在kubernetes集群中部署ElasticSearch集群--ECK
Elastic Cloud on Kubernetes (ECK) ---ECK是这个说法哈。
基本于k8s operator的官方实现。
URL:
https://www.elastic.co/guide/en/cloud-on-k8s/current/index.html
https://www.elastic.co/guide/en/cloud-on-k8s/current/k8s-quickstart.html
https://github.com/elastic/cloud-on-k8s
帖个yaml,了解一下资源的创建。
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
labels:
controller-tools.k8s.io: "1.0"
name: apmservers.apm.k8s.elastic.co
spec:
additionalPrinterColumns:
- JSONPath: .status.health
name: health
type: string
- JSONPath: .status.availableNodes
description: Available nodes
name: nodes
type: integer
- JSONPath: .spec.version
description: APM version
name: version
type: string
- JSONPath: .metadata.creationTimestamp
name: age
type: date
group: apm.k8s.elastic.co
names:
categories:
- elastic
kind: ApmServer
plural: apmservers
scope: Namespaced
subresources:
status: {}
validation:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
featureFlags:
description: FeatureFlags are apm-specific flags that enable or disable
specific experimental features
type: object
http:
description: HTTP contains settings for HTTP.
properties:
service:
description: Service is a template for the Kubernetes Service
properties:
metadata:
description: Metadata is metadata for the HTTP Service.
properties:
annotations:
description: 'Annotations is an unstructured key value map
stored with a resource that may be set by external tools
to store and retrieve arbitrary metadata. They are not
queryable and should be preserved when modifying objects.
More info: http://kubernetes.io/docs/user-guide/annotations'
type: object
type: object
spec:
description: Spec contains user-provided settings for the HTTP
Service.
properties:
type:
description: 'Type determines which service type to use
for this workload. The options are: `ClusterIP|LoadBalancer|NodePort`.
Defaults to ClusterIP.'
enum:
- ClusterIP
- LoadBalancer
- NodePort
type: string
type: object
type: object
tls:
description: TLS describe additional options to consider when generating
nodes TLS certificates.
properties:
selfSignedCertificate:
description: SelfSignedCertificate define options to apply to
self-signed certificate managed by the operator.
properties:
subjectAltNames:
description: 'SubjectAlternativeNames is a list of SANs
to include in the nodes certificates. For example: a wildcard
DNS to expose the cluster.'
items:
properties:
dns:
type: string
ip:
type: string
type: object
type: array
type: object
type: object
type: object
image:
description: Image represents the docker image that will be used.
type: string
nodeCount:
description: NodeCount defines how many nodes the Apm Server deployment
must have.
format: int32
type: integer
output:
properties:
elasticsearch:
description: Elasticsearch configures the Elasticsearch output
properties:
auth:
description: Auth configures authentication for APM Server to
use.
properties:
inline:
description: Inline is auth provided as plaintext inline
credentials.
properties:
password:
description: Password is the password to use.
type: string
username:
description: User is the username to use.
type: string
type: object
secret:
description: SecretKeyRef is a secret that contains the
credentials to use.
type: object
type: object
hosts:
description: Hosts are the URLs of the output Elasticsearch
nodes.
items:
type: string
type: array
ref:
description: ElasticsearchRef allows users to reference a Elasticsearch
cluster inside k8s to automatically derive the other fields.
properties:
name:
type: string
namespace:
type: string
required:
- name
type: object
ssl:
description: SSL configures TLS-related configuration for Elasticsearch
properties:
certificateAuthoritiesSecret:
description: CertificateAuthoritiesSecret names a secret
that contains a CA file entry to use.
type: string
type: object
type: object
type: object
podTemplate:
description: PodTemplate can be used to propagate configuration to APM
pods. So far, only labels, Affinity and `Containers["apm"].Resources.Limits`
are applied.
type: object
version:
description: Version represents the version of the APM Server
type: string
type: object
status:
properties:
health:
type: string
secretTokenSecret:
description: SecretTokenSecretName is the name of the Secret that contains
the secret token
type: string
service:
description: ExternalService is the name of the service the agents should
connect to.
type: string
type: object
version: v1alpha1
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
labels:
controller-tools.k8s.io: "1.0"
name: clusterlicenses.elasticsearch.k8s.elastic.co
spec:
group: elasticsearch.k8s.elastic.co
names:
kind: ClusterLicense
plural: clusterlicenses
shortNames:
- cl
scope: Namespaced
validation:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
expiryDateInMillis:
format: int64
type: integer
issueDateInMillis:
format: int64
type: integer
issuedTo:
type: string
issuer:
type: string
maxNodes:
format: int64
type: integer
signatureRef:
type: object
startDateInMillis:
format: int64
type: integer
type:
type: string
uid:
description: UID is the license UID not the k8s API UID (!)
type: string
required:
- maxNodes
- type
- signatureRef
type: object
version: v1alpha1
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
labels:
controller-tools.k8s.io: "1.0"
name: elasticsearches.elasticsearch.k8s.elastic.co
spec:
additionalPrinterColumns:
- JSONPath: .status.health
name: health
type: string
- JSONPath: .status.availableNodes
description: Available nodes
name: nodes
type: integer
- JSONPath: .spec.version
description: Elasticsearch version
name: version
type: string
- JSONPath: .status.phase
name: phase
type: string
- JSONPath: .metadata.creationTimestamp
name: age
type: date
group: elasticsearch.k8s.elastic.co
names:
categories:
- elastic
kind: Elasticsearch
plural: elasticsearches
shortNames:
- es
scope: Namespaced
subresources:
status: {}
validation:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
featureFlags:
description: FeatureFlags are instance-specific flags that enable or
disable specific experimental features
type: object
http:
description: HTTP contains settings for HTTP.
properties:
service:
description: Service is a template for the Kubernetes Service
properties:
metadata:
description: Metadata is metadata for the HTTP Service.
properties:
annotations:
description: 'Annotations is an unstructured key value map
stored with a resource that may be set by external tools
to store and retrieve arbitrary metadata. They are not
queryable and should be preserved when modifying objects.
More info: http://kubernetes.io/docs/user-guide/annotations'
type: object
type: object
spec:
description: Spec contains user-provided settings for the HTTP
Service.
properties:
type:
description: 'Type determines which service type to use
for this workload. The options are: `ClusterIP|LoadBalancer|NodePort`.
Defaults to ClusterIP.'
enum:
- ClusterIP
- LoadBalancer
- NodePort
type: string
type: object
type: object
tls:
description: TLS describe additional options to consider when generating
nodes TLS certificates.
properties:
selfSignedCertificate:
description: SelfSignedCertificate define options to apply to
self-signed certificate managed by the operator.
properties:
subjectAltNames:
description: 'SubjectAlternativeNames is a list of SANs
to include in the nodes certificates. For example: a wildcard
DNS to expose the cluster.'
items:
properties:
dns:
type: string
ip:
type: string
type: object
type: array
type: object
type: object
type: object
image:
description: Image represents the docker image that will be used.
type: string
nodes:
description: Nodes represents a list of groups of nodes with the same
configuration to be part of the cluster
items:
properties:
config:
description: Config represents Elasticsearch configuration.
type: object
nodeCount:
description: NodeCount defines how many nodes have this topology
format: int32
type: integer
podTemplate:
description: PodTemplate can be used to propagate configuration
to Elasticsearch pods. So far, only labels, Affinity and `Containers["elasticsearch"].Resources.Limits`
are applied.
type: object
volumeClaimTemplates:
description: 'VolumeClaimTemplates is a list of claims that pods
are allowed to reference. Every claim in this list must have
at least one matching (by name) volumeMount in one container
in the template. A claim in this list takes precedence over
any volumes in the template, with the same name. TODO: Define
the behavior if a claim already exists with the same name. TODO:
define special behavior based on claim metadata.name. (e.g data
/ logs volumes)'
items:
type: object
type: array
type: object
type: array
secureSettings:
description: SecureSettings reference a secret containing secure settings,
to be injected into Elasticsearch keystore on each node. Each individual
key/value entry in the referenced secret is considered as an individual
secure setting to be injected. The secret must exist in the same namespace
as the Elasticsearch resource.
properties:
secretName:
type: string
required:
- secretName
type: object
setVmMaxMapCount:
description: SetVMMaxMapCount indicates whether an init container should
be used to ensure that the `vm.max_map_count` is set according to
https://www.elastic.co/guide/en/elasticsearch/reference/current/vm-max-map-count.html.
Setting this to true requires the kubelet to allow running privileged
containers. Defaults to true if not specified. To be disabled, it
must be explicitly set to false.
type: boolean
updateStrategy:
description: UpdateStrategy specifies how updates to the cluster should
be performed.
properties:
changeBudget:
description: ChangeBudget is the change budget that should be used
when performing mutations to the cluster.
properties:
maxSurge:
description: 'MaxSurge is the maximum number of pods that can
be scheduled above the original number of pods. By default,
a fixed value of 1 is used. Value can be an absolute number
(ex: 5) or a percentage of total pods at the start of the
update (ex: 10%). This can not be 0 if MaxUnavailable is 0
if you want automatic rolling updates to be applied. Absolute
number is calculated from percentage by rounding up. Example:
when this is set to 30%, the new group can be scaled up by
30% immediately when the rolling update starts. Once old pods
have been killed, new group can be scaled up further, ensuring
that total number of pods running at any time during the update
is at most 130% of the target number of pods.'
format: int64
type: integer
maxUnavailable:
description: 'MaxUnavailable is the maximum number of pods that
can be unavailable during the update. Value can be an absolute
number (ex: 5) or a percentage of total pods at the start
of update (ex: 10%). Absolute number is calculated from percentage
by rounding down. This can not be 0 if MaxSurge is 0 if you
want automatic rolling changes to be applied. By default,
a fixed value of 0 is used. Example: when this is set to 30%,
the group can be scaled down by 30% immediately when the rolling
update starts. Once new pods are ready, the group can be scaled
down further, followed by scaling up the group, ensuring that
at least 70% of the target number of pods are available at
all times during the update.'
format: int64
type: integer
required:
- maxUnavailable
- maxSurge
type: object
groups:
description: Groups is a list of groups that should have their cluster
mutations considered in a fair manner with a strict change budget
(not allowing any surge or unavailability) before the entire cluster
is reconciled with the full change budget.
items:
properties:
selector:
description: Selector is the selector used to match pods.
type: object
type: object
type: array
type: object
version:
description: Version represents the version of the stack
type: string
type: object
status:
properties:
clusterUUID:
type: string
health:
type: string
masterNode:
type: string
phase:
type: string
remoteClusters:
type: object
service:
type: string
zenDiscovery:
properties:
minimumMasterNodes:
format: int64
type: integer
type: object
type: object
version: v1alpha1
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
labels:
controller-tools.k8s.io: "1.0"
name: enterpriselicenses.elasticsearch.k8s.elastic.co
spec:
additionalPrinterColumns:
- JSONPath: .status
name: status
type: string
group: elasticsearch.k8s.elastic.co
names:
kind: EnterpriseLicense
plural: enterpriselicenses
shortNames:
- el
scope: Namespaced
subresources:
status: {}
validation:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
clusterLicenses:
items:
properties:
expiryDateInMillis:
format: int64
type: integer
issueDateInMillis:
format: int64
type: integer
issuedTo:
type: string
issuer:
type: string
maxNodes:
format: int64
type: integer
signatureRef:
type: object
startDateInMillis:
format: int64
type: integer
type:
type: string
uid:
description: UID is the license UID not the k8s API UID (!)
type: string
required:
- maxNodes
- type
- signatureRef
type: object
type: array
eula:
properties:
accepted:
type: boolean
required:
- accepted
type: object
expiryDateInMillis:
format: int64
type: integer
issueDateInMillis:
format: int64
type: integer
issuedTo:
type: string
issuer:
type: string
maxInstances:
format: int64
type: integer
signatureRef:
type: object
startDateInMillis:
format: int64
type: integer
type:
type: string
uid:
description: UID is the license UID not the k8s API UID (!)
type: string
required:
- type
- eula
type: object
status:
type: string
version: v1alpha1
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
labels:
controller-tools.k8s.io: "1.0"
name: remoteclusters.elasticsearch.k8s.elastic.co
spec:
additionalPrinterColumns:
- JSONPath: .status.phase
name: status
type: string
group: elasticsearch.k8s.elastic.co
names:
kind: RemoteCluster
plural: remoteclusters
scope: Namespaced
subresources:
status: {}
validation:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
remote:
type: object
required:
- remote
type: object
status:
properties:
clusterName:
type: string
localTrustRelationship:
type: string
phase:
type: string
seedHosts:
items:
type: string
type: array
type: object
version: v1alpha1
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
labels:
controller-tools.k8s.io: "1.0"
name: trustrelationships.elasticsearch.k8s.elastic.co
spec:
group: elasticsearch.k8s.elastic.co
names:
kind: TrustRelationship
plural: trustrelationships
scope: Namespaced
validation:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
caCert:
description: CaCert contains the PEM-encoded CA certificate for the
remote cluster.
type: string
trustRestrictions:
description: TrustRestrictions contains configuration for the trust
restrictions feature of Elasticsearch for this relationship
properties:
trust:
description: Trust contains configuration for the Elasticsearch
trust restrictions.
properties:
subjectName:
description: SubjectName is a list of patterns that incoming
TLS client certificates must match.
items:
type: string
type: array
type: object
type: object
type: object
version: v1alpha1
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
labels:
controller-tools.k8s.io: "1.0"
name: users.elasticsearch.k8s.elastic.co
spec:
additionalPrinterColumns:
- JSONPath: .spec.name
name: username
type: string
- JSONPath: .status.phase
name: status
type: string
group: elasticsearch.k8s.elastic.co
names:
categories:
- elastic
kind: User
plural: users
scope: Namespaced
subresources:
status: {}
validation:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
name:
type: string
passwordHash:
type: string
userRoles:
items:
type: string
type: array
required:
- name
- passwordHash
- userRoles
type: object
status:
properties:
phase:
type: string
reason:
type: string
type: object
version: v1alpha1
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
labels:
controller-tools.k8s.io: "1.0"
name: kibanas.kibana.k8s.elastic.co
spec:
additionalPrinterColumns:
- JSONPath: .status.health
name: health
type: string
- JSONPath: .status.availableNodes
description: Available nodes
name: nodes
type: integer
- JSONPath: .spec.version
description: Kibana version
name: version
type: string
- JSONPath: .metadata.creationTimestamp
name: age
type: date
group: kibana.k8s.elastic.co
names:
categories:
- elastic
kind: Kibana
plural: kibanas
shortNames:
- kb
scope: Namespaced
subresources:
status: {}
validation:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
elasticsearch:
description: Elasticsearch configures how Kibana connects to Elasticsearch
properties:
auth:
description: Auth configures authentication for Kibana to use.
properties:
inline:
description: Inline is auth provided as plaintext inline credentials.
properties:
password:
description: Password is the password to use.
type: string
username:
description: User is the username to use.
type: string
required:
- username
- password
type: object
secret:
type: object
type: object
caCertSecret:
description: CaCertSecret names a secret that contains a CA file
entry to use.
type: string
url:
description: ElasticsearchURL is the URL to the target Elasticsearch
type: string
required:
- url
type: object
elasticsearchRef:
description: ElasticsearchRef references an Elasticsearch resource in
the Kubernetes cluster. If the namespace is not specified, the current
resource namespace will be used.
properties:
name:
type: string
namespace:
type: string
required:
- name
type: object
featureFlags:
description: FeatureFlags are instance-specific flags that enable or
disable specific experimental features
type: object
http:
description: HTTP contains settings for HTTP.
properties:
service:
description: Service is a template for the Kubernetes Service
properties:
metadata:
description: Metadata is metadata for the HTTP Service.
properties:
annotations:
description: 'Annotations is an unstructured key value map
stored with a resource that may be set by external tools
to store and retrieve arbitrary metadata. They are not
queryable and should be preserved when modifying objects.
More info: http://kubernetes.io/docs/user-guide/annotations'
type: object
type: object
spec:
description: Spec contains user-provided settings for the HTTP
Service.
properties:
type:
description: 'Type determines which service type to use
for this workload. The options are: `ClusterIP|LoadBalancer|NodePort`.
