在kubernetes集群中部署ElasticSearch集群--ECK

 Elastic Cloud on Kubernetes (ECK) ---ECK是这个说法哈。

基本于k8s operator的官方实现。

URL:

https://www.elastic.co/guide/en/cloud-on-k8s/current/index.html

https://www.elastic.co/guide/en/cloud-on-k8s/current/k8s-quickstart.html

https://github.com/elastic/cloud-on-k8s

帖个yaml,了解一下资源的创建。

apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
  creationTimestamp: null
  labels:
    controller-tools.k8s.io: "1.0"
  name: apmservers.apm.k8s.elastic.co
spec:
  additionalPrinterColumns:
  - JSONPath: .status.health
    name: health
    type: string
  - JSONPath: .status.availableNodes
    description: Available nodes
    name: nodes
    type: integer
  - JSONPath: .spec.version
    description: APM version
    name: version
    type: string
  - JSONPath: .metadata.creationTimestamp
    name: age
    type: date
  group: apm.k8s.elastic.co
  names:
    categories:
    - elastic
    kind: ApmServer
    plural: apmservers
  scope: Namespaced
  subresources:
    status: {}
  validation:
    openAPIV3Schema:
      properties:
        apiVersion:
          description: 'APIVersion defines the versioned schema of this representation
            of an object. Servers should convert recognized schemas to the latest
            internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
          type: string
        kind:
          description: 'Kind is a string value representing the REST resource this
            object represents. Servers may infer this from the endpoint the client
            submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
          type: string
        metadata:
          type: object
        spec:
          properties:
            featureFlags:
              description: FeatureFlags are apm-specific flags that enable or disable
                specific experimental features
              type: object
            http:
              description: HTTP contains settings for HTTP.
              properties:
                service:
                  description: Service is a template for the Kubernetes Service
                  properties:
                    metadata:
                      description: Metadata is metadata for the HTTP Service.
                      properties:
                        annotations:
                          description: 'Annotations is an unstructured key value map
                            stored with a resource that may be set by external tools
                            to store and retrieve arbitrary metadata. They are not
                            queryable and should be preserved when modifying objects.
                            More info: http://kubernetes.io/docs/user-guide/annotations'
                          type: object
                      type: object
                    spec:
                      description: Spec contains user-provided settings for the HTTP
                        Service.
                      properties:
                        type:
                          description: 'Type determines which service type to use
                            for this workload. The options are: `ClusterIP|LoadBalancer|NodePort`.
                            Defaults to ClusterIP.'
                          enum:
                          - ClusterIP
                          - LoadBalancer
                          - NodePort
                          type: string
                      type: object
                  type: object
                tls:
                  description: TLS describe additional options to consider when generating
                    nodes TLS certificates.
                  properties:
                    selfSignedCertificate:
                      description: SelfSignedCertificate define options to apply to
                        self-signed certificate managed by the operator.
                      properties:
                        subjectAltNames:
                          description: 'SubjectAlternativeNames is a list of SANs
                            to include in the nodes certificates. For example: a wildcard
                            DNS to expose the cluster.'
                          items:
                            properties:
                              dns:
                                type: string
                              ip:
                                type: string
                            type: object
                          type: array
                      type: object
                  type: object
              type: object
            image:
              description: Image represents the docker image that will be used.
              type: string
            nodeCount:
              description: NodeCount defines how many nodes the Apm Server deployment
                must have.
              format: int32
              type: integer
            output:
              properties:
                elasticsearch:
                  description: Elasticsearch configures the Elasticsearch output
                  properties:
                    auth:
                      description: Auth configures authentication for APM Server to
                        use.
                      properties:
                        inline:
                          description: Inline is auth provided as plaintext inline
                            credentials.
                          properties:
                            password:
                              description: Password is the password to use.
                              type: string
                            username:
                              description: User is the username to use.
                              type: string
                          type: object
                        secret:
                          description: SecretKeyRef is a secret that contains the
                            credentials to use.
                          type: object
                      type: object
                    hosts:
                      description: Hosts are the URLs of the output Elasticsearch
                        nodes.
                      items:
                        type: string
                      type: array
                    ref:
                      description: ElasticsearchRef allows users to reference a Elasticsearch
                        cluster inside k8s to automatically derive the other fields.
                      properties:
                        name:
                          type: string
                        namespace:
                          type: string
                      required:
                      - name
                      type: object
                    ssl:
                      description: SSL configures TLS-related configuration for Elasticsearch
                      properties:
                        certificateAuthoritiesSecret:
                          description: CertificateAuthoritiesSecret names a secret
                            that contains a CA file entry to use.
                          type: string
                      type: object
                  type: object
              type: object
            podTemplate:
              description: PodTemplate can be used to propagate configuration to APM
                pods. So far, only labels, Affinity and `Containers["apm"].Resources.Limits`
                are applied.
              type: object
            version:
              description: Version represents the version of the APM Server
              type: string
          type: object
        status:
          properties:
            health:
              type: string
            secretTokenSecret:
              description: SecretTokenSecretName is the name of the Secret that contains
                the secret token
              type: string
            service:
              description: ExternalService is the name of the service the agents should
                connect to.
              type: string
          type: object
  version: v1alpha1
status:
  acceptedNames:
    kind: ""
    plural: ""
  conditions: []
  storedVersions: []

---

apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
  creationTimestamp: null
  labels:
    controller-tools.k8s.io: "1.0"
  name: clusterlicenses.elasticsearch.k8s.elastic.co
spec:
  group: elasticsearch.k8s.elastic.co
  names:
    kind: ClusterLicense
    plural: clusterlicenses
    shortNames:
    - cl
  scope: Namespaced
  validation:
    openAPIV3Schema:
      properties:
        apiVersion:
          description: 'APIVersion defines the versioned schema of this representation
            of an object. Servers should convert recognized schemas to the latest
            internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
          type: string
        kind:
          description: 'Kind is a string value representing the REST resource this
            object represents. Servers may infer this from the endpoint the client
            submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
          type: string
        metadata:
          type: object
        spec:
          properties:
            expiryDateInMillis:
              format: int64
              type: integer
            issueDateInMillis:
              format: int64
              type: integer
            issuedTo:
              type: string
            issuer:
              type: string
            maxNodes:
              format: int64
              type: integer
            signatureRef:
              type: object
            startDateInMillis:
              format: int64
              type: integer
            type:
              type: string
            uid:
              description: UID is the license UID not the k8s API UID (!)
              type: string
          required:
          - maxNodes
          - type
          - signatureRef
          type: object
  version: v1alpha1
status:
  acceptedNames:
    kind: ""
    plural: ""
  conditions: []
  storedVersions: []

