在kubernetes集群中部署ElasticSearch集群--ECK
Elastic Cloud on Kubernetes (ECK) ---ECK是这个说法哈。
基本于k8s operator的官方实现。
URL:
https://www.elastic.co/guide/en/cloud-on-k8s/current/index.html
https://www.elastic.co/guide/en/cloud-on-k8s/current/k8s-quickstart.html
https://github.com/elastic/cloud-on-k8s
帖个yaml,了解一下资源的创建。
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
labels:
controller-tools.k8s.io: "1.0"
name: apmservers.apm.k8s.elastic.co
spec:
additionalPrinterColumns:
- JSONPath: .status.health
name: health
type: string
- JSONPath: .status.availableNodes
description: Available nodes
name: nodes
type: integer
- JSONPath: .spec.version
description: APM version
name: version
type: string
- JSONPath: .metadata.creationTimestamp
name: age
type: date
group: apm.k8s.elastic.co
names:
categories:
- elastic
kind: ApmServer
plural: apmservers
scope: Namespaced
subresources:
status: {}
validation:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
featureFlags:
description: FeatureFlags are apm-specific flags that enable or disable
specific experimental features
type: object
http:
description: HTTP contains settings for HTTP.
properties:
service:
description: Service is a template for the Kubernetes Service
properties:
metadata:
description: Metadata is metadata for the HTTP Service.
properties:
annotations:
description: 'Annotations is an unstructured key value map
stored with a resource that may be set by external tools
to store and retrieve arbitrary metadata. They are not
queryable and should be preserved when modifying objects.
More info: http://kubernetes.io/docs/user-guide/annotations'
type: object
type: object
spec:
description: Spec contains user-provided settings for the HTTP
Service.
properties:
type:
description: 'Type determines which service type to use
for this workload. The options are: `ClusterIP|LoadBalancer|NodePort`.
Defaults to ClusterIP.'
enum:
- ClusterIP
- LoadBalancer
- NodePort
type: string
type: object
type: object
tls:
description: TLS describe additional options to consider when generating
nodes TLS certificates.
properties:
selfSignedCertificate:
description: SelfSignedCertificate define options to apply to
self-signed certificate managed by the operator.
properties:
subjectAltNames:
description: 'SubjectAlternativeNames is a list of SANs
to include in the nodes certificates. For example: a wildcard
DNS to expose the cluster.'
items:
properties:
dns:
type: string
ip:
type: string
type: object
type: array
type: object
type: object
type: object
image:
description: Image represents the docker image that will be used.
type: string
nodeCount:
description: NodeCount defines how many nodes the Apm Server deployment
must have.
format: int32
type: integer
output:
properties:
elasticsearch:
description: Elasticsearch configures the Elasticsearch output
properties:
auth:
description: Auth configures authentication for APM Server to
use.
properties:
inline:
description: Inline is auth provided as plaintext inline
credentials.
properties:
password:
description: Password is the password to use.
type: string
username:
description: User is the username to use.
type: string
type: object
secret:
description: SecretKeyRef is a secret that contains the
credentials to use.
type: object
type: object
hosts:
description: Hosts are the URLs of the output Elasticsearch
nodes.
items:
type: string
type: array
ref:
description: ElasticsearchRef allows users to reference a Elasticsearch
cluster inside k8s to automatically derive the other fields.
properties:
name:
type: string
namespace:
type: string
required:
- name
type: object
ssl:
description: SSL configures TLS-related configuration for Elasticsearch
properties:
certificateAuthoritiesSecret:
description: CertificateAuthoritiesSecret names a secret
that contains a CA file entry to use.
type: string
type: object
type: object
type: object
podTemplate:
description: PodTemplate can be used to propagate configuration to APM
pods. So far, only labels, Affinity and `Containers["apm"].Resources.Limits`
are applied.
type: object
version:
description: Version represents the version of the APM Server
type: string
type: object
status:
properties:
health:
type: string
secretTokenSecret:
description: SecretTokenSecretName is the name of the Secret that contains
the secret token
type: string
service:
description: ExternalService is the name of the service the agents should
connect to.
type: string
type: object
version: v1alpha1
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
labels:
controller-tools.k8s.io: "1.0"
name: clusterlicenses.elasticsearch.k8s.elastic.co
spec:
group: elasticsearch.k8s.elastic.co
names:
kind: ClusterLicense
plural: clusterlicenses
shortNames:
- cl
scope: Namespaced
validation:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
expiryDateInMillis:
format: int64
type: integer
issueDateInMillis:
format: int64
type: integer
issuedTo:
type: string
issuer:
type: string
maxNodes:
format: int64
type: integer
signatureRef:
type: object
startDateInMillis:
format: int64
type: integer
type:
type: string
uid:
description: UID is the license UID not the k8s API UID (!)
type: string
required:
- maxNodes
- type
- signatureRef
type: object
version: v1alpha1
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
labels:
controller-tools.k8s.io: "1.0"
name: elasticsearches.elasticsearch.k8s.elastic.co
spec:
additionalPrinterColumns:
- JSONPath: .status.health
name: health
type: string
- JSONPath: .status.availableNodes
description: Available nodes
name: nodes
type: integer
- JSONPath: .spec.version
description: Elasticsearch version
name: version
type: string
- JSONPath: .status.phase
name: phase
type: string
- JSONPath: .metadata.creationTimestamp
name: age
type: date
group: elasticsearch.k8s.elastic.co
names:
categories:
- elastic
kind: Elasticsearch
plural: elasticsearches
shortNames:
- es
scope: Namespaced
subresources:
status: {}
validation:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
featureFlags:
description: FeatureFlags are instance-specific flags that enable or
disable specific experimental features
type: object
http:
description: HTTP contains settings for HTTP.
properties:
service:
description: Service is a template for the Kubernetes Service
properties:
metadata:
description: Metadata is metadata for the HTTP Service.
properties:
annotations:
description: 'Annotations is an unstructured key value map
stored with a resource that may be set by external tools
to store and retrieve arbitrary metadata. They are not
queryable and should be preserved when modifying objects.
More info: http://kubernetes.io/docs/user-guide/annotations'
type: object
type: object
spec:
description: Spec contains user-provided settings for the HTTP
Service.
properties:
type:
description: 'Type determines which service type to use
for this workload. The options are: `ClusterIP|LoadBalancer|NodePort`.
Defaults to ClusterIP.'
enum:
- ClusterIP
- LoadBalancer
- NodePort
type: string
type: object
type: object
tls:
description: TLS describe additional options to consider when generating
nodes TLS certificates.
properties:
selfSignedCertificate:
description: SelfSignedCertificate define options to apply to
self-signed certificate managed by the operator.
properties:
subjectAltNames:
description: 'SubjectAlternativeNames is a list of SANs
to include in the nodes certificates. For example: a wildcard
DNS to expose the cluster.'
items:
properties:
dns:
type: string
ip:
type: string
type: object
type: array
type: object
type: object
type: object
image:
description: Image represents the docker image that will be used.
type: string
nodes:
description: Nodes represents a list of groups of nodes with the same
configuration to be part of the cluster
items:
properties:
config:
description: Config represents Elasticsearch configuration.
type: object
nodeCount:
description: NodeCount defines how many nodes have this topology
format: int32
type: integer
podTemplate:
description: PodTemplate can be used to propagate configuration
to Elasticsearch pods. So far, only labels, Affinity and `Containers["elasticsearch"].Resources.Limits`
are applied.
type: object
volumeClaimTemplates:
description: 'VolumeClaimTemplates is a list of claims that pods
are allowed to reference. Every claim in this list must have
at least one matching (by name) volumeMount in one container
in the template. A claim in this list takes precedence over
any volumes in the template, with the same name. TODO: Define
the behavior if a claim already exists with the same name. TODO:
define special behavior based on claim metadata.name. (e.g data
/ logs volumes)'
items:
type: object
type: array
type: object
type: array
secureSettings:
description: SecureSettings reference a secret containing secure settings,
to be injected into Elasticsearch keystore on each node. Each individual
key/value entry in the referenced secret is considered as an individual
secure setting to be injected. The secret must exist in the same namespace
as the Elasticsearch resource.
properties:
secretName:
type: string
required:
- secretName
type: object
setVmMaxMapCount:
description: SetVMMaxMapCount indicates whether an init container should
be used to ensure that the `vm.max_map_count` is set according to
https://www.elastic.co/guide/en/elasticsearch/reference/current/vm-max-map-count.html.
Setting this to true requires the kubelet to allow running privileged
containers. Defaults to true if not specified. To be disabled, it
must be explicitly set to false.
type: boolean
updateStrategy:
description: UpdateStrategy specifies how updates to the cluster should
be performed.
properties:
changeBudget:
description: ChangeBudget is the change budget that should be used
when performing mutations to the cluster.
properties:
maxSurge:
description: 'MaxSurge is the maximum number of pods that can
be scheduled above the original number of pods. By default,
a fixed value of 1 is used. Value can be an absolute number
(ex: 5) or a percentage of total pods at the start of the
update (ex: 10%). This can not be 0 if MaxUnavailable is 0
if you want automatic rolling updates to be applied. Absolute
number is calculated from percentage by rounding up. Example:
when this is set to 30%, the new group can be scaled up by
30% immediately when the rolling update starts. Once old pods
have been killed, new group can be scaled up further, ensuring
that total number of pods running at any time during the update
is at most 130% of the target number of pods.'
format: int64
type: integer
maxUnavailable:
description: 'MaxUnavailable is the maximum number of pods that
can be unavailable during the update. Value can be an absolute
number (ex: 5) or a percentage of total pods at the start
of update (ex: 10%). Absolute number is calculated from percentage
by rounding down. This can not be 0 if MaxSurge is 0 if you
want automatic rolling changes to be applied. By default,
a fixed value of 0 is used. Example: when this is set to 30%,
the group can be scaled down by 30% immediately when the rolling
update starts. Once new pods are ready, the group can be scaled
down further, followed by scaling up the group, ensuring that
at least 70% of the target number of pods are available at
all times during the update.'
format: int64
type: integer
required:
- maxUnavailable
- maxSurge
type: object
groups:
description: Groups is a list of groups that should have their cluster
mutations considered in a fair manner with a strict change budget
(not allowing any surge or unavailability) before the entire cluster
is reconciled with the full change budget.
items:
properties:
selector:
description: Selector is the selector used to match pods.
type: object
type: object
type: array
type: object
version:
description: Version represents the version of the stack
type: string
type: object
status:
properties:
clusterUUID:
type: string
health:
type: string
masterNode:
type: string
phase:
type: string
remoteClusters:
type: object
service:
type: string
zenDiscovery:
properties:
minimumMasterNodes:
format: int64
type: integer
type: object
type: object
version: v1alpha1
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
labels:
controller-tools.k8s.io: "1.0"
name: enterpriselicenses.elasticsearch.k8s.elastic.co
spec:
additionalPrinterColumns:
- JSONPath: .status
name: status
type: string
group: elasticsearch.k8s.elastic.co
names:
kind: EnterpriseLicense
plural: enterpriselicenses
shortNames:
- el
scope: Namespaced
subresources:
status: {}
validation:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
clusterLicenses:
items:
properties:
expiryDateInMillis:
format: int64
type: integer
issueDateInMillis:
format: int64
type: integer
issuedTo:
type: string
issuer:
type: string
maxNodes:
format: int64
type: integer
signatureRef:
type: object
startDateInMillis:
format: int64
type: integer
type:
type: string
uid:
description: UID is the license UID not the k8s API UID (!)
type: string
required:
- maxNodes
- type
- signatureRef
type: object
type: array
eula:
properties:
accepted:
type: boolean
required:
- accepted
type: object
expiryDateInMillis:
format: int64
type: integer
issueDateInMillis:
format: int64
type: integer
issuedTo:
type: string
issuer:
type: string
maxInstances:
format: int64
type: integer
signatureRef:
type: object
startDateInMillis:
format: int64
type: integer
type:
type: string
uid:
description: UID is the license UID not the k8s API UID (!)
type: string
required:
- type
- eula
type: object
status:
type: string
version: v1alpha1
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
labels:
controller-tools.k8s.io: "1.0"
name: remoteclusters.elasticsearch.k8s.elastic.co
spec:
additionalPrinterColumns:
- JSONPath: .status.phase
name: status
type: string
group: elasticsearch.k8s.elastic.co
names:
kind: RemoteCluster
plural: remoteclusters
scope: Namespaced
subresources:
status: {}
validation:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
remote:
type: object
required:
- remote
type: object
status:
properties:
clusterName:
type: string
localTrustRelationship:
type: string
phase:
type: string
seedHosts:
items:
type: string
type: array
type: object
version: v1alpha1
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
labels:
controller-tools.k8s.io: "1.0"
name: trustrelationships.elasticsearch.k8s.elastic.co
spec:
group: elasticsearch.k8s.elastic.co
names:
kind: TrustRelationship
plural: trustrelationships
scope: Namespaced
validation:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
caCert:
description: CaCert contains the PEM-encoded CA certificate for the
remote cluster.
type: string
trustRestrictions:
description: TrustRestrictions contains configuration for the trust
restrictions feature of Elasticsearch for this relationship
properties:
trust:
description: Trust contains configuration for the Elasticsearch
trust restrictions.
properties:
subjectName:
description: SubjectName is a list of patterns that incoming
TLS client certificates must match.
items:
type: string
type: array
type: object
type: object
type: object
version: v1alpha1
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
labels:
controller-tools.k8s.io: "1.0"
name: users.elasticsearch.k8s.elastic.co
spec:
additionalPrinterColumns:
- JSONPath: .spec.name
name: username
type: string
- JSONPath: .status.phase
name: status
type: string
group: elasticsearch.k8s.elastic.co
names:
categories:
- elastic
kind: User
plural: users
scope: Namespaced
subresources:
status: {}
validation:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
name:
type: string
passwordHash:
type: string
userRoles:
items:
type: string
type: array
required:
- name
- passwordHash
- userRoles
type: object
status:
properties:
phase:
type: string
reason:
type: string
type: object
version: v1alpha1
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
labels:
controller-tools.k8s.io: "1.0"
name: kibanas.kibana.k8s.elastic.co
spec:
additionalPrinterColumns:
- JSONPath: .status.health
name: health
type: string
- JSONPath: .status.availableNodes
description: Available nodes
name: nodes
type: integer
- JSONPath: .spec.version
description: Kibana version
name: version
type: string
- JSONPath: .metadata.creationTimestamp
name: age
type: date
group: kibana.k8s.elastic.co
names:
categories:
- elastic
kind: Kibana
plural: kibanas
shortNames:
- kb
scope: Namespaced
subresources:
status: {}
validation:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
elasticsearch:
description: Elasticsearch configures how Kibana connects to Elasticsearch
properties:
auth:
description: Auth configures authentication for Kibana to use.
properties:
inline:
description: Inline is auth provided as plaintext inline credentials.
properties:
password:
description: Password is the password to use.
type: string
username:
description: User is the username to use.
type: string
required:
- username
- password
type: object
secret:
type: object
type: object
caCertSecret:
description: CaCertSecret names a secret that contains a CA file
entry to use.
type: string
url:
description: ElasticsearchURL is the URL to the target Elasticsearch
type: string
required:
- url
type: object
elasticsearchRef:
description: ElasticsearchRef references an Elasticsearch resource in
the Kubernetes cluster. If the namespace is not specified, the current
resource namespace will be used.
properties:
name:
type: string
namespace:
type: string
required:
- name
type: object
featureFlags:
description: FeatureFlags are instance-specific flags that enable or
disable specific experimental features
type: object
http:
description: HTTP contains settings for HTTP.
properties:
service:
description: Service is a template for the Kubernetes Service
properties:
metadata:
description: Metadata is metadata for the HTTP Service.
properties:
annotations:
description: 'Annotations is an unstructured key value map
stored with a resource that may be set by external tools
to store and retrieve arbitrary metadata. They are not
queryable and should be preserved when modifying objects.
More info: http://kubernetes.io/docs/user-guide/annotations'
type: object
type: object
spec:
description: Spec contains user-provided settings for the HTTP
Service.
properties:
type:
description: 'Type determines which service type to use
for this workload. The options are: `ClusterIP|LoadBalancer|NodePort`.
