Skip to content
This repository has been archived by the owner on May 16, 2023. It is now read-only.

[kibana] Update healthCheckPath to mention basePath usage #217

Merged
merged 3 commits into from
Jul 11, 2019
Merged

[kibana] Update healthCheckPath to mention basePath usage #217

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
790cb8b
[kibana] Update healthCheckPath to mention basePath usage
Crazybus Jul 9, 2019
b1914ad
[meta] Add retries and actual failures for vault auth
Crazybus Jul 9, 2019
2eb8641
Update .ci/jobs/elastic+helm-charts+master+integration-elasticsearch.yml
Crazybus Jul 10, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 4 additions & 1 deletion .ci/jobs/elastic+helm-charts+master+cluster-cleanup.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,8 +21,11 @@
#!/usr/local/bin/runbld
set -euo pipefail

source /usr/local/bin/bash_standard_lib.sh

set +x
export VAULT_TOKEN=$(vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID" secret_id="$VAULT_SECRET_ID")
VAULT_TOKEN=$(retry 5 vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID" secret_id="$VAULT_SECRET_ID")
export VAULT_TOKEN
unset VAULT_ROLE_ID VAULT_SECRET_ID
set -x

Expand Down
5 changes: 4 additions & 1 deletion .ci/jobs/elastic+helm-charts+master+cluster-creation.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,8 +21,11 @@
#!/usr/local/bin/runbld
set -euo pipefail

source /usr/local/bin/bash_standard_lib.sh

set +x
export VAULT_TOKEN=$(vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID" secret_id="$VAULT_SECRET_ID")
VAULT_TOKEN=$(retry 5 vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID" secret_id="$VAULT_SECRET_ID")
export VAULT_TOKEN
unset VAULT_ROLE_ID VAULT_SECRET_ID
set -x

Expand Down
5 changes: 4 additions & 1 deletion .ci/jobs/elastic+helm-charts+master+integration-elasticsearch.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,8 +25,11 @@
#!/usr/local/bin/runbld
set -euo pipefail

source /usr/local/bin/bash_standard_lib.sh

set +x
export VAULT_TOKEN=$(vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID" secret_id="$VAULT_SECRET_ID")
VAULT_TOKEN=$(retry 5 vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID" secret_id="$VAULT_SECRET_ID")
export VAULT_TOKEN
unset VAULT_ROLE_ID VAULT_SECRET_ID
set -x

Expand Down
5 changes: 4 additions & 1 deletion .ci/jobs/elastic+helm-charts+master+integration-filebeat.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,8 +25,11 @@
#!/usr/local/bin/runbld
set -euo pipefail

source /usr/local/bin/bash_standard_lib.sh

set +x
export VAULT_TOKEN=$(vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID" secret_id="$VAULT_SECRET_ID")
VAULT_TOKEN=$(retry 5 vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID" secret_id="$VAULT_SECRET_ID")
export VAULT_TOKEN
unset VAULT_ROLE_ID VAULT_SECRET_ID
set -x

Expand Down
5 changes: 4 additions & 1 deletion .ci/jobs/elastic+helm-charts+master+integration-kibana.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,8 +25,11 @@
#!/usr/local/bin/runbld
set -euo pipefail

source /usr/local/bin/bash_standard_lib.sh

set +x
export VAULT_TOKEN=$(vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID" secret_id="$VAULT_SECRET_ID")
VAULT_TOKEN=$(retry 5 vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID" secret_id="$VAULT_SECRET_ID")
export VAULT_TOKEN
unset VAULT_ROLE_ID VAULT_SECRET_ID
set -x

Expand Down
5 changes: 4 additions & 1 deletion .ci/jobs/elastic+helm-charts+master+integration-metricbeat.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,8 +25,11 @@
#!/usr/local/bin/runbld
set -euo pipefail

source /usr/local/bin/bash_standard_lib.sh

set +x
export VAULT_TOKEN=$(vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID" secret_id="$VAULT_SECRET_ID")
VAULT_TOKEN=$(retry 5 vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID" secret_id="$VAULT_SECRET_ID")
export VAULT_TOKEN
unset VAULT_ROLE_ID VAULT_SECRET_ID
set -x

Expand Down
5 changes: 4 additions & 1 deletion .ci/jobs/elastic+helm-charts+pull-request+cluster-cleanup.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,8 +21,11 @@
#!/usr/local/bin/runbld
set -euo pipefail

source /usr/local/bin/bash_standard_lib.sh

set +x
export VAULT_TOKEN=$(vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID" secret_id="$VAULT_SECRET_ID")
VAULT_TOKEN=$(retry 5 vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID" secret_id="$VAULT_SECRET_ID")
export VAULT_TOKEN
unset VAULT_ROLE_ID VAULT_SECRET_ID
set -x

Expand Down
5 changes: 4 additions & 1 deletion .ci/jobs/elastic+helm-charts+pull-request+cluster-creation.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,8 +21,11 @@
#!/usr/local/bin/runbld
set -euo pipefail

source /usr/local/bin/bash_standard_lib.sh

set +x
export VAULT_TOKEN=$(vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID" secret_id="$VAULT_SECRET_ID")
VAULT_TOKEN=$(retry 5 vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID" secret_id="$VAULT_SECRET_ID")
export VAULT_TOKEN
unset VAULT_ROLE_ID VAULT_SECRET_ID
set -x

Expand Down
5 changes: 4 additions & 1 deletion .ci/jobs/elastic+helm-charts+pull-request+integration-elasticsearch.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,8 +25,11 @@
#!/usr/local/bin/runbld
set -euo pipefail

source /usr/local/bin/bash_standard_lib.sh

set +x
export VAULT_TOKEN=$(vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID" secret_id="$VAULT_SECRET_ID")
VAULT_TOKEN=$(retry 5 vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID" secret_id="$VAULT_SECRET_ID")
export VAULT_TOKEN
unset VAULT_ROLE_ID VAULT_SECRET_ID
set -x

Expand Down
5 changes: 4 additions & 1 deletion .ci/jobs/elastic+helm-charts+pull-request+integration-filebeat.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,8 +25,11 @@
#!/usr/local/bin/runbld
set -euo pipefail

source /usr/local/bin/bash_standard_lib.sh

set +x
export VAULT_TOKEN=$(vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID" secret_id="$VAULT_SECRET_ID")
VAULT_TOKEN=$(retry 5 vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID" secret_id="$VAULT_SECRET_ID")
export VAULT_TOKEN
unset VAULT_ROLE_ID VAULT_SECRET_ID
set -x

Expand Down
5 changes: 4 additions & 1 deletion .ci/jobs/elastic+helm-charts+pull-request+integration-kibana.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,8 +25,11 @@
#!/usr/local/bin/runbld
set -euo pipefail

source /usr/local/bin/bash_standard_lib.sh

set +x
export VAULT_TOKEN=$(vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID" secret_id="$VAULT_SECRET_ID")
VAULT_TOKEN=$(retry 5 vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID" secret_id="$VAULT_SECRET_ID")
export VAULT_TOKEN
unset VAULT_ROLE_ID VAULT_SECRET_ID
set -x

Expand Down
5 changes: 4 additions & 1 deletion .ci/jobs/elastic+helm-charts+pull-request+integration-metricbeat.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,8 +25,11 @@
#!/usr/local/bin/runbld
set -euo pipefail

source /usr/local/bin/bash_standard_lib.sh

set +x
export VAULT_TOKEN=$(vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID" secret_id="$VAULT_SECRET_ID")
VAULT_TOKEN=$(retry 5 vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID" secret_id="$VAULT_SECRET_ID")
export VAULT_TOKEN
unset VAULT_ROLE_ID VAULT_SECRET_ID
set -x

Expand Down
8 changes: 4 additions & 4 deletions kibana/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,14 +48,14 @@ helm install --name kibana elastic/kibana --version 7.2.0 --set imageTag=7.2.0
| `image` | The Kibana docker image | `docker.elastic.co/kibana/kibana` |
| `imageTag` | The Kibana docker image tag | `7.2.0` |
| `imagePullPolicy` | The Kubernetes [imagePullPolicy](https://kubernetes.io/docs/concepts/containers/images/#updating-images) value | `IfNotPresent` |
| `podAnnotations` | Configurable [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) applied to all Kibana pods | `{}` |
| `podAnnotations` | Configurable [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) applied to all Kibana pods | `{}` |
| `resources` | Allows you to set the [resources](https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/) for the statefulset | `requests.cpu: 100m`<br>`requests.memory: 2Gi`<br>`limits.cpu: 1000m`<br>`limits.memory: 2Gi` |
| `protocol` | The protocol that will be used for the readinessProbe. Change this to `https` if you have `server.ssl.enabled: true` set | `http` |
| `serverHost` | The [`server.host`](https://www.elastic.co/guide/en/kibana/current/settings.html) Kibana setting. This is set explicitly so that the default always matches what comes with the docker image. | `0.0.0.0` |
| `healthCheckPath` | The path used for the readinessProbe to check that Kibana is ready | `/app/kibana` |
| `healthCheckPath` | The path used for the readinessProbe to check that Kibana is ready. If you are setting `server.basePath` you will also need to update this to `/${basePath}/app/kibana` | `/app/kibana` |
| `kibanaConfig` | Allows you to add any config files in `/usr/share/kibana/config/` such as `kibana.yml`. See [values.yaml](./values.yaml) for an example of the formatting. | `{}` |
| `podSecurityContext` | Allows you to set the [securityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) for the pod | `fsGroup: 1000` |
| `securityContext` | Allows you to set the [securityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) for the container | `capabilities.drop:[ALL]`<br>`runAsNonRoot: true`<br>`runAsUser: 1000` |
| `podSecurityContext` | Allows you to set the [securityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) for the pod | `fsGroup: 1000` |
| `securityContext` | Allows you to set the [securityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) for the container | `capabilities.drop:[ALL]`<br>`runAsNonRoot: true`<br>`runAsUser: 1000` |
| `serviceAccount` | Allows you to overwrite the "default" [serviceAccount](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/) for the pod | `[]` |
| `priorityClassName` | The [name of the PriorityClass](https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass). No default is supplied as the PriorityClass must be created first. | `` |
| `antiAffinityTopologyKey` | The [anti-affinity topology key](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity). By default this will prevent multiple Kibana instances from running on the same Kubernetes node | `kubernetes.io/hostname` |
Expand Down