| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139 |
- apiVersion: "v1"
- kind: "DeploymentConfig"
- metadata:
- name: "{{deploy_name}}"
- labels:
- provider: openshift
- component: "{{component}}"
- logging-infra: "{{logging_component}}"
- spec:
- replicas: {{replicas|default(0)}}
- selector:
- provider: openshift
- component: "{{component}}"
- logging-infra: "{{logging_component}}"
- strategy:
- rollingParams:
- intervalSeconds: 1
- timeoutSeconds: 600
- updatePeriodSeconds: 1
- type: Rolling
- template:
- metadata:
- name: "{{deploy_name}}"
- labels:
- logging-infra: "{{logging_component}}"
- provider: openshift
- component: "{{component}}"
- spec:
- serviceAccountName: aggregated-logging-kibana
- {% if kibana_node_selector is iterable and kibana_node_selector | length > 0 %}
- nodeSelector:
- {% for key, value in kibana_node_selector.iteritems() %}
- {{key}}: "{{value}}"
- {% endfor %}
- {% endif %}
- containers:
- -
- name: "kibana"
- image: {{image}}
- imagePullPolicy: Always
- {% if (kibana_memory_limit is defined and kibana_memory_limit is not none) or (kibana_cpu_limit is defined and kibana_cpu_limit is not none) %}
- resources:
- limits:
- {% if kibana_cpu_limit is not none %}
- cpu: "{{kibana_cpu_limit}}"
- {% endif %}
- memory: "{{kibana_memory_limit | default('736Mi') }}"
- {% endif %}
- env:
- - name: "ES_HOST"
- value: "{{es_host}}"
- - name: "ES_PORT"
- value: "{{es_port}}"
- -
- name: "KIBANA_MEMORY_LIMIT"
- valueFrom:
- resourceFieldRef:
- containerName: kibana
- resource: limits.memory
- volumeMounts:
- - name: kibana
- mountPath: /etc/kibana/keys
- readOnly: true
- -
- name: "kibana-proxy"
- image: {{proxy_image}}
- imagePullPolicy: Always
- {% if (kibana_proxy_memory_limit is defined and kibana_proxy_memory_limit is not none) or (kibana_proxy_cpu_limit is defined and kibana_proxy_cpu_limit is not none) %}
- resources:
- limits:
- {% if kibana_proxy_cpu_limit is not none %}
- cpu: "{{kibana_proxy_cpu_limit}}"
- {% endif %}
- memory: "{{kibana_proxy_memory_limit | default('96Mi') }}"
- {% endif %}
- ports:
- -
- name: "oaproxy"
- containerPort: 3000
- env:
- -
- name: "OAP_BACKEND_URL"
- value: "http://localhost:5601"
- -
- name: "OAP_AUTH_MODE"
- value: "oauth2"
- -
- name: "OAP_TRANSFORM"
- value: "user_header,token_header"
- -
- name: "OAP_OAUTH_ID"
- value: kibana-proxy
- -
- name: "OAP_MASTER_URL"
- value: {{openshift_logging_master_url}}
- -
- name: "OAP_PUBLIC_MASTER_URL"
- value: {{openshift_logging_master_public_url}}
- -
- name: "OAP_LOGOUT_REDIRECT"
- value: {{openshift_logging_master_public_url}}/console/logout
- -
- name: "OAP_MASTER_CA_FILE"
- value: "/var/run/secrets/kubernetes.io/serviceaccount/ca.crt"
- -
- name: "OAP_DEBUG"
- value: "{{openshift_logging_kibana_proxy_debug}}"
- -
- name: "OAP_OAUTH_SECRET_FILE"
- value: "/secret/oauth-secret"
- -
- name: "OAP_SERVER_CERT_FILE"
- value: "/secret/server-cert"
- -
- name: "OAP_SERVER_KEY_FILE"
- value: "/secret/server-key"
- -
- name: "OAP_SERVER_TLS_FILE"
- value: "/secret/server-tls.json"
- -
- name: "OAP_SESSION_SECRET_FILE"
- value: "/secret/session-secret"
- -
- name: "OCP_AUTH_PROXY_MEMORY_LIMIT"
- valueFrom:
- resourceFieldRef:
- containerName: kibana-proxy
- resource: limits.memory
- volumeMounts:
- - name: kibana-proxy
- mountPath: /secret
- readOnly: true
- volumes:
- - name: kibana
- secret:
- secretName: logging-kibana
- - name: kibana-proxy
- secret:
- secretName: logging-kibana-proxy
|
