From a8e826248539179c5ef69ec003701be608e89b70 Mon Sep 17 00:00:00 2001 From: ewolinetz Date: Mon, 27 Feb 2017 12:07:14 -0600 Subject: Decomposing openshift_logging role into subcomponent roles --- .../templates/elasticsearch.yml.j2 | 80 ++++++++++++++++++++++ 1 file changed, 80 insertions(+) create mode 100644 roles/openshift_logging_elasticsearch/templates/elasticsearch.yml.j2 (limited to 'roles/openshift_logging_elasticsearch/templates/elasticsearch.yml.j2') diff --git a/roles/openshift_logging_elasticsearch/templates/elasticsearch.yml.j2 b/roles/openshift_logging_elasticsearch/templates/elasticsearch.yml.j2 new file mode 100644 index 000000000..cd4bde98b --- /dev/null +++ b/roles/openshift_logging_elasticsearch/templates/elasticsearch.yml.j2 @@ -0,0 +1,80 @@ +cluster: + name: ${CLUSTER_NAME} + +script: + inline: on + indexed: on + +index: + number_of_shards: 1 + number_of_replicas: 0 + auto_expand_replicas: 0-2 + unassigned.node_left.delayed_timeout: 2m + translog: + flush_threshold_size: 256mb + flush_threshold_period: 5m + +node: + master: {% if deploy_type in ['data-master', 'master'] %}true{% else %}false{% endif %} + data: {% if deploy_type in ['data-master', 'data-client'] %}true{% else %}false{% endif %} + +network: + host: 0.0.0.0 + +cloud: + kubernetes: + service: ${SERVICE_DNS} + namespace: ${NAMESPACE} + +discovery: + type: kubernetes + zen.ping.multicast.enabled: false + +gateway: + expected_master_nodes: ${NODE_QUORUM} + recover_after_nodes: ${RECOVER_AFTER_NODES} + expected_nodes: ${RECOVER_EXPECTED_NODES} + recover_after_time: ${RECOVER_AFTER_TIME} + +io.fabric8.elasticsearch.authentication.users: ["system.logging.kibana", "system.logging.fluentd", "system.logging.curator", "system.admin"] + +openshift.config: + use_common_data_model: true + project_index_prefix: "project" + time_field_name: "@timestamp" + +openshift.searchguard: + keystore.path: /etc/elasticsearch/secret/admin.jks + truststore.path: /etc/elasticsearch/secret/searchguard.truststore + +openshift.operations.allow_cluster_reader: {{allow_cluster_reader | default ('false')}} + +path: + data: /elasticsearch/persistent/${CLUSTER_NAME}/data + logs: /elasticsearch/${CLUSTER_NAME}/logs + work: /elasticsearch/${CLUSTER_NAME}/work + scripts: /elasticsearch/${CLUSTER_NAME}/scripts + +searchguard: + authcz.admin_dn: + - CN=system.admin,OU=OpenShift,O=Logging + config_index_name: ".searchguard.${HOSTNAME}" + ssl: + transport: + enabled: true + enforce_hostname_verification: false + keystore_type: JKS + keystore_filepath: /etc/elasticsearch/secret/searchguard.key + keystore_password: kspass + truststore_type: JKS + truststore_filepath: /etc/elasticsearch/secret/searchguard.truststore + truststore_password: tspass + http: + enabled: true + keystore_type: JKS + keystore_filepath: /etc/elasticsearch/secret/key + keystore_password: kspass + clientauth_mode: OPTIONAL + truststore_type: JKS + truststore_filepath: /etc/elasticsearch/secret/truststore + truststore_password: tspass -- cgit v1.2.3 From 60ad4626f03cbfb119290a4bfaf9ecba53dc762b Mon Sep 17 00:00:00 2001 From: ewolinetz Date: Tue, 2 May 2017 11:21:56 -0500 Subject: Pulling in changes from master --- roles/openshift_logging_elasticsearch/templates/elasticsearch.yml.j2 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'roles/openshift_logging_elasticsearch/templates/elasticsearch.yml.j2') diff --git a/roles/openshift_logging_elasticsearch/templates/elasticsearch.yml.j2 b/roles/openshift_logging_elasticsearch/templates/elasticsearch.yml.j2 index cd4bde98b..340c6d7e6 100644 --- a/roles/openshift_logging_elasticsearch/templates/elasticsearch.yml.j2 +++ b/roles/openshift_logging_elasticsearch/templates/elasticsearch.yml.j2 @@ -15,8 +15,8 @@ index: flush_threshold_period: 5m node: - master: {% if deploy_type in ['data-master', 'master'] %}true{% else %}false{% endif %} - data: {% if deploy_type in ['data-master', 'data-client'] %}true{% else %}false{% endif %} + master: ${IS_MASTER} + data: ${HAS_DATA} network: host: 0.0.0.0 -- cgit v1.2.3 From 186d744cee0bda007e196358da5fe5e94187e0d3 Mon Sep 17 00:00:00 2001 From: ewolinetz Date: Mon, 15 May 2017 10:12:50 -0500 Subject: Adding some missing changes --- roles/openshift_logging_elasticsearch/templates/elasticsearch.yml.j2 | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'roles/openshift_logging_elasticsearch/templates/elasticsearch.yml.j2') diff --git a/roles/openshift_logging_elasticsearch/templates/elasticsearch.yml.j2 b/roles/openshift_logging_elasticsearch/templates/elasticsearch.yml.j2 index 340c6d7e6..2aaa44190 100644 --- a/roles/openshift_logging_elasticsearch/templates/elasticsearch.yml.j2 +++ b/roles/openshift_logging_elasticsearch/templates/elasticsearch.yml.j2 @@ -8,7 +8,6 @@ script: index: number_of_shards: 1 number_of_replicas: 0 - auto_expand_replicas: 0-2 unassigned.node_left.delayed_timeout: 2m translog: flush_threshold_size: 256mb @@ -29,6 +28,7 @@ cloud: discovery: type: kubernetes zen.ping.multicast.enabled: false + zen.minimum_master_nodes: {{es_min_masters}} gateway: expected_master_nodes: ${NODE_QUORUM} @@ -37,6 +37,8 @@ gateway: recover_after_time: ${RECOVER_AFTER_TIME} io.fabric8.elasticsearch.authentication.users: ["system.logging.kibana", "system.logging.fluentd", "system.logging.curator", "system.admin"] +io.fabric8.elasticsearch.kibana.mapping.app: /usr/share/elasticsearch/index_patterns/com.redhat.viaq-openshift.index-pattern.json +io.fabric8.elasticsearch.kibana.mapping.ops: /usr/share/elasticsearch/index_patterns/com.redhat.viaq-openshift.index-pattern.json openshift.config: use_common_data_model: true -- cgit v1.2.3 From 7426996929fe298f4da0b238e38d91fb929b5112 Mon Sep 17 00:00:00 2001 From: ewolinetz Date: Thu, 18 May 2017 19:45:19 -0500 Subject: Pulling changes from master branch --- .../templates/elasticsearch.yml.j2 | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) (limited to 'roles/openshift_logging_elasticsearch/templates/elasticsearch.yml.j2') diff --git a/roles/openshift_logging_elasticsearch/templates/elasticsearch.yml.j2 b/roles/openshift_logging_elasticsearch/templates/elasticsearch.yml.j2 index 2aaa44190..681f5a7e6 100644 --- a/roles/openshift_logging_elasticsearch/templates/elasticsearch.yml.j2 +++ b/roles/openshift_logging_elasticsearch/templates/elasticsearch.yml.j2 @@ -6,8 +6,8 @@ script: indexed: on index: - number_of_shards: 1 - number_of_replicas: 0 + number_of_shards: {{ es_number_of_shards | default ('1') }} + number_of_replicas: {{ es_number_of_replicas | default ('0') }} unassigned.node_left.delayed_timeout: 2m translog: flush_threshold_size: 256mb @@ -28,11 +28,10 @@ cloud: discovery: type: kubernetes zen.ping.multicast.enabled: false - zen.minimum_master_nodes: {{es_min_masters}} + zen.minimum_master_nodes: ${NODE_QUORUM} gateway: - expected_master_nodes: ${NODE_QUORUM} - recover_after_nodes: ${RECOVER_AFTER_NODES} + recover_after_nodes: ${NODE_QUORUM} expected_nodes: ${RECOVER_EXPECTED_NODES} recover_after_time: ${RECOVER_AFTER_TIME} @@ -49,7 +48,7 @@ openshift.searchguard: keystore.path: /etc/elasticsearch/secret/admin.jks truststore.path: /etc/elasticsearch/secret/searchguard.truststore -openshift.operations.allow_cluster_reader: {{allow_cluster_reader | default ('false')}} +openshift.operations.allow_cluster_reader: {{allow_cluster_reader | default (false)}} path: data: /elasticsearch/persistent/${CLUSTER_NAME}/data -- cgit v1.2.3