diff --git a/helm/activemq/.helmignore b/helm/activemq/.helmignore
new file mode 100644
index 00000000000..5206f4e9124
--- /dev/null
+++ b/helm/activemq/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/helm/activemq/Chart.yaml b/helm/activemq/Chart.yaml
new file mode 100644
index 00000000000..057faad2ea0
--- /dev/null
+++ b/helm/activemq/Chart.yaml
@@ -0,0 +1,38 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+apiVersion: v2
+name: activemq
+description: Apache ActiveMQ - the most popular open source, multi-protocol, Java-based message broker
+type: application
+version: 6.3.0-SNAPSHOT
+appVersion: 6.2.1
+home: https://activemq.apache.org/
+icon: https://activemq.apache.org/assets/img/activemq_logo_icon.png
+sources:
+ - https://github.com/apache/activemq
+keywords:
+ - activemq
+ - messaging
+ - jms
+ - broker
+ - amqp
+ - mqtt
+ - stomp
+maintainers:
+ - name: Apache ActiveMQ PMC
+ email: dev@activemq.apache.org
diff --git a/helm/activemq/README.md b/helm/activemq/README.md
new file mode 100644
index 00000000000..b0534aaa9fd
--- /dev/null
+++ b/helm/activemq/README.md
@@ -0,0 +1,309 @@
+
+
+# ActiveMQ Helm Chart
+
+A Helm chart for deploying [Apache ActiveMQ](https://activemq.apache.org/) on Kubernetes.
+
+## Introduction
+
+This chart bootstraps an Apache ActiveMQ broker deployment on a Kubernetes cluster using the [Helm](https://helm.sh) package manager. It deploys ActiveMQ as a StatefulSet with persistent storage for the KahaDB message store.
+
+## Prerequisites
+
+- Kubernetes 1.24+
+- Helm 3.10+
+- PV provisioner support in the underlying infrastructure (if persistence is enabled)
+
+## Installing the Chart
+
+To install the chart with the release name `my-activemq`:
+
+```bash
+helm install my-activemq ./helm/activemq
+```
+
+To install with custom values:
+
+```bash
+helm install my-activemq ./helm/activemq -f my-values.yaml
+```
+
+## Uninstalling the Chart
+
+To uninstall/delete the `my-activemq` deployment:
+
+```bash
+helm uninstall my-activemq
+```
+
+> **Note:** Uninstalling the chart does not delete PersistentVolumeClaims created by the StatefulSet. To delete them:
+> ```bash
+> kubectl delete pvc -l app.kubernetes.io/instance=my-activemq
+> ```
+
+## Configuration
+
+### General
+
+| Parameter | Description | Default |
+|-----------|-------------|---------|
+| `replicaCount` | Number of broker replicas | `1` |
+| `image.repository` | Container image repository | `apache/activemq-classic` |
+| `image.tag` | Image tag (defaults to chart `appVersion`) | `""` |
+| `image.pullPolicy` | Image pull policy | `IfNotPresent` |
+| `imagePullSecrets` | Image pull secrets for private registries | `[]` |
+| `nameOverride` | Override the chart name | `""` |
+| `fullnameOverride` | Override the full release name | `""` |
+| `terminationGracePeriodSeconds` | Graceful shutdown timeout | `60` |
+
+### Broker
+
+| Parameter | Description | Default |
+|-----------|-------------|---------|
+| `broker.credentials.username` | Broker connection username | `admin` |
+| `broker.credentials.password` | Broker connection password | `admin` |
+| `broker.credentials.existingSecret` | Use an existing secret for connection credentials | `""` |
+| `broker.web.username` | Web console username | `admin` |
+| `broker.web.password` | Web console password | `admin` |
+| `broker.web.existingSecret` | Use an existing secret for web credentials | `""` |
+| `broker.jmx.enabled` | Enable JMX | `false` |
+| `broker.jmx.username` | JMX username | `admin` |
+| `broker.jmx.password` | JMX password | `activemq` |
+| `broker.jmx.existingSecret` | Use an existing secret for JMX credentials | `""` |
+| `broker.jvmMemory` | JVM memory options | `"-Xms64M -Xmx1G"` |
+| `broker.jvmOpts` | Additional JVM options | `""` |
+| `broker.activemqXml` | Custom `activemq.xml` content | `""` |
+| `broker.jettyXml` | Custom `jetty.xml` content | `""` |
+| `broker.log4j2Properties` | Custom `log4j2.properties` content | `""` |
+
+### Service
+
+| Parameter | Description | Default |
+|-----------|-------------|---------|
+| `service.type` | Broker service type | `ClusterIP` |
+| `service.annotations` | Broker service annotations | `{}` |
+| `service.openwire.enabled` | Enable OpenWire transport | `true` |
+| `service.openwire.port` | OpenWire service port | `61616` |
+| `service.amqp.enabled` | Enable AMQP transport | `true` |
+| `service.amqp.port` | AMQP service port | `5672` |
+| `service.stomp.enabled` | Enable STOMP transport | `true` |
+| `service.stomp.port` | STOMP service port | `61613` |
+| `service.mqtt.enabled` | Enable MQTT transport | `true` |
+| `service.mqtt.port` | MQTT service port | `1883` |
+| `service.ws.enabled` | Enable WebSocket transport | `true` |
+| `service.ws.port` | WebSocket service port | `61614` |
+
+### Web Console
+
+| Parameter | Description | Default |
+|-----------|-------------|---------|
+| `webConsole.type` | Web console service type | `ClusterIP` |
+| `webConsole.port` | Web console HTTP port | `8161` |
+| `webConsole.annotations` | Web console service annotations | `{}` |
+
+### Ingress
+
+| Parameter | Description | Default |
+|-----------|-------------|---------|
+| `ingress.enabled` | Enable ingress for the web console | `false` |
+| `ingress.className` | Ingress class name | `""` |
+| `ingress.annotations` | Ingress annotations | `{}` |
+| `ingress.hosts` | Ingress hosts configuration | See `values.yaml` |
+| `ingress.tls` | Ingress TLS configuration | `[]` |
+
+### Persistence
+
+| Parameter | Description | Default |
+|-----------|-------------|---------|
+| `persistence.enabled` | Enable persistent storage for KahaDB | `true` |
+| `persistence.storageClassName` | PVC storage class | `""` |
+| `persistence.accessModes` | PVC access modes | `["ReadWriteOnce"]` |
+| `persistence.size` | PVC storage size | `8Gi` |
+| `persistence.annotations` | PVC annotations | `{}` |
+| `persistence.selector` | PVC selector for matching PVs | `{}` |
+
+### Resources and Probes
+
+| Parameter | Description | Default |
+|-----------|-------------|---------|
+| `resources.requests.cpu` | CPU request | `500m` |
+| `resources.requests.memory` | Memory request | `1Gi` |
+| `resources.limits.cpu` | CPU limit | `2` |
+| `resources.limits.memory` | Memory limit | `2Gi` |
+| `startupProbe` | Startup probe (TCP on OpenWire port) | See `values.yaml` |
+| `livenessProbe` | Liveness probe (HTTP on web console) | See `values.yaml` |
+| `readinessProbe` | Readiness probe (TCP on OpenWire port) | See `values.yaml` |
+
+### Security
+
+| Parameter | Description | Default |
+|-----------|-------------|---------|
+| `serviceAccount.create` | Create a service account | `true` |
+| `serviceAccount.annotations` | Service account annotations | `{}` |
+| `serviceAccount.name` | Service account name | `""` |
+| `podSecurityContext.runAsNonRoot` | Run as non-root | `true` |
+| `podSecurityContext.runAsUser` | Run as UID | `1000` |
+| `podSecurityContext.runAsGroup` | Run as GID | `1000` |
+| `podSecurityContext.fsGroup` | Filesystem group | `1000` |
+| `securityContext.allowPrivilegeEscalation` | Allow privilege escalation | `false` |
+| `securityContext.capabilities.drop` | Dropped capabilities | `["ALL"]` |
+
+### Availability
+
+| Parameter | Description | Default |
+|-----------|-------------|---------|
+| `podDisruptionBudget.enabled` | Enable Pod Disruption Budget | `false` |
+| `podDisruptionBudget.minAvailable` | Minimum available pods | `1` |
+
+### Monitoring
+
+| Parameter | Description | Default |
+|-----------|-------------|---------|
+| `serviceMonitor.enabled` | Enable Prometheus ServiceMonitor | `false` |
+| `serviceMonitor.interval` | Scrape interval | `30s` |
+| `serviceMonitor.labels` | Additional ServiceMonitor labels | `{}` |
+
+### Scheduling
+
+| Parameter | Description | Default |
+|-----------|-------------|---------|
+| `nodeSelector` | Node selector | `{}` |
+| `tolerations` | Tolerations | `[]` |
+| `affinity` | Affinity rules | `{}` |
+| `topologySpreadConstraints` | Topology spread constraints | `[]` |
+| `podAnnotations` | Pod annotations | `{}` |
+| `podLabels` | Pod labels | `{}` |
+
+### Extensibility
+
+| Parameter | Description | Default |
+|-----------|-------------|---------|
+| `extraEnv` | Extra environment variables | `[]` |
+| `extraVolumes` | Extra volumes | `[]` |
+| `extraVolumeMounts` | Extra volume mounts | `[]` |
+| `initContainers` | Init containers | `[]` |
+
+## Accessing ActiveMQ
+
+### Web Console
+
+The ActiveMQ Web Console is available on port 8161. To access it locally:
+
+```bash
+kubectl port-forward svc/my-activemq-web 8161:8161
+```
+
+Then open http://localhost:8161 in your browser and log in with the configured credentials (default: `admin`/`admin`).
+
+### Broker Connections
+
+Applications can connect to ActiveMQ using the following protocols from within the cluster:
+
+| Protocol | URL |
+|----------|-----|
+| OpenWire (JMS) | `tcp://my-activemq:61616` |
+| AMQP | `amqp://my-activemq:5672` |
+| STOMP | `stomp://my-activemq:61613` |
+| MQTT | `mqtt://my-activemq:1883` |
+| WebSocket | `ws://my-activemq:61614` |
+
+To connect from outside the cluster, use port-forwarding:
+
+```bash
+kubectl port-forward svc/my-activemq 61616:61616
+```
+
+Then connect to `tcp://localhost:61616`.
+
+## Custom Configuration
+
+You can provide a custom `activemq.xml` directly in your values file:
+
+```yaml
+broker:
+ activemqXml: |
+
+
+
+
+
+
+```
+
+Similarly, you can customize `jetty.xml` and `log4j2.properties` via `broker.jettyXml` and `broker.log4j2Properties`.
+
+See the [examples/](examples/) directory for complete example values files:
+- `activemq-custom.yaml` - Custom broker configuration with `activemq.xml`
+- `production.yaml` - Production-ready settings with external secrets, ingress, and anti-affinity
+
+## Credentials
+
+Credentials are stored in Kubernetes Secrets. For production, use existing secrets instead of plaintext values:
+
+```yaml
+broker:
+ credentials:
+ existingSecret: "my-activemq-credentials"
+ web:
+ existingSecret: "my-activemq-web-credentials"
+```
+
+Create the secrets beforehand:
+
+```bash
+kubectl create secret generic my-activemq-credentials \
+ --from-literal=connection-username=admin \
+ --from-literal=connection-password=s3cur3p4ss
+
+kubectl create secret generic my-activemq-web-credentials \
+ --from-literal=web-username=admin \
+ --from-literal=web-password=s3cur3p4ss
+```
+
+## Persistence
+
+The ActiveMQ image stores message data (KahaDB) at `/opt/apache-activemq/data`.
+
+By default, the chart creates a PersistentVolumeClaim for each pod via the StatefulSet's `volumeClaimTemplates`. The volume is provisioned dynamically using the cluster's default StorageClass.
+
+To disable persistence (data will be lost on pod restart):
+
+```yaml
+persistence:
+ enabled: false
+```
+
+## Monitoring
+
+To enable Prometheus monitoring via the ServiceMonitor CRD:
+
+```yaml
+serviceMonitor:
+ enabled: true
+ interval: 30s
+```
+
+This requires the [Prometheus Operator](https://prometheus-operator.dev/) to be installed in your cluster.
diff --git a/helm/activemq/examples/activemq-custom.yaml b/helm/activemq/examples/activemq-custom.yaml
new file mode 100644
index 00000000000..0e291de37d5
--- /dev/null
+++ b/helm/activemq/examples/activemq-custom.yaml
@@ -0,0 +1,95 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+# Example values file with custom activemq.xml configuration.
+# Usage: helm install activemq ./helm/activemq -f ./helm/activemq/examples/activemq-custom.yaml
+
+broker:
+ credentials:
+ username: admin
+ password: changeme
+ web:
+ username: admin
+ password: changeme
+
+ activemqXml: |
+
+
+
+
+ file:${activemq.conf}/credentials.properties
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/helm/activemq/examples/production.yaml b/helm/activemq/examples/production.yaml
new file mode 100644
index 00000000000..c2d2d69607b
--- /dev/null
+++ b/helm/activemq/examples/production.yaml
@@ -0,0 +1,74 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+# Example production values file.
+# Usage: helm install activemq ./helm/activemq -f ./helm/activemq/examples/production.yaml
+
+broker:
+ credentials:
+ # Use an existing Kubernetes secret for production
+ existingSecret: "activemq-credentials"
+ web:
+ existingSecret: "activemq-web-credentials"
+ jvmMemory: "-Xms512M -Xmx2G"
+
+resources:
+ requests:
+ cpu: "1"
+ memory: 2Gi
+ limits:
+ cpu: "4"
+ memory: 4Gi
+
+persistence:
+ enabled: true
+ size: 50Gi
+
+podDisruptionBudget:
+ enabled: true
+ minAvailable: 1
+
+ingress:
+ enabled: true
+ className: nginx
+ annotations:
+ nginx.ingress.kubernetes.io/auth-type: basic
+ nginx.ingress.kubernetes.io/auth-realm: "ActiveMQ Web Console"
+ hosts:
+ - host: activemq.example.com
+ paths:
+ - path: /
+ pathType: Prefix
+ tls:
+ - secretName: activemq-tls
+ hosts:
+ - activemq.example.com
+
+affinity:
+ podAntiAffinity:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ - weight: 100
+ podAffinityTerm:
+ labelSelector:
+ matchExpressions:
+ - key: app.kubernetes.io/name
+ operator: In
+ values:
+ - activemq
+ topologyKey: kubernetes.io/hostname
+
+terminationGracePeriodSeconds: 120
diff --git a/helm/activemq/templates/NOTES.txt b/helm/activemq/templates/NOTES.txt
new file mode 100644
index 00000000000..2ba240d1369
--- /dev/null
+++ b/helm/activemq/templates/NOTES.txt
@@ -0,0 +1,89 @@
+{{/*
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+*/}}
+
+Apache ActiveMQ has been deployed successfully!
+
+-------------------------------------------------------------------------------
+ WEB CONSOLE
+-------------------------------------------------------------------------------
+{{- if .Values.ingress.enabled }}
+
+Web Console is available at:
+{{- range $host := .Values.ingress.hosts }}
+ http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}
+{{- end }}
+
+{{- else if contains "NodePort" .Values.webConsole.type }}
+
+Get the web console URL by running:
+ export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "activemq.fullname" . }}-web)
+ export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
+ echo "Web Console: http://$NODE_IP:$NODE_PORT"
+
+{{- else if contains "LoadBalancer" .Values.webConsole.type }}
+
+Get the web console URL by running:
+ NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+ export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "activemq.fullname" . }}-web --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
+ echo "Web Console: http://$SERVICE_IP:{{ .Values.webConsole.port }}"
+
+{{- else if contains "ClusterIP" .Values.webConsole.type }}
+
+Access the web console by running:
+ kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ include "activemq.fullname" . }}-web {{ .Values.webConsole.port }}:{{ .Values.webConsole.port }}
+
+Then open: http://127.0.0.1:{{ .Values.webConsole.port }}
+
+{{- end }}
+
+-------------------------------------------------------------------------------
+ BROKER CONNECTIONS
+-------------------------------------------------------------------------------
+
+Broker transport connectors (from within the cluster):
+{{- if .Values.service.openwire.enabled }}
+ OpenWire (JMS): tcp://{{ include "activemq.fullname" . }}:{{ .Values.service.openwire.port }}
+{{- end }}
+{{- if .Values.service.amqp.enabled }}
+ AMQP: amqp://{{ include "activemq.fullname" . }}:{{ .Values.service.amqp.port }}
+{{- end }}
+{{- if .Values.service.stomp.enabled }}
+ STOMP: stomp://{{ include "activemq.fullname" . }}:{{ .Values.service.stomp.port }}
+{{- end }}
+{{- if .Values.service.mqtt.enabled }}
+ MQTT: mqtt://{{ include "activemq.fullname" . }}:{{ .Values.service.mqtt.port }}
+{{- end }}
+{{- if .Values.service.ws.enabled }}
+ WebSocket: ws://{{ include "activemq.fullname" . }}:{{ .Values.service.ws.port }}
+{{- end }}
+
+To connect a JMS client from outside the cluster:
+ kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ include "activemq.fullname" . }} {{ .Values.service.openwire.port }}:{{ .Values.service.openwire.port }}
+
+Then connect to: tcp://127.0.0.1:{{ .Values.service.openwire.port }}
+
+-------------------------------------------------------------------------------
+ USEFUL COMMANDS
+-------------------------------------------------------------------------------
+
+View logs:
+ kubectl logs --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "activemq.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -f
+
+Check broker status:
+ kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "activemq.name" . }},app.kubernetes.io/instance={{ .Release.Name }}"
diff --git a/helm/activemq/templates/_helpers.tpl b/helm/activemq/templates/_helpers.tpl
new file mode 100644
index 00000000000..13d2f6f4777
--- /dev/null
+++ b/helm/activemq/templates/_helpers.tpl
@@ -0,0 +1,122 @@
+{{/*
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+*/}}
+
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "activemq.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "activemq.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "activemq.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "activemq.labels" -}}
+helm.sh/chart: {{ include "activemq.chart" . }}
+{{ include "activemq.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "activemq.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "activemq.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "activemq.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "activemq.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
+
+{{/*
+Return the image name
+*/}}
+{{- define "activemq.image" -}}
+{{- $tag := default .Chart.AppVersion .Values.image.tag -}}
+{{- printf "%s:%s" .Values.image.repository $tag -}}
+{{- end }}
+
+{{/*
+Return the credentials secret name
+*/}}
+{{- define "activemq.credentialsSecretName" -}}
+{{- if .Values.broker.credentials.existingSecret }}
+{{- .Values.broker.credentials.existingSecret }}
+{{- else }}
+{{- printf "%s-credentials" (include "activemq.fullname" .) }}
+{{- end }}
+{{- end }}
+
+{{/*
+Return the web console secret name
+*/}}
+{{- define "activemq.webSecretName" -}}
+{{- if .Values.broker.web.existingSecret }}
+{{- .Values.broker.web.existingSecret }}
+{{- else }}
+{{- printf "%s-web" (include "activemq.fullname" .) }}
+{{- end }}
+{{- end }}
+
+{{/*
+Return the JMX secret name
+*/}}
+{{- define "activemq.jmxSecretName" -}}
+{{- if .Values.broker.jmx.existingSecret }}
+{{- .Values.broker.jmx.existingSecret }}
+{{- else }}
+{{- printf "%s-jmx" (include "activemq.fullname" .) }}
