From fb3b0a7c62f1e44fcdc7438817cfc2db2783d55d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Maxime=20Gr=C3=A9au?= Date: Thu, 9 Apr 2020 16:55:23 -0400 Subject: [PATCH 001/151] [release] Initiate 7.7 branch (#541) We are starting using a git branching model like the Elastic Stack projects. This commit makes sure this `7.7` branch is using the 7.7.x-SNAPSHOT Docker images and this branch will be used for the development and release processes for the Helm Charts 7.7.x --- .ci/{jobs => jobs.t}/defaults.yml | 8 +- ...+helm-charts+{branch}+cluster-cleanup.yml} | 6 +- ...helm-charts+{branch}+cluster-creation.yml} | 6 +- ...harts+{branch}+integration-apm-server.yml} | 6 +- ...ts+{branch}+integration-elasticsearch.yml} | 6 +- ...-charts+{branch}+integration-filebeat.yml} | 6 +- ...lm-charts+{branch}+integration-kibana.yml} | 6 +- ...-charts+{branch}+integration-logstash.yml} | 6 +- ...harts+{branch}+integration-metricbeat.yml} | 6 +- ...arts+{branch}+staging+cluster-cleanup.yml} | 2 +- ...rts+{branch}+staging+cluster-creation.yml} | 2 +- ...ranch}+staging+integration-apm-server.yml} | 2 +- ...ch}+staging+integration-elasticsearch.yml} | 2 +- ...{branch}+staging+integration-filebeat.yml} | 2 +- ...s+{branch}+staging+integration-kibana.yml} | 2 +- ...{branch}+staging+integration-logstash.yml} | 2 +- ...ranch}+staging+integration-metricbeat.yml} | 2 +- .../elastic+helm-charts+{branch}+staging.yml} | 2 +- ...-charts+{branch}+template-lint-python.yml} | 6 +- ...helm-charts+{branch}+template-testing.yml} | 6 +- .../elastic+helm-charts+{branch}.yml} | 26 +- ...lm-charts+pull-request+cluster-cleanup.yml | 35 -- ...m-charts+pull-request+cluster-creation.yml | 35 -- ...ts+pull-request+integration-apm-server.yml | 39 -- ...pull-request+integration-elasticsearch.yml | 39 -- ...arts+pull-request+integration-filebeat.yml | 39 -- ...charts+pull-request+integration-kibana.yml | 39 -- ...arts+pull-request+integration-logstash.yml | 39 -- ...ts+pull-request+integration-metricbeat.yml | 39 -- ...c+helm-charts+pull-request+lint-python.yml | 22 - ...m-charts+pull-request+template-testing.yml | 25 - .ci/jobs/elastic+helm-charts+pull-request.yml | 68 --- .ci/make-branch-config.sh | 11 + CHANGELOG.md | 525 ------------------ apm-server/Chart.yaml | 4 +- apm-server/README.md | 48 +- apm-server/examples/6.x/Makefile | 15 - apm-server/examples/6.x/test/goss.yaml | 6 - apm-server/examples/6.x/values.yaml | 1 - apm-server/examples/default/test/goss.yaml | 2 +- apm-server/examples/oss/test/goss.yaml | 2 +- apm-server/examples/security/test/goss.yaml | 2 +- apm-server/values.yaml | 2 +- elasticsearch/Chart.yaml | 4 +- elasticsearch/README.md | 43 +- elasticsearch/examples/6.x/Makefile | 15 - elasticsearch/examples/6.x/test/goss.yaml | 17 - elasticsearch/examples/6.x/values.yaml | 4 - elasticsearch/examples/default/test/goss.yaml | 2 +- .../examples/openshift/test/goss.yaml | 2 +- elasticsearch/examples/oss/test/goss.yaml | 2 +- elasticsearch/examples/upgrade/test/goss.yaml | 2 +- elasticsearch/templates/NOTES.txt | 2 +- elasticsearch/values.yaml | 2 +- filebeat/Chart.yaml | 4 +- filebeat/README.md | 44 +- filebeat/examples/6.x/Makefile | 13 - filebeat/examples/6.x/test/goss.yaml | 21 - filebeat/examples/6.x/values.yaml | 5 - filebeat/examples/default/test/goss.yaml | 4 +- filebeat/examples/oss/test/goss.yaml | 2 +- filebeat/examples/security/test/goss.yaml | 2 +- filebeat/values.yaml | 2 +- helpers/bumper.py | 3 +- helpers/examples.mk | 2 +- helpers/matrix.yml | 6 - kibana/Chart.yaml | 4 +- kibana/README.md | 43 +- kibana/examples/6.x/Makefile | 12 - kibana/examples/6.x/test/goss.yaml | 10 - kibana/examples/6.x/values.yml | 4 - kibana/examples/default/test/goss.yaml | 2 +- kibana/values.yaml | 2 +- logstash/Chart.yaml | 4 +- logstash/README.md | 42 +- logstash/examples/6.x/Makefile | 16 - logstash/examples/6.x/test/goss.yaml | 38 -- logstash/examples/6.x/values.yaml | 3 - logstash/examples/default/test/goss.yaml | 2 +- .../examples/elasticsearch/test/goss.yaml | 2 +- logstash/examples/oss/test/goss.yaml | 2 +- logstash/values.yaml | 2 +- metricbeat/Chart.yaml | 4 +- metricbeat/README.md | 44 +- metricbeat/examples/6.x/Makefile | 17 - .../examples/6.x/test/goss-metrics.yaml | 43 -- metricbeat/examples/6.x/test/goss.yaml | 51 -- metricbeat/examples/6.x/values.yaml | 5 - .../examples/default/test/goss-metrics.yaml | 6 +- metricbeat/examples/default/test/goss.yaml | 6 +- .../examples/oss/test/goss-metrics.yaml | 6 +- metricbeat/examples/oss/test/goss.yaml | 6 +- .../examples/security/test/goss-metrics.yaml | 6 +- metricbeat/examples/security/test/goss.yaml | 6 +- metricbeat/examples/security/values.yaml | 8 +- metricbeat/values.yaml | 11 +- 96 files changed, 243 insertions(+), 1516 deletions(-) rename .ci/{jobs => jobs.t}/defaults.yml (78%) rename .ci/{jobs/elastic+helm-charts+master+cluster-cleanup.yml => jobs.t/elastic+helm-charts+{branch}+cluster-cleanup.yml} (84%) rename .ci/{jobs/elastic+helm-charts+master+cluster-creation.yml => jobs.t/elastic+helm-charts+{branch}+cluster-creation.yml} (83%) rename .ci/{jobs/elastic+helm-charts+master+integration-apm-server.yml => jobs.t/elastic+helm-charts+{branch}+integration-apm-server.yml} (84%) rename .ci/{jobs/elastic+helm-charts+master+integration-elasticsearch.yml => jobs.t/elastic+helm-charts+{branch}+integration-elasticsearch.yml} (83%) rename .ci/{jobs/elastic+helm-charts+master+integration-filebeat.yml => jobs.t/elastic+helm-charts+{branch}+integration-filebeat.yml} (84%) rename .ci/{jobs/elastic+helm-charts+master+integration-kibana.yml => jobs.t/elastic+helm-charts+{branch}+integration-kibana.yml} (85%) rename .ci/{jobs/elastic+helm-charts+master+integration-logstash.yml => jobs.t/elastic+helm-charts+{branch}+integration-logstash.yml} (84%) rename .ci/{jobs/elastic+helm-charts+master+integration-metricbeat.yml => jobs.t/elastic+helm-charts+{branch}+integration-metricbeat.yml} (84%) rename .ci/{jobs/elastic+helm-charts+staging+cluster-cleanup.yml => jobs.t/elastic+helm-charts+{branch}+staging+cluster-cleanup.yml} (94%) rename .ci/{jobs/elastic+helm-charts+staging+cluster-creation.yml => jobs.t/elastic+helm-charts+{branch}+staging+cluster-creation.yml} (94%) rename .ci/{jobs/elastic+helm-charts+staging+integration-apm-server.yml => jobs.t/elastic+helm-charts+{branch}+staging+integration-apm-server.yml} (95%) rename .ci/{jobs/elastic+helm-charts+staging+integration-elasticsearch.yml => jobs.t/elastic+helm-charts+{branch}+staging+integration-elasticsearch.yml} (95%) rename .ci/{jobs/elastic+helm-charts+staging+integration-filebeat.yml => jobs.t/elastic+helm-charts+{branch}+staging+integration-filebeat.yml} (95%) rename .ci/{jobs/elastic+helm-charts+staging+integration-kibana.yml => jobs.t/elastic+helm-charts+{branch}+staging+integration-kibana.yml} (95%) rename .ci/{jobs/elastic+helm-charts+staging+integration-logstash.yml => jobs.t/elastic+helm-charts+{branch}+staging+integration-logstash.yml} (95%) rename .ci/{jobs/elastic+helm-charts+staging+integration-metricbeat.yml => jobs.t/elastic+helm-charts+{branch}+staging+integration-metricbeat.yml} (95%) rename .ci/{jobs/elastic+helm-charts+staging.yml => jobs.t/elastic+helm-charts+{branch}+staging.yml} (97%) rename .ci/{jobs/elastic+helm-charts+master+template-lint-python.yml => jobs.t/elastic+helm-charts+{branch}+template-lint-python.yml} (72%) rename .ci/{jobs/elastic+helm-charts+master+template-testing.yml => jobs.t/elastic+helm-charts+{branch}+template-testing.yml} (69%) rename .ci/{jobs/elastic+helm-charts+master.yml => jobs.t/elastic+helm-charts+{branch}.yml} (54%) delete mode 100644 .ci/jobs/elastic+helm-charts+pull-request+cluster-cleanup.yml delete mode 100644 .ci/jobs/elastic+helm-charts+pull-request+cluster-creation.yml delete mode 100644 .ci/jobs/elastic+helm-charts+pull-request+integration-apm-server.yml delete mode 100644 .ci/jobs/elastic+helm-charts+pull-request+integration-elasticsearch.yml delete mode 100644 .ci/jobs/elastic+helm-charts+pull-request+integration-filebeat.yml delete mode 100644 .ci/jobs/elastic+helm-charts+pull-request+integration-kibana.yml delete mode 100644 .ci/jobs/elastic+helm-charts+pull-request+integration-logstash.yml delete mode 100644 .ci/jobs/elastic+helm-charts+pull-request+integration-metricbeat.yml delete mode 100644 .ci/jobs/elastic+helm-charts+pull-request+lint-python.yml delete mode 100644 .ci/jobs/elastic+helm-charts+pull-request+template-testing.yml delete mode 100644 .ci/jobs/elastic+helm-charts+pull-request.yml create mode 100755 .ci/make-branch-config.sh delete mode 100644 CHANGELOG.md delete mode 100644 apm-server/examples/6.x/Makefile delete mode 100644 apm-server/examples/6.x/test/goss.yaml delete mode 100644 apm-server/examples/6.x/values.yaml delete mode 100644 elasticsearch/examples/6.x/Makefile delete mode 100644 elasticsearch/examples/6.x/test/goss.yaml delete mode 100644 elasticsearch/examples/6.x/values.yaml delete mode 100644 filebeat/examples/6.x/Makefile delete mode 100644 filebeat/examples/6.x/test/goss.yaml delete mode 100644 filebeat/examples/6.x/values.yaml delete mode 100644 kibana/examples/6.x/Makefile delete mode 100644 kibana/examples/6.x/test/goss.yaml delete mode 100644 kibana/examples/6.x/values.yml delete mode 100644 logstash/examples/6.x/Makefile delete mode 100644 logstash/examples/6.x/test/goss.yaml delete mode 100644 logstash/examples/6.x/values.yaml delete mode 100644 metricbeat/examples/6.x/Makefile delete mode 100644 metricbeat/examples/6.x/test/goss-metrics.yaml delete mode 100644 metricbeat/examples/6.x/test/goss.yaml delete mode 100644 metricbeat/examples/6.x/values.yaml diff --git a/.ci/jobs/defaults.yml b/.ci/jobs.t/defaults.yml similarity index 78% rename from .ci/jobs/defaults.yml rename to .ci/jobs.t/defaults.yml index c7973dd8c..bd44228dd 100644 --- a/.ci/jobs/defaults.yml +++ b/.ci/jobs.t/defaults.yml @@ -12,12 +12,6 @@ logrotate: daysToKeep: 30 numToKeep: 100 - parameters: - - string: - name: branch_specifier - default: master - description: the Git branch specifier to build (<branchName>, <tagName>, - <commitId>, etc.) properties: - github: url: https://github.com/elastic/helm-charts/ @@ -30,7 +24,7 @@ credentials-id: f6c7695a-671e-4f4f-a331-acdce44ff9ba reference-repo: /var/lib/jenkins/.git-references/helm-charts.git branches: - - ${branch_specifier} + - "%BRANCH%" url: git@github.com:elastic/helm-charts.git basedir: '' wipe-workspace: 'True' diff --git a/.ci/jobs/elastic+helm-charts+master+cluster-cleanup.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+cluster-cleanup.yml similarity index 84% rename from .ci/jobs/elastic+helm-charts+master+cluster-cleanup.yml rename to .ci/jobs.t/elastic+helm-charts+{branch}+cluster-cleanup.yml index 37862f81a..389ef8db2 100644 --- a/.ci/jobs/elastic+helm-charts+master+cluster-cleanup.yml +++ b/.ci/jobs.t/elastic+helm-charts+{branch}+cluster-cleanup.yml @@ -1,8 +1,8 @@ --- - job: - name: elastic+helm-charts+master+cluster-cleanup - display-name: elastic / helm-charts - master - cluster cleanup - description: Master - cluster cleanup + name: elastic+helm-charts+%BRANCH%+cluster-cleanup + display-name: elastic / helm-charts - %BRANCH% - cluster cleanup + description: cluster cleanup scm: - git: wipe-workspace: 'True' diff --git a/.ci/jobs/elastic+helm-charts+master+cluster-creation.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+cluster-creation.yml similarity index 83% rename from .ci/jobs/elastic+helm-charts+master+cluster-creation.yml rename to .ci/jobs.t/elastic+helm-charts+{branch}+cluster-creation.yml index c1698c76d..c38168fc2 100644 --- a/.ci/jobs/elastic+helm-charts+master+cluster-creation.yml +++ b/.ci/jobs.t/elastic+helm-charts+{branch}+cluster-creation.yml @@ -1,8 +1,8 @@ --- - job: - name: elastic+helm-charts+master+cluster-creation - display-name: elastic / helm-charts - master - cluster creation - description: Master - cluster creation + name: elastic+helm-charts+%BRANCH%+cluster-creation + display-name: elastic / helm-charts - %BRANCH% - cluster creation + description: cluster creation scm: - git: wipe-workspace: 'True' diff --git a/.ci/jobs/elastic+helm-charts+master+integration-apm-server.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+integration-apm-server.yml similarity index 84% rename from .ci/jobs/elastic+helm-charts+master+integration-apm-server.yml rename to .ci/jobs.t/elastic+helm-charts+{branch}+integration-apm-server.yml index 8a6d1b75b..db65f2e2d 100644 --- a/.ci/jobs/elastic+helm-charts+master+integration-apm-server.yml +++ b/.ci/jobs.t/elastic+helm-charts+{branch}+integration-apm-server.yml @@ -1,8 +1,8 @@ --- - job: - name: elastic+helm-charts+master+integration-apm-server - display-name: elastic / helm-charts - master - integration apm-server - description: Master - integration apm-server + name: elastic+helm-charts+%BRANCH%+integration-apm-server + display-name: elastic / helm-charts - %BRANCH% - integration apm-server + description: integration apm-server scm: - git: wipe-workspace: 'True' diff --git a/.ci/jobs/elastic+helm-charts+master+integration-elasticsearch.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+integration-elasticsearch.yml similarity index 83% rename from .ci/jobs/elastic+helm-charts+master+integration-elasticsearch.yml rename to .ci/jobs.t/elastic+helm-charts+{branch}+integration-elasticsearch.yml index 7bb9ea7f6..8ba86cf7f 100644 --- a/.ci/jobs/elastic+helm-charts+master+integration-elasticsearch.yml +++ b/.ci/jobs.t/elastic+helm-charts+{branch}+integration-elasticsearch.yml @@ -1,8 +1,8 @@ --- - job: - name: elastic+helm-charts+master+integration-elasticsearch - display-name: elastic / helm-charts - master - integration elasticsearch - description: Master - integration elasticsearch + name: elastic+helm-charts+%BRANCH%+integration-elasticsearch + display-name: elastic / helm-charts - %BRANCH% - integration elasticsearch + description: integration elasticsearch scm: - git: wipe-workspace: 'True' diff --git a/.ci/jobs/elastic+helm-charts+master+integration-filebeat.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+integration-filebeat.yml similarity index 84% rename from .ci/jobs/elastic+helm-charts+master+integration-filebeat.yml rename to .ci/jobs.t/elastic+helm-charts+{branch}+integration-filebeat.yml index 661d5e993..4cb374036 100644 --- a/.ci/jobs/elastic+helm-charts+master+integration-filebeat.yml +++ b/.ci/jobs.t/elastic+helm-charts+{branch}+integration-filebeat.yml @@ -1,8 +1,8 @@ --- - job: - name: elastic+helm-charts+master+integration-filebeat - display-name: elastic / helm-charts - master - integration filebeat - description: Master - integration filebeat + name: elastic+helm-charts+%BRANCH%+integration-filebeat + display-name: elastic / helm-charts - %BRANCH% - integration filebeat + description: integration filebeat scm: - git: wipe-workspace: 'True' diff --git a/.ci/jobs/elastic+helm-charts+master+integration-kibana.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+integration-kibana.yml similarity index 85% rename from .ci/jobs/elastic+helm-charts+master+integration-kibana.yml rename to .ci/jobs.t/elastic+helm-charts+{branch}+integration-kibana.yml index d689e9143..65b4e47b8 100644 --- a/.ci/jobs/elastic+helm-charts+master+integration-kibana.yml +++ b/.ci/jobs.t/elastic+helm-charts+{branch}+integration-kibana.yml @@ -1,8 +1,8 @@ --- - job: - name: elastic+helm-charts+master+integration-kibana - display-name: elastic / helm-charts - master - integration kibana - description: Master - integration kibana + name: elastic+helm-charts+%BRANCH%+integration-kibana + display-name: elastic / helm-charts - %BRANCH% - integration kibana + description: integration kibana scm: - git: wipe-workspace: 'True' diff --git a/.ci/jobs/elastic+helm-charts+master+integration-logstash.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+integration-logstash.yml similarity index 84% rename from .ci/jobs/elastic+helm-charts+master+integration-logstash.yml rename to .ci/jobs.t/elastic+helm-charts+{branch}+integration-logstash.yml index b3f75f4c5..a88c04954 100644 --- a/.ci/jobs/elastic+helm-charts+master+integration-logstash.yml +++ b/.ci/jobs.t/elastic+helm-charts+{branch}+integration-logstash.yml @@ -1,8 +1,8 @@ --- - job: - name: elastic+helm-charts+master+integration-logstash - display-name: elastic / helm-charts - master - integration logstash - description: Master - integration logstash + name: elastic+helm-charts+%BRANCH%+integration-logstash + display-name: elastic / helm-charts - %BRANCH% - integration logstash + description: integration logstash scm: - git: wipe-workspace: 'True' diff --git a/.ci/jobs/elastic+helm-charts+master+integration-metricbeat.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+integration-metricbeat.yml similarity index 84% rename from .ci/jobs/elastic+helm-charts+master+integration-metricbeat.yml rename to .ci/jobs.t/elastic+helm-charts+{branch}+integration-metricbeat.yml index 480b700e2..c34a03a2d 100644 --- a/.ci/jobs/elastic+helm-charts+master+integration-metricbeat.yml +++ b/.ci/jobs.t/elastic+helm-charts+{branch}+integration-metricbeat.yml @@ -1,8 +1,8 @@ --- - job: - name: elastic+helm-charts+master+integration-metricbeat - display-name: elastic / helm-charts - master - integration metricbeat - description: Master - integration metricbeat + name: elastic+helm-charts+%BRANCH%+integration-metricbeat + display-name: elastic / helm-charts - %BRANCH% - integration metricbeat + description: integration metricbeat scm: - git: wipe-workspace: 'True' diff --git a/.ci/jobs/elastic+helm-charts+staging+cluster-cleanup.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+staging+cluster-cleanup.yml similarity index 94% rename from .ci/jobs/elastic+helm-charts+staging+cluster-cleanup.yml rename to .ci/jobs.t/elastic+helm-charts+{branch}+staging+cluster-cleanup.yml index df2daf77d..7c6bc2dc9 100644 --- a/.ci/jobs/elastic+helm-charts+staging+cluster-cleanup.yml +++ b/.ci/jobs.t/elastic+helm-charts+{branch}+staging+cluster-cleanup.yml @@ -1,6 +1,6 @@ --- - job: - name: elastic+helm-charts+staging+cluster-cleanup + name: elastic+helm-charts+%BRANCH%+staging+cluster-cleanup display-name: elastic / helm-charts - staging - cluster cleanup description: staging - cluster cleanup parameters: diff --git a/.ci/jobs/elastic+helm-charts+staging+cluster-creation.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+staging+cluster-creation.yml similarity index 94% rename from .ci/jobs/elastic+helm-charts+staging+cluster-creation.yml rename to .ci/jobs.t/elastic+helm-charts+{branch}+staging+cluster-creation.yml index 8770a257a..0279a6cfb 100644 --- a/.ci/jobs/elastic+helm-charts+staging+cluster-creation.yml +++ b/.ci/jobs.t/elastic+helm-charts+{branch}+staging+cluster-creation.yml @@ -1,6 +1,6 @@ --- - job: - name: elastic+helm-charts+staging+cluster-creation + name: elastic+helm-charts+%BRANCH%+staging+cluster-creation display-name: elastic / helm-charts - staging - cluster creation description: staging - cluster creation parameters: diff --git a/.ci/jobs/elastic+helm-charts+staging+integration-apm-server.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+staging+integration-apm-server.yml similarity index 95% rename from .ci/jobs/elastic+helm-charts+staging+integration-apm-server.yml rename to .ci/jobs.t/elastic+helm-charts+{branch}+staging+integration-apm-server.yml index cba2c4a69..0496ad456 100644 --- a/.ci/jobs/elastic+helm-charts+staging+integration-apm-server.yml +++ b/.ci/jobs.t/elastic+helm-charts+{branch}+staging+integration-apm-server.yml @@ -1,6 +1,6 @@ --- - job: - name: elastic+helm-charts+staging+integration-apm-server + name: elastic+helm-charts+%BRANCH%+staging+integration-apm-server display-name: elastic / helm-charts - staging - integration apm-server description: staging - integration apm-server parameters: diff --git a/.ci/jobs/elastic+helm-charts+staging+integration-elasticsearch.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+staging+integration-elasticsearch.yml similarity index 95% rename from .ci/jobs/elastic+helm-charts+staging+integration-elasticsearch.yml rename to .ci/jobs.t/elastic+helm-charts+{branch}+staging+integration-elasticsearch.yml index ef499b214..e441f2141 100644 --- a/.ci/jobs/elastic+helm-charts+staging+integration-elasticsearch.yml +++ b/.ci/jobs.t/elastic+helm-charts+{branch}+staging+integration-elasticsearch.yml @@ -1,6 +1,6 @@ --- - job: - name: elastic+helm-charts+staging+integration-elasticsearch + name: elastic+helm-charts+%BRANCH%+staging+integration-elasticsearch display-name: elastic / helm-charts - staging - integration elasticsearch description: staging - integration elasticsearch parameters: diff --git a/.ci/jobs/elastic+helm-charts+staging+integration-filebeat.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+staging+integration-filebeat.yml similarity index 95% rename from .ci/jobs/elastic+helm-charts+staging+integration-filebeat.yml rename to .ci/jobs.t/elastic+helm-charts+{branch}+staging+integration-filebeat.yml index f0d227cd3..da18266be 100644 --- a/.ci/jobs/elastic+helm-charts+staging+integration-filebeat.yml +++ b/.ci/jobs.t/elastic+helm-charts+{branch}+staging+integration-filebeat.yml @@ -1,6 +1,6 @@ --- - job: - name: elastic+helm-charts+staging+integration-filebeat + name: elastic+helm-charts+%BRANCH%+staging+integration-filebeat display-name: elastic / helm-charts - staging - integration filebeat description: staging - integration filebeat parameters: diff --git a/.ci/jobs/elastic+helm-charts+staging+integration-kibana.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+staging+integration-kibana.yml similarity index 95% rename from .ci/jobs/elastic+helm-charts+staging+integration-kibana.yml rename to .ci/jobs.t/elastic+helm-charts+{branch}+staging+integration-kibana.yml index f4a8e402b..8944098a1 100644 --- a/.ci/jobs/elastic+helm-charts+staging+integration-kibana.yml +++ b/.ci/jobs.t/elastic+helm-charts+{branch}+staging+integration-kibana.yml @@ -1,6 +1,6 @@ --- - job: - name: elastic+helm-charts+staging+integration-kibana + name: elastic+helm-charts+%BRANCH%+staging+integration-kibana display-name: elastic / helm-charts - staging - integration kibana description: staging - integration kibana parameters: diff --git a/.ci/jobs/elastic+helm-charts+staging+integration-logstash.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+staging+integration-logstash.yml similarity index 95% rename from .ci/jobs/elastic+helm-charts+staging+integration-logstash.yml rename to .ci/jobs.t/elastic+helm-charts+{branch}+staging+integration-logstash.yml index 01fcefe23..7db73f065 100644 --- a/.ci/jobs/elastic+helm-charts+staging+integration-logstash.yml +++ b/.ci/jobs.t/elastic+helm-charts+{branch}+staging+integration-logstash.yml @@ -1,6 +1,6 @@ --- - job: - name: elastic+helm-charts+staging+integration-logstash + name: elastic+helm-charts+%BRANCH%+staging+integration-logstash display-name: elastic / helm-charts - staging - integration logstash description: staging - integration logstash parameters: diff --git a/.ci/jobs/elastic+helm-charts+staging+integration-metricbeat.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+staging+integration-metricbeat.yml similarity index 95% rename from .ci/jobs/elastic+helm-charts+staging+integration-metricbeat.yml rename to .ci/jobs.t/elastic+helm-charts+{branch}+staging+integration-metricbeat.yml index 940a06e3d..1046c0a83 100644 --- a/.ci/jobs/elastic+helm-charts+staging+integration-metricbeat.yml +++ b/.ci/jobs.t/elastic+helm-charts+{branch}+staging+integration-metricbeat.yml @@ -1,6 +1,6 @@ --- - job: - name: elastic+helm-charts+staging+integration-metricbeat + name: elastic+helm-charts+%BRANCH%+staging+integration-metricbeat display-name: elastic / helm-charts - staging - integration metricbeat description: staging - integration metricbeat parameters: diff --git a/.ci/jobs/elastic+helm-charts+staging.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+staging.yml similarity index 97% rename from .ci/jobs/elastic+helm-charts+staging.yml rename to .ci/jobs.t/elastic+helm-charts+{branch}+staging.yml index 0c0b8efcf..5e6a135fc 100644 --- a/.ci/jobs/elastic+helm-charts+staging.yml +++ b/.ci/jobs.t/elastic+helm-charts+{branch}+staging.yml @@ -1,6 +1,6 @@ --- - job: - name: elastic+helm-charts+staging + name: elastic+helm-charts+%BRANCH%+staging display-name: elastic / helm-charts - staging description: Staging image testing concurrent: true diff --git a/.ci/jobs/elastic+helm-charts+master+template-lint-python.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+template-lint-python.yml similarity index 72% rename from .ci/jobs/elastic+helm-charts+master+template-lint-python.yml rename to .ci/jobs.t/elastic+helm-charts+{branch}+template-lint-python.yml index 25048d9e4..84ff14247 100644 --- a/.ci/jobs/elastic+helm-charts+master+template-lint-python.yml +++ b/.ci/jobs.t/elastic+helm-charts+{branch}+template-lint-python.yml @@ -1,8 +1,8 @@ --- - job: - name: elastic+helm-charts+master+lint-python - display-name: elastic / helm-charts - master - lint python - description: Master - lint python + name: elastic+helm-charts+%BRANCH%+lint-python + display-name: elastic / helm-charts - %BRANCH% - lint python + description: lint python scm: - git: wipe-workspace: 'True' diff --git a/.ci/jobs/elastic+helm-charts+master+template-testing.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+template-testing.yml similarity index 69% rename from .ci/jobs/elastic+helm-charts+master+template-testing.yml rename to .ci/jobs.t/elastic+helm-charts+{branch}+template-testing.yml index 5af16c9e9..1f09fea4a 100644 --- a/.ci/jobs/elastic+helm-charts+master+template-testing.yml +++ b/.ci/jobs.t/elastic+helm-charts+{branch}+template-testing.yml @@ -1,8 +1,8 @@ --- - job: - name: elastic+helm-charts+master+template-testing - display-name: elastic / helm-charts - master - template testing - description: Master - template testing + name: elastic+helm-charts+%BRANCH%+template-testing + display-name: elastic / helm-charts - %BRANCH% - template testing + description: template testing scm: - git: wipe-workspace: 'True' diff --git a/.ci/jobs/elastic+helm-charts+master.yml b/.ci/jobs.t/elastic+helm-charts+{branch}.yml similarity index 54% rename from .ci/jobs/elastic+helm-charts+master.yml rename to .ci/jobs.t/elastic+helm-charts+{branch}.yml index 03f35cc6b..44698a183 100644 --- a/.ci/jobs/elastic+helm-charts+master.yml +++ b/.ci/jobs.t/elastic+helm-charts+{branch}.yml @@ -1,8 +1,8 @@ --- - job: - name: elastic+helm-charts+master - display-name: elastic / helm-charts - master - description: Master branch testing + name: elastic+helm-charts+%BRANCH% + display-name: elastic / helm-charts - %BRANCH% + description: branch testing project-type: multijob scm: - git: @@ -15,34 +15,34 @@ name: template testing and kubernetes cluster creation condition: SUCCESSFUL projects: - - name: elastic+helm-charts+master+template-testing + - name: elastic+helm-charts+%BRANCH%+template-testing current-parameters: true - - name: elastic+helm-charts+master+lint-python + - name: elastic+helm-charts+%BRANCH%+lint-python current-parameters: true - - name: elastic+helm-charts+master+cluster-creation + - name: elastic+helm-charts+%BRANCH%+cluster-creation current-parameters: true - multijob: name: elasticsearch integration testing condition: ALWAYS projects: - - name: elastic+helm-charts+master+integration-elasticsearch + - name: elastic+helm-charts+%BRANCH%+integration-elasticsearch current-parameters: true - multijob: name: integration testing condition: ALWAYS projects: - - name: elastic+helm-charts+master+integration-kibana + - name: elastic+helm-charts+%BRANCH%+integration-kibana current-parameters: true - - name: elastic+helm-charts+master+integration-filebeat + - name: elastic+helm-charts+%BRANCH%+integration-filebeat current-parameters: true - - name: elastic+helm-charts+master+integration-metricbeat + - name: elastic+helm-charts+%BRANCH%+integration-metricbeat current-parameters: true - - name: elastic+helm-charts+master+integration-logstash + - name: elastic+helm-charts+%BRANCH%+integration-logstash current-parameters: true - - name: elastic+helm-charts+master+integration-apm-server + - name: elastic+helm-charts+%BRANCH%+integration-apm-server current-parameters: true publishers: - trigger-parameterized-builds: - - project: elastic+helm-charts+master+cluster-cleanup + - project: elastic+helm-charts+%BRANCH%+cluster-cleanup current-parameters: true trigger-with-no-params: false diff --git a/.ci/jobs/elastic+helm-charts+pull-request+cluster-cleanup.yml b/.ci/jobs/elastic+helm-charts+pull-request+cluster-cleanup.yml deleted file mode 100644 index cbd0d55eb..000000000 --- a/.ci/jobs/elastic+helm-charts+pull-request+cluster-cleanup.yml +++ /dev/null @@ -1,35 +0,0 @@ ---- -- job: - name: elastic+helm-charts+pull-request+cluster-cleanup - display-name: elastic / helm-charts - pull-request - cluster cleanup - description: Pull request - cluster cleanup - scm: - - git: - refspec: +refs/pull/*:refs/remotes/origin/pr/* - axes: - - axis: - type: slave - name: label - values: - - docker&&virtual - - axis: - type: yaml - name: KUBERNETES_VERSION - filename: helpers/matrix.yml - builders: - - shell: |- - #!/usr/local/bin/runbld - set -euo pipefail - - source /usr/local/bin/bash_standard_lib.sh - - set +x - VAULT_TOKEN=$(retry 5 vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID" secret_id="$VAULT_SECRET_ID") - export VAULT_TOKEN - unset VAULT_ROLE_ID VAULT_SECRET_ID - set -x - - cluster_name="helm-${KUBERNETES_VERSION//./}-${branch_specifier:0:10}" - - cd helpers/terraform/ - ./in-docker make destroy KUBERNETES_VERSION=${KUBERNETES_VERSION} CLUSTER_NAME=${cluster_name} diff --git a/.ci/jobs/elastic+helm-charts+pull-request+cluster-creation.yml b/.ci/jobs/elastic+helm-charts+pull-request+cluster-creation.yml deleted file mode 100644 index d1b491080..000000000 --- a/.ci/jobs/elastic+helm-charts+pull-request+cluster-creation.yml +++ /dev/null @@ -1,35 +0,0 @@ ---- -- job: - name: elastic+helm-charts+pull-request+cluster-creation - display-name: elastic / helm-charts - pull-request - cluster creation - description: Pull request - cluster creation - scm: - - git: - refspec: +refs/pull/*:refs/remotes/origin/pr/* - axes: - - axis: - type: slave - name: label - values: - - docker&&virtual - - axis: - type: yaml - name: KUBERNETES_VERSION - filename: helpers/matrix.yml - builders: - - shell: |- - #!/usr/local/bin/runbld - set -euo pipefail - - source /usr/local/bin/bash_standard_lib.sh - - set +x - VAULT_TOKEN=$(retry 5 vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID" secret_id="$VAULT_SECRET_ID") - export VAULT_TOKEN - unset VAULT_ROLE_ID VAULT_SECRET_ID - set -x - - cluster_name="helm-${KUBERNETES_VERSION//./}-${branch_specifier:0:10}" - - cd helpers/terraform/ - ./in-docker make up KUBERNETES_VERSION=${KUBERNETES_VERSION} CLUSTER_NAME=${cluster_name} diff --git a/.ci/jobs/elastic+helm-charts+pull-request+integration-apm-server.yml b/.ci/jobs/elastic+helm-charts+pull-request+integration-apm-server.yml deleted file mode 100644 index 55b331e9d..000000000 --- a/.ci/jobs/elastic+helm-charts+pull-request+integration-apm-server.yml +++ /dev/null @@ -1,39 +0,0 @@ ---- -- job: - name: elastic+helm-charts+pull-request+integration-apm-server - display-name: elastic / helm-charts - pull-request - integration apm-server - description: Pull request - integration apm-server - scm: - - git: - refspec: +refs/pull/*:refs/remotes/origin/pr/* - axes: - - axis: - type: slave - name: label - values: - - docker&&virtual - - axis: - type: yaml - name: APM_SERVER_SUITE - filename: helpers/matrix.yml - - axis: - type: yaml - name: KUBERNETES_VERSION - filename: helpers/matrix.yml - builders: - - shell: |- - #!/usr/local/bin/runbld - set -euo pipefail - - source /usr/local/bin/bash_standard_lib.sh - - set +x - VAULT_TOKEN=$(retry 5 vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID" secret_id="$VAULT_SECRET_ID") - export VAULT_TOKEN - unset VAULT_ROLE_ID VAULT_SECRET_ID - set -x - - cluster_name="helm-${KUBERNETES_VERSION//./}-${branch_specifier:0:10}" - - cd helpers/terraform/ - ./in-docker make integration KUBERNETES_VERSION=${KUBERNETES_VERSION} CLUSTER_NAME=${cluster_name} SUITE=${APM_SERVER_SUITE} CHART=apm-server diff --git a/.ci/jobs/elastic+helm-charts+pull-request+integration-elasticsearch.yml b/.ci/jobs/elastic+helm-charts+pull-request+integration-elasticsearch.yml deleted file mode 100644 index a476a1d85..000000000 --- a/.ci/jobs/elastic+helm-charts+pull-request+integration-elasticsearch.yml +++ /dev/null @@ -1,39 +0,0 @@ ---- -- job: - name: elastic+helm-charts+pull-request+integration-elasticsearch - display-name: elastic / helm-charts - pull-request - integration elasticsearch - description: Pull request - integration elasticsearch - scm: - - git: - refspec: +refs/pull/*:refs/remotes/origin/pr/* - axes: - - axis: - type: slave - name: label - values: - - docker&&virtual - - axis: - type: yaml - name: ES_SUITE - filename: helpers/matrix.yml - - axis: - type: yaml - name: KUBERNETES_VERSION - filename: helpers/matrix.yml - builders: - - shell: |- - #!/usr/local/bin/runbld - set -euo pipefail - - source /usr/local/bin/bash_standard_lib.sh - - set +x - VAULT_TOKEN=$(retry 5 vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID" secret_id="$VAULT_SECRET_ID") - export VAULT_TOKEN - unset VAULT_ROLE_ID VAULT_SECRET_ID - set -x - - cluster_name="helm-${KUBERNETES_VERSION//./}-${branch_specifier:0:10}" - - cd helpers/terraform/ - ./in-docker make integration KUBERNETES_VERSION=${KUBERNETES_VERSION} CLUSTER_NAME=${cluster_name} SUITE=${ES_SUITE} CHART=elasticsearch diff --git a/.ci/jobs/elastic+helm-charts+pull-request+integration-filebeat.yml b/.ci/jobs/elastic+helm-charts+pull-request+integration-filebeat.yml deleted file mode 100644 index 3a1621fbb..000000000 --- a/.ci/jobs/elastic+helm-charts+pull-request+integration-filebeat.yml +++ /dev/null @@ -1,39 +0,0 @@ ---- -- job: - name: elastic+helm-charts+pull-request+integration-filebeat - display-name: elastic / helm-charts - pull-request - integration filebeat - description: Pull request - integration filebeat - scm: - - git: - refspec: +refs/pull/*:refs/remotes/origin/pr/* - axes: - - axis: - type: slave - name: label - values: - - docker&&virtual - - axis: - type: yaml - name: FILEBEAT_SUITE - filename: helpers/matrix.yml - - axis: - type: yaml - name: KUBERNETES_VERSION - filename: helpers/matrix.yml - builders: - - shell: |- - #!/usr/local/bin/runbld - set -euo pipefail - - source /usr/local/bin/bash_standard_lib.sh - - set +x - VAULT_TOKEN=$(retry 5 vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID" secret_id="$VAULT_SECRET_ID") - export VAULT_TOKEN - unset VAULT_ROLE_ID VAULT_SECRET_ID - set -x - - cluster_name="helm-${KUBERNETES_VERSION//./}-${branch_specifier:0:10}" - - cd helpers/terraform/ - ./in-docker make integration KUBERNETES_VERSION=${KUBERNETES_VERSION} CLUSTER_NAME=${cluster_name} SUITE=${FILEBEAT_SUITE} CHART=filebeat diff --git a/.ci/jobs/elastic+helm-charts+pull-request+integration-kibana.yml b/.ci/jobs/elastic+helm-charts+pull-request+integration-kibana.yml deleted file mode 100644 index ed2e6ec4a..000000000 --- a/.ci/jobs/elastic+helm-charts+pull-request+integration-kibana.yml +++ /dev/null @@ -1,39 +0,0 @@ ---- -- job: - name: elastic+helm-charts+pull-request+integration-kibana - display-name: elastic / helm-charts - pull-request - integration kibana - description: Pull request - integration kibana - scm: - - git: - refspec: +refs/pull/*:refs/remotes/origin/pr/* - axes: - - axis: - type: slave - name: label - values: - - docker&&virtual - - axis: - type: yaml - name: KIBANA_SUITE - filename: helpers/matrix.yml - - axis: - type: yaml - name: KUBERNETES_VERSION - filename: helpers/matrix.yml - builders: - - shell: |- - #!/usr/local/bin/runbld - set -euo pipefail - - source /usr/local/bin/bash_standard_lib.sh - - set +x - VAULT_TOKEN=$(retry 5 vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID" secret_id="$VAULT_SECRET_ID") - export VAULT_TOKEN - unset VAULT_ROLE_ID VAULT_SECRET_ID - set -x - - cluster_name="helm-${KUBERNETES_VERSION//./}-${branch_specifier:0:10}" - - cd helpers/terraform/ - ./in-docker make integration KUBERNETES_VERSION=${KUBERNETES_VERSION} CLUSTER_NAME=${cluster_name} SUITE=${KIBANA_SUITE} CHART=kibana diff --git a/.ci/jobs/elastic+helm-charts+pull-request+integration-logstash.yml b/.ci/jobs/elastic+helm-charts+pull-request+integration-logstash.yml deleted file mode 100644 index bf7066426..000000000 --- a/.ci/jobs/elastic+helm-charts+pull-request+integration-logstash.yml +++ /dev/null @@ -1,39 +0,0 @@ ---- -- job: - name: elastic+helm-charts+pull-request+integration-logstash - display-name: elastic / helm-charts - pull-request - integration logstash - description: Pull request - integration logstash - scm: - - git: - refspec: +refs/pull/*:refs/remotes/origin/pr/* - axes: - - axis: - type: slave - name: label - values: - - docker&&virtual - - axis: - type: yaml - name: LOGSTASH_SUITE - filename: helpers/matrix.yml - - axis: - type: yaml - name: KUBERNETES_VERSION - filename: helpers/matrix.yml - builders: - - shell: |- - #!/usr/local/bin/runbld - set -euo pipefail - - source /usr/local/bin/bash_standard_lib.sh - - set +x - VAULT_TOKEN=$(retry 5 vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID" secret_id="$VAULT_SECRET_ID") - export VAULT_TOKEN - unset VAULT_ROLE_ID VAULT_SECRET_ID - set -x - - cluster_name="helm-${KUBERNETES_VERSION//./}-${branch_specifier:0:10}" - - cd helpers/terraform/ - ./in-docker make integration KUBERNETES_VERSION=${KUBERNETES_VERSION} CLUSTER_NAME=${cluster_name} SUITE=${LOGSTASH_SUITE} CHART=logstash diff --git a/.ci/jobs/elastic+helm-charts+pull-request+integration-metricbeat.yml b/.ci/jobs/elastic+helm-charts+pull-request+integration-metricbeat.yml deleted file mode 100644 index 34c6ac2fb..000000000 --- a/.ci/jobs/elastic+helm-charts+pull-request+integration-metricbeat.yml +++ /dev/null @@ -1,39 +0,0 @@ ---- -- job: - name: elastic+helm-charts+pull-request+integration-metricbeat - display-name: elastic / helm-charts - pull-request - integration metricbeat - description: Pull request - integration metricbeat - scm: - - git: - refspec: +refs/pull/*:refs/remotes/origin/pr/* - axes: - - axis: - type: slave - name: label - values: - - docker&&virtual - - axis: - type: yaml - name: METRICBEAT_SUITE - filename: helpers/matrix.yml - - axis: - type: yaml - name: KUBERNETES_VERSION - filename: helpers/matrix.yml - builders: - - shell: |- - #!/usr/local/bin/runbld - set -euo pipefail - - source /usr/local/bin/bash_standard_lib.sh - - set +x - VAULT_TOKEN=$(retry 5 vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID" secret_id="$VAULT_SECRET_ID") - export VAULT_TOKEN - unset VAULT_ROLE_ID VAULT_SECRET_ID - set -x - - cluster_name="helm-${KUBERNETES_VERSION//./}-${branch_specifier:0:10}" - - cd helpers/terraform/ - ./in-docker make integration KUBERNETES_VERSION=${KUBERNETES_VERSION} CLUSTER_NAME=${cluster_name} SUITE=${METRICBEAT_SUITE} CHART=metricbeat diff --git a/.ci/jobs/elastic+helm-charts+pull-request+lint-python.yml b/.ci/jobs/elastic+helm-charts+pull-request+lint-python.yml deleted file mode 100644 index 5ec00f723..000000000 --- a/.ci/jobs/elastic+helm-charts+pull-request+lint-python.yml +++ /dev/null @@ -1,22 +0,0 @@ ---- -- job: - name: elastic+helm-charts+pull-request+lint-python - display-name: elastic / helm-charts - pull-request - lint python - description: Pull request - lint python - scm: - - git: - refspec: +refs/pull/*:refs/remotes/origin/pr/* - axes: - - axis: - type: slave - name: label - values: - - docker&&virtual&&ubuntu-18.04 - builders: - - shell: |- - #!/usr/local/bin/runbld - set -euo pipefail - - virtualenv -p python3 venv && source venv/bin/activate - pip install -r requirements.txt - make lint-python diff --git a/.ci/jobs/elastic+helm-charts+pull-request+template-testing.yml b/.ci/jobs/elastic+helm-charts+pull-request+template-testing.yml deleted file mode 100644 index 4f0a3ae93..000000000 --- a/.ci/jobs/elastic+helm-charts+pull-request+template-testing.yml +++ /dev/null @@ -1,25 +0,0 @@ ---- -- job: - name: elastic+helm-charts+pull-request+template-testing - display-name: elastic / helm-charts - pull-request - template testing - description: Pull request - template testing - scm: - - git: - refspec: +refs/pull/*:refs/remotes/origin/pr/* - axes: - - axis: - type: slave - name: label - values: - - docker&&virtual - - axis: - type: yaml - name: CHART - filename: helpers/matrix.yml - builders: - - shell: |- - #!/usr/local/bin/runbld - set -euo pipefail - - cd ${CHART} - make test diff --git a/.ci/jobs/elastic+helm-charts+pull-request.yml b/.ci/jobs/elastic+helm-charts+pull-request.yml deleted file mode 100644 index 382adf275..000000000 --- a/.ci/jobs/elastic+helm-charts+pull-request.yml +++ /dev/null @@ -1,68 +0,0 @@ ---- -- job: - name: elastic+helm-charts+pull-request - display-name: elastic / helm-charts - pull-request - description: Pull request testing - project-type: multijob - concurrent: true - scm: - - git: - branches: - - $ghprbActualCommit - refspec: +refs/pull/*:refs/remotes/origin/pr/* - basedir: elasticsearch - wipe-workspace: 'False' - triggers: - - github-pull-request: - github-hooks: true - org-list: - - elastic - allow-whitelist-orgs-as-admins: true - cancel-builds-on-update: true - status-context: devops-ci - builders: - - multijob: - name: template testing and kubernetes cluster creation - condition: SUCCESSFUL - projects: - - name: elastic+helm-charts+pull-request+template-testing - current-parameters: true - predefined-parameters: branch_specifier=${ghprbActualCommit} - - name: elastic+helm-charts+pull-request+lint-python - current-parameters: true - predefined-parameters: branch_specifier=${ghprbActualCommit} - - name: elastic+helm-charts+pull-request+cluster-creation - current-parameters: true - predefined-parameters: branch_specifier=${ghprbActualCommit} - - multijob: - name: elasticsearch integration testing - condition: ALWAYS - projects: - - name: elastic+helm-charts+pull-request+integration-elasticsearch - current-parameters: true - predefined-parameters: branch_specifier=${ghprbActualCommit} - - multijob: - name: integration testing - condition: ALWAYS - projects: - - name: elastic+helm-charts+pull-request+integration-kibana - current-parameters: true - predefined-parameters: branch_specifier=${ghprbActualCommit} - - name: elastic+helm-charts+pull-request+integration-filebeat - current-parameters: true - predefined-parameters: branch_specifier=${ghprbActualCommit} - - name: elastic+helm-charts+pull-request+integration-metricbeat - current-parameters: true - predefined-parameters: branch_specifier=${ghprbActualCommit} - - name: elastic+helm-charts+pull-request+integration-logstash - current-parameters: true - predefined-parameters: branch_specifier=${ghprbActualCommit} - - name: elastic+helm-charts+pull-request+integration-apm-server - current-parameters: true - predefined-parameters: branch_specifier=${ghprbActualCommit} - publishers: - - trigger-parameterized-builds: - - project: elastic+helm-charts+pull-request+cluster-cleanup - current-parameters: true - trigger-with-no-params: false - predefined-parameters: branch_specifier=${ghprbActualCommit} diff --git a/.ci/make-branch-config.sh b/.ci/make-branch-config.sh new file mode 100755 index 000000000..ca9554787 --- /dev/null +++ b/.ci/make-branch-config.sh @@ -0,0 +1,11 @@ +#!/bin/bash + +if [ -z "$BRANCH" ] ; then + echo "BRANCH is unset" + exit 1 +fi + +rm -Rf .ci/jobs +cp -r .ci/jobs.t .ci/jobs + +sed -i "s/%BRANCH%/${BRANCH}/g" .ci/jobs/*.yml \ No newline at end of file diff --git a/CHANGELOG.md b/CHANGELOG.md deleted file mode 100644 index 39382aa59..000000000 --- a/CHANGELOG.md +++ /dev/null @@ -1,525 +0,0 @@ -# Changelog - -## 7.6.2 - 2020/03/31 - -* 7.6.2 as the default stack version -* 6.8.8 as 6.x tested version -* Helm 2.16.5 support in [#537](https://github.com/elastic/helm-charts/pull/537) [@jmlrt](https://github.com/jmlrt) -* Drop GKE 1.13 tests in [#533](https://github.com/elastic/helm-charts/pull/533) [@jmlrt](https://github.com/jmlrt) -* Few dev environment tweaks in [#521](https://github.com/elastic/helm-charts/pull/521) [@Conky5](https://github.com/Conky5) -* Version bumping script enhancements in [#524](https://github.com/elastic/helm-charts/pull/524) [@Conky5](https://github.com/Conky5) -* Staging image testing in [#532](https://github.com/elastic/helm-charts/pull/532), [#544](https://github.com/elastic/helm-charts/pull/544) & [#545](https://github.com/elastic/helm-charts/pull/545) [@Conky5](https://github.com/Conky5) - -### APM Server - -| PR | Author | Title | -| ------------------------------------------------------ | -------------------------------------- | ------------------------------ | -|[#508](https://github.com/elastic/helm-charts/pull/508) | [@kawat55](https://github.com/kawat55) | Fix `fullnameOverride` setting | -|[#509](https://github.com/elastic/helm-charts/pull/509) | [@qqshfox](https://github.com/qqshfox) | Fix `apiVersion` of HPA | - -### Elasticsearch - -| PR | Author | Title | -| ------------------------------------------------------ | ---------------------------------------------------- | ------------------------------------------------------------- | -|[#485](https://github.com/elastic/helm-charts/pull/485) | [@mschmidt291](https://github.com/mschmidt291) | Add possibility to define custom `readinessProbe` | -|[#517](https://github.com/elastic/helm-charts/pull/517) | [@maksim-m](https://github.com/maksim-m) | Add namespace parameter to the test function to `NOTES.txt` | -|[#539](https://github.com/elastic/helm-charts/pull/539) | [@adulescentulus](https://github.com/adulescentulus) | Add `loadBalancerIP` option to service | - -### Filebeat - -| PR | Author | Title | -| ------------------------------------------------------ | ---------------------------------------- | ----------------------------------------------------------- | -|[#530](https://github.com/elastic/helm-charts/pull/530) | [@flaper87](https://github.com/flaper87) | Accept a string as `extraInitContainers` value for Filebeat | - -### Kibana - -**Warning** -[#540](https://github.com/elastic/helm-charts/pull/540) increase default CPU and memory requests/limits. This may impact the resources (nodes) required in your Kubernetes cluster to deploy Kibana chart. - -If you wish to come back to former values, you need to override CPU and Memory requests/limits as well as `NODE_OPTIONS` `extraEnvs` variable when deploying your Helm Chart. - - -| PR | Author | Title | -| ------------------------------------------------------ | ---------------------------------------- | -------------------------------------------------------------------------------------- | -|[#493](https://github.com/elastic/helm-charts/pull/493) | [@jamoflaw](https://github.com/jamoflaw) | Fix Mismatch Between Service Selector and Pod Labels when using Helm Aliases in Kibana | -|[#540](https://github.com/elastic/helm-charts/pull/540) | [@jmlrt](https://github.com/jmlrt) | Optimize Kibana memory usage | - -### Logstash - -| PR | Author | Title | -| ------------------------------------------------------ | ---------------------------------------------------- | ---------------------------------------------- | -|[#500](https://github.com/elastic/helm-charts/pull/500) | [@zeph](https://github.com/zeph) | Add warn to override Logstash default pipeline | -|[#505](https://github.com/elastic/helm-charts/pull/505) | [@ChiefAlexander](https://github.com/ChiefAlexander) | Update Logstash chart to support custom ports | - -## 7.6.1 - 2020/03/04 - -* 7.6.1 as the default stack version - -### APM Server - -| PR | Author | Title | -| ------------------------------------------------------ | ---------------------------------------- | ----------------- | -|[#479](https://github.com/elastic/helm-charts/pull/479) | [@vhatsura](https://github.com/vhatsura) | Fix template name | - -### Elasticsearch - -| PR | Author | Title | -| ------------------------------------------------------ | -------------------------------------- | --------------------------------------- | -|[#483](https://github.com/elastic/helm-charts/pull/483) | [@ta-ando](https://github.com/ta-ando) | Ad support for loadBalancerSourceRanges | - - -## 7.6.0 - 2020/02/11 - -* 7.6.0 as the default stack version -* Freeze pip dependencies [#463](https://github.com/elastic/helm-charts/pull/463) [@morganchristiansson](https://github.com/morganchristiansson) -* Format python scripts with [Black](https://black.readthedocs.io/en/stable/) [#475](https://github.com/elastic/helm-charts/pull/475) & [#477](https://github.com/elastic/helm-charts/pull/477) [@jmlrt](https://github.com/jmlrt) - -### APM Server - -| PR | Author | Title | -| ------------------------------------------------------ | ---------------------------------------- | ------------------------------------------- | -|[#324](https://github.com/elastic/helm-charts/pull/324) | [@pbecotte](https://github.com/pbecotte) | Add apm-server helm chart | -|[#459](https://github.com/elastic/helm-charts/pull/459) | [@jmlrt](https://github.com/jmlrt) | Add ci tests for apm-server chart | -|[#473](https://github.com/elastic/helm-charts/pull/473) | [@jmlrt](https://github.com/jmlrt) | Add extraContainers and extraInitContainers | - -### Elasticsearch - -| PR | Author | Title | -| ------------------------------------------------------ | -------------------------------------------- | --------------------------- | -|[#455](https://github.com/elastic/helm-charts/pull/455) | [@sachinmsft](https://github.com/sachinmsft) | Fixing typo | -|[#458](https://github.com/elastic/helm-charts/pull/458) | [@jmlrt](https://github.com/jmlrt) | Set cpu request = cpu limit | -|[#473](https://github.com/elastic/helm-charts/pull/473) | [@jmlrt](https://github.com/jmlrt) | Add extraContainers | - -### Filebeat - -| PR | Author | Title | -| ------------------------------------------------------ | ------------------------------------ | ----------------------- | -|[#466](https://github.com/elastic/helm-charts/pull/466) | [@vasrem](https://github.com/vasrem) | Add extraInitContainers | -|[#473](https://github.com/elastic/helm-charts/pull/473) | [@jmlrt](https://github.com/jmlrt) | Add extraContainers | - -### Kibana - -| PR | Author | Title | -| ------------------------------------------------------ | ---------------------------------- | ------------------------------------------- | -|[#473](https://github.com/elastic/helm-charts/pull/473) | [@jmlrt](https://github.com/jmlrt) | Add extraContainers and extraInitContainers | - -### Logstash - -| PR | Author | Title | -| ------------------------------------------------------ | -------------------------------------------------------------- | ------------------------------- | -|[#457](https://github.com/elastic/helm-charts/pull/457) | [@morganchristiansson](https://github.com/morganchristiansson) | Add fullnameOverride setting | -|[#473](https://github.com/elastic/helm-charts/pull/473) | [@jmlrt](https://github.com/jmlrt) | Remove duplicate line in README | - -### Metricbeat - -| PR | Author | Title | -| ------------------------------------------------------ | ---------------------------------- | ------------------------------------------- | -|[#473](https://github.com/elastic/helm-charts/pull/473) | [@jmlrt](https://github.com/jmlrt) | Add extraContainers and extraInitContainers | - - -## 7.5.2 - 2020/01/21 - -* 7.5.2 as the default stack version -* Testing of GKE for 1.12 dropped and 1.15 added [#435](https://github.com/elastic/helm-charts/pull/435) [@jmlrt](https://github.com/jmlrt) -* Add [Probot](https://probot.github.io) config to manage stale issues / PR [#421](https://github.com/elastic/helm-charts/pull/421) [@jmlrt](https://github.com/jmlrt) -* Fix README docs links on [Helm Hub](https://hub.helm.sh) [#438](https://github.com/elastic/helm-charts/pull/438) [@jmlrt](https://github.com/jmlrt) - -### Elasticsearch - -| PR | Author | Title | -| ------------------------------------------------------ | ------------------------------------------------ | --------------------------------------------------------------- | -|[#382](https://github.com/elastic/helm-charts/pull/382) | [@jaumann](https://github.com/jaumann) | Allow for name overrides of resources | -|[#433](https://github.com/elastic/helm-charts/pull/433) | [@jmlrt](https://github.com/jmlrt) | Add example for [Microk8s](https://microk8s.io/) | -|[#428](https://github.com/elastic/helm-charts/pull/428) | [@mmisztal1980](https://github.com/mmisztal1980) | Remove duplicate label | -|[#434](https://github.com/elastic/helm-charts/pull/434) | [@jmlrt](https://github.com/jmlrt) | Add workaround to fix [kind])https://kind.sigs.k8s.io/) example | -|[#444](https://github.com/elastic/helm-charts/pull/444) | [@naseemkullah](https://github.com/naseemkullah) | Add commented out example of a useful post start hook | - -### Filebeat - -| PR | Author | Title | -| ------------------------------------------------------ | ---------------------------------------------- | --------------------------------------------------------------------- | -|[#415](https://github.com/elastic/helm-charts/pull/415) | [@jmlrt](https://github.com/jmlrt) | Add custom labels to pods | -|[#369](https://github.com/elastic/helm-charts/pull/369) | [@jmymy](https://github.com/jmymy) | Add support for `envfrom` | -|[#420](https://github.com/elastic/helm-charts/pull/420) | [@jmlrt](https://github.com/jmlrt) | Override probes commands | -|[#430](https://github.com/elastic/helm-charts/pull/430) | [@krichter722](https://github.com/krichter722) | Fix default value of `extraVolumeMounts` and `extraVolumes` in README | - -### Kibana - -| PR | Author | Title | -| ------------------------------------------------------ | ------------------------------------------------ | ----------------------------------------------- | -|[#415](https://github.com/elastic/helm-charts/pull/415) | [@jmlrt](https://github.com/jmlrt) | Add custom labels to pods | -|[#422](https://github.com/elastic/helm-charts/pull/422) | [@victorsalaun](https://github.com/victorsalaun) | Remove useless `maxUnavailable` in Kibana chart | -|[#408](https://github.com/elastic/helm-charts/pull/408) | [@ichylinux](https://github.com/ichylinux) | Add support for `loadBalancerSourceRanges` | -|[#419](https://github.com/elastic/helm-charts/pull/419) | [@jmlrt](https://github.com/jmlrt) | Add doc for plugin install | - -### Logstash - -| PR | Author | Title | -| ------------------------------------------------------ | ---------------------------------- | ------------------------- | -|[#415](https://github.com/elastic/helm-charts/pull/415) | [@jmlrt](https://github.com/jmlrt) | Add custom labels to pods | - -### Metricbeat - -| PR | Author | Title | -| ------------------------------------------------------ | ---------------------------------------- | ------------------------------------------------------------- | -|[#415](https://github.com/elastic/helm-charts/pull/415) | [@jmlrt](https://github.com/jmlrt) | Add custom labels to pods | -|[#369](https://github.com/elastic/helm-charts/pull/369) | [@jmymy](https://github.com/jmymy) | Add support for `envfrom` | -|[#420](https://github.com/elastic/helm-charts/pull/420) | [@jmlrt](https://github.com/jmlrt) | Override probes commands | -|[#425](https://github.com/elastic/helm-charts/pull/425) | [@pbecotte](https://github.com/pbecotte) | Update `hostfs` to be a CLI option instead of a config option | -|[#436](https://github.com/elastic/helm-charts/pull/436) | [@gadiener](https://github.com/gadiener) | Add `priorityClassName` config | - - -## 7.5.1 - 2019/12/18 - -* 7.5.1 as the default stack version -* 6.8.6 as 6.x tested version -* Add a notice that Helm v3 is not supported in [#400](https://github.com/elastic/helm-charts/pull/400) [@jmlrt](https://github.com/jmlrt) -* Prefixed helper functions with chart name in [#407](https://github.com/elastic/helm-charts/pull/407) [bpdunni](https://github.com/bpdunni) -* Use details tag around code backticks for 'helm get' output in issue template in [#413](https://github.com/elastic/helm-charts/pull/413) [krichter722](https://github.com/krichter722) - -### Filebeat - -| PR | Author | Title | -| ------------------------------------------------------ | ---------------------------------------- | ----------------------------------------------------- | -|[#403](https://github.com/elastic/helm-charts/pull/403) | [@ChrsMark](https://github.com/ChrsMark) | Remove in_cluster config from add_kubernetes_metadata | - -### Kibana - -| PR | Author | Title | -| ------------------------------------------------------ | ---------------------------------------------------- | ------------------------------------ | -|[#411](https://github.com/elastic/helm-charts/pull/411) | [@usamaahmadkhan](https://github.com/usamaahmadkhan) | Enable labels to be added to service | - -### Metricbeat - -| PR | Author | Title | -| ------------------------------------------------------ | ---------------------------------- | ----------------------------------------------------- | -|[#397](https://github.com/elastic/helm-charts/pull/397) | [@jmlrt](https://github.com/jmlrt) | Add a notice about kube-state-metrics breaking change | - - -## 7.5.0 - 2019/12/02 - -* 7.5.0 as the default stack version -* 6.8.5 as 6.x tested version in [#386](https://github.com/elastic/helm-charts/pull/386) [@jmlrt](https://github.com/jmlrt) -* Helm 2.16.1 support in [#366](https://github.com/elastic/helm-charts/pull/366) [@jmlrt](https://github.com/jmlrt) -* Add Beats icons to Helm repository in [#345](https://github.com/elastic/helm-charts/pull/345) [@jmlrt](https://github.com/jmlrt) -* Make helm-tester docker image build less verbose in [#346](https://github.com/elastic/helm-charts/pull/346) [@jmlrt](https://github.com/jmlrt) -* Update install doc in [#364](https://github.com/elastic/helm-charts/pull/364) [@jmlrt](https://github.com/jmlrt) -* Add security notice to github issue template in [#368](https://github.com/elastic/helm-charts/pull/368) [@jmlrt](https://github.com/jmlrt) - -### Elasticsearch - -| PR | Author | Title | -| ------------------------------------------------------- | ---------------------------------------------------- | ---------------------------------------------------------------------------- | -|[#344](https://github.com/elastic/helm-charts/pull/344) | [@usamaahmadkhan](https://github.com/usamaahmadkhan) | Add support for labels on services | -|[#350](https://github.com/elastic/helm-charts/pull/350) | [@crgstar](https://github.com/crgstar) | Use same imagePullPolicy in initContainer | -|[#380](https://github.com/elastic/helm-charts/pull/380) | [@fatmcgav](https://github.com/fatmcgav) | Tweak the 'readinessProbe' command to verify that master nodes are available | -|[#383](https://github.com/elastic/helm-charts/pull/383) | [@tanakapayam](https://github.com/tanakapayam) | Apply labels to all pods | - -### Filebeat - -| PR | Author | Title | -| ------------------------------------------------------ | ------------------------------------------------ | ------------------------------------------------------------------------- | -|[#330](https://github.com/elastic/helm-charts/pull/330) | [@tusciucalecs](https://github.com/tusciucalecs) | Support fullnameOverride | -|[#321](https://github.com/elastic/helm-charts/pull/321) | [@pbecotte](https://github.com/pbecotte) | Use host networking so that the stats have the correct node informations | -|[#322](https://github.com/elastic/helm-charts/pull/322) | [@pbecotte](https://github.com/pbecotte) | Use a list for extra volume mounts to match the comments and other values | - -### Kibana - -| PR | Author | Title | -| ------------------------------------------------------ | -------------------------------------------------| ------------------------ | -|[#330](https://github.com/elastic/helm-charts/pull/330) | [@tusciucalecs](https://github.com/tusciucalecs) | Support fullnameOverride | - -### Logstash - -| PR | Author | Title | -| ------------------------------------------------------ | ---------------------------------- | -------------------------------------------- | -|[#333](https://github.com/elastic/helm-charts/pull/333) | [@jmlrt](https://github.com/jmlrt) | First version of logstash helm chart | -|[#347](https://github.com/elastic/helm-charts/pull/347) | [@jmlrt](https://github.com/jmlrt) | Remove goss port test | -|[#367](https://github.com/elastic/helm-charts/pull/367) | [@jmlrt](https://github.com/jmlrt) | Update default values for memory requirements| - -### Metricbeat - -**Warning** -[#352](https://github.com/elastic/helm-charts/pull/352) is introducing a breaking change, please refer to [Metricbeat Breaking Changes](./metricbeat/README.md#breaking-changes) section for users upgrading from a chart version < 7.5.0. - -| PR | Author | Title | -| ------------------------------------------------------ | ------------------------------------------------ | ----------------------------------------------------------------------------------------- | -|[#352](https://github.com/elastic/helm-charts/pull/352) | [@masterkain](https://github.com/masterkain) | Bump kube-state-metrics to latest chart and app version | -|[#330](https://github.com/elastic/helm-charts/pull/330) | [@tusciucalecs](https://github.com/tusciucalecs) | Support fullnameOverride | -|[#314](https://github.com/elastic/helm-charts/pull/314) | [@pbecotte](https://github.com/pbecotte) | Add a couple extra mounts to pick up all the metrics from the host nodes on Digital Ocean | - - -## 7.4.1 - 2019/10/23 - -* 7.4.1 as the default stack version -* 6.8.4 as 6.x tested version -* Helm 2.15.1 support in [#338](https://github.com/elastic/helm-charts/pull/338) [@jmlrt](https://github.com/jmlrt) - -### Elasticsearch - -| PR | Author | Title | -| ------------------------------------------------------- | ----------------------------------------- | -------------------------------------------- | -|[#313](https://github.com/elastic/helm-charts/pull/313) | [@Crazybus](https://github.com/Crazybus) | Add logging when adding password to keystore | -|[#301](https://github.com/elastic/helm-charts/pull/301) | [@ravishivt](https://github.com/ravishivt) | Fix bug in keystore initContainer | -|[#274](https://github.com/elastic/helm-charts/pull/274) | [@salaboy](https://github.com/salaboy) | Add Example for Kubernetes KIND | -|[#335](https://github.com/elastic/helm-charts/pull/335) | [@jmlrt](https://github.com/jmlrt) | Fix deprecated note | -|[#337](https://github.com/elastic/helm-charts/pull/337) | [@jmlrt](https://github.com/jmlrt) | Remove unused default value | - -### Kibana - -| PR | Author | Title | -| ------------------------------------------------------ | ---------------------------------- | ------------------------------- | -|[#326](https://github.com/elastic/helm-charts/pull/326) | [@jmlrt](https://github.com/jmlrt) | Remove unused antiAffinity keys | - -### Metricbeat - -| PR | Author | Title | -| ------------------------------------------------------ | ---------------------------------- | ------------------------------------------------------ | -|[#339](https://github.com/elastic/helm-charts/pull/339) | [@jmlrt](https://github.com/jmlrt) | Allow adding additional labels to Metricbeat Daemonset | - - -## 7.4.0 - 2019/10/01 - -* 7.4.0 as the default stack version -* Helm-tester Docker image migrated to Python 3 in [#297](https://github.com/elastic/helm-charts/pull/297) [@jmlrt](https://github.com/jmlrt) -* Helm-tester Python dependencies freeze in [#309](https://github.com/elastic/helm-charts/pull/309) [@jmlrt](https://github.com/jmlrt) - -### Elasticsearch - -| PR | Author | Title | -| ------------------------------------------------------- | -------------------------------------------------- | ----------------------------------------------------------------------------------- | -|[#296](https://github.com/elastic/helm-charts/pull/296) | [@jmlrt](https://github.com/jmlrt) | Fix "; \" when there is no additional command in the Makefiles | -|[#298](https://github.com/elastic/helm-charts/pull/298) | [@floretan](https://github.com/floretan) | Make it possible to override the endpoint template. | -|[#263](https://github.com/elastic/helm-charts/pull/263) | [@Crazybus](https://github.com/Crazybus) | Add working examples for running Elasticsearch and Kibana on OpenShift | -|[#301](https://github.com/elastic/helm-charts/pull/301) | [@ravishivt](https://github.com/ravishivt) | Fix bug in keystore initContainer | - -### Kibana - -| PR | Author | Title | -| ------------------------------------------------------- | -------------------------------------------------- | ----------------------------------------------------------------------------------- | -|[#295](https://github.com/elastic/helm-charts/pull/295) | [@karlbohlmark](https://github.com/karlbohlmark) | Allow configuring lifecycle events | -|[#263](https://github.com/elastic/helm-charts/pull/263) | [@Crazybus](https://github.com/Crazybus) | Add working examples for running Elasticsearch and Kibana on OpenShift | -|[#303](https://github.com/elastic/helm-charts/pull/303) | [@code-chris](https://github.com/code-chris) | Add compatibility for k8s 1.16 and change min k8s version due to ingress apiVersion | - - -### Filebeat - -| PR | Author | Title | -| ------------------------------------------------------- | -------------------------------------------------- | ----------------------------------------------------------------------------------- | -|[#304](https://github.com/elastic/helm-charts/pull/304) | [@code-chris](https://github.com/code-chris) | Change min k8s version due to daemonset apiVersion | - -### Metricbeat - -| PR | Author | Title | -| ------------------------------------------------------- | -------------------------------------------------- | ----------------------------------------------------------------------------------- | -| [#310](https://github.com/elastic/helm-charts/pull/310) | [@Crazybus](https://github.com/Crazybus) | Make cluster role rules configurable | -|[#305](https://github.com/elastic/helm-charts/pull/305) | [@code-chris](https://github.com/code-chris) | Change min k8s version due to used apiVersions | - - -## 7.3.2 - 2019/09/19 - -* 7.3.2 as the default stack version -* Testing of GKE for 1.11 dropped and 1.14 added [#287](https://github.com/elastic/helm-charts/pull/287) -* Make helper scripts python3 compatible [#255](https://github.com/elastic/helm-charts/pull/255) [@cclauss](https://github.com/cclauss) - -### Elasticsearch - -| PR | Author | Title | -| ------------------------------------------------------- | -------------------------------------------------- | --------------------------------------------------------------------------- | -| [#238](https://github.com/elastic/helm-charts/pull/238) | [@Crazybus](https://github.com/Crazybus) | Update documentation and defaults for tmpl values | -| [#245](https://github.com/elastic/helm-charts/pull/245) | [@skitle](https://github.com/skitle) | Fixed indent on elasticsearch extraVolumes tpl. Was causing parsing errors. | -| [#250](https://github.com/elastic/helm-charts/pull/250) | [@tanordheim](https://github.com/tanordheim) | Update priorityClassName default values in READMEs | -| [#261](https://github.com/elastic/helm-charts/pull/261) | [@Crazybus](https://github.com/Crazybus) | Bump google terraform provider to the latest | -| [#154](https://github.com/elastic/helm-charts/pull/154) | [@Crazybus](https://github.com/Crazybus) | Keystore integration | -| [#290](https://github.com/elastic/helm-charts/pull/290) | [@Crazybus](https://github.com/Crazybus) | Drop version from chart label in service | -| [#270](https://github.com/elastic/helm-charts/pull/270) | [@GreenKnight15](https://github.com/GreenKnight15) | ES Variable Port Name | -| [#259](https://github.com/elastic/helm-charts/pull/259) | [@Crazybus](https://github.com/Crazybus) | Set default runAsUser for pod security context | -| [#265](https://github.com/elastic/helm-charts/pull/265) | [@maximelenair](https://github.com/maximelenair) | Hardening of the pod permissions. | - -### Kibana - -| PR | Author | Title | -| ------------------------------------------------------- | -------------------------------------------- | -------------------------------------------------- | -| [#250](https://github.com/elastic/helm-charts/pull/250) | [@tanordheim](https://github.com/tanordheim) | Update priorityClassName default values in READMEs | -| [#268](https://github.com/elastic/helm-charts/pull/268) | [@accek](https://github.com/accek) | fixed bogus request of 500 millibytes mem | -| [#272](https://github.com/elastic/helm-charts/pull/272) | [@rccrdpccl](https://github.com/rccrdpccl) | use same env variable as application | -| [#291](https://github.com/elastic/helm-charts/pull/291) | [@Crazybus](https://github.com/Crazybus) | Explicitly test for a 200 for readinessProbe | - -### Filebeat - -| PR | Author | Title | -| ------------------------------------------------------- | -------------------------------------------- | -------------------------------------------------- | -| [#243](https://github.com/elastic/helm-charts/pull/243) | [@Crazybus](https://github.com/Crazybus) | Add configurable nodeSelector and affinity spec | -| [#248](https://github.com/elastic/helm-charts/pull/248) | [@tanordheim](https://github.com/tanordheim) | Add priorityClassName to filebeat chart | -| [#250](https://github.com/elastic/helm-charts/pull/250) | [@tanordheim](https://github.com/tanordheim) | Update priorityClassName default values in READMEs | - -### Metricbeat - -| PR | Author | Title | -| ------------------------------------------------------- | ---------------------------------------- | ---------------------------------------------------- | -| [#243](https://github.com/elastic/helm-charts/pull/243) | [@Crazybus](https://github.com/Crazybus) | Add configurable nodeSelector and affinity spec | -| [#251](https://github.com/elastic/helm-charts/pull/251) | [@Crazybus](https://github.com/Crazybus) | Fix default configuration for kubernetes module | -| [#289](https://github.com/elastic/helm-charts/pull/289) | [@Crazybus](https://github.com/Crazybus) | Remove default kube static metrics host to avoid co… | -| [#254](https://github.com/elastic/helm-charts/pull/254) | [@Azuka](https://github.com/Azuka) | Enable events access to cluster role | - - -## 7.3.0 - 2019/07/31 - -* 7.3.0 as the default stack version - -### Elasticsearch -| PR | Author | Title | -| ------------------------------------------------------- | ---------------------------------------------------------- | ------------------------------------------------------------------------- | -| [#226](https://github.com/elastic/helm-charts/pull/226) | [@MichaelMarieJulie](https://github.com/MichaelMarieJulie) | Add configurable pods labels | -| [#237](https://github.com/elastic/helm-charts/pull/237) | [@MichaelSp](https://github.com/MichaelSp) | Add back `service.alpha.kubernetes.io/tolerate-unready-endpoints: "true"` | - -### Kibana -| PR | Author | Title | -| ------------------------------------------------------- | ------------------------------------------ | ----------------------------------- | -| [#225](https://github.com/elastic/helm-charts/pull/225) | [@plumcraft](https://github.com/plumcraft) | Add configurable pod labels | -| [#230](https://github.com/elastic/helm-charts/pull/230) | [@Crazybus](https://github.com/Crazybus) | Add subPath support to secretMounts | - - -## 7.2.1-0 - 2019/07/18 - -* [#195](https://github.com/elastic/helm-charts/pull/195) - @cclauss - Initial steps started to move all python2 code to python3 -* [#205](https://github.com/elastic/helm-charts/pull/205) - @Crazybus - Fixup and improve security example documentation - - -### Elasticsearch - -* [#171](https://github.com/elastic/helm-charts/pull/171) - @naseemkullah - Run Elasticsearch as a non-root user -* [#197](https://github.com/elastic/helm-charts/pull/197) - @tetianakravchenko - Add option to provide custom start/stop hooks -* [#206](https://github.com/elastic/helm-charts/pull/206) - @Crazybus - Automatically detect esMajorVersion for default images -* [#203](https://github.com/elastic/helm-charts/pull/203) - @Crazybus - Add testing for security context -* [#220](https://github.com/elastic/helm-charts/pull/220) - @JorisAndrade - Add option to disable sysctlInitContainer - -### Kibana - -* [#204](https://github.com/elastic/helm-charts/pull/204) - @Crazybus - Make imagePullPolicy actually do something -* [#210](https://github.com/elastic/helm-charts/pull/210) - @cliedeman - Add Kibana pod annotations -* [#217](https://github.com/elastic/helm-charts/pull/217) - @Crazybus - Update healthCheckPath to mention basePath usage - -### Filebeat - -* [#214](https://github.com/elastic/helm-charts/pull/214) - @dugouchet - Add additional labels - -### Metricbeat - -* [#127](https://github.com/elastic/helm-charts/pull/127) - @Crazybus - Add metricbeat chart -* [#128](https://github.com/elastic/helm-charts/pull/128) - @Crazybus - Add ci jobs for metricbeat - - -## 7.2.0 - 2019/07/01 - -* 7.2.0 as the default stack version -* Updated the beta status messaging and added proper descriptions to each chart [#158](https://github.com/elastic/helm-charts/pull/158) -* Add GKE 1.13 to automated testing suite [#169](https://github.com/elastic/helm-charts/pull/169) and [#181](https://github.com/elastic/helm-charts/pull/181) - -### Elasticsearch - -* [#123](https://github.com/elastic/helm-charts/pull/123) - @kimxogus - Make the service configurable -* [#141](https://github.com/elastic/helm-charts/pull/141) - @satchpx - Add capability to specify alternate scheduler -* [#161](https://github.com/elastic/helm-charts/pull/161) - @Crazybus - Add configurable nodePort to the service spec -* [#170](https://github.com/elastic/helm-charts/pull/170) - @Crazybus - Update security example docs to match reality -* [#182](https://github.com/elastic/helm-charts/pull/182) - @hxquangnhat - Fix secretName field for secretMounts -* [#186](https://github.com/elastic/helm-charts/pull/186) - @Crazybus - Fix pvc annotations with multiple fields -* [#189](https://github.com/elastic/helm-charts/pull/189) - @gnatpat - Add resources to sidecar container - -### Kibana - -* [#160](https://github.com/elastic/helm-charts/pull/160) - @Crazybus - Add configurable nodePort to the service spec -* [#168](https://github.com/elastic/helm-charts/pull/168) - @Crazybus - Always set server.host to the docker default -* [#172](https://github.com/elastic/helm-charts/pull/172) - @naseemkullah - Run Kibana as the non-root kibana user (1000) -* [#182](https://github.com/elastic/helm-charts/pull/182) - @hxquangnhat - Fix secretName field for secretMounts -* [#184](https://github.com/elastic/helm-charts/pull/184) - @diegofernandes - Fix wildcard support for ingress - -### Filebeat - -* [#182](https://github.com/elastic/helm-charts/pull/182) - @hxquangnhat - Fix secretName field for secretMounts -* [#188](https://github.com/elastic/helm-charts/pull/188) - @cclauss - Fix octal literal to work in both Python 2 and Python 3 - - -## 7.1.1 - 2019/06/07 - -* 7.1.1 as the default stack version -* Helm 2.14.0 as the tested version. Helm 2.14.0 has some extra validation built in which caused an issue with an [invalid field in the filebeat chart](https://github.com/elastic/helm-charts/issues/136). - -### Elasticsearch - -* [#146](https://github.com/elastic/helm-charts/pull/146) - @Crazybus - Add instructions for how to enable snapshots - -### Kibana - -* [#151](https://github.com/elastic/helm-charts/pull/151) - @natebwangsut - Added an option to add annotations(s) to service resource - -### Filebeat - -* [#140](https://github.com/elastic/helm-charts/pull/140) - @Crazybus - Remove fsGroup from container level security context - - -## 7.1.0 - 2019/05/21 - -* 7.1.0 as the default stack version -* Promotion from alpha to beta status -* Filebeat chart added - -### Elasticsearch - -* [#119](https://github.com/elastic/helm-charts/pull/119) - @kimxogus - Wait for new master election before stopping the pod to prevent master status being temporarily lost during rolling upgrades #63 -* [#109](https://github.com/elastic/helm-charts/pull/109) - @lancespeelmon - Add support for k8s priorityclass - -### Kibana - -* [#109](https://github.com/elastic/helm-charts/pull/109) - @lancespeelmon - Add support for k8s priorityclass -* [#134](https://github.com/elastic/helm-charts/pull/134) - @Crazybus - Explicitly set the targetPort to the defined http port - -### Filebeat - -* [#117](https://github.com/elastic/helm-charts/pull/117) - @tylerjl - Add initial filebeat chart -* [#122](https://github.com/elastic/helm-charts/pull/122) - @Crazybus - Add ci jobs for filebeat -* [#121](https://github.com/elastic/helm-charts/pull/121) - @Crazybus - Add integration tests and other tweaks -* [#129](https://github.com/elastic/helm-charts/pull/129) - @tylerjl - Add usage notes for filebeat - - -## 7.0.1-alpha1 - 2019/05/01 - -* 7.0.1 as the default stack version -* [Contributing guide](https://github.com/elastic/helm-charts/blob/master/CONTRIBUTING.md), [release process](https://github.com/elastic/helm-charts/blob/master/helpers/release.md), [changelog](https://github.com/elastic/helm-charts/blob/master/CHANGELOG.md) and [issue templates](https://github.com/elastic/helm-charts/tree/master/.github/ISSUE_TEMPLATE) added in [#111](https://github.com/elastic/helm-charts/pull/111) -* Automated testing for Kubernetes 1.10 dropped because it is no longer available in GKE -* Helm client version bumped to 2.13.1 - -### Elasticsearch - -* [#100](https://github.com/elastic/helm-charts/pull/100) - @kuisathaverat - Remove deprecated zen ping unicast hosts setting -* [#114](https://github.com/elastic/helm-charts/pull/114) - @Crazybus - Make persistent volumes optional -* [#115](https://github.com/elastic/helm-charts/pull/115) - @Crazybus - Added an integration test for upgrading from the previous release and testing rolling upgrades - -### Kibana - -* [#107](https://github.com/elastic/helm-charts/pull/107) - @Crazybus - Make the health check path configurable to support webroots and other customizations. - - -## 7.0.0-alpha1 - 2019/04/17 - -* [#96](https://github.com/elastic/helm-charts/pull/96) - @Crazybus - 7.0.0 as the default stack version - -### Elasticsearch - -* [#94](https://github.com/elastic/helm-charts/pull/94) - @kimxogus - Remove hardcoded storageClassName - -### Notes - -If you were using the default Elasticsearch version from the previous release (6.6.2-alpha1) you will first need to upgrade to Elasticsearch 6.7.1 before being able to upgrade to 7.0.0. You can do this by adding this to your values file: - -``` -esMajorVersion: 6 -imageTag: 6.7.1 -``` - -If you are upgrading an existing cluster that did not override the default `storageClassName` you will now need to specify the `storageClassName`. This only affects existing clusters and was changed in https://github.com/elastic/helm-charts/pull/94. The advantage of this is that now the helm chart will just use the default storageClassName rather than needing to override it for any providers where it is not called `standard`. - -``` -volumeClaimTemplate: - storageClassName: "standard" -``` diff --git a/apm-server/Chart.yaml b/apm-server/Chart.yaml index ec49a79da..0454d9152 100755 --- a/apm-server/Chart.yaml +++ b/apm-server/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: apm-server -version: 7.6.2 -appVersion: 7.6.2 +version: 7.7.0-SNAPSHOT +appVersion: 7.7.0-SNAPSHOT sources: - https://github.com/elastic/apm icon: https://helm.elastic.co/icons/apm.png diff --git a/apm-server/README.md b/apm-server/README.md index 8e2e9381f..768e09aa3 100644 --- a/apm-server/README.md +++ b/apm-server/README.md @@ -14,6 +14,7 @@ This helm chart is a lightweight way to configure and run our official * [Helm](https://helm.sh/) >= 2.8.0 ## Usage notes and getting started + * The default APM Server configuration file for this chart is configured to use an Elasticsearch endpoint as configured by the rest of these helm charts. This can easily be overridden in the config value `apmConfig.apm-server.yml`. @@ -21,44 +22,35 @@ easily be overridden in the config value `apmConfig.apm-server.yml`. ## Installing +This chart is tested with the latest 7.7.x versions. + * Add the elastic helm charts repo - ``` + + ```bash helm repo add elastic https://helm.elastic.co ``` -* Install it - ``` - helm install --name apm-server elastic/apm-server - ``` -### Using master branch +* Install the latest 7.7 release -* Clone the git repo - ``` - git clone git@github.com:elastic/helm-charts.git - ``` -* Install it + ```bash + helm install --name apm-server elastic/apm-server --version=7.7.0 ``` - helm install --name apm-server ./helm-charts/apm-server - ``` - -## Compatibility -This chart is tested with the latest supported versions. The currently tested versions are: +### Using the 7.7 branch -| 6.x | 7.x | -| ----- | ----- | -| 6.8.8 | 7.6.2 | +* Clone the git repo and checkout the right branch -Examples of installing older major versions can be found in the -[examples](https://github.com/elastic/helm-charts/tree/master/apm-server/examples) directory. + ```bash + git clone git@github.com:elastic/helm-charts.git + cd helm-charts + git checkout -b 7.7 origin/7.7 + ``` -While only the latest releases are tested, it is possible to easily install old -or new releases by overriding the `imageTag`. To install version `7.6.2` of APM -Server it would look like this: +* Install the latest 7.7.x-SNAPSHOT -``` -helm install --name apm-server elastic/apm-server --set imageTag=7.6.2 -``` + ```bash + helm install --name apm-server ./helm-charts/apm-server + ``` ## Configuration @@ -72,7 +64,7 @@ helm install --name apm-server elastic/apm-server --set imageTag=7.6.2 | `extraVolumeMounts` | List of additional volumeMounts | `[]` | | `extraVolumes` | List of additional volumes | `[]` | | `image` | The APM Server docker image | `docker.elastic.co/apm/apm-server` | -| `imageTag` | The APM Server docker image tag | `7.6.2` | +| `imageTag` | The APM Server docker image tag | `7.7.0-SNAPSHOT` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy](https://kubernetes.io/docs/concepts/containers/images/#updating-images) value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret) so that you can use a private registry for your image | `[]` | | `managedServiceAccount` | Whether the `serviceAccount` should be managed by this helm chart. Set this to `false` in order to manage your own service account and related roles. | `true` | diff --git a/apm-server/examples/6.x/Makefile b/apm-server/examples/6.x/Makefile deleted file mode 100644 index 539cc2548..000000000 --- a/apm-server/examples/6.x/Makefile +++ /dev/null @@ -1,15 +0,0 @@ -default: test -include ../../../helpers/examples.mk - -RELEASE := helm-es-apm-six - -install: - helm upgrade --wait --timeout=600 --install $(RELEASE) --values ./values.yaml ../../ - -restart: - helm upgrade --set terminationGracePeriod=121 --wait --timeout=600 --install $(RELEASE) --values ./values.yaml ../../ - -test: install goss - -purge: - helm del --purge $(RELEASE) diff --git a/apm-server/examples/6.x/test/goss.yaml b/apm-server/examples/6.x/test/goss.yaml deleted file mode 100644 index 27a58f3b2..000000000 --- a/apm-server/examples/6.x/test/goss.yaml +++ /dev/null @@ -1,6 +0,0 @@ -http: - http://localhost:8200?pretty: - status: 200 - timeout: 2000 - body: - - '6.8.8' diff --git a/apm-server/examples/6.x/values.yaml b/apm-server/examples/6.x/values.yaml deleted file mode 100644 index 172a29f65..000000000 --- a/apm-server/examples/6.x/values.yaml +++ /dev/null @@ -1 +0,0 @@ -imageTag: "6.8.8" diff --git a/apm-server/examples/default/test/goss.yaml b/apm-server/examples/default/test/goss.yaml index 6fa5b0792..2dc9067df 100644 --- a/apm-server/examples/default/test/goss.yaml +++ b/apm-server/examples/default/test/goss.yaml @@ -3,4 +3,4 @@ http: status: 200 timeout: 2000 body: - - '7.6.2' + - '7.7.0' diff --git a/apm-server/examples/oss/test/goss.yaml b/apm-server/examples/oss/test/goss.yaml index 6fa5b0792..2dc9067df 100644 --- a/apm-server/examples/oss/test/goss.yaml +++ b/apm-server/examples/oss/test/goss.yaml @@ -3,4 +3,4 @@ http: status: 200 timeout: 2000 body: - - '7.6.2' + - '7.7.0' diff --git a/apm-server/examples/security/test/goss.yaml b/apm-server/examples/security/test/goss.yaml index 6fa5b0792..2dc9067df 100644 --- a/apm-server/examples/security/test/goss.yaml +++ b/apm-server/examples/security/test/goss.yaml @@ -3,4 +3,4 @@ http: status: 200 timeout: 2000 body: - - '7.6.2' + - '7.7.0' diff --git a/apm-server/values.yaml b/apm-server/values.yaml index f1af513ee..497a9e6bf 100755 --- a/apm-server/values.yaml +++ b/apm-server/values.yaml @@ -55,7 +55,7 @@ extraVolumes: [] # emptyDir: {} image: "docker.elastic.co/apm/apm-server" -imageTag: "7.6.2" +imageTag: "7.7.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" imagePullSecrets: [] diff --git a/elasticsearch/Chart.yaml b/elasticsearch/Chart.yaml index ba269ffc9..38a824234 100755 --- a/elasticsearch/Chart.yaml +++ b/elasticsearch/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: elasticsearch -version: 7.6.2 -appVersion: 7.6.2 +version: 7.7.0-SNAPSHOT +appVersion: 7.7.0-SNAPSHOT sources: - https://github.com/elastic/elasticsearch icon: https://helm.elastic.co/icons/elasticsearch.png diff --git a/elasticsearch/README.md b/elasticsearch/README.md index 6b380b57f..9482aa93f 100644 --- a/elasticsearch/README.md +++ b/elasticsearch/README.md @@ -48,43 +48,36 @@ If you currently have a cluster deployed with the [helm/charts stable](https://g ## Installing -### Using Helm repository +This chart is tested with the latest 7.7.x versions. * Add the elastic helm charts repo - ``` + + ```bash helm repo add elastic https://helm.elastic.co ``` -* Install it - ``` - helm install --name elasticsearch elastic/elasticsearch - ``` -### Using master branch +* Install the latest 7.7 release -* Clone the git repo - ``` - git clone git@github.com:elastic/helm-charts.git - ``` -* Install it - ``` - helm install --name elasticsearch ./helm-charts/elasticsearch + ```bash + helm install --name elasticsearch elastic/elasticsearch --version=7.7.0 ``` -## Compatibility +### Using the 7.7 branch -This chart is tested with the latest supported versions. The currently tested versions are: +* Clone the git repo and checkout the right branch -| 6.x | 7.x | -| ----- | ----- | -| 6.8.8 | 7.6.2 | + ```bash + git clone git@github.com:elastic/helm-charts.git + cd helm-charts + git checkout -b 7.7 origin/7.7 + ``` -Examples of installing older major versions can be found in the [examples](https://github.com/elastic/helm-charts/tree/master/elasticsearch/examples) directory. +* Install the latest 7.7.x-SNAPSHOT -While only the latest releases are tested, it is possible to easily install old or new releases by overriding the `imageTag`. To install version `7.6.2` of Elasticsearch it would look like this: + ```bash + helm install --name elasticsearch ./helm-charts/elasticsearch + ``` -``` -helm install --name elasticsearch elastic/elasticsearch --set imageTag=7.6.2 -``` ## Configuration @@ -105,7 +98,7 @@ helm install --name elasticsearch elastic/elasticsearch --set imageTag=7.6.2 | `extraInitContainers` | Templatable string of additional init containers to be passed to the `tpl` function | `""` | | `secretMounts` | Allows you easily mount a secret as a file inside the statefulset. Useful for mounting certificates and other secrets. See [values.yaml](https://github.com/elastic/helm-charts/tree/master/elasticsearch/values.yaml) for an example | `[]` | | `image` | The Elasticsearch docker image | `docker.elastic.co/elasticsearch/elasticsearch` | -| `imageTag` | The Elasticsearch docker image tag | `7.6.2` | +| `imageTag` | The Elasticsearch docker image tag | `7.7.0-SNAPSHOT` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy](https://kubernetes.io/docs/concepts/containers/images/#updating-images) value | `IfNotPresent` | | `podAnnotations` | Configurable [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) applied to all Elasticsearch pods | `{}` | | `labels` | Configurable [label](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/) applied to all Elasticsearch pods | `{}` | diff --git a/elasticsearch/examples/6.x/Makefile b/elasticsearch/examples/6.x/Makefile deleted file mode 100644 index 2020d4a04..000000000 --- a/elasticsearch/examples/6.x/Makefile +++ /dev/null @@ -1,15 +0,0 @@ -default: test -include ../../../helpers/examples.mk - -RELEASE := helm-es-six - -install: - helm upgrade --wait --timeout=600 --install $(RELEASE) --values ./values.yaml ../../ - -restart: - helm upgrade --set terminationGracePeriod=121 --wait --timeout=600 --install $(RELEASE) --values ./values.yaml ../../ - -test: install goss - -purge: - helm del --purge $(RELEASE) diff --git a/elasticsearch/examples/6.x/test/goss.yaml b/elasticsearch/examples/6.x/test/goss.yaml deleted file mode 100644 index 7f313f6c0..000000000 --- a/elasticsearch/examples/6.x/test/goss.yaml +++ /dev/null @@ -1,17 +0,0 @@ -http: - http://localhost:9200/_cluster/health: - status: 200 - timeout: 2000 - body: - - 'green' - - '"number_of_nodes":3' - - '"number_of_data_nodes":3' - - http://localhost:9200: - status: 200 - timeout: 2000 - body: - - '"number" : "6.8.8"' - - '"cluster_name" : "six"' - - '"name" : "six-master-0"' - - 'You Know, for Search' diff --git a/elasticsearch/examples/6.x/values.yaml b/elasticsearch/examples/6.x/values.yaml deleted file mode 100644 index 4f41dfb9f..000000000 --- a/elasticsearch/examples/6.x/values.yaml +++ /dev/null @@ -1,4 +0,0 @@ ---- - -clusterName: "six" -imageTag: "6.8.8" diff --git a/elasticsearch/examples/default/test/goss.yaml b/elasticsearch/examples/default/test/goss.yaml index f5342e77a..272064e29 100644 --- a/elasticsearch/examples/default/test/goss.yaml +++ b/elasticsearch/examples/default/test/goss.yaml @@ -15,7 +15,7 @@ http: status: 200 timeout: 2000 body: - - '"number" : "7.6.2"' + - '"number" : "7.7.0-SNAPSHOT"' - '"cluster_name" : "elasticsearch"' - '"name" : "elasticsearch-master-0"' - 'You Know, for Search' diff --git a/elasticsearch/examples/openshift/test/goss.yaml b/elasticsearch/examples/openshift/test/goss.yaml index 6cb0d4ec4..b6141d4b9 100644 --- a/elasticsearch/examples/openshift/test/goss.yaml +++ b/elasticsearch/examples/openshift/test/goss.yaml @@ -11,7 +11,7 @@ http: status: 200 timeout: 2000 body: - - '"number" : "7.6.2"' + - '"number" : "7.7.0"' - '"cluster_name" : "elasticsearch"' - '"name" : "elasticsearch-master-0"' - 'You Know, for Search' diff --git a/elasticsearch/examples/oss/test/goss.yaml b/elasticsearch/examples/oss/test/goss.yaml index 2bdb34ad1..8240c8c84 100644 --- a/elasticsearch/examples/oss/test/goss.yaml +++ b/elasticsearch/examples/oss/test/goss.yaml @@ -11,7 +11,7 @@ http: status: 200 timeout: 2000 body: - - '"number" : "7.6.2"' + - '"number" : "7.7.0-SNAPSHOT"' - '"cluster_name" : "oss"' - '"name" : "oss-master-0"' - 'You Know, for Search' diff --git a/elasticsearch/examples/upgrade/test/goss.yaml b/elasticsearch/examples/upgrade/test/goss.yaml index b6eb31e16..4f062c242 100644 --- a/elasticsearch/examples/upgrade/test/goss.yaml +++ b/elasticsearch/examples/upgrade/test/goss.yaml @@ -11,7 +11,7 @@ http: status: 200 timeout: 2000 body: - - '"number" : "7.6.2"' + - '"number" : "7.7.0-SNAPSHOT"' - '"cluster_name" : "upgrade"' - '"name" : "upgrade-master-0"' - 'You Know, for Search' diff --git a/elasticsearch/templates/NOTES.txt b/elasticsearch/templates/NOTES.txt index 825696886..3841adafc 100755 --- a/elasticsearch/templates/NOTES.txt +++ b/elasticsearch/templates/NOTES.txt @@ -1,4 +1,4 @@ 1. Watch all cluster members come up. $ kubectl get pods --namespace={{ .Release.Namespace }} -l app={{ template "elasticsearch.uname" . }} -w 2. Test cluster health using Helm test. - $ helm test {{ .Release.Name }} --namespace={{ .Release.Namespace }} + $ helm test {{ .Release.Name }} --cleanup diff --git a/elasticsearch/values.yaml b/elasticsearch/values.yaml index 4486d53c2..f8e633188 100755 --- a/elasticsearch/values.yaml +++ b/elasticsearch/values.yaml @@ -43,7 +43,7 @@ secretMounts: [] # path: /usr/share/elasticsearch/config/certs image: "docker.elastic.co/elasticsearch/elasticsearch" -imageTag: "7.6.2" +imageTag: "7.7.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" podAnnotations: {} diff --git a/filebeat/Chart.yaml b/filebeat/Chart.yaml index 1e810b5a5..e5891a665 100755 --- a/filebeat/Chart.yaml +++ b/filebeat/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: filebeat -version: 7.6.2 -appVersion: 7.6.2 +version: 7.7.0-SNAPSHOT +appVersion: 7.7.0-SNAPSHOT sources: - https://github.com/elastic/beats icon: https://helm.elastic.co/icons/beats.png diff --git a/filebeat/README.md b/filebeat/README.md index 388c09b68..f3525f42e 100644 --- a/filebeat/README.md +++ b/filebeat/README.md @@ -16,43 +16,35 @@ This helm chart is a lightweight way to configure and run our official [Filebeat ## Installing -### Using Helm repository +This chart is tested with the latest 7.7.x versions. * Add the elastic helm charts repo - ``` + + ```bash helm repo add elastic https://helm.elastic.co ``` -* Install it - ``` - helm install --name filebeat elastic/filebeat - ``` -### Using master branch +* Install the latest 7.7 release -* Clone the git repo - ``` - git clone git@github.com:elastic/helm-charts.git - ``` -* Install it - ``` - helm install --name filebeat ./helm-charts/filebeat + ```bash + helm install --name filebeat elastic/filebeat --version=7.7.0 ``` -## Compatibility - -This chart is tested with the latest supported versions. The currently tested versions are: +### Using the 7.7 branch -| 6.x | 7.x | -| ----- | ----- | -| 6.8.8 | 7.6.2 | +* Clone the git repo and checkout the right branch -Examples of installing older major versions can be found in the [examples](https://github.com/elastic/helm-charts/tree/master/filebeat/examples) directory. + ```bash + git clone git@github.com:elastic/helm-charts.git + cd helm-charts + git checkout -b 7.7 origin/7.7 + ``` -While only the latest releases are tested, it is possible to easily install old or new releases by overriding the `imageTag`. To install version `7.6.2` of Filebeat it would look like this: +* Install the latest 7.7.x-SNAPSHOT -``` -helm install --name filebeat elastic/filebeat --set imageTag=7.6.2 -``` + ```bash + helm install --name filebeat ./helm-charts/filebeat + ``` ## Configuration @@ -68,7 +60,7 @@ helm install --name filebeat elastic/filebeat --set imageTag=7.6.2 | `hostPathRoot` | Fully-qualified [hostPath](https://kubernetes.io/docs/concepts/storage/volumes/#hostpath) that will be used to persist Filebeat registry data | `/var/lib` | | `hostNetworking` | Use host networking in the daemonset so that hostname is reported correctly | `false` | | `image` | The Filebeat docker image | `docker.elastic.co/beats/filebeat` | -| `imageTag` | The Filebeat docker image tag | `7.6.2` | +| `imageTag` | The Filebeat docker image tag | `7.7.0-SNAPSHOT` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy](https://kubernetes.io/docs/concepts/containers/images/#updating-images) value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret) so that you can use a private registry for your image | `[]` | | `managedServiceAccount` | Whether the `serviceAccount` should be managed by this helm chart. Set this to `false` in order to manage your own service account and related roles. | `true` | diff --git a/filebeat/examples/6.x/Makefile b/filebeat/examples/6.x/Makefile deleted file mode 100644 index 34bc979b4..000000000 --- a/filebeat/examples/6.x/Makefile +++ /dev/null @@ -1,13 +0,0 @@ -default: test - -include ../../../helpers/examples.mk - -RELEASE := helm-filebeat-six - -install: - helm upgrade --wait --timeout=600 --install $(RELEASE) --values values.yaml ../../ - -test: install goss - -purge: - helm del --purge $(RELEASE) diff --git a/filebeat/examples/6.x/test/goss.yaml b/filebeat/examples/6.x/test/goss.yaml deleted file mode 100644 index 1d43bc0d4..000000000 --- a/filebeat/examples/6.x/test/goss.yaml +++ /dev/null @@ -1,21 +0,0 @@ -port: - tcp:5066: - listening: true - ip: - - '127.0.0.1' - -mount: - /usr/share/filebeat/data: - exists: true -user: - filebeat: - exists: true - uid: 1000 - gid: 1000 - -http: - http://six-master:9200/_cat/indices: - status: 200 - timeout: 2000 - body: - - 'filebeat-6.8.8' diff --git a/filebeat/examples/6.x/values.yaml b/filebeat/examples/6.x/values.yaml deleted file mode 100644 index 96987de4d..000000000 --- a/filebeat/examples/6.x/values.yaml +++ /dev/null @@ -1,5 +0,0 @@ -imageTag: 6.8.8 - -extraEnvs: - - name: ELASTICSEARCH_HOSTS - value: six-master:9200 diff --git a/filebeat/examples/default/test/goss.yaml b/filebeat/examples/default/test/goss.yaml index cdcd95c55..f0c2458e4 100644 --- a/filebeat/examples/default/test/goss.yaml +++ b/filebeat/examples/default/test/goss.yaml @@ -29,7 +29,7 @@ http: status: 200 timeout: 2000 body: - - 'filebeat-7.6.2' + - 'filebeat-7.7.0' file: /usr/share/filebeat/filebeat.yml: @@ -44,4 +44,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: http://elasticsearch-master:9200' - - 'version: 7.6.2' + - 'version: 7.7.0' diff --git a/filebeat/examples/oss/test/goss.yaml b/filebeat/examples/oss/test/goss.yaml index eb677e9f4..7f6925e5b 100644 --- a/filebeat/examples/oss/test/goss.yaml +++ b/filebeat/examples/oss/test/goss.yaml @@ -19,4 +19,4 @@ http: status: 200 timeout: 2000 body: - - 'filebeat-7.6.2' + - 'filebeat-7.7.0' diff --git a/filebeat/examples/security/test/goss.yaml b/filebeat/examples/security/test/goss.yaml index 8aa202587..4f44f46b5 100644 --- a/filebeat/examples/security/test/goss.yaml +++ b/filebeat/examples/security/test/goss.yaml @@ -3,7 +3,7 @@ http: status: 200 timeout: 2000 body: - - 'filebeat-7.6.2' + - 'filebeat-7.7.0' allow-insecure: true username: '{{ .Env.ELASTICSEARCH_USERNAME }}' password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' diff --git a/filebeat/values.yaml b/filebeat/values.yaml index 6405b2c9c..93eb75332 100755 --- a/filebeat/values.yaml +++ b/filebeat/values.yaml @@ -48,7 +48,7 @@ envFrom: [] hostPathRoot: /var/lib hostNetworking: false image: "docker.elastic.co/beats/filebeat" -imageTag: "7.6.2" +imageTag: "7.7.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" imagePullSecrets: [] diff --git a/helpers/bumper.py b/helpers/bumper.py index bd30fc613..0ca195b0c 100755 --- a/helpers/bumper.py +++ b/helpers/bumper.py @@ -20,8 +20,7 @@ os.chdir(os.path.join(os.path.dirname(__file__), "..")) versions = { - 6: os.environ.get("BUMPER_VERSION_6", "6.8.8"), - 7: os.environ.get("BUMPER_VERSION_7", "7.6.2"), + 7: os.environ.get("BUMPER_VERSION_7", "7.7.0-SNAPSHOT"), } chart_version = versions[7] diff --git a/helpers/examples.mk b/helpers/examples.mk index ce46f31ab..26bb0b2a7 100644 --- a/helpers/examples.mk +++ b/helpers/examples.mk @@ -1,7 +1,7 @@ GOSS_VERSION := v0.3.6 GOSS_FILE ?= goss.yaml GOSS_SELECTOR ?= release=$(RELEASE) -STACK_VERSION := 7.6.2 +STACK_VERSION := 7.7.0-SNAPSHOT .PHONY: help help: ## Display this help diff --git a/helpers/matrix.yml b/helpers/matrix.yml index 9adef0ddc..3a5871aad 100644 --- a/helpers/matrix.yml +++ b/helpers/matrix.yml @@ -11,32 +11,26 @@ ES_SUITE: - oss - security - upgrade - - 6.x KIBANA_SUITE: - default - oss - security - - 6.x FILEBEAT_SUITE: - default - oss - security - - 6.x METRICBEAT_SUITE: - default - oss - security - - 6.x LOGSTASH_SUITE: - default - oss - elasticsearch - - 6.x APM_SERVER_SUITE: - default - oss - security - - 6.x KUBERNETES_VERSION: - '1.14' - '1.15' diff --git a/kibana/Chart.yaml b/kibana/Chart.yaml index 9d2f3a611..ee49723c3 100755 --- a/kibana/Chart.yaml +++ b/kibana/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: kibana -version: 7.6.2 -appVersion: 7.6.2 +version: 7.7.0-SNAPSHOT +appVersion: 7.7.0-SNAPSHOT sources: - https://github.com/elastic/kibana icon: https://helm.elastic.co/icons/kibana.png diff --git a/kibana/README.md b/kibana/README.md index 0fd5aac95..409849bce 100644 --- a/kibana/README.md +++ b/kibana/README.md @@ -11,43 +11,36 @@ This helm chart is a lightweight way to configure and run our official [Kibana d ## Installing -### Using Helm repository +This chart is tested with the latest 7.7.x versions. * Add the elastic helm charts repo - ``` + + ```bash helm repo add elastic https://helm.elastic.co ``` -* Install it - ``` - helm install --name kibana elastic/kibana - ``` -### Using master branch +* Install the latest 7.7 release -* Clone the git repo - ``` - git clone git@github.com:elastic/helm-charts.git - ``` -* Install it - ``` - helm install --name kibana ./helm-charts/kibana + ```bash + helm install --name kibana elastic/kibana --version=7.7.0 ``` -## Compatibility +### Using the 7.7 branch -This chart is tested with the latest supported versions. The currently tested versions are: +* Clone the git repo and checkout the right branch -| 6.x | 7.x | -| ----- | ----- | -| 6.8.8 | 7.6.2 | + ```bash + git clone git@github.com:elastic/helm-charts.git + cd helm-charts + git checkout -b 7.7 origin/7.7 + ``` -Examples of installing older major versions can be found in the [examples](https://github.com/elastic/helm-charts/tree/master/kibana/examples) directory. +* Install the latest 7.7.x-SNAPSHOT -While only the latest releases are tested, it is possible to easily install old or new releases by overriding the `imageTag`. To install version `7.6.2` of Kibana it would look like this: + ```bash + helm install --name kibana ./helm-charts/kibana + ``` -``` -helm install --name kibana elastic/kibana --set imageTag=7.6.2 -``` ## Configuration @@ -59,7 +52,7 @@ helm install --name kibana elastic/kibana --set imageTag=7.6.2 | `extraEnvs` | Extra [environment variables](https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config) which will be appended to the `env:` definition for the container | `name: NODE_OPTIONS`
`value: "--max-old-space-size=1800"` | | `secretMounts` | Allows you easily mount a secret as a file inside the deployment. Useful for mounting certificates and other secrets. See [values.yaml](https://github.com/elastic/helm-charts/tree/master/kibana/values.yaml) for an example | `[]` | | `image` | The Kibana docker image | `docker.elastic.co/kibana/kibana` | -| `imageTag` | The Kibana docker image tag | `7.6.2` | +| `imageTag` | The Kibana docker image tag | `7.7.0-SNAPSHOT` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy](https://kubernetes.io/docs/concepts/containers/images/#updating-images) value | `IfNotPresent` | | `podAnnotations` | Configurable [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) applied to all Kibana pods | `{}` | | `resources` | Allows you to set the [resources](https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/) for the statefulset | `requests.cpu: 1000m`
`requests.memory: 2Gi`
`limits.cpu: 1000m`
`limits.memory: 2Gi` | diff --git a/kibana/examples/6.x/Makefile b/kibana/examples/6.x/Makefile deleted file mode 100644 index 468e2b84a..000000000 --- a/kibana/examples/6.x/Makefile +++ /dev/null @@ -1,12 +0,0 @@ -default: test -include ../../../helpers/examples.mk - -RELEASE := helm-kibana-six - -install: - helm upgrade --wait --timeout=600 --install --values ./values.yml $(RELEASE) ../../ - -purge: - helm del --purge $(RELEASE) - -test: install goss diff --git a/kibana/examples/6.x/test/goss.yaml b/kibana/examples/6.x/test/goss.yaml deleted file mode 100644 index aea90054d..000000000 --- a/kibana/examples/6.x/test/goss.yaml +++ /dev/null @@ -1,10 +0,0 @@ -http: - http://localhost:5601/api/status: - status: 200 - timeout: 2000 - body: - - '"number":"6.8.8"' - - http://localhost:5601/app/kibana: - status: 200 - timeout: 2000 diff --git a/kibana/examples/6.x/values.yml b/kibana/examples/6.x/values.yml deleted file mode 100644 index 474e0eb39..000000000 --- a/kibana/examples/6.x/values.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- - -imageTag: 6.8.8 -elasticsearchHosts: "http://six-master:9200" diff --git a/kibana/examples/default/test/goss.yaml b/kibana/examples/default/test/goss.yaml index a4ffec234..0fe62169f 100644 --- a/kibana/examples/default/test/goss.yaml +++ b/kibana/examples/default/test/goss.yaml @@ -3,7 +3,7 @@ http: status: 200 timeout: 2000 body: - - '"number":"7.6.2"' + - '"number":"7.7.0"' http://localhost:5601/app/kibana: status: 200 diff --git a/kibana/values.yaml b/kibana/values.yaml index 468a98533..5c30832de 100755 --- a/kibana/values.yaml +++ b/kibana/values.yaml @@ -24,7 +24,7 @@ secretMounts: [] # subPath: kibana.keystore # optional image: "docker.elastic.co/kibana/kibana" -imageTag: "7.6.2" +imageTag: "7.7.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" # additionals labels diff --git a/logstash/Chart.yaml b/logstash/Chart.yaml index 3512dde75..a2466fd6f 100755 --- a/logstash/Chart.yaml +++ b/logstash/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: logstash -version: 7.6.2 -appVersion: 7.6.2 +version: 7.7.0-SNAPSHOT +appVersion: 7.7.0-SNAPSHOT sources: - https://github.com/elastic/logstash icon: https://helm.elastic.co/icons/logstash.png diff --git a/logstash/README.md b/logstash/README.md index c2db20a32..1c8e622ea 100644 --- a/logstash/README.md +++ b/logstash/README.md @@ -20,42 +20,36 @@ This helm chart is a lightweight way to configure and run our official [Logstash ## Installing -### Using Helm repository +This chart is tested with the latest 7.7.x versions. * Add the elastic helm charts repo - ``` + + ```bash helm repo add elastic https://helm.elastic.co ``` -* Install it - ``` - helm install --name logstash elastic/logstash -### Using master branch +* Install the latest 7.7 release -* Clone the git repo - ``` - git clone git@github.com:elastic/helm-charts.git - ``` -* Install it - ``` - helm install --name logstash ./helm-charts/logstash + ```bash + helm install --name logstash elastic/logstash --version=7.7.0 ``` -## Compatibility +### Using the 7.7 branch -This chart is tested with the latest supported versions. The currently tested versions are: +* Clone the git repo and checkout the right branch -| 6.x | 7.x | -| ----- | ----- | -| 6.8.8 | 7.6.2 | + ```bash + git clone git@github.com:elastic/helm-charts.git + cd helm-charts + git checkout -b 7.7 origin/7.7 + ``` -Examples of installing older major versions can be found in the [examples](https://github.com/elastic/helm-charts/tree/master/logstash/examples) directory. +* Install the latest 7.7.x-SNAPSHOT -While only the latest releases are tested, it is possible to easily install old or new releases by overriding the `imageTag`. To install version `7.6.2` of Logstash it would look like this: + ```bash + helm install --name logstash ./helm-charts/logstash + ``` -``` -helm install --name logstash elastic/logstash --set imageTag=7.6.2 -``` ## Configuration @@ -71,7 +65,7 @@ helm install --name logstash elastic/logstash --set imageTag=7.6.2 | `image` | The Logstash docker image | `docker.elastic.co/logstash/logstash` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy](https://kubernetes.io/docs/concepts/containers/images/#updating-images) value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret) so that you can use a private registry for your image | `[]` | -| `imageTag` | The Logstash docker image tag | `7.6.2` | +| `imageTag` | The Logstash docker image tag | `7.7.0-SNAPSHOT` | | `httpPort` | The http port that Kubernetes will use for the healthchecks and the service. | `9600` | | `extraPorts` | An array of extra ports to open on the pod | `[]` | | `labels` | Configurable [labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/) applied to all Logstash pods | `{}` | diff --git a/logstash/examples/6.x/Makefile b/logstash/examples/6.x/Makefile deleted file mode 100644 index b44d6b24d..000000000 --- a/logstash/examples/6.x/Makefile +++ /dev/null @@ -1,16 +0,0 @@ -default: test - -include ../../../helpers/examples.mk - -RELEASE := helm-logstash-six - -install: - helm upgrade --wait --timeout=900 --install $(RELEASE) --values ./values.yaml ../../ - -restart: - helm upgrade --set terminationGracePeriod=121 --wait --timeout=900 --install $(RELEASE) --values ./values.yaml ../../ - -test: install goss - -purge: - helm del --purge $(RELEASE) diff --git a/logstash/examples/6.x/test/goss.yaml b/logstash/examples/6.x/test/goss.yaml deleted file mode 100644 index 3bbfa1f59..000000000 --- a/logstash/examples/6.x/test/goss.yaml +++ /dev/null @@ -1,38 +0,0 @@ -user: - logstash: - exists: true - uid: 1000 - gid: 1000 - -http: - http://localhost:9600?pretty: - status: 200 - timeout: 2000 - body: - - '"host" : "helm-logstash-six-logstash-0"' - - '"version" : "6.8.8"' - - '"http_address" : "0.0.0.0:9600"' - - '"name" : "helm-logstash-six-logstash-0"' - -file: - /usr/share/logstash/config/logstash.yml: - exists: true - mode: "0644" - owner: logstash - group: root - filetype: file - contains: - - 'http.host: "0.0.0.0"' - /usr/share/logstash/pipeline/logstash.conf: - exists: true - mode: "0644" - owner: logstash - group: root - filetype: file - contains: - - 'input {' - - 'beats {' - - 'port => 5044' - - 'output {' - - 'stdout {' - - 'codec => rubydebug' diff --git a/logstash/examples/6.x/values.yaml b/logstash/examples/6.x/values.yaml deleted file mode 100644 index e5484ced7..000000000 --- a/logstash/examples/6.x/values.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- - -imageTag: "6.8.8" diff --git a/logstash/examples/default/test/goss.yaml b/logstash/examples/default/test/goss.yaml index cca0e6378..4a883cf36 100644 --- a/logstash/examples/default/test/goss.yaml +++ b/logstash/examples/default/test/goss.yaml @@ -10,7 +10,7 @@ http: timeout: 2000 body: - '"host" : "helm-logstash-default-logstash-0"' - - '"version" : "7.6.2"' + - '"version" : "7.7.0"' - '"http_address" : "0.0.0.0:9600"' - '"name" : "helm-logstash-default-logstash-0"' - '"status" : "green"' diff --git a/logstash/examples/elasticsearch/test/goss.yaml b/logstash/examples/elasticsearch/test/goss.yaml index 22954f6b0..4e850758c 100644 --- a/logstash/examples/elasticsearch/test/goss.yaml +++ b/logstash/examples/elasticsearch/test/goss.yaml @@ -22,7 +22,7 @@ http: timeout: 2000 body: - '"host" : "helm-logstash-elasticsearch-logstash-0"' - - '"version" : "7.6.2"' + - '"version" : "7.7.0"' - '"http_address" : "0.0.0.0:9600"' - '"name" : "helm-logstash-elasticsearch-logstash-0"' - '"status" : "green"' diff --git a/logstash/examples/oss/test/goss.yaml b/logstash/examples/oss/test/goss.yaml index e3c26c2a7..e1d11d999 100644 --- a/logstash/examples/oss/test/goss.yaml +++ b/logstash/examples/oss/test/goss.yaml @@ -10,7 +10,7 @@ http: timeout: 2000 body: - '"host" : "helm-logstash-oss-logstash-0"' - - '"version" : "7.6.2"' + - '"version" : "7.7.0"' - '"http_address" : "0.0.0.0:9600"' - '"name" : "helm-logstash-oss-logstash-0"' - '"status" : "green"' diff --git a/logstash/values.yaml b/logstash/values.yaml index 412252510..7537f84d9 100755 --- a/logstash/values.yaml +++ b/logstash/values.yaml @@ -33,7 +33,7 @@ extraEnvs: [] secretMounts: [] image: "docker.elastic.co/logstash/logstash" -imageTag: "7.6.2" +imageTag: "7.7.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" imagePullSecrets: [] diff --git a/metricbeat/Chart.yaml b/metricbeat/Chart.yaml index b564a48c1..457bd5f64 100755 --- a/metricbeat/Chart.yaml +++ b/metricbeat/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: metricbeat -version: 7.6.2 -appVersion: 7.6.2 +version: 7.7.0-SNAPSHOT +appVersion: 7.7.0-SNAPSHOT sources: - https://github.com/elastic/beats icon: https://helm.elastic.co/icons/beats.png diff --git a/metricbeat/README.md b/metricbeat/README.md index bf804138f..f95c8bdbb 100644 --- a/metricbeat/README.md +++ b/metricbeat/README.md @@ -25,43 +25,35 @@ The workaround is to use `--force` argument for `helm upgrade` command which wil ## Installing -### Using Helm repository +This chart is tested with the latest 7.7.x versions. * Add the elastic helm charts repo - ``` + + ```bash helm repo add elastic https://helm.elastic.co ``` -* Install it - ``` - helm install --name metricbeat elastic/metricbeat - ``` -### Using master branch +* Install the latest 7.7 release -* Clone the git repo - ``` - git clone git@github.com:elastic/helm-charts.git - ``` -* Install it - ``` - helm install --name metricbeat ./helm-charts/metricbeat + ```bash + helm install --name metricbeat elastic/metricbeat --version=7.7.0 ``` -## Compatibility - -This chart is tested with the latest supported versions. The currently tested versions are: +### Using the 7.7 branch -| 6.x | 7.x | -| ----- | ----- | -| 6.8.8 | 7.6.2 | +* Clone the git repo and checkout the right branch -Examples of installing older major versions can be found in the [examples](https://github.com/elastic/helm-charts/tree/master/metricbeat/examples) directory. + ```bash + git clone git@github.com:elastic/helm-charts.git + cd helm-charts + git checkout -b 7.7 origin/7.7 + ``` -While only the latest releases are tested, it is possible to easily install old or new releases by overriding the `imageTag`. To install version `7.6.2` of metricbeat it would look like this: +* Install the latest 7.7.x-SNAPSHOT -``` -helm install --name metricbeat elastic/metricbeat --set imageTag=7.6.2 -``` + ```bash + helm install --name metricbeat ./helm-charts/metricbeat + ``` ## Configuration @@ -76,7 +68,7 @@ helm install --name metricbeat elastic/metricbeat --set imageTag=7.6.2 | `envFrom` | Templatable string of envFrom to be passed to the [environment from variables](https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables) which will be appended to the `envFrom:` definition for the container | `[]` | | `hostPathRoot` | Fully-qualified [hostPath](https://kubernetes.io/docs/concepts/storage/volumes/#hostpath) that will be used to persist Metricbeat registry data | `/var/lib` | | `image` | The Metricbeat docker image | `docker.elastic.co/beats/metricbeat` | -| `imageTag` | The Metricbeat docker image tag | `7.6.2` | +| `imageTag` | The Metricbeat docker image tag | `7.7.0-SNAPSHOT` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy](https://kubernetes.io/docs/concepts/containers/images/#updating-images) value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret) so that you can use a private registry for your image | `[]` | | `labels` | Configurable [label](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/) applied to all Metricbeat pods | `{}` | diff --git a/metricbeat/examples/6.x/Makefile b/metricbeat/examples/6.x/Makefile deleted file mode 100644 index 05a66d2bc..000000000 --- a/metricbeat/examples/6.x/Makefile +++ /dev/null @@ -1,17 +0,0 @@ -default: test - -include ../../../helpers/examples.mk - -RELEASE := helm-metricbeat-six -GOSS_SELECTOR = release=$(RELEASE),app=helm-metricbeat-six-metricbeat - -install: - helm upgrade --wait --timeout=600 --install $(RELEASE) --values values.yaml ../../ - -purge: - helm del --purge $(RELEASE) - -test-metrics: - GOSS_FILE=goss-metrics.yaml make goss GOSS_SELECTOR=release=$(RELEASE),app=helm-metricbeat-six-metricbeat-metrics - -test: install goss test-metrics diff --git a/metricbeat/examples/6.x/test/goss-metrics.yaml b/metricbeat/examples/6.x/test/goss-metrics.yaml deleted file mode 100644 index 8f60496c0..000000000 --- a/metricbeat/examples/6.x/test/goss-metrics.yaml +++ /dev/null @@ -1,43 +0,0 @@ -port: - tcp:5066: - listening: true - ip: - - '127.0.0.1' - -mount: - /usr/share/metricbeat/kube-state-metrics-metricbeat.yml: - exists: true - opts: - - ro - -user: - metricbeat: - exists: true - uid: 1000 - gid: 1000 - -http: - http://six-master:9200/_cat/indices: - status: 200 - timeout: 2000 - body: - - 'metricbeat-6.8.8' - http://six-master:9200/_search?q=metricset.name:state_deployment: - status: 200 - timeout: 2000 - body: - - 'metricbeat-6.8.8' - -file: - /usr/share/metricbeat/metricbeat.yml: - exists: true - contains: - - 'add_kubernetes_metadata' - - 'output.elasticsearch' - -command: - cd /usr/share/metricbeat && metricbeat test output: - exit-status: 0 - stdout: - - 'elasticsearch: http://six-master:9200' - - 'version: 6.8.8' diff --git a/metricbeat/examples/6.x/test/goss.yaml b/metricbeat/examples/6.x/test/goss.yaml deleted file mode 100644 index 262bc5843..000000000 --- a/metricbeat/examples/6.x/test/goss.yaml +++ /dev/null @@ -1,51 +0,0 @@ -port: - tcp:5066: - listening: true - ip: - - '127.0.0.1' - -mount: - /usr/share/metricbeat/data: - exists: true - /run/docker.sock: - exists: true - /var/lib/docker/containers: - exists: true - opts: - - ro - /usr/share/metricbeat/metricbeat.yml: - exists: true - opts: - - ro - -user: - metricbeat: - exists: true - uid: 1000 - gid: 1000 - -http: - http://six-master:9200/_cat/indices: - status: 200 - timeout: 2000 - body: - - 'metricbeat-6.8.8' - http://six-master:9200/_search?q=metricset.name:container: - status: 200 - timeout: 2000 - body: - - 'metricbeat-6.8.8' - -file: - /usr/share/metricbeat/metricbeat.yml: - exists: true - contains: - - 'add_kubernetes_metadata' - - 'output.elasticsearch' - -command: - cd /usr/share/metricbeat && metricbeat test output: - exit-status: 0 - stdout: - - 'elasticsearch: http://six-master:9200' - - 'version: 6.8.8' diff --git a/metricbeat/examples/6.x/values.yaml b/metricbeat/examples/6.x/values.yaml deleted file mode 100644 index 96987de4d..000000000 --- a/metricbeat/examples/6.x/values.yaml +++ /dev/null @@ -1,5 +0,0 @@ -imageTag: 6.8.8 - -extraEnvs: - - name: ELASTICSEARCH_HOSTS - value: six-master:9200 diff --git a/metricbeat/examples/default/test/goss-metrics.yaml b/metricbeat/examples/default/test/goss-metrics.yaml index e079450d6..f2bca1512 100644 --- a/metricbeat/examples/default/test/goss-metrics.yaml +++ b/metricbeat/examples/default/test/goss-metrics.yaml @@ -21,13 +21,13 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.6.2' + - 'metricbeat-7.7.0' 'http://elasticsearch-master:9200/_search?q=metricset.name:state_container%20AND%20kubernetes.container.name:metricbeat': status: 200 timeout: 2000 body: - - 'metricbeat-7.6.2' + - 'metricbeat-7.7.0' file: /usr/share/metricbeat/metricbeat.yml: @@ -42,4 +42,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: http://elasticsearch-master:9200' - - 'version: 7.6.2' + - 'version: 7.7.0' diff --git a/metricbeat/examples/default/test/goss.yaml b/metricbeat/examples/default/test/goss.yaml index 267b9f7be..1f127101e 100644 --- a/metricbeat/examples/default/test/goss.yaml +++ b/metricbeat/examples/default/test/goss.yaml @@ -29,12 +29,12 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.6.2' + - 'metricbeat-7.7.0' 'http://elasticsearch-master:9200/_search?q=metricset.name:container%20AND%20kubernetes.container.name:metricbeat': status: 200 timeout: 2000 body: - - 'metricbeat-7.6.2' + - 'metricbeat-7.7.0' file: /usr/share/metricbeat/metricbeat.yml: @@ -49,4 +49,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: http://elasticsearch-master:9200' - - 'version: 7.6.2' + - 'version: 7.7.0' diff --git a/metricbeat/examples/oss/test/goss-metrics.yaml b/metricbeat/examples/oss/test/goss-metrics.yaml index 251165a9a..0632f92c5 100644 --- a/metricbeat/examples/oss/test/goss-metrics.yaml +++ b/metricbeat/examples/oss/test/goss-metrics.yaml @@ -21,12 +21,12 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.6.2' + - 'metricbeat-7.7.0' http://oss-master:9200/_search?q=metricset.name:state_deployment: status: 200 timeout: 2000 body: - - 'metricbeat-7.6.2' + - 'metricbeat-7.7.0' file: /usr/share/metricbeat/metricbeat.yml: @@ -40,4 +40,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: http://oss-master:9200' - - 'version: 7.6.2' + - 'version: 7.7.0' diff --git a/metricbeat/examples/oss/test/goss.yaml b/metricbeat/examples/oss/test/goss.yaml index 392daeee2..fe2f045a3 100644 --- a/metricbeat/examples/oss/test/goss.yaml +++ b/metricbeat/examples/oss/test/goss.yaml @@ -29,12 +29,12 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.6.2' + - 'metricbeat-7.7.0' http://oss-master:9200/_search?q=metricset.name:container: status: 200 timeout: 2000 body: - - 'metricbeat-7.6.2' + - 'metricbeat-7.7.0' file: /usr/share/metricbeat/metricbeat.yml: @@ -48,4 +48,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: http://oss-master:9200' - - 'version: 7.6.2' + - 'version: 7.7.0' diff --git a/metricbeat/examples/security/test/goss-metrics.yaml b/metricbeat/examples/security/test/goss-metrics.yaml index 1b8e35c69..52a2a8ab9 100644 --- a/metricbeat/examples/security/test/goss-metrics.yaml +++ b/metricbeat/examples/security/test/goss-metrics.yaml @@ -21,7 +21,7 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.6.2' + - 'metricbeat-7.7.0' allow-insecure: true username: '{{ .Env.ELASTICSEARCH_USERNAME }}' password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' @@ -29,7 +29,7 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.6.2' + - 'metricbeat-7.7.0' allow-insecure: true username: '{{ .Env.ELASTICSEARCH_USERNAME }}' password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' @@ -46,4 +46,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: https://security-master:9200' - - 'version: 7.6.2' + - 'version: 7.7.0' diff --git a/metricbeat/examples/security/test/goss.yaml b/metricbeat/examples/security/test/goss.yaml index b693e5969..23181251d 100644 --- a/metricbeat/examples/security/test/goss.yaml +++ b/metricbeat/examples/security/test/goss.yaml @@ -29,7 +29,7 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.6.2' + - 'metricbeat-7.7.0' allow-insecure: true username: '{{ .Env.ELASTICSEARCH_USERNAME }}' password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' @@ -37,7 +37,7 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.6.2' + - 'metricbeat-7.7.0' allow-insecure: true username: '{{ .Env.ELASTICSEARCH_USERNAME }}' password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' @@ -54,4 +54,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: https://security-master:9200' - - 'version: 7.6.2' + - 'version: 7.7.0' diff --git a/metricbeat/examples/security/values.yaml b/metricbeat/examples/security/values.yaml index 95dbb687f..cd2a942f5 100644 --- a/metricbeat/examples/security/values.yaml +++ b/metricbeat/examples/security/values.yaml @@ -10,7 +10,13 @@ metricbeatConfig: - volume period: 10s host: "${NODE_NAME}" - hosts: ["${NODE_NAME}:10255"] + hosts: ["https://${NODE_NAME}:10250"] + bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token + ssl.verification_mode: "none" + # If using Red Hat OpenShift remove ssl.verification_mode entry and + # uncomment these settings: + #ssl.certificate_authorities: + #- /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt processors: - add_kubernetes_metadata: in_cluster: true diff --git a/metricbeat/values.yaml b/metricbeat/values.yaml index 141b02c33..2e88e5fa8 100755 --- a/metricbeat/values.yaml +++ b/metricbeat/values.yaml @@ -13,7 +13,13 @@ metricbeatConfig: - volume period: 10s host: "${NODE_NAME}" - hosts: ["${NODE_NAME}:10255"] + hosts: ["https://${NODE_NAME}:10250"] + bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token + ssl.verification_mode: "none" + # If using Red Hat OpenShift remove ssl.verification_mode entry and + # uncomment these settings: + #ssl.certificate_authorities: + #- /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt processors: - add_kubernetes_metadata: in_cluster: true @@ -98,7 +104,7 @@ envFrom: [] hostPathRoot: /var/lib image: "docker.elastic.co/beats/metricbeat" -imageTag: "7.6.2" +imageTag: "7.7.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" imagePullSecrets: [] @@ -145,6 +151,7 @@ clusterRoleRules: - events - deployments - nodes + - nodes/stats - replicasets verbs: - get From 29d33c3542aaefc15454022c8b0adc1cd7eccc54 Mon Sep 17 00:00:00 2001 From: Julien Mailleret Date: Fri, 10 Apr 2020 09:09:11 +0200 Subject: [PATCH 002/151] [meta] fix ci jobs --- .ci/jobs.t/elastic+helm-charts+{branch}+cluster-cleanup.yml | 2 +- .ci/jobs.t/elastic+helm-charts+{branch}+cluster-creation.yml | 2 +- .../elastic+helm-charts+{branch}+integration-apm-server.yml | 2 +- .../elastic+helm-charts+{branch}+integration-elasticsearch.yml | 2 +- .../elastic+helm-charts+{branch}+integration-filebeat.yml | 2 +- .ci/jobs.t/elastic+helm-charts+{branch}+integration-kibana.yml | 2 +- .../elastic+helm-charts+{branch}+integration-logstash.yml | 2 +- .../elastic+helm-charts+{branch}+integration-metricbeat.yml | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.ci/jobs.t/elastic+helm-charts+{branch}+cluster-cleanup.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+cluster-cleanup.yml index 389ef8db2..375741b59 100644 --- a/.ci/jobs.t/elastic+helm-charts+{branch}+cluster-cleanup.yml +++ b/.ci/jobs.t/elastic+helm-charts+{branch}+cluster-cleanup.yml @@ -29,7 +29,7 @@ unset VAULT_ROLE_ID VAULT_SECRET_ID set -x - cluster_name="helm-${KUBERNETES_VERSION//./}-${branch_specifier:0:10}" + cluster_name="helm-${KUBERNETES_VERSION//./}-%BRANCH%" cd helpers/terraform/ ./in-docker make destroy KUBERNETES_VERSION=${KUBERNETES_VERSION} CLUSTER_NAME=${cluster_name} diff --git a/.ci/jobs.t/elastic+helm-charts+{branch}+cluster-creation.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+cluster-creation.yml index c38168fc2..1a51c8209 100644 --- a/.ci/jobs.t/elastic+helm-charts+{branch}+cluster-creation.yml +++ b/.ci/jobs.t/elastic+helm-charts+{branch}+cluster-creation.yml @@ -29,7 +29,7 @@ unset VAULT_ROLE_ID VAULT_SECRET_ID set -x - cluster_name="helm-${KUBERNETES_VERSION//./}-${branch_specifier:0:10}" + cluster_name="helm-${KUBERNETES_VERSION//./}-%BRANCH%" cd helpers/terraform/ ./in-docker make up KUBERNETES_VERSION=${KUBERNETES_VERSION} CLUSTER_NAME=${cluster_name} diff --git a/.ci/jobs.t/elastic+helm-charts+{branch}+integration-apm-server.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+integration-apm-server.yml index db65f2e2d..c7c3f37f4 100644 --- a/.ci/jobs.t/elastic+helm-charts+{branch}+integration-apm-server.yml +++ b/.ci/jobs.t/elastic+helm-charts+{branch}+integration-apm-server.yml @@ -33,7 +33,7 @@ unset VAULT_ROLE_ID VAULT_SECRET_ID set -x - cluster_name="helm-${KUBERNETES_VERSION//./}-${branch_specifier:0:10}" + cluster_name="helm-${KUBERNETES_VERSION//./}-%BRANCH%" cd helpers/terraform/ ./in-docker make integration KUBERNETES_VERSION=${KUBERNETES_VERSION} CLUSTER_NAME=${cluster_name} SUITE=${APM_SERVER_SUITE} CHART=apm-server diff --git a/.ci/jobs.t/elastic+helm-charts+{branch}+integration-elasticsearch.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+integration-elasticsearch.yml index 8ba86cf7f..8f4ddf7dc 100644 --- a/.ci/jobs.t/elastic+helm-charts+{branch}+integration-elasticsearch.yml +++ b/.ci/jobs.t/elastic+helm-charts+{branch}+integration-elasticsearch.yml @@ -33,7 +33,7 @@ unset VAULT_ROLE_ID VAULT_SECRET_ID set -x - cluster_name="helm-${KUBERNETES_VERSION//./}-${branch_specifier:0:10}" + cluster_name="helm-${KUBERNETES_VERSION//./}-%BRANCH%" cd helpers/terraform/ ./in-docker make integration KUBERNETES_VERSION=${KUBERNETES_VERSION} CLUSTER_NAME=${cluster_name} SUITE=${ES_SUITE} CHART=elasticsearch diff --git a/.ci/jobs.t/elastic+helm-charts+{branch}+integration-filebeat.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+integration-filebeat.yml index 4cb374036..631cf0413 100644 --- a/.ci/jobs.t/elastic+helm-charts+{branch}+integration-filebeat.yml +++ b/.ci/jobs.t/elastic+helm-charts+{branch}+integration-filebeat.yml @@ -33,7 +33,7 @@ unset VAULT_ROLE_ID VAULT_SECRET_ID set -x - cluster_name="helm-${KUBERNETES_VERSION//./}-${branch_specifier:0:10}" + cluster_name="helm-${KUBERNETES_VERSION//./}-%BRANCH%" cd helpers/terraform/ ./in-docker make integration KUBERNETES_VERSION=${KUBERNETES_VERSION} CLUSTER_NAME=${cluster_name} SUITE=${FILEBEAT_SUITE} CHART=filebeat diff --git a/.ci/jobs.t/elastic+helm-charts+{branch}+integration-kibana.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+integration-kibana.yml index 65b4e47b8..d0a5b5933 100644 --- a/.ci/jobs.t/elastic+helm-charts+{branch}+integration-kibana.yml +++ b/.ci/jobs.t/elastic+helm-charts+{branch}+integration-kibana.yml @@ -33,7 +33,7 @@ unset VAULT_ROLE_ID VAULT_SECRET_ID set -x - cluster_name="helm-${KUBERNETES_VERSION//./}-${branch_specifier:0:10}" + cluster_name="helm-${KUBERNETES_VERSION//./}-%BRANCH%" cd helpers/terraform/ ./in-docker make integration KUBERNETES_VERSION=${KUBERNETES_VERSION} CLUSTER_NAME=${cluster_name} SUITE=${KIBANA_SUITE} CHART=kibana diff --git a/.ci/jobs.t/elastic+helm-charts+{branch}+integration-logstash.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+integration-logstash.yml index a88c04954..0224e363f 100644 --- a/.ci/jobs.t/elastic+helm-charts+{branch}+integration-logstash.yml +++ b/.ci/jobs.t/elastic+helm-charts+{branch}+integration-logstash.yml @@ -33,7 +33,7 @@ unset VAULT_ROLE_ID VAULT_SECRET_ID set -x - cluster_name="helm-${KUBERNETES_VERSION//./}-${branch_specifier:0:10}" + cluster_name="helm-${KUBERNETES_VERSION//./}-%BRANCH%" cd helpers/terraform/ ./in-docker make integration KUBERNETES_VERSION=${KUBERNETES_VERSION} CLUSTER_NAME=${cluster_name} SUITE=${LOGSTASH_SUITE} CHART=logstash diff --git a/.ci/jobs.t/elastic+helm-charts+{branch}+integration-metricbeat.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+integration-metricbeat.yml index c34a03a2d..05690b390 100644 --- a/.ci/jobs.t/elastic+helm-charts+{branch}+integration-metricbeat.yml +++ b/.ci/jobs.t/elastic+helm-charts+{branch}+integration-metricbeat.yml @@ -33,7 +33,7 @@ unset VAULT_ROLE_ID VAULT_SECRET_ID set -x - cluster_name="helm-${KUBERNETES_VERSION//./}-${branch_specifier:0:10}" + cluster_name="helm-${KUBERNETES_VERSION//./}-%BRANCH%" cd helpers/terraform/ ./in-docker make integration KUBERNETES_VERSION=${KUBERNETES_VERSION} CLUSTER_NAME=${cluster_name} SUITE=${METRICBEAT_SUITE} CHART=metricbeat From a55cea1bf35a502c83304d86d38cc8ff63ecace2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Maxime=20Gr=C3=A9au?= Date: Fri, 10 Apr 2020 10:26:00 -0400 Subject: [PATCH 003/151] [jenkins] Fix Google cluster name (#571) The cluster names created for running tests can't contain the `.` character which is part of the branch name. --- .ci/jobs.t/elastic+helm-charts+{branch}+cluster-cleanup.yml | 3 ++- .ci/jobs.t/elastic+helm-charts+{branch}+cluster-creation.yml | 3 ++- .../elastic+helm-charts+{branch}+integration-apm-server.yml | 3 ++- .../elastic+helm-charts+{branch}+integration-elasticsearch.yml | 3 ++- .../elastic+helm-charts+{branch}+integration-filebeat.yml | 3 ++- .ci/jobs.t/elastic+helm-charts+{branch}+integration-kibana.yml | 3 ++- .../elastic+helm-charts+{branch}+integration-logstash.yml | 3 ++- .../elastic+helm-charts+{branch}+integration-metricbeat.yml | 3 ++- 8 files changed, 16 insertions(+), 8 deletions(-) diff --git a/.ci/jobs.t/elastic+helm-charts+{branch}+cluster-cleanup.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+cluster-cleanup.yml index 375741b59..ada3ee74d 100644 --- a/.ci/jobs.t/elastic+helm-charts+{branch}+cluster-cleanup.yml +++ b/.ci/jobs.t/elastic+helm-charts+{branch}+cluster-cleanup.yml @@ -29,7 +29,8 @@ unset VAULT_ROLE_ID VAULT_SECRET_ID set -x - cluster_name="helm-${KUBERNETES_VERSION//./}-%BRANCH%" + BRANCH_NAME="%BRANCH%" + cluster_name="helm-${KUBERNETES_VERSION//./}-${BRANCH_NAME//./}" cd helpers/terraform/ ./in-docker make destroy KUBERNETES_VERSION=${KUBERNETES_VERSION} CLUSTER_NAME=${cluster_name} diff --git a/.ci/jobs.t/elastic+helm-charts+{branch}+cluster-creation.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+cluster-creation.yml index 1a51c8209..667e5aa40 100644 --- a/.ci/jobs.t/elastic+helm-charts+{branch}+cluster-creation.yml +++ b/.ci/jobs.t/elastic+helm-charts+{branch}+cluster-creation.yml @@ -29,7 +29,8 @@ unset VAULT_ROLE_ID VAULT_SECRET_ID set -x - cluster_name="helm-${KUBERNETES_VERSION//./}-%BRANCH%" + BRANCH_NAME="%BRANCH%" + cluster_name="helm-${KUBERNETES_VERSION//./}-${BRANCH_NAME//./}" cd helpers/terraform/ ./in-docker make up KUBERNETES_VERSION=${KUBERNETES_VERSION} CLUSTER_NAME=${cluster_name} diff --git a/.ci/jobs.t/elastic+helm-charts+{branch}+integration-apm-server.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+integration-apm-server.yml index c7c3f37f4..2bd7cb493 100644 --- a/.ci/jobs.t/elastic+helm-charts+{branch}+integration-apm-server.yml +++ b/.ci/jobs.t/elastic+helm-charts+{branch}+integration-apm-server.yml @@ -33,7 +33,8 @@ unset VAULT_ROLE_ID VAULT_SECRET_ID set -x - cluster_name="helm-${KUBERNETES_VERSION//./}-%BRANCH%" + BRANCH_NAME="%BRANCH%" + cluster_name="helm-${KUBERNETES_VERSION//./}-${BRANCH_NAME//./}" cd helpers/terraform/ ./in-docker make integration KUBERNETES_VERSION=${KUBERNETES_VERSION} CLUSTER_NAME=${cluster_name} SUITE=${APM_SERVER_SUITE} CHART=apm-server diff --git a/.ci/jobs.t/elastic+helm-charts+{branch}+integration-elasticsearch.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+integration-elasticsearch.yml index 8f4ddf7dc..4bfa19e1c 100644 --- a/.ci/jobs.t/elastic+helm-charts+{branch}+integration-elasticsearch.yml +++ b/.ci/jobs.t/elastic+helm-charts+{branch}+integration-elasticsearch.yml @@ -33,7 +33,8 @@ unset VAULT_ROLE_ID VAULT_SECRET_ID set -x - cluster_name="helm-${KUBERNETES_VERSION//./}-%BRANCH%" + BRANCH_NAME="%BRANCH%" + cluster_name="helm-${KUBERNETES_VERSION//./}-${BRANCH_NAME//./}" cd helpers/terraform/ ./in-docker make integration KUBERNETES_VERSION=${KUBERNETES_VERSION} CLUSTER_NAME=${cluster_name} SUITE=${ES_SUITE} CHART=elasticsearch diff --git a/.ci/jobs.t/elastic+helm-charts+{branch}+integration-filebeat.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+integration-filebeat.yml index 631cf0413..0744ae0fc 100644 --- a/.ci/jobs.t/elastic+helm-charts+{branch}+integration-filebeat.yml +++ b/.ci/jobs.t/elastic+helm-charts+{branch}+integration-filebeat.yml @@ -33,7 +33,8 @@ unset VAULT_ROLE_ID VAULT_SECRET_ID set -x - cluster_name="helm-${KUBERNETES_VERSION//./}-%BRANCH%" + BRANCH_NAME="%BRANCH%" + cluster_name="helm-${KUBERNETES_VERSION//./}-${BRANCH_NAME//./}" cd helpers/terraform/ ./in-docker make integration KUBERNETES_VERSION=${KUBERNETES_VERSION} CLUSTER_NAME=${cluster_name} SUITE=${FILEBEAT_SUITE} CHART=filebeat diff --git a/.ci/jobs.t/elastic+helm-charts+{branch}+integration-kibana.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+integration-kibana.yml index d0a5b5933..cea631b36 100644 --- a/.ci/jobs.t/elastic+helm-charts+{branch}+integration-kibana.yml +++ b/.ci/jobs.t/elastic+helm-charts+{branch}+integration-kibana.yml @@ -33,7 +33,8 @@ unset VAULT_ROLE_ID VAULT_SECRET_ID set -x - cluster_name="helm-${KUBERNETES_VERSION//./}-%BRANCH%" + BRANCH_NAME="%BRANCH%" + cluster_name="helm-${KUBERNETES_VERSION//./}-${BRANCH_NAME//./}" cd helpers/terraform/ ./in-docker make integration KUBERNETES_VERSION=${KUBERNETES_VERSION} CLUSTER_NAME=${cluster_name} SUITE=${KIBANA_SUITE} CHART=kibana diff --git a/.ci/jobs.t/elastic+helm-charts+{branch}+integration-logstash.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+integration-logstash.yml index 0224e363f..51e3b2ced 100644 --- a/.ci/jobs.t/elastic+helm-charts+{branch}+integration-logstash.yml +++ b/.ci/jobs.t/elastic+helm-charts+{branch}+integration-logstash.yml @@ -33,7 +33,8 @@ unset VAULT_ROLE_ID VAULT_SECRET_ID set -x - cluster_name="helm-${KUBERNETES_VERSION//./}-%BRANCH%" + BRANCH_NAME="%BRANCH%" + cluster_name="helm-${KUBERNETES_VERSION//./}-${BRANCH_NAME//./}" cd helpers/terraform/ ./in-docker make integration KUBERNETES_VERSION=${KUBERNETES_VERSION} CLUSTER_NAME=${cluster_name} SUITE=${LOGSTASH_SUITE} CHART=logstash diff --git a/.ci/jobs.t/elastic+helm-charts+{branch}+integration-metricbeat.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+integration-metricbeat.yml index 05690b390..8a1fb46f3 100644 --- a/.ci/jobs.t/elastic+helm-charts+{branch}+integration-metricbeat.yml +++ b/.ci/jobs.t/elastic+helm-charts+{branch}+integration-metricbeat.yml @@ -33,7 +33,8 @@ unset VAULT_ROLE_ID VAULT_SECRET_ID set -x - cluster_name="helm-${KUBERNETES_VERSION//./}-%BRANCH%" + BRANCH_NAME="%BRANCH%" + cluster_name="helm-${KUBERNETES_VERSION//./}-${BRANCH_NAME//./}" cd helpers/terraform/ ./in-docker make integration KUBERNETES_VERSION=${KUBERNETES_VERSION} CLUSTER_NAME=${cluster_name} SUITE=${METRICBEAT_SUITE} CHART=metricbeat From b9e724ed59e588ea6ae132076e50d5c44d7d3c80 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Maxime=20Gr=C3=A9au?= Date: Tue, 14 Apr 2020 12:21:43 -0400 Subject: [PATCH 004/151] [ci] Fix triggering upstream cleanup job (#578) For doing the integration tests some GKE clusters are created. There is a dedicated job to cleanup these clusters at the end of the tests. This commit fixes the Jenkins configuration to make sure this upstream job (which does not need parameter) is triggered. --- .ci/jobs.t/elastic+helm-charts+{branch}.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.ci/jobs.t/elastic+helm-charts+{branch}.yml b/.ci/jobs.t/elastic+helm-charts+{branch}.yml index 44698a183..f526b0db9 100644 --- a/.ci/jobs.t/elastic+helm-charts+{branch}.yml +++ b/.ci/jobs.t/elastic+helm-charts+{branch}.yml @@ -44,5 +44,5 @@ publishers: - trigger-parameterized-builds: - project: elastic+helm-charts+%BRANCH%+cluster-cleanup - current-parameters: true - trigger-with-no-params: false + current-parameters: false + trigger-with-no-params: true From 32ed278af6e6287aae99796e50a1dfb58360c130 Mon Sep 17 00:00:00 2001 From: Julien Mailleret Date: Fri, 10 Apr 2020 14:44:02 +0200 Subject: [PATCH 005/151] Merge pull request #567 from jmlrt/metricbeat-improvements Metricbeat improvements --- .gitignore | 1 + metricbeat/examples/default/test/goss.yaml | 4 --- metricbeat/examples/oss/test/goss.yaml | 4 --- metricbeat/examples/security/test/goss.yaml | 4 --- metricbeat/examples/security/values.yaml | 3 +- metricbeat/templates/daemonset.yaml | 6 ---- metricbeat/tests/metricbeat_test.py | 4 +-- metricbeat/values.yaml | 40 +++++++++++---------- 8 files changed, 26 insertions(+), 40 deletions(-) diff --git a/.gitignore b/.gitignore index a917d1fa5..15f440687 100644 --- a/.gitignore +++ b/.gitignore @@ -6,3 +6,4 @@ index.yaml *.tgz .idea/ /venv +.vscode/ diff --git a/metricbeat/examples/default/test/goss.yaml b/metricbeat/examples/default/test/goss.yaml index 1f127101e..d353cba76 100644 --- a/metricbeat/examples/default/test/goss.yaml +++ b/metricbeat/examples/default/test/goss.yaml @@ -9,10 +9,6 @@ mount: exists: true /run/docker.sock: exists: true - /var/lib/docker/containers: - exists: true - opts: - - ro /usr/share/metricbeat/metricbeat.yml: exists: true opts: diff --git a/metricbeat/examples/oss/test/goss.yaml b/metricbeat/examples/oss/test/goss.yaml index fe2f045a3..af2f0826b 100644 --- a/metricbeat/examples/oss/test/goss.yaml +++ b/metricbeat/examples/oss/test/goss.yaml @@ -9,10 +9,6 @@ mount: exists: true /run/docker.sock: exists: true - /var/lib/docker/containers: - exists: true - opts: - - ro /usr/share/metricbeat/metricbeat.yml: exists: true opts: diff --git a/metricbeat/examples/security/test/goss.yaml b/metricbeat/examples/security/test/goss.yaml index 23181251d..8ee1ea5b9 100644 --- a/metricbeat/examples/security/test/goss.yaml +++ b/metricbeat/examples/security/test/goss.yaml @@ -9,10 +9,6 @@ mount: exists: true /run/docker.sock: exists: true - /var/lib/docker/containers: - exists: true - opts: - - ro /usr/share/metricbeat/metricbeat.yml: exists: true opts: diff --git a/metricbeat/examples/security/values.yaml b/metricbeat/examples/security/values.yaml index cd2a942f5..8b48e814e 100644 --- a/metricbeat/examples/security/values.yaml +++ b/metricbeat/examples/security/values.yaml @@ -18,8 +18,7 @@ metricbeatConfig: #ssl.certificate_authorities: #- /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt processors: - - add_kubernetes_metadata: - in_cluster: true + - add_kubernetes_metadata: ~ - module: kubernetes enabled: true metricsets: diff --git a/metricbeat/templates/daemonset.yaml b/metricbeat/templates/daemonset.yaml index 392b7cf84..4ef74e6b9 100644 --- a/metricbeat/templates/daemonset.yaml +++ b/metricbeat/templates/daemonset.yaml @@ -68,9 +68,6 @@ spec: hostPath: path: {{ .Values.hostPathRoot }}/{{ template "metricbeat.fullname" . }}-{{ .Release.Namespace }}-data type: DirectoryOrCreate - - name: varlibdockercontainers - hostPath: - path: /var/lib/docker/containers - name: varrundockersock hostPath: path: /var/run/docker.sock @@ -142,9 +139,6 @@ spec: {{- end }} - name: data mountPath: /usr/share/metricbeat/data - - name: varlibdockercontainers - mountPath: /var/lib/docker/containers - readOnly: true # Necessary when using autodiscovery; avoid mounting it otherwise # See: https://www.elastic.co/guide/en/beats/metricbeat/master/configuration-autodiscover.html - name: varrundockersock diff --git a/metricbeat/tests/metricbeat_test.py b/metricbeat/tests/metricbeat_test.py index c20fe252c..447f5cf3f 100644 --- a/metricbeat/tests/metricbeat_test.py +++ b/metricbeat/tests/metricbeat_test.py @@ -334,9 +334,9 @@ def test_cluster_role_rules(): config = "" r = helm_template(config) rules = r["clusterrole"]["release-name-metricbeat-cluster-role"]["rules"][0] - assert rules["apiGroups"][0] == "extensions" + assert rules["apiGroups"][0] == "" assert rules["verbs"][0] == "get" - assert rules["resources"][0] == "namespaces" + assert rules["resources"][0] == "nodes" config = """ clusterRoleRules: diff --git a/metricbeat/values.yaml b/metricbeat/values.yaml index 2e88e5fa8..20c98ce29 100755 --- a/metricbeat/values.yaml +++ b/metricbeat/values.yaml @@ -21,8 +21,7 @@ metricbeatConfig: #ssl.certificate_authorities: #- /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt processors: - - add_kubernetes_metadata: - in_cluster: true + - add_kubernetes_metadata: ~ - module: kubernetes enabled: true metricsets: @@ -141,22 +140,27 @@ labels: {} managedServiceAccount: true clusterRoleRules: - - apiGroups: - - "extensions" - - "apps" - - "" - resources: - - namespaces - - pods - - events - - deployments - - nodes - - nodes/stats - - replicasets - verbs: - - get - - list - - watch +- apiGroups: [""] + resources: + - nodes + - namespaces + - events + - pods + verbs: ["get", "list", "watch"] +- apiGroups: ["extensions"] + resources: + - replicasets + verbs: ["get", "list", "watch"] +- apiGroups: ["apps"] + resources: + - statefulsets + - deployments + - replicasets + verbs: ["get", "list", "watch"] +- apiGroups: [""] + resources: + - nodes/stats + verbs: ["get"] podAnnotations: {} # iam.amazonaws.com/role: es-cluster From 724f306e945c870d8f4099c12f031024f8a3f8b8 Mon Sep 17 00:00:00 2001 From: Julien Mailleret Date: Fri, 10 Apr 2020 15:12:06 +0200 Subject: [PATCH 006/151] Merge pull request #568 from jmlrt/filebeat-improvements Filebeat improvements --- filebeat/examples/security/values.yaml | 13 ++++++++----- filebeat/templates/daemonset.yaml | 6 ++++++ filebeat/values.yaml | 12 ++++++++---- 3 files changed, 22 insertions(+), 9 deletions(-) diff --git a/filebeat/examples/security/values.yaml b/filebeat/examples/security/values.yaml index bedb79643..606961fa8 100644 --- a/filebeat/examples/security/values.yaml +++ b/filebeat/examples/security/values.yaml @@ -1,12 +1,15 @@ filebeatConfig: filebeat.yml: | filebeat.inputs: - - type: docker - containers.ids: - - '*' + - type: container + paths: + - /var/log/containers/*.log processors: - - add_kubernetes_metadata: - in_cluster: true + - add_kubernetes_metadata: + host: ${NODE_NAME} + matchers: + - logs_path: + logs_path: "/var/log/containers/" output.elasticsearch: username: '${ELASTICSEARCH_USERNAME}' diff --git a/filebeat/templates/daemonset.yaml b/filebeat/templates/daemonset.yaml index 5c0063f67..dbd446748 100644 --- a/filebeat/templates/daemonset.yaml +++ b/filebeat/templates/daemonset.yaml @@ -75,6 +75,9 @@ spec: - name: varlibdockercontainers hostPath: path: /var/lib/docker/containers + - name: varlog + hostPath: + path: /var/log - name: varrundockersock hostPath: path: /var/run/docker.sock @@ -152,6 +155,9 @@ spec: - name: varlibdockercontainers mountPath: /var/lib/docker/containers readOnly: true + - name: varlog + mountPath: /var/log + readOnly: true # Necessary when using autodiscovery; avoid mounting it otherwise # See: https://www.elastic.co/guide/en/beats/filebeat/master/configuration-autodiscover.html - name: varrundockersock diff --git a/filebeat/values.yaml b/filebeat/values.yaml index 93eb75332..ceb1f7526 100755 --- a/filebeat/values.yaml +++ b/filebeat/values.yaml @@ -4,11 +4,15 @@ filebeatConfig: filebeat.yml: | filebeat.inputs: - - type: docker - containers.ids: - - '*' + - type: container + paths: + - /var/log/containers/*.log processors: - - add_kubernetes_metadata: ~ + - add_kubernetes_metadata: + host: ${NODE_NAME} + matchers: + - logs_path: + logs_path: "/var/log/containers/" output.elasticsearch: host: '${NODE_NAME}' From 7ccb9e5d00c6dd5a737df1224811b10c625cd449 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Maxime=20Gr=C3=A9au?= Date: Tue, 14 Apr 2020 16:57:56 -0400 Subject: [PATCH 007/151] [doc] Update links to 7.7 branch (#579) This commit updates the remaining links to GitHub and Jenkins which had `master` as the branch name to 7.7 --- README.md | 4 ++-- apm-server/README.md | 16 +++++++-------- elasticsearch/README.md | 32 ++++++++++++++--------------- filebeat/README.md | 16 +++++++-------- filebeat/templates/daemonset.yaml | 2 +- kibana/README.md | 20 +++++++++--------- logstash/README.md | 16 +++++++-------- metricbeat/README.md | 16 +++++++-------- metricbeat/templates/daemonset.yaml | 2 +- 9 files changed, 62 insertions(+), 62 deletions(-) diff --git a/README.md b/README.md index 225f342a2..e30f7d420 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # Elastic Stack Kubernetes Helm Charts -[![Build Status](https://img.shields.io/jenkins/s/https/devops-ci.elastic.co/job/elastic+helm-charts+master.svg)](https://devops-ci.elastic.co/job/elastic+helm-charts+master/) +[![Build Status](https://img.shields.io/jenkins/s/https/devops-ci.elastic.co/job/elastic+helm-charts+7.7.svg)](https://devops-ci.elastic.co/job/elastic+helm-charts+7.7/) This functionality is in beta and is subject to change. The design and code is less mature than official GA features and is being provided as-is with no warranties. Beta features are not subject to the support SLA of official GA features. @@ -19,7 +19,7 @@ Please look in the chart directories for the documentation for each chart. These ## Kubernetes Versions -The charts are [currently tested](https://devops-ci.elastic.co/job/elastic+helm-charts+master/) against all GKE versions available. The exact versions are defined under `KUBERNETES_VERSIONS` in [helpers/matrix.yml](/helpers/matrix.yml) +The charts are [currently tested](https://devops-ci.elastic.co/job/elastic+helm-charts+7.7/) against all GKE versions available. The exact versions are defined under `KUBERNETES_VERSIONS` in [helpers/matrix.yml](/helpers/matrix.yml) ## Helm versions diff --git a/apm-server/README.md b/apm-server/README.md index 768e09aa3..dc3ca85d9 100644 --- a/apm-server/README.md +++ b/apm-server/README.md @@ -56,7 +56,7 @@ This chart is tested with the latest 7.7.x versions. ## Configuration | Parameter | Description | Default | | ------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------- | -| `apmConfig` | Allows you to add any config files in `/usr/share/apm-server/config` such as `apm-server.yml`. See [values.yaml](https://github.com/elastic/helm-charts/tree/master/apm-server/values.yaml) for an example of the formatting with the default configuration. | see [values.yaml](https://github.com/elastic/helm-charts/tree/master/apm-server/values.yaml) | +| `apmConfig` | Allows you to add any config files in `/usr/share/apm-server/config` such as `apm-server.yml`. See [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/apm-server/values.yaml) for an example of the formatting with the default configuration. | see [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/apm-server/values.yaml) | | `replicas` | Number of APM servers to run | `1` | | `extraContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | | `extraInitContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | @@ -75,7 +75,7 @@ This chart is tested with the latest 7.7.x versions. | `readinessProbe` | Parameters to pass to [readiness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/) checks for values such as timeouts and thresholds. | `failureThreshold: 3`
`initialDelaySeconds: 10`
`periodSeconds: 10`
`successThreshold: 3`
`timeoutSeconds: 5` | | `resources` | Allows you to set the [resources](https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/) for the `Deployment` | `requests.cpu: 100m`
`requests.memory: 100Mi`
`limits.cpu: 1000m`
`limits.memory: 200Mi` | | `serviceAccount` | Custom [serviceAccount](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/) that APM Server will use during execution. By default will use the service account created by this chart. | `""` | -| `secretMounts` | Allows you easily mount a secret as a file inside the `Deployment`. Useful for mounting certificates and other secrets. See [values.yaml](https://github.com/elastic/helm-charts/tree/master/apm-server/values.yaml) for an example | `[]` | +| `secretMounts` | Allows you easily mount a secret as a file inside the `Deployment`. Useful for mounting certificates and other secrets. See [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/apm-server/values.yaml) for an example | `[]` | | `terminationGracePeriod` | Termination period (in seconds) to wait before killing APM Server pod process on pod shutdown | `30` | | `tolerations` | Configurable [tolerations](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` | | `nodeSelector` | Configurable [nodeSelector](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector) | `{}` | @@ -83,20 +83,20 @@ This chart is tested with the latest 7.7.x versions. | `priorityClassName` | The [name of the PriorityClass](https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass). No default is supplied as the PriorityClass must be created first. | `""` | | `updateStrategy` | Allows you to change the default update [strategy](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#updating-a-deployment) for the deployment. | `RollingUpdate` | | `autoscaling.enabled` | Enable the pod [horizonatal auto scaler](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) | `false` | -| `ingress` | Configurable [ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/) to expose the APM Server service. See [`values.yaml`](https://github.com/elastic/helm-charts/tree/master/apm-server/values.yaml) for an example | `enabled: false` | -| `service` | Configurable [service](https://kubernetes.io/docs/concepts/services-networking/service/) to expose the APM Server service. See [`values.yaml`](https://github.com/elastic/helm-charts/tree/master/apm-server/values.yaml) for an example | `type: ClusterIP`
`port: 8200`
`nodePort:`
`annotations: {}` | +| `ingress` | Configurable [ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/) to expose the APM Server service. See [`values.yaml`](https://github.com/elastic/helm-charts/tree/7.7/apm-server/values.yaml) for an example | `enabled: false` | +| `service` | Configurable [service](https://kubernetes.io/docs/concepts/services-networking/service/) to expose the APM Server service. See [`values.yaml`](https://github.com/elastic/helm-charts/tree/7.7/apm-server/values.yaml) for an example | `type: ClusterIP`
`port: 8200`
`nodePort:`
`annotations: {}` | | `lifecycle` | Configurable [livecycle hooks](https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/) | `false` | | `nameOverride` | Overrides the chart name for resources. If not set the name will default to `.Chart.Name` | `""` | | `fullnameOverride` | Overrides the full name of the resources. If not set the name will default to `.Release.Name`-`.Values.nameOverride` or `.Chart.Name` | `""` | ## Examples -In [examples/](ahttps://github.com/elastic/helm-charts/tree/master/apm-server/examples) you will find some example configurations. These examples +In [examples/](ahttps://github.com/elastic/helm-charts/tree/7.7/apm-server/examples) you will find some example configurations. These examples are used for the automated testing of this helm chart. ### Default -* Deploy the [default Elasticsearch helm chart](https://github.com/elastic/helm-charts/tree/master/elasticsearch/README.md#default) +* Deploy the [default Elasticsearch helm chart](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/README.md#default) * Deploy APM Server with the default values ``` cd examples/default @@ -112,7 +112,7 @@ are used for the automated testing of this helm chart. This chart uses [pytest](https://docs.pytest.org/en/latest/) to test the templating logic. The dependencies for testing can be installed from the -[`requirements.txt`](https://github.com/elastic/helm-charts/tree/master/requirements.txt) in the parent directory. +[`requirements.txt`](https://github.com/elastic/helm-charts/tree/7.7/requirements.txt) in the parent directory. ``` pip install -r ../requirements.txt @@ -135,7 +135,7 @@ make test Integration tests are run using [goss](https://github.com/aelsabbahy/goss/blob/master/docs/manual.md) which is a -serverspec like tool written in golang. See [goss.yaml](https://github.com/elastic/helm-charts/tree/master/apm-server/examples/default/test/goss.yaml) +serverspec like tool written in golang. See [goss.yaml](https://github.com/elastic/helm-charts/tree/7.7/apm-server/examples/default/test/goss.yaml) for an example of what the tests look like. To run the goss tests against the default example: diff --git a/elasticsearch/README.md b/elasticsearch/README.md index 9482aa93f..18d768785 100644 --- a/elasticsearch/README.md +++ b/elasticsearch/README.md @@ -27,7 +27,7 @@ resources: ## Requirements -* [Helm](https://helm.sh/) >=2.8.0 and <3.0.0 (see parent [README](https://github.com/elastic/helm-charts/tree/master/README.md) for more details) +* [Helm](https://helm.sh/) >=2.8.0 and <3.0.0 (see parent [README](https://github.com/elastic/helm-charts/tree/7.7/README.md) for more details) * Kubernetes >=1.8 * Minimum cluster requirements include the following to run this chart with default settings. All of these settings are configurable. * Three Kubernetes nodes to respect the default "hard" affinity settings @@ -35,16 +35,16 @@ resources: ## Usage notes and getting started -* This repo includes a number of [example](https://github.com/elastic/helm-charts/tree/master/elasticsearch/examples) configurations which can be used as a reference. They are also used in the automated testing of this chart +* This repo includes a number of [example](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples) configurations which can be used as a reference. They are also used in the automated testing of this chart * Automated testing of this chart is currently only run against GKE (Google Kubernetes Engine). * The chart deploys a statefulset and by default will do an automated rolling update of your cluster. It does this by waiting for the cluster health to become green after each instance is updated. If you prefer to update manually you can set [`updateStrategy: OnDelete`](https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#on-delete) * It is important to verify that the JVM heap size in `esJavaOpts` and to set the CPU/Memory `resources` to something suitable for your cluster -* To simplify chart and maintenance each set of node groups is deployed as a separate helm release. Take a look at the [multi](https://github.com/elastic/helm-charts/tree/master/elasticsearch/examples/multi) example to get an idea for how this works. Without doing this it isn't possible to resize persistent volumes in a statefulset. By setting it up this way it makes it possible to add more nodes with a new storage size then drain the old ones. It also solves the problem of allowing the user to determine which node groups to update first when doing upgrades or changes. +* To simplify chart and maintenance each set of node groups is deployed as a separate helm release. Take a look at the [multi](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/multi) example to get an idea for how this works. Without doing this it isn't possible to resize persistent volumes in a statefulset. By setting it up this way it makes it possible to add more nodes with a new storage size then drain the old ones. It also solves the problem of allowing the user to determine which node groups to update first when doing upgrades or changes. * We have designed this chart to be very un-opinionated about how to configure Elasticsearch. It exposes ways to set environment variables and mount secrets inside of the container. Doing this makes it much easier for this chart to support multiple versions with minimal changes. ## Migration from helm/charts stable -If you currently have a cluster deployed with the [helm/charts stable](https://github.com/helm/charts/tree/master/stable/elasticsearch) chart you can follow the [migration guide](https://github.com/elastic/helm-charts/tree/master/elasticsearch/examples/migration/README.md) +If you currently have a cluster deployed with the [helm/charts stable](https://github.com/helm/charts/tree/master/stable/elasticsearch) chart you can follow the [migration guide](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/migration/README.md) ## Installing @@ -85,18 +85,18 @@ This chart is tested with the latest 7.7.x versions. | ---------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------- | | `clusterName` | This will be used as the Elasticsearch [cluster.name](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster.name.html) and should be unique per cluster in the namespace | `elasticsearch` | | `nodeGroup` | This is the name that will be used for each group of nodes in the cluster. The name will be `clusterName-nodeGroup-X`, `nameOverride-nodeGroup-X` if a nameOverride is specified, and `fullnameOverride-X` if a fullnameOverride is specified | `master` | -| `masterService` | Optional. The service name used to connect to the masters. You only need to set this if your master `nodeGroup` is set to something other than `master`. See [Clustering and Node Discovery](https://github.com/elastic/helm-charts/tree/master/elasticsearch/README.md#clustering-and-node-discovery) for more information | `` | +| `masterService` | Optional. The service name used to connect to the masters. You only need to set this if your master `nodeGroup` is set to something other than `master`. See [Clustering and Node Discovery](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/README.md#clustering-and-node-discovery) for more information | `` | | `roles` | A hash map with the [specific roles](https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-node.html) for the node group | `master: true`
`data: true`
`ingest: true` | | `replicas` | Kubernetes replica count for the statefulset (i.e. how many pods) | `3` | | `minimumMasterNodes` | The value for [discovery.zen.minimum_master_nodes](https://www.elastic.co/guide/en/elasticsearch/reference/6.7/discovery-settings.html#minimum_master_nodes). Should be set to `(master_eligible_nodes / 2) + 1`. Ignored in Elasticsearch versions >= 7. | `2` | | `esMajorVersion` | Used to set major version specific configuration. If you are using a custom image and not running the default Elasticsearch version you will need to set this to the version you are running (e.g. `esMajorVersion: 6`) | `""` | -| `esConfig` | Allows you to add any config files in `/usr/share/elasticsearch/config/` such as `elasticsearch.yml` and `log4j2.properties`. See [values.yaml](https://github.com/elastic/helm-charts/tree/master/elasticsearch/values.yaml) for an example of the formatting. | `{}` | +| `esConfig` | Allows you to add any config files in `/usr/share/elasticsearch/config/` such as `elasticsearch.yml` and `log4j2.properties`. See [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/values.yaml) for an example of the formatting. | `{}` | | `extraEnvs` | Extra [environment variables](https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config) which will be appended to the `env:` definition for the container | `[]` | | `extraVolumes` | Templatable string of additional volumes to be passed to the `tpl` function | `""` | | `extraVolumeMounts` | Templatable string of additional volumeMounts to be passed to the `tpl` function | `""` | | `extraContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | | `extraInitContainers` | Templatable string of additional init containers to be passed to the `tpl` function | `""` | -| `secretMounts` | Allows you easily mount a secret as a file inside the statefulset. Useful for mounting certificates and other secrets. See [values.yaml](https://github.com/elastic/helm-charts/tree/master/elasticsearch/values.yaml) for an example | `[]` | +| `secretMounts` | Allows you easily mount a secret as a file inside the statefulset. Useful for mounting certificates and other secrets. See [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/values.yaml) for an example | `[]` | | `image` | The Elasticsearch docker image | `docker.elastic.co/elasticsearch/elasticsearch` | | `imageTag` | The Elasticsearch docker image tag | `7.7.0-SNAPSHOT` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy](https://kubernetes.io/docs/concepts/containers/images/#updating-images) value | `IfNotPresent` | @@ -140,11 +140,11 @@ This chart is tested with the latest 7.7.x versions. | `imagePullSecrets` | Configuration for [imagePullSecrets](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret) so that you can use a private registry for your image | `[]` | | `nodeSelector` | Configurable [nodeSelector](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector) so that you can target specific nodes for your Elasticsearch cluster | `{}` | | `tolerations` | Configurable [tolerations](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` | -| `ingress` | Configurable [ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/) to expose the Elasticsearch service. See [`values.yaml`](https://github.com/elastic/helm-charts/tree/master/elasticsearch/values.yaml) for an example | `enabled: false` | +| `ingress` | Configurable [ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/) to expose the Elasticsearch service. See [`values.yaml`](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/values.yaml) for an example | `enabled: false` | | `schedulerName` | Name of the [alternate scheduler](https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/#specify-schedulers-for-pods) | `nil` | | `masterTerminationFix` | A workaround needed for Elasticsearch < 7.2 to prevent master status being lost during restarts [#63](https://github.com/elastic/helm-charts/issues/63) | `false` | -| `lifecycle` | Allows you to add lifecycle configuration. See [values.yaml](https://github.com/elastic/helm-charts/tree/master/elasticsearch/values.yaml) for an example of the formatting. | `{}` | -| `keystore` | Allows you map Kubernetes secrets into the keystore. See the [config example](https://github.com/elastic/helm-charts/tree/master/elasticsearch/examples/config/values.yaml) and [how to use the keystore](https://github.com/elastic/helm-charts/tree/master/elasticsearch/README.md#how-to-use-the-keystore) | `[]` | +| `lifecycle` | Allows you to add lifecycle configuration. See [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/values.yaml) for an example of the formatting. | `{}` | +| `keystore` | Allows you map Kubernetes secrets into the keystore. See the [config example](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/config/values.yaml) and [how to use the keystore](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/README.md#how-to-use-the-keystore) | `[]` | | `rbac` | Configuration for creating a role, role binding and service account as part of this helm chart with `create: true`. Also can be used to reference an external service account with `serviceAccountName: "externalServiceAccountName"`. | `create: false`
`serviceAccountName: ""` | | `podSecurityPolicy` | Configuration for create a pod security policy with minimal permissions to run this Helm chart with `create: true`. Also can be used to reference an external pod security policy with `name: "externalPodSecurityPolicy"` | `create: false`
`name: ""` | | `nameOverride` | Overrides the clusterName when used in the naming of resources | `""` | @@ -152,7 +152,7 @@ This chart is tested with the latest 7.7.x versions. ## Try it out -In [examples/](https://github.com/elastic/helm-charts/tree/master/elasticsearch/examples) you will find some example configurations. These examples are used for the automated testing of this helm chart +In [examples/](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples) you will find some example configurations. These examples are used for the automated testing of this helm chart ### Default @@ -257,12 +257,12 @@ keystore: path: xpack.notification.slack.account.monitoring.secure_url ``` -You can also take a look at the [config example](https://github.com/elastic/helm-charts/tree/master/elasticsearch/examples/config/) which is used as part of the automated testing pipeline. +You can also take a look at the [config example](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/config/) which is used as part of the automated testing pipeline. #### How to enable snapshotting? -1. Install your [snapshot plugin](https://www.elastic.co/guide/en/elasticsearch/plugins/current/repository.html) into a custom docker image following the [how to install plugins guide](https://github.com/elastic/helm-charts/tree/master/elasticsearch/README.md#how-to-install-plugins) -2. Add any required secrets or credentials into an Elasticsearch keystore following the [how to use the keystore guide](https://github.com/elastic/helm-charts/tree/master/elasticsearch/README.md#how-to-use-the-keystore) +1. Install your [snapshot plugin](https://www.elastic.co/guide/en/elasticsearch/plugins/current/repository.html) into a custom docker image following the [how to install plugins guide](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/README.md#how-to-install-plugins) +2. Add any required secrets or credentials into an Elasticsearch keystore following the [how to use the keystore guide](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/README.md#how-to-use-the-keystore) 3. Configure the [snapshot repository](https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-snapshots.html) as you normally would. 4. To automate snapshots you can use a tool like [curator](https://www.elastic.co/guide/en/elasticsearch/client/curator/current/snapshot.html). In the future there are plans to have Elasticsearch manage automated snapshots with [Snapshot Lifecycle Management](https://github.com/elastic/elasticsearch/issues/38461). @@ -330,7 +330,7 @@ For an example of deploying both a group master nodes and data nodes using multi ## Testing -This chart uses [pytest](https://docs.pytest.org/en/latest/) to test the templating logic. The dependencies for testing can be installed from the [`requirements.txt`](https://github.com/elastic/helm-charts/tree/master/requirements.txt) in the parent directory. +This chart uses [pytest](https://docs.pytest.org/en/latest/) to test the templating logic. The dependencies for testing can be installed from the [`requirements.txt`](https://github.com/elastic/helm-charts/tree/7.7/requirements.txt) in the parent directory. ``` pip install -r ../requirements.txt @@ -351,7 +351,7 @@ make test ## Integration Testing -Integration tests are run using [goss](https://github.com/aelsabbahy/goss/blob/master/docs/manual.md) which is a serverspec like tool written in golang. See [goss.yaml](https://github.com/elastic/helm-charts/tree/master/elasticsearch/examples/default/test/goss.yaml) for an example of what the tests look like. +Integration tests are run using [goss](https://github.com/aelsabbahy/goss/blob/master/docs/manual.md) which is a serverspec like tool written in golang. See [goss.yaml](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/default/test/goss.yaml) for an example of what the tests look like. To run the goss tests against the default example: diff --git a/filebeat/README.md b/filebeat/README.md index f3525f42e..860f56e02 100644 --- a/filebeat/README.md +++ b/filebeat/README.md @@ -6,13 +6,13 @@ This helm chart is a lightweight way to configure and run our official [Filebeat ## Requirements -* [Helm](https://helm.sh/) >=2.8.0 and <3.0.0 (see parent [README](https://github.com/elastic/helm-charts/tree/master/README.md) for more details) +* [Helm](https://helm.sh/) >=2.8.0 and <3.0.0 (see parent [README](https://github.com/elastic/helm-charts/tree/7.7/README.md) for more details) * Kubernetes >=1.9 ## Usage notes and getting started * The default Filebeat configuration file for this chart is configured to use an Elasticsearch endpoint. Without any additional changes, Filebeat will send documents to the service URL that the Elasticsearch helm chart sets up by default. You may either set the `ELASTICSEARCH_HOSTS` environment variable in `extraEnvs` to override this endpoint or modify the default `filebeatConfig` to change this behavior. * The default Filebeat configuration file is also configured to capture container logs and enrich them with Kubernetes metadata by default. This will capture all container logs in the cluster. -* This chart disables the [HostNetwork](https://kubernetes.io/docs/concepts/policy/pod-security-policy/#host-namespaces) setting by default for compatibility reasons with the majority of kubernetes providers and scenarios. Some kubernetes providers may not allow enabling `hostNetwork` and deploying multiple Filebeat pods on the same node isn't possible with `hostNetwork`. However Filebeat does recommend activating it. If your kubernetes provider is compatible with `hostNetwork` and you don't need to run multiple Filebeat daemonsets, you can activate it by setting `hostNetworking: true` in [values.yaml](https://github.com/elastic/helm-charts/tree/master/filebeat/values.yaml). +* This chart disables the [HostNetwork](https://kubernetes.io/docs/concepts/policy/pod-security-policy/#host-namespaces) setting by default for compatibility reasons with the majority of kubernetes providers and scenarios. Some kubernetes providers may not allow enabling `hostNetwork` and deploying multiple Filebeat pods on the same node isn't possible with `hostNetwork`. However Filebeat does recommend activating it. If your kubernetes provider is compatible with `hostNetwork` and you don't need to run multiple Filebeat daemonsets, you can activate it by setting `hostNetworking: true` in [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/filebeat/values.yaml). ## Installing @@ -50,7 +50,7 @@ This chart is tested with the latest 7.7.x versions. ## Configuration | Parameter | Description | Default | | ------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------- | -| `filebeatConfig` | Allows you to add any config files in `/usr/share/filebeat` such as `filebeat.yml`. See [values.yaml](https://github.com/elastic/helm-charts/tree/master/filebeat/values.yaml) for an example of the formatting with the default configuration. | see [values.yaml](https://github.com/elastic/helm-charts/tree/master/filebeat/values.yaml) | +| `filebeatConfig` | Allows you to add any config files in `/usr/share/filebeat` such as `filebeat.yml`. See [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/filebeat/values.yaml) for an example of the formatting with the default configuration. | see [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/filebeat/values.yaml) | | `extraContainers` | List of additional init containers to be added at the Daemonset | `""` | | `extraEnvs` | Extra [environment variables](https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config) which will be appended to the `env:` definition for the container | `[]` | | `extraInitContainers` | List of additional init containers to be added at the Daemonset. It also accepts a templatable string of additional containers to be passed to the `tpl` function | `[]` | @@ -71,7 +71,7 @@ This chart is tested with the latest 7.7.x versions. | `readinessProbe` | Parameters to pass to [readiness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/) checks for values such as timeouts and thresholds. | `failureThreshold: 3`
`initialDelaySeconds: 10`
`periodSeconds: 10`
`successThreshold: 3`
`timeoutSeconds: 5` | | `resources` | Allows you to set the [resources](https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/) for the `DaemonSet` | `requests.cpu: 100m`
`requests.memory: 100Mi`
`limits.cpu: 1000m`
`limits.memory: 200Mi` | | `serviceAccount` | Custom [serviceAccount](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/) that Filebeat will use during execution. By default will use the service account created by this chart. | `""` | -| `secretMounts` | Allows you easily mount a secret as a file inside the `DaemonSet`. Useful for mounting certificates and other secrets. See [values.yaml](https://github.com/elastic/helm-charts/tree/master/filebeat/values.yaml) for an example | `[]` | +| `secretMounts` | Allows you easily mount a secret as a file inside the `DaemonSet`. Useful for mounting certificates and other secrets. See [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/filebeat/values.yaml) for an example | `[]` | | `terminationGracePeriod` | Termination period (in seconds) to wait before killing Filebeat pod process on pod shutdown | `30` | | `tolerations` | Configurable [tolerations](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` | | `nodeSelector` | Configurable [nodeSelector](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector) | `{}` | @@ -82,11 +82,11 @@ This chart is tested with the latest 7.7.x versions. ## Examples -In [examples/](https://github.com/elastic/helm-charts/tree/master/filebeat/examples) you will find some example configurations. These examples are used for the automated testing of this helm chart. +In [examples/](https://github.com/elastic/helm-charts/tree/7.7/filebeat/examples) you will find some example configurations. These examples are used for the automated testing of this helm chart. ### Default -* Deploy the [default Elasticsearch helm chart](https://github.com/elastic/helm-charts/tree/master/elasticsearch/README.md#default) +* Deploy the [default Elasticsearch helm chart](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/README.md#default) * Deploy Filebeat with the default values ``` cd examples/default @@ -100,7 +100,7 @@ In [examples/](https://github.com/elastic/helm-charts/tree/master/filebeat/examp ## Testing -This chart uses [pytest](https://docs.pytest.org/en/latest/) to test the templating logic. The dependencies for testing can be installed from the [`requirements.txt`](https://github.com/elastic/helm-charts/tree/master/requirements.txt) in the parent directory. +This chart uses [pytest](https://docs.pytest.org/en/latest/) to test the templating logic. The dependencies for testing can be installed from the [`requirements.txt`](https://github.com/elastic/helm-charts/tree/7.7/requirements.txt) in the parent directory. ``` pip install -r ../requirements.txt @@ -121,7 +121,7 @@ make test ## Integration Testing -Integration tests are run using [goss](https://github.com/aelsabbahy/goss/blob/master/docs/manual.md) which is a serverspec like tool written in golang. See [goss.yaml](https://github.com/elastic/helm-charts/tree/master/filebeat/examples/default/test/goss.yaml) for an example of what the tests look like. +Integration tests are run using [goss](https://github.com/aelsabbahy/goss/blob/master/docs/manual.md) which is a serverspec like tool written in golang. See [goss.yaml](https://github.com/elastic/helm-charts/tree/7.7/filebeat/examples/default/test/goss.yaml) for an example of what the tests look like. To run the goss tests against the default example: ``` diff --git a/filebeat/templates/daemonset.yaml b/filebeat/templates/daemonset.yaml index dbd446748..eace44437 100644 --- a/filebeat/templates/daemonset.yaml +++ b/filebeat/templates/daemonset.yaml @@ -159,7 +159,7 @@ spec: mountPath: /var/log readOnly: true # Necessary when using autodiscovery; avoid mounting it otherwise - # See: https://www.elastic.co/guide/en/beats/filebeat/master/configuration-autodiscover.html + # See: https://www.elastic.co/guide/en/beats/filebeat/7.7/configuration-autodiscover.html - name: varrundockersock mountPath: /var/run/docker.sock readOnly: true diff --git a/kibana/README.md b/kibana/README.md index 409849bce..ca05a9f83 100644 --- a/kibana/README.md +++ b/kibana/README.md @@ -6,7 +6,7 @@ This helm chart is a lightweight way to configure and run our official [Kibana d ## Requirements -* [Helm](https://helm.sh/) >=2.8.0 and <3.0.0 (see parent [README](https://github.com/elastic/helm-charts/tree/master/README.md) for more details) +* [Helm](https://helm.sh/) >=2.8.0 and <3.0.0 (see parent [README](https://github.com/elastic/helm-charts/tree/7.7/README.md) for more details) * Kubernetes >=1.9 ## Installing @@ -50,7 +50,7 @@ This chart is tested with the latest 7.7.x versions. | `elasticsearchURL` | The URL used to connect to Elasticsearch. Deprecated, needs to be used for Kibana versions < 6.6 | | | `replicas` | Kubernetes replica count for the deployment (i.e. how many pods) | `1` | | `extraEnvs` | Extra [environment variables](https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config) which will be appended to the `env:` definition for the container | `name: NODE_OPTIONS`
`value: "--max-old-space-size=1800"` | -| `secretMounts` | Allows you easily mount a secret as a file inside the deployment. Useful for mounting certificates and other secrets. See [values.yaml](https://github.com/elastic/helm-charts/tree/master/kibana/values.yaml) for an example | `[]` | +| `secretMounts` | Allows you easily mount a secret as a file inside the deployment. Useful for mounting certificates and other secrets. See [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/kibana/values.yaml) for an example | `[]` | | `image` | The Kibana docker image | `docker.elastic.co/kibana/kibana` | | `imageTag` | The Kibana docker image tag | `7.7.0-SNAPSHOT` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy](https://kubernetes.io/docs/concepts/containers/images/#updating-images) value | `IfNotPresent` | @@ -59,7 +59,7 @@ This chart is tested with the latest 7.7.x versions. | `protocol` | The protocol that will be used for the readinessProbe. Change this to `https` if you have `server.ssl.enabled: true` set | `http` | | `serverHost` | The [`server.host`](https://www.elastic.co/guide/en/kibana/current/settings.html) Kibana setting. This is set explicitly so that the default always matches what comes with the docker image. | `0.0.0.0` | | `healthCheckPath` | The path used for the readinessProbe to check that Kibana is ready. If you are setting `server.basePath` you will also need to update this to `/${basePath}/app/kibana` | `/app/kibana` | -| `kibanaConfig` | Allows you to add any config files in `/usr/share/kibana/config/` such as `kibana.yml`. See [values.yaml](https://github.com/elastic/helm-charts/tree/master/kibana/values.yaml) for an example of the formatting. | `{}` | +| `kibanaConfig` | Allows you to add any config files in `/usr/share/kibana/config/` such as `kibana.yml`. See [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/kibana/values.yaml) for an example of the formatting. | `{}` | | `podSecurityContext` | Allows you to set the [securityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) for the pod | `fsGroup: 1000` | | `securityContext` | Allows you to set the [securityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) for the container | `capabilities.drop:[ALL]`
`runAsNonRoot: true`
`runAsUser: 1000` | | `serviceAccount` | Allows you to overwrite the "default" [serviceAccount](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/) for the pod | `[]` | @@ -70,21 +70,21 @@ This chart is tested with the latest 7.7.x versions. | `imagePullSecrets` | Configuration for [imagePullSecrets](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret) so that you can use a private registry for your image | `[]` | | `nodeSelector` | Configurable [nodeSelector](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector) so that you can target specific nodes for your Kibana instances | `{}` | | `tolerations` | Configurable [tolerations](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` | -| `ingress` | Configurable [ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/) to expose the Kibana service. See [`values.yaml`](https://github.com/elastic/helm-charts/tree/master/kibana/values.yaml) for an example | `enabled: false` | -| `service` | Configurable [service](https://kubernetes.io/docs/concepts/services-networking/service/) to expose the Kibana service. See [`values.yaml`](https://github.com/elastic/helm-charts/tree/master/kibana/values.yaml) for an example | `type: ClusterIP`
`port: 5601`
`nodePort:`
`annotations: {}`
`loadBalancerSourceRanges: {}` | +| `ingress` | Configurable [ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/) to expose the Kibana service. See [`values.yaml`](https://github.com/elastic/helm-charts/tree/7.7/kibana/values.yaml) for an example | `enabled: false` | +| `service` | Configurable [service](https://kubernetes.io/docs/concepts/services-networking/service/) to expose the Kibana service. See [`values.yaml`](https://github.com/elastic/helm-charts/tree/7.7/kibana/values.yaml) for an example | `type: ClusterIP`
`port: 5601`
`nodePort:`
`annotations: {}`
`loadBalancerSourceRanges: {}` | | `labels` | Configurable [label](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/) applied to all Kibana pods | `{}` | -| `lifecycle` | Allows you to add lifecycle configuration. See [values.yaml](https://github.com/elastic/helm-charts/tree/master/kibana/values.yaml) for an example of the formatting. | `{}` | +| `lifecycle` | Allows you to add lifecycle configuration. See [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/kibana/values.yaml) for an example of the formatting. | `{}` | | `fullnameOverride` | Overrides the full name of the resources. If not set the name will default to "`.Release.Name`-`.Values.nameOverride or .Chart.Name`" | `""` | | `extraContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | | `extraInitContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | ## Examples -In [examples/](https://github.com/elastic/helm-charts/tree/master/kibana/examples) you will find some example configurations. These examples are used for the automated testing of this helm chart +In [examples/](https://github.com/elastic/helm-charts/tree/7.7/kibana/examples) you will find some example configurations. These examples are used for the automated testing of this helm chart ### Default -* Deploy the [default Elasticsearch helm chart](https://github.com/elastic/helm-charts/tree/master/elasticsearch/README.md#default) +* Deploy the [default Elasticsearch helm chart](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/README.md#default) * Deploy Kibana with the default values ``` cd examples/default @@ -97,7 +97,7 @@ In [examples/](https://github.com/elastic/helm-charts/tree/master/kibana/example ### Security -* Deploy a [security enabled Elasticsearch cluster](https://github.com/elastic/helm-charts/tree/master/elasticsearch/README.md#security) +* Deploy a [security enabled Elasticsearch cluster](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/README.md#security) * Deploy Kibana with the security example ``` cd examples/security @@ -142,7 +142,7 @@ There are a couple reasons we recommend this. ## Testing -This chart uses [pytest](https://docs.pytest.org/en/latest/) to test the templating logic. The dependencies for testing can be installed from the [`requirements.txt`](https://github.com/elastic/helm-charts/tree/master/requirements.txt) in the parent directory. +This chart uses [pytest](https://docs.pytest.org/en/latest/) to test the templating logic. The dependencies for testing can be installed from the [`requirements.txt`](https://github.com/elastic/helm-charts/tree/7.7/requirements.txt) in the parent directory. ``` pip install -r ../requirements.txt diff --git a/logstash/README.md b/logstash/README.md index 1c8e622ea..7d1d5bcbb 100644 --- a/logstash/README.md +++ b/logstash/README.md @@ -6,12 +6,12 @@ This helm chart is a lightweight way to configure and run our official [Logstash ## Requirements -* [Helm](https://helm.sh/) >=2.8.0 and <3.0.0 (see parent [README](https://github.com/elastic/helm-charts/tree/master/README.md) for more details) +* [Helm](https://helm.sh/) >=2.8.0 and <3.0.0 (see parent [README](https://github.com/elastic/helm-charts/tree/7.7/README.md) for more details) * Kubernetes >=1.8 ## Usage notes and getting started -* This repo includes a number of [example](https://github.com/elastic/helm-charts/tree/master/logstash/examples) configurations which can be used as a reference. They are also used in the automated testing of this chart +* This repo includes a number of [example](https://github.com/elastic/helm-charts/tree/7.7/logstash/examples) configurations which can be used as a reference. They are also used in the automated testing of this chart * Automated testing of this chart is currently only run against GKE (Google Kubernetes Engine). * The chart deploys a statefulset and by default will do an automated rolling update of your cluster. It does this by waiting for the cluster health to become green after each instance is updated. If you prefer to update manually you can set [`updateStrategy: OnDelete`](https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#on-delete) * It is important to verify that the JVM heap size in `logstashJavaOpts` and to set the CPU/Memory `resources` to something suitable for your cluster @@ -69,9 +69,9 @@ This chart is tested with the latest 7.7.x versions. | `httpPort` | The http port that Kubernetes will use for the healthchecks and the service. | `9600` | | `extraPorts` | An array of extra ports to open on the pod | `[]` | | `labels` | Configurable [labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/) applied to all Logstash pods | `{}` | -| `lifecycle` | Allows you to add lifecycle configuration. See [values.yaml](https://github.com/elastic/helm-charts/tree/master/logstash/values.yaml) for an example of the formatting. | `{}` | +| `lifecycle` | Allows you to add lifecycle configuration. See [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/logstash/values.yaml) for an example of the formatting. | `{}` | | `livenessProbe` | Configuration fields for the [livenessProbe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/) | `failureThreshold: 3`
`initialDelaySeconds: 300`
`periodSeconds: 10`
`successThreshold: 3`
`timeoutSeconds: 5` | -| `logstashConfig` | Allows you to add any config files in `/usr/share/logstash/config/` such as `logstash.yml` and `log4j2.properties`. See [values.yaml](https://github.com/elastic/helm-charts/tree/master/logstash/values.yaml) for an example of the formatting. | `{}` | +| `logstashConfig` | Allows you to add any config files in `/usr/share/logstash/config/` such as `logstash.yml` and `log4j2.properties`. See [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/logstash/values.yaml) for an example of the formatting. | `{}` | | `logstashJavaOpts` | Java options for Logstash. This is where you should configure the jvm heap size | `-Xmx1g -Xms1g` | | `logstashPipeline` | Allows you to add any pipeline files in `/usr/share/logstash/pipeline/`. | `{}` | | `maxUnavailable` | The [maxUnavailable](https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget) value for the pod disruption budget. By default this will prevent Kubernetes from having more than 1 unhealthy pod in the node group | `1` | @@ -88,7 +88,7 @@ This chart is tested with the latest 7.7.x versions. | `replicas` | Kubernetes replica count for the statefulset (i.e. how many pods) | `1` | | `resources` | Allows you to set the [resources](https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/) for the statefulset | `requests.cpu: 100m`
`requests.memory: 1536Mi`
`limits.cpu: 1000m`
`limits.memory: 1536Mi` | | `schedulerName` | Name of the [alternate scheduler](https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/#specify-schedulers-for-pods) | `""` | -| `secretMounts` | Allows you easily mount a secret as a file inside the statefulset. Useful for mounting certificates and other secrets. See [values.yaml](https://github.com/elastic/helm-charts/tree/master/logstash/values.yaml) for an example | `[]` | +| `secretMounts` | Allows you easily mount a secret as a file inside the statefulset. Useful for mounting certificates and other secrets. See [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/logstash/values.yaml) for an example | `[]` | | `securityContext` | Allows you to set the [securityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) for the container | `capabilities.drop:[ALL]`
`runAsNonRoot: true`
`runAsUser: 1000` | | `terminationGracePeriod` | The [terminationGracePeriod](https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods) in seconds used when trying to stop the pod | `120` | | `tolerations` | Configurable [tolerations](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` | @@ -99,7 +99,7 @@ This chart is tested with the latest 7.7.x versions. ## Try it out -In [examples/](https://github.com/elastic/helm-charts/tree/master/logstash/examples) you will find some example configurations. These examples are used for the automated testing of this helm chart +In [examples/](https://github.com/elastic/helm-charts/tree/7.7/logstash/examples) you will find some example configurations. These examples are used for the automated testing of this helm chart ### Default @@ -134,7 +134,7 @@ There are a couple reasons we recommend this. ## Testing -This chart uses [pytest](https://docs.pytest.org/en/latest/) to test the templating logic. The dependencies for testing can be installed from the [`requirements.txt`](https://github.com/elastic/helm-charts/tree/master/requirements.txt) in the parent directory. +This chart uses [pytest](https://docs.pytest.org/en/latest/) to test the templating logic. The dependencies for testing can be installed from the [`requirements.txt`](https://github.com/elastic/helm-charts/tree/7.7/requirements.txt) in the parent directory. ``` pip install -r ../requirements.txt @@ -155,7 +155,7 @@ make test ## Integration Testing -Integration tests are run using [goss](https://github.com/aelsabbahy/goss/blob/master/docs/manual.md) which is a serverspec like tool written in golang. See [goss.yaml](https://github.com/elastic/helm-charts/tree/master/logstash/examples/default/test/goss.yaml) for an example of what the tests look like. +Integration tests are run using [goss](https://github.com/aelsabbahy/goss/blob/master/docs/manual.md) which is a serverspec like tool written in golang. See [goss.yaml](https://github.com/elastic/helm-charts/tree/7.7/logstash/examples/default/test/goss.yaml) for an example of what the tests look like. To run the goss tests against the default example: diff --git a/metricbeat/README.md b/metricbeat/README.md index f95c8bdbb..e6a40f18a 100644 --- a/metricbeat/README.md +++ b/metricbeat/README.md @@ -20,7 +20,7 @@ The workaround is to use `--force` argument for `helm upgrade` command which wil ## Requirements -* [Helm](https://helm.sh/) >=2.8.0 and <3.0.0 (see parent [README](https://github.com/elastic/helm-charts/tree/master/README.md) for more details) +* [Helm](https://helm.sh/) >=2.8.0 and <3.0.0 (see parent [README](https://github.com/elastic/helm-charts/tree/7.7/README.md) for more details) * Kubernetes >=1.9 ## Installing @@ -59,7 +59,7 @@ This chart is tested with the latest 7.7.x versions. ## Configuration | Parameter | Description | Default | | ------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------- | -| `metricbeatConfig` | Allows you to add any config files in `/usr/share/metricbeat` such as `metricbeat.yml`. See [values.yaml](https://github.com/elastic/helm-charts/tree/master/metricbeat/values.yaml) for an example of the formatting with the default configuration. | see [values.yaml](https://github.com/elastic/helm-charts/tree/master/metricbeat/values.yaml) | +| `metricbeatConfig` | Allows you to add any config files in `/usr/share/metricbeat` such as `metricbeat.yml`. See [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/metricbeat/values.yaml) for an example of the formatting with the default configuration. | see [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/metricbeat/values.yaml) | | `extraContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | | `extraInitContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | | `extraEnvs` | Extra [environment variables](https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config) which will be appended to the `env:` definition for the container | `[]` | @@ -73,14 +73,14 @@ This chart is tested with the latest 7.7.x versions. | `imagePullSecrets` | Configuration for [imagePullSecrets](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret) so that you can use a private registry for your image | `[]` | | `labels` | Configurable [label](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/) applied to all Metricbeat pods | `{}` | | `managedServiceAccount` | Whether the `serviceAccount` should be managed by this helm chart. Set this to `false` in order to manage your own service account and related roles. | `true` | -| `clusterRoleRules` | Configurable [cluster role rules](https://kubernetes.io/docs/reference/access-authn-authz/rbac/#role-and-clusterrole) that Metricbeat uses to access Kubernetes resources. | see [values.yaml](https://github.com/elastic/helm-charts/tree/master/metricbeat/values.yaml) | +| `clusterRoleRules` | Configurable [cluster role rules](https://kubernetes.io/docs/reference/access-authn-authz/rbac/#role-and-clusterrole) that Metricbeat uses to access Kubernetes resources. | see [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/metricbeat/values.yaml) | | `podAnnotations` | Configurable [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) applied to all Metricbeat pods | `{}` | | `podSecurityContext` | Configurable [podSecurityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) for Metricbeat pod execution environment | `runAsUser: 0`
