epostnikof/kubespray
1
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kubespray.git synced 2026-03-04 09:58:20 +03:00
Code Issues Packages Projects Releases Wiki Activity

Apply RBAC to efk and create fluentd.conf

Browse Source 
Making fluentd.conf as configmap to change configuration.
Change elasticsearch rc to deployment.
Having installed previous elastaicsearch as rc, first should delete that.
This commit is contained in:
Seungkyu Ahn
2017-08-10 06:48:53 +00:00
parent 460b5824c3
commit b22bef5cfb
9 changed files with 412 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
roles/kubernetes-apps/efk/elasticsearch/tasks/main.yml
View File

@@ -1,34 +1,41 @@
---
- name: "ElasticSearch | Write efk manifests (RBAC)"
template:
src: "{{ item }}"
dest: "{{ kube_config_dir }}/{{ item }}"
with_items:
- "efk-sa.yml"
- "efk-clusterrolebinding.yml"
run_once: true
when: rbac_enabled
- name: "ElasticSearch | Create Serviceaccount and Clusterrolebinding (RBAC)"
command: "kubectl apply -f {{ kube_config_dir }}/{{ item }} -n {{ system_namespace }}"
with_items:
- "efk-sa.yml"
- "efk-clusterrolebinding.yml"
run_once: true
when: rbac_enabled
- name: "ElasticSearch | Write ES deployment"
template:
template:
src: elasticsearch-deployment.yml.j2
dest: "{{ kube_config_dir }}/elasticsearch-deployment.yaml"
register: es_deployment_manifest
- name: "ElasticSearch | Create ES deployment"
kube:
filename: "{{kube_config_dir}}/elasticsearch-deployment.yaml"
kubectl: "{{bin_dir}}/kubectl"
name: "elasticsearch-logging-v1"
namespace: "{{system_namespace}}"
resource: "rc"
state: "{{ item | ternary('latest','present') }}"
with_items: "{{ es_deployment_manifest.changed }}"
command: "{{ bin_dir }}/kubectl apply -f {{ kube_config_dir }}/elasticsearch-deployment.yaml -n {{ system_namespace }}"
run_once: true
when: es_deployment_manifest.changed
- name: "ElasticSearch | Write ES service "
template:
template:
src: elasticsearch-service.yml.j2
dest: "{{ kube_config_dir }}/elasticsearch-service.yaml"
register: es_service_manifest
- name: "ElasticSearch | Create ES service"
kube:
filename: "{{kube_config_dir}}/elasticsearch-service.yaml"
kubectl: "{{bin_dir}}/kubectl"
name: "elasticsearch-logging"
namespace: "{{system_namespace}}"
resource: "svc"
state: "{{ item | ternary('latest','present') }}"
with_items: "{{ es_service_manifest.changed }}"
command: "{{ bin_dir }}/kubectl apply -f {{ kube_config_dir }}/elasticsearch-service.yaml -n {{ system_namespace }}"
run_once: true
when: es_service_manifest.changed

13
roles/kubernetes-apps/efk/elasticsearch/templates/efk-clusterrolebinding.yml Normal file
View File

@@ -0,0 +1,13 @@
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: efk
namespace: {{ system_namespace }}
subjects:
- kind: ServiceAccount
name: efk
namespace: {{ system_namespace }}
roleRef:
kind: ClusterRole
name: cluster-admin
apiGroup: rbac.authorization.k8s.io

7
roles/kubernetes-apps/efk/elasticsearch/templates/efk-sa.yml Normal file
View File

@@ -0,0 +1,7 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: efk
namespace: {{ system_namespace }}
labels:
kubernetes.io/cluster-service: "true"

13
roles/kubernetes-apps/efk/elasticsearch/templates/elasticsearch-deployment.yml.j2
View File

@@ -1,7 +1,7 @@
---
# https://raw.githubusercontent.com/kubernetes/kubernetes/v1.5.2/cluster/addons/fluentd-elasticsearch/es-controller.yaml
apiVersion: v1
kind: ReplicationController
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: elasticsearch-logging-v1
namespace: "{{ system_namespace }}"
@@ -12,8 +12,9 @@ metadata:
spec:
replicas: 2
selector:
k8s-app: elasticsearch-logging
version: "{{ elasticsearch_image_tag }}"
matchLabels:
k8s-app: elasticsearch-logging
version: "{{ elasticsearch_image_tag }}"
template:
metadata:
labels:
@@ -49,3 +50,7 @@ spec:
volumes:
- name: es-persistent-storage
emptyDir: {}
{% if rbac_enabled %}
serviceAccountName: efk
{% endif %}