diff options
author | osgn422w <gervais-martial.ngueko@intl.att.com> | 2020-02-11 15:50:21 +0100 |
---|---|---|
committer | osgn422w <gervais-martial.ngueko@intl.att.com> | 2020-02-21 10:56:48 +0100 |
commit | b561a597b5506eb2ea43aba1bac1825a1c8b3514 (patch) | |
tree | e6dba8592ce4b2300de547d26970863adc807a56 /kubernetes/clamp/charts/clamp-dash-kibana/resources/config/kibana.yml | |
parent | a8d9663f1e84d021f5a1be309aabd3f13cb8c91d (diff) |
move to OpenDistro
move dashboard to Opendistro and certificate update
Issue-ID: CLAMP-483
Change-Id: Ibaba1d517c13adeab611ab23749fb16295081372
Signed-off-by: osgn422w <gervais-martial.ngueko@intl.att.com>
Diffstat (limited to 'kubernetes/clamp/charts/clamp-dash-kibana/resources/config/kibana.yml')
-rw-r--r-- | kubernetes/clamp/charts/clamp-dash-kibana/resources/config/kibana.yml | 126 |
1 files changed, 13 insertions, 113 deletions
diff --git a/kubernetes/clamp/charts/clamp-dash-kibana/resources/config/kibana.yml b/kubernetes/clamp/charts/clamp-dash-kibana/resources/config/kibana.yml index 55df82b0f1..db81e3da00 100644 --- a/kubernetes/clamp/charts/clamp-dash-kibana/resources/config/kibana.yml +++ b/kubernetes/clamp/charts/clamp-dash-kibana/resources/config/kibana.yml @@ -1,4 +1,4 @@ -# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# Copyright © 2020 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -10,126 +10,26 @@ # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and -# limitations under the License. -#xpack.graph.enabled: false -#Set to false to disable X-Pack graph features. -#xpack.ml.enabled: false -#Set to false to disable X-Pack machine learning features. -#xpack.monitoring.enabled: false -#Set to false to disable X-Pack monitoring features. -#xpack.reporting.enabled: false -#Set to false to disable X-Pack reporting features. -#xpack.security.enabled: false -#Set to false to disable X-Pack security features. -#xpack.watcher.enabled: false -#Set to false to disable Watcher. +# limitations under the License.# Default Kibana configuration from kibana-docker. + +server.name: "Clamp CL Dashboard" +server.host: "0" # Kibana is served by a back end server. This setting specifies the port to use. server.port: {{.Values.service.externalPort}} -# Specifies the address to which the Kibana server will bind. IP addresses and host names are both valid values. -# The default is 'localhost', which usually means remote machines will not be able to connect. -# To allow connections from remote users, set this parameter to a non-loopback address. -server.host: "0.0.0.0" - -# Enables you to specify a path to mount Kibana at if you are running behind a proxy. This only affects -# the URLs generated by Kibana, your proxy is expected to remove the basePath value before forwarding requests -# to Kibana. This setting cannot end in a slash. -#server.basePath: "" - -# The maximum payload size in bytes for incoming server requests. -#server.maxPayloadBytes: 1048576 - -# The Kibana server's name. This is used for display purposes. -server.name: "Clamp Dashboard" - -# The URL of the Elasticsearch instance to use for all your queries. -elasticsearch.url: "http://{{.Values.config.elasticsearchServiceName}}.{{ include "common.namespace" . }}:{{.Values.config.elasticsearchPort}}" -# When this setting's value is true Kibana uses the hostname specified in the server.host -# setting. When the value of this setting is false, Kibana uses the hostname of the host -# that connects to this Kibana instance. -#elasticsearch.preserveHost: true - -# Kibana uses an index in Elasticsearch to store saved searches, visualizations and -# dashboards. Kibana creates a new index if the index doesn't already exist. -#kibana.index: ".kibana" - -# The default application to load. -#kibana.defaultAppId: "discover" - -# If your Elasticsearch is protected with basic authentication, these settings provide -# the username and password that the Kibana server uses to perform maintenance on the Kibana -# index at startup. Your Kibana users still need to authenticate with Elasticsearch, which -# is proxied through the Kibana server. -#elasticsearch.username: "elastic" -#elasticsearch.password: "changeme" -# Enables SSL and paths to the PEM-format SSL certificate and SSL key files, respectively. -# These settings enable SSL for outgoing requests from the Kibana server to the browser. server.ssl.enabled: {{.Values.config.sslEnabled}} server.ssl.certificate: {{.Values.config.sslPemCertFilePath}} server.ssl.key: {{.Values.config.sslPemkeyFilePath}} -# Optional settings that provide the paths to the PEM-format SSL certificate and key files. -# These files validate that your Elasticsearch backend uses the same key files. -#elasticsearch.ssl.certificate: $elasticsearch_ssl_certificate -#elasticsearch.ssl.key: $elasticsearch_ssl_key - -# Optional setting that enables you to specify a path to the PEM file for the certificate -# authority for your Elasticsearch instance. -#elasticsearch.ssl.certificateAuthorities: $elasticsearch_ssl_certificateAuthorities - -# To disregard the validity of SSL certificates, change this setting's value to 'none'. -#elasticsearch.ssl.verificationMode: $elasticsearch_ssl_verificationMode - -# Time in milliseconds to wait for Elasticsearch to respond to pings. Defaults to the value of -# the elasticsearch.requestTimeout setting. -#elasticsearch.pingTimeout: 1500 - -# Time in milliseconds to wait for responses from the back end or Elasticsearch. This value -# must be a positive integer. -#elasticsearch.requestTimeout: 30000 - -# List of Kibana client-side headers to send to Elasticsearch. To send *no* client-side -# headers, set this value to [] (an empty list). -#elasticsearch.requestHeadersWhitelist: [ authorization ] - -# Header names and values that are sent to Elasticsearch. Any custom headers cannot be overwritten -# by client-side headers, regardless of the elasticsearch.requestHeadersWhitelist configuration. -#elasticsearch.customHeaders: {} - -# Time in milliseconds for Elasticsearch to wait for responses from shards. Set to 0 to disable. -#elasticsearch.shardTimeout: 0 - -# Time in milliseconds to wait for Elasticsearch at Kibana startup before retrying. -#elasticsearch.startupTimeout: 5000 - -# Specifies the path where Kibana creates the process ID file. -#pid.file: /var/run/kibana.pid - -# Enables you specify a file where Kibana stores log output. -#logging.dest: stdout - -# Set the value of this setting to true to suppress all logging output. -#logging.silent: false - -# Set the value of this setting to true to suppress all logging output other than error messages. -#logging.quiet: false - -# Set the value of this setting to true to log all events, including system usage information -# and all requests. -#logging.verbose: false - -# Set the interval in milliseconds to sample system and process performance -# metrics. Minimum is 100ms. Defaults to 5000. -#ops.interval: 5000 - -# The default locale. This locale can be used in certain circumstances to substitute any missing -# translations. -#i18n.defaultLocale: "en" +# The URL of the Elasticsearch instance to use for all your queries. +elasticsearch.hosts: ${elasticsearch_base_url} -## Search Guard -# -#xpack.security.enabled: false +elasticsearch.ssl.verificationMode: none elasticsearch.username: {{.Values.config.elasticUSR}} elasticsearch.password: {{.Values.config.elasticPWD}} -searchguard.cookie.password: 123567818187654rwrwfsfshdhdhtegdhfzftdhncn +elasticsearch.requestHeadersWhitelist: ["securitytenant","Authorization"] + +opendistro_security.multitenancy.enabled: true +opendistro_security.multitenancy.tenants.preferred: ["Private", "Global"] +opendistro_security.readonly_mode.roles: ["kibana_read_only"]
\ No newline at end of file |