Created
January 11, 2019 21:28
-
-
Save timfpark/19db8d2ef27425ebfd37a7977e883f0b to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| apiVersion: v1 | |
| data: | |
| elasticsearch.yml: |- | |
| cluster.name: elasticsearch | |
| node.data: ${NODE_DATA:true} | |
| node.master: ${NODE_MASTER:true} | |
| node.ingest: ${NODE_INGEST:true} | |
| node.name: ${HOSTNAME} | |
| network.host: 0.0.0.0 | |
| # see https://github.com/kubernetes/kubernetes/issues/3595 | |
| bootstrap.memory_lock: ${BOOTSTRAP_MEMORY_LOCK:false} | |
| discovery: | |
| zen: | |
| ping.unicast.hosts: ${DISCOVERY_SERVICE:} | |
| minimum_master_nodes: ${MINIMUM_MASTER_NODES:2} | |
| # see https://github.com/elastic/elasticsearch-definitive-guide/pull/679 | |
| processors: ${PROCESSORS:} | |
| # avoid split-brain w/ a minimum consensus of two masters plus a data node | |
| gateway.expected_master_nodes: ${EXPECTED_MASTER_NODES:2} | |
| gateway.expected_data_nodes: ${EXPECTED_DATA_NODES:1} | |
| gateway.recover_after_time: ${RECOVER_AFTER_TIME:5m} | |
| gateway.recover_after_master_nodes: ${RECOVER_AFTER_MASTER_NODES:2} | |
| gateway.recover_after_data_nodes: ${RECOVER_AFTER_DATA_NODES:1} | |
| log4j2.properties: |- | |
| status = error | |
| appender.console.type = Console | |
| appender.console.name = console | |
| appender.console.layout.type = PatternLayout | |
| appender.console.layout.pattern = [%d{ISO8601}][%-5p][%-25c{1.}] %marker%m%n | |
| rootLogger.level = info | |
| rootLogger.appenderRef.console.ref = console | |
| logger.searchguard.name = com.floragunn | |
| logger.searchguard.level = info | |
| post-start-hook.sh: |- | |
| #!/bin/bash | |
| exec &> >(tee -a "/var/log/elasticsearch-hooks.log") | |
| NODE_NAME=${HOSTNAME} | |
| CLUSTER_SETTINGS=$(curl -s -XGET "http://elasticsearch-client:9200/_cluster/settings") | |
| if echo "${CLUSTER_SETTINGS}" | grep -E "${NODE_NAME}"; then | |
| echo "Activate node ${NODE_NAME}" | |
| curl -s -XPUT -H 'Content-Type: application/json' "http://elasticsearch-client:9200/_cluster/settings" -d "{ | |
| \"transient\" :{ | |
| \"cluster.routing.allocation.exclude._name\" : null | |
| } | |
| }" | |
| fi | |
| echo "Node ${NODE_NAME} is ready to be used" | |
| pre-stop-hook.sh: |- | |
| #!/bin/bash | |
| exec &> >(tee -a "/var/log/elasticsearch-hooks.log") | |
| NODE_NAME=${HOSTNAME} | |
| echo "Prepare to migrate data of the node ${NODE_NAME}" | |
| echo "Move all data from node ${NODE_NAME}" | |
| curl -s -XPUT -H 'Content-Type: application/json' 'elasticsearch-client:9200/_cluster/settings' -d "{ | |
| \"transient\" :{ | |
| \"cluster.routing.allocation.exclude._name\" : \"${NODE_NAME}\" | |
| } | |
| }" | |
| echo "" | |
| while true ; do | |
| echo -e "Wait for node ${NODE_NAME} to become empty" | |
| SHARDS_ALLOCATION=$(curl -s -XGET 'http://elasticsearch-client:9200/_cat/shards') | |
| if ! echo "${SHARDS_ALLOCATION}" | grep -E "${NODE_NAME}"; then | |
| break | |
| fi | |
| sleep 1 | |
| done | |
| echo "Node ${NODE_NAME} is ready to shutdown" | |
| kind: ConfigMap | |
| metadata: | |
| labels: | |
| app: elasticsearch | |
| chart: elasticsearch-1.17.0 | |
| heritage: Tiller | |
| release: elasticsearch | |
| name: elasticsearch | |
| namespace: elasticsearch | |
| --- | |
| apiVersion: v1 | |
| kind: ServiceAccount | |
| metadata: | |
| labels: | |
| app: elasticsearch | |
| chart: elasticsearch-1.17.0 | |
| component: client | |
| heritage: Tiller | |
| release: elasticsearch | |
| name: elasticsearch-client | |
| namespace: elasticsearch | |
| --- | |
| apiVersion: v1 | |
| kind: ServiceAccount | |
| metadata: | |
| labels: | |
| app: elasticsearch | |
| chart: elasticsearch-1.17.0 | |
| component: data | |
| heritage: Tiller | |
| release: elasticsearch | |
| name: elasticsearch-data | |
| namespace: elasticsearch | |
| --- | |
| apiVersion: v1 | |
| kind: ServiceAccount | |
| metadata: | |
| labels: | |
| app: elasticsearch | |
| chart: elasticsearch-1.17.0 | |
| component: master | |
| heritage: Tiller | |
| release: elasticsearch | |
| name: elasticsearch-master | |
| namespace: elasticsearch | |
| --- | |
| apiVersion: v1 | |
| kind: Service | |
| metadata: | |
| labels: | |
| app: elasticsearch | |
| chart: elasticsearch-1.17.0 | |
| component: client | |
| heritage: Tiller | |
| release: elasticsearch | |
| name: elasticsearch-client | |
| namespace: elasticsearch | |
| spec: | |
| ports: | |
| - name: http | |
| port: 9200 | |
| targetPort: http | |
| selector: | |
| app: elasticsearch | |
| component: client | |
| release: elasticsearch | |
| type: ClusterIP | |
| --- | |
| apiVersion: v1 | |
| kind: Service | |
| metadata: | |
| labels: | |
| app: elasticsearch | |
| chart: elasticsearch-1.17.0 | |
| component: master | |
| heritage: Tiller | |
| release: elasticsearch | |
| name: elasticsearch-discovery | |
| namespace: elasticsearch | |
| spec: | |
| clusterIP: None | |
| ports: | |
| - port: 9300 | |
| targetPort: transport | |
| selector: | |
| app: elasticsearch | |
| component: master | |
| release: elasticsearch | |
| --- | |
| apiVersion: apps/v1beta1 | |
| kind: Deployment | |
| metadata: | |
| labels: | |
| app: elasticsearch | |
| chart: elasticsearch-1.17.0 | |
| component: client | |
| heritage: Tiller | |
| release: elasticsearch | |
| name: elasticsearch-client | |
| namespace: elasticsearch | |
| spec: | |
| replicas: 2 | |
| template: | |
| metadata: | |
| labels: | |
| app: elasticsearch | |
| component: client | |
| release: elasticsearch | |
| spec: | |
| affinity: | |
| podAntiAffinity: | |
| preferredDuringSchedulingIgnoredDuringExecution: | |
| - podAffinityTerm: | |
| labelSelector: | |
| matchLabels: | |
| app: elasticsearch | |
| component: client | |
| release: elasticsearch | |
| topologyKey: kubernetes.io/hostname | |
| weight: 1 | |
| containers: | |
| - env: | |
| - name: NODE_DATA | |
| value: "false" | |
| - name: NODE_MASTER | |
| value: "false" | |
| - name: DISCOVERY_SERVICE | |
| value: elasticsearch-discovery | |
| - name: PROCESSORS | |
| valueFrom: | |
| resourceFieldRef: | |
| resource: limits.cpu | |
| - name: ES_JAVA_OPTS | |
| value: '-Djava.net.preferIPv4Stack=true -Xms512m -Xmx512m ' | |
| - name: MINIMUM_MASTER_NODES | |
| value: "2" | |
| image: docker.elastic.co/elasticsearch/elasticsearch-oss:6.5.4 | |
| imagePullPolicy: IfNotPresent | |
| livenessProbe: | |
| httpGet: | |
| path: /_cluster/health?local=true | |
| port: 9200 | |
| initialDelaySeconds: 90 | |
| name: elasticsearch | |
| ports: | |
| - containerPort: 9200 | |
| name: http | |
| - containerPort: 9300 | |
| name: transport | |
| readinessProbe: | |
| httpGet: | |
| path: /_cluster/health | |
| port: 9200 | |
| initialDelaySeconds: 5 | |
| resources: | |
| limits: | |
| cpu: "1" | |
| requests: | |
| cpu: 25m | |
| memory: 512Mi | |
| volumeMounts: | |
| - mountPath: /usr/share/elasticsearch/config/elasticsearch.yml | |
| name: config | |
| subPath: elasticsearch.yml | |
| initContainers: | |
| - command: | |
| - sysctl | |
| - -w | |
| - vm.max_map_count=262144 | |
| image: busybox:latest | |
| imagePullPolicy: Always | |
| name: sysctl | |
| resources: {} | |
| securityContext: | |
| privileged: true | |
| securityContext: | |
| fsGroup: 1000 | |
| serviceAccountName: elasticsearch-client | |
| volumes: | |
| - configMap: | |
| name: elasticsearch | |
| name: config | |
| --- | |
| apiVersion: apps/v1beta1 | |
| kind: StatefulSet | |
| metadata: | |
| labels: | |
| app: elasticsearch | |
| chart: elasticsearch-1.17.0 | |
| component: data | |
| heritage: Tiller | |
| release: elasticsearch | |
| name: elasticsearch-data | |
| namespace: elasticsearch | |
| spec: | |
| replicas: 2 | |
| serviceName: elasticsearch-data | |
| template: | |
| metadata: | |
| labels: | |
| app: elasticsearch | |
| component: data | |
| release: elasticsearch | |
| role: data | |
| spec: | |
| affinity: | |
| podAntiAffinity: | |
| preferredDuringSchedulingIgnoredDuringExecution: | |
| - podAffinityTerm: | |
| labelSelector: | |
| matchLabels: | |
| app: elasticsearch | |
| component: data | |
| release: elasticsearch | |
| topologyKey: kubernetes.io/hostname | |
| weight: 1 | |
| containers: | |
| - env: | |
| - name: DISCOVERY_SERVICE | |
| value: elasticsearch-discovery | |
| - name: NODE_MASTER | |
| value: "false" | |
| - name: PROCESSORS | |
| valueFrom: | |
| resourceFieldRef: | |
| resource: limits.cpu | |
| - name: ES_JAVA_OPTS | |
| value: '-Djava.net.preferIPv4Stack=true -Xms1536m -Xmx1536m ' | |
| - name: MINIMUM_MASTER_NODES | |
| value: "2" | |
| image: docker.elastic.co/elasticsearch/elasticsearch-oss:6.5.4 | |
| imagePullPolicy: IfNotPresent | |
| lifecycle: | |
| postStart: | |
| exec: | |
| command: | |
| - /bin/bash | |
| - /post-start-hook.sh | |
| preStop: | |
| exec: | |
| command: | |
| - /bin/bash | |
| - /pre-stop-hook.sh | |
| name: elasticsearch | |
| ports: | |
| - containerPort: 9300 | |
| name: transport | |
| readinessProbe: | |
| httpGet: | |
| path: /_cluster/health?local=true | |
| port: 9200 | |
| initialDelaySeconds: 5 | |
| resources: | |
| limits: | |
| cpu: "1" | |
| requests: | |
| cpu: 25m | |
| memory: 1536Mi | |
| volumeMounts: | |
| - mountPath: /usr/share/elasticsearch/data | |
| name: data | |
| - mountPath: /usr/share/elasticsearch/config/elasticsearch.yml | |
| name: config | |
| subPath: elasticsearch.yml | |
| - mountPath: /pre-stop-hook.sh | |
| name: config | |
| subPath: pre-stop-hook.sh | |
| - mountPath: /post-start-hook.sh | |
| name: config | |
| subPath: post-start-hook.sh | |
| initContainers: | |
| - command: | |
| - sysctl | |
| - -w | |
| - vm.max_map_count=262144 | |
| image: busybox:latest | |
| imagePullPolicy: Always | |
| name: sysctl | |
| resources: {} | |
| securityContext: | |
| privileged: true | |
| - command: | |
| - /bin/bash | |
| - -c | |
| - | | |
| set -e; set -x; chown elasticsearch:elasticsearch /usr/share/elasticsearch/data; for datadir in $(find /usr/share/elasticsearch/data -mindepth 1 -maxdepth 1 -not -name ".snapshot"); do | |
| chown -R elasticsearch:elasticsearch $datadir; | |
| done; chown elasticsearch:elasticsearch /usr/share/elasticsearch/logs; for logfile in $(find /usr/share/elasticsearch/logs -mindepth 1 -maxdepth 1 -not -name ".snapshot"); do | |
| chown -R elasticsearch:elasticsearch $logfile; | |
| done | |
| image: docker.elastic.co/elasticsearch/elasticsearch-oss:6.5.4 | |
| imagePullPolicy: IfNotPresent | |
| name: chown | |
| resources: {} | |
| securityContext: | |
| runAsUser: 0 | |
| volumeMounts: | |
| - mountPath: /usr/share/elasticsearch/data | |
| name: data | |
| securityContext: | |
| fsGroup: 1000 | |
| serviceAccountName: elasticsearch-data | |
| terminationGracePeriodSeconds: 3600 | |
| volumes: | |
| - configMap: | |
| name: elasticsearch | |
| name: config | |
