X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fcommon%2Felasticsearch%2Fcomponents%2Fdata%2Ftemplates%2Fstatefulset.yaml;h=e6c5a87f5c2febeb54b3531b43f7e336e68ba73a;hb=refs%2Fheads%2Fmaster;hp=994b458e33b69d4964b27fc0ec43ee49ebdbc30a;hpb=ed4bc91ade3036af0d113c211e3136e5dbc42df4;p=oom.git diff --git a/kubernetes/common/elasticsearch/components/data/templates/statefulset.yaml b/kubernetes/common/elasticsearch/components/data/templates/statefulset.yaml index 994b458e33..dc8562b8fc 100644 --- a/kubernetes/common/elasticsearch/components/data/templates/statefulset.yaml +++ b/kubernetes/common/elasticsearch/components/data/templates/statefulset.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,11 +12,12 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: apps/v1 kind: StatefulSet {{ $role := "data" -}} {{ $suffix := $role -}} -{{ $labels := (dict "role" $role "discovery" (include "elasticsearch.clustername" .)) -}} +{{ $labels := (dict "role" $role "discovery" .Values.cluster_name) -}} metadata: {{- include "common.resourceMetadata" (dict "suffix" $suffix "labels" $labels "dot" . )| nindent 2 }} spec: updateStrategy: @@ -32,7 +34,7 @@ spec: template: metadata: {{- include "common.templateMetadata" (dict "labels" $labels "dot" .) | nindent 6 }} spec: -{{- include "elasticsearch.imagePullSecrets" . | nindent 6 }} + {{- include "common.imagePullSecrets" . | nindent 6 }} {{- if .Values.affinity }} affinity: {{- include "common.tplValue" (dict "value" .Values.affinity "context" $) | nindent 8 }} {{- end }} @@ -42,18 +44,21 @@ spec: {{- if .Values.tolerations }} tolerations: {{- include "common.tplValue" (dict "value" .Values.tolerations "context" $) | nindent 8 }} {{- end }} - serviceAccountName: {{ template "elasticsearch.data.serviceAccountName" . }} - {{- if .Values.securityContext.enabled }} - securityContext: - fsGroup: {{ .Values.securityContext.fsGroup }} - {{- end }} - {{- if or .Values.sysctlImage.enabled (and .Values.volumePermissions.enabled .Values.persistence.enabled) }} + {{ include "common.podSecurityContext" . | indent 6 | trim }} initContainers: {{- if .Values.sysctlImage.enabled }} ## Image that performs the sysctl operation to modify Kernel settings (needed sometimes to avoid boot errors) - name: sysctl - image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.global.busyboxImage | default .Values.busyboxImage }} + image: {{ include "repositoryGenerator.image.busybox" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + {{ include "common.containerSecurityContext" . | indent 10 | trim }} + resources: + limits: + cpu: 20m + memory: 50Mi + requests: + cpu: 5m + memory: 20Mi command: - /bin/sh - -c @@ -61,42 +66,40 @@ spec: set -o errexit set -o pipefail set -o nounset - sysctl -w vm.max_map_count=262144 && sysctl -w fs.file-max=65536 - securityContext: - privileged: true + volumeMounts: + - mountPath: /etc/sysctl.conf + name: config + subPath: sysctl.conf {{- end }} - {{- if and .Values.volumePermissions.enabled .Values.persistence.enabled }} - - name: volume-permissions - image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.global.busyboxImage | default .Values.busyboxImage }} + - name: {{ include "common.name" . }}-config-copy + image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + {{ include "common.containerSecurityContext" . | indent 10 | trim }} + resources: + limits: + cpu: 20m + memory: 50Mi + requests: + cpu: 5m + memory: 20Mi command: - /bin/sh - -c - | - chown -R {{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.fsGroup }} //bitnami/elasticsearch/data - securityContext: - runAsUser: 0 - {{- if .Values.volumePermissions.resource }} - resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }} - {{- end }} + cp -R /opt/bitnami/elasticsearch/config/. /opt/bitnami/elasticsearch/config_rw volumeMounts: - - name: data - mountPath: "/bitnami/elasticsearch/data" - {{- end }} - {{- end }} + - mountPath: /opt/bitnami/elasticsearch/config_rw + name: bitnami-config containers: - - name: {{ include "common.name" . }}-elasticsearch - image: {{ printf "%s/%s:%s" (include "common.repository" .) .Values.image.imageName .Values.image.tag }} + - name: {{ include "common.name" . }}-data + image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - {{- if .Values.securityContext.enabled }} - securityContext: - runAsUser: {{ .Values.securityContext.runAsUser }} - {{- end }} + {{ include "common.containerSecurityContext" . | indent 10 | trim }} env: - name: BITNAMI_DEBUG - value: {{ ternary "true" "false" .Values.image.debug | quote }} + value: {{ ternary "true" "false" .Values.debug | quote }} - name: ELASTICSEARCH_CLUSTER_NAME - value: {{include "elasticsearch.clustername" .}} + value: {{ .Values.cluster_name }} - name: ELASTICSEARCH_CLUSTER_HOSTS value: {{ include "common.name" . }}-discovery {{- if .Values.plugins }} @@ -109,6 +112,12 @@ spec: value: "yes" - name: ELASTICSEARCH_NODE_TYPE value: "data" + - name: network.bind_host + value: 127.0.0.1 + - name: network.publish_host + valueFrom: + fieldRef: + fieldPath: status.podIP ports: {{- include "common.containerPorts" . |indent 12 }} {{- if .Values.livenessProbe.enabled }} livenessProbe: @@ -136,28 +145,52 @@ spec: resources: {{- toYaml .Values.resources | nindent 12 }} {{- end }} volumeMounts: + - mountPath: /tmp + name: tmp + - mountPath: /opt/bitnami/elasticsearch/logs + name: bitnami-logs + - mountPath: /opt/bitnami/elasticsearch/tmp + name: bitnami-tmp + - mountPath: /opt/bitnami/elasticsearch/config + name: bitnami-config {{- if .Values.config }} - mountPath: /opt/bitnami/elasticsearch/config/elasticsearch.yml name: "config" subPath: elasticsearch.yml {{- end }} + {{- if .Values.sysctlImage.enabled }} + - mountPath: /etc/sysctl.conf + name: config + subPath: sysctl.conf + {{- end }} - name: "data" mountPath: "/bitnami/elasticsearch/data" {{- if .Values.extraVolumeMounts }} {{- toYaml .Values.extraVolumeMounts | nindent 12 }} {{- end }} volumes: - {{- if .Values.config }} - name: "config" configMap: name: {{ template "common.fullname" . }} - {{- end }} + - emptyDir: + sizeLimit: {{ .Values.volumes.tmpSizeLimit }} + name: tmp + - emptyDir: + sizeLimit: {{ .Values.volumes.bitnamiLogsSizeLimit }} + name: bitnami-logs + - emptyDir: + sizeLimit: {{ .Values.volumes.bitnamiTmpSizeLimit }} + name: bitnami-tmp + - emptyDir: + sizeLimit: {{ .Values.volumes.bitnamiConfigSizeLimit }} + name: bitnami-config {{- if .Values.extraVolumes }} {{- toYaml .Values.extraVolumes | nindent 8 }} {{- end }} {{- if not .Values.persistence.enabled }} - name: "data" - emptyDir: {} + emptyDir: + sizeLimit: {{ .Values.volumes.dataSizeLimit }} {{- else }} volumeClaimTemplates: - metadata: