在kubernetes集群中部署ElasticSearch集群--ECK
Elastic Cloud on Kubernetes (ECK) ---ECK是这个说法哈。
基本于k8s operator的官方实现。
URL:
https://www.elastic.co/guide/en/cloud-on-k8s/current/index.html
https://www.elastic.co/guide/en/cloud-on-k8s/current/k8s-quickstart.html
https://github.com/elastic/cloud-on-k8s
帖个yaml,了解一下资源的创建。
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
labels:
controller-tools.k8s.io: "1.0"
name: apmservers.apm.k8s.elastic.co
spec:
additionalPrinterColumns:
- JSONPath: .status.health
name: health
type: string
- JSONPath: .status.availableNodes
description: Available nodes
name: nodes
type: integer
- JSONPath: .spec.version
description: APM version
name: version
type: string
- JSONPath: .metadata.creationTimestamp
name: age
type: date
group: apm.k8s.elastic.co
names:
categories:
- elastic
kind: ApmServer
plural: apmservers
scope: Namespaced
subresources:
status: {}
validation:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
featureFlags:
description: FeatureFlags are apm-specific flags that enable or disable
specific experimental features
type: object
http:
description: HTTP contains settings for HTTP.
properties:
service:
description: Service is a template for the Kubernetes Service
properties:
metadata:
description: Metadata is metadata for the HTTP Service.
properties:
annotations:
description: 'Annotations is an unstructured key value map
stored with a resource that may be set by external tools
to store and retrieve arbitrary metadata. They are not
queryable and should be preserved when modifying objects.
More info: http://kubernetes.io/docs/user-guide/annotations'
type: object
type: object
spec:
description: Spec contains user-provided settings for the HTTP
Service.
properties:
type:
description: 'Type determines which service type to use
for this workload. The options are: `ClusterIP|LoadBalancer|NodePort`.
Defaults to ClusterIP.'
enum:
- ClusterIP
- LoadBalancer
- NodePort
type: string
type: object
type: object
tls:
description: TLS describe additional options to consider when generating
nodes TLS certificates.
properties:
selfSignedCertificate:
description: SelfSignedCertificate define options to apply to
self-signed certificate managed by the operator.
properties:
subjectAltNames:
description: 'SubjectAlternativeNames is a list of SANs
to include in the nodes certificates. For example: a wildcard
DNS to expose the cluster.'
items:
properties:
dns:
type: string
ip:
type: string
type: object
type: array
type: object
type: object
type: object
image:
description: Image represents the docker image that will be used.
type: string
nodeCount:
description: NodeCount defines how many nodes the Apm Server deployment
must have.
format: int32
type: integer
output:
properties:
elasticsearch:
description: Elasticsearch configures the Elasticsearch output
properties:
auth:
description: Auth configures authentication for APM Server to
use.
properties:
inline:
description: Inline is auth provided as plaintext inline
credentials.
properties:
password:
description: Password is the password to use.
type: string
username:
description: User is the username to use.
type: string
type: object
secret:
description: SecretKeyRef is a secret that contains the
credentials to use.
type: object
type: object
hosts:
description: Hosts are the URLs of the output Elasticsearch
nodes.
items:
type: string
type: array
ref:
description: ElasticsearchRef allows users to reference a Elasticsearch
cluster inside k8s to automatically derive the other fields.
properties:
name:
type: string
namespace:
type: string
required:
- name
type: object
ssl:
description: SSL configures TLS-related configuration for Elasticsearch
properties:
certificateAuthoritiesSecret:
description: CertificateAuthoritiesSecret names a secret
that contains a CA file entry to use.
type: string
type: object
type: object
type: object
podTemplate:
description: PodTemplate can be used to propagate configuration to APM
pods. So far, only labels, Affinity and `Containers["apm"].Resources.Limits`
are applied.
type: object
version:
description: Version represents the version of the APM Server
type: string
type: object
status:
properties:
health:
type: string
secretTokenSecret:
description: SecretTokenSecretName is the name of the Secret that contains
the secret token
type: string
service:
description: ExternalService is the name of the service the agents should
connect to.
type: string
type: object
version: v1alpha1
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
labels:
controller-tools.k8s.io: "1.0"
name: clusterlicenses.elasticsearch.k8s.elastic.co
spec:
group: elasticsearch.k8s.elastic.co
names:
kind: ClusterLicense
plural: clusterlicenses
shortNames:
- cl
scope: Namespaced
validation:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
expiryDateInMillis:
format: int64
type: integer
issueDateInMillis:
format: int64
type: integer
issuedTo:
type: string
issuer:
type: string
maxNodes:
format: int64
type: integer
signatureRef:
type: object
startDateInMillis:
format: int64
type: integer
type:
type: string
uid:
description: UID is the license UID not the k8s API UID (!)
type: string
required:
- maxNodes
- type
- signatureRef
type: object
version: v1alpha1
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
labels:
controller-tools.k8s.io: "1.0"
name: elasticsearches.elasticsearch.k8s.elastic.co
spec:
additionalPrinterColumns:
- JSONPath: .status.health
name: health
type: string
- JSONPath: .status.availableNodes
description: Available nodes
name: nodes
type: integer
- JSONPath: .spec.version
description: Elasticsearch version
name: version
type: string
- JSONPath: .status.phase
name: phase
type: string
- JSONPath: .metadata.creationTimestamp
name: age
type: date
group: elasticsearch.k8s.elastic.co
names:
categories:
- elastic
kind: Elasticsearch
plural: elasticsearches
shortNames:
- es
scope: Namespaced
subresources:
status: {}
validation:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
featureFlags:
description: FeatureFlags are instance-specific flags that enable or
disable specific experimental features
type: object
http:
description: HTTP contains settings for HTTP.
properties:
service:
description: Service is a template for the Kubernetes Service
properties:
metadata:
description: Metadata is metadata for the HTTP Service.
properties:
annotations:
description: 'Annotations is an unstructured key value map
stored with a resource that may be set by external tools
to store and retrieve arbitrary metadata. They are not
queryable and should be preserved when modifying objects.
More info: http://kubernetes.io/docs/user-guide/annotations'
type: object
type: object
spec:
description: Spec contains user-provided settings for the HTTP
Service.
properties:
type:
description: 'Type determines which service type to use
for this workload. The options are: `ClusterIP|LoadBalancer|NodePort`.
Defaults to ClusterIP.'
enum:
- ClusterIP
- LoadBalancer
- NodePort
type: string
type: object
type: object
tls:
description: TLS describe additional options to consider when generating
nodes TLS certificates.
properties:
selfSignedCertificate:
description: SelfSignedCertificate define options to apply to
self-signed certificate managed by the operator.
properties:
subjectAltNames:
description: 'SubjectAlternativeNames is a list of SANs
to include in the nodes certificates. For example: a wildcard
DNS to expose the cluster.'
items:
properties:
dns:
type: string
ip:
type: string
type: object
type: array
type: object
type: object
type: object
image:
description: Image represents the docker image that will be used.
type: string
nodes:
description: Nodes represents a list of groups of nodes with the same
configuration to be part of the cluster
items:
properties:
config:
description: Config represents Elasticsearch configuration.
type: object
nodeCount:
description: NodeCount defines how many nodes have this topology
format: int32
type: integer
podTemplate:
description: PodTemplate can be used to propagate configuration
to Elasticsearch pods. So far, only labels, Affinity and `Containers["elasticsearch"].Resources.Limits`
are applied.
type: object
volumeClaimTemplates:
description: 'VolumeClaimTemplates is a list of claims that pods
are allowed to reference. Every claim in this list must have
at least one matching (by name) volumeMount in one container
in the template. A claim in this list takes precedence over
any volumes in the template, with the same name. TODO: Define
the behavior if a claim already exists with the same name. TODO:
define special behavior based on claim metadata.name. (e.g data
/ logs volumes)'
items:
type: object
type: array
type: object
type: array
secureSettings:
description: SecureSettings reference a secret containing secure settings,
to be injected into Elasticsearch keystore on each node. Each individual
key/value entry in the referenced secret is considered as an individual
secure setting to be injected. The secret must exist in the same namespace
as the Elasticsearch resource.
properties:
secretName:
type: string
required:
- secretName
type: object
setVmMaxMapCount:
description: SetVMMaxMapCount indicates whether an init container should
be used to ensure that the `vm.max_map_count` is set according to
https://www.elastic.co/guide/en/elasticsearch/reference/current/vm-max-map-count.html.
