Enable TLS path between Curator and Elasticsearch
Elasticsearch is TLS enabled. Curator needs to be configured to use cacert when communicating with Elasticsearch. Change-Id: Ia78458516d6c8f975e478d85643dc4436b70b87c
This commit is contained in:
parent
67ac5da9ed
commit
09dfafbd6b
@ -15,7 +15,7 @@ apiVersion: v1
|
|||||||
appVersion: v7.6.2
|
appVersion: v7.6.2
|
||||||
description: OpenStack-Helm ElasticSearch
|
description: OpenStack-Helm ElasticSearch
|
||||||
name: elasticsearch
|
name: elasticsearch
|
||||||
version: 0.2.10
|
version: 0.2.11
|
||||||
home: https://www.elastic.co/
|
home: https://www.elastic.co/
|
||||||
sources:
|
sources:
|
||||||
- https://github.com/elastic/elasticsearch
|
- https://github.com/elastic/elasticsearch
|
||||||
|
@ -80,6 +80,7 @@ spec:
|
|||||||
mountPath: /etc/config/action_file.yml
|
mountPath: /etc/config/action_file.yml
|
||||||
subPath: action_file.yml
|
subPath: action_file.yml
|
||||||
readOnly: true
|
readOnly: true
|
||||||
|
{{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.elasticsearch.elasticsearch.internal "path" "/etc/elasticsearch/certs" "certs" tuple "ca.crt" | include "helm-toolkit.snippets.tls_volume_mount" | indent 16 }}
|
||||||
volumes:
|
volumes:
|
||||||
- name: pod-tmp
|
- name: pod-tmp
|
||||||
emptyDir: {}
|
emptyDir: {}
|
||||||
@ -93,4 +94,5 @@ spec:
|
|||||||
secret:
|
secret:
|
||||||
secretName: elastic-curator-etc
|
secretName: elastic-curator-etc
|
||||||
defaultMode: 0444
|
defaultMode: 0444
|
||||||
|
{{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.elasticsearch.elasticsearch.internal | include "helm-toolkit.snippets.tls_volume" | indent 12 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
@ -144,6 +144,12 @@ conf:
|
|||||||
key: /usr/share/elasticsearch/config/tls.key
|
key: /usr/share/elasticsearch/config/tls.key
|
||||||
certificate: /usr/share/elasticsearch/config/tls.crt
|
certificate: /usr/share/elasticsearch/config/tls.crt
|
||||||
certificate_authorities: ["/usr/share/elasticsearch/config/ca.crt"]
|
certificate_authorities: ["/usr/share/elasticsearch/config/ca.crt"]
|
||||||
|
curator:
|
||||||
|
config:
|
||||||
|
client:
|
||||||
|
use_ssl: True
|
||||||
|
ssl_no_validate: False
|
||||||
|
certificate: '/etc/elasticsearch/certs/ca.crt'
|
||||||
manifests:
|
manifests:
|
||||||
certificates: true
|
certificates: true
|
||||||
...
|
...
|
||||||
|
@ -20,4 +20,5 @@ elasticsearch:
|
|||||||
- 0.2.8 Use full image ref for docker official images
|
- 0.2.8 Use full image ref for docker official images
|
||||||
- 0.2.9 Removed repo verification check from helm-test
|
- 0.2.9 Removed repo verification check from helm-test
|
||||||
- 0.2.10 Enable TLS path between Prometheus-elasticsearch-exporter and Elasticsearch
|
- 0.2.10 Enable TLS path between Prometheus-elasticsearch-exporter and Elasticsearch
|
||||||
|
- 0.2.11 Enable TLS path between Curator and Elasticsearch
|
||||||
...
|
...
|
||||||
|
Loading…
Reference in New Issue
Block a user