Update elastic charts to enable docker images from local repository

Update manifest with  imagePullSecrets or serviceaccount in order to
allow stx-monitor to pull images from local docker image repository.

The armada manifest has registry.local included until sysinv is updated
to be able to handle image overrides with the various elastic formats.

Verified that 'kubectl describe pods -n monitor' Image: are
pulled from registry.local

Verified elastic-curator and distributed cloud configuration with
stx-monitor.

Change-Id: Ia63e593bef96ea011cffbcca49ccf5a3a0f2f4d7
Partial-Bug: 1851294
Signed-off-by: John Kung <john.kung@windriver.com>
This commit is contained in:
John Kung 2019-11-12 15:10:41 -05:00
parent 035393a1e0
commit 352430351c
4 changed files with 107 additions and 9 deletions

View File

@ -5,4 +5,4 @@ TAR="$TAR_NAME-$SHA.tar.gz"
COPY_LIST="${CGCS_BASE}/downloads/$TAR $PKG_BASE/files/* "
TIS_PATCH_VER=3
TIS_PATCH_VER=4

View File

@ -29,6 +29,7 @@ Patch08: 0008-Update-stx-monitor-for-kubernetes-API-1.16.patch
Patch09: 0009-add-curator-as-of-2019-10-10.patch
Patch10: 0010-Update-kube-state-metrics-1.8.0-to-commit-09daf19.patch
Patch11: 0011-update-init-container-env-to-include-node-name.patch
Patch12: 0012-Add-imagePullSecrets.patch
BuildRequires: helm
@ -48,6 +49,7 @@ Monitor Helm charts
%patch09 -p1
%patch10 -p1
%patch11 -p1
%patch12 -p1
%build
# initialize helm and build the toolkit

View File

@ -0,0 +1,74 @@
From 440cae178989bf161276be0099691e9b7e5d211f Mon Sep 17 00:00:00 2001
From: John Kung <john.kung@windriver.com>
Date: Tue, 5 Nov 2019 07:42:36 -0500
Subject: [PATCH 1/1] Add imagePullSecrets
---
stable/elasticsearch-curator/templates/serviceaccount.yaml | 2 ++
stable/filebeat/templates/serviceaccount.yaml | 2 ++
stable/kibana/templates/serviceaccount.yaml | 2 ++
stable/kube-state-metrics/values.yaml | 2 +-
stable/metricbeat/templates/serviceaccount.yaml | 2 ++
5 files changed, 9 insertions(+), 1 deletion(-)
diff --git a/stable/elasticsearch-curator/templates/serviceaccount.yaml b/stable/elasticsearch-curator/templates/serviceaccount.yaml
index ad9c5c9..a64b426 100644
--- a/stable/elasticsearch-curator/templates/serviceaccount.yaml
+++ b/stable/elasticsearch-curator/templates/serviceaccount.yaml
@@ -8,5 +8,7 @@ metadata:
chart: {{ template "elasticsearch-curator.chart" . }}
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
+imagePullSecrets:
+ - name: default-registry-key
{{- end }}
diff --git a/stable/filebeat/templates/serviceaccount.yaml b/stable/filebeat/templates/serviceaccount.yaml
index 7de907b..19a4d34 100644
--- a/stable/filebeat/templates/serviceaccount.yaml
+++ b/stable/filebeat/templates/serviceaccount.yaml
@@ -8,4 +8,6 @@ metadata:
chart: {{ template "filebeat.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
+imagePullSecrets:
+ - name: default-registry-key
{{- end -}}
diff --git a/stable/kibana/templates/serviceaccount.yaml b/stable/kibana/templates/serviceaccount.yaml
index 948390a..edc0122 100644
--- a/stable/kibana/templates/serviceaccount.yaml
+++ b/stable/kibana/templates/serviceaccount.yaml
@@ -8,4 +8,6 @@ metadata:
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
+imagePullSecrets:
+ - name: default-registry-key
{{- end -}}
diff --git a/stable/kube-state-metrics/values.yaml b/stable/kube-state-metrics/values.yaml
index 2bf5b30..bab7a30 100644
--- a/stable/kube-state-metrics/values.yaml
+++ b/stable/kube-state-metrics/values.yaml
@@ -31,7 +31,7 @@ serviceAccount:
name:
# Reference to one or more secrets to be used when pulling images
# ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
- imagePullSecrets: []
+ imagePullSecrets: [{"name": "default-registry-key"}]
prometheus:
monitor:
diff --git a/stable/metricbeat/templates/serviceaccount.yaml b/stable/metricbeat/templates/serviceaccount.yaml
index c53fc5a..a4c7659 100644
--- a/stable/metricbeat/templates/serviceaccount.yaml
+++ b/stable/metricbeat/templates/serviceaccount.yaml
@@ -8,4 +8,6 @@ metadata:
chart: {{ template "metricbeat.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
+imagePullSecrets:
+ - name: default-registry-key
{{- end -}}
--
1.8.3.1

View File

@ -21,10 +21,15 @@ data:
labels:
release: mon-nginx-ingress
values:
imagePullSecrets: [{"name": "default-registry-key"}]
controller:
kind: DaemonSet
daemonset:
useHostPort: false
image:
repository: registry.local:9001/quay.io/kubernetes-ingress-controller/nginx-ingress-controller
tag: 0.23.0
pullPolicy: IfNotPresent
nodeSelector:
elastic-controller: "enabled"
config:
@ -45,6 +50,10 @@ data:
readinessProbe:
initialDelaySeconds: 30
defaultBackend:
image:
repository: registry.local:9001/k8s.gcr.io/defaultbackend
tag: 1.4
pullPolicy: IfNotPresent
nodeSelector:
elastic-controller: "enabled"
service:
@ -98,8 +107,9 @@ data:
minimumMasterNodes: 1
nodeSelector:
elastic-data: enabled
image: docker.elastic.co/elasticsearch/elasticsearch-oss
image: registry.local:9001/docker.elastic.co/elasticsearch/elasticsearch-oss
imageTag: 7.4.0
imagePullSecrets: [{"name": "default-registry-key"}]
esMajorVersion: 7
masterService: 'mon-elasticsearch-data-headless, mon-elasticsearch-master'
podManagementPolicy: OrderedReady
@ -180,8 +190,9 @@ data:
path: /mon-elasticsearch-client(/|$)(.*)
nodeSelector:
elastic-client: enabled
image: docker.elastic.co/elasticsearch/elasticsearch-oss
image: registry.local:9001/docker.elastic.co/elasticsearch/elasticsearch-oss
imageTag: 7.4.0
imagePullSecrets: [{"name": "default-registry-key"}]
esMajorVersion: 7
masterService: 'mon-elasticsearch-data-headless, mon-elasticsearch-master'
podManagementPolicy: OrderedReady
@ -235,8 +246,9 @@ data:
minimumMasterNodes: 1
nodeSelector:
elastic-master: enabled
image: docker.elastic.co/elasticsearch/elasticsearch-oss
image: registry.local:9001/docker.elastic.co/elasticsearch/elasticsearch-oss
imageTag: 7.4.0
imagePullSecrets: [{"name": "default-registry-key"}]
esMajorVersion: 7
masterService: 'mon-elasticsearch-data-headless, mon-elasticsearch-master'
podManagementPolicy: OrderedReady
@ -281,8 +293,10 @@ data:
type: pod
values:
image:
repository: docker.io/untergeek/curator
repository: registry.local:9001/docker.io/untergeek/curator
tag: 5.7.6
rbac:
enabled: True
env:
FILEBEAT_INDEX_LIMIT_GB: 48
METRICBEAT_INDEX_LIMIT_GB: 38
@ -388,8 +402,14 @@ data:
component: test
values:
image:
repository: "docker.elastic.co/beats/filebeat-oss"
repository: registry.local:9001/docker.elastic.co/beats/filebeat-oss
tag: 7.4.0
monitoring:
enabled: true
image:
repository: registry.local:9001/docker.io/trustpilot/beat-exporter
tag: 0.1.1
pullPolicy: IfNotPresent
config:
output.file:
enabled: false
@ -466,7 +486,7 @@ data:
component: test
values:
image:
repository: "docker.elastic.co/beats/metricbeat-oss"
repository: registry.local:9001/docker.elastic.co/beats/metricbeat-oss
# 7.4.0 is required to monitor elastic
tag: 7.4.0
daemonset:
@ -576,6 +596,7 @@ data:
component: test
values:
image:
repository: registry.local:9001/quay.io/coreos/kube-state-metrics
tag: v1.8.0
nodeSelector:
elastic-controller: "enabled"
@ -625,7 +646,7 @@ data:
component: test
values:
image:
repository: "docker.elastic.co/kibana/kibana-oss"
repository: registry.local:9001/docker.elastic.co/kibana/kibana-oss
tag: 7.4.0
ingress:
enabled: true
@ -682,8 +703,9 @@ data:
component: test
values:
image:
repository: "docker.elastic.co/logstash/logstash-oss"
repository: registry.local:9001/docker.elastic.co/logstash/logstash-oss
tag: 7.4.0
pullSecrets: [{"name": "default-registry-key"}]
nodeSelector:
elastic-controller: "enabled"
elasticsearch: