在kubernetes集群中部署ElasticSearch集群--ECK
Elastic Cloud on Kubernetes (ECK) ---ECK是这个说法哈。
基本于k8s operator的官方实现。
URL:
https://www.elastic.co/guide/en/cloud-on-k8s/current/index.html
https://www.elastic.co/guide/en/cloud-on-k8s/current/k8s-quickstart.html
https://github.com/elastic/cloud-on-k8s
帖个yaml,了解一下资源的创建。
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
labels:
controller-tools.k8s.io: "1.0"
name: apmservers.apm.k8s.elastic.co
spec:
additionalPrinterColumns:
- JSONPath: .status.health
name: health
type: string
- JSONPath: .status.availableNodes
description: Available nodes
name: nodes
type: integer
- JSONPath: .spec.version
description: APM version
name: version
type: string
- JSONPath: .metadata.creationTimestamp
name: age
type: date
group: apm.k8s.elastic.co
names:
categories:
- elastic
kind: ApmServer
plural: apmservers
scope: Namespaced
subresources:
status: {}
validation:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
featureFlags:
description: FeatureFlags are apm-specific flags that enable or disable
specific experimental features
type: object
http:
description: HTTP contains settings for HTTP.
properties:
service:
description: Service is a template for the Kubernetes Service
properties:
metadata:
description: Metadata is metadata for the HTTP Service.
properties:
annotations:
description: 'Annotations is an unstructured key value map
stored with a resource that may be set by external tools
to store and retrieve arbitrary metadata. They are not
queryable and should be preserved when modifying objects.
More info: http://kubernetes.io/docs/user-guide/annotations'
type: object
type: object
spec:
description: Spec contains user-provided settings for the HTTP
Service.
properties:
type:
description: 'Type determines which service type to use
for this workload. The options are: `ClusterIP|LoadBalancer|NodePort`.
Defaults to ClusterIP.'
enum:
- ClusterIP
- LoadBalancer
- NodePort
type: string
type: object
type: object
tls:
description: TLS describe additional options to consider when generating
nodes TLS certificates.
properties:
selfSignedCertificate:
description: SelfSignedCertificate define options to apply to
self-signed certificate managed by the operator.
properties:
subjectAltNames:
description: 'SubjectAlternativeNames is a list of SANs
to include in the nodes certificates. For example: a wildcard
DNS to expose the cluster.'
items:
properties:
dns:
type: string
ip:
type: string
type: object
type: array
type: object
type: object
type: object
image:
description: Image represents the docker image that will be used.
type: string
nodeCount:
description: NodeCount defines how many nodes the Apm Server deployment
must have.
format: int32
type: integer
output:
properties:
elasticsearch:
description: Elasticsearch configures the Elasticsearch output
properties:
auth:
description: Auth configures authentication for APM Server to
use.
properties:
inline:
description: Inline is auth provided as plaintext inline
credentials.
properties:
password:
description: Password is the password to use.
type: string
username:
description: User is the username to use.
type: string
type: object
secret:
description: SecretKeyRef is a secret that contains the
credentials to use.
type: object
type: object
hosts:
description: Hosts are the URLs of the output Elasticsearch
nodes.
items:
type: string
type: array
ref:
description: ElasticsearchRef allows users to reference a Elasticsearch
cluster inside k8s to automatically derive the other fields.
properties:
name:
type: string
namespace:
type: string
required:
- name
type: object
ssl:
description: SSL configures TLS-related configuration for Elasticsearch
properties:
certificateAuthoritiesSecret:
description: CertificateAuthoritiesSecret names a secret
that contains a CA file entry to use.
type: string
type: object
type: object
type: object
podTemplate:
description: PodTemplate can be used to propagate configuration to APM
pods. So far, only labels, Affinity and `Containers["apm"].Resources.Limits`
are applied.
type: object
version:
description: Version represents the version of the APM Server
type: string
type: object
status:
properties:
health:
type: string
secretTokenSecret:
description: SecretTokenSecretName is the name of the Secret that contains
the secret token
type: string
service:
description: ExternalService is the name of the service the agents should
connect to.
type: string
type: object
version: v1alpha1
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
labels:
controller-tools.k8s.io: "1.0"
name: clusterlicenses.elasticsearch.k8s.elastic.co
spec:
group: elasticsearch.k8s.elastic.co
names:
kind: ClusterLicense
plural: clusterlicenses
shortNames:
- cl
scope: Namespaced
validation:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
expiryDateInMillis:
format: int64
type: integer
issueDateInMillis:
format: int64
type: integer
issuedTo:
type: string
issuer:
type: string
maxNodes:
format: int64
type: integer
signatureRef:
type: object
startDateInMillis:
format: int64
type: integer
type:
type: string
uid:
description: UID is the license UID not the k8s API UID (!)
type: string
required:
- maxNodes
- type
- signatureRef
type: object
version: v1alpha1
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
labels:
controller-tools.k8s.io: "1.0"
name: elasticsearches.elasticsearch.k8s.elastic.co
spec:
additionalPrinterColumns:
- JSONPath: .status.health
name: health
type: string
- JSONPath: .status.availableNodes
description: Available nodes
name: nodes
type: integer
- JSONPath: .spec.version
description: Elasticsearch version
name: version
type: string
- JSONPath: .status.phase
name: phase
type: string
- JSONPath: .metadata.creationTimestamp
name: age
type: date
group: elasticsearch.k8s.elastic.co
names:
categories:
- elastic
kind: Elasticsearch
plural: elasticsearches
shortNames:
- es
scope: Namespaced
subresources:
status: {}
validation:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
featureFlags:
description: FeatureFlags are instance-specific flags that enable or
disable specific experimental features
type: object
http:
description: HTTP contains settings for HTTP.
properties:
service:
description: Service is a template for the Kubernetes Service
properties:
metadata:
description: Metadata is metadata for the HTTP Service.
properties:
annotations:
description: 'Annotations is an unstructured key value map
stored with a resource that may be set by external tools
to store and retrieve arbitrary metadata. They are not
queryable and should be preserved when modifying objects.
More info: http://kubernetes.io/docs/user-guide/annotations'
type: object
type: object
spec:
description: Spec contains user-provided settings for the HTTP
Service.
properties:
type:
description: 'Type determines which service type to use
for this workload. The options are: `ClusterIP|LoadBalancer|NodePort`.
Defaults to ClusterIP.'
enum:
- ClusterIP
- LoadBalancer
- NodePort
type: string
type: object
type: object
tls:
description: TLS describe additional options to consider when generating
nodes TLS certificates.
properties:
selfSignedCertificate:
description: SelfSignedCertificate define options to apply to
self-signed certificate managed by the operator.
properties:
subjectAltNames:
description: 'SubjectAlternativeNames is a list of SANs
to include in the nodes certificates. For example: a wildcard
DNS to expose the cluster.'
items:
properties:
dns:
type: string
ip:
type: string
type: object
type: array
type: object
type: object
type: object
image:
description: Image represents the docker image that will be used.
type: string
nodes:
description: Nodes represents a list of groups of nodes with the same
configuration to be part of the cluster
items:
properties:
config:
description: Config represents Elasticsearch configuration.
type: object
nodeCount:
description: NodeCount defines how many nodes have this topology
format: int32
type: integer
podTemplate:
description: PodTemplate can be used to propagate configuration
to Elasticsearch pods. So far, only labels, Affinity and `Containers["elasticsearch"].Resources.Limits`
are applied.
type: object
volumeClaimTemplates:
description: 'VolumeClaimTemplates is a list of claims that pods
are allowed to reference. Every claim in this list must have
at least one matching (by name) volumeMount in one container
in the template. A claim in this list takes precedence over
any volumes in the template, with the same name. TODO: Define
the behavior if a claim already exists with the same name. TODO:
define special behavior based on claim metadata.name. (e.g data
/ logs volumes)'
items:
type: object
type: array
type: object
type: array
secureSettings:
description: SecureSettings reference a secret containing secure settings,
to be injected into Elasticsearch keystore on each node. Each individual
key/value entry in the referenced secret is considered as an individual
secure setting to be injected. The secret must exist in the same namespace
as the Elasticsearch resource.
properties:
secretName:
type: string
required:
- secretName
type: object
setVmMaxMapCount:
description: SetVMMaxMapCount indicates whether an init container should
be used to ensure that the `vm.max_map_count` is set according to
https://www.elastic.co/guide/en/elasticsearch/reference/current/vm-max-map-count.html.
Setting this to true requires the kubelet to allow running privileged
containers. Defaults to true if not specified. To be disabled, it
must be explicitly set to false.
type: boolean
updateStrategy:
description: UpdateStrategy specifies how updates to the cluster should
be performed.
properties:
changeBudget:
description: ChangeBudget is the change budget that should be used
when performing mutations to the cluster.
properties:
maxSurge:
description: 'MaxSurge is the maximum number of pods that can
be scheduled above the original number of pods. By default,
a fixed value of 1 is used. Value can be an absolute number
(ex: 5) or a percentage of total pods at the start of the
update (ex: 10%). This can not be 0 if MaxUnavailable is 0
if you want automatic rolling updates to be applied. Absolute
number is calculated from percentage by rounding up. Example:
when this is set to 30%, the new group can be scaled up by
30% immediately when the rolling update starts. Once old pods
have been killed, new group can be scaled up further, ensuring
that total number of pods running at any time during the update
is at most 130% of the target number of pods.'
format: int64
type: integer
maxUnavailable:
description: 'MaxUnavailable is the maximum number of pods that
can be unavailable during the update. Value can be an absolute
number (ex: 5) or a percentage of total pods at the start
of update (ex: 10%). Absolute number is calculated from percentage
by rounding down. This can not be 0 if MaxSurge is 0 if you
want automatic rolling changes to be applied. By default,
a fixed value of 0 is used. Example: when this is set to 30%,
the group can be scaled down by 30% immediately when the rolling
update starts. Once new pods are ready, the group can be scaled
down further, followed by scaling up the group, ensuring that
at least 70% of the target number of pods are available at
all times during the update.'
format: int64
type: integer
required:
- maxUnavailable
- maxSurge
type: object
groups:
description: Groups is a list of groups that should have their cluster
mutations considered in a fair manner with a strict change budget
(not allowing any surge or unavailability) before the entire cluster
is reconciled with the full change budget.
items:
properties:
selector:
description: Selector is the selector used to match pods.
type: object
type: object
type: array
type: object
version:
description: Version represents the version of the stack
type: string
type: object
status:
properties:
clusterUUID:
type: string
health:
type: string
masterNode:
type: string
phase:
type: string
remoteClusters:
type: object
service:
type: string
zenDiscovery:
properties:
minimumMasterNodes:
format: int64
type: integer
type: object
type: object
version: v1alpha1
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
labels:
controller-tools.k8s.io: "1.0"
name: enterpriselicenses.elasticsearch.k8s.elastic.co
spec:
additionalPrinterColumns:
- JSONPath: .status
name: status
type: string
group: elasticsearch.k8s.elastic.co
names:
kind: EnterpriseLicense
plural: enterpriselicenses
shortNames:
- el
scope: Namespaced
subresources:
status: {}
validation:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
clusterLicenses:
items:
properties:
expiryDateInMillis:
format: int64
type: integer
issueDateInMillis:
format: int64
type: integer
issuedTo:
type: string
issuer:
type: string
maxNodes:
format: int64
type: integer
signatureRef:
type: object
startDateInMillis:
format: int64
type: integer
type:
type: string
uid:
description: UID is the license UID not the k8s API UID (!)
type: string
required:
- maxNodes
- type
- signatureRef
type: object
type: array
eula:
properties:
accepted:
type: boolean
required:
- accepted
type: object
expiryDateInMillis:
format: int64
type: integer
issueDateInMillis:
format: int64
type: integer
issuedTo:
type: string
issuer:
type: string
maxInstances:
format: int64
type: integer
signatureRef:
type: object
startDateInMillis:
format: int64
type: integer
type:
type: string
uid:
description: UID is the license UID not the k8s API UID (!)
