wfhartford/juicy-admin-apm-server-certificate.yaml

## juicy-admin-apm-server-certificate.yaml
apiVersion: cert-manager.io/v1alpha2
kind: Certificate
metadata:
  name: juicy-admin-apm-server
spec:
  secretName: juicy-admin-apm-http-juicy-admin-svc-cluster-local-tls
  issuerRef:
    kind: Issuer
    name: juicy-admin-vault
  duration: 48h
  renewBefore: 12h
  commonName: juicy-admin-apm-http.juicy-admin.svc.cluster.local
  dnsNames:
    - juicy-admin-apm-http.juicy-admin.svc.cluster.local
    - juicy-admin-apm-http.juicy-admin.svc
    - juicy-admin-apm-http.juicy-admin

## juicy-admin-apm-server.yaml
apiVersion: apm.k8s.elastic.co/v1
kind: ApmServer
metadata:
  name: juicy-admin
spec:
  version: 7.8.0
  count: 1
  elasticsearchRef:
    name: juicy-admin
  http:
    tls:
      certificate:
        secretName: juicy-admin-apm-http-juicy-admin-svc-cluster-local-tls

## juicy-admin-elasticsearch-certificate.yaml
apiVersion: cert-manager.io/v1alpha2
kind: Certificate
metadata:
  name: juicy-admin-elasticsearch
spec:
  secretName: juicy-admin-es-http-juicy-admin-svc-cluster-local-tls
  issuerRef:
    kind: Issuer
    name: juicy-admin-vault
  duration: 48h
  renewBefore: 12h
  commonName: juicy-admin-es-http.juicy-admin.svc.cluster.local
  dnsNames:
    - juicy-admin-es-http.juicy-admin.svc.cluster.local
    - juicy-admin-es-http.juicy-admin.svc
    - juicy-admin-es-http.juicy-admin

## juicy-admin-elasticsearch.yaml
apiVersion: elasticsearch.k8s.elastic.co/v1
kind: Elasticsearch
metadata:
  name: juicy-admin
spec:
  version: 7.8.0
  nodeSets:
    - name: default
      count: 3
      volumeClaimTemplates:
        - metadata:
            name: juicy-admin-data
          spec:
            accessModes:
              - ReadWriteOnce
            resources:
              requests:
                storage: 50Gi
      config:
        node.master: true
        node.data: true
        node.ingest: true
      podTemplate:
        spec:
          initContainers:
            - name: sysctl
              securityContext:
                privileged: true
              command: ['sh', '-c', 'sysctl -w vm.max_map_count=262144']
  http:
    tls:
      certificate:
        secretName: juicy-admin-es-http-juicy-admin-svc-cluster-local-tls
  auth:
    fileRealm:
      - secretName: juicy-admin-elasticsearch-users
      - secretName: juicy-admin-elasticsearch-user-roles
    roles:
      - secretName: juicy-admin-elasticsearch-roles

## juicy-admin-kibana-certificate.yaml
apiVersion: cert-manager.io/v1alpha2
kind: Certificate
metadata:
  name: juicy-admin-kibana
spec:
  secretName: juicy-admin-kb-http-juicy-admin-svc-cluster-local-tls
  issuerRef:
    kind: Issuer
    name: juicy-admin-vault
  duration: 48h
  renewBefore: 12h
  commonName: juicy-admin-kb-http.juicy-admin.svc.cluster.local
  dnsNames:
    - juicy-admin-kb-http.juicy-admin.svc.cluster.local
    - juicy-admin-kb-http.juicy-admin.svc
    - juicy-admin-kb-http.juicy-admin

## juicy-admin-kibana.yaml
apiVersion: kibana.k8s.elastic.co/v1
kind: Kibana
metadata:
  name: juicy-admin
spec:
  version: 7.8.0
  count: 2
  elasticsearchRef:
    name: juicy-admin
  http:
    tls:
      certificate:
        secretName: juicy-admin-kb-http-juicy-admin-svc-cluster-local-tls
	apiVersion: cert-manager.io/v1alpha2
	kind: Certificate
	metadata:
	name: juicy-admin-apm-server
	spec:
	secretName: juicy-admin-apm-http-juicy-admin-svc-cluster-local-tls
	issuerRef:
	kind: Issuer
	name: juicy-admin-vault
	duration: 48h
	renewBefore: 12h
	commonName: juicy-admin-apm-http.juicy-admin.svc.cluster.local
	dnsNames:
	- juicy-admin-apm-http.juicy-admin.svc.cluster.local
	- juicy-admin-apm-http.juicy-admin.svc
	- juicy-admin-apm-http.juicy-admin
	apiVersion: apm.k8s.elastic.co/v1
	kind: ApmServer
	metadata:
	name: juicy-admin
	spec:
	version: 7.8.0
	count: 1
	elasticsearchRef:
	name: juicy-admin
	http:
	tls:
	certificate:
	secretName: juicy-admin-apm-http-juicy-admin-svc-cluster-local-tls
	apiVersion: elasticsearch.k8s.elastic.co/v1
	kind: Elasticsearch
	metadata:
	name: juicy-admin
	spec:
	version: 7.8.0
	nodeSets:
	- name: default
	count: 3
	volumeClaimTemplates:
	- metadata:
	name: juicy-admin-data
	spec:
	accessModes:
	- ReadWriteOnce
	resources:
	requests:
	storage: 50Gi
	config:
	node.master: true
	node.data: true
	node.ingest: true
	podTemplate:
	spec:
	initContainers:
	- name: sysctl
	securityContext:
	privileged: true
	command: ['sh', '-c', 'sysctl -w vm.max_map_count=262144']
	http:
	tls:
	certificate:
	secretName: juicy-admin-es-http-juicy-admin-svc-cluster-local-tls
	auth:
	fileRealm:
	- secretName: juicy-admin-elasticsearch-users
	- secretName: juicy-admin-elasticsearch-user-roles
	roles:
	- secretName: juicy-admin-elasticsearch-roles
	apiVersion: kibana.k8s.elastic.co/v1
	kind: Kibana
	metadata:
	name: juicy-admin
	spec:
	version: 7.8.0
	count: 2
	elasticsearchRef:
	name: juicy-admin
	http:
	tls:
	certificate:
	secretName: juicy-admin-kb-http-juicy-admin-svc-cluster-local-tls