`privileged: false` | | `livenessProbe` | Parameters to pass to [liveness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/) checks for values such as timeouts and thresholds. | `failureThreshold: 3`
`initialDelaySeconds: 10`
`periodSeconds: 10`
`successThreshold: 3`
`timeoutSeconds: 5` | | `readinessProbe` | Parameters to pass to [readiness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/) checks for values such as timeouts and thresholds. | `failureThreshold: 3`
`initialDelaySeconds: 10`
`periodSeconds: 10`
`successThreshold: 3`
`timeoutSeconds: 5` | | `resources` | Allows you to set the [resources](https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/) for the `DaemonSet` | `requests.cpu: 100m`
`requests.memory: 100Mi`
`limits.cpu: 1000m`
`limits.memory: 200Mi` | | `serviceAccount` | Custom [serviceAccount](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/) that Metricbeat will use during execution. By default will use the service account created by this chart. | `""` | -| `secretMounts` | Allows you easily mount a secret as a file inside the `DaemonSet`. Useful for mounting certificates and other secrets. See [values.yaml](https://github.com/elastic/helm-charts/tree/master/metricbeat/values.yaml) for an example | `[]` | +| `secretMounts` | Allows you easily mount a secret as a file inside the `DaemonSet`. Useful for mounting certificates and other secrets. See [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/metricbeat/values.yaml) for an example | `[]` | | `terminationGracePeriod` | Termination period (in seconds) to wait before killing Metricbeat pod process on pod shutdown | `30` | | `tolerations` | Configurable [tolerations](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` | | `nodeSelector` | Configurable [nodeSelector](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector) | `{}` | @@ -92,11 +92,11 @@ This chart is tested with the latest 7.7.x versions. ## Examples -In [examples/](https://github.com/elastic/helm-charts/tree/master/metricbeat/examples) you will find some example configurations. These examples are used for the automated testing of this helm chart. +In [examples/](https://github.com/elastic/helm-charts/tree/7.7/metricbeat/examples) you will find some example configurations. These examples are used for the automated testing of this helm chart. ### Default -* Deploy the [default Elasticsearch helm chart](https://github.com/elastic/helm-charts/tree/master/elasticsearch/README.md#default) +* Deploy the [default Elasticsearch helm chart](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/README.md#default) * Deploy Metricbeat with the default values ``` cd examples/default @@ -110,7 +110,7 @@ In [examples/](https://github.com/elastic/helm-charts/tree/master/metricbeat/exa ## Testing -This chart uses [pytest](https://docs.pytest.org/en/latest/) to test the templating logic. The dependencies for testing can be installed from the [`requirements.txt`](https://github.com/elastic/helm-charts/tree/master/requirements.txt) in the parent directory. +This chart uses [pytest](https://docs.pytest.org/en/latest/) to test the templating logic. The dependencies for testing can be installed from the [`requirements.txt`](https://github.com/elastic/helm-charts/tree/7.7/requirements.txt) in the parent directory. ``` pip install -r ../requirements.txt @@ -131,7 +131,7 @@ make test ## Integration Testing -Integration tests are run using [goss](https://github.com/aelsabbahy/goss/blob/master/docs/manual.md) which is a serverspec like tool written in golang. See [goss.yaml](https://github.com/elastic/helm-charts/tree/master/metricbeat/examples/default/test/goss.yaml) for an example of what the tests look like. +Integration tests are run using [goss](https://github.com/aelsabbahy/goss/blob/master/docs/manual.md) which is a serverspec like tool written in golang. See [goss.yaml](https://github.com/elastic/helm-charts/tree/7.7/metricbeat/examples/default/test/goss.yaml) for an example of what the tests look like. To run the goss tests against the default example: ``` diff --git a/metricbeat/templates/daemonset.yaml b/metricbeat/templates/daemonset.yaml index 4ef74e6b9..e681b4380 100644 --- a/metricbeat/templates/daemonset.yaml +++ b/metricbeat/templates/daemonset.yaml @@ -140,7 +140,7 @@ spec: - name: data mountPath: /usr/share/metricbeat/data # Necessary when using autodiscovery; avoid mounting it otherwise - # See: https://www.elastic.co/guide/en/beats/metricbeat/master/configuration-autodiscover.html + # See: https://www.elastic.co/guide/en/beats/metricbeat/7.7/configuration-autodiscover.html - name: varrundockersock mountPath: /var/run/docker.sock readOnly: true From 26bd1ca36efbc6405da2324d01a043d5372e0206 Mon Sep 17 00:00:00 2001 From: Julien Mailleret Date: Wed, 15 Apr 2020 16:45:57 +0200 Subject: [PATCH 008/151] Merge pull request #580 from jmlrt/helm-2-16-6 [helm] bump helm version to 2.16.6 --- README.md | 2 +- helpers/helm-tester/Dockerfile | 2 +- helpers/terraform/Dockerfile | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index e30f7d420..9ec22bf27 100644 --- a/README.md +++ b/README.md @@ -23,5 +23,5 @@ The charts are [currently tested](https://devops-ci.elastic.co/job/elastic+helm- ## Helm versions -While we are checking backward compatibility, the charts are only tested with Helm version mentioned in [helm-tester Dockerfile](helpers/helm-tester/Dockerfile) (currently 2.16.5). +While we are checking backward compatibility, the charts are only tested with Helm version mentioned in [helm-tester Dockerfile](helpers/helm-tester/Dockerfile) (currently 2.16.6). Note that we don't support [Helm 3](https://v3.helm.sh/) version. diff --git a/helpers/helm-tester/Dockerfile b/helpers/helm-tester/Dockerfile index d2e1b8e63..66d7dab91 100644 --- a/helpers/helm-tester/Dockerfile +++ b/helpers/helm-tester/Dockerfile @@ -1,6 +1,6 @@ FROM python:3.7 -ENV HELM_VERSION=2.16.5 +ENV HELM_VERSION=2.16.6 RUN wget --no-verbose https://storage.googleapis.com/kubernetes-helm/helm-v${HELM_VERSION}-linux-amd64.tar.gz && \ tar xfv helm-v${HELM_VERSION}-linux-amd64.tar.gz && \ diff --git a/helpers/terraform/Dockerfile b/helpers/terraform/Dockerfile index c415c5edc..621f9f40e 100644 --- a/helpers/terraform/Dockerfile +++ b/helpers/terraform/Dockerfile @@ -3,7 +3,7 @@ FROM centos:7 ENV VAULT_VERSION 0.9.3 ENV TERRAFORM_VERSION=0.11.7 ENV KUBECTL_VERSION=1.15.4 -ENV HELM_VERSION=2.16.5 +ENV HELM_VERSION=2.16.6 ENV DOCKER_VERSION=18.09.7 RUN yum -y install \ From 68a54af49bfe4f8baa17f52dbedd336beee9a018 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Maxime=20Gr=C3=A9au?= Date: Wed, 15 Apr 2020 12:16:22 -0400 Subject: [PATCH 009/151] [script] Update bumper script to handle SNAPSHOT versions (#581) * [script] Update bumper script to handle SNAPSHOT versions This commit updates the `bumper.py` script to handle the workflows for updating the versions to test staging artifacts and before a release, for example: - update 7.7.0-SNAPSHOT to 7.7.0 before tagging a release, by running `env BUMPER_VERSION_7="7.7.0" ./helpers/bumper.py` - update 7.7.0-SNAPHSHOT to 7.7.0-abcdefgh for testing staging artifacts by running: `env BUMPER_VERSION_7="7.7.0-abcdefgh" BUMPER_USE_STAGING_IMAGES="true" ./helpers/bumper.py` For now this script do not handle the bump from 7.7.0 to 7.7.1-SNAPSHOT for the next developement iteration after a release. In the meantime this update should be done manually. --- apm-server/README.md | 4 ++-- elasticsearch/README.md | 4 ++-- filebeat/README.md | 4 ++-- helpers/bumper.py | 2 +- kibana/README.md | 4 ++-- logstash/README.md | 4 ++-- metricbeat/README.md | 4 ++-- 7 files changed, 13 insertions(+), 13 deletions(-) diff --git a/apm-server/README.md b/apm-server/README.md index dc3ca85d9..6eee66677 100644 --- a/apm-server/README.md +++ b/apm-server/README.md @@ -22,7 +22,7 @@ easily be overridden in the config value `apmConfig.apm-server.yml`. ## Installing -This chart is tested with the latest 7.7.x versions. +This chart is tested with the latest 7.7.0-SNAPSHOT versions. * Add the elastic helm charts repo @@ -46,7 +46,7 @@ This chart is tested with the latest 7.7.x versions. git checkout -b 7.7 origin/7.7 ``` -* Install the latest 7.7.x-SNAPSHOT +* Install the latest 7.7.0-SNAPSHOT ```bash helm install --name apm-server ./helm-charts/apm-server diff --git a/elasticsearch/README.md b/elasticsearch/README.md index 18d768785..261c15d17 100644 --- a/elasticsearch/README.md +++ b/elasticsearch/README.md @@ -48,7 +48,7 @@ If you currently have a cluster deployed with the [helm/charts stable](https://g ## Installing -This chart is tested with the latest 7.7.x versions. +This chart is tested with the latest 7.7.0-SNAPSHOT versions. * Add the elastic helm charts repo @@ -72,7 +72,7 @@ This chart is tested with the latest 7.7.x versions. git checkout -b 7.7 origin/7.7 ``` -* Install the latest 7.7.x-SNAPSHOT +* Install the latest 7.7.0-SNAPSHOT ```bash helm install --name elasticsearch ./helm-charts/elasticsearch diff --git a/filebeat/README.md b/filebeat/README.md index 860f56e02..6395e6c5f 100644 --- a/filebeat/README.md +++ b/filebeat/README.md @@ -16,7 +16,7 @@ This helm chart is a lightweight way to configure and run our official [Filebeat ## Installing -This chart is tested with the latest 7.7.x versions. +This chart is tested with the latest 7.7.0-SNAPSHOT versions. * Add the elastic helm charts repo @@ -40,7 +40,7 @@ This chart is tested with the latest 7.7.x versions. git checkout -b 7.7 origin/7.7 ``` -* Install the latest 7.7.x-SNAPSHOT +* Install the latest 7.7.0-SNAPSHOT ```bash helm install --name filebeat ./helm-charts/filebeat diff --git a/helpers/bumper.py b/helpers/bumper.py index 0ca195b0c..f9baaa85b 100755 --- a/helpers/bumper.py +++ b/helpers/bumper.py @@ -43,7 +43,7 @@ print("Updating versions...") for major, version in versions.iteritems(): - r = re.compile(r"{0}\.[0-9]*\.[0-9]*-?[0-9]?".format(major)) + r = re.compile(r"{0}\.[0-9]*\.[0-9]*-?(SNAPSHOT)?".format(major)) for pattern in file_patterns: for f in glob.glob(pattern): print(f) diff --git a/kibana/README.md b/kibana/README.md index ca05a9f83..de93c09e4 100644 --- a/kibana/README.md +++ b/kibana/README.md @@ -11,7 +11,7 @@ This helm chart is a lightweight way to configure and run our official [Kibana d ## Installing -This chart is tested with the latest 7.7.x versions. +This chart is tested with the latest 7.7.0-SNAPSHOT versions. * Add the elastic helm charts repo @@ -35,7 +35,7 @@ This chart is tested with the latest 7.7.x versions. git checkout -b 7.7 origin/7.7 ``` -* Install the latest 7.7.x-SNAPSHOT +* Install the latest 7.7.0-SNAPSHOT ```bash helm install --name kibana ./helm-charts/kibana diff --git a/logstash/README.md b/logstash/README.md index 7d1d5bcbb..89aedf28d 100644 --- a/logstash/README.md +++ b/logstash/README.md @@ -20,7 +20,7 @@ This helm chart is a lightweight way to configure and run our official [Logstash ## Installing -This chart is tested with the latest 7.7.x versions. +This chart is tested with the latest 7.7.0-SNAPSHOT versions. * Add the elastic helm charts repo @@ -44,7 +44,7 @@ This chart is tested with the latest 7.7.x versions. git checkout -b 7.7 origin/7.7 ``` -* Install the latest 7.7.x-SNAPSHOT +* Install the latest 7.7.0-SNAPSHOT ```bash helm install --name logstash ./helm-charts/logstash diff --git a/metricbeat/README.md b/metricbeat/README.md index e6a40f18a..511c346ba 100644 --- a/metricbeat/README.md +++ b/metricbeat/README.md @@ -25,7 +25,7 @@ The workaround is to use `--force` argument for `helm upgrade` command which wil ## Installing -This chart is tested with the latest 7.7.x versions. +This chart is tested with the latest 7.7.0-SNAPSHOT versions. * Add the elastic helm charts repo @@ -49,7 +49,7 @@ This chart is tested with the latest 7.7.x versions. git checkout -b 7.7 origin/7.7 ``` -* Install the latest 7.7.x-SNAPSHOT +* Install the latest 7.7.0-SNAPSHOT ```bash helm install --name metricbeat ./helm-charts/metricbeat From 42eef5df697ae3e5f1a7fca3c036843e0b7cf2ac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Maxime=20Gr=C3=A9au?= Date: Wed, 15 Apr 2020 12:59:56 -0400 Subject: [PATCH 010/151] [ci] Fix multijob configuration for testing staging artifacts (#582) The multijob configuration for testing staging 7.7 artifacts was referencing jobs from another branch. This commit makes sure the configured jobs are all from the same git branch. --- .../elastic+helm-charts+{branch}+staging.yml | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/.ci/jobs.t/elastic+helm-charts+{branch}+staging.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+staging.yml index 5e6a135fc..223a830a9 100644 --- a/.ci/jobs.t/elastic+helm-charts+{branch}+staging.yml +++ b/.ci/jobs.t/elastic+helm-charts+{branch}+staging.yml @@ -1,13 +1,13 @@ --- - job: name: elastic+helm-charts+%BRANCH%+staging - display-name: elastic / helm-charts - staging + display-name: elastic / helm-charts +%BRANCH%+ - staging tests description: Staging image testing concurrent: true parameters: - string: name: BUILD_ID - description: "The buildId for the staging images. (Example: 7.6.1-abcdabcd)" + description: "The buildId for the staging images. (Example: 7.7.0-abcdabcd)" project-type: multijob scm: - git: @@ -17,30 +17,30 @@ name: template testing and kubernetes cluster creation condition: SUCCESSFUL projects: - - name: elastic+helm-charts+staging+cluster-creation + - name: elastic+helm-charts+%BRANCH%+staging+cluster-creation current-parameters: true - multijob: name: elasticsearch integration testing condition: ALWAYS projects: - - name: elastic+helm-charts+staging+integration-elasticsearch + - name: elastic+helm-charts+%BRANCH%+staging+integration-elasticsearch current-parameters: true - multijob: name: integration testing condition: ALWAYS projects: - - name: elastic+helm-charts+staging+integration-kibana + - name: elastic+helm-charts+%BRANCH%+staging+integration-kibana current-parameters: true - - name: elastic+helm-charts+staging+integration-filebeat + - name: elastic+helm-charts+%BRANCH%+staging+integration-filebeat current-parameters: true - - name: elastic+helm-charts+staging+integration-metricbeat + - name: elastic+helm-charts+%BRANCH%+staging+integration-metricbeat current-parameters: true - - name: elastic+helm-charts+staging+integration-logstash + - name: elastic+helm-charts+%BRANCH%+staging+integration-logstash current-parameters: true - - name: elastic+helm-charts+staging+integration-apm-server + - name: elastic+helm-charts+%BRANCH%+staging+integration-apm-server current-parameters: true publishers: - trigger-parameterized-builds: - - project: elastic+helm-charts+staging+cluster-cleanup + - project: elastic+helm-charts+%BRANCH%+staging+cluster-cleanup current-parameters: true trigger-with-no-params: false From 1785431077eb21353e6c3c7c3b3dc14a653a06ae Mon Sep 17 00:00:00 2001 From: Chris Koehnke Date: Wed, 15 Apr 2020 17:41:21 -0400 Subject: [PATCH 011/151] Merge pull request #583 from Conky5/use-different-image-for-random-key Use busybox for key generation in testing --- elasticsearch/examples/security/Makefile | 2 +- kibana/examples/security/Makefile | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/elasticsearch/examples/security/Makefile b/elasticsearch/examples/security/Makefile index 3d10b0b81..d8c6f11c7 100644 --- a/elasticsearch/examples/security/Makefile +++ b/elasticsearch/examples/security/Makefile @@ -20,7 +20,7 @@ pull-elasticsearch-image: secrets: docker rm -f elastic-helm-charts-certs || true rm -f elastic-certificates.p12 elastic-certificate.pem elastic-stack-ca.p12 || true - password=$$([ ! -z "$$ELASTIC_PASSWORD" ] && echo $$ELASTIC_PASSWORD || echo $$(docker run --rm $(ELASTICSEARCH_IMAGE) /bin/sh -c "< /dev/urandom tr -cd '[:alnum:]' | head -c20")) && \ + password=$$([ ! -z "$$ELASTIC_PASSWORD" ] && echo $$ELASTIC_PASSWORD || echo $$(docker run --rm busybox:1.31.1 /bin/sh -c "< /dev/urandom tr -cd '[:alnum:]' | head -c20")) && \ docker run --name elastic-helm-charts-certs -i -w /app \ $(ELASTICSEARCH_IMAGE) \ /bin/sh -c " \ diff --git a/kibana/examples/security/Makefile b/kibana/examples/security/Makefile index a54769d95..d3a365fd7 100644 --- a/kibana/examples/security/Makefile +++ b/kibana/examples/security/Makefile @@ -13,5 +13,5 @@ purge: helm del --purge $(RELEASE) secrets: - encryptionkey=$$(echo $$(docker run --rm docker.elastic.co/elasticsearch/elasticsearch:$(STACK_VERSION) /bin/sh -c "< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c50")) && \ + encryptionkey=$$(docker run --rm busybox:1.31.1 /bin/sh -c "< /dev/urandom tr -dc _A-Za-z0-9 | head -c50") && \ kubectl create secret generic kibana --from-literal=encryptionkey=$$encryptionkey From f74d721d68372162cb12281c95e599cc192315f5 Mon Sep 17 00:00:00 2001 From: Julien Mailleret Date: Fri, 17 Apr 2020 17:31:24 +0200 Subject: [PATCH 012/151] Merge pull request #572 from jmlrt/split-metricbeat-values [metricbeat] split values for daemonset and deployment --- metricbeat/README.md | 110 ++- .../examples/default/test/goss-metrics.yaml | 3 +- .../examples/oss/test/goss-metrics.yaml | 3 +- metricbeat/examples/oss/values.yaml | 12 +- .../examples/security/test/goss-metrics.yaml | 3 +- metricbeat/examples/security/values.yaml | 193 ++--- metricbeat/templates/configmap.yaml | 36 + metricbeat/templates/daemonset.yaml | 53 +- metricbeat/templates/deployment.yaml | 50 +- metricbeat/tests/metricbeat_test.py | 702 +++++++++++++++++- metricbeat/values.yaml | 272 ++++--- 11 files changed, 1117 insertions(+), 320 deletions(-) diff --git a/metricbeat/README.md b/metricbeat/README.md index 511c346ba..8f42d280d 100644 --- a/metricbeat/README.md +++ b/metricbeat/README.md @@ -57,38 +57,64 @@ This chart is tested with the latest 7.7.0-SNAPSHOT versions. ## Configuration -| Parameter | Description | Default | -| ------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------- | -| `metricbeatConfig` | Allows you to add any config files in `/usr/share/metricbeat` such as `metricbeat.yml`. See [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/metricbeat/values.yaml) for an example of the formatting with the default configuration. | see [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/metricbeat/values.yaml) | -| `extraContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | -| `extraInitContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | -| `extraEnvs` | Extra [environment variables](https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config) which will be appended to the `env:` definition for the container | `[]` | -| `extraVolumeMounts` | Templatable string of additional volumeMounts to be passed to the `tpl` function | `""` | -| `extraVolumes` | Templatable string of additional volumes to be passed to the `tpl` function | `""` | -| `envFrom` | Templatable string of envFrom to be passed to the [environment from variables](https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables) which will be appended to the `envFrom:` definition for the container | `[]` | -| `hostPathRoot` | Fully-qualified [hostPath](https://kubernetes.io/docs/concepts/storage/volumes/#hostpath) that will be used to persist Metricbeat registry data | `/var/lib` | -| `image` | The Metricbeat docker image | `docker.elastic.co/beats/metricbeat` | -| `imageTag` | The Metricbeat docker image tag | `7.7.0-SNAPSHOT` | -| `imagePullPolicy` | The Kubernetes [imagePullPolicy](https://kubernetes.io/docs/concepts/containers/images/#updating-images) value | `IfNotPresent` | -| `imagePullSecrets` | Configuration for [imagePullSecrets](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret) so that you can use a private registry for your image | `[]` | -| `labels` | Configurable [label](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/) applied to all Metricbeat pods | `{}` | -| `managedServiceAccount` | Whether the `serviceAccount` should be managed by this helm chart. Set this to `false` in order to manage your own service account and related roles. | `true` | -| `clusterRoleRules` | Configurable [cluster role rules](https://kubernetes.io/docs/reference/access-authn-authz/rbac/#role-and-clusterrole) that Metricbeat uses to access Kubernetes resources. | see [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/metricbeat/values.yaml) | -| `podAnnotations` | Configurable [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) applied to all Metricbeat pods | `{}` | -| `podSecurityContext` | Configurable [podSecurityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) for Metricbeat pod execution environment | `runAsUser: 0`
`privileged: false` | -| `livenessProbe` | Parameters to pass to [liveness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/) checks for values such as timeouts and thresholds. | `failureThreshold: 3`
`initialDelaySeconds: 10`
`periodSeconds: 10`
`successThreshold: 3`
`timeoutSeconds: 5` | -| `readinessProbe` | Parameters to pass to [readiness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/) checks for values such as timeouts and thresholds. | `failureThreshold: 3`
`initialDelaySeconds: 10`
`periodSeconds: 10`
`successThreshold: 3`
`timeoutSeconds: 5` | -| `resources` | Allows you to set the [resources](https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/) for the `DaemonSet` | `requests.cpu: 100m`
`requests.memory: 100Mi`
`limits.cpu: 1000m`
`limits.memory: 200Mi` | -| `serviceAccount` | Custom [serviceAccount](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/) that Metricbeat will use during execution. By default will use the service account created by this chart. | `""` | -| `secretMounts` | Allows you easily mount a secret as a file inside the `DaemonSet`. Useful for mounting certificates and other secrets. See [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/metricbeat/values.yaml) for an example | `[]` | -| `terminationGracePeriod` | Termination period (in seconds) to wait before killing Metricbeat pod process on pod shutdown | `30` | -| `tolerations` | Configurable [tolerations](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` | -| `nodeSelector` | Configurable [nodeSelector](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector) | `{}` | -| `affinity` | Configurable [affinity](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity) | `{}` | -| `updateStrategy` | The [updateStrategy](https://kubernetes.io/docs/tasks/manage-daemon/update-daemon-set/#daemonset-update-strategy) for the `DaemonSet`. By default Kubernetes will kill and recreate pods on updates. Setting this to `OnDelete` will require that pods be deleted manually. | `RollingUpdate` | -| `priorityClassName` | The [name of the PriorityClass](https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass). No default is supplied as the PriorityClass must be created first. | `""` | -| `replicas` | The replica count for the metricbeat deployment talking to kube-state-metrics | `1` | -| `fullnameOverride` | Overrides the full name of the resources. If not set the name will default to "`.Release.Name`-`.Values.nameOverride or .Chart.Name`" | `""` | +| Parameter | Description | Default | +| --- | --- | --- | +| `daemonset.affinity` | Configurable [affinity][] for Metricbeat `DaemonSet`. | `{}` | +| `daemonset.envFrom` | Templatable string of `envFrom` to be passed to the [environment from variables][] which will be appended to Metricbeat container for `DaemonSet`. | `[]` | +| `daemonset.extraEnvs` | Extra [environment variables][] which will be appended to Metricbeat container for `DaemonSet`. | `[]` | +| `daemonset.extraVolumes` | Templatable string of additional volumes to be passed to the `tpl` function or `DaemonSet`. | `[]` | +| `daemonset.extraVolumeMounts` | Templatable string of additional volumeMounts to be passed to the `tpl` function or `DaemonSet`. | `[]` | +| `daemonset.metricbeatConfig` | Allows you to add any config files in `/usr/share/metricbeat` such as `metricbeat.yml` for Metricbeat `DaemonSet`. | see [values.yaml][] | +| `daemonset.nodeSelector` | Configurable [nodeSelector][] for Metricbeat `DaemonSet`. | `{}` | +| `daemonset.secretMounts` | Allows you easily mount a secret as a file inside the `DaemonSet`. Useful for mounting certificates and other secrets. See [values.yaml][] for an example | `[]` | +| `daemonset.securityContext` | Configurable [securityContext][] for Metricbeat `DaemonSet` pod execution environment. | `runAsUser: 0`
`privileged: false` | +| `daemonset.resources` | Allows you to set the [resources][] for Metricbeat `DaemonSet`. | `requests.cpu: 100m`
`requests.memory: 100Mi`
`limits.cpu: 1000m`
`limits.memory: 200Mi` | +| `daemonset.tolerations` | Configurable [tolerations][] for Metricbeat `DaemonSet`. | `[]` | +| `deployment.affinity` | Configurable [affinity][] for Metricbeat `Deployment`. | `{}` | +| `deployment.envFrom` | Templatable string of `envFrom` to be passed to the [environment from variables][] which will be appended to Metricbeat container for `Deployment`. | `[]` | +| `deployment.extraEnvs` | Extra [environment variables][] which will be appended to Metricbeat container for `Deployment`. | `[]` | +| `deployment.extraVolumes` | Templatable string of additional volumes to be passed to the `tpl` function or `Deployment`. | `[]` | +| `deployment.extraVolumeMounts` | Templatable string of additional volumeMounts to be passed to the `tpl` function or `DaemonSet`. | `[]` | +| `deployment.metricbeatConfig` | Allows you to add any config files in `/usr/share/metricbeat` such as `metricbeat.yml` for Metricbeat `Deployment`. | see [values.yaml][] | +| `deployment.nodeSelector` | Configurable [nodeSelector][] for Metricbeat `Deployment`. | `{}` | +| `deployment.secretMounts` | Allows you easily mount a secret as a file inside the `Deployment`. Useful for mounting certificates and other secrets. See [values.yaml][] for an example | `[]` | +| `deployment.securityContext` | Configurable [securityContext][] for Metricbeat `Deployment` pod execution environment. | `runAsUser: 0`
`privileged: false` | +| `deployment.resources` | Allows you to set the [resources][] for Metricbeat `Deployment`. | `requests.cpu: 100m`
`requests.memory: 100Mi`
`limits.cpu: 1000m`
`limits.memory: 200Mi` | +| `deployment.tolerations` | Configurable [tolerations][] for Metricbeat `Deployment`. | `[]` | +| `extraContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | +| `extraInitContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | +| `hostPathRoot` | Fully-qualified [hostPath][] that will be used to persist Metricbeat registry data | `/var/lib` | +| `image` | The Metricbeat docker image | `docker.elastic.co/beats/metricbeat` | +| `imageTag` | The Metricbeat docker image tag | `7.7.0-SNAPSHOT` | +| `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | +| `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | +| `labels` | Configurable [label][] applied to all Metricbeat pods | `{}` | +| `managedServiceAccount` | Whether the `serviceAccount` should be managed by this helm chart. Set this to `false` in order to manage your own service account and related roles. | `true` | +| `clusterRoleRules` | Configurable [cluster role rules][] that Metricbeat uses to access Kubernetes resources. | see [values.yaml][] | +| `podAnnotations` | Configurable [annotations][] applied to all Metricbeat pods | `{}` | +| `livenessProbe` | Parameters to pass to [liveness probe][] checks for values such as timeouts and thresholds. | `failureThreshold: 3`
`initialDelaySeconds: 10`
`periodSeconds: 10`
`successThreshold: 3`
`timeoutSeconds: 5` | +| `readinessProbe` | Parameters to pass to [readiness probe][] checks for values such as timeouts and thresholds. | `failureThreshold: 3`
`initialDelaySeconds: 10`
`periodSeconds: 10`
`successThreshold: 3`
`timeoutSeconds: 5` | +| `serviceAccount` | Custom [serviceAccount][] that Metricbeat will use during execution. By default will use the service account created by this chart. | `""` | +| `terminationGracePeriod` | Termination period (in seconds) to wait before killing Metricbeat pod process on pod shutdown | `30` | +| `updateStrategy` | The [updateStrategy][] for the `DaemonSet`. By default Kubernetes will kill and recreate pods on updates. Setting this to `OnDelete` will require that pods be deleted manually. | `RollingUpdate` | +| `priorityClassName` | The [name of the PriorityClass][]. No default is supplied as the PriorityClass must be created first. | `""` | +| `replicas` | The replica count for the metricbeat deployment talking to kube-state-metrics | `1` | +| `fullnameOverride` | Overrides the full name of the resources. If not set the name will default to "`.Release.Name`-`.Values.nameOverride or .Chart.Name`" | `""` | + +### Deprecated +| Parameter | Description | Default | +| --- | --- | --- | +| `affinity` | Configurable [affinity][] for Metricbeat `DaemonSet`. | `{}` | +| `extraEnvs` | Extra [environment variables][] which will be appended to Metricbeat container for both `DaemonSet` and `Deployment`. | `[]` | +| `extraVolumes` | Templatable string of additional volumes to be passed to the `tpl` function for both `DaemonSet` and `Deployment`. | `[]` | +| `extraVolumeMounts` | Templatable string of additional volumeMounts to be passed to the `tpl` function for both `DaemonSet` and `Deployment`. | `[]` | +| `deployment.envFrom` | Templatable string to be passed to the [environment from variables][] which will be appended to Metricbeat container for both `DaemonSet` and `Deployment`. | `[]` | +| `metricbeatConfig` | Allows you to add any config files in `/usr/share/metricbeat` such as `metricbeat.yml` for both Metricbeat `DaemonSet` and `Deployment`. | `{}` | +| `nodeSelector` | Configurable [nodeSelector][] for Metricbeat `DaemonSet`. | `{}` | +| `podSecurityContext` | Configurable [securityContext][] for Metricbeat `DaemonSet` and `Deployment` pod execution environment. | `{}` | +| `resources` | Allows you to set the [resources][] for both Metricbeat `DaemonSet` and `Deployment`. | `{}` | +| `secretMounts` | Allows you easily mount a secret as a file inside `DaemonSet` and `Deployment`. Useful for mounting certificates and other secrets. | `[]` | +| `tolerations` | Configurable [tolerations][] for both Metricbeat `DaemonSet` and `Deployment`. | `[]` | ## Examples @@ -138,3 +164,23 @@ To run the goss tests against the default example: cd examples/default make goss ``` + +[affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity +[annotations]: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ +[cluster role rules]: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#role-and-clusterrole +[environment variables]: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config +[environment from variables]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables +[hostPath]: https://kubernetes.io/docs/concepts/storage/volumes/#hostpath +[imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images +[imagePullSecrets]: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret +[label]: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ +[liveness probe]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ +[name of the PriorityClass]: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass +[nodeSelector]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector +[securityContext]: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +[readiness probe]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ +[resources]: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ +[serviceAccount]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ +[tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +[updateStrategy]: https://kubernetes.io/docs/tasks/manage-daemon/update-daemon-set/#daemonset-update-strategy +[values.yaml]: https://github.com/elastic/helm-charts/tree/master/metricbeat/values.yaml diff --git a/metricbeat/examples/default/test/goss-metrics.yaml b/metricbeat/examples/default/test/goss-metrics.yaml index f2bca1512..7fca303f9 100644 --- a/metricbeat/examples/default/test/goss-metrics.yaml +++ b/metricbeat/examples/default/test/goss-metrics.yaml @@ -5,7 +5,7 @@ port: - '127.0.0.1' mount: - /usr/share/metricbeat/kube-state-metrics-metricbeat.yml: + /usr/share/metricbeat/metricbeat.yml: exists: true opts: - ro @@ -33,7 +33,6 @@ file: /usr/share/metricbeat/metricbeat.yml: exists: true contains: - - 'add_kubernetes_metadata' - 'output.elasticsearch' - 'elasticsearch-master:9200' diff --git a/metricbeat/examples/oss/test/goss-metrics.yaml b/metricbeat/examples/oss/test/goss-metrics.yaml index 0632f92c5..c78aa2faa 100644 --- a/metricbeat/examples/oss/test/goss-metrics.yaml +++ b/metricbeat/examples/oss/test/goss-metrics.yaml @@ -5,7 +5,7 @@ port: - '127.0.0.1' mount: - /usr/share/metricbeat/kube-state-metrics-metricbeat.yml: + /usr/share/metricbeat/metricbeat.yml: exists: true opts: - ro @@ -32,7 +32,6 @@ file: /usr/share/metricbeat/metricbeat.yml: exists: true contains: - - 'add_kubernetes_metadata' - 'output.elasticsearch' command: diff --git a/metricbeat/examples/oss/values.yaml b/metricbeat/examples/oss/values.yaml index 89f2d453c..29791cc2c 100644 --- a/metricbeat/examples/oss/values.yaml +++ b/metricbeat/examples/oss/values.yaml @@ -1,5 +1,11 @@ image: docker.elastic.co/beats/metricbeat-oss -extraEnvs: - - name: ELASTICSEARCH_HOSTS - value: oss-master:9200 +daemonset: + extraEnvs: + - name: ELASTICSEARCH_HOSTS + value: oss-master:9200 + +deployment: + extraEnvs: + - name: ELASTICSEARCH_HOSTS + value: oss-master:9200 diff --git a/metricbeat/examples/security/test/goss-metrics.yaml b/metricbeat/examples/security/test/goss-metrics.yaml index 52a2a8ab9..22ed216ca 100644 --- a/metricbeat/examples/security/test/goss-metrics.yaml +++ b/metricbeat/examples/security/test/goss-metrics.yaml @@ -5,7 +5,7 @@ port: - '127.0.0.1' mount: - /usr/share/metricbeat/kube-state-metrics-metricbeat.yml: + /usr/share/metricbeat/metricbeat.yml: exists: true opts: - ro @@ -38,7 +38,6 @@ file: /usr/share/metricbeat/metricbeat.yml: exists: true contains: - - 'add_kubernetes_metadata' - 'output.elasticsearch' command: diff --git a/metricbeat/examples/security/values.yaml b/metricbeat/examples/security/values.yaml index 8b48e814e..2939d1c20 100644 --- a/metricbeat/examples/security/values.yaml +++ b/metricbeat/examples/security/values.yaml @@ -1,91 +1,110 @@ -metricbeatConfig: - metricbeat.yml: | - metricbeat.modules: - - module: kubernetes - metricsets: - - container - - node - - pod - - system - - volume - period: 10s - host: "${NODE_NAME}" - hosts: ["https://${NODE_NAME}:10250"] - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token - ssl.verification_mode: "none" - # If using Red Hat OpenShift remove ssl.verification_mode entry and - # uncomment these settings: - #ssl.certificate_authorities: - #- /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt - processors: - - add_kubernetes_metadata: ~ - - module: kubernetes - enabled: true - metricsets: - - event - - module: system - period: 10s - metricsets: - - cpu - - load - - memory - - network - - process - - process_summary - processes: ['.*'] - process.include_top_n: - by_cpu: 5 - by_memory: 5 - - module: system - period: 1m - metricsets: - - filesystem - - fsstat - processors: - - drop_event.when.regexp: - system.filesystem.mount_point: '^/(sys|cgroup|proc|dev|etc|host|lib)($|/)' - - output.elasticsearch: - username: '${ELASTICSEARCH_USERNAME}' - password: '${ELASTICSEARCH_PASSWORD}' - protocol: https - hosts: ["security-master:9200"] - ssl.certificate_authorities: - - /usr/share/metricbeat/config/certs/elastic-certificate.pem - - kube-state-metrics-metricbeat.yml: | - metricbeat.modules: - - module: kubernetes - enabled: true - metricsets: - - state_node - - state_deployment - - state_replicaset - - state_pod - - state_container - period: 10s - hosts: ["${KUBE_STATE_METRICS_HOSTS}"] - output.elasticsearch: - username: '${ELASTICSEARCH_USERNAME}' - password: '${ELASTICSEARCH_PASSWORD}' - protocol: https - hosts: ["security-master:9200"] - ssl.certificate_authorities: - - /usr/share/metricbeat/config/certs/elastic-certificate.pem - -secretMounts: +daemonset: + extraEnvs: + - name: 'ELASTICSEARCH_USERNAME' + valueFrom: + secretKeyRef: + name: elastic-credentials + key: username + - name: 'ELASTICSEARCH_PASSWORD' + valueFrom: + secretKeyRef: + name: elastic-credentials + key: password + # Allows you to add any config files in /usr/share/metricbeat + # such as metricbeat.yml for daemonset + metricbeatConfig: + metricbeat.yml: | + metricbeat.modules: + - module: kubernetes + metricsets: + - container + - node + - pod + - system + - volume + period: 10s + host: "${NODE_NAME}" + hosts: ["https://${NODE_NAME}:10250"] + bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token + ssl.verification_mode: "none" + # If using Red Hat OpenShift remove ssl.verification_mode entry and + # uncomment these settings: + #ssl.certificate_authorities: + #- /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt + processors: + - add_kubernetes_metadata: ~ + - module: kubernetes + enabled: true + metricsets: + - event + - module: system + period: 10s + metricsets: + - cpu + - load + - memory + - network + - process + - process_summary + processes: ['.*'] + process.include_top_n: + by_cpu: 5 + by_memory: 5 + - module: system + period: 1m + metricsets: + - filesystem + - fsstat + processors: + - drop_event.when.regexp: + system.filesystem.mount_point: '^/(sys|cgroup|proc|dev|etc|host|lib)($|/)' + output.elasticsearch: + username: '${ELASTICSEARCH_USERNAME}' + password: '${ELASTICSEARCH_PASSWORD}' + protocol: https + hosts: ["security-master:9200"] + ssl.certificate_authorities: + - /usr/share/metricbeat/config/certs/elastic-certificate.pem + secretMounts: - name: elastic-certificate-pem secretName: elastic-certificate-pem path: /usr/share/metricbeat/config/certs -extraEnvs: - - name: 'ELASTICSEARCH_USERNAME' - valueFrom: - secretKeyRef: - name: elastic-credentials - key: username - - name: 'ELASTICSEARCH_PASSWORD' - valueFrom: - secretKeyRef: - name: elastic-credentials - key: password +deployment: + extraEnvs: + - name: 'ELASTICSEARCH_USERNAME' + valueFrom: + secretKeyRef: + name: elastic-credentials + key: username + - name: 'ELASTICSEARCH_PASSWORD' + valueFrom: + secretKeyRef: + name: elastic-credentials + key: password + # Allows you to add any config files in /usr/share/metricbeat + # such as metricbeat.yml for deployment + metricbeatConfig: + metricbeat.yml: | + metricbeat.modules: + - module: kubernetes + enabled: true + metricsets: + - state_node + - state_deployment + - state_replicaset + - state_pod + - state_container + period: 10s + hosts: ["${KUBE_STATE_METRICS_HOSTS}"] + output.elasticsearch: + username: '${ELASTICSEARCH_USERNAME}' + password: '${ELASTICSEARCH_PASSWORD}' + protocol: https + hosts: ["security-master:9200"] + ssl.certificate_authorities: + - /usr/share/metricbeat/config/certs/elastic-certificate.pem + secretMounts: + - name: elastic-certificate-pem + secretName: elastic-certificate-pem + path: /usr/share/metricbeat/config/certs diff --git a/metricbeat/templates/configmap.yaml b/metricbeat/templates/configmap.yaml index 09e381ce7..54183db1b 100644 --- a/metricbeat/templates/configmap.yaml +++ b/metricbeat/templates/configmap.yaml @@ -15,3 +15,39 @@ data: {{ $config | indent 4 -}} {{- end -}} {{- end -}} + +{{- if .Values.daemonset.metricbeatConfig }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "metricbeat.fullname" . }}-daemonset-config + labels: + app: "{{ template "metricbeat.fullname" . }}" + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + heritage: {{ .Release.Service | quote }} + release: {{ .Release.Name | quote }} +data: +{{- range $path, $config := .Values.daemonset.metricbeatConfig }} + {{ $path }}: | +{{ $config | indent 4 -}} +{{- end -}} +{{- end -}} + +{{- if .Values.deployment.metricbeatConfig }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "metricbeat.fullname" . }}-deployment-config + labels: + app: "{{ template "metricbeat.fullname" . }}" + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + heritage: {{ .Release.Service | quote }} + release: {{ .Release.Name | quote }} +data: +{{- range $path, $config := .Values.deployment.metricbeatConfig }} + {{ $path }}: | +{{ $config | indent 4 -}} +{{- end -}} +{{- end -}} diff --git a/metricbeat/templates/daemonset.yaml b/metricbeat/templates/daemonset.yaml index e681b4380..ea1e888bf 100644 --- a/metricbeat/templates/daemonset.yaml +++ b/metricbeat/templates/daemonset.yaml @@ -38,22 +38,16 @@ spec: {{ $key }}: {{ $value | quote }} {{- end }} spec: - {{- with .Values.tolerations }} - tolerations: {{ toYaml . | nindent 6 }} - {{- end }} - {{- with .Values.nodeSelector }} - nodeSelector: {{ toYaml . | nindent 8 }} - {{- end }} + affinity: {{ toYaml ( .Values.affinity | default .Values.daemonset.affinity ) | nindent 8 }} + nodeSelector: {{ toYaml ( .Values.nodeSelector | default .Values.daemonset.nodeSelector ) | nindent 8 }} + tolerations: {{ toYaml ( .Values.tolerations | default .Values.daemonset.tolerations ) | nindent 8 }} {{- if .Values.priorityClassName }} priorityClassName: {{ .Values.priorityClassName }} {{- end }} - {{- with .Values.affinity }} - affinity: {{ toYaml . | nindent 8 -}} - {{- end }} serviceAccountName: {{ template "metricbeat.serviceAccount" . }} terminationGracePeriodSeconds: {{ .Values.terminationGracePeriod }} volumes: - {{- range .Values.secretMounts }} + {{- range .Values.secretMounts | default .Values.daemonset.secretMounts }} - name: {{ .name }} secret: secretName: {{ .secretName }} @@ -63,6 +57,11 @@ spec: configMap: defaultMode: 0600 name: {{ template "metricbeat.fullname" . }}-config + {{- else if .Values.daemonset.metricbeatConfig }} + - name: metricbeat-config + configMap: + defaultMode: 0600 + name: {{ template "metricbeat.fullname" . }}-daemonset-config {{- end }} - name: data hostPath: @@ -77,8 +76,8 @@ spec: - name: cgroup hostPath: path: /sys/fs/cgroup - {{- if .Values.extraVolumes }} -{{ toYaml .Values.extraVolumes | indent 6 }} + {{- if .Values.extraVolumes | default .Values.daemonset.extraVolumes }} +{{ toYaml ( .Values.extraVolumes | default .Values.daemonset.extraVolumes ) | indent 6 }} {{- end }} {{- if .Values.imagePullSecrets }} imagePullSecrets: @@ -101,8 +100,7 @@ spec: {{ toYaml .Values.livenessProbe | indent 10 }} readinessProbe: {{ toYaml .Values.readinessProbe | indent 10 }} - resources: -{{ toYaml .Values.resources | indent 10 }} + resources: {{ toYaml ( .Values.resources | default .Values.daemonset.resources ) | nindent 10 }} env: - name: POD_NAMESPACE valueFrom: @@ -112,19 +110,13 @@ spec: valueFrom: fieldRef: fieldPath: spec.nodeName -{{- if .Values.extraEnvs }} -{{ toYaml .Values.extraEnvs | indent 8 }} -{{- end }} -{{- if .Values.envFrom }} - envFrom: -{{ toYaml .Values.envFrom | indent 10 }} -{{- end }} -{{- if .Values.podSecurityContext }} - securityContext: -{{ toYaml .Values.podSecurityContext | indent 10 }} +{{- if .Values.extraEnvs | default .Values.daemonset.extraEnvs }} +{{ toYaml ( .Values.extraEnvs | default .Values.daemonset.extraEnvs ) | indent 8 }} {{- end }} + envFrom: {{ toYaml ( .Values.envFrom | default .Values.daemonset.envFrom ) | nindent 10 }} + securityContext: {{ toYaml ( .Values.podSecurityContext | default .Values.daemonset.securityContext ) | nindent 10 }} volumeMounts: - {{- range .Values.secretMounts }} + {{- range .Values.secretMounts | default .Values.daemonset.secretMounts }} - name: {{ .name }} mountPath: {{ .path }} {{- if .subPath }} @@ -136,6 +128,13 @@ spec: mountPath: /usr/share/metricbeat/{{ $path }} readOnly: true subPath: {{ $path }} + {{ else }} + {{- range $path, $config := .Values.daemonset.metricbeatConfig }} + - name: metricbeat-config + mountPath: /usr/share/metricbeat/{{ $path }} + readOnly: true + subPath: {{ $path }} + {{- end }} {{- end }} - name: data mountPath: /usr/share/metricbeat/data @@ -150,8 +149,8 @@ spec: - name: cgroup mountPath: /hostfs/sys/fs/cgroup readOnly: true - {{- if .Values.extraVolumeMounts }} -{{ toYaml .Values.extraVolumeMounts | indent 8 }} + {{- if .Values.extraVolumeMounts | default .Values.daemonset.extraVolumeMounts }} +{{ toYaml ( .Values.extraVolumeMounts | default .Values.daemonset.extraVolumeMounts ) | indent 8 }} {{- end }} {{- if .Values.extraContainers }} {{ tpl .Values.extraContainers . | indent 6 }} diff --git a/metricbeat/templates/deployment.yaml b/metricbeat/templates/deployment.yaml index 225160b47..ca056d42b 100644 --- a/metricbeat/templates/deployment.yaml +++ b/metricbeat/templates/deployment.yaml @@ -32,17 +32,16 @@ spec: heritage: '{{ .Release.Service }}' release: '{{ .Release.Name }}' spec: - {{- with .Values.tolerations }} - tolerations: -{{ toYaml . | indent 6 }} - {{- end }} + affinity: {{ toYaml .Values.deployment.affinity | nindent 8 }} + nodeSelector: {{ toYaml .Values.deployment.nodeSelector | nindent 8 }} + tolerations: {{ toYaml ( .Values.tolerations | default .Values.deployment.tolerations ) | nindent 8 }} {{- if .Values.priorityClassName }} priorityClassName: {{ .Values.priorityClassName }} {{- end }} serviceAccountName: {{ template "metricbeat.serviceAccount" . }} terminationGracePeriodSeconds: {{ .Values.terminationGracePeriod }} volumes: - {{- range .Values.secretMounts }} + {{- range .Values.secretMounts | default .Values.deployment.secretMounts }} - name: {{ .name }} secret: secretName: {{ .secretName }} @@ -52,9 +51,14 @@ spec: configMap: defaultMode: 0600 name: {{ template "metricbeat.fullname" . }}-config + {{- else if .Values.deployment.metricbeatConfig }} + - name: metricbeat-config + configMap: + defaultMode: 0600 + name: {{ template "metricbeat.fullname" . }}-deployment-config {{- end }} - {{- if .Values.extraVolumes }} -{{ toYaml .Values.extraVolumes | indent 6 }} + {{- if .Values.extraVolumes | default .Values.deployment.extraVolumes }} +{{ toYaml ( .Values.extraVolumes | default .Values.deployment.extraVolumes ) | indent 6 }} {{- end }} {{- if .Values.imagePullSecrets }} imagePullSecrets: @@ -69,8 +73,6 @@ spec: image: "{{ .Values.image }}:{{ .Values.imageTag }}" imagePullPolicy: "{{ .Values.imagePullPolicy }}" args: - - "-c" - - "/usr/share/metricbeat/kube-state-metrics-metricbeat.yml" - "-e" - "-E" - "http.enabled=true" @@ -78,8 +80,7 @@ spec: {{ toYaml .Values.livenessProbe | indent 10 }} readinessProbe: {{ toYaml .Values.readinessProbe | indent 10 }} - resources: -{{ toYaml .Values.resources | indent 10 }} + resources: {{ toYaml ( .Values.resources | default .Values.deployment.resources ) | nindent 10 }} env: - name: POD_NAMESPACE valueFrom: @@ -87,19 +88,13 @@ spec: fieldPath: metadata.namespace - name: KUBE_STATE_METRICS_HOSTS value: "$({{ .Release.Name | replace "-" "_" | upper }}_KUBE_STATE_METRICS_SERVICE_HOST):$({{ .Release.Name | replace "-" "_" | upper }}_KUBE_STATE_METRICS_SERVICE_PORT_HTTP)" -{{- if .Values.extraEnvs }} -{{ toYaml .Values.extraEnvs | indent 8 }} -{{- end }} -{{- if .Values.envFrom }} - envFrom: -{{ toYaml .Values.envFrom | indent 10 }} -{{- end }} -{{- if .Values.podSecurityContext }} - securityContext: -{{ toYaml .Values.podSecurityContext | indent 10 }} +{{- if .Values.extraEnvs | default .Values.deployment.extraEnvs }} +{{ toYaml ( .Values.extraEnvs | default .Values.deployment.extraEnvs ) | indent 8 }} {{- end }} + envFrom: {{ toYaml ( .Values.envFrom | default .Values.deployment.envFrom ) | nindent 10 }} + securityContext: {{ toYaml ( .Values.podSecurityContext | default .Values.deployment.securityContext ) | nindent 10 }} volumeMounts: - {{- range .Values.secretMounts }} + {{- range .Values.secretMounts | default .Values.deployment.secretMounts }} - name: {{ .name }} mountPath: {{ .path }} {{- if .subPath }} @@ -111,9 +106,16 @@ spec: mountPath: /usr/share/metricbeat/{{ $path }} readOnly: true subPath: {{ $path }} + {{ else }} + {{- range $path, $config := .Values.deployment.metricbeatConfig }} + - name: metricbeat-config + mountPath: /usr/share/metricbeat/{{ $path }} + readOnly: true + subPath: {{ $path }} + {{- end }} {{- end }} - {{- if .Values.extraVolumeMounts }} -{{ toYaml .Values.extraVolumeMounts | indent 8 }} + {{- if .Values.extraVolumeMounts | default .Values.deployment.extraVolumeMounts }} +{{ toYaml ( .Values.extraVolumeMounts | default .Values.deployment.extraVolumeMounts ) | indent 8 }} {{- end }} {{- if .Values.extraContainers }} {{ tpl .Values.extraContainers . | indent 6 }} diff --git a/metricbeat/tests/metricbeat_test.py b/metricbeat/tests/metricbeat_test.py index 447f5cf3f..91c1bfeed 100644 --- a/metricbeat/tests/metricbeat_test.py +++ b/metricbeat/tests/metricbeat_test.py @@ -27,9 +27,39 @@ def test_defaults(): assert "metricbeat test output" in c["readinessProbe"]["exec"]["command"][-1] + assert r["daemonset"][name]["spec"]["template"]["spec"]["tolerations"] == [] + assert ( + r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["tolerations"] + == [] + ) + + assert ( + r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][ + "securityContext" + ]["runAsUser"] + == 0 + ) + assert ( + r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][ + "securityContext" + ]["privileged"] + == False + ) + assert ( + r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["containers"][0][ + "securityContext" + ]["runAsUser"] + == 0 + ) + assert ( + r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["containers"][0][ + "securityContext" + ]["privileged"] + == False + ) + # Empty customizable defaults assert "imagePullSecrets" not in r["daemonset"][name]["spec"]["template"]["spec"] - assert "tolerations" not in r["daemonset"][name]["spec"]["template"]["spec"] assert r["daemonset"][name]["spec"]["updateStrategy"]["type"] == "RollingUpdate" @@ -37,14 +67,75 @@ def test_defaults(): r["daemonset"][name]["spec"]["template"]["spec"]["serviceAccountName"] == name ) - volumes = r["daemonset"][name]["spec"]["template"]["spec"]["volumes"] + cfg = r["configmap"] + + assert name + "-config" not in cfg + assert name + "-daemonset-config" in cfg + assert name + "-deployment-config" in cfg + + assert "metricbeat.yml" in cfg[name + "-daemonset-config"]["data"] + assert "metricbeat.yml" in cfg[name + "-deployment-config"]["data"] + + assert "module: system" in cfg[name + "-daemonset-config"]["data"]["metricbeat.yml"] + assert ( + "module: system" + not in cfg[name + "-deployment-config"]["data"]["metricbeat.yml"] + ) + assert "state_pod" not in cfg[name + "-daemonset-config"]["data"]["metricbeat.yml"] + assert "state_pod" in cfg[name + "-deployment-config"]["data"]["metricbeat.yml"] + + daemonset = r["daemonset"][name]["spec"]["template"]["spec"] + + assert { + "configMap": {"name": name + "-config", "defaultMode": 0o600}, + "name": project + "-config", + } not in daemonset["volumes"] + assert { + "configMap": {"name": name + "-daemonset-config", "defaultMode": 0o600}, + "name": project + "-config", + } in daemonset["volumes"] + assert { "name": "data", "hostPath": { "path": "/var/lib/" + name + "-default-data", "type": "DirectoryOrCreate", }, - } in volumes + } in daemonset["volumes"] + + assert { + "mountPath": "/usr/share/metricbeat/metricbeat.yml", + "name": project + "-config", + "subPath": "metricbeat.yml", + "readOnly": True, + } in daemonset["containers"][0]["volumeMounts"] + + deployment = r["deployment"][name + "-metrics"]["spec"]["template"]["spec"] + + assert { + "configMap": {"name": name + "-config", "defaultMode": 0o600}, + "name": project + "-config", + } not in deployment["volumes"] + assert { + "configMap": {"name": name + "-deployment-config", "defaultMode": 0o600}, + "name": project + "-config", + } in deployment["volumes"] + + assert { + "mountPath": "/usr/share/metricbeat/metricbeat.yml", + "name": project + "-config", + "subPath": "metricbeat.yml", + "readOnly": True, + } in deployment["containers"][0]["volumeMounts"] + + assert daemonset["containers"][0]["resources"] == { + "requests": {"cpu": "100m", "memory": "100Mi"}, + "limits": {"cpu": "1000m", "memory": "200Mi"}, + } + assert deployment["containers"][0]["resources"] == { + "requests": {"cpu": "100m", "memory": "100Mi"}, + "limits": {"cpu": "1000m", "memory": "200Mi"}, + } def test_adding_a_extra_container(): @@ -103,13 +194,47 @@ def test_adding_a_extra_init_container(): def test_adding_envs(): config = """ +daemonset: + extraEnvs: + - name: LOG_LEVEL + value: DEBUG +""" + r = helm_template(config) + assert {"name": "LOG_LEVEL", "value": "DEBUG"} in r["daemonset"][name]["spec"][ + "template" + ]["spec"]["containers"][0]["env"] + assert {"name": "LOG_LEVEL", "value": "DEBUG"} not in r["deployment"][ + name + "-metrics" + ]["spec"]["template"]["spec"]["containers"][0]["env"] + + config = """ +deployment: + extraEnvs: + - name: LOG_LEVEL + value: DEBUG +""" + r = helm_template(config) + assert {"name": "LOG_LEVEL", "value": "DEBUG"} in r["deployment"][ + name + "-metrics" + ]["spec"]["template"]["spec"]["containers"][0]["env"] + assert {"name": "LOG_LEVEL", "value": "DEBUG"} not in r["daemonset"][name]["spec"][ + "template" + ]["spec"]["containers"][0]["env"] + + +def test_adding_deprecated_envs(): + config = """ extraEnvs: - name: LOG_LEVEL value: DEBUG """ r = helm_template(config) - envs = r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0]["env"] - assert {"name": "LOG_LEVEL", "value": "DEBUG"} in envs + assert {"name": "LOG_LEVEL", "value": "DEBUG"} in r["daemonset"][name]["spec"][ + "template" + ]["spec"]["containers"][0]["env"] + assert {"name": "LOG_LEVEL", "value": "DEBUG"} in r["deployment"][ + name + "-metrics" + ]["spec"]["template"]["spec"]["containers"][0]["env"] def test_adding_image_pull_secrets(): @@ -126,6 +251,45 @@ def test_adding_image_pull_secrets(): def test_adding_tolerations(): config = """ +daemonset: + tolerations: + - key: "key1" + operator: "Equal" + value: "value1" + effect: "NoExecute" + tolerationSeconds: 3600 +""" + r = helm_template(config) + assert ( + r["daemonset"][name]["spec"]["template"]["spec"]["tolerations"][0]["key"] + == "key1" + ) + assert ( + r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["tolerations"] + == [] + ) + + config = """ +deployment: + tolerations: + - key: "key1" + operator: "Equal" + value: "value1" + effect: "NoExecute" + tolerationSeconds: 3600 +""" + r = helm_template(config) + assert ( + r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["tolerations"][ + 0 + ]["key"] + == "key1" + ) + assert r["daemonset"][name]["spec"]["template"]["spec"]["tolerations"] == [] + + +def test_adding_deprecated_tolerations(): + config = """ tolerations: - key: "key1" operator: "Equal" @@ -138,6 +302,12 @@ def test_adding_tolerations(): r["daemonset"][name]["spec"]["template"]["spec"]["tolerations"][0]["key"] == "key1" ) + assert ( + r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["tolerations"][ + 0 + ]["key"] + == "key1" + ) def test_override_the_default_update_strategy(): @@ -172,18 +342,162 @@ def test_self_managing_rbac_resources(): def test_setting_pod_security_context(): config = """ +daemonset: + securityContext: + runAsUser: 1001 + privileged: false +""" + r = helm_template(config) + assert ( + r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][ + "securityContext" + ]["runAsUser"] + == 1001 + ) + assert ( + r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][ + "securityContext" + ]["privileged"] + == False + ) + assert ( + r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["containers"][0][ + "securityContext" + ]["runAsUser"] + == 0 + ) + assert ( + r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["containers"][0][ + "securityContext" + ]["privileged"] + == False + ) + + config = """ +deployment: + securityContext: + runAsUser: 1001 + privileged: false +""" + r = helm_template(config) + assert ( + r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["containers"][0][ + "securityContext" + ]["runAsUser"] + == 1001 + ) + assert ( + r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["containers"][0][ + "securityContext" + ]["privileged"] + == False + ) + assert ( + r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][ + "securityContext" + ]["runAsUser"] + == False + ) + assert ( + r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][ + "securityContext" + ]["privileged"] + == False + ) + + +def test_setting_deprecated_pod_security_context(): + config = """ podSecurityContext: runAsUser: 1001 privileged: false """ r = helm_template(config) - c = r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0] - assert c["securityContext"]["runAsUser"] == 1001 - assert c["securityContext"]["privileged"] == False + assert ( + r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][ + "securityContext" + ]["runAsUser"] + == 1001 + ) + assert ( + r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][ + "securityContext" + ]["privileged"] + == False + ) + assert ( + r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["containers"][0][ + "securityContext" + ]["runAsUser"] + == 1001 + ) + assert ( + r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["containers"][0][ + "securityContext" + ]["privileged"] + == False + ) def test_adding_in_metricbeat_config(): config = """ +daemonset: + metricbeatConfig: + metricbeat.yml: | + key: daemonset + daemonset-config.yml: | + hello = daemonset + +deployment: + metricbeatConfig: + metricbeat.yml: | + key: deployment + deployment-config.yml: | + hello = deployment +""" + r = helm_template(config) + cfg = r["configmap"] + + assert "metricbeat.yml" in cfg[name + "-daemonset-config"]["data"] + assert "daemonset-config.yml" in cfg[name + "-daemonset-config"]["data"] + assert "deployment-config.yml" not in cfg[name + "-daemonset-config"]["data"] + assert "metricbeat.yml" in cfg[name + "-deployment-config"]["data"] + assert "deployment-config.yml" in cfg[name + "-deployment-config"]["data"] + assert "daemonset-config.yml" not in cfg[name + "-deployment-config"]["data"] + + assert "key: daemonset" in cfg[name + "-daemonset-config"]["data"]["metricbeat.yml"] + assert ( + "key: deployment" in cfg[name + "-deployment-config"]["data"]["metricbeat.yml"] + ) + + assert ( + "hello = daemonset" + in cfg[name + "-daemonset-config"]["data"]["daemonset-config.yml"] + ) + assert ( + "hello = deployment" + in cfg[name + "-deployment-config"]["data"]["deployment-config.yml"] + ) + + daemonset = r["daemonset"][name]["spec"]["template"]["spec"] + assert { + "mountPath": "/usr/share/metricbeat/daemonset-config.yml", + "name": project + "-config", + "subPath": "daemonset-config.yml", + "readOnly": True, + } in daemonset["containers"][0]["volumeMounts"] + + deployment = r["deployment"][name + "-metrics"]["spec"]["template"]["spec"] + assert { + "mountPath": "/usr/share/metricbeat/deployment-config.yml", + "name": project + "-config", + "subPath": "deployment-config.yml", + "readOnly": True, + } in deployment["containers"][0]["volumeMounts"] + + +def test_adding_in_deprecated_metricbeat_config(): + config = """ metricbeatConfig: metricbeat.yml: | key: @@ -231,18 +545,109 @@ def test_adding_in_metricbeat_config(): def test_adding_a_secret_mount(): config = """ +daemonset: + secretMounts: + - name: elastic-certificates + secretName: elastic-certificates-name + path: /usr/share/metricbeat/config/certs +""" + r = helm_template(config) + assert ( + { + "mountPath": "/usr/share/metricbeat/config/certs", + "name": "elastic-certificates", + } + in r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][ + "volumeMounts" + ] + ) + assert { + "name": "elastic-certificates", + "secret": {"secretName": "elastic-certificates-name"}, + } in r["daemonset"][name]["spec"]["template"]["spec"]["volumes"] + + assert ( + { + "mountPath": "/usr/share/metricbeat/config/certs", + "name": "elastic-certificates", + } + not in r["deployment"][name + "-metrics"]["spec"]["template"]["spec"][ + "containers" + ][0]["volumeMounts"] + ) + assert { + "name": "elastic-certificates", + "secret": {"secretName": "elastic-certificates-name"}, + } not in r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["volumes"] + + config = """ +deployment: + secretMounts: + - name: elastic-certificates + secretName: elastic-certificates-name + path: /usr/share/metricbeat/config/certs +""" + r = helm_template(config) + assert ( + { + "mountPath": "/usr/share/metricbeat/config/certs", + "name": "elastic-certificates", + } + in r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["containers"][ + 0 + ]["volumeMounts"] + ) + assert { + "name": "elastic-certificates", + "secret": {"secretName": "elastic-certificates-name"}, + } in r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["volumes"] + + assert ( + { + "mountPath": "/usr/share/metricbeat/config/certs", + "name": "elastic-certificates", + } + not in r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][ + "volumeMounts" + ] + ) + assert { + "name": "elastic-certificates", + "secret": {"secretName": "elastic-certificates-name"}, + } not in r["daemonset"][name]["spec"]["template"]["spec"]["volumes"] + + +def test_adding_a_deprecated_secret_mount(): + config = """ secretMounts: - name: elastic-certificates secretName: elastic-certificates-name path: /usr/share/metricbeat/config/certs """ r = helm_template(config) - s = r["daemonset"][name]["spec"]["template"]["spec"] - assert s["containers"][0]["volumeMounts"][0] == { + assert ( + { + "mountPath": "/usr/share/metricbeat/config/certs", + "name": "elastic-certificates", + } + in r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][ + "volumeMounts" + ] + ) + assert { + "name": "elastic-certificates", + "secret": {"secretName": "elastic-certificates-name"}, + } in r["daemonset"][name]["spec"]["template"]["spec"]["volumes"] + + assert r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["containers"][ + 0 + ]["volumeMounts"][0] == { "mountPath": "/usr/share/metricbeat/config/certs", "name": "elastic-certificates", } - assert s["volumes"][0] == { + assert r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["volumes"][ + 0 + ] == { "name": "elastic-certificates", "secret": {"secretName": "elastic-certificates-name"}, } @@ -250,6 +655,62 @@ def test_adding_a_secret_mount(): def test_adding_a_extra_volume_with_volume_mount(): config = """ +daemonset: + extraVolumes: + - name: extras + emptyDir: {} + extraVolumeMounts: + - name: extras + mountPath: /usr/share/extras + readOnly: true +""" + r = helm_template(config) + assert {"name": "extras", "emptyDir": {}} in r["daemonset"][name]["spec"][ + "template" + ]["spec"]["volumes"] + assert {"name": "extras", "mountPath": "/usr/share/extras", "readOnly": True,} in r[ + "daemonset" + ][name]["spec"]["template"]["spec"]["containers"][0]["volumeMounts"] + assert {"name": "extras", "emptyDir": {}} not in r["deployment"][name + "-metrics"][ + "spec" + ]["template"]["spec"]["volumes"] + assert ( + {"name": "extras", "mountPath": "/usr/share/extras", "readOnly": True,} + not in r["deployment"][name + "-metrics"]["spec"]["template"]["spec"][ + "containers" + ][0]["volumeMounts"] + ) + + config = """ +deployment: + extraVolumes: + - name: extras + emptyDir: {} + extraVolumeMounts: + - name: extras + mountPath: /usr/share/extras + readOnly: true +""" + r = helm_template(config) + assert {"name": "extras", "emptyDir": {}} in r["deployment"][name + "-metrics"][ + "spec" + ]["template"]["spec"]["volumes"] + assert {"name": "extras", "mountPath": "/usr/share/extras", "readOnly": True,} in r[ + "deployment" + ][name + "-metrics"]["spec"]["template"]["spec"]["containers"][0]["volumeMounts"] + assert {"name": "extras", "emptyDir": {}} not in r["daemonset"][name]["spec"][ + "template" + ]["spec"]["volumes"] + assert ( + {"name": "extras", "mountPath": "/usr/share/extras", "readOnly": True,} + not in r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][ + "volumeMounts" + ] + ) + + +def test_adding_a_deprecated_extra_volume_with_volume_mount(): + config = """ extraVolumes: - name: extras emptyDir: {} @@ -259,20 +720,53 @@ def test_adding_a_extra_volume_with_volume_mount(): readOnly: true """ r = helm_template(config) - extraVolume = r["daemonset"][name]["spec"]["template"]["spec"]["volumes"] - assert {"name": "extras", "emptyDir": {}} in extraVolume - extraVolumeMounts = r["daemonset"][name]["spec"]["template"]["spec"]["containers"][ - 0 - ]["volumeMounts"] - assert { - "name": "extras", - "mountPath": "/usr/share/extras", - "readOnly": True, - } in extraVolumeMounts + assert {"name": "extras", "emptyDir": {}} in r["daemonset"][name]["spec"][ + "template" + ]["spec"]["volumes"] + assert {"name": "extras", "mountPath": "/usr/share/extras", "readOnly": True,} in r[ + "daemonset" + ][name]["spec"]["template"]["spec"]["containers"][0]["volumeMounts"] + assert {"name": "extras", "emptyDir": {}} in r["deployment"][name + "-metrics"][ + "spec" + ]["template"]["spec"]["volumes"] + assert {"name": "extras", "mountPath": "/usr/share/extras", "readOnly": True,} in r[ + "deployment" + ][name + "-metrics"]["spec"]["template"]["spec"]["containers"][0]["volumeMounts"] def test_adding_a_node_selector(): config = """ +daemonset: + nodeSelector: + disktype: ssd +""" + r = helm_template(config) + assert ( + r["daemonset"][name]["spec"]["template"]["spec"]["nodeSelector"]["disktype"] + == "ssd" + ) + assert ( + r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["nodeSelector"] + == {} + ) + + config = """ +deployment: + nodeSelector: + disktype: ssd +""" + r = helm_template(config) + assert ( + r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["nodeSelector"][ + "disktype" + ] + == "ssd" + ) + assert r["daemonset"][name]["spec"]["template"]["spec"]["nodeSelector"] == {} + + +def test_adding_deprecated_node_selector(): + config = """ nodeSelector: disktype: ssd """ @@ -304,6 +798,53 @@ def test_adding_an_affinity_rule(): ][0]["topologyKey"] == "kubernetes.io/hostname" ) + assert ( + r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["affinity"] == {} + ) + + config = """ +daemonset: + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: app + operator: In + values: + - metricbeat + topologyKey: kubernetes.io/hostname +""" + + r = helm_template(config) + assert ( + r["daemonset"][name]["spec"]["template"]["spec"]["affinity"]["podAntiAffinity"][ + "requiredDuringSchedulingIgnoredDuringExecution" + ][0]["topologyKey"] + == "kubernetes.io/hostname" + ) + + config = """ +deployment: + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: app + operator: In + values: + - metricbeat + topologyKey: kubernetes.io/hostname +""" + + r = helm_template(config) + assert ( + r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["affinity"][ + "podAntiAffinity" + ]["requiredDuringSchedulingIgnoredDuringExecution"][0]["topologyKey"] + == "kubernetes.io/hostname" + ) def test_priority_class_name(): @@ -374,15 +915,126 @@ def test_adding_pod_labels(): def test_adding_env_from(): config = """ +daemonset: + envFrom: + - configMapRef: + name: configmap-name +""" + r = helm_template(config) + assert r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0]["envFrom"][ + 0 + ]["configMapRef"] == {"name": "configmap-name"} + assert ( + r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["containers"][0][ + "envFrom" + ] + == [] + ) + + config = """ +deployment: + envFrom: + - configMapRef: + name: configmap-name +""" + r = helm_template(config) + assert r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["containers"][ + 0 + ]["envFrom"][0]["configMapRef"] == {"name": "configmap-name"} + assert ( + r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0]["envFrom"] + == [] + ) + + +def test_adding_deprecated_env_from(): + config = """ envFrom: - configMapRef: name: configmap-name """ r = helm_template(config) - configMapRef = r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][ - "envFrom" - ][0]["configMapRef"] - assert configMapRef == {"name": "configmap-name"} + assert r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0]["envFrom"][ + 0 + ]["configMapRef"] == {"name": "configmap-name"} + assert r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["containers"][ + 0 + ]["envFrom"][0]["configMapRef"] == {"name": "configmap-name"} + + +def test_overriding_resources(): + config = """ +daemonset: + resources: + limits: + cpu: "25m" + memory: "128Mi" + requests: + cpu: "25m" + memory: "128Mi" +""" + r = helm_template(config) + assert r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][ + "resources" + ] == { + "requests": {"cpu": "25m", "memory": "128Mi"}, + "limits": {"cpu": "25m", "memory": "128Mi"}, + } + assert r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["containers"][ + 0 + ]["resources"] == { + "requests": {"cpu": "100m", "memory": "100Mi"}, + "limits": {"cpu": "1000m", "memory": "200Mi"}, + } + + config = """ +deployment: + resources: + limits: + cpu: "25m" + memory: "128Mi" + requests: + cpu: "25m" + memory: "128Mi" +""" + r = helm_template(config) + assert r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][ + "resources" + ] == { + "requests": {"cpu": "100m", "memory": "100Mi"}, + "limits": {"cpu": "1000m", "memory": "200Mi"}, + } + assert r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["containers"][ + 0 + ]["resources"] == { + "requests": {"cpu": "25m", "memory": "128Mi"}, + "limits": {"cpu": "25m", "memory": "128Mi"}, + } + + +def test_adding_deprecated_resources(): + config = """ +resources: + limits: + cpu: "25m" + memory: "128Mi" + requests: + cpu: "25m" + memory: "128Mi" +""" + r = helm_template(config) + assert r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][ + "resources" + ] == { + "requests": {"cpu": "25m", "memory": "128Mi"}, + "limits": {"cpu": "25m", "memory": "128Mi"}, + } + assert r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["containers"][ + 0 + ]["resources"] == { + "requests": {"cpu": "25m", "memory": "128Mi"}, + "limits": {"cpu": "25m", "memory": "128Mi"}, + } def test_setting_fullnameOverride(): diff --git a/metricbeat/values.yaml b/metricbeat/values.yaml index 20c98ce29..cb96e14e1 100755 --- a/metricbeat/values.yaml +++ b/metricbeat/values.yaml @@ -1,72 +1,147 @@ --- -# Allows you to add any config files in /usr/share/metricbeat -# such as metricbeat.yml -metricbeatConfig: - metricbeat.yml: | - metricbeat.modules: - - module: kubernetes - metricsets: - - container - - node - - pod - - system - - volume - period: 10s - host: "${NODE_NAME}" - hosts: ["https://${NODE_NAME}:10250"] - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token - ssl.verification_mode: "none" - # If using Red Hat OpenShift remove ssl.verification_mode entry and - # uncomment these settings: - #ssl.certificate_authorities: - #- /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt - processors: - - add_kubernetes_metadata: ~ - - module: kubernetes - enabled: true - metricsets: - - event - - module: system - period: 10s - metricsets: - - cpu - - load - - memory - - network - - process - - process_summary - processes: ['.*'] - process.include_top_n: - by_cpu: 5 - by_memory: 5 - - module: system - period: 1m - metricsets: - - filesystem - - fsstat - processors: - - drop_event.when.regexp: - system.filesystem.mount_point: '^/(sys|cgroup|proc|dev|etc|host|lib)($|/)' - output.elasticsearch: - hosts: '${ELASTICSEARCH_HOSTS:elasticsearch-master:9200}' - - kube-state-metrics-metricbeat.yml: | - metricbeat.modules: - - module: kubernetes - enabled: true - metricsets: - - state_node - - state_deployment - - state_replicaset - - state_pod - - state_container - period: 10s - hosts: ["${KUBE_STATE_METRICS_HOSTS}"] - output.elasticsearch: - hosts: '${ELASTICSEARCH_HOSTS:elasticsearch-master:9200}' -# Replicas being used for the kube-state-metrics metricbeat deployment +daemonset: + affinity: {} + # Extra environment variables for Metricbeat container. + envFrom: [] + # - configMapRef: + # name: config-secret + extraEnvs: [] + # - name: MY_ENVIRONMENT_VAR + # value: the_value_goes_here + extraVolumes: [] + # - name: extras + # emptyDir: {} + extraVolumeMounts: [] + # - name: extras + # mountPath: /usr/share/extras + # readOnly: true + # Allows you to add any config files in /usr/share/metricbeat + # such as metricbeat.yml for daemonset + metricbeatConfig: + metricbeat.yml: | + metricbeat.modules: + - module: kubernetes + metricsets: + - container + - node + - pod + - system + - volume + period: 10s + host: "${NODE_NAME}" + hosts: ["https://${NODE_NAME}:10250"] + bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token + ssl.verification_mode: "none" + # If using Red Hat OpenShift remove ssl.verification_mode entry and + # uncomment these settings: + #ssl.certificate_authorities: + #- /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt + processors: + - add_kubernetes_metadata: ~ + - module: kubernetes + enabled: true + metricsets: + - event + - module: system + period: 10s + metricsets: + - cpu + - load + - memory + - network + - process + - process_summary + processes: ['.*'] + process.include_top_n: + by_cpu: 5 + by_memory: 5 + - module: system + period: 1m + metricsets: + - filesystem + - fsstat + processors: + - drop_event.when.regexp: + system.filesystem.mount_point: '^/(sys|cgroup|proc|dev|etc|host|lib)($|/)' + output.elasticsearch: + hosts: '${ELASTICSEARCH_HOSTS:elasticsearch-master:9200}' + nodeSelector: {} + # A list of secrets and their paths to mount inside the pod + # This is useful for mounting certificates for security other sensitive values + secretMounts: [] + # - name: metricbeat-certificates + # secretName: metricbeat-certificates + # path: /usr/share/metricbeat/certs + # Various pod security context settings. Bear in mind that many of these have an impact on metricbeat functioning properly. + # - Filesystem group for the metricbeat user. The official elastic docker images always have an id of 1000. + # - User that the container will execute as. Typically necessary to run as root (0) in order to properly collect host container logs. + # - Whether to execute the metricbeat containers as privileged containers. Typically not necessarily unless running within environments such as OpenShift. + securityContext: + runAsUser: 0 + privileged: false + resources: + requests: + cpu: "100m" + memory: "100Mi" + limits: + cpu: "1000m" + memory: "200Mi" + tolerations: [] + +deployment: + affinity: {} + # Extra environment variables for Metricbeat container. + envFrom: [] + # - configMapRef: + # name: config-secret + extraEnvs: [] + # - name: MY_ENVIRONMENT_VAR + # value: the_value_goes_here + # Allows you to add any config files in /usr/share/metricbeat + extraVolumes: [] + # - name: extras + # emptyDir: {} + extraVolumeMounts: [] + # - name: extras + # mountPath: /usr/share/extras + # readOnly: true + # such as metricbeat.yml for deployment + metricbeatConfig: + metricbeat.yml: | + metricbeat.modules: + - module: kubernetes + enabled: true + metricsets: + - state_node + - state_deployment + - state_replicaset + - state_pod + - state_container + period: 10s + hosts: ["${KUBE_STATE_METRICS_HOSTS}"] + output.elasticsearch: + hosts: '${ELASTICSEARCH_HOSTS:elasticsearch-master:9200}' + nodeSelector: {} + # A list of secrets and their paths to mount inside the pod + # This is useful for mounting certificates for security other sensitive values + secretMounts: [] + # - name: metricbeat-certificates + # secretName: metricbeat-certificates + # path: /usr/share/metricbeat/certs + securityContext: + runAsUser: 0 + privileged: false + resources: + requests: + cpu: "100m" + memory: "100Mi" + limits: + cpu: "1000m" + memory: "200Mi" + tolerations: [] +# Replicas being used for the kube-state-metrics metricbeat deployment replicas: 1 extraContainers: "" @@ -79,26 +154,6 @@ extraInitContainers: "" # image: busybox # command: ['echo', 'hey'] -# Extra environment variables to append to the DaemonSet pod spec. -# This will be appended to the current 'env:' key. You can use any of the kubernetes env -# syntax here -extraEnvs: [] -# - name: MY_ENVIRONMENT_VAR -# value: the_value_goes_here - -extraVolumeMounts: [] - # - name: extras - # mountPath: /usr/share/extras - # readOnly: true - -extraVolumes: [] - # - name: extras - # emptyDir: {} - -envFrom: [] - # - configMapRef: - # name: config-secret - # Root directory where metricbeat will write data to in order to persist registry data across pod restarts (file position and other metadata). hostPathRoot: /var/lib @@ -165,42 +220,12 @@ clusterRoleRules: podAnnotations: {} # iam.amazonaws.com/role: es-cluster -# Various pod security context settings. Bear in mind that many of these have an impact on metricbeat functioning properly. -# -# - Filesystem group for the metricbeat user. The official elastic docker images always have an id of 1000. -# - User that the container will execute as. Typically necessary to run as root (0) in order to properly collect host container logs. -# - Whether to execute the metricbeat containers as privileged containers. Typically not necessarily unless running within environments such as OpenShift. -podSecurityContext: - runAsUser: 0 - privileged: false - -resources: - requests: - cpu: "100m" - memory: "100Mi" - limits: - cpu: "1000m" - memory: "200Mi" - # Custom service account override that the pod will use serviceAccount: "" -# A list of secrets and their paths to mount inside the pod -# This is useful for mounting certificates for security other sensitive values -secretMounts: [] -# - name: metricbeat-certificates -# secretName: metricbeat-certificates -# path: /usr/share/metricbeat/certs - # How long to wait for metricbeat pods to stop gracefully terminationGracePeriod: 30 -tolerations: [] - -nodeSelector: {} - -affinity: {} - # This is the PriorityClass settings as defined in # https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass priorityClassName: "" @@ -211,3 +236,18 @@ updateStrategy: RollingUpdate # Only edit these if you know what you're doing nameOverride: "" fullnameOverride: "" + +# DEPRECATED +affinity: {} +envFrom: [] +extraEnvs: [] +extraVolumes: [] +extraVolumeMounts: [] +# Allows you to add any config files in /usr/share/metricbeat +# such as metricbeat.yml for both daemonset and deployment +metricbeatConfig: {} +nodeSelector: {} +podSecurityContext: {} +resources: {} +secretMounts: [] +tolerations: [] From f59b2c86a751d3b511c379f2509e70317b627456 Mon Sep 17 00:00:00 2001 From: Julien Mailleret Date: Fri, 17 Apr 2020 19:10:45 +0200 Subject: [PATCH 013/151] Merge pull request #585 from jmlrt/metricbeat-hostnetwork [metricbeat] add host networking option --- metricbeat/README.md | 1 + metricbeat/templates/daemonset.yaml | 4 ++++ metricbeat/tests/metricbeat_test.py | 33 +++++++++++++++++++++++++++++ metricbeat/values.yaml | 1 + 4 files changed, 39 insertions(+) diff --git a/metricbeat/README.md b/metricbeat/README.md index 8f42d280d..ecfae28a7 100644 --- a/metricbeat/README.md +++ b/metricbeat/README.md @@ -64,6 +64,7 @@ This chart is tested with the latest 7.7.0-SNAPSHOT versions. | `daemonset.extraEnvs` | Extra [environment variables][] which will be appended to Metricbeat container for `DaemonSet`. | `[]` | | `daemonset.extraVolumes` | Templatable string of additional volumes to be passed to the `tpl` function or `DaemonSet`. | `[]` | | `daemonset.extraVolumeMounts` | Templatable string of additional volumeMounts to be passed to the `tpl` function or `DaemonSet`. | `[]` | +| `daemonset.hostNetworking` | Enable Metricbeat `DaemonSet` to use host network | `false` | | `daemonset.metricbeatConfig` | Allows you to add any config files in `/usr/share/metricbeat` such as `metricbeat.yml` for Metricbeat `DaemonSet`. | see [values.yaml][] | | `daemonset.nodeSelector` | Configurable [nodeSelector][] for Metricbeat `DaemonSet`. | `{}` | | `daemonset.secretMounts` | Allows you easily mount a secret as a file inside the `DaemonSet`. Useful for mounting certificates and other secrets. See [values.yaml][] for an example | `[]` | diff --git a/metricbeat/templates/daemonset.yaml b/metricbeat/templates/daemonset.yaml index ea1e888bf..cbaca7558 100644 --- a/metricbeat/templates/daemonset.yaml +++ b/metricbeat/templates/daemonset.yaml @@ -41,6 +41,10 @@ spec: affinity: {{ toYaml ( .Values.affinity | default .Values.daemonset.affinity ) | nindent 8 }} nodeSelector: {{ toYaml ( .Values.nodeSelector | default .Values.daemonset.nodeSelector ) | nindent 8 }} tolerations: {{ toYaml ( .Values.tolerations | default .Values.daemonset.tolerations ) | nindent 8 }} + {{- if .Values.daemonset.hostNetworking }} + hostNetwork: true + dnsPolicy: ClusterFirstWithHostNet + {{- end }} {{- if .Values.priorityClassName }} priorityClassName: {{ .Values.priorityClassName }} {{- end }} diff --git a/metricbeat/tests/metricbeat_test.py b/metricbeat/tests/metricbeat_test.py index 91c1bfeed..83265498d 100644 --- a/metricbeat/tests/metricbeat_test.py +++ b/metricbeat/tests/metricbeat_test.py @@ -28,6 +28,18 @@ def test_defaults(): assert "metricbeat test output" in c["readinessProbe"]["exec"]["command"][-1] assert r["daemonset"][name]["spec"]["template"]["spec"]["tolerations"] == [] + + assert "hostNetwork" not in r["daemonset"][name]["spec"]["template"]["spec"] + assert "dnsPolicy" not in r["daemonset"][name]["spec"]["template"]["spec"] + assert ( + "hostNetwork" + not in r["deployment"][name + "-metrics"]["spec"]["template"]["spec"] + ) + assert ( + "dnsPolicy" + not in r["deployment"][name + "-metrics"]["spec"]["template"]["spec"] + ) + assert ( r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["tolerations"] == [] @@ -249,6 +261,27 @@ def test_adding_image_pull_secrets(): ) +def test_adding_host_networking(): + config = """ +daemonset: + hostNetworking: true +""" + r = helm_template(config) + assert r["daemonset"][name]["spec"]["template"]["spec"]["hostNetwork"] is True + assert ( + r["daemonset"][name]["spec"]["template"]["spec"]["dnsPolicy"] + == "ClusterFirstWithHostNet" + ) + assert ( + "hostNetwork" + not in r["deployment"][name + "-metrics"]["spec"]["template"]["spec"] + ) + assert ( + "dnsPolicy" + not in r["deployment"][name + "-metrics"]["spec"]["template"]["spec"] + ) + + def test_adding_tolerations(): config = """ daemonset: diff --git a/metricbeat/values.yaml b/metricbeat/values.yaml index cb96e14e1..7ef153adb 100755 --- a/metricbeat/values.yaml +++ b/metricbeat/values.yaml @@ -16,6 +16,7 @@ daemonset: # - name: extras # mountPath: /usr/share/extras # readOnly: true + hostNetworking: false # Allows you to add any config files in /usr/share/metricbeat # such as metricbeat.yml for daemonset metricbeatConfig: From fd72d67f72a798a3354d8f4dd0aae6354b17d7ff Mon Sep 17 00:00:00 2001 From: Julien Mailleret Date: Mon, 20 Apr 2020 16:41:26 +0200 Subject: [PATCH 014/151] Merge pull request #590 from marcostvz/patch-1 [elasticsearch] Adds imagePullSecrets for test Pod --- elasticsearch/templates/test/test-elasticsearch-health.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/elasticsearch/templates/test/test-elasticsearch-health.yaml b/elasticsearch/templates/test/test-elasticsearch-health.yaml index 8570eb1d9..9d3d0a98e 100644 --- a/elasticsearch/templates/test/test-elasticsearch-health.yaml +++ b/elasticsearch/templates/test/test-elasticsearch-health.yaml @@ -15,4 +15,8 @@ spec: - | #!/usr/bin/env bash -e curl -XGET --fail '{{ template "elasticsearch.uname" . }}:{{ .Values.httpPort }}/_cluster/health?{{ .Values.clusterHealthCheckParams }}' + {{- if .Values.imagePullSecrets }} + imagePullSecrets: +{{ toYaml .Values.imagePullSecrets | indent 4 }} + {{- end }} restartPolicy: Never From 65eebf934f70ad40a4a3837b9093bc4f34876f09 Mon Sep 17 00:00:00 2001 From: Julien Mailleret Date: Mon, 20 Apr 2020 17:39:09 +0200 Subject: [PATCH 015/151] Merge pull request #584 from michelesr/master [elasticsearch] Set securityContext for test pod --- elasticsearch/templates/test/test-elasticsearch-health.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/elasticsearch/templates/test/test-elasticsearch-health.yaml b/elasticsearch/templates/test/test-elasticsearch-health.yaml index 9d3d0a98e..0aac728a8 100644 --- a/elasticsearch/templates/test/test-elasticsearch-health.yaml +++ b/elasticsearch/templates/test/test-elasticsearch-health.yaml @@ -6,6 +6,8 @@ metadata: annotations: "helm.sh/hook": test-success spec: + securityContext: +{{ toYaml .Values.podSecurityContext | indent 4 }} containers: - name: "{{ .Release.Name }}-{{ randAlpha 5 | lower }}-test" image: "{{ .Values.image }}:{{ .Values.imageTag }}" From bcaaaad20099b3ac687df8af18c733b2f8f8056b Mon Sep 17 00:00:00 2001 From: Julien Mailleret Date: Tue, 21 Apr 2020 13:29:42 +0200 Subject: [PATCH 016/151] Merge pull request #522 from domgoodwin/helm-default-patch Update defaults for extra values to support lists --- elasticsearch/README.md | 8 ++-- elasticsearch/templates/statefulset.yaml | 28 +++++++++++ elasticsearch/tests/elasticsearch_test.py | 57 +++++++++++++++++++++++ elasticsearch/values.yaml | 8 ++-- 4 files changed, 93 insertions(+), 8 deletions(-) diff --git a/elasticsearch/README.md b/elasticsearch/README.md index 261c15d17..cd9f602d7 100644 --- a/elasticsearch/README.md +++ b/elasticsearch/README.md @@ -92,10 +92,10 @@ This chart is tested with the latest 7.7.0-SNAPSHOT versions. | `esMajorVersion` | Used to set major version specific configuration. If you are using a custom image and not running the default Elasticsearch version you will need to set this to the version you are running (e.g. `esMajorVersion: 6`) | `""` | | `esConfig` | Allows you to add any config files in `/usr/share/elasticsearch/config/` such as `elasticsearch.yml` and `log4j2.properties`. See [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/values.yaml) for an example of the formatting. | `{}` | | `extraEnvs` | Extra [environment variables](https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config) which will be appended to the `env:` definition for the container | `[]` | -| `extraVolumes` | Templatable string of additional volumes to be passed to the `tpl` function | `""` | -| `extraVolumeMounts` | Templatable string of additional volumeMounts to be passed to the `tpl` function | `""` | -| `extraContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | -| `extraInitContainers` | Templatable string of additional init containers to be passed to the `tpl` function | `""` | +| `extraVolumes` | Templatable string of additional volumes to be passed to the `tpl` function | `[]` | +| `extraVolumeMounts` | Templatable string of additional volumeMounts to be passed to the `tpl` function | `[]` | +| `extraContainers` | Templatable string of additional containers to be passed to the `tpl` function | `[]` | +| `extraInitContainers` | Templatable string of additional init containers to be passed to the `tpl` function | `[]` | | `secretMounts` | Allows you easily mount a secret as a file inside the statefulset. Useful for mounting certificates and other secrets. See [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/values.yaml) for an example | `[]` | | `image` | The Elasticsearch docker image | `docker.elastic.co/elasticsearch/elasticsearch` | | `imageTag` | The Elasticsearch docker image tag | `7.7.0-SNAPSHOT` | diff --git a/elasticsearch/templates/statefulset.yaml b/elasticsearch/templates/statefulset.yaml index 31a6cec02..0f6524c5d 100644 --- a/elasticsearch/templates/statefulset.yaml +++ b/elasticsearch/templates/statefulset.yaml @@ -128,7 +128,14 @@ spec: {{- end }} {{ end }} {{- if .Values.extraVolumes }} + # Currently some extra blocks accept strings + # to continue with backwards compatibility this is being kept + # whilst also allowing for yaml to be specified too. + {{- if eq "string" (printf "%T" .Values.extraVolumes) }} {{ tpl .Values.extraVolumes . | indent 8 }} + {{- else }} +{{ toYaml .Values.extraVolumes | indent 8 }} + {{- end }} {{- end }} {{- if .Values.imagePullSecrets }} imagePullSecrets: @@ -183,7 +190,14 @@ spec: {{- end }} {{ end }} {{- if .Values.extraInitContainers }} + # Currently some extra blocks accept strings + # to continue with backwards compatibility this is being kept + # whilst also allowing for yaml to be specified too. + {{- if eq "string" (printf "%T" .Values.extraInitContainers) }} {{ tpl .Values.extraInitContainers . | indent 6 }} + {{- else }} +{{ toYaml .Values.extraInitContainers | indent 6 }} + {{- end }} {{- end }} containers: - name: "{{ template "elasticsearch.name" . }}" @@ -290,7 +304,14 @@ spec: subPath: {{ $path }} {{- end -}} {{- if .Values.extraVolumeMounts }} + # Currently some extra blocks accept strings + # to continue with backwards compatibility this is being kept + # whilst also allowing for yaml to be specified too. + {{- if eq "string" (printf "%T" .Values.extraVolumeMounts) }} {{ tpl .Values.extraVolumeMounts . | indent 10 }} + {{- else }} +{{ toYaml .Values.extraVolumeMounts | indent 10 }} + {{- end }} {{- end }} {{- if .Values.masterTerminationFix }} {{- if eq .Values.roles.master "true" }} @@ -351,5 +372,12 @@ spec: {{ toYaml .Values.lifecycle | indent 10 }} {{- end }} {{- if .Values.extraContainers }} + # Currently some extra blocks accept strings + # to continue with backwards compatibility this is being kept + # whilst also allowing for yaml to be specified too. + {{- if eq "string" (printf "%T" .Values.extraContainers) }} {{ tpl .Values.extraContainers . | indent 6 }} + {{- else }} +{{ toYaml .Values.extraContainers | indent 6 }} + {{- end }} {{- end }} diff --git a/elasticsearch/tests/elasticsearch_test.py b/elasticsearch/tests/elasticsearch_test.py index 16d05c79f..02ad5da00 100755 --- a/elasticsearch/tests/elasticsearch_test.py +++ b/elasticsearch/tests/elasticsearch_test.py @@ -307,6 +307,29 @@ def test_adding_a_extra_volume_with_volume_mount(): } in extraVolumeMounts +def test_adding_a_extra_volume_with_volume_mount_as_yaml(): + config = """ +extraVolumes: + - name: extras + emptyDir: {} +extraVolumeMounts: + - name: extras + mountPath: /usr/share/extras + readOnly: true +""" + r = helm_template(config) + extraVolume = r["statefulset"][uname]["spec"]["template"]["spec"]["volumes"] + assert {"name": "extras", "emptyDir": {}} in extraVolume + extraVolumeMounts = r["statefulset"][uname]["spec"]["template"]["spec"][ + "containers" + ][0]["volumeMounts"] + assert { + "name": "extras", + "mountPath": "/usr/share/extras", + "readOnly": True, + } in extraVolumeMounts + + def test_adding_a_extra_container(): config = """ extraContainers: | @@ -323,6 +346,22 @@ def test_adding_a_extra_container(): } in extraContainer +def test_adding_a_extra_container_as_yaml(): + config = """ +extraContainers: + - name: do-something + image: busybox + command: ['do', 'something'] +""" + r = helm_template(config) + extraContainer = r["statefulset"][uname]["spec"]["template"]["spec"]["containers"] + assert { + "name": "do-something", + "image": "busybox", + "command": ["do", "something"], + } in extraContainer + + def test_adding_a_extra_init_container(): config = """ extraInitContainers: | @@ -341,6 +380,24 @@ def test_adding_a_extra_init_container(): } in extraInitContainer +def test_adding_a_extra_init_container_as_yaml(): + config = """ +extraInitContainers: + - name: do-something + image: busybox + command: ['do', 'something'] +""" + r = helm_template(config) + extraInitContainer = r["statefulset"][uname]["spec"]["template"]["spec"][ + "initContainers" + ] + assert { + "name": "do-something", + "image": "busybox", + "command": ["do", "something"], + } in extraInitContainer + + def test_sysctl_init_container_disabled(): config = """ sysctlInitContainer: diff --git a/elasticsearch/values.yaml b/elasticsearch/values.yaml index f8e633188..f04faf1be 100755 --- a/elasticsearch/values.yaml +++ b/elasticsearch/values.yaml @@ -112,21 +112,21 @@ persistence: enabled: true annotations: {} -extraVolumes: "" +extraVolumes: [] # - name: extras # emptyDir: {} -extraVolumeMounts: "" +extraVolumeMounts: [] # - name: extras # mountPath: /usr/share/extras # readOnly: true -extraContainers: "" +extraContainers: [] # - name: do-something # image: busybox # command: ['do', 'something'] -extraInitContainers: "" +extraInitContainers: [] # - name: do-something # image: busybox # command: ['do', 'something'] From ac520df183804633074092bd8f868d79380df283 Mon Sep 17 00:00:00 2001 From: Julien Mailleret Date: Tue, 21 Apr 2020 13:51:31 +0200 Subject: [PATCH 017/151] Merge pull request #586 from jmlrt/readiness-to-503 [elasticsearch] update readiness probe endpoint --- elasticsearch/templates/statefulset.yaml | 49 ++++++++++++++--------- elasticsearch/tests/elasticsearch_test.py | 1 - 2 files changed, 30 insertions(+), 20 deletions(-) diff --git a/elasticsearch/templates/statefulset.yaml b/elasticsearch/templates/statefulset.yaml index 0f6524c5d..5f9b0901a 100644 --- a/elasticsearch/templates/statefulset.yaml +++ b/elasticsearch/templates/statefulset.yaml @@ -216,28 +216,39 @@ spec: # Once it has started only check that the node itself is responding START_FILE=/tmp/.es_start_file - http () { - local path="${1}" - if [ -n "${ELASTIC_USERNAME}" ] && [ -n "${ELASTIC_PASSWORD}" ]; then - BASIC_AUTH="-u ${ELASTIC_USERNAME}:${ELASTIC_PASSWORD}" - else - BASIC_AUTH='' - fi - curl -XGET -s -k --fail ${BASIC_AUTH} {{ .Values.protocol }}://127.0.0.1:{{ .Values.httpPort }}${path} - } + if [ -n "${ELASTIC_USERNAME}" ] && [ -n "${ELASTIC_PASSWORD}" ]; then + BASIC_AUTH="-u ${ELASTIC_USERNAME}:${ELASTIC_PASSWORD}" + else + BASIC_AUTH='' + fi if [ -f "${START_FILE}" ]; then - echo 'Elasticsearch is already running, lets check the node is healthy and there are master nodes available' - http "/_cluster/health?timeout=0s" + echo 'Elasticsearch is already running, lets check the node is healthy' + HTTP_CODE=$(curl -XGET -s -k ${BASIC_AUTH} -o /dev/null -w '%{http_code}' {{ .Values.protocol }}://127.0.0.1:{{ .Values.httpPort }}/) + RC=$? + if [[ ${RC} -ne 0 ]]; then + echo "curl -XGET -s -k \${BASIC_AUTH} -o /dev/null -w '%{http_code}' {{ .Values.protocol }}://127.0.0.1:{{ .Values.httpPort }}/ failed with RC ${RC}" + exit ${RC} + fi + # ready if HTTP code 200, 503 is tolerable if ES version is 6.x + if [[ ${HTTP_CODE} == "200" ]]; then + exit 0 + elif [[ ${HTTP_CODE} == "503" && "{{ include "elasticsearch.esMajorVersion" . }}" == "6" ]]; then + exit 0 + else + echo "curl -XGET -s -k \${BASIC_AUTH} -o /dev/null -w '%{http_code}' {{ .Values.protocol }}://127.0.0.1:{{ .Values.httpPort }}/ failed with HTTP code ${HTTP_CODE}" + exit 1 + fi + else - echo 'Waiting for elasticsearch cluster to become ready (request params: "{{ .Values.clusterHealthCheckParams }}" )' - if http "/_cluster/health?{{ .Values.clusterHealthCheckParams }}" ; then - touch ${START_FILE} - exit 0 - else - echo 'Cluster is not yet ready (request params: "{{ .Values.clusterHealthCheckParams }}" )' - exit 1 - fi + echo 'Waiting for elasticsearch cluster to become ready (request params: "{{ .Values.clusterHealthCheckParams }}" )' + if curl -XGET -s -k --fail ${BASIC_AUTH} {{ .Values.protocol }}://127.0.0.1:{{ .Values.httpPort }}/_cluster/health?{{ .Values.clusterHealthCheckParams }} ; then + touch ${START_FILE} + exit 0 + else + echo 'Cluster is not yet ready (request params: "{{ .Values.clusterHealthCheckParams }}" )' + exit 1 + fi fi {{ toYaml .Values.readinessProbe | indent 10 }} ports: diff --git a/elasticsearch/tests/elasticsearch_test.py b/elasticsearch/tests/elasticsearch_test.py index 02ad5da00..164c6e9ba 100755 --- a/elasticsearch/tests/elasticsearch_test.py +++ b/elasticsearch/tests/elasticsearch_test.py @@ -73,7 +73,6 @@ def test_defaults(): assert "curl" in c["readinessProbe"]["exec"]["command"][-1] assert "http://127.0.0.1:9200" in c["readinessProbe"]["exec"]["command"][-1] - assert "/_cluster/health?timeout=0s" in c["readinessProbe"]["exec"]["command"][-1] # Resources assert c["resources"] == { From e2d4b9c56fcbacc72a46cb1ceae61ca46e807101 Mon Sep 17 00:00:00 2001 From: Julien Mailleret Date: Thu, 23 Apr 2020 07:43:30 +0200 Subject: [PATCH 018/151] Merge pull request #569 from cartonalexandre/master Added support for envFrom in apm-server, logstash, kibana and elasticsearch --- apm-server/README.md | 1 + apm-server/templates/deployment.yaml | 4 ++ apm-server/tests/apmserver_test.py | 13 +++++ apm-server/values.yaml | 7 +++ elasticsearch/README.md | 1 + elasticsearch/templates/statefulset.yaml | 9 +++ elasticsearch/tests/elasticsearch_test.py | 13 +++++ elasticsearch/values.yaml | 7 +++ kibana/README.md | 67 ++++++++++++----------- kibana/templates/deployment.yaml | 4 ++ kibana/tests/kibana_test.py | 13 +++++ kibana/values.yaml | 7 +++ logstash/README.md | 1 + logstash/templates/statefulset.yaml | 4 ++ logstash/tests/logstash_test.py | 13 +++++ logstash/values.yaml | 7 +++ 16 files changed, 138 insertions(+), 33 deletions(-) diff --git a/apm-server/README.md b/apm-server/README.md index 6eee66677..7c766a063 100644 --- a/apm-server/README.md +++ b/apm-server/README.md @@ -61,6 +61,7 @@ This chart is tested with the latest 7.7.0-SNAPSHOT versions. | `extraContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | | `extraInitContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | | `extraEnvs` | Extra [environment variables](https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config) which will be appended to the `env:` definition for the container | `[]` | +| `envFrom` | Templatable string of envFrom to be passed to the [environment from variables](https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables) which will be appended to the `envFrom:` definition for the container | `[]` | | `extraVolumeMounts` | List of additional volumeMounts | `[]` | | `extraVolumes` | List of additional volumes | `[]` | | `image` | The APM Server docker image | `docker.elastic.co/apm/apm-server` | diff --git a/apm-server/templates/deployment.yaml b/apm-server/templates/deployment.yaml index fa740b32c..87a1bc085 100644 --- a/apm-server/templates/deployment.yaml +++ b/apm-server/templates/deployment.yaml @@ -79,6 +79,10 @@ spec: env: {{ toYaml . | nindent 10 }} {{- end }} + {{- if .Values.envFrom }} + envFrom: +{{ toYaml .Values.envFrom | indent 10 }} + {{- end }} {{- if .Values.podSecurityContext }} securityContext: {{ toYaml .Values.podSecurityContext | indent 10 }} diff --git a/apm-server/tests/apmserver_test.py b/apm-server/tests/apmserver_test.py index 2ed716433..cb89d880e 100644 --- a/apm-server/tests/apmserver_test.py +++ b/apm-server/tests/apmserver_test.py @@ -72,6 +72,19 @@ def test_adding_envs(): assert {"name": "LOG_LEVEL", "value": "DEBUG"} in envs +def test_adding_env_from(): + config = """ +envFrom: +- secretRef: + name: secret-name +""" + r = helm_template(config) + secretRef = r["deployment"][name]["spec"]["template"]["spec"]["containers"][0][ + "envFrom" + ][0]["secretRef"] + assert secretRef == {"name": "secret-name"} + + def test_adding_image_pull_secrets(): config = """ imagePullSecrets: diff --git a/apm-server/values.yaml b/apm-server/values.yaml index 497a9e6bf..f96ac03f7 100755 --- a/apm-server/values.yaml +++ b/apm-server/values.yaml @@ -45,6 +45,13 @@ extraEnvs: [] # name: elastic-credentials # key: password +# Allows you to load environment variables from kubernetes secret or config map +envFrom: [] +# - secretRef: +# name: env-secret +# - configMapRef: +# name: config-map + extraVolumeMounts: [] # - name: extras # mountPath: /usr/share/extras diff --git a/elasticsearch/README.md b/elasticsearch/README.md index cd9f602d7..995593f14 100644 --- a/elasticsearch/README.md +++ b/elasticsearch/README.md @@ -92,6 +92,7 @@ This chart is tested with the latest 7.7.0-SNAPSHOT versions. | `esMajorVersion` | Used to set major version specific configuration. If you are using a custom image and not running the default Elasticsearch version you will need to set this to the version you are running (e.g. `esMajorVersion: 6`) | `""` | | `esConfig` | Allows you to add any config files in `/usr/share/elasticsearch/config/` such as `elasticsearch.yml` and `log4j2.properties`. See [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/values.yaml) for an example of the formatting. | `{}` | | `extraEnvs` | Extra [environment variables](https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config) which will be appended to the `env:` definition for the container | `[]` | +| `envFrom` | Templatable string of envFrom to be passed to the [environment from variables](https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables) which will be appended to the `envFrom:` definition for the container | `[]` | | `extraVolumes` | Templatable string of additional volumes to be passed to the `tpl` function | `[]` | | `extraVolumeMounts` | Templatable string of additional volumeMounts to be passed to the `tpl` function | `[]` | | `extraContainers` | Templatable string of additional containers to be passed to the `tpl` function | `[]` | diff --git a/elasticsearch/templates/statefulset.yaml b/elasticsearch/templates/statefulset.yaml index 5f9b0901a..5297aac25 100644 --- a/elasticsearch/templates/statefulset.yaml +++ b/elasticsearch/templates/statefulset.yaml @@ -180,6 +180,7 @@ spec: cp -a /usr/share/elasticsearch/config/elasticsearch.keystore /tmp/keystore/ env: {{ toYaml .Values.extraEnvs | nindent 10 }} + envFrom: {{ toYaml .Values.envFrom | nindent 10 }} resources: {{ toYaml .Values.initResources | nindent 10 }} volumeMounts: - name: keystore @@ -291,6 +292,10 @@ spec: {{- end }} {{- if .Values.extraEnvs }} {{ toYaml .Values.extraEnvs | indent 10 }} +{{- end }} +{{- if .Values.envFrom }} + envFrom: +{{ toYaml .Values.envFrom | indent 10 }} {{- end }} volumeMounts: {{- if .Values.persistence.enabled }} @@ -376,6 +381,10 @@ spec: {{- if .Values.extraEnvs }} {{ toYaml .Values.extraEnvs | indent 10 }} {{- end }} + {{- if .Values.envFrom }} + envFrom: +{{ toYaml .Values.envFrom | indent 10 }} + {{- end }} {{- end }} {{- end }} {{- if .Values.lifecycle }} diff --git a/elasticsearch/tests/elasticsearch_test.py b/elasticsearch/tests/elasticsearch_test.py index 164c6e9ba..82e5d279b 100755 --- a/elasticsearch/tests/elasticsearch_test.py +++ b/elasticsearch/tests/elasticsearch_test.py @@ -283,6 +283,19 @@ def test_adding_extra_env_vars(): assert {"name": "hello", "value": "world"} in env +def test_adding_env_from(): + config = """ +envFrom: +- secretRef: + name: secret-name +""" + r = helm_template(config) + secretRef = r["statefulset"][uname]["spec"]["template"]["spec"]["containers"][0][ + "envFrom" + ][0]["secretRef"] + assert secretRef == {"name": "secret-name"} + + def test_adding_a_extra_volume_with_volume_mount(): config = """ extraVolumes: | diff --git a/elasticsearch/values.yaml b/elasticsearch/values.yaml index f04faf1be..40acd6fd4 100755 --- a/elasticsearch/values.yaml +++ b/elasticsearch/values.yaml @@ -34,6 +34,13 @@ extraEnvs: [] # - name: MY_ENVIRONMENT_VAR # value: the_value_goes_here +# Allows you to load environment variables from kubernetes secret or config map +envFrom: [] +# - secretRef: +# name: env-secret +# - configMapRef: +# name: config-map + # A list of secrets and their paths to mount inside the pod # This is useful for mounting certificates for security and for mounting # the X-Pack license diff --git a/kibana/README.md b/kibana/README.md index de93c09e4..fc2000255 100644 --- a/kibana/README.md +++ b/kibana/README.md @@ -44,39 +44,40 @@ This chart is tested with the latest 7.7.0-SNAPSHOT versions. ## Configuration -| Parameter | Description | Default | -| ------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------- | -| `elasticsearchHosts` | The URLs used to connect to Elasticsearch. | `http://elasticsearch-master:9200` | -| `elasticsearchURL` | The URL used to connect to Elasticsearch. Deprecated, needs to be used for Kibana versions < 6.6 | | -| `replicas` | Kubernetes replica count for the deployment (i.e. how many pods) | `1` | -| `extraEnvs` | Extra [environment variables](https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config) which will be appended to the `env:` definition for the container | `name: NODE_OPTIONS`
`value: "--max-old-space-size=1800"` | -| `secretMounts` | Allows you easily mount a secret as a file inside the deployment. Useful for mounting certificates and other secrets. See [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/kibana/values.yaml) for an example | `[]` | -| `image` | The Kibana docker image | `docker.elastic.co/kibana/kibana` | -| `imageTag` | The Kibana docker image tag | `7.7.0-SNAPSHOT` | -| `imagePullPolicy` | The Kubernetes [imagePullPolicy](https://kubernetes.io/docs/concepts/containers/images/#updating-images) value | `IfNotPresent` | -| `podAnnotations` | Configurable [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) applied to all Kibana pods | `{}` | -| `resources` | Allows you to set the [resources](https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/) for the statefulset | `requests.cpu: 1000m`
`requests.memory: 2Gi`
`limits.cpu: 1000m`
`limits.memory: 2Gi` | -| `protocol` | The protocol that will be used for the readinessProbe. Change this to `https` if you have `server.ssl.enabled: true` set | `http` | -| `serverHost` | The [`server.host`](https://www.elastic.co/guide/en/kibana/current/settings.html) Kibana setting. This is set explicitly so that the default always matches what comes with the docker image. | `0.0.0.0` | -| `healthCheckPath` | The path used for the readinessProbe to check that Kibana is ready. If you are setting `server.basePath` you will also need to update this to `/${basePath}/app/kibana` | `/app/kibana` | -| `kibanaConfig` | Allows you to add any config files in `/usr/share/kibana/config/` such as `kibana.yml`. See [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/kibana/values.yaml) for an example of the formatting. | `{}` | -| `podSecurityContext` | Allows you to set the [securityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) for the pod | `fsGroup: 1000` | -| `securityContext` | Allows you to set the [securityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) for the container | `capabilities.drop:[ALL]`
`runAsNonRoot: true`
`runAsUser: 1000` | -| `serviceAccount` | Allows you to overwrite the "default" [serviceAccount](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/) for the pod | `[]` | -| `priorityClassName` | The [name of the PriorityClass](https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass). No default is supplied as the PriorityClass must be created first. | `""` | -| `httpPort` | The http port that Kubernetes will use for the healthchecks and the service. | `5601` | -| `updateStrategy` | Allows you to change the default update [strategy](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#updating-a-deployment) for the deployment. A [standard upgrade](https://www.elastic.co/guide/en/kibana/current/upgrade-standard.html) of Kibana requires a full stop and start which is why the default strategy is set to `Recreate` | `Recreate` | -| `readinessProbe` | Configuration for the [readinessProbe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/) | `failureThreshold: 3`
`initialDelaySeconds: 10`
`periodSeconds: 10`
`successThreshold: 3`
`timeoutSeconds: 5` | -| `imagePullSecrets` | Configuration for [imagePullSecrets](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret) so that you can use a private registry for your image | `[]` | -| `nodeSelector` | Configurable [nodeSelector](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector) so that you can target specific nodes for your Kibana instances | `{}` | -| `tolerations` | Configurable [tolerations](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` | -| `ingress` | Configurable [ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/) to expose the Kibana service. See [`values.yaml`](https://github.com/elastic/helm-charts/tree/7.7/kibana/values.yaml) for an example | `enabled: false` | -| `service` | Configurable [service](https://kubernetes.io/docs/concepts/services-networking/service/) to expose the Kibana service. See [`values.yaml`](https://github.com/elastic/helm-charts/tree/7.7/kibana/values.yaml) for an example | `type: ClusterIP`
`port: 5601`
`nodePort:`
`annotations: {}`
`loadBalancerSourceRanges: {}` | -| `labels` | Configurable [label](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/) applied to all Kibana pods | `{}` | -| `lifecycle` | Allows you to add lifecycle configuration. See [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/kibana/values.yaml) for an example of the formatting. | `{}` | -| `fullnameOverride` | Overrides the full name of the resources. If not set the name will default to "`.Release.Name`-`.Values.nameOverride or .Chart.Name`" | `""` | -| `extraContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | -| `extraInitContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | +| Parameter | Description | Default | +|-----------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------| +| `elasticsearchHosts` | The URLs used to connect to Elasticsearch. | `http://elasticsearch-master:9200` | +| `elasticsearchURL` | The URL used to connect to Elasticsearch. Deprecated, needs to be used for Kibana versions < 6.6 | | +| `replicas` | Kubernetes replica count for the deployment (i.e. how many pods) | `1` | +| `extraEnvs` | Extra [environment variables](https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config) which will be appended to the `env:` definition for the container | `name: NODE_OPTIONS`
`value: "--max-old-space-size=1800"` | +| `envFrom` | Templatable string of envFrom to be passed to the [environment from variables](https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables) which will be appended to the `envFrom:` definition for the container | `[]` | +| `secretMounts` | Allows you easily mount a secret as a file inside the deployment. Useful for mounting certificates and other secrets. See [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/kibana/values.yaml) for an example | `[]` | +| `image` | The Kibana docker image | `docker.elastic.co/kibana/kibana` | +| `imageTag` | The Kibana docker image tag | `7.7.0-SNAPSHOT` | +| `imagePullPolicy` | The Kubernetes [imagePullPolicy](https://kubernetes.io/docs/concepts/containers/images/#updating-images) value | `IfNotPresent` | +| `podAnnotations` | Configurable [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) applied to all Kibana pods | `{}` | +| `resources` | Allows you to set the [resources](https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/) for the statefulset | `requests.cpu: 1000m`
`requests.memory: 2Gi`
`limits.cpu: 1000m`
`limits.memory: 2Gi` | +| `protocol` | The protocol that will be used for the readinessProbe. Change this to `https` if you have `server.ssl.enabled: true` set | `http` | +| `serverHost` | The [`server.host`](https://www.elastic.co/guide/en/kibana/current/settings.html) Kibana setting. This is set explicitly so that the default always matches what comes with the docker image. | `0.0.0.0` | +| `healthCheckPath` | The path used for the readinessProbe to check that Kibana is ready. If you are setting `server.basePath` you will also need to update this to `/${basePath}/app/kibana` | `/app/kibana` | +| `kibanaConfig` | Allows you to add any config files in `/usr/share/kibana/config/` such as `kibana.yml`. See [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/kibana/values.yaml) for an example of the formatting. | `{}` | +| `podSecurityContext` | Allows you to set the [securityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) for the pod | `fsGroup: 1000` | +| `securityContext` | Allows you to set the [securityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) for the container | `capabilities.drop:[ALL]`
`runAsNonRoot: true`
`runAsUser: 1000` | +| `serviceAccount` | Allows you to overwrite the "default" [serviceAccount](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/) for the pod | `[]` | +| `priorityClassName` | The [name of the PriorityClass](https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass). No default is supplied as the PriorityClass must be created first. | `""` | +| `httpPort` | The http port that Kubernetes will use for the healthchecks and the service. | `5601` | +| `updateStrategy` | Allows you to change the default update [strategy](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#updating-a-deployment) for the deployment. A [standard upgrade](https://www.elastic.co/guide/en/kibana/current/upgrade-standard.html) of Kibana requires a full stop and start which is why the default strategy is set to `Recreate` | `Recreate` | +| `readinessProbe` | Configuration for the [readinessProbe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/) | `failureThreshold: 3`
`initialDelaySeconds: 10`
`periodSeconds: 10`
`successThreshold: 3`
`timeoutSeconds: 5` | +| `imagePullSecrets` | Configuration for [imagePullSecrets](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret) so that you can use a private registry for your image | `[]` | +| `nodeSelector` | Configurable [nodeSelector](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector) so that you can target specific nodes for your Kibana instances | `{}` | +| `tolerations` | Configurable [tolerations](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` | +| `ingress` | Configurable [ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/) to expose the Kibana service. See [`values.yaml`](https://github.com/elastic/helm-charts/tree/7.7/kibana/values.yaml) for an example | `enabled: false` | +| `service` | Configurable [service](https://kubernetes.io/docs/concepts/services-networking/service/) to expose the Kibana service. See [`values.yaml`](https://github.com/elastic/helm-charts/tree/7.7/kibana/values.yaml) for an example | `type: ClusterIP`
`port: 5601`
`nodePort:`
`annotations: {}`
`loadBalancerSourceRanges: {}` | +| `labels` | Configurable [label](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/) applied to all Kibana pods | `{}` | +| `lifecycle` | Allows you to add lifecycle configuration. See [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/kibana/values.yaml) for an example of the formatting. | `{}` | +| `fullnameOverride` | Overrides the full name of the resources. If not set the name will default to "`.Release.Name`-`.Values.nameOverride or .Chart.Name`" | `""` | +| `extraContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | +| `extraInitContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | ## Examples diff --git a/kibana/templates/deployment.yaml b/kibana/templates/deployment.yaml index b7a97758e..aca2ee153 100644 --- a/kibana/templates/deployment.yaml +++ b/kibana/templates/deployment.yaml @@ -90,6 +90,10 @@ spec: value: "{{ .Values.serverHost }}" {{- if .Values.extraEnvs }} {{ toYaml .Values.extraEnvs | indent 10 }} +{{- end }} +{{- if .Values.envFrom }} + envFrom: +{{ toYaml .Values.envFrom | indent 10 }} {{- end }} readinessProbe: {{ toYaml .Values.readinessProbe | indent 10 }} diff --git a/kibana/tests/kibana_test.py b/kibana/tests/kibana_test.py index 4b864f2f0..1341c6146 100644 --- a/kibana/tests/kibana_test.py +++ b/kibana/tests/kibana_test.py @@ -89,6 +89,19 @@ def test_overriding_the_port(): assert r["service"][name]["spec"]["ports"][0]["targetPort"] == 5602 +def test_adding_env_from(): + config = """ +envFrom: +- secretRef: + name: secret-name +""" + r = helm_template(config) + secretRef = r["deployment"][name]["spec"]["template"]["spec"]["containers"][0][ + "envFrom" + ][0]["secretRef"] + assert secretRef == {"name": "secret-name"} + + def test_adding_image_pull_secrets(): config = """ imagePullSecrets: diff --git a/kibana/values.yaml b/kibana/values.yaml index 5c30832de..cc8e2cb8b 100755 --- a/kibana/values.yaml +++ b/kibana/values.yaml @@ -14,6 +14,13 @@ extraEnvs: # - name: MY_ENVIRONMENT_VAR # value: the_value_goes_here +# Allows you to load environment variables from kubernetes secret or config map +envFrom: [] +# - secretRef: +# name: env-secret +# - configMapRef: +# name: config-map + # A list of secrets and their paths to mount inside the pod # This is useful for mounting certificates for security and for mounting # the X-Pack license diff --git a/logstash/README.md b/logstash/README.md index 89aedf28d..a4ad5eb61 100644 --- a/logstash/README.md +++ b/logstash/README.md @@ -59,6 +59,7 @@ This chart is tested with the latest 7.7.0-SNAPSHOT versions. | `antiAffinityTopologyKey` | The [anti-affinity topology key](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity). By default this will prevent multiple Logstash nodes from running on the same Kubernetes node | `kubernetes.io/hostname` | | `extraContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | | `extraEnvs` | Extra [environment variables](https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config) which will be appended to the `env:` definition for the container | `[]` | +| `envFrom` | Templatable string of envFrom to be passed to the [environment from variables](https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables) which will be appended to the `envFrom:` definition for the container | `[]` | | `extraInitContainers` | Templatable string of additional init containers to be passed to the `tpl` function | `""` | | `extraVolumes` | Templatable string of additional volumes to be passed to the `tpl` function | `""` | | `extraVolumeMounts` | Templatable string of additional volumeMounts to be passed to the `tpl` function | `""` | diff --git a/logstash/templates/statefulset.yaml b/logstash/templates/statefulset.yaml index 6c9838d3a..30dbb062f 100644 --- a/logstash/templates/statefulset.yaml +++ b/logstash/templates/statefulset.yaml @@ -160,6 +160,10 @@ spec: value: "{{ .Values.logstashJavaOpts }}" {{- if .Values.extraEnvs }} {{ toYaml .Values.extraEnvs | indent 10 }} +{{- end }} +{{- if .Values.envFrom }} + envFrom: +{{ toYaml .Values.envFrom | indent 10 }} {{- end }} volumeMounts: {{- if .Values.persistence.enabled }} diff --git a/logstash/tests/logstash_test.py b/logstash/tests/logstash_test.py index ed798a496..55d838c1b 100755 --- a/logstash/tests/logstash_test.py +++ b/logstash/tests/logstash_test.py @@ -141,6 +141,19 @@ def test_adding_extra_env_vars(): assert {"name": "hello", "value": "world"} in env +def test_adding_env_from(): + config = """ +envFrom: +- secretRef: + name: secret-name +""" + r = helm_template(config) + secretRef = r["statefulset"][name]["spec"]["template"]["spec"]["containers"][0][ + "envFrom" + ][0]["secretRef"] + assert secretRef == {"name": "secret-name"} + + def test_adding_a_extra_volume_with_volume_mount(): config = """ extraVolumes: | diff --git a/logstash/values.yaml b/logstash/values.yaml index 7537f84d9..322f6be31 100755 --- a/logstash/values.yaml +++ b/logstash/values.yaml @@ -29,6 +29,13 @@ extraEnvs: [] # - name: MY_ENVIRONMENT_VAR # value: the_value_goes_here +# Allows you to load environment variables from kubernetes secret or config map +envFrom: [] +# - secretRef: +# name: env-secret +# - configMapRef: +# name: config-map + # A list of secrets and their paths to mount inside the pod secretMounts: [] From ab26d11dbc28314d75b76e733884e9c16db81932 Mon Sep 17 00:00:00 2001 From: Julien Mailleret Date: Mon, 27 Apr 2020 10:11:15 +0200 Subject: [PATCH 019/151] Merge pull request #591 from jmlrt/logstash-http-host-var [logstash] update doc and values.yaml for http.host issues --- logstash/README.md | 1 + logstash/values.yaml | 18 ++++++++++++++++++ 2 files changed, 19 insertions(+) diff --git a/logstash/README.md b/logstash/README.md index a4ad5eb61..5c0a2257b 100644 --- a/logstash/README.md +++ b/logstash/README.md @@ -17,6 +17,7 @@ This helm chart is a lightweight way to configure and run our official [Logstash * It is important to verify that the JVM heap size in `logstashJavaOpts` and to set the CPU/Memory `resources` to something suitable for your cluster * We have designed this chart to be very un-opinionated about how to configure Logstash. It exposes ways to set environment variables and mount secrets inside of the container. Doing this makes it much easier for this chart to support multiple versions with minimal changes. * `logstash.yml` configuration files can be set either by a ConfigMap using `logstashConfig` in `values.yml` or by environment variables using `extraEnvs` in `values.yml`, however Logstash Docker image can't mix both methods as defining settings with environment variables causes `logstash.yml` to be modified in place while using ConfigMap bind-mount the same file (more details in this [Note](https://www.elastic.co/guide/en/logstash/6.7/docker-config.html#docker-env-config)). +* When overriding `logstash.yml`, `http.host: 0.0.0.0` should always be included to make default probes work. If restricting HTTP API to 127.0.0.1 is required by using `http.host: 127.0.0.1`, default probes should be disabled or overrided (see [values.yaml](https://github.com/elastic/helm-charts/tree/master/logstash/values.yaml) for the good syntax). ## Installing diff --git a/logstash/values.yaml b/logstash/values.yaml index 322f6be31..ba65eaf13 100755 --- a/logstash/values.yaml +++ b/logstash/values.yaml @@ -3,6 +3,9 @@ replicas: 1 # Allows you to add any config files in /usr/share/logstash/config/ # such as logstash.yml and log4j2.properties +# +# Note that when overriding logstash.yml, `http.host: 0.0.0.0` should always be included +# to make default probes work. logstashConfig: {} # logstash.yml: | # key: @@ -159,6 +162,21 @@ securityContext: # How long to wait for logstash to stop gracefully terminationGracePeriod: 120 +# Probes +# Default probes are using `httpGet` which requires that `http.host: 0.0.0.0` is part of +# `logstash.yml`. If needed probes can be disabled or overrided using the following syntaxes: +# +# disable livenessProbe +# livenessProbe: null +# +# replace httpGet default readinessProbe by some exec probe +# readinessProbe: +# httpGet: null +# exec: +# command: +# - curl +# - localhost:9600 + livenessProbe: httpGet: path: / From 6a66c2ecf53e59a45dc23249379fa5783603a5ea Mon Sep 17 00:00:00 2001 From: Julien Mailleret Date: Tue, 28 Apr 2020 16:19:14 +0200 Subject: [PATCH 020/151] Merge pull request #593 from jmlrt/doc-improvements (#599) Doc improvements - Reformat all `README.md` files - Fix typos and missing syntaxes) - Use Markdown implicit link names - Sort values in configuration tables - Limit lines to 80 characters (except for code blocks and tables) - Add table of content - Fix default values descriptions - Move testing instructions to `CONTRIBUTING.md` doc - Move breaking changes notices to `BREAKING_CHANGES.md` doc --- CONTRIBUTING.md | 257 ++++++++- README.md | 30 +- apm-server/README.md | 225 ++++---- elasticsearch/README.md | 544 +++++++++++------- .../examples/kubernetes-kind/README.md | 11 +- elasticsearch/examples/migration/README.md | 131 ++++- elasticsearch/values.yaml | 8 +- filebeat/README.md | 225 +++++--- kibana/README.md | 237 +++++--- kibana/values.yaml | 5 +- logstash/README.md | 290 ++++++---- metricbeat/README.md | 249 ++++---- metricbeat/examples/default/README.md | 27 + 13 files changed, 1463 insertions(+), 776 deletions(-) create mode 100644 metricbeat/examples/default/README.md diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 8dd908c8f..477c275db 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,21 +1,256 @@ -# Contributing to the Elastic helm charts +# Contributing to the Elastic Helm charts + + + + +- [Adding new features](#adding-new-features) +- [Requirements for submiting a pull request](#requirements-for-submiting-a-pull-request) +- [CLA (Contributor License Agreement)](#cla-contributor-license-agreement) +- [How We Use Git and GitHub](#how-we-use-git-and-github) + - [Forking](#forking) + - [Branching](#branching) + - [Commits and Merging](#commits-and-merging) + - [Rebasing and fixing merge conflicts](#rebasing-and-fixing-merge-conflicts) + - [What Goes Into a Pull Request](#what-goes-into-a-pull-request) +- [Releases](#releases) +- [Testing](#testing) + - [Templating tests](#templating-tests) + - [Integration tests](#integration-tests) + + + + + + +## Adding new features + +If you aren't 100% sure that this is a feature that makes sense for everyone. +Please open an issue first to discuss with the maintainers before investing a +lot of time into it. + + +## Requirements for submiting a pull request + +Before submitting a pull request make sure you validated the following +requirements: + +* CLA should be signed (see [CLA section][] for more details). + +* Charts version shouldn't be bumped (see [Releases section][] for more +details). + +* Charts `README.md` should be updated if required (especially updating default +values if they have been changed). + +* Templating tests should be added/updated (see [Templating tests section][] for +more details). + +* Integration tests should be added/updated (see [Integration tests section][] +for more details). + ## CLA (Contributor License Agreement) -If you haven't already you will need to sign the [CLA](https://www.elastic.co/contributor-agreement) before your pull request can be reviewed and merged. +Please make sure you have signed our [Contributor License Agreement][]. We are +not asking you to assign copyright to us, but to give us the right to distribute +your code without restriction. We ask this of all contributors in order to +assure our users of the origin and continuing existence of the code. +You only need to sign the CLA once. -## Version bumps -Just like with the rest of the stack, all versions in this helm chart repo are bumped and released at the same time. There is no need to bump the version in your pull request. +## How We Use Git and GitHub -## Testing and documentation +### Forking -When making any changes be sure to also update the following: +We follow the [GitHub forking model][] for collaborating on Helm charts code. +This model assumes that you have a remote called `upstream` which points to the +official Kibana repo, which we'll refer to in later code snippets. -* Charts README.md -* The templating tests which can be found in `${CHART}/tests/*.py`. [Example](/elasticsearch/tests/elasticsearch_test.py) -* The integration tests which can be found in `${CHART}/examples/*/test/goss.yaml`. [Example](/elasticsearch/examples/default/test/goss.yaml) +### Branching + +* All work on the next major release (`8.0.0`) goes into master. +* Past major release branches are named `{majorVersion}.x`. They contain work +that will go into the next minor release. For example, if the next minor release +is `7.8.0`, work for it should go into the `7.x` branch. +* Past minor release branches are named `{majorVersion}.{minorVersion}`. They +contain work that will go into the next patch release. For example, if the next +patch release is `7.7.1`, work for it should go into the `7.7` branch. +* All work is done on feature branches and merged into one of these branches. +* Where appropriate, we'll backport changes into older release branches. + +### Commits and Merging + +* Feel free to make as many commits as you want, while working on a branch. +* Please use your commit messages to include helpful information on your +changes and an explanation of *why* you made the changes that you did. +* Resolve merge conflicts by rebasing the target branch over your feature +branch, and force-pushing (see below for instructions). +* When merging, we'll squash your commits into a single commit. + +#### Rebasing and fixing merge conflicts + +Rebasing can be tricky, and fixing merge conflicts can be even trickier because +it involves force pushing. This is all compounded by the fact that attempting to +push a rebased branch remotely will be rejected by git, and you'll be prompted +to do a `pull`, which is not at all what you should do (this will really mess up +your branch's history). + +Here's how you should rebase master onto your branch, and how to fix merge +conflicts when they arise. + +First, make sure master is up-to-date. + +```shell +git checkout master +git fetch upstream +git rebase upstream/master +``` + +Then, check out your branch and rebase master on top of it, which will apply all +of the new commits on master to your branch, and then apply all of your branch's +new commits after that. + +```shell +git checkout name-of-your-branch +git rebase master +``` + +You want to make sure there are no merge conflicts. If there are merge +conflicts, git will pause the rebase and allow you to fix the conflicts before +continuing. + +You can use `git status` to see which files contain conflicts. They'll be the +ones that aren't staged for commit. Open those files, and look for where git has +marked the conflicts. Resolve the conflicts so that the changes you want to make +to the code have been incorporated in a way that doesn't destroy work that's +been done in master. Refer to master's commit history on GitHub if you need to +gain a better understanding of how code is conflicting and how best to resolve +it. + +Once you've resolved all of the merge conflicts, use `git add -A` to stage them +to be committed, and then use `git rebase --continue` to tell git to continue +the rebase. + +When the rebase has completed, you will need to force push your branch because +the history is now completely different than what's on the remote. **This is +potentially dangerous** because it will completely overwrite what you have on +the remote, so you need to be sure that you haven't lost any work when resolving +merge conflicts. (If there weren't any merge conflicts, then you can force push +without having to worry about this.) + +``` +git push origin name-of-your-branch --force +``` + +This will overwrite the remote branch with what you have locally. You're done! + +**Note that you should not run `git pull`**, for example in response to a push +rejection like this: + +``` +! [rejected] name-of-your-branch -> name-of-your-branch (non-fast-forward) +error: failed to push some refs to 'https://github.com/YourGitHubHandle/kibana.git' +hint: Updates were rejected because the tip of your current branch is behind +hint: its remote counterpart. Integrate the remote changes (e.g. +hint: 'git pull ...') before pushing again. +hint: See the 'Note about fast-forwards' in 'git push --help' for details. +``` + +Assuming you've successfully rebased and you're happy with the code, you should +force push instead. + +### What Goes Into a Pull Request + +* Please include an explanation of your changes in your PR description. +* Links to relevant issues, external resources, or related PRs are very +important and useful. +* Please update any tests that pertain to your code, and add new tests where +appropriate. +* See [Submitting a Pull Request](#submitting-a-pull-request) for more info. + + +## Releases + +Just like with the rest of the stack, all versions in this helm chart repo are +bumped and released at the same time. There is no need to bump the version in +your pull request. + +Charts are released from version branchs (example `7.7` branch). + +[Elastic Helm repository][] is updated only during releases. + +The current release process is documented in [release.md][]. + + +## Testing + +### Templating tests + +Templating tests which can be found in `${CHART}/tests/*.py` +([Example][templating test example]). + +These charts use [pytest][] to test the templating logic. The dependencies for +testing can be installed from the [requirements.txt][] in the parent directory: + +``` +pip install -r ./requirements.txt +``` + +Tests can then be run from each chart directory using `make pytest` + +You can also use `make template` (equivalent to `helm template` ) to look at the +YAML being generated: + +It is possible to run all of the tests and linting inside of a Docker container +using `make test` + +Note that templating tests are formated using [Black][], you should run +`make lint-python` (equivalent to `black --diff --check .` ) to validate them or +`black .` to apply formatting before submitting a pull request which will modify +them. + +### Integration tests + +Integration tests which can be found in `${CHART}/examples/*/test/goss.yaml` +([Example][integration test example]). + +Integration tests are run using [goss][] which is a [Serverspec][] like tool +written in golang. See [integration test example][] for an example of what the +tests look like. + +The different integration tests are present in each chart's `examples` +directory. + +Each charts contains an `examples/default` integration test which validate the +chart deployment with default values. + +`examples` directory contains also integration tests for other use cases (for +example: using `oss` Docker images, using `6.x` version or using `security` ). + +Every directory which contains some `test` subdirectory is an integration test +(`examples` directory contains also some configuration examples for some +specific scenarios without tests like configuration for specific k8s providers). + +To run the goss tests against the default example: + +``` +cd examples/default +make goss +``` -## Adding new features -If you aren't 100% sure that this is a feature that makes sense for everyone. Please open an issue first to discuss with the maintainers before investing a lot of time into it. +[black]: https://black.readthedocs.io/en/stable/ +[cla section]: #cla-contributor-license-agreement +[contributor license agreement]: https://www.elastic.co/contributor-agreement +[elastic helm repository]: https://helm.elastic.co +[github forking model]: https://help.github.com/articles/fork-a-repo/ +[goss]: https://github.com/aelsabbahy/goss/blob/master/docs/manual.md +[integration test example]: https://github.com/elastic/helm-charts/blob/7.7/elasticsearch/examples/default/test/goss.yaml +[integration tests section]: #integration-tests +[pytest]: https://docs.pytest.org/en/latest/ +[serverspec]: https://serverspec.org +[templating test example]: https://github.com/elastic/helm-charts/blob/7.7/elasticsearch/tests/elasticsearch_test.py +[templating tests section]: #templating-tests +[release.md]: https://github.com/elastic/helm-charts/blob/master/helpers/release.md +[releases section]: #releases +[requirements.txt]: https://github.com/elastic/helm-charts/blob/7.7/requirements.txt diff --git a/README.md b/README.md index 9ec22bf27..8bab50ce9 100644 --- a/README.md +++ b/README.md @@ -2,26 +2,40 @@ [![Build Status](https://img.shields.io/jenkins/s/https/devops-ci.elastic.co/job/elastic+helm-charts+7.7.svg)](https://devops-ci.elastic.co/job/elastic+helm-charts+7.7/) -This functionality is in beta and is subject to change. The design and code is less mature than official GA features and is being provided as-is with no warranties. Beta features are not subject to the support SLA of official GA features. +This functionality is in beta and is subject to change. The design and code is +less mature than official GA features and is being provided as-is with no +warranties. Beta features are not subject to the support SLA of official GA +features. ## Charts -Please look in the chart directories for the documentation for each chart. These helm charts are designed to be a lightweight way to configure our official docker images. Links to the relevant docker image documentation has also been added below. +Please look in the chart directories for the documentation for each chart. These +Helm charts are designed to be a lightweight way to configure our official +Docker images. Links to the relevant Docker image documentation has also been +added below. | Chart | Docker documentation | -| ------------------------------------------ | ------------------------------------------------------------------------------- | +|--------------------------------------------|---------------------------------------------------------------------------------| +| [APM-Server](./apm-server/README.md) | https://www.elastic.co/guide/en/apm/server/current/running-on-docker.html | | [Elasticsearch](./elasticsearch/README.md) | https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html | +| [Filebeat](./filebeat/README.md) | https://www.elastic.co/guide/en/beats/filebeat/current/running-on-docker.html | | [Kibana](./kibana/README.md) | https://www.elastic.co/guide/en/kibana/current/docker.html | | [Logstash](./logstash/README.md) | https://www.elastic.co/guide/en/logstash/current/docker.html | -| [Filebeat](./filebeat/README.md) | https://www.elastic.co/guide/en/beats/filebeat/current/running-on-docker.html | | [Metricbeat](./metricbeat/README.md) | https://www.elastic.co/guide/en/beats/metricbeat/current/running-on-docker.html | -| [APM-Server](./apm-server/README.md) | https://www.elastic.co/guide/en/apm/server/current/running-on-docker.html | ## Kubernetes Versions -The charts are [currently tested](https://devops-ci.elastic.co/job/elastic+helm-charts+7.7/) against all GKE versions available. The exact versions are defined under `KUBERNETES_VERSIONS` in [helpers/matrix.yml](/helpers/matrix.yml) +The charts are [currently tested][] against all GKE versions available. The +exact versions are defined under `KUBERNETES_VERSIONS` in +[helpers/matrix.yml][]. ## Helm versions -While we are checking backward compatibility, the charts are only tested with Helm version mentioned in [helm-tester Dockerfile](helpers/helm-tester/Dockerfile) (currently 2.16.6). -Note that we don't support [Helm 3](https://v3.helm.sh/) version. +While we are checking backward compatibility, the charts are only tested with +Helm version mentioned in [helm-tester Dockerfile][] (currently 2.16.6). +Note that we don't support [Helm 3][] version. + +[currently tested]: https://devops-ci.elastic.co/job/elastic+helm-charts+7.7/ +[helm 3]: https://v3.helm.sh +[helm-tester Dockerfile]: https://github.com/elastic/helm-charts/blob/7.7/helpers/helm-tester/Dockerfile +[helpers/matrix.yml]: https://github.com/elastic/helm-charts/blob/7.7/helpers/matrix.yml diff --git a/apm-server/README.md b/apm-server/README.md index 7c766a063..af9e7616a 100644 --- a/apm-server/README.md +++ b/apm-server/README.md @@ -1,146 +1,173 @@ # APM Server Helm Chart + + + + +- [Requirements](#requirements) +- [Installing](#installing) + - [Using Helm repository](#using-helm-repository) + - [Using the 7.7 branch](#using-the-77-branch) +- [Upgrading](#upgrading) +- [Usage notes](#usage-notes) +- [Configuration](#configuration) +- [Examples](#examples) + - [Default](#default) +- [Contributing](#contributing) + + + + + This functionality is in alpha and is subject to change. The design and code is less mature than official GA features and is being provided as-is with no warranties. Alpha features are not subject to the support SLA of official GA features. -This helm chart is a lightweight way to configure and run our official -[APM Server docker image](https://www.elastic.co/guide/en/apm/server/current/running-on-docker.html). +This Helm chart is a lightweight way to configure and run our official +[APM Server Docker image][]. + ## Requirements * Kubernetes >= 1.9 -* [Helm](https://helm.sh/) >= 2.8.0 - -## Usage notes and getting started +* [Helm][] >= 2.8.0 -* The default APM Server configuration file for this chart is configured to use an -Elasticsearch endpoint as configured by the rest of these helm charts. This can -easily be overridden in the config value `apmConfig.apm-server.yml`. -* Automated testing of this chart is currently only run against GKE (Google Kubernetes Engine). ## Installing This chart is tested with the latest 7.7.0-SNAPSHOT versions. -* Add the elastic helm charts repo - - ```bash - helm repo add elastic https://helm.elastic.co - ``` +### Using Helm repository -* Install the latest 7.7 release +* Add the Elastic Helm charts repo: +`helm repo add elastic https://helm.elastic.co` - ```bash - helm install --name apm-server elastic/apm-server --version=7.7.0 - ``` +* Install the latest 7.7 release: +`helm install --name apm-server elastic/apm-server --version=7.7.0` ### Using the 7.7 branch -* Clone the git repo and checkout the right branch +* Clone the git repo and checkout the right branch: - ```bash + ```shell git clone git@github.com:elastic/helm-charts.git cd helm-charts git checkout -b 7.7 origin/7.7 - ``` + ```` -* Install the latest 7.7.0-SNAPSHOT +* Install the latest 7.7.0-SNAPSHOT: +`helm install --name apm-server ./helm-charts/apm-server` - ```bash - helm install --name apm-server ./helm-charts/apm-server - ``` + +## Upgrading + +Please always check [CHANGELOG.md][] and [BREAKING_CHANGES.md][] before +upgrading to a new chart version. + + +## Usage notes + +* The default APM Server configuration file for this chart is configured to use +an Elasticsearch endpoint as configured by the rest of these Helm charts. This +can easily be overridden in the config value `apmConfig.apm-server.yml`. + +* Automated testing of this chart is currently only run against GKE (Google +Kubernetes Engine). ## Configuration -| Parameter | Description | Default | -| ------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------- | -| `apmConfig` | Allows you to add any config files in `/usr/share/apm-server/config` such as `apm-server.yml`. See [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/apm-server/values.yaml) for an example of the formatting with the default configuration. | see [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/apm-server/values.yaml) | -| `replicas` | Number of APM servers to run | `1` | -| `extraContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | -| `extraInitContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | -| `extraEnvs` | Extra [environment variables](https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config) which will be appended to the `env:` definition for the container | `[]` | -| `envFrom` | Templatable string of envFrom to be passed to the [environment from variables](https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables) which will be appended to the `envFrom:` definition for the container | `[]` | -| `extraVolumeMounts` | List of additional volumeMounts | `[]` | -| `extraVolumes` | List of additional volumes | `[]` | -| `image` | The APM Server docker image | `docker.elastic.co/apm/apm-server` | -| `imageTag` | The APM Server docker image tag | `7.7.0-SNAPSHOT` | -| `imagePullPolicy` | The Kubernetes [imagePullPolicy](https://kubernetes.io/docs/concepts/containers/images/#updating-images) value | `IfNotPresent` | -| `imagePullSecrets` | Configuration for [imagePullSecrets](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret) so that you can use a private registry for your image | `[]` | -| `managedServiceAccount` | Whether the `serviceAccount` should be managed by this helm chart. Set this to `false` in order to manage your own service account and related roles. | `true` | -| `podAnnotations` | Configurable [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) applied to all APM Server pods | `{}` | -| `labels` | Configurable [label](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/) applied to all APM server pods | `{}` | -| `podSecurityContext` | Configurable [podSecurityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) for APM Server pod execution environment | `runAsUser: 0`
`privileged: false` | -| `livenessProbe` | Parameters to pass to [liveness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/) checks for values such as timeouts and thresholds. | `failureThreshold: 3`
`initialDelaySeconds: 10`
`periodSeconds: 10`
`successThreshold: 3`
`timeoutSeconds: 5` | -| `readinessProbe` | Parameters to pass to [readiness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/) checks for values such as timeouts and thresholds. | `failureThreshold: 3`
`initialDelaySeconds: 10`
`periodSeconds: 10`
`successThreshold: 3`
`timeoutSeconds: 5` | -| `resources` | Allows you to set the [resources](https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/) for the `Deployment` | `requests.cpu: 100m`
`requests.memory: 100Mi`
`limits.cpu: 1000m`
`limits.memory: 200Mi` | -| `serviceAccount` | Custom [serviceAccount](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/) that APM Server will use during execution. By default will use the service account created by this chart. | `""` | -| `secretMounts` | Allows you easily mount a secret as a file inside the `Deployment`. Useful for mounting certificates and other secrets. See [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/apm-server/values.yaml) for an example | `[]` | -| `terminationGracePeriod` | Termination period (in seconds) to wait before killing APM Server pod process on pod shutdown | `30` | -| `tolerations` | Configurable [tolerations](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` | -| `nodeSelector` | Configurable [nodeSelector](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector) | `{}` | -| `affinity` | Configurable [affinity](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity) | `{}` | -| `priorityClassName` | The [name of the PriorityClass](https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass). No default is supplied as the PriorityClass must be created first. | `""` | -| `updateStrategy` | Allows you to change the default update [strategy](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#updating-a-deployment) for the deployment. | `RollingUpdate` | -| `autoscaling.enabled` | Enable the pod [horizonatal auto scaler](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) | `false` | -| `ingress` | Configurable [ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/) to expose the APM Server service. See [`values.yaml`](https://github.com/elastic/helm-charts/tree/7.7/apm-server/values.yaml) for an example | `enabled: false` | -| `service` | Configurable [service](https://kubernetes.io/docs/concepts/services-networking/service/) to expose the APM Server service. See [`values.yaml`](https://github.com/elastic/helm-charts/tree/7.7/apm-server/values.yaml) for an example | `type: ClusterIP`
`port: 8200`
`nodePort:`
`annotations: {}` | -| `lifecycle` | Configurable [livecycle hooks](https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/) | `false` | -| `nameOverride` | Overrides the chart name for resources. If not set the name will default to `.Chart.Name` | `""` | -| `fullnameOverride` | Overrides the full name of the resources. If not set the name will default to `.Release.Name`-`.Values.nameOverride` or `.Chart.Name` | `""` | + +| Parameter | Description | Default | +|--------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------| +| `affinity` | Configurable [affinity][] | `{}` | +| `apmConfig` | Allows you to add any config files in `/usr/share/apm-server/config` such as `apm-server.yml` | see [values.yaml][] | +| `autoscaling` | Enable the [horizontal pod autoscaler][] | `enabled: false` | +| `envFrom` | Templatable string to be passed to the [environment from variables][] which will be appended to the `envFrom:` definition for the container | `[]` | +| `extraContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | +| `extraEnvs` | Extra [environment variables][] which will be appended to the `env:` definition for the container | `[]` | +| `extraInitContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | +| `extraVolumeMounts` | List of additional `volumeMounts` | `[]` | +| `extraVolumes` | List of additional `volumes` | `[]` | +| `fullnameOverride` | Overrides the full name of the resources. If not set the name will default to `.Release.Name` - `.Values.nameOverride` or `.Chart.Name` | `""` | +| `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | +| `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | +| `imageTag` | The APM Server Docker image tag | `7.7.0-SNAPSHOT` | +| `image` | The APM Server Docker image | `docker.elastic.co/apm/apm-server` | +| `ingress` | Configurable [ingress][] to expose the APM Server service | see [values.yaml][] | +| `labels` | Configurable [labels][] applied to all APM server pods | `{}` | +| `lifecycle` | Configurable [lifecycle hooks][] | `false` | +| `livenessProbe` | Parameters to pass to liveness [probe][] checks for values such as timeouts and thresholds | see [values.yaml][] | +| `managedServiceAccount` | Whether the `serviceAccount` should be managed by this Helm chart. Set this to `false` in order to manage your own service account and related roles | `true` | +| `nameOverride` | Overrides the chart name for resources. If not set the name will default to `.Chart.Name` | `""` | +| `nodeSelector` | Configurable [nodeSelector][] | `{}` | +| `podAnnotations` | Configurable [annotations][] applied to all APM Server pods | `{}` | +| `podSecurityContext` | Configurable [podSecurityContext][] for APM Server pod execution environment | see [values.yaml][] | +| `priorityClassName` | The name of the [PriorityClass][]. No default is supplied as the `PriorityClass` must be created first | `""` | +| `readinessProbe` | Parameters to pass to readiness [probe][] checks for values such as timeouts and thresholds | see [values.yaml][] | +| `replicas` | Number of APM servers to run | `1` | +| `resources` | Allows you to set the [resources][] for the `Deployment` | see [values.yaml][] | +| `secretMounts` | Allows you easily mount a secret as a file inside the `Deployment`. Useful for mounting certificates and other secrets. See [values.yaml][] for an example | `[]` | +| `serviceAccount` | Custom [serviceAccount][] that APM Server will use during execution. By default will use the `serviceAccount` created by this chart | `""` | +| `service` | Configurable [service][] to expose the APM Server service. See [values.yaml][] for an example | see [values.yaml][] | +| `terminationGracePeriod` | Termination period (in seconds) to wait before killing APM Server pod process on pod shutdown | `30` | +| `tolerations` | Configurable [tolerations][] | `[]` | +| `updateStrategy` | Allows you to change the default [updateStrategy][] for the deployment | see [values.yaml][] | + ## Examples -In [examples/](ahttps://github.com/elastic/helm-charts/tree/7.7/apm-server/examples) you will find some example configurations. These examples -are used for the automated testing of this helm chart. +In [examples][] you will find some example configurations. These examples are +used for the automated testing of this Helm chart. ### Default -* Deploy the [default Elasticsearch helm chart](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/README.md#default) -* Deploy APM Server with the default values +* Deploy the [default Elasticsearch Helm chart][]. + +* Deploy APM Server with the default values: + ``` cd examples/default make ``` -* You can now setup a port forward for Elasticsearch to observe APM indices + +* You can now setup a port forward for Elasticsearch to observe APM indices: + ``` kubectl port-forward svc/elasticsearch-master 9200 curl localhost:9200/_cat/indices ``` -## Testing - -This chart uses [pytest](https://docs.pytest.org/en/latest/) to test the templating -logic. The dependencies for testing can be installed from the -[`requirements.txt`](https://github.com/elastic/helm-charts/tree/7.7/requirements.txt) in the parent directory. - -``` -pip install -r ../requirements.txt -make pytest -``` - -You can also use `helm template` to look at the YAML being generated - -``` -make template -``` - -It is possible to run all of the tests and linting inside of a docker container - -``` -make test -``` - -## Integration Testing - -Integration tests are run using -[goss](https://github.com/aelsabbahy/goss/blob/master/docs/manual.md) which is a -serverspec like tool written in golang. See [goss.yaml](https://github.com/elastic/helm-charts/tree/7.7/apm-server/examples/default/test/goss.yaml) -for an example of what the tests look like. -To run the goss tests against the default example: -``` -cd examples/default -make goss -``` +## Contributing + +Please check [CONTRIBUTING.md][] before any contribution or for any questions +about our development and testing process. + + +[BREAKING_CHANGES.md]: https://github.com/elastic/helm-charts/blob/master/BREAKING_CHANGES.md +[CHANGELOG.md]: https://github.com/elastic/helm-charts/blob/master/CHANGELOG.md +[CONTRIBUTING.md]: https://github.com/elastic/helm-charts/blob/master/CONTRIBUTING.md +[affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity +[annotations]: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ +[apm server docker image]: https://www.elastic.co/guide/en/apm/server/current/running-on-docker.html +[default elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/README.md#default +[environment variables]: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config +[examples]: https://github.com/elastic/helm-charts/tree/7.7/apm-server/examples +[helm]: https://helm.sh +[horizontal pod autoscaler]: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ +[imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images +[imagePullSecrets]: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret +[ingress]: https://kubernetes.io/docs/concepts/services-networking/ingress/ +[labels]: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ +[lifecycle hooks]: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/ +[nodeSelector]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector +[podSecurityContext]: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +[priorityClass]: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass +[probe]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ +[resources]: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ +[service]: https://kubernetes.io/docs/concepts/services-networking/service/ +[serviceAccount]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ +[tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +[updateStrategy]: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#updating-a-deployment +[values.yaml]: https://github.com/elastic/helm-charts/tree/7.7/apm-server/values.yaml diff --git a/elasticsearch/README.md b/elasticsearch/README.md index 995593f14..aaecfdb79 100644 --- a/elasticsearch/README.md +++ b/elasticsearch/README.md @@ -1,163 +1,208 @@ # Elasticsearch Helm Chart + + + + +- [Requirements](#requirements) +- [Installing](#installing) + - [Using Helm repository](#using-helm-repository) + - [Using the 7.7 branch](#using-the-77-branch) +- [Upgrading](#upgrading) +- [Usage notes](#usage-notes) +- [Migration from helm/charts stable](#migration-from-helmcharts-stable) +- [Configuration](#configuration) + - [Deprecated](#deprecated) +- [Try it out](#try-it-out) + - [Default](#default) + - [Multi](#multi) + - [Security](#security) +- [FAQ](#faq) + - [How to install plugins?](#how-to-install-plugins) + - [How to use the keystore?](#how-to-use-the-keystore) + - [Basic example](#basic-example) + - [Multiple keys](#multiple-keys) + - [Custom paths and keys](#custom-paths-and-keys) + - [How to enable snapshotting?](#how-to-enable-snapshotting) +- [Local development environments](#local-development-environments) + - [Minikube](#minikube) + - [Docker for Mac - Kubernetes](#docker-for-mac---kubernetes) + - [KIND - Kubernetes](#kind---kubernetes) + - [MicroK8S](#microk8s) +- [Clustering and Node Discovery](#clustering-and-node-discovery) +- [Contributing](#contributing) + + + + + + +This functionality is in beta and is subject to change. The design and code is +less mature than official GA features and is being provided as-is with no +warranties. Beta features are not subject to the support SLA of official GA +features. + +This Helm chart is a lightweight way to configure and run our official +[Elasticsearch Docker image][]. -This functionality is in beta and is subject to change. The design and code is less mature than official GA features and is being provided as-is with no warranties. Beta features are not subject to the support SLA of official GA features. - -This helm chart is a lightweight way to configure and run our official [Elasticsearch docker image](https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html) - -## Notice - -[7.6.1](https://github.com/elastic/helm-charts/releases/tag/7.6.1) release is introducing a change for Elasticsearch users upgrading from a previous chart version. -Following our recommandations, the change tracked in [#458](https://github.com/elastic/helm-charts/pull/458) is setting CPU request to the same value as CPU limit. - -For users which don't overwrite default values for CPU requests, Elasticsearch pod will now request `1000m` CPU instead of `100m` CPU. This may impact the resources (nodes) required in your Kubernetes cluster to deploy Elasticsearch chart. - -If you wish to come back to former values, you just need to override CPU requests when deploying your Helm Chart. - -- Overriding CPU requests in commandline argument: -``` -helm install --name elasticsearch --set resources.requests.cpu=100m elastic/elasticsearch -``` - -- Overriding CPU requests in your custom `values.yaml` file: -``` -resources: - requests: - cpu: "100m" -``` ## Requirements -* [Helm](https://helm.sh/) >=2.8.0 and <3.0.0 (see parent [README](https://github.com/elastic/helm-charts/tree/7.7/README.md) for more details) +* [Helm][] >=2.8.0 and <3.0.0 (see [parent README][] for more details) * Kubernetes >=1.8 -* Minimum cluster requirements include the following to run this chart with default settings. All of these settings are configurable. +* Minimum cluster requirements include the following to run this chart with +default settings. All of these settings are configurable. * Three Kubernetes nodes to respect the default "hard" affinity settings * 1GB of RAM for the JVM heap -## Usage notes and getting started - -* This repo includes a number of [example](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples) configurations which can be used as a reference. They are also used in the automated testing of this chart -* Automated testing of this chart is currently only run against GKE (Google Kubernetes Engine). -* The chart deploys a statefulset and by default will do an automated rolling update of your cluster. It does this by waiting for the cluster health to become green after each instance is updated. If you prefer to update manually you can set [`updateStrategy: OnDelete`](https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#on-delete) -* It is important to verify that the JVM heap size in `esJavaOpts` and to set the CPU/Memory `resources` to something suitable for your cluster -* To simplify chart and maintenance each set of node groups is deployed as a separate helm release. Take a look at the [multi](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/multi) example to get an idea for how this works. Without doing this it isn't possible to resize persistent volumes in a statefulset. By setting it up this way it makes it possible to add more nodes with a new storage size then drain the old ones. It also solves the problem of allowing the user to determine which node groups to update first when doing upgrades or changes. -* We have designed this chart to be very un-opinionated about how to configure Elasticsearch. It exposes ways to set environment variables and mount secrets inside of the container. Doing this makes it much easier for this chart to support multiple versions with minimal changes. - -## Migration from helm/charts stable - -If you currently have a cluster deployed with the [helm/charts stable](https://github.com/helm/charts/tree/master/stable/elasticsearch) chart you can follow the [migration guide](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/migration/README.md) ## Installing This chart is tested with the latest 7.7.0-SNAPSHOT versions. -* Add the elastic helm charts repo +### Using Helm repository - ```bash - helm repo add elastic https://helm.elastic.co - ``` +* Add the Elastic Helm charts repo: +`helm repo add elastic https://helm.elastic.co` -* Install the latest 7.7 release - - ```bash - helm install --name elasticsearch elastic/elasticsearch --version=7.7.0 - ``` +* Install the latest 7.7 release: +`helm install --name elasticsearch elastic/elasticsearch --version=7.7.0` ### Using the 7.7 branch -* Clone the git repo and checkout the right branch +* Clone the git repo and checkout the right branch: - ```bash + ```shell git clone git@github.com:elastic/helm-charts.git cd helm-charts git checkout -b 7.7 origin/7.7 - ``` + ```` + +* Install the latest 7.7.0-SNAPSHOT: +`helm install --name elasticsearch ./helm-charts/elasticsearch` + + +## Upgrading + +Please always check [CHANGELOG.md][] and [BREAKING_CHANGES.md][] before +upgrading to a new chart version. + + +## Usage notes -* Install the latest 7.7.0-SNAPSHOT +* This repo includes a number of [examples][] configurations which can be used +as a reference. They are also used in the automated testing of this chart. +* Automated testing of this chart is currently only run against GKE (Google +Kubernetes Engine). +* The chart deploys a StatefulSet and by default will do an automated rolling +update of your cluster. It does this by waiting for the cluster health to become +green after each instance is updated. If you prefer to update manually you can +set `OnDelete` [updateStrategy][]. +* It is important to verify that the JVM heap size in `esJavaOpts` and to set +the CPU/Memory `resources` to something suitable for your cluster. +* To simplify chart and maintenance each set of node groups is deployed as a +separate Helm release. Take a look at the [multi][] example to get an idea for +how this works. Without doing this it isn't possible to resize persistent +volumes in a StatefulSet. By setting it up this way it makes it possible to add +more nodes with a new storage size then drain the old ones. It also solves the +problem of allowing the user to determine which node groups to update first when +doing upgrades or changes. +* We have designed this chart to be very un-opinionated about how to configure +Elasticsearch. It exposes ways to set environment variables and mount secrets +inside of the container. Doing this makes it much easier for this chart to +support multiple versions with minimal changes. - ```bash - helm install --name elasticsearch ./helm-charts/elasticsearch - ``` + +## Migration from helm/charts stable + +If you currently have a cluster deployed with the [helm/charts stable][] chart +you can follow the [migration guide][]. ## Configuration -| Parameter | Description | Default | -| ---------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------- | -| `clusterName` | This will be used as the Elasticsearch [cluster.name](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster.name.html) and should be unique per cluster in the namespace | `elasticsearch` | -| `nodeGroup` | This is the name that will be used for each group of nodes in the cluster. The name will be `clusterName-nodeGroup-X`, `nameOverride-nodeGroup-X` if a nameOverride is specified, and `fullnameOverride-X` if a fullnameOverride is specified | `master` | -| `masterService` | Optional. The service name used to connect to the masters. You only need to set this if your master `nodeGroup` is set to something other than `master`. See [Clustering and Node Discovery](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/README.md#clustering-and-node-discovery) for more information | `` | -| `roles` | A hash map with the [specific roles](https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-node.html) for the node group | `master: true`
`data: true`
`ingest: true` | -| `replicas` | Kubernetes replica count for the statefulset (i.e. how many pods) | `3` | -| `minimumMasterNodes` | The value for [discovery.zen.minimum_master_nodes](https://www.elastic.co/guide/en/elasticsearch/reference/6.7/discovery-settings.html#minimum_master_nodes). Should be set to `(master_eligible_nodes / 2) + 1`. Ignored in Elasticsearch versions >= 7. | `2` | -| `esMajorVersion` | Used to set major version specific configuration. If you are using a custom image and not running the default Elasticsearch version you will need to set this to the version you are running (e.g. `esMajorVersion: 6`) | `""` | -| `esConfig` | Allows you to add any config files in `/usr/share/elasticsearch/config/` such as `elasticsearch.yml` and `log4j2.properties`. See [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/values.yaml) for an example of the formatting. | `{}` | -| `extraEnvs` | Extra [environment variables](https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config) which will be appended to the `env:` definition for the container | `[]` | -| `envFrom` | Templatable string of envFrom to be passed to the [environment from variables](https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables) which will be appended to the `envFrom:` definition for the container | `[]` | -| `extraVolumes` | Templatable string of additional volumes to be passed to the `tpl` function | `[]` | -| `extraVolumeMounts` | Templatable string of additional volumeMounts to be passed to the `tpl` function | `[]` | -| `extraContainers` | Templatable string of additional containers to be passed to the `tpl` function | `[]` | -| `extraInitContainers` | Templatable string of additional init containers to be passed to the `tpl` function | `[]` | -| `secretMounts` | Allows you easily mount a secret as a file inside the statefulset. Useful for mounting certificates and other secrets. See [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/values.yaml) for an example | `[]` | -| `image` | The Elasticsearch docker image | `docker.elastic.co/elasticsearch/elasticsearch` | -| `imageTag` | The Elasticsearch docker image tag | `7.7.0-SNAPSHOT` | -| `imagePullPolicy` | The Kubernetes [imagePullPolicy](https://kubernetes.io/docs/concepts/containers/images/#updating-images) value | `IfNotPresent` | -| `podAnnotations` | Configurable [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) applied to all Elasticsearch pods | `{}` | -| `labels` | Configurable [label](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/) applied to all Elasticsearch pods | `{}` | -| `esJavaOpts` | [Java options](https://www.elastic.co/guide/en/elasticsearch/reference/current/jvm-options.html) for Elasticsearch. This is where you should configure the [jvm heap size](https://www.elastic.co/guide/en/elasticsearch/reference/current/heap-size.html) | `-Xmx1g -Xms1g` | -| `resources` | Allows you to set the [resources](https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/) for the statefulset | `requests.cpu: 1000m`
`requests.memory: 2Gi`
`limits.cpu: 1000m`
`limits.memory: 2Gi` | -| `initResources` | Allows you to set the [resources](https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/) for the initContainer in the statefulset | {} | -| `sidecarResources` | Allows you to set the [resources](https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/) for the sidecar containers in the statefulset | {} | -| `networkHost` | Value for the [network.host Elasticsearch setting](https://www.elastic.co/guide/en/elasticsearch/reference/current/network.host.html) | `0.0.0.0` | -| `volumeClaimTemplate` | Configuration for the [volumeClaimTemplate for statefulsets](https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#stable-storage). You will want to adjust the storage (default `30Gi`) and the `storageClassName` if you are using a different storage class | `accessModes: [ "ReadWriteOnce" ]`
`resources.requests.storage: 30Gi` | -| `persistence.annotations` | Additional persistence annotations for the `volumeClaimTemplate` | `{}` | -| `persistence.enabled` | Enables a persistent volume for Elasticsearch data. Can be disabled for nodes that only have [roles](https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-node.html) which don't require persistent data. | `true` | -| `priorityClassName` | The [name of the PriorityClass](https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass). No default is supplied as the PriorityClass must be created first. | `""` | -| `antiAffinityTopologyKey` | The [anti-affinity topology key](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity). By default this will prevent multiple Elasticsearch nodes from running on the same Kubernetes node | `kubernetes.io/hostname` | -| `antiAffinity` | Setting this to hard enforces the [anti-affinity rules](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity). If it is set to soft it will be done "best effort". Other values will be ignored. | `hard` | -| `nodeAffinity` | Value for the [node affinity settings](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#node-affinity-beta-feature) | `{}` | -| `podManagementPolicy` | By default Kubernetes [deploys statefulsets serially](https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-management-policies). This deploys them in parallel so that they can discover eachother | `Parallel` | -| `protocol` | The protocol that will be used for the readinessProbe. Change this to `https` if you have `xpack.security.http.ssl.enabled` set | `http` | -| `httpPort` | The http port that Kubernetes will use for the healthchecks and the service. If you change this you will also need to set [http.port](https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-http.html#_settings) in `extraEnvs` | `9200` | -| `transportPort` | The transport port that Kubernetes will use for the service. If you change this you will also need to set [transport port configuration](https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-transport.html#_transport_settings) in `extraEnvs` | `9300` | -| `service.labels` | Labels to be added to non-headless service | `{}` | -| `service.labelsHeadless` | Labels to be added to headless service | `{}` | -| `service.loadBalancerIP` | Some cloud providers allow you to specify the loadBalancerIP. If the loadBalancerIP field is not specified, the IP is dynamically assigned. If you specify a loadBalancerIP but your cloud provider does not support the feature, the loadbalancerIP field is ignored. [LoadBalancer options](https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer) | `""` | -| `service.type` | Type of elasticsearch service. [Service Types](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) | `ClusterIP` | -| `service.nodePort` | Custom [nodePort](https://kubernetes.io/docs/concepts/services-networking/service/#nodeport) port that can be set if you are using `service.type: nodePort`. | `` | -| `service.annotations` | Annotations that Kubernetes will use for the service. This will configure load balancer if `service.type` is `LoadBalancer` [Annotations](https://kubernetes.io/docs/concepts/services-networking/service/#ssl-support-on-aws) | `{}` | -| `service.httpPortName` | The name of the http port within the service | `http` | -| `service.transportPortName` | The name of the transport port within the service | `transport` | -| `service.loadBalancerSourceRanges` | The IP ranges that are allowed to access | `[]` | -| `updateStrategy` | The [updateStrategy](https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#updating-statefulsets) for the statefulset. By default Kubernetes will wait for the cluster to be green after upgrading each pod. Setting this to `OnDelete` will allow you to manually delete each pod during upgrades | `RollingUpdate` | -| `maxUnavailable` | The [maxUnavailable](https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget) value for the pod disruption budget. By default this will prevent Kubernetes from having more than 1 unhealthy pod in the node group | `1` | -| `fsGroup (DEPRECATED)` | The Group ID (GID) for [securityContext.fsGroup](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) so that the Elasticsearch user can read from the persistent volume | `` | -| `podSecurityContext` | Allows you to set the [securityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) for the pod | `fsGroup: 1000`
`runAsUser: 1000` | -| `securityContext` | Allows you to set the [securityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) for the container | `capabilities.drop:[ALL]`
`runAsNonRoot: true`
`runAsUser: 1000` | -| `terminationGracePeriod` | The [terminationGracePeriod](https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods) in seconds used when trying to stop the pod | `120` | -| `sysctlInitContainer.enabled` | Allows you to disable the sysctlInitContainer if you are setting vm.max_map_count with another method | `true` | -| `sysctlVmMaxMapCount` | Sets the [sysctl vm.max_map_count](https://www.elastic.co/guide/en/elasticsearch/reference/current/vm-max-map-count.html#vm-max-map-count) needed for Elasticsearch | `262144` | -| `readinessProbe` | Configuration fields for the [readinessProbe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/) | `failureThreshold: 3`
`initialDelaySeconds: 10`
`periodSeconds: 10`
`successThreshold: 3`
`timeoutSeconds: 5` | -| `clusterHealthCheckParams` | The [Elasticsearch cluster health status params](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-health.html#request-params) that will be used by readinessProbe command | `wait_for_status=green&timeout=1s` | -| `imagePullSecrets` | Configuration for [imagePullSecrets](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret) so that you can use a private registry for your image | `[]` | -| `nodeSelector` | Configurable [nodeSelector](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector) so that you can target specific nodes for your Elasticsearch cluster | `{}` | -| `tolerations` | Configurable [tolerations](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` | -| `ingress` | Configurable [ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/) to expose the Elasticsearch service. See [`values.yaml`](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/values.yaml) for an example | `enabled: false` | -| `schedulerName` | Name of the [alternate scheduler](https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/#specify-schedulers-for-pods) | `nil` | -| `masterTerminationFix` | A workaround needed for Elasticsearch < 7.2 to prevent master status being lost during restarts [#63](https://github.com/elastic/helm-charts/issues/63) | `false` | -| `lifecycle` | Allows you to add lifecycle configuration. See [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/values.yaml) for an example of the formatting. | `{}` | -| `keystore` | Allows you map Kubernetes secrets into the keystore. See the [config example](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/config/values.yaml) and [how to use the keystore](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/README.md#how-to-use-the-keystore) | `[]` | -| `rbac` | Configuration for creating a role, role binding and service account as part of this helm chart with `create: true`. Also can be used to reference an external service account with `serviceAccountName: "externalServiceAccountName"`. | `create: false`
`serviceAccountName: ""` | -| `podSecurityPolicy` | Configuration for create a pod security policy with minimal permissions to run this Helm chart with `create: true`. Also can be used to reference an external pod security policy with `name: "externalPodSecurityPolicy"` | `create: false`
`name: ""` | -| `nameOverride` | Overrides the clusterName when used in the naming of resources | `""` | -| `fullnameOverride` | Overrides the clusterName and nodeGroup when used in the naming of resources. This should only be used when using a single nodeGroup, otherwise you will have name conflicts | `""` | +| Parameter | Description | Default | +|------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------| +| `antiAffinityTopologyKey` | The [anti-affinity][] topology key. By default this will prevent multiple Elasticsearch nodes from running on the same Kubernetes node | `kubernetes.io/hostname` | +| `antiAffinity` | Setting this to hard enforces the [anti-affinity][] rules. If it is set to soft it will be done "best effort". Other values will be ignored | `hard` | +| `clusterHealthCheckParams` | The [Elasticsearch cluster health status params][] that will be used by readiness [probe][] command | `wait_for_status=green&timeout=1s` | +| `clusterName` | This will be used as the Elasticsearch [cluster.name][] and should be unique per cluster in the namespace | `elasticsearch` | +| `envFrom` | Templatable string to be passed to the [environment from variables][] which will be appended to the `envFrom:` definition for the container | `[]` | +| `esConfig` | Allows you to add any config files in `/usr/share/elasticsearch/config/` such as `elasticsearch.yml` and `log4j2.properties`. See [values.yaml][] for an example of the formatting | `{}` | +| `esJavaOpts` | [Java options][] for Elasticsearch. This is where you should configure the [jvm heap size][] | `-Xmx1g -Xms1g` | +| `esMajorVersion` | Used to set major version specific configuration. If you are using a custom image and not running the default Elasticsearch version you will need to set this to the version you are running (e.g. `esMajorVersion: 6`) | `""` | +| `extraContainers` | Templatable string of additional `containers` to be passed to the `tpl` function | `""` | +| `extraEnvs` | Extra [environment variables][] which will be appended to the `env:` definition for the container | `[]` | +| `extraInitContainers` | Templatable string of additional `initContainers` to be passed to the `tpl` function | `""` | +| `extraVolumeMounts` | Templatable string of additional `volumeMounts` to be passed to the `tpl` function | `""` | +| `extraVolumes` | Templatable string of additional `volumes` to be passed to the `tpl` function | `""` | +| `fullnameOverride` | Overrides the `clusterName` and `nodeGroup` when used in the naming of resources. This should only be used when using a single `nodeGroup`, otherwise you will have name conflicts | `""` | +| `httpPort` | The http port that Kubernetes will use for the healthchecks and the service. If you change this you will also need to set [http.port][] in `extraEnvs` | `9200` | +| `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | +| `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | +| `imageTag` | The Elasticsearch Docker image tag | `7.7.0-SNAPSHOT` | +| `image` | The Elasticsearch Docker image | `docker.elastic.co/elasticsearch/elasticsearch` | +| `ingress` | Configurable [ingress][] to expose the Elasticsearch service. See [values.yaml][] for an example | see [values.yaml][] | +| `initResources` | Allows you to set the [resources][] for the `initContainer` in the StatefulSet | `{}` | +| `keystore` | Allows you map Kubernetes secrets into the keystore. See the [config example][] and [how to use the keystore][] | `[]` | +| `labels` | Configurable [labels][] applied to all Elasticsearch pods | `{}` | +| `lifecycle` | Allows you to add lifecycle configuration. See [values.yaml][] for an example of the formatting | `{}` | +| `masterService` | The service name used to connect to the masters. You only need to set this if your master `nodeGroup` is set to something other than `master`. See [Clustering and Node Discovery][] for more information | `""` | +| `masterTerminationFix` | A workaround needed for Elasticsearch < 7.2 to prevent master status being lost during restarts [#63][] | `false` | +| `maxUnavailable` | The [maxUnavailable][] value for the pod disruption budget. By default this will prevent Kubernetes from having more than 1 unhealthy pod in the node group | `1` | +| `minimumMasterNodes` | The value for [discovery.zen.minimum_master_nodes][]. Should be set to `(master_eligible_nodes / 2) + 1`. Ignored in Elasticsearch versions >= 7 | `2` | +| `nameOverride` | Overrides the `clusterName` when used in the naming of resources | `""` | +| `networkHost` | Value for the [network.host Elasticsearch setting][] | `0.0.0.0` | +| `nodeAffinity` | Value for the [node affinity settings][] | `{}` | +| `nodeGroup` | This is the name that will be used for each group of nodes in the cluster. The name will be `clusterName-nodeGroup-X` , `nameOverride-nodeGroup-X` if a `nameOverride` is specified, and `fullnameOverride-X` if a `fullnameOverride` is specified | `master` | +| `nodeSelector` | Configurable [nodeSelector][] so that you can target specific nodes for your Elasticsearch cluster | `{}` | +| `persistence` | Enables a persistent volume for Elasticsearch data. Can be disabled for nodes that only have [roles][] which don't require persistent data | see [values.yaml][] | +| `podAnnotations` | Configurable [annotations][] applied to all Elasticsearch pods | `{}` | +| `podManagementPolicy` | By default Kubernetes [deploys StatefulSets serially][]. This deploys them in parallel so that they can discover each other | `Parallel` | +| `podSecurityContext` | Allows you to set the [securityContext][] for the pod | see [values.yaml][] | +| `podSecurityPolicy` | Configuration for create a pod security policy with minimal permissions to run this Helm chart with `create: true`. Also can be used to reference an external pod security policy with `name: "externalPodSecurityPolicy"` | see [values.yaml][] | +| `priorityClassName` | The name of the [PriorityClass][]. No default is supplied as the PriorityClass must be created first | `""` | +| `protocol` | The protocol that will be used for the readiness [probe][]. Change this to `https` if you have `xpack.security.http.ssl.enabled` set | `http` | +| `rbac` | Configuration for creating a role, role binding and ServiceAccount as part of this Helm chart with `create: true`. Also can be used to reference an external ServiceAccount with `serviceAccountName: "externalServiceAccountName"` | see [values.yaml][] | +| `readinessProbe` | Configuration fields for the readiness [probe][] | see [values.yaml][] | +| `replicas` | Kubernetes replica count for the StatefulSet (i.e. how many pods) | `3` | +| `resources` | Allows you to set the [resources][] for the StatefulSet | see [values.yaml][] | +| `roles` | A hash map with the specific [roles][] for the `nodeGroup` | see [values.yaml][] | +| `schedulerName` | Name of the [alternate scheduler][] | `""` | +| `secretMounts` | Allows you easily mount a secret as a file inside the StatefulSet. Useful for mounting certificates and other secrets. See [values.yaml][] for an example | `[]` | +| `securityContext` | Allows you to set the [securityContext][] for the container | see [values.yaml][] | +| `service.annotations` | [LoadBalancer annotations][] that Kubernetes will use for the service. This will configure load balancer if `service.type` is `LoadBalancer` | `{}` | +| `service.httpPortName` | The name of the http port within the service | `http` | +| `service.labelsHeadless` | Labels to be added to headless service | `{}` | +| `service.labels` | Labels to be added to non-headless service | `{}` | +| `service.loadBalancerIP` | Some cloud providers allow you to specify the [loadBalancer][] IP. If the `loadBalancerIP` field is not specified, the IP is dynamically assigned. If you specify a `loadBalancerIP` but your cloud provider does not support the feature, it is ignored. | `""` | +| `service.loadBalancerSourceRanges` | The IP ranges that are allowed to access | `[]` | +| `service.nodePort` | Custom [nodePort][] port that can be set if you are using `service.type: nodePort` | `""` | +| `service.transportPortName` | The name of the transport port within the service | `transport` | +| `service.type` | Elasticsearch [Service Types][] | `ClusterIP` | +| `sidecarResources` | Allows you to set the [resources][] for the sidecar containers in the StatefulSet | {} | +| `sysctlInitContainer` | Allows you to disable the `sysctlInitContainer` if you are setting [sysctl vm.max_map_count][] with another method | `enabled: true` | +| `sysctlVmMaxMapCount` | Sets the [sysctl vm.max_map_count][] needed for Elasticsearch | `262144` | +| `terminationGracePeriod` | The [terminationGracePeriod][] in seconds used when trying to stop the pod | `120` | +| `tolerations` | Configurable [tolerations][] | `[]` | +| `transportPort` | The transport port that Kubernetes will use for the service. If you change this you will also need to set [transport port configuration][] in `extraEnvs` | `9300` | +| `updateStrategy` | The [updateStrategy][] for the StatefulSet. By default Kubernetes will wait for the cluster to be green after upgrading each pod. Setting this to `OnDelete` will allow you to manually delete each pod during upgrades | `RollingUpdate` | +| `volumeClaimTemplate` | Configuration for the [volumeClaimTemplate for StatefulSets][]. You will want to adjust the storage (default `30Gi` ) and the `storageClassName` if you are using a different storage class | see [values.yaml][] | + +### Deprecated + +| Parameter | Description | Default | +|-----------|---------------------------------------------------------------------------------------------------------------|---------| +| `fsGroup` | The Group ID (GID) for [securityContext][] so that the Elasticsearch user can read from the persistent volume | `""` | + ## Try it out -In [examples/](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples) you will find some example configurations. These examples are used for the automated testing of this helm chart +In [examples][] you will find some example configurations. These examples are +used for the automated testing of this Helm chart. ### Default -To deploy a cluster with all default values and run the integration tests +To deploy a cluster with all default values and run the integration tests: ``` cd examples/default @@ -166,7 +211,7 @@ make ### Multi -A cluster with dedicated node types +A cluster with dedicated node types: ``` cd examples/multi @@ -175,22 +220,27 @@ make ### Security -A cluster with node to node security and https enabled. This example uses autogenerated certificates and password, for a production deployment you want to generate SSL certificates following the [official docs](https://www.elastic.co/guide/en/elasticsearch/reference/current/configuring-tls.html#node-certificates). +A cluster with node to node security and https enabled. This example uses +autogenerated certificates and password, for a production deployment you want to +generate SSL certificates following the [official docs][node-certificates]. + +Generate the certificates and install Elasticsearch: + +``` +cd examples/security +make -* Generate the certificates and install Elasticsearch - ``` - cd examples/security - make +# Run a curl command to interact with the cluster +kubectl exec -ti security-master-0 -- sh -c 'curl -u $ELASTIC_USERNAME:$ELASTIC_PASSWORD -k https://localhost:9200/_cluster/health?pretty' +``` - # Run a curl command to interact with the cluster - kubectl exec -ti security-master-0 -- sh -c 'curl -u $ELASTIC_USERNAME:$ELASTIC_PASSWORD -k https://localhost:9200/_cluster/health?pretty' - ``` -### FAQ +## FAQ -#### How to install plugins? +### How to install plugins? -The [recommended](https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html#_c_customized_image) way to install plugins into our docker images is to create a custom docker image. +The recommended way to install plugins into our Docker images is to create a +[custom Docker image][]. The Dockerfile would look something like: @@ -205,15 +255,19 @@ And then updating the `image` in values to point to your custom image. There are a couple reasons we recommend this. -1. Tying the availability of Elasticsearch to the download service to install plugins is not a great idea or something that we recommend. Especially in Kubernetes where it is normal and expected for a container to be moved to another host at random times. -2. Mutating the state of a running docker image (by installing plugins) goes against best practices of containers and immutable infrastructure. +1. Tying the availability of Elasticsearch to the download service to install +plugins is not a great idea or something that we recommend. Especially in +Kubernetes where it is normal and expected for a container to be moved to +another host at random times. +2. Mutating the state of a running Docker image (by installing plugins) goes +against best practices of containers and immutable infrastructure. -#### How to use the keystore? +### How to use the keystore? +#### Basic example -##### Basic example - -Create the secret, the key name needs to be the keystore key path. In this example we will create a secret from a file and from a literal string. +Create the secret, the key name needs to be the keystore key path. In this +example we will create a secret from a file and from a literal string. ``` kubectl create secret generic encryption_key --from-file=xpack.watcher.encryption_key=./watcher_encryption_key @@ -221,15 +275,17 @@ kubectl create secret generic slack_hook --from-literal=xpack.notification.slack ``` To add these secrets to the keystore: + ``` keystore: - secretName: encryption_key - secretName: slack_hook ``` -##### Multiple keys +#### Multiple keys -All keys in the secret will be added to the keystore. To create the previous example in one secret you could also do: +All keys in the secret will be added to the keystore. To create the previous +example in one secret you could also do: ``` kubectl create secret generic keystore_secrets --from-file=xpack.watcher.encryption_key=./watcher_encryption_key --from-literal=xpack.notification.slack.account.monitoring.secure_url='https://hooks.slack.com/services/asdasdasd/asdasdas/asdasd' @@ -240,15 +296,21 @@ keystore: - secretName: keystore_secrets ``` -##### Custom paths and keys +#### Custom paths and keys -If you are using these secrets for other applications (besides the Elasticsearch keystore) then it is also possible to specify the keystore path and which keys you want to add. Everything specified under each `keystore` item will be passed through to the `volumeMounts` section for [mounting the secret](https://kubernetes.io/docs/concepts/configuration/secret/#using-secrets). In this example we will only add the `slack_hook` key from a secret that also has other keys. Our secret looks like this: +If you are using these secrets for other applications (besides the Elasticsearch +keystore) then it is also possible to specify the keystore path and which keys +you want to add. Everything specified under each `keystore` item will be passed +through to the `volumeMounts` section for mounting the [secret][]. In this +example we will only add the `slack_hook` key from a secret that also has other +keys. Our secret looks like this: ``` kubectl create secret generic slack_secrets --from-literal=slack_channel='#general' --from-literal=slack_hook='https://hooks.slack.com/services/asdasdasd/asdasdas/asdasd' ``` -We only want to add the `slack_hook` key to the keystore at path `xpack.notification.slack.account.monitoring.secure_url`. +We only want to add the `slack_hook` key to the keystore at path +`xpack.notification.slack.account.monitoring.secure_url`: ``` keystore: @@ -258,25 +320,37 @@ keystore: path: xpack.notification.slack.account.monitoring.secure_url ``` -You can also take a look at the [config example](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/config/) which is used as part of the automated testing pipeline. +You can also take a look at the [config example][] which is used as part of the +automated testing pipeline. -#### How to enable snapshotting? +### How to enable snapshotting? -1. Install your [snapshot plugin](https://www.elastic.co/guide/en/elasticsearch/plugins/current/repository.html) into a custom docker image following the [how to install plugins guide](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/README.md#how-to-install-plugins) -2. Add any required secrets or credentials into an Elasticsearch keystore following the [how to use the keystore guide](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/README.md#how-to-use-the-keystore) -3. Configure the [snapshot repository](https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-snapshots.html) as you normally would. -4. To automate snapshots you can use a tool like [curator](https://www.elastic.co/guide/en/elasticsearch/client/curator/current/snapshot.html). In the future there are plans to have Elasticsearch manage automated snapshots with [Snapshot Lifecycle Management](https://github.com/elastic/elasticsearch/issues/38461). +1. Install your [snapshot plugin][] into a custom Docker image following the +[how to install plugins guide][]. +2. Add any required secrets or credentials into an Elasticsearch keystore +following the [how to use the keystore][] guide. +3. Configure the [snapshot repository][] as you normally would. +4. To automate snapshots you can use a tool like [curator][]. In the future +there are plans to have Elasticsearch manage automated snapshots with +[Snapshot Lifecycle Management][]. -### Local development environments -This chart is designed to run on production scale Kubernetes clusters with multiple nodes, lots of memory and persistent storage. For that reason it can be a bit tricky to run them against local Kubernetes environments such as minikube. Below are some examples of how to get this working locally. +## Local development environments -#### Minikube +This chart is designed to run on production scale Kubernetes clusters with +multiple nodes, lots of memory and persistent storage. For that reason it can be +a bit tricky to run them against local Kubernetes environments such as minikube. +Below are some examples of how to get this working locally. -This chart also works successfully on [minikube](https://kubernetes.io/docs/setup/minikube/) in addition to typical hosted Kubernetes environments. -An example `values.yaml` file for minikube is provided under `examples/`. +### Minikube -In order to properly support the required persistent volume claims for the Elasticsearch `StatefulSet`, the `default-storageclass` and `storage-provisioner` minikube addons must be enabled. +This chart also works successfully on [minikube][] in addition to typical hosted +Kubernetes environments. An example `values.yaml` file for minikube is provided +under `examples/`. + +In order to properly support the required persistent volume claims for the +Elasticsearch `StatefulSet` , the `default-storageclass` and +`storage-provisioner` minikube addons must be enabled: ``` minikube addons enable default-storageclass @@ -285,29 +359,32 @@ cd examples/minikube make ``` -Note that if `helm` or `kubectl` timeouts occur, you may consider creating a minikube VM with more CPU cores or memory allocated. +Note that if `helm` or `kubectl` timeouts occur, you may consider creating a +minikube VM with more CPU cores or memory allocated. -#### Docker for Mac - Kubernetes +### Docker for Mac - Kubernetes -It is also possible to run this chart with the built in Kubernetes cluster that comes with [docker-for-mac](https://docs.docker.com/docker-for-mac/kubernetes/). +It is also possible to run this chart with the built in Kubernetes cluster that +comes with [docker-for-mac][]: ``` cd examples/docker-for-mac make ``` -#### KIND - Kubernetes +### KIND - Kubernetes -It is also possible to run this chart using a Kubernetes [KIND (Kubernetes in Docker)](https://github.com/kubernetes-sigs/kind) cluster: +It is also possible to run this chart using a Kubernetes [KIND][] (Kubernetes in +Docker) cluster: ``` cd examples/kubernetes-kind make ``` -#### MicroK8S +### MicroK8S -It is also possible to run this chart using [MicroK8S](https://microk8s.io): +It is also possible to run this chart using [MicroK8S][]: ``` microk8s.enable dns @@ -317,46 +394,97 @@ cd examples/microk8s make ``` -## Clustering and Node Discovery - -This chart facilitates Elasticsearch node discovery and services by creating two `Service` definitions in Kubernetes, one with the name `$clusterName-$nodeGroup` and another named `$clusterName-$nodeGroup-headless`. -Only `Ready` pods are a part of the `$clusterName-$nodeGroup` service, while all pods (`Ready` or not) are a part of `$clusterName-$nodeGroup-headless`. - -If your group of master nodes has the default `nodeGroup: master` then you can just add new groups of nodes with a different `nodeGroup` and they will automatically discover the correct master. If your master nodes have a different `nodeGroup` name then you will need to set `masterService` to `$clusterName-$masterNodeGroup`. - -The chart value for `masterService` is used to populate `discovery.zen.ping.unicast.hosts`, which Elasticsearch nodes will use to contact master nodes and form a cluster. -Therefore, to add a group of nodes to an existing cluster, setting `masterService` to the desired `Service` name of the related cluster is sufficient. - -For an example of deploying both a group master nodes and data nodes using multiple releases of this chart, see the accompanying values files in `examples/multi`. - -## Testing - -This chart uses [pytest](https://docs.pytest.org/en/latest/) to test the templating logic. The dependencies for testing can be installed from the [`requirements.txt`](https://github.com/elastic/helm-charts/tree/7.7/requirements.txt) in the parent directory. - -``` -pip install -r ../requirements.txt -make pytest -``` -You can also use `helm template` to look at the YAML being generated - -``` -make template -``` - -It is possible to run all of the tests and linting inside of a docker container - -``` -make test -``` - -## Integration Testing - -Integration tests are run using [goss](https://github.com/aelsabbahy/goss/blob/master/docs/manual.md) which is a serverspec like tool written in golang. See [goss.yaml](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/default/test/goss.yaml) for an example of what the tests look like. - -To run the goss tests against the default example: +## Clustering and Node Discovery -``` -cd examples/default -make goss -``` +This chart facilitates Elasticsearch node discovery and services by creating two +`Service` definitions in Kubernetes, one with the name `$clusterName-$nodeGroup` +and another named `$clusterName-$nodeGroup-headless`. +Only `Ready` pods are a part of the `$clusterName-$nodeGroup` service, while all +pods ( `Ready` or not) are a part of `$clusterName-$nodeGroup-headless`. + +If your group of master nodes has the default `nodeGroup: master` then you can +just add new groups of nodes with a different `nodeGroup` and they will +automatically discover the correct master. If your master nodes have a different +`nodeGroup` name then you will need to set `masterService` to +`$clusterName-$masterNodeGroup`. + +The chart value for `masterService` is used to populate +`discovery.zen.ping.unicast.hosts` , which Elasticsearch nodes will use to +contact master nodes and form a cluster. +Therefore, to add a group of nodes to an existing cluster, setting +`masterService` to the desired `Service` name of the related cluster is +sufficient. + +For an example of deploying both a group master nodes and data nodes using +multiple releases of this chart, see the accompanying values files in +`examples/multi`. + + +## Contributing + +Please check [CONTRIBUTING.md][] before any contribution or for any questions +about our development and testing process. + + +[BREAKING_CHANGES.md]: https://github.com/elastic/helm-charts/blob/master/BREAKING_CHANGES.md +[CHANGELOG.md]: https://github.com/elastic/helm-charts/blob/master/CHANGELOG.md +[CONTRIBUTING.md]: https://github.com/elastic/helm-charts/blob/master/CONTRIBUTING.md +[#63]: https://github.com/elastic/helm-charts/issues/63 +[alternate scheduler]: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/#specify-schedulers-for-pods +[annotations]: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ +[anti-affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity +[cluster.name]: https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster.name.html +[clustering and node discovery]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/README.md#clustering-and-node-discovery +[config example]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/config/values.yaml +[curator]: https://www.elastic.co/guide/en/elasticsearch/client/curator/current/snapshot.html +[custom docker image]: https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html#_c_customized_image +[deploys statefulsets serially]: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-management-policies +[discovery.zen.minimum_master_nodes]: https://www.elastic.co/guide/en/elasticsearch/reference/current/discovery-settings.html#minimum_master_nodes +[docker-for-mac]: https://docs.docker.com/docker-for-mac/kubernetes/ +[elasticsearch cluster health status params]: https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-health.html#request-params +[elasticsearch docker image]: https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html +[environment variables]: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config +[examples]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/ +[helm]: https://helm.sh +[helm/charts stable]: https://github.com/helm/charts/tree/master/stable/elasticsearch/ +[how to install plugins guide]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/README.md#how-to-install-plugins +[how to use the keystore]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/README.md#how-to-use-the-keystore +[http.port]: https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-http.html#_settings +[imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images +[imagePullSecrets]: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret +[ingress]: https://kubernetes.io/docs/concepts/services-networking/ingress/ +[java options]: https://www.elastic.co/guide/en/elasticsearch/reference/current/jvm-options.html +[jvm heap size]: https://www.elastic.co/guide/en/elasticsearch/reference/current/heap-size.html +[kind]: https://github.com/kubernetes-sigs/kind +[labels]: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ +[loadBalancer annotations]: https://kubernetes.io/docs/concepts/services-networking/service/#ssl-support-on-aws +[loadBalancer]: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer +[maxUnavailable]: https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget +[migration guide]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/migration/README.md +[minikube]: https://kubernetes.io/docs/setup/minikube/ +[microk8s]: https://microk8s.io +[multi]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/multi/ +[network.host elasticsearch setting]: https://www.elastic.co/guide/en/elasticsearch/reference/current/network.host.html +[node affinity settings]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#node-affinity-beta-feature +[node-certificates]: https://www.elastic.co/guide/en/elasticsearch/reference/current/configuring-tls.html#node-certificates +[nodePort]: https://kubernetes.io/docs/concepts/services-networking/service/#nodeport +[nodeSelector]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector +[parent readme]: https://github.com/elastic/helm-charts/tree/7.7/README.md +[priorityClass]: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass +[probe]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ +[resources]: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ +[roles]: https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-node.html +[secret]: https://kubernetes.io/docs/concepts/configuration/secret/#using-secrets +[securityContext]: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +[service types]: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types +[snapshot lifecycle management]: https://github.com/elastic/elasticsearch/issues/38461 +[snapshot plugin]: https://www.elastic.co/guide/en/elasticsearch/plugins/current/repository.html +[snapshot repository]: https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-snapshots.html +[sysctl vm.max_map_count]: https://www.elastic.co/guide/en/elasticsearch/reference/current/vm-max-map-count.html#vm-max-map-count +[terminationGracePeriod]: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods +[tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +[transport port configuration]: https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-transport.html#_transport_settings +[updateStrategy]: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/ +[values.yaml]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/values.yaml +[volumeClaimTemplate for statefulsets]: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#stable-storage diff --git a/elasticsearch/examples/kubernetes-kind/README.md b/elasticsearch/examples/kubernetes-kind/README.md index 0f5fced5d..3dfbe2f75 100644 --- a/elasticsearch/examples/kubernetes-kind/README.md +++ b/elasticsearch/examples/kubernetes-kind/README.md @@ -9,13 +9,16 @@ for production. ## Current issue -There is currently an [kind issue][] with mount points created from PVCs not writeable by non-root users. -[kubernetes-sigs/kind#1157][] should fix it in a future release. +There is currently an [kind issue][] with mount points created from PVCs not +writable by non-root users. [kubernetes-sigs/kind#1157][] should fix it in a +future release. -Meanwhile, the workaround is to install manually [Rancher Local Path Provisioner][] and use `local-path` storage class for Elasticsearch volumes (see [Makefile][] instructions). +Meanwhile, the workaround is to install manually +[Rancher Local Path Provisioner][] and use `local-path` storage class for +Elasticsearch volumes (see [Makefile][] instructions). [Kind]: https://kind.sigs.k8s.io/ [Kind issue]: https://github.com/kubernetes-sigs/kind/issues/830 [Kubernetes-sigs/kind#1157]: https://github.com/kubernetes-sigs/kind/pull/1157 [Rancher Local Path Provisioner]: https://github.com/rancher/local-path-provisioner -[Makefile]: ./Makefile#L5 \ No newline at end of file +[Makefile]: https://github.com/elastic/helm-charts/blob/7.7/elasticsearch/examples/kubernetes-kind/Makefile#L5 diff --git a/elasticsearch/examples/migration/README.md b/elasticsearch/examples/migration/README.md index e5f4b1a79..b492d515d 100644 --- a/elasticsearch/examples/migration/README.md +++ b/elasticsearch/examples/migration/README.md @@ -1,86 +1,167 @@ # Migration Guide from helm/charts -There are two viable options for migrating from the community Elasticsearch helm chart from the [helm/charts](https://github.com/helm/charts/tree/master/stable/elasticsearch) repo. +There are two viable options for migrating from the community Elasticsearch Helm +chart from the [helm/charts][] repo. 1. Restoring from Snapshot to a fresh cluster 2. Live migration by joining a new cluster to the existing cluster. ## Restoring from Snapshot -This is the recommended and preferred option. The downside is that it will involve a period of write downtime during the migration. If you have a way to temporarily stop writes to your cluster then this is the way to go. This is also a lot simpler as it just involves launching a fresh cluster and restoring a snapshot following the [restoring to a different cluster guide](https://www.elastic.co/guide/en/elasticsearch/reference/6.6/modules-snapshots.html#_restoring_to_a_different_cluster). +This is the recommended and preferred option. The downside is that it will +involve a period of write downtime during the migration. If you have a way to +temporarily stop writes to your cluster then this is the way to go. This is also +a lot simpler as it just involves launching a fresh cluster and restoring a +snapshot following the [restoring to a different cluster guide][]. ## Live migration -If restoring from a snapshot is not possible due to the write downtime then a live migration is also possible. It is very important to first test this in a testing environment to make sure you are comfortable with the process and fully understand what is happening. +If restoring from a snapshot is not possible due to the write downtime then a +live migration is also possible. It is very important to first test this in a +testing environment to make sure you are comfortable with the process and fully +understand what is happening. -This process will involve joining a new set of master, data and client nodes to an existing cluster that has been deployed using the [helm/charts](https://github.com/helm/charts/tree/master/stable/elasticsearch) community chart. Nodes will then be replaced one by one in a controlled fashion to decommission the old cluster. +This process will involve joining a new set of master, data and client nodes to +an existing cluster that has been deployed using the [helm/charts][] community +chart. Nodes will then be replaced one by one in a controlled fashion to +decommission the old cluster. -This example will be using the default values for the existing helm/charts release and for the elastic helm-charts release. If you have changed any of the default values then you will need to first make sure that your values are configured in a compatible way before starting the migration. +This example will be using the default values for the existing helm/charts +release and for the Elastic helm-charts release. If you have changed any of the +default values then you will need to first make sure that your values are +configured in a compatible way before starting the migration. -The process will involve a re-sync and a rolling restart of all of your data nodes. Therefore it is important to disable shard allocation and perform a synced flush like you normally would during any other rolling upgrade. See the [rolling upgrades guide](https://www.elastic.co/guide/en/elasticsearch/reference/6.6/rolling-upgrades.html) for more information. +The process will involve a re-sync and a rolling restart of all of your data +nodes. Therefore it is important to disable shard allocation and perform a synced +flush like you normally would during any other rolling upgrade. See the +[rolling upgrades guide][] for more information. + +* The default image for this chart is +`docker.elastic.co/elasticsearch/elasticsearch` which contains the default +distribution of Elasticsearch with a [basic license][]. Make sure to update the +`image` and `imageTag` values to the correct Docker image and Elasticsearch +version that you currently have deployed. + +* Convert your current helm/charts configuration into something that is +compatible with this chart. + +* Take a fresh snapshot of your cluster. If something goes wrong you want to be +able to restore your data no matter what. + +* Check that your clusters health is green. If not abort and make sure your +cluster is healthy before continuing: -* The default image for this chart is `docker.elastic.co/elasticsearch/elasticsearch` which contains the default distribution of Elasticsearch with a [basic license](https://www.elastic.co/subscriptions). Make sure to update the `image` and `imageTag` values to the correct Docker image and Elasticsearch version that you currently have deployed. -* Convert your current helm/charts configuration into something that is compatible with this chart. -* Take a fresh snapshot of your cluster. If something goes wrong you want to be able to restore your data no matter what. -* Check that your clusters health is green. If not abort and make sure your cluster is healthy before continuing. ``` curl localhost:9200/_cluster/health ``` -* Deploy new data nodes which will join the existing cluster. Take a look at the configuration in [data.yml](./data.yml) + +* Deploy new data nodes which will join the existing cluster. Take a look at the +configuration in [data.yml][]: + ``` make data ``` -* Check that the new nodes have joined the cluster (run this and any other curl commands from within one of your pods). + +* Check that the new nodes have joined the cluster (run this and any other curl +commands from within one of your pods): + ``` curl localhost:9200/_cat/nodes ``` -* Check that your cluster is still green. If so we can now start to scale down the existing data nodes. Assuming you have the default amount of data nodes (2) we now want to scale it down to 1. + +* Check that your cluster is still green. If so we can now start to scale down +the existing data nodes. Assuming you have the default amount of data nodes (2) +we now want to scale it down to 1: + ``` kubectl scale statefulsets my-release-elasticsearch-data --replicas=1 ``` -* Wait for your cluster to become green again + +* Wait for your cluster to become green again: + ``` watch 'curl -s localhost:9200/_cluster/health' ``` -* Once the cluster is green we can scale down again. + +* Once the cluster is green we can scale down again: + ``` kubectl scale statefulsets my-release-elasticsearch-data --replicas=0 ``` + * Wait for the cluster to be green again. -* OK. We now have all data nodes running in the new cluster. Time to replace the masters by firstly scaling down the masters from 3 to 2. Between each step make sure to wait for the cluster to become green again, and check with `curl localhost:9200/_cat/nodes` that you see the correct amount of master nodes. During this process we will always make sure to keep at least 2 master nodes as to not lose quorum. +* OK. We now have all data nodes running in the new cluster. Time to replace the +masters by firstly scaling down the masters from 3 to 2. Between each step make +sure to wait for the cluster to become green again, and check with +`curl localhost:9200/_cat/nodes` that you see the correct amount of master +nodes. During this process we will always make sure to keep at least 2 master +nodes as to not lose quorum: + ``` kubectl scale statefulsets my-release-elasticsearch-master --replicas=2 ``` -* Now deploy a single new master so that we have 3 masters again. See [master.yml](./master.yml) for the configuration. + +* Now deploy a single new master so that we have 3 masters again. See +[master.yml][] for the configuration: + ``` make master ``` -* Scale down old masters to 1 + +* Scale down old masters to 1: + ``` kubectl scale statefulsets my-release-elasticsearch-master --replicas=1 ``` -* Edit the masters in [masters.yml](./masters.yml) to 2 and redeploy + +* Edit the masters in [masters.yml][] to 2 and redeploy: + ``` make master ``` -* Scale down the old masters to 0 + +* Scale down the old masters to 0: + ``` kubectl scale statefulsets my-release-elasticsearch-master --replicas=0 ``` -* Edit the [masters.yml](./masters.yml) to have 3 replicas and remove the `discovery.zen.ping.unicast.hosts` entry from `extraEnvs` then redeploy the masters. This will make sure all 3 masters are running in the new cluster and are pointing at each other for discovery. + +* Edit the [masters.yml][] to have 3 replicas and remove the +`discovery.zen.ping.unicast.hosts` entry from `extraEnvs` then redeploy the +masters. This will make sure all 3 masters are running in the new cluster and +are pointing at each other for discovery: + ``` make master ``` -* Remove the `discovery.zen.ping.unicast.hosts` entry from `extraEnvs` then redeploy the data nodes to make sure they are pointing at the new masters. + +* Remove the `discovery.zen.ping.unicast.hosts` entry from `extraEnvs` then +redeploy the data nodes to make sure they are pointing at the new masters: + ``` make data ``` -* Deploy the client nodes + +* Deploy the client nodes: + ``` make client ``` -* Update any processes that are talking to the existing client nodes and point them to the new client nodes. Once this is done you can scale down the old client nodes + +* Update any processes that are talking to the existing client nodes and point +them to the new client nodes. Once this is done you can scale down the old +client nodes: + ``` kubectl scale deployment my-release-elasticsearch-client --replicas=0 ``` -* The migration should now be complete. After verifying that everything is working correctly you can cleanup leftover resources from your old cluster. + +* The migration should now be complete. After verifying that everything is +working correctly you can cleanup leftover resources from your old cluster. + +[basic license]: https://www.elastic.co/subscriptions +[data.yml]: https://github.com/elastic/helm-charts/blob/7.7/elasticsearch/examples/migration/data.yml +[helm/charts]: https://github.com/helm/charts/tree/master/stable/elasticsearch +[master.yml]: https://github.com/elastic/helm-charts/blob/7.7/elasticsearch/examples/migration/master.yml +[restoring to a different cluster guide]: https://www.elastic.co/guide/en/elasticsearch/reference/6.6/modules-snapshots.html#_restoring_to_a_different_cluster +[rolling upgrades guide]: https://www.elastic.co/guide/en/elasticsearch/reference/6.6/rolling-upgrades.html diff --git a/elasticsearch/values.yaml b/elasticsearch/values.yaml index 40acd6fd4..a4de388a8 100755 --- a/elasticsearch/values.yaml +++ b/elasticsearch/values.yaml @@ -184,10 +184,6 @@ podSecurityContext: fsGroup: 1000 runAsUser: 1000 -# The following value is deprecated, -# please use the above podSecurityContext.fsGroup instead -fsGroup: "" - securityContext: capabilities: drop: @@ -265,3 +261,7 @@ sysctlInitContainer: enabled: true keystore: [] + +# Deprecated +# please use the above podSecurityContext.fsGroup instead +fsGroup: "" diff --git a/filebeat/README.md b/filebeat/README.md index 6395e6c5f..98e2047eb 100644 --- a/filebeat/README.md +++ b/filebeat/README.md @@ -1,130 +1,179 @@ # Filebeat Helm Chart + + -This functionality is in beta and is subject to change. The design and code is less mature than official GA features and is being provided as-is with no warranties. Beta features are not subject to the support SLA of official GA features. -This helm chart is a lightweight way to configure and run our official [Filebeat docker image](https://www.elastic.co/guide/en/beats/filebeat/current/running-on-docker.html). +- [Requirements](#requirements) +- [Installing](#installing) + - [Using Helm repository](#using-helm-repository) + - [Using the 7.7 branch](#using-the-77-branch) +- [Upgrading](#upgrading) +- [Usage notes](#usage-notes) +- [Configuration](#configuration) +- [Examples](#examples) + - [Default](#default) +- [Contributing](#contributing) + + + + + + +This functionality is in beta and is subject to change. The design and code is +less mature than official GA features and is being provided as-is with no +warranties. Beta features are not subject to the support SLA of official GA +features. + +This Helm chart is a lightweight way to configure and run our official +[Filebeat Docker image][]. + ## Requirements -* [Helm](https://helm.sh/) >=2.8.0 and <3.0.0 (see parent [README](https://github.com/elastic/helm-charts/tree/7.7/README.md) for more details) +* [Helm][] >=2.8.0 and <3.0.0 (see [parent README][] for more details) * Kubernetes >=1.9 -## Usage notes and getting started -* The default Filebeat configuration file for this chart is configured to use an Elasticsearch endpoint. Without any additional changes, Filebeat will send documents to the service URL that the Elasticsearch helm chart sets up by default. You may either set the `ELASTICSEARCH_HOSTS` environment variable in `extraEnvs` to override this endpoint or modify the default `filebeatConfig` to change this behavior. -* The default Filebeat configuration file is also configured to capture container logs and enrich them with Kubernetes metadata by default. This will capture all container logs in the cluster. -* This chart disables the [HostNetwork](https://kubernetes.io/docs/concepts/policy/pod-security-policy/#host-namespaces) setting by default for compatibility reasons with the majority of kubernetes providers and scenarios. Some kubernetes providers may not allow enabling `hostNetwork` and deploying multiple Filebeat pods on the same node isn't possible with `hostNetwork`. However Filebeat does recommend activating it. If your kubernetes provider is compatible with `hostNetwork` and you don't need to run multiple Filebeat daemonsets, you can activate it by setting `hostNetworking: true` in [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/filebeat/values.yaml). ## Installing This chart is tested with the latest 7.7.0-SNAPSHOT versions. -* Add the elastic helm charts repo - - ```bash - helm repo add elastic https://helm.elastic.co - ``` +### Using Helm repository -* Install the latest 7.7 release +* Add the Elastic Helm charts repo: +`helm repo add elastic https://helm.elastic.co` - ```bash - helm install --name filebeat elastic/filebeat --version=7.7.0 - ``` +* Install the latest 7.7 release: +`helm install --name filebeat elastic/filebeat --version=7.7.0` ### Using the 7.7 branch -* Clone the git repo and checkout the right branch +* Clone the git repo and checkout the right branch: - ```bash + ```shell git clone git@github.com:elastic/helm-charts.git cd helm-charts git checkout -b 7.7 origin/7.7 - ``` + ```` -* Install the latest 7.7.0-SNAPSHOT +* Install the latest 7.7.0-SNAPSHOT: +`helm install --name filebeat ./helm-charts/filebeat` - ```bash - helm install --name filebeat ./helm-charts/filebeat - ``` + +## Upgrading + +Please always check [CHANGELOG.md][] and [BREAKING_CHANGES.md][] before +upgrading to a new chart version. + + +## Usage notes + +* The default Filebeat configuration file for this chart is configured to use an +Filebeat endpoint. Without any additional changes, Filebeat will send +documents to the service URL that the Filebeat Helm chart sets up by +default. You may either set the `FILEBEAT_HOSTS` environment variable in +`extraEnvs` to override this endpoint or modify the default `filebeatConfig` to +change this behavior. +* The default Filebeat configuration file is also configured to capture +container logs and enrich them with Kubernetes metadata by default. This will +capture all container logs in the cluster. +* This chart disables the [HostNetwork][] setting by default for compatibility +reasons with the majority of kubernetes providers and scenarios. Some kubernetes +providers may not allow enabling `hostNetwork` and deploying multiple Filebeat +pods on the same node isn't possible with `hostNetwork` However Filebeat does +recommend activating it. If your kubernetes provider is compatible with +`hostNetwork` and you don't need to run multiple Filebeat DaemonSets, you can +activate it by setting `hostNetworking: true` in [values.yaml][]. ## Configuration -| Parameter | Description | Default | -| ------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------- | -| `filebeatConfig` | Allows you to add any config files in `/usr/share/filebeat` such as `filebeat.yml`. See [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/filebeat/values.yaml) for an example of the formatting with the default configuration. | see [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/filebeat/values.yaml) | -| `extraContainers` | List of additional init containers to be added at the Daemonset | `""` | -| `extraEnvs` | Extra [environment variables](https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config) which will be appended to the `env:` definition for the container | `[]` | -| `extraInitContainers` | List of additional init containers to be added at the Daemonset. It also accepts a templatable string of additional containers to be passed to the `tpl` function | `[]` | -| `extraVolumeMounts` | List of additional volumeMounts to be mounted on the Daemonset | `[]` | -| `extraVolumes` | List of additional volumes to be mounted on the Daemonset | `[]` | -| `envFrom` | Templatable string of envFrom to be passed to the [environment from variables](https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables) which will be appended to the `envFrom:` definition for the container | `[]` | -| `hostPathRoot` | Fully-qualified [hostPath](https://kubernetes.io/docs/concepts/storage/volumes/#hostpath) that will be used to persist Filebeat registry data | `/var/lib` | -| `hostNetworking` | Use host networking in the daemonset so that hostname is reported correctly | `false` | -| `image` | The Filebeat docker image | `docker.elastic.co/beats/filebeat` | -| `imageTag` | The Filebeat docker image tag | `7.7.0-SNAPSHOT` | -| `imagePullPolicy` | The Kubernetes [imagePullPolicy](https://kubernetes.io/docs/concepts/containers/images/#updating-images) value | `IfNotPresent` | -| `imagePullSecrets` | Configuration for [imagePullSecrets](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret) so that you can use a private registry for your image | `[]` | -| `managedServiceAccount` | Whether the `serviceAccount` should be managed by this helm chart. Set this to `false` in order to manage your own service account and related roles. | `true` | -| `podAnnotations` | Configurable [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) applied to all Filebeat pods | `{}` | -| `labels` | Configurable [label](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/) applied to all Filebeat pods | `{}` | -| `podSecurityContext` | Configurable [podSecurityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) for Filebeat pod execution environment | `runAsUser: 0`
`privileged: false` | -| `livenessProbe` | Parameters to pass to [liveness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/) checks for values such as timeouts and thresholds. | `failureThreshold: 3`
`initialDelaySeconds: 10`
`periodSeconds: 10`
`successThreshold: 3`
`timeoutSeconds: 5` | -| `readinessProbe` | Parameters to pass to [readiness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/) checks for values such as timeouts and thresholds. | `failureThreshold: 3`
`initialDelaySeconds: 10`
`periodSeconds: 10`
`successThreshold: 3`
`timeoutSeconds: 5` | -| `resources` | Allows you to set the [resources](https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/) for the `DaemonSet` | `requests.cpu: 100m`
`requests.memory: 100Mi`
`limits.cpu: 1000m`
`limits.memory: 200Mi` | -| `serviceAccount` | Custom [serviceAccount](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/) that Filebeat will use during execution. By default will use the service account created by this chart. | `""` | -| `secretMounts` | Allows you easily mount a secret as a file inside the `DaemonSet`. Useful for mounting certificates and other secrets. See [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/filebeat/values.yaml) for an example | `[]` | -| `terminationGracePeriod` | Termination period (in seconds) to wait before killing Filebeat pod process on pod shutdown | `30` | -| `tolerations` | Configurable [tolerations](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` | -| `nodeSelector` | Configurable [nodeSelector](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector) | `{}` | -| `affinity` | Configurable [affinity](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity) | `{}` | -| `priorityClassName` | The [name of the PriorityClass](https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass). No default is supplied as the PriorityClass must be created first. | `""` | -| `updateStrategy` | The [updateStrategy](https://kubernetes.io/docs/tasks/manage-daemon/update-daemon-set/#daemonset-update-strategy) for the `DaemonSet`. By default Kubernetes will kill and recreate pods on updates. Setting this to `OnDelete` will require that pods be deleted manually. | `RollingUpdate` | -| `fullnameOverride` | Overrides the full name of the resources. If not set the name will default to "`.Release.Name`-`.Values.nameOverride or .Chart.Name`" | `""` | + +| Parameter | Description | Default | +|--------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------| +| `affinity` | Configurable [affinity][] | `{}` | +| `envFrom` | Templatable string of envFrom to be passed to the [environment from variables][] which will be appended to the `envFrom:` definition for the container | `[]` | +| `extraContainers` | List of additional init containers to be added at the DaemonSet | `""` | +| `extraEnvs` | Extra [environment variables][] which will be appended to the `env:` definition for the container | `[]` | +| `extraInitContainers` | List of additional init containers to be added at the DaemonSet. It also accepts a templatable string of additional containers to be passed to the `tpl` function | `[]` | +| `extraVolumeMounts` | List of additional volumeMounts to be mounted on the DaemonSet | `[]` | +| `extraVolumes` | List of additional volumes to be mounted on the DaemonSet | `[]` | +| `filebeatConfig` | Allows you to add any config files in `/usr/share/filebeat` such as `filebeat.yml` | see [values.yaml][] | +| `fullnameOverride` | Overrides the full name of the resources. If not set the name will default to " `.Release.Name` - `.Values.nameOverride or .Chart.Name` " | `""` | +| `hostNetworking` | Use host networking in the DaemonSet so that hostname is reported correctly | `false` | +| `hostPathRoot` | Fully-qualified [hostPath][] that will be used to persist Filebeat registry data | `/var/lib` | +| `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | +| `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | +| `imageTag` | The Filebeat Docker image tag | `7.7.0-SNAPSHOT` | +| `image` | The Filebeat Docker image | `docker.elastic.co/beats/filebeat` | +| `labels` | Configurable [labels][] applied to all Filebeat pods | `{}` | +| `livenessProbe` | Parameters to pass to liveness [probe][] checks for values such as timeouts and thresholds | see [values.yaml][] | +| `managedServiceAccount` | Whether the `serviceAccount` should be managed by this Helm chart. Set this to `false` in order to manage your own service account and related roles | `true` | +| `nameOverride` | Overrides the chart name for resources. If not set the name will default to `.Chart.Name` | `""` | +| `nodeSelector` | Configurable [nodeSelector][] | `{}` | +| `podAnnotations` | Configurable [annotations][] applied to all Filebeat pods | `{}` | +| `podSecurityContext` | Configurable [podSecurityContext][] for Filebeat pod execution environment | see [values.yaml][] | +| `priorityClassName` | The name of the [PriorityClass][]. No default is supplied as the PriorityClass must be created first | `""` | +| `readinessProbe` | Parameters to pass to readiness [probe][] checks for values such as timeouts and thresholds | see [values.yaml][] | +| `resources` | Allows you to set the [resources][] for the `DaemonSet` | see [values.yaml][] | +| `secretMounts` | Allows you easily mount a secret as a file inside the `DaemonSet`. Useful for mounting certificates and other secrets. See [values.yaml][] for an example | `[]` | +| `serviceAccount` | Custom [serviceAccount][] that Filebeat will use during execution. By default will use the service account created by this chart | `""` | +| `terminationGracePeriod` | Termination period (in seconds) to wait before killing Filebeat pod process on pod shutdown | `30` | +| `tolerations` | Configurable [tolerations][] | `[]` | +| `updateStrategy` | The [updateStrategy][] for the `DaemonSet`. By default Kubernetes will kill and recreate pods on updates. Setting this to `OnDelete` will require that pods be deleted manually | `RollingUpdate` | + ## Examples -In [examples/](https://github.com/elastic/helm-charts/tree/7.7/filebeat/examples) you will find some example configurations. These examples are used for the automated testing of this helm chart. +In [examples][] you will find some example configurations. These examples are +used for the automated testing of this Helm chart. ### Default -* Deploy the [default Elasticsearch helm chart](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/README.md#default) -* Deploy Filebeat with the default values +* Deploy the [default Filebeat Helm chart][]. +* Deploy Filebeat with the default values: + ``` cd examples/default make ``` -* You can now setup a port forward for Elasticsearch to observe Filebeat indices + +* You can now setup a port forward for Filebeat to observe Filebeat +indices: + ``` - kubectl port-forward svc/elasticsearch-master 9200 + kubectl port-forward svc/filebeat-master 9200 curl localhost:9200/_cat/indices ``` -## Testing - -This chart uses [pytest](https://docs.pytest.org/en/latest/) to test the templating logic. The dependencies for testing can be installed from the [`requirements.txt`](https://github.com/elastic/helm-charts/tree/7.7/requirements.txt) in the parent directory. - -``` -pip install -r ../requirements.txt -make pytest -``` - -You can also use `helm template` to look at the YAML being generated - -``` -make template -``` - -It is possible to run all of the tests and linting inside of a docker container - -``` -make test -``` - -## Integration Testing - -Integration tests are run using [goss](https://github.com/aelsabbahy/goss/blob/master/docs/manual.md) which is a serverspec like tool written in golang. See [goss.yaml](https://github.com/elastic/helm-charts/tree/7.7/filebeat/examples/default/test/goss.yaml) for an example of what the tests look like. -To run the goss tests against the default example: -``` -cd examples/default -make goss -``` +## Contributing + +Please check [CONTRIBUTING.md][] before any contribution or for any questions +about our development and testing process. + + +[BREAKING_CHANGES.md]: https://github.com/elastic/helm-charts/blob/master/BREAKING_CHANGES.md +[CHANGELOG.md]: https://github.com/elastic/helm-charts/blob/master/CHANGELOG.md +[CONTRIBUTING.md]: https://github.com/elastic/helm-charts/blob/master/CONTRIBUTING.md +[affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity +[annotations]: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ +[default Filebeat Helm chart]: https://github.com/elastic/helm-charts/tree/7.7/filebeat/README.md#default +[environment variables]: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config +[examples]: https://github.com/elastic/helm-charts/tree/7.7/filebeat/examples +[filebeat docker image]: https://www.elastic.co/guide/en/beats/filebeat/current/running-on-docker.html +[helm]: https://helm.sh +[hostNetwork]: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#host-namespaces +[hostPath]: https://kubernetes.io/docs/concepts/storage/volumes/#hostpath +[imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images +[imagePullSecrets]: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret +[labels]: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ +[parent readme]: https://github.com/elastic/helm-charts/tree/7.7/README.md +[nodeSelector]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector +[podSecurityContext]: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +[priorityClass]: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass +[probe]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ +[resources]: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ +[serviceAccount]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ +[tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +[updateStrategy]: https://kubernetes.io/docs/tasks/manage-daemon/update-daemon-set/#daemonset-update-strategy +[values.yaml]: https://github.com/elastic/helm-charts/tree/7.7/filebeat/values.yaml diff --git a/kibana/README.md b/kibana/README.md index fc2000255..ebb79db5d 100644 --- a/kibana/README.md +++ b/kibana/README.md @@ -1,110 +1,152 @@ # Kibana Helm Chart + + -This functionality is in beta and is subject to change. The design and code is less mature than official GA features and is being provided as-is with no warranties. Beta features are not subject to the support SLA of official GA features. -This helm chart is a lightweight way to configure and run our official [Kibana docker image](https://www.elastic.co/guide/en/kibana/current/docker.html) +- [Requirements](#requirements) +- [Installing](#installing) + - [Using Helm repository](#using-helm-repository) + - [Using the 7.7 branch](#using-the-77-branch) +- [Upgrading](#upgrading) +- [Configuration](#configuration) + - [Deprecated](#deprecated) +- [Examples](#examples) + - [Default](#default) + - [Security](#security) +- [FAQ](#faq) + - [How to install plugins?](#how-to-install-plugins) +- [Contributing](#contributing) + + + + + + +This functionality is in beta and is subject to change. The design and code is +less mature than official GA features and is being provided as-is with no +warranties. Beta features are not subject to the support SLA of official GA +features. + +This Helm chart is a lightweight way to configure and run our official +[Kibana Docker image][]. + ## Requirements -* [Helm](https://helm.sh/) >=2.8.0 and <3.0.0 (see parent [README](https://github.com/elastic/helm-charts/tree/7.7/README.md) for more details) +* [Helm][] >=2.8.0 and <3.0.0 (see [parent README][] for more details) * Kubernetes >=1.9 + ## Installing This chart is tested with the latest 7.7.0-SNAPSHOT versions. -* Add the elastic helm charts repo - - ```bash - helm repo add elastic https://helm.elastic.co - ``` +### Using Helm repository -* Install the latest 7.7 release +* Add the Elastic Helm charts repo: +`helm repo add elastic https://helm.elastic.co` - ```bash - helm install --name kibana elastic/kibana --version=7.7.0 - ``` +* Install the latest 7.7 release: +`helm install --name kibana elastic/kibana --version=7.7.0` ### Using the 7.7 branch -* Clone the git repo and checkout the right branch +* Clone the git repo and checkout the right branch: - ```bash + ```shell git clone git@github.com:elastic/helm-charts.git cd helm-charts git checkout -b 7.7 origin/7.7 - ``` + ```` -* Install the latest 7.7.0-SNAPSHOT +* Install the latest 7.7.0-SNAPSHOT: +`helm install --name kibana ./helm-charts/kibana` - ```bash - helm install --name kibana ./helm-charts/kibana - ``` + +## Upgrading + +Please always check [CHANGELOG.md][] and [BREAKING_CHANGES.md][] before +upgrading to a new chart version. ## Configuration -| Parameter | Description | Default | -|-----------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------| -| `elasticsearchHosts` | The URLs used to connect to Elasticsearch. | `http://elasticsearch-master:9200` | -| `elasticsearchURL` | The URL used to connect to Elasticsearch. Deprecated, needs to be used for Kibana versions < 6.6 | | -| `replicas` | Kubernetes replica count for the deployment (i.e. how many pods) | `1` | -| `extraEnvs` | Extra [environment variables](https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config) which will be appended to the `env:` definition for the container | `name: NODE_OPTIONS`
`value: "--max-old-space-size=1800"` | -| `envFrom` | Templatable string of envFrom to be passed to the [environment from variables](https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables) which will be appended to the `envFrom:` definition for the container | `[]` | -| `secretMounts` | Allows you easily mount a secret as a file inside the deployment. Useful for mounting certificates and other secrets. See [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/kibana/values.yaml) for an example | `[]` | -| `image` | The Kibana docker image | `docker.elastic.co/kibana/kibana` | -| `imageTag` | The Kibana docker image tag | `7.7.0-SNAPSHOT` | -| `imagePullPolicy` | The Kubernetes [imagePullPolicy](https://kubernetes.io/docs/concepts/containers/images/#updating-images) value | `IfNotPresent` | -| `podAnnotations` | Configurable [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) applied to all Kibana pods | `{}` | -| `resources` | Allows you to set the [resources](https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/) for the statefulset | `requests.cpu: 1000m`
`requests.memory: 2Gi`
`limits.cpu: 1000m`
`limits.memory: 2Gi` | -| `protocol` | The protocol that will be used for the readinessProbe. Change this to `https` if you have `server.ssl.enabled: true` set | `http` | -| `serverHost` | The [`server.host`](https://www.elastic.co/guide/en/kibana/current/settings.html) Kibana setting. This is set explicitly so that the default always matches what comes with the docker image. | `0.0.0.0` | -| `healthCheckPath` | The path used for the readinessProbe to check that Kibana is ready. If you are setting `server.basePath` you will also need to update this to `/${basePath}/app/kibana` | `/app/kibana` | -| `kibanaConfig` | Allows you to add any config files in `/usr/share/kibana/config/` such as `kibana.yml`. See [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/kibana/values.yaml) for an example of the formatting. | `{}` | -| `podSecurityContext` | Allows you to set the [securityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) for the pod | `fsGroup: 1000` | -| `securityContext` | Allows you to set the [securityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) for the container | `capabilities.drop:[ALL]`
`runAsNonRoot: true`
`runAsUser: 1000` | -| `serviceAccount` | Allows you to overwrite the "default" [serviceAccount](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/) for the pod | `[]` | -| `priorityClassName` | The [name of the PriorityClass](https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass). No default is supplied as the PriorityClass must be created first. | `""` | -| `httpPort` | The http port that Kubernetes will use for the healthchecks and the service. | `5601` | -| `updateStrategy` | Allows you to change the default update [strategy](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#updating-a-deployment) for the deployment. A [standard upgrade](https://www.elastic.co/guide/en/kibana/current/upgrade-standard.html) of Kibana requires a full stop and start which is why the default strategy is set to `Recreate` | `Recreate` | -| `readinessProbe` | Configuration for the [readinessProbe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/) | `failureThreshold: 3`
`initialDelaySeconds: 10`
`periodSeconds: 10`
`successThreshold: 3`
`timeoutSeconds: 5` | -| `imagePullSecrets` | Configuration for [imagePullSecrets](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret) so that you can use a private registry for your image | `[]` | -| `nodeSelector` | Configurable [nodeSelector](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector) so that you can target specific nodes for your Kibana instances | `{}` | -| `tolerations` | Configurable [tolerations](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` | -| `ingress` | Configurable [ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/) to expose the Kibana service. See [`values.yaml`](https://github.com/elastic/helm-charts/tree/7.7/kibana/values.yaml) for an example | `enabled: false` | -| `service` | Configurable [service](https://kubernetes.io/docs/concepts/services-networking/service/) to expose the Kibana service. See [`values.yaml`](https://github.com/elastic/helm-charts/tree/7.7/kibana/values.yaml) for an example | `type: ClusterIP`
`port: 5601`
`nodePort:`
`annotations: {}`
`loadBalancerSourceRanges: {}` | -| `labels` | Configurable [label](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/) applied to all Kibana pods | `{}` | -| `lifecycle` | Allows you to add lifecycle configuration. See [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/kibana/values.yaml) for an example of the formatting. | `{}` | -| `fullnameOverride` | Overrides the full name of the resources. If not set the name will default to "`.Release.Name`-`.Values.nameOverride or .Chart.Name`" | `""` | -| `extraContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | -| `extraInitContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | +| Parameter | Description | Default | +|-----------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------| +| `affinity` | Configurable [affinity][] | `{}` | +| `elasticsearchHosts` | The URLs used to connect to Elasticsearch | `http://elasticsearch-master:9200` | +| `envFrom` | Templatable string to be passed to the [environment from variables][] which will be appended to the `envFrom:` definition for the container | `[]` | +| `extraContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | +| `extraEnvs` | Extra [environment variables][] which will be appended to the `env:` definition for the container | see [values.yaml][] | +| `extraInitContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | +| `fullnameOverride` | Overrides the full name of the resources. If not set the name will default to " `.Release.Name` - `.Values.nameOverride orChart.Name` " | `""` | +| `healthCheckPath` | The path used for the readinessProbe to check that Kibana is ready. If you are setting `server.basePath` you will also need to update this to `/${basePath}/app/kibana` | `/app/kibana` | +| `httpPort` | The http port that Kubernetes will use for the healthchecks and the service | `5601` | +| `imagePullPolicy` | The Kubernetes [imagePullPolicy][]value | `IfNotPresent` | +| `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | +| `imageTag` | The Kibana Docker image tag | `7.7.0-SNAPSHOT` | +| `image` | The Kibana Docker image | `docker.elastic.co/kibana/kibana` | +| `ingress` | Configurable [ingress][] to expose the Kibana service. | see [values.yaml][] | +| `kibanaConfig` | Allows you to add any config files in `/usr/share/kibana/config/` such as `kibana.yml` See [values.yaml][] for an example of the formatting | `{}` | +| `labels` | Configurable [labels][] applied to all Kibana pods | `{}` | +| `lifecycle` | Allows you to add lifecycle configuration. See [values.yaml][] for an example of the formatting | `{}` | +| `nameOverride` | Overrides the chart name for resources. If not set the name will default to `.Chart.Name` | `""` | +| `nodeSelector` | Configurable [nodeSelector][] so that you can target specific nodes for your Kibana instances | `{}` | +| `podAnnotations` | Configurable [annotations][] applied to all Kibana pods | `{}` | +| `podSecurityContext` | Allows you to set the [securityContext][] for the pod | see [values.yaml][] | +| `priorityClassName` | The name of the [PriorityClass][]. No default is supplied as the PriorityClass must be created first | `""` | +| `protocol` | The protocol that will be used for the readinessProbe. Change this to `https` if you have `server.ssl.enabled: true` set | `http` | +| `readinessProbe` | Configuration for the readiness [probe][] | see [values.yaml][] | +| `replicas` | Kubernetes replica count for the Deployment (i.e. how many pods) | `1` | +| `resources` | Allows you to set the [resources][] for the Deployment | see [values.yaml][] | +| `secretMounts` | Allows you easily mount a secret as a file inside the Deployment. Useful for mounting certificates and other secrets. See [values.yaml][] for an example | `[]` | +| `securityContext` | Allows you to set the [securityContext][] for the container | see [values.yaml][] | +| `serverHost` | The [server.host][] Kibana setting. This is set explicitly so that the default always matches what comes with the Docker image | `0.0.0.0` | +| `serviceAccount` | Allows you to overwrite the "default" [serviceAccount][] for the pod | `[]` | +| `service` | Configurable [service][] to expose the Kibana service. | see [values.yaml][] | +| `tolerations` | Configurable [tolerations][]) | `[]` | +| `updateStrategy` | Allows you to change the default [updateStrategy][] for the Deployment. A [standard upgrade][] of Kibana requires a full stop and start which is why the default strategy is set to `Recreate` | `type: Recreate` | + +### Deprecated + +| Parameter | Description | Default | +|--------------------|--------------------------------------------------------------------------------------|---------| +| `elasticsearchURL` | The URL used to connect to Elasticsearch. needs to be used for Kibana versions < 6.6 | `""` | + ## Examples -In [examples/](https://github.com/elastic/helm-charts/tree/7.7/kibana/examples) you will find some example configurations. These examples are used for the automated testing of this helm chart +In [examples][] you will find some example configurations. These examples are +used for the automated testing of this Helm chart. ### Default -* Deploy the [default Elasticsearch helm chart](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/README.md#default) -* Deploy Kibana with the default values +* Deploy the [default Elasticsearch Helm chart][]. +* Deploy Kibana with the default values: + ``` cd examples/default make ``` -* You can now setup a port forward and access Kibana at http://localhost:5601 + +* You can now setup a port forward and access Kibana at http://localhost:5601: + ``` kubectl port-forward deployment/helm-kibana-default-kibana 5601 ``` ### Security -* Deploy a [security enabled Elasticsearch cluster](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/README.md#security) -* Deploy Kibana with the security example +* Deploy a [security enabled Elasticsearch cluster][]. +* Deploy Kibana with the security example: + ``` cd examples/security make ``` -* Setup a port forward and access Kibana at https://localhost:5601 + +* Setup a port forward and access Kibana at https://localhost:5601: + ``` # Setup the port forward kubectl port-forward deployment/helm-kibana-security-kibana 5601 @@ -112,18 +154,20 @@ In [examples/](https://github.com/elastic/helm-charts/tree/7.7/kibana/examples) # Run this in a seperate terminal # Get the auto generated password password=$(kubectl get secret elastic-credentials -o jsonpath='{.data.password}' | base64 --decode) - echo $password + echo password # Test Kibana is working with curl or access it with your browser at https://localhost:5601 # The example certificate is self signed so you may see a warning about the certificate curl -I -k -u elastic:$password https://localhost:5601/app/kibana ``` + ## FAQ ### How to install plugins? -The recommended way to install plugins into our docker images is to create a custom docker image. +The recommended way to install plugins into our Docker images is to create a +custom Docker image. The Dockerfile would look something like: @@ -136,29 +180,46 @@ RUN bin/kibana-plugin install And then updating the `image` in values to point to your custom image. -There are a couple reasons we recommend this. - -1. Tying the availability of Kibana to the download service to install plugins is not a great idea or something that we recommend. Especially in Kubernetes where it is normal and expected for a container to be moved to another host at random times. -2. Mutating the state of a running docker image (by installing plugins) goes against best practices of containers and immutable infrastructure. - -## Testing - -This chart uses [pytest](https://docs.pytest.org/en/latest/) to test the templating logic. The dependencies for testing can be installed from the [`requirements.txt`](https://github.com/elastic/helm-charts/tree/7.7/requirements.txt) in the parent directory. - -``` -pip install -r ../requirements.txt -make test -``` - - -You can also use `helm template` to look at the YAML being generated - -``` -make template -``` - -It is possible to run all of the tests and linting inside of a docker container - -``` -make test -``` +There are a couple reasons we recommend this: + +1. Tying the availability of Kibana to the download service to install plugins +is not a great idea or something that we recommend. Especially in Kubernetes +where it is normal and expected for a container to be moved to another host at +random times. +2. Mutating the state of a running Docker image (by installing plugins) goes +against best practices of containers and immutable infrastructure. + + +## Contributing + +Please check [CONTRIBUTING.md][] before any contribution or for any questions +about our development and testing process. + + +[BREAKING_CHANGES.md]: https://github.com/elastic/helm-charts/blob/master/BREAKING_CHANGES.md +[CHANGELOG.md]: https://github.com/elastic/helm-charts/blob/master/CHANGELOG.md +[CONTRIBUTING.md]: https://github.com/elastic/helm-charts/blob/master/CONTRIBUTING.md +[annotations]: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ +[default elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/README.md#default +[environment variables]: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config +[kibana docker image]: https://www.elastic.co/guide/en/kibana/current/docker.html +[examples]: https://github.com/elastic/helm-charts/tree/7.7/kibana/examples +[helm]: https://helm.sh +[imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images +[imagePullSecrets]: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret +[ingress]: https://kubernetes.io/docs/concepts/services-networking/ingress/ +[labels]: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ +[nodeSelector]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector +[parent readme]: https://github.com/elastic/helm-charts/tree/7.7/README.md +[priorityClass]: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass +[probe]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ +[resources]: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ +[security enabled elasticsearch cluster]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/README.md#security +[securityContext]: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod +[server.host]: https://www.elastic.co/guide/en/kibana/current/settings.html +[service]: https://kubernetes.io/docs/concepts/services-networking/service/ +[serviceAccount]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ +[standard upgrade]: https://www.elastic.co/guide/en/kibana/current/upgrade-standard.html +[tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +[updateStrategy]: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#updating-a-deployment +[values.yaml]: https://github.com/elastic/helm-charts/tree/7.7/kibana/values.yaml diff --git a/kibana/values.yaml b/kibana/values.yaml index cc8e2cb8b..8af17fbc7 100755 --- a/kibana/values.yaml +++ b/kibana/values.yaml @@ -1,6 +1,4 @@ --- - -elasticsearchURL: "" # "http://elasticsearch-master:9200" elasticsearchHosts: "http://elasticsearch-master:9200" replicas: 1 @@ -144,3 +142,6 @@ lifecycle: {} # postStart: # exec: # command: ["/bin/sh", "-c", "echo Hello from the postStart handler > /usr/share/message"] + +# Deprecated - use only with versions < 6.6 +elasticsearchURL: "" # "http://elasticsearch-master:9200" diff --git a/logstash/README.md b/logstash/README.md index 5c0a2257b..4000b5668 100644 --- a/logstash/README.md +++ b/logstash/README.md @@ -1,167 +1,225 @@ # Logstash Helm Chart + + -This functionality is in beta and is subject to change. The design and code is less mature than official GA features and is being provided as-is with no warranties. Beta features are not subject to the support SLA of official GA features. -This helm chart is a lightweight way to configure and run our official [Logstash docker image](https://www.elastic.co/guide/en/logstash/current/docker.html) +- [Requirements](#requirements) +- [Installing](#installing) + - [Using Helm repository](#using-helm-repository) + - [Using the 7.7 branch](#using-the-77-branch) +- [Upgrading](#upgrading) +- [Usage notes](#usage-notes) +- [Configuration](#configuration) +- [Try it out](#try-it-out) + - [Default](#default) +- [FAQ](#faq) + - [How to install plugins?](#how-to-install-plugins) +- [Contributing](#contributing) + + + + + + +This functionality is in beta and is subject to change. The design and code is +less mature than official GA features and is being provided as-is with no +warranties. Beta features are not subject to the support SLA of official GA +features. + +This Helm chart is a lightweight way to configure and run our official +[Logstash Docker image][]. + ## Requirements -* [Helm](https://helm.sh/) >=2.8.0 and <3.0.0 (see parent [README](https://github.com/elastic/helm-charts/tree/7.7/README.md) for more details) +* [Helm][] >=2.8.0 and <3.0.0 (see [parent README][] for more details) * Kubernetes >=1.8 -## Usage notes and getting started - -* This repo includes a number of [example](https://github.com/elastic/helm-charts/tree/7.7/logstash/examples) configurations which can be used as a reference. They are also used in the automated testing of this chart -* Automated testing of this chart is currently only run against GKE (Google Kubernetes Engine). -* The chart deploys a statefulset and by default will do an automated rolling update of your cluster. It does this by waiting for the cluster health to become green after each instance is updated. If you prefer to update manually you can set [`updateStrategy: OnDelete`](https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#on-delete) -* It is important to verify that the JVM heap size in `logstashJavaOpts` and to set the CPU/Memory `resources` to something suitable for your cluster -* We have designed this chart to be very un-opinionated about how to configure Logstash. It exposes ways to set environment variables and mount secrets inside of the container. Doing this makes it much easier for this chart to support multiple versions with minimal changes. -* `logstash.yml` configuration files can be set either by a ConfigMap using `logstashConfig` in `values.yml` or by environment variables using `extraEnvs` in `values.yml`, however Logstash Docker image can't mix both methods as defining settings with environment variables causes `logstash.yml` to be modified in place while using ConfigMap bind-mount the same file (more details in this [Note](https://www.elastic.co/guide/en/logstash/6.7/docker-config.html#docker-env-config)). -* When overriding `logstash.yml`, `http.host: 0.0.0.0` should always be included to make default probes work. If restricting HTTP API to 127.0.0.1 is required by using `http.host: 127.0.0.1`, default probes should be disabled or overrided (see [values.yaml](https://github.com/elastic/helm-charts/tree/master/logstash/values.yaml) for the good syntax). ## Installing This chart is tested with the latest 7.7.0-SNAPSHOT versions. -* Add the elastic helm charts repo - - ```bash - helm repo add elastic https://helm.elastic.co - ``` +### Using Helm repository -* Install the latest 7.7 release +* Add the Elastic Helm charts repo: +`helm repo add elastic https://helm.elastic.co` - ```bash - helm install --name logstash elastic/logstash --version=7.7.0 - ``` +* Install the latest 7.7 release: +`helm install --name logstash elastic/logstash --version=7.7.0` ### Using the 7.7 branch -* Clone the git repo and checkout the right branch +* Clone the git repo and checkout the right branch: - ```bash + ```shell git clone git@github.com:elastic/helm-charts.git cd helm-charts git checkout -b 7.7 origin/7.7 - ``` - -* Install the latest 7.7.0-SNAPSHOT - - ```bash - helm install --name logstash ./helm-charts/logstash - ``` + ```` + +* Install the latest 7.7.0-SNAPSHOT: +`helm install --name logstash ./helm-charts/logstash` + + +## Upgrading + +Please always check [CHANGELOG.md][] and [BREAKING_CHANGES.md][] before +upgrading to a new chart version. + + +## Usage notes + +* This repo includes a number of [examples][] configurations which can be used +as a reference. They are also used in the automated testing of this chart +* Automated testing of this chart is currently only run against GKE (Google +Kubernetes Engine). +* The chart deploys a StatefulSet and by default will do an automated rolling +update of your cluster. It does this by waiting for the cluster health to become +green after each instance is updated. If you prefer to update manually you can +set `OnDelete` [updateStrategy][]. +* It is important to verify that the JVM heap size in `logstashJavaOpts` and to +set the CPU/Memory `resources` to something suitable for your cluster. +* We have designed this chart to be very un-opinionated about how to configure +Logstash. It exposes ways to set environment variables and mount secrets inside +of the container. Doing this makes it much easier for this chart to support +multiple versions with minimal changes. +* `logstash.yml` configuration files can be set either by a ConfigMap using +`logstashConfig` in `values.yml` or by environment variables using `extraEnvs` +in `values.yml` , however Logstash Docker image can't mix both methods as +defining settings with environment variables causes `logstash.yml` to be +modified in place while using ConfigMap bind-mount the same file (more details +in this [note][]). +* When overriding `logstash.yml`, `http.host: 0.0.0.0` should always be included +to make default probes work. If restricting HTTP API to 127.0.0.1 is required by +using `http.host: 127.0.0.1`, default probes should be disabled or overrided +(see [values.yaml][] for the good syntax). ## Configuration -| Parameter | Description | Default | -| ----------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------- | -| `antiAffinity` | Setting this to hard enforces the [anti-affinity rules](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity). If it is set to soft it will be done "best effort". Other values will be ignored. | `hard` | -| `antiAffinityTopologyKey` | The [anti-affinity topology key](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity). By default this will prevent multiple Logstash nodes from running on the same Kubernetes node | `kubernetes.io/hostname` | -| `extraContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | -| `extraEnvs` | Extra [environment variables](https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config) which will be appended to the `env:` definition for the container | `[]` | -| `envFrom` | Templatable string of envFrom to be passed to the [environment from variables](https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables) which will be appended to the `envFrom:` definition for the container | `[]` | -| `extraInitContainers` | Templatable string of additional init containers to be passed to the `tpl` function | `""` | -| `extraVolumes` | Templatable string of additional volumes to be passed to the `tpl` function | `""` | -| `extraVolumeMounts` | Templatable string of additional volumeMounts to be passed to the `tpl` function | `""` | -| `image` | The Logstash docker image | `docker.elastic.co/logstash/logstash` | -| `imagePullPolicy` | The Kubernetes [imagePullPolicy](https://kubernetes.io/docs/concepts/containers/images/#updating-images) value | `IfNotPresent` | -| `imagePullSecrets` | Configuration for [imagePullSecrets](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret) so that you can use a private registry for your image | `[]` | -| `imageTag` | The Logstash docker image tag | `7.7.0-SNAPSHOT` | -| `httpPort` | The http port that Kubernetes will use for the healthchecks and the service. | `9600` | -| `extraPorts` | An array of extra ports to open on the pod | `[]` | -| `labels` | Configurable [labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/) applied to all Logstash pods | `{}` | -| `lifecycle` | Allows you to add lifecycle configuration. See [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/logstash/values.yaml) for an example of the formatting. | `{}` | -| `livenessProbe` | Configuration fields for the [livenessProbe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/) | `failureThreshold: 3`
`initialDelaySeconds: 300`
`periodSeconds: 10`
`successThreshold: 3`
`timeoutSeconds: 5` | -| `logstashConfig` | Allows you to add any config files in `/usr/share/logstash/config/` such as `logstash.yml` and `log4j2.properties`. See [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/logstash/values.yaml) for an example of the formatting. | `{}` | -| `logstashJavaOpts` | Java options for Logstash. This is where you should configure the jvm heap size | `-Xmx1g -Xms1g` | -| `logstashPipeline` | Allows you to add any pipeline files in `/usr/share/logstash/pipeline/`. | `{}` | -| `maxUnavailable` | The [maxUnavailable](https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget) value for the pod disruption budget. By default this will prevent Kubernetes from having more than 1 unhealthy pod in the node group | `1` | -| `nodeAffinity` | Value for the [node affinity settings](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#node-affinity-beta-feature) | `{}` | -| `nodeSelector` | Configurable [nodeSelector](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector) so that you can target specific nodes for your Logstash cluster | `{}` | -| `persistence.annotations` | Additional persistence annotations for the `volumeClaimTemplate` | `{}` | -| `persistence.enabled` | Enables a persistent volume for Logstash data | `false` | -| `podAnnotations` | Configurable [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) applied to all Logstash pods | `{}` | -| `podManagementPolicy` | By default Kubernetes [deploys statefulsets serially](https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-management-policies). This deploys them in parallel so that they can discover each other | `Parallel` | -| `podSecurityContext` | Allows you to set the [securityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) for the pod | `fsGroup: 1000`
`runAsUser: 1000` | -| `podSecurityPolicy` | Configuration for create a pod security policy with minimal permissions to run this Helm chart with `create: true`. Also can be used to reference an external pod security policy with `name: "externalPodSecurityPolicy"` | `create: false`
`name: ""` | -| `priorityClassName` | The [name of the PriorityClass](https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass). No default is supplied as the PriorityClass must be created first. | `""` | -| `readinessProbe` | Configuration fields for the [readinessProbe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/) | `failureThreshold: 3`
`initialDelaySeconds: 60`
`periodSeconds: 10`
`successThreshold: 3`
`timeoutSeconds: 5` | -| `replicas` | Kubernetes replica count for the statefulset (i.e. how many pods) | `1` | -| `resources` | Allows you to set the [resources](https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/) for the statefulset | `requests.cpu: 100m`
`requests.memory: 1536Mi`
`limits.cpu: 1000m`
`limits.memory: 1536Mi` | -| `schedulerName` | Name of the [alternate scheduler](https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/#specify-schedulers-for-pods) | `""` | -| `secretMounts` | Allows you easily mount a secret as a file inside the statefulset. Useful for mounting certificates and other secrets. See [values.yaml](https://github.com/elastic/helm-charts/tree/7.7/logstash/values.yaml) for an example | `[]` | -| `securityContext` | Allows you to set the [securityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) for the container | `capabilities.drop:[ALL]`
`runAsNonRoot: true`
`runAsUser: 1000` | -| `terminationGracePeriod` | The [terminationGracePeriod](https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods) in seconds used when trying to stop the pod | `120` | -| `tolerations` | Configurable [tolerations](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` | -| `updateStrategy` | The [updateStrategy](https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#updating-statefulsets) for the statefulset. By default Kubernetes will wait for the cluster to be green after upgrading each pod. Setting this to `OnDelete` will allow you to manually delete each pod during upgrades | `RollingUpdate` | -| `volumeClaimTemplate` | Configuration for the [volumeClaimTemplate for statefulsets](https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#stable-storage). You will want to adjust the storage (default `30Gi`) and the `storageClassName` if you are using a different storage class | `accessModes: [ "ReadWriteOnce" ]`
`resources.requests.storage: 1Gi` | -| `rbac` | Configuration for creating a role, role binding and service account as part of this helm chart with `create: true`. Also can be used to reference an external service account with `serviceAccountName: "externalServiceAccountName"`. | `create: false`
`serviceAccountName: ""` | -| `fullnameOverride` | Overrides the full name of the resources. If not set the name will default to "`.Release.Name`-`.Values.nameOverride or .Chart.Name`" | `""` | +| Parameter | Description | Default | +|---------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------| +| `antiAffinityTopologyKey` | The [anti-affinity][] topology key]. By default this will prevent multiple Logstash nodes from running on the same Kubernetes node | `kubernetes.io/hostname` | +| `antiAffinity` | Setting this to hard enforces the [anti-affinity][] rules. If it is set to soft it will be done "best effort". Other values will be ignored | `hard` | +| `envFrom` | Templatable string to be passed to the [environment from variables][] which will be appended to the `envFrom:` definition for the container | `[]` | +| `extraContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | +| `extraEnvs` | Extra [environment variables][] which will be appended to the `env:` definition for the container | `[]` | +| `extraInitContainers` | Templatable string of additional `initContainers` to be passed to the `tpl` function | `""` | +| `extraPorts` | An array of extra ports to open on the pod | `[]` | +| `extraVolumeMounts` | Templatable string of additional `volumeMounts` to be passed to the `tpl` function | `""` | +| `extraVolumes` | Templatable string of additional `volumes` to be passed to the `tpl` function | `""` | +| `fullnameOverride` | Overrides the full name of the resources. If not set the name will default to " `.Release.Name` - `.Values.nameOverride or .Chart.Name` " | `""` | +| `httpPort` | The http port that Kubernetes will use for the healthchecks and the service | `9600` | +| `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | +| `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | +| `imageTag` | The Logstash Docker image tag | `7.7.0-SNAPSHOT` | +| `image` | The Logstash Docker image | `docker.elastic.co/logstash/logstash` | +| `labels` | Configurable [labels][] applied to all Logstash pods | `{}` | +| `lifecycle` | Allows you to add lifecycle configuration. See [values.yaml][] for an example of the formatting | `{}` | +| `livenessProbe` | Configuration fields for the liveness [probe][] | see [values.yaml][] | +| `logstashConfig` | Allows you to add any config files in `/usr/share/logstash/config/` such as `logstash.yml` and `log4j2.properties` See [values.yaml][] for an example of the formatting | `{}` | +| `logstashJavaOpts` | Java options for Logstash. This is where you should configure the JVM heap size | `-Xmx1g -Xms1g` | +| `logstashPipeline` | Allows you to add any pipeline files in `/usr/share/logstash/pipeline/` | `{}` | +| `maxUnavailable` | The [maxUnavailable][] value for the pod disruption budget. By default this will prevent Kubernetes from having more than 1 unhealthy pod in the node group | `1` | +| `nameOverride` | Overrides the chart name for resources. If not set the name will default to `.Chart.Name` | `""` | +| `nodeAffinity` | Value for the [node affinity settings][] | `{}` | +| `nodeSelector` | Configurable [nodeSelector][] so that you can target specific nodes for your Logstash cluster | `{}` | +| `persistence` | Enables a persistent volume for Logstash data | see [values.yaml][] | +| `podAnnotations` | Configurable [annotations][] applied to all Logstash pods | `{}` | +| `podManagementPolicy` | By default Kubernetes [deploys StatefulSets serially][]. This deploys them in parallel so that they can discover each other | `Parallel` | +| `podSecurityContext` | Allows you to set the [securityContext][] for the pod | see [values.yaml][] | +| `podSecurityPolicy` | Configuration for create a pod security policy with minimal permissions to run this Helm chart with `create: true` Also can be used to reference an external pod security policy with `name: "externalPodSecurityPolicy"` | see [values.yaml][] | +| `priorityClassName` | The name of the [PriorityClass][]. No default is supplied as the PriorityClass must be created first | `""` | +| `rbac` | Configuration for creating a role, role binding and service account as part of this Helm chart with `create: true` Also can be used to reference an external service account with `serviceAccountName: "externalServiceAccountName"` | see [values.yaml][] | +| `readinessProbe` | Configuration fields for the readiness [probe][] | see [values.yaml][] | +| `replicas` | Kubernetes replica count for the StatefulSet (i.e. how many pods) | `1` | +| `resources` | Allows you to set the [resources][] for the StatefulSet | see [values.yaml][] | +| `schedulerName` | Name of the [alternate scheduler][] | `""` | +| `secretMounts` | Allows you easily mount a secret as a file inside the StatefulSet. Useful for mounting certificates and other secrets. See [values.yaml][] for an example | `[]` | +| `securityContext` | Allows you to set the [securityContext][] for the container | see [values.yaml][] | +| `service` | Configurable [service][] to expose the Logstash service. | see [values.yaml][] | +| `terminationGracePeriod` | The [terminationGracePeriod][] in seconds used when trying to stop the pod | `120` | +| `tolerations` | Configurable [tolerations][] | `[]` | +| `updateStrategy` | The [updateStrategy][] for the StatefulSet. By default Kubernetes will wait for the cluster to be green after upgrading each pod. Setting this to `OnDelete` will allow you to manually delete each pod during upgrades | `RollingUpdate` | +| `volumeClaimTemplate` | Configuration for the [volumeClaimTemplate for StatefulSets][]. You will want to adjust the storage (default `30Gi` ) and the `storageClassName` if you are using a different storage class | see [values.yaml][] | + ## Try it out -In [examples/](https://github.com/elastic/helm-charts/tree/7.7/logstash/examples) you will find some example configurations. These examples are used for the automated testing of this helm chart +In [examples][] you will find some example configurations. These examples are +used for the automated testing of this Helm chart. ### Default -To deploy a cluster with all default values and run the integration tests +To deploy a cluster with all default values and run the integration tests: ``` cd examples/default make ``` -### FAQ -#### How to install plugins? +## FAQ + +### How to install plugins? -The [recommended](https://www.elastic.co/guide/en/logstash/current/docker-config.html#_custom_images) way to install plugins into our docker images is to create a custom docker image. +The recommended way to install plugins into our Docker images is to create a +[custom Docker image][]. The Dockerfile would look something like: ``` ARG logstash_version FROM docker.elastic.co/logstash/logstash:${logstash_version} - RUN bin/logstash-plugin install logstash-output-kafka ``` And then updating the `image` in values to point to your custom image. -There are a couple reasons we recommend this. - -1. Tying the availability of Logstash to the download service to install plugins is not a great idea or something that we recommend. Especially in Kubernetes where it is normal and expected for a container to be moved to another host at random times. -2. Mutating the state of a running docker image (by installing plugins) goes against best practices of containers and immutable infrastructure. - -## Testing - -This chart uses [pytest](https://docs.pytest.org/en/latest/) to test the templating logic. The dependencies for testing can be installed from the [`requirements.txt`](https://github.com/elastic/helm-charts/tree/7.7/requirements.txt) in the parent directory. - -``` -pip install -r ../requirements.txt -make pytest -``` - -You can also use `helm template` to look at the YAML being generated - -``` -make template -``` - -It is possible to run all of the tests and linting inside of a docker container - -``` -make test -``` - -## Integration Testing - -Integration tests are run using [goss](https://github.com/aelsabbahy/goss/blob/master/docs/manual.md) which is a serverspec like tool written in golang. See [goss.yaml](https://github.com/elastic/helm-charts/tree/7.7/logstash/examples/default/test/goss.yaml) for an example of what the tests look like. - -To run the goss tests against the default example: - -``` -cd examples/default -make goss -``` +There are a couple reasons we recommend this: + +1. Tying the availability of Logstash to the download service to install plugins +is not a great idea or something that we recommend. Especially in Kubernetes +where it is normal and expected for a container to be moved to another host at +random times. +2. Mutating the state of a running Docker image (by installing plugins) goes +against best practices of containers and immutable infrastructure. + + +## Contributing + +Please check [CONTRIBUTING.md][] before any contribution or for any questions +about our development and testing process. + + +[BREAKING_CHANGES.md]: https://github.com/elastic/helm-charts/blob/master/BREAKING_CHANGES.md +[CHANGELOG.md]: https://github.com/elastic/helm-charts/blob/master/CHANGELOG.md +[CONTRIBUTING.md]: https://github.com/elastic/helm-charts/blob/master/CONTRIBUTING.md +[alternate scheduler]: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/#specify-schedulers-for-pods +[annotations]: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ +[anti-affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity +[deploys statefulsets serially]: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-management-policies +[custom docker image]: https://www.elastic.co/guide/en/logstash/current/docker-config.html#_custom_images +[environment variables]: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config +[examples]: https://github.com/elastic/helm-charts/tree/7.7/logstash/examples +[helm]: https://helm.sh +[imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images +[imagePullSecrets]: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret +[labels]: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ +[logstash docker image]: https://www.elastic.co/guide/en/logstash/current/docker.html +[maxUnavailable]: https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget +[node affinity settings]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#node-affinity-beta-feature +[nodeSelector]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector +[note]: https://www.elastic.co/guide/en/logstash/current/docker-config.html#docker-env-config +[parent readme]: https://github.com/elastic/helm-charts/tree/7.7/README.md +[priorityClass]: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass +[probe]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ +[resources]: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ +[updateStrategy]: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/ +[securityContext]: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod +[terminationGracePeriod]: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods +[tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +[values.yaml]: https://github.com/elastic/helm-charts/tree/7.7/logstash/values.yaml +[updateStrategy]: https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#updating-statefulsets +[volumeClaimTemplate for statefulsets]: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#stable-storage diff --git a/metricbeat/README.md b/metricbeat/README.md index ecfae28a7..1febca509 100644 --- a/metricbeat/README.md +++ b/metricbeat/README.md @@ -1,187 +1,190 @@ # Metricbeat Helm Chart + + -This functionality is in beta and is subject to change. The design and code is less mature than official GA features and is being provided as-is with no warranties. Beta features are not subject to the support SLA of official GA features. -This helm chart is a lightweight way to configure and run our official [Metricbeat docker image](https://www.elastic.co/guide/en/beats/metricbeat/current/running-on-docker.html). +- [Requirements](#requirements) +- [Installing](#installing) + - [Using Helm repository](#using-helm-repository) + - [Using the 7.7 branch](#using-the-77-branch) +- [Upgrading](#upgrading) +- [Configuration](#configuration) + - [Deprecated](#deprecated) +- [Examples](#examples) + - [Default](#default) +- [Contributing](#contributing) -## Breaking Changes + + + -[7.5.1](https://github.com/elastic/helm-charts/releases/tag/7.5.1) release is introducing a breaking change for Metricbeat users upgrading from a previous chart version. -The breaking change tracked in [#395](https://github.com/elastic/helm-charts/issues/395) is failing `helm upgrade` command with the following error: -``` -UPGRADE FAILED -Error: Deployment.apps "metricbeat-kube-state-metrics" is invalid: spec.selector: Invalid value: v1.LabelSelector{MatchLabels:map[string]string{"app.kubernetes.io/name":"kube-state-metrics"}, MatchExpressions:[]v1.LabelSelectorRequirement(nil)}: field is immutable && Deployment.apps "metricbeat-metricbeat-metrics" is invalid: spec.selector: Invalid value: v1.LabelSelector{MatchLabels:map[string]string{"app":"metricbeat-metricbeat-metrics", "chart":"metricbeat-7.5.1", "heritage":"Tiller", "release":"metricbeat"}, MatchExpressions:[]v1.LabelSelectorRequirement(nil)}: field is immutable -Error: UPGRADE FAILED: Deployment.apps "metricbeat-kube-state-metrics" is invalid: spec.selector: Invalid value: v1.LabelSelector{MatchLabels:map[string]string{"app.kubernetes.io/name":"kube-state-metrics"}, MatchExpressions:[]v1.LabelSelectorRequirement(nil)}: field is immutable && Deployment.apps "metricbeat-metricbeat-metrics" is invalid: spec.selector: Invalid value: v1.LabelSelector{MatchLabels:map[string]string{"app":"metricbeat-metricbeat-metrics", "chart":"metricbeat-7.5.1", "heritage":"Tiller", "release":"metricbeat"}, MatchExpressions:[]v1.LabelSelectorRequirement(nil)}: field is immutable -``` -This is caused by the update of [kube-state-metrics](https://github.com/helm/charts/tree/master/stable/kube-state-metrics) chart dependency which is renaming some labels in [helm/charts#15261](https://github.com/helm/charts/pull/15261). +This functionality is in beta and is subject to change. The design and code is +less mature than official GA features and is being provided as-is with no +warranties. Beta features are not subject to the support SLA of official GA +features. + +This Helm chart is a lightweight way to configure and run our official +[Metricbeat Docker image][]. -The workaround is to use `--force` argument for `helm upgrade` command which will force Metricbeat resources update through delete/recreate. ## Requirements -* [Helm](https://helm.sh/) >=2.8.0 and <3.0.0 (see parent [README](https://github.com/elastic/helm-charts/tree/7.7/README.md) for more details) +* [Helm][] >=2.8.0 and <3.0.0 (see [parent README][] for more details) * Kubernetes >=1.9 + ## Installing This chart is tested with the latest 7.7.0-SNAPSHOT versions. -* Add the elastic helm charts repo - - ```bash - helm repo add elastic https://helm.elastic.co - ``` +### Using Helm repository -* Install the latest 7.7 release +* Add the Elastic Helm charts repo: +`helm repo add elastic https://helm.elastic.co` - ```bash - helm install --name metricbeat elastic/metricbeat --version=7.7.0 - ``` +* Install the latest 7.7 release: +`helm install --name metricbeat elastic/metricbeat --version=7.7.0` ### Using the 7.7 branch -* Clone the git repo and checkout the right branch +* Clone the git repo and checkout the right branch: - ```bash + ```shell git clone git@github.com:elastic/helm-charts.git cd helm-charts git checkout -b 7.7 origin/7.7 - ``` + ```` -* Install the latest 7.7.0-SNAPSHOT +* Install the latest 7.7.0-SNAPSHOT: +`helm install --name metricbeat ./helm-charts/metricbeat` - ```bash - helm install --name metricbeat ./helm-charts/metricbeat - ``` + +## Upgrading + +Please always check [CHANGELOG.md][] and [BREAKING_CHANGES.md][] before +upgrading to a new chart version. ## Configuration -| Parameter | Description | Default | -| --- | --- | --- | -| `daemonset.affinity` | Configurable [affinity][] for Metricbeat `DaemonSet`. | `{}` | -| `daemonset.envFrom` | Templatable string of `envFrom` to be passed to the [environment from variables][] which will be appended to Metricbeat container for `DaemonSet`. | `[]` | -| `daemonset.extraEnvs` | Extra [environment variables][] which will be appended to Metricbeat container for `DaemonSet`. | `[]` | -| `daemonset.extraVolumes` | Templatable string of additional volumes to be passed to the `tpl` function or `DaemonSet`. | `[]` | -| `daemonset.extraVolumeMounts` | Templatable string of additional volumeMounts to be passed to the `tpl` function or `DaemonSet`. | `[]` | -| `daemonset.hostNetworking` | Enable Metricbeat `DaemonSet` to use host network | `false` | -| `daemonset.metricbeatConfig` | Allows you to add any config files in `/usr/share/metricbeat` such as `metricbeat.yml` for Metricbeat `DaemonSet`. | see [values.yaml][] | -| `daemonset.nodeSelector` | Configurable [nodeSelector][] for Metricbeat `DaemonSet`. | `{}` | -| `daemonset.secretMounts` | Allows you easily mount a secret as a file inside the `DaemonSet`. Useful for mounting certificates and other secrets. See [values.yaml][] for an example | `[]` | -| `daemonset.securityContext` | Configurable [securityContext][] for Metricbeat `DaemonSet` pod execution environment. | `runAsUser: 0`
`privileged: false` | -| `daemonset.resources` | Allows you to set the [resources][] for Metricbeat `DaemonSet`. | `requests.cpu: 100m`
`requests.memory: 100Mi`
`limits.cpu: 1000m`
`limits.memory: 200Mi` | -| `daemonset.tolerations` | Configurable [tolerations][] for Metricbeat `DaemonSet`. | `[]` | -| `deployment.affinity` | Configurable [affinity][] for Metricbeat `Deployment`. | `{}` | -| `deployment.envFrom` | Templatable string of `envFrom` to be passed to the [environment from variables][] which will be appended to Metricbeat container for `Deployment`. | `[]` | -| `deployment.extraEnvs` | Extra [environment variables][] which will be appended to Metricbeat container for `Deployment`. | `[]` | -| `deployment.extraVolumes` | Templatable string of additional volumes to be passed to the `tpl` function or `Deployment`. | `[]` | -| `deployment.extraVolumeMounts` | Templatable string of additional volumeMounts to be passed to the `tpl` function or `DaemonSet`. | `[]` | -| `deployment.metricbeatConfig` | Allows you to add any config files in `/usr/share/metricbeat` such as `metricbeat.yml` for Metricbeat `Deployment`. | see [values.yaml][] | -| `deployment.nodeSelector` | Configurable [nodeSelector][] for Metricbeat `Deployment`. | `{}` | -| `deployment.secretMounts` | Allows you easily mount a secret as a file inside the `Deployment`. Useful for mounting certificates and other secrets. See [values.yaml][] for an example | `[]` | -| `deployment.securityContext` | Configurable [securityContext][] for Metricbeat `Deployment` pod execution environment. | `runAsUser: 0`
`privileged: false` | -| `deployment.resources` | Allows you to set the [resources][] for Metricbeat `Deployment`. | `requests.cpu: 100m`
`requests.memory: 100Mi`
`limits.cpu: 1000m`
`limits.memory: 200Mi` | -| `deployment.tolerations` | Configurable [tolerations][] for Metricbeat `Deployment`. | `[]` | -| `extraContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | -| `extraInitContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | -| `hostPathRoot` | Fully-qualified [hostPath][] that will be used to persist Metricbeat registry data | `/var/lib` | -| `image` | The Metricbeat docker image | `docker.elastic.co/beats/metricbeat` | -| `imageTag` | The Metricbeat docker image tag | `7.7.0-SNAPSHOT` | -| `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | -| `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `labels` | Configurable [label][] applied to all Metricbeat pods | `{}` | -| `managedServiceAccount` | Whether the `serviceAccount` should be managed by this helm chart. Set this to `false` in order to manage your own service account and related roles. | `true` | -| `clusterRoleRules` | Configurable [cluster role rules][] that Metricbeat uses to access Kubernetes resources. | see [values.yaml][] | -| `podAnnotations` | Configurable [annotations][] applied to all Metricbeat pods | `{}` | -| `livenessProbe` | Parameters to pass to [liveness probe][] checks for values such as timeouts and thresholds. | `failureThreshold: 3`
`initialDelaySeconds: 10`
`periodSeconds: 10`
`successThreshold: 3`
`timeoutSeconds: 5` | -| `readinessProbe` | Parameters to pass to [readiness probe][] checks for values such as timeouts and thresholds. | `failureThreshold: 3`
`initialDelaySeconds: 10`
`periodSeconds: 10`
`successThreshold: 3`