type: string
required:
- type
- eula
type: object
status:
type: string
version: v1alpha1
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
labels:
controller-tools.k8s.io: "1.0"
name: remoteclusters.elasticsearch.k8s.elastic.co
spec:
additionalPrinterColumns:
- JSONPath: .status.phase
name: status
type: string
group: elasticsearch.k8s.elastic.co
names:
kind: RemoteCluster
plural: remoteclusters
scope: Namespaced
subresources:
status: {}
validation:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
remote:
type: object
required:
- remote
type: object
status:
properties:
clusterName:
type: string
localTrustRelationship:
type: string
phase:
type: string
seedHosts:
items:
type: string
type: array
type: object
version: v1alpha1
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
labels:
controller-tools.k8s.io: "1.0"
name: trustrelationships.elasticsearch.k8s.elastic.co
spec:
group: elasticsearch.k8s.elastic.co
names:
kind: TrustRelationship
plural: trustrelationships
scope: Namespaced
validation:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
caCert:
description: CaCert contains the PEM-encoded CA certificate for the
remote cluster.
type: string
trustRestrictions:
description: TrustRestrictions contains configuration for the trust
restrictions feature of Elasticsearch for this relationship
properties:
trust:
description: Trust contains configuration for the Elasticsearch
trust restrictions.
properties:
subjectName:
description: SubjectName is a list of patterns that incoming
TLS client certificates must match.
items:
type: string
type: array
type: object
type: object
type: object
version: v1alpha1
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
labels:
controller-tools.k8s.io: "1.0"
name: users.elasticsearch.k8s.elastic.co
spec:
additionalPrinterColumns:
- JSONPath: .spec.name
name: username
type: string
- JSONPath: .status.phase
name: status
type: string
group: elasticsearch.k8s.elastic.co
names:
categories:
- elastic
kind: User
plural: users
scope: Namespaced
subresources:
status: {}
validation:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
name:
type: string
passwordHash:
type: string
userRoles:
items:
type: string
type: array
required:
- name
- passwordHash
- userRoles
type: object
status:
properties:
phase:
type: string
reason:
type: string
type: object
version: v1alpha1
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
labels:
controller-tools.k8s.io: "1.0"
name: kibanas.kibana.k8s.elastic.co
spec:
additionalPrinterColumns:
- JSONPath: .status.health
name: health
type: string
- JSONPath: .status.availableNodes
description: Available nodes
name: nodes
type: integer
- JSONPath: .spec.version
description: Kibana version
name: version
type: string
- JSONPath: .metadata.creationTimestamp
name: age
type: date
group: kibana.k8s.elastic.co
names:
categories:
- elastic
kind: Kibana
plural: kibanas
shortNames:
- kb
scope: Namespaced
subresources:
status: {}
validation:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
elasticsearch:
description: Elasticsearch configures how Kibana connects to Elasticsearch
properties:
auth:
description: Auth configures authentication for Kibana to use.
properties:
inline:
description: Inline is auth provided as plaintext inline credentials.
properties:
password:
description: Password is the password to use.
type: string
username:
description: User is the username to use.
type: string
required:
- username
- password
type: object
secret:
type: object
type: object
caCertSecret:
description: CaCertSecret names a secret that contains a CA file
entry to use.
type: string
url:
description: ElasticsearchURL is the URL to the target Elasticsearch
type: string
required:
- url
type: object
elasticsearchRef:
description: ElasticsearchRef references an Elasticsearch resource in
the Kubernetes cluster. If the namespace is not specified, the current
resource namespace will be used.
properties:
name:
type: string
namespace:
type: string
required:
- name
type: object
featureFlags:
description: FeatureFlags are instance-specific flags that enable or
disable specific experimental features
type: object
http:
description: HTTP contains settings for HTTP.
properties:
service:
description: Service is a template for the Kubernetes Service
properties:
metadata:
description: Metadata is metadata for the HTTP Service.
properties:
annotations:
description: 'Annotations is an unstructured key value map
stored with a resource that may be set by external tools
to store and retrieve arbitrary metadata. They are not
queryable and should be preserved when modifying objects.
More info: http://kubernetes.io/docs/user-guide/annotations'
type: object
type: object
spec:
description: Spec contains user-provided settings for the HTTP
Service.
properties:
type:
description: 'Type determines which service type to use
for this workload. The options are: `ClusterIP|LoadBalancer|NodePort`.
Defaults to ClusterIP.'
enum:
- ClusterIP
- LoadBalancer
- NodePort
type: string
type: object
type: object
tls:
description: TLS describe additional options to consider when generating
nodes TLS certificates.
properties:
selfSignedCertificate:
description: SelfSignedCertificate define options to apply to
self-signed certificate managed by the operator.
properties:
subjectAltNames:
description: 'SubjectAlternativeNames is a list of SANs
to include in the nodes certificates. For example: a wildcard
DNS to expose the cluster.'
items:
properties:
dns:
type: string
ip:
type: string
type: object
type: array
type: object
type: object
type: object
image:
description: Image represents the docker image that will be used.
type: string
nodeCount:
description: NodeCount defines how many nodes the Kibana deployment
must have.
format: int32
type: integer
podTemplate:
description: PodTemplate can be used to propagate configuration to Kibana
pods. So far, only labels, Affinity and `Containers["kibana"].Resources.Limits`
are applied.
type: object
version:
description: Version represents the version of Kibana
type: string
type: object
status:
properties:
associationStatus:
type: string
health:
type: string
type: object
version: v1alpha1
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: elastic-operator
rules:
- apiGroups:
- ""
resources:
- pods
- endpoints
- events
- persistentvolumeclaims
- secrets
- services
- configmaps
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- apps
resources:
- deployments
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- batch
resources:
- cronjobs
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- elasticsearch.k8s.elastic.co
resources:
- elasticsearches
- elasticsearches/status
- clusterlicenses
- enterpriselicenses
- enterpriselicenses/status
- trustrelationships
- users
- users/status
- remoteclusters
- remoteclusters/status
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- kibana.k8s.elastic.co
resources:
- kibanas
- kibanas/status
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- apm.k8s.elastic.co
resources:
- apmservers
- apmservers/status
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- associations.k8s.elastic.co
resources:
- apmserverelasticsearchassociations
- apmserverelasticsearchassociations/status
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- admissionregistration.k8s.io
resources:
- mutatingwebhookconfigurations
- validatingwebhookconfigurations
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: elastic-operator
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: elastic-operator
subjects:
- kind: ServiceAccount
name: elastic-operator
namespace: elastic-system
---
apiVersion: v1
kind: Namespace
metadata:
name: elastic-system
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: elastic-operator
namespace: elastic-system
labels:
control-plane: elastic-operator
spec:
selector:
matchLabels:
control-plane: elastic-operator
serviceName: elastic-operator
template:
metadata:
labels:
control-plane: elastic-operator
spec:
serviceAccountName: elastic-operator
containers:
- image: docker.elastic.co/eck/eck-operator:0.8.1
name: manager
args: ["manager", "--operator-roles", "all"]
env:
- name: OPERATOR_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: WEBHOOK_SECRET
value: webhook-server-secret
- name: WEBHOOK_PODS_LABEL
value: elastic-operator
- name: OPERATOR_IMAGE
value: docker.elastic.co/eck/eck-operator:0.8.1
resources:
limits:
cpu: 1
memory: 100Mi
requests:
cpu: 100m
memory: 20Mi
ports:
- containerPort: 9876
name: webhook-server
protocol: TCP
volumeMounts:
- mountPath: /tmp/cert
name: cert
readOnly: true
terminationGracePeriodSeconds: 10
volumes:
- name: cert
secret:
defaultMode: 420
secretName: webhook-server-secret
---
apiVersion: v1
kind: Secret
metadata:
name: webhook-server-secret
namespace: elastic-system
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: elastic-operator
namespace: elastic-system
---
在kubernetes集群中部署ElasticSearch集群--ECK的更多相关文章
- Kubernetes+Flannel 环境中部署HBase集群
2015-12-14注:加入新节点不更改运行节点参数需求已满足,将在后续文章中陆续总结. 注:目前方案不满足加入新节点(master节点或regionserver节点)而不更改已运行节点的参数的需求, ...
- docker swarm英文文档学习-8-在集群中部署服务
Deploy services to a swarm在集群中部署服务 集群服务使用声明式模型,这意味着你需要定义服务的所需状态,并依赖Docker来维护该状态.该状态包括以下信息(但不限于): 应该运 ...
- 在 Kubernetes 中部署 Redis 集群
在 Kubernetes 中部署 Redis 集群 在Kubernetes中部署Redis集群面临挑战,因为每个 Redis 实例都依赖于一个配置文件,该文件可以跟踪其他集群实例及其角色.为此,我们需 ...
- 日志分析系统 - k8s部署ElasticSearch集群
K8s部署ElasticSearch集群 1.前提准备工作 1.1 创建elastic的命名空间 namespace编排文件如下: elastic.namespace.yaml --- apiVers ...
- Docker部署Elasticsearch集群
http://blog.sina.com.cn/s/blog_8ea8e9d50102wwik.html Docker部署Elasticsearch集群 参考文档: https://hub.docke ...
- 终于解决 k8s 集群中部署 nodelocaldns 的问题
自从开始在 kubernetes 集群中部署 nodelocaldns 以提高 dns 解析性能以来,一直被一个问题困扰,只要一部署 nodelocaldns ,在 coredns 中添加的 rewr ...
- Centos8 部署 ElasticSearch 集群并搭建 ELK,基于Logstash同步MySQL数据到ElasticSearch
Centos8安装Docker 1.更新一下yum [root@VM-24-9-centos ~]# yum -y update 2.安装containerd.io # centos8默认使用podm ...
- Centos8 Docker部署ElasticSearch集群
ELK部署 部署ElasticSearch集群 1.拉取镜像及批量生成配置文件 # 拉取镜像 [root@VM-24-9-centos ~]# docker pull elasticsearch:7. ...
- k8s集群中部署prometheus server
1.概述 本文档主要介绍如何在k8s集群中部署prometheus server用来作为监控的数据采集服务器,这样做可以很方便的对k8s集群中的指标.pod的.节点的指标进行采集和监控. 2.下载镜像 ...
随机推荐
- .netcore使用MimeKit发送邮件
以163邮箱为例,借助MimeKit nuget安装:MimeKit类库,源码地址:https://github.com/jstedfast/MimeKit 发送方法如下: #region 邮件发送 ...
- 【IntelliJ IDEA学习之六】IntelliJ IDEA 调试
版本:IntelliJIDEA2018.1.4 一.设置热部署1.自动编译 2.配置hotswap 3.开启compiler.automake.allow.when.app.running CTRL ...
- 【IntelliJ IDEA学习之三】IntelliJ IDEA常用快捷键
版本:IntelliJIDEA2018.1.4 按场景列举一.打开设置CTRL + ALT + S:打开设置(File-->Settings...)Ctrl + Shift + Alt + S: ...
- SharePoint - Another Way to Delete Site Collection
I had created a site collection. But there is a problem of web-frontend server (I did not know when ...
- Java选择结构和循环结构
1.选择结构 ①.ifif(){ } if(){}else{} if(){}else if(){}else if(){}else{} ②.switch switch (表达式) { case 常量 1 ...
- GTD时间管理
GTD就是Getting Things Done的缩写,翻译过来就是"把事情处理完",是一个管理时间的方法.GTD的核心理念概括就是必须记录下来要做的事,然后整理安排并使自己一一去 ...
- jmeter通过BeanShell,实现对接口参数HmacSHA256加密(转)
jmeter通过BeanShell,实现对接口参数HmacSHA256加密2019-04-29 05:10 ps. 最近抓包网站的登陆请求,发现就2个参数,用户名和密码,通过工具去请求这个接口,一直返 ...
- 『线段树及扫描线算法 Atlantis』
入门看这边『线段树 Segment Tree』. 扫描线 扫描线是一种解决一类平面内统计问题的算法,通常会借助线段树来实现,我们通过一道例题来引入这个算法. Atlantis Description ...
- SQL分类之DQL:查询表中的记录
DQL:查询表中的记录 select * from 表名: 1.语法 select 字段列表from 表名列表where 条件列表group by 分组字段having 分组之后的条件order ...
- SQL Server的NTEXT类型不支持等号"="操作(转载)
SQL SERVER – Fix: Error : 402 The data types ntext and varchar are incompatible in the equal to oper ...