Setting this to true requires the kubelet to allow running privileged
containers. Defaults to true if not specified. To be disabled, it
must be explicitly set to false.
type: boolean
updateStrategy:
description: UpdateStrategy specifies how updates to the cluster should
be performed.
properties:
changeBudget:
description: ChangeBudget is the change budget that should be used
when performing mutations to the cluster.
properties:
maxSurge:
description: 'MaxSurge is the maximum number of pods that can
be scheduled above the original number of pods. By default,
a fixed value of 1 is used. Value can be an absolute number
(ex: 5) or a percentage of total pods at the start of the
update (ex: 10%). This can not be 0 if MaxUnavailable is 0
if you want automatic rolling updates to be applied. Absolute
number is calculated from percentage by rounding up. Example:
when this is set to 30%, the new group can be scaled up by
30% immediately when the rolling update starts. Once old pods
have been killed, new group can be scaled up further, ensuring
that total number of pods running at any time during the update
is at most 130% of the target number of pods.'
format: int64
type: integer
maxUnavailable:
description: 'MaxUnavailable is the maximum number of pods that
can be unavailable during the update. Value can be an absolute
number (ex: 5) or a percentage of total pods at the start
of update (ex: 10%). Absolute number is calculated from percentage
by rounding down. This can not be 0 if MaxSurge is 0 if you
want automatic rolling changes to be applied. By default,
a fixed value of 0 is used. Example: when this is set to 30%,
the group can be scaled down by 30% immediately when the rolling
update starts. Once new pods are ready, the group can be scaled
down further, followed by scaling up the group, ensuring that
at least 70% of the target number of pods are available at
all times during the update.'
format: int64
type: integer
required:
- maxUnavailable
- maxSurge
type: object
groups:
description: Groups is a list of groups that should have their cluster
mutations considered in a fair manner with a strict change budget
(not allowing any surge or unavailability) before the entire cluster
is reconciled with the full change budget.
items:
properties:
selector:
description: Selector is the selector used to match pods.
type: object
type: object
type: array
type: object
version:
description: Version represents the version of the stack
type: string
type: object
status:
properties:
clusterUUID:
type: string
health:
type: string
masterNode:
type: string
phase:
type: string
remoteClusters:
type: object
service:
type: string
zenDiscovery:
properties:
minimumMasterNodes:
format: int64
type: integer
type: object
type: object
version: v1alpha1
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
labels:
controller-tools.k8s.io: "1.0"
name: enterpriselicenses.elasticsearch.k8s.elastic.co
spec:
additionalPrinterColumns:
- JSONPath: .status
name: status
type: string
group: elasticsearch.k8s.elastic.co
names:
kind: EnterpriseLicense
plural: enterpriselicenses
shortNames:
- el
scope: Namespaced
subresources:
status: {}
validation:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
clusterLicenses:
items:
properties:
expiryDateInMillis:
format: int64
type: integer
issueDateInMillis:
format: int64
type: integer
issuedTo:
type: string
issuer:
type: string
maxNodes:
format: int64
type: integer
signatureRef:
type: object
startDateInMillis:
format: int64
type: integer
type:
type: string
uid:
description: UID is the license UID not the k8s API UID (!)
type: string
required:
- maxNodes
- type
- signatureRef
type: object
type: array
eula:
properties:
accepted:
type: boolean
required:
- accepted
type: object
expiryDateInMillis:
format: int64
type: integer
issueDateInMillis:
format: int64
type: integer
issuedTo:
type: string
issuer:
type: string
maxInstances:
format: int64
type: integer
signatureRef:
type: object
startDateInMillis:
format: int64
type: integer
type:
type: string
uid:
description: UID is the license UID not the k8s API UID (!)
type: string
required:
- type
- eula
type: object
status:
type: string
version: v1alpha1
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
labels:
controller-tools.k8s.io: "1.0"
name: remoteclusters.elasticsearch.k8s.elastic.co
spec:
additionalPrinterColumns:
- JSONPath: .status.phase
name: status
type: string
group: elasticsearch.k8s.elastic.co
names:
kind: RemoteCluster
plural: remoteclusters
scope: Namespaced
subresources:
status: {}
validation:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
remote:
type: object
required:
- remote
type: object
status:
properties:
clusterName:
type: string
localTrustRelationship:
type: string
phase:
type: string
seedHosts:
items:
type: string
type: array
type: object
version: v1alpha1
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
labels:
controller-tools.k8s.io: "1.0"
name: trustrelationships.elasticsearch.k8s.elastic.co
spec:
group: elasticsearch.k8s.elastic.co
names:
kind: TrustRelationship
plural: trustrelationships
scope: Namespaced
validation:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
caCert:
description: CaCert contains the PEM-encoded CA certificate for the
remote cluster.
type: string
trustRestrictions:
description: TrustRestrictions contains configuration for the trust
restrictions feature of Elasticsearch for this relationship
properties:
trust:
description: Trust contains configuration for the Elasticsearch
trust restrictions.
properties:
subjectName:
description: SubjectName is a list of patterns that incoming
TLS client certificates must match.
items:
type: string
type: array
type: object
type: object
type: object
version: v1alpha1
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
labels:
controller-tools.k8s.io: "1.0"
name: users.elasticsearch.k8s.elastic.co
spec:
additionalPrinterColumns:
- JSONPath: .spec.name
name: username
type: string
- JSONPath: .status.phase
name: status
type: string
group: elasticsearch.k8s.elastic.co
names:
categories:
- elastic
kind: User
plural: users
scope: Namespaced
subresources:
status: {}
validation:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
name:
type: string
passwordHash:
type: string
userRoles:
items:
type: string
type: array
required:
- name
- passwordHash
- userRoles
type: object
status:
properties:
phase:
type: string
reason:
type: string
type: object
version: v1alpha1
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
labels:
controller-tools.k8s.io: "1.0"
name: kibanas.kibana.k8s.elastic.co
spec:
additionalPrinterColumns:
- JSONPath: .status.health
name: health
type: string
- JSONPath: .status.availableNodes
description: Available nodes
name: nodes
type: integer
- JSONPath: .spec.version
description: Kibana version
name: version
type: string
- JSONPath: .metadata.creationTimestamp
name: age
type: date
group: kibana.k8s.elastic.co
names:
categories:
- elastic
kind: Kibana
plural: kibanas
shortNames:
- kb
scope: Namespaced
subresources:
status: {}
validation:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
elasticsearch:
description: Elasticsearch configures how Kibana connects to Elasticsearch
properties:
auth:
description: Auth configures authentication for Kibana to use.
properties:
inline:
description: Inline is auth provided as plaintext inline credentials.
properties:
password:
description: Password is the password to use.
type: string
username:
description: User is the username to use.
type: string
required:
- username
- password
type: object
secret:
type: object
type: object
caCertSecret:
description: CaCertSecret names a secret that contains a CA file
entry to use.
type: string
url:
description: ElasticsearchURL is the URL to the target Elasticsearch
type: string
required:
- url
type: object
elasticsearchRef:
description: ElasticsearchRef references an Elasticsearch resource in
the Kubernetes cluster. If the namespace is not specified, the current
resource namespace will be used.
properties:
name:
type: string
namespace:
type: string
required:
- name
type: object
featureFlags:
description: FeatureFlags are instance-specific flags that enable or
disable specific experimental features
type: object
http:
description: HTTP contains settings for HTTP.
properties:
service:
description: Service is a template for the Kubernetes Service
properties:
metadata:
description: Metadata is metadata for the HTTP Service.
properties:
annotations:
description: 'Annotations is an unstructured key value map
stored with a resource that may be set by external tools
to store and retrieve arbitrary metadata. They are not
queryable and should be preserved when modifying objects.
More info: http://kubernetes.io/docs/user-guide/annotations'
type: object
type: object
spec:
description: Spec contains user-provided settings for the HTTP
Service.
properties:
type:
description: 'Type determines which service type to use
for this workload. The options are: `ClusterIP|LoadBalancer|NodePort`.
