helm/wwwgmo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
wwwgmo/helm/templates/elasticsearch/statefulset-elasticsearch.yaml
Gilles Mouchet 407859b310 v1.0
2025-02-07 20:52:27 +01:00

132 lines
4.3 KiB
YAML
Raw Blame History

apiVersion: apps/v1
kind: StatefulSet
metadata:
name: statefulset-elasticsearch
namespace: {{ .Release.Namespace }}
labels:
app: site
tier: elastic
{{- include "site.labels" . | nindent 4 }}
spec:
serviceName: service-elasticsearch
# do not modify replica
replicas: 1
selector:
matchLabels:
app: site
tier: elastic
template:
metadata:
labels:
app: site
tier: elastic
{{- include "site.labels" . | nindent 8 }}
annotations:
checksum/configmap-env: {{ include (print $.Chart.Name "/templates/elasticsearch/configmap-elasticsearch.yaml") . | sha256sum }}
checksum/secret-env: {{ include (print $.Chart.Name "/templates/elasticsearch/secret-elasticsearch.yaml") . | sha256sum }}
spec:
priorityClassName: {{ required ".Values.elastic.priorityClassName entry is required!" .Values.elastic.priorityClassName }}
automountServiceAccountToken: false
containers:
- name: elasticsearch
image: docker.elastic.co/elasticsearch/elasticsearch:{{ required ".Values.elastic.imageTag entry is required!" .Values.elastic.imageTag }}
imagePullPolicy: IfNotPresent
ports:
- containerPort: 9200
name: rest
protocol: TCP
- containerPort: 9300
name: inter-node
protocol: TCP
volumeMounts:
- name: data
mountPath: /usr/share/elasticsearch/data
envFrom:
- configMapRef:
name: configmap-elasticsearch
- secretRef:
name: secret-elasticsearch
env:
- name: node.name
valueFrom:
fieldRef:
fieldPath: metadata.name
resources:
requests:
cpu: 100m
memory: 850Mi
ephemeral-storage: 128M
limits:
cpu: 1000m
memory: 1250Mi
ephemeral-storage: 512M
#No readiness probe : The node has to be immediatly resolvable
#No startup probe : The node has to be immediatly resolvable
livenessProbe:
exec:
command:
- "/bin/sh"
- "-c"
#- "curl -s --cacert /usr/share/elasticsearch/config/certificates/ca.pem https://localhost:9200 | grep -q 'missing authentication credentials'"
- "curl -s http://localhost:9200 | grep -q 'missing authentication credentials'"
periodSeconds: 10
failureThreshold: 3
initialDelaySeconds: 30
timeoutSeconds: 5
initContainers:
- name: fix-permissions
image: busybox
imagePullPolicy: IfNotPresent
command: ["sh", "-c", "chown -R 1000:1000 /usr/share/elasticsearch/data"]
securityContext:
privileged: true
volumeMounts:
- name: data
mountPath: /usr/share/elasticsearch/data
- name: increase-vm-max-map
image: busybox
imagePullPolicy: IfNotPresent
command: ["sysctl", "-w", "vm.max_map_count=262144"]
securityContext:
privileged: true
- name: increase-fd-ulimit
image: busybox
imagePullPolicy: IfNotPresent
command: ["sh", "-c", "ulimit -n 65536"]
securityContext:
privileged: true
topologySpreadConstraints:
- maxSkew: 1
topologyKey: kubernetes.io/hostname
whenUnsatisfiable: ScheduleAnyway
labelSelector:
matchLabels:
app: elasticsearch
tier: elasticsearch
volumeClaimTemplates:
- metadata:
name: data
labels:
app: elastic
tier: elastic
spec:
{{- if eq "k3s" $.Values.kube }}
accessModes: [ "ReadWriteOnce" ]
storageClassName: {{ required ".Values.elastic.persistentVolumeClaim.k3sStorageClassName entry is required!" .Values.elastic.persistentVolumeClaim.k3sStorageClassName }}
{{- end }}
{{- if eq "k8s" $.Values.kube }}
accessModes: [ "ReadWriteMany" ]
storageClassName: {{ required ".Values.elastic.persistentVolumeClaim.k8sStorageClassName entry is required!" .Values.elastic.persistentVolumeClaim.k8sStorageClassName }}
{{- end }}
resources:
requests:
storage: {{ required ".Values.elastic.persistentVolumeClaim.storageRequest entry is required!" .Values.elastic.persistentVolumeClaim.storageRequest }}
Reference in New Issue View Git Blame Copy Permalink