---

apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
  creationTimestamp: null
  labels:
    controller-tools.k8s.io: "1.0"
  name: elasticsearches.elasticsearch.k8s.elastic.co
spec:
  additionalPrinterColumns:
  - JSONPath: .status.health
    name: health
    type: string
  - JSONPath: .status.availableNodes
    description: Available nodes
    name: nodes
    type: integer
  - JSONPath: .spec.version
    description: Elasticsearch version
    name: version
    type: string
  - JSONPath: .status.phase
    name: phase
    type: string
  - JSONPath: .metadata.creationTimestamp
    name: age
    type: date
  group: elasticsearch.k8s.elastic.co
  names:
    categories:
    - elastic
    kind: Elasticsearch
    plural: elasticsearches
    shortNames:
    - es
  scope: Namespaced
  subresources:
    status: {}
  validation:
    openAPIV3Schema:
      properties:
        apiVersion:
          description: 'APIVersion defines the versioned schema of this representation
            of an object. Servers should convert recognized schemas to the latest
            internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
          type: string
        kind:
          description: 'Kind is a string value representing the REST resource this
            object represents. Servers may infer this from the endpoint the client
            submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
          type: string
        metadata:
          type: object
        spec:
          properties:
            featureFlags:
              description: FeatureFlags are instance-specific flags that enable or
                disable specific experimental features
              type: object
            http:
              description: HTTP contains settings for HTTP.
              properties:
                service:
                  description: Service is a template for the Kubernetes Service
                  properties:
                    metadata:
                      description: Metadata is metadata for the HTTP Service.
                      properties:
                        annotations:
                          description: 'Annotations is an unstructured key value map
                            stored with a resource that may be set by external tools
                            to store and retrieve arbitrary metadata. They are not
                            queryable and should be preserved when modifying objects.
                            More info: http://kubernetes.io/docs/user-guide/annotations'
                          type: object
                      type: object
                    spec:
                      description: Spec contains user-provided settings for the HTTP
                        Service.
                      properties:
                        type:
                          description: 'Type determines which service type to use
                            for this workload. The options are: `ClusterIP|LoadBalancer|NodePort`.
                            Defaults to ClusterIP.'
                          enum:
                          - ClusterIP
                          - LoadBalancer
                          - NodePort
                          type: string
                      type: object
                  type: object
                tls:
                  description: TLS describe additional options to consider when generating
                    nodes TLS certificates.
                  properties:
                    selfSignedCertificate:
                      description: SelfSignedCertificate define options to apply to
                        self-signed certificate managed by the operator.
                      properties:
                        subjectAltNames:
                          description: 'SubjectAlternativeNames is a list of SANs
                            to include in the nodes certificates. For example: a wildcard
                            DNS to expose the cluster.'
                          items:
                            properties:
                              dns:
                                type: string
                              ip:
                                type: string
                            type: object
                          type: array
                      type: object
                  type: object
              type: object
            image:
              description: Image represents the docker image that will be used.
              type: string
            nodes:
              description: Nodes represents a list of groups of nodes with the same
                configuration to be part of the cluster
              items:
                properties:
                  config:
                    description: Config represents Elasticsearch configuration.
                    type: object
                  nodeCount:
                    description: NodeCount defines how many nodes have this topology
                    format: int32
                    type: integer
                  podTemplate:
                    description: PodTemplate can be used to propagate configuration
                      to Elasticsearch pods. So far, only labels, Affinity and `Containers["elasticsearch"].Resources.Limits`
                      are applied.
                    type: object
                  volumeClaimTemplates:
                    description: 'VolumeClaimTemplates is a list of claims that pods
                      are allowed to reference. Every claim in this list must have
                      at least one matching (by name) volumeMount in one container
                      in the template. A claim in this list takes precedence over
                      any volumes in the template, with the same name. TODO: Define
                      the behavior if a claim already exists with the same name. TODO:
                      define special behavior based on claim metadata.name. (e.g data
                      / logs volumes)'
                    items:
                      type: object
                    type: array
                type: object
              type: array
            secureSettings:
              description: SecureSettings reference a secret containing secure settings,
                to be injected into Elasticsearch keystore on each node. Each individual
                key/value entry in the referenced secret is considered as an individual
                secure setting to be injected. The secret must exist in the same namespace
                as the Elasticsearch resource.
              properties:
                secretName:
                  type: string
              required:
              - secretName
              type: object
            setVmMaxMapCount:
              description: SetVMMaxMapCount indicates whether an init container should
                be used to ensure that the `vm.max_map_count` is set according to
                https://www.elastic.co/guide/en/elasticsearch/reference/current/vm-max-map-count.html.
                Setting this to true requires the kubelet to allow running privileged
                containers. Defaults to true if not specified. To be disabled, it
                must be explicitly set to false.
              type: boolean
            updateStrategy:
              description: UpdateStrategy specifies how updates to the cluster should
                be performed.
              properties:
                changeBudget:
                  description: ChangeBudget is the change budget that should be used
                    when performing mutations to the cluster.
                  properties:
                    maxSurge:
                      description: 'MaxSurge is the maximum number of pods that can
                        be scheduled above the original number of pods. By default,
                        a fixed value of 1 is used. Value can be an absolute number
                        (ex: 5) or a percentage of total pods at the start of the
                        update (ex: 10%). This can not be 0 if MaxUnavailable is 0
                        if you want automatic rolling updates to be applied. Absolute
                        number is calculated from percentage by rounding up. Example:
                        when this is set to 30%, the new group can be scaled up by
                        30% immediately when the rolling update starts. Once old pods
                        have been killed, new group can be scaled up further, ensuring
                        that total number of pods running at any time during the update
                        is at most 130% of the target number of pods.'
                      format: int64
                      type: integer
                    maxUnavailable:
                      description: 'MaxUnavailable is the maximum number of pods that
                        can be unavailable during the update. Value can be an absolute
                        number (ex: 5) or a percentage of total pods at the start
                        of update (ex: 10%). Absolute number is calculated from percentage
                        by rounding down. This can not be 0 if MaxSurge is 0 if you
                        want automatic rolling changes to be applied. By default,
                        a fixed value of 0 is used. Example: when this is set to 30%,
                        the group can be scaled down by 30% immediately when the rolling
                        update starts. Once new pods are ready, the group can be scaled
                        down further, followed by scaling up the group, ensuring that
                        at least 70% of the target number of pods are available at
                        all times during the update.'
                      format: int64
                      type: integer
                  required:
                  - maxUnavailable
                  - maxSurge
                  type: object
                groups:
                  description: Groups is a list of groups that should have their cluster
                    mutations considered in a fair manner with a strict change budget
                    (not allowing any surge or unavailability) before the entire cluster
                    is reconciled with the full change budget.
                  items:
                    properties:
                      selector:
                        description: Selector is the selector used to match pods.
                        type: object
                    type: object
                  type: array
              type: object
            version:
              description: Version represents the version of the stack
              type: string
          type: object
        status:
          properties:
            clusterUUID:
              type: string
            health:
              type: string
            masterNode:
              type: string
            phase:
              type: string
            remoteClusters:
              type: object
            service:
              type: string
            zenDiscovery:
              properties:
                minimumMasterNodes:
                  format: int64
                  type: integer
              type: object
          type: object
  version: v1alpha1
status:
  acceptedNames:
    kind: ""
    plural: ""
  conditions: []
  storedVersions: []

