134 lines
4.4 KiB
YAML
134 lines
4.4 KiB
YAML
{{- if .Values.es.nodeSets }}
|
|
apiVersion: elasticsearch.k8s.elastic.co/v1
|
|
kind: Elasticsearch
|
|
metadata:
|
|
name: {{ template "kubezero-lib.fullname" . }}
|
|
namespace: {{ .Release.Namespace }}
|
|
labels:
|
|
{{ include "kubezero-lib.labels" . | indent 4 }}
|
|
spec:
|
|
version: {{ .Values.version }}
|
|
nodeSets:
|
|
{{- range .Values.es.nodeSets }}
|
|
- name: {{ .name }}
|
|
config:
|
|
node.roles: [ master, data, ingest ]
|
|
{{- if $.Values.es.prometheus }}
|
|
prometheus.indices: false
|
|
{{- end }}
|
|
{{- if .zone }}
|
|
node.attr.zone: {{ .zone }}
|
|
cluster.routing.allocation.awareness.attributes: k8s_node_name,zone
|
|
{{- end }}
|
|
transport.compress: true
|
|
{{- if .processors }}
|
|
node.processors: {{ .processors }}
|
|
{{- end }}
|
|
indices.memory.index_buffer_size: "20%"
|
|
podTemplate:
|
|
# Remove once https://github.com/elastic/elasticsearch/pull/65923 is merged
|
|
{{- if $.Values.es.s3Snapshot.iamrole }}
|
|
metadata:
|
|
annotations:
|
|
iam.amazonaws.com/role: {{ $.Values.es.s3Snapshot.iamrole }}
|
|
{{- end }}
|
|
spec:
|
|
{{- if or $.Values.es.prometheus $.Values.es.s3Snapshot.enabled }}
|
|
initContainers:
|
|
- name: install-plugins
|
|
command:
|
|
- sh
|
|
- -c
|
|
- |
|
|
{{- if $.Values.es.s3Snapshot.enabled }}
|
|
bin/elasticsearch-plugin install --batch repository-s3;
|
|
{{- end }}
|
|
{{- if $.Values.es.prometheus }}
|
|
bin/elasticsearch-plugin install --batch https://github.com/vvanholl/elasticsearch-prometheus-exporter/releases/download/{{ $.Values.version }}.0/prometheus-exporter-{{ $.Values.version }}.0.zip;
|
|
{{- end }}
|
|
{{- end }}
|
|
containers:
|
|
- name: elasticsearch
|
|
securityContext:
|
|
capabilities:
|
|
add: ["SYS_CHROOT"]
|
|
{{- with .resources }}
|
|
resources: {{ toYaml . | nindent 12 }}
|
|
{{- end }}
|
|
# {{- if or .jvm_heap $.Values.es.s3Snapshot.iamrole }}
|
|
# env:
|
|
# {{- end }}
|
|
{{- if .jvm_heap }}
|
|
env:
|
|
- name: ES_JAVA_OPTS
|
|
value: -Xms{{ .jvm_heap }}g -Xmx{{ .jvm_heap }}g
|
|
{{- end }}
|
|
#{{- if $.Values.es.s3Snapshot.iamrole }}
|
|
# - name: AWS_ROLE_ARN
|
|
# value: {{ $.Values.es.s3Snapshot.iamrole }}
|
|
# - name: AWS_WEB_IDENTITY_TOKEN_FILE
|
|
# value: "/var/run/secrets/sts.amazonaws.com/serviceaccount/token"
|
|
# - name: AWS_STS_REGIONAL_ENDPOINTS
|
|
# value: regional
|
|
# volumeMounts:
|
|
# - name: aws-token
|
|
# mountPath: "/var/run/secrets/sts.amazonaws.com/serviceaccount/"
|
|
# readOnly: true
|
|
#volumes:
|
|
#- name: aws-token
|
|
# projected:
|
|
# sources:
|
|
# - serviceAccountToken:
|
|
# path: token
|
|
# expirationSeconds: 86400
|
|
# audience: "sts.amazonaws.com"
|
|
#{{- end }}
|
|
affinity:
|
|
podAntiAffinity:
|
|
requiredDuringSchedulingIgnoredDuringExecution:
|
|
- labelSelector:
|
|
matchLabels:
|
|
elasticsearch.k8s.elastic.co/cluster-name: {{ template "kubezero-lib.fullname" $ }}
|
|
topologyKey: kubernetes.io/hostname
|
|
{{- if or .zone .nodeAffinity }}
|
|
nodeAffinity:
|
|
{{- if .zone }}
|
|
requiredDuringSchedulingIgnoredDuringExecution:
|
|
nodeSelectorTerms:
|
|
- matchExpressions:
|
|
- key: topology.kubernetes.io/zone
|
|
operator: In
|
|
values:
|
|
- {{ .zone }}
|
|
{{- end }}
|
|
{{- if .nodeAffinity }}
|
|
preferredDuringSchedulingIgnoredDuringExecution:
|
|
- weight: 1
|
|
preference:
|
|
matchExpressions:
|
|
- key: {{ .nodeAffinity.key }}
|
|
operator: In
|
|
values:
|
|
- {{ .nodeAffinity.value }}
|
|
{{- end }}
|
|
{{- end }}
|
|
count: {{ .count }}
|
|
volumeClaimTemplates:
|
|
- metadata:
|
|
name: elasticsearch-data
|
|
spec:
|
|
accessModes:
|
|
- ReadWriteOnce
|
|
resources:
|
|
requests:
|
|
storage: {{ .storage.size }}
|
|
{{- with .storage.class }}
|
|
storageClassName: {{ . }}
|
|
{{- end }}
|
|
{{- end }}
|
|
http:
|
|
tls:
|
|
selfSignedCertificate:
|
|
disabled: true
|
|
{{- end }}
|