Home Explore Help
Register Sign In
lcy
/
truenas
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 4d80c5ac5c
Branches Tags
truenas
/
charts
/
elastic-search
/
1.0.27
/
templates
/
_es.tpl

_es.tpl 4.2 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120 
  1. {{- define "es.workload" -}}
    2. 

  2. workload:
    3. 

  3.   es:
    4. 

  4.     enabled: true
    5. 

  5.     primary: true
    6. 

  6.     type: Deployment
    7. 

  7.     podSpec:
    8. 

  8.       hostNetwork: {{ .Values.esNetwork.hostNetwork }}
    9. 

  9.       containers:
    10. 

  10.         es:
    11. 

  11.           enabled: true
    12. 

  12.           primary: true
    13. 

  13.           imageSelector: image
    14. 

  14.           securityContext:
    15. 

  15.             runAsUser: {{ .Values.esRunAs.user }}
    16. 

  16.             runAsGroup: {{ .Values.esRunAs.group }}
    17. 

  17.             readOnlyRootFilesystem: false
    18. 

  18.           env:
    19. 

  19.             {{/* https://www.elastic.co/guide/en/elasticsearch/reference/master/docker.html#docker-configuration-methods */}}
    20. 

  20.             ES_HEAP_SIZE: {{ .Values.esConfig.heapSize }}
    21. 

  21.             ELASTIC_PASSWORD: {{ .Values.esConfig.password }}
    22. 

  22.             ES_SETTING_HTTP_PORT: {{ .Values.esNetwork.httpPort }}
    23. 

  23.             ES_SETTING_NODE_NAME: {{ .Values.esConfig.nodeName }}
    24. 

  24.             ES_SETTING_DISCOVERY_TYPE: single-node
    25. 

  25.             ES_SETTING_XPACK_SECURITY_ENABLED: true
    26. 

  26.             {{/* Transport is not used on single nodes */}}
    27. 

  27.             ES_SETTING_XPACK_SECURITY_TRANSPORT_SSL_ENABLED: false
    28. 

  28.             {{ if .Values.esNetwork.certificateID }}
    29. 

  29.             ES_SETTING_XPACK_SECURITY_HTTP_SSL_ENABLED: true
    30. 

  30.             ES_SETTING_XPACK_SECURITY_HTTP_SSL_KEY: /usr/share/elasticsearch/config/certs/tls.key
    31. 

  31.             ES_SETTING_XPACK_SECURITY_HTTP_SSL_CERTIFICATE: /usr/share/elasticsearch/config/certs/tls.crt
    32. 

  32.             ES_SETTING_XPACK_SECURITY_HTTP_SSL_CERTIFICATE__AUTHORITIES: /usr/share/elasticsearch/config/certs/ca.crt
    33. 

  33.             {{ end }}
    34. 

  34.           {{ with .Values.esConfig.additionalEnvs }}
    35. 

  35.           envList:
    36. 

  36.             {{ range $env := . }}
    37. 

  37.             - name: {{ $env.name }}
    38. 

  38.               value: {{ $env.value }}
    39. 

  39.             {{ end }}
    40. 

  40.           {{ end }}
    41. 

  41.           probes:
    42. 

  42.             liveness:
    43. 

  43.               enabled: true
    44. 

  44.               type: {{ include "es.schema" . }}
    45. 

  45.               path: /_cluster/health?local=true
    46. 

  46.               port: {{ .Values.esNetwork.httpPort }}
    47. 

  47.               httpHeaders:
    48. 

  48.                 Authorization: Basic {{ printf "elastic:%s" .Values.esConfig.password | b64enc }}
    49. 

  49.             readiness:
    50. 

  50.               enabled: true
    51. 

  51.               type: {{ include "es.schema" . }}
    52. 

  52.               path: /_cluster/health?local=true
    53. 

  53.               port: {{ .Values.esNetwork.httpPort }}
    54. 

  54.               httpHeaders:
    55. 

  55.                 Authorization: Basic {{ printf "elastic:%s" .Values.esConfig.password | b64enc }}
    56. 

  56.             startup:
    57. 

  57.               enabled: true
    58. 

  58.               type: {{ include "es.schema" . }}
    59. 

  59.               path: /_cluster/health?local=true
    60. 

  60.               port: {{ .Values.esNetwork.httpPort }}
    61. 

  61.               httpHeaders:
    62. 

  62.                 Authorization: Basic {{ printf "elastic:%s" .Values.esConfig.password | b64enc }}
    63. 

  63.       initContainers:
    64. 

  64.       {{- include "ix.v1.common.app.permissions" (dict "containerName" "01-permissions"
    65. 

  65.                                                         "UID" .Values.esRunAs.user
    66. 

  66.                                                         "GID" .Values.esRunAs.group
    67. 

  67.                                                         "type" "install") | nindent 8 }}
    68. 

  68. {{/* Service */}}
    69. 

  69. service:
    70. 

  70.   es:
    71. 

  71.     enabled: true
    72. 

  72.     primary: true
    73. 

  73.     type: NodePort
    74. 

  74.     targetSelector: es
    75. 

  75.     ports:
    76. 

  76.       http:
    77. 

  77.         enabled: true
    78. 

  78.         primary: true
    79. 

  79.         port: {{ .Values.esNetwork.httpPort }}
    80. 

  80.         nodePort: {{ .Values.esNetwork.httpPort }}
    81. 

  81.         targetSelector: es
    82. 

  82. 

  83. {{/* Persistence */}}
    84. 

  84. persistence:
    85. 

  85.   data:
    86. 

  86.     enabled: true
    87. 

  87.     type: {{ .Values.esStorage.data.type }}
    88. 

  88.     datasetName: {{ .Values.esStorage.data.datasetName | default "" }}
    89. 

  89.     hostPath: {{ .Values.esStorage.data.hostPath | default "" }}
    90. 

  90.     targetSelector:
    91. 

  91.       es:
    92. 

  92.         es:
    93. 

  93.           mountPath: /usr/share/elasticsearch/data
    94. 

  94.         01-permissions:
    95. 

  95.           mountPath: /mnt/directories/data
    96. 

  96.   {{- if .Values.esNetwork.certificateID }}
    97. 

  97.   certs:
    98. 

  98.     enabled: true
    99. 

  99.     type: secret
    100. 

  100.     objectName: es-cert
    101. 

  101.     defaultMode: "0600"
    102. 

  102.     items:
    103. 

  103.       - key: tls.key
    104. 

  104.         path: tls.key
    105. 

  105.       - key: tls.crt
    106. 

  106.         path: tls.crt
    107. 

  107.       - key: tls.crt
    108. 

  108.         path: ca.crt
    109. 

  109.     targetSelector:
    110. 

  110.       es:
    111. 

  111.         es:
    112. 

  112.           mountPath: /usr/share/elasticsearch/config/certs
    113. 

  113.           readOnly: true
    114. 

  114. 

  115. scaleCertificate:
    116. 

  116.   es-cert:
    117. 

  117.     enabled: true
    118. 

  118.     id: {{ .Values.esNetwork.certificateID }}
    119. 

  119.     {{- end -}}
    120. 

  120. {{- end -}}
    121.