Defaults to ClusterIP.'
enum:
- ClusterIP
- LoadBalancer
- NodePort
type: string
type: object
type: object
tls:
description: TLS describe additional options to consider when generating
nodes TLS certificates.
properties:
selfSignedCertificate:
description: SelfSignedCertificate define options to apply to
self-signed certificate managed by the operator.
properties:
subjectAltNames:
description: 'SubjectAlternativeNames is a list of SANs
to include in the nodes certificates. For example: a wildcard
DNS to expose the cluster.'
items:
properties:
dns:
type: string
ip:
type: string
type: object
type: array
type: object
type: object
type: object
image:
description: Image represents the docker image that will be used.
type: string
nodeCount:
description: NodeCount defines how many nodes the Kibana deployment
must have.
format: int32
type: integer
podTemplate:
description: PodTemplate can be used to propagate configuration to Kibana
pods. So far, only labels, Affinity and `Containers["kibana"].Resources.Limits`
are applied.
type: object
version:
description: Version represents the version of Kibana
type: string
type: object
status:
properties:
associationStatus:
type: string
health:
type: string
type: object
version: v1alpha1
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: elastic-operator
rules:
- apiGroups:
- ""
resources:
- pods
- endpoints
- events
- persistentvolumeclaims
- secrets
- services
- configmaps
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- apps
resources:
- deployments
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- batch
resources:
- cronjobs
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- elasticsearch.k8s.elastic.co
resources:
- elasticsearches
- elasticsearches/status
- clusterlicenses
- enterpriselicenses
- enterpriselicenses/status
- trustrelationships
- users
- users/status
- remoteclusters
- remoteclusters/status
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- kibana.k8s.elastic.co
resources:
- kibanas
- kibanas/status
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- apm.k8s.elastic.co
resources:
- apmservers
- apmservers/status
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- associations.k8s.elastic.co
resources:
- apmserverelasticsearchassociations
- apmserverelasticsearchassociations/status
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- admissionregistration.k8s.io
resources:
- mutatingwebhookconfigurations
- validatingwebhookconfigurations
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: elastic-operator
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: elastic-operator
subjects:
- kind: ServiceAccount
name: elastic-operator
namespace: elastic-system
---
apiVersion: v1
kind: Namespace
metadata:
name: elastic-system
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: elastic-operator
namespace: elastic-system
labels:
control-plane: elastic-operator
spec:
selector:
matchLabels:
control-plane: elastic-operator
serviceName: elastic-operator
template:
metadata:
labels:
control-plane: elastic-operator
spec:
serviceAccountName: elastic-operator
containers:
- image: docker.elastic.co/eck/eck-operator:0.8.1
name: manager
args: ["manager", "--operator-roles", "all"]
env:
- name: OPERATOR_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: WEBHOOK_SECRET
value: webhook-server-secret
- name: WEBHOOK_PODS_LABEL
value: elastic-operator
- name: OPERATOR_IMAGE
value: docker.elastic.co/eck/eck-operator:0.8.1
resources:
limits:
cpu: 1
memory: 100Mi
requests:
cpu: 100m
memory: 20Mi
ports:
- containerPort: 9876
name: webhook-server
protocol: TCP
volumeMounts:
- mountPath: /tmp/cert
name: cert
readOnly: true
terminationGracePeriodSeconds: 10
volumes:
- name: cert
secret:
defaultMode: 420
secretName: webhook-server-secret
---
apiVersion: v1
kind: Secret
metadata:
name: webhook-server-secret
namespace: elastic-system
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: elastic-operator
namespace: elastic-system
---
在kubernetes集群中部署ElasticSearch集群--ECK的更多相关文章
- Kubernetes+Flannel 环境中部署HBase集群
2015-12-14注:加入新节点不更改运行节点参数需求已满足,将在后续文章中陆续总结. 注:目前方案不满足加入新节点(master节点或regionserver节点)而不更改已运行节点的参数的需求, ...
- docker swarm英文文档学习-8-在集群中部署服务
Deploy services to a swarm在集群中部署服务 集群服务使用声明式模型,这意味着你需要定义服务的所需状态,并依赖Docker来维护该状态.该状态包括以下信息(但不限于): 应该运 ...
- 在 Kubernetes 中部署 Redis 集群
在 Kubernetes 中部署 Redis 集群 在Kubernetes中部署Redis集群面临挑战,因为每个 Redis 实例都依赖于一个配置文件,该文件可以跟踪其他集群实例及其角色.为此,我们需 ...
- 日志分析系统 - k8s部署ElasticSearch集群
K8s部署ElasticSearch集群 1.前提准备工作 1.1 创建elastic的命名空间 namespace编排文件如下: elastic.namespace.yaml --- apiVers ...
- Docker部署Elasticsearch集群
http://blog.sina.com.cn/s/blog_8ea8e9d50102wwik.html Docker部署Elasticsearch集群 参考文档: https://hub.docke ...
- 终于解决 k8s 集群中部署 nodelocaldns 的问题
自从开始在 kubernetes 集群中部署 nodelocaldns 以提高 dns 解析性能以来,一直被一个问题困扰,只要一部署 nodelocaldns ,在 coredns 中添加的 rewr ...
- Centos8 部署 ElasticSearch 集群并搭建 ELK,基于Logstash同步MySQL数据到ElasticSearch
Centos8安装Docker 1.更新一下yum [root@VM-24-9-centos ~]# yum -y update 2.安装containerd.io # centos8默认使用podm ...
- Centos8 Docker部署ElasticSearch集群
ELK部署 部署ElasticSearch集群 1.拉取镜像及批量生成配置文件 # 拉取镜像 [root@VM-24-9-centos ~]# docker pull elasticsearch:7. ...
- k8s集群中部署prometheus server
1.概述 本文档主要介绍如何在k8s集群中部署prometheus server用来作为监控的数据采集服务器,这样做可以很方便的对k8s集群中的指标.pod的.节点的指标进行采集和监控. 2.下载镜像 ...
随机推荐
- Ansible之playbook的使用
playbook介绍 一. 为什么引入playbook 我们完成一个任务,例如安装部署一个httpd服务,我们需要多个模块(一个模块也可以称之为task)提供功能来完成.而playbook就是组织多个 ...
- ORM之Dapper
ORM之Dapper 一.下载安装: nuget 搜索dapper安装 二.使用: 三.优缺点: 优点: 1.开源.轻量.单文件(代码就一个SqlMapper.cs文件,编译后就40K的一个很小的Dl ...
- Spring JDBC最佳实践(2)
原文地址:https://my.oschina.net/u/218421/blog/38576 使用DataSourceUtils进行Connection的管理由上节代码可知,JdbcTemplate ...
- 前端与算法 leetcode 242. 有效的字母异位词
目录 # 前端与算法 leetcode 242. 有效的字母异位词 题目描述 概要 提示 解析 解法一:哈希表 解法二:数组判断字符出现次数 解法三:转换字符串 算法 传入测试用例的运行结果 执行结果 ...
- 【C++】C++中基类的析构函数为什么要用virtual虚析构函数?
正面回答: 当基类的析构函数不是虚函数,并且基类指针指向一个派生类对象,然后通过基类指针来删除这个派生类对象时,如果基类的析构函数不是虚析构函数,那么派生类的析构函数就不会被调用,从而产生内存泄漏 # ...
- 032 搭建搜索微服务01----向ElasticSearch中导入数据--通过Feign实现微服务之间的相互调用
1.创建搜索服务 创建module: Pom文件: <?xml version="1.0" encoding="UTF-8"?> <proje ...
- [转帖]Kubernetes v1.17 版本解读 | 云原生生态周报 Vol. 31
Kubernetes v1.17 版本解读 | 云原生生态周报 Vol. 31 https://www.kubernetes.org.cn/6252.html 2019-12-13 11:59 ali ...
- C基本语法
分号 ; 在C程序中,分好是语句结束符,每个语句必须以分好结束,它表明一个逻辑实体的结束 例如: printf("Hello, World! \n"); ; 注释 // 单行注释 ...
- setInterval的使用
可以通过设置标识,判断方法是否执行完 var interval = setInterval(function () { if( flag > 0 ){ clearInterval(interva ...
- python解决使用镜像源来安装包
一.问题在进行python包安装的时候出现一个问题就是无法进行安装,且出现了如下的错误 报错代码 Retrying (Retry(total=4, connect=None, read=None, r ...