+{{- end }}
+{{- end }}
diff --git a/helm/activemq/templates/configmap.yaml b/helm/activemq/templates/configmap.yaml
new file mode 100644
index 00000000000..600c49e0886
--- /dev/null
+++ b/helm/activemq/templates/configmap.yaml
@@ -0,0 +1,38 @@
+{{/*
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+*/}}
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "activemq.fullname" . }}-config
+ labels:
+ {{- include "activemq.labels" . | nindent 4 }}
+data:
+ {{- if .Values.broker.activemqXml }}
+ activemq.xml: |
+ {{- .Values.broker.activemqXml | nindent 4 }}
+ {{- end }}
+ {{- if .Values.broker.jettyXml }}
+ jetty.xml: |
+ {{- .Values.broker.jettyXml | nindent 4 }}
+ {{- end }}
+ {{- if .Values.broker.log4j2Properties }}
+ log4j2.properties: |
+ {{- .Values.broker.log4j2Properties | nindent 4 }}
+ {{- end }}
diff --git a/helm/activemq/templates/ingress.yaml b/helm/activemq/templates/ingress.yaml
new file mode 100644
index 00000000000..bfa5e740254
--- /dev/null
+++ b/helm/activemq/templates/ingress.yaml
@@ -0,0 +1,60 @@
+{{/*
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+*/}}
+
+{{- if .Values.ingress.enabled -}}
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+ name: {{ include "activemq.fullname" . }}
+ labels:
+ {{- include "activemq.labels" . | nindent 4 }}
+ {{- with .Values.ingress.annotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+ {{- if .Values.ingress.className }}
+ ingressClassName: {{ .Values.ingress.className }}
+ {{- end }}
+ {{- if .Values.ingress.tls }}
+ tls:
+ {{- range .Values.ingress.tls }}
+ - hosts:
+ {{- range .hosts }}
+ - {{ . | quote }}
+ {{- end }}
+ secretName: {{ .secretName }}
+ {{- end }}
+ {{- end }}
+ rules:
+ {{- range .Values.ingress.hosts }}
+ - host: {{ .host | quote }}
+ http:
+ paths:
+ {{- range .paths }}
+ - path: {{ .path }}
+ pathType: {{ .pathType }}
+ backend:
+ service:
+ name: {{ include "activemq.fullname" $ }}-web
+ port:
+ name: web
+ {{- end }}
+ {{- end }}
+{{- end }}
diff --git a/helm/activemq/templates/poddisruptionbudget.yaml b/helm/activemq/templates/poddisruptionbudget.yaml
new file mode 100644
index 00000000000..33f61249ce1
--- /dev/null
+++ b/helm/activemq/templates/poddisruptionbudget.yaml
@@ -0,0 +1,37 @@
+{{/*
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+*/}}
+
+{{- if .Values.podDisruptionBudget.enabled }}
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+ name: {{ include "activemq.fullname" . }}
+ labels:
+ {{- include "activemq.labels" . | nindent 4 }}
+spec:
+ {{- if .Values.podDisruptionBudget.minAvailable }}
+ minAvailable: {{ .Values.podDisruptionBudget.minAvailable }}
+ {{- end }}
+ {{- if .Values.podDisruptionBudget.maxUnavailable }}
+ maxUnavailable: {{ .Values.podDisruptionBudget.maxUnavailable }}
+ {{- end }}
+ selector:
+ matchLabels:
+ {{- include "activemq.selectorLabels" . | nindent 6 }}
+{{- end }}
diff --git a/helm/activemq/templates/secret.yaml b/helm/activemq/templates/secret.yaml
new file mode 100644
index 00000000000..a60f0615756
--- /dev/null
+++ b/helm/activemq/templates/secret.yaml
@@ -0,0 +1,57 @@
+{{/*
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+*/}}
+
+{{- if not .Values.broker.credentials.existingSecret }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "activemq.credentialsSecretName" . }}
+ labels:
+ {{- include "activemq.labels" . | nindent 4 }}
+type: Opaque
+data:
+ connection-username: {{ .Values.broker.credentials.username | b64enc | quote }}
+ connection-password: {{ .Values.broker.credentials.password | b64enc | quote }}
+{{- end }}
+---
+{{- if not .Values.broker.web.existingSecret }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "activemq.webSecretName" . }}
+ labels:
+ {{- include "activemq.labels" . | nindent 4 }}
+type: Opaque
+data:
+ web-username: {{ .Values.broker.web.username | b64enc | quote }}
+ web-password: {{ .Values.broker.web.password | b64enc | quote }}
+{{- end }}
+---
+{{- if and .Values.broker.jmx.enabled (not .Values.broker.jmx.existingSecret) }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "activemq.jmxSecretName" . }}
+ labels:
+ {{- include "activemq.labels" . | nindent 4 }}
+type: Opaque
+data:
+ jmx-username: {{ .Values.broker.jmx.username | b64enc | quote }}
+ jmx-password: {{ .Values.broker.jmx.password | b64enc | quote }}
+{{- end }}
diff --git a/helm/activemq/templates/service-web.yaml b/helm/activemq/templates/service-web.yaml
new file mode 100644
index 00000000000..3b0ea464cfa
--- /dev/null
+++ b/helm/activemq/templates/service-web.yaml
@@ -0,0 +1,38 @@
+{{/*
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+*/}}
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "activemq.fullname" . }}-web
+ labels:
+ {{- include "activemq.labels" . | nindent 4 }}
+ {{- with .Values.webConsole.annotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+ type: {{ .Values.webConsole.type }}
+ selector:
+ {{- include "activemq.selectorLabels" . | nindent 4 }}
+ ports:
+ - name: web
+ port: {{ .Values.webConsole.port }}
+ targetPort: web
+ protocol: TCP
diff --git a/helm/activemq/templates/service.yaml b/helm/activemq/templates/service.yaml
new file mode 100644
index 00000000000..dbb04c26b0e
--- /dev/null
+++ b/helm/activemq/templates/service.yaml
@@ -0,0 +1,64 @@
+{{/*
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+*/}}
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "activemq.fullname" . }}
+ labels:
+ {{- include "activemq.labels" . | nindent 4 }}
+ {{- with .Values.service.annotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+ type: {{ .Values.service.type }}
+ selector:
+ {{- include "activemq.selectorLabels" . | nindent 4 }}
+ ports:
+ {{- if .Values.service.openwire.enabled }}
+ - name: openwire
+ port: {{ .Values.service.openwire.port }}
+ targetPort: openwire
+ protocol: TCP
+ {{- end }}
+ {{- if .Values.service.amqp.enabled }}
+ - name: amqp
+ port: {{ .Values.service.amqp.port }}
+ targetPort: amqp
+ protocol: TCP
+ {{- end }}
+ {{- if .Values.service.stomp.enabled }}
+ - name: stomp
+ port: {{ .Values.service.stomp.port }}
+ targetPort: stomp
+ protocol: TCP
+ {{- end }}
+ {{- if .Values.service.mqtt.enabled }}
+ - name: mqtt
+ port: {{ .Values.service.mqtt.port }}
+ targetPort: mqtt
+ protocol: TCP
+ {{- end }}
+ {{- if .Values.service.ws.enabled }}
+ - name: ws
+ port: {{ .Values.service.ws.port }}
+ targetPort: ws
+ protocol: TCP
+ {{- end }}
diff --git a/helm/activemq/templates/serviceaccount.yaml b/helm/activemq/templates/serviceaccount.yaml
new file mode 100644
index 00000000000..b31b82548ca
--- /dev/null
+++ b/helm/activemq/templates/serviceaccount.yaml
@@ -0,0 +1,32 @@
+{{/*
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+*/}}
+
+{{- if .Values.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: {{ include "activemq.serviceAccountName" . }}
+ labels:
+ {{- include "activemq.labels" . | nindent 4 }}
+ {{- with .Values.serviceAccount.annotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+automountServiceAccountToken: false
+{{- end }}
diff --git a/helm/activemq/templates/servicemonitor.yaml b/helm/activemq/templates/servicemonitor.yaml
new file mode 100644
index 00000000000..4d869ea7d37
--- /dev/null
+++ b/helm/activemq/templates/servicemonitor.yaml
@@ -0,0 +1,38 @@
+{{/*
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+*/}}
+
+{{- if .Values.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+ name: {{ include "activemq.fullname" . }}
+ labels:
+ {{- include "activemq.labels" . | nindent 4 }}
+ {{- with .Values.serviceMonitor.labels }}
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+ selector:
+ matchLabels:
+ {{- include "activemq.selectorLabels" . | nindent 6 }}
+ endpoints:
+ - port: web
+ path: /api/jolokia
+ interval: {{ .Values.serviceMonitor.interval }}
+{{- end }}
diff --git a/helm/activemq/templates/statefulset.yaml b/helm/activemq/templates/statefulset.yaml
new file mode 100644
index 00000000000..e91b1ec7e18
--- /dev/null
+++ b/helm/activemq/templates/statefulset.yaml
@@ -0,0 +1,221 @@
+{{/*
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+*/}}
+
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+ name: {{ include "activemq.fullname" . }}
+ labels:
+ {{- include "activemq.labels" . | nindent 4 }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ serviceName: {{ include "activemq.fullname" . }}
+ selector:
+ matchLabels:
+ {{- include "activemq.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ annotations:
+ checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
+ checksum/secret: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }}
+ {{- with .Values.podAnnotations }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ {{- include "activemq.labels" . | nindent 8 }}
+ {{- with .Values.podLabels }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ spec:
+ {{- with .Values.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ serviceAccountName: {{ include "activemq.serviceAccountName" . }}
+ terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }}
+ securityContext:
+ {{- toYaml .Values.podSecurityContext | nindent 8 }}
+ {{- with .Values.initContainers }}
+ initContainers:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ containers:
+ - name: {{ .Chart.Name }}
+ securityContext:
+ {{- toYaml .Values.securityContext | nindent 12 }}
+ image: {{ include "activemq.image" . }}
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ env:
+ - name: ACTIVEMQ_CONNECTION_USER
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "activemq.credentialsSecretName" . }}
+ key: connection-username
+ - name: ACTIVEMQ_CONNECTION_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "activemq.credentialsSecretName" . }}
+ key: connection-password
+ - name: ACTIVEMQ_WEB_USER
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "activemq.webSecretName" . }}
+ key: web-username
+ - name: ACTIVEMQ_WEB_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "activemq.webSecretName" . }}
+ key: web-password
+ {{- if .Values.broker.jmx.enabled }}
+ - name: ACTIVEMQ_JMX_USER
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "activemq.jmxSecretName" . }}
+ key: jmx-username
+ - name: ACTIVEMQ_JMX_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "activemq.jmxSecretName" . }}
+ key: jmx-password
+ {{- end }}
+ {{- if .Values.broker.jvmMemory }}
+ - name: ACTIVEMQ_OPTS_MEMORY
+ value: {{ .Values.broker.jvmMemory | quote }}
+ {{- end }}
+ {{- if .Values.broker.jvmOpts }}
+ - name: ACTIVEMQ_OPTS
+ value: {{ .Values.broker.jvmOpts | quote }}
+ {{- end }}
+ {{- with .Values.extraEnv }}
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ ports:
+ {{- if .Values.service.openwire.enabled }}
+ - name: openwire
+ containerPort: 61616
+ protocol: TCP
+ {{- end }}
+ {{- if .Values.service.amqp.enabled }}
+ - name: amqp
+ containerPort: 5672
+ protocol: TCP
+ {{- end }}
+ {{- if .Values.service.stomp.enabled }}
+ - name: stomp
+ containerPort: 61613
+ protocol: TCP
+ {{- end }}
+ {{- if .Values.service.mqtt.enabled }}
+ - name: mqtt
+ containerPort: 1883
+ protocol: TCP
+ {{- end }}
+ {{- if .Values.service.ws.enabled }}
+ - name: ws
+ containerPort: 61614
+ protocol: TCP
+ {{- end }}
+ - name: web
+ containerPort: 8161
+ protocol: TCP
+ {{- if .Values.broker.jmx.enabled }}
+ - name: jmx
+ containerPort: 1099
+ protocol: TCP
+ {{- end }}
+ startupProbe:
+ {{- toYaml .Values.startupProbe | nindent 12 }}
+ livenessProbe:
+ {{- toYaml .Values.livenessProbe | nindent 12 }}
+ readinessProbe:
+ {{- toYaml .Values.readinessProbe | nindent 12 }}
+ resources:
+ {{- toYaml .Values.resources | nindent 12 }}
+ volumeMounts:
+ - name: data
+ mountPath: /opt/apache-activemq/data
+ {{- if .Values.broker.activemqXml }}
+ - name: config
+ mountPath: /opt/apache-activemq/conf/activemq.xml
+ subPath: activemq.xml
+ {{- end }}
+ {{- if .Values.broker.jettyXml }}
+ - name: config
+ mountPath: /opt/apache-activemq/conf/jetty.xml
+ subPath: jetty.xml
+ {{- end }}
+ {{- if .Values.broker.log4j2Properties }}
+ - name: config
+ mountPath: /opt/apache-activemq/conf/log4j2.properties
+ subPath: log4j2.properties
+ {{- end }}
+ {{- with .Values.extraVolumeMounts }}
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ volumes:
+ {{- if or .Values.broker.activemqXml .Values.broker.jettyXml .Values.broker.log4j2Properties }}
+ - name: config
+ configMap:
+ name: {{ include "activemq.fullname" . }}-config
+ {{- end }}
+ {{- if not .Values.persistence.enabled }}
+ - name: data
+ emptyDir: {}
+ {{- end }}
+ {{- with .Values.extraVolumes }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.topologySpreadConstraints }}
+ topologySpreadConstraints:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- if .Values.persistence.enabled }}
+ volumeClaimTemplates:
+ - metadata:
+ name: data
+ {{- with .Values.persistence.annotations }}
+ annotations:
+ {{- toYaml . | nindent 10 }}
+ {{- end }}
+ spec:
+ accessModes:
+ {{- toYaml .Values.persistence.accessModes | nindent 10 }}
+ {{- if .Values.persistence.storageClassName }}
+ storageClassName: {{ .Values.persistence.storageClassName | quote }}
+ {{- end }}
+ resources:
+ requests:
+ storage: {{ .Values.persistence.size | quote }}
+ {{- with .Values.persistence.selector }}
+ selector:
+ {{- toYaml . | nindent 10 }}
+ {{- end }}
+ {{- end }}
diff --git a/helm/activemq/templates/tests/test-connection.yaml b/helm/activemq/templates/tests/test-connection.yaml
new file mode 100644
index 00000000000..a076a011dff
--- /dev/null
+++ b/helm/activemq/templates/tests/test-connection.yaml
@@ -0,0 +1,34 @@
+{{/*
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+*/}}
+
+apiVersion: v1
+kind: Pod
+metadata:
+ name: "{{ include "activemq.fullname" . }}-test-connection"
+ labels:
+ {{- include "activemq.labels" . | nindent 4 }}
+ annotations:
+ "helm.sh/hook": test
+spec:
+ containers:
+ - name: wget
+ image: busybox
+ command: ['wget']
+ args: ['{{ include "activemq.fullname" . }}-web:{{ .Values.webConsole.port }}']
+ restartPolicy: Never
diff --git a/helm/activemq/values.yaml b/helm/activemq/values.yaml
new file mode 100644
index 00000000000..b3bc60fac1b
--- /dev/null
+++ b/helm/activemq/values.yaml
@@ -0,0 +1,274 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+# -- Number of ActiveMQ broker replicas
+replicaCount: 1
+
+image:
+ # -- Container image repository
+ repository: apache/activemq
+ # -- Image pull policy
+ pullPolicy: IfNotPresent
+ # -- Overrides the image tag whose default is the chart appVersion
+ tag: ""
+
+# -- Image pull secrets for private registries
+imagePullSecrets: []
+# -- Override the chart name
+nameOverride: ""
+# -- Override the full release name
+fullnameOverride: ""
+
+serviceAccount:
+ # -- Specifies whether a service account should be created
+ create: true
+ # -- Annotations to add to the service account
+ annotations: {}
+ # -- The name of the service account to use (generated if not set and create is true)
+ name: ""
+
+# -- Annotations to add to the pod
+podAnnotations: {}
+
+# -- Labels to add to the pod
+podLabels: {}
+
+podSecurityContext:
+ # -- Run as non-root user
