blob: 9fefef9b75bc55897f15636d3b79974c8eb3a0ca (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
|
apiVersion: "v1"
kind: "DeploymentConfig"
metadata:
name: "{{ deploy_name }}"
labels:
provider: openshift
component: "{{ component }}"
logging-infra: "{{ logging_component }}"
spec:
replicas: {{ replicas | default(0) }}
selector:
provider: openshift
component: "{{ component }}"
logging-infra: "{{ logging_component }}"
strategy:
rollingParams:
intervalSeconds: 1
timeoutSeconds: 600
updatePeriodSeconds: 1
type: Rolling
template:
metadata:
name: "{{ deploy_name }}"
labels:
logging-infra: "{{ logging_component }}"
provider: openshift
component: "{{ component }}"
spec:
serviceAccountName: aggregated-logging-kibana
{% if kibana_node_selector is iterable and kibana_node_selector | length > 0 %}
nodeSelector:
{% for key, value in kibana_node_selector.iteritems() %}
{{ key }}: "{{ value }}"
{% endfor %}
{% endif %}
containers:
-
name: "kibana"
image: {{ image }}
imagePullPolicy: Always
{% if (kibana_memory_limit is defined and kibana_memory_limit is not none and kibana_memory_limit != "") or (kibana_cpu_limit is defined and kibana_cpu_limit is not none and kibana_cpu_limit != "") %}
resources:
limits:
{% if kibana_cpu_limit is not none and kibana_cpu_limit != "" %}
cpu: "{{ kibana_cpu_limit }}"
{% endif %}
{% if kibana_memory_limit is not none and kibana_memory_limit != "" %}
memory: "{{ kibana_memory_limit }}"
{% endif %}
{% endif %}
env:
- name: "ES_HOST"
value: "{{ es_host }}"
- name: "ES_PORT"
value: "{{ es_port }}"
volumeMounts:
- name: kibana
mountPath: /etc/kibana/keys
readOnly: true
-
name: "kibana-proxy"
image: {{ proxy_image }}
imagePullPolicy: Always
{% if (kibana_proxy_memory_limit is defined and kibana_proxy_memory_limit is not none and kibana_proxy_memory_limit != "") or (kibana_proxy_cpu_limit is defined and kibana_proxy_cpu_limit is not none and kibana_proxy_cpu_limit != "") %}
resources:
limits:
{% if kibana_proxy_cpu_limit is not none and kibana_proxy_cpu_limit != "" %}
cpu: "{{ kibana_proxy_cpu_limit }}"
{% endif %}
{% if kibana_proxy_memory_limit is not none and kibana_proxy_memory_limit != "" %}
memory: "{{ kibana_proxy_memory_limit }}"
{% endif %}
{% endif %}
ports:
-
name: "oaproxy"
containerPort: 3000
env:
-
name: "OAP_BACKEND_URL"
value: "http://localhost:5601"
-
name: "OAP_AUTH_MODE"
value: "oauth2"
-
name: "OAP_TRANSFORM"
value: "user_header,token_header"
-
name: "OAP_OAUTH_ID"
value: kibana-proxy
-
name: "OAP_MASTER_URL"
value: {{ openshift_logging_kibana_master_url }}
-
name: "OAP_PUBLIC_MASTER_URL"
value: {{ openshift_logging_kibana_master_public_url }}
-
name: "OAP_LOGOUT_REDIRECT"
value: {{ openshift_logging_kibana_master_public_url }}/console/logout
-
name: "OAP_MASTER_CA_FILE"
value: "/var/run/secrets/kubernetes.io/serviceaccount/ca.crt"
-
name: "OAP_DEBUG"
value: "{{ openshift_logging_kibana_proxy_debug }}"
volumeMounts:
- name: kibana-proxy
mountPath: /secret
readOnly: true
volumes:
- name: kibana
secret:
secretName: logging-kibana
- name: kibana-proxy
secret:
secretName: logging-kibana-proxy
|