| updateStrategy: | |
| type: OnDelete | |
| volumeClaimTemplates: | |
| - metadata: | |
| name: data | |
| spec: | |
| accessModes: | |
| - ReadWriteOnce | |
| resources: | |
| requests: | |
| storage: 64Gi | |
| storageClassName: managed-premium | |
| --- | |
| apiVersion: apps/v1beta1 | |
| kind: StatefulSet | |
| metadata: | |
| labels: | |
| app: elasticsearch | |
| chart: elasticsearch-1.17.0 | |
| component: master | |
| heritage: Tiller | |
| release: elasticsearch | |
| name: elasticsearch-master | |
| namespace: elasticsearch | |
| spec: | |
| replicas: 3 | |
| serviceName: elasticsearch-master | |
| template: | |
| metadata: | |
| labels: | |
| app: elasticsearch | |
| component: master | |
| release: elasticsearch | |
| role: master | |
| spec: | |
| affinity: | |
| podAntiAffinity: | |
| preferredDuringSchedulingIgnoredDuringExecution: | |
| - podAffinityTerm: | |
| labelSelector: | |
| matchLabels: | |
| app: elasticsearch | |
| component: master | |
| release: elasticsearch | |
| topologyKey: kubernetes.io/hostname | |
| weight: 1 | |
| containers: | |
| - env: | |
| - name: NODE_DATA | |
| value: "false" | |
| - name: DISCOVERY_SERVICE | |
| value: elasticsearch-discovery | |
| - name: PROCESSORS | |
| valueFrom: | |
| resourceFieldRef: | |
| resource: limits.cpu | |
| - name: ES_JAVA_OPTS | |
| value: '-Djava.net.preferIPv4Stack=true -Xms512m -Xmx512m ' | |
| - name: MINIMUM_MASTER_NODES | |
| value: "2" | |
| image: docker.elastic.co/elasticsearch/elasticsearch-oss:6.5.4 | |
| imagePullPolicy: IfNotPresent | |
| name: elasticsearch | |
| ports: | |
| - containerPort: 9300 | |
| name: transport | |
| readinessProbe: | |
| httpGet: | |
| path: /_cluster/health?local=true | |
| port: 9200 | |
| initialDelaySeconds: 5 | |
| resources: | |
| limits: | |
| cpu: "1" | |
| requests: | |
| cpu: 25m | |
| memory: 512Mi | |
| volumeMounts: | |
| - mountPath: /usr/share/elasticsearch/data | |
| name: data | |
| - mountPath: /usr/share/elasticsearch/config/elasticsearch.yml | |
| name: config | |
| subPath: elasticsearch.yml | |
| initContainers: | |
| - command: | |
| - sysctl | |
| - -w | |
| - vm.max_map_count=262144 | |
| image: busybox:latest | |
| imagePullPolicy: Always | |
| name: sysctl | |
| resources: {} | |
| securityContext: | |
| privileged: true | |
| - command: | |
| - /bin/bash | |
| - -c | |
| - | | |
| set -e; set -x; chown elasticsearch:elasticsearch /usr/share/elasticsearch/data; for datadir in $(find /usr/share/elasticsearch/data -mindepth 1 -maxdepth 1 -not -name ".snapshot"); do | |
| chown -R elasticsearch:elasticsearch $datadir; | |
| done; chown elasticsearch:elasticsearch /usr/share/elasticsearch/logs; for logfile in $(find /usr/share/elasticsearch/logs -mindepth 1 -maxdepth 1 -not -name ".snapshot"); do | |
| chown -R elasticsearch:elasticsearch $logfile; | |
| done | |
| image: docker.elastic.co/elasticsearch/elasticsearch-oss:6.5.4 | |
| imagePullPolicy: IfNotPresent | |
| name: chown | |
| resources: {} | |
| securityContext: | |
| runAsUser: 0 | |
| volumeMounts: | |
| - mountPath: /usr/share/elasticsearch/data | |
| name: data | |
| securityContext: | |
| fsGroup: 1000 | |
| serviceAccountName: elasticsearch-master | |
| volumes: | |
| - configMap: | |
| name: elasticsearch | |
| name: config | |
| updateStrategy: | |
| type: OnDelete | |
| volumeClaimTemplates: | |
| - metadata: | |
| name: data | |
| spec: | |
| accessModes: | |
| - ReadWriteOnce | |
| resources: | |
| requests: | |
| storage: 4Gi | |
| storageClassName: managed-premium |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment