1135 lines
33 KiB
YAML
1135 lines
33 KiB
YAML
---
|
|
schema: armada/Chart/v1
|
|
metadata:
|
|
schema: metadata/Document/v1
|
|
name: nginx-ingress
|
|
data:
|
|
chart_name: nginx-ingress
|
|
release: nginx-ingress
|
|
namespace: monitor
|
|
wait:
|
|
timeout: 600
|
|
labels:
|
|
release: mon-nginx-ingress
|
|
install:
|
|
no_hooks: false
|
|
upgrade:
|
|
no_hooks: false
|
|
pre:
|
|
delete:
|
|
- type: job
|
|
labels:
|
|
release: mon-nginx-ingress
|
|
values:
|
|
imagePullSecrets: [{"name": "default-registry-key"}]
|
|
controller:
|
|
kind: DaemonSet
|
|
daemonset:
|
|
useHostPort: false
|
|
nodeSelector:
|
|
elastic-controller: "enabled"
|
|
config:
|
|
# https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/
|
|
nginx-status-ipv4-whitelist: 0.0.0.0/0
|
|
# See https://bugs.launchpad.net/starlingx/+bug/1823803
|
|
# Note quotes are necessary.
|
|
worker-processes: '1'
|
|
scope:
|
|
enabled: true
|
|
namespace: "monitor"
|
|
service:
|
|
type: "NodePort"
|
|
nodePorts:
|
|
http: 31001
|
|
livenessProbe:
|
|
initialDelaySeconds: 30
|
|
readinessProbe:
|
|
initialDelaySeconds: 30
|
|
defaultBackend:
|
|
image:
|
|
repository: k8s.gcr.io/defaultbackend
|
|
tag: "1.4"
|
|
nodeSelector:
|
|
elastic-controller: "enabled"
|
|
service:
|
|
nodePorts:
|
|
http: 31001
|
|
livenessProbe:
|
|
initialDelaySeconds: 30
|
|
readinessProbe:
|
|
initialDelaySeconds: 30
|
|
source:
|
|
type: tar
|
|
location: http://172.17.0.1:8080/helm_charts/starlingx/nginx-ingress-1.4.0.tgz
|
|
subpath: nginx-ingress
|
|
reference: master
|
|
dependencies: []
|
|
---
|
|
schema: armada/Chart/v1
|
|
data:
|
|
chart_name: elasticsearch-data
|
|
dependencies: []
|
|
install:
|
|
no_hooks: false
|
|
namespace: monitor
|
|
release: elasticsearch-data
|
|
source:
|
|
location: http://172.17.0.1:8080/helm_charts/starlingx/elasticsearch-7.6.0.tgz
|
|
reference: master
|
|
subpath: elasticsearch
|
|
type: tar
|
|
test:
|
|
enabled: false
|
|
upgrade:
|
|
no_hooks: false
|
|
pre:
|
|
delete:
|
|
- labels:
|
|
release: mon-elasticsearch-data
|
|
type: job
|
|
- labels:
|
|
component: test
|
|
release: mon-elasticsearch-data
|
|
type: pod
|
|
values:
|
|
clusterName: 'mon-elasticsearch'
|
|
nodeGroup: 'data'
|
|
roles:
|
|
master: 'false'
|
|
data: 'true'
|
|
ingest: 'false'
|
|
replicas: 2
|
|
minimumMasterNodes: 1
|
|
nodeSelector:
|
|
elastic-data: enabled
|
|
imagePullSecrets: [{"name": "default-registry-key"}]
|
|
esMajorVersion: 7
|
|
masterService: 'mon-elasticsearch-master'
|
|
seedHosts: "mon-elasticsearch-master-headless, mon-elasticsearch-data-headless"
|
|
podManagementPolicy: OrderedReady
|
|
clusterHealthCheckParams: 'wait_for_no_relocating_shards&wait_for_no_initializing_shards&timeout=1s'
|
|
maxUnavailable: 1
|
|
extraEnvs:
|
|
- name: DATA_PRESTOP_SLEEP
|
|
value: "100"
|
|
lifecycle:
|
|
preStop:
|
|
exec:
|
|
command: ["/bin/sh", "-c", "MASTER=$(printenv node.master);if [[ \"$MASTER\" == true ]]; then sleep $(printenv DATA_PRESTOP_SLEEP);fi"]
|
|
wait:
|
|
resources:
|
|
- labels:
|
|
release: mon-elasticsearch-data
|
|
type: statefulset
|
|
labels:
|
|
release: mon-elasticsearch-data
|
|
timeout: 600
|
|
metadata:
|
|
name: elasticsearch-data
|
|
schema: metadata/Document/v1
|
|
---
|
|
schema: armada/Chart/v1
|
|
data:
|
|
chart_name: elasticsearch-client
|
|
dependencies: []
|
|
install:
|
|
no_hooks: false
|
|
namespace: monitor
|
|
release: elasticsearch-client
|
|
source:
|
|
location: http://172.17.0.1:8080/helm_charts/starlingx/elasticsearch-7.6.0.tgz
|
|
reference: master
|
|
subpath: elasticsearch
|
|
type: tar
|
|
test:
|
|
enabled: false
|
|
upgrade:
|
|
no_hooks: false
|
|
pre:
|
|
delete:
|
|
- labels:
|
|
release: mon-elasticsearch-client
|
|
type: job
|
|
- labels:
|
|
component: test
|
|
release: mon-elasticsearch-client
|
|
type: pod
|
|
values:
|
|
clusterName: 'mon-elasticsearch'
|
|
nodeGroup: 'client'
|
|
roles:
|
|
