- Elastic Cloud on Kubernetes:
- Overview
- Quickstart
- Operating ECK
- Orchestrating Elastic Stack applications
- Run Elasticsearch on ECK
- JVM heap size
- Node configuration
- Volume claim templates
- Storage recommendations
- HTTP settings and TLS SANs
- Transport settings
- Virtual memory
- Settings managed by ECK
- Secure settings
- Custom configuration files and plugins
- Init containers for plugin downloads
- Update strategy
- Pod disruption budget
- Nodes orchestration
- Advanced Elasticsearch node scheduling
- Create automated snapshots
- Remote clusters
- Readiness probe
- Pod PreStop hook
- Elasticsearch autoscaling
- Run Kibana on ECK
- Run APM Server on ECK
- Run Elastic Agent on ECK
- Run Enterprise Search on ECK
- Run Beats on ECK
- Secure the Elastic Stack
- Access Elastic Stack services
- Customize Pods
- Manage compute resources
- Upgrade the Elastic Stack version
- Run Elasticsearch on ECK
- Advanced topics
- Reference
- API Reference
- agent.k8s.elastic.co/v1alpha1
- apm.k8s.elastic.co/v1
- apm.k8s.elastic.co/v1beta1
- beat.k8s.elastic.co/v1beta1
- common.k8s.elastic.co/v1
- common.k8s.elastic.co/v1beta1
- elasticsearch.k8s.elastic.co/v1
- elasticsearch.k8s.elastic.co/v1beta1
- enterprisesearch.k8s.elastic.co/v1
- enterprisesearch.k8s.elastic.co/v1beta1
- kibana.k8s.elastic.co/v1
- kibana.k8s.elastic.co/v1beta1
- Glossary
- Third-party dependencies
- API Reference
- Release highlights
- 1.5.0 release highlights
- 1.4.1 release highlights
- 1.4.0 release highlights
- 1.3.2 release highlights
- 1.3.1 release highlights
- 1.3.0 release highlights
- 1.2.2 release highlights
- 1.2.1 release highlights
- 1.2.0 release highlights
- 1.1.2 release highlights
- 1.1.1 release highlights
- 1.1.0 release highlights
- 1.0.1 release highlights
- 1.0.0 release highlights
- 1.0.0-beta1 release highlights
- Release notes
- Elastic Cloud on Kubernetes version 1.5.0
- Elastic Cloud on Kubernetes version 1.4.1
- Elastic Cloud on Kubernetes version 1.4.0
- Elastic Cloud on Kubernetes version 1.3.2
- Elastic Cloud on Kubernetes version 1.3.1
- Elastic Cloud on Kubernetes version 1.3.0
- Elastic Cloud on Kubernetes version 1.2.2
- Elastic Cloud on Kubernetes version 1.2.1
- Elastic Cloud on Kubernetes version 1.2.0
- Elastic Cloud on Kubernetes version 1.1.2
- Elastic Cloud on Kubernetes version 1.1.1
- Elastic Cloud on Kubernetes version 1.1.0
- Elastic Cloud on Kubernetes version 1.0.1
- Elastic Cloud on Kubernetes version 1.0.0
- Elastic Cloud on Kubernetes version 1.0.0-beta1
HTTP settings and TLS SANs
editHTTP settings and TLS SANs
editChange Kubernetes service type
editThe default service (<cluster_name>-es-http
) created by the operator is a ClusterIP
service that makes the Elasticsearch cluster accessible from within the Kubernetes cluster. You can change the service type by updating the spec.http.service.spec.type
field as follows:
apiVersion: elasticsearch.k8s.elastic.co/v1 kind: Elasticsearch metadata: name: quickstart spec: version: 8.17.2 http: service: spec: type: LoadBalancer nodeSets: - name: default count: 3
Refer to the Kubernetes service types documentation for more information about different service types available.
When you change the clusterIP
setting of the service, ECK will delete and re-create the service as clusterIP
is an immutable field. Depending on your client implementation, this might result in a short disruption until the service DNS entries refresh to point to the new endpoints.
Change exposed Elasticsearch nodes
editBy default, the service created by the operator encompasses all Elasticsearch nodes in the cluster. If you prefer to restrict the set of accessible Elasticsearch nodes, you can do so by specifying a new selector
. For example, to exclude master nodes from receiving requests, override the service definition as follows:
apiVersion: elasticsearch.k8s.elastic.co/v1 kind: Elasticsearch metadata: name: quickstart spec: version: 8.17.2 http: service: spec: selector: elasticsearch.k8s.elastic.co/cluster-name: "quickstart" elasticsearch.k8s.elastic.co/node-master: "false" nodeSets: - name: master count: 1 config: node.roles: ["master"] - name: data count: 5 config: node.roles: ["data"]
See Traffic Splitting for information about more advanced traffic-splitting configurations.
Customize the self-signed certificate
editThe operator generates a self-signed TLS certificate to secure the Elasticsearch HTTP layer. You can add extra IP addresses or DNS names to the generated certificate as follows:
apiVersion: elasticsearch.k8s.elastic.co/v1 kind: Elasticsearch metadata: name: quickstart spec: version: 8.17.2 http: tls: selfSignedCertificate: subjectAltNames: - ip: 1.2.3.4 - dns: hulk.example.com nodeSets: - name: default count: 3
On this page