Add working examples for running Elasticsearch and Kibana on ope… #263
Conversation
Closes: #15 We don't currently have automated testing for openshift clusters however these have been manually tested and confirmed to work. For now having an example on how to do this is nice but in the future we can consider adding a value to pragmatically disable these features with something like `openshift: true` Special thanks to @geogdog for getting these working and providing the correct changes needed.
| helm template --values ./values.yaml ../../ | ||
|
|
||
| install: | ||
| helm upgrade --wait --timeout=600 --install $(RELEASE) --values ./values.yaml ../../ ; \ |
There was a problem hiding this comment.
Why do we have ; \ at the end of the line?
There was a problem hiding this comment.
fixed! Guessing it was leftover from a copy paste where it is doing multiple commands.
kibana/examples/openshift/values.yml
Outdated
| --- | ||
|
|
||
| fsGroup: null | ||
| runAsUser: null |
There was a problem hiding this comment.
Shouldn't we have the same structure as in elasticsearch/examples/openshift/values.yaml?
securityContext:
runAsUser: null
podSecurityContext:
fsGroup: null
There was a problem hiding this comment.
It would be nice indeed, but trying to keep the charts identical for every change is quite the challenge. For backwards compatibility reasons the Elasticsearch chart does actually still support fsGroup directly as per #171. These changes could also be backported to Kibana. Wherever possible I have been trying to keep changes in sync and to follow the same style as other charts but this one slipped in.
There was a problem hiding this comment.
Isn't this already the case in kibana/values.yaml#L57-L66?
podSecurityContext:
fsGroup: 1000
securityContext:
capabilities:
drop:
- ALL
# readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1000
There was a problem hiding this comment.
You are 100% right. I could have sworn this was working before my holiday. When I ran make template just now it is clearly not doing anything. Just pushed a new commit using the correct values.
Co-Authored-By: Julien Mailleret <jmlrt@users.noreply.github.com>
Crazybus
changed the title
Closes: #15
We don't currently have automated testing for openshift clusters however
these have been manually tested and confirmed to work. For now having
an example on how to do this is nice but in the future we can consider
adding a value to pragmatically disable these features with something
like
openshift: trueSpecial thanks to @geogdog for getting these working and providing the
correct changes needed.
${CHART}/tests/*.py${CHART}/examples/*/test/goss.yaml