Hello,
I have a tyk-ce installed Kubernetes environment. My purpose is to integrate tyk-ce with ElasticSearch for observe analytics.
How can I pass ElasticSearch authentication and tls information via Helm chart?
Thanks & Regards
Regarding to the advise here I updated the config like that:
extraEnvs:
- name: TYK_PMP_PUMPS_ELASTICSEARCH_TYPE
value: "elasticsearch"
- name: TYK_PMP_PUMPS_ELASTICSEARCH_META_ELASTICSEARCHURL
value: https://escluster-es-http.eck.svc.cluster.local:9200
- name: TYK_PMP_PUMPS_ELASTICSEARCH_META_INDEXNAME
value: "tyk_analytics"
- name: TYK_PMP_PUMPS_ELASTICSEARCH_META_DOCUMENTTYPE
value: "tyk_analytics"
- name: TYK_PMP_PUMPS_ELASTICSEARCH_META_ROLLINGINDEX
value: true
- name: TYK_PMP_PUMPS_ELASTICSEARCH_META_EXTENDEDSTATS
value: false
- name: TYK_PMP_PUMPS_ELASTICSEARCH_META_ENABLESNIFFING
value: false
- name: TYK_PMP_PUMPS_ELASTICSEARCH_META_VERSION
value: 6
- name: TYK_PMP_PUMPS_ELASTICSEARCH_META_BULKCONFIG
workers: 2
flush_interval: 60
- name: TYK_PMP_PUMPS_ELASTICSEARCH_META_USER
value: "elastic"
- name: TYK_PMP_PUMPS_ELASTICSEARCH_META_PASSWD
valueFrom:
secretKeyRef:
name: escluster-es-elastic-user
key: elastic
- name: TYK_PMP_PUMPS_ELASTICSEARCH_META_TLS
value: true
- name: TYK_PMP_PUMPS_ELASTICSEARCH_META_TLSVERIFY
value: false
but there is something missing or wrong in my config. Could u pls advise?
$:~/tyk/tyk-headless$ k logs -n tyk pump-tyk-ce-tyk-headless-6799f5d555-l9j88
time="Oct 27 14:05:23" level=info msg="## Tyk Analytics Pump, 1.4.0 ##"
time="Oct 27 14:05:23" level=info msg="--> [REDIS] Creating single-node client"
time="Oct 27 14:05:23" level=info msg="Serving health check endpoint at http://localhost:8083/health ..."
time="Oct 27 14:05:23" level=info msg=Init collection_name="tyk_analytics_headless" url=
time="Oct 27 14:05:23" level=info msg="-- No max batch size set, defaulting to 10MB"
time="Oct 27 14:05:23" level=info msg="-- No max document size set, defaulting to 10MB"
$:~/tyk/tyk-headless$
Are you sure you added the variables to the Pump section and not the Gateway section? The variables did not get picked up by Pump at all.
yes @sedky
pump:
# Determines whither or not the pump component should be installed.
enabled: true
replicaCount: 1
image:
repository: docker.tyk.io/tyk-pump/tyk-pump
tag: v1.4.0
pullPolicy: IfNotPresent
annotations: {}
resources: {}
# We usually recommend not to specify default resources and to leave this
# as a conscious choice for the user. This also increases chances charts
# run on environments with little resources, such as Minikube. If you do
# want to specify resources, uncomment the following lines, adjust them
# as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
nodeSelector: {}
tolerations: []
affinity: {}
extraEnvs:
- name: TYK_PMP_PUMPS_ELASTICSEARCH_TYPE
value: "elasticsearch"
- name: TYK_PMP_PUMPS_ELASTICSEARCH_META_ELASTICSEARCHURL
value: "https://escluster-es-http.eck.svc.cluster.local:9200"
- name: TYK_PMP_PUMPS_ELASTICSEARCH_META_INDEXNAME
value: "tyk_analytics"
- name: TYK_PMP_PUMPS_ELASTICSEARCH_META_DOCUMENTTYPE
value: "tyk_analytics"
- name: TYK_PMP_PUMPS_ELASTICSEARCH_META_ROLLINGINDEX
value: true
- name: TYK_PMP_PUMPS_ELASTICSEARCH_META_EXTENDEDSTATS
value: false
- name: TYK_PMP_PUMPS_ELASTICSEARCH_META_ENABLESNIFFING
value: false
- name: TYK_PMP_PUMPS_ELASTICSEARCH_META_VERSION
value: 6
- name: TYK_PMP_PUMPS_ELASTICSEARCH_META_BULKCONFIG
workers: 2
flush_interval: 60
- name: TYK_PMP_PUMPS_ELASTICSEARCH_META_USER
value: "elastic"
- name: TYK_PMP_PUMPS_ELASTICSEARCH_META_PASSWD
valueFrom:
secretKeyRef:
name: escluster-es-elastic-user
key: elastic
- name: TYK_PMP_PUMPS_ELASTICSEARCH_META_TLS
value: true
- name: TYK_PMP_PUMPS_ELASTICSEARCH_META_TLSVERIFY
value: false
mounts: []
rbac: true
bash-5.1# curl -u "elastic:8x7Vblablalbalabla" -k "https://escluster-es-http.eck.svc.cluster.local:9200" | jq
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 550 1{0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
"name": "escluster-es-default-0",
"cluster_name": "escluster",
"cluster_uuid": "E4PuDMgKTWmVkt8Lf2FxgQ",
00 550 0 0 80 "version": {
21 "number": "7.15.0",
"build_flavor": "default",
"build_type": "docker",
"build_hash": "79d65f6e357953a5b3cbcc5e2c7c21073d89aa29",
"build_date": "2021-09-16T03:05:29.143308416Z",
"build_snapshot": false,
"lucene_version": "8.9.0" ,
0 "minimum_wire_compatibility_version": "6.8.0",
- "minimum_index_compatibility_version": "6.0.0-beta1"
- },
:- "tagline": "You Know, for Search"-
:-- --:--}
:-- --:--:-- 8088
bash-5.1#
@sedky it says
collection_name="tyk_analytics_headless" url=
…because the both gw and pump variables are set in the same values.yaml file in helm package.
Hello,
Tyk pump doesn’t care what I type in extraEnv field in Helm values.yaml file. When I check pump pod, none of variables were set there.
I had to edit configmap pump-conf-tyk-ce-tyk-headless and added following lines:
...
"tls": true,
"tlsverify": false,
..
nothing changed,
...
"use_ssl": true,
"ssl_insecure_skip_verify": true,
...
nothing changed,
...
"elasticsearch_tls": true,
"elasticsearch_tlsverify": false,
...
…still getting same error:
level=error msg="Elasticsearch connection failed: health check timeout: Head \"https://escluster-es-http.eck.svc.cluster.local:9200\": x509: certificate signed by unknown authority: no Elasticsearch node available"
type or paste code here
Could you please advise what is the correct definition?
Thanks & Regards