下载插件
插件Dockerfile
FROM elasticsearch:7.4.0
COPY readonlyrest-1.18.8_es7.4.0.zip /plugins/readonlyrest-1.18.8_es7.4.0.zip
RUN sh -c 'echo -e "y" | /usr/share/elasticsearch/bin/elasticsearch-plugin install file:///plugins/readonlyrest-1.18.8_es7.4.0.zip'
docker build -t elasticsearch:readonlyrest-7.4.0 .
readonlyrest-config
apiVersion: v1
kind: ConfigMap
metadata:
name: readonlyrest-config
data:
readonlyrest.yml: |
readonlyrest:
access_control_rules:
- name: "Require HTTP Basic Auth"
type: allow
auth_key: admin:123456
pvc
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: es-pvc
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: "30Gi"
volumeName:
storageClassName: nfs
Deployment
apiVersion: apps/v1
kind: Deployment
metadata:
name: elasticsearch-readonlyrest
spec:
replicas: 1
selector:
matchLabels:
name: elasticsearch-readonlyrest
template:
metadata:
labels:
name: elasticsearch-readonlyrest
spec:
containers:
- name: elasticsearch-readonlyrest
image: registry.cn-hangzhou.aliyuncs.com/sre_pub/elasticsearch:readonlyrest-7.4.0
imagePullPolicy: IfNotPresent
securityContext:
fsGroup: 1000
runAsUser: 1000
ports:
- containerPort: 9200
env:
- name: TZ
value: "Asia/Shanghai"
- name: discovery.type
value: "single-node"
- name: xpack.security.enabled
value: "false"
volumeMounts:
- name: es-pvc
mountPath: /usr/share/elasticsearch/data
volumeMounts:
- name: readonlyrest-config
mountPath: /usr/share/elasticsearch/config/readonlyrest.yml
volumes:
- name: es-pvc
persistentVolumeClaim:
claimName: es-pvc
volumes:
- name: readonlyrest-config
configMap:
name: readonlyrest-config
svc es
kind: Service
apiVersion: v1
metadata:
name: es-service
spec:
selector:
name: elasticsearch-readonlyrest
type: NodePort
ports:
- protocol: TCP
port: 9200
nodePort: 30084
name: es
kibana
apiVersion: apps/v1
kind: Deployment
metadata:
name: kibana
spec:
replicas: 1
selector:
matchLabels:
name: kibana
template:
metadata:
labels:
name: kibana
spec:
containers:
- name: kibana
image: kibana:7.4.0
imagePullPolicy: IfNotPresent
securityContext:
fsGroup: 1000
runAsUser: 1000
ports:
- containerPort: 5601
env:
- name: TZ
value: "Asia/Shanghai"
- name: ELASTICSEARCH_URL
value: "http://es-service:9200"
- name: ELASTICSEARCH_USERNAME
value: "admin"
- name: ELASTICSEARCH_PASSWORD
value: "123456"
svc kibana
kind: Service
apiVersion: v1
metadata:
name: kibana
spec:
selector:
name: kibana
type: NodePort
ports:
- protocol: TCP
port: 5601
nodePort: 30085
name: kibana