apiVersion: apps/v1 kind: Deployment metadata: labels: app: {{ template "elasticsearch.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version }} component: "{{ .Values.client.name }}" heritage: {{ .Release.Service }} release: {{ .Release.Name }} name: {{ template "elasticsearch.client.fullname" . }} spec: replicas: {{ .Values.client.replicas }} template: metadata: labels: app: {{ template "elasticsearch.name" . }} component: "{{ .Values.client.name }}" release: {{ .Release.Name }} {{- if .Values.client.podAnnotations }} annotations: {{ toYaml .Values.client.podAnnotations | indent 8 }} {{- end }} spec: {{- if .Values.client.priorityClassName }} priorityClassName: "{{ .Values.client.priorityClassName }}" {{- end }} securityContext: fsGroup: 1000 {{- if eq .Values.client.antiAffinity "hard" }} affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - topologyKey: "kubernetes.io/hostname" labelSelector: matchLabels: app: "{{ template "elasticsearch.name" . }}" release: "{{ .Release.Name }}" component: "{{ .Values.client.name }}" {{- else if eq .Values.client.antiAffinity "soft" }} affinity: podAntiAffinity: preferredDuringSchedulingIgnoredDuringExecution: - weight: 1 podAffinityTerm: topologyKey: kubernetes.io/hostname labelSelector: matchLabels: app: "{{ template "elasticsearch.name" . }}" release: "{{ .Release.Name }}" component: "{{ .Values.client.name }}" {{- end }} {{- if .Values.client.nodeSelector }} nodeSelector: {{ toYaml .Values.client.nodeSelector | indent 8 }} {{- end }} {{- if .Values.client.tolerations }} tolerations: {{ toYaml .Values.client.tolerations | indent 8 }} {{- end }} initContainers: # see https://www.elastic.co/guide/en/elasticsearch/reference/current/vm-max-map-count.html # and https://www.elastic.co/guide/en/elasticsearch/reference/current/setup-configuration-memory.html#mlockall - name: "sysctl" image: "busybox" imagePullPolicy: "Always" command: ["sysctl", "-w", "vm.max_map_count=262144"] securityContext: privileged: true containers: - name: elasticsearch env: - name: NODE_DATA value: "false" {{- if hasPrefix "5." .Values.appVersion }} - name: NODE_INGEST value: "false" {{- end }} - name: NODE_MASTER value: "false" - name: DISCOVERY_SERVICE value: {{ template "elasticsearch.fullname" . }}-discovery - name: PROCESSORS valueFrom: resourceFieldRef: resource: limits.cpu - name: ES_JAVA_OPTS value: "-Djava.net.preferIPv4Stack=true -Xms{{ .Values.client.heapSize }} -Xmx{{ .Values.client.heapSize }}" {{- range $key, $value := .Values.cluster.env }} - name: {{ $key }} value: {{ $value | quote }} {{- end }} resources: {{ toYaml .Values.client.resources | indent 12 }} readinessProbe: httpGet: path: /_cluster/health port: 9200 initialDelaySeconds: 5 livenessProbe: httpGet: path: /_cluster/health port: 9200 initialDelaySeconds: 90 image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" imagePullPolicy: {{ .Values.image.pullPolicy | quote }} ports: - containerPort: 9200 name: http - containerPort: 9300 name: transport volumeMounts: - mountPath: /usr/share/elasticsearch/config/elasticsearch.yml name: config subPath: elasticsearch.yml {{- if hasPrefix "2." .Values.image.tag }} - mountPath: /usr/share/elasticsearch/config/logging.yml name: config subPath: logging.yml {{- end }} {{- if hasPrefix "5." .Values.image.tag }} - mountPath: /usr/share/elasticsearch/config/log4j2.properties name: config subPath: log4j2.properties {{- end }} {{- if .Values.cluster.keystoreSecret }} - name: keystore mountPath: "/usr/share/elasticsearch/config/elasticsearch.keystore" subPath: elasticsearch.keystore readOnly: true {{- end }} {{- if .Values.image.pullSecrets }} imagePullSecrets: {{- range $pullSecret := .Values.image.pullSecrets }} - name: {{ $pullSecret }} {{- end }} {{- end }} volumes: - name: config configMap: name: {{ template "elasticsearch.fullname" . }} {{- if .Values.cluster.keystoreSecret }} - name: keystore secret: secretName: {{ .Values.cluster.keystoreSecret }} {{- end }}