Update Logstash to use NodePort Ingress

Logstash should not be using a custom port for collectd
input from the K8s NodePort range since it might cause a
conflict if the port is allocated to another service.
Therefore, logstash will use a proper NodePort value
reserved by the nginx-ingress service.

Remove hostNetworking from Logstash since it is no longer
required.

Add support for specifying a helm nodePort value for TCP/UDP
services exposed for the nginx-ingress controller.

Story: 2007221
Task: 39544

Change-Id: Ifdb750a578ad6a5e7b96019e7caf6fe1231fa1be
Signed-off-by: Matt Peters <matt.peters@windriver.com>
This commit is contained in:
Matt Peters 2020-04-23 18:43:31 -05:00
parent 6f249ae424
commit 502b653768
5 changed files with 70 additions and 56 deletions

View File

@ -26,7 +26,6 @@ Patch05: 0005-readiness-probe-enhancements.patch
Patch06: 0006-Metricbeat-nodeSelector-and-tolerations-config.patch
Patch07: 0007-Add-command-and-args-parameters-to-beats-and-logstash.patch
Patch08: 0008-Add-updateStrategy-parameter-to-beats-config.patch
Patch09: 0009-Add-hostNetworking-parameter-to-logstash-config.patch
Patch10: 0010-Fix-esConfig-checksum-annotation.patch
Patch11: 0011-Fix-Elasticsearch-readiness-probe-http-endpoint.patch
@ -45,7 +44,6 @@ Monitor Helm elasticsearch charts
%patch06 -p1
%patch07 -p1
%patch08 -p1
%patch09 -p1
%patch10 -p1
%patch11 -p1

View File

@ -1,38 +0,0 @@
From e74f1d703b1f2c7b71038a95be90bebbef9613da Mon Sep 17 00:00:00 2001
From: Simon Cousineau <Simon.Cousineau@windriver.com>
Date: Thu, 16 Apr 2020 09:29:41 -0400
Subject: [PATCH 1/1] Add hostNetworking parameter to logstash config
---
logstash/templates/statefulset.yaml | 4 ++++
logstash/values.yaml | 2 ++
2 files changed, 6 insertions(+)
diff --git a/logstash/templates/statefulset.yaml b/logstash/templates/statefulset.yaml
index e162023..1355e7b 100644
--- a/logstash/templates/statefulset.yaml
+++ b/logstash/templates/statefulset.yaml
@@ -110,6 +110,10 @@ spec:
{{ toYaml . | indent 10 }}
{{- end }}
terminationGracePeriodSeconds: {{ .Values.terminationGracePeriod }}
+ {{- if .Values.hostNetworking }}
+ hostNetwork: true
+ dnsPolicy: ClusterFirstWithHostNet
+ {{- end }}
volumes:
{{- range .Values.secretMounts }}
- name: {{ .name }}
diff --git a/logstash/values.yaml b/logstash/values.yaml
index 9fedf40..6c6ef5d 100755
--- a/logstash/values.yaml
+++ b/logstash/values.yaml
@@ -212,3 +212,5 @@ command: []
# pass custom args. This is equivalent of Cmd in docker
args: []
+
+hostNetworking: true
--
2.20.1

View File

@ -34,6 +34,7 @@ Patch13: 0013-removed-unused-images.patch
Patch14: 0014-Add-rbac-replicasets-to-apps-apigroup-commit-1717e2d.patch
Patch15: 0015-script-flexibility.patch
Patch16: 0016-use-main-container-image-for-initcontainer.patch
Patch17: 0017-stable-nginx-ingress-allow-nodePort-for-tcp-udp-serv.patch
BuildRequires: helm
@ -58,6 +59,7 @@ Monitor Helm charts
%patch14 -p1
%patch15 -p1
%patch16 -p1
%patch17 -p1
%build
# initialize helm and build the toolkit

View File

@ -0,0 +1,58 @@
From 872dd678b0ea08be23700337665ea2125dab4d0d Mon Sep 17 00:00:00 2001
From: Matt Peters <matt.peters@windriver.com>
Date: Thu, 23 Apr 2020 18:39:16 -0500
Subject: [PATCH] [stable/nginx-ingress] allow nodePort for tcp/udp services
---
stable/nginx-ingress/templates/controller-service.yaml | 10 ++++++++++
stable/nginx-ingress/values.yaml | 4 ++++
2 files changed, 14 insertions(+)
diff --git a/stable/nginx-ingress/templates/controller-service.yaml b/stable/nginx-ingress/templates/controller-service.yaml
index a81c81e..6389c14 100644
--- a/stable/nginx-ingress/templates/controller-service.yaml
+++ b/stable/nginx-ingress/templates/controller-service.yaml
@@ -60,12 +60,22 @@ spec:
port: {{ $key }}
protocol: TCP
targetPort: "{{ $key }}-tcp"
+ {{- if $.Values.controller.service.nodePorts.tcp }}
+ {{- if index $.Values.controller.service.nodePorts.tcp $key }}
+ nodePort: {{ index $.Values.controller.service.nodePorts.tcp $key }}
+ {{- end }}
+ {{- end }}
{{- end }}
{{- range $key, $value := .Values.udp }}
- name: "{{ $key }}-udp"
port: {{ $key }}
protocol: UDP
targetPort: "{{ $key }}-udp"
+ {{- if $.Values.controller.service.nodePorts.udp }}
+ {{- if index $.Values.controller.service.nodePorts.udp $key }}
+ nodePort: {{ index $.Values.controller.service.nodePorts.udp $key }}
+ {{- end }}
+ {{- end }}
{{- end }}
selector:
app: {{ template "nginx-ingress.name" . }}
diff --git a/stable/nginx-ingress/values.yaml b/stable/nginx-ingress/values.yaml
index 80bc1a6..71bbcb3 100644
--- a/stable/nginx-ingress/values.yaml
+++ b/stable/nginx-ingress/values.yaml
@@ -192,9 +192,13 @@ controller:
# nodePorts:
# http: 32080
# https: 32443
+ # tcp:
+ # 8080: 32808
nodePorts:
http: ""
https: ""
+ tcp: {}
+ udp: {}
extraContainers: []
## Additional containers to be added to the controller pod.
--
2.24.0

View File

@ -41,10 +41,14 @@ data:
type: "NodePort"
nodePorts:
http: 31001
udp:
25826: 31005
livenessProbe:
initialDelaySeconds: 30
readinessProbe:
initialDelaySeconds: 30
udp:
25826: "monitor/mon-logstash:25826"
defaultBackend:
image:
repository: k8s.gcr.io/defaultbackend
@ -957,10 +961,8 @@ data:
logstash.conf: |
input {
udp {
#Note default port 25826 in use by influxdb.
#port => 25826
host => "::"
port => 31005
port => 25826
buffer_size => 1452
codec => collectd { }
type => 'collectd'
@ -1013,26 +1015,18 @@ data:
periodSeconds: 60
timeoutSeconds: 60
ports:
# influxdb port conflict, can't use 25826
# - containerPort: 25826
# name: collectd-udp
# protocol: UDP
- containerPort: 31005
name: collectd-udp
- containerPort: 25826
name: collectd
protocol: UDP
- containerPort: 5044
name: beats
protocol: TCP
service:
ports:
- name: collectd-udp
port: 31005
targetPort: collectd-udp
- name: collectd
port: 25826
targetPort: collectd
protocol: UDP
- name: monitor
port: 9600
targetPort: monitor
protocol: TCP
- name: beats
port: 5044
targetPort: beats