monitor-armada-app/monitor-helm/files/0003-helm-chart-changes-for-stx-monitor.patch
John Kung e6f08a933e Infrastructure and Cluster Monitoring
Add upstream stable helm charts for Elastic log monitoring:
components: elasticsearch, filebeat, metricbeat, logstash, kibana.

This enables build of monitor-helm which contains the helm charts
required for the stx-monitor application.
A Kibana patch is required for the Helm/Tiller issue with the
checksum handling.

The Elastic 7.x Apache 2.0 Licensed ("oss") images are included.

These helm charts are included when performing:
    build-pkgs monitor-helm

    and requires stx-config:
    build-pkgs stx-monitor-helm
    build-helm-charts.sh --app stx-monitor

Change-Id: Ic9a5b909dfbf60e39f98f3f14fe9bbac2de1d42b
Depends-On: Id6e1180f2c4d6b736aaedd73430d0696ae9d0744
Story: 2005733
Task: 33413
Co-Authored-By: Kevin Smith <kevin.smith@windriver.com>
Signed-off-by: John Kung <john.kung@windriver.com>
2019-08-21 17:16:37 -04:00

325 lines
12 KiB
Diff

From d22ad4870b78f74298189e383697ae6163ef49d7 Mon Sep 17 00:00:00 2001
From: Kevin Smith <kevin.smith@windriver.com>
Date: Wed, 17 Jul 2019 15:13:44 -0400
Subject: [PATCH 1/1] helm chart changes for stx monitor
---
stable/elasticsearch/values.yaml | 2 +-
stable/filebeat/templates/configmap.yaml | 34 ++++++++++++++++++++++++++++++
stable/filebeat/templates/daemonset.yaml | 15 +++++++++++++
stable/filebeat/values.yaml | 9 ++------
stable/kibana/values.yaml | 4 ++--
stable/logstash/templates/ingress.yaml | 2 +-
stable/logstash/templates/statefulset.yaml | 7 +++---
stable/logstash/values.yaml | 3 ++-
stable/metricbeat/templates/configmap.yaml | 34 ++++++++++++++++++++++++++++++
stable/metricbeat/templates/daemonset.yaml | 26 +++++++++++++++++++++++
stable/metricbeat/values.yaml | 4 ++--
11 files changed, 122 insertions(+), 18 deletions(-)
create mode 100755 stable/filebeat/templates/configmap.yaml
create mode 100755 stable/metricbeat/templates/configmap.yaml
diff --git a/stable/elasticsearch/values.yaml b/stable/elasticsearch/values.yaml
index bbc03dd..6dcd9b0 100644
--- a/stable/elasticsearch/values.yaml
+++ b/stable/elasticsearch/values.yaml
@@ -33,7 +33,7 @@ podSecurityPolicy:
image:
repository: "docker.elastic.co/elasticsearch/elasticsearch-oss"
- tag: "6.7.0"
+ tag: "7.2.0"
pullPolicy: "IfNotPresent"
# If specified, use these secrets to access the image
# pullSecrets:
diff --git a/stable/filebeat/templates/configmap.yaml b/stable/filebeat/templates/configmap.yaml
new file mode 100755
index 0000000..c895965
--- /dev/null
+++ b/stable/filebeat/templates/configmap.yaml
@@ -0,0 +1,34 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ template "filebeat.fullname" . }}
+ labels:
+ app: {{ template "filebeat.fullname" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+data:
+ setup-script.sh: |-
+ #!/bin/bash
+ BEAT='filebeat'
+ BEAT_VER=$($BEAT version | awk '{print $3}')
+ # check if logstash output is enabled, via crude parsing of the .yml file.
+ sed -e '/output.logstash/,/enabled:/!d' ${BEAT}.yml | grep -i true
+ if [[ $? -eq 0 ]]; then
+ echo "logstash configured, exporting template to elasticsearch"
+ $BEAT export template > /tmp/beat.template.json
+ # remove the lifecycle section of the yaml, as elasticsearch will choke
+ # on it as oss version does not support ilm.
+ sed -i '/lifecycle/,+3d' /tmp/beat.template.json
+ curl -XPUT -H "Content-Type: application/json" http://{$STX_ELASTICSEARCH_CLIENT_SERVICE_HOST}:{$STX_ELASTICSEARCH_CLIENT_SERVICE_PORT_HTTP}/_template/{$BEAT}-{$BEAT_VER} -d@/tmp/beat.template.json
+ # prime the index as a write index
+ curl -XPUT -H "Content-Type: application/json" -d "{
+ \"aliases\": {
+ \"{BEAT}-{$BEAT_VER}\": {
+ \"is_write_index\": \"true\"
+ }
+ }
+ }" http://{$STX_ELASTICSEARCH_CLIENT_SERVICE_HOST}:{$STX_ELASTICSEARCH_CLIENT_SERVICE_PORT_HTTP}/{$BEAT}-{$BEAT_VER}-000001
+ else
