diff options
| author | Alex Auvolat <alex@adnab.me> | 2022-05-04 16:27:46 +0200 |
|---|---|---|
| committer | Alex Auvolat <alex@adnab.me> | 2022-05-04 16:27:46 +0200 |
| commit | 9cae8c8fc2fc3486edb80a135ecfed02fb6840a3 (patch) | |
| tree | b9dc92ec1e57d743089d5cc67a1d7a1609f3de97 /app/telemetry/deploy/telemetry-system.hcl | |
| parent | 1b4f96ffb2fb4130102955fdf1b152c6d56ee0f8 (diff) | |
| download | nixcfg-9cae8c8fc2fc3486edb80a135ecfed02fb6840a3.tar.gz nixcfg-9cae8c8fc2fc3486edb80a135ecfed02fb6840a3.zip | |
Update telemetry to ES 8.2.0 and simplify config a bit
Diffstat (limited to 'app/telemetry/deploy/telemetry-system.hcl')
| -rw-r--r-- | app/telemetry/deploy/telemetry-system.hcl | 18 |
1 files changed, 13 insertions, 5 deletions
diff --git a/app/telemetry/deploy/telemetry-system.hcl b/app/telemetry/deploy/telemetry-system.hcl index cb39bac..d5a7241 100644 --- a/app/telemetry/deploy/telemetry-system.hcl +++ b/app/telemetry/deploy/telemetry-system.hcl @@ -15,10 +15,11 @@ job "telemetry-system" { task "elastic" { driver = "docker" config { - image = "docker.elastic.co/elasticsearch/elasticsearch:7.17.0" + image = "docker.elastic.co/elasticsearch/elasticsearch:8.2.0" network_mode = "host" volumes = [ "/mnt/ssd/telemetry/es_data:/usr/share/elasticsearch/data", + "secrets/elastic-certificates.p12:/usr/share/elasticsearch/config/elastic-certificates.p12", ] ports = [ "elastic", "elastic_internal" ] sysctl = { @@ -29,12 +30,19 @@ job "telemetry-system" { } } + user = "1000" + resources { memory = 1500 cpu = 500 } template { + data = "{{ key \"secrets/telemetry/elasticsearch/elastic-certificates.p12\" }}" + destination = "secrets/elastic-certificates.p12" + } + + template { data = <<EOH node.name={{ env "attr.unique.hostname" }} http.port=9200 @@ -48,8 +56,8 @@ xpack.security.authc.api_key.enabled=true xpack.security.transport.ssl.enabled=true xpack.security.transport.ssl.verification_mode=certificate xpack.security.transport.ssl.client_authentication=required -xpack.security.transport.ssl.keystore.path=/usr/share/elasticsearch/data/elastic-certificates.p12 -xpack.security.transport.ssl.truststore.path=/usr/share/elasticsearch/data/elastic-certificates.p12 +xpack.security.transport.ssl.keystore.path=/usr/share/elasticsearch/config/elastic-certificates.p12 +xpack.security.transport.ssl.truststore.path=/usr/share/elasticsearch/config/elastic-certificates.p12 cluster.routing.allocation.disk.watermark.high=75% cluster.routing.allocation.disk.watermark.low=65% ES_JAVA_OPTS=-Xms512M -Xmx512M @@ -101,7 +109,7 @@ EOH task "apm" { driver = "docker" config { - image = "docker.elastic.co/apm/apm-server:7.17.1" + image = "docker.elastic.co/apm/apm-server:8.2.0" network_mode = "host" ports = [ "apm" ] args = [ "--strict.perms=false" ] @@ -144,7 +152,7 @@ EOH task "filebeat" { driver = "docker" config { - image = "docker.elastic.co/beats/filebeat:7.17.1" + image = "docker.elastic.co/beats/filebeat:8.2.0" network_mode = "host" volumes = [ "/mnt/ssd/telemetry/filebeat:/usr/share/filebeat/data", |