From 9178fd1daceb5ed0f85edadf367fc9049368d6c7 Mon Sep 17 00:00:00 2001 From: "Smith, David (ds3330)" Date: Wed, 13 May 2020 15:51:08 +0000 Subject: [PATCH] Elasticsearch remote logging user This patchset adds the ability to define an elasticsearch account to use for remote logging and centralized logging functions Change-Id: Iec61a130db6d94218893d3544e5a82c8ca04055b --- elasticsearch/templates/bin/_apache.sh.tpl | 4 ++++ elasticsearch/templates/deployment-client.yaml | 10 ++++++++++ elasticsearch/templates/secret-elasticsearch.yaml | 2 ++ elasticsearch/values.yaml | 3 +++ 4 files changed, 19 insertions(+) diff --git a/elasticsearch/templates/bin/_apache.sh.tpl b/elasticsearch/templates/bin/_apache.sh.tpl index 86a3f28b6..1032028cc 100644 --- a/elasticsearch/templates/bin/_apache.sh.tpl +++ b/elasticsearch/templates/bin/_apache.sh.tpl @@ -33,6 +33,10 @@ function start () { htpasswd -cb /usr/local/apache2/conf/.htpasswd "$ELASTICSEARCH_USERNAME" "$ELASTICSEARCH_PASSWORD" fi + if [ ! -z $ELASTICSEARCH_LOGGING_USERNAME ]; then + htpasswd -b /usr/local/apache2/conf/.htpasswd "$ELASTICSEARCH_LOGGING_USERNAME" "$ELASTICSEARCH_LOGGING_PASSWORD" + fi + #Launch Apache on Foreground exec httpd -DFOREGROUND } diff --git a/elasticsearch/templates/deployment-client.yaml b/elasticsearch/templates/deployment-client.yaml index 628b3659d..86f96d526 100644 --- a/elasticsearch/templates/deployment-client.yaml +++ b/elasticsearch/templates/deployment-client.yaml @@ -91,6 +91,16 @@ spec: secretKeyRef: name: {{ $esUserSecret }} key: ELASTICSEARCH_PASSWORD + - name: ELASTICSEARCH_LOGGING_USERNAME + valueFrom: + secretKeyRef: + name: {{ $esUserSecret }} + key: ELASTICSEARCH_LOGGING_USERNAME + - name: ELASTICSEARCH_LOGGING_PASSWORD + valueFrom: + secretKeyRef: + name: {{ $esUserSecret }} + key: ELASTICSEARCH_LOGGING_PASSWORD volumeMounts: - name: pod-tmp mountPath: /tmp diff --git a/elasticsearch/templates/secret-elasticsearch.yaml b/elasticsearch/templates/secret-elasticsearch.yaml index 0bcfb8316..370f8ec27 100644 --- a/elasticsearch/templates/secret-elasticsearch.yaml +++ b/elasticsearch/templates/secret-elasticsearch.yaml @@ -29,6 +29,8 @@ type: Opaque data: ELASTICSEARCH_USERNAME: {{ .Values.endpoints.elasticsearch.auth.admin.username | b64enc }} ELASTICSEARCH_PASSWORD: {{ .Values.endpoints.elasticsearch.auth.admin.password | b64enc }} + ELASTICSEARCH_LOGGING_USERNAME: {{ .Values.endpoints.elasticsearch.auth.logging.username | b64enc }} + ELASTICSEARCH_LOGGING_PASSWORD: {{ .Values.endpoints.elasticsearch.auth.logging.password | b64enc }} ELASTICSEARCH_URI: {{ $elasticsearch_uri | b64enc }} BIND_DN: {{ .Values.endpoints.ldap.auth.admin.bind | b64enc }} BIND_PASSWORD: {{ .Values.endpoints.ldap.auth.admin.password | b64enc }} diff --git a/elasticsearch/values.yaml b/elasticsearch/values.yaml index 8b2ea88bc..35f7add9f 100644 --- a/elasticsearch/values.yaml +++ b/elasticsearch/values.yaml @@ -788,6 +788,9 @@ endpoints: admin: username: admin password: changeme + logging: + username: remote + password: changeme hosts: data: elasticsearch-data default: elasticsearch-logging