k8sConfigs/efk_cluster/elasticsearch-statefulSet.yaml

# elasticsearch-0
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: elasticsearch-0
  namespace: efk
spec:
  serviceName: elasticsearch-service
  replicas: 1
  selector:
    matchLabels:
      app: elasticsearch
  template:
    metadata:
      labels:
        app: elasticsearch
    spec:
      initContainers:
      - name: init-sysctl
        image: busybox
        command: ["sysctl", "-w", "vm.max_map_count=262144"]
        securityContext:
          privileged: true
      containers:
      - name: elasticsearch
        image: docker.elastic.co/elasticsearch/elasticsearch:8.8.0
        ports:
        - containerPort: 9200
          name: http
        - containerPort: 9300
          name: transport
        env:
        - name: cluster.name
          value: "my-es-cluster"
        - name: node.name
          value: "elasticsearch-0"
        - name: discovery.seed_hosts
          value: "elasticsearch-0.elasticsearch-service.efk.svc.cluster.local,elasticsearch-1.elasticsearch-service.efk.svc.cluster.local,elasticsearch-2.elasticsearch-service.efk.svc.cluster.local"
        - name: cluster.initial_master_nodes
          value: "elasticsearch-0"
        - name: xpack.security.enabled
          value: "true"
        - name: ELASTIC_PASSWORD
          valueFrom:
            secretKeyRef:
              name: elasticsearch-secret
              key: elastic_password
        - name: ES_JAVA_OPTS
          value: "-Xms2g -Xmx4g"
        - name: node.roles
          value: "[master, data]"
        - name: node.attr.data-tier
          value: "hot"
        resources:
          requests:
            memory: "4Gi"
            cpu: "1"
          limits:
            memory: "6Gi"
            cpu: "2"
        volumeMounts:
        - name: data
          mountPath: /usr/share/elasticsearch/data
        - name: config-volume
          mountPath: /usr/share/elasticsearch/config
      affinity:
        podAntiAffinity:
          requiredDuringSchedulingIgnoredDuringExecution:
          - labelSelector:
              matchExpressions:
              - key: app
                operator: In
                values: ["elasticsearch"]
            topologyKey: "kubernetes.io/hostname"
      volumes:
      - name: data
        persistentVolumeClaim:
          claimName: "elasticsearch-data-pvc-elasticsearch-0"
      - name: config-volume
        persistentVolumeClaim:
          claimName: "elasticsearch-config-pvc"
---
# elasticsearch-1
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: elasticsearch-1
  namespace: efk
spec:
  serviceName: elasticsearch-service
  replicas: 1
  selector:
    matchLabels:
      app: elasticsearch
  template:
    metadata:
      labels:
        app: elasticsearch
    spec:
      initContainers:
      - name: init-sysctl
        image: busybox
        command: ["sysctl", "-w", "vm.max_map_count=262144"]
        securityContext:
          privileged: true
      containers:
      - name: elasticsearch
        image: docker.elastic.co/elasticsearch/elasticsearch:8.8.0
        ports:
        - containerPort: 9200
          name: http
        - containerPort: 9300
          name: transport
        env:
        - name: cluster.name
          value: "my-es-cluster"
        - name: node.name
          value: "elasticsearch-1"
        - name: discovery.seed_hosts
          value: "elasticsearch-0.elasticsearch-service.efk.svc.cluster.local,elasticsearch-1.elasticsearch-service.efk.svc.cluster.local,elasticsearch-2.elasticsearch-service.efk.svc.cluster.local"
        - name: cluster.initial_master_nodes
          value: "elasticsearch-0"
        - name: xpack.security.enabled
          value: "true"
        - name: ELASTIC_PASSWORD
          valueFrom:
            secretKeyRef:
              name: elasticsearch-secret
              key: elastic_password
        - name: ES_JAVA_OPTS
          value: "-Xms2g -Xmx4g"
        - name: node.roles
          value: "[data]"
        - name: node.attr.data-tier
          value: "warm"
        resources:
          requests:
            memory: "4Gi"
            cpu: "1"
          limits:
            memory: "6Gi"
            cpu: "2"
        volumeMounts:
        - name: data
          mountPath: /usr/share/elasticsearch/data
        - name: config-volume
          mountPath: /usr/share/elasticsearch/config
      affinity:
        podAntiAffinity:
          requiredDuringSchedulingIgnoredDuringExecution:
          - labelSelector:
              matchExpressions:
              - key: app
                operator: In
                values: ["elasticsearch"]
            topologyKey: "kubernetes.io/hostname"
      volumes:
      - name: data
        persistentVolumeClaim:
          claimName: "elasticsearch-data-pvc-elasticsearch-1"
      - name: config-volume
        persistentVolumeClaim:
          claimName: "elasticsearch-config-pvc"
---
# elasticsearch-2
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: elasticsearch-2
  namespace: efk
spec:
  serviceName: elasticsearch-service
  replicas: 1
  selector:
    matchLabels:
      app: elasticsearch
  template:
    metadata:
      labels:
        app: elasticsearch
    spec:
      initContainers:
      - name: init-sysctl
        image: busybox
        command: ["sysctl", "-w", "vm.max_map_count=262144"]
        securityContext:
          privileged: true
      containers:
      - name: elasticsearch
        image: docker.elastic.co/elasticsearch/elasticsearch:8.8.0
        ports:
        - containerPort: 9200
          name: http
        - containerPort: 9300
          name: transport
        env:
        - name: cluster.name
          value: "my-es-cluster"
        - name: node.name
          value: "elasticsearch-2"
        - name: discovery.seed_hosts
          value: "elasticsearch-0.elasticsearch-service.efk.svc.cluster.local,elasticsearch-1.elasticsearch-service.efk.svc.cluster.local,elasticsearch-2.elasticsearch-service.efk.svc.cluster.local"
        - name: cluster.initial_master_nodes
          value: "elasticsearch-0"
        - name: xpack.security.enabled
          value: "true"
        - name: ELASTIC_PASSWORD
          valueFrom:
            secretKeyRef:
              name: elasticsearch-secret
              key: elastic_password
        - name: ES_JAVA_OPTS
          value: "-Xms2g -Xmx4g"
        - name: node.roles
          value: "[data]"
        - name: node.attr.data-tier
          value: "cold"
        resources:
          requests:
            memory: "4Gi"
            cpu: "1"
          limits:
            memory: "6Gi"
            cpu: "2"
        volumeMounts:
        - name: data
          mountPath: /usr/share/elasticsearch/data
        - name: config-volume
          mountPath: /usr/share/elasticsearch/config
      affinity:
        podAntiAffinity:
          requiredDuringSchedulingIgnoredDuringExecution:
          - labelSelector:
              matchExpressions:
              - key: app
                operator: In
                values: ["elasticsearch"]
            topologyKey: "kubernetes.io/hostname"
      volumes:
      - name: data
        persistentVolumeClaim:
          claimName: "elasticsearch-data-pvc-elasticsearch-2"
      - name: config-volume
        persistentVolumeClaim:
          claimName: "elasticsearch-config-pvc"
---
apiVersion: v1
kind: Service
metadata:
  name: elasticsearch-service
  namespace: efk
spec:
  clusterIP: None
  selector:
    app: elasticsearch
  ports:
  - port: 9200
    name: http
  - port: 9300
    name: transport
---
apiVersion: v1
kind: Secret
metadata:
  name: elasticsearch-secret
  namespace: efk
type: Opaque
data:
  elastic_password: eW91cl9zZWN1cmVfcGFzc3dvcmQ=  # Base64 编码的 "your_secure_password"