Elasticsearch部署helm

明月清风 2020-07-27 101浏览 0条评论
首页/正文
分享到: / / / /

官方helm 

https://helm.elastic.co

 

#证书生成参考官方文档https://www.elastic.co/guide/en/elasticsearch/reference/current/configuring-tls.html#node-certificates


kubectl create secret generic elastic-certificates --from-file=elastic-certificates.p12 -n elasticsearch
apiVersion: v1
kind: Secret
metadata:
  labels:
    cattle.io/creator: norman
  name: elastic-credentials
  namespace: elasticsearch
type: Opaque
data:
  password: ******
  username: *****
---
clusterName: "elasticsearch"
nodeGroup: "master"
 
roles:
  master: "true"
  ingest: "false"
  data: "false"
 
esConfig:
  elasticsearch.yml: |
    xpack.security.enabled: true
    xpack.security.transport.ssl.enabled: true
    xpack.security.transport.ssl.verification_mode: certificate
    xpack.security.transport.ssl.keystore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12
    xpack.security.transport.ssl.truststore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12
     
extraEnvs:
  - name: ELASTIC_PASSWORD
    valueFrom:
      secretKeyRef:
        name: elastic-credentials
        key: password
  - name: ELASTIC_USERNAME
    valueFrom:
      secretKeyRef:
        name: elastic-credentials
        key: username
 
volumeClaimTemplate:
  accessModes: [ "ReadWriteOnce" ]
  #storageClassName: "cloud-ssd"
  resources:
    requests:
      storage: 20Gi
       
secretMounts:
  - name: elastic-certificates
    secretName: elastic-certificates
    path: /usr/share/elasticsearch/config/certs
---
clusterName: "elasticsearch"
nodeGroup: "data"
 
esJavaOpts: "-Xmx16g -Xms16g"
 
resources:
  requests:
    cpu: "4000m"
    memory: "16Gi"
  limits:
    cpu: "8000m"
    memory: "20Gi"
 
roles:
  master: "false"
  ingest: "true"
  data: "true"
 
esConfig:
  elasticsearch.yml: |
    xpack.security.enabled: true
    xpack.security.transport.ssl.enabled: true
    xpack.security.transport.ssl.verification_mode: certificate
    xpack.security.transport.ssl.keystore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12
    xpack.security.transport.ssl.truststore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12
     
extraEnvs:
  - name: ELASTIC_PASSWORD
    valueFrom:
      secretKeyRef:
        name: elastic-credentials
        key: password
  - name: ELASTIC_USERNAME
    valueFrom:
      secretKeyRef:
        name: elastic-credentials
        key: username
 
volumeClaimTemplate:
  accessModes: [ "ReadWriteOnce" ]
  #storageClassName: "cloud-ssd"
  resources:
    requests:
      storage: 5Ti
       
secretMounts:
  - name: elastic-certificates
    secretName: elastic-certificates
    path: /usr/share/elasticsearch/config/certs

 

最后修改:2020-07-27 16:01:58 © 著作权归作者所有
如果觉得我的文章对你有用,请随意赞赏
扫一扫支付

上一篇
登录即可评论哦~

评论列表

还没有人评论哦~赶快抢占沙发吧~