-
Notifications
You must be signed in to change notification settings - Fork 702
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Update Google Cloud LB recipe (#4371)
* Update Google Cloud LB recipe * Add note about cert-manager version
- Loading branch information
1 parent
2c3d85b
commit dc13c68
Showing
4 changed files
with
90 additions
and
6 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,68 @@ | ||
# How to serve Kibana from a path. In this example we make Kibana available at https://elastic.stack/kibana. | ||
--- | ||
apiVersion: kibana.k8s.elastic.co/v1 | ||
kind: Kibana | ||
metadata: | ||
name: thor | ||
labels: | ||
app: thor | ||
spec: | ||
version: 7.11.2 | ||
count: 1 | ||
config: | ||
# Make Kibana aware of the fact that it is behind a proxy | ||
server: | ||
basePath: "/kibana" | ||
rewriteBasePath: true | ||
publicBaseUrl: "https://elastic.stack/kibana" | ||
http: | ||
service: | ||
metadata: | ||
labels: | ||
app: thor | ||
annotations: | ||
# Enable TLS between GCLB and the application | ||
cloud.google.com/app-protocols: '{"https":"HTTPS"}' | ||
service.alpha.kubernetes.io/app-protocols: '{"https":"HTTPS"}' | ||
# Comment out the following line if you are not using a VPC-native cluster | ||
cloud.google.com/neg: '{"ingress": true}' | ||
elasticsearchRef: | ||
name: hulk | ||
podTemplate: | ||
spec: | ||
containers: | ||
- name: kibana | ||
readinessProbe: | ||
# Override the readiness probe as GCLB reuses it for its own healthchecks | ||
# The path must contain the path prefix used to serve the application from the load balancer | ||
httpGet: | ||
scheme: HTTPS | ||
path: "/kibana/login" | ||
port: 5601 | ||
--- | ||
apiVersion: networking.k8s.io/v1 | ||
kind: Ingress | ||
metadata: | ||
name: thor | ||
labels: | ||
app: thor | ||
annotations: | ||
# Issue certificates for TLS hosts automatically | ||
cert-manager.io/cluster-issuer: "selfsigning-issuer" | ||
# Disable HTTP traffic | ||
kubernetes.io/ingress.allow-http: "false" | ||
spec: | ||
tls: | ||
- hosts: ["elastic.stack"] | ||
secretName: elastic-stack-cert | ||
rules: | ||
- host: "elastic.stack" | ||
http: | ||
paths: | ||
- path: "/kibana/*" | ||
pathType: Exact | ||
backend: | ||
service: | ||
name: thor-kb-http | ||
port: | ||
name: https |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters