Elastic
Advanced configuration
Setting JVM options ¶
You can change JVM settings by using the LS_JAVA_OPTS environment variable to override default settings in jvm.options. This approach ensures that expected settings from jvm.options are set, and only options that explicitly need to be overridden are.
To do, this, set the LS_JAVA_OPTS environment variable in the container definition of your Logstash resource:
apiVersion: logstash.k8s.elastic.co/v1alpha1
kind: Logstash
metadata:
name: quickstart
spec:
podTemplate:
spec:
containers:
- name: logstash
env:
- name: LS_JAVA_OPTS 1
value: "-Xmx2g -Xms2g"
- This will change the maximum and minimum heap size of the JVM on each pod to 2GB
Setting keystore ¶
You can specify sensitive settings with Kubernetes secrets. ECK automatically injects these settings into the keystore before it starts Logstash. The ECK operator continues to watch the secrets for changes and will restart Logstash Pods when it detects a change.
The Logstash Keystore can be password protected by setting an environment variable called LOGSTASH_KEYSTORE_PASS. Check out Logstash Keystore documentation for details.
apiVersion: v1
kind: Secret
metadata:
name: logstash-keystore-pass
stringData:
LOGSTASH_KEYSTORE_PASS: changed 1
apiVersion: logstash.k8s.elastic.co/v1alpha1
kind: Logstash
metadata:
name: logstash-sample
spec:
version: 8.16.1
count: 1
pipelines:
- pipeline.id: main
config.string: |-
input { exec { command => 'uptime' interval => 10 } }
filter {
if ("${HELLO:}" != "") { 2
mutate { add_tag => ["awesome"] }
}
}
secureSettings:
- secretName: logstash-secure-settings
podTemplate:
spec:
containers:
- name: logstash
env:
- name: LOGSTASH_KEYSTORE_PASS
valueFrom:
secretKeyRef:
name: logstash-keystore-pass
key: LOGSTASH_KEYSTORE_PASS
- Value of password to protect the Logstash keystore
- The syntax for referencing keys is identical to the syntax for environment variables