e6f08a933e
Add upstream stable helm charts for Elastic log monitoring: components: elasticsearch, filebeat, metricbeat, logstash, kibana. This enables build of monitor-helm which contains the helm charts required for the stx-monitor application. A Kibana patch is required for the Helm/Tiller issue with the checksum handling. The Elastic 7.x Apache 2.0 Licensed ("oss") images are included. These helm charts are included when performing: build-pkgs monitor-helm and requires stx-config: build-pkgs stx-monitor-helm build-helm-charts.sh --app stx-monitor Change-Id: Ic9a5b909dfbf60e39f98f3f14fe9bbac2de1d42b Depends-On: Id6e1180f2c4d6b736aaedd73430d0696ae9d0744 Story: 2005733 Task: 33413 Co-Authored-By: Kevin Smith <kevin.smith@windriver.com> Signed-off-by: John Kung <john.kung@windriver.com>
325 lines
12 KiB
Diff
325 lines
12 KiB
Diff
From d22ad4870b78f74298189e383697ae6163ef49d7 Mon Sep 17 00:00:00 2001
|
|
From: Kevin Smith <kevin.smith@windriver.com>
|
|
Date: Wed, 17 Jul 2019 15:13:44 -0400
|
|
Subject: [PATCH 1/1] helm chart changes for stx monitor
|
|
|
|
---
|
|
stable/elasticsearch/values.yaml | 2 +-
|
|
stable/filebeat/templates/configmap.yaml | 34 ++++++++++++++++++++++++++++++
|
|
stable/filebeat/templates/daemonset.yaml | 15 +++++++++++++
|
|
stable/filebeat/values.yaml | 9 ++------
|
|
stable/kibana/values.yaml | 4 ++--
|
|
stable/logstash/templates/ingress.yaml | 2 +-
|
|
stable/logstash/templates/statefulset.yaml | 7 +++---
|
|
stable/logstash/values.yaml | 3 ++-
|
|
stable/metricbeat/templates/configmap.yaml | 34 ++++++++++++++++++++++++++++++
|
|
stable/metricbeat/templates/daemonset.yaml | 26 +++++++++++++++++++++++
|
|
stable/metricbeat/values.yaml | 4 ++--
|
|
11 files changed, 122 insertions(+), 18 deletions(-)
|
|
create mode 100755 stable/filebeat/templates/configmap.yaml
|
|
create mode 100755 stable/metricbeat/templates/configmap.yaml
|
|
|
|
diff --git a/stable/elasticsearch/values.yaml b/stable/elasticsearch/values.yaml
|
|
index bbc03dd..6dcd9b0 100644
|
|
--- a/stable/elasticsearch/values.yaml
|
|
+++ b/stable/elasticsearch/values.yaml
|
|
@@ -33,7 +33,7 @@ podSecurityPolicy:
|
|
|
|
image:
|
|
repository: "docker.elastic.co/elasticsearch/elasticsearch-oss"
|
|
- tag: "6.7.0"
|
|
+ tag: "7.2.0"
|
|
pullPolicy: "IfNotPresent"
|
|
# If specified, use these secrets to access the image
|
|
# pullSecrets:
|
|
diff --git a/stable/filebeat/templates/configmap.yaml b/stable/filebeat/templates/configmap.yaml
|
|
new file mode 100755
|
|
index 0000000..c895965
|
|
--- /dev/null
|
|
+++ b/stable/filebeat/templates/configmap.yaml
|
|
@@ -0,0 +1,34 @@
|
|
+apiVersion: v1
|
|
+kind: ConfigMap
|
|
+metadata:
|
|
+ name: {{ template "filebeat.fullname" . }}
|
|
+ labels:
|
|
+ app: {{ template "filebeat.fullname" . }}
|
|
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
|
+ release: "{{ .Release.Name }}"
|
|
+ heritage: "{{ .Release.Service }}"
|
|
+data:
|
|
+ setup-script.sh: |-
|
|
+ #!/bin/bash
|
|
+ BEAT='filebeat'
|
|
+ BEAT_VER=$($BEAT version | awk '{print $3}')
|
|
+ # check if logstash output is enabled, via crude parsing of the .yml file.
|
|
+ sed -e '/output.logstash/,/enabled:/!d' ${BEAT}.yml | grep -i true
|
|
+ if [[ $? -eq 0 ]]; then
|
|
+ echo "logstash configured, exporting template to elasticsearch"
|
|
+ $BEAT export template > /tmp/beat.template.json
|
|
+ # remove the lifecycle section of the yaml, as elasticsearch will choke
|
|
+ # on it as oss version does not support ilm.
|
|
+ sed -i '/lifecycle/,+3d' /tmp/beat.template.json
|
|
+ curl -XPUT -H "Content-Type: application/json" http://{$STX_ELASTICSEARCH_CLIENT_SERVICE_HOST}:{$STX_ELASTICSEARCH_CLIENT_SERVICE_PORT_HTTP}/_template/{$BEAT}-{$BEAT_VER} -d@/tmp/beat.template.json
|
|
+ # prime the index as a write index
|
|
+ curl -XPUT -H "Content-Type: application/json" -d "{
|
|
+ \"aliases\": {
|
|
+ \"{BEAT}-{$BEAT_VER}\": {
|
|
+ \"is_write_index\": \"true\"
|
|
+ }
|
|
+ }
|
|
+ }" http://{$STX_ELASTICSEARCH_CLIENT_SERVICE_HOST}:{$STX_ELASTICSEARCH_CLIENT_SERVICE_PORT_HTTP}/{$BEAT}-{$BEAT_VER}-000001
|
|
+ else
|
|
+ echo "logstash not configured, not exporting template, should be done for us."
|
|
+ fi
|
|
diff --git a/stable/filebeat/templates/daemonset.yaml b/stable/filebeat/templates/daemonset.yaml
|
|
index 2b8e265..00a5519 100644
|
|
--- a/stable/filebeat/templates/daemonset.yaml
|
|
+++ b/stable/filebeat/templates/daemonset.yaml
|
|
@@ -38,6 +38,21 @@ spec:
|
|
priorityClassName: "{{ .Values.priorityClassName }}"
|
|
{{- end }}
|
|
initContainers:
|
|
+ - name: "setup-script"
|
|
+ image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
|
|
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
|
|
+ command:
|
|
+ - /bin/bash
|
|
+ - -c
|
|
+ - /usr/share/filebeat/setup-script.sh
|
|
+ volumeMounts:
|
|
+ - mountPath: /usr/share/filebeat/setup-script.sh
|
|
+ name: setupscript
|
|
+ subPath: setup-script.sh
|
|
+ - name: filebeat-config
|
|
+ mountPath: /usr/share/filebeat/filebeat.yml
|
|
+ readOnly: true
|
|
+ subPath: filebeat.yml
|
|
{{- if .Values.indexTemplateLoad }}
|
|
- name: "load-es-template"
|
|
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
|
|
diff --git a/stable/filebeat/values.yaml b/stable/filebeat/values.yaml
|
|
index 1907ffa..b4b766f 100644
|
|
--- a/stable/filebeat/values.yaml
|
|
+++ b/stable/filebeat/values.yaml
|
|
@@ -1,15 +1,10 @@
|
|
image:
|
|
repository: docker.elastic.co/beats/filebeat-oss
|
|
- tag: 6.7.0
|
|
+ tag: 7.2.0
|
|
pullPolicy: IfNotPresent
|
|
|
|
config:
|
|
filebeat.config:
|
|
- prospectors:
|
|
- # Mounted `filebeat-prospectors` configmap:
|
|
- path: ${path.config}/prospectors.d/*.yml
|
|
- # Reload prospectors configs as they change:
|
|
- reload.enabled: false
|
|
modules:
|
|
path: ${path.config}/modules.d/*.yml
|
|
# Reload module configs as they change:
|
|
@@ -18,7 +13,7 @@ config:
|
|
processors:
|
|
- add_cloud_metadata:
|
|
|
|
- filebeat.prospectors:
|
|
+ filebeat.inputs:
|
|
- type: log
|
|
enabled: true
|
|
paths:
|
|
diff --git a/stable/kibana/values.yaml b/stable/kibana/values.yaml
|
|
index a3310f9..4ce4b2a 100644
|
|
--- a/stable/kibana/values.yaml
|
|
+++ b/stable/kibana/values.yaml
|
|
@@ -1,6 +1,6 @@
|
|
image:
|
|
repository: "docker.elastic.co/kibana/kibana-oss"
|
|
- tag: "6.7.0"
|
|
+ tag: "7.2.0"
|
|
pullPolicy: "IfNotPresent"
|
|
|
|
testFramework:
|
|
@@ -25,7 +25,7 @@ files:
|
|
## Default Kibana configuration from kibana-docker.
|
|
server.name: kibana
|
|
server.host: "0"
|
|
- elasticsearch.url: http://elasticsearch:9200
|
|
+ elasticsearch.hosts: http://elasticsearch:9200
|
|
|
|
## Custom config properties below
|
|
## Ref: https://www.elastic.co/guide/en/kibana/current/settings.html
|
|
diff --git a/stable/logstash/templates/ingress.yaml b/stable/logstash/templates/ingress.yaml
|
|
index d924504..0e26f89 100644
|
|
--- a/stable/logstash/templates/ingress.yaml
|
|
+++ b/stable/logstash/templates/ingress.yaml
|
|
@@ -33,6 +33,6 @@ spec:
|
|
- path: {{ $ingressPath }}
|
|
backend:
|
|
serviceName: {{ $fullName }}
|
|
- servicePort: http
|
|
+ servicePort: 9600
|
|
{{- end }}
|
|
{{- end }}
|
|
diff --git a/stable/logstash/templates/statefulset.yaml b/stable/logstash/templates/statefulset.yaml
|
|
index d2bbc32..cca0050 100644
|
|
--- a/stable/logstash/templates/statefulset.yaml
|
|
+++ b/stable/logstash/templates/statefulset.yaml
|
|
@@ -25,11 +25,8 @@ spec:
|
|
{{ $key }}: {{ $value | quote }}
|
|
{{- end }}
|
|
{{- end }}
|
|
- annotations:
|
|
- checksum/patterns: {{ include (print $.Template.BasePath "/patterns-config.yaml") . | sha256sum }}
|
|
- checksum/templates: {{ include (print $.Template.BasePath "/files-config.yaml") . | sha256sum }}
|
|
- checksum/pipeline: {{ include (print $.Template.BasePath "/pipeline-config.yaml") . | sha256sum }}
|
|
{{- if .Values.podAnnotations }}
|
|
+ annotations:
|
|
## Custom pod annotations
|
|
{{- range $key, $value := .Values.podAnnotations }}
|
|
{{ $key }}: {{ $value | quote }}
|
|
@@ -46,6 +43,8 @@ spec:
|
|
imagePullSecrets:
|
|
{{ toYaml .Values.image.pullSecrets | indent 8 }}
|
|
{{- end }}
|
|
+ hostNetwork: true
|
|
+ dnsPolicy: ClusterFirstWithHostNet
|
|
containers:
|
|
|
|
## logstash
|
|
diff --git a/stable/logstash/values.yaml b/stable/logstash/values.yaml
|
|
index a9eb158..9a452b1 100644
|
|
--- a/stable/logstash/values.yaml
|
|
+++ b/stable/logstash/values.yaml
|
|
@@ -10,7 +10,7 @@ terminationGracePeriodSeconds: 30
|
|
|
|
image:
|
|
repository: docker.elastic.co/logstash/logstash-oss
|
|
- tag: 6.7.0
|
|
+ tag: 7.2.0
|
|
pullPolicy: IfNotPresent
|
|
## Add secrets manually via kubectl on kubernetes cluster and reference here
|
|
# pullSecrets:
|
|
@@ -67,6 +67,7 @@ ingress:
|
|
path: /
|
|
hosts:
|
|
- logstash.cluster.local
|
|
+ servicePort: 5044
|
|
tls: []
|
|
# - secretName: logstash-tls
|
|
# hosts:
|
|
diff --git a/stable/metricbeat/templates/configmap.yaml b/stable/metricbeat/templates/configmap.yaml
|
|
new file mode 100755
|
|
index 0000000..21890b4
|
|
--- /dev/null
|
|
+++ b/stable/metricbeat/templates/configmap.yaml
|
|
@@ -0,0 +1,34 @@
|
|
+apiVersion: v1
|
|
+kind: ConfigMap
|
|
+metadata:
|
|
+ name: {{ template "metricbeat.fullname" . }}
|
|
+ labels:
|
|
+ app: {{ template "metricbeat.fullname" . }}
|
|
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
|
+ release: "{{ .Release.Name }}"
|
|
+ heritage: "{{ .Release.Service }}"
|
|
+data:
|
|
+ setup-script.sh: |-
|
|
+ #!/bin/bash
|
|
+ BEAT='metricbeat'
|
|
+ BEAT_VER=$($BEAT version | awk '{print $3}')
|
|
+ # check if logstash output is enabled, via crude parsing of the .yml file.
|
|
+ sed -e '/output.logstash/,/enabled:/!d' ${BEAT}.yml | grep -i true
|
|
+ if [[ $? -eq 0 ]]; then
|
|
+ echo "logstash configured, exporting template to elasticsearch"
|
|
+ $BEAT export template > /tmp/beat.template.json
|
|
+ # remove the lifecycle section of the yaml, as elasticsearch will choke
|
|
+ # on it as oss version does not support ilm.
|
|
+ sed -i '/lifecycle/,+3d' /tmp/beat.template.json
|
|
+ curl -XPUT -H "Content-Type: application/json" http://{$STX_ELASTICSEARCH_CLIENT_SERVICE_HOST}:{$STX_ELASTICSEARCH_CLIENT_SERVICE_PORT_HTTP}/_template/{$BEAT}-{$BEAT_VER} -d@/tmp/beat.template.json
|
|
+ # prime the index as a write index
|
|
+ curl -XPUT -H "Content-Type: application/json" -d "{
|
|
+ \"aliases\": {
|
|
+ \"{BEAT}-{$BEAT_VER}\": {
|
|
+ \"is_write_index\": \"true\"
|
|
+ }
|
|
+ }
|
|
+ }" http://{$STX_ELASTICSEARCH_CLIENT_SERVICE_HOST}:{$STX_ELASTICSEARCH_CLIENT_SERVICE_PORT_HTTP}/{$BEAT}-{$BEAT_VER}-000001
|
|
+ else
|
|
+ echo "logstash not configured, not exporting template, should be done for us."
|
|
+ fi
|
|
diff --git a/stable/metricbeat/templates/daemonset.yaml b/stable/metricbeat/templates/daemonset.yaml
|
|
index eadfb96..e3d7437 100644
|
|
--- a/stable/metricbeat/templates/daemonset.yaml
|
|
+++ b/stable/metricbeat/templates/daemonset.yaml
|
|
@@ -32,6 +32,23 @@ spec:
|
|
{{- end }}
|
|
{{- end }}
|
|
spec:
|
|
+ initContainers:
|
|
+ - name: "setup-script"
|
|
+ image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
|
|
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
|
|
+ command:
|
|
+ - /bin/bash
|
|
+ - -c
|
|
+ - /usr/share/metricbeat/setup-script.sh
|
|
+ volumeMounts:
|
|
+ - mountPath: /usr/share/metricbeat/setup-script.sh
|
|
+ name: setupscript
|
|
+ subPath: setup-script.sh
|
|
+ - name: config
|
|
+ mountPath: /usr/share/metricbeat/metricbeat.yml
|
|
+ readOnly: true
|
|
+ subPath: metricbeat.yml
|
|
+ env:
|
|
containers:
|
|
- name: {{ .Chart.Name }}
|
|
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
|
|
@@ -62,6 +79,7 @@ spec:
|
|
securityContext:
|
|
runAsUser: 0
|
|
resources:
|
|
+
|
|
{{- if .Values.daemonset.resources }}
|
|
{{ toYaml .Values.daemonset.resources | indent 10 }}
|
|
{{- else if .Values.resources }}
|
|
@@ -85,6 +103,10 @@ spec:
|
|
readOnly: true
|
|
- name: dockersock
|
|
mountPath: /var/run/docker.sock
|
|
+#Mount the script so we can see it from running containter
|
|
+ - mountPath: /usr/share/metricbeat/setup-script.sh
|
|
+ name: setupscript
|
|
+ subPath: setup-script.sh
|
|
{{- if .Values.extraVolumeMounts }}
|
|
{{ toYaml .Values.extraVolumeMounts | indent 8 }}
|
|
{{- end }}
|
|
@@ -108,6 +130,10 @@ spec:
|
|
- name: dockersock
|
|
hostPath:
|
|
path: /var/run/docker.sock
|
|
+ - name: setupscript
|
|
+ configMap:
|
|
+ name: {{ template "metricbeat.fullname" . }}
|
|
+ defaultMode: 0755
|
|
{{- if .Values.extraVolumes }}
|
|
{{ toYaml .Values.extraVolumes | indent 6 }}
|
|
{{- end }}
|
|
diff --git a/stable/metricbeat/values.yaml b/stable/metricbeat/values.yaml
|
|
index 5094639..2908a1b 100644
|
|
--- a/stable/metricbeat/values.yaml
|
|
+++ b/stable/metricbeat/values.yaml
|
|
@@ -1,6 +1,6 @@
|
|
image:
|
|
- repository: docker.elastic.co/beats/metricbeat
|
|
- tag: 6.7.0
|
|
+ repository: docker.elastic.co/beats/metricbeat-oss
|
|
+ tag: 7.2.0
|
|
pullPolicy: IfNotPresent
|
|
|
|
# The instances created by daemonset retrieve most metrics from the host
|
|
--
|
|
1.8.3.1
|
|
|