From 5a4d56d0688da43543348b1404f4bb845b78272e Mon Sep 17 00:00:00 2001 From: Steve Wilkerson Date: Thu, 19 Apr 2018 09:00:22 -0500 Subject: [PATCH] Update curator auth config and actions Curator is unable to use environment variables for configuration values if the configured option contains more than the env variable. In the case of the http_auth value (which expects user:password), using ${USER}:${PASS} prevents curator from successfully authenticating to elasticsearch. This moves to dynamically define these values in the configmap if the value is empty This also updates values for curators actions to target logstash- indices for its actions Change-Id: Id5b49171e00847432e4ab0cf4be60005b70c21e3 --- elasticsearch/templates/configmap-etc.yaml | 1 + elasticsearch/templates/cron-job-curator.yaml | 9 +-------- elasticsearch/values.yaml | 10 ++++++---- 3 files changed, 8 insertions(+), 12 deletions(-) diff --git a/elasticsearch/templates/configmap-etc.yaml b/elasticsearch/templates/configmap-etc.yaml index f0c41a433..cd1ea37d2 100644 --- a/elasticsearch/templates/configmap-etc.yaml +++ b/elasticsearch/templates/configmap-etc.yaml @@ -20,6 +20,7 @@ limitations under the License. {{- if and (.Values.conf.elasticsearch.repository.enabled) (empty .Values.conf.elasticsearch.config.path.repo) -}} {{- set .Values.conf.elasticsearch.config.path "repo" .Values.conf.elasticsearch.repository.location -}} {{- end -}} + --- apiVersion: v1 kind: ConfigMap diff --git a/elasticsearch/templates/cron-job-curator.yaml b/elasticsearch/templates/cron-job-curator.yaml index 828f29fb1..515f93afa 100644 --- a/elasticsearch/templates/cron-job-curator.yaml +++ b/elasticsearch/templates/cron-job-curator.yaml @@ -47,17 +47,10 @@ spec: {{ tuple $envAll $envAll.Values.pod.resources.jobs.curator | include "helm-toolkit.snippets.kubernetes_resources" | indent 14 }} env: - name: ELASTICSEARCH_HOST - value: {{ tuple "elasticsearch" "internal" "http" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" }} - - name: ELASTICSEARCH_USERNAME valueFrom: secretKeyRef: name: {{ $esUserSecret }} - key: ELASTICSEARCH_USERNAME - - name: ELASTICSEARCH_PASSWORD - valueFrom: - secretKeyRef: - name: {{ $esUserSecret }} - key: ELASTICSEARCH_PASSWORD + key: ELASTICSEARCH_URI volumeMounts: - name: pod-etc-curator mountPath: /etc/config diff --git a/elasticsearch/values.yaml b/elasticsearch/values.yaml index 7e44a07b1..ec5aec06f 100644 --- a/elasticsearch/values.yaml +++ b/elasticsearch/values.yaml @@ -195,13 +195,15 @@ conf: ignore_empty_list: True disable_action: True filters: + - filtertype: pattern + kind: prefix + value: logstash- - filtertype: age source: name direction: older timestring: '%Y.%m.%d' unit: days unit_count: 7 - exclude: True 2: action: delete_indices description: >- @@ -213,6 +215,9 @@ conf: ignore_empty_list: True disable_action: True filters: + - filtertype: pattern + kind: prefix + value: logstash- - filtertype: space source: creation_date use_age: True @@ -220,7 +225,6 @@ conf: # replicas. This must be adjusted if changed due to Curator being # unable to calculate percentages of total disk space disk_space: 12 - exclude: False 3: action: snapshot description: >- @@ -243,7 +247,6 @@ conf: timestring: '%Y.%m.%d' unit: days unit_count: 1 - exclude: False 4: action: delete_snapshots description: >- @@ -271,7 +274,6 @@ conf: - ${ELASTICSEARCH_HOST} use_ssl: False ssl_no_validate: False - http_auth: ${ELASTICSEARCH_USERNAME}:${ELASTICSEARCH_PASSWORD} timeout: 60 logging: loglevel: INFO