Created
August 30, 2021 16:18
-
-
Save gschanuel/61338ea74920c9f36ea1830fa6eae4ea to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| elasticsearchHosts: "https://logsys-ingest.elasticsearch:9200" | |
| replicas: 2 | |
| # Extra environment variables to append to this nodeGroup | |
| # This will be appended to the current 'env:' key. You can use any of the kubernetes env | |
| # syntax here | |
| extraEnvs: | |
| - name: "NODE_OPTIONS" | |
| # value: "--max-old-space-size=1800" | |
| - name: 'ELASTICSEARCH_USERNAME' | |
| valueFrom: | |
| secretKeyRef: | |
| name: elastic-credentials | |
| key: username | |
| - name: 'ELASTICSEARCH_PASSWORD' | |
| valueFrom: | |
| secretKeyRef: | |
| name: elastic-credentials | |
| key: password | |
| - name: 'KIBANA_ENCRYPTION_KEY' | |
| valueFrom: | |
| secretKeyRef: | |
| name: kibana | |
| key: encryptionkey | |
| # - name: MY_ENVIRONMENT_VAR | |
| # value: the_value_goes_here | |
| # Allows you to load environment variables from kubernetes secret or config map | |
| envFrom: [] | |
| # - secretRef: | |
| # name: env-secret | |
| # - configMapRef: | |
| # name: config-map | |
| # A list of secrets and their paths to mount inside the pod | |
| # This is useful for mounting certificates for security and for mounting | |
| # the X-Pack license | |
| secretMounts: | |
| - name: elastic-certificate-pem | |
| secretName: elastic-certificate-pem | |
| path: /usr/share/kibana/config/certs | |
| # - name: kibana-keystore | |
| # secretName: kibana-keystore | |
| # path: /usr/share/kibana/data/kibana.keystore | |
| # subPath: kibana.keystore # optional | |
| hostAliases: [] | |
| #- ip: "127.0.0.1" | |
| # hostnames: | |
| # - "foo.local" | |
| # - "bar.local" | |
| image: "docker.elastic.co/kibana/kibana" | |
| imagePullPolicy: "Always" | |
| # additionals labels | |
| labels: {} | |
| podAnnotations: {} | |
| # iam.amazonaws.com/role: es-cluster | |
| resources: | |
| requests: | |
| cpu: "1000m" | |
| memory: "1Gi" | |
| limits: | |
| cpu: "2" | |
| memory: "2Gi" | |
| protocol: http | |
| serverHost: "0.0.0.0" | |
| healthCheckPath: "/app/kibana" | |
| # Allows you to add any config files in /usr/share/kibana/config/ | |
| # such as kibana.yml | |
| kibanaConfig: | |
| kibana.yml: | | |
| #server.ssl: | |
| # enabled: true | |
| # key: /usr/share/kibana/config/certs/elastic-certificate.pem | |
| # certificate: /usr/share/kibana/config/certs/elastic-certificate.pem | |
| xpack.security.encryptionKey: ${KIBANA_ENCRYPTION_KEY} | |
| xpack.encryptedSavedObjects.encryptionKey: ${KIBANA_ENCRYPTION_KEY} | |
| elasticsearch.ssl: | |
| certificateAuthorities: /usr/share/kibana/config/certs/elastic-certificate.pem | |
| verificationMode: certificate | |
| # If Pod Security Policy in use it may be required to specify security context as well as service account | |
| podSecurityContext: | |
| fsGroup: 1000 | |
| securityContext: | |
| capabilities: | |
| drop: | |
| - ALL | |
| # readOnlyRootFilesystem: true | |
| runAsNonRoot: true | |
| runAsUser: 1000 | |
| serviceAccount: "" | |
| # This is the PriorityClass settings as defined in | |
| # https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass | |
| priorityClassName: "" | |
| httpPort: 5601 | |
| extraContainers: "" | |
| # - name: dummy-init | |
| # image: busybox | |
| # command: ['echo', 'hey'] | |
| extraInitContainers: "" | |
| # - name: dummy-init | |
| # image: busybox | |
| # command: ['echo', 'hey'] | |
| updateStrategy: | |
| type: "Recreate" | |
| service: | |
| type: ClusterIP | |
| loadBalancerIP: "" | |
| port: 5601 | |
| nodePort: "" | |
| labels: {} | |
| annotations: {} | |
| # cloud.google.com/load-balancer-type: "Internal" | |
| # service.beta.kubernetes.io/aws-load-balancer-internal: 0.0.0.0/0 | |
| # service.beta.kubernetes.io/azure-load-balancer-internal: "true" | |
| # service.beta.kubernetes.io/openstack-internal-load-balancer: "true" | |
| # service.beta.kubernetes.io/cce-load-balancer-internal-vpc: "true" | |
| loadBalancerSourceRanges: [] | |
| # 0.0.0.0/0 | |
| httpPortName: http | |
| ingress: | |
| enabled: true | |
| annotations: | |
| kubernetes.io/ingress.class: nginx | |
| kubernetes.io/tls-acme: "true" | |
| #nginx.ingress.kubernetes.io/proxy-ssl-verify: "false" | |
| #nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" | |
| nginx.ingress.kubernetes.io/proxy-body-size: 1G | |
| hosts: | |
| - host: kibana.mydomain.com | |
| paths: | |
| - path: / | |
| tls: | |
| - secretName: kibana-tls | |
| hosts: | |
| - kibana.mydomain.com | |
| readinessProbe: | |
| failureThreshold: 3 | |
| initialDelaySeconds: 10 | |
| periodSeconds: 10 | |
| successThreshold: 3 | |
| timeoutSeconds: 5 | |
| imagePullSecrets: [] | |
| nodeSelector: {} | |
| tolerations: [] | |
| affinity: {} | |
| nameOverride: "" | |
| fullnameOverride: "" | |
| lifecycle: {} | |
| # preStop: | |
| # exec: | |
| # command: ["/bin/sh", "-c", "echo Hello from the postStart handler > /usr/share/message"] | |
| # postStart: | |
| # exec: | |
| # command: ["/bin/sh", "-c", "echo Hello from the postStart handler > /usr/share/message"] | |
| # Deprecated - use only with versions < 6.6 | |
| elasticsearchURL: "" # "http://elasticsearch-master:9200" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment