Home Explore Help
Register Sign In
shixiong
/
okd
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 05d13781c7
Branches Tags
okd
/
roles
/
openshift_logging_elasticsearch
/
templates
/
elasticsearch.yml.j2

elasticsearch.yml.j2 2.6 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384 
  1. cluster:
    2. 

  2.   name: ${CLUSTER_NAME}
    3. 

  3. 

  4. script:
    5. 

  5.   inline: on
    6. 

  6.   indexed: on
    7. 

  7. 

  8. index:
    9. 

  9.   number_of_shards: {{ es_number_of_shards | default ('1') }}
    10. 

  10.   number_of_replicas: {{ es_number_of_replicas | default ('0') }}
    11. 

  11.   unassigned.node_left.delayed_timeout: 2m
    12. 

  12.   translog:
    13. 

  13.     flush_threshold_size: 256mb
    14. 

  14.     flush_threshold_period: 5m
    15. 

  15. 

  16. node:
    17. 

  17.   name: ${DC_NAME}
    18. 

  18.   master: ${IS_MASTER}
    19. 

  19.   data: ${HAS_DATA}
    20. 

  20.   max_local_storage_nodes: 1
    21. 

  21. 

  22. network:
    23. 

  23.   host: 0.0.0.0
    24. 

  24. 

  25. cloud:
    26. 

  26.   kubernetes:
    27. 

  27.     service: ${SERVICE_DNS}
    28. 

  28.     namespace: ${NAMESPACE}
    29. 

  29. 

  30. discovery:
    31. 

  31.   type: kubernetes
    32. 

  32.   zen.ping.multicast.enabled: false
    33. 

  33.   zen.minimum_master_nodes: ${NODE_QUORUM}
    34. 

  34. 

  35. gateway:
    36. 

  36.   recover_after_nodes: ${NODE_QUORUM}
    37. 

  37.   expected_nodes: ${RECOVER_EXPECTED_NODES}
    38. 

  38.   recover_after_time: ${RECOVER_AFTER_TIME}
    39. 

  39. 

  40. io.fabric8.elasticsearch.authentication.users: ["system.logging.kibana", "system.logging.fluentd", "system.logging.curator", "system.admin"]
    41. 

  41. io.fabric8.elasticsearch.kibana.mapping.app: /usr/share/elasticsearch/index_patterns/com.redhat.viaq-openshift.index-pattern.json
    42. 

  42. io.fabric8.elasticsearch.kibana.mapping.ops: /usr/share/elasticsearch/index_patterns/com.redhat.viaq-openshift.index-pattern.json
    43. 

  43. io.fabric8.elasticsearch.kibana.mapping.empty: /usr/share/elasticsearch/index_patterns/com.redhat.viaq-openshift.index-pattern.json
    44. 

  44. 

  45. openshift.config:
    46. 

  46.   use_common_data_model: true
    47. 

  47.   project_index_prefix: "project"
    48. 

  48.   time_field_name: "@timestamp"
    49. 

  49. 

  50. openshift.searchguard:
    51. 

  51.   keystore.path: /etc/elasticsearch/secret/admin.jks
    52. 

  52.   truststore.path: /etc/elasticsearch/secret/searchguard.truststore
    53. 

  53. 

  54. openshift.operations.allow_cluster_reader: {{allow_cluster_reader | default (false)}}
    55. 

  55. 

  56. path:
    57. 

  57.   data: /elasticsearch/persistent/${CLUSTER_NAME}/data
    58. 

  58.   logs: /elasticsearch/${CLUSTER_NAME}/logs
    59. 

  59.   work: /elasticsearch/${CLUSTER_NAME}/work
    60. 

  60.   scripts: /elasticsearch/${CLUSTER_NAME}/scripts
    61. 

  61. 

  62. searchguard:
    63. 

  63.   authcz.admin_dn:
    64. 

  64.   - CN=system.admin,OU=OpenShift,O=Logging
    65. 

  65.   config_index_name: ".searchguard.${DC_NAME}"
    66. 

  66.   ssl:
    67. 

  67.     transport:
    68. 

  68.       enabled: true
    69. 

  69.       enforce_hostname_verification: false
    70. 

  70.       keystore_type: JKS
    71. 

  71.       keystore_filepath: /etc/elasticsearch/secret/searchguard.key
    72. 

  72.       keystore_password: kspass
    73. 

  73.       truststore_type: JKS
    74. 

  74.       truststore_filepath: /etc/elasticsearch/secret/searchguard.truststore
    75. 

  75.       truststore_password: tspass
    76. 

  76.     http:
    77. 

  77.       enabled: true
    78. 

  78.       keystore_type: JKS
    79. 

  79.       keystore_filepath: /etc/elasticsearch/secret/key
    80. 

  80.       keystore_password: kspass
    81. 

  81.       clientauth_mode: OPTIONAL
    82. 

  82.       truststore_type: JKS
    83. 

  83.       truststore_filepath: /etc/elasticsearch/secret/truststore
    84. 

  84.       truststore_password: tspass
    85.