e857363b by Adam Heath

A bunch more stuff.

1 parent 08391463
environments:
default:
values:
- namespace: eck-system
namePrefix: ""
zookeeper:
operator:
install: false
use: true
---
releases:
- name: elasticsearch-operator
chart: .
namespace: {{ .Values.namespace }}
values:
- set-common-values.yaml.gotmpl
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- https://download.elastic.co/downloads/eck/2.2.0/crds.yaml
- https://download.elastic.co/downloads/eck/2.2.0/operator.yaml
patchesStrategicMerge:
- patches-delete-namespace.yaml
apiVersion: v1
kind: Namespace
metadata:
name: elastic-system
labels:
name: elastic-system
$patch: delete
---
namePrefix: {{ .Values.namePrefix }}
namespace: {{ .Values.namespace }}
Jivubs0Blabim)
\ No newline at end of file
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
generatorOptions:
disableNameSuffixHash: true
secretGenerator:
- name: elasticsearch-passwords
files:
- elastic=./elastic-password.txt
apiVersion: elasticsearch.k8s.elastic.co/v1
kind: Elasticsearch
metadata:
name: fluentd
spec:
version: 8.2.3
nodeSets:
- name: default
count: 2
config:
node.store.allow_mmap: false
---
apiVersion: kibana.k8s.elastic.co/v1
kind: Kibana
metadata:
name: fluentd
spec:
version: 8.2.3
count: 1
elasticsearchRef:
name: fluentd
---
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./eck-cluster.yaml
- ./virtual-service.yaml
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: kibana
spec:
hosts:
- "kibana-logging.local"
gateways:
- default/cluster-local-gateway
http:
- match:
- uri:
prefix: /
route:
- destination:
port:
number: 5601
host: fluentd-kb-http.logging.svc.cluster.local
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: fluentd
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: fluentd
rules:
- apiGroups:
- ""
resources:
- pods
- namespaces
verbs:
- get
- list
- watch
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: fluentd
roleRef:
kind: ClusterRole
name: fluentd
apiGroup: rbac.authorization.k8s.io
subjects:
- kind: ServiceAccount
name: fluentd
namespace: logging
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: fluentd
namespace: logging
labels:
k8s-app: fluentd-logging
version: v1
spec:
selector:
matchLabels:
k8s-app: fluentd-logging
version: v1
template:
metadata:
labels:
k8s-app: fluentd-logging
version: v1
spec:
serviceAccount: fluentd
serviceAccountName: fluentd
tolerations:
- key: node-role.kubernetes.io/master
value: "true"
effect: "NoSchedule"
containers:
- name: fluentd
image: fluent/fluentd-kubernetes-daemonset:v1-debian-elasticsearch
env:
- name: FLUENT_ELASTICSEARCH_HOST
value: "fluentd-es-http"
- name: FLUENT_ELASTICSEARCH_PORT
value: "9200"
- name: FLUENT_ELASTICSEARCH_SCHEME
value: "https"
# Option to configure elasticsearch plugin with self signed certs
# ================================================================
- name: FLUENT_ELASTICSEARCH_SSL_VERIFY
value: "false"
# Option to configure elasticsearch plugin with tls
# ================================================================
- name: FLUENT_ELASTICSEARCH_SSL_VERSION
value: "TLSv1_2"
# X-Pack Authentication
# =====================
- name: FLUENT_ELASTICSEARCH_ENABLE_ILM
value: "false"
- name: FLUENT_ELASTICSEARCH_USER
value: "elastic"
- name: FLUENT_ELASTICSEARCH_PASSWORD
valueFrom:
secretKeyRef:
name: fluentd-es-elastic-user
key: elastic
- name: FLUENTD_SYSTEMD_CONF
value: disable
- name: FLUENT_CONTAINER_TAIL_EXCLUDE_PATH
value: /var/log/containers/fluent*
- name: FLUENT_CONTAINER_TAIL_PARSER_TYPE
value: /^(?<time>.+) (?<stream>stdout|stderr)( (?<logtag>.))? (?<log>.*)$/
- name: FLUENT_ELASTICSEARCH_RELOAD_CONNECTIONS
value: "false"
- name: FLUENT_ELASTICSEARCH_INDEX_NAME
value: fluentd
resources:
limits:
memory: 2Gi
requests:
cpu: 200m
memory: 2Gi
volumeMounts:
