shixiong
/
okd


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687
							cluster:
  name: ${CLUSTER_NAME}

script:
  inline: on
  indexed: on

index:
  number_of_shards: {{ es_number_of_shards | default ('1') }}
  number_of_replicas: {{ es_number_of_replicas | default ('0') }}
  unassigned.node_left.delayed_timeout: 2m
  translog:
    flush_threshold_size: 256mb
    flush_threshold_period: 5m

node:
  name: ${DC_NAME}
  master: ${IS_MASTER}
  data: ${HAS_DATA}
  max_local_storage_nodes: 1

network:
  host: 0.0.0.0

cloud:
  kubernetes:
    pod_label: ${POD_LABEL}
    pod_port: 9300
    namespace: ${NAMESPACE}

discovery:
  type: kubernetes
  zen.ping.multicast.enabled: false
  zen.minimum_master_nodes: ${NODE_QUORUM}

gateway:
  recover_after_nodes: ${NODE_QUORUM}
  expected_nodes: ${RECOVER_EXPECTED_NODES}
  recover_after_time: ${RECOVER_AFTER_TIME}

io.fabric8.elasticsearch.authentication.users: ["system.logging.kibana", "system.logging.fluentd", "system.logging.curator", "system.admin"]
io.fabric8.elasticsearch.kibana.mapping.app: /usr/share/elasticsearch/index_patterns/com.redhat.viaq-openshift.index-pattern.json
io.fabric8.elasticsearch.kibana.mapping.ops: /usr/share/elasticsearch/index_patterns/com.redhat.viaq-openshift.index-pattern.json
io.fabric8.elasticsearch.kibana.mapping.empty: /usr/share/elasticsearch/index_patterns/com.redhat.viaq-openshift.index-pattern.json

openshift.config:
  use_common_data_model: true
  project_index_prefix: "project"
  time_field_name: "@timestamp"

openshift.searchguard:
  keystore.path: /etc/elasticsearch/secret/admin.jks
  truststore.path: /etc/elasticsearch/secret/searchguard.truststore

openshift.operations.allow_cluster_reader: {{allow_cluster_reader | default (false)}}

openshift.kibana.index.mode: {{es_kibana_index_mode | default('unique')}}

path:
  data: /elasticsearch/persistent/${CLUSTER_NAME}/data
  logs: /elasticsearch/${CLUSTER_NAME}/logs
  work: /elasticsearch/${CLUSTER_NAME}/work
  scripts: /elasticsearch/${CLUSTER_NAME}/scripts

searchguard:
  authcz.admin_dn:
  - CN=system.admin,OU=OpenShift,O=Logging
  config_index_name: ".searchguard.${DC_NAME}"
  ssl:
    transport:
      enabled: true
      enforce_hostname_verification: false
      keystore_type: JKS
      keystore_filepath: /etc/elasticsearch/secret/searchguard.key
      keystore_password: kspass
      truststore_type: JKS
      truststore_filepath: /etc/elasticsearch/secret/searchguard.truststore
      truststore_password: tspass
    http:
      enabled: true
      keystore_type: JKS
      keystore_filepath: /etc/elasticsearch/secret/key
      keystore_password: kspass
      clientauth_mode: OPTIONAL
      truststore_type: JKS
      truststore_filepath: /etc/elasticsearch/secret/truststore
      truststore_password: tspass