vendor/k8s.io/kubernetes/cluster/addons/fluentd-elasticsearch/es-statefulset.yaml - cloudstack-kubernetes-provider - Git at Google

 # RBAC authn and authz
 apiVersion: v1
 kind: ServiceAccount
 metadata:
   name: elasticsearch-logging
   namespace: kube-system
   labels:
     k8s-app: elasticsearch-logging
     kubernetes.io/cluster-service: "true"
     addonmanager.kubernetes.io/mode: Reconcile
 ---
 kind: ClusterRole
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: elasticsearch-logging
   labels:
     k8s-app: elasticsearch-logging
     kubernetes.io/cluster-service: "true"
     addonmanager.kubernetes.io/mode: Reconcile
 rules:
 - apiGroups:
   - ""
   resources:
   - "services"
   - "namespaces"
   - "endpoints"
   verbs:
   - "get"
 ---
 kind: ClusterRoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   namespace: kube-system
   name: elasticsearch-logging
   labels:
     k8s-app: elasticsearch-logging
     kubernetes.io/cluster-service: "true"
     addonmanager.kubernetes.io/mode: Reconcile
 subjects:
 - kind: ServiceAccount
   name: elasticsearch-logging
   namespace: kube-system
   apiGroup: ""
 roleRef:
   kind: ClusterRole
   name: elasticsearch-logging
   apiGroup: ""
 ---
 # Elasticsearch deployment itself
 apiVersion: apps/v1
 kind: StatefulSet
 metadata:
   name: elasticsearch-logging
   namespace: kube-system
   labels:
     k8s-app: elasticsearch-logging
     version: v6.3.0
     kubernetes.io/cluster-service: "true"
     addonmanager.kubernetes.io/mode: Reconcile
 spec:
   serviceName: elasticsearch-logging
   replicas: 2
   selector:
     matchLabels:
       k8s-app: elasticsearch-logging
       version: v6.3.0
   template:
     metadata:
       labels:
         k8s-app: elasticsearch-logging
         version: v6.3.0
         kubernetes.io/cluster-service: "true"
     spec:
       serviceAccountName: elasticsearch-logging
       containers:
       - image: k8s.gcr.io/elasticsearch:v6.3.0
         name: elasticsearch-logging
         resources:
           # need more cpu upon initialization, therefore burstable class
           limits:
             cpu: 1000m
           requests:
             cpu: 100m
         ports:
         - containerPort: 9200
           name: db
           protocol: TCP
         - containerPort: 9300
           name: transport
           protocol: TCP
         volumeMounts:
         - name: elasticsearch-logging
           mountPath: /data
         env:
         - name: "NAMESPACE"
           valueFrom:
             fieldRef:
               fieldPath: metadata.namespace
       volumes:
       - name: elasticsearch-logging
         emptyDir: {}
       # Elasticsearch requires vm.max_map_count to be at least 262144.
       # If your OS already sets up this number to a higher value, feel free
       # to remove this init container.
       initContainers:
       - image: alpine:3.6
         command: ["/sbin/sysctl", "-w", "vm.max_map_count=262144"]
         name: elasticsearch-logging-init
         securityContext:
           privileged: true
	# RBAC authn and authz
	apiVersion: v1
	kind: ServiceAccount
	metadata:
	name: elasticsearch-logging
	namespace: kube-system
	labels:
	k8s-app: elasticsearch-logging
	kubernetes.io/cluster-service: "true"
	addonmanager.kubernetes.io/mode: Reconcile
	---
	kind: ClusterRole
	apiVersion: rbac.authorization.k8s.io/v1
	metadata:
	name: elasticsearch-logging
	labels:
	k8s-app: elasticsearch-logging
	kubernetes.io/cluster-service: "true"
	addonmanager.kubernetes.io/mode: Reconcile
	rules:
	- apiGroups:
	- ""
	resources:
	- "services"
	- "namespaces"
	- "endpoints"
	verbs:
	- "get"
	---
	kind: ClusterRoleBinding
	apiVersion: rbac.authorization.k8s.io/v1
	metadata:
	namespace: kube-system
	name: elasticsearch-logging
	labels:
	k8s-app: elasticsearch-logging
	kubernetes.io/cluster-service: "true"
	addonmanager.kubernetes.io/mode: Reconcile
	subjects:
	- kind: ServiceAccount
	name: elasticsearch-logging
	namespace: kube-system
	apiGroup: ""
	roleRef:
	kind: ClusterRole
	name: elasticsearch-logging
	apiGroup: ""
	---
	# Elasticsearch deployment itself
	apiVersion: apps/v1
	kind: StatefulSet
	metadata:
	name: elasticsearch-logging
	namespace: kube-system
	labels:
	k8s-app: elasticsearch-logging
	version: v6.3.0
	kubernetes.io/cluster-service: "true"
	addonmanager.kubernetes.io/mode: Reconcile
	spec:
	serviceName: elasticsearch-logging
	replicas: 2
	selector:
	matchLabels:
	k8s-app: elasticsearch-logging
	version: v6.3.0
	template:
	metadata:
	labels:
	k8s-app: elasticsearch-logging
	version: v6.3.0
	kubernetes.io/cluster-service: "true"
	spec:
	serviceAccountName: elasticsearch-logging
	containers:
	- image: k8s.gcr.io/elasticsearch:v6.3.0
	name: elasticsearch-logging
	resources:
	# need more cpu upon initialization, therefore burstable class
	limits:
	cpu: 1000m
	requests:
	cpu: 100m
	ports:
	- containerPort: 9200
	name: db
	protocol: TCP
	- containerPort: 9300
	name: transport
	protocol: TCP
	volumeMounts:
	- name: elasticsearch-logging
	mountPath: /data
	env:
	- name: "NAMESPACE"
	valueFrom:
	fieldRef:
	fieldPath: metadata.namespace
	volumes:
	- name: elasticsearch-logging
	emptyDir: {}
	# Elasticsearch requires vm.max_map_count to be at least 262144.
	# If your OS already sets up this number to a higher value, feel free
	# to remove this init container.
	initContainers:
	- image: alpine:3.6
	command: ["/sbin/sysctl", "-w", "vm.max_map_count=262144"]
	name: elasticsearch-logging-init
	securityContext:
	privileged: true