master: 'false'
|
|
data: 'false'
|
|
ingest: 'true'
|
|
replicas: 2
|
|
minimumMasterNodes: 1
|
|
livenessProbe:
|
|
initialDelaySeconds: 60
|
|
periodSeconds: 30
|
|
timeoutSeconds: 30
|
|
readinessProbe:
|
|
initialDelaySeconds: 60
|
|
periodSeconds: 30
|
|
timeoutSeconds: 30
|
|
persistence:
|
|
enabled: false
|
|
ingress:
|
|
enabled: true
|
|
annotations:
|
|
kubernetes.io/ingress.class: nginx
|
|
nginx.ingress.kubernetes.io/force-ssl-redirect: 'false'
|
|
nginx.ingress.kubernetes.io/rewrite-target: /$2
|
|
nginx.ingress.kubernetes.io/ssl-redirect: 'false'
|
|
hosts:
|
|
- ''
|
|
path: /mon-elasticsearch-client(/|$)(.*)
|
|
nodeSelector:
|
|
elastic-client: enabled
|
|
imagePullSecrets: [{"name": "default-registry-key"}]
|
|
esMajorVersion: 7
|
|
masterService: 'mon-elasticsearch-master'
|
|
seedHosts: "mon-elasticsearch-master-headless, mon-elasticsearch-data-headless"
|
|
podManagementPolicy: OrderedReady
|
|
clusterHealthCheckParams: 'local=true'
|
|
maxUnavailable: 1
|
|
wait:
|
|
resources:
|
|
- labels:
|
|
release: mon-elasticsearch-client
|
|
type: statefulset
|
|
labels:
|
|
release: mon-elasticsearch-client
|
|
timeout: 600
|
|
metadata:
|
|
name: elasticsearch-client
|
|
schema: metadata/Document/v1
|
|
---
|
|
schema: armada/Chart/v1
|
|
data:
|
|
chart_name: elasticsearch-master
|
|
dependencies: []
|
|
install:
|
|
no_hooks: false
|
|
namespace: monitor
|
|
release: elasticsearch-master
|
|
source:
|
|
location: http://172.17.0.1:8080/helm_charts/starlingx/elasticsearch-7.6.0.tgz
|
|
reference: master
|
|
subpath: elasticsearch
|
|
type: tar
|
|
test:
|
|
enabled: false
|
|
upgrade:
|
|
no_hooks: false
|
|
pre:
|
|
delete:
|
|
- labels:
|
|
release: mon-elasticsearch-master
|
|
type: job
|
|
- labels:
|
|
component: test
|
|
release: mon-elasticsearch-master
|
|
type: pod
|
|
values:
|
|
clusterName: 'mon-elasticsearch'
|
|
nodeGroup: 'master'
|
|
roles:
|
|
master: 'true'
|
|
data: 'false'
|
|
ingest: 'false'
|
|
replicas: 1
|
|
minimumMasterNodes: 1
|
|
nodeSelector:
|
|
elastic-master: enabled
|
|
imagePullSecrets: [{"name": "default-registry-key"}]
|
|
esMajorVersion: 7
|
|
masterService: 'mon-elasticsearch-master'
|
|
seedHosts: "mon-elasticsearch-master-headless, mon-elasticsearch-data-headless"
|
|
podManagementPolicy: OrderedReady
|
|
clusterHealthCheckParams: 'local=true'
|
|
maxUnavailable: 1
|
|
wait:
|
|
resources:
|
|
- labels:
|
|
release: mon-elasticsearch-master
|
|
type: statefulset
|
|
labels:
|
|
release: mon-elasticsearch-master
|
|
timeout: 600
|
|
metadata:
|
|
name: elasticsearch-master
|
|
schema: metadata/Document/v1
|
|
---
|
|
schema: armada/Chart/v1
|
|
data:
|
|
chart_name: elasticsearch-curator
|
|
dependencies: []
|
|
install:
|
|
no_hooks: false
|
|
namespace: monitor
|
|
release: elasticsearch-curator
|
|
source:
|
|
location: http://172.17.0.1:8080/helm_charts/starlingx/elasticsearch-curator-2.0.2.tgz
|
|
reference: master
|
|
subpath: elasticsearch-curator
|
|
type: tar
|
|
test:
|
|
enabled: false
|
|
upgrade:
|
|
no_hooks: false
|
|
pre:
|
|
delete:
|
|
- labels:
|
|
release: mon-elasticsearch-curator
|
|
type: job
|
|
- labels:
|
|
component: test
|
|
release: mon-elasticsearch-curator
|
|
type: pod
|
|
values:
|
|
image:
|
|
pullSecret: default-registry-key
|
|
rbac:
|
|
enabled: True
|
|
env:
|
|
FILEBEAT_INDEX_LIMIT_GB: 48
|
|
METRICBEAT_INDEX_LIMIT_GB: 38
|
|
COLLECTD_INDEX_LIMIT_GB: 9
|
|
configMaps:
|
|
action_file_yml: |-
|
|
---
|
|
actions:
|
|
1:
|
|
action: delete_indices
|
|
description: "Clean up ES filebeat indices"
|
|
options:
|
|
timeout_override:
|
|
continue_if_exception: False
|
|
disable_action: False
|
|
ignore_empty_list: True
|
|
filters:
|
|
- filtertype: pattern
|
|
kind: prefix
|
|
value: filebeat-
|
|
- filtertype: space
|
|
disk_space: ${FILEBEAT_INDEX_LIMIT_GB}
|
|
use_age: True
|
|
source: creation_date
|
|
2:
|
|
action: delete_indices
|
|
