Update Logstash to use NodePort Ingress

Logstash should not be using a custom port for collectd input from the K8s NodePort range since it might cause a conflict if the port is allocated to another service. Therefore, logstash will use a proper NodePort value reserved by the nginx-ingress service. Remove hostNetworking from Logstash since it is no longer required. Add support for specifying a helm nodePort value for TCP/UDP services exposed for the nginx-ingress controller. Story: 2007221 Task: 39544 Change-Id: Ifdb750a578ad6a5e7b96019e7caf6fe1231fa1be Signed-off-by: Matt Peters <matt.peters@windriver.com>
2020-04-23 18:43:31 -05:00 · 2020-04-23 18:43:31 -05:00 · 502b653768
commit 502b653768
parent 6f249ae424
5 changed files with 70 additions and 56 deletions
--- a/monitor-helm-elastic/centos/monitor-helm-elastic.spec
+++ b/monitor-helm-elastic/centos/monitor-helm-elastic.spec
@ -26,7 +26,6 @@ Patch05: 0005-readiness-probe-enhancements.patch
 Patch06: 0006-Metricbeat-nodeSelector-and-tolerations-config.patch
 Patch07: 0007-Add-command-and-args-parameters-to-beats-and-logstash.patch
 Patch08: 0008-Add-updateStrategy-parameter-to-beats-config.patch
 Patch09: 0009-Add-hostNetworking-parameter-to-logstash-config.patch
 Patch10: 0010-Fix-esConfig-checksum-annotation.patch
 Patch11: 0011-Fix-Elasticsearch-readiness-probe-http-endpoint.patch
@ -45,7 +44,6 @@ Monitor Helm elasticsearch charts
 %patch06 -p1
 %patch07 -p1
 %patch08 -p1
 %patch09 -p1
 %patch10 -p1
 %patch11 -p1
--- a/monitor-helm-elastic/files/0009-Add-hostNetworking-parameter-to-logstash-config.patch
+++ b/monitor-helm-elastic/files/0009-Add-hostNetworking-parameter-to-logstash-config.patch
@ -1,38 +0,0 @@
 From e74f1d703b1f2c7b71038a95be90bebbef9613da Mon Sep 17 00:00:00 2001
 From: Simon Cousineau <Simon.Cousineau@windriver.com>
 Date: Thu, 16 Apr 2020 09:29:41 -0400
 Subject: [PATCH 1/1] Add hostNetworking parameter to logstash config
 ---
 logstash/templates/statefulset.yaml | 4 ++++
 logstash/values.yaml                | 2 ++
 2 files changed, 6 insertions(+)
 diff --git a/logstash/templates/statefulset.yaml b/logstash/templates/statefulset.yaml
 index e162023..1355e7b 100644
 --- a/logstash/templates/statefulset.yaml
 +++ b/logstash/templates/statefulset.yaml
@@ -110,6 +110,10 @@ spec:
 {{ toYaml . | indent 10 }}
       {{- end }}
       terminationGracePeriodSeconds: {{ .Values.terminationGracePeriod }}
 +      {{- if .Values.hostNetworking }}
 +      hostNetwork: true
 +      dnsPolicy: ClusterFirstWithHostNet
 +      {{- end }}
       volumes:
         {{- range .Values.secretMounts }}
         - name: {{ .name }}
 diff --git a/logstash/values.yaml b/logstash/values.yaml
 index 9fedf40..6c6ef5d 100755
 --- a/logstash/values.yaml
 +++ b/logstash/values.yaml
@@ -212,3 +212,5 @@ command: []
 # pass custom args. This is equivalent of Cmd in docker
 args: []
 +
 +hostNetworking: true
 -- 
 2.20.1
--- a/monitor-helm/centos/monitor-helm.spec
+++ b/monitor-helm/centos/monitor-helm.spec
@ -34,6 +34,7 @@ Patch13: 0013-removed-unused-images.patch
 Patch14: 0014-Add-rbac-replicasets-to-apps-apigroup-commit-1717e2d.patch
 Patch15: 0015-script-flexibility.patch
 Patch16: 0016-use-main-container-image-for-initcontainer.patch
 Patch17: 0017-stable-nginx-ingress-allow-nodePort-for-tcp-udp-serv.patch
 BuildRequires: helm
@ -58,6 +59,7 @@ Monitor Helm charts
 %patch14 -p1
 %patch15 -p1
 %patch16 -p1
 %patch17 -p1
 %build
 # initialize helm and build the toolkit
--- a/monitor-helm/files/0017-stable-nginx-ingress-allow-nodePort-for-tcp-udp-serv.patch
+++ b/monitor-helm/files/0017-stable-nginx-ingress-allow-nodePort-for-tcp-udp-serv.patch
@ -0,0 +1,58 @@
 From 872dd678b0ea08be23700337665ea2125dab4d0d Mon Sep 17 00:00:00 2001
 From: Matt Peters <matt.peters@windriver.com>
 Date: Thu, 23 Apr 2020 18:39:16 -0500
 Subject: [PATCH] [stable/nginx-ingress] allow nodePort for tcp/udp services
 ---
 stable/nginx-ingress/templates/controller-service.yaml | 10 ++++++++++
 stable/nginx-ingress/values.yaml                       |  4 ++++
 2 files changed, 14 insertions(+)
 diff --git a/stable/nginx-ingress/templates/controller-service.yaml b/stable/nginx-ingress/templates/controller-service.yaml
 index a81c81e..6389c14 100644
 --- a/stable/nginx-ingress/templates/controller-service.yaml
 +++ b/stable/nginx-ingress/templates/controller-service.yaml
@@ -60,12 +60,22 @@ spec:
       port: {{ $key }}
       protocol: TCP
       targetPort: "{{ $key }}-tcp"
 +     {{- if $.Values.controller.service.nodePorts.tcp }}
 +      {{- if index $.Values.controller.service.nodePorts.tcp $key }}
 +      nodePort: {{ index $.Values.controller.service.nodePorts.tcp $key }}
 +      {{- end }}
 +    {{- end }}
   {{- end }}
   {{- range $key, $value := .Values.udp }}
     - name: "{{ $key }}-udp"
       port: {{ $key }}
       protocol: UDP
       targetPort: "{{ $key }}-udp"
 +     {{- if $.Values.controller.service.nodePorts.udp }}
 +      {{- if index $.Values.controller.service.nodePorts.udp $key }}
 +      nodePort: {{ index $.Values.controller.service.nodePorts.udp $key }}
 +      {{- end }}
 +     {{- end }}
   {{- end }}
   selector:
     app: {{ template "nginx-ingress.name" . }}
 diff --git a/stable/nginx-ingress/values.yaml b/stable/nginx-ingress/values.yaml
 index 80bc1a6..71bbcb3 100644
 --- a/stable/nginx-ingress/values.yaml
 +++ b/stable/nginx-ingress/values.yaml
@@ -192,9 +192,13 @@ controller:
     # nodePorts:
     #   http: 32080
     #   https: 32443
 +    #   tcp:
 +    #     8080: 32808
     nodePorts:
       http: ""
       https: ""
 +      tcp: {}
 +      udp: {}
   extraContainers: []
   ## Additional containers to be added to the controller pod.
 -- 
 2.24.0
--- a/stx-monitor-helm/stx-monitor-helm/manifests/monitor_manifest.yaml
+++ b/stx-monitor-helm/stx-monitor-helm/manifests/monitor_manifest.yaml
@ -41,10 +41,14 @@ data:
        type: "NodePort"
        nodePorts:
          http: 31001
          udp:
            25826: 31005
      livenessProbe:
        initialDelaySeconds: 30
      readinessProbe:
        initialDelaySeconds: 30
    udp:
      25826: "monitor/mon-logstash:25826"
    defaultBackend:
      image:
        repository: k8s.gcr.io/defaultbackend
@ -957,10 +961,8 @@ data:
      logstash.conf: |
        input {
          udp {
            #Note default port 25826 in use by influxdb.
            #port => 25826
            host => "::"
-            port => 31005
+            port => 25826
            buffer_size => 1452
            codec => collectd { }
            type => 'collectd'
@ -1013,26 +1015,18 @@ data:
      periodSeconds: 60
      timeoutSeconds: 60
    ports:
-      # influxdb port conflict, can't use 25826
+      - containerPort: 25826
-      # - containerPort: 25826
+        name: collectd
      # name: collectd-udp
      # protocol: UDP
      - containerPort: 31005
        name: collectd-udp
        protocol: UDP
      - containerPort: 5044
        name: beats
        protocol: TCP
    service:
      ports:
-        - name: collectd-udp
+        - name: collectd
-          port: 31005
+          port: 25826
-          targetPort: collectd-udp
+          targetPort: collectd
          protocol: UDP
        - name: monitor
          port: 9600
          targetPort: monitor
          protocol: TCP
        - name: beats
          port: 5044
          targetPort: beats