---

apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
  creationTimestamp: null
  labels:
    controller-tools.k8s.io: "1.0"
  name: enterpriselicenses.elasticsearch.k8s.elastic.co
spec:
  additionalPrinterColumns:
  - JSONPath: .status
    name: status
    type: string
  group: elasticsearch.k8s.elastic.co
  names:
    kind: EnterpriseLicense
    plural: enterpriselicenses
    shortNames:
    - el
  scope: Namespaced
  subresources:
    status: {}
  validation:
    openAPIV3Schema:
      properties:
        apiVersion:
          description: 'APIVersion defines the versioned schema of this representation
            of an object. Servers should convert recognized schemas to the latest
            internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
          type: string
        kind:
          description: 'Kind is a string value representing the REST resource this
            object represents. Servers may infer this from the endpoint the client
            submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
          type: string
        metadata:
          type: object
        spec:
          properties:
            clusterLicenses:
              items:
                properties:
                  expiryDateInMillis:
                    format: int64
                    type: integer
                  issueDateInMillis:
                    format: int64
                    type: integer
                  issuedTo:
                    type: string
                  issuer:
                    type: string
                  maxNodes:
                    format: int64
                    type: integer
                  signatureRef:
                    type: object
                  startDateInMillis:
                    format: int64
                    type: integer
                  type:
                    type: string
                  uid:
                    description: UID is the license UID not the k8s API UID (!)
                    type: string
                required:
                - maxNodes
                - type
                - signatureRef
                type: object
              type: array
            eula:
              properties:
                accepted:
                  type: boolean
              required:
              - accepted
              type: object
            expiryDateInMillis:
              format: int64
              type: integer
            issueDateInMillis:
              format: int64
              type: integer
            issuedTo:
              type: string
            issuer:
              type: string
            maxInstances:
              format: int64
              type: integer
            signatureRef:
              type: object
            startDateInMillis:
              format: int64
              type: integer
            type:
              type: string
            uid:
              description: UID is the license UID not the k8s API UID (!)
              type: string
          required:
          - type
          - eula
          type: object
        status:
          type: string
  version: v1alpha1
status:
  acceptedNames:
    kind: ""
    plural: ""
  conditions: []
  storedVersions: []

---

apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
  creationTimestamp: null
  labels:
    controller-tools.k8s.io: "1.0"
  name: remoteclusters.elasticsearch.k8s.elastic.co
spec:
  additionalPrinterColumns:
  - JSONPath: .status.phase
    name: status
    type: string
  group: elasticsearch.k8s.elastic.co
  names:
    kind: RemoteCluster
    plural: remoteclusters
  scope: Namespaced
  subresources:
    status: {}
  validation:
    openAPIV3Schema:
      properties:
        apiVersion:
          description: 'APIVersion defines the versioned schema of this representation
            of an object. Servers should convert recognized schemas to the latest
            internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
          type: string
        kind:
          description: 'Kind is a string value representing the REST resource this
            object represents. Servers may infer this from the endpoint the client
            submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
          type: string
        metadata:
          type: object
        spec:
          properties:
            remote:
              type: object
          required:
          - remote
          type: object
        status:
          properties:
            clusterName:
              type: string
            localTrustRelationship:
              type: string
            phase:
              type: string
            seedHosts:
              items:
                type: string
              type: array
          type: object
  version: v1alpha1
status:
  acceptedNames:
    kind: ""
    plural: ""
  conditions: []
  storedVersions: []

---

apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
  creationTimestamp: null
  labels:
    controller-tools.k8s.io: "1.0"
  name: trustrelationships.elasticsearch.k8s.elastic.co
spec:
  group: elasticsearch.k8s.elastic.co
  names:
    kind: TrustRelationship
    plural: trustrelationships
  scope: Namespaced
  validation:
    openAPIV3Schema:
      properties:
        apiVersion:
          description: 'APIVersion defines the versioned schema of this representation
            of an object. Servers should convert recognized schemas to the latest
            internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
          type: string
        kind:
          description: 'Kind is a string value representing the REST resource this
            object represents. Servers may infer this from the endpoint the client
            submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
          type: string
        metadata:
          type: object
        spec:
          properties:
            caCert:
              description: CaCert contains the PEM-encoded CA certificate for the
                remote cluster.
              type: string
            trustRestrictions:
              description: TrustRestrictions contains configuration for the trust
                restrictions feature of Elasticsearch for this relationship
              properties:
                trust:
                  description: Trust contains configuration for the Elasticsearch
                    trust restrictions.
                  properties:
                    subjectName:
                      description: SubjectName is a list of patterns that incoming
                        TLS client certificates must match.
                      items:
                        type: string
                      type: array
                  type: object
              type: object
          type: object
  version: v1alpha1
status:
  acceptedNames:
    kind: ""
    plural: ""
  conditions: []
  storedVersions: []

---

apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
  creationTimestamp: null
  labels:
    controller-tools.k8s.io: "1.0"
  name: users.elasticsearch.k8s.elastic.co
spec:
  additionalPrinterColumns:
  - JSONPath: .spec.name
    name: username
    type: string
  - JSONPath: .status.phase
    name: status
    type: string
  group: elasticsearch.k8s.elastic.co
  names:
    categories:
    - elastic
    kind: User
    plural: users
  scope: Namespaced
  subresources:
    status: {}
  validation:
    openAPIV3Schema:
      properties:
        apiVersion:
          description: 'APIVersion defines the versioned schema of this representation
            of an object. Servers should convert recognized schemas to the latest
            internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
          type: string
        kind:
          description: 'Kind is a string value representing the REST resource this
            object represents. Servers may infer this from the endpoint the client
            submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
          type: string
        metadata:
          type: object
        spec:
          properties:
            name:
              type: string
            passwordHash:
              type: string
            userRoles:
              items:
                type: string
              type: array
          required:
          - name
          - passwordHash
          - userRoles
          type: object
        status:
          properties:
            phase:
              type: string
            reason:
              type: string
          type: object
  version: v1alpha1
status:
  acceptedNames:
    kind: ""
    plural: ""
  conditions: []
  storedVersions: []

---

apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
  creationTimestamp: null
  labels:
    controller-tools.k8s.io: "1.0"
  name: kibanas.kibana.k8s.elastic.co
spec:
  additionalPrinterColumns:
  - JSONPath: .status.health
    name: health
    type: string
  - JSONPath: .status.availableNodes
    description: Available nodes
    name: nodes
    type: integer
  - JSONPath: .spec.version
    description: Kibana version
    name: version
    type: string
  - JSONPath: .metadata.creationTimestamp
    name: age
    type: date
  group: kibana.k8s.elastic.co
  names:
    categories:
    - elastic
    kind: Kibana
    plural: kibanas
    shortNames:
    - kb
  scope: Namespaced
  subresources:
    status: {}
  validation:
    openAPIV3Schema:
      properties:
        apiVersion:
          description: 'APIVersion defines the versioned schema of this representation
            of an object. Servers should convert recognized schemas to the latest
            internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
          type: string
        kind:
          description: 'Kind is a string value representing the REST resource this
            object represents. Servers may infer this from the endpoint the client
            submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
          type: string
        metadata:
          type: object
        spec:
          properties:
            elasticsearch:
              description: Elasticsearch configures how Kibana connects to Elasticsearch
              properties:
                auth:
                  description: Auth configures authentication for Kibana to use.
                  properties:
                    inline:
                      description: Inline is auth provided as plaintext inline credentials.
                      properties:
                        password:
                          description: Password is the password to use.
                          type: string
                        username:
                          description: User is the username to use.
                          type: string
                      required:
                      - username
                      - password
                      type: object
                    secret:
                      type: object
                  type: object
                caCertSecret:
                  description: CaCertSecret names a secret that contains a CA file
                    entry to use.
                  type: string
                url:
                  description: ElasticsearchURL is the URL to the target Elasticsearch
                  type: string
              required:
              - url
              type: object
            elasticsearchRef:
              description: ElasticsearchRef references an Elasticsearch resource in
                the Kubernetes cluster. If the namespace is not specified, the current
                resource namespace will be used.
              properties:
                name:
                  type: string
                namespace:
                  type: string
              required:
              - name
              type: object
            featureFlags:
              description: FeatureFlags are instance-specific flags that enable or
                disable specific experimental features
              type: object
            http:
              description: HTTP contains settings for HTTP.
              properties:
                service:
                  description: Service is a template for the Kubernetes Service
                  properties:
                    metadata:
                      description: Metadata is metadata for the HTTP Service.
                      properties:
                        annotations:
                          description: 'Annotations is an unstructured key value map
                            stored with a resource that may be set by external tools
                            to store and retrieve arbitrary metadata. They are not
                            queryable and should be preserved when modifying objects.
                            More info: http://kubernetes.io/docs/user-guide/annotations'
                          type: object
                      type: object
                    spec:
                      description: Spec contains user-provided settings for the HTTP
                        Service.
                      properties:
                        type:
                          description: 'Type determines which service type to use
                            for this workload. The options are: `ClusterIP|LoadBalancer|NodePort`.
                            Defaults to ClusterIP.'
                          enum:
                          - ClusterIP
                          - LoadBalancer
                          - NodePort
                          type: string
                      type: object
                  type: object
                tls:
                  description: TLS describe additional options to consider when generating
                    nodes TLS certificates.
                  properties:
                    selfSignedCertificate:
                      description: SelfSignedCertificate define options to apply to
                        self-signed certificate managed by the operator.
                      properties:
                        subjectAltNames:
                          description: 'SubjectAlternativeNames is a list of SANs
                            to include in the nodes certificates. For example: a wildcard
                            DNS to expose the cluster.'
                          items:
                            properties:
                              dns:
                                type: string
                              ip:
                                type: string
                            type: object
                          type: array
                      type: object
                  type: object
              type: object
            image:
              description: Image represents the docker image that will be used.
              type: string
            nodeCount:
              description: NodeCount defines how many nodes the Kibana deployment
                must have.
              format: int32
              type: integer
            podTemplate:
              description: PodTemplate can be used to propagate configuration to Kibana
                pods. So far, only labels, Affinity and `Containers["kibana"].Resources.Limits`
                are applied.
              type: object
            version:
              description: Version represents the version of Kibana
              type: string
          type: object
        status:
          properties:
            associationStatus:
              type: string
            health:
              type: string
          type: object
  version: v1alpha1
status:
  acceptedNames:
    kind: ""
    plural: ""
  conditions: []
  storedVersions: []

