9a719e2a18
This change enables TLS between Elasticsearch and Kibana data path. Note that TLS terminates at apache-proxy container of the Elasticsearch-client pod, not directly to port 9200 of elasticsearch-client container. Since all data traffic goes through apache-proxy container, fluentd output to Elasticsearch are configured to have TLS enabled as well. In additon, other Elasticsearch pods that communicate with Elasticsearch-client endpoint are modified to provide the cacert option with curl. Change-Id: I3373c0c350b30c175be4a34d25a403b9caf74294
18 lines
702 B
YAML
18 lines
702 B
YAML
{{/*
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
you may not use this file except in compliance with the License.
|
|
You may obtain a copy of the License at
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
Unless required by applicable law or agreed to in writing, software
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
See the License for the specific language governing permissions and
|
|
limitations under the License.
|
|
*/}}
|
|
|
|
{{- if .Values.manifests.certificates -}}
|
|
{{ dict "envAll" . "service" "elasticsearch" "type" "internal" | include "helm-toolkit.manifests.certificates" }}
|
|
{{- end -}}
|