| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156 |
- apiVersion: "v1"
- kind: "DeploymentConfig"
- metadata:
- name: "{{ deploy_name }}"
- labels:
- provider: openshift
- component: "{{ component }}"
- logging-infra: "{{ logging_component }}"
- spec:
- replicas: {{ kibana_replicas | default(1) }}
- selector:
- provider: openshift
- component: "{{ component }}"
- logging-infra: "{{ logging_component }}"
- strategy:
- rollingParams:
- intervalSeconds: 1
- timeoutSeconds: 600
- updatePeriodSeconds: 1
- type: Rolling
- template:
- metadata:
- name: "{{ deploy_name }}"
- labels:
- logging-infra: "{{ logging_component }}"
- provider: openshift
- component: "{{ component }}"
- spec:
- affinity:
- podAntiAffinity:
- preferredDuringSchedulingIgnoredDuringExecution:
- - weight: 100
- podAffinityTerm:
- labelSelector:
- matchExpressions:
- - key: logging-infra
- operator: In
- values:
- - kibana
- topologyKey: kubernetes.io/hostname
- serviceAccountName: aggregated-logging-kibana
- {% if kibana_node_selector is iterable and kibana_node_selector | length > 0 %}
- nodeSelector:
- {% for key, value in kibana_node_selector.items() %}
- {{ key }}: "{{ value }}"
- {% endfor %}
- {% endif %}
- containers:
- -
- name: "kibana"
- image: "{{ openshift_logging_kibana_image }}"
- imagePullPolicy: IfNotPresent
- {% if (kibana_memory_limit is defined and kibana_memory_limit is not none and kibana_memory_limit != "") or (kibana_cpu_limit is defined and kibana_cpu_limit is not none and kibana_cpu_limit != "") or (kibana_cpu_request is defined and kibana_cpu_request is not none and kibana_cpu_request != "") %}
- resources:
- {% if (kibana_memory_limit is defined and kibana_memory_limit is not none and kibana_memory_limit != "") or (kibana_cpu_limit is defined and kibana_cpu_limit is not none and kibana_cpu_limit != "") %}
- limits:
- {% if kibana_cpu_limit is not none and kibana_cpu_limit != "" %}
- cpu: "{{ kibana_cpu_limit }}"
- {% endif %}
- {% if kibana_memory_limit is not none and kibana_memory_limit != "" %}
- memory: "{{ kibana_memory_limit }}"
- {% endif %}
- {% endif %}
- {% if (kibana_memory_limit is defined and kibana_memory_limit is not none and kibana_memory_limit != "") or (kibana_cpu_request is defined and kibana_cpu_request is not none and kibana_cpu_request != "") %}
- requests:
- {% if kibana_cpu_request is not none and kibana_cpu_request != "" %}
- cpu: "{{ kibana_cpu_request }}"
- {% endif %}
- {% if kibana_memory_limit is not none and kibana_memory_limit != "" %}
- memory: "{{ kibana_memory_limit }}"
- {% endif %}
- {% endif %}
- {% endif %}
- env:
- - name: "ELASTICSEARCH_URL"
- value: "https://{{ es_host }}:{{ es_port }}"
- -
- name: "KIBANA_MEMORY_LIMIT"
- valueFrom:
- resourceFieldRef:
- containerName: kibana
- resource: limits.memory
- volumeMounts:
- - name: kibana
- mountPath: /etc/kibana/keys
- readOnly: true
- readinessProbe:
- exec:
- command:
- - "/usr/share/kibana/probe/readiness.sh"
- initialDelaySeconds: 5
- timeoutSeconds: 4
- periodSeconds: 5
- -
- name: "kibana-proxy"
- image: "{{ openshift_logging_kibana_proxy_image }}"
- imagePullPolicy: IfNotPresent
- args:
- - --upstream-ca=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt
- - --https-address=:3000
- - -provider=openshift
- - -client-id=kibana-proxy
- - -client-secret-file=/secret/oauth-secret
- - -cookie-secret-file=/secret/session-secret
- - -upstream=http://localhost:5601
- - "-scope=user:info user:check-access user:list-projects"
- - --tls-cert=/secret/server-cert
- - --tls-key=/secret/server-key
- - -pass-access-token
- - -skip-provider-button
- {% if (kibana_proxy_memory_limit is defined and kibana_proxy_memory_limit is not none and kibana_proxy_memory_limit != "") or (kibana_proxy_cpu_limit is defined and kibana_proxy_cpu_limit is not none and kibana_proxy_cpu_limit != "") or (kibana_proxy_cpu_request is defined and kibana_proxy_cpu_request is not none and kibana_proxy_cpu_request != "") %}
- resources:
- {% if (kibana_proxy_memory_limit is defined and kibana_proxy_memory_limit is not none and kibana_proxy_memory_limit != "") or (kibana_proxy_cpu_limit is defined and kibana_proxy_cpu_limit is not none and kibana_proxy_cpu_limit != "") %}
- limits:
- {% if kibana_proxy_cpu_limit is not none and kibana_proxy_cpu_limit != "" %}
- cpu: "{{ kibana_proxy_cpu_limit }}"
- {% endif %}
- {% if kibana_proxy_memory_limit is not none and kibana_proxy_memory_limit != "" %}
- memory: "{{ kibana_proxy_memory_limit }}"
- {% endif %}
- {% endif %}
- {% if (kibana_proxy_memory_limit is defined and kibana_proxy_memory_limit is not none and kibana_proxy_memory_limit != "") or (kibana_proxy_cpu_request is defined and kibana_proxy_cpu_request is not none and kibana_proxy_cpu_request != "") %}
- requests:
- {% if kibana_proxy_cpu_request is not none and kibana_proxy_cpu_request != "" %}
- cpu: "{{ kibana_proxy_cpu_request }}"
- {% endif %}
- {% if kibana_proxy_memory_limit is not none and kibana_proxy_memory_limit != "" %}
- memory: "{{ kibana_proxy_memory_limit }}"
- {% endif %}
- {% endif %}
- {% endif %}
- ports:
- -
- name: "oaproxy"
- containerPort: 3000
- env:
- -
- name: "OAP_DEBUG"
- value: "{{ openshift_logging_kibana_proxy_debug }}"
- -
- name: "OCP_AUTH_PROXY_MEMORY_LIMIT"
- valueFrom:
- resourceFieldRef:
- containerName: kibana-proxy
- resource: limits.memory
- volumeMounts:
- - name: kibana-proxy
- mountPath: /secret
- readOnly: true
- volumes:
- - name: kibana
- secret:
- secretName: logging-kibana
- - name: kibana-proxy
- secret:
- secretName: logging-kibana-proxy
|
