roles/openshift_logging/templates/kibana.j2


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116

apiVersion: "v1"
kind: "DeploymentConfig"
metadata:
  name: "{{deploy_name}}"
  labels:
    provider: openshift
    component: "{{component}}"
    logging-infra: "{{logging_component}}"
spec:
  replicas: {{replicas|default(0)}}
  selector:
    provider: openshift
    component: "{{component}}"
    logging-infra: "{{logging_component}}"
  strategy:
    rollingParams:
      intervalSeconds: 1
      timeoutSeconds: 600
      updatePeriodSeconds: 1
    type: Rolling
  template:
    metadata:
      name: "{{deploy_name}}"
      labels:
        logging-infra: "{{logging_component}}"
        provider: openshift
        component: "{{component}}"
    spec:
      serviceAccountName: aggregated-logging-kibana
{% if kibana_node_selector is iterable and kibana_node_selector | length > 0 %}
      nodeSelector:
{% for key, value in kibana_node_selector.iteritems() %}
        {{key}}: {{value}}
{% endfor %}
{% endif %}
      containers:
        -
          name: "kibana"
          image: {{image}}
          imagePullPolicy: Always
{% if (kibana_memory_limit is defined and kibana_memory_limit is not none) or (kibana_cpu_limit is defined and kibana_cpu_limit is not none) %}
          resources:
            limits:
{% if kibana_cpu_limit is not none %}
              cpu: "{{kibana_cpu_limit}}"
{% endif %}
{% if kibana_memory_limit is not none %}
              memory: "{{kibana_memory_limit}}"
{% endif %}
{% endif %}
          env:
            - name: "ES_HOST"
              value: "{{es_host}}"
            - name: "ES_PORT"
              value: "{{es_port}}"
          volumeMounts:
            - name: kibana
              mountPath: /etc/kibana/keys
              readOnly: true
        -
          name: "kibana-proxy"
          image: {{proxy_image}}
          imagePullPolicy: Always
{% if (kibana_proxy_memory_limit is defined and kibana_proxy_memory_limit is not none) or (kibana_proxy_cpu_limit is defined and kibana_proxy_cpu_limit is not none) %}
          resources:
            limits:
{% if kibana_proxy_cpu_limit is not none %}
              cpu: "{{kibana_proxy_cpu_limit}}"
{% endif %}
{% if kibana_proxy_memory_limit is not none %}
              memory: "{{kibana_proxy_memory_limit}}"
{% endif %}
{% endif %}
          ports:
            -
              name: "oaproxy"
              containerPort: 3000
          env:
            -
             name: "OAP_BACKEND_URL"
             value: "http://localhost:5601"
            -
             name: "OAP_AUTH_MODE"
             value: "oauth2"
            -
             name: "OAP_TRANSFORM"
             value: "user_header,token_header"
            -
             name: "OAP_OAUTH_ID"
             value: kibana-proxy
            -
             name: "OAP_MASTER_URL"
             value: {{master_url}}
            -
             name: "OAP_PUBLIC_MASTER_URL"
             value: {{openshift_logging_master_public_url}}
            -
             name: "OAP_LOGOUT_REDIRECT"
             value: {{openshift_logging_master_public_url}}/console/logout
            -
             name: "OAP_MASTER_CA_FILE"
             value: "/var/run/secrets/kubernetes.io/serviceaccount/ca.crt"
            -
             name: "OAP_DEBUG"
             value: "{{openshift_logging_kibana_proxy_debug}}"
          volumeMounts:
            - name: kibana-proxy
              mountPath: /secret
              readOnly: true
      volumes:
        - name: kibana
          secret:
            secretName: logging-kibana
        - name: kibana-proxy
          secret:
            secretName: logging-kibana-proxy