下载插件

插件Dockerfile

FROM elasticsearch:7.4.0
COPY readonlyrest-1.18.8_es7.4.0.zip /plugins/readonlyrest-1.18.8_es7.4.0.zip
RUN sh -c 'echo -e "y" | /usr/share/elasticsearch/bin/elasticsearch-plugin install file:///plugins/readonlyrest-1.18.8_es7.4.0.zip'
docker build -t elasticsearch:readonlyrest-7.4.0 .

readonlyrest-config

apiVersion: v1
kind: ConfigMap
metadata:
  name: readonlyrest-config
data:
  readonlyrest.yml: |
        readonlyrest:
          access_control_rules:
          - name: "Require HTTP Basic Auth"
            type: allow
            auth_key: admin:123456

pvc

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: es-pvc
spec:
  accessModes:
  - ReadWriteMany
  resources:
    requests:
      storage: "30Gi"
  volumeName: 
  storageClassName: nfs

Deployment

apiVersion: apps/v1
kind: Deployment
metadata:
  name: elasticsearch-readonlyrest
spec:
  replicas: 1
  selector:
    matchLabels:
      name: elasticsearch-readonlyrest
  template:
    metadata:
      labels:
        name: elasticsearch-readonlyrest
    spec:
      containers:
      - name: elasticsearch-readonlyrest
        image: registry.cn-hangzhou.aliyuncs.com/sre_pub/elasticsearch:readonlyrest-7.4.0
        imagePullPolicy: IfNotPresent
      securityContext:
        fsGroup: 1000
        runAsUser: 1000
        ports:
        - containerPort: 9200
        env:
        - name: TZ
          value: "Asia/Shanghai"
        - name: discovery.type
          value: "single-node"
        - name: xpack.security.enabled
          value: "false"   
        volumeMounts:
        - name: es-pvc
          mountPath: /usr/share/elasticsearch/data
        volumeMounts:
        - name: readonlyrest-config
          mountPath: /usr/share/elasticsearch/config/readonlyrest.yml
      volumes:
       - name: es-pvc
         persistentVolumeClaim:
           claimName: es-pvc
      volumes:
      - name: readonlyrest-config
        configMap:
          name: readonlyrest-config    

svc es

kind: Service
apiVersion: v1
metadata:
  name: es-service
spec:
  selector:
    name: elasticsearch-readonlyrest
  type: NodePort
  ports:
    - protocol: TCP
      port: 9200
      nodePort: 30084
      name: es

kibana

apiVersion: apps/v1
kind: Deployment
metadata:
  name: kibana
spec:
  replicas: 1
  selector:
    matchLabels:
      name: kibana
  template:
    metadata:
      labels:
        name: kibana
    spec:
      containers:
      - name: kibana
        image: kibana:7.4.0
        imagePullPolicy: IfNotPresent
      securityContext:
        fsGroup: 1000
        runAsUser: 1000
        ports:
        - containerPort: 5601
        env:
        - name: TZ
          value: "Asia/Shanghai"
        - name: ELASTICSEARCH_URL
          value: "http://es-service:9200"
        - name: ELASTICSEARCH_USERNAME
          value: "admin"
        - name: ELASTICSEARCH_PASSWORD
          value: "123456"   

svc kibana

kind: Service
apiVersion: v1
metadata:
  name: kibana
spec:
  selector:
    name: kibana
  type: NodePort
  ports:
    - protocol: TCP
      port: 5601
      nodePort: 30085
      name: kibana

发表评论

您的电子邮箱地址不会被公开。 必填项已用*标注

Captcha Code