Defaults to ClusterIP.'
enum:
- ClusterIP
- LoadBalancer
- NodePort
type: string
type: object
type: object
tls:
description: TLS describe additional options to consider when generating
nodes TLS certificates.
properties:
selfSignedCertificate:
description: SelfSignedCertificate define options to apply to
self-signed certificate managed by the operator.
properties:
subjectAltNames:
description: 'SubjectAlternativeNames is a list of SANs
to include in the nodes certificates. For example: a wildcard
DNS to expose the cluster.'
items:
properties:
dns:
type: string
ip:
type: string
type: object
type: array
type: object
type: object
type: object
image:
description: Image represents the docker image that will be used.
type: string
nodeCount:
description: NodeCount defines how many nodes the Kibana deployment
must have.
format: int32
type: integer
podTemplate:
description: PodTemplate can be used to propagate configuration to Kibana
pods. So far, only labels, Affinity and `Containers["kibana"].Resources.Limits`
are applied.
type: object
version:
description: Version represents the version of Kibana
type: string
type: object
status:
properties:
associationStatus:
type: string
health:
type: string
type: object
version: v1alpha1
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: elastic-operator
rules:
- apiGroups:
- ""
resources:
- pods
- endpoints
- events
- persistentvolumeclaims
- secrets
- services
- configmaps
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- apps
resources:
- deployments
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- batch
resources:
- cronjobs
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- elasticsearch.k8s.elastic.co
resources:
- elasticsearches
- elasticsearches/status
- clusterlicenses
- enterpriselicenses
- enterpriselicenses/status
- trustrelationships
- users
- users/status
- remoteclusters
- remoteclusters/status
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- kibana.k8s.elastic.co
resources:
- kibanas
- kibanas/status
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- apm.k8s.elastic.co
resources:
- apmservers
- apmservers/status
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- associations.k8s.elastic.co
resources:
- apmserverelasticsearchassociations
- apmserverelasticsearchassociations/status
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- admissionregistration.k8s.io
resources:
- mutatingwebhookconfigurations
- validatingwebhookconfigurations
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: elastic-operator
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: elastic-operator
subjects:
- kind: ServiceAccount
name: elastic-operator
namespace: elastic-system
---
apiVersion: v1
kind: Namespace
metadata:
name: elastic-system
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: elastic-operator
namespace: elastic-system
labels:
control-plane: elastic-operator
spec:
selector:
matchLabels:
control-plane: elastic-operator
serviceName: elastic-operator
template:
metadata:
labels:
control-plane: elastic-operator
spec:
serviceAccountName: elastic-operator
containers:
- image: docker.elastic.co/eck/eck-operator:0.8.1
name: manager
args: ["manager", "--operator-roles", "all"]
env:
- name: OPERATOR_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: WEBHOOK_SECRET
value: webhook-server-secret
- name: WEBHOOK_PODS_LABEL
value: elastic-operator
- name: OPERATOR_IMAGE
value: docker.elastic.co/eck/eck-operator:0.8.1
resources:
limits:
cpu: 1
memory: 100Mi
requests:
cpu: 100m
memory: 20Mi
ports:
- containerPort: 9876
name: webhook-server
protocol: TCP
volumeMounts:
- mountPath: /tmp/cert
name: cert
readOnly: true
terminationGracePeriodSeconds: 10
volumes:
- name: cert
secret:
defaultMode: 420
secretName: webhook-server-secret
---
apiVersion: v1
kind: Secret
metadata:
name: webhook-server-secret
namespace: elastic-system
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: elastic-operator
namespace: elastic-system
---
在kubernetes集群中部署ElasticSearch集群--ECK的更多相关文章
- Kubernetes+Flannel 环境中部署HBase集群
2015-12-14注:加入新节点不更改运行节点参数需求已满足,将在后续文章中陆续总结. 注:目前方案不满足加入新节点(master节点或regionserver节点)而不更改已运行节点的参数的需求, ...
- docker swarm英文文档学习-8-在集群中部署服务
Deploy services to a swarm在集群中部署服务 集群服务使用声明式模型,这意味着你需要定义服务的所需状态,并依赖Docker来维护该状态.该状态包括以下信息(但不限于): 应该运 ...
- 在 Kubernetes 中部署 Redis 集群
在 Kubernetes 中部署 Redis 集群 在Kubernetes中部署Redis集群面临挑战,因为每个 Redis 实例都依赖于一个配置文件,该文件可以跟踪其他集群实例及其角色.为此,我们需 ...
- 日志分析系统 - k8s部署ElasticSearch集群
K8s部署ElasticSearch集群 1.前提准备工作 1.1 创建elastic的命名空间 namespace编排文件如下: elastic.namespace.yaml --- apiVers ...
- Docker部署Elasticsearch集群
http://blog.sina.com.cn/s/blog_8ea8e9d50102wwik.html Docker部署Elasticsearch集群 参考文档: https://hub.docke ...
- 终于解决 k8s 集群中部署 nodelocaldns 的问题
自从开始在 kubernetes 集群中部署 nodelocaldns 以提高 dns 解析性能以来,一直被一个问题困扰,只要一部署 nodelocaldns ,在 coredns 中添加的 rewr ...
- Centos8 部署 ElasticSearch 集群并搭建 ELK,基于Logstash同步MySQL数据到ElasticSearch
Centos8安装Docker 1.更新一下yum [root@VM-24-9-centos ~]# yum -y update 2.安装containerd.io # centos8默认使用podm ...
- Centos8 Docker部署ElasticSearch集群
ELK部署 部署ElasticSearch集群 1.拉取镜像及批量生成配置文件 # 拉取镜像 [root@VM-24-9-centos ~]# docker pull elasticsearch:7. ...
- k8s集群中部署prometheus server
1.概述 本文档主要介绍如何在k8s集群中部署prometheus server用来作为监控的数据采集服务器,这样做可以很方便的对k8s集群中的指标.pod的.节点的指标进行采集和监控. 2.下载镜像 ...
随机推荐
- Windows_pycharm下安装numpy
https://blog.csdn.net/haishu_zheng/article/details/77489309 一.下载在网站https://pypi.python.org/pypi/nump ...
- Beta/Gamma事后分析
目录 设想和目标 计划 资源 变更管理 设计/实现 测试/发布 团队的角色,管理,合作 总结 对照敏捷开发的原则, 你觉得你们小组做得最好的是哪几个原则? 请列出具体的事例. 照片 设想和目标 我们的 ...
- fio压测
目录 fio工具介绍 参数介绍 测试举例 模板如下: 四路服务器测试的小tips fio工具介绍 用于测试存储设备IO性能. 当存储设备中存在用户数据时,严谨使用fio进行写操作!!! 参数介绍 rw ...
- ReentrantLock 的公平锁源码分析
ReentrantLock 源码分析 以公平锁源码解析为例: 1:数据结构: 维护Sync 对象的引用: private final Sync sync; Sync对象继承 AQS, Syn ...
- 【C++】一个指针占几个字节?为什么呢?
一个指针在32位操作系统上,占4个字节 一个指针在64位操作系统上,占8个字节 但是,编译器为了兼容32位操作系统和64位操作系统,所以指针都是4个字节长度 为什么呢? 在计算机中,CPU不能直接与硬 ...
- Docker中nginx+tomcat实现负载均衡
拉取tomcat镜像 docker pull tomcat 运行两个tomcat容器 docker run -d -p 8088:8080 --name tomcat8088 tomcat docke ...
- [转帖]从 SOA 到微服务,企业分布式应用架构在云原生时代如何重塑?
从 SOA 到微服务,企业分布式应用架构在云原生时代如何重塑? 2019-10-08 10:26:28 阿里云云栖社区 阅读数 54 版权声明:本文为博主原创文章,遵循CC 4.0 BY-SA版权 ...
- DDR3(5):读写仲裁
上一讲我们完成了读的控制,但是并不知道是否设计成功,必须读写结合才行.DDR3 的 app 端的命令总线是读写复用的,因此可能会存在读写冲突的时刻,为了解决此问题,必须进行分时读写,也就是我们说的仲裁 ...
- SQL Server的常用提示
在SQL Server中,有许多SQL语句的提示,本文总结一些比较常用的提示. OPTION LOOP/MERGE/HASH JOIN提示 该提示可以改变整个SQL语句中所有JOIN的关联算法,所以请 ...
- The instance of entity type 'Menu' cannot be tracked because another instance with the same key value for {'Id'} is already being tracked.
这里记录一个在使用.net core中ef core执行数据库操作时遇到的问题: 我在代码中使用DbContext下的Update方法准备将更改后的数据像这样步到数据库: _context.Menus ...