Gitiles
Code Review Sign In
gerrit.nordix.org / local / oransc / nonrtric-prototyping / d2cf231bc8b53c7cc5d0e67a56db3a8d460bce3c / . / rapps / kibana-8.1.2.yaml
blob: b5bb88d050e6e2fca3298a7b57e2e2315d7a1419 [file] [log] [blame]
ktimoney90fcec92022-04-29 15:46:50 +0100[diff] [blame]1apiVersion: v1
2kind: ConfigMap
3metadata:
4 name: kibana-config
5 namespace: logging
6data:
7 kibana.yml: |
8 server.name: kibana
9 server.host: 0.0.0.0
10 elasticsearch.hosts: [ "https://elasticsearch:9200" ]
11 xpack.monitoring.ui.container.elasticsearch.enabled: true
12 xpack.security.encryptionKey: 38747239hdjksdkjasdu291834zejhb38747239hdj
13 xpack.encryptedSavedObjects.encryptionKey: 38747239hdjksdkjasdu291834zejhb38747239hdj
14 elasticsearch.username: "kibana_system"
15 elasticsearch.password: "secret"
16 elasticsearch.ssl:
17 certificateAuthorities: /usr/share/kibana/config/certs/ca/ca.crt
18 verificationMode: certificate
19---
20apiVersion: v1
21kind: ConfigMap
22metadata:
23 name: kibana-pw-script
24 namespace: logging
25data:
26 setup_pw.sh: |
27 #!/bin/bash
28 KIBANA_HOME=/usr/share/kibana
29 ELASTIC_PASSWORD=secret
30 KIBANA_PASSWORD=secret
31 cd $KIBANA_HOME
32 echo "Waiting for Elasticsearch availability";
33 until curl -s --cacert /ca-dir/ca.crt https://elasticsearch:9200 | grep -q "missing authentication credentials"; \
34 do sleep 30; done;
35 echo "Setting kibana_system password";
36 until curl -s -X POST --cacert /ca-dir/ca.crt -u elastic:${ELASTIC_PASSWORD} -H "Content-Type: application/json" \
37 https://elasticsearch:9200/_security/user/kibana_system/_password -d "{\"password\":\"${KIBANA_PASSWORD}\"}" | grep -q "^{}"; \
38 do sleep 10; done;
39 echo "All done!";
40---
41apiVersion: apps/v1
42kind: Deployment
43metadata:
44 name: kibana
45 namespace: logging
46spec:
47 selector:
48 matchLabels:
49 run: kibana
50 template:
51 metadata:
52 labels:
53 run: kibana
54 spec:
55 containers:
56 - name: kibana
57 image: docker.elastic.co/kibana/kibana:8.1.2
58 ports:
59 - containerPort: 5601
60 name: http
61 protocol: TCP
62 volumeMounts:
63 - name : config
64 mountPath: /usr/share/kibana/config/kibana.yml
65 subPath: kibana.yml
66 readOnly: true
67 - name : kibana-ca-cert
68 mountPath: /usr/share/kibana/config/certs/ca
69 readOnly: true
70 initContainers:
71 - name: init-kibana
72 image: docker.elastic.co/kibana/kibana:8.1.2
73 imagePullPolicy: IfNotPresent
74 command: ['/bin/bash', '-c', '/usr/share/kibana/bin/setup_pw.sh']
75 volumeMounts:
76 - name: kibana-ca-cert
77 mountPath: "/ca-dir"
78 - name: kibana-pw-init
79 mountPath: /usr/share/kibana/bin/setup_pw.sh
80 subPath: setup_pw.sh
81 volumes:
82 - name: config
83 configMap:
84 name: kibana-config
85 - name: kibana-ca-cert
86 hostPath:
87 # Ensure the file directory is created.
88 path: /var/elasticsearch/config/certs/ca
89 type: DirectoryOrCreate
90 - name: kibana-pw-init
91 configMap:
92 name: kibana-pw-script
93 defaultMode: 0755
94---
95apiVersion: v1
96kind: Service
97metadata:
98 name: kibana
99 namespace: logging
100 labels:
101 service: kibana
102spec:
103 type: NodePort
104 selector:
105 run: kibana
106 ports:
107 - port: 5601
108 targetPort: 5601