statefulset-es

2021-08-17 18:14:26 浏览数 (1)

代码语言:javascript复制
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: es-read
  namespace: es
rules:
- apiGroups: [""]
  resources: ["pods"]
  verbs: ["get", "watch", "list"]
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: es-read
  namespace: es
subjects:
- kind: ServiceAccount
  name: default
  namespace: es
roleRef:
  kind: Role
  name: es-read
  apiGroup: rbac.authorization.k8s.io
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
  name: es-view
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: view
subjects:
  - kind: ServiceAccount
#命名为default权限
    name: default
    namespace: es
---
kind: Service
apiVersion: v1
metadata:
  name: es
  namespace: es
  labels:
    app: es
spec:
  selector:
    app: es
  clusterIP: None
  ports:
    - port: 9200
      name: rest
    - port: 9300
      name: inter-node
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: es
  namespace: es
spec:
  serviceName: es
  replicas: 3
  selector:
    matchLabels:
      app: es
  template:
    metadata:
      labels: 
        app: es
    spec:
      terminationGracePeriodSeconds: 10
      initContainers:
      - name: chushihuashezhi
        image: busybox
        imagePullPolicy: IfNotPresent
        command: ["sh","-c"," sysctl -w vm.max_map_count=262144 && ulimit -n 65536"]
        #command: ["sh","-c","chown -R 1000:1000 /usr/share/elasticsearch/data  && sysctl -w vm.max_map_count=262144 && ulimit -n 65536"]
        securityContext:
          privileged: true
      containers:
      - name: es
        #image: cygnf2eh.mirror.aliyuncs.com/library/elasticsearch:7.13.2
        image: docker.elastic.co/elasticsearch/elasticsearch:7.6.2
        imagePullPolicy: IfNotPresent
        ports:
        - name: rest
          containerPort: 9200
        - name: inter
          containerPort: 9300
        resources:
          limits:
            cpu: 1000m
          requests:
            cpu: 1000m
        volumeMounts:
        - name: data
          mountPath: /usr/share/elasticsearch/data
        env:
        - name: cluster.name
          value: yemaodiyi
        - name: node.name
          valueFrom:
            fieldRef:
              fieldPath: metadata.name
        - name: cluster.initial_master_nodes
          value: "es-0,es-1,es-2"
        - name: discovery.zen.minimum_master_nodes
          value: "2"
        - name: discovery.seed_hosts
          value: "es-0.es,es-1.es,es-2.es"
        - name: ES_JAVA_OPTS
          value: "-Xms512m -Xmx512m"
        - name: network.host
          value: "0.0.0.0"
        - name: http.port
          value: "9200"
        - name: transport.port
          value: "9300"
        - name: node.data
          value: "true"
        - name: node.master
          value: "true"
        - name: http.cors.enabled
          value: "true"
        - name: http.cors.allow-origin
          value: "*"
  volumeClaimTemplates:
  - metadata:
      name: data
      labels:
        app: elasticsearch
    spec:
      accessModes: [ "ReadWriteOnce" ]
      storageClassName: nfs-zhaohao
      resources:
        requests:
          storage: 3Gi
es

0 人点赞