Defaults to ClusterIP.'
enum:
- ClusterIP
- LoadBalancer
- NodePort
type: string
type: object
type: object
tls:
description: TLS describe additional options to consider when generating
nodes TLS certificates.
properties:
selfSignedCertificate:
description: SelfSignedCertificate define options to apply to
self-signed certificate managed by the operator.
properties:
subjectAltNames:
description: 'SubjectAlternativeNames is a list of SANs
to include in the nodes certificates. For example: a wildcard
DNS to expose the cluster.'
items:
properties:
dns:
type: string
ip:
type: string
type: object
type: array
type: object
type: object
type: object
image:
description: Image represents the docker image that will be used.
type: string
nodeCount:
description: NodeCount defines how many nodes the Kibana deployment
must have.
format: int32
type: integer
podTemplate:
description: PodTemplate can be used to propagate configuration to Kibana
pods. So far, only labels, Affinity and `Containers["kibana"].Resources.Limits`
are applied.
type: object
version:
description: Version represents the version of Kibana
type: string
type: object
status:
properties:
associationStatus:
type: string
health:
type: string
type: object
version: v1alpha1
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: elastic-operator
rules:
- apiGroups:
- ""
resources:
- pods
- endpoints
- events
- persistentvolumeclaims
- secrets
- services
- configmaps
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- apps
resources:
- deployments
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- batch
resources:
- cronjobs
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- elasticsearch.k8s.elastic.co
resources:
- elasticsearches
- elasticsearches/status
- clusterlicenses
- enterpriselicenses
- enterpriselicenses/status
- trustrelationships
- users
- users/status
- remoteclusters
- remoteclusters/status
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- kibana.k8s.elastic.co
resources:
- kibanas
- kibanas/status
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- apm.k8s.elastic.co
resources:
- apmservers
- apmservers/status
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- associations.k8s.elastic.co
resources:
- apmserverelasticsearchassociations
- apmserverelasticsearchassociations/status
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- admissionregistration.k8s.io
resources:
- mutatingwebhookconfigurations
- validatingwebhookconfigurations
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: elastic-operator
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: elastic-operator
subjects:
- kind: ServiceAccount
name: elastic-operator
namespace: elastic-system
---
apiVersion: v1
kind: Namespace
metadata:
name: elastic-system
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: elastic-operator
namespace: elastic-system
labels:
control-plane: elastic-operator
spec:
selector:
matchLabels:
control-plane: elastic-operator
serviceName: elastic-operator
template:
metadata:
labels:
control-plane: elastic-operator
spec:
serviceAccountName: elastic-operator
containers:
- image: docker.elastic.co/eck/eck-operator:0.8.1
name: manager
args: ["manager", "--operator-roles", "all"]
env:
- name: OPERATOR_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: WEBHOOK_SECRET
value: webhook-server-secret
- name: WEBHOOK_PODS_LABEL
value: elastic-operator
- name: OPERATOR_IMAGE
value: docker.elastic.co/eck/eck-operator:0.8.1
resources:
limits:
cpu: 1
memory: 100Mi
requests:
cpu: 100m
memory: 20Mi
ports:
- containerPort: 9876
name: webhook-server
protocol: TCP
volumeMounts:
- mountPath: /tmp/cert
name: cert
readOnly: true
terminationGracePeriodSeconds: 10
volumes:
- name: cert
secret:
defaultMode: 420
secretName: webhook-server-secret
---
apiVersion: v1
kind: Secret
metadata:
name: webhook-server-secret
namespace: elastic-system
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: elastic-operator
namespace: elastic-system
---
在kubernetes集群中部署ElasticSearch集群--ECK的更多相关文章
- Kubernetes+Flannel 环境中部署HBase集群
2015-12-14注:加入新节点不更改运行节点参数需求已满足,将在后续文章中陆续总结. 注:目前方案不满足加入新节点(master节点或regionserver节点)而不更改已运行节点的参数的需求, ...
- docker swarm英文文档学习-8-在集群中部署服务
Deploy services to a swarm在集群中部署服务 集群服务使用声明式模型,这意味着你需要定义服务的所需状态,并依赖Docker来维护该状态.该状态包括以下信息(但不限于): 应该运 ...
- 在 Kubernetes 中部署 Redis 集群
在 Kubernetes 中部署 Redis 集群 在Kubernetes中部署Redis集群面临挑战,因为每个 Redis 实例都依赖于一个配置文件,该文件可以跟踪其他集群实例及其角色.为此,我们需 ...
- 日志分析系统 - k8s部署ElasticSearch集群
K8s部署ElasticSearch集群 1.前提准备工作 1.1 创建elastic的命名空间 namespace编排文件如下: elastic.namespace.yaml --- apiVers ...
- Docker部署Elasticsearch集群
http://blog.sina.com.cn/s/blog_8ea8e9d50102wwik.html Docker部署Elasticsearch集群 参考文档: https://hub.docke ...
- 终于解决 k8s 集群中部署 nodelocaldns 的问题
自从开始在 kubernetes 集群中部署 nodelocaldns 以提高 dns 解析性能以来,一直被一个问题困扰,只要一部署 nodelocaldns ,在 coredns 中添加的 rewr ...
- Centos8 部署 ElasticSearch 集群并搭建 ELK,基于Logstash同步MySQL数据到ElasticSearch
Centos8安装Docker 1.更新一下yum [root@VM-24-9-centos ~]# yum -y update 2.安装containerd.io # centos8默认使用podm ...
- Centos8 Docker部署ElasticSearch集群
ELK部署 部署ElasticSearch集群 1.拉取镜像及批量生成配置文件 # 拉取镜像 [root@VM-24-9-centos ~]# docker pull elasticsearch:7. ...
- k8s集群中部署prometheus server
1.概述 本文档主要介绍如何在k8s集群中部署prometheus server用来作为监控的数据采集服务器,这样做可以很方便的对k8s集群中的指标.pod的.节点的指标进行采集和监控. 2.下载镜像 ...
随机推荐
- dnsperf
github 地址:https://github.com/DNS-OARC/dnsperf mac安装:brew install dnsperf 参数详解 Dnsperf 支持下面的这些命令行参数: ...
- 使用rxjs以及javascript解决前端的防抖和节流
JavaScript实现方式: 防抖 触发高频事件后 n 秒内函数只会执行一次,如果 n 秒内高频事件再次被触发,则重新计算时间:思路:每次触发事件时都取消之前的延时调用方法: 举个例子:做一个自动查 ...
- Alpha冲刺——总结篇
课程信息 课程 软件工程1916|W(福州大学) 团队名称 修!咻咻! 作业要求 项目Alpha冲刺 团队目标 切实可行的计算机协会维修预约平台 团队信息 队员学号 队员姓名 个人博客地址 备注 22 ...
- Flume+Kafka+Storm+Redis 大数据在线实时分析
1.实时处理框架 即从上面的架构中我们可以看出,其由下面的几部分构成: Flume集群 Kafka集群 Storm集群 从构建实时处理系统的角度出发,我们需要做的是,如何让数据在各个不同的集群系统之间 ...
- golang面对对象
- Codeforces Round #580 (Div. 1)
Codeforces Round #580 (Div. 1) https://codeforces.com/contest/1205 A. Almost Equal 随便构造一下吧...太水了不说了, ...
- 【题解】有限制的排列 [51nod1296]
[题解]有限制的排列 [51nod1296] 传送门:有限制的排列 \([51nod1296]\) [题目描述] 给出 \(n,m_1,m_2\) 和 \(\{a[1],a[2]...a[m_1]\} ...
- C#子线程执行完后,调用主线程的方法
private delegate void CheckVersionNumber_CallBack(string str);//定义一个为委托 用于 检测版本 //检测版本private void m ...
- Django TypeError: render() got an unexpected keyword argument 'renderer'
场景: Xadmin添加plugin 来源: 1. xadmin与DjangoUeditor的安装 (第3.3章节) 2. 增加富文本编辑器Ueditor (第14.7章节) 报错: Django T ...
- AD常用术语
SMD : Surface Mounted Devices 表面贴装器件 PAD 焊盘