-
Notifications
You must be signed in to change notification settings - Fork 724
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ECK to create/manage services by Node type #2572
Comments
Relates #2161. It's fairly easy for users to create their own services targeting any Pods they want using label selectors. You can easily setup something like this: apiVersion: elasticsearch.k8s.elastic.co/v1
kind: Elasticsearch
metadata:
name: quickstart
spec:
version: 7.6.0
nodeSets:
- name: ingest-nodes
count: 3
config:
node.ingest: true
node.data: false
node.master. false
- name: master-nodes
count: 3
config:
node.ingest: false
node.data: false
node.master. true
- name: data-nodes
count: 3
config:
node.ingest: false
node.data: true
node.master. false
---
apiVersion: v1
kind: Service
metadata:
name: es-ingest-nodes
spec:
selector:
common.k8s.elastic.co/type: elasticsearch
elasticsearch.k8s.elastic.co/cluster-name: quickstart
elasticsearch.k8s.elastic.co/node-ingest: true
ports:
- name: https
protocol: TCP
port: 9200
targetPort: 9200 @basigabri do you think that's a good alternative? |
Thank you very much @sebgl for your quick response. I am already doing this. But this is not a managed service from ECK, but a service managed by me. The request would be for ECK to be able to manage services by Node type. Additionally, I tried to configure kibana to hit this custom ingest-nodes service without success.
|
Something looks wrong in the way the certificate is setup in the Kibana configuration. Can you share how you specified this configuration? A more general comment: ingest nodes are mostly useful to pre-process documents before their ingestion happens. It does not make much sense to route Kibana traffic to ingest nodes. Kibana is not ingesting much data and I guess you are note pre-processing Kibana data in Elasticsearch through your own ingest pipeline? |
The secret volume is not mounted in the path
There was a confusion, I want Kibana to hit only what in the past was called Client nodes (in the past), which now are the Coordinating Nodes ... |
Does the error persist if |
Yes, this is a copy paste error. I don't have it commented out. It's like this, same error though, as pasted above.
The main purpose of this Request though, is for the oporerator to be able to manage services by NodeType. Thanks a lot ! |
@basigabri as @sebgl mentioned it's pretty similar to existing issue #2161 (which is to at least document how to do this, if not manage the services in the operator). I think it makes sense to close this ticket and use that other issue to discuss extra services. We can continue trying to troubleshoot your specific configuration here though if you'd like? |
There should really be an easy and reliable way to control where the data is sent. Having the default go to all nodes including master nodes seems like it's setting less attentive users up for failure. Creating an additional service to go to ingest/client/data nodes is relatively simple. I see the issue being it's difficult to use the ECK Kibana/APM server. Unless I'm missing something you need create your own password secret that implements a key with And without I would propose that you be able to keep elasticsearchRef and set Update: My above proposal works on APM server but not on Kibana... not sure if it's a bug or just intended behavior. |
I wonder if we could try to be smart and use the knowledge ECK has about the current topology of the cluster to create two different services:
Creating any other dedicated services (I cannot think of a good use case for those right now) would be the responsibility of the user. |
Currently ECK creates only one service inside k8s, exposed at 9200 port and having a ClusterIP.
This service named {cluster_name}-es-http, includes as endpoints all type of nodes(master,data,ingest).
The other services created one by node type(ingest,data,master) are not exposed: they don't have ClusterIP.
Kibana as an example is using exposed svc, for querying elastic. This means that it hits all endpoints including masters.
We need to create services exposed with ClusterIp, by node type. For example a svc only for ingest nodes. Then hit only these pods.
The text was updated successfully, but these errors were encountered: