mirror of
https://github.com/bitnami/charts.git
synced 2026-03-16 14:57:08 +08:00
26502141d1
* [bitnami/*] Unify k8s directives separators Signed-off-by: Carlos Rodriguez Hernandez <carlosrh@vmware.com> * [skip ci] Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <containers@bitnami.com> Co-authored-by: Bitnami Containers <containers@bitnami.com>
106 lines
5.4 KiB
YAML
106 lines
5.4 KiB
YAML
{{- if (include "elasticsearch.createTlsSecret" .) }}
|
|
{{- $ca := genCA "elasticsearch-ca" 365 }}
|
|
{{- $releaseNamespace := include "common.names.namespace" . }}
|
|
{{- $clusterDomain := .Values.clusterDomain }}
|
|
|
|
{{- if and (include "elasticsearch.master.enabled" .) (not .Values.security.tls.master.existingSecret) }}
|
|
{{- $fullname := include "elasticsearch.master.fullname" . }}
|
|
{{- $serviceName := printf "%s-hl" (include "elasticsearch.master.fullname" .) | trunc 63 | trimSuffix "-" }}
|
|
{{- $altNames := list (printf "*.%s.%s.svc.%s" $serviceName $releaseNamespace $clusterDomain) (printf "%s.%s.svc.%s" $serviceName $releaseNamespace $clusterDomain) $fullname "127.0.0.1" "localhost" }}
|
|
{{- $crt := genSignedCert $fullname nil $altNames 365 $ca }}
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: {{ printf "%s-crt" (include "elasticsearch.master.fullname" .) }}
|
|
namespace: {{ include "common.names.namespace" . | quote }}
|
|
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
|
{{- if .Values.commonLabels }}
|
|
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
|
|
{{- end }}
|
|
app.kubernetes.io/component: master
|
|
{{- if .Values.commonAnnotations }}
|
|
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
|
{{- end }}
|
|
type: kubernetes.io/tls
|
|
data:
|
|
ca.crt: {{ $ca.Cert | b64enc | quote }}
|
|
tls.crt: {{ $crt.Cert | b64enc | quote }}
|
|
tls.key: {{ $crt.Key | b64enc | quote }}
|
|
{{- end }}
|
|
{{- if and (include "elasticsearch.data.enabled" .) (not .Values.security.tls.data.existingSecret) }}
|
|
{{- $fullname := include "elasticsearch.data.fullname" . }}
|
|
{{- $serviceName := printf "%s-hl" (include "elasticsearch.data.fullname" .) | trunc 63 | trimSuffix "-" }}
|
|
{{- $altNames := list (printf "*.%s.%s.svc.%s" $serviceName $releaseNamespace $clusterDomain) (printf "%s.%s.svc.%s" $serviceName $releaseNamespace $clusterDomain) $fullname "127.0.0.1" "localhost" }}
|
|
{{- $crt := genSignedCert $fullname nil $altNames 365 $ca }}
|
|
---
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: {{ printf "%s-crt" (include "elasticsearch.data.fullname" .) }}
|
|
namespace: {{ include "common.names.namespace" . | quote }}
|
|
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
|
{{- if .Values.commonLabels }}
|
|
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
|
|
{{- end }}
|
|
app.kubernetes.io/component: data
|
|
{{- if .Values.commonAnnotations }}
|
|
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
|
{{- end }}
|
|
type: kubernetes.io/tls
|
|
data:
|
|
ca.crt: {{ $ca.Cert | b64enc | quote }}
|
|
tls.crt: {{ $crt.Cert | b64enc | quote }}
|
|
tls.key: {{ $crt.Key | b64enc | quote }}
|
|
{{- end }}
|
|
{{- if and (include "elasticsearch.coordinating.enabled" .) (not .Values.security.tls.coordinating.existingSecret) }}
|
|
{{- $fullname := include "elasticsearch.coordinating.fullname" . }}
|
|
{{- $serviceName := printf "%s-hl" (include "elasticsearch.coordinating.fullname" .) | trunc 63 | trimSuffix "-" }}
|
|
{{- $altNames := list (printf "*.%s.%s.svc.%s" $serviceName $releaseNamespace $clusterDomain) (printf "%s.%s.svc.%s" $serviceName $releaseNamespace $clusterDomain) $fullname "127.0.0.1" "localhost" }}
|
|
{{- $crt := genSignedCert $fullname nil $altNames 365 $ca }}
|
|
---
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: {{ printf "%s-crt" (include "elasticsearch.coordinating.fullname" .) }}
|
|
namespace: {{ include "common.names.namespace" . | quote }}
|
|
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
|
{{- if .Values.commonLabels }}
|
|
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
|
|
{{- end }}
|
|
app.kubernetes.io/component: coordinating-only
|
|
{{- if .Values.commonAnnotations }}
|
|
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
|
{{- end }}
|
|
type: kubernetes.io/tls
|
|
data:
|
|
ca.crt: {{ $ca.Cert | b64enc | quote }}
|
|
tls.crt: {{ $crt.Cert | b64enc | quote }}
|
|
tls.key: {{ $crt.Key | b64enc | quote }}
|
|
{{- end }}
|
|
{{- if and (include "elasticsearch.ingest.enabled" .) (not .Values.security.tls.ingest.existingSecret) }}
|
|
{{- $fullname := include "elasticsearch.ingest.fullname" . }}
|
|
{{- $serviceName := printf "%s-hl" (include "elasticsearch.ingest.fullname" .) | trunc 63 | trimSuffix "-" }}
|
|
{{- $altNames := list (printf "*.%s.%s.svc.%s" $serviceName $releaseNamespace $clusterDomain) (printf "%s.%s.svc.%s" $serviceName $releaseNamespace $clusterDomain) $fullname "127.0.0.1" "localhost" }}
|
|
{{- $crt := genSignedCert $fullname nil $altNames 365 $ca }}
|
|
---
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: {{ printf "%s-crt" (include "elasticsearch.ingest.fullname" .) }}
|
|
namespace: {{ include "common.names.namespace" . | quote }}
|
|
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
|
{{- if .Values.commonLabels }}
|
|
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
|
|
{{- end }}
|
|
app.kubernetes.io/component: ingest
|
|
{{- if .Values.commonAnnotations }}
|
|
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
|
{{- end }}
|
|
type: kubernetes.io/tls
|
|
data:
|
|
ca.crt: {{ $ca.Cert | b64enc | quote }}
|
|
tls.crt: {{ $crt.Cert | b64enc | quote }}
|
|
tls.key: {{ $crt.Key | b64enc | quote }}
|
|
{{- end }}
|
|
{{- end }}
|