url: "http://ranger:6080"
# gravitino.datastrato.custom.authorization.ranger.username: admin
# gravitino.datastrato.custom.authorization.ranger.password: "rangerR0cks!"
# gravitino.datastrato.custom.authorization.ranger.auth.type: simple
## Additional Gravitino configuration items in gravitino.conf can be added
##
additionalConfigItems: {}
# gravitino.eventListener.names: "audit,sync"
## Additional volumes
##
extraVolumes:
- name: gravitino-log
emptyDir: {}
## Additional volume mounts
##
extraVolumeMounts:
- name: gravitino-log
mountPath: /root/gravitino/logs
## ref: https://kubernetes.io/docs/concepts/storage/persistent-volumes/
## If you set enabled as "True", you need :
## - create a pv which above 10Gi
## - keep storageClassName same with below setting
##
persistence:
enabled: false
accessModes:
- ReadWriteOnce
size: 10Gi
labels: {}
annotations: {}
# existingClaim:
# $storageClassName: "local-storage"
## Gravitino log4j2 configuration items in log4j2.properties can be customized
##
log4j2Properties: {}
# status: warn
## Log files location
# basePath: "${sys:gravitino.log.path}"
# serverName: "${sys:gravitino.server.name}"
## RollingFileAppender name, pattern, path and rollover policy
# rollingAppenderType: RollingFile
# rollingAppenderName: fileLogger
# rollingAppenderFileName: "${basePath}/${serverName}.log"
# rollingAppenderFilePattern: "${basePath}/${serverName}_%d{yyyyMMdd}.log.gz"
# rollingAppenderLayoutType: PatternLayout
# rollingAppenderLayoutPattern: "%d{yyyy-MM-dd HH:mm:ss.SSS} %level [%t] [%l] - %msg%n"
# rollingAppenderPoliciesType: Policies
## RollingFileAppender rotation policy
# rollingAppenderPoliciesSizeType: SizeBasedTriggeringPolicy
# rollingAppenderPoliciesSizeSize: 10MB
# rollingAppenderPoliciesTimeType: TimeBasedTriggeringPolicy
# rollingAppenderPoliciesTimeInterval: 1
# rollingAppenderPoliciesTimeModulate: true
# rollingAppenderStrategyType: DefaultRolloverStrategy
# rollingAppenderStrategyDeleteType: Delete
# rollingAppenderStrategyDeleteBasePath: "${basePath}"
# rollingAppenderStrategyDeleteMaxDepth: 10
# rollingAppenderStrategyDeleteIfLastModifiedType: IfLastModified
## Delete all files older than 30 days
# rollingAppenderStrategyDeleteIfLastModifiedAge: 30d
## Configure root logger
# rootLoggerLevel: info
# rootLoggerAppenderRefRollingRef: fileLogger
## Additional log4j2 configuration items in log4j2.properties can be added
##
additionalLog4j2Properties:
appender.console.type: Console
appender.console.name: consoleLogger
appender.console.layout.type: PatternLayout
appender.console.layout.pattern: "%d{yyyy-MM-dd HH:mm:ss} %-5p [%t] %c{1}:%L - %m%n"
rootLogger.appenderRef.console.ref: consoleLogger
initScript: |
cp /tmp/conf/* ${GRAVITINO_HOME}/conf
echo "Start the Gravitino Server"
/bin/bash ${GRAVITINO_HOME}/bin/gravitino.sh run
## Expose the gravitino service to be accessed from outside the cluster (LoadBalancer service).
## or access it from within the cluster (ClusterIP service). Set the service type and the port to serve it.
## ref: http://kubernetes.io/docs/user-guide/services/
##
service:
name: gravitino
type: ClusterIP
port: 8090
targetPort: 8090
annotations: {}
labels: {}
portName: http
nodePort: ""
## Additional ports to the gravitino services. Useful to expose extra container ports.
##
extraExposePorts:
- port: 9001
protocol: TCP
name: http1
targetPort: 9001
ingress:
enabled: true
className: "nginx"
annotations: {}
# kubernetes.io/tls-acme: "true"
hosts:
- host: gravitino.cyan.com
paths:
- path: /
pathType: ImplementationSpecific
tls: []
# - secretName: chart-gravitino-tls
# hosts:
# - chart-gravitino.local
## Deployment annotations
##
annotations: {}
## Service account name for the Gravitino pod
##
serviceAccountName: default
## Deployment replicas
##
replicas: 1
## Pod Annotations
##
podAnnotations: {}
## Pod Labels
##
podLabels: {}
## Readiness probe for the Gravitino deployment
##
readinessProbe:
httpGet:
path: /
port: http
initialDelaySeconds: 20
timeoutSeconds: 5
## Liveness probe for the Gravitino deployment
##
livenessProbe:
httpGet:
path: /
port: http
initialDelaySeconds: 20
timeoutSeconds: 5
## Container-specific security context configuration
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
##
containerSecurityContext:
runAsNonRoot: false
runAsUser: 0
## Container Environment
##
env:
- name: GRAVITINO_HOME
value: /root/gravitino
- name: GRAVITINO_MEM
value: "-Xms1024m -Xmx1024m -XX:MaxMetaspaceSize=512m"
## The envWithTpl array below has the same usage as "env", but is using the tpl function to support templatable string.
## This can be useful when you want to pass dynamic values to the Chart using the helm argument "--set <variable>=<value>"
## https://helm.sh/docs/howto/charts_tips_and_tricks/#using-the-tpl-function
##
envWithTpl: []
# - name: FOO_2
# value: "{{ .Values.foo2 }}"
# foo2: bar2
envFrom: []
## Resource limits & requests
##
resources: {}
# requests:
# cpu: 1000m
# memory: 2Gi
# limits:
# cpu: 2000m
# memory: 3Gi
initResources: {}
# limits:
# cpu: "25m"
# memory: "128Mi"
# requests:
# cpu: "25m"
# memory: "128Mi"
## Node labels for pod assignment
## ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
## Tolerations for pod assignment
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
## Affinity for pod assignment (evaluated as template)
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
##
affinity: {}
## PodDisruptionBudget configuration
## PodDisruptionBudgets limit the number of pods that can be down simultaneously during voluntary disruptions
## (such as node drains, cluster upgrades, or pod evictions), ensuring high availability and service continuity.
## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/
##
podDisruptionBudget:
## @param podDisruptionBudget.enabled Enable PodDisruptionBudget creation
## Set to true to create a PodDisruptionBudget resource for the Gravitino deployment
##
enabled: false
## @param podDisruptionBudget.minAvailable Minimum number/percentage of pods that must remain available
## Specify either an integer (e.g., 1, 2) or a percentage string (e.g., "50%")
## This ensures at least this many pods stay running during voluntary disruptions
##
## Examples:
## minAvailable: 1 # At least 1 pod must remain available
## minAvailable: 2 # At least 2 pods must remain available
## minAvailable: "50%" # At least 50% of pods must remain available
##
## When to use minAvailable:
## - Use when you want to guarantee a minimum number of pods stay running
## - Recommended for production deployments to ensure service availability
## - With single replica (replicas: 1), minAvailable: 1 prevents all voluntary disruptions
## - With multiple replicas, allows disruptions while maintaining minimum availability
## - Only used when podDisruptionBudget.enabled: true. Set explicitly when enabling PDB.
##
minAvailable: 1
## @param podDisruptionBudget.maxUnavailable Maximum number/percentage of pods that can be unavailable
## Specify either an integer (e.g., 1, 2) or a percentage string (e.g., "50%")
## This limits how many pods can be down simultaneously during voluntary disruptions
##
## Examples:
## maxUnavailable: 1 # At most 1 pod can be unavailable
## maxUnavailable: 2 # At most 2 pods can be unavailable
## maxUnavailable: "25%" # At most 25% of pods can be unavailable
##
## When to use maxUnavailable:
## - Use when you want to control the rate of disruptions
## - Useful for rolling updates and gradual scaling operations
## - More flexible than minAvailable when scaling up/down
##
## IMPORTANT: Specify either minAvailable OR maxUnavailable, not both
## If both are specified, Kubernetes will reject the PodDisruptionBudget and fail with an API validation error
##
maxUnavailable: ""
## @param podDisruptionBudget.labels Additional labels to apply to the PodDisruptionBudget resource
## These labels are merged with the default Helm labels
##
labels: {}
# custom-label: value
## @param podDisruptionBudget.annotations Additional annotations to apply to the PodDisruptionBudget resource
## Useful for adding metadata or integration with other tools
##
annotations: {}
# custom-annotation: value
## Relationship between PDB and replica count:
## - Single replica (replicas: 1) + minAvailable: 1 = No voluntary disruptions allowed
## This prevents node drains and upgrades from evicting the only pod
## - Multiple replicas (replicas: 3) + minAvailable: 2 = At least 2 pods must stay running
## Allows 1 pod to be disrupted at a time for maintenance
## - Multiple replicas (replicas: 3) + maxUnavailable: 1 = At most 1 pod can be down
## Equivalent to minAvailable: 2 in this case
##
## Best practices:
## - For production: Enable PDB with appropriate minAvailable or maxUnavailable
## - For development/testing: Keep PDB disabled (default) for faster iterations
## - Consider your replica count when setting PDB values
## - Test PDB behavior in staging before applying to production
extraVolumes:
- name: extra-libs
hostPath:
# 物理机真实路径(绝对路径)
path: /home/cy/workspace/k8s-helm/graviitno/volumes/gravitino/gravitino-1.2.0-bin/catalogs/lakehouse-iceberg/libs
type: Directory
extraVolumeMounts:
- name: extra-libs
# 容器内部 lib 目录(自动加载jar包)
mountPath: /root/gravitino/catalogs/lakehouse-iceberg/libs
把缺少的jar包放进libs目录下,jar包太多了不上传了,直接下载官网的bin然后复制里面的libs文件夹
helm dependency build
❯ vim install.sh
❯ chmod +x install.sh
❯ cat install.sh
helm install gravitino . -n gravitino --create-namespace
部署iceberg restcatalog
下载驱动
❯ cd graviitno
❯ tree volumes
volumes
└── gravitino-iceberg-rest-server
└── libs
├── aircompressor-0.27.jar
├── antlr-runtime-3.5.2.jar
📎gravitino-iceberg-rest-server.zip
values.yaml
坑在前面: 在values.yaml中官网的ingress配置服务名和svc的服务名不同。我们单独写个ingress.yaml
我们要使用jdbc和s3需要绑定jar包。我们直接加载物理机的文件夹
#
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
#
replicas: 2
image:
repository: apache/gravitino-iceberg-rest
tag: 1.3.0-SNAPSHOT
pullPolicy: IfNotPresent
## Optionally specify an array of pullSecrets (secrets must be manually created in the namespace)
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
## Example:
## pullSecrets:
## - myRegistryKeySecretName
##
pullSecrets: []
nameOverride: ""
fullnameOverride: ""
icebergRest:
# THE CONFIGURATION FOR Iceberg REST SERVER
shutdownTimeout: 3000
# THE CONFIGURATION FOR Iceberg REST WEB SERVER
# The host name of the built-in web server
host: 0.0.0.0
# The http port number of the built-in web server
httpPort: 9001
# The min thread size of the built-in web server
minThreads: 24
# The max thread size of the built-in web server
maxThreads: 200
# The stop timeout of the built-in web server
stopTimeout: 30000
# The timeout of idle connections
idleTimeout: 30000
# The executor thread pool work queue size of the built-in web server
threadPoolWorkQueueSize: 100
# The request header size of the built-in web server
requestHeaderSize: 131072
# The response header size of the built-in web server
responseHeaderSize: 131072
## The backend Iceberg catalog for Iceberg REST service, it's recommended to change to hive or jdbc
catalogBackend: jdbc
## The warehouse directory of Iceberg catalog for Iceberg REST service
#warehouse: /tmp/
warehouse: s3://warehouse
## Name of the Iceberg catalog backend
##
# catalogBackendName: memory
## URI for connecting to the catalog backend (e.g., Hive Metastore Thrift URI)
##
uri: jdbc:mysql://10.0.0.2:3306/iceberg?useSSL=false&allowPublicKeyRetrieval=true
## JDBC connection configuration for jdbc catalog backend (if applicable)
##
jdbc:
user: "iceberg"
password: "iceberg"
## Whether to initialize the Iceberg meta tables in RDBMS
##
initialize: True
## JDBC driver class name
##
driver: "com.mysql.cj.jdbc.Driver"
## Schema version for JDBC catalog (required for view support)
##
schemaVersion: "V1"
## Implementation class for Iceberg file I/O operations
##
ioImpl: "org.apache.iceberg.aws.s3.S3FileIO"
## Comma-separated list of credential providers.
##
# credentialProviders: "s3-token"
## S3 storage configuration
##
s3:
accessKeyId: "rustfsadmin"
secretAccessKey: "rustfsadmin"
# ## Whether to use path-style access instead of virtual hosted-style access
# ##
# pathStyleAccess:
# roleArn:
# endpoint:
# region:
# externalId:
# tokenServiceEndpoint:
## OSS storage configuration
##
# oss:
# accessKeyId: ""
# secretAccessKey: ""
# endpoint: ""
# region: ""
# roleArn:
# externalId:
## Azure Blob Storage configuration
##
# azure:
# storageAccountName: ""
# storageAccountKey: ""
# tenantId: ""
# clientId: ""
# clientSecret: ""
## No need to configure extra Google Cloud Storage configuration
##
## Catalog configuration provider class name
##
# catalogConfigProvider: "static-config-provider"
## Dynamic configuration provider settings
##
# dynamicConfigProvider:
# ## URI of the Gravitino server
# ##
# uri: "http://localhost:8090"
# ## Name of the metalake
# ##
# metalake: "test"
# ## Default catalog name for operations
# ##
# defaultCatalogName: "catalog name"
# Rest backend configs.
additionalConfigItems: {}
## THE CONFIGURATION EXAMPLE FOR JDBC CATALOG BACKEND WITH S3 SUPPORT
# gravitino.iceberg-rest.jdbc-driver: org.postgresql.Driver
# gravitino.iceberg-rest.uri: jdbc:postgresql://127.0.0.1:5432/postgres
# gravitino.iceberg-rest.jdbc-user: postgres
# gravitino.iceberg-rest.jdbc-password: abc123
# gravitino.iceberg-rest.jdbc-initialize: true
# change to s3a://test/my/key/prefix for Hive catalog backend
# gravitino.iceberg-rest.warehouse: s3://test/my/key/prefix
# gravitino.iceberg-rest.io-impl: org.apache.iceberg.aws.s3.S3FileIO
# gravitino.iceberg-rest.s3-access-key-id: xxx
# gravitino.iceberg-rest.s3-secret-access-key: xxx
# gravitino.iceberg-rest.s3-endpoint: http://192.168.215.4:9010
# gravitino.iceberg-rest.s3-region: xxx
## Gravitino iceberg catalog server log4j2 configuration items in log4j2.properties can be customized
##
log4j2Properties: {}
# status: warn
## Log files location
# basePath: "${sys:gravitino.log.path}"
# serverName: "${sys:gravitino.server.name}"
## RollingFileAppender name, pattern, path and rollover policy
# rollingAppenderType: RollingFile
# rollingAppenderName: fileLogger
# rollingAppenderFileName: "${basePath}/${serverName}.log"
# rollingAppenderFilePattern: "${basePath}/${serverName}_%d{yyyyMMdd}.log.gz"
# rollingAppenderLayoutType: PatternLayout
# rollingAppenderLayoutPattern: "%d{yyyy-MM-dd HH:mm:ss.SSS} %level [%t] [%l] - %msg%n"
# rollingAppenderPoliciesType: Policies
## RollingFileAppender rotation policy
# rollingAppenderPoliciesSizeType: SizeBasedTriggeringPolicy
# rollingAppenderPoliciesSizeSize: 10MB
# rollingAppenderPoliciesTimeType: TimeBasedTriggeringPolicy
# rollingAppenderPoliciesTimeInterval: 1
# rollingAppenderPoliciesTimeModulate: true
# rollingAppenderStrategyType: DefaultRolloverStrategy
# rollingAppenderStrategyDeleteType: Delete
# rollingAppenderStrategyDeleteBasePath: "${basePath}"
# rollingAppenderStrategyDeleteMaxDepth: 10
# rollingAppenderStrategyDeleteIfLastModifiedType: IfLastModified
## Delete all files older than 30 days
# rollingAppenderStrategyDeleteIfLastModifiedAge: 30d
## Lineage log appender configurations
# lineageFileType: RollingFile
# lineageFileName: lineage_file
# lineageFileFileName: "${basePath}/gravitino_lineage.log"
# lineageFilePattern: "${basePath}/gravitino_lineage_%d{yyyyMMdd}.log.gz"
# lineageFileLayoutType: PatternLayout
# lineageFileLayoutPattern: "[%d{yyyy-MM-dd HH:mm:ss}] %m%n"