+ runAsNonRoot: true
+ # -- Run as UID 1000 (activemq user in the Docker image)
+ runAsUser: 1000
+ # -- Run as GID 1000
+ runAsGroup: 1000
+ # -- Set filesystem group
+ fsGroup: 1000
+ seccompProfile:
+ # -- Use RuntimeDefault seccomp profile
+ type: RuntimeDefault
+
+securityContext:
+ # -- Disallow privilege escalation
+ allowPrivilegeEscalation: false
+ capabilities:
+ # -- Drop all capabilities
+ drop:
+ - ALL
+ readOnlyRootFilesystem: false
+
+# -- ActiveMQ broker configuration
+broker:
+ # -- ActiveMQ connection credentials
+ credentials:
+ # -- Connection username
+ username: admin
+ # -- Connection password
+ password: admin
+ # -- Use an existing secret for credentials (keys: connection-username, connection-password)
+ existingSecret: ""
+
+ # -- Web console credentials
+ web:
+ # -- Web console username
+ username: admin
+ # -- Web console password
+ password: admin
+ # -- Use an existing secret for web credentials (keys: web-username, web-password)
+ existingSecret: ""
+
+ # -- JMX credentials
+ jmx:
+ # -- Enable JMX
+ enabled: false
+ # -- JMX username
+ username: admin
+ # -- JMX password
+ password: activemq
+ # -- Use an existing secret for JMX credentials (keys: jmx-username, jmx-password)
+ existingSecret: ""
+
+ # -- JVM memory options
+ jvmMemory: "-Xms64M -Xmx1G"
+ # -- Additional JVM options
+ jvmOpts: ""
+
+ # -- Custom activemq.xml configuration (if empty, uses the default from the image)
+ activemqXml: ""
+ # -- Custom jetty.xml configuration (if empty, uses the default from the image)
+ jettyXml: ""
+ # -- Custom log4j2.properties (if empty, uses the default from the image)
+ log4j2Properties: ""
+
+# -- Service configuration for the OpenWire protocol (primary JMS)
+service:
+ # -- Service type
+ type: ClusterIP
+ # -- OpenWire port
+ openwire:
+ # -- Enable OpenWire transport
+ enabled: true
+ # -- OpenWire service port
+ port: 61616
+ # -- AMQP port
+ amqp:
+ # -- Enable AMQP transport
+ enabled: true
+ # -- AMQP service port
+ port: 5672
+ # -- STOMP port
+ stomp:
+ # -- Enable STOMP transport
+ enabled: true
+ # -- STOMP service port
+ port: 61613
+ # -- MQTT port
+ mqtt:
+ # -- Enable MQTT transport
+ enabled: true
+ # -- MQTT service port
+ port: 1883
+ # -- WebSocket port
+ ws:
+ # -- Enable WebSocket transport
+ enabled: true
+ # -- WebSocket service port
+ port: 61614
+ # -- Additional service annotations
+ annotations: {}
+
+# -- Web console service configuration
+webConsole:
+ # -- Service type for web console
+ type: ClusterIP
+ # -- Web console HTTP port
+ port: 8161
+ # -- Additional service annotations
+ annotations: {}
+
+# -- Ingress configuration for the web console
+ingress:
+ # -- Enable ingress
+ enabled: false
+ # -- Ingress class name
+ className: ""
+ # -- Ingress annotations
+ annotations: {}
+ # -- Ingress hosts
+ hosts:
+ - host: activemq.local
+ paths:
+ - path: /
+ pathType: Prefix
+ # -- Ingress TLS configuration
+ tls: []
+
+resources:
+ # -- Resource requests and limits
+ requests:
+ cpu: 500m
+ memory: 1Gi
+ limits:
+ cpu: "2"
+ memory: 2Gi
+
+# -- Startup probe configuration (used to allow slow broker startup)
+startupProbe:
+ tcpSocket:
+ port: openwire
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ timeoutSeconds: 5
+ failureThreshold: 30
+
+# -- Liveness probe configuration
+livenessProbe:
+ httpGet:
+ path: /admin/
+ port: web
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ timeoutSeconds: 5
+ failureThreshold: 6
+
+# -- Readiness probe configuration
+readinessProbe:
+ tcpSocket:
+ port: openwire
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ timeoutSeconds: 5
+ failureThreshold: 3
+
+# -- Pod Disruption Budget configuration
+podDisruptionBudget:
+ # -- Enable PDB
+ enabled: false
+ # -- Minimum available pods
+ minAvailable: 1
+ # -- Maximum unavailable pods (mutually exclusive with minAvailable)
+ # maxUnavailable: 1
+
+# -- Persistence configuration for KahaDB message store
+persistence:
+ # -- Enable persistent storage
+ enabled: true
+ # -- Storage class name (empty uses the default)
+ storageClassName: ""
+ # -- Access modes
+ accessModes:
+ - ReadWriteOnce
+ # -- Storage size
+ size: 8Gi
+ # -- Annotations for the PVC
+ annotations: {}
+ # -- Selector labels for matching PVs
+ selector: {}
+
+# -- Node selector for pod scheduling
+nodeSelector: {}
+
+# -- Tolerations for pod scheduling
+tolerations: []
+
+# -- Affinity rules for pod scheduling
+affinity: {}
+
+# -- Topology spread constraints
+topologySpreadConstraints: []
+
+# -- Extra environment variables
+extraEnv: []
+
+# -- Extra volumes
+extraVolumes: []
+
+# -- Extra volume mounts
+extraVolumeMounts: []
+
+# -- Init containers
+initContainers: []
+
+# -- Prometheus ServiceMonitor configuration
+serviceMonitor:
+ # -- Enable ServiceMonitor (requires Prometheus Operator CRDs)
+ enabled: false
+ # -- Scrape interval
+ interval: 30s
+ # -- Additional labels for the ServiceMonitor
+ labels: {}
+
+# -- Graceful shutdown timeout in seconds
+terminationGracePeriodSeconds: 60