`timeoutSeconds: 5` | -| `serviceAccount` | Custom [serviceAccount][] that Metricbeat will use during execution. By default will use the service account created by this chart. | `""` | -| `terminationGracePeriod` | Termination period (in seconds) to wait before killing Metricbeat pod process on pod shutdown | `30` | -| `updateStrategy` | The [updateStrategy][] for the `DaemonSet`. By default Kubernetes will kill and recreate pods on updates. Setting this to `OnDelete` will require that pods be deleted manually. | `RollingUpdate` | -| `priorityClassName` | The [name of the PriorityClass][]. No default is supplied as the PriorityClass must be created first. | `""` | -| `replicas` | The replica count for the metricbeat deployment talking to kube-state-metrics | `1` | -| `fullnameOverride` | Overrides the full name of the resources. If not set the name will default to "`.Release.Name`-`.Values.nameOverride or .Chart.Name`" | `""` | + +| Parameter | Description | Default | +|--------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------| +| `clusterRoleRules` | Configurable [cluster role rules][] that Metricbeat uses to access Kubernetes resources | see [values.yaml][] | +| `daemonset.affinity` | Configurable [affinity][] for Metricbeat daemonset | `{}` | +| `daemonset.envFrom` | Templatable string of `envFrom` to be passed to the [environment from variables][] which will be appended to Metricbeat container for DaemonSet | `[]` | +| `daemonset.extraEnvs` | Extra [environment variables][] which will be appended to Metricbeat container for DaemonSet | `[]` | +| `daemonset.extraVolumeMounts` | Templatable string of additional `volumeMounts` to be passed to the `tpl` function or DaemonSet | `[]` | +| `daemonset.extraVolumes` | Templatable string of additional `volumes` to be passed to the `tpl` function or DaemonSet | `[]` | +| `daemonset.hostNetworking` | Enable Metricbeat DaemonSet to use `hostNetwork` | `false` | +| `daemonset.metricbeatConfig` | Allows you to add any config files in `/usr/share/metricbeat` such as `metricbeat.yml` for Metricbeat DaemonSet | see [values.yaml][] | +| `daemonset.nodeSelector` | Configurable [nodeSelector][] for Metricbeat DaemonSet | `{}` | +| `daemonset.resources` | Allows you to set the [resources][] for Metricbeat DaemonSet | see [values.yaml][] | +| `daemonset.secretMounts` | Allows you easily mount a secret as a file inside the DaemonSet. Useful for mounting certificates and other secrets. See [values.yaml][] for an example | `[]` | +| `daemonset.securityContext` | Configurable [securityContext][] for Metricbeat DaemonSet pod execution environment | see [values.yaml][] | +| `daemonset.tolerations` | Configurable [tolerations][] for Metricbeat DaemonSet | `[]` | +| `deployment.affinity` | Configurable [affinity][] for Metricbeat Deployment | `{}` | +| `deployment.envFrom` | Templatable string of `envFrom` to be passed to the [environment from variables][] which will be appended to Metricbeat container for Deployment | `[]` | +| `deployment.extraEnvs` | Extra [environment variables][] which will be appended to Metricbeat container for Deployment | `[]` | +| `deployment.extraVolumeMounts` | Templatable string of additional `volumeMounts` to be passed to the `tpl` function or DaemonSet | `[]` | +| `deployment.extraVolumes` | Templatable string of additional `volumes` to be passed to the `tpl` function or Deployment | `[]` | +| `deployment.metricbeatConfig` | Allows you to add any config files in `/usr/share/metricbeat` such as `metricbeat.yml` for Metricbeat Deployment | see [values.yaml][] | +| `deployment.nodeSelector` | Configurable [nodeSelector][] for Metricbeat Deployment | `{}` | +| `deployment.resources` | Allows you to set the [resources][] for Metricbeat Deployment | see [values.yaml][] | +| `deployment.secretMounts` | Allows you easily mount a secret as a file inside the Deployment Useful for mounting certificates and other secrets. See [values.yaml][] for an example | `[]` | +| `deployment.securityContext` | Configurable [securityContext][] for Metricbeat Deployment pod execution environment | see [values.yaml][] | +| `deployment.tolerations` | Configurable [tolerations][] for Metricbeat Deployment | `[]` | +| `extraContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | +| `extraInitContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | +| `fullnameOverride` | Overrides the full name of the resources. If not set the name will default to " `.Release.Name` - `.Values.nameOverride or .Chart.Name` " | `""` | +| `hostPathRoot` | Fully-qualified [hostPath][] that will be used to persist Metricbeat registry data | `/var/lib` | +| `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | +| `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | +| `imageTag` | The Metricbeat Docker image tag | `7.7.0-SNAPSHOT` | +| `image` | The Metricbeat Docker image | `docker.elastic.co/beats/metricbeat` | +| `labels` | Configurable [labels][] applied to all Metricbeat pods | `{}` | +| `livenessProbe` | Parameters to pass to liveness [probe][] checks for values such as timeouts and thresholds | see [values.yaml][] | +| `managedServiceAccount` | Whether the `serviceAccount` should be managed by this helm chart. Set this to `false` in order to manage your own service account and related roles | `true` | +| `nameOverride` | Overrides the chart name for resources. If not set the name will default to `.Chart.Name` | `""` | +| `podAnnotations` | Configurable [annotations][] applied to all Metricbeat pods | `{}` | +| `priorityClassName` | The name of the [PriorityClass][]. No default is supplied as the PriorityClass must be created first | `""` | +| `readinessProbe` | Parameters to pass to readiness [probe][] checks for values such as timeouts and thresholds | see [values.yaml][] | +| `replicas` | The replica count for the Metricbeat deployment talking to kube-state-metrics | `1` | +| `serviceAccount` | Custom [serviceAccount][] that Metricbeat will use during execution. By default will use the service account created by this chart | `""` | +| `terminationGracePeriod` | Termination period (in seconds) to wait before killing Metricbeat pod process on pod shutdown | `30` | +| `updateStrategy` | The [updateStrategy][] for the DaemonSet By default Kubernetes will kill and recreate pods on updates. Setting this to `OnDelete` will require that pods be deleted manually | `RollingUpdate` | ### Deprecated -| Parameter | Description | Default | -| --- | --- | --- | -| `affinity` | Configurable [affinity][] for Metricbeat `DaemonSet`. | `{}` | -| `extraEnvs` | Extra [environment variables][] which will be appended to Metricbeat container for both `DaemonSet` and `Deployment`. | `[]` | -| `extraVolumes` | Templatable string of additional volumes to be passed to the `tpl` function for both `DaemonSet` and `Deployment`. | `[]` | -| `extraVolumeMounts` | Templatable string of additional volumeMounts to be passed to the `tpl` function for both `DaemonSet` and `Deployment`. | `[]` | -| `deployment.envFrom` | Templatable string to be passed to the [environment from variables][] which will be appended to Metricbeat container for both `DaemonSet` and `Deployment`. | `[]` | -| `metricbeatConfig` | Allows you to add any config files in `/usr/share/metricbeat` such as `metricbeat.yml` for both Metricbeat `DaemonSet` and `Deployment`. | `{}` | -| `nodeSelector` | Configurable [nodeSelector][] for Metricbeat `DaemonSet`. | `{}` | -| `podSecurityContext` | Configurable [securityContext][] for Metricbeat `DaemonSet` and `Deployment` pod execution environment. | `{}` | -| `resources` | Allows you to set the [resources][] for both Metricbeat `DaemonSet` and `Deployment`. | `{}` | -| `secretMounts` | Allows you easily mount a secret as a file inside `DaemonSet` and `Deployment`. Useful for mounting certificates and other secrets. | `[]` | -| `tolerations` | Configurable [tolerations][] for both Metricbeat `DaemonSet` and `Deployment`. | `[]` | + +| Parameter | Description | Default | +|----------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------|---------| +| `affinity` | Configurable [affinity][] for Metricbeat DaemonSet | `{}` | +| `envFrom` | Templatable string to be passed to the [environment from variables][] which will be appended to Metricbeat container for both DaemonSet and Deployment | `[]` | +| `extraEnvs` | Extra [environment variables][] which will be appended to Metricbeat container for both DaemonSet and Deployment | `[]` | +| `extraVolumeMounts` | Templatable string of additional `volumeMounts` to be passed to the `tpl` function for both DaemonSet and Deployment | `[]` | +| `extraVolumes` | Templatable string of additional `volumes` to be passed to the `tpl` function for both DaemonSet and Deployment | `[]` | +| `metricbeatConfig` | Allows you to add any config files in `/usr/share/metricbeat` such as `metricbeat.yml` for both Metricbeat DaemonSet and Deployment | `{}` | +| `nodeSelector` | Configurable [nodeSelector][] for Metricbeat DaemonSet | `{}` | +| `podSecurityContext` | Configurable [securityContext][] for Metricbeat DaemonSet and Deployment pod execution environment | `{}` | +| `resources` | Allows you to set the [resources][] for both Metricbeat DaemonSet and Deployment | `{}` | +| `secretMounts` | Allows you easily mount a secret as a file inside DaemonSet and Deployment Useful for mounting certificates and other secrets | `[]` | +| `tolerations` | Configurable [tolerations][] for both Metricbeat DaemonSet and Deployment | `[]` | + ## Examples -In [examples/](https://github.com/elastic/helm-charts/tree/7.7/metricbeat/examples) you will find some example configurations. These examples are used for the automated testing of this helm chart. +In [examples][] you will find some example configurations. These examples are +used for the automated testing of this Helm chart. ### Default -* Deploy the [default Elasticsearch helm chart](https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/README.md#default) -* Deploy Metricbeat with the default values +* Deploy the [default Elasticsearch Helm chart][]. +* Deploy Metricbeat with the default values: + ``` cd examples/default make ``` -* You can now setup a port forward for Elasticsearch to observe Metricbeat indices + +* You can now setup a port forward for Elasticsearch to observe Metricbeat +indices: + ``` kubectl port-forward svc/elasticsearch-master 9200 curl localhost:9200/_cat/indices ``` -## Testing - -This chart uses [pytest](https://docs.pytest.org/en/latest/) to test the templating logic. The dependencies for testing can be installed from the [`requirements.txt`](https://github.com/elastic/helm-charts/tree/7.7/requirements.txt) in the parent directory. - -``` -pip install -r ../requirements.txt -make pytest -``` - -You can also use `helm template` to look at the YAML being generated -``` -make template -``` +## Contributing -It is possible to run all of the tests and linting inside of a docker container +Please check [CONTRIBUTING.md][] before any contribution or for any questions +about our development and testing process. -``` -make test -``` - -## Integration Testing - -Integration tests are run using [goss](https://github.com/aelsabbahy/goss/blob/master/docs/manual.md) which is a serverspec like tool written in golang. See [goss.yaml](https://github.com/elastic/helm-charts/tree/7.7/metricbeat/examples/default/test/goss.yaml) for an example of what the tests look like. - -To run the goss tests against the default example: -``` -cd examples/default -make goss -``` +[BREAKING_CHANGES.md]: https://github.com/elastic/helm-charts/blob/master/BREAKING_CHANGES.md +[CHANGELOG.md]: https://github.com/elastic/helm-charts/blob/master/CHANGELOG.md +[CONTRIBUTING.md]: https://github.com/elastic/helm-charts/blob/master/CONTRIBUTING.md [affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity [annotations]: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ +[default elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/README.md#default [cluster role rules]: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#role-and-clusterrole [environment variables]: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config [environment from variables]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables +[examples]: https://github.com/elastic/helm-charts/tree/7.7/metricbeat/examples +[helm]: https://helm.sh [hostPath]: https://kubernetes.io/docs/concepts/storage/volumes/#hostpath [imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images [imagePullSecrets]: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret -[label]: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ -[liveness probe]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ -[name of the PriorityClass]: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass +[kube-state-metrics]: https://github.com/helm/charts/tree/7.7/stable/kube-state-metrics +[labels]: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ +[metricbeat docker image]: https://www.elastic.co/guide/en/beats/metricbeat/current/running-on-docker.html +[priorityClass]: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass [nodeSelector]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector -[securityContext]: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ -[readiness probe]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ +[parent readme]: https://github.com/elastic/helm-charts/tree/7.7/README.md +[probe]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes [resources]: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ +[securityContext]: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ [serviceAccount]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ [tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ [updateStrategy]: https://kubernetes.io/docs/tasks/manage-daemon/update-daemon-set/#daemonset-update-strategy -[values.yaml]: https://github.com/elastic/helm-charts/tree/master/metricbeat/values.yaml +[values.yaml]: https://github.com/elastic/helm-charts/tree/7.7/metricbeat/values.yaml diff --git a/metricbeat/examples/default/README.md b/metricbeat/examples/default/README.md new file mode 100644 index 000000000..b6913179b --- /dev/null +++ b/metricbeat/examples/default/README.md @@ -0,0 +1,27 @@ +# Default + +This example deploy Metricbeat 7.7.0-SNAPSHOT using [default values][]. + + +## Usage + +* Deploy [Elasticsearch Helm chart][]. + +* Deploy Metricbeat chart with the default values: `make install` + +* You can now setup a port forward to query Metricbeat indices: + + ``` + kubectl port-forward svc/elasticsearch-master 9200 + curl localhost:9200/_cat/indices + ``` + + +## Testing + +You can also run [goss integration tests][] using `make test` + + +[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/default/ +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/metricbeat/examples/default/test/goss.yaml +[default values]: https://github.com/elastic/helm-charts/tree/7.7/metricbeat/values.yaml From f3f4e2781fe9aa14ccc8608eece0de17518d71c1 Mon Sep 17 00:00:00 2001 From: Julien Mailleret Date: Tue, 28 Apr 2020 19:47:45 +0200 Subject: [PATCH 021/151] FAQ and examples improvements (#598) (#600) FAQ and examples improvements (#598) - Add missing section in contributing guide - Add note about ECK - Add more FAQ topics - Document all examples - NIT: fixes typos... --- CONTRIBUTING.md | 16 ++ README.md | 22 +- apm-server/README.md | 42 +-- apm-server/examples/default/README.md | 27 ++ apm-server/examples/oss/README.md | 27 ++ apm-server/examples/security/README.md | 28 ++ elasticsearch/README.md | 271 ++++++++---------- elasticsearch/examples/config/README.md | 26 +- elasticsearch/examples/default/README.md | 25 ++ .../examples/docker-for-mac/README.md | 23 ++ .../examples/kubernetes-kind/README.md | 30 +- elasticsearch/examples/microk8s/README.md | 20 +- elasticsearch/examples/minikube/README.md | 38 +++ elasticsearch/examples/multi/README.md | 27 ++ elasticsearch/examples/openshift/README.md | 24 ++ elasticsearch/examples/oss/README.md | 23 ++ elasticsearch/examples/security/README.md | 29 ++ elasticsearch/examples/upgrade/README.md | 19 ++ elasticsearch/values.yaml | 2 +- filebeat/README.md | 55 ++-- filebeat/examples/default/README.md | 27 ++ filebeat/examples/oss/README.md | 27 ++ filebeat/examples/security/README.md | 28 ++ kibana/README.md | 111 ++++--- kibana/examples/default/README.md | 27 ++ kibana/examples/openshift/README.md | 26 ++ kibana/examples/oss/README.md | 27 ++ kibana/examples/security/README.md | 28 ++ logstash/README.md | 34 +-- logstash/examples/default/README.md | 17 ++ logstash/examples/elasticsearch/README.md | 28 ++ logstash/examples/oss/README.md | 17 ++ metricbeat/README.md | 85 ++++-- metricbeat/examples/oss/README.md | 27 ++ metricbeat/examples/security/README.md | 28 ++ 35 files changed, 1022 insertions(+), 289 deletions(-) create mode 100644 apm-server/examples/default/README.md create mode 100644 apm-server/examples/oss/README.md create mode 100644 apm-server/examples/security/README.md create mode 100644 elasticsearch/examples/default/README.md create mode 100644 elasticsearch/examples/docker-for-mac/README.md create mode 100644 elasticsearch/examples/minikube/README.md create mode 100644 elasticsearch/examples/multi/README.md create mode 100644 elasticsearch/examples/openshift/README.md create mode 100644 elasticsearch/examples/oss/README.md create mode 100644 elasticsearch/examples/security/README.md create mode 100644 elasticsearch/examples/upgrade/README.md create mode 100644 filebeat/examples/default/README.md create mode 100644 filebeat/examples/oss/README.md create mode 100644 filebeat/examples/security/README.md create mode 100644 kibana/examples/default/README.md create mode 100644 kibana/examples/openshift/README.md create mode 100644 kibana/examples/oss/README.md create mode 100644 kibana/examples/security/README.md create mode 100644 logstash/examples/default/README.md create mode 100644 logstash/examples/elasticsearch/README.md create mode 100644 logstash/examples/oss/README.md create mode 100644 metricbeat/examples/oss/README.md create mode 100644 metricbeat/examples/security/README.md diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 477c275db..89f4722a8 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -12,6 +12,7 @@ - [Commits and Merging](#commits-and-merging) - [Rebasing and fixing merge conflicts](#rebasing-and-fixing-merge-conflicts) - [What Goes Into a Pull Request](#what-goes-into-a-pull-request) +- [Submitting a Pull Request](#submitting-a-pull-request) - [Releases](#releases) - [Testing](#testing) - [Templating tests](#templating-tests) @@ -169,6 +170,21 @@ appropriate. * See [Submitting a Pull Request](#submitting-a-pull-request) for more info. +## Submitting a Pull Request + +Push your local changes to your forked copy of the repository and submit a Pull +Request. In the Pull Request, describe what your changes do and mention the +number of the issue where discussion has taken place, e.g., “Closes #123″. + +Always submit your pull against `master` unless the bug is only present in an +older version. If the bug affects both master and another branch say so in your +pull. + +Then sit back and wait. There will probably be discussion about the Pull Request +and, if any changes are needed, we'll work with you to get your Pull Request +merged into Kibana. + + ## Releases Just like with the rest of the stack, all versions in this helm chart repo are diff --git a/README.md b/README.md index 8bab50ce9..ada0377f1 100644 --- a/README.md +++ b/README.md @@ -16,12 +16,12 @@ added below. | Chart | Docker documentation | |--------------------------------------------|---------------------------------------------------------------------------------| -| [APM-Server](./apm-server/README.md) | https://www.elastic.co/guide/en/apm/server/current/running-on-docker.html | -| [Elasticsearch](./elasticsearch/README.md) | https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html | -| [Filebeat](./filebeat/README.md) | https://www.elastic.co/guide/en/beats/filebeat/current/running-on-docker.html | -| [Kibana](./kibana/README.md) | https://www.elastic.co/guide/en/kibana/current/docker.html | -| [Logstash](./logstash/README.md) | https://www.elastic.co/guide/en/logstash/current/docker.html | -| [Metricbeat](./metricbeat/README.md) | https://www.elastic.co/guide/en/beats/metricbeat/current/running-on-docker.html | +| [APM-Server](./apm-server/README.md) | https://www.elastic.co/guide/en/apm/server/7.7/running-on-docker.html | +| [Elasticsearch](./elasticsearch/README.md) | https://www.elastic.co/guide/en/elasticsearch/reference/7.7/docker.html | +| [Filebeat](./filebeat/README.md) | https://www.elastic.co/guide/en/beats/filebeat/7.7/running-on-docker.html | +| [Kibana](./kibana/README.md) | https://www.elastic.co/guide/en/kibana/7.7/docker.html | +| [Logstash](./logstash/README.md) | https://www.elastic.co/guide/en/logstash/7.7/docker.html | +| [Metricbeat](./metricbeat/README.md) | https://www.elastic.co/guide/en/beats/metricbeat/7.7/running-on-docker.html | ## Kubernetes Versions @@ -35,7 +35,17 @@ While we are checking backward compatibility, the charts are only tested with Helm version mentioned in [helm-tester Dockerfile][] (currently 2.16.6). Note that we don't support [Helm 3][] version. +## ECK + +In addition of these Helm charts, Elastic also provides +[Elastic Cloud on Kubernetes][] which is based on [Operator pattern][] and is +Elastic recommended way to deploy Elasticsearch, Kibana and APM Server on +Kubernetes. + + [currently tested]: https://devops-ci.elastic.co/job/elastic+helm-charts+7.7/ +[elastic cloud on kubernetes]: https://github.com/elastic/cloud-on-k8s [helm 3]: https://v3.helm.sh [helm-tester Dockerfile]: https://github.com/elastic/helm-charts/blob/7.7/helpers/helm-tester/Dockerfile [helpers/matrix.yml]: https://github.com/elastic/helm-charts/blob/7.7/helpers/matrix.yml +[operator pattern]: https://kubernetes.io/docs/concepts/extend-kubernetes/operator/ diff --git a/apm-server/README.md b/apm-server/README.md index af9e7616a..3aa695991 100644 --- a/apm-server/README.md +++ b/apm-server/README.md @@ -10,8 +10,9 @@ - [Upgrading](#upgrading) - [Usage notes](#usage-notes) - [Configuration](#configuration) -- [Examples](#examples) - - [Default](#default) +- [FAQ](#faq) + - [How to use APM Server with Elasticsearch with security (authentication and TLS) enabled?](#how-to-use-apm-server-with-elasticsearch-with-security-authentication-and-tls-enabled) + - [How to install OSS version of APM Server?](#how-to-install-oss-version-of-apm-server) - [Contributing](#contributing) @@ -75,6 +76,9 @@ can easily be overridden in the config value `apmConfig.apm-server.yml`. * Automated testing of this chart is currently only run against GKE (Google Kubernetes Engine). +* This repo includes a number of [examples][] configurations which can be used +as a reference. They are also used in the automated testing of this chart. + ## Configuration @@ -115,28 +119,23 @@ Kubernetes Engine). | `updateStrategy` | Allows you to change the default [updateStrategy][] for the deployment | see [values.yaml][] | -## Examples - -In [examples][] you will find some example configurations. These examples are -used for the automated testing of this Helm chart. +## FAQ -### Default +### How to use APM Server with Elasticsearch with security (authentication and TLS) enabled? -* Deploy the [default Elasticsearch Helm chart][]. +This Helm chart can use existing [Kubernetes secrets][] to setup +credentials or certificates for examples. These secrets should be created +outside of this chart and accessed using [environment variables][] and volumes. -* Deploy APM Server with the default values: +An example can be found in [examples/security][]. - ``` - cd examples/default - make - ``` +### How to install OSS version of APM Server? -* You can now setup a port forward for Elasticsearch to observe APM indices: +Deploying OSS version of Elasticsearch can be done by setting `image` value to +[APM Server OSS Docker image][] - ``` - kubectl port-forward svc/elasticsearch-master 9200 - curl localhost:9200/_cat/indices - ``` +An example of APM Server deployment using OSS version can be found in +[examples/oss][]. ## Contributing @@ -150,15 +149,20 @@ about our development and testing process. [CONTRIBUTING.md]: https://github.com/elastic/helm-charts/blob/master/CONTRIBUTING.md [affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity [annotations]: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ -[apm server docker image]: https://www.elastic.co/guide/en/apm/server/current/running-on-docker.html +[apm server docker image]: https://www.elastic.co/guide/en/apm/server/7.7/running-on-docker.html +[apm server oss docker image]: https://www.docker.elastic.co/#apm-server-7-7-0-oss [default elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/README.md#default [environment variables]: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config +[environment from variables]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables [examples]: https://github.com/elastic/helm-charts/tree/7.7/apm-server/examples +[examples/oss]: https://github.com/elastic/helm-charts/tree/7.7/apm-server/examples/oss +[examples/security]: https://github.com/elastic/helm-charts/tree/7.7/apm-server/examples/security [helm]: https://helm.sh [horizontal pod autoscaler]: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ [imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images [imagePullSecrets]: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret [ingress]: https://kubernetes.io/docs/concepts/services-networking/ingress/ +[kubernetes secrets]: https://kubernetes.io/docs/concepts/configuration/secret/ [labels]: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ [lifecycle hooks]: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/ [nodeSelector]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector diff --git a/apm-server/examples/default/README.md b/apm-server/examples/default/README.md new file mode 100644 index 000000000..8af8a5038 --- /dev/null +++ b/apm-server/examples/default/README.md @@ -0,0 +1,27 @@ +# Default + +This example deploy APM Server 7.7.0-SNAPSHOT using [default values][]. + + +## Usage + +* Deploy [Elasticsearch Helm chart][]. + +* Deploy APM Server chart with the default values: `make install` + +* You can now setup a port forward to query APM indices: + + ``` + kubectl port-forward svc/elasticsearch-master 9200 + curl localhost:9200/_cat/indices + ``` + + +## Testing + +You can also run [goss integration tests][] using `make test` + + +[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/default/ +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/apm-server/examples/default/test/goss.yaml +[default values]: https://github.com/elastic/helm-charts/tree/7.7/apm-server/values.yaml diff --git a/apm-server/examples/oss/README.md b/apm-server/examples/oss/README.md new file mode 100644 index 000000000..e32234f8a --- /dev/null +++ b/apm-server/examples/oss/README.md @@ -0,0 +1,27 @@ +# OSS + +This example deploy APM Server 7.7.0-SNAPSHOT using [APM Server OSS][] version. + + +## Usage + +* Deploy [Elasticsearch Helm chart][]. + +* Deploy APM Server chart with the default values: `make install` + +* You can now setup a port forward to query APM indices: + + ``` + kubectl port-forward svc/oss-master 9200 + curl localhost:9200/_cat/indices + ``` + + +## Testing + +You can also run [goss integration tests][] using `make test` + + +[apm server oss]: https://www.elastic.co/downloads/apm-oss +[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/oss/ +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/apm-server/examples/oss/test/goss.yaml diff --git a/apm-server/examples/security/README.md b/apm-server/examples/security/README.md new file mode 100644 index 000000000..517e53f86 --- /dev/null +++ b/apm-server/examples/security/README.md @@ -0,0 +1,28 @@ +# Security + +This example deploy APM Server 7.7.0-SNAPSHOT using authentication and TLS to connect to +Elasticsearch (see [values][]). + + +## Usage + +* Deploy [Elasticsearch Helm chart][]. + +* Deploy APM Server chart with security: `make install` + +* You can now setup a port forward to query APM indices: + + ``` + kubectl port-forward svc/security-master 9200 + curl -u elastic:changeme https://localhost:9200/_cat/indices + ``` + + +## Testing + +You can also run [goss integration tests][] using `make test` + + +[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/security/ +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/apm-server/examples/security/test/goss.yaml +[values]: https://github.com/elastic/helm-charts/tree/7.7/apm-server/examples/security/values.yaml diff --git a/elasticsearch/README.md b/elasticsearch/README.md index aaecfdb79..ee568fa06 100644 --- a/elasticsearch/README.md +++ b/elasticsearch/README.md @@ -9,26 +9,22 @@ - [Using the 7.7 branch](#using-the-77-branch) - [Upgrading](#upgrading) - [Usage notes](#usage-notes) -- [Migration from helm/charts stable](#migration-from-helmcharts-stable) - [Configuration](#configuration) - [Deprecated](#deprecated) -- [Try it out](#try-it-out) - - [Default](#default) - - [Multi](#multi) - - [Security](#security) - [FAQ](#faq) + - [How to deploy this chart on a specific K8S distribution?](#how-to-deploy-this-chart-on-a-specific-k8s-distribution) + - [How to deploy dedicated nodes types?](#how-to-deploy-dedicated-nodes-types) + - [Clustering and Node Discovery](#clustering-and-node-discovery) + - [How to deploy clusters with security (authentication and TLS) enabled?](#how-to-deploy-clusters-with-security-authentication-and-tls-enabled) + - [How to migrate from helm/charts stable chart?](#how-to-migrate-from-helmcharts-stable-chart) + - [How to install OSS version of Elasticsearch?](#how-to-install-oss-version-of-elasticsearch) - [How to install plugins?](#how-to-install-plugins) - [How to use the keystore?](#how-to-use-the-keystore) - [Basic example](#basic-example) - [Multiple keys](#multiple-keys) - [Custom paths and keys](#custom-paths-and-keys) - [How to enable snapshotting?](#how-to-enable-snapshotting) -- [Local development environments](#local-development-environments) - - [Minikube](#minikube) - - [Docker for Mac - Kubernetes](#docker-for-mac---kubernetes) - - [KIND - Kubernetes](#kind---kubernetes) - - [MicroK8S](#microk8s) -- [Clustering and Node Discovery](#clustering-and-node-discovery) + - [How to configure templates post-deployment?](#how-to-configure-templates-post-deployment) - [Contributing](#contributing) @@ -112,12 +108,6 @@ inside of the container. Doing this makes it much easier for this chart to support multiple versions with minimal changes. -## Migration from helm/charts stable - -If you currently have a cluster deployed with the [helm/charts stable][] chart -you can follow the [migration guide][]. - - ## Configuration | Parameter | Description | Default | @@ -145,7 +135,7 @@ you can follow the [migration guide][]. | `initResources` | Allows you to set the [resources][] for the `initContainer` in the StatefulSet | `{}` | | `keystore` | Allows you map Kubernetes secrets into the keystore. See the [config example][] and [how to use the keystore][] | `[]` | | `labels` | Configurable [labels][] applied to all Elasticsearch pods | `{}` | -| `lifecycle` | Allows you to add lifecycle configuration. See [values.yaml][] for an example of the formatting | `{}` | +| `lifecycle` | Allows you to add [lifecycle hooks][]. See [values.yaml][] for an example of the formatting | `{}` | | `masterService` | The service name used to connect to the masters. You only need to set this if your master `nodeGroup` is set to something other than `master`. See [Clustering and Node Discovery][] for more information | `""` | | `masterTerminationFix` | A workaround needed for Elasticsearch < 7.2 to prevent master status being lost during restarts [#63][] | `false` | | `maxUnavailable` | The [maxUnavailable][] value for the pod disruption budget. By default this will prevent Kubernetes from having more than 1 unhealthy pod in the node group | `1` | @@ -195,47 +185,80 @@ you can follow the [migration guide][]. | `fsGroup` | The Group ID (GID) for [securityContext][] so that the Elasticsearch user can read from the persistent volume | `""` | -## Try it out +## FAQ -In [examples][] you will find some example configurations. These examples are -used for the automated testing of this Helm chart. +### How to deploy this chart on a specific K8S distribution? -### Default +This chart is designed to run on production scale Kubernetes clusters with +multiple nodes, lots of memory and persistent storage. For that reason it can be +a bit tricky to run them against local Kubernetes environments such as +[Minikube][]. -To deploy a cluster with all default values and run the integration tests: +This chart is highly tested with [GKE][], but some K8S distribution also +requires specific configurations. -``` -cd examples/default -make -``` +We provide examples of configuration for the following K8S providers: -### Multi +- [Docker for Mac][] +- [KIND][] +- [Minikube][] +- [MicroK8S][] +- [OpenShift][] -A cluster with dedicated node types: +### How to deploy dedicated nodes types? -``` -cd examples/multi -make -``` +All the Elasticsearch pods deployed share the same configuration. If you need to +deploy dedicated [nodes types][] (for example dedicated master and data nodes), +you can deploy multiple releases of this chart with different configurations +while they share the same `clusterName` value. -### Security +For each Helm release, the nodes types can then be defined using `roles` value. -A cluster with node to node security and https enabled. This example uses -autogenerated certificates and password, for a production deployment you want to -generate SSL certificates following the [official docs][node-certificates]. +An example of Elasticsearch cluster using 2 different Helm releases for master +and data nodes can be found in [examples/multi][]. -Generate the certificates and install Elasticsearch: +#### Clustering and Node Discovery -``` -cd examples/security -make +This chart facilitates Elasticsearch node discovery and services by creating two +`Service` definitions in Kubernetes, one with the name `$clusterName-$nodeGroup` +and another named `$clusterName-$nodeGroup-headless`. +Only `Ready` pods are a part of the `$clusterName-$nodeGroup` service, while all +pods ( `Ready` or not) are a part of `$clusterName-$nodeGroup-headless`. -# Run a curl command to interact with the cluster -kubectl exec -ti security-master-0 -- sh -c 'curl -u $ELASTIC_USERNAME:$ELASTIC_PASSWORD -k https://localhost:9200/_cluster/health?pretty' -``` +If your group of master nodes has the default `nodeGroup: master` then you can +just add new groups of nodes with a different `nodeGroup` and they will +automatically discover the correct master. If your master nodes have a different +`nodeGroup` name then you will need to set `masterService` to +`$clusterName-$masterNodeGroup`. +The chart value for `masterService` is used to populate +`discovery.zen.ping.unicast.hosts` , which Elasticsearch nodes will use to +contact master nodes and form a cluster. +Therefore, to add a group of nodes to an existing cluster, setting +`masterService` to the desired `Service` name of the related cluster is +sufficient. -## FAQ +### How to deploy clusters with security (authentication and TLS) enabled? + +This Helm chart can use existing [Kubernetes secrets][] to setup +credentials or certificates for examples. These secrets should be created +outside of this chart and accessed using [environment variables][] and volumes. + +An example of Elasticsearch cluster using security can be found in +[examples/security][]. + +### How to migrate from helm/charts stable chart? + +If you currently have a cluster deployed with the [helm/charts stable][] chart +you can follow the [migration guide][]. + +### How to install OSS version of Elasticsearch? + +Deploying OSS version of Elasticsearch can be done by setting `image` value to +[Elasticsearch OSS Docker image][] + +An example of Elasticsearch cluster using OSS version can be found in +[examples/oss][]. ### How to install plugins? @@ -334,92 +357,32 @@ following the [how to use the keystore][] guide. there are plans to have Elasticsearch manage automated snapshots with [Snapshot Lifecycle Management][]. - -## Local development environments - -This chart is designed to run on production scale Kubernetes clusters with -multiple nodes, lots of memory and persistent storage. For that reason it can be -a bit tricky to run them against local Kubernetes environments such as minikube. -Below are some examples of how to get this working locally. - -### Minikube - -This chart also works successfully on [minikube][] in addition to typical hosted -Kubernetes environments. An example `values.yaml` file for minikube is provided -under `examples/`. - -In order to properly support the required persistent volume claims for the -Elasticsearch `StatefulSet` , the `default-storageclass` and -`storage-provisioner` minikube addons must be enabled: - -``` -minikube addons enable default-storageclass -minikube addons enable storage-provisioner -cd examples/minikube -make -``` - -Note that if `helm` or `kubectl` timeouts occur, you may consider creating a -minikube VM with more CPU cores or memory allocated. - -### Docker for Mac - Kubernetes - -It is also possible to run this chart with the built in Kubernetes cluster that -comes with [docker-for-mac][]: - -``` -cd examples/docker-for-mac -make +### How to configure templates post-deployment? + +You can use `postStart` [lifecycle hooks][] to run code triggered after a +container is created. + +Here is an example of `postStart` hook to configure templates: + +```yaml +lifecycle: + postStart: + exec: + command: + - bash + - -c + - | + #!/bin/bash + # Add a template to adjust number of shards/replicas + TEMPLATE_NAME=my_template + INDEX_PATTERN="logstash-*" + SHARD_COUNT=8 + REPLICA_COUNT=1 + ES_URL=http://localhost:9200 + while [[ "$(curl -s -o /dev/null -w '%{http_code}\n' $ES_URL)" != "200" ]]; do sleep 1; done + curl -XPUT "$ES_URL/_template/$TEMPLATE_NAME" -H 'Content-Type: application/json' -d'{"index_patterns":['\""$INDEX_PATTERN"\"'],"settings":{"number_of_shards":'$SHARD_COUNT',"number_of_replicas":'$REPLICA_COUNT'}}' ``` -### KIND - Kubernetes - -It is also possible to run this chart using a Kubernetes [KIND][] (Kubernetes in -Docker) cluster: - -``` -cd examples/kubernetes-kind -make -``` - -### MicroK8S - -It is also possible to run this chart using [MicroK8S][]: - -``` -microk8s.enable dns -microk8s.enable helm -microk8s.enable storage -cd examples/microk8s -make -``` - - -## Clustering and Node Discovery - -This chart facilitates Elasticsearch node discovery and services by creating two -`Service` definitions in Kubernetes, one with the name `$clusterName-$nodeGroup` -and another named `$clusterName-$nodeGroup-headless`. -Only `Ready` pods are a part of the `$clusterName-$nodeGroup` service, while all -pods ( `Ready` or not) are a part of `$clusterName-$nodeGroup-headless`. - -If your group of master nodes has the default `nodeGroup: master` then you can -just add new groups of nodes with a different `nodeGroup` and they will -automatically discover the correct master. If your master nodes have a different -`nodeGroup` name then you will need to set `masterService` to -`$clusterName-$masterNodeGroup`. - -The chart value for `masterService` is used to populate -`discovery.zen.ping.unicast.hosts` , which Elasticsearch nodes will use to -contact master nodes and form a cluster. -Therefore, to add a group of nodes to an existing cluster, setting -`masterService` to the desired `Service` name of the related cluster is -sufficient. - -For an example of deploying both a group master nodes and data nodes using -multiple releases of this chart, see the accompanying values files in -`examples/multi`. - ## Contributing @@ -434,57 +397,67 @@ about our development and testing process. [alternate scheduler]: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/#specify-schedulers-for-pods [annotations]: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ [anti-affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity -[cluster.name]: https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster.name.html +[cluster.name]: https://www.elastic.co/guide/en/elasticsearch/reference/7.7/cluster.name.html [clustering and node discovery]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/README.md#clustering-and-node-discovery [config example]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/config/values.yaml -[curator]: https://www.elastic.co/guide/en/elasticsearch/client/curator/current/snapshot.html -[custom docker image]: https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html#_c_customized_image +[curator]: https://www.elastic.co/guide/en/elasticsearch/client/curator/7.7/snapshot.html +[custom docker image]: https://www.elastic.co/guide/en/elasticsearch/reference/7.7/docker.html#_c_customized_image [deploys statefulsets serially]: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-management-policies -[discovery.zen.minimum_master_nodes]: https://www.elastic.co/guide/en/elasticsearch/reference/current/discovery-settings.html#minimum_master_nodes -[docker-for-mac]: https://docs.docker.com/docker-for-mac/kubernetes/ -[elasticsearch cluster health status params]: https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-health.html#request-params -[elasticsearch docker image]: https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html +[discovery.zen.minimum_master_nodes]: https://www.elastic.co/guide/en/elasticsearch/reference/7.7/discovery-settings.html#minimum_master_nodes +[docker for mac]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/docker-for-mac +[elasticsearch cluster health status params]: https://www.elastic.co/guide/en/elasticsearch/reference/7.7/cluster-health.html#request-params +[elasticsearch docker image]: https://www.elastic.co/guide/en/elasticsearch/reference/7.7/docker.html +[elasticsearch oss docker image]: https://www.docker.elastic.co/#elasticsearch-7-7-0-oss [environment variables]: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config +[environment from variables]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables [examples]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/ +[examples/multi]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/multi +[examples/oss]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/oss +[examples/security]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/security +[gke]: https://cloud.google.com/kubernetes-engine [helm]: https://helm.sh [helm/charts stable]: https://github.com/helm/charts/tree/master/stable/elasticsearch/ [how to install plugins guide]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/README.md#how-to-install-plugins [how to use the keystore]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/README.md#how-to-use-the-keystore -[http.port]: https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-http.html#_settings +[http.port]: https://www.elastic.co/guide/en/elasticsearch/reference/7.7/modules-http.html#_settings [imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images [imagePullSecrets]: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret [ingress]: https://kubernetes.io/docs/concepts/services-networking/ingress/ -[java options]: https://www.elastic.co/guide/en/elasticsearch/reference/current/jvm-options.html -[jvm heap size]: https://www.elastic.co/guide/en/elasticsearch/reference/current/heap-size.html -[kind]: https://github.com/kubernetes-sigs/kind +[java options]: https://www.elastic.co/guide/en/elasticsearch/reference/7.7/jvm-options.html +[jvm heap size]: https://www.elastic.co/guide/en/elasticsearch/reference/7.7/heap-size.html +[kind]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/kubernetes-kind +[kubernetes secrets]: https://kubernetes.io/docs/concepts/configuration/secret/ [labels]: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ +[lifecycle hooks]: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/ [loadBalancer annotations]: https://kubernetes.io/docs/concepts/services-networking/service/#ssl-support-on-aws [loadBalancer]: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer [maxUnavailable]: https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget [migration guide]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/migration/README.md -[minikube]: https://kubernetes.io/docs/setup/minikube/ -[microk8s]: https://microk8s.io +[minikube]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/minikube +[microk8s]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/microk8s [multi]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/multi/ -[network.host elasticsearch setting]: https://www.elastic.co/guide/en/elasticsearch/reference/current/network.host.html +[network.host elasticsearch setting]: https://www.elastic.co/guide/en/elasticsearch/reference/7.7/network.host.html [node affinity settings]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#node-affinity-beta-feature -[node-certificates]: https://www.elastic.co/guide/en/elasticsearch/reference/current/configuring-tls.html#node-certificates +[node-certificates]: https://www.elastic.co/guide/en/elasticsearch/reference/7.7/configuring-tls.html#node-certificates [nodePort]: https://kubernetes.io/docs/concepts/services-networking/service/#nodeport +[nodes types]: https://www.elastic.co/guide/en/elasticsearch/reference/7.7/modules-node.html [nodeSelector]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector +[openshift]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/openshift [parent readme]: https://github.com/elastic/helm-charts/tree/7.7/README.md [priorityClass]: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass [probe]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ [resources]: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ -[roles]: https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-node.html +[roles]: https://www.elastic.co/guide/en/elasticsearch/reference/7.7/modules-node.html [secret]: https://kubernetes.io/docs/concepts/configuration/secret/#using-secrets [securityContext]: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ [service types]: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types [snapshot lifecycle management]: https://github.com/elastic/elasticsearch/issues/38461 -[snapshot plugin]: https://www.elastic.co/guide/en/elasticsearch/plugins/current/repository.html -[snapshot repository]: https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-snapshots.html -[sysctl vm.max_map_count]: https://www.elastic.co/guide/en/elasticsearch/reference/current/vm-max-map-count.html#vm-max-map-count +[snapshot plugin]: https://www.elastic.co/guide/en/elasticsearch/plugins/7.7/repository.html +[snapshot repository]: https://www.elastic.co/guide/en/elasticsearch/reference/7.7/modules-snapshots.html +[sysctl vm.max_map_count]: https://www.elastic.co/guide/en/elasticsearch/reference/7.7/vm-max-map-count.html#vm-max-map-count [terminationGracePeriod]: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods [tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ -[transport port configuration]: https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-transport.html#_transport_settings +[transport port configuration]: https://www.elastic.co/guide/en/elasticsearch/reference/7.7/modules-transport.html#_transport_settings [updateStrategy]: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/ [values.yaml]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/values.yaml [volumeClaimTemplate for statefulsets]: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#stable-storage diff --git a/elasticsearch/examples/config/README.md b/elasticsearch/examples/config/README.md index d98d836bf..98d1360f5 100644 --- a/elasticsearch/examples/config/README.md +++ b/elasticsearch/examples/config/README.md @@ -1,3 +1,27 @@ # Config -An example testing suite for testing some of the optional features of this chart. +This example deploy a single node Elasticsearch 7.7.0-SNAPSHOT with authentication and +custom [values][]. + + +## Usage + +* Create the required secrets: `make secrets` + +* Deploy Elasticsearch chart with the default values: `make install` + +* You can now setup a port forward to query Elasticsearch API: + + ``` + kubectl port-forward svc/config-master 9200 + curl -u elastic:changeme http://localhost:9200/_cat/indices + ``` + + +## Testing + +You can also run [goss integration tests][] using `make test` + + +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/config/test/goss.yaml +[values]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/config/values.yaml diff --git a/elasticsearch/examples/default/README.md b/elasticsearch/examples/default/README.md new file mode 100644 index 000000000..495e2a1ac --- /dev/null +++ b/elasticsearch/examples/default/README.md @@ -0,0 +1,25 @@ +# Default + +This example deploy a 3 nodes Elasticsearch 7.7.0-SNAPSHOT cluster using +[default values][]. + + +## Usage + +* Deploy Elasticsearch chart with the default values: `make install` + +* You can now setup a port forward to query Elasticsearch API: + + ``` + kubectl port-forward svc/elasticsearch-master 9200 + curl localhost:9200/_cat/indices + ``` + + +## Testing + +You can also run [goss integration tests][] using `make test` + + +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/default/test/goss.yaml +[default values]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/values.yaml diff --git a/elasticsearch/examples/docker-for-mac/README.md b/elasticsearch/examples/docker-for-mac/README.md new file mode 100644 index 000000000..569bd416d --- /dev/null +++ b/elasticsearch/examples/docker-for-mac/README.md @@ -0,0 +1,23 @@ +# Docker for Mac + +This example deploy a 3 nodes Elasticsearch 7.7.0-SNAPSHOT cluster on [Docker for Mac][] +using [custom values][]. + +Note that this configuration should be used for test only and isn't recommended +for production. + + +## Usage + +* Deploy Elasticsearch chart with the default values: `make install` + +* You can now setup a port forward to query Elasticsearch API: + + ``` + kubectl port-forward svc/elasticsearch-master 9200 + curl localhost:9200/_cat/indices + ``` + + +[custom values]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/docker-for-mac/values.yaml +[docker for mac]: https://docs.docker.com/docker-for-mac/kubernetes/ diff --git a/elasticsearch/examples/kubernetes-kind/README.md b/elasticsearch/examples/kubernetes-kind/README.md index 3dfbe2f75..76ce26646 100644 --- a/elasticsearch/examples/kubernetes-kind/README.md +++ b/elasticsearch/examples/kubernetes-kind/README.md @@ -1,13 +1,13 @@ # KIND -An example of configuration for deploying Elasticsearch chart on [Kind][]. - -You can use `make install` to deploy it. +This example deploy a 3 nodes Elasticsearch 7.7.0-SNAPSHOT cluster on [Kind][] +using [custom values][]. Note that this configuration should be used for test only and isn't recommended for production. -## Current issue + +## Requirements There is currently an [kind issue][] with mount points created from PVCs not writable by non-root users. [kubernetes-sigs/kind#1157][] should fix it in a @@ -17,8 +17,22 @@ Meanwhile, the workaround is to install manually [Rancher Local Path Provisioner][] and use `local-path` storage class for Elasticsearch volumes (see [Makefile][] instructions). -[Kind]: https://kind.sigs.k8s.io/ -[Kind issue]: https://github.com/kubernetes-sigs/kind/issues/830 -[Kubernetes-sigs/kind#1157]: https://github.com/kubernetes-sigs/kind/pull/1157 -[Rancher Local Path Provisioner]: https://github.com/rancher/local-path-provisioner + +## Usage + +* Deploy Elasticsearch chart with the default values: `make install` + +* You can now setup a port forward to query Elasticsearch API: + + ``` + kubectl port-forward svc/elasticsearch-master 9200 + curl localhost:9200/_cat/indices + ``` + + +[custom values]: https://github.com/elastic/helm-charts/blob/7.7/elasticsearch/examples/kubernetes-kind/values.yaml +[kind]: https://kind.sigs.k8s.io/ +[kind issue]: https://github.com/kubernetes-sigs/kind/issues/830 +[kubernetes-sigs/kind#1157]: https://github.com/kubernetes-sigs/kind/pull/1157 +[rancher local path provisioner]: https://github.com/rancher/local-path-provisioner [Makefile]: https://github.com/elastic/helm-charts/blob/7.7/elasticsearch/examples/kubernetes-kind/Makefile#L5 diff --git a/elasticsearch/examples/microk8s/README.md b/elasticsearch/examples/microk8s/README.md index 161279cb3..487899d85 100644 --- a/elasticsearch/examples/microk8s/README.md +++ b/elasticsearch/examples/microk8s/README.md @@ -1,10 +1,12 @@ # MicroK8S -An example of configuration for deploying Elasticsearch chart on [MicroK8S][]. +This example deploy a 3 nodes Elasticsearch 7.7.0-SNAPSHOT cluster on [MicroK8S][] +using [custom values][]. Note that this configuration should be used for test only and isn't recommended for production. + ## Requirements The following MicroK8S [addons][] need to be enabled: @@ -12,5 +14,19 @@ The following MicroK8S [addons][] need to be enabled: - `helm` - `storage` + +## Usage + +* Deploy Elasticsearch chart with the default values: `make install` + +* You can now setup a port forward to query Elasticsearch API: + + ``` + kubectl port-forward svc/elasticsearch-master 9200 + curl localhost:9200/_cat/indices + ``` + + +[addons]: https://microk8s.io/docs/addons +[custom values]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/microk8s/values.yaml [MicroK8S]: https://microk8s.io -[Addons]: https://microk8s.io/docs/addons \ No newline at end of file diff --git a/elasticsearch/examples/minikube/README.md b/elasticsearch/examples/minikube/README.md new file mode 100644 index 000000000..08f4f4fc4 --- /dev/null +++ b/elasticsearch/examples/minikube/README.md @@ -0,0 +1,38 @@ +# Minikube + +This example deploy a 3 nodes Elasticsearch 7.7.0-SNAPSHOT cluster on [Minikube][] +using [custom values][]. + +If helm or kubectl timeouts occur, you may consider creating a minikube VM with +more CPU cores or memory allocated. + +Note that this configuration should be used for test only and isn't recommended +for production. + + +## Requirements + +In order to properly support the required persistent volume claims for the +Elasticsearch StatefulSet, the `default-storageclass` and `storage-provisioner` +minikube addons must be enabled. + +``` +minikube addons enable default-storageclass +minikube addons enable storage-provisioner +``` + + +## Usage + +* Deploy Elasticsearch chart with the default values: `make install` + +* You can now setup a port forward to query Elasticsearch API: + + ``` + kubectl port-forward svc/elasticsearch-master 9200 + curl localhost:9200/_cat/indices + ``` + + +[custom values]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/minikube/values.yaml +[minikube]: https://minikube.sigs.k8s.io/docs/ diff --git a/elasticsearch/examples/multi/README.md b/elasticsearch/examples/multi/README.md new file mode 100644 index 000000000..410391dbd --- /dev/null +++ b/elasticsearch/examples/multi/README.md @@ -0,0 +1,27 @@ +# Multi + +This example deploy an Elasticsearch 7.7.0-SNAPSHOT cluster composed of 2 different Helm +releases: + +- `helm-es-multi-master` for the 3 master nodes using [master values][] +- `helm-es-multi-data` for the 3 data nodes using [data values][] + +## Usage + +* Deploy the 2 Elasticsearch releases: `make install` + +* You can now setup a port forward to query Elasticsearch API: + + ``` + kubectl port-forward svc/multi-master 9200 + curl -u elastic:changeme http://localhost:9200/_cat/indices + ``` + +## Testing + +You can also run [goss integration tests][] using `make test` + + +[data values]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/multi/data.yaml +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/multi/test/goss.yaml +[master values]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/multi/master.yaml diff --git a/elasticsearch/examples/openshift/README.md b/elasticsearch/examples/openshift/README.md new file mode 100644 index 000000000..53a924a25 --- /dev/null +++ b/elasticsearch/examples/openshift/README.md @@ -0,0 +1,24 @@ +# OpenShift + +This example deploy a 3 nodes Elasticsearch 7.7.0-SNAPSHOT cluster on [OpenShift][] +using [custom values][]. + +## Usage + +* Deploy Elasticsearch chart with the default values: `make install` + +* You can now setup a port forward to query Elasticsearch API: + + ``` + kubectl port-forward svc/elasticsearch-master 9200 + curl localhost:9200/_cat/indices + ``` + +## Testing + +You can also run [goss integration tests][] using `make test` + + +[custom values]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/openshift/values.yaml +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/openshift/test/goss.yaml +[openshift]: https://www.openshift.com/ diff --git a/elasticsearch/examples/oss/README.md b/elasticsearch/examples/oss/README.md new file mode 100644 index 000000000..67a36b114 --- /dev/null +++ b/elasticsearch/examples/oss/README.md @@ -0,0 +1,23 @@ +# OSS + +This example deploy a 3 nodes Elasticsearch 7.7.0-SNAPSHOT cluster using +[Elasticsearch OSS][] version. + +## Usage + +* Deploy Elasticsearch chart with the default values: `make install` + +* You can now setup a port forward to query Elasticsearch API: + + ``` + kubectl port-forward svc/oss-master 9200 + curl localhost:9200/_cat/indices + ``` + +## Testing + +You can also run [goss integration tests][] using `make test` + + +[elasticsearch oss]: https://www.elastic.co/downloads/elasticsearch-oss +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/oss/test/goss.yaml diff --git a/elasticsearch/examples/security/README.md b/elasticsearch/examples/security/README.md new file mode 100644 index 000000000..1fdcf0d94 --- /dev/null +++ b/elasticsearch/examples/security/README.md @@ -0,0 +1,29 @@ +# Security + +This example deploy a 3 nodes Elasticsearch 7.7.0-SNAPSHOT with authentication and +autogenerated certificates for TLS (see [values][]). + +Note that this configuration should be used for test only. For a production +deployment you should generate SSL certificates following the [official docs][]. + +## Usage + +* Create the required secrets: `make secrets` + +* Deploy Elasticsearch chart with the default values: `make install` + +* You can now setup a port forward to query Elasticsearch API: + + ``` + kubectl port-forward svc/security-master 9200 + curl -u elastic:changeme https://localhost:9200/_cat/indices + ``` + +## Testing + +You can also run [goss integration tests][] using `make test` + + +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/security/test/goss.yaml +[official docs]: https://www.elastic.co/guide/en/elasticsearch/reference/7.7/configuring-tls.html#node-certificates +[values]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/security/security.yaml diff --git a/elasticsearch/examples/upgrade/README.md b/elasticsearch/examples/upgrade/README.md new file mode 100644 index 000000000..28cdb46e9 --- /dev/null +++ b/elasticsearch/examples/upgrade/README.md @@ -0,0 +1,19 @@ +# Upgrade + +This example deploy a 3 nodes Elasticsearch cluster using [7.0.0-alpha1][] chart +version, then upgrade it to 7.7.0-SNAPSHOT version. + + +## Usage + +Running `make install` command will do both 7.0.0-alpha1 install and 7.7.0-SNAPSHOT +upgrade + + +## Testing + +You can also run [goss integration tests][] using `make test` + + +[7.0.0-alpha1]: https://github.com/elastic/helm-charts/releases/tag/7.0.0-alpha1 +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/upgrade/test/goss.yaml diff --git a/elasticsearch/values.yaml b/elasticsearch/values.yaml index a4de388a8..1f7b0bab3 100755 --- a/elasticsearch/values.yaml +++ b/elasticsearch/values.yaml @@ -204,7 +204,7 @@ readinessProbe: successThreshold: 3 timeoutSeconds: 5 -# https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-health.html#request-params wait_for_status +# https://www.elastic.co/guide/en/elasticsearch/reference/7.7/cluster-health.html#request-params wait_for_status clusterHealthCheckParams: "wait_for_status=green&timeout=1s" ## Use an alternate scheduler. diff --git a/filebeat/README.md b/filebeat/README.md index 98e2047eb..11ae6a9cd 100644 --- a/filebeat/README.md +++ b/filebeat/README.md @@ -10,8 +10,10 @@ - [Upgrading](#upgrading) - [Usage notes](#usage-notes) - [Configuration](#configuration) -- [Examples](#examples) - - [Default](#default) +- [FAQ](#faq) + - [How to use Filebeat with Elasticsearch with security (authentication and TLS) enabled?](#how-to-use-filebeat-with-elasticsearch-with-security-authentication-and-tls-enabled) + - [How to install OSS version of Filebeat?](#how-to-install-oss-version-of-filebeat) + - [Why is Filebeat host.name field set to Kubernetes pod name?](#why-is-filebeat-hostname-field-set-to-kubernetes-pod-name) - [Contributing](#contributing) @@ -84,6 +86,8 @@ pods on the same node isn't possible with `hostNetwork` However Filebeat does recommend activating it. If your kubernetes provider is compatible with `hostNetwork` and you don't need to run multiple Filebeat DaemonSets, you can activate it by setting `hostNetworking: true` in [values.yaml][]. +* This repo includes a number of [examples][] configurations which can be used +as a reference. They are also used in the automated testing of this chart. ## Configuration @@ -122,28 +126,36 @@ activate it by setting `hostNetworking: true` in [values.yaml][]. | `updateStrategy` | The [updateStrategy][] for the `DaemonSet`. By default Kubernetes will kill and recreate pods on updates. Setting this to `OnDelete` will require that pods be deleted manually | `RollingUpdate` | -## Examples +## FAQ -In [examples][] you will find some example configurations. These examples are -used for the automated testing of this Helm chart. +### How to use Filebeat with Elasticsearch with security (authentication and TLS) enabled? -### Default +This Helm chart can use existing [Kubernetes secrets][] to setup +credentials or certificates for examples. These secrets should be created +outside of this chart and accessed using [environment variables][] and volumes. -* Deploy the [default Filebeat Helm chart][]. -* Deploy Filebeat with the default values: +An example can be found in [examples/security][]. - ``` - cd examples/default - make - ``` +### How to install OSS version of Filebeat? -* You can now setup a port forward for Filebeat to observe Filebeat -indices: +Deploying OSS version of Elasticsearch can be done by setting `image` value to +[Filebeat OSS Docker image][] - ``` - kubectl port-forward svc/filebeat-master 9200 - curl localhost:9200/_cat/indices - ``` +An example of Filebeat deployment using OSS version can be found in +[examples/oss][]. + +### Why is Filebeat host.name field set to Kubernetes pod name? + +The default Filebeat configuration is using Filebeat pod name for +`agent.hostname` and `host.name` fields. The `hostname` of the Kubernetes nodes +can be find in `kubernetes.node.name` field. If you would like to have +`agent.hostname` and `host.name` fields set to the hostname of the nodes, you'll +need to set `daemonset.hostNetworking` value to true. + +Note that enabling [hostNetwork][] make Filebeat pod use the host network +namespace which gives it access to the host loopback device, services listening +on localhost, could be used to snoop on network activity of other pods on the +same node. ## Contributing @@ -159,13 +171,18 @@ about our development and testing process. [annotations]: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ [default Filebeat Helm chart]: https://github.com/elastic/helm-charts/tree/7.7/filebeat/README.md#default [environment variables]: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config +[environment from variables]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables [examples]: https://github.com/elastic/helm-charts/tree/7.7/filebeat/examples -[filebeat docker image]: https://www.elastic.co/guide/en/beats/filebeat/current/running-on-docker.html +[examples/oss]: https://github.com/elastic/helm-charts/tree/7.7/filebeat/examples/oss +[examples/security]: https://github.com/elastic/helm-charts/tree/7.7/filebeat/examples/security +[filebeat docker image]: https://www.elastic.co/guide/en/beats/filebeat/7.7/running-on-docker.html +[filebeat oss docker image]: https://www.docker.elastic.co/#filebeat-7-7-0-oss [helm]: https://helm.sh [hostNetwork]: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#host-namespaces [hostPath]: https://kubernetes.io/docs/concepts/storage/volumes/#hostpath [imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images [imagePullSecrets]: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret +[kubernetes secrets]: https://kubernetes.io/docs/concepts/configuration/secret/ [labels]: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ [parent readme]: https://github.com/elastic/helm-charts/tree/7.7/README.md [nodeSelector]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector diff --git a/filebeat/examples/default/README.md b/filebeat/examples/default/README.md new file mode 100644 index 000000000..aee7abde5 --- /dev/null +++ b/filebeat/examples/default/README.md @@ -0,0 +1,27 @@ +# Default + +This example deploy Filebeat 7.7.0-SNAPSHOT using [default values][]. + + +## Usage + +* Deploy [Elasticsearch Helm chart][]. + +* Deploy Filebeat chart with the default values: `make install` + +* You can now setup a port forward to query Filebeat indices: + + ``` + kubectl port-forward svc/elasticsearch-master 9200 + curl localhost:9200/_cat/indices + ``` + + +## Testing + +You can also run [goss integration tests][] using `make test` + + +[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/default/ +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/filebeat/examples/default/test/goss.yaml +[default values]: https://github.com/elastic/helm-charts/tree/7.7/filebeat/values.yaml diff --git a/filebeat/examples/oss/README.md b/filebeat/examples/oss/README.md new file mode 100644 index 000000000..b964ab23a --- /dev/null +++ b/filebeat/examples/oss/README.md @@ -0,0 +1,27 @@ +# OSS + +This example deploy Filebeat 7.7.0-SNAPSHOT using [Filebeat OSS][] version. + + +## Usage + +* Deploy [Elasticsearch Helm chart][]. + +* Deploy Filebeat chart with the default values: `make install` + +* You can now setup a port forward to query Filebeat indices: + + ``` + kubectl port-forward svc/oss-master 9200 + curl localhost:9200/_cat/indices + ``` + + +## Testing + +You can also run [goss integration tests][] using `make test` + + +[filebeat oss]: https://www.elastic.co/downloads/beats/filebeat-oss +[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/oss/ +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/filebeat/examples/oss/test/goss.yaml diff --git a/filebeat/examples/security/README.md b/filebeat/examples/security/README.md new file mode 100644 index 000000000..c88e277ca --- /dev/null +++ b/filebeat/examples/security/README.md @@ -0,0 +1,28 @@ +# Security + +This example deploy Filebeat 7.7.0-SNAPSHOT using authentication and TLS to connect to +Elasticsearch (see [values][]). + + +## Usage + +* Deploy [Elasticsearch Helm chart][]. + +* Deploy Filebeat chart with security: `make install` + +* You can now setup a port forward to query Filebeat indices: + + ``` + kubectl port-forward svc/security-master 9200 + curl -u elastic:changeme https://localhost:9200/_cat/indices + ``` + + +## Testing + +You can also run [goss integration tests][] using `make test` + + +[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/security/ +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/filebeat/examples/security/test/goss.yaml +[values]: https://github.com/elastic/helm-charts/tree/7.7/filebeat/examples/security/values.yaml diff --git a/kibana/README.md b/kibana/README.md index ebb79db5d..8eaca9a39 100644 --- a/kibana/README.md +++ b/kibana/README.md @@ -8,13 +8,15 @@ - [Using Helm repository](#using-helm-repository) - [Using the 7.7 branch](#using-the-77-branch) - [Upgrading](#upgrading) +- [Usage notes](#usage-notes) - [Configuration](#configuration) - [Deprecated](#deprecated) -- [Examples](#examples) - - [Default](#default) - - [Security](#security) - [FAQ](#faq) + - [How to deploy this chart on a specific K8S distribution?](#how-to-deploy-this-chart-on-a-specific-k8s-distribution) + - [How to use Kibana with security (authentication and TLS) enabled?](#how-to-use-kibana-with-security-authentication-and-tls-enabled) + - [How to install OSS version of Kibana?](#how-to-install-oss-version-of-kibana) - [How to install plugins?](#how-to-install-plugins) + - [How to import objects post-deployment?](#how-to-import-objects-post-deployment) - [Contributing](#contributing) @@ -69,6 +71,15 @@ Please always check [CHANGELOG.md][] and [BREAKING_CHANGES.md][] before upgrading to a new chart version. +## Usage notes + +* Automated testing of this chart is currently only run against GKE (Google +Kubernetes Engine). + +* This repo includes a number of [examples][] configurations which can be used +as a reference. They are also used in the automated testing of this chart. + + ## Configuration | Parameter | Description | Default | @@ -89,7 +100,7 @@ upgrading to a new chart version. | `ingress` | Configurable [ingress][] to expose the Kibana service. | see [values.yaml][] | | `kibanaConfig` | Allows you to add any config files in `/usr/share/kibana/config/` such as `kibana.yml` See [values.yaml][] for an example of the formatting | `{}` | | `labels` | Configurable [labels][] applied to all Kibana pods | `{}` | -| `lifecycle` | Allows you to add lifecycle configuration. See [values.yaml][] for an example of the formatting | `{}` | +| `lifecycle` | Allows you to add [lifecycle hooks][]. See [values.yaml][] for an example of the formatting | `{}` | | `nameOverride` | Overrides the chart name for resources. If not set the name will default to `.Chart.Name` | `""` | | `nodeSelector` | Configurable [nodeSelector][] so that you can target specific nodes for your Kibana instances | `{}` | | `podAnnotations` | Configurable [annotations][] applied to all Kibana pods | `{}` | @@ -114,55 +125,32 @@ upgrading to a new chart version. | `elasticsearchURL` | The URL used to connect to Elasticsearch. needs to be used for Kibana versions < 6.6 | `""` | -## Examples - -In [examples][] you will find some example configurations. These examples are -used for the automated testing of this Helm chart. - -### Default - -* Deploy the [default Elasticsearch Helm chart][]. -* Deploy Kibana with the default values: - - ``` - cd examples/default - make - ``` - -* You can now setup a port forward and access Kibana at http://localhost:5601: +## FAQ - ``` - kubectl port-forward deployment/helm-kibana-default-kibana 5601 - ``` +### How to deploy this chart on a specific K8S distribution? -### Security +This chart is highly tested with [GKE][], but some K8S distribution also +requires specific configurations. -* Deploy a [security enabled Elasticsearch cluster][]. -* Deploy Kibana with the security example: +We provide examples of configuration for the following K8S providers: - ``` - cd examples/security - make - ``` +- [OpenShift][] -* Setup a port forward and access Kibana at https://localhost:5601: +### How to use Kibana with security (authentication and TLS) enabled? - ``` - # Setup the port forward - kubectl port-forward deployment/helm-kibana-security-kibana 5601 +This Helm chart can use existing [Kubernetes secrets][] to setup +credentials or certificates for examples. These secrets should be created +outside of this chart and accessed using [environment variables][] and volumes. - # Run this in a seperate terminal - # Get the auto generated password - password=$(kubectl get secret elastic-credentials -o jsonpath='{.data.password}' | base64 --decode) - echo password +An example can be found in [examples/security][]. - # Test Kibana is working with curl or access it with your browser at https://localhost:5601 - # The example certificate is self signed so you may see a warning about the certificate - curl -I -k -u elastic:$password https://localhost:5601/app/kibana - ``` +### How to install OSS version of Kibana? +Deploying OSS version of Elasticsearch can be done by setting `image` value to +[kibana OSS Docker image][] -## FAQ +An example of APM Server deployment using OSS version can be found in +[examples/oss][]. ### How to install plugins? @@ -189,6 +177,29 @@ random times. 2. Mutating the state of a running Docker image (by installing plugins) goes against best practices of containers and immutable infrastructure. +### How to import objects post-deployment? + +You can use `postStart` [lifecycle hooks][] to run code triggered after a +container is created. + +Here is an example of `postStart` hook to import an index-pattern and a +dashboard: + +```yaml +lifecycle: + postStart: + exec: + command: + - bash + - -c + - | + #!/bin/bash + # Import a dashboard + KB_URL=http://localhost:5601 + while [[ "$(curl -s -o /dev/null -w '%{http_code}\n' -L $KB_URL)" != "200" ]]; do sleep 1; done + curl -XPOST "$KB_URL/api/kibana/dashboards/import" -H "Content-Type: application/json" -H 'kbn-xsrf: true' -d'"objects":[{"type":"index-pattern","id":"my-pattern","attributes":{"title":"my-pattern-*"}},{"type":"dashboard","id":"my-dashboard","attributes":{"title":"Look at my dashboard"}}]}' +``` + ## Contributing @@ -199,27 +210,35 @@ about our development and testing process. [BREAKING_CHANGES.md]: https://github.com/elastic/helm-charts/blob/master/BREAKING_CHANGES.md [CHANGELOG.md]: https://github.com/elastic/helm-charts/blob/master/CHANGELOG.md [CONTRIBUTING.md]: https://github.com/elastic/helm-charts/blob/master/CONTRIBUTING.md +[affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity [annotations]: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ [default elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/README.md#default [environment variables]: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config -[kibana docker image]: https://www.elastic.co/guide/en/kibana/current/docker.html +[environment from variables]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables [examples]: https://github.com/elastic/helm-charts/tree/7.7/kibana/examples +[examples/oss]: https://github.com/elastic/helm-charts/tree/7.7/kibana/examples/oss +[examples/security]: https://github.com/elastic/helm-charts/tree/7.7/kibana/examples/security [helm]: https://helm.sh [imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images [imagePullSecrets]: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret [ingress]: https://kubernetes.io/docs/concepts/services-networking/ingress/ +[kibana docker image]: https://www.elastic.co/guide/en/kibana/7.7/docker.html +[kibana oss docker image]: https://www.docker.elastic.co/#kibana-7-7-0-oss +[kubernetes secrets]: https://kubernetes.io/docs/concepts/configuration/secret/ [labels]: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ +[lifecycle hooks]: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/ [nodeSelector]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector +[openshift]: https://github.com/elastic/helm-charts/tree/7.7/kibana/examples/openshift [parent readme]: https://github.com/elastic/helm-charts/tree/7.7/README.md [priorityClass]: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass [probe]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ [resources]: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ [security enabled elasticsearch cluster]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/README.md#security [securityContext]: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod -[server.host]: https://www.elastic.co/guide/en/kibana/current/settings.html +[server.host]: https://www.elastic.co/guide/en/kibana/7.7/settings.html [service]: https://kubernetes.io/docs/concepts/services-networking/service/ [serviceAccount]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ -[standard upgrade]: https://www.elastic.co/guide/en/kibana/current/upgrade-standard.html +[standard upgrade]: https://www.elastic.co/guide/en/kibana/7.7/upgrade-standard.html [tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ [updateStrategy]: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#updating-a-deployment [values.yaml]: https://github.com/elastic/helm-charts/tree/7.7/kibana/values.yaml diff --git a/kibana/examples/default/README.md b/kibana/examples/default/README.md new file mode 100644 index 000000000..b06e0188e --- /dev/null +++ b/kibana/examples/default/README.md @@ -0,0 +1,27 @@ +# Default + +This example deploy Kibana 7.7.0-SNAPSHOT using [default values][]. + + +## Usage + +* Deploy [Elasticsearch Helm chart][]. + +* Deploy Kibana chart with the default values: `make install` + +* You can now setup a port forward to query Kibana indices: + + ``` + kubectl port-forward svc/elasticsearch-master 9200 + curl localhost:9200/_cat/indices + ``` + + +## Testing + +You can also run [goss integration tests][] using `make test` + + +[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/default/ +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/kibana/examples/default/test/goss.yaml +[default values]: https://github.com/elastic/helm-charts/tree/7.7/kibana/values.yaml diff --git a/kibana/examples/openshift/README.md b/kibana/examples/openshift/README.md new file mode 100644 index 000000000..d8eefbb54 --- /dev/null +++ b/kibana/examples/openshift/README.md @@ -0,0 +1,26 @@ +# OpenShift + +This example deploy Kibana 7.7.0-SNAPSHOT on [OpenShift][] using [custom values][]. + +## Usage + +* Deploy [Elasticsearch Helm chart][]. + +* Deploy Kibana chart with the default values: `make install` + +* You can now setup a port forward to query Elasticsearch API: + + ``` + kubectl port-forward svc/elasticsearch-master 9200 + curl localhost:9200/_cat/indices + ``` + +## Testing + +You can also run [goss integration tests][] using `make test` + + +[custom values]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/openshift/values.yaml +[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/openshift/ +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/openshift/test/goss.yaml +[openshift]: https://www.openshift.com/ diff --git a/kibana/examples/oss/README.md b/kibana/examples/oss/README.md new file mode 100644 index 000000000..a4d5896ff --- /dev/null +++ b/kibana/examples/oss/README.md @@ -0,0 +1,27 @@ +# OSS + +This example deploy Kibana 7.7.0-SNAPSHOT using [Kibana OSS][] version. + + +## Usage + +* Deploy [Elasticsearch Helm chart][]. + +* Deploy Kibana chart with the default values: `make install` + +* You can now setup a port forward to query Kibana indices: + + ``` + kubectl port-forward svc/oss-master 9200 + curl localhost:9200/_cat/indices + ``` + + +## Testing + +You can also run [goss integration tests][] using `make test` + + +[kibana oss]: https://www.elastic.co/downloads/kibana-oss +[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/oss/ +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/kibana/examples/oss/test/goss.yaml diff --git a/kibana/examples/security/README.md b/kibana/examples/security/README.md new file mode 100644 index 000000000..e54c091e6 --- /dev/null +++ b/kibana/examples/security/README.md @@ -0,0 +1,28 @@ +# Security + +This example deploy Kibana 7.7.0-SNAPSHOT using authentication and TLS to connect to +Elasticsearch (see [values][]). + + +## Usage + +* Deploy [Elasticsearch Helm chart][]. + +* Deploy Kibana chart with security: `make install` + +* You can now setup a port forward to query Kibana indices: + + ``` + kubectl port-forward svc/security-master 9200 + curl -u elastic:changeme https://localhost:9200/_cat/indices + ``` + + +## Testing + +You can also run [goss integration tests][] using `make test` + + +[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/security/ +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/kibana/examples/security/test/goss.yaml +[values]: https://github.com/elastic/helm-charts/tree/7.7/kibana/examples/security/security.yaml diff --git a/logstash/README.md b/logstash/README.md index 4000b5668..d2f6686fb 100644 --- a/logstash/README.md +++ b/logstash/README.md @@ -10,9 +10,8 @@ - [Upgrading](#upgrading) - [Usage notes](#usage-notes) - [Configuration](#configuration) -- [Try it out](#try-it-out) - - [Default](#default) - [FAQ](#faq) + - [How to install OSS version of Logstash?](#how-to-install-oss-version-of-logstash) - [How to install plugins?](#how-to-install-plugins) - [Contributing](#contributing) @@ -145,22 +144,15 @@ using `http.host: 127.0.0.1`, default probes should be disabled or overrided | `volumeClaimTemplate` | Configuration for the [volumeClaimTemplate for StatefulSets][]. You will want to adjust the storage (default `30Gi` ) and the `storageClassName` if you are using a different storage class | see [values.yaml][] | -## Try it out - -In [examples][] you will find some example configurations. These examples are -used for the automated testing of this Helm chart. +## FAQ -### Default +### How to install OSS version of Logstash? -To deploy a cluster with all default values and run the integration tests: +Deploying OSS version of Elasticsearch can be done by setting `image` value to +[Logstash OSS Docker image][] -``` -cd examples/default -make -``` - - -## FAQ +An example of APM Server deployment using OSS version can be found in +[examples/oss][]. ### How to install plugins? @@ -200,26 +192,30 @@ about our development and testing process. [annotations]: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ [anti-affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity [deploys statefulsets serially]: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-management-policies -[custom docker image]: https://www.elastic.co/guide/en/logstash/current/docker-config.html#_custom_images +[custom docker image]: https://www.elastic.co/guide/en/logstash/7.7/docker-config.html#_custom_images [environment variables]: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config +[environment from variables]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables [examples]: https://github.com/elastic/helm-charts/tree/7.7/logstash/examples +[examples/oss]: https://github.com/elastic/helm-charts/tree/7.7/logstash/examples/oss [helm]: https://helm.sh [imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images [imagePullSecrets]: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret +[kubernetes secrets]: https://kubernetes.io/docs/concepts/configuration/secret/ [labels]: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ -[logstash docker image]: https://www.elastic.co/guide/en/logstash/current/docker.html +[logstash docker image]: https://www.elastic.co/guide/en/logstash/7.7/docker.html +[logstash oss docker image]: https://www.docker.elastic.co/#logstash-7-7-0-oss [maxUnavailable]: https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget [node affinity settings]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#node-affinity-beta-feature [nodeSelector]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector -[note]: https://www.elastic.co/guide/en/logstash/current/docker-config.html#docker-env-config +[note]: https://www.elastic.co/guide/en/logstash/7.7/docker-config.html#docker-env-config [parent readme]: https://github.com/elastic/helm-charts/tree/7.7/README.md [priorityClass]: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass [probe]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ [resources]: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ [updateStrategy]: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/ [securityContext]: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod +[service]: https://kubernetes.io/docs/concepts/services-networking/service/ [terminationGracePeriod]: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods [tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ [values.yaml]: https://github.com/elastic/helm-charts/tree/7.7/logstash/values.yaml -[updateStrategy]: https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#updating-statefulsets [volumeClaimTemplate for statefulsets]: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#stable-storage diff --git a/logstash/examples/default/README.md b/logstash/examples/default/README.md new file mode 100644 index 000000000..ba2fa62cf --- /dev/null +++ b/logstash/examples/default/README.md @@ -0,0 +1,17 @@ +# Default + +This example deploy Logstash 7.7.0-SNAPSHOT using [default values][]. + + +## Usage + +* Deploy Logstash chart with the default values: `make install` + + +## Testing + +You can also run [goss integration tests][] using `make test` + + +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/logstash/examples/default/test/goss.yaml +[default values]: https://github.com/elastic/helm-charts/tree/7.7/logstash/values.yaml diff --git a/logstash/examples/elasticsearch/README.md b/logstash/examples/elasticsearch/README.md new file mode 100644 index 000000000..58d9850e9 --- /dev/null +++ b/logstash/examples/elasticsearch/README.md @@ -0,0 +1,28 @@ +# Elasticsearch + +This example deploy Logstash 7.7.0-SNAPSHOT which connects to Elasticsearch (see +[values][]). + + +## Usage + +* Deploy [Elasticsearch Helm chart][]. + +* Deploy Logstash chart: `make install` + +* You can now setup a port forward to query Logstash indices: + + ``` + kubectl port-forward svc/elasticsearch-master 9200 + curl localhost:9200/_cat/indices + ``` + + +## Testing + +You can also run [goss integration tests][] using `make test` + + +[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/default/ +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/logstash/examples/elasticsearch/test/goss.yaml +[values]: https://github.com/elastic/helm-charts/tree/7.7/logstash/examples/elasticsearch/values.yaml diff --git a/logstash/examples/oss/README.md b/logstash/examples/oss/README.md new file mode 100644 index 000000000..8350847e6 --- /dev/null +++ b/logstash/examples/oss/README.md @@ -0,0 +1,17 @@ +# OSS + +This example deploy Logstash 7.7.0-SNAPSHOT using [Logstash OSS][] version. + + +## Usage + +* Deploy Logstash chart with the default values: `make install` + + +## Testing + +You can also run [goss integration tests][] using `make test` + + +[logstash oss]: https://www.elastic.co/downloads/logstash-oss +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/logstash/examples/oss/test/goss.yaml diff --git a/metricbeat/README.md b/metricbeat/README.md index 1febca509..bc305a4e1 100644 --- a/metricbeat/README.md +++ b/metricbeat/README.md @@ -8,10 +8,14 @@ - [Using Helm repository](#using-helm-repository) - [Using the 7.7 branch](#using-the-77-branch) - [Upgrading](#upgrading) +- [Usage notes](#usage-notes) - [Configuration](#configuration) - [Deprecated](#deprecated) -- [Examples](#examples) - - [Default](#default) +- [FAQ](#faq) + - [How to use Metricbeat with Elasticsearch with security (authentication and TLS) enabled?](#how-to-use-metricbeat-with-elasticsearch-with-security-authentication-and-tls-enabled) + - [How to install OSS version of Metricbeat?](#how-to-install-oss-version-of-metricbeat) + - [How to use Kubelet read-only port instead of secure port?](#how-to-use-kubelet-read-only-port-instead-of-secure-port) + - [Why is Metricbeat host.name field set to Kubernetes pod name?](#why-is-metricbeat-hostname-field-set-to-kubernetes-pod-name) - [Contributing](#contributing) @@ -66,6 +70,25 @@ Please always check [CHANGELOG.md][] and [BREAKING_CHANGES.md][] before upgrading to a new chart version. +## Usage notes + +* The default Metricbeat configuration file for this chart is configured to use +an Elasticsearch endpoint. Without any additional changes, Metricbeat will send +documents to the service URL that the Elasticsearch Helm chart sets up by +default. You may either set the `ELASTICSEARCH_HOSTS` environment variable in +`extraEnvs` to override this endpoint or modify the default `metricbeatConfig` +to change this behavior. +* This chart disables the [HostNetwork][] setting by default for compatibility +reasons with the majority of kubernetes providers and scenarios. Some kubernetes +providers may not allow enabling `hostNetwork` and deploying multiple Metricbeat +pods on the same node isn't possible with `hostNetwork` However Metricbeat does +recommend activating it. If your kubernetes provider is compatible with +`hostNetwork` and you don't need to run multiple Metricbeat DaemonSets, you can +activate it by setting `hostNetworking: true` in [values.yaml][]. +* This repo includes a number of [examples][] configurations which can be used +as a reference. They are also used in the automated testing of this chart. + + ## Configuration | Parameter | Description | Default | @@ -131,28 +154,48 @@ upgrading to a new chart version. | `tolerations` | Configurable [tolerations][] for both Metricbeat DaemonSet and Deployment | `[]` | -## Examples +## FAQ + +### How to use Metricbeat with Elasticsearch with security (authentication and TLS) enabled? + +This Helm chart can use existing [Kubernetes secrets][] to setup +credentials or certificates for examples. These secrets should be created +outside of this chart and accessed using [environment variables][] and volumes. + +An example can be found in [examples/security][]. + +### How to install OSS version of Metricbeat? + +Deploying OSS version of Elasticsearch can be done by setting `image` value to +[Metricbeat OSS Docker image][] + +An example of Metricbeat deployment using OSS version can be found in +[examples/oss][]. -In [examples][] you will find some example configurations. These examples are -used for the automated testing of this Helm chart. +### How to use Kubelet read-only port instead of secure port? -### Default +Default Metricbeat configuration has been switched to Kubelet secure port +(10250/TCP) instead of read-only port (10255/TCP) in [#471][] because read-only +port usage is now discouraged and not enabled by default in most Kubernetes +configurations. -* Deploy the [default Elasticsearch Helm chart][]. -* Deploy Metricbeat with the default values: +However, if you need to use read-only port, you can replace +`hosts: ["https://${NODE_NAME}:10250"]` by `hosts: ["${NODE_NAME}:10255"]` and +comment `bearer_token_file` and `ssl.verification_mode` in +`daemonset.metricbeatConfig` in [values.yaml][]. - ``` - cd examples/default - make - ``` +### Why is Metricbeat host.name field set to Kubernetes pod name? -* You can now setup a port forward for Elasticsearch to observe Metricbeat -indices: +The default Metricbeat configuration is using Metricbeat pod name for +`agent.hostname` and `host.name` fields. The `hostname` of the Kubernetes nodes +can be find in `kubernetes.node.name` field. If you would like to have +`agent.hostname` and `host.name` fields set to the hostname of the nodes, you'll +need to set `daemonset.hostNetworking` value to true. - ``` - kubectl port-forward svc/elasticsearch-master 9200 - curl localhost:9200/_cat/indices - ``` +Note that enabling [hostNetwork][] make Metricbeat pod use the host network +namespace which gives it access to the host loopback device, services listening +on localhost, could be used to snoop on network activity of other pods on the +same node. ## Contributing @@ -171,13 +214,17 @@ about our development and testing process. [environment variables]: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config [environment from variables]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables [examples]: https://github.com/elastic/helm-charts/tree/7.7/metricbeat/examples +[examples/oss]: https://github.com/elastic/helm-charts/tree/7.7/metricbeat/examples/oss +[examples/security]: https://github.com/elastic/helm-charts/tree/7.7/metricbeat/examples/security [helm]: https://helm.sh [hostPath]: https://kubernetes.io/docs/concepts/storage/volumes/#hostpath +[hostNetwork]: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#host-namespaces [imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images [imagePullSecrets]: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret [kube-state-metrics]: https://github.com/helm/charts/tree/7.7/stable/kube-state-metrics +[kubernetes secrets]: https://kubernetes.io/docs/concepts/configuration/secret/ [labels]: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ -[metricbeat docker image]: https://www.elastic.co/guide/en/beats/metricbeat/current/running-on-docker.html +[metricbeat docker image]: https://www.elastic.co/guide/en/beats/metricbeat/7.7/running-on-docker.html [priorityClass]: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass [nodeSelector]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector [parent readme]: https://github.com/elastic/helm-charts/tree/7.7/README.md diff --git a/metricbeat/examples/oss/README.md b/metricbeat/examples/oss/README.md new file mode 100644 index 000000000..c8b8ee916 --- /dev/null +++ b/metricbeat/examples/oss/README.md @@ -0,0 +1,27 @@ +# OSS + +This example deploy Metricbeat 7.7.0-SNAPSHOT using [Metricbeat OSS][] version. + + +## Usage + +* Deploy [Elasticsearch Helm chart][]. + +* Deploy Metricbeat chart with the default values: `make install` + +* You can now setup a port forward to query Metricbeat indices: + + ``` + kubectl port-forward svc/oss-master 9200 + curl localhost:9200/_cat/indices + ``` + + +## Testing + +You can also run [goss integration tests][] using `make test` + + +[metricbeat oss]: https://www.elastic.co/downloads/beats/metricbeat-oss +[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/oss/ +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/metricbeat/examples/oss/test/goss.yaml diff --git a/metricbeat/examples/security/README.md b/metricbeat/examples/security/README.md new file mode 100644 index 000000000..8268e1e1f --- /dev/null +++ b/metricbeat/examples/security/README.md @@ -0,0 +1,28 @@ +# Security + +This example deploy Metricbeat 7.7.0-SNAPSHOT using authentication and TLS to connect to +Elasticsearch (see [values][]). + + +## Usage + +* Deploy [Elasticsearch Helm chart][]. + +* Deploy Metricbeat chart with security: `make install` + +* You can now setup a port forward to query Metricbeat indices: + + ``` + kubectl port-forward svc/security-master 9200 + curl -u elastic:changeme https://localhost:9200/_cat/indices + ``` + + +## Testing + +You can also run [goss integration tests][] using `make test` + + +[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/security/ +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/metricbeat/examples/security/test/goss.yaml +[values]: https://github.com/elastic/helm-charts/tree/7.7/metricbeat/examples/security/values.yaml From 1c63c355752626d01a5ace0b0b52165cf185216f Mon Sep 17 00:00:00 2001 From: Julien Mailleret Date: Wed, 29 Apr 2020 07:35:21 +0200 Subject: [PATCH 022/151] [meta] bump version on examples readme (#601) --- helpers/bumper.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/helpers/bumper.py b/helpers/bumper.py index f9baaa85b..03dee561a 100755 --- a/helpers/bumper.py +++ b/helpers/bumper.py @@ -27,6 +27,7 @@ file_patterns = [ "*/examples/*/*.y*ml", + "*/examples/*/README.md", "helpers/examples.mk", "*/README.md", "*/values.y*ml", @@ -38,7 +39,9 @@ # Anything matching this regex won't have version bumps changed # This was happening because strings like 127.0.0.1 match for 7.0.0 -blacklist = re.compile(r".*127.0.0.1.*") +# "7.0.0-alpha1" is also used in elasticsearch upgrade test and so shouldn't +# been bump +blacklist = re.compile(r".*127.0.0.1.*|.*7.0.0-alpha1.*") print("Updating versions...") From 847b5259901b36105ac40e5f911083abbec9dc26 Mon Sep 17 00:00:00 2001 From: Julien Mailleret Date: Tue, 5 May 2020 17:48:28 +0200 Subject: [PATCH 023/151] initiate 7.x branch (#605) This commit initiates the 6.8 branch which will be dedicated to the 7.x.x releases for the Helm Charts. It will allow to: - test this branch with the daily Stack Docker images 7.8.0-SNAPSHOT via dedicated Jenkins jobs - test the staging 7.8.x Docker images before a release This branch is based on https://github.com/elastic/helm-charts/tree/7.7/ which was initiated in #541. Also related to #602. --- .../elastic+helm-charts+{branch}+staging.yml | 2 +- CONTRIBUTING.md | 8 +- README.md | 20 ++--- apm-server/Chart.yaml | 4 +- apm-server/README.md | 30 +++---- apm-server/examples/default/README.md | 8 +- apm-server/examples/default/test/goss.yaml | 2 +- apm-server/examples/oss/README.md | 6 +- apm-server/examples/oss/test/goss.yaml | 2 +- apm-server/examples/security/README.md | 8 +- apm-server/examples/security/test/goss.yaml | 2 +- apm-server/values.yaml | 2 +- elasticsearch/Chart.yaml | 4 +- elasticsearch/README.md | 86 +++++++++---------- elasticsearch/examples/config/README.md | 6 +- elasticsearch/examples/default/README.md | 6 +- elasticsearch/examples/default/test/goss.yaml | 2 +- .../examples/docker-for-mac/README.md | 4 +- .../examples/kubernetes-kind/README.md | 6 +- elasticsearch/examples/microk8s/README.md | 4 +- elasticsearch/examples/migration/README.md | 4 +- elasticsearch/examples/minikube/README.md | 4 +- elasticsearch/examples/multi/README.md | 8 +- elasticsearch/examples/openshift/README.md | 6 +- .../examples/openshift/test/goss.yaml | 2 +- elasticsearch/examples/oss/README.md | 4 +- elasticsearch/examples/oss/test/goss.yaml | 2 +- elasticsearch/examples/security/README.md | 8 +- elasticsearch/examples/upgrade/README.md | 6 +- elasticsearch/examples/upgrade/test/goss.yaml | 2 +- elasticsearch/values.yaml | 4 +- filebeat/Chart.yaml | 4 +- filebeat/README.md | 32 +++---- filebeat/examples/default/README.md | 8 +- filebeat/examples/default/test/goss.yaml | 4 +- filebeat/examples/oss/README.md | 6 +- filebeat/examples/oss/test/goss.yaml | 2 +- filebeat/examples/security/README.md | 8 +- filebeat/examples/security/test/goss.yaml | 2 +- filebeat/templates/daemonset.yaml | 2 +- filebeat/values.yaml | 4 +- helpers/bumper.py | 2 +- helpers/examples.mk | 3 +- kibana/Chart.yaml | 4 +- kibana/README.md | 40 ++++----- kibana/examples/default/README.md | 8 +- kibana/examples/default/test/goss.yaml | 2 +- kibana/examples/openshift/README.md | 8 +- kibana/examples/oss/README.md | 6 +- kibana/examples/security/README.md | 8 +- kibana/values.yaml | 2 +- logstash/Chart.yaml | 4 +- logstash/README.md | 32 +++---- logstash/examples/default/README.md | 6 +- logstash/examples/default/test/goss.yaml | 2 +- logstash/examples/elasticsearch/README.md | 8 +- .../examples/elasticsearch/test/goss.yaml | 2 +- logstash/examples/oss/README.md | 4 +- logstash/examples/oss/test/goss.yaml | 2 +- logstash/values.yaml | 8 +- metricbeat/Chart.yaml | 4 +- metricbeat/README.md | 32 +++---- metricbeat/examples/default/README.md | 8 +- .../examples/default/test/goss-metrics.yaml | 6 +- metricbeat/examples/default/test/goss.yaml | 6 +- metricbeat/examples/oss/README.md | 6 +- .../examples/oss/test/goss-metrics.yaml | 6 +- metricbeat/examples/oss/test/goss.yaml | 6 +- metricbeat/examples/security/README.md | 8 +- .../examples/security/test/goss-metrics.yaml | 6 +- metricbeat/examples/security/test/goss.yaml | 6 +- metricbeat/templates/daemonset.yaml | 4 +- metricbeat/values.yaml | 2 +- 73 files changed, 292 insertions(+), 293 deletions(-) diff --git a/.ci/jobs.t/elastic+helm-charts+{branch}+staging.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+staging.yml index 223a830a9..2cef76997 100644 --- a/.ci/jobs.t/elastic+helm-charts+{branch}+staging.yml +++ b/.ci/jobs.t/elastic+helm-charts+{branch}+staging.yml @@ -7,7 +7,7 @@ parameters: - string: name: BUILD_ID - description: "The buildId for the staging images. (Example: 7.7.0-abcdabcd)" + description: "The buildId for the staging images. (Example: 7.8.0-abcdabcd)" project-type: multijob scm: - git: diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 89f4722a8..3e44b6801 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -75,7 +75,7 @@ that will go into the next minor release. For example, if the next minor release is `7.8.0`, work for it should go into the `7.x` branch. * Past minor release branches are named `{majorVersion}.{minorVersion}`. They contain work that will go into the next patch release. For example, if the next -patch release is `7.7.1`, work for it should go into the `7.7` branch. +patch release is `7.8.1`, work for it should go into the `7.8` branch. * All work is done on feature branches and merged into one of these branches. * Where appropriate, we'll backport changes into older release branches. @@ -261,12 +261,12 @@ make goss [elastic helm repository]: https://helm.elastic.co [github forking model]: https://help.github.com/articles/fork-a-repo/ [goss]: https://github.com/aelsabbahy/goss/blob/master/docs/manual.md -[integration test example]: https://github.com/elastic/helm-charts/blob/7.7/elasticsearch/examples/default/test/goss.yaml +[integration test example]: https://github.com/elastic/helm-charts/blob/7.x/elasticsearch/examples/default/test/goss.yaml [integration tests section]: #integration-tests [pytest]: https://docs.pytest.org/en/latest/ [serverspec]: https://serverspec.org -[templating test example]: https://github.com/elastic/helm-charts/blob/7.7/elasticsearch/tests/elasticsearch_test.py +[templating test example]: https://github.com/elastic/helm-charts/blob/7.x/elasticsearch/tests/elasticsearch_test.py [templating tests section]: #templating-tests [release.md]: https://github.com/elastic/helm-charts/blob/master/helpers/release.md [releases section]: #releases -[requirements.txt]: https://github.com/elastic/helm-charts/blob/7.7/requirements.txt +[requirements.txt]: https://github.com/elastic/helm-charts/blob/7.x/requirements.txt diff --git a/README.md b/README.md index ada0377f1..42f64b2b3 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # Elastic Stack Kubernetes Helm Charts -[![Build Status](https://img.shields.io/jenkins/s/https/devops-ci.elastic.co/job/elastic+helm-charts+7.7.svg)](https://devops-ci.elastic.co/job/elastic+helm-charts+7.7/) +[![Build Status](https://img.shields.io/jenkins/s/https/devops-ci.elastic.co/job/elastic+helm-charts+7.x.svg)](https://devops-ci.elastic.co/job/elastic+helm-charts+7.x/) This functionality is in beta and is subject to change. The design and code is less mature than official GA features and is being provided as-is with no @@ -16,12 +16,12 @@ added below. | Chart | Docker documentation | |--------------------------------------------|---------------------------------------------------------------------------------| -| [APM-Server](./apm-server/README.md) | https://www.elastic.co/guide/en/apm/server/7.7/running-on-docker.html | -| [Elasticsearch](./elasticsearch/README.md) | https://www.elastic.co/guide/en/elasticsearch/reference/7.7/docker.html | -| [Filebeat](./filebeat/README.md) | https://www.elastic.co/guide/en/beats/filebeat/7.7/running-on-docker.html | -| [Kibana](./kibana/README.md) | https://www.elastic.co/guide/en/kibana/7.7/docker.html | -| [Logstash](./logstash/README.md) | https://www.elastic.co/guide/en/logstash/7.7/docker.html | -| [Metricbeat](./metricbeat/README.md) | https://www.elastic.co/guide/en/beats/metricbeat/7.7/running-on-docker.html | +| [APM-Server](./apm-server/README.md) | https://www.elastic.co/guide/en/apm/server/7.8/running-on-docker.html | +| [Elasticsearch](./elasticsearch/README.md) | https://www.elastic.co/guide/en/elasticsearch/reference/7.8/docker.html | +| [Filebeat](./filebeat/README.md) | https://www.elastic.co/guide/en/beats/filebeat/7.8/running-on-docker.html | +| [Kibana](./kibana/README.md) | https://www.elastic.co/guide/en/kibana/7.8/docker.html | +| [Logstash](./logstash/README.md) | https://www.elastic.co/guide/en/logstash/7.8/docker.html | +| [Metricbeat](./metricbeat/README.md) | https://www.elastic.co/guide/en/beats/metricbeat/7.8/running-on-docker.html | ## Kubernetes Versions @@ -43,9 +43,9 @@ Elastic recommended way to deploy Elasticsearch, Kibana and APM Server on Kubernetes. -[currently tested]: https://devops-ci.elastic.co/job/elastic+helm-charts+7.7/ +[currently tested]: https://devops-ci.elastic.co/job/elastic+helm-charts+7.x/ [elastic cloud on kubernetes]: https://github.com/elastic/cloud-on-k8s [helm 3]: https://v3.helm.sh -[helm-tester Dockerfile]: https://github.com/elastic/helm-charts/blob/7.7/helpers/helm-tester/Dockerfile -[helpers/matrix.yml]: https://github.com/elastic/helm-charts/blob/7.7/helpers/matrix.yml +[helm-tester Dockerfile]: https://github.com/elastic/helm-charts/blob/7.x/helpers/helm-tester/Dockerfile +[helpers/matrix.yml]: https://github.com/elastic/helm-charts/blob/7.x/helpers/matrix.yml [operator pattern]: https://kubernetes.io/docs/concepts/extend-kubernetes/operator/ diff --git a/apm-server/Chart.yaml b/apm-server/Chart.yaml index 0454d9152..6a023e4ba 100755 --- a/apm-server/Chart.yaml +++ b/apm-server/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: apm-server -version: 7.7.0-SNAPSHOT -appVersion: 7.7.0-SNAPSHOT +version: 7.8.0-SNAPSHOT +appVersion: 7.8.0-SNAPSHOT sources: - https://github.com/elastic/apm icon: https://helm.elastic.co/icons/apm.png diff --git a/apm-server/README.md b/apm-server/README.md index 3aa695991..d8d83142a 100644 --- a/apm-server/README.md +++ b/apm-server/README.md @@ -6,7 +6,7 @@ - [Requirements](#requirements) - [Installing](#installing) - [Using Helm repository](#using-helm-repository) - - [Using the 7.7 branch](#using-the-77-branch) + - [Using the 7.x branch](#using-the-7x-branch) - [Upgrading](#upgrading) - [Usage notes](#usage-notes) - [Configuration](#configuration) @@ -37,27 +37,27 @@ This Helm chart is a lightweight way to configure and run our official ## Installing -This chart is tested with the latest 7.7.0-SNAPSHOT versions. +This chart is tested with the latest 7.8.0-SNAPSHOT versions. ### Using Helm repository * Add the Elastic Helm charts repo: `helm repo add elastic https://helm.elastic.co` -* Install the latest 7.7 release: -`helm install --name apm-server elastic/apm-server --version=7.7.0` +* Install the latest 7.8 release: +`helm install --name apm-server elastic/apm-server --version=7.8.0` -### Using the 7.7 branch +### Using the 7.x branch * Clone the git repo and checkout the right branch: ```shell git clone git@github.com:elastic/helm-charts.git cd helm-charts - git checkout -b 7.7 origin/7.7 + git checkout -b 7.x origin/7.x ```` -* Install the latest 7.7.0-SNAPSHOT: +* Install the latest 7.8.0-SNAPSHOT: `helm install --name apm-server ./helm-charts/apm-server` @@ -96,7 +96,7 @@ as a reference. They are also used in the automated testing of this chart. | `fullnameOverride` | Overrides the full name of the resources. If not set the name will default to `.Release.Name` - `.Values.nameOverride` or `.Chart.Name` | `""` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The APM Server Docker image tag | `7.7.0-SNAPSHOT` | +| `imageTag` | The APM Server Docker image tag | `7.8.0-SNAPSHOT` | | `image` | The APM Server Docker image | `docker.elastic.co/apm/apm-server` | | `ingress` | Configurable [ingress][] to expose the APM Server service | see [values.yaml][] | | `labels` | Configurable [labels][] applied to all APM server pods | `{}` | @@ -149,14 +149,14 @@ about our development and testing process. [CONTRIBUTING.md]: https://github.com/elastic/helm-charts/blob/master/CONTRIBUTING.md [affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity [annotations]: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ -[apm server docker image]: https://www.elastic.co/guide/en/apm/server/7.7/running-on-docker.html -[apm server oss docker image]: https://www.docker.elastic.co/#apm-server-7-7-0-oss -[default elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/README.md#default +[apm server docker image]: https://www.elastic.co/guide/en/apm/server/7.8/running-on-docker.html +[apm server oss docker image]: https://www.docker.elastic.co/#apm-server-7-8-0-oss +[default elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/README.md#default [environment variables]: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config [environment from variables]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables -[examples]: https://github.com/elastic/helm-charts/tree/7.7/apm-server/examples -[examples/oss]: https://github.com/elastic/helm-charts/tree/7.7/apm-server/examples/oss -[examples/security]: https://github.com/elastic/helm-charts/tree/7.7/apm-server/examples/security +[examples]: https://github.com/elastic/helm-charts/tree/7.x/apm-server/examples +[examples/oss]: https://github.com/elastic/helm-charts/tree/7.x/apm-server/examples/oss +[examples/security]: https://github.com/elastic/helm-charts/tree/7.x/apm-server/examples/security [helm]: https://helm.sh [horizontal pod autoscaler]: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ [imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images @@ -174,4 +174,4 @@ about our development and testing process. [serviceAccount]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ [tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ [updateStrategy]: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#updating-a-deployment -[values.yaml]: https://github.com/elastic/helm-charts/tree/7.7/apm-server/values.yaml +[values.yaml]: https://github.com/elastic/helm-charts/tree/7.x/apm-server/values.yaml diff --git a/apm-server/examples/default/README.md b/apm-server/examples/default/README.md index 8af8a5038..1533f4561 100644 --- a/apm-server/examples/default/README.md +++ b/apm-server/examples/default/README.md @@ -1,6 +1,6 @@ # Default -This example deploy APM Server 7.7.0-SNAPSHOT using [default values][]. +This example deploy APM Server 7.8.0-SNAPSHOT using [default values][]. ## Usage @@ -22,6 +22,6 @@ This example deploy APM Server 7.7.0-SNAPSHOT using [default values][]. You can also run [goss integration tests][] using `make test` -[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/default/ -[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/apm-server/examples/default/test/goss.yaml -[default values]: https://github.com/elastic/helm-charts/tree/7.7/apm-server/values.yaml +[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/default/ +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.x/apm-server/examples/default/test/goss.yaml +[default values]: https://github.com/elastic/helm-charts/tree/7.x/apm-server/values.yaml diff --git a/apm-server/examples/default/test/goss.yaml b/apm-server/examples/default/test/goss.yaml index 2dc9067df..a2e5df9fa 100644 --- a/apm-server/examples/default/test/goss.yaml +++ b/apm-server/examples/default/test/goss.yaml @@ -3,4 +3,4 @@ http: status: 200 timeout: 2000 body: - - '7.7.0' + - '7.8.0' diff --git a/apm-server/examples/oss/README.md b/apm-server/examples/oss/README.md index e32234f8a..01320a2fa 100644 --- a/apm-server/examples/oss/README.md +++ b/apm-server/examples/oss/README.md @@ -1,6 +1,6 @@ # OSS -This example deploy APM Server 7.7.0-SNAPSHOT using [APM Server OSS][] version. +This example deploy APM Server 7.8.0-SNAPSHOT using [APM Server OSS][] version. ## Usage @@ -23,5 +23,5 @@ You can also run [goss integration tests][] using `make test` [apm server oss]: https://www.elastic.co/downloads/apm-oss -[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/oss/ -[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/apm-server/examples/oss/test/goss.yaml +[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/oss/ +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.x/apm-server/examples/oss/test/goss.yaml diff --git a/apm-server/examples/oss/test/goss.yaml b/apm-server/examples/oss/test/goss.yaml index 2dc9067df..a2e5df9fa 100644 --- a/apm-server/examples/oss/test/goss.yaml +++ b/apm-server/examples/oss/test/goss.yaml @@ -3,4 +3,4 @@ http: status: 200 timeout: 2000 body: - - '7.7.0' + - '7.8.0' diff --git a/apm-server/examples/security/README.md b/apm-server/examples/security/README.md index 517e53f86..0282838be 100644 --- a/apm-server/examples/security/README.md +++ b/apm-server/examples/security/README.md @@ -1,6 +1,6 @@ # Security -This example deploy APM Server 7.7.0-SNAPSHOT using authentication and TLS to connect to +This example deploy APM Server 7.8.0-SNAPSHOT using authentication and TLS to connect to Elasticsearch (see [values][]). @@ -23,6 +23,6 @@ Elasticsearch (see [values][]). You can also run [goss integration tests][] using `make test` -[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/security/ -[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/apm-server/examples/security/test/goss.yaml -[values]: https://github.com/elastic/helm-charts/tree/7.7/apm-server/examples/security/values.yaml +[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/security/ +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.x/apm-server/examples/security/test/goss.yaml +[values]: https://github.com/elastic/helm-charts/tree/7.x/apm-server/examples/security/values.yaml diff --git a/apm-server/examples/security/test/goss.yaml b/apm-server/examples/security/test/goss.yaml index 2dc9067df..a2e5df9fa 100644 --- a/apm-server/examples/security/test/goss.yaml +++ b/apm-server/examples/security/test/goss.yaml @@ -3,4 +3,4 @@ http: status: 200 timeout: 2000 body: - - '7.7.0' + - '7.8.0' diff --git a/apm-server/values.yaml b/apm-server/values.yaml index f96ac03f7..ee2564043 100755 --- a/apm-server/values.yaml +++ b/apm-server/values.yaml @@ -62,7 +62,7 @@ extraVolumes: [] # emptyDir: {} image: "docker.elastic.co/apm/apm-server" -imageTag: "7.7.0-SNAPSHOT" +imageTag: "7.8.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" imagePullSecrets: [] diff --git a/elasticsearch/Chart.yaml b/elasticsearch/Chart.yaml index 38a824234..5945eae05 100755 --- a/elasticsearch/Chart.yaml +++ b/elasticsearch/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: elasticsearch -version: 7.7.0-SNAPSHOT -appVersion: 7.7.0-SNAPSHOT +version: 7.8.0-SNAPSHOT +appVersion: 7.8.0-SNAPSHOT sources: - https://github.com/elastic/elasticsearch icon: https://helm.elastic.co/icons/elasticsearch.png diff --git a/elasticsearch/README.md b/elasticsearch/README.md index ee568fa06..db5470df2 100644 --- a/elasticsearch/README.md +++ b/elasticsearch/README.md @@ -6,7 +6,7 @@ - [Requirements](#requirements) - [Installing](#installing) - [Using Helm repository](#using-helm-repository) - - [Using the 7.7 branch](#using-the-77-branch) + - [Using the 7.x branch](#using-the-7x-branch) - [Upgrading](#upgrading) - [Usage notes](#usage-notes) - [Configuration](#configuration) @@ -53,27 +53,27 @@ default settings. All of these settings are configurable. ## Installing -This chart is tested with the latest 7.7.0-SNAPSHOT versions. +This chart is tested with the latest 7.8.0-SNAPSHOT versions. ### Using Helm repository * Add the Elastic Helm charts repo: `helm repo add elastic https://helm.elastic.co` -* Install the latest 7.7 release: -`helm install --name elasticsearch elastic/elasticsearch --version=7.7.0` +* Install the latest 7.8 release: +`helm install --name elasticsearch elastic/elasticsearch --version=7.8.0` -### Using the 7.7 branch +### Using the 7.x branch * Clone the git repo and checkout the right branch: ```shell git clone git@github.com:elastic/helm-charts.git cd helm-charts - git checkout -b 7.7 origin/7.7 + git checkout -b 7.x origin/7.x ```` -* Install the latest 7.7.0-SNAPSHOT: +* Install the latest 7.8.0-SNAPSHOT: `helm install --name elasticsearch ./helm-charts/elasticsearch` @@ -129,7 +129,7 @@ support multiple versions with minimal changes. | `httpPort` | The http port that Kubernetes will use for the healthchecks and the service. If you change this you will also need to set [http.port][] in `extraEnvs` | `9200` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The Elasticsearch Docker image tag | `7.7.0-SNAPSHOT` | +| `imageTag` | The Elasticsearch Docker image tag | `7.8.0-SNAPSHOT` | | `image` | The Elasticsearch Docker image | `docker.elastic.co/elasticsearch/elasticsearch` | | `ingress` | Configurable [ingress][] to expose the Elasticsearch service. See [values.yaml][] for an example | see [values.yaml][] | | `initResources` | Allows you to set the [resources][] for the `initContainer` in the StatefulSet | `{}` | @@ -397,67 +397,67 @@ about our development and testing process. [alternate scheduler]: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/#specify-schedulers-for-pods [annotations]: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ [anti-affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity -[cluster.name]: https://www.elastic.co/guide/en/elasticsearch/reference/7.7/cluster.name.html -[clustering and node discovery]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/README.md#clustering-and-node-discovery -[config example]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/config/values.yaml -[curator]: https://www.elastic.co/guide/en/elasticsearch/client/curator/7.7/snapshot.html -[custom docker image]: https://www.elastic.co/guide/en/elasticsearch/reference/7.7/docker.html#_c_customized_image +[cluster.name]: https://www.elastic.co/guide/en/elasticsearch/reference/7.8/cluster.name.html +[clustering and node discovery]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/README.md#clustering-and-node-discovery +[config example]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/config/values.yaml +[curator]: https://www.elastic.co/guide/en/elasticsearch/client/curator/7.8/snapshot.html +[custom docker image]: https://www.elastic.co/guide/en/elasticsearch/reference/7.8/docker.html#_c_customized_image [deploys statefulsets serially]: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-management-policies -[discovery.zen.minimum_master_nodes]: https://www.elastic.co/guide/en/elasticsearch/reference/7.7/discovery-settings.html#minimum_master_nodes -[docker for mac]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/docker-for-mac -[elasticsearch cluster health status params]: https://www.elastic.co/guide/en/elasticsearch/reference/7.7/cluster-health.html#request-params -[elasticsearch docker image]: https://www.elastic.co/guide/en/elasticsearch/reference/7.7/docker.html -[elasticsearch oss docker image]: https://www.docker.elastic.co/#elasticsearch-7-7-0-oss +[discovery.zen.minimum_master_nodes]: https://www.elastic.co/guide/en/elasticsearch/reference/7.8/discovery-settings.html#minimum_master_nodes +[docker for mac]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/docker-for-mac +[elasticsearch cluster health status params]: https://www.elastic.co/guide/en/elasticsearch/reference/7.8/cluster-health.html#request-params +[elasticsearch docker image]: https://www.elastic.co/guide/en/elasticsearch/reference/7.8/docker.html +[elasticsearch oss docker image]: https://www.docker.elastic.co/#elasticsearch-7-8-0-oss [environment variables]: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config [environment from variables]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables -[examples]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/ -[examples/multi]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/multi -[examples/oss]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/oss -[examples/security]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/security +[examples]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/ +[examples/multi]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/multi +[examples/oss]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/oss +[examples/security]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/security [gke]: https://cloud.google.com/kubernetes-engine [helm]: https://helm.sh [helm/charts stable]: https://github.com/helm/charts/tree/master/stable/elasticsearch/ -[how to install plugins guide]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/README.md#how-to-install-plugins -[how to use the keystore]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/README.md#how-to-use-the-keystore -[http.port]: https://www.elastic.co/guide/en/elasticsearch/reference/7.7/modules-http.html#_settings +[how to install plugins guide]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/README.md#how-to-install-plugins +[how to use the keystore]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/README.md#how-to-use-the-keystore +[http.port]: https://www.elastic.co/guide/en/elasticsearch/reference/7.8/modules-http.html#_settings [imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images [imagePullSecrets]: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret [ingress]: https://kubernetes.io/docs/concepts/services-networking/ingress/ -[java options]: https://www.elastic.co/guide/en/elasticsearch/reference/7.7/jvm-options.html -[jvm heap size]: https://www.elastic.co/guide/en/elasticsearch/reference/7.7/heap-size.html -[kind]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/kubernetes-kind +[java options]: https://www.elastic.co/guide/en/elasticsearch/reference/7.8/jvm-options.html +[jvm heap size]: https://www.elastic.co/guide/en/elasticsearch/reference/7.8/heap-size.html +[kind]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/kubernetes-kind [kubernetes secrets]: https://kubernetes.io/docs/concepts/configuration/secret/ [labels]: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ [lifecycle hooks]: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/ [loadBalancer annotations]: https://kubernetes.io/docs/concepts/services-networking/service/#ssl-support-on-aws [loadBalancer]: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer [maxUnavailable]: https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget -[migration guide]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/migration/README.md -[minikube]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/minikube -[microk8s]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/microk8s -[multi]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/multi/ -[network.host elasticsearch setting]: https://www.elastic.co/guide/en/elasticsearch/reference/7.7/network.host.html +[migration guide]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/migration/README.md +[minikube]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/minikube +[microk8s]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/microk8s +[multi]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/multi/ +[network.host elasticsearch setting]: https://www.elastic.co/guide/en/elasticsearch/reference/7.8/network.host.html [node affinity settings]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#node-affinity-beta-feature -[node-certificates]: https://www.elastic.co/guide/en/elasticsearch/reference/7.7/configuring-tls.html#node-certificates +[node-certificates]: https://www.elastic.co/guide/en/elasticsearch/reference/7.8/configuring-tls.html#node-certificates [nodePort]: https://kubernetes.io/docs/concepts/services-networking/service/#nodeport -[nodes types]: https://www.elastic.co/guide/en/elasticsearch/reference/7.7/modules-node.html +[nodes types]: https://www.elastic.co/guide/en/elasticsearch/reference/7.8/modules-node.html [nodeSelector]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector -[openshift]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/openshift -[parent readme]: https://github.com/elastic/helm-charts/tree/7.7/README.md +[openshift]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/openshift +[parent readme]: https://github.com/elastic/helm-charts/tree/7.x/README.md [priorityClass]: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass [probe]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ [resources]: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ -[roles]: https://www.elastic.co/guide/en/elasticsearch/reference/7.7/modules-node.html +[roles]: https://www.elastic.co/guide/en/elasticsearch/reference/7.8/modules-node.html [secret]: https://kubernetes.io/docs/concepts/configuration/secret/#using-secrets [securityContext]: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ [service types]: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types [snapshot lifecycle management]: https://github.com/elastic/elasticsearch/issues/38461 -[snapshot plugin]: https://www.elastic.co/guide/en/elasticsearch/plugins/7.7/repository.html -[snapshot repository]: https://www.elastic.co/guide/en/elasticsearch/reference/7.7/modules-snapshots.html -[sysctl vm.max_map_count]: https://www.elastic.co/guide/en/elasticsearch/reference/7.7/vm-max-map-count.html#vm-max-map-count +[snapshot plugin]: https://www.elastic.co/guide/en/elasticsearch/plugins/7.8/repository.html +[snapshot repository]: https://www.elastic.co/guide/en/elasticsearch/reference/7.8/modules-snapshots.html +[sysctl vm.max_map_count]: https://www.elastic.co/guide/en/elasticsearch/reference/7.8/vm-max-map-count.html#vm-max-map-count [terminationGracePeriod]: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods [tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ -[transport port configuration]: https://www.elastic.co/guide/en/elasticsearch/reference/7.7/modules-transport.html#_transport_settings +[transport port configuration]: https://www.elastic.co/guide/en/elasticsearch/reference/7.8/modules-transport.html#_transport_settings [updateStrategy]: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/ -[values.yaml]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/values.yaml +[values.yaml]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/values.yaml [volumeClaimTemplate for statefulsets]: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#stable-storage diff --git a/elasticsearch/examples/config/README.md b/elasticsearch/examples/config/README.md index 98d1360f5..0c479605b 100644 --- a/elasticsearch/examples/config/README.md +++ b/elasticsearch/examples/config/README.md @@ -1,6 +1,6 @@ # Config -This example deploy a single node Elasticsearch 7.7.0-SNAPSHOT with authentication and +This example deploy a single node Elasticsearch 7.8.0-SNAPSHOT with authentication and custom [values][]. @@ -23,5 +23,5 @@ custom [values][]. You can also run [goss integration tests][] using `make test` -[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/config/test/goss.yaml -[values]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/config/values.yaml +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/config/test/goss.yaml +[values]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/config/values.yaml diff --git a/elasticsearch/examples/default/README.md b/elasticsearch/examples/default/README.md index 495e2a1ac..81dc68211 100644 --- a/elasticsearch/examples/default/README.md +++ b/elasticsearch/examples/default/README.md @@ -1,6 +1,6 @@ # Default -This example deploy a 3 nodes Elasticsearch 7.7.0-SNAPSHOT cluster using +This example deploy a 3 nodes Elasticsearch 7.8.0-SNAPSHOT cluster using [default values][]. @@ -21,5 +21,5 @@ This example deploy a 3 nodes Elasticsearch 7.7.0-SNAPSHOT cluster using You can also run [goss integration tests][] using `make test` -[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/default/test/goss.yaml -[default values]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/values.yaml +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/default/test/goss.yaml +[default values]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/values.yaml diff --git a/elasticsearch/examples/default/test/goss.yaml b/elasticsearch/examples/default/test/goss.yaml index 272064e29..c8b2c0c25 100644 --- a/elasticsearch/examples/default/test/goss.yaml +++ b/elasticsearch/examples/default/test/goss.yaml @@ -15,7 +15,7 @@ http: status: 200 timeout: 2000 body: - - '"number" : "7.7.0-SNAPSHOT"' + - '"number" : "7.8.0-SNAPSHOT"' - '"cluster_name" : "elasticsearch"' - '"name" : "elasticsearch-master-0"' - 'You Know, for Search' diff --git a/elasticsearch/examples/docker-for-mac/README.md b/elasticsearch/examples/docker-for-mac/README.md index 569bd416d..3ce68ea30 100644 --- a/elasticsearch/examples/docker-for-mac/README.md +++ b/elasticsearch/examples/docker-for-mac/README.md @@ -1,6 +1,6 @@ # Docker for Mac -This example deploy a 3 nodes Elasticsearch 7.7.0-SNAPSHOT cluster on [Docker for Mac][] +This example deploy a 3 nodes Elasticsearch 7.8.0-SNAPSHOT cluster on [Docker for Mac][] using [custom values][]. Note that this configuration should be used for test only and isn't recommended @@ -19,5 +19,5 @@ for production. ``` -[custom values]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/docker-for-mac/values.yaml +[custom values]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/docker-for-mac/values.yaml [docker for mac]: https://docs.docker.com/docker-for-mac/kubernetes/ diff --git a/elasticsearch/examples/kubernetes-kind/README.md b/elasticsearch/examples/kubernetes-kind/README.md index 76ce26646..7373d75b6 100644 --- a/elasticsearch/examples/kubernetes-kind/README.md +++ b/elasticsearch/examples/kubernetes-kind/README.md @@ -1,6 +1,6 @@ # KIND -This example deploy a 3 nodes Elasticsearch 7.7.0-SNAPSHOT cluster on [Kind][] +This example deploy a 3 nodes Elasticsearch 7.8.0-SNAPSHOT cluster on [Kind][] using [custom values][]. Note that this configuration should be used for test only and isn't recommended @@ -30,9 +30,9 @@ Elasticsearch volumes (see [Makefile][] instructions). ``` -[custom values]: https://github.com/elastic/helm-charts/blob/7.7/elasticsearch/examples/kubernetes-kind/values.yaml +[custom values]: https://github.com/elastic/helm-charts/blob/7.x/elasticsearch/examples/kubernetes-kind/values.yaml [kind]: https://kind.sigs.k8s.io/ [kind issue]: https://github.com/kubernetes-sigs/kind/issues/830 [kubernetes-sigs/kind#1157]: https://github.com/kubernetes-sigs/kind/pull/1157 [rancher local path provisioner]: https://github.com/rancher/local-path-provisioner -[Makefile]: https://github.com/elastic/helm-charts/blob/7.7/elasticsearch/examples/kubernetes-kind/Makefile#L5 +[Makefile]: https://github.com/elastic/helm-charts/blob/7.x/elasticsearch/examples/kubernetes-kind/Makefile#L5 diff --git a/elasticsearch/examples/microk8s/README.md b/elasticsearch/examples/microk8s/README.md index 487899d85..8cc3dcfa5 100644 --- a/elasticsearch/examples/microk8s/README.md +++ b/elasticsearch/examples/microk8s/README.md @@ -1,6 +1,6 @@ # MicroK8S -This example deploy a 3 nodes Elasticsearch 7.7.0-SNAPSHOT cluster on [MicroK8S][] +This example deploy a 3 nodes Elasticsearch 7.8.0-SNAPSHOT cluster on [MicroK8S][] using [custom values][]. Note that this configuration should be used for test only and isn't recommended @@ -28,5 +28,5 @@ The following MicroK8S [addons][] need to be enabled: [addons]: https://microk8s.io/docs/addons -[custom values]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/microk8s/values.yaml +[custom values]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/microk8s/values.yaml [MicroK8S]: https://microk8s.io diff --git a/elasticsearch/examples/migration/README.md b/elasticsearch/examples/migration/README.md index b492d515d..59e07e21d 100644 --- a/elasticsearch/examples/migration/README.md +++ b/elasticsearch/examples/migration/README.md @@ -160,8 +160,8 @@ client nodes: working correctly you can cleanup leftover resources from your old cluster. [basic license]: https://www.elastic.co/subscriptions -[data.yml]: https://github.com/elastic/helm-charts/blob/7.7/elasticsearch/examples/migration/data.yml +[data.yml]: https://github.com/elastic/helm-charts/blob/7.x/elasticsearch/examples/migration/data.yml [helm/charts]: https://github.com/helm/charts/tree/master/stable/elasticsearch -[master.yml]: https://github.com/elastic/helm-charts/blob/7.7/elasticsearch/examples/migration/master.yml +[master.yml]: https://github.com/elastic/helm-charts/blob/7.x/elasticsearch/examples/migration/master.yml [restoring to a different cluster guide]: https://www.elastic.co/guide/en/elasticsearch/reference/6.6/modules-snapshots.html#_restoring_to_a_different_cluster [rolling upgrades guide]: https://www.elastic.co/guide/en/elasticsearch/reference/6.6/rolling-upgrades.html diff --git a/elasticsearch/examples/minikube/README.md b/elasticsearch/examples/minikube/README.md index 08f4f4fc4..d01e0ba9f 100644 --- a/elasticsearch/examples/minikube/README.md +++ b/elasticsearch/examples/minikube/README.md @@ -1,6 +1,6 @@ # Minikube -This example deploy a 3 nodes Elasticsearch 7.7.0-SNAPSHOT cluster on [Minikube][] +This example deploy a 3 nodes Elasticsearch 7.8.0-SNAPSHOT cluster on [Minikube][] using [custom values][]. If helm or kubectl timeouts occur, you may consider creating a minikube VM with @@ -34,5 +34,5 @@ minikube addons enable storage-provisioner ``` -[custom values]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/minikube/values.yaml +[custom values]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/minikube/values.yaml [minikube]: https://minikube.sigs.k8s.io/docs/ diff --git a/elasticsearch/examples/multi/README.md b/elasticsearch/examples/multi/README.md index 410391dbd..08859022d 100644 --- a/elasticsearch/examples/multi/README.md +++ b/elasticsearch/examples/multi/README.md @@ -1,6 +1,6 @@ # Multi -This example deploy an Elasticsearch 7.7.0-SNAPSHOT cluster composed of 2 different Helm +This example deploy an Elasticsearch 7.8.0-SNAPSHOT cluster composed of 2 different Helm releases: - `helm-es-multi-master` for the 3 master nodes using [master values][] @@ -22,6 +22,6 @@ releases: You can also run [goss integration tests][] using `make test` -[data values]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/multi/data.yaml -[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/multi/test/goss.yaml -[master values]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/multi/master.yaml +[data values]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/multi/data.yaml +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/multi/test/goss.yaml +[master values]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/multi/master.yaml diff --git a/elasticsearch/examples/openshift/README.md b/elasticsearch/examples/openshift/README.md index 53a924a25..4799efb7e 100644 --- a/elasticsearch/examples/openshift/README.md +++ b/elasticsearch/examples/openshift/README.md @@ -1,6 +1,6 @@ # OpenShift -This example deploy a 3 nodes Elasticsearch 7.7.0-SNAPSHOT cluster on [OpenShift][] +This example deploy a 3 nodes Elasticsearch 7.8.0-SNAPSHOT cluster on [OpenShift][] using [custom values][]. ## Usage @@ -19,6 +19,6 @@ using [custom values][]. You can also run [goss integration tests][] using `make test` -[custom values]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/openshift/values.yaml -[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/openshift/test/goss.yaml +[custom values]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/openshift/values.yaml +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/openshift/test/goss.yaml [openshift]: https://www.openshift.com/ diff --git a/elasticsearch/examples/openshift/test/goss.yaml b/elasticsearch/examples/openshift/test/goss.yaml index b6141d4b9..878dd0cb5 100644 --- a/elasticsearch/examples/openshift/test/goss.yaml +++ b/elasticsearch/examples/openshift/test/goss.yaml @@ -11,7 +11,7 @@ http: status: 200 timeout: 2000 body: - - '"number" : "7.7.0"' + - '"number" : "7.8.0"' - '"cluster_name" : "elasticsearch"' - '"name" : "elasticsearch-master-0"' - 'You Know, for Search' diff --git a/elasticsearch/examples/oss/README.md b/elasticsearch/examples/oss/README.md index 67a36b114..78cd5ffa0 100644 --- a/elasticsearch/examples/oss/README.md +++ b/elasticsearch/examples/oss/README.md @@ -1,6 +1,6 @@ # OSS -This example deploy a 3 nodes Elasticsearch 7.7.0-SNAPSHOT cluster using +This example deploy a 3 nodes Elasticsearch 7.8.0-SNAPSHOT cluster using [Elasticsearch OSS][] version. ## Usage @@ -20,4 +20,4 @@ You can also run [goss integration tests][] using `make test` [elasticsearch oss]: https://www.elastic.co/downloads/elasticsearch-oss -[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/oss/test/goss.yaml +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/oss/test/goss.yaml diff --git a/elasticsearch/examples/oss/test/goss.yaml b/elasticsearch/examples/oss/test/goss.yaml index 8240c8c84..30c179d51 100644 --- a/elasticsearch/examples/oss/test/goss.yaml +++ b/elasticsearch/examples/oss/test/goss.yaml @@ -11,7 +11,7 @@ http: status: 200 timeout: 2000 body: - - '"number" : "7.7.0-SNAPSHOT"' + - '"number" : "7.8.0-SNAPSHOT"' - '"cluster_name" : "oss"' - '"name" : "oss-master-0"' - 'You Know, for Search' diff --git a/elasticsearch/examples/security/README.md b/elasticsearch/examples/security/README.md index 1fdcf0d94..7e69fb284 100644 --- a/elasticsearch/examples/security/README.md +++ b/elasticsearch/examples/security/README.md @@ -1,6 +1,6 @@ # Security -This example deploy a 3 nodes Elasticsearch 7.7.0-SNAPSHOT with authentication and +This example deploy a 3 nodes Elasticsearch 7.8.0-SNAPSHOT with authentication and autogenerated certificates for TLS (see [values][]). Note that this configuration should be used for test only. For a production @@ -24,6 +24,6 @@ deployment you should generate SSL certificates following the [official docs][]. You can also run [goss integration tests][] using `make test` -[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/security/test/goss.yaml -[official docs]: https://www.elastic.co/guide/en/elasticsearch/reference/7.7/configuring-tls.html#node-certificates -[values]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/security/security.yaml +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/security/test/goss.yaml +[official docs]: https://www.elastic.co/guide/en/elasticsearch/reference/7.8/configuring-tls.html#node-certificates +[values]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/security/security.yaml diff --git a/elasticsearch/examples/upgrade/README.md b/elasticsearch/examples/upgrade/README.md index 28cdb46e9..adc82ebb1 100644 --- a/elasticsearch/examples/upgrade/README.md +++ b/elasticsearch/examples/upgrade/README.md @@ -1,12 +1,12 @@ # Upgrade This example deploy a 3 nodes Elasticsearch cluster using [7.0.0-alpha1][] chart -version, then upgrade it to 7.7.0-SNAPSHOT version. +version, then upgrade it to 7.8.0-SNAPSHOT version. ## Usage -Running `make install` command will do both 7.0.0-alpha1 install and 7.7.0-SNAPSHOT +Running `make install` command will do both 7.0.0-alpha1 install and 7.8.0-SNAPSHOT upgrade @@ -16,4 +16,4 @@ You can also run [goss integration tests][] using `make test` [7.0.0-alpha1]: https://github.com/elastic/helm-charts/releases/tag/7.0.0-alpha1 -[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/upgrade/test/goss.yaml +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/upgrade/test/goss.yaml diff --git a/elasticsearch/examples/upgrade/test/goss.yaml b/elasticsearch/examples/upgrade/test/goss.yaml index 4f062c242..b99d4e4f8 100644 --- a/elasticsearch/examples/upgrade/test/goss.yaml +++ b/elasticsearch/examples/upgrade/test/goss.yaml @@ -11,7 +11,7 @@ http: status: 200 timeout: 2000 body: - - '"number" : "7.7.0-SNAPSHOT"' + - '"number" : "7.8.0-SNAPSHOT"' - '"cluster_name" : "upgrade"' - '"name" : "upgrade-master-0"' - 'You Know, for Search' diff --git a/elasticsearch/values.yaml b/elasticsearch/values.yaml index 1f7b0bab3..a96a2fd24 100755 --- a/elasticsearch/values.yaml +++ b/elasticsearch/values.yaml @@ -50,7 +50,7 @@ secretMounts: [] # path: /usr/share/elasticsearch/config/certs image: "docker.elastic.co/elasticsearch/elasticsearch" -imageTag: "7.7.0-SNAPSHOT" +imageTag: "7.8.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" podAnnotations: {} @@ -204,7 +204,7 @@ readinessProbe: successThreshold: 3 timeoutSeconds: 5 -# https://www.elastic.co/guide/en/elasticsearch/reference/7.7/cluster-health.html#request-params wait_for_status +# https://www.elastic.co/guide/en/elasticsearch/reference/7.8/cluster-health.html#request-params wait_for_status clusterHealthCheckParams: "wait_for_status=green&timeout=1s" ## Use an alternate scheduler. diff --git a/filebeat/Chart.yaml b/filebeat/Chart.yaml index e5891a665..843f7f70c 100755 --- a/filebeat/Chart.yaml +++ b/filebeat/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: filebeat -version: 7.7.0-SNAPSHOT -appVersion: 7.7.0-SNAPSHOT +version: 7.8.0-SNAPSHOT +appVersion: 7.8.0-SNAPSHOT sources: - https://github.com/elastic/beats icon: https://helm.elastic.co/icons/beats.png diff --git a/filebeat/README.md b/filebeat/README.md index 11ae6a9cd..ae9d87383 100644 --- a/filebeat/README.md +++ b/filebeat/README.md @@ -6,7 +6,7 @@ - [Requirements](#requirements) - [Installing](#installing) - [Using Helm repository](#using-helm-repository) - - [Using the 7.7 branch](#using-the-77-branch) + - [Using the 7.x branch](#using-the-7x-branch) - [Upgrading](#upgrading) - [Usage notes](#usage-notes) - [Configuration](#configuration) @@ -38,27 +38,27 @@ This Helm chart is a lightweight way to configure and run our official ## Installing -This chart is tested with the latest 7.7.0-SNAPSHOT versions. +This chart is tested with the latest 7.8.0-SNAPSHOT versions. ### Using Helm repository * Add the Elastic Helm charts repo: `helm repo add elastic https://helm.elastic.co` -* Install the latest 7.7 release: -`helm install --name filebeat elastic/filebeat --version=7.7.0` +* Install the latest 7.8 release: +`helm install --name filebeat elastic/filebeat --version=7.8.0` -### Using the 7.7 branch +### Using the 7.x branch * Clone the git repo and checkout the right branch: ```shell git clone git@github.com:elastic/helm-charts.git cd helm-charts - git checkout -b 7.7 origin/7.7 + git checkout -b 7.x origin/7.x ```` -* Install the latest 7.7.0-SNAPSHOT: +* Install the latest 7.8.0-SNAPSHOT: `helm install --name filebeat ./helm-charts/filebeat` @@ -107,7 +107,7 @@ as a reference. They are also used in the automated testing of this chart. | `hostPathRoot` | Fully-qualified [hostPath][] that will be used to persist Filebeat registry data | `/var/lib` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The Filebeat Docker image tag | `7.7.0-SNAPSHOT` | +| `imageTag` | The Filebeat Docker image tag | `7.8.0-SNAPSHOT` | | `image` | The Filebeat Docker image | `docker.elastic.co/beats/filebeat` | | `labels` | Configurable [labels][] applied to all Filebeat pods | `{}` | | `livenessProbe` | Parameters to pass to liveness [probe][] checks for values such as timeouts and thresholds | see [values.yaml][] | @@ -169,14 +169,14 @@ about our development and testing process. [CONTRIBUTING.md]: https://github.com/elastic/helm-charts/blob/master/CONTRIBUTING.md [affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity [annotations]: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ -[default Filebeat Helm chart]: https://github.com/elastic/helm-charts/tree/7.7/filebeat/README.md#default +[default Filebeat Helm chart]: https://github.com/elastic/helm-charts/tree/7.x/filebeat/README.md#default [environment variables]: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config [environment from variables]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables -[examples]: https://github.com/elastic/helm-charts/tree/7.7/filebeat/examples -[examples/oss]: https://github.com/elastic/helm-charts/tree/7.7/filebeat/examples/oss -[examples/security]: https://github.com/elastic/helm-charts/tree/7.7/filebeat/examples/security -[filebeat docker image]: https://www.elastic.co/guide/en/beats/filebeat/7.7/running-on-docker.html -[filebeat oss docker image]: https://www.docker.elastic.co/#filebeat-7-7-0-oss +[examples]: https://github.com/elastic/helm-charts/tree/7.x/filebeat/examples +[examples/oss]: https://github.com/elastic/helm-charts/tree/7.x/filebeat/examples/oss +[examples/security]: https://github.com/elastic/helm-charts/tree/7.x/filebeat/examples/security +[filebeat docker image]: https://www.elastic.co/guide/en/beats/filebeat/7.8/running-on-docker.html +[filebeat oss docker image]: https://www.docker.elastic.co/#filebeat-7-8-0-oss [helm]: https://helm.sh [hostNetwork]: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#host-namespaces [hostPath]: https://kubernetes.io/docs/concepts/storage/volumes/#hostpath @@ -184,7 +184,7 @@ about our development and testing process. [imagePullSecrets]: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret [kubernetes secrets]: https://kubernetes.io/docs/concepts/configuration/secret/ [labels]: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ -[parent readme]: https://github.com/elastic/helm-charts/tree/7.7/README.md +[parent readme]: https://github.com/elastic/helm-charts/tree/7.x/README.md [nodeSelector]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector [podSecurityContext]: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ [priorityClass]: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass @@ -193,4 +193,4 @@ about our development and testing process. [serviceAccount]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ [tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ [updateStrategy]: https://kubernetes.io/docs/tasks/manage-daemon/update-daemon-set/#daemonset-update-strategy -[values.yaml]: https://github.com/elastic/helm-charts/tree/7.7/filebeat/values.yaml +[values.yaml]: https://github.com/elastic/helm-charts/tree/7.x/filebeat/values.yaml diff --git a/filebeat/examples/default/README.md b/filebeat/examples/default/README.md index aee7abde5..ef694b8f5 100644 --- a/filebeat/examples/default/README.md +++ b/filebeat/examples/default/README.md @@ -1,6 +1,6 @@ # Default -This example deploy Filebeat 7.7.0-SNAPSHOT using [default values][]. +This example deploy Filebeat 7.8.0-SNAPSHOT using [default values][]. ## Usage @@ -22,6 +22,6 @@ This example deploy Filebeat 7.7.0-SNAPSHOT using [default values][]. You can also run [goss integration tests][] using `make test` -[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/default/ -[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/filebeat/examples/default/test/goss.yaml -[default values]: https://github.com/elastic/helm-charts/tree/7.7/filebeat/values.yaml +[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/default/ +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.x/filebeat/examples/default/test/goss.yaml +[default values]: https://github.com/elastic/helm-charts/tree/7.x/filebeat/values.yaml diff --git a/filebeat/examples/default/test/goss.yaml b/filebeat/examples/default/test/goss.yaml index f0c2458e4..71c870739 100644 --- a/filebeat/examples/default/test/goss.yaml +++ b/filebeat/examples/default/test/goss.yaml @@ -29,7 +29,7 @@ http: status: 200 timeout: 2000 body: - - 'filebeat-7.7.0' + - 'filebeat-7.8.0' file: /usr/share/filebeat/filebeat.yml: @@ -44,4 +44,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: http://elasticsearch-master:9200' - - 'version: 7.7.0' + - 'version: 7.8.0' diff --git a/filebeat/examples/oss/README.md b/filebeat/examples/oss/README.md index b964ab23a..c64a94a5f 100644 --- a/filebeat/examples/oss/README.md +++ b/filebeat/examples/oss/README.md @@ -1,6 +1,6 @@ # OSS -This example deploy Filebeat 7.7.0-SNAPSHOT using [Filebeat OSS][] version. +This example deploy Filebeat 7.8.0-SNAPSHOT using [Filebeat OSS][] version. ## Usage @@ -23,5 +23,5 @@ You can also run [goss integration tests][] using `make test` [filebeat oss]: https://www.elastic.co/downloads/beats/filebeat-oss -[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/oss/ -[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/filebeat/examples/oss/test/goss.yaml +[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/oss/ +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.x/filebeat/examples/oss/test/goss.yaml diff --git a/filebeat/examples/oss/test/goss.yaml b/filebeat/examples/oss/test/goss.yaml index 7f6925e5b..da2d94e32 100644 --- a/filebeat/examples/oss/test/goss.yaml +++ b/filebeat/examples/oss/test/goss.yaml @@ -19,4 +19,4 @@ http: status: 200 timeout: 2000 body: - - 'filebeat-7.7.0' + - 'filebeat-7.8.0' diff --git a/filebeat/examples/security/README.md b/filebeat/examples/security/README.md index c88e277ca..566974823 100644 --- a/filebeat/examples/security/README.md +++ b/filebeat/examples/security/README.md @@ -1,6 +1,6 @@ # Security -This example deploy Filebeat 7.7.0-SNAPSHOT using authentication and TLS to connect to +This example deploy Filebeat 7.8.0-SNAPSHOT using authentication and TLS to connect to Elasticsearch (see [values][]). @@ -23,6 +23,6 @@ Elasticsearch (see [values][]). You can also run [goss integration tests][] using `make test` -[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/security/ -[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/filebeat/examples/security/test/goss.yaml -[values]: https://github.com/elastic/helm-charts/tree/7.7/filebeat/examples/security/values.yaml +[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/security/ +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.x/filebeat/examples/security/test/goss.yaml +[values]: https://github.com/elastic/helm-charts/tree/7.x/filebeat/examples/security/values.yaml diff --git a/filebeat/examples/security/test/goss.yaml b/filebeat/examples/security/test/goss.yaml index 4f44f46b5..8871dde92 100644 --- a/filebeat/examples/security/test/goss.yaml +++ b/filebeat/examples/security/test/goss.yaml @@ -3,7 +3,7 @@ http: status: 200 timeout: 2000 body: - - 'filebeat-7.7.0' + - 'filebeat-7.8.0' allow-insecure: true username: '{{ .Env.ELASTICSEARCH_USERNAME }}' password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' diff --git a/filebeat/templates/daemonset.yaml b/filebeat/templates/daemonset.yaml index eace44437..011f585f2 100644 --- a/filebeat/templates/daemonset.yaml +++ b/filebeat/templates/daemonset.yaml @@ -159,7 +159,7 @@ spec: mountPath: /var/log readOnly: true # Necessary when using autodiscovery; avoid mounting it otherwise - # See: https://www.elastic.co/guide/en/beats/filebeat/7.7/configuration-autodiscover.html + # See: https://www.elastic.co/guide/en/beats/filebeat/7.8/configuration-autodiscover.html - name: varrundockersock mountPath: /var/run/docker.sock readOnly: true diff --git a/filebeat/values.yaml b/filebeat/values.yaml index ceb1f7526..a723aed13 100755 --- a/filebeat/values.yaml +++ b/filebeat/values.yaml @@ -8,7 +8,7 @@ filebeatConfig: paths: - /var/log/containers/*.log processors: - - add_kubernetes_metadata: + - add_kubernetes_metadata: host: ${NODE_NAME} matchers: - logs_path: @@ -52,7 +52,7 @@ envFrom: [] hostPathRoot: /var/lib hostNetworking: false image: "docker.elastic.co/beats/filebeat" -imageTag: "7.7.0-SNAPSHOT" +imageTag: "7.8.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" imagePullSecrets: [] diff --git a/helpers/bumper.py b/helpers/bumper.py index 03dee561a..b5333a515 100755 --- a/helpers/bumper.py +++ b/helpers/bumper.py @@ -20,7 +20,7 @@ os.chdir(os.path.join(os.path.dirname(__file__), "..")) versions = { - 7: os.environ.get("BUMPER_VERSION_7", "7.7.0-SNAPSHOT"), + 7: os.environ.get("BUMPER_VERSION_7", "7.8.0-SNAPSHOT"), } chart_version = versions[7] diff --git a/helpers/examples.mk b/helpers/examples.mk index 26bb0b2a7..4b8da463c 100644 --- a/helpers/examples.mk +++ b/helpers/examples.mk @@ -1,7 +1,7 @@ GOSS_VERSION := v0.3.6 GOSS_FILE ?= goss.yaml GOSS_SELECTOR ?= release=$(RELEASE) -STACK_VERSION := 7.7.0-SNAPSHOT +STACK_VERSION := 7.8.0-SNAPSHOT .PHONY: help help: ## Display this help @@ -13,4 +13,3 @@ goss: ## Run goss tests echo Testing with pod: $$GOSS_CONTAINER && \ kubectl cp test/$(GOSS_FILE) $$GOSS_CONTAINER:/tmp/$(GOSS_FILE) && \ kubectl exec $$GOSS_CONTAINER -- sh -c "cd /tmp/ && curl -s -L https://github.com/aelsabbahy/goss/releases/download/$(GOSS_VERSION)/goss-linux-amd64 -o goss && chmod +rx ./goss && ./goss --gossfile $(GOSS_FILE) validate --retry-timeout 300s --sleep 5s --color --format documentation" - diff --git a/kibana/Chart.yaml b/kibana/Chart.yaml index ee49723c3..722b9688f 100755 --- a/kibana/Chart.yaml +++ b/kibana/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: kibana -version: 7.7.0-SNAPSHOT -appVersion: 7.7.0-SNAPSHOT +version: 7.8.0-SNAPSHOT +appVersion: 7.8.0-SNAPSHOT sources: - https://github.com/elastic/kibana icon: https://helm.elastic.co/icons/kibana.png diff --git a/kibana/README.md b/kibana/README.md index 8eaca9a39..03df5fea0 100644 --- a/kibana/README.md +++ b/kibana/README.md @@ -6,7 +6,7 @@ - [Requirements](#requirements) - [Installing](#installing) - [Using Helm repository](#using-helm-repository) - - [Using the 7.7 branch](#using-the-77-branch) + - [Using the 7.x branch](#using-the-7x-branch) - [Upgrading](#upgrading) - [Usage notes](#usage-notes) - [Configuration](#configuration) @@ -41,27 +41,27 @@ This Helm chart is a lightweight way to configure and run our official ## Installing -This chart is tested with the latest 7.7.0-SNAPSHOT versions. +This chart is tested with the latest 7.8.0-SNAPSHOT versions. ### Using Helm repository * Add the Elastic Helm charts repo: `helm repo add elastic https://helm.elastic.co` -* Install the latest 7.7 release: -`helm install --name kibana elastic/kibana --version=7.7.0` +* Install the latest 7.8 release: +`helm install --name kibana elastic/kibana --version=7.8.0` -### Using the 7.7 branch +### Using the 7.x branch * Clone the git repo and checkout the right branch: ```shell git clone git@github.com:elastic/helm-charts.git cd helm-charts - git checkout -b 7.7 origin/7.7 + git checkout -b 7.x origin/7.x ```` -* Install the latest 7.7.0-SNAPSHOT: +* Install the latest 7.8.0-SNAPSHOT: `helm install --name kibana ./helm-charts/kibana` @@ -95,7 +95,7 @@ as a reference. They are also used in the automated testing of this chart. | `httpPort` | The http port that Kubernetes will use for the healthchecks and the service | `5601` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][]value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The Kibana Docker image tag | `7.7.0-SNAPSHOT` | +| `imageTag` | The Kibana Docker image tag | `7.8.0-SNAPSHOT` | | `image` | The Kibana Docker image | `docker.elastic.co/kibana/kibana` | | `ingress` | Configurable [ingress][] to expose the Kibana service. | see [values.yaml][] | | `kibanaConfig` | Allows you to add any config files in `/usr/share/kibana/config/` such as `kibana.yml` See [values.yaml][] for an example of the formatting | `{}` | @@ -212,33 +212,33 @@ about our development and testing process. [CONTRIBUTING.md]: https://github.com/elastic/helm-charts/blob/master/CONTRIBUTING.md [affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity [annotations]: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ -[default elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/README.md#default +[default elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/README.md#default [environment variables]: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config [environment from variables]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables -[examples]: https://github.com/elastic/helm-charts/tree/7.7/kibana/examples -[examples/oss]: https://github.com/elastic/helm-charts/tree/7.7/kibana/examples/oss -[examples/security]: https://github.com/elastic/helm-charts/tree/7.7/kibana/examples/security +[examples]: https://github.com/elastic/helm-charts/tree/7.x/kibana/examples +[examples/oss]: https://github.com/elastic/helm-charts/tree/7.x/kibana/examples/oss +[examples/security]: https://github.com/elastic/helm-charts/tree/7.x/kibana/examples/security [helm]: https://helm.sh [imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images [imagePullSecrets]: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret [ingress]: https://kubernetes.io/docs/concepts/services-networking/ingress/ -[kibana docker image]: https://www.elastic.co/guide/en/kibana/7.7/docker.html -[kibana oss docker image]: https://www.docker.elastic.co/#kibana-7-7-0-oss +[kibana docker image]: https://www.elastic.co/guide/en/kibana/7.8/docker.html +[kibana oss docker image]: https://www.docker.elastic.co/#kibana-7-8-0-oss [kubernetes secrets]: https://kubernetes.io/docs/concepts/configuration/secret/ [labels]: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ [lifecycle hooks]: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/ [nodeSelector]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector -[openshift]: https://github.com/elastic/helm-charts/tree/7.7/kibana/examples/openshift -[parent readme]: https://github.com/elastic/helm-charts/tree/7.7/README.md +[openshift]: https://github.com/elastic/helm-charts/tree/7.x/kibana/examples/openshift +[parent readme]: https://github.com/elastic/helm-charts/tree/7.x/README.md [priorityClass]: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass [probe]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ [resources]: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ -[security enabled elasticsearch cluster]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/README.md#security +[security enabled elasticsearch cluster]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/README.md#security [securityContext]: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod -[server.host]: https://www.elastic.co/guide/en/kibana/7.7/settings.html +[server.host]: https://www.elastic.co/guide/en/kibana/7.8/settings.html [service]: https://kubernetes.io/docs/concepts/services-networking/service/ [serviceAccount]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ -[standard upgrade]: https://www.elastic.co/guide/en/kibana/7.7/upgrade-standard.html +[standard upgrade]: https://www.elastic.co/guide/en/kibana/7.8/upgrade-standard.html [tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ [updateStrategy]: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#updating-a-deployment -[values.yaml]: https://github.com/elastic/helm-charts/tree/7.7/kibana/values.yaml +[values.yaml]: https://github.com/elastic/helm-charts/tree/7.x/kibana/values.yaml diff --git a/kibana/examples/default/README.md b/kibana/examples/default/README.md index b06e0188e..ec6bea41c 100644 --- a/kibana/examples/default/README.md +++ b/kibana/examples/default/README.md @@ -1,6 +1,6 @@ # Default -This example deploy Kibana 7.7.0-SNAPSHOT using [default values][]. +This example deploy Kibana 7.8.0-SNAPSHOT using [default values][]. ## Usage @@ -22,6 +22,6 @@ This example deploy Kibana 7.7.0-SNAPSHOT using [default values][]. You can also run [goss integration tests][] using `make test` -[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/default/ -[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/kibana/examples/default/test/goss.yaml -[default values]: https://github.com/elastic/helm-charts/tree/7.7/kibana/values.yaml +[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/default/ +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.x/kibana/examples/default/test/goss.yaml +[default values]: https://github.com/elastic/helm-charts/tree/7.x/kibana/values.yaml diff --git a/kibana/examples/default/test/goss.yaml b/kibana/examples/default/test/goss.yaml index 0fe62169f..101aa5552 100644 --- a/kibana/examples/default/test/goss.yaml +++ b/kibana/examples/default/test/goss.yaml @@ -3,7 +3,7 @@ http: status: 200 timeout: 2000 body: - - '"number":"7.7.0"' + - '"number":"7.8.0"' http://localhost:5601/app/kibana: status: 200 diff --git a/kibana/examples/openshift/README.md b/kibana/examples/openshift/README.md index d8eefbb54..56c553086 100644 --- a/kibana/examples/openshift/README.md +++ b/kibana/examples/openshift/README.md @@ -1,6 +1,6 @@ # OpenShift -This example deploy Kibana 7.7.0-SNAPSHOT on [OpenShift][] using [custom values][]. +This example deploy Kibana 7.8.0-SNAPSHOT on [OpenShift][] using [custom values][]. ## Usage @@ -20,7 +20,7 @@ This example deploy Kibana 7.7.0-SNAPSHOT on [OpenShift][] using [custom values] You can also run [goss integration tests][] using `make test` -[custom values]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/openshift/values.yaml -[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/openshift/ -[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/openshift/test/goss.yaml +[custom values]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/openshift/values.yaml +[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/openshift/ +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/openshift/test/goss.yaml [openshift]: https://www.openshift.com/ diff --git a/kibana/examples/oss/README.md b/kibana/examples/oss/README.md index a4d5896ff..4cb2b9351 100644 --- a/kibana/examples/oss/README.md +++ b/kibana/examples/oss/README.md @@ -1,6 +1,6 @@ # OSS -This example deploy Kibana 7.7.0-SNAPSHOT using [Kibana OSS][] version. +This example deploy Kibana 7.8.0-SNAPSHOT using [Kibana OSS][] version. ## Usage @@ -23,5 +23,5 @@ You can also run [goss integration tests][] using `make test` [kibana oss]: https://www.elastic.co/downloads/kibana-oss -[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/oss/ -[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/kibana/examples/oss/test/goss.yaml +[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/oss/ +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.x/kibana/examples/oss/test/goss.yaml diff --git a/kibana/examples/security/README.md b/kibana/examples/security/README.md index e54c091e6..c84451934 100644 --- a/kibana/examples/security/README.md +++ b/kibana/examples/security/README.md @@ -1,6 +1,6 @@ # Security -This example deploy Kibana 7.7.0-SNAPSHOT using authentication and TLS to connect to +This example deploy Kibana 7.8.0-SNAPSHOT using authentication and TLS to connect to Elasticsearch (see [values][]). @@ -23,6 +23,6 @@ Elasticsearch (see [values][]). You can also run [goss integration tests][] using `make test` -[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/security/ -[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/kibana/examples/security/test/goss.yaml -[values]: https://github.com/elastic/helm-charts/tree/7.7/kibana/examples/security/security.yaml +[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/security/ +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.x/kibana/examples/security/test/goss.yaml +[values]: https://github.com/elastic/helm-charts/tree/7.x/kibana/examples/security/security.yaml diff --git a/kibana/values.yaml b/kibana/values.yaml index 8af17fbc7..e357f4fc8 100755 --- a/kibana/values.yaml +++ b/kibana/values.yaml @@ -29,7 +29,7 @@ secretMounts: [] # subPath: kibana.keystore # optional image: "docker.elastic.co/kibana/kibana" -imageTag: "7.7.0-SNAPSHOT" +imageTag: "7.8.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" # additionals labels diff --git a/logstash/Chart.yaml b/logstash/Chart.yaml index a2466fd6f..05e2de6ea 100755 --- a/logstash/Chart.yaml +++ b/logstash/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: logstash -version: 7.7.0-SNAPSHOT -appVersion: 7.7.0-SNAPSHOT +version: 7.8.0-SNAPSHOT +appVersion: 7.8.0-SNAPSHOT sources: - https://github.com/elastic/logstash icon: https://helm.elastic.co/icons/logstash.png diff --git a/logstash/README.md b/logstash/README.md index d2f6686fb..26319e538 100644 --- a/logstash/README.md +++ b/logstash/README.md @@ -6,7 +6,7 @@ - [Requirements](#requirements) - [Installing](#installing) - [Using Helm repository](#using-helm-repository) - - [Using the 7.7 branch](#using-the-77-branch) + - [Using the 7.x branch](#using-the-7x-branch) - [Upgrading](#upgrading) - [Usage notes](#usage-notes) - [Configuration](#configuration) @@ -37,27 +37,27 @@ This Helm chart is a lightweight way to configure and run our official ## Installing -This chart is tested with the latest 7.7.0-SNAPSHOT versions. +This chart is tested with the latest 7.8.0-SNAPSHOT versions. ### Using Helm repository * Add the Elastic Helm charts repo: `helm repo add elastic https://helm.elastic.co` -* Install the latest 7.7 release: -`helm install --name logstash elastic/logstash --version=7.7.0` +* Install the latest 7.8 release: +`helm install --name logstash elastic/logstash --version=7.8.0` -### Using the 7.7 branch +### Using the 7.x branch * Clone the git repo and checkout the right branch: ```shell git clone git@github.com:elastic/helm-charts.git cd helm-charts - git checkout -b 7.7 origin/7.7 + git checkout -b 7.x origin/7.x ```` -* Install the latest 7.7.0-SNAPSHOT: +* Install the latest 7.8.0-SNAPSHOT: `helm install --name logstash ./helm-charts/logstash` @@ -112,7 +112,7 @@ using `http.host: 127.0.0.1`, default probes should be disabled or overrided | `httpPort` | The http port that Kubernetes will use for the healthchecks and the service | `9600` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The Logstash Docker image tag | `7.7.0-SNAPSHOT` | +| `imageTag` | The Logstash Docker image tag | `7.8.0-SNAPSHOT` | | `image` | The Logstash Docker image | `docker.elastic.co/logstash/logstash` | | `labels` | Configurable [labels][] applied to all Logstash pods | `{}` | | `lifecycle` | Allows you to add lifecycle configuration. See [values.yaml][] for an example of the formatting | `{}` | @@ -192,23 +192,23 @@ about our development and testing process. [annotations]: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ [anti-affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity [deploys statefulsets serially]: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-management-policies -[custom docker image]: https://www.elastic.co/guide/en/logstash/7.7/docker-config.html#_custom_images +[custom docker image]: https://www.elastic.co/guide/en/logstash/7.8/docker-config.html#_custom_images [environment variables]: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config [environment from variables]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables -[examples]: https://github.com/elastic/helm-charts/tree/7.7/logstash/examples -[examples/oss]: https://github.com/elastic/helm-charts/tree/7.7/logstash/examples/oss +[examples]: https://github.com/elastic/helm-charts/tree/7.x/logstash/examples +[examples/oss]: https://github.com/elastic/helm-charts/tree/7.x/logstash/examples/oss [helm]: https://helm.sh [imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images [imagePullSecrets]: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret [kubernetes secrets]: https://kubernetes.io/docs/concepts/configuration/secret/ [labels]: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ -[logstash docker image]: https://www.elastic.co/guide/en/logstash/7.7/docker.html -[logstash oss docker image]: https://www.docker.elastic.co/#logstash-7-7-0-oss +[logstash docker image]: https://www.elastic.co/guide/en/logstash/7.8/docker.html +[logstash oss docker image]: https://www.docker.elastic.co/#logstash-7-8-0-oss [maxUnavailable]: https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget [node affinity settings]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#node-affinity-beta-feature [nodeSelector]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector -[note]: https://www.elastic.co/guide/en/logstash/7.7/docker-config.html#docker-env-config -[parent readme]: https://github.com/elastic/helm-charts/tree/7.7/README.md +[note]: https://www.elastic.co/guide/en/logstash/7.8/docker-config.html#docker-env-config +[parent readme]: https://github.com/elastic/helm-charts/tree/7.x/README.md [priorityClass]: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass [probe]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ [resources]: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ @@ -217,5 +217,5 @@ about our development and testing process. [service]: https://kubernetes.io/docs/concepts/services-networking/service/ [terminationGracePeriod]: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods [tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ -[values.yaml]: https://github.com/elastic/helm-charts/tree/7.7/logstash/values.yaml +[values.yaml]: https://github.com/elastic/helm-charts/tree/7.x/logstash/values.yaml [volumeClaimTemplate for statefulsets]: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#stable-storage diff --git a/logstash/examples/default/README.md b/logstash/examples/default/README.md index ba2fa62cf..27acaab55 100644 --- a/logstash/examples/default/README.md +++ b/logstash/examples/default/README.md @@ -1,6 +1,6 @@ # Default -This example deploy Logstash 7.7.0-SNAPSHOT using [default values][]. +This example deploy Logstash 7.8.0-SNAPSHOT using [default values][]. ## Usage @@ -13,5 +13,5 @@ This example deploy Logstash 7.7.0-SNAPSHOT using [default values][]. You can also run [goss integration tests][] using `make test` -[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/logstash/examples/default/test/goss.yaml -[default values]: https://github.com/elastic/helm-charts/tree/7.7/logstash/values.yaml +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.x/logstash/examples/default/test/goss.yaml +[default values]: https://github.com/elastic/helm-charts/tree/7.x/logstash/values.yaml diff --git a/logstash/examples/default/test/goss.yaml b/logstash/examples/default/test/goss.yaml index 4a883cf36..9e6912433 100644 --- a/logstash/examples/default/test/goss.yaml +++ b/logstash/examples/default/test/goss.yaml @@ -10,7 +10,7 @@ http: timeout: 2000 body: - '"host" : "helm-logstash-default-logstash-0"' - - '"version" : "7.7.0"' + - '"version" : "7.8.0"' - '"http_address" : "0.0.0.0:9600"' - '"name" : "helm-logstash-default-logstash-0"' - '"status" : "green"' diff --git a/logstash/examples/elasticsearch/README.md b/logstash/examples/elasticsearch/README.md index 58d9850e9..965cbf750 100644 --- a/logstash/examples/elasticsearch/README.md +++ b/logstash/examples/elasticsearch/README.md @@ -1,6 +1,6 @@ # Elasticsearch -This example deploy Logstash 7.7.0-SNAPSHOT which connects to Elasticsearch (see +This example deploy Logstash 7.8.0-SNAPSHOT which connects to Elasticsearch (see [values][]). @@ -23,6 +23,6 @@ This example deploy Logstash 7.7.0-SNAPSHOT which connects to Elasticsearch (see You can also run [goss integration tests][] using `make test` -[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/default/ -[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/logstash/examples/elasticsearch/test/goss.yaml -[values]: https://github.com/elastic/helm-charts/tree/7.7/logstash/examples/elasticsearch/values.yaml +[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/default/ +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.x/logstash/examples/elasticsearch/test/goss.yaml +[values]: https://github.com/elastic/helm-charts/tree/7.x/logstash/examples/elasticsearch/values.yaml diff --git a/logstash/examples/elasticsearch/test/goss.yaml b/logstash/examples/elasticsearch/test/goss.yaml index 4e850758c..4194138c0 100644 --- a/logstash/examples/elasticsearch/test/goss.yaml +++ b/logstash/examples/elasticsearch/test/goss.yaml @@ -22,7 +22,7 @@ http: timeout: 2000 body: - '"host" : "helm-logstash-elasticsearch-logstash-0"' - - '"version" : "7.7.0"' + - '"version" : "7.8.0"' - '"http_address" : "0.0.0.0:9600"' - '"name" : "helm-logstash-elasticsearch-logstash-0"' - '"status" : "green"' diff --git a/logstash/examples/oss/README.md b/logstash/examples/oss/README.md index 8350847e6..54069f2f2 100644 --- a/logstash/examples/oss/README.md +++ b/logstash/examples/oss/README.md @@ -1,6 +1,6 @@ # OSS -This example deploy Logstash 7.7.0-SNAPSHOT using [Logstash OSS][] version. +This example deploy Logstash 7.8.0-SNAPSHOT using [Logstash OSS][] version. ## Usage @@ -14,4 +14,4 @@ You can also run [goss integration tests][] using `make test` [logstash oss]: https://www.elastic.co/downloads/logstash-oss -[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/logstash/examples/oss/test/goss.yaml +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.x/logstash/examples/oss/test/goss.yaml diff --git a/logstash/examples/oss/test/goss.yaml b/logstash/examples/oss/test/goss.yaml index e1d11d999..7d9bfefbe 100644 --- a/logstash/examples/oss/test/goss.yaml +++ b/logstash/examples/oss/test/goss.yaml @@ -10,7 +10,7 @@ http: timeout: 2000 body: - '"host" : "helm-logstash-oss-logstash-0"' - - '"version" : "7.7.0"' + - '"version" : "7.8.0"' - '"http_address" : "0.0.0.0:9600"' - '"name" : "helm-logstash-oss-logstash-0"' - '"status" : "green"' diff --git a/logstash/values.yaml b/logstash/values.yaml index ba65eaf13..8fd6a4789 100755 --- a/logstash/values.yaml +++ b/logstash/values.yaml @@ -3,7 +3,7 @@ replicas: 1 # Allows you to add any config files in /usr/share/logstash/config/ # such as logstash.yml and log4j2.properties -# +# # Note that when overriding logstash.yml, `http.host: 0.0.0.0` should always be included # to make default probes work. logstashConfig: {} @@ -43,7 +43,7 @@ envFrom: [] secretMounts: [] image: "docker.elastic.co/logstash/logstash" -imageTag: "7.7.0-SNAPSHOT" +imageTag: "7.8.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" imagePullSecrets: [] @@ -163,9 +163,9 @@ securityContext: terminationGracePeriod: 120 # Probes -# Default probes are using `httpGet` which requires that `http.host: 0.0.0.0` is part of +# Default probes are using `httpGet` which requires that `http.host: 0.0.0.0` is part of # `logstash.yml`. If needed probes can be disabled or overrided using the following syntaxes: -# +# # disable livenessProbe # livenessProbe: null # diff --git a/metricbeat/Chart.yaml b/metricbeat/Chart.yaml index 457bd5f64..1d42f81d0 100755 --- a/metricbeat/Chart.yaml +++ b/metricbeat/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: metricbeat -version: 7.7.0-SNAPSHOT -appVersion: 7.7.0-SNAPSHOT +version: 7.8.0-SNAPSHOT +appVersion: 7.8.0-SNAPSHOT sources: - https://github.com/elastic/beats icon: https://helm.elastic.co/icons/beats.png diff --git a/metricbeat/README.md b/metricbeat/README.md index bc305a4e1..4bffdbc08 100644 --- a/metricbeat/README.md +++ b/metricbeat/README.md @@ -6,7 +6,7 @@ - [Requirements](#requirements) - [Installing](#installing) - [Using Helm repository](#using-helm-repository) - - [Using the 7.7 branch](#using-the-77-branch) + - [Using the 7.x branch](#using-the-7x-branch) - [Upgrading](#upgrading) - [Usage notes](#usage-notes) - [Configuration](#configuration) @@ -40,27 +40,27 @@ This Helm chart is a lightweight way to configure and run our official ## Installing -This chart is tested with the latest 7.7.0-SNAPSHOT versions. +This chart is tested with the latest 7.8.0-SNAPSHOT versions. ### Using Helm repository * Add the Elastic Helm charts repo: `helm repo add elastic https://helm.elastic.co` -* Install the latest 7.7 release: -`helm install --name metricbeat elastic/metricbeat --version=7.7.0` +* Install the latest 7.8 release: +`helm install --name metricbeat elastic/metricbeat --version=7.8.0` -### Using the 7.7 branch +### Using the 7.x branch * Clone the git repo and checkout the right branch: ```shell git clone git@github.com:elastic/helm-charts.git cd helm-charts - git checkout -b 7.7 origin/7.7 + git checkout -b 7.x origin/7.x ```` -* Install the latest 7.7.0-SNAPSHOT: +* Install the latest 7.8.0-SNAPSHOT: `helm install --name metricbeat ./helm-charts/metricbeat` @@ -123,7 +123,7 @@ as a reference. They are also used in the automated testing of this chart. | `hostPathRoot` | Fully-qualified [hostPath][] that will be used to persist Metricbeat registry data | `/var/lib` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The Metricbeat Docker image tag | `7.7.0-SNAPSHOT` | +| `imageTag` | The Metricbeat Docker image tag | `7.8.0-SNAPSHOT` | | `image` | The Metricbeat Docker image | `docker.elastic.co/beats/metricbeat` | | `labels` | Configurable [labels][] applied to all Metricbeat pods | `{}` | | `livenessProbe` | Parameters to pass to liveness [probe][] checks for values such as timeouts and thresholds | see [values.yaml][] | @@ -209,29 +209,29 @@ about our development and testing process. [CONTRIBUTING.md]: https://github.com/elastic/helm-charts/blob/master/CONTRIBUTING.md [affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity [annotations]: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ -[default elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/README.md#default +[default elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/README.md#default [cluster role rules]: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#role-and-clusterrole [environment variables]: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config [environment from variables]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables -[examples]: https://github.com/elastic/helm-charts/tree/7.7/metricbeat/examples -[examples/oss]: https://github.com/elastic/helm-charts/tree/7.7/metricbeat/examples/oss -[examples/security]: https://github.com/elastic/helm-charts/tree/7.7/metricbeat/examples/security +[examples]: https://github.com/elastic/helm-charts/tree/7.x/metricbeat/examples +[examples/oss]: https://github.com/elastic/helm-charts/tree/7.x/metricbeat/examples/oss +[examples/security]: https://github.com/elastic/helm-charts/tree/7.x/metricbeat/examples/security [helm]: https://helm.sh [hostPath]: https://kubernetes.io/docs/concepts/storage/volumes/#hostpath [hostNetwork]: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#host-namespaces [imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images [imagePullSecrets]: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret -[kube-state-metrics]: https://github.com/helm/charts/tree/7.7/stable/kube-state-metrics +[kube-state-metrics]: https://github.com/helm/charts/tree/7.x/stable/kube-state-metrics [kubernetes secrets]: https://kubernetes.io/docs/concepts/configuration/secret/ [labels]: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ -[metricbeat docker image]: https://www.elastic.co/guide/en/beats/metricbeat/7.7/running-on-docker.html +[metricbeat docker image]: https://www.elastic.co/guide/en/beats/metricbeat/7.8/running-on-docker.html [priorityClass]: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass [nodeSelector]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector -[parent readme]: https://github.com/elastic/helm-charts/tree/7.7/README.md +[parent readme]: https://github.com/elastic/helm-charts/tree/7.x/README.md [probe]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes [resources]: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ [securityContext]: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ [serviceAccount]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ [tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ [updateStrategy]: https://kubernetes.io/docs/tasks/manage-daemon/update-daemon-set/#daemonset-update-strategy -[values.yaml]: https://github.com/elastic/helm-charts/tree/7.7/metricbeat/values.yaml +[values.yaml]: https://github.com/elastic/helm-charts/tree/7.x/metricbeat/values.yaml diff --git a/metricbeat/examples/default/README.md b/metricbeat/examples/default/README.md index b6913179b..ad2538354 100644 --- a/metricbeat/examples/default/README.md +++ b/metricbeat/examples/default/README.md @@ -1,6 +1,6 @@ # Default -This example deploy Metricbeat 7.7.0-SNAPSHOT using [default values][]. +This example deploy Metricbeat 7.8.0-SNAPSHOT using [default values][]. ## Usage @@ -22,6 +22,6 @@ This example deploy Metricbeat 7.7.0-SNAPSHOT using [default values][]. You can also run [goss integration tests][] using `make test` -[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/default/ -[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/metricbeat/examples/default/test/goss.yaml -[default values]: https://github.com/elastic/helm-charts/tree/7.7/metricbeat/values.yaml +[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/default/ +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.x/metricbeat/examples/default/test/goss.yaml +[default values]: https://github.com/elastic/helm-charts/tree/7.x/metricbeat/values.yaml diff --git a/metricbeat/examples/default/test/goss-metrics.yaml b/metricbeat/examples/default/test/goss-metrics.yaml index 7fca303f9..d053187a5 100644 --- a/metricbeat/examples/default/test/goss-metrics.yaml +++ b/metricbeat/examples/default/test/goss-metrics.yaml @@ -21,13 +21,13 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.7.0' + - 'metricbeat-7.8.0' 'http://elasticsearch-master:9200/_search?q=metricset.name:state_container%20AND%20kubernetes.container.name:metricbeat': status: 200 timeout: 2000 body: - - 'metricbeat-7.7.0' + - 'metricbeat-7.8.0' file: /usr/share/metricbeat/metricbeat.yml: @@ -41,4 +41,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: http://elasticsearch-master:9200' - - 'version: 7.7.0' + - 'version: 7.8.0' diff --git a/metricbeat/examples/default/test/goss.yaml b/metricbeat/examples/default/test/goss.yaml index d353cba76..57729b462 100644 --- a/metricbeat/examples/default/test/goss.yaml +++ b/metricbeat/examples/default/test/goss.yaml @@ -25,12 +25,12 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.7.0' + - 'metricbeat-7.8.0' 'http://elasticsearch-master:9200/_search?q=metricset.name:container%20AND%20kubernetes.container.name:metricbeat': status: 200 timeout: 2000 body: - - 'metricbeat-7.7.0' + - 'metricbeat-7.8.0' file: /usr/share/metricbeat/metricbeat.yml: @@ -45,4 +45,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: http://elasticsearch-master:9200' - - 'version: 7.7.0' + - 'version: 7.8.0' diff --git a/metricbeat/examples/oss/README.md b/metricbeat/examples/oss/README.md index c8b8ee916..66d300eb7 100644 --- a/metricbeat/examples/oss/README.md +++ b/metricbeat/examples/oss/README.md @@ -1,6 +1,6 @@ # OSS -This example deploy Metricbeat 7.7.0-SNAPSHOT using [Metricbeat OSS][] version. +This example deploy Metricbeat 7.8.0-SNAPSHOT using [Metricbeat OSS][] version. ## Usage @@ -23,5 +23,5 @@ You can also run [goss integration tests][] using `make test` [metricbeat oss]: https://www.elastic.co/downloads/beats/metricbeat-oss -[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/oss/ -[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/metricbeat/examples/oss/test/goss.yaml +[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/oss/ +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.x/metricbeat/examples/oss/test/goss.yaml diff --git a/metricbeat/examples/oss/test/goss-metrics.yaml b/metricbeat/examples/oss/test/goss-metrics.yaml index c78aa2faa..a8af07519 100644 --- a/metricbeat/examples/oss/test/goss-metrics.yaml +++ b/metricbeat/examples/oss/test/goss-metrics.yaml @@ -21,12 +21,12 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.7.0' + - 'metricbeat-7.8.0' http://oss-master:9200/_search?q=metricset.name:state_deployment: status: 200 timeout: 2000 body: - - 'metricbeat-7.7.0' + - 'metricbeat-7.8.0' file: /usr/share/metricbeat/metricbeat.yml: @@ -39,4 +39,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: http://oss-master:9200' - - 'version: 7.7.0' + - 'version: 7.8.0' diff --git a/metricbeat/examples/oss/test/goss.yaml b/metricbeat/examples/oss/test/goss.yaml index af2f0826b..8a1bf3baa 100644 --- a/metricbeat/examples/oss/test/goss.yaml +++ b/metricbeat/examples/oss/test/goss.yaml @@ -25,12 +25,12 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.7.0' + - 'metricbeat-7.8.0' http://oss-master:9200/_search?q=metricset.name:container: status: 200 timeout: 2000 body: - - 'metricbeat-7.7.0' + - 'metricbeat-7.8.0' file: /usr/share/metricbeat/metricbeat.yml: @@ -44,4 +44,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: http://oss-master:9200' - - 'version: 7.7.0' + - 'version: 7.8.0' diff --git a/metricbeat/examples/security/README.md b/metricbeat/examples/security/README.md index 8268e1e1f..85d8ee505 100644 --- a/metricbeat/examples/security/README.md +++ b/metricbeat/examples/security/README.md @@ -1,6 +1,6 @@ # Security -This example deploy Metricbeat 7.7.0-SNAPSHOT using authentication and TLS to connect to +This example deploy Metricbeat 7.8.0-SNAPSHOT using authentication and TLS to connect to Elasticsearch (see [values][]). @@ -23,6 +23,6 @@ Elasticsearch (see [values][]). You can also run [goss integration tests][] using `make test` -[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.7/elasticsearch/examples/security/ -[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.7/metricbeat/examples/security/test/goss.yaml -[values]: https://github.com/elastic/helm-charts/tree/7.7/metricbeat/examples/security/values.yaml +[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/security/ +[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.x/metricbeat/examples/security/test/goss.yaml +[values]: https://github.com/elastic/helm-charts/tree/7.x/metricbeat/examples/security/values.yaml diff --git a/metricbeat/examples/security/test/goss-metrics.yaml b/metricbeat/examples/security/test/goss-metrics.yaml index 22ed216ca..cf215bd65 100644 --- a/metricbeat/examples/security/test/goss-metrics.yaml +++ b/metricbeat/examples/security/test/goss-metrics.yaml @@ -21,7 +21,7 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.7.0' + - 'metricbeat-7.8.0' allow-insecure: true username: '{{ .Env.ELASTICSEARCH_USERNAME }}' password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' @@ -29,7 +29,7 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.7.0' + - 'metricbeat-7.8.0' allow-insecure: true username: '{{ .Env.ELASTICSEARCH_USERNAME }}' password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' @@ -45,4 +45,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: https://security-master:9200' - - 'version: 7.7.0' + - 'version: 7.8.0' diff --git a/metricbeat/examples/security/test/goss.yaml b/metricbeat/examples/security/test/goss.yaml index 8ee1ea5b9..58213e2e0 100644 --- a/metricbeat/examples/security/test/goss.yaml +++ b/metricbeat/examples/security/test/goss.yaml @@ -25,7 +25,7 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.7.0' + - 'metricbeat-7.8.0' allow-insecure: true username: '{{ .Env.ELASTICSEARCH_USERNAME }}' password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' @@ -33,7 +33,7 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.7.0' + - 'metricbeat-7.8.0' allow-insecure: true username: '{{ .Env.ELASTICSEARCH_USERNAME }}' password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' @@ -50,4 +50,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: https://security-master:9200' - - 'version: 7.7.0' + - 'version: 7.8.0' diff --git a/metricbeat/templates/daemonset.yaml b/metricbeat/templates/daemonset.yaml index cbaca7558..7de40313d 100644 --- a/metricbeat/templates/daemonset.yaml +++ b/metricbeat/templates/daemonset.yaml @@ -143,7 +143,7 @@ spec: - name: data mountPath: /usr/share/metricbeat/data # Necessary when using autodiscovery; avoid mounting it otherwise - # See: https://www.elastic.co/guide/en/beats/metricbeat/7.7/configuration-autodiscover.html + # See: https://www.elastic.co/guide/en/beats/metricbeat/7.8/configuration-autodiscover.html - name: varrundockersock mountPath: /var/run/docker.sock readOnly: true @@ -158,4 +158,4 @@ spec: {{- end }} {{- if .Values.extraContainers }} {{ tpl .Values.extraContainers . | indent 6 }} - {{- end }} \ No newline at end of file + {{- end }} diff --git a/metricbeat/values.yaml b/metricbeat/values.yaml index 7ef153adb..783a09bb8 100755 --- a/metricbeat/values.yaml +++ b/metricbeat/values.yaml @@ -159,7 +159,7 @@ extraInitContainers: "" hostPathRoot: /var/lib image: "docker.elastic.co/beats/metricbeat" -imageTag: "7.7.0-SNAPSHOT" +imageTag: "7.8.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" imagePullSecrets: [] From ff38c8deb11f7b4262f7ed443919d99378155df4 Mon Sep 17 00:00:00 2001 From: Julien Mailleret Date: Wed, 6 May 2020 18:16:04 +0200 Subject: [PATCH 024/151] [helm] bump helm version to 2.16.7 (#607) --- README.md | 2 +- helpers/helm-tester/Dockerfile | 2 +- helpers/terraform/Dockerfile | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 42f64b2b3..51e6abfed 100644 --- a/README.md +++ b/README.md @@ -32,7 +32,7 @@ exact versions are defined under `KUBERNETES_VERSIONS` in ## Helm versions While we are checking backward compatibility, the charts are only tested with -Helm version mentioned in [helm-tester Dockerfile][] (currently 2.16.6). +Helm version mentioned in [helm-tester Dockerfile][] (currently 2.16.7). Note that we don't support [Helm 3][] version. ## ECK diff --git a/helpers/helm-tester/Dockerfile b/helpers/helm-tester/Dockerfile index 66d7dab91..01dbde85b 100644 --- a/helpers/helm-tester/Dockerfile +++ b/helpers/helm-tester/Dockerfile @@ -1,6 +1,6 @@ FROM python:3.7 -ENV HELM_VERSION=2.16.6 +ENV HELM_VERSION=2.16.7 RUN wget --no-verbose https://storage.googleapis.com/kubernetes-helm/helm-v${HELM_VERSION}-linux-amd64.tar.gz && \ tar xfv helm-v${HELM_VERSION}-linux-amd64.tar.gz && \ diff --git a/helpers/terraform/Dockerfile b/helpers/terraform/Dockerfile index 621f9f40e..3c0294060 100644 --- a/helpers/terraform/Dockerfile +++ b/helpers/terraform/Dockerfile @@ -3,7 +3,7 @@ FROM centos:7 ENV VAULT_VERSION 0.9.3 ENV TERRAFORM_VERSION=0.11.7 ENV KUBECTL_VERSION=1.15.4 -ENV HELM_VERSION=2.16.6 +ENV HELM_VERSION=2.16.7 ENV DOCKER_VERSION=18.09.7 RUN yum -y install \ From 675f62e618b975ea3c0922fb3a09c9d2b7e1f5d2 Mon Sep 17 00:00:00 2001 From: Julien Mailleret Date: Mon, 18 May 2020 10:58:57 +0200 Subject: [PATCH 025/151] [metricbeat] fix deployment upgrade by removing chart label from .spec.selector.matchLabels (#622) This fix metricbeat chart upgrades when .Chart.Version change. UPGRADE FAILED Error: Deployment.apps "metricbeat-metricbeat-metrics" is invalid: spec.selector: Invalid value: v1.LabelSelector{MatchLabels:map[string]string{"app":"metricbeat-metricbeat-metrics", "chart":"metricbeat-7.7.0", "heritage":"Tiller", "release":"metricbeat"}, MatchExpressions:[]v1.LabelSelectorRequirement(nil)}: field is immutable Error: UPGRADE FAILED: Deployment.apps "metricbeat-metricbeat-metrics" is invalid: spec.selector: Invalid value: v1.LabelSelector{MatchLabels:map[string]string{"app":"metricbeat-metricbeat-metrics", "chart":"metricbeat-7.7.0", "heritage":"Tiller", "release":"metricbeat"}, MatchExpressions:[]v1.LabelSelectorRequirement(nil)}: field is immutable See https://github.com/helm/charts/issues/7680 for more details --- metricbeat/templates/deployment.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/metricbeat/templates/deployment.yaml b/metricbeat/templates/deployment.yaml index ca056d42b..67eefabf8 100644 --- a/metricbeat/templates/deployment.yaml +++ b/metricbeat/templates/deployment.yaml @@ -13,7 +13,6 @@ spec: selector: matchLabels: app: '{{ template "metricbeat.fullname" . }}-metrics' - chart: '{{ .Chart.Name }}-{{ .Chart.Version }}' heritage: '{{ .Release.Service }}' release: '{{ .Release.Name }}' template: @@ -119,4 +118,4 @@ spec: {{- end }} {{- if .Values.extraContainers }} {{ tpl .Values.extraContainers . | indent 6 }} - {{- end }} \ No newline at end of file + {{- end }} From 8c904bba2b4826982a3660bb2488be404b2aeeaa Mon Sep 17 00:00:00 2001 From: Maximilian Rink Date: Wed, 27 May 2020 23:03:45 +0200 Subject: [PATCH 026/151] Fix configchecksum not being set (#634) --- metricbeat/templates/daemonset.yaml | 2 +- metricbeat/templates/deployment.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/metricbeat/templates/daemonset.yaml b/metricbeat/templates/daemonset.yaml index 7de40313d..5bf720702 100644 --- a/metricbeat/templates/daemonset.yaml +++ b/metricbeat/templates/daemonset.yaml @@ -25,7 +25,7 @@ spec: {{ $key }}: {{ $value | quote }} {{- end }} {{/* This forces a restart if the configmap has changed */}} - {{- if .Values.metricbeatConfig }} + {{- if or .Values.metricbeatConfig .Values.daemonset.metricbeatConfig }} configChecksum: {{ include (print .Template.BasePath "/configmap.yaml") . | sha256sum | trunc 63 }} {{- end }} name: "{{ template "metricbeat.fullname" . }}" diff --git a/metricbeat/templates/deployment.yaml b/metricbeat/templates/deployment.yaml index 67eefabf8..d612311c2 100644 --- a/metricbeat/templates/deployment.yaml +++ b/metricbeat/templates/deployment.yaml @@ -22,7 +22,7 @@ spec: {{ $key }}: {{ $value | quote }} {{- end }} {{/* This forces a restart if the configmap has changed */}} - {{- if .Values.metricbeatConfig }} + {{- if or .Values.metricbeatConfig .Values.deployment.metricbeatConfig }} configChecksum: {{ include (print .Template.BasePath "/configmap.yaml") . | sha256sum | trunc 63 }} {{- end }} labels: From df0e7d835d919c48773b9682106034d2d8b9ae05 Mon Sep 17 00:00:00 2001 From: Stefan Keranov Date: Wed, 27 May 2020 23:05:58 +0100 Subject: [PATCH 027/151] Fix values links in examples/multi/README.md (#639) --- elasticsearch/examples/multi/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/elasticsearch/examples/multi/README.md b/elasticsearch/examples/multi/README.md index 08859022d..e8f569ab1 100644 --- a/elasticsearch/examples/multi/README.md +++ b/elasticsearch/examples/multi/README.md @@ -22,6 +22,6 @@ releases: You can also run [goss integration tests][] using `make test` -[data values]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/multi/data.yaml +[data values]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/multi/data.yml [goss integration tests]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/multi/test/goss.yaml -[master values]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/multi/master.yaml +[master values]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/multi/master.yml From ba03954261131798c4f123590b75cfa7f08837fa Mon Sep 17 00:00:00 2001 From: Max Kochubey Date: Thu, 28 May 2020 05:13:47 +0700 Subject: [PATCH 028/151] [kibana] String/YAML conditions for `.Values.{extraContainers,extraInitContainers}` (#637) --- kibana/templates/deployment.yaml | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/kibana/templates/deployment.yaml b/kibana/templates/deployment.yaml index aca2ee153..9d7109265 100644 --- a/kibana/templates/deployment.yaml +++ b/kibana/templates/deployment.yaml @@ -69,8 +69,15 @@ spec: {{ toYaml .Values.imagePullSecrets | indent 8 }} {{- end }} {{- if .Values.extraInitContainers }} + # Currently some extra blocks accept strings + # to continue with backwards compatibility this is being kept + # whilst also allowing for yaml to be specified too. initContainers: + {{- if eq "string" (printf "%T" .Values.extraInitContainers) }} {{ tpl .Values.extraInitContainers . | indent 6 }} + {{- else }} +{{ toYaml .Values.extraInitContainers | indent 6 }} + {{- end }} {{- end }} containers: - name: kibana @@ -143,5 +150,12 @@ spec: subPath: {{ $path }} {{- end -}} {{- if .Values.extraContainers }} + # Currently some extra blocks accept strings + # to continue with backwards compatibility this is being kept + # whilst also allowing for yaml to be specified too. + {{- if eq "string" (printf "%T" .Values.extraContainers) }} {{ tpl .Values.extraContainers . | indent 6 }} - {{- end }} \ No newline at end of file + {{- else }} +{{ toYaml .Values.extraContainers | indent 6 }} + {{- end }} + {{- end }} From 207674e23e7ccf1c47253b52e31ca91a18914abc Mon Sep 17 00:00:00 2001 From: Gavin Williams Date: Thu, 28 May 2020 13:23:09 +0100 Subject: [PATCH 029/151] [elasticsearch] Fix issue with `readinessProbe` causing outages (#638) --- BREAKING_CHANGES.md | 179 +++++++++++++++++++++++ elasticsearch/templates/statefulset.yaml | 30 ++-- 2 files changed, 199 insertions(+), 10 deletions(-) create mode 100644 BREAKING_CHANGES.md diff --git a/BREAKING_CHANGES.md b/BREAKING_CHANGES.md new file mode 100644 index 000000000..35c7ec90e --- /dev/null +++ b/BREAKING_CHANGES.md @@ -0,0 +1,179 @@ +# Breaking changes + + + + +- [7.7.0 - 2020/05/13](#770---20200513) + - [Known Issues](#known-issues) + - [GA support](#ga-support) + - [New branching model](#new-branching-model) + - [Filebeat container inputs](#filebeat-container-inputs) + - [Metricbeat upgrade issue](#metricbeat-upgrade-issue) + - [Metricbeat split values for daemonset and deployment](#metricbeat-split-values-for-daemonset-and-deployment) +- [6.8.9 - 2020/05/13](#689---20200513) +- [7.6.2 - 2020/03/31](#762---20200331) + - [Kibana default resources](#kibana-default-resources) +- [7.6.0 - 2020/02/11](#760---20200211) + - [Elasticsearch default resources](#elasticsearch-default-resources) +- [7.5.0 - 2019/12/02](#750---20191202) + - [Metricbeat kube-state-metrics upgrade](#metricbeat-kube-state-metrics-upgrade) +- [7.0.0-alpha1 - 2019/04/17](#700-alpha1---20190417) + - [Elasticsearch upgrade from 6.x](#elasticsearch-upgrade-from-6x) + + + + + + +## 7.7.0 - 2020/05/13 + +### Known Issues + +Elasticsearch nodes could be restarted too quickly during an upgrade or rolling restart, potentially resulting in service disruption. +This is due to a bug introduced by the changes to the Elasticsearch `readinessProbe` in [#586][]. + +### GA support + +Elasticsearch, Kibana, Filebeat and Metricbeat are moving from beta to GA and +are supported by Elastic following these limitations: +- only released charts coming from [Elastic Helm repo][] or +[GitHub releases][] are supported. +- released charts are only supported when using the same chart version and +application version (ie: using 7.7.0 chart with 6.8.8 or 7.6.2 application is +not supported). + +### New branching model + +Elastic Helm charts repository is now following a [new branching model][]: +- `master` branch is now a development branch for next major release. +- new `7.x` branch is a development branch for next minor release using SNAPSHOT +Docker images. +- new `7.7` branch is a development branch for next patch release using SNAPSHOT +Docker images + +### Filebeat container inputs + +Filebeat chart default config is now using [container input][] instead of +[docker input][] in [#568][]. + +### Metricbeat upgrade issue + +Metricbeat upgrade are failing with +`spec.selector: Invalid value: ... field is immutable` error. This is related to +Metricbeat deployment selector including chart version which is not immutable. +You should use `helm upgrade --force` to upgrade Metricbeat. See [#621][] for +more details. + +### Metricbeat split values for daemonset and deployment + +Metricbeat is now using dedicated values for daemonset and deployment config. +The old values are still working but are now deprecated. See [#572][] for more +details. + +## 6.8.9 - 2020/05/13 + +See [7.7.0 Breaking changes](#770---20200513) + + +## 7.6.2 - 2020/03/31 + +### Kibana default resources + +Kibana default resources (cpu/memory requests and limits) are increased in +[#540][]. + +This change may impact cpu/memory available resources capacity in your +Kubernetes cluster. + +To come back to former default values, use the following values: + +```yaml +extraEnvs: +- name: "NODE_OPTIONS" + value: "" +resources: + requests: + cpu: "100m" + memory: "500Mi" + limits: + cpu: "1000m" + memory: "1Gi" +``` + + +## 7.6.0 - 2020/02/11 + +### Elasticsearch default resources + +Elasticsearch default cpu requests is increased in [#458][] following our +recommendation that resources requests and limits should have the same values. + +This change may impact available cpu capacity in your Kubernetes cluster. + +To come back to former default values, use the following values: + +```yaml +resources: + requests: + cpu: "100m" +``` + + +## 7.5.0 - 2019/12/02 + +### Metricbeat kube-state-metrics upgrade + +[kube-state-metrics][] chart dependency is upgraded from 1.6.0 to 2.4.1 in +[#352][]. This is causing Metricbeat chart upgrade from versions < 7.5.0 failing +with the following error: + +``` +UPGRADE FAILED +Error: Deployment.apps "metricbeat-kube-state-metrics" is invalid: spec.selector: Invalid value: v1.LabelSelector{MatchLabels:map[string]string{"app.kubernetes.io/name":"kube-state-metrics"}, MatchExpressions:[]v1.LabelSelectorRequirement(nil)}: field is immutable && Deployment.apps "metricbeat-metricbeat-metrics" is invalid: spec.selector: Invalid value: v1.LabelSelector{MatchLabels:map[string]string{"app":"metricbeat-metricbeat-metrics", "chart":"metricbeat-7.5.0", "heritage":"Tiller", "release":"metricbeat"}, MatchExpressions:[]v1.LabelSelectorRequirement(nil)}: field is immutable +Error: UPGRADE FAILED: Deployment.apps "metricbeat-kube-state-metrics" is invalid: spec.selector: Invalid value: v1.LabelSelector{MatchLabels:map[string]string{"app.kubernetes.io/name":"kube-state-metrics"}, MatchExpressions:[]v1.LabelSelectorRequirement(nil)}: field is immutable && Deployment.apps "metricbeat-metricbeat-metrics" is invalid: spec.selector: Invalid value: v1.LabelSelector{MatchLabels:map[string]string{"app":"metricbeat-metricbeat-metrics", "chart":"metricbeat-7.5.0", "heritage":"Tiller", "release":"metricbeat"}, MatchExpressions:[]v1.LabelSelectorRequirement(nil)}: field is immutable +``` + +The workaround is to use `--force` argument for `helm upgrade` command which +will force Metricbeat resources update through delete/recreate. + + +## 7.0.0-alpha1 - 2019/04/17 + +### Elasticsearch upgrade from 6.x + +If you were using the default Elasticsearch version from the previous release +(6.6.2-alpha1) you will first need to upgrade to Elasticsearch 6.7.1 before +being able to upgrade to 7.0.0. You can do this by adding this to your values +file: + +```yaml +esMajorVersion: 6 +imageTag: 6.7.1 +``` + +If you are upgrading an existing cluster that did not override the default +`storageClassName` you will now need to specify the `storageClassName`. This +only affects existing clusters and was changed in [#94][]. The advantage of this +is that now the Helm chart will just use the default `storageClassName` rather +than needing to override it for any providers where it is not called `standard`. + +``` +volumeClaimTemplate: + storageClassName: "standard" +``` + + +[#94]: https://github.com/elastic/helm-charts/pull/94 +[#352]: https://github.com/elastic/helm-charts/pull/352 +[#458]: https://github.com/elastic/helm-charts/pull/458 +[#540]: https://github.com/elastic/helm-charts/pull/540 +[#568]: https://github.com/elastic/helm-charts/pull/568 +[#572]: https://github.com/elastic/helm-charts/pull/572 +[#586]: https://github.com/elastic/helm-charts/pull/586 +[#621]: https://github.com/elastic/helm-charts/pull/621 +[container input]: https://www.elastic.co/guide/en/beats/filebeat/7.7/filebeat-input-container.html +[docker input]: https://www.elastic.co/guide/en/beats/filebeat/7.7/filebeat-input-docker.html +[elastic helm repo]: https://helm.elastic.co +[github releases]: https://github.com/elastic/helm-charts/releases +[new branching model]: https://github.com/elastic/helm-charts/blob/master/CONTRIBUTING.md#branching +[kube-state-metrics]: https://github.com/helm/charts/tree/master/stable/kube-state-metrics diff --git a/elasticsearch/templates/statefulset.yaml b/elasticsearch/templates/statefulset.yaml index 5297aac25..afc260710 100644 --- a/elasticsearch/templates/statefulset.yaml +++ b/elasticsearch/templates/statefulset.yaml @@ -213,22 +213,32 @@ spec: - -c - | #!/usr/bin/env bash -e - # If the node is starting up wait for the cluster to be ready (request params: '{{ .Values.clusterHealthCheckParams }}' ) + # If the node is starting up wait for the cluster to be ready (request params: "{{ .Values.clusterHealthCheckParams }}" ) # Once it has started only check that the node itself is responding START_FILE=/tmp/.es_start_file - if [ -n "${ELASTIC_USERNAME}" ] && [ -n "${ELASTIC_PASSWORD}" ]; then - BASIC_AUTH="-u ${ELASTIC_USERNAME}:${ELASTIC_PASSWORD}" - else - BASIC_AUTH='' - fi + http () { + local path="${1}" + local args="${2}" + set -- -XGET -s + + if [ "$args" != "" ]; then + set -- "$@" $args + fi + + if [ -n "${ELASTIC_USERNAME}" ] && [ -n "${ELASTIC_PASSWORD}" ]; then + set -- "$@" -u "${ELASTIC_USERNAME}:${ELASTIC_PASSWORD}" + fi + + curl --output /dev/null -k "$@" "{{ .Values.protocol }}://127.0.0.1:{{ .Values.httpPort }}${path}" + } if [ -f "${START_FILE}" ]; then echo 'Elasticsearch is already running, lets check the node is healthy' - HTTP_CODE=$(curl -XGET -s -k ${BASIC_AUTH} -o /dev/null -w '%{http_code}' {{ .Values.protocol }}://127.0.0.1:{{ .Values.httpPort }}/) + HTTP_CODE=$(http "/" "-w %{http_code}") RC=$? if [[ ${RC} -ne 0 ]]; then - echo "curl -XGET -s -k \${BASIC_AUTH} -o /dev/null -w '%{http_code}' {{ .Values.protocol }}://127.0.0.1:{{ .Values.httpPort }}/ failed with RC ${RC}" + echo "curl --output /dev/null -k -XGET -s -w '%{http_code}' \${BASIC_AUTH} {{ .Values.protocol }}://127.0.0.1:{{ .Values.httpPort }}/ failed with RC ${RC}" exit ${RC} fi # ready if HTTP code 200, 503 is tolerable if ES version is 6.x @@ -237,13 +247,13 @@ spec: elif [[ ${HTTP_CODE} == "503" && "{{ include "elasticsearch.esMajorVersion" . }}" == "6" ]]; then exit 0 else - echo "curl -XGET -s -k \${BASIC_AUTH} -o /dev/null -w '%{http_code}' {{ .Values.protocol }}://127.0.0.1:{{ .Values.httpPort }}/ failed with HTTP code ${HTTP_CODE}" + echo "curl --output /dev/null -k -XGET -s -w '%{http_code}' \${BASIC_AUTH} {{ .Values.protocol }}://127.0.0.1:{{ .Values.httpPort }}/ failed with HTTP code ${HTTP_CODE}" exit 1 fi else echo 'Waiting for elasticsearch cluster to become ready (request params: "{{ .Values.clusterHealthCheckParams }}" )' - if curl -XGET -s -k --fail ${BASIC_AUTH} {{ .Values.protocol }}://127.0.0.1:{{ .Values.httpPort }}/_cluster/health?{{ .Values.clusterHealthCheckParams }} ; then + if http "/_cluster/health?{{ .Values.clusterHealthCheckParams }}" "--fail" ; then touch ${START_FILE} exit 0 else From 934e652937d87dda8b05e9accd17c1d9e5df74b7 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Thu, 28 May 2020 17:36:59 +0200 Subject: [PATCH 030/151] [metricbeat] use deprecated kube-state-metrics config when existing (#624) This commit fix a bug introduced in https://github.com/elastic/helm-charts/pull/572 where Metricbeat deployment doesn't start after an upgrade from a previous version when using a custom metricbeatConfig. --- BREAKING_CHANGES.md | 9 +++++ metricbeat/templates/deployment.yaml | 4 +++ metricbeat/tests/metricbeat_test.py | 51 ++++++++++++++++++++++------ 3 files changed, 53 insertions(+), 11 deletions(-) diff --git a/BREAKING_CHANGES.md b/BREAKING_CHANGES.md index 35c7ec90e..890d5ea90 100644 --- a/BREAKING_CHANGES.md +++ b/BREAKING_CHANGES.md @@ -70,6 +70,14 @@ Metricbeat is now using dedicated values for daemonset and deployment config. The old values are still working but are now deprecated. See [#572][] for more details. +Warning: When upgrading Metricbeat while using custom `metricbeatConfig` value +for `kube-state-metrics-metricbeat.yml`, Metricbeat deployment fails with +`missing field accessing 'metricbeat.modules.0.hosts.0' (source:'metricbeat.yml')`. + +In this case `metricbeatConfig.kube-state-metrics-metricbeat.yml` value should +be migrated to `deployment.metricbeatConfig.metricbeat.yml`. See [#623][] for +more details. + ## 6.8.9 - 2020/05/13 See [7.7.0 Breaking changes](#770---20200513) @@ -171,6 +179,7 @@ volumeClaimTemplate: [#572]: https://github.com/elastic/helm-charts/pull/572 [#586]: https://github.com/elastic/helm-charts/pull/586 [#621]: https://github.com/elastic/helm-charts/pull/621 +[#623]: https://github.com/elastic/helm-charts/pull/623 [container input]: https://www.elastic.co/guide/en/beats/filebeat/7.7/filebeat-input-container.html [docker input]: https://www.elastic.co/guide/en/beats/filebeat/7.7/filebeat-input-docker.html [elastic helm repo]: https://helm.elastic.co diff --git a/metricbeat/templates/deployment.yaml b/metricbeat/templates/deployment.yaml index d612311c2..830438835 100644 --- a/metricbeat/templates/deployment.yaml +++ b/metricbeat/templates/deployment.yaml @@ -72,6 +72,10 @@ spec: image: "{{ .Values.image }}:{{ .Values.imageTag }}" imagePullPolicy: "{{ .Values.imagePullPolicy }}" args: + {{- if index .Values "metricbeatConfig" "kube-state-metrics-metricbeat.yml" }} + - "-c" + - "/usr/share/metricbeat/kube-state-metrics-metricbeat.yml" + {{- end }} - "-e" - "-E" - "http.enabled=true" diff --git a/metricbeat/tests/metricbeat_test.py b/metricbeat/tests/metricbeat_test.py index 83265498d..1e0e407d2 100644 --- a/metricbeat/tests/metricbeat_test.py +++ b/metricbeat/tests/metricbeat_test.py @@ -537,48 +537,77 @@ def test_adding_in_deprecated_metricbeat_config(): nestedkey: value dot.notation: test - other-config.yml: | + kube-state-metrics-metricbeat.yml: | hello = world """ r = helm_template(config) c = r["configmap"][name + "-config"]["data"] assert "metricbeat.yml" in c - assert "other-config.yml" in c + assert "kube-state-metrics-metricbeat.yml" in c assert "nestedkey: value" in c["metricbeat.yml"] assert "dot.notation: test" in c["metricbeat.yml"] - assert "hello = world" in c["other-config.yml"] + assert "hello = world" in c["kube-state-metrics-metricbeat.yml"] - d = r["daemonset"][name]["spec"]["template"]["spec"] + daemonset = r["daemonset"][name]["spec"]["template"]["spec"] assert { "configMap": {"name": name + "-config", "defaultMode": 0o600}, "name": project + "-config", - } in d["volumes"] + } in daemonset["volumes"] assert { "mountPath": "/usr/share/metricbeat/metricbeat.yml", "name": project + "-config", "subPath": "metricbeat.yml", "readOnly": True, - } in d["containers"][0]["volumeMounts"] + } in daemonset["containers"][0]["volumeMounts"] assert { - "mountPath": "/usr/share/metricbeat/other-config.yml", + "mountPath": "/usr/share/metricbeat/kube-state-metrics-metricbeat.yml", "name": project + "-config", - "subPath": "other-config.yml", + "subPath": "kube-state-metrics-metricbeat.yml", "readOnly": True, - } in d["containers"][0]["volumeMounts"] + } in daemonset["containers"][0]["volumeMounts"] assert ( "configChecksum" in r["daemonset"][name]["spec"]["template"]["metadata"]["annotations"] ) + deployment = r["deployment"][name + "-metrics"]["spec"]["template"]["spec"] + + assert { + "configMap": {"name": name + "-config", "defaultMode": 0o600}, + "name": project + "-config", + } in deployment["volumes"] + assert { + "mountPath": "/usr/share/metricbeat/metricbeat.yml", + "name": project + "-config", + "subPath": "metricbeat.yml", + "readOnly": True, + } in deployment["containers"][0]["volumeMounts"] + assert { + "mountPath": "/usr/share/metricbeat/kube-state-metrics-metricbeat.yml", + "name": project + "-config", + "subPath": "kube-state-metrics-metricbeat.yml", + "readOnly": True, + } in deployment["containers"][0]["volumeMounts"] + assert ("/usr/share/metricbeat/kube-state-metrics-metricbeat.yml") in deployment[ + "containers" + ][0]["args"] + + assert ( + "configChecksum" + in r["deployment"][name + "-metrics"]["spec"]["template"]["metadata"][ + "annotations" + ] + ) + def test_adding_a_secret_mount(): config = """ -daemonset: +daemonset: secretMounts: - name: elastic-certificates secretName: elastic-certificates-name @@ -614,7 +643,7 @@ def test_adding_a_secret_mount(): } not in r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["volumes"] config = """ -deployment: +deployment: secretMounts: - name: elastic-certificates secretName: elastic-certificates-name From a32bcae02b6a22d04f290697f6edbfb96e0f6f09 Mon Sep 17 00:00:00 2001 From: Dom Goodwin Date: Thu, 28 May 2020 21:09:28 +0100 Subject: [PATCH 031/151] Elasticsearch secret mountmode (#596) * Add ability to set the file permissions when mounting a secret * Added test for defaultMode on secret mount --- elasticsearch/templates/statefulset.yaml | 3 +++ elasticsearch/tests/elasticsearch_test.py | 18 ++++++++++++++++++ elasticsearch/values.yaml | 1 + 3 files changed, 22 insertions(+) diff --git a/elasticsearch/templates/statefulset.yaml b/elasticsearch/templates/statefulset.yaml index afc260710..acb1afbc8 100644 --- a/elasticsearch/templates/statefulset.yaml +++ b/elasticsearch/templates/statefulset.yaml @@ -113,6 +113,9 @@ spec: - name: {{ .name }} secret: secretName: {{ .secretName }} + {{- if .defaultMode }} + defaultMode: {{ .defaultMode }} + {{- end }} {{- end }} {{- if .Values.esConfig }} - name: esconfig diff --git a/elasticsearch/tests/elasticsearch_test.py b/elasticsearch/tests/elasticsearch_test.py index 82e5d279b..87b598e0d 100755 --- a/elasticsearch/tests/elasticsearch_test.py +++ b/elasticsearch/tests/elasticsearch_test.py @@ -514,6 +514,24 @@ def test_adding_a_secret_mount_with_subpath(): } +def test_adding_a_secret_mount_with_default_mode(): + config = """ +secretMounts: + - name: elastic-certificates + secretName: elastic-certs + path: /usr/share/elasticsearch/config/certs + subPath: cert.crt + defaultMode: 0755 +""" + r = helm_template(config) + s = r["statefulset"][uname]["spec"]["template"]["spec"] + assert s["containers"][0]["volumeMounts"][-1] == { + "mountPath": "/usr/share/elasticsearch/config/certs", + "subPath": "cert.crt", + "name": "elastic-certificates", + } + + def test_adding_image_pull_secrets(): config = """ imagePullSecrets: diff --git a/elasticsearch/values.yaml b/elasticsearch/values.yaml index a96a2fd24..4c1526e62 100755 --- a/elasticsearch/values.yaml +++ b/elasticsearch/values.yaml @@ -48,6 +48,7 @@ secretMounts: [] # - name: elastic-certificates # secretName: elastic-certificates # path: /usr/share/elasticsearch/config/certs +# defaultMode: 0755 image: "docker.elastic.co/elasticsearch/elasticsearch" imageTag: "7.8.0-SNAPSHOT" From d5f327bfd7b08e4c9e47a0a5ceed237b4368ee45 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rodolfo=20Mart=C3=ADnez=20Vega?= Date: Fri, 29 May 2020 13:05:26 -0500 Subject: [PATCH 032/151] [kibana] Add extensible label support (#555) Common labels were moved to helpers template to have only one source of truth of common/added labels shared between all Kibana resources. Also, this extends the capability to add a custom label and this will be common between all the resources. --- kibana/templates/_helpers.tpl | 12 ++++++++++++ kibana/templates/configmap.yaml | 4 +--- kibana/templates/deployment.yaml | 7 +------ kibana/templates/ingress.yaml | 5 +---- kibana/templates/service.yaml | 5 +---- 5 files changed, 16 insertions(+), 17 deletions(-) diff --git a/kibana/templates/_helpers.tpl b/kibana/templates/_helpers.tpl index 2fe259ebd..d2ab927b6 100755 --- a/kibana/templates/_helpers.tpl +++ b/kibana/templates/_helpers.tpl @@ -29,3 +29,15 @@ Return the appropriate apiVersion for ingress. {{- print "networking.k8s.io/v1beta1" -}} {{- end -}} {{- end -}} + +{{/* +Common labels +*/}} +{{- define "kibana.labels" -}} +app: {{ .Chart.Name }} +release: {{ .Release.Name | quote }} +heritage: {{ .Release.Service }} +{{- if .Values.labels }} +{{ toYaml .Values.labels }} +{{- end }} +{{- end -}} diff --git a/kibana/templates/configmap.yaml b/kibana/templates/configmap.yaml index 88927597a..2c9dc0fba 100644 --- a/kibana/templates/configmap.yaml +++ b/kibana/templates/configmap.yaml @@ -4,9 +4,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: {{ template "kibana.fullname" . }}-config - labels: - app: {{ .Chart.Name }} - release: {{ .Release.Name | quote }} + labels: {{ include "kibana.labels" . | nindent 4 }} data: {{- range $path, $config := .Values.kibanaConfig }} {{ $path }}: | diff --git a/kibana/templates/deployment.yaml b/kibana/templates/deployment.yaml index 9d7109265..5555d2ad0 100644 --- a/kibana/templates/deployment.yaml +++ b/kibana/templates/deployment.yaml @@ -2,12 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ template "kibana.fullname" . }} - labels: - app: {{ .Chart.Name }} - release: {{ .Release.Name | quote }} - {{- range $key, $value := .Values.labels }} - {{ $key }}: {{ $value | quote }} - {{- end }} + labels: {{ include "kibana.labels" . | nindent 4 }} spec: replicas: {{ .Values.replicas }} strategy: diff --git a/kibana/templates/ingress.yaml b/kibana/templates/ingress.yaml index e9aafcb65..e62977495 100644 --- a/kibana/templates/ingress.yaml +++ b/kibana/templates/ingress.yaml @@ -6,10 +6,7 @@ apiVersion: {{ template "kibana.ingress.apiVersion" . }} kind: Ingress metadata: name: {{ $fullName }} - labels: - app: {{ .Chart.Name }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{ include "kibana.labels" . | nindent 4 }} {{- with .Values.ingress.annotations }} annotations: {{ toYaml . | indent 4 }} diff --git a/kibana/templates/service.yaml b/kibana/templates/service.yaml index 5734580bf..71400a88d 100644 --- a/kibana/templates/service.yaml +++ b/kibana/templates/service.yaml @@ -3,10 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ template "kibana.fullname" . }} - labels: - app: {{ .Chart.Name }} - release: {{ .Release.Name | quote }} - heritage: {{ .Release.Service }} + labels: {{ include "kibana.labels" . | nindent 4 }} {{- if .Values.service.labels }} {{ toYaml .Values.service.labels | indent 4}} {{- end }} From c96be3d6995160bb8238fc4ca24c7c648662cc6a Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Sat, 30 May 2020 00:05:14 +0200 Subject: [PATCH 033/151] [meta] add support for k8s 1.16 (#635) * add CI tests for GKE 1.16 * test Elasticsearch upgrade from 7.4.0 on K8S 1.16 due to previous version of Elasticsearch chart not compatible with K8S 1.16 (see https://github.com/elastic/helm-charts/pull/635#issuecomment-635472582) * move Elasticsearch upgrade test logic to dedicated shell script to improve error handling * add jq to Docker image --- elasticsearch/examples/upgrade/Makefile | 11 +-- elasticsearch/examples/upgrade/README.md | 18 +++-- .../examples/upgrade/scripts/upgrade.sh | 76 +++++++++++++++++++ helpers/matrix.yml | 1 + helpers/terraform/Dockerfile | 8 +- 5 files changed, 98 insertions(+), 16 deletions(-) create mode 100755 elasticsearch/examples/upgrade/scripts/upgrade.sh diff --git a/elasticsearch/examples/upgrade/Makefile b/elasticsearch/examples/upgrade/Makefile index 9e1e6fd5e..f890d502c 100644 --- a/elasticsearch/examples/upgrade/Makefile +++ b/elasticsearch/examples/upgrade/Makefile @@ -4,17 +4,8 @@ include ../../../helpers/examples.mk RELEASE := helm-es-upgrade -# Right now the version is hardcoded because helm install will ignore -# anything with an alpha tag when trying to install the latest release -# This hardcoding can be removed once we drop the alpha tag -# The "--set terminationGracePeriod=121" always makes sure that a rolling -# upgrade is forced for this test install: - helm repo add elastic https://helm.elastic.co && \ - helm upgrade --wait --timeout=600 --install $(RELEASE) elastic/elasticsearch --version 7.0.0-alpha1 --set clusterName=upgrade ; \ - kubectl rollout status sts/upgrade-master --timeout=600s - helm upgrade --wait --timeout=600 --set terminationGracePeriod=121 --install $(RELEASE) ../../ --set clusterName=upgrade ; \ - kubectl rollout status sts/upgrade-master --timeout=600s + ./scripts/upgrade.sh --release $(RELEASE) init: helm init --client-only diff --git a/elasticsearch/examples/upgrade/README.md b/elasticsearch/examples/upgrade/README.md index adc82ebb1..402979b55 100644 --- a/elasticsearch/examples/upgrade/README.md +++ b/elasticsearch/examples/upgrade/README.md @@ -1,19 +1,27 @@ # Upgrade -This example deploy a 3 nodes Elasticsearch cluster using [7.0.0-alpha1][] chart -version, then upgrade it to 7.8.0-SNAPSHOT version. +This example will deploy a 3 node Elasticsearch cluster using an old chart version, +then upgrade it to version 7.8.0-SNAPSHOT. + +The following upgrades are tested: +- Upgrade from [7.0.0-alpha1][] version on K8S <1.16 +- Upgrade from [7.4.0][] version on K8S >=1.16 (Elasticsearch chart < 7.4.0 are +not compatible with K8S >= 1.16) ## Usage -Running `make install` command will do both 7.0.0-alpha1 install and 7.8.0-SNAPSHOT -upgrade +Running `make install` command will do first install and 7.8.0-SNAPSHOT upgrade. + +Note: [jq][] is a requirement for this make target. ## Testing -You can also run [goss integration tests][] using `make test` +You can also run [goss integration tests][] using `make test`. [7.0.0-alpha1]: https://github.com/elastic/helm-charts/releases/tag/7.0.0-alpha1 +[7.4.0]: https://github.com/elastic/helm-charts/releases/tag/7.4.0 [goss integration tests]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/upgrade/test/goss.yaml +[jq]: https://stedolan.github.io/jq/ diff --git a/elasticsearch/examples/upgrade/scripts/upgrade.sh b/elasticsearch/examples/upgrade/scripts/upgrade.sh new file mode 100755 index 000000000..6d0aa9ffc --- /dev/null +++ b/elasticsearch/examples/upgrade/scripts/upgrade.sh @@ -0,0 +1,76 @@ +#!/usr/bin/env bash + +set -euo pipefail + +usage() { + cat <<-EOF + USAGE: + $0 [--release ] [--from ] + $0 --help + + OPTIONS: + --release + Name of the Helm release to install + --from + Elasticsearch version to use for first install + EOF + exit 1 +} + +RELEASE="helm-es-upgrade" +FROM="" + +while [[ $# -gt 0 ]] +do + key="$1" + + case $key in + --help) + usage + ;; + --release) + RELEASE="$2" + shift 2 + ;; + --from) + FROM="$2" + shift 2 + ;; + *) + log "Unrecognized argument: '$key'" + usage + ;; + esac +done + +if ! command -v jq > /dev/null +then + echo 'jq is required to use this script' + echo 'please check https://stedolan.github.io/jq/download/ to install it' + exit 1 +fi + +# Elasticsearch chart < 7.4.0 are not compatible with K8S >= 1.16) +if [[ -z $FROM ]] +then + KUBE_MINOR_VERSION=$(kubectl version -o json | jq --raw-output --exit-status '.serverVersion.minor' | sed 's/[^0-9]*//g') + + if [ "$KUBE_MINOR_VERSION" -lt 16 ] + then + FROM="7.0.0-alpha1" + else + FROM="7.4.0" + fi +fi + +helm repo add elastic https://helm.elastic.co + +# Initial install +printf "Installing Elasticsearch chart %s\n" "$FROM" +helm upgrade --wait --timeout=600 --install "$RELEASE" elastic/elasticsearch --version "$FROM" --set clusterName=upgrade +kubectl rollout status sts/upgrade-master --timeout=600s + +# Upgrade +printf "Upgrading Elasticsearch chart\n" +helm upgrade --wait --timeout=600 --set terminationGracePeriod=121 --install "$RELEASE" ../../ --set clusterName=upgrade +kubectl rollout status sts/upgrade-master --timeout=600s diff --git a/helpers/matrix.yml b/helpers/matrix.yml index 3a5871aad..aaba651f9 100644 --- a/helpers/matrix.yml +++ b/helpers/matrix.yml @@ -34,3 +34,4 @@ APM_SERVER_SUITE: KUBERNETES_VERSION: - '1.14' - '1.15' + - '1.16' diff --git a/helpers/terraform/Dockerfile b/helpers/terraform/Dockerfile index 3c0294060..09057aca0 100644 --- a/helpers/terraform/Dockerfile +++ b/helpers/terraform/Dockerfile @@ -2,9 +2,10 @@ FROM centos:7 ENV VAULT_VERSION 0.9.3 ENV TERRAFORM_VERSION=0.11.7 -ENV KUBECTL_VERSION=1.15.4 +ENV KUBECTL_VERSION=1.16.10 ENV HELM_VERSION=2.16.7 ENV DOCKER_VERSION=18.09.7 +ENV JQ_VERSION=1.6 RUN yum -y install \ make \ @@ -44,3 +45,8 @@ RUN curl -O https://download.docker.com/linux/static/stable/x86_64/docker-${DOCK mv docker/docker /usr/local/bin && \ rm -rf docker/ && \ docker + +RUN curl -O -L https://github.com/stedolan/jq/releases/download/jq-${JQ_VERSION}/jq-linux64 && \ + mv jq-linux64 /usr/local/bin/jq && \ + chmod a+x /usr/local/bin/jq && \ + jq --version From 344bc389db555ada05c6ee9ed7b8a4352fb66872 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Thu, 11 Jun 2020 16:36:44 +0200 Subject: [PATCH 034/151] [helm] bump helm version to 2.16.8 (#657) --- README.md | 2 +- helpers/helm-tester/Dockerfile | 2 +- helpers/terraform/Dockerfile | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 51e6abfed..18bb592bc 100644 --- a/README.md +++ b/README.md @@ -32,7 +32,7 @@ exact versions are defined under `KUBERNETES_VERSIONS` in ## Helm versions While we are checking backward compatibility, the charts are only tested with -Helm version mentioned in [helm-tester Dockerfile][] (currently 2.16.7). +Helm version mentioned in [helm-tester Dockerfile][] (currently 2.16.8). Note that we don't support [Helm 3][] version. ## ECK diff --git a/helpers/helm-tester/Dockerfile b/helpers/helm-tester/Dockerfile index 01dbde85b..9640c9d69 100644 --- a/helpers/helm-tester/Dockerfile +++ b/helpers/helm-tester/Dockerfile @@ -1,6 +1,6 @@ FROM python:3.7 -ENV HELM_VERSION=2.16.7 +ENV HELM_VERSION=2.16.8 RUN wget --no-verbose https://storage.googleapis.com/kubernetes-helm/helm-v${HELM_VERSION}-linux-amd64.tar.gz && \ tar xfv helm-v${HELM_VERSION}-linux-amd64.tar.gz && \ diff --git a/helpers/terraform/Dockerfile b/helpers/terraform/Dockerfile index 09057aca0..b921c97de 100644 --- a/helpers/terraform/Dockerfile +++ b/helpers/terraform/Dockerfile @@ -3,7 +3,7 @@ FROM centos:7 ENV VAULT_VERSION 0.9.3 ENV TERRAFORM_VERSION=0.11.7 ENV KUBECTL_VERSION=1.16.10 -ENV HELM_VERSION=2.16.7 +ENV HELM_VERSION=2.16.8 ENV DOCKER_VERSION=18.09.7 ENV JQ_VERSION=1.6 From 285914a1a44036f7b9130dd92d356b5e6a353444 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C3=A9dric=20de=20Saint=20Martin?= Date: Thu, 11 Jun 2020 15:21:14 +0200 Subject: [PATCH 035/151] Elasticsearch: do not include heritage selector (#437) According to https://github.com/helm/charts/blob/master/REVIEW_GUIDELINES.md, service selector should not contain heritage. It would break (future) migration from helm 2 to helm 3 (during the rolling update only, there could be a downtime when only old nodes are ready but new services is there). --- elasticsearch/templates/service.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/elasticsearch/templates/service.yaml b/elasticsearch/templates/service.yaml index 4572af078..2c8f852f8 100644 --- a/elasticsearch/templates/service.yaml +++ b/elasticsearch/templates/service.yaml @@ -20,7 +20,6 @@ metadata: spec: type: {{ .Values.service.type }} selector: - heritage: {{ .Release.Service | quote }} release: {{ .Release.Name | quote }} chart: "{{ .Chart.Name }}" app: "{{ template "elasticsearch.uname" . }}" From 487e73b21dee8039f97f4ca59d7a0fef93337e30 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Fri, 12 Jun 2020 13:59:57 +0200 Subject: [PATCH 036/151] bump 7.x branch to 7.9.0-SNAPSHOT (#661) This commit bump the 7.x branch which will be dedicated to the 7.x.x releases for the Helm Charts. It will allow to: - test this branch with the daily Stack Docker images 7.9.0-SNAPSHOT via dedicated Jenkins jobs - test the staging 7.9.x Docker images before a release This is also backporting some updates in README files that were made in other branches and fixing the links to Elastic documentation. --- BREAKING_CHANGES.md | 188 ------------------ README.md | 48 ++++- apm-server/Chart.yaml | 4 +- apm-server/README.md | 53 ++--- apm-server/examples/default/README.md | 2 +- apm-server/examples/default/test/goss.yaml | 2 +- apm-server/examples/oss/README.md | 2 +- apm-server/examples/oss/test/goss.yaml | 2 +- apm-server/examples/security/README.md | 2 +- apm-server/examples/security/test/goss.yaml | 2 +- apm-server/values.yaml | 2 +- elasticsearch/Chart.yaml | 4 +- elasticsearch/README.md | 84 ++++---- elasticsearch/examples/config/README.md | 2 +- elasticsearch/examples/default/README.md | 2 +- elasticsearch/examples/default/test/goss.yaml | 2 +- .../examples/docker-for-mac/README.md | 2 +- .../examples/kubernetes-kind/README.md | 2 +- elasticsearch/examples/microk8s/README.md | 2 +- elasticsearch/examples/minikube/README.md | 2 +- elasticsearch/examples/multi/README.md | 2 +- elasticsearch/examples/openshift/README.md | 2 +- .../examples/openshift/test/goss.yaml | 2 +- elasticsearch/examples/oss/README.md | 2 +- elasticsearch/examples/oss/test/goss.yaml | 2 +- elasticsearch/examples/security/README.md | 4 +- elasticsearch/examples/upgrade/README.md | 4 +- elasticsearch/examples/upgrade/test/goss.yaml | 2 +- elasticsearch/values.yaml | 4 +- filebeat/Chart.yaml | 4 +- filebeat/README.md | 53 +++-- filebeat/examples/default/README.md | 2 +- filebeat/examples/default/test/goss.yaml | 4 +- filebeat/examples/oss/README.md | 2 +- filebeat/examples/oss/test/goss.yaml | 2 +- filebeat/examples/security/README.md | 2 +- filebeat/examples/security/test/goss.yaml | 2 +- filebeat/templates/daemonset.yaml | 2 +- filebeat/values.yaml | 2 +- helpers/bumper.py | 2 +- helpers/examples.mk | 2 +- kibana/Chart.yaml | 4 +- kibana/README.md | 56 +++--- kibana/examples/default/README.md | 2 +- kibana/examples/default/test/goss.yaml | 2 +- kibana/examples/openshift/README.md | 2 +- kibana/examples/oss/README.md | 2 +- kibana/examples/security/README.md | 2 +- kibana/values.yaml | 2 +- logstash/Chart.yaml | 4 +- logstash/README.md | 62 +++--- logstash/examples/default/README.md | 2 +- logstash/examples/default/test/goss.yaml | 2 +- logstash/examples/elasticsearch/README.md | 2 +- .../examples/elasticsearch/test/goss.yaml | 2 +- logstash/examples/oss/README.md | 2 +- logstash/examples/oss/test/goss.yaml | 2 +- logstash/values.yaml | 2 +- metricbeat/Chart.yaml | 4 +- metricbeat/README.md | 53 +++-- metricbeat/examples/default/README.md | 2 +- .../examples/default/test/goss-metrics.yaml | 6 +- metricbeat/examples/default/test/goss.yaml | 6 +- metricbeat/examples/oss/README.md | 2 +- .../examples/oss/test/goss-metrics.yaml | 6 +- metricbeat/examples/oss/test/goss.yaml | 6 +- metricbeat/examples/security/README.md | 2 +- .../examples/security/test/goss-metrics.yaml | 6 +- metricbeat/examples/security/test/goss.yaml | 6 +- metricbeat/templates/daemonset.yaml | 2 +- metricbeat/values.yaml | 2 +- 71 files changed, 295 insertions(+), 472 deletions(-) delete mode 100644 BREAKING_CHANGES.md diff --git a/BREAKING_CHANGES.md b/BREAKING_CHANGES.md deleted file mode 100644 index 890d5ea90..000000000 --- a/BREAKING_CHANGES.md +++ /dev/null @@ -1,188 +0,0 @@ -# Breaking changes - - - - -- [7.7.0 - 2020/05/13](#770---20200513) - - [Known Issues](#known-issues) - - [GA support](#ga-support) - - [New branching model](#new-branching-model) - - [Filebeat container inputs](#filebeat-container-inputs) - - [Metricbeat upgrade issue](#metricbeat-upgrade-issue) - - [Metricbeat split values for daemonset and deployment](#metricbeat-split-values-for-daemonset-and-deployment) -- [6.8.9 - 2020/05/13](#689---20200513) -- [7.6.2 - 2020/03/31](#762---20200331) - - [Kibana default resources](#kibana-default-resources) -- [7.6.0 - 2020/02/11](#760---20200211) - - [Elasticsearch default resources](#elasticsearch-default-resources) -- [7.5.0 - 2019/12/02](#750---20191202) - - [Metricbeat kube-state-metrics upgrade](#metricbeat-kube-state-metrics-upgrade) -- [7.0.0-alpha1 - 2019/04/17](#700-alpha1---20190417) - - [Elasticsearch upgrade from 6.x](#elasticsearch-upgrade-from-6x) - - - - - - -## 7.7.0 - 2020/05/13 - -### Known Issues - -Elasticsearch nodes could be restarted too quickly during an upgrade or rolling restart, potentially resulting in service disruption. -This is due to a bug introduced by the changes to the Elasticsearch `readinessProbe` in [#586][]. - -### GA support - -Elasticsearch, Kibana, Filebeat and Metricbeat are moving from beta to GA and -are supported by Elastic following these limitations: -- only released charts coming from [Elastic Helm repo][] or -[GitHub releases][] are supported. -- released charts are only supported when using the same chart version and -application version (ie: using 7.7.0 chart with 6.8.8 or 7.6.2 application is -not supported). - -### New branching model - -Elastic Helm charts repository is now following a [new branching model][]: -- `master` branch is now a development branch for next major release. -- new `7.x` branch is a development branch for next minor release using SNAPSHOT -Docker images. -- new `7.7` branch is a development branch for next patch release using SNAPSHOT -Docker images - -### Filebeat container inputs - -Filebeat chart default config is now using [container input][] instead of -[docker input][] in [#568][]. - -### Metricbeat upgrade issue - -Metricbeat upgrade are failing with -`spec.selector: Invalid value: ... field is immutable` error. This is related to -Metricbeat deployment selector including chart version which is not immutable. -You should use `helm upgrade --force` to upgrade Metricbeat. See [#621][] for -more details. - -### Metricbeat split values for daemonset and deployment - -Metricbeat is now using dedicated values for daemonset and deployment config. -The old values are still working but are now deprecated. See [#572][] for more -details. - -Warning: When upgrading Metricbeat while using custom `metricbeatConfig` value -for `kube-state-metrics-metricbeat.yml`, Metricbeat deployment fails with -`missing field accessing 'metricbeat.modules.0.hosts.0' (source:'metricbeat.yml')`. - -In this case `metricbeatConfig.kube-state-metrics-metricbeat.yml` value should -be migrated to `deployment.metricbeatConfig.metricbeat.yml`. See [#623][] for -more details. - -## 6.8.9 - 2020/05/13 - -See [7.7.0 Breaking changes](#770---20200513) - - -## 7.6.2 - 2020/03/31 - -### Kibana default resources - -Kibana default resources (cpu/memory requests and limits) are increased in -[#540][]. - -This change may impact cpu/memory available resources capacity in your -Kubernetes cluster. - -To come back to former default values, use the following values: - -```yaml -extraEnvs: -- name: "NODE_OPTIONS" - value: "" -resources: - requests: - cpu: "100m" - memory: "500Mi" - limits: - cpu: "1000m" - memory: "1Gi" -``` - - -## 7.6.0 - 2020/02/11 - -### Elasticsearch default resources - -Elasticsearch default cpu requests is increased in [#458][] following our -recommendation that resources requests and limits should have the same values. - -This change may impact available cpu capacity in your Kubernetes cluster. - -To come back to former default values, use the following values: - -```yaml -resources: - requests: - cpu: "100m" -``` - - -## 7.5.0 - 2019/12/02 - -### Metricbeat kube-state-metrics upgrade - -[kube-state-metrics][] chart dependency is upgraded from 1.6.0 to 2.4.1 in -[#352][]. This is causing Metricbeat chart upgrade from versions < 7.5.0 failing -with the following error: - -``` -UPGRADE FAILED -Error: Deployment.apps "metricbeat-kube-state-metrics" is invalid: spec.selector: Invalid value: v1.LabelSelector{MatchLabels:map[string]string{"app.kubernetes.io/name":"kube-state-metrics"}, MatchExpressions:[]v1.LabelSelectorRequirement(nil)}: field is immutable && Deployment.apps "metricbeat-metricbeat-metrics" is invalid: spec.selector: Invalid value: v1.LabelSelector{MatchLabels:map[string]string{"app":"metricbeat-metricbeat-metrics", "chart":"metricbeat-7.5.0", "heritage":"Tiller", "release":"metricbeat"}, MatchExpressions:[]v1.LabelSelectorRequirement(nil)}: field is immutable -Error: UPGRADE FAILED: Deployment.apps "metricbeat-kube-state-metrics" is invalid: spec.selector: Invalid value: v1.LabelSelector{MatchLabels:map[string]string{"app.kubernetes.io/name":"kube-state-metrics"}, MatchExpressions:[]v1.LabelSelectorRequirement(nil)}: field is immutable && Deployment.apps "metricbeat-metricbeat-metrics" is invalid: spec.selector: Invalid value: v1.LabelSelector{MatchLabels:map[string]string{"app":"metricbeat-metricbeat-metrics", "chart":"metricbeat-7.5.0", "heritage":"Tiller", "release":"metricbeat"}, MatchExpressions:[]v1.LabelSelectorRequirement(nil)}: field is immutable -``` - -The workaround is to use `--force` argument for `helm upgrade` command which -will force Metricbeat resources update through delete/recreate. - - -## 7.0.0-alpha1 - 2019/04/17 - -### Elasticsearch upgrade from 6.x - -If you were using the default Elasticsearch version from the previous release -(6.6.2-alpha1) you will first need to upgrade to Elasticsearch 6.7.1 before -being able to upgrade to 7.0.0. You can do this by adding this to your values -file: - -```yaml -esMajorVersion: 6 -imageTag: 6.7.1 -``` - -If you are upgrading an existing cluster that did not override the default -`storageClassName` you will now need to specify the `storageClassName`. This -only affects existing clusters and was changed in [#94][]. The advantage of this -is that now the Helm chart will just use the default `storageClassName` rather -than needing to override it for any providers where it is not called `standard`. - -``` -volumeClaimTemplate: - storageClassName: "standard" -``` - - -[#94]: https://github.com/elastic/helm-charts/pull/94 -[#352]: https://github.com/elastic/helm-charts/pull/352 -[#458]: https://github.com/elastic/helm-charts/pull/458 -[#540]: https://github.com/elastic/helm-charts/pull/540 -[#568]: https://github.com/elastic/helm-charts/pull/568 -[#572]: https://github.com/elastic/helm-charts/pull/572 -[#586]: https://github.com/elastic/helm-charts/pull/586 -[#621]: https://github.com/elastic/helm-charts/pull/621 -[#623]: https://github.com/elastic/helm-charts/pull/623 -[container input]: https://www.elastic.co/guide/en/beats/filebeat/7.7/filebeat-input-container.html -[docker input]: https://www.elastic.co/guide/en/beats/filebeat/7.7/filebeat-input-docker.html -[elastic helm repo]: https://helm.elastic.co -[github releases]: https://github.com/elastic/helm-charts/releases -[new branching model]: https://github.com/elastic/helm-charts/blob/master/CONTRIBUTING.md#branching -[kube-state-metrics]: https://github.com/helm/charts/tree/master/stable/kube-state-metrics diff --git a/README.md b/README.md index 18bb592bc..7e503e084 100644 --- a/README.md +++ b/README.md @@ -2,10 +2,19 @@ [![Build Status](https://img.shields.io/jenkins/s/https/devops-ci.elastic.co/job/elastic+helm-charts+7.x.svg)](https://devops-ci.elastic.co/job/elastic+helm-charts+7.x/) -This functionality is in beta and is subject to change. The design and code is -less mature than official GA features and is being provided as-is with no -warranties. Beta features are not subject to the support SLA of official GA -features. + + + + +- [Charts](#charts) +- [Supported Configurations](#supported-configurations) + - [Support Matrix](#support-matrix) + - [Kubernetes Versions](#kubernetes-versions) + - [Helm versions](#helm-versions) +- [ECK](#eck) + + + ## Charts @@ -14,8 +23,8 @@ Helm charts are designed to be a lightweight way to configure our official Docker images. Links to the relevant Docker image documentation has also been added below. -| Chart | Docker documentation | -|--------------------------------------------|---------------------------------------------------------------------------------| +| Chart | Docker documentation | +|--------------------------------------------|-----------------------------------------------------------------------------| | [APM-Server](./apm-server/README.md) | https://www.elastic.co/guide/en/apm/server/7.8/running-on-docker.html | | [Elasticsearch](./elasticsearch/README.md) | https://www.elastic.co/guide/en/elasticsearch/reference/7.8/docker.html | | [Filebeat](./filebeat/README.md) | https://www.elastic.co/guide/en/beats/filebeat/7.8/running-on-docker.html | @@ -23,13 +32,34 @@ added below. | [Logstash](./logstash/README.md) | https://www.elastic.co/guide/en/logstash/7.8/docker.html | | [Metricbeat](./metricbeat/README.md) | https://www.elastic.co/guide/en/beats/metricbeat/7.8/running-on-docker.html | -## Kubernetes Versions +## Supported Configurations + +Starting with 7.7.0 release, some charts are reaching GA. + +Note that only the released charts coming from [Elastic Helm repo][] or +[GitHub releases][] are supported. + +### Support Matrix + +| | Elasticsearch | Kibana | Logstash | Filebeat | Metricbeat | APM Server | +|-----|---------------|--------|----------|----------|------------|------------| +| 7.0 | Alpha | Alpha | / | / | / | / | +| 7.1 | Beta | Beta | / | Beta | / | / | +| 7.2 | Beta | Beta | / | Beta | Beta | / | +| 7.3 | Beta | Beta | / | Beta | Beta | / | +| 7.4 | Beta | Beta | / | Beta | Beta | / | +| 7.5 | Beta | Beta | Beta | Beta | Beta | Alpha | +| 7.6 | Beta | Beta | Beta | Beta | Beta | Alpha | +| 7.7 | GA | GA | Beta | GA | GA | Beta | +| 7.x | GA | GA | Beta | GA | GA | Beta | + +### Kubernetes Versions The charts are [currently tested][] against all GKE versions available. The exact versions are defined under `KUBERNETES_VERSIONS` in [helpers/matrix.yml][]. -## Helm versions +### Helm versions While we are checking backward compatibility, the charts are only tested with Helm version mentioned in [helm-tester Dockerfile][] (currently 2.16.8). @@ -45,6 +75,8 @@ Kubernetes. [currently tested]: https://devops-ci.elastic.co/job/elastic+helm-charts+7.x/ [elastic cloud on kubernetes]: https://github.com/elastic/cloud-on-k8s +[elastic helm repo]: https://helm.elastic.co +[github releases]: https://github.com/elastic/helm-charts/releases [helm 3]: https://v3.helm.sh [helm-tester Dockerfile]: https://github.com/elastic/helm-charts/blob/7.x/helpers/helm-tester/Dockerfile [helpers/matrix.yml]: https://github.com/elastic/helm-charts/blob/7.x/helpers/matrix.yml diff --git a/apm-server/Chart.yaml b/apm-server/Chart.yaml index 6a023e4ba..eea03a313 100755 --- a/apm-server/Chart.yaml +++ b/apm-server/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: apm-server -version: 7.8.0-SNAPSHOT -appVersion: 7.8.0-SNAPSHOT +version: 7.9.0-SNAPSHOT +appVersion: 7.9.0-SNAPSHOT sources: - https://github.com/elastic/apm icon: https://helm.elastic.co/icons/apm.png diff --git a/apm-server/README.md b/apm-server/README.md index d8d83142a..42c8debce 100644 --- a/apm-server/README.md +++ b/apm-server/README.md @@ -1,12 +1,25 @@ # APM Server Helm Chart + +This Helm chart is a lightweight way to configure and run our official +[APM Server Docker image][]. + +**Warning**: This functionality is in alpha and is subject to change. +The design and code is less mature than official GA features and is being +provided as-is with no warranties. Alpha features are not subject to the support +SLA of official GA features (see [supported configurations][] for more details). + +**Warning**: This branch is used for development, please use [7.7.1][] release +for released version. + + - [Requirements](#requirements) - [Installing](#installing) - - [Using Helm repository](#using-helm-repository) - - [Using the 7.x branch](#using-the-7x-branch) + - [Install released version using Helm repository](#install-released-version-using-helm-repository) + - [Install development version using 7.x branch and 7.9.0-SNAPSHOT versions](#install-development-version-using-7x-branch-and-790-snapshot-versions) - [Upgrading](#upgrading) - [Usage notes](#usage-notes) - [Configuration](#configuration) @@ -20,45 +33,31 @@ -This functionality is in alpha and is subject to change. The design and code is -less mature than official GA features and is being provided as-is with no -warranties. Alpha features are not subject to the support SLA of official GA -features. - -This Helm chart is a lightweight way to configure and run our official -[APM Server Docker image][]. - - ## Requirements * Kubernetes >= 1.9 * [Helm][] >= 2.8.0 +See [supported configurations][] for more details. + ## Installing -This chart is tested with the latest 7.8.0-SNAPSHOT versions. +This chart is tested with the latest 7.9.0-SNAPSHOT versions. -### Using Helm repository +### Install released version using Helm repository * Add the Elastic Helm charts repo: `helm repo add elastic https://helm.elastic.co` -* Install the latest 7.8 release: -`helm install --name apm-server elastic/apm-server --version=7.8.0` - -### Using the 7.x branch +* Install the latest 7.7 release: +`helm install --name apm-server elastic/apm-server` -* Clone the git repo and checkout the right branch: +### Install development version using 7.x branch and 7.9.0-SNAPSHOT versions - ```shell - git clone git@github.com:elastic/helm-charts.git - cd helm-charts - git checkout -b 7.x origin/7.x - ```` +* Clone the git repo: `git clone git@github.com:elastic/helm-charts.git` -* Install the latest 7.8.0-SNAPSHOT: -`helm install --name apm-server ./helm-charts/apm-server` +* Install it: `helm install --name apm-server ./helm-charts/apm-server` ## Upgrading @@ -96,7 +95,7 @@ as a reference. They are also used in the automated testing of this chart. | `fullnameOverride` | Overrides the full name of the resources. If not set the name will default to `.Release.Name` - `.Values.nameOverride` or `.Chart.Name` | `""` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The APM Server Docker image tag | `7.8.0-SNAPSHOT` | +| `imageTag` | The APM Server Docker image tag | `7.9.0-SNAPSHOT` | | `image` | The APM Server Docker image | `docker.elastic.co/apm/apm-server` | | `ingress` | Configurable [ingress][] to expose the APM Server service | see [values.yaml][] | | `labels` | Configurable [labels][] applied to all APM server pods | `{}` | @@ -144,6 +143,7 @@ Please check [CONTRIBUTING.md][] before any contribution or for any questions about our development and testing process. +[7.7.1]: https://github.com/elastic/helm-charts/blob/7.7.1/apm-server/README.md [BREAKING_CHANGES.md]: https://github.com/elastic/helm-charts/blob/master/BREAKING_CHANGES.md [CHANGELOG.md]: https://github.com/elastic/helm-charts/blob/master/CHANGELOG.md [CONTRIBUTING.md]: https://github.com/elastic/helm-charts/blob/master/CONTRIBUTING.md @@ -172,6 +172,7 @@ about our development and testing process. [resources]: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ [service]: https://kubernetes.io/docs/concepts/services-networking/service/ [serviceAccount]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ +[supported configurations]: https://github.com/elastic/helm-charts/tree/7.x/README.md#supported-configurations [tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ [updateStrategy]: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#updating-a-deployment [values.yaml]: https://github.com/elastic/helm-charts/tree/7.x/apm-server/values.yaml diff --git a/apm-server/examples/default/README.md b/apm-server/examples/default/README.md index 1533f4561..d363b9497 100644 --- a/apm-server/examples/default/README.md +++ b/apm-server/examples/default/README.md @@ -1,6 +1,6 @@ # Default -This example deploy APM Server 7.8.0-SNAPSHOT using [default values][]. +This example deploy APM Server 7.9.0-SNAPSHOT using [default values][]. ## Usage diff --git a/apm-server/examples/default/test/goss.yaml b/apm-server/examples/default/test/goss.yaml index a2e5df9fa..5340a1d10 100644 --- a/apm-server/examples/default/test/goss.yaml +++ b/apm-server/examples/default/test/goss.yaml @@ -3,4 +3,4 @@ http: status: 200 timeout: 2000 body: - - '7.8.0' + - '7.9.0' diff --git a/apm-server/examples/oss/README.md b/apm-server/examples/oss/README.md index 01320a2fa..11fe24458 100644 --- a/apm-server/examples/oss/README.md +++ b/apm-server/examples/oss/README.md @@ -1,6 +1,6 @@ # OSS -This example deploy APM Server 7.8.0-SNAPSHOT using [APM Server OSS][] version. +This example deploy APM Server 7.9.0-SNAPSHOT using [APM Server OSS][] version. ## Usage diff --git a/apm-server/examples/oss/test/goss.yaml b/apm-server/examples/oss/test/goss.yaml index a2e5df9fa..5340a1d10 100644 --- a/apm-server/examples/oss/test/goss.yaml +++ b/apm-server/examples/oss/test/goss.yaml @@ -3,4 +3,4 @@ http: status: 200 timeout: 2000 body: - - '7.8.0' + - '7.9.0' diff --git a/apm-server/examples/security/README.md b/apm-server/examples/security/README.md index 0282838be..120a645c4 100644 --- a/apm-server/examples/security/README.md +++ b/apm-server/examples/security/README.md @@ -1,6 +1,6 @@ # Security -This example deploy APM Server 7.8.0-SNAPSHOT using authentication and TLS to connect to +This example deploy APM Server 7.9.0-SNAPSHOT using authentication and TLS to connect to Elasticsearch (see [values][]). diff --git a/apm-server/examples/security/test/goss.yaml b/apm-server/examples/security/test/goss.yaml index a2e5df9fa..5340a1d10 100644 --- a/apm-server/examples/security/test/goss.yaml +++ b/apm-server/examples/security/test/goss.yaml @@ -3,4 +3,4 @@ http: status: 200 timeout: 2000 body: - - '7.8.0' + - '7.9.0' diff --git a/apm-server/values.yaml b/apm-server/values.yaml index ee2564043..ea9860e38 100755 --- a/apm-server/values.yaml +++ b/apm-server/values.yaml @@ -62,7 +62,7 @@ extraVolumes: [] # emptyDir: {} image: "docker.elastic.co/apm/apm-server" -imageTag: "7.8.0-SNAPSHOT" +imageTag: "7.9.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" imagePullSecrets: [] diff --git a/elasticsearch/Chart.yaml b/elasticsearch/Chart.yaml index 5945eae05..d86124b11 100755 --- a/elasticsearch/Chart.yaml +++ b/elasticsearch/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: elasticsearch -version: 7.8.0-SNAPSHOT -appVersion: 7.8.0-SNAPSHOT +version: 7.9.0-SNAPSHOT +appVersion: 7.9.0-SNAPSHOT sources: - https://github.com/elastic/elasticsearch icon: https://helm.elastic.co/icons/elasticsearch.png diff --git a/elasticsearch/README.md b/elasticsearch/README.md index db5470df2..4f2cf3b0e 100644 --- a/elasticsearch/README.md +++ b/elasticsearch/README.md @@ -1,12 +1,20 @@ # Elasticsearch Helm Chart + +This Helm chart is a lightweight way to configure and run our official +[Elasticsearch Docker image][]. + +**Warning**: This branch is used for development, please use [7.7.1][] release +for released version. + + - [Requirements](#requirements) - [Installing](#installing) - - [Using Helm repository](#using-helm-repository) - - [Using the 7.x branch](#using-the-7x-branch) + - [Install released version using Helm repository](#install-released-version-using-helm-repository) + - [Install development version using 7.x branch and 7.9.0-SNAPSHOT versions](#install-development-version-using-7x-branch-and-790-snapshot-versions) - [Upgrading](#upgrading) - [Usage notes](#usage-notes) - [Configuration](#configuration) @@ -32,49 +40,34 @@ -This functionality is in beta and is subject to change. The design and code is -less mature than official GA features and is being provided as-is with no -warranties. Beta features are not subject to the support SLA of official GA -features. - -This Helm chart is a lightweight way to configure and run our official -[Elasticsearch Docker image][]. - - ## Requirements -* [Helm][] >=2.8.0 and <3.0.0 (see [parent README][] for more details) +* [Helm][] >=2.8.0 and <3.0.0 * Kubernetes >=1.8 * Minimum cluster requirements include the following to run this chart with default settings. All of these settings are configurable. * Three Kubernetes nodes to respect the default "hard" affinity settings * 1GB of RAM for the JVM heap +See [supported configurations][] for more details. ## Installing -This chart is tested with the latest 7.8.0-SNAPSHOT versions. +This chart is tested with the latest 7.9.0-SNAPSHOT versions. -### Using Helm repository +### Install released version using Helm repository * Add the Elastic Helm charts repo: `helm repo add elastic https://helm.elastic.co` -* Install the latest 7.8 release: -`helm install --name elasticsearch elastic/elasticsearch --version=7.8.0` +* Install the latest 7.7 release: +`helm install --name elasticsearch elastic/elasticsearch` -### Using the 7.x branch +### Install development version using 7.x branch and 7.9.0-SNAPSHOT versions -* Clone the git repo and checkout the right branch: +* Clone the git repo: `git clone git@github.com:elastic/helm-charts.git` - ```shell - git clone git@github.com:elastic/helm-charts.git - cd helm-charts - git checkout -b 7.x origin/7.x - ```` - -* Install the latest 7.8.0-SNAPSHOT: -`helm install --name elasticsearch ./helm-charts/elasticsearch` +* Install it: `helm install --name elasticsearch ./helm-charts/elasticsearch` ## Upgrading @@ -129,7 +122,7 @@ support multiple versions with minimal changes. | `httpPort` | The http port that Kubernetes will use for the healthchecks and the service. If you change this you will also need to set [http.port][] in `extraEnvs` | `9200` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The Elasticsearch Docker image tag | `7.8.0-SNAPSHOT` | +| `imageTag` | The Elasticsearch Docker image tag | `7.9.0-SNAPSHOT` | | `image` | The Elasticsearch Docker image | `docker.elastic.co/elasticsearch/elasticsearch` | | `ingress` | Configurable [ingress][] to expose the Elasticsearch service. See [values.yaml][] for an example | see [values.yaml][] | | `initResources` | Allows you to set the [resources][] for the `initContainer` in the StatefulSet | `{}` | @@ -390,23 +383,24 @@ Please check [CONTRIBUTING.md][] before any contribution or for any questions about our development and testing process. +[#63]: https://github.com/elastic/helm-charts/issues/63 +[7.7.1]: https://github.com/elastic/helm-charts/blob/7.7.1/elasticsearch/README.md [BREAKING_CHANGES.md]: https://github.com/elastic/helm-charts/blob/master/BREAKING_CHANGES.md [CHANGELOG.md]: https://github.com/elastic/helm-charts/blob/master/CHANGELOG.md [CONTRIBUTING.md]: https://github.com/elastic/helm-charts/blob/master/CONTRIBUTING.md -[#63]: https://github.com/elastic/helm-charts/issues/63 [alternate scheduler]: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/#specify-schedulers-for-pods [annotations]: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ [anti-affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity -[cluster.name]: https://www.elastic.co/guide/en/elasticsearch/reference/7.8/cluster.name.html +[cluster.name]: https://www.elastic.co/guide/en/elasticsearch/reference/7.x/cluster.name.html [clustering and node discovery]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/README.md#clustering-and-node-discovery [config example]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/config/values.yaml [curator]: https://www.elastic.co/guide/en/elasticsearch/client/curator/7.8/snapshot.html -[custom docker image]: https://www.elastic.co/guide/en/elasticsearch/reference/7.8/docker.html#_c_customized_image +[custom docker image]: https://www.elastic.co/guide/en/elasticsearch/reference/7.x/docker.html#_c_customized_image [deploys statefulsets serially]: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-management-policies -[discovery.zen.minimum_master_nodes]: https://www.elastic.co/guide/en/elasticsearch/reference/7.8/discovery-settings.html#minimum_master_nodes +[discovery.zen.minimum_master_nodes]: https://www.elastic.co/guide/en/elasticsearch/reference/7.x/discovery-settings.html#minimum_master_nodes [docker for mac]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/docker-for-mac -[elasticsearch cluster health status params]: https://www.elastic.co/guide/en/elasticsearch/reference/7.8/cluster-health.html#request-params -[elasticsearch docker image]: https://www.elastic.co/guide/en/elasticsearch/reference/7.8/docker.html +[elasticsearch cluster health status params]: https://www.elastic.co/guide/en/elasticsearch/reference/7.x/cluster-health.html#request-params +[elasticsearch docker image]: https://www.elastic.co/guide/en/elasticsearch/reference/7.x/docker.html [elasticsearch oss docker image]: https://www.docker.elastic.co/#elasticsearch-7-8-0-oss [environment variables]: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config [environment from variables]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables @@ -419,12 +413,12 @@ about our development and testing process. [helm/charts stable]: https://github.com/helm/charts/tree/master/stable/elasticsearch/ [how to install plugins guide]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/README.md#how-to-install-plugins [how to use the keystore]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/README.md#how-to-use-the-keystore -[http.port]: https://www.elastic.co/guide/en/elasticsearch/reference/7.8/modules-http.html#_settings +[http.port]: https://www.elastic.co/guide/en/elasticsearch/reference/7.x/modules-http.html#_settings [imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images [imagePullSecrets]: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret [ingress]: https://kubernetes.io/docs/concepts/services-networking/ingress/ -[java options]: https://www.elastic.co/guide/en/elasticsearch/reference/7.8/jvm-options.html -[jvm heap size]: https://www.elastic.co/guide/en/elasticsearch/reference/7.8/heap-size.html +[java options]: https://www.elastic.co/guide/en/elasticsearch/reference/7.x/jvm-options.html +[jvm heap size]: https://www.elastic.co/guide/en/elasticsearch/reference/7.x/heap-size.html [kind]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/kubernetes-kind [kubernetes secrets]: https://kubernetes.io/docs/concepts/configuration/secret/ [labels]: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ @@ -436,28 +430,28 @@ about our development and testing process. [minikube]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/minikube [microk8s]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/microk8s [multi]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/multi/ -[network.host elasticsearch setting]: https://www.elastic.co/guide/en/elasticsearch/reference/7.8/network.host.html +[network.host elasticsearch setting]: https://www.elastic.co/guide/en/elasticsearch/reference/7.x/network.host.html [node affinity settings]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#node-affinity-beta-feature -[node-certificates]: https://www.elastic.co/guide/en/elasticsearch/reference/7.8/configuring-tls.html#node-certificates +[node-certificates]: https://www.elastic.co/guide/en/elasticsearch/reference/7.x/configuring-tls.html#node-certificates [nodePort]: https://kubernetes.io/docs/concepts/services-networking/service/#nodeport -[nodes types]: https://www.elastic.co/guide/en/elasticsearch/reference/7.8/modules-node.html +[nodes types]: https://www.elastic.co/guide/en/elasticsearch/reference/7.x/modules-node.html [nodeSelector]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector [openshift]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/openshift -[parent readme]: https://github.com/elastic/helm-charts/tree/7.x/README.md [priorityClass]: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass [probe]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ [resources]: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ -[roles]: https://www.elastic.co/guide/en/elasticsearch/reference/7.8/modules-node.html +[roles]: https://www.elastic.co/guide/en/elasticsearch/reference/7.x/modules-node.html [secret]: https://kubernetes.io/docs/concepts/configuration/secret/#using-secrets [securityContext]: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ [service types]: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types [snapshot lifecycle management]: https://github.com/elastic/elasticsearch/issues/38461 -[snapshot plugin]: https://www.elastic.co/guide/en/elasticsearch/plugins/7.8/repository.html -[snapshot repository]: https://www.elastic.co/guide/en/elasticsearch/reference/7.8/modules-snapshots.html -[sysctl vm.max_map_count]: https://www.elastic.co/guide/en/elasticsearch/reference/7.8/vm-max-map-count.html#vm-max-map-count +[snapshot plugin]: https://www.elastic.co/guide/en/elasticsearch/plugins/7.x/repository.html +[snapshot repository]: https://www.elastic.co/guide/en/elasticsearch/reference/7.x/modules-snapshots.html +[supported configurations]: https://github.com/elastic/helm-charts/tree/7.x/README.md#supported-configurations +[sysctl vm.max_map_count]: https://www.elastic.co/guide/en/elasticsearch/reference/7.x/vm-max-map-count.html#vm-max-map-count [terminationGracePeriod]: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods [tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ -[transport port configuration]: https://www.elastic.co/guide/en/elasticsearch/reference/7.8/modules-transport.html#_transport_settings +[transport port configuration]: https://www.elastic.co/guide/en/elasticsearch/reference/7.x/modules-transport.html#_transport_settings [updateStrategy]: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/ [values.yaml]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/values.yaml [volumeClaimTemplate for statefulsets]: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#stable-storage diff --git a/elasticsearch/examples/config/README.md b/elasticsearch/examples/config/README.md index 0c479605b..f3106b73f 100644 --- a/elasticsearch/examples/config/README.md +++ b/elasticsearch/examples/config/README.md @@ -1,6 +1,6 @@ # Config -This example deploy a single node Elasticsearch 7.8.0-SNAPSHOT with authentication and +This example deploy a single node Elasticsearch 7.9.0-SNAPSHOT with authentication and custom [values][]. diff --git a/elasticsearch/examples/default/README.md b/elasticsearch/examples/default/README.md index 81dc68211..006ecef49 100644 --- a/elasticsearch/examples/default/README.md +++ b/elasticsearch/examples/default/README.md @@ -1,6 +1,6 @@ # Default -This example deploy a 3 nodes Elasticsearch 7.8.0-SNAPSHOT cluster using +This example deploy a 3 nodes Elasticsearch 7.9.0-SNAPSHOT cluster using [default values][]. diff --git a/elasticsearch/examples/default/test/goss.yaml b/elasticsearch/examples/default/test/goss.yaml index c8b2c0c25..528797760 100644 --- a/elasticsearch/examples/default/test/goss.yaml +++ b/elasticsearch/examples/default/test/goss.yaml @@ -15,7 +15,7 @@ http: status: 200 timeout: 2000 body: - - '"number" : "7.8.0-SNAPSHOT"' + - '"number" : "7.9.0-SNAPSHOT"' - '"cluster_name" : "elasticsearch"' - '"name" : "elasticsearch-master-0"' - 'You Know, for Search' diff --git a/elasticsearch/examples/docker-for-mac/README.md b/elasticsearch/examples/docker-for-mac/README.md index 3ce68ea30..496c7cbd0 100644 --- a/elasticsearch/examples/docker-for-mac/README.md +++ b/elasticsearch/examples/docker-for-mac/README.md @@ -1,6 +1,6 @@ # Docker for Mac -This example deploy a 3 nodes Elasticsearch 7.8.0-SNAPSHOT cluster on [Docker for Mac][] +This example deploy a 3 nodes Elasticsearch 7.9.0-SNAPSHOT cluster on [Docker for Mac][] using [custom values][]. Note that this configuration should be used for test only and isn't recommended diff --git a/elasticsearch/examples/kubernetes-kind/README.md b/elasticsearch/examples/kubernetes-kind/README.md index 7373d75b6..6c806539b 100644 --- a/elasticsearch/examples/kubernetes-kind/README.md +++ b/elasticsearch/examples/kubernetes-kind/README.md @@ -1,6 +1,6 @@ # KIND -This example deploy a 3 nodes Elasticsearch 7.8.0-SNAPSHOT cluster on [Kind][] +This example deploy a 3 nodes Elasticsearch 7.9.0-SNAPSHOT cluster on [Kind][] using [custom values][]. Note that this configuration should be used for test only and isn't recommended diff --git a/elasticsearch/examples/microk8s/README.md b/elasticsearch/examples/microk8s/README.md index 8cc3dcfa5..2b909e4ad 100644 --- a/elasticsearch/examples/microk8s/README.md +++ b/elasticsearch/examples/microk8s/README.md @@ -1,6 +1,6 @@ # MicroK8S -This example deploy a 3 nodes Elasticsearch 7.8.0-SNAPSHOT cluster on [MicroK8S][] +This example deploy a 3 nodes Elasticsearch 7.9.0-SNAPSHOT cluster on [MicroK8S][] using [custom values][]. Note that this configuration should be used for test only and isn't recommended diff --git a/elasticsearch/examples/minikube/README.md b/elasticsearch/examples/minikube/README.md index d01e0ba9f..4e11c894b 100644 --- a/elasticsearch/examples/minikube/README.md +++ b/elasticsearch/examples/minikube/README.md @@ -1,6 +1,6 @@ # Minikube -This example deploy a 3 nodes Elasticsearch 7.8.0-SNAPSHOT cluster on [Minikube][] +This example deploy a 3 nodes Elasticsearch 7.9.0-SNAPSHOT cluster on [Minikube][] using [custom values][]. If helm or kubectl timeouts occur, you may consider creating a minikube VM with diff --git a/elasticsearch/examples/multi/README.md b/elasticsearch/examples/multi/README.md index e8f569ab1..93521c56d 100644 --- a/elasticsearch/examples/multi/README.md +++ b/elasticsearch/examples/multi/README.md @@ -1,6 +1,6 @@ # Multi -This example deploy an Elasticsearch 7.8.0-SNAPSHOT cluster composed of 2 different Helm +This example deploy an Elasticsearch 7.9.0-SNAPSHOT cluster composed of 2 different Helm releases: - `helm-es-multi-master` for the 3 master nodes using [master values][] diff --git a/elasticsearch/examples/openshift/README.md b/elasticsearch/examples/openshift/README.md index 4799efb7e..5ad3fb33f 100644 --- a/elasticsearch/examples/openshift/README.md +++ b/elasticsearch/examples/openshift/README.md @@ -1,6 +1,6 @@ # OpenShift -This example deploy a 3 nodes Elasticsearch 7.8.0-SNAPSHOT cluster on [OpenShift][] +This example deploy a 3 nodes Elasticsearch 7.9.0-SNAPSHOT cluster on [OpenShift][] using [custom values][]. ## Usage diff --git a/elasticsearch/examples/openshift/test/goss.yaml b/elasticsearch/examples/openshift/test/goss.yaml index 878dd0cb5..0d1725b8e 100644 --- a/elasticsearch/examples/openshift/test/goss.yaml +++ b/elasticsearch/examples/openshift/test/goss.yaml @@ -11,7 +11,7 @@ http: status: 200 timeout: 2000 body: - - '"number" : "7.8.0"' + - '"number" : "7.9.0"' - '"cluster_name" : "elasticsearch"' - '"name" : "elasticsearch-master-0"' - 'You Know, for Search' diff --git a/elasticsearch/examples/oss/README.md b/elasticsearch/examples/oss/README.md index 78cd5ffa0..640d40f5a 100644 --- a/elasticsearch/examples/oss/README.md +++ b/elasticsearch/examples/oss/README.md @@ -1,6 +1,6 @@ # OSS -This example deploy a 3 nodes Elasticsearch 7.8.0-SNAPSHOT cluster using +This example deploy a 3 nodes Elasticsearch 7.9.0-SNAPSHOT cluster using [Elasticsearch OSS][] version. ## Usage diff --git a/elasticsearch/examples/oss/test/goss.yaml b/elasticsearch/examples/oss/test/goss.yaml index 30c179d51..0c5153395 100644 --- a/elasticsearch/examples/oss/test/goss.yaml +++ b/elasticsearch/examples/oss/test/goss.yaml @@ -11,7 +11,7 @@ http: status: 200 timeout: 2000 body: - - '"number" : "7.8.0-SNAPSHOT"' + - '"number" : "7.9.0-SNAPSHOT"' - '"cluster_name" : "oss"' - '"name" : "oss-master-0"' - 'You Know, for Search' diff --git a/elasticsearch/examples/security/README.md b/elasticsearch/examples/security/README.md index 7e69fb284..a0fc53509 100644 --- a/elasticsearch/examples/security/README.md +++ b/elasticsearch/examples/security/README.md @@ -1,6 +1,6 @@ # Security -This example deploy a 3 nodes Elasticsearch 7.8.0-SNAPSHOT with authentication and +This example deploy a 3 nodes Elasticsearch 7.9.0-SNAPSHOT with authentication and autogenerated certificates for TLS (see [values][]). Note that this configuration should be used for test only. For a production @@ -25,5 +25,5 @@ You can also run [goss integration tests][] using `make test` [goss integration tests]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/security/test/goss.yaml -[official docs]: https://www.elastic.co/guide/en/elasticsearch/reference/7.8/configuring-tls.html#node-certificates +[official docs]: https://www.elastic.co/guide/en/elasticsearch/reference/7.x/configuring-tls.html#node-certificates [values]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/security/security.yaml diff --git a/elasticsearch/examples/upgrade/README.md b/elasticsearch/examples/upgrade/README.md index 402979b55..c7efc788d 100644 --- a/elasticsearch/examples/upgrade/README.md +++ b/elasticsearch/examples/upgrade/README.md @@ -1,7 +1,7 @@ # Upgrade This example will deploy a 3 node Elasticsearch cluster using an old chart version, -then upgrade it to version 7.8.0-SNAPSHOT. +then upgrade it to version 7.9.0-SNAPSHOT. The following upgrades are tested: - Upgrade from [7.0.0-alpha1][] version on K8S <1.16 @@ -11,7 +11,7 @@ not compatible with K8S >= 1.16) ## Usage -Running `make install` command will do first install and 7.8.0-SNAPSHOT upgrade. +Running `make install` command will do first install and 7.9.0-SNAPSHOT upgrade. Note: [jq][] is a requirement for this make target. diff --git a/elasticsearch/examples/upgrade/test/goss.yaml b/elasticsearch/examples/upgrade/test/goss.yaml index b99d4e4f8..32436c811 100644 --- a/elasticsearch/examples/upgrade/test/goss.yaml +++ b/elasticsearch/examples/upgrade/test/goss.yaml @@ -11,7 +11,7 @@ http: status: 200 timeout: 2000 body: - - '"number" : "7.8.0-SNAPSHOT"' + - '"number" : "7.9.0-SNAPSHOT"' - '"cluster_name" : "upgrade"' - '"name" : "upgrade-master-0"' - 'You Know, for Search' diff --git a/elasticsearch/values.yaml b/elasticsearch/values.yaml index 4c1526e62..0571d951a 100755 --- a/elasticsearch/values.yaml +++ b/elasticsearch/values.yaml @@ -51,7 +51,7 @@ secretMounts: [] # defaultMode: 0755 image: "docker.elastic.co/elasticsearch/elasticsearch" -imageTag: "7.8.0-SNAPSHOT" +imageTag: "7.9.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" podAnnotations: {} @@ -205,7 +205,7 @@ readinessProbe: successThreshold: 3 timeoutSeconds: 5 -# https://www.elastic.co/guide/en/elasticsearch/reference/7.8/cluster-health.html#request-params wait_for_status +# https://www.elastic.co/guide/en/elasticsearch/reference/7.x/cluster-health.html#request-params wait_for_status clusterHealthCheckParams: "wait_for_status=green&timeout=1s" ## Use an alternate scheduler. diff --git a/filebeat/Chart.yaml b/filebeat/Chart.yaml index 843f7f70c..d9eb77476 100755 --- a/filebeat/Chart.yaml +++ b/filebeat/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: filebeat -version: 7.8.0-SNAPSHOT -appVersion: 7.8.0-SNAPSHOT +version: 7.9.0-SNAPSHOT +appVersion: 7.9.0-SNAPSHOT sources: - https://github.com/elastic/beats icon: https://helm.elastic.co/icons/beats.png diff --git a/filebeat/README.md b/filebeat/README.md index ae9d87383..a2404f9ca 100644 --- a/filebeat/README.md +++ b/filebeat/README.md @@ -1,12 +1,20 @@ # Filebeat Helm Chart + +This Helm chart is a lightweight way to configure and run our official +[Filebeat Docker image][]. + +**Warning**: This branch is used for development, please use [7.7.1][] release +for released version. + + - [Requirements](#requirements) - [Installing](#installing) - - [Using Helm repository](#using-helm-repository) - - [Using the 7.x branch](#using-the-7x-branch) + - [Install released version using Helm repository](#install-released-version-using-helm-repository) + - [Install development version using 7.x branch and 7.9.0-SNAPSHOT versions](#install-development-version-using-7x-branch-and-790-snapshot-versions) - [Upgrading](#upgrading) - [Usage notes](#usage-notes) - [Configuration](#configuration) @@ -21,45 +29,31 @@ -This functionality is in beta and is subject to change. The design and code is -less mature than official GA features and is being provided as-is with no -warranties. Beta features are not subject to the support SLA of official GA -features. - -This Helm chart is a lightweight way to configure and run our official -[Filebeat Docker image][]. - - ## Requirements -* [Helm][] >=2.8.0 and <3.0.0 (see [parent README][] for more details) +* [Helm][] >=2.8.0 and <3.0.0 * Kubernetes >=1.9 +See [supported configurations][] for more details. + ## Installing -This chart is tested with the latest 7.8.0-SNAPSHOT versions. +This chart is tested with the latest 7.9.0-SNAPSHOT versions. -### Using Helm repository +### Install released version using Helm repository * Add the Elastic Helm charts repo: `helm repo add elastic https://helm.elastic.co` -* Install the latest 7.8 release: -`helm install --name filebeat elastic/filebeat --version=7.8.0` - -### Using the 7.x branch +* Install the latest 7.7 release: +`helm install --name filebeat elastic/filebeat` -* Clone the git repo and checkout the right branch: +### Install development version using 7.x branch and 7.9.0-SNAPSHOT versions - ```shell - git clone git@github.com:elastic/helm-charts.git - cd helm-charts - git checkout -b 7.x origin/7.x - ```` +* Clone the git repo: `git clone git@github.com:elastic/helm-charts.git` -* Install the latest 7.8.0-SNAPSHOT: -`helm install --name filebeat ./helm-charts/filebeat` +* Install it: `helm install --name filebeat ./helm-charts/filebeat` ## Upgrading @@ -107,7 +101,7 @@ as a reference. They are also used in the automated testing of this chart. | `hostPathRoot` | Fully-qualified [hostPath][] that will be used to persist Filebeat registry data | `/var/lib` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The Filebeat Docker image tag | `7.8.0-SNAPSHOT` | +| `imageTag` | The Filebeat Docker image tag | `7.9.0-SNAPSHOT` | | `image` | The Filebeat Docker image | `docker.elastic.co/beats/filebeat` | | `labels` | Configurable [labels][] applied to all Filebeat pods | `{}` | | `livenessProbe` | Parameters to pass to liveness [probe][] checks for values such as timeouts and thresholds | see [values.yaml][] | @@ -164,6 +158,7 @@ Please check [CONTRIBUTING.md][] before any contribution or for any questions about our development and testing process. +[7.7.1]: https://github.com/elastic/helm-charts/blob/7.7.1/filebeat/README.md [BREAKING_CHANGES.md]: https://github.com/elastic/helm-charts/blob/master/BREAKING_CHANGES.md [CHANGELOG.md]: https://github.com/elastic/helm-charts/blob/master/CHANGELOG.md [CONTRIBUTING.md]: https://github.com/elastic/helm-charts/blob/master/CONTRIBUTING.md @@ -175,7 +170,7 @@ about our development and testing process. [examples]: https://github.com/elastic/helm-charts/tree/7.x/filebeat/examples [examples/oss]: https://github.com/elastic/helm-charts/tree/7.x/filebeat/examples/oss [examples/security]: https://github.com/elastic/helm-charts/tree/7.x/filebeat/examples/security -[filebeat docker image]: https://www.elastic.co/guide/en/beats/filebeat/7.8/running-on-docker.html +[filebeat docker image]: https://www.elastic.co/guide/en/beats/filebeat/7.x/running-on-docker.html [filebeat oss docker image]: https://www.docker.elastic.co/#filebeat-7-8-0-oss [helm]: https://helm.sh [hostNetwork]: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#host-namespaces @@ -184,12 +179,12 @@ about our development and testing process. [imagePullSecrets]: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret [kubernetes secrets]: https://kubernetes.io/docs/concepts/configuration/secret/ [labels]: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ -[parent readme]: https://github.com/elastic/helm-charts/tree/7.x/README.md [nodeSelector]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector [podSecurityContext]: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ [priorityClass]: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass [probe]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ [resources]: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ +[supported configurations]: https://github.com/elastic/helm-charts/tree/7.x/README.md#supported-configurations [serviceAccount]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ [tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ [updateStrategy]: https://kubernetes.io/docs/tasks/manage-daemon/update-daemon-set/#daemonset-update-strategy diff --git a/filebeat/examples/default/README.md b/filebeat/examples/default/README.md index ef694b8f5..44189bf66 100644 --- a/filebeat/examples/default/README.md +++ b/filebeat/examples/default/README.md @@ -1,6 +1,6 @@ # Default -This example deploy Filebeat 7.8.0-SNAPSHOT using [default values][]. +This example deploy Filebeat 7.9.0-SNAPSHOT using [default values][]. ## Usage diff --git a/filebeat/examples/default/test/goss.yaml b/filebeat/examples/default/test/goss.yaml index 71c870739..998df2a4f 100644 --- a/filebeat/examples/default/test/goss.yaml +++ b/filebeat/examples/default/test/goss.yaml @@ -29,7 +29,7 @@ http: status: 200 timeout: 2000 body: - - 'filebeat-7.8.0' + - 'filebeat-7.9.0' file: /usr/share/filebeat/filebeat.yml: @@ -44,4 +44,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: http://elasticsearch-master:9200' - - 'version: 7.8.0' + - 'version: 7.9.0' diff --git a/filebeat/examples/oss/README.md b/filebeat/examples/oss/README.md index c64a94a5f..e7923ec2c 100644 --- a/filebeat/examples/oss/README.md +++ b/filebeat/examples/oss/README.md @@ -1,6 +1,6 @@ # OSS -This example deploy Filebeat 7.8.0-SNAPSHOT using [Filebeat OSS][] version. +This example deploy Filebeat 7.9.0-SNAPSHOT using [Filebeat OSS][] version. ## Usage diff --git a/filebeat/examples/oss/test/goss.yaml b/filebeat/examples/oss/test/goss.yaml index da2d94e32..1c1ba79a7 100644 --- a/filebeat/examples/oss/test/goss.yaml +++ b/filebeat/examples/oss/test/goss.yaml @@ -19,4 +19,4 @@ http: status: 200 timeout: 2000 body: - - 'filebeat-7.8.0' + - 'filebeat-7.9.0' diff --git a/filebeat/examples/security/README.md b/filebeat/examples/security/README.md index 566974823..7c6c06ecb 100644 --- a/filebeat/examples/security/README.md +++ b/filebeat/examples/security/README.md @@ -1,6 +1,6 @@ # Security -This example deploy Filebeat 7.8.0-SNAPSHOT using authentication and TLS to connect to +This example deploy Filebeat 7.9.0-SNAPSHOT using authentication and TLS to connect to Elasticsearch (see [values][]). diff --git a/filebeat/examples/security/test/goss.yaml b/filebeat/examples/security/test/goss.yaml index 8871dde92..00ae925da 100644 --- a/filebeat/examples/security/test/goss.yaml +++ b/filebeat/examples/security/test/goss.yaml @@ -3,7 +3,7 @@ http: status: 200 timeout: 2000 body: - - 'filebeat-7.8.0' + - 'filebeat-7.9.0' allow-insecure: true username: '{{ .Env.ELASTICSEARCH_USERNAME }}' password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' diff --git a/filebeat/templates/daemonset.yaml b/filebeat/templates/daemonset.yaml index 011f585f2..1cf3106e5 100644 --- a/filebeat/templates/daemonset.yaml +++ b/filebeat/templates/daemonset.yaml @@ -159,7 +159,7 @@ spec: mountPath: /var/log readOnly: true # Necessary when using autodiscovery; avoid mounting it otherwise - # See: https://www.elastic.co/guide/en/beats/filebeat/7.8/configuration-autodiscover.html + # See: https://www.elastic.co/guide/en/beats/filebeat/7.x/configuration-autodiscover.html - name: varrundockersock mountPath: /var/run/docker.sock readOnly: true diff --git a/filebeat/values.yaml b/filebeat/values.yaml index a723aed13..4cb871fe3 100755 --- a/filebeat/values.yaml +++ b/filebeat/values.yaml @@ -52,7 +52,7 @@ envFrom: [] hostPathRoot: /var/lib hostNetworking: false image: "docker.elastic.co/beats/filebeat" -imageTag: "7.8.0-SNAPSHOT" +imageTag: "7.9.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" imagePullSecrets: [] diff --git a/helpers/bumper.py b/helpers/bumper.py index b5333a515..34ffbd7d6 100755 --- a/helpers/bumper.py +++ b/helpers/bumper.py @@ -20,7 +20,7 @@ os.chdir(os.path.join(os.path.dirname(__file__), "..")) versions = { - 7: os.environ.get("BUMPER_VERSION_7", "7.8.0-SNAPSHOT"), + 7: os.environ.get("BUMPER_VERSION_7", "7.9.0-SNAPSHOT"), } chart_version = versions[7] diff --git a/helpers/examples.mk b/helpers/examples.mk index 4b8da463c..446f4f179 100644 --- a/helpers/examples.mk +++ b/helpers/examples.mk @@ -1,7 +1,7 @@ GOSS_VERSION := v0.3.6 GOSS_FILE ?= goss.yaml GOSS_SELECTOR ?= release=$(RELEASE) -STACK_VERSION := 7.8.0-SNAPSHOT +STACK_VERSION := 7.9.0-SNAPSHOT .PHONY: help help: ## Display this help diff --git a/kibana/Chart.yaml b/kibana/Chart.yaml index 722b9688f..509403938 100755 --- a/kibana/Chart.yaml +++ b/kibana/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: kibana -version: 7.8.0-SNAPSHOT -appVersion: 7.8.0-SNAPSHOT +version: 7.9.0-SNAPSHOT +appVersion: 7.9.0-SNAPSHOT sources: - https://github.com/elastic/kibana icon: https://helm.elastic.co/icons/kibana.png diff --git a/kibana/README.md b/kibana/README.md index 03df5fea0..f848fd2b9 100644 --- a/kibana/README.md +++ b/kibana/README.md @@ -1,12 +1,20 @@ # Kibana Helm Chart + +This Helm chart is a lightweight way to configure and run our official +[Kibana Docker image][]. + +**Warning**: This branch is used for development, please use [7.7.1][] release +for released version. + + - [Requirements](#requirements) - [Installing](#installing) - - [Using Helm repository](#using-helm-repository) - - [Using the 7.x branch](#using-the-7x-branch) + - [Install released version using Helm repository](#install-released-version-using-helm-repository) + - [Install development version using 7.x branch and 7.9.0-SNAPSHOT versions](#install-development-version-using-7x-branch-and-790-snapshot-versions) - [Upgrading](#upgrading) - [Usage notes](#usage-notes) - [Configuration](#configuration) @@ -24,45 +32,30 @@ -This functionality is in beta and is subject to change. The design and code is -less mature than official GA features and is being provided as-is with no -warranties. Beta features are not subject to the support SLA of official GA -features. - -This Helm chart is a lightweight way to configure and run our official -[Kibana Docker image][]. - - ## Requirements -* [Helm][] >=2.8.0 and <3.0.0 (see [parent README][] for more details) +* [Helm][] >=2.8.0 and <3.0.0 * Kubernetes >=1.9 +See [supported configurations][] for more details. ## Installing -This chart is tested with the latest 7.8.0-SNAPSHOT versions. +This chart is tested with the latest 7.9.0-SNAPSHOT versions. -### Using Helm repository +### Install released version using Helm repository * Add the Elastic Helm charts repo: `helm repo add elastic https://helm.elastic.co` -* Install the latest 7.8 release: -`helm install --name kibana elastic/kibana --version=7.8.0` - -### Using the 7.x branch +* Install the latest 7.7 release: +`helm install --name kibana elastic/kibana` -* Clone the git repo and checkout the right branch: +### Install development version using 7.x branch and 7.9.0-SNAPSHOT versions - ```shell - git clone git@github.com:elastic/helm-charts.git - cd helm-charts - git checkout -b 7.x origin/7.x - ```` +* Clone the git repo: `git clone git@github.com:elastic/helm-charts.git` -* Install the latest 7.8.0-SNAPSHOT: -`helm install --name kibana ./helm-charts/kibana` +* Install it: `helm install --name kibana ./helm-charts/kibana` ## Upgrading @@ -95,7 +88,7 @@ as a reference. They are also used in the automated testing of this chart. | `httpPort` | The http port that Kubernetes will use for the healthchecks and the service | `5601` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][]value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The Kibana Docker image tag | `7.8.0-SNAPSHOT` | +| `imageTag` | The Kibana Docker image tag | `7.9.0-SNAPSHOT` | | `image` | The Kibana Docker image | `docker.elastic.co/kibana/kibana` | | `ingress` | Configurable [ingress][] to expose the Kibana service. | see [values.yaml][] | | `kibanaConfig` | Allows you to add any config files in `/usr/share/kibana/config/` such as `kibana.yml` See [values.yaml][] for an example of the formatting | `{}` | @@ -207,6 +200,7 @@ Please check [CONTRIBUTING.md][] before any contribution or for any questions about our development and testing process. +[7.7.1]: https://github.com/elastic/helm-charts/blob/7.7.1/kibana/README.md [BREAKING_CHANGES.md]: https://github.com/elastic/helm-charts/blob/master/BREAKING_CHANGES.md [CHANGELOG.md]: https://github.com/elastic/helm-charts/blob/master/CHANGELOG.md [CONTRIBUTING.md]: https://github.com/elastic/helm-charts/blob/master/CONTRIBUTING.md @@ -222,23 +216,23 @@ about our development and testing process. [imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images [imagePullSecrets]: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret [ingress]: https://kubernetes.io/docs/concepts/services-networking/ingress/ -[kibana docker image]: https://www.elastic.co/guide/en/kibana/7.8/docker.html +[kibana docker image]: https://www.elastic.co/guide/en/kibana/7.x/docker.html [kibana oss docker image]: https://www.docker.elastic.co/#kibana-7-8-0-oss [kubernetes secrets]: https://kubernetes.io/docs/concepts/configuration/secret/ [labels]: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ [lifecycle hooks]: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/ [nodeSelector]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector [openshift]: https://github.com/elastic/helm-charts/tree/7.x/kibana/examples/openshift -[parent readme]: https://github.com/elastic/helm-charts/tree/7.x/README.md [priorityClass]: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass [probe]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ [resources]: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ [security enabled elasticsearch cluster]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/README.md#security [securityContext]: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod -[server.host]: https://www.elastic.co/guide/en/kibana/7.8/settings.html +[server.host]: https://www.elastic.co/guide/en/kibana/7.x/settings.html [service]: https://kubernetes.io/docs/concepts/services-networking/service/ [serviceAccount]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ -[standard upgrade]: https://www.elastic.co/guide/en/kibana/7.8/upgrade-standard.html +[standard upgrade]: https://www.elastic.co/guide/en/kibana/7.x/upgrade-standard.html +[supported configurations]: https://github.com/elastic/helm-charts/tree/7.x/README.md#supported-configurations [tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ [updateStrategy]: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#updating-a-deployment [values.yaml]: https://github.com/elastic/helm-charts/tree/7.x/kibana/values.yaml diff --git a/kibana/examples/default/README.md b/kibana/examples/default/README.md index ec6bea41c..0f2c1fd62 100644 --- a/kibana/examples/default/README.md +++ b/kibana/examples/default/README.md @@ -1,6 +1,6 @@ # Default -This example deploy Kibana 7.8.0-SNAPSHOT using [default values][]. +This example deploy Kibana 7.9.0-SNAPSHOT using [default values][]. ## Usage diff --git a/kibana/examples/default/test/goss.yaml b/kibana/examples/default/test/goss.yaml index 101aa5552..301d1fa22 100644 --- a/kibana/examples/default/test/goss.yaml +++ b/kibana/examples/default/test/goss.yaml @@ -3,7 +3,7 @@ http: status: 200 timeout: 2000 body: - - '"number":"7.8.0"' + - '"number":"7.9.0"' http://localhost:5601/app/kibana: status: 200 diff --git a/kibana/examples/openshift/README.md b/kibana/examples/openshift/README.md index 56c553086..56c7d73c4 100644 --- a/kibana/examples/openshift/README.md +++ b/kibana/examples/openshift/README.md @@ -1,6 +1,6 @@ # OpenShift -This example deploy Kibana 7.8.0-SNAPSHOT on [OpenShift][] using [custom values][]. +This example deploy Kibana 7.9.0-SNAPSHOT on [OpenShift][] using [custom values][]. ## Usage diff --git a/kibana/examples/oss/README.md b/kibana/examples/oss/README.md index 4cb2b9351..58fc7b09d 100644 --- a/kibana/examples/oss/README.md +++ b/kibana/examples/oss/README.md @@ -1,6 +1,6 @@ # OSS -This example deploy Kibana 7.8.0-SNAPSHOT using [Kibana OSS][] version. +This example deploy Kibana 7.9.0-SNAPSHOT using [Kibana OSS][] version. ## Usage diff --git a/kibana/examples/security/README.md b/kibana/examples/security/README.md index c84451934..a834df90a 100644 --- a/kibana/examples/security/README.md +++ b/kibana/examples/security/README.md @@ -1,6 +1,6 @@ # Security -This example deploy Kibana 7.8.0-SNAPSHOT using authentication and TLS to connect to +This example deploy Kibana 7.9.0-SNAPSHOT using authentication and TLS to connect to Elasticsearch (see [values][]). diff --git a/kibana/values.yaml b/kibana/values.yaml index e357f4fc8..4134ad0da 100755 --- a/kibana/values.yaml +++ b/kibana/values.yaml @@ -29,7 +29,7 @@ secretMounts: [] # subPath: kibana.keystore # optional image: "docker.elastic.co/kibana/kibana" -imageTag: "7.8.0-SNAPSHOT" +imageTag: "7.9.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" # additionals labels diff --git a/logstash/Chart.yaml b/logstash/Chart.yaml index 05e2de6ea..3d1426dd1 100755 --- a/logstash/Chart.yaml +++ b/logstash/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: logstash -version: 7.8.0-SNAPSHOT -appVersion: 7.8.0-SNAPSHOT +version: 7.9.0-SNAPSHOT +appVersion: 7.9.0-SNAPSHOT sources: - https://github.com/elastic/logstash icon: https://helm.elastic.co/icons/logstash.png diff --git a/logstash/README.md b/logstash/README.md index 26319e538..546ad9d3a 100644 --- a/logstash/README.md +++ b/logstash/README.md @@ -1,12 +1,25 @@ # Logstash Helm Chart + +This Helm chart is a lightweight way to configure and run our official +[Logstash Docker image][]. + +**Warning**: This functionality is in beta and is subject to change. +The design and code is less mature than official GA features and is being +provided as-is with no warranties. Alpha features are not subject to the support +SLA of official GA features (see [supported configurations][] for more details). + +**Warning**: This branch is used for development, please use [7.7.1][] release +for released version. + + - [Requirements](#requirements) - [Installing](#installing) - - [Using Helm repository](#using-helm-repository) - - [Using the 7.x branch](#using-the-7x-branch) + - [Install released version using Helm repository](#install-released-version-using-helm-repository) + - [Install development version using 7.x branch and 7.9.0-SNAPSHOT versions](#install-development-version-using-7x-branch-and-790-snapshot-versions) - [Upgrading](#upgrading) - [Usage notes](#usage-notes) - [Configuration](#configuration) @@ -20,45 +33,31 @@ -This functionality is in beta and is subject to change. The design and code is -less mature than official GA features and is being provided as-is with no -warranties. Beta features are not subject to the support SLA of official GA -features. - -This Helm chart is a lightweight way to configure and run our official -[Logstash Docker image][]. - - ## Requirements -* [Helm][] >=2.8.0 and <3.0.0 (see [parent README][] for more details) +* [Helm][] >=2.8.0 and <3.0.0 * Kubernetes >=1.8 +See [supported configurations][] for more details. + ## Installing -This chart is tested with the latest 7.8.0-SNAPSHOT versions. +This chart is tested with the latest 7.9.0-SNAPSHOT versions. -### Using Helm repository +### Install released version using Helm repository * Add the Elastic Helm charts repo: `helm repo add elastic https://helm.elastic.co` -* Install the latest 7.8 release: -`helm install --name logstash elastic/logstash --version=7.8.0` - -### Using the 7.x branch +* Install the latest 7.7 release: +`helm install --name logstash elastic/logstash` -* Clone the git repo and checkout the right branch: +### Install development version using 7.x branch and 7.9.0-SNAPSHOT versions - ```shell - git clone git@github.com:elastic/helm-charts.git - cd helm-charts - git checkout -b 7.x origin/7.x - ```` +* Clone the git repo: `git clone git@github.com:elastic/helm-charts.git` -* Install the latest 7.8.0-SNAPSHOT: -`helm install --name logstash ./helm-charts/logstash` +* Install it: `helm install --name logstash ./helm-charts/logstash` ## Upgrading @@ -112,7 +111,7 @@ using `http.host: 127.0.0.1`, default probes should be disabled or overrided | `httpPort` | The http port that Kubernetes will use for the healthchecks and the service | `9600` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The Logstash Docker image tag | `7.8.0-SNAPSHOT` | +| `imageTag` | The Logstash Docker image tag | `7.9.0-SNAPSHOT` | | `image` | The Logstash Docker image | `docker.elastic.co/logstash/logstash` | | `labels` | Configurable [labels][] applied to all Logstash pods | `{}` | | `lifecycle` | Allows you to add lifecycle configuration. See [values.yaml][] for an example of the formatting | `{}` | @@ -185,6 +184,7 @@ Please check [CONTRIBUTING.md][] before any contribution or for any questions about our development and testing process. +[7.7.1]: https://github.com/elastic/helm-charts/blob/7.7.1/logstash/README.md [BREAKING_CHANGES.md]: https://github.com/elastic/helm-charts/blob/master/BREAKING_CHANGES.md [CHANGELOG.md]: https://github.com/elastic/helm-charts/blob/master/CHANGELOG.md [CONTRIBUTING.md]: https://github.com/elastic/helm-charts/blob/master/CONTRIBUTING.md @@ -192,7 +192,7 @@ about our development and testing process. [annotations]: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ [anti-affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity [deploys statefulsets serially]: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-management-policies -[custom docker image]: https://www.elastic.co/guide/en/logstash/7.8/docker-config.html#_custom_images +[custom docker image]: https://www.elastic.co/guide/en/logstash/7.x/docker-config.html#_custom_images [environment variables]: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config [environment from variables]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables [examples]: https://github.com/elastic/helm-charts/tree/7.x/logstash/examples @@ -202,19 +202,19 @@ about our development and testing process. [imagePullSecrets]: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret [kubernetes secrets]: https://kubernetes.io/docs/concepts/configuration/secret/ [labels]: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ -[logstash docker image]: https://www.elastic.co/guide/en/logstash/7.8/docker.html +[logstash docker image]: https://www.elastic.co/guide/en/logstash/7.x/docker.html [logstash oss docker image]: https://www.docker.elastic.co/#logstash-7-8-0-oss [maxUnavailable]: https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget [node affinity settings]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#node-affinity-beta-feature [nodeSelector]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector -[note]: https://www.elastic.co/guide/en/logstash/7.8/docker-config.html#docker-env-config -[parent readme]: https://github.com/elastic/helm-charts/tree/7.x/README.md +[note]: https://www.elastic.co/guide/en/logstash/7.x/docker-config.html#docker-env-config [priorityClass]: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass [probe]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ [resources]: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ [updateStrategy]: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/ [securityContext]: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod [service]: https://kubernetes.io/docs/concepts/services-networking/service/ +[supported configurations]: https://github.com/elastic/helm-charts/tree/7.x/README.md#supported-configurations [terminationGracePeriod]: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods [tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ [values.yaml]: https://github.com/elastic/helm-charts/tree/7.x/logstash/values.yaml diff --git a/logstash/examples/default/README.md b/logstash/examples/default/README.md index 27acaab55..25d51f678 100644 --- a/logstash/examples/default/README.md +++ b/logstash/examples/default/README.md @@ -1,6 +1,6 @@ # Default -This example deploy Logstash 7.8.0-SNAPSHOT using [default values][]. +This example deploy Logstash 7.9.0-SNAPSHOT using [default values][]. ## Usage diff --git a/logstash/examples/default/test/goss.yaml b/logstash/examples/default/test/goss.yaml index 9e6912433..32a775264 100644 --- a/logstash/examples/default/test/goss.yaml +++ b/logstash/examples/default/test/goss.yaml @@ -10,7 +10,7 @@ http: timeout: 2000 body: - '"host" : "helm-logstash-default-logstash-0"' - - '"version" : "7.8.0"' + - '"version" : "7.9.0"' - '"http_address" : "0.0.0.0:9600"' - '"name" : "helm-logstash-default-logstash-0"' - '"status" : "green"' diff --git a/logstash/examples/elasticsearch/README.md b/logstash/examples/elasticsearch/README.md index 965cbf750..a99ebbcd5 100644 --- a/logstash/examples/elasticsearch/README.md +++ b/logstash/examples/elasticsearch/README.md @@ -1,6 +1,6 @@ # Elasticsearch -This example deploy Logstash 7.8.0-SNAPSHOT which connects to Elasticsearch (see +This example deploy Logstash 7.9.0-SNAPSHOT which connects to Elasticsearch (see [values][]). diff --git a/logstash/examples/elasticsearch/test/goss.yaml b/logstash/examples/elasticsearch/test/goss.yaml index 4194138c0..df088b1a7 100644 --- a/logstash/examples/elasticsearch/test/goss.yaml +++ b/logstash/examples/elasticsearch/test/goss.yaml @@ -22,7 +22,7 @@ http: timeout: 2000 body: - '"host" : "helm-logstash-elasticsearch-logstash-0"' - - '"version" : "7.8.0"' + - '"version" : "7.9.0"' - '"http_address" : "0.0.0.0:9600"' - '"name" : "helm-logstash-elasticsearch-logstash-0"' - '"status" : "green"' diff --git a/logstash/examples/oss/README.md b/logstash/examples/oss/README.md index 54069f2f2..f02a7618c 100644 --- a/logstash/examples/oss/README.md +++ b/logstash/examples/oss/README.md @@ -1,6 +1,6 @@ # OSS -This example deploy Logstash 7.8.0-SNAPSHOT using [Logstash OSS][] version. +This example deploy Logstash 7.9.0-SNAPSHOT using [Logstash OSS][] version. ## Usage diff