---

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: elastic-operator
rules:
- apiGroups:
  - ""
  resources:
  - pods
  - endpoints
  - events
  - persistentvolumeclaims
  - secrets
  - services
  - configmaps
  verbs:
  - get
  - list
  - watch
  - create
  - update
  - patch
  - delete
- apiGroups:
  - apps
  resources:
  - deployments
  verbs:
  - get
  - list
  - watch
  - create
  - update
  - patch
  - delete
- apiGroups:
  - batch
  resources:
  - cronjobs
  verbs:
  - get
  - list
  - watch
  - create
  - update
  - patch
  - delete
- apiGroups:
  - elasticsearch.k8s.elastic.co
  resources:
  - elasticsearches
  - elasticsearches/status
  - clusterlicenses
  - enterpriselicenses
  - enterpriselicenses/status
  - trustrelationships
  - users
  - users/status
  - remoteclusters
  - remoteclusters/status
  verbs:
  - get
  - list
  - watch
  - create
  - update
  - patch
  - delete
- apiGroups:
  - kibana.k8s.elastic.co
  resources:
  - kibanas
  - kibanas/status
  verbs:
  - get
  - list
  - watch
  - create
  - update
  - patch
  - delete
- apiGroups:
  - apm.k8s.elastic.co
  resources:
  - apmservers
  - apmservers/status
  verbs:
  - get
  - list
  - watch
  - create
  - update
  - patch
  - delete
- apiGroups:
  - associations.k8s.elastic.co
  resources:
  - apmserverelasticsearchassociations
  - apmserverelasticsearchassociations/status
  verbs:
  - get
  - list
  - watch
  - create
  - update
  - patch
  - delete
- apiGroups:
  - admissionregistration.k8s.io
  resources:
  - mutatingwebhookconfigurations
  - validatingwebhookconfigurations
  verbs:
  - get
  - list
  - watch
  - create
  - update
  - patch
  - delete

---

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: elastic-operator
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: elastic-operator
subjects:
- kind: ServiceAccount
  name: elastic-operator
  namespace: elastic-system

---

apiVersion: v1
kind: Namespace
metadata:
  name: elastic-system

---

apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: elastic-operator
  namespace: elastic-system
  labels:
    control-plane: elastic-operator
spec:
  selector:
    matchLabels:
      control-plane: elastic-operator
  serviceName: elastic-operator
  template:
    metadata:
      labels:
        control-plane: elastic-operator
    spec:
      serviceAccountName: elastic-operator
      containers:
      - image: docker.elastic.co/eck/eck-operator:0.8.1
        name: manager
        args: ["manager", "--operator-roles", "all"]
        env:
          - name: OPERATOR_NAMESPACE
            valueFrom:
              fieldRef:
                fieldPath: metadata.namespace
          - name: WEBHOOK_SECRET
            value: webhook-server-secret
          - name: WEBHOOK_PODS_LABEL
            value: elastic-operator
          - name: OPERATOR_IMAGE
            value: docker.elastic.co/eck/eck-operator:0.8.1
        resources:
          limits:
            cpu: 1
            memory: 100Mi
          requests:
            cpu: 100m
            memory: 20Mi
        ports:
        - containerPort: 9876
          name: webhook-server
          protocol: TCP
        volumeMounts:
        - mountPath: /tmp/cert
          name: cert
          readOnly: true
      terminationGracePeriodSeconds: 10
      volumes:
      - name: cert
        secret:
          defaultMode: 420
          secretName: webhook-server-secret
---
apiVersion: v1
kind: Secret
metadata:
  name: webhook-server-secret
  namespace: elastic-system

---

apiVersion: v1
kind: ServiceAccount
metadata:
  name: elastic-operator
  namespace: elastic-system

---

 

转载于:https://www.cnblogs.com/aguncn/p/11149348.html

你可能感兴趣的:(在kubernetes集群中部署ElasticSearch集群--ECK)