- name: varlog
mountPath: /var/log
# When actual pod logs in /var/lib/docker/containers, the following lines should be used.
# - name: dockercontainerlogdirectory
# mountPath: /var/lib/docker/containers
# readOnly: true
# When actual pod logs in /var/log/pods, the following lines should be used.
- name: dockercontainerlogdirectory
mountPath: /var/log/pods
readOnly: true
terminationGracePeriodSeconds: 30
volumes:
- name: varlog
hostPath:
path: /var/log
# When actual pod logs in /var/lib/docker/containers, the following lines should be used.
# - name: dockercontainerlogdirectory
# hostPath:
# path: /var/lib/docker/containers
# When actual pod logs in /var/log/pods, the following lines should be used.
- name: dockercontainerlogdirectory
hostPath:
path: /var/log/pods
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./fluentd-daemonset-elasticsearch-rbac.yaml
environments:
default:
values:
- namespace: logging
namePrefix: ""
kibana:
oauth:
enabled: false
authUrl: ""
tokenUrl: ""
userinfoUrl: ""
clientId: ""
clientSecret: ""
virtualService:
enabled: true
jsonPatches: []
strategicMergePatches: []
gateways:
- default/cluster-local-gateway
vhost: kibana-logging.local
repositories:
---
releases:
- name: fluentd-eck
chart: ./charts/eck
namespace: {{ .Values.namespace }}
values:
- set-common-values.yaml.gotmpl
jsonPatches:
{{- if .Values.kibana.virtualService.enabled }}
- target:
kind: VirtualService
name: {{ .Values.namePrefix }}kibana
namespace: {{ .Values.namespace }}
version: v1beta3
group: networking.istio.io
patch:
- op: replace
path: /spec/http/0/route/0/destination/host
value: {{ .Values.namePrefix }}kibana
{{- end }}
{{- if not (empty (.Values.kibana.virtualService.jsonPatches)) }}
{{- .Values.kibana.virtualService.jsonPatches | toYaml | indent 6 }}
{{- end }}
strategicMergePatches:
- apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: {{ .Values.namePrefix }}kibana
namespace: {{ .Values.namespace }}
{{- if .Values.kibana.virtualService.enabled }}
spec:
hosts:
- {{ .Values.kibana.virtualService.vhost }}
gateways:
{{- range $gateway_index, $gateway := .Values.kibana.virtualService.gateways }}
- {{ $gateway | quote }}
{{- end }}
{{- else }}
$patch: delete
{{- end }}
- name: fluentd
chart: ./charts/fluentd
namespace: {{ .Values.namespace }}
values:
- set-common-values.yaml.gotmpl
namePrefix: {{ .Values.namePrefix }}
namespace: {{ .Values.namespace }}
environments:
default:
values:
- namespace: kube-system
namePrefix: ""
zookeeper:
operator:
install: false
use: true
repositories:
- name: apache-solr
url: https://solr.apache.org/charts
---
releases:
- name: solr-operator
chart: apache-solr/solr-operator
namespace: {{ .Values.namespace }}
version: 0.5.1
values:
- set-common-values.yaml.gotmpl
- zookeeper-operator:
install: {{ .Values.zookeeper.operator.install }}
use: {{ .Values.zookeeper.operator.use }}
namePrefix: {{ .Values.namePrefix }}
namespace: {{ .Values.namespace }}
environments:
default:
values:
- namespace: kube-system
namePrefix: ""
repositories:
- name: pravega
url: https://charts.pravega.io
---
releases:
- name: zookeeper-operator
chart: pravega/zookeeper-operator
namespace: {{ .Values.namespace }}
version: 0.2.14
values:
- set-common-values.yaml.gotmpl
namePrefix: {{ .Values.namePrefix }}
namespace: {{ .Values.namespace }}