description: "Clean up ES metricbeat indices"
|
|
options:
|
|
timeout_override:
|
|
continue_if_exception: False
|
|
disable_action: False
|
|
ignore_empty_list: True
|
|
filters:
|
|
- filtertype: pattern
|
|
kind: prefix
|
|
value: metricbeat-
|
|
- filtertype: space
|
|
disk_space: ${METRICBEAT_INDEX_LIMIT_GB}
|
|
use_age: True
|
|
source: creation_date
|
|
3:
|
|
action: delete_indices
|
|
description: "Clean up ES collectd indices"
|
|
options:
|
|
timeout_override:
|
|
continue_if_exception: False
|
|
disable_action: False
|
|
ignore_empty_list: True
|
|
filters:
|
|
- filtertype: pattern
|
|
kind: prefix
|
|
value: collectd-
|
|
- filtertype: space
|
|
disk_space: ${COLLECTD_INDEX_LIMIT_GB}
|
|
use_age: True
|
|
source: creation_date
|
|
config_yml: |-
|
|
---
|
|
client:
|
|
hosts:
|
|
- mon-elasticsearch-client
|
|
port: 9200
|
|
logging:
|
|
loglevel: DEBUG
|
|
cronjob:
|
|
schedule: "0 1 * * *"
|
|
failedJobsHistoryLimit: "10"
|
|
successfulJobsHistoryLimit: "10"
|
|
command:
|
|
- 'sh'
|
|
- '-c'
|
|
- 'source /tmp/cur_limits/set_factor.sh; echo LIMIT_FACTOR=$LIMIT_FACTOR; CD_GB=$(printenv COLLECTD_INDEX_LIMIT_GB);MB_GB=$(printenv METRICBEAT_INDEX_LIMIT_GB);FB_GB=$(printenv FILEBEAT_INDEX_LIMIT_GB);echo export COLLECTD_INDEX_LIMIT_GB=$(($CD_GB / $LIMIT_FACTOR)) > /tmp/cur_limits/new_limits.sh; echo export METRICBEAT_INDEX_LIMIT_GB=$(($MB_GB / $LIMIT_FACTOR)) >> /tmp/cur_limits/new_limits.sh;echo export FILEBEAT_INDEX_LIMIT_GB=$(($FB_GB / $LIMIT_FACTOR)) >> /tmp/cur_limits/new_limits.sh; source /tmp/cur_limits/new_limits.sh; cat /tmp/cur_limits/new_limits.sh; /curator/curator --config /etc/es-curator/config.yml /etc/es-curator/action_file.yml'
|
|
extraInitContainers:
|
|
limitset:
|
|
image: docker.elastic.co/beats/filebeat-oss:7.6.0
|
|
command:
|
|
- 'sh'
|
|
- '-c'
|
|
- 'echo export LIMIT_FACTOR=1 > /tmp/cur_limits/set_factor.sh; LIMIT_FACTOR=1; curl mon-elasticsearch-client:9200/_cluster/health?pretty | grep -E "number_of_data_nodes.*1"; if [[ $? -eq 0 ]]; then echo Only one data node, adjusting limits; LIMIT_FACTOR=2; fi; echo export LIMIT_FACTOR=$LIMIT_FACTOR > /tmp/cur_limits/set_factor.sh; exit 0'
|
|
volumeMounts:
|
|
- name: filebeatdummy
|
|
mountPath: /usr/share/filebeat
|
|
- name: curlimits
|
|
mountPath: /tmp/cur_limits/
|
|
extraVolumes:
|
|
- name: filebeatdummy
|
|
emptyDir: {}
|
|
- name: curlimits
|
|
emptyDir: {}
|
|
extraVolumeMounts:
|
|
- name: curlimits
|
|
mountPath: /tmp/cur_limits
|
|
nodeSelector:
|
|
elastic-controller: enabled
|
|
wait:
|
|
resources: []
|
|
metadata:
|
|
name: elasticsearch-curator
|
|
schema: metadata/Document/v1
|
|
---
|
|
schema: armada/Chart/v1
|
|
metadata:
|
|
schema: metadata/Document/v1
|
|
name: filebeat
|
|
data:
|
|
chart_name: filebeat
|
|
release: filebeat
|
|
namespace: monitor
|
|
wait:
|
|
timeout: 600
|
|
labels:
|
|
release: mon-filebeat
|
|
test:
|
|
enabled: false
|
|
install:
|
|
no_hooks: false
|
|
upgrade:
|
|
no_hooks: false
|
|
pre:
|
|
delete:
|
|
- type: job
|
|
labels:
|
|
release: mon-filebeat
|
|
- type: pod
|
|
labels:
|
|
release: mon-filebeat
|
|
component: test
|
|
values:
|
|
filebeatConfig:
|
|
filebeat.yml:
|
|
filebeat.inputs:
|
|
- type: log
|
|
enabled: true
|
|
paths:
|
|
- /var/log/*.log
|
|
- /var/log/messages
|
|
- /var/log/syslog
|
|
- type: docker
|
|
containers.ids:
|
|
- '*'
|
|
processors:
|
|
- add_kubernetes_metadata:
|
|
in_cluster: true
|
|
output.file:
|
|
enabled: false
|
|
output.logstash:
|
|
enabled: true
|
|
hosts: ["mon-logstash:5044"]
|
|
output.elasticsearch:
|
|
enabled: false
|
|
hosts: "http://mon-elasticsearch-client:9200"
|
|
ilm.pattern: "000001"
|
|
index: ${INDEX_NAME}-%{+yyyy.MM.dd}
|
|
setup.template:
|
|
name: ${INDEX_NAME}
|
|
pattern: ${INDEX_PATTERN}
|
|
setup.kibana:
|
|
# Note port 5601 is default
|
|
host: "mon-kibana"
|
|
setup.dashboard:
|
|
enabled: true
|
|
filebeat.autodiscover:
|
|
providers:
|
|
- type: kubernetes
|
|
host: ${NODE_NAME}
|
|
hints.enabled: true
|
|
setup-script.sh: |
|
|
#!/bin/bash
|
|
#
|
|
# This is best effort to load the template into elasticsearch
|
|
# if beats are going to elasticsearch via logstash.
|
|
#
|
|
BEAT='filebeat'
|
|
BEAT_VER=$($BEAT version | awk '{print $3}')
|
|
|
|
ADDR=$OUTPUT_ELASTICSEARCH_HOSTS
|
|
ESPATH=$OUTPUT_ELASTICSEARCH_PATH
|
|
|
|
echo $ADDR$ESPATH
|
|
|
|
# Check if this is a map of entries. If so, we'll only export the template
|
|
# to the first address
|
|
if [ ${ADDR: 0:1} == [ ] && [ ${ADDR: -1} == ] ]; then
|
|
# Remove the square brackets
|
|
ADDR=${ADDR:1:-1}
|
|
# Take the first entry in case there are more than one
|
|
ADDR=${ADDR%%,*}
|
|
fi
|
|
echo $ADDR$ESPATH
|
|
|
|
# Check if user has formatted with http:// on front, if not we need to add
|
|
HTTP='http://'
|
|
if [[ ${ADDR} == http* ]]; then
|
|
HTTP=''
|
|
fi
|
|
echo $HTTP
|
|
|
|
# Check for ip address containing special characters where -g must be used in curl command
|
|
# IPV6 Addresses should come in with square braces around the address.
|
|
CURL_G=''
|
|
if [[ ${ADDR} == *[* ]]; then
|
|
CURL_G=' -g '
|
|
fi
|
|
echo $CURL_G
|
|
|
|
# check if logstash output is enabled, via crude parsing of the .yml file.
|
|
sed -e '/output.logstash/,/enabled:/!d' files/${BEAT}.yml | grep -i true
|
|
if [[ $? -eq 0 ]]; then
|
|
echo "logstash configured, exporting template to elasticsearch"
|
|
$BEAT export template > /tmp/beat.template.json
|
|
# remove the lifecycle section of the yaml, as elasticsearch will choke
|
|
# on it as oss version does not support ilm.
|
|
sed -i '/lifecycle/,+3d' /tmp/beat.template.json
|
|
|
|
# "unset" is the special system name when none has been set through
|
|
# overrides.. We key on that to know what template name and index pattern to set
|
|
if [[ $SYSTEM_NAME_FOR_INDEX != unset ]]; then
|
|
# replace the standard index pattern with one including our system name,
|
|
# which will match our created indices
|
|
sed -i "s/$BEAT-$BEAT_VER/$BEAT-$BEAT_VER$SYSTEM_NAME_FOR_INDEX/g" /tmp/beat.template.json
|
|
# give the template a name with the system name appended.
|
|
|
|
# check if the template exists first before creating
|
|
curl -v $CURL_G -XGET -H "Content-Type: application/json" $HTTP$ADDR$ESPATH/_template/$BEAT-$BEAT_VER$SYSTEM_NAME_FOR_INDEX | grep "$BEAT-$BEAT_VER$SYSTEM_NAME_FOR_INDEX"
|
|
if [[ $? -ne 0 ]]; then
|
|
echo "$BEAT-$BEAT_VER$SYSTEM_NAME_FOR_INDEX template not found, creating..."
|
|
curl -v $CURL_G -XPUT -H "Content-Type: application/json" $HTTP$ADDR$ESPATH/_template/$BEAT-$BEAT_VER$SYSTEM_NAME_FOR_INDEX -d@/tmp/beat.template.json
|
|
else
|
|
echo "$BEAT-$BEAT_VER$SYSTEM_NAME_FOR_INDEX template found, not creating..."
|
|
fi
|
|
else
|
|
# apply a higher order to this template in case there are templates with system names
|
|
# which should be applied first
|
|
curl -v $CURL_G -XGET -H "Content-Type: application/json" $HTTP$ADDR$ESPATH/_template/$BEAT-$BEAT_VER | grep "$BEAT-$BEAT_VER"
|
|
if [[ $? -ne 0 ]]; then
|
|
echo "$BEAT-$BEAT_VER template not found, creating..."
|
|
sed -i "s/\"order\": 1/\"order\": 2/g" /tmp/beat.template.json
|
|
curl -v $CURL_G -XPUT -H "Content-Type: application/json" $HTTP$ADDR$ESPATH/_template/$BEAT-$BEAT_VER -d@/tmp/beat.template.json
|
|
else
|
|
echo "$BEAT-$BEAT_VER template found, not creating..."
|
|
fi
|
|
fi
|
|
else
|
|
echo "logstash not configured, not exporting template, should be done for us."
|
|
fi
|
|
# Above is non-fatal if there is a problem. Always pass.
|
|
exit 0
|
|
extraInitContainers:
|
|
"setup-script":
|
|
container:
|
|
command:
|
|
- /bin/bash
|
|
- -c
|
|
- /usr/share/filebeat/files/setup-script.sh
|
|
volumeMounts:
|
|
- name: setup-script
|
|
mountPath: /usr/share/filebeat/files
|
|
- name: setup-script
|
|
mountPath: /usr/share/filebeat/filebeat.yml
|
|
subPath: filebeat.yml
|
|
extraVolumes:
|
|
- name: setup-script
|
|
configMap:
|
|
defaultMode: 0755
|
|
name: mon-filebeat-config
|
|
- name: varlog
|
|
hostPath:
|
|
path: /var/log
|
|
extraVolumeMounts:
|
|
- name: varlog
|
|
mountPath: /var/log
|
|
readOnly: true
|
|
image: docker.elastic.co/beats/filebeat-oss
|
|
imageTag: 7.6.0
|
|
imagePullSecrets: [{"name": "default-registry-key"}]
|
|
tolerations:
|
|
- key: "services"
|
|
operator: "Equal"
|
|
value: "disabled"
|
|
effect: "NoExecute"
|
|
source:
|
|
type: tar
|
|
location: http://172.17.0.1:8080/helm_charts/starlingx/filebeat-7.6.0.tgz
|
|
subpath: filebeat
|
|
reference: master
|
|
dependencies: []
|
|
---
|
|
schema: armada/Chart/v1
|
|
metadata:
|
|
schema: metadata/Document/v1
|
|
name: metricbeat
|
|
data:
|
|
chart_name: metricbeat
|
|
release: metricbeat
|
|
namespace: monitor
|
|
wait:
|
|
timeout: 600
|
|
labels:
|
|
release: mon-metricbeat
|
|
test:
|
|
enabled: false
|
|
install:
|
|
no_hooks: false
|
|
upgrade:
|
|
no_hooks: false
|
|
pre:
|
|
delete:
|
|
- type: job
|
|
labels:
|
|
release: mon-metricbeat
|
|
- type: pod
|
|
labels:
|
|
release: mon-metricbeat
|
|
component: test
|
|
values:
|
|
metricbeatConfig:
|
|
metricbeat.yml:
|
|
output.file:
|
|
enabled: false
|
|
output.logstash:
|
|
enabled: true
|
|
hosts: ["mon-logstash:5044"]
|
|
output.elasticsearch:
|
|
# this must be opposite of above output.logstash.enabled
|
|
enabled: false
|
|
hosts: "http://mon-elasticsearch-client:9200"
|
|
ilm.pattern: "000001"
|
|
index: ${INDEX_NAME}-%{+yyyy.MM.dd}
|
|
setup.template:
|
|
name: ${INDEX_NAME}
|
|
pattern: ${INDEX_PATTERN}
|
|
processors:
|
|
- add_kubernetes_metadata:
|
|
in_cluster: true
|
|
setup.kibana:
|
|
# for on box kibana, note port 5601 is default
|
|
host: "mon-kibana"
|
|
setup.dashboards:
|
|
enabled: true
|
|
metricbeat.autodiscover:
|
|
providers:
|
|
- type: kubernetes
|
|
host: ${NODE_NAME}
|
|
hints.enabled: true
|
|
kube-state-metrics-metricbeat.yml:
|
|
output.file:
|
|
enabled: false
|
|
output.logstash:
|
|
enabled: true
|
|
hosts: ["mon-logstash:5044"]
|
|
output.elasticsearch:
|
|
# this must be opposite of above output.logstash.enabled
|
|
enabled: false
|
|
hosts: "http://mon-elasticsearch-client:9200"
|
|
ilm.pattern: "000001"
|
|
index: ${INDEX_NAME}-%{+yyyy.MM.dd}
|
|
setup.template:
|
|
name: ${INDEX_NAME}
|
|
pattern: ${INDEX_PATTERN}
|
|
setup.kibana:
|
|
# for on box kibana, note port 5601 is default
|
|
host: "mon-kibana"
|
|
setup.dashboards:
|
|
enabled: true
|
|
metricbeat.autodiscover:
|
|
providers:
|
|
- type: kubernetes
|
|
host: ${NODE_NAME}
|
|
hints.enabled: true
|
|
setup-script.sh: |
|
|
#!/bin/bash
|
|
#
|
|
# This is best effort to load the template into elasticsearch
|
|
# if beats are going to elasticsearch via logstash.
|
|
#
|
|
BEAT='metricbeat'
|
|
BEAT_VER=$($BEAT version | awk '{print $3}')
|
|
|
|
ADDR=$OUTPUT_ELASTICSEARCH_HOSTS
|
|
ESPATH=$OUTPUT_ELASTICSEARCH_PATH
|
|
|
|
echo $ADDR$ESPATH
|
|
|
|
# Check if this is a map of entries. If so, we'll only export the template
|
|
# to the first address
|
|
if [ ${ADDR: 0:1} == [ ] && [ ${ADDR: -1} == ] ]; then
|
|
# Remove the square brackets
|
|
ADDR=${ADDR:1:-1}
|
|
# Take the first entry in case there are more than one
|
|
ADDR=${ADDR%%,*}
|
|
fi
|
|
echo $ADDR$ESPATH
|
|
|
|
# Check if user has formatted with http:// on front, if not we need to add
|
|
HTTP='http://'
|
|
if [[ ${ADDR} == http* ]]; then
|
|
HTTP=''
|
|
fi
|
|
echo $HTTP
|
|
|
|
# Check for ip address containing special characters where -g must be used in curl command
|
|
# IPV6 Addresses should come in with square braces around the address.
|
|
CURL_G=''
|
|
if [[ ${ADDR} == *[* ]]; then
|
|
CURL_G=' -g '
|
|
fi
|
|
echo $CURL_G
|
|
|
|
# check if logstash output is enabled, via crude parsing of the .yml file.
|
|
sed -e '/output.logstash/,/enabled:/!d' files/${BEAT}.yml | grep -i true
|
|
if [[ $? -eq 0 ]]; then
|
|
echo "logstash configured, exporting template to elasticsearch"
|
|
$BEAT export template > /tmp/beat.template.json
|
|
# remove the lifecycle section of the yaml, as elasticsearch will choke
|
|
# on it as oss version does not support ilm.
|
|
sed -i '/lifecycle/,+3d' /tmp/beat.template.json
|
|
|
|
# "unset" is the special system name when none has been set through
|
|
# overrides.. We key on that to know what template name and index pattern to set
|
|
if [[ $SYSTEM_NAME_FOR_INDEX != unset ]]; then
|
|
# replace the standard index pattern with one including our system name,
|
|
# which will match our created indices
|
|
sed -i "s/$BEAT-$BEAT_VER/$BEAT-$BEAT_VER$SYSTEM_NAME_FOR_INDEX/g" /tmp/beat.template.json
|
|
# give the template a name with the system name appended.
|
|
|
|
# check if the template exists first before creating
|
|
curl -v $CURL_G -XGET -H "Content-Type: application/json" $HTTP$ADDR$ESPATH/_template/$BEAT-$BEAT_VER$SYSTEM_NAME_FOR_INDEX | grep "$BEAT-$BEAT_VER$SYSTEM_NAME_FOR_INDEX"
|
|
if [[ $? -ne 0 ]]; then
|
|
echo "$BEAT-$BEAT_VER$SYSTEM_NAME_FOR_INDEX template not found, creating..."
|
|
curl -v $CURL_G -XPUT -H "Content-Type: application/json" $HTTP$ADDR$ESPATH/_template/$BEAT-$BEAT_VER$SYSTEM_NAME_FOR_INDEX -d@/tmp/beat.template.json
|
|
else
|
|
echo "$BEAT-$BEAT_VER$SYSTEM_NAME_FOR_INDEX template found, not creating..."
|
|
fi
|
|
else
|
|
# apply a higher order to this template in case there are templates with system names
|
|
# which should be applied first
|
|
curl -v $CURL_G -XGET -H "Content-Type: application/json" $HTTP$ADDR$ESPATH/_template/$BEAT-$BEAT_VER | grep "$BEAT-$BEAT_VER"
|
|
if [[ $? -ne 0 ]]; then
|
|
echo "$BEAT-$BEAT_VER template not found, creating..."
|
|
sed -i "s/\"order\": 1/\"order\": 2/g" /tmp/beat.template.json
|
|
curl -v $CURL_G -XPUT -H "Content-Type: application/json" $HTTP$ADDR$ESPATH/_template/$BEAT-$BEAT_VER -d@/tmp/beat.template.json
|
|
else
|
|
echo "$BEAT-$BEAT_VER template found, not creating..."
|
|
fi
|
|
fi
|
|
else
|
|
echo "logstash not configured, not exporting template, should be done for us."
|
|
fi
|
|
# Above is non-fatal if there is a problem. Always pass.
|
|
exit 0
|
|
extraInitContainers:
|
|
"setup-script":
|
|
container:
|
|
command:
|
|
- /bin/bash
|
|
- -c
|
|
- /usr/share/metricbeat/files/setup-script.sh
|
|
volumeMounts:
|
|
- name: setup-script
|
|
mountPath: /usr/share/metricbeat/files
|
|
- name: setup-script
|
|
mountPath: /usr/share/metricbeat/metricbeat.yml
|
|
subPath: metricbeat.yml
|
|
extraVolumeMounts:
|
|
- name: root
|
|
mountPath: /hostfs
|
|
readOnly: true
|
|
mountPropagation: HostToContainer
|
|
extraVolumes:
|
|
- name: root
|
|
hostPath:
|
|
path: /
|
|
- name: setup-script
|
|
configMap:
|
|
defaultMode: 0755
|
|
name: mon-metricbeat-config
|
|
extraEnvs:
|
|
- name: KUBE_STATE_METRICS_HOSTS
|
|
value: http://mon-kube-state-metrics:8080
|
|
image: docker.elastic.co/beats/metricbeat-oss
|
|
imageTag: 7.6.0
|
|
imagePullPolicy: "IfNotPresent"
|
|
imagePullSecrets: [{"name": "default-registry-key"}]
|
|
clusterRoleRules:
|
|
- apiGroups: [""]
|
|
resources:
|
|
- nodes
|
|
- namespaces
|
|
- events
|
|
- pods
|
|
verbs: ["get", "list", "watch"]
|
|
- apiGroups: ["extensions"]
|
|
resources:
|
|
- replicasets
|
|
verbs: ["get", "list", "watch"]
|
|
- apiGroups: ["apps"]
|
|
resources:
|
|
- statefulsets
|
|
- deployments
|
|
verbs: ["get", "list", "watch"]
|
|
- apiGroups: [""]
|
|
resources:
|
|
- nodes/stats
|
|
- nodes/metrics
|
|
verbs: ["get"]
|
|
- nonResourceURLs: ["/metrics"]
|
|
verbs: ["get"]
|
|
tolerations:
|
|
- key: "services"
|
|
operator: "Equal"
|
|
value: "disabled"
|
|
effect: "NoExecute"
|
|
nodeSelector:
|
|
elastic-controller: "enabled"
|
|
source:
|
|
type: tar
|
|
location: http://172.17.0.1:8080/helm_charts/starlingx/metricbeat-7.6.0.tgz
|
|
subpath: metricbeat
|
|
reference: master
|
|
dependencies: []
|
|
---
|
|
schema: armada/Chart/v1
|
|
metadata:
|
|
schema: metadata/Document/v1
|
|
name: kube-state-metrics
|
|
data:
|
|
chart_name: kube-state-metrics
|
|
release: kube-state-metrics
|
|
namespace: monitor
|
|
wait:
|
|
timeout: 600
|
|
labels:
|
|
release: mon-kube-state-metrics
|
|
test:
|
|
enabled: false
|
|
install:
|
|
no_hooks: false
|
|
upgrade:
|
|
no_hooks: false
|
|
pre:
|
|
delete:
|
|
- type: job
|
|
labels:
|
|
release: mon-kube-state-metrics
|
|
- type: pod
|
|
labels:
|
|
release: mon-kube-state-metrics
|
|
component: test
|
|
values:
|
|
nodeSelector:
|
|
elastic-controller: "enabled"
|
|
customLabels:
|
|
release: mon-kube-state-metrics
|
|
livenessProbe:
|
|
initialDelaySeconds: 60
|
|
periodSeconds: 30
|
|
timeoutSeconds: 30
|
|
readinessProbe:
|
|
initialDelaySeconds: 60
|
|
periodSeconds: 30
|
|
timeoutSeconds: 30
|
|
serviceAccount:
|
|
imagePullSecrets: [{"name": "default-registry-key"}]
|
|
source:
|
|
type: tar
|
|
location: http://172.17.0.1:8080/helm_charts/starlingx/kube-state-metrics-2.4.1.tgz
|
|
subpath: kube-state-metrics
|
|
reference: master
|
|
dependencies: []
|
|
---
|
|
schema: armada/Chart/v1
|
|
metadata:
|
|
schema: metadata/Document/v1
|
|
name: kibana
|
|
data:
|
|
chart_name: kibana
|
|
release: kibana
|
|
namespace: monitor
|
|
wait:
|
|
timeout: 600
|
|
labels:
|
|
release: mon-kibana
|
|
test:
|
|
enabled: false
|
|
install:
|
|
no_hooks: false
|
|
upgrade:
|
|
no_hooks: false
|
|
pre:
|
|
delete:
|
|
- type: job
|
|
labels:
|
|
release: mon-kibana
|
|
- type: pod
|
|
labels:
|
|
release: mon-kibana
|
|
component: test
|
|
values:
|
|
image: docker.elastic.co/kibana/kibana-oss
|
|
imageTag: 7.6.0
|
|
imagePullSecrets: [{'name': 'default-registry-key'}]
|
|
ingress:
|
|
enabled: true
|
|
annotations:
|
|
kubernetes.io/ingress.class: "nginx"
|
|
nginx.ingress.kubernetes.io/rewrite-target: /
|
|
nginx.ingress.kubernetes.io/ssl-redirect: "false"
|
|
nginx.ingress.kubernetes.io/force-ssl-redirect: "false"
|
|
hosts:
|
|
- ""
|
|
elasticsearchHosts: "http://mon-elasticsearch-client:9200"
|
|
serverHost: "::"
|
|
nodeSelector:
|
|
elastic-controller: "enabled"
|
|
source:
|
|
type: tar
|
|
location: http://172.17.0.1:8080/helm_charts/starlingx/kibana-7.6.0.tgz
|
|
subpath: kibana
|
|
reference: master
|
|
dependencies: []
|
|
---
|
|
schema: armada/Chart/v1
|
|
metadata:
|
|
schema: metadata/Document/v1
|
|
name: logstash
|
|
data:
|
|
chart_name: logstash
|
|
release: logstash
|
|
namespace: monitor
|
|
wait:
|
|
resources:
|
|
- labels:
|
|
release: mon-logstash
|
|
type: statefulset
|
|
timeout: 600
|
|
labels:
|
|
release: mon-logstash
|
|
test:
|
|
enabled: false
|
|
install:
|
|
no_hooks: false
|
|
upgrade:
|
|
no_hooks: false
|
|
pre:
|
|
delete:
|
|
- type: job
|
|
labels:
|
|
release: mon-logstash
|
|
- type: pod
|
|
labels:
|
|
release: mon-logstash
|
|
component: test
|
|
values:
|
|
logstashPipeline:
|
|
logstash.conf: |
|
|
input {
|
|
udp {
|
|
#Note default port 25826 in use by influxdb.
|
|
#port => 25826
|
|
host => "::"
|
|
port => 31005
|
|
buffer_size => 1452
|
|
codec => collectd { }
|
|
type => 'collectd'
|
|
}
|
|
beats {
|
|
port => 5044
|
|
type => 'beats'
|
|
}
|
|
}
|
|
filter {
|
|
mutate {
|
|
gsub => [
|
|
# strip /hostfs prefix from mount points in metricbeat metrics
|
|
"[system][filesystem][mount_point]", "^/hostfs($|/)", "/"
|
|
]
|
|
}
|
|
}
|
|
output {
|
|
# Note uncomment below and can see raw input in logs
|
|
#stdout { codec => rubydebug }
|
|
if [type] == "collectd" {
|
|
elasticsearch {
|
|
hosts => ["${ELASTICSEARCH_HOST}"]
|
|
manage_template => false
|
|
index => "collectd${SYSTEM_NAME_FOR_INDEX}-%{+YYYY.MM.dd}"
|
|
}
|
|
}
|
|
if [type] == "beats" {
|
|
elasticsearch {
|
|
hosts => ["${ELASTICSEARCH_HOST}"]
|
|
manage_template => false
|
|
index => "%{[@metadata][beat]}-%{[@metadata][version]}${SYSTEM_NAME_FOR_INDEX}-%{+YYYY.MM.dd}"
|
|
}
|
|
}
|
|
}
|
|
image: docker.elastic.co/logstash/logstash-oss
|
|
imageTag: 7.6.0
|
|
imagePullSecrets: [{"name": "default-registry-key"}]
|
|
elasticsearchHosts: "http://mon-elasticsearch-client:9200"
|
|
nodeSelector:
|
|
elastic-controller: "enabled"
|
|
persistence:
|
|
enabled: false
|
|
livenessProbe:
|
|
initialDelaySeconds: 90
|
|
periodSeconds: 60
|
|
timeoutSeconds: 60
|
|
readinessProbe:
|
|
initialDelaySeconds: 90
|
|
periodSeconds: 60
|
|
timeoutSeconds: 60
|
|
ports:
|
|
# influxdb port conflict, can't use 25826
|
|
# - containerPort: 25826
|
|
# name: collectd-udp
|
|
# protocol: UDP
|
|
- containerPort: 31005
|
|
name: collectd-udp
|
|
protocol: UDP
|
|
- containerPort: 5044
|
|
name: beats
|
|
protocol: TCP
|
|
service:
|
|
ports:
|
|
- name: collectd-udp
|
|
port: 31005
|
|
targetPort: collectd-udp
|
|
protocol: UDP
|
|
- name: monitor
|
|
port: 9600
|
|
targetPort: monitor
|
|
protocol: TCP
|
|
- name: beats
|
|
port: 5044
|
|
targetPort: beats
|
|
protocol: TCP
|
|
source:
|
|
type: tar
|
|
location: http://172.17.0.1:8080/helm_charts/starlingx/logstash-7.6.0.tgz
|
|
subpath: logstash
|
|
reference: master
|
|
dependencies: []
|
|
---
|
|
schema: armada/ChartGroup/v1
|
|
metadata:
|
|
schema: metadata/Document/v1
|
|
name: logstash
|
|
data:
|
|
description: "Deploy logstash"
|
|
sequenced: true
|
|
chart_group:
|
|
- logstash
|
|
---
|
|
schema: armada/ChartGroup/v1
|
|
metadata:
|
|
name: elasticsearch
|
|
schema: metadata/Document/v1
|
|
data:
|
|
chart_group:
|
|
- elasticsearch-master
|
|
- elasticsearch-data
|
|
- elasticsearch-client
|
|
description: "Deploy elasticsearch"
|
|
sequenced: true
|
|
---
|
|
schema: armada/ChartGroup/v1
|
|
metadata:
|
|
schema: metadata/Document/v1
|
|
name: filebeat
|
|
data:
|
|
description: "Deploy filebeat"
|
|
sequenced: true
|
|
chart_group:
|
|
- filebeat
|
|
---
|
|
schema: armada/ChartGroup/v1
|
|
metadata:
|
|
schema: metadata/Document/v1
|
|
name: metricbeat
|
|
data:
|
|
description: "Deploy metricbeat"
|
|
sequenced: true
|
|
chart_group:
|
|
- metricbeat
|
|
---
|
|
schema: armada/ChartGroup/v1
|
|
metadata:
|
|
schema: metadata/Document/v1
|
|
name: kube-state-metrics
|
|
data:
|
|
description: "Deploy kube-state-metrics"
|
|
sequenced: true
|
|
chart_group:
|
|
- kube-state-metrics
|
|
---
|
|
schema: armada/ChartGroup/v1
|
|
metadata:
|
|
schema: metadata/Document/v1
|
|
name: nginx-ingress
|
|
data:
|
|
description: "Deploy ingress"
|
|
sequenced: true
|
|
chart_group:
|
|
- nginx-ingress
|
|
---
|
|
schema: armada/ChartGroup/v1
|
|
metadata:
|
|
schema: metadata/Document/v1
|
|
name: kibana
|
|
data:
|
|
description: "Deploy kibana"
|
|
sequenced: true
|
|
chart_group:
|
|
- kibana
|
|
---
|
|
schema: armada/ChartGroup/v1
|
|
metadata:
|
|
schema: metadata/Document/v1
|
|
name: elasticsearch-curator
|
|
data:
|
|
description: "Deploy elasticsearch-curator"
|
|
sequenced: true
|
|
chart_group:
|
|
- elasticsearch-curator
|
|
---
|
|
schema: armada/Manifest/v1
|
|
metadata:
|
|
schema: metadata/Document/v1
|
|
name: monitor-armada-manifest
|
|
data:
|
|
release_prefix: mon
|
|
chart_groups:
|
|
- nginx-ingress
|
|
- elasticsearch
|
|
- elasticsearch-curator
|
|
- kibana
|
|
- logstash
|
|
- filebeat
|
|
- metricbeat
|
|
- kube-state-metrics
|