## Rollover strategy configurations
# lineageFilePoliciesType: Policies
# lineageFilePoliciesTimeType: TimeBasedTriggeringPolicy
# lineageFilePoliciesTimeInterval: 1
# lineageFilePoliciesTimeModulate: true
# lineageFileStrategyType: DefaultRolloverStrategy
# lineageFileStrategyDeleteType: Delete
# lineageFileStrategyDeleteBasePath: "${basePath}"
# lineageFileStrategyDeleteMaxDepth: 10 # Consider reducing to 1 for security (per previous optimization)
# lineageFileStrategyDeleteIfLastModifiedType: IfLastModified
# lineageFileStrategyDeleteIfLastModifiedAge: 30d
## Lineage logger configurations
# lineageName: org.apache.gravitino.lineage.sink.LineageLogSink$LineageLogger
# lineageLevel: info
# lineageAppenderRefLineageFileRef: lineage_file
# lineageAdditivity: false
## Configure root logger
# rootLoggerLevel: info
# rootLoggerAppenderRefRollingRef: fileLogger
## Additional log4j2 configuration items in log4j2.properties can be added
##
additionalLog4j2Properties:
appender.console.type: Console
appender.console.name: consoleLogger
appender.console.layout.type: PatternLayout
appender.console.layout.pattern: "%d{yyyy-MM-dd HH:mm:ss} %-5p [%t] %c{1}:%L - %m%n"
rootLogger.appenderRef.console.ref: consoleLogger
## Hadoop configuration items in hdfs-site.xml and core-site.xml can be customized
coreSiteProperties: {}
hdfsSiteProperties: {}
serviceAccount:
# Specifies whether a service account should be created
create: false
# Annotations to add to the service account
annotations: {}
# The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
name: ""
annotations: {}
podAnnotations: {}
podSecurityContext: {}
# fsGroup: 2000
## Container-specific security context configuration
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
##
securityContext:
runAsNonRoot: false
runAsUser: 0
# capabilities:
# drop:
# - ALL
# readOnlyRootFilesystem: true
# runAsNonRoot: true
# runAsUser: 1000
## Container Environment
##
env:
- name: GRAVITINO_HOME
value: /root/gravitino-iceberg-rest-server
- name: GRAVITINO_MEM
value: "-Xms1024m -Xmx1024m -XX:MaxMetaspaceSize=512m"
# foo2: bar2
envFrom: []
service:
name: gravitino-iceberg-rest-server
type: ClusterIP
port: 9001
targetPort: 9001
annotations: {}
labels: {}
portName: http
nodePort: ""
initScript: |
echo "Override config."
cp /tmp/conf/* ${GRAVITINO_HOME}/conf
echo "Start the Gravitino Iceberg Rest Catalog Server"
/bin/bash ${GRAVITINO_HOME}/bin/gravitino-iceberg-rest-server.sh run
## Readiness probe for the Gravitino deployment
##
readinessProbe:
httpGet:
path: /iceberg/v1/config
port: http
initialDelaySeconds: 20
timeoutSeconds: 5
## Liveness probe for the Gravitino deployment
##
livenessProbe:
httpGet:
path: /iceberg/v1/config
port: http
initialDelaySeconds: 20
timeoutSeconds: 5
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
## Additional volumes
##
extraVolumes:
- name: gravitino-rest-catalog-server-log
emptyDir: {}
## Additional volume mounts
##
extraVolumeMounts:
- name: gravitino-rest-catalog-server-log
mountPath: /root/gravitino-iceberg-rest-server/logs
ingress:
enabled: false
className: "nginx"
annotations: {}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
# nginx.ingress.kubernetes.io/proxy-http-version: "1.1"
# nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
# nginx.ingress.kubernetes.io/proxy-send-timeout: "3600"
hosts:
- host: iceberg-rest.cyan.com
paths:
- path: /
pathType: ImplementationSpecific
tls: []
# - secretName: chart-gravitino-tls
# hosts:
# - chart-gravitino.local
nodeSelector: {}
tolerations: []
