New to KubeDB? Please start here.
ElasticsearchVersion
What is ElasticsearchVersion
ElasticsearchVersion
is a Kubernetes Custom Resource Definitions
(CRD). It provides a declarative configuration to specify the docker images to be used for Elasticsearch, Kibana and OpenSearch, OpenSearch-Dashboards deployed with KubeDB in a Kubernetes native way.
When you install KubeDB, an ElasticsearchVersion
custom resource will be created automatically for every supported Elasticsearch and OpenSearch version. You have to specify the name of ElasticsearchVersion
CRD in spec.version
field of Elasticsearch CRD. Then, KubeDB will use the docker images specified in the ElasticsearchVersion
CRD to create your expected database. If you want to provision Kibana
or Opensearch-Dashboards
, you have to specify the name of Elasticsearch
CRD in spec.databaseRef.name
field of ElasticsearchDashboard CRD. Then, KubeDB will use the compatible docker image specified in the .spec.dashboard.image
field of the ElasticsearchVersion
CRD that Elasticsearch is using to create your expected dashboard.
Using a separate CRD for specifying respective docker images, and pod security policy names allow us to modify the images, and policies independent of the KubeDB operator. This will also allow the users to use a custom image for the database.
ElasticsearchVersion Specification
As with all other Kubernetes objects, an ElasticsearchVersion needs apiVersion
, kind
, and metadata
fields. It also needs a .spec
section.
apiVersion: catalog.kubedb.com/v1alpha1
kind: ElasticsearchVersion
metadata:
annotations:
meta.helm.sh/release-name: kubedb
meta.helm.sh/release-namespace: kubedb
creationTimestamp: "2022-12-29T09:23:41Z"
generation: 1
labels:
app.kubernetes.io/instance: kubedb
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: kubedb-catalog
app.kubernetes.io/version: v2022.12.28
helm.sh/chart: kubedb-catalog-v2022.12.28
name: xpack-8.11.1
resourceVersion: "1844"
uid: db8b5122-bce8-4e80-b608-e314954f2980
spec:
authPlugin: X-Pack
dashboard:
image: kibana:7.14.0
dashboardInitContainer:
yqImage: kubedb/elasticsearch-dashboard-init:7.14.0-xpack-v2022.02.22
db:
image: elasticsearch:7.14.0
distribution: ElasticStack
exporter:
image: prometheuscommunity/elasticsearch-exporter:v1.3.0
initContainer:
image: tianon/toybox:0.8.4
yqImage: kubedb/elasticsearch-init:7.14.0-xpack-v2021.08.23
podSecurityPolicies:
databasePolicyName: elasticsearch-db
securityContext:
runAsAnyNonRoot: true
runAsUser: 1000
stash:
addon:
backupTask:
name: elasticsearch-backup-7.3.2
params:
- name: args
value: --match=^(?![.])(?!kubedb-system).+
restoreTask:
name: elasticsearch-restore-7.3.2
params:
- name: args
value: --match=^(?![.])(?!kubedb-system).+
updateConstraints:
allowlist:
- < 7.18.0
version: 7.14.0
metadata.name
metadata.name
is a required field that specifies the name of the ElasticsearchVersion
CRD. You have to specify this name in spec.version
field of Elasticsearch CRD.
We follow this convention for naming ElasticsearchVersion CRD:
Name format:
{Security Plugin Name}-{Application Version}-{Modification Tag}
Samples:
xpack-8.11.1
,xpack-8.11.1
,opensearch-2.8.0
, etc.
We use the original Elasticsearch docker image provided by the distributors. Then we bundle the image with the necessary sidecar and init container images which facilitate features like sysctl kernel settings, custom configuration, monitoring matrices, etc. An image with a higher modification tag will have more features and fixes than an image with a lower modification tag. Hence, it is recommended to use ElasticsearchVersion CRD with the highest modification tag to take advantage of the latest features.
spec.version
spec.version
is a required field that specifies the original version of the Elasticsearch database that has been used to build the docker image specified in spec.db.image
field.
spec.deprecated
spec.deprecated
is an optional field that specifies whether the docker images specified here is supported by the current KubeDB operator. For example, we have modified kubedb/elasticsearch:7.x.x-xpack
docker images to support custom configuration and re-tagged as kubedb/elasticsearch:7.x.x-xpack-v1
. Now, KubeDB operator version:x.y.z
supports providing custom configuration which required kubedb/elasticsearch:7.x.x-xpack-v1
docker images. So, we have marked kubedb/elasticsearch:7.x.x-xpack
as deprecated in KubeDB version:x.y.z
.
The default value of this field is false
. If spec.deprecated
is set true
, the KubeDB operator will not create the database and other respective resources for this version.
spec.db.image
spec.db.image
is a required
field that specifies the docker image which will be used to create PetSet by KubeDB provisioner operator to create the expected Elasticsearch/OpenSearch database.
spec.dashboard.image
spec.dashboard.image
is an optional
field that specifies the docker image which will be used to create Deployment by KubeDB dashboard operator to create the expected Kibana/Opensearch-dashboards.
spec.exporter.image
spec.exporter.image
is a required
field that specifies the image which will be used to export Prometheus metrics if monitoring is enabled.
spec.updateConstraints
updateConstraints specifies the constraints that need to be considered during version update. Here allowList
contains the versions those are allowed for updating from the current version.
An empty list of AllowList indicates all the versions are accepted except the denyList.
On the other hand, DenyList
contains all the rejected versions for the update request. An empty list indicates no version is rejected.
spec.podSecurityPolicies.databasePolicyName
spec.podSecurityPolicies.databasePolicyName
is a required field that specifies the name of the pod security policy required to get the database server pod(s) running.
helm upgrade -i kubedb oci://ghcr.io/appscode-charts/kubedb \
--namespace kubedb --create-namespace \
--set additionalPodSecurityPolicies[0]=custom-db-policy \
--set additionalPodSecurityPolicies[1]=custom-snapshotter-policy \
--set-file global.license=/path/to/the/license.txt \
--wait --burst-limit=10000 --debug
spec.stash
This holds the Backup & Restore task definitions, where a TaskRef
has a Name
& Params
section. Params specifies a list of parameters to pass to the task.