elasticsearch.k8s.elastic.co/v1
editelasticsearch.k8s.elastic.co/v1
editPackage v1 contains API schema definitions for managing Elasticsearch resources.
Resource Types
Auth
editAuth contains user authentication and authorization security settings for Elasticsearch.
Field | Description |
---|---|
|
Roles to propagate to the Elasticsearch cluster. |
|
FileRealm to propagate to the Elasticsearch cluster. |
ChangeBudget
editChangeBudget defines the constraints to consider when applying changes to the Elasticsearch cluster.
Field | Description |
---|---|
|
MaxUnavailable is the maximum number of pods that can be unavailable (not ready) during the update due to circumstances under the control of the operator. Setting a negative value will disable this restriction. Defaults to 1 if not specified. |
|
MaxSurge is the maximum number of new pods that can be created exceeding the original number of pods defined in the specification. MaxSurge is only taken into consideration when scaling up. Setting a negative value will disable the restriction. Defaults to unbounded if not specified. |
Elasticsearch
editElasticsearch represents an Elasticsearch resource in a Kubernetes cluster.
Field | Description |
---|---|
|
|
|
|
|
Refer to Kubernetes API documentation for fields of |
|
ElasticsearchSpec
editElasticsearchSpec holds the specification of an Elasticsearch cluster.
Field | Description |
---|---|
|
Version of Elasticsearch. |
|
Image is the Elasticsearch Docker image to deploy. |
|
HTTP holds HTTP layer settings for Elasticsearch. |
|
Transport holds transport layer settings for Elasticsearch. |
|
NodeSets allow specifying groups of Elasticsearch nodes sharing the same configuration and Pod templates. |
|
UpdateStrategy specifies how updates to the cluster should be performed. |
|
PodDisruptionBudget provides access to the default pod disruption budget for the Elasticsearch cluster. The default budget selects all cluster pods and sets |
|
Auth contains user authentication and authorization security settings for Elasticsearch. |
|
SecureSettings is a list of references to Kubernetes secrets containing sensitive configuration options for Elasticsearch. |
|
ServiceAccountName is used to check access from the current resource to a resource (eg. a remote Elasticsearch cluster) in a different namespace. Can only be used if ECK is enforcing RBAC on references. |
|
RemoteClusters enables you to establish uni-directional connections to a remote Elasticsearch cluster. |
FileRealmSource
editFileRealmSource references users to create in the Elasticsearch cluster.
Field | Description |
---|---|
|
SecretName references a Kubernetes secret in the same namespace as the Elasticsearch resource. Multiple users and their roles mapping can be specified in a Kubernetes secret. The secret should contain 2 entries: - users: contain all users and the hash of their password (https://www.elastic.co/guide/en/elasticsearch/reference/current/security-settings.html#password-hashing-algorithms) - users_roles: contain the role to users mapping The format of those 2 entries must correspond to the expected file realm format, as specified in Elasticsearch documentation: https://www.elastic.co/guide/en/elasticsearch/reference/7.5/file-realm.html#file-realm-configuration. Example: --- # File realm in ES format (from the CLI or manually assembled) kind: Secret apiVersion: v1 metadata: name: my-filerealm stringData: users: |
|
|
NodeSet
editNodeSet is the specification for a group of Elasticsearch nodes sharing the same configuration and a Pod template.
Field | Description |
---|---|
|
Name of this set of nodes. Becomes a part of the Elasticsearch node.name setting. |
|
Config holds the Elasticsearch configuration. |
|
Count of Elasticsearch nodes to deploy. |
|
PodTemplate provides customisation options (labels, annotations, affinity rules, resource requests, and so on) for the Pods belonging to this NodeSet. |
|
VolumeClaimTemplates is a list of persistent volume claims to be used by each Pod in this NodeSet. Every claim in this list must have a matching volumeMount in one of the containers defined in the PodTemplate. Items defined here take precedence over any default claims added by the operator with the same name. |
RemoteCluster
editRemoteCluster declares a remote Elasticsearch cluster connection.
Field | Description |
---|---|
|
Name is the name of the remote cluster as it is set in the Elasticsearch settings. The name is expected to be unique for each remote clusters. |
|
ElasticsearchRef is a reference to an Elasticsearch cluster running within the same k8s cluster. |
RoleSource
editRoleSource references roles to create in the Elasticsearch cluster.
Field | Description |
---|---|
|
SecretName references a Kubernetes secret in the same namespace as the Elasticsearch resource. Multiple roles can be specified in a Kubernetes secret, under a single "roles.yml" entry. The secret value must match the expected file-based specification as described in https://www.elastic.co/guide/en/elasticsearch/reference/current/defining-roles.html#roles-management-file. Example: --- kind: Secret apiVersion: v1 metadata: name: my-roles stringData: roles.yml: |
TransportConfig
editTransportConfig holds the transport layer settings for Elasticsearch.
Field | Description |
---|---|
|
Service defines the template for the associated Kubernetes Service object. |
TLS defines options for configuring TLS on the transport layer. |
TransportTLSOptions
editField | Description |
---|---|
|
Certificate is a reference to a Kubernetes secret that contains the CA certificate and private key for generating node certificates. The referenced secret should contain the following:
- |
UpdateStrategy
editUpdateStrategy specifies how updates to the cluster should be performed.
Field | Description |
---|---|
|
ChangeBudget defines the constraints to consider when applying changes to the Elasticsearch cluster. |