affinity: {}
## PodDisruptionBudget configuration
## PodDisruptionBudgets limit the number of pods that can be down simultaneously during voluntary disruptions
## (such as node drains, cluster upgrades, or pod evictions), ensuring high availability and service continuity.
## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/
##
podDisruptionBudget:
## @param podDisruptionBudget.enabled Enable PodDisruptionBudget creation
## Set to true to create a PodDisruptionBudget resource for the Iceberg REST Server deployment
##
enabled: false
## @param podDisruptionBudget.minAvailable Minimum number/percentage of pods that must remain available
## Specify either an integer (e.g., 1, 2) or a percentage string (e.g., "50%")
## This ensures at least this many pods stay running during voluntary disruptions
##
## Examples:
## minAvailable: 1 # At least 1 pod must remain available
## minAvailable: 2 # At least 2 pods must remain available
## minAvailable: "50%" # At least 50% of pods must remain available
##
## When to use minAvailable:
## - Use when you want to guarantee a minimum number of pods stay running
## - Recommended for production deployments to ensure service availability
## - With single replica (replicas: 1), minAvailable: 1 prevents all voluntary disruptions
## - With multiple replicas, allows disruptions while maintaining minimum availability
## Only used when podDisruptionBudget.enabled is true
##
minAvailable: 1
## @param podDisruptionBudget.maxUnavailable Maximum number/percentage of pods that can be unavailable
## Specify either an integer (e.g., 1, 2) or a percentage string (e.g., "50%")
## This limits how many pods can be down simultaneously during voluntary disruptions
##
## Examples:
## maxUnavailable: 1 # At most 1 pod can be unavailable
## maxUnavailable: 2 # At most 2 pods can be unavailable
## maxUnavailable: "25%" # At most 25% of pods can be unavailable
##
## When to use maxUnavailable:
## - Use when you want to control the rate of disruptions
## - Useful for rolling updates and gradual scaling operations
## - More flexible than minAvailable when scaling up/down
##
## IMPORTANT: Specify either minAvailable OR maxUnavailable, not both
## If both are specified, Kubernetes will reject the PodDisruptionBudget and fail with an API validation error
##
maxUnavailable: ""
## @param podDisruptionBudget.labels Additional labels to apply to the PodDisruptionBudget resource
## These labels are merged with the default Helm labels
##
labels: {}
# custom-label: value
## @param podDisruptionBudget.annotations Additional annotations to apply to the PodDisruptionBudget resource
## Useful for adding metadata or integration with other tools
##
annotations: {}
# custom-annotation: value
## Relationship between PDB and replica count:
## - Single replica (replicas: 1) + minAvailable: 1 = No voluntary disruptions allowed
## This prevents node drains and upgrades from evicting the only pod
## - Multiple replicas (replicas: 3) + minAvailable: 2 = At least 2 pods must stay running
## Allows 1 pod to be disrupted at a time for maintenance
## - Multiple replicas (replicas: 3) + maxUnavailable: 1 = At most 1 pod can be down
## Equivalent to minAvailable: 2 in this case
##
## Best practices:
## - For production: Enable PDB with appropriate minAvailable or maxUnavailable
## - For development/testing: Keep PDB disabled (default) for faster iterations
## - Consider your replica count when setting PDB values
## - Test PDB behavior in staging before applying to production
# 挂载本地Chart目录中的MySQL驱动
extraVolumes:
- name: mysql-driver
hostPath:
# 挂载你Chart里的resources目录(绝对路径,对应你当前目录)
path: /home/cy/workspace/k8s-helm/graviitno/volumes/gravitino-iceberg-rest-server/libs
type: Directory
extraVolumeMounts:
- name: mysql-driver
# 挂载到容器的类加载目录,自动加载驱动
mountPath: /root/gravitino-iceberg-rest-server/libs
部署ingress
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: iceberg-rest-server
namespace: gravitino
annotations:
nginx.ingress.kubernetes.io/proxy-http-version: "1.1"
nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
nginx.ingress.kubernetes.io/proxy-send-timeout: "3600"
spec:
ingressClassName: nginx
rules:
- host: iceberg-rest.cyan.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
# 你的真实服务名
name: gravitino-iceberg-rest-server
port:
# 正确语法!替换旧的 servicePort
number: 9001
helm install iceberg-rest . -f values.yaml -n gravitino
