fix cluster outage, add masterService template

elasticsearch/Chart.yaml

@@ -4,7 +4,7 @@ maintainers:
 - email: helm-charts@elastic.co
   name: Elastic
 name: elasticsearch
-version: 6.5.4-alpha3
+version: 6.5.4-alpha4
 appVersion: 6.5.4
 sources:
   - https://github.com/elastic/elasticsearch

elasticsearch/templates/_helpers.tpl

@@ -19,6 +19,14 @@ We truncate at 63 chars because some Kubernetes name fields are limited to this
 {{ .Values.clusterName }}-{{ .Values.nodeGroup }}
 {{- end -}}
 
+{{- define "masterService" -}}
+{{- if empty .Values.masterService -}}
+{{ template "uname" . }}
+{{- else -}}
+{{ .Values.masterService }}
+{{- end -}}
+{{- end -}}
+
 {{- define "endpoints" -}}
 {{- $replicas := .replicas | int }}
 {{- $uname := printf "%s-%s" .clusterName .nodeGroup }}

elasticsearch/templates/master-announce-svc.yaml

@@ -0,0 +1,29 @@
+{{ if eq .Values.roles.master "true" }}
+{{- range $i := until (int .Values.replicas) }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "uname" $ }}-announce-{{ $i }}
+  labels:
+    heritage: {{ $.Release.Service | quote }}
+    release: {{ $.Release.Name | quote }}
+    chart: "{{ $.Chart.Name }}-{{ $.Chart.Version }}"
+    app: "{{ template "uname" $ }}"
+  annotations:
+    service.alpha.kubernetes.io/tolerate-unready-endpoints: "true"
+spec:
+  type: ClusterIP
+  publishNotReadyAddresses: true
+  ports:
+  - name: transport
+    port: 9300
+    targetPort: transport
+  selector:
+    heritage: {{ $.Release.Service | quote }}
+    release: {{ $.Release.Name | quote }}
+    chart: "{{ $.Chart.Name }}-{{ $.Chart.Version }}"
+    app: "{{ template "uname" $ }}"
+    statefulset.kubernetes.io/pod-name: {{ template "masterService" $ }}-{{ $i }}
+{{ end }}
+{{ end }}

elasticsearch/templates/statefulset.yaml

@@ -78,6 +78,8 @@ spec:
           secret:
             secretName: {{ .name }}
         {{- end }}
+        - name: config
+          emptyDir: {}
         {{- if .Values.esConfig }}
         - name: esconfig
           configMap:
@@ -94,14 +96,47 @@ spec:
           privileged: true
         image: "{{ .Values.image }}:{{ .Values.imageTag }}"
         command: ["sysctl", "-w", "vm.max_map_count={{ .Values.sysctlVmMaxMapCount}}"]
+      - name: init-config
+        securityContext:
+          runAsUser: 0
+          privileged: true
+        image: "{{ .Values.image }}:{{ .Values.imageTag }}"
+        command:
+        - /bin/bash
+        - -c
+        - |-
+          shopt -s nullglob dotglob
+          files=(/tmp/config/*)
+          if [ ${#files[@]} -gt 0 ]; then
+            cp -r /tmp/config/* /usr/share/elasticsearch/config/
+          fi
+
+          HOSTNAME="$(hostname)"
+          INDEX="${HOSTNAME##*-}"
+
+          ENV_VAR_PREFIX=`echo {{ template "masterService" . }}-|awk '{print toupper($0)}'|sed 's/-/_/g'`
+          HOSTVAR="${ENV_VAR_PREFIX}ANNOUNCE_${INDEX}_SERVICE_HOST"
+          HOST="${!HOSTVAR}"
+
+          if [ ! -f /usr/share/elasticsearch/config/elasticsearch.yml ]; then
+              echo "" > /usr/share/elasticsearch/config/elasticsearch.yml
+          fi;
+          echo "network.publish_host: ${HOST}" >> /usr/share/elasticsearch/config/elasticsearch.yml;
+        volumeMounts:
+        - name: config
+          mountPath: /usr/share/elasticsearch/config
+        {{- if .Values.esConfig }}
+        - name: esconfig
+          mountPath: /tmp/config
+        {{- end }}
       containers:
       - name: "{{ template "name" . }}"
         image: "{{ .Values.image }}:{{ .Values.imageTag }}"
         imagePullPolicy: "{{ .Values.imagePullPolicy }}"
         readinessProbe:
 {{ toYaml .Values.readinessProbe | indent 10 }}
           exec:
-            command: 
+            command:
               - sh
               - -c
               - |
@@ -119,7 +154,7 @@ spec:
                     fi
                     curl -XGET -s -k --fail ${BASIC_AUTH} {{ .Values.protocol }}://127.0.0.1:{{ .Values.httpPort }}${path}
                 }
-  
+
                 if [ -f "${START_FILE}" ]; then
                     echo 'Elasticsearch is already running, lets check the node is healthy'
                     http "/"
@@ -155,7 +190,7 @@ spec:
           {{- end }}
           {{- end }}
           - name: discovery.zen.ping.unicast.hosts
-            value: "{{ .Values.masterService }}-headless"
+            value: "{{ template "masterService" . }}-headless"
           - name: cluster.name
             value: "{{ .Values.clusterName }}"
           - name: network.host
@@ -180,7 +215,18 @@ spec:
             {{- end }}
           {{- end }}
           {{- range $path, $config := .Values.esConfig }}
-          - name: esconfig
+          - name: config
             mountPath: /usr/share/elasticsearch/config/{{ $path }}
             subPath: {{ $path }}
+          {{- end }}
+          {{- if not (empty .Values.esConfig) }}
+          {{- if not (hasKey .Values.esConfig "elasticsearch.yml") }}
+          - name: config
+            mountPath: /usr/share/elasticsearch/config/elasticsearch.yml
+            subPath: elasticsearch.yml
+          {{- end -}}
+          {{- else if (empty .Values.esConfig) }}
+          - name: config
+            mountPath: /usr/share/elasticsearch/config/elasticsearch.yml
+            subPath: elasticsearch.yml
           {{- end -}}

elasticsearch/values.yaml

@@ -4,7 +4,7 @@ nodeGroup: "master"
 
 # The service that non master groups will try to connect to when joining the cluster
 # This should be set to clusterName + "-" + nodeGroup for your master group
-masterService: "elasticsearch-master"
+masterService: ""
 
 # Elasticsearch roles that will be applied to this nodeGroup
 # These will be set as environment variables. E.g. node.master=true
@@ -37,7 +37,7 @@ extraEnvs:
 # A list of secrets and their paths to mount inside the pod
 # This is useful for mounting certificates for security and for mounting
 # the X-Pack license
-secretMounts: 
+secretMounts:
 #  - name: elastic-certificates
 #    secretName: elastic-certificates
 #    path: /usr/share/elasticsearch/config/certs
@@ -67,7 +67,7 @@ volumeClaimTemplate:
 
 # By default this will make sure two pods don't end up on the same node
 # Changing this to a region would allow you to spread pods across regions
-antiAffinityTopologyKey: "kubernetes.io/hostname" 
+antiAffinityTopologyKey: "kubernetes.io/hostname"
 
 # Hard means that by default pods will only be scheduled if there are enough nodes for them
 # and that they will never end up on the same node. Setting this to soft will do this "best effort"