+ echo "logstash not configured, not exporting template, should be done for us."
+ fi
diff --git a/stable/filebeat/templates/daemonset.yaml b/stable/filebeat/templates/daemonset.yaml
index 2b8e265..00a5519 100644
--- a/stable/filebeat/templates/daemonset.yaml
+++ b/stable/filebeat/templates/daemonset.yaml
@@ -38,6 +38,21 @@ spec:
priorityClassName: "{{ .Values.priorityClassName }}"
{{- end }}
initContainers:
+ - name: "setup-script"
+ image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ command:
+ - /bin/bash
+ - -c
+ - /usr/share/filebeat/setup-script.sh
+ volumeMounts:
+ - mountPath: /usr/share/filebeat/setup-script.sh
+ name: setupscript
+ subPath: setup-script.sh
+ - name: filebeat-config
+ mountPath: /usr/share/filebeat/filebeat.yml
+ readOnly: true
+ subPath: filebeat.yml
{{- if .Values.indexTemplateLoad }}
- name: "load-es-template"
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
diff --git a/stable/filebeat/values.yaml b/stable/filebeat/values.yaml
index 1907ffa..b4b766f 100644
--- a/stable/filebeat/values.yaml
+++ b/stable/filebeat/values.yaml
@@ -1,15 +1,10 @@
image:
repository: docker.elastic.co/beats/filebeat-oss
- tag: 6.7.0
+ tag: 7.2.0
pullPolicy: IfNotPresent
config:
filebeat.config:
- prospectors:
- # Mounted `filebeat-prospectors` configmap:
- path: ${path.config}/prospectors.d/*.yml
- # Reload prospectors configs as they change:
- reload.enabled: false
modules:
path: ${path.config}/modules.d/*.yml
# Reload module configs as they change:
@@ -18,7 +13,7 @@ config:
processors:
- add_cloud_metadata:
- filebeat.prospectors:
+ filebeat.inputs:
- type: log
enabled: true
paths:
diff --git a/stable/kibana/values.yaml b/stable/kibana/values.yaml
index a3310f9..4ce4b2a 100644
--- a/stable/kibana/values.yaml
+++ b/stable/kibana/values.yaml
@@ -1,6 +1,6 @@
image:
repository: "docker.elastic.co/kibana/kibana-oss"
- tag: "6.7.0"
+ tag: "7.2.0"
pullPolicy: "IfNotPresent"
testFramework:
@@ -25,7 +25,7 @@ files:
## Default Kibana configuration from kibana-docker.
server.name: kibana
server.host: "0"
- elasticsearch.url: http://elasticsearch:9200
+ elasticsearch.hosts: http://elasticsearch:9200
## Custom config properties below
## Ref: https://www.elastic.co/guide/en/kibana/current/settings.html
diff --git a/stable/logstash/templates/ingress.yaml b/stable/logstash/templates/ingress.yaml
index d924504..0e26f89 100644
--- a/stable/logstash/templates/ingress.yaml
+++ b/stable/logstash/templates/ingress.yaml
@@ -33,6 +33,6 @@ spec:
- path: {{ $ingressPath }}
backend:
serviceName: {{ $fullName }}
- servicePort: http
+ servicePort: 9600
{{- end }}
{{- end }}
diff --git a/stable/logstash/templates/statefulset.yaml b/stable/logstash/templates/statefulset.yaml
index d2bbc32..cca0050 100644
--- a/stable/logstash/templates/statefulset.yaml
+++ b/stable/logstash/templates/statefulset.yaml
@@ -25,11 +25,8 @@ spec:
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
- annotations:
- checksum/patterns: {{ include (print $.Template.BasePath "/patterns-config.yaml") . | sha256sum }}
- checksum/templates: {{ include (print $.Template.BasePath "/files-config.yaml") . | sha256sum }}
- checksum/pipeline: {{ include (print $.Template.BasePath "/pipeline-config.yaml") . | sha256sum }}
{{- if .Values.podAnnotations }}
+ annotations:
## Custom pod annotations
{{- range $key, $value := .Values.podAnnotations }}
{{ $key }}: {{ $value | quote }}
@@ -46,6 +43,8 @@ spec:
imagePullSecrets:
{{ toYaml .Values.image.pullSecrets | indent 8 }}
{{- end }}
+ hostNetwork: true
+ dnsPolicy: ClusterFirstWithHostNet
containers:
## logstash
diff --git a/stable/logstash/values.yaml b/stable/logstash/values.yaml
index a9eb158..9a452b1 100644
--- a/stable/logstash/values.yaml
+++ b/stable/logstash/values.yaml
@@ -10,7 +10,7 @@ terminationGracePeriodSeconds: 30
image:
repository: docker.elastic.co/logstash/logstash-oss
- tag: 6.7.0
+ tag: 7.2.0
pullPolicy: IfNotPresent
## Add secrets manually via kubectl on kubernetes cluster and reference here
# pullSecrets:
@@ -67,6 +67,7 @@ ingress:
path: /
hosts:
- logstash.cluster.local
+ servicePort: 5044
tls: []
# - secretName: logstash-tls
# hosts:
diff --git a/stable/metricbeat/templates/configmap.yaml b/stable/metricbeat/templates/configmap.yaml
new file mode 100755
index 0000000..21890b4
--- /dev/null
+++ b/stable/metricbeat/templates/configmap.yaml
@@ -0,0 +1,34 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ template "metricbeat.fullname" . }}
+ labels:
+ app: {{ template "metricbeat.fullname" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+data:
+ setup-script.sh: |-
+ #!/bin/bash
+ BEAT='metricbeat'
+ BEAT_VER=$($BEAT version | awk '{print $3}')
+ # check if logstash output is enabled, via crude parsing of the .yml file.
+ sed -e '/output.logstash/,/enabled:/!d' ${BEAT}.yml | grep -i true
+ if [[ $? -eq 0 ]]; then
+ echo "logstash configured, exporting template to elasticsearch"
+ $BEAT export template > /tmp/beat.template.json
+ # remove the lifecycle section of the yaml, as elasticsearch will choke
+ # on it as oss version does not support ilm.
+ sed -i '/lifecycle/,+3d' /tmp/beat.template.json
+ curl -XPUT -H "Content-Type: application/json" http://{$STX_ELASTICSEARCH_CLIENT_SERVICE_HOST}:{$STX_ELASTICSEARCH_CLIENT_SERVICE_PORT_HTTP}/_template/{$BEAT}-{$BEAT_VER} -d@/tmp/beat.template.json
+ # prime the index as a write index
+ curl -XPUT -H "Content-Type: application/json" -d "{
+ \"aliases\": {
+ \"{BEAT}-{$BEAT_VER}\": {
+ \"is_write_index\": \"true\"
+ }
+ }
+ }" http://{$STX_ELASTICSEARCH_CLIENT_SERVICE_HOST}:{$STX_ELASTICSEARCH_CLIENT_SERVICE_PORT_HTTP}/{$BEAT}-{$BEAT_VER}-000001
+ else
+ echo "logstash not configured, not exporting template, should be done for us."
+ fi
diff --git a/stable/metricbeat/templates/daemonset.yaml b/stable/metricbeat/templates/daemonset.yaml
index eadfb96..e3d7437 100644
--- a/stable/metricbeat/templates/daemonset.yaml
+++ b/stable/metricbeat/templates/daemonset.yaml
@@ -32,6 +32,23 @@ spec:
{{- end }}
{{- end }}
spec:
+ initContainers:
+ - name: "setup-script"
+ image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ command:
+ - /bin/bash
+ - -c
+ - /usr/share/metricbeat/setup-script.sh
+ volumeMounts:
+ - mountPath: /usr/share/metricbeat/setup-script.sh
+ name: setupscript
+ subPath: setup-script.sh
+ - name: config
+ mountPath: /usr/share/metricbeat/metricbeat.yml
+ readOnly: true
+ subPath: metricbeat.yml
+ env:
containers:
- name: {{ .Chart.Name }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
@@ -62,6 +79,7 @@ spec:
securityContext:
runAsUser: 0
resources:
+
{{- if .Values.daemonset.resources }}
{{ toYaml .Values.daemonset.resources | indent 10 }}
{{- else if .Values.resources }}
@@ -85,6 +103,10 @@ spec:
readOnly: true
- name: dockersock
mountPath: /var/run/docker.sock
+#Mount the script so we can see it from running containter
+ - mountPath: /usr/share/metricbeat/setup-script.sh
+ name: setupscript
+ subPath: setup-script.sh
{{- if .Values.extraVolumeMounts }}
{{ toYaml .Values.extraVolumeMounts | indent 8 }}
{{- end }}
@@ -108,6 +130,10 @@ spec:
- name: dockersock
hostPath:
path: /var/run/docker.sock
+ - name: setupscript
+ configMap:
+ name: {{ template "metricbeat.fullname" . }}
+ defaultMode: 0755
{{- if .Values.extraVolumes }}
{{ toYaml .Values.extraVolumes | indent 6 }}
{{- end }}
diff --git a/stable/metricbeat/values.yaml b/stable/metricbeat/values.yaml
index 5094639..2908a1b 100644
--- a/stable/metricbeat/values.yaml
+++ b/stable/metricbeat/values.yaml
@@ -1,6 +1,6 @@
image:
- repository: docker.elastic.co/beats/metricbeat
- tag: 6.7.0
+ repository: docker.elastic.co/beats/metricbeat-oss
+ tag: 7.2.0
pullPolicy: IfNotPresent
# The instances created by daemonset retrieve most metrics from the host
--
1.8.3.1