diff --git a/elasticsearch/templates/ingress-elasticsearch.yaml b/elasticsearch/templates/ingress-elasticsearch.yaml new file mode 100644 index 000000000..209fbfcf5 --- /dev/null +++ b/elasticsearch/templates/ingress-elasticsearch.yaml @@ -0,0 +1,20 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.ingress .Values.network.elasticsearch.ingress.public }} +{{- $ingressOpts := dict "envAll" . "backendService" "elasticsearch" "backendServiceType" "elasticsearch" "backendPort" "http" -}} +{{ $ingressOpts | include "helm-toolkit.manifests.ingress" }} +{{- end }} diff --git a/elasticsearch/templates/service-data.yaml b/elasticsearch/templates/service-data.yaml index 0dc7e544b..6ebd632ac 100644 --- a/elasticsearch/templates/service-data.yaml +++ b/elasticsearch/templates/service-data.yaml @@ -25,12 +25,6 @@ spec: ports: - name: transport port: {{ tuple "elasticsearch" "internal" "discovery" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }} - {{- if .Values.network.data.node_port.enabled }} - nodePort: {{ .Values.network.data.node_port.port }} - {{- end }} selector: {{ tuple $envAll "elasticsearch" "data" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }} - {{- if .Values.network.data.node_port.enabled }} - type: NodePort - {{- end }} {{- end }} diff --git a/elasticsearch/templates/service-discovery.yaml b/elasticsearch/templates/service-discovery.yaml index efe2f0c2b..8d30c2719 100644 --- a/elasticsearch/templates/service-discovery.yaml +++ b/elasticsearch/templates/service-discovery.yaml @@ -25,12 +25,6 @@ spec: ports: - name: transport port: {{ tuple "elasticsearch" "internal" "discovery" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }} - {{- if .Values.network.discovery.node_port.enabled }} - nodePort: {{ .Values.network.discovery.node_port.port }} - {{- end }} selector: {{ tuple $envAll "elasticsearch" "master" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }} - {{- if .Values.network.discovery.node_port.enabled }} - type: NodePort - {{- end }} {{- end }} diff --git a/elasticsearch/templates/service-ingress-elasticsearch.yaml b/elasticsearch/templates/service-ingress-elasticsearch.yaml new file mode 100644 index 000000000..1f4ec1eff --- /dev/null +++ b/elasticsearch/templates/service-ingress-elasticsearch.yaml @@ -0,0 +1,20 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.service_ingress .Values.network.elasticsearch.ingress.public }} +{{- $serviceIngressOpts := dict "envAll" . "backendServiceType" "elasticsearch" -}} +{{ $serviceIngressOpts | include "helm-toolkit.manifests.service_ingress" }} +{{- end }} diff --git a/elasticsearch/templates/service-logging.yaml b/elasticsearch/templates/service-logging.yaml index a096617c8..1a31533f7 100644 --- a/elasticsearch/templates/service-logging.yaml +++ b/elasticsearch/templates/service-logging.yaml @@ -25,12 +25,12 @@ spec: ports: - name: http port: {{ tuple "elasticsearch" "internal" "http" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }} - {{- if .Values.network.client.node_port.enabled }} - nodePort: {{ .Values.network.client.node_port.port }} + {{- if .Values.network.elasticsearch.node_port.enabled }} + nodePort: {{ .Values.network.elasticsearch.node_port.port }} {{- end }} selector: {{ tuple $envAll "elasticsearch" "client" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }} - {{- if .Values.network.client.node_port.enabled }} + {{- if .Values.network.elasticsearch.node_port.enabled }} type: NodePort {{- end }} {{- end }} diff --git a/elasticsearch/values.yaml b/elasticsearch/values.yaml index f87a69e9b..78ee47f1d 100644 --- a/elasticsearch/values.yaml +++ b/elasticsearch/values.yaml @@ -174,6 +174,10 @@ pod: secrets: elasticsearch: user: elasticsearch-admin-creds + tls: + elasticsearch: + elasticsearch: + public: elasticsearch-tls-public conf: httpd: | @@ -461,6 +465,13 @@ endpoints: public: elasticsearch host_fqdn_override: default: null + # NOTE(srwilkers): this chart supports TLS for fqdn over-ridden public + # endpoints using the following format: + # public: + # host: null + # tls: + # crt: null + # key: null path: default: null scheme: @@ -509,18 +520,17 @@ monitoring: scrape: true network: - client: + elasticsearch: + ingress: + public: true + classes: + namespace: "nginx" + cluster: "nginx-cluster" + annotations: + nginx.ingress.kubernetes.io/rewrite-target: / node_port: enabled: false port: 30920 - discovery: - node_port: - enabled: false - port: 30930 - data: - node_port: - enabled: false - port: 30931 storage: elasticsearch: @@ -547,6 +557,7 @@ manifests: cron_curator: true deployment_client: true deployment_master: true + ingress: true job_image_repo_sync: true job_snapshot_repository: false helm_tests: true @@ -560,5 +571,6 @@ manifests: pvc_snapshots: true service_data: true service_discovery: true + service_ingress: true service_logging: true statefulset_data: true