-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathapmserver.yml
66 lines (66 loc) · 2.07 KB
/
apmserver.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
apiVersion: apm.k8s.elastic.co/v1
kind: ApmServer
metadata:
name: MyAPMServer
labels:
app: apmserver
component: eck
spec:
version: 8.11.3
count: 3
secureSettings:
- secretName: <name>-es-elastic-user
config:
output:
elasticsearch:
hosts: ["https://<name>-es-internal-http.default:9200"]
username: elastic
password: "${elastic}"
protocol: "https"
ssl.certificate_authorities:
["/usr/share/apm-server/config/elasticsearch-ca/tls.crt"]
podTemplate:
spec:
containers:
- name: apm-server
env:
- name: apm-server.ssl.enabled
value: "true"
- name: apm-server.ssl.certificate
value: "/usr/share/apm-server/config/tls.crt"
- name: apm-server.ssl.key
value: "/usr/share/apm-server/config/tls.key"
volumeMounts:
- name: elasticsearch-ca
mountPath: /usr/share/apm-server/config/elasticsearch-ca
readOnly: true
- name: tls-crt
mountPath: /usr/share/apm-server/config/tls.crt
subPath: tls.crt
readOnly: true
- name: tls-key
mountPath: /usr/share/apm-server/config/tls.key
subPath: tls.key
readOnly: true
volumes:
- name: elasticsearch-ca
secret:
secretName: elasticsearch-eck-ca # This is the secret that holds the Elasticsearch CA cert
defaultMode: 420
optional: false
- name: tls-crt
secret:
defaultMode: 420
optional: false
secretName: apm-internal-cert # This is the secret that holds the Elasticsearch CA cert
items:
- key: tls.crt
path: tls.crt
- name: tls-key
secret:
defaultMode: 420
optional: false
secretName: apm-internal-cert # This is the secret that holds the Elasticsearch CA cert
items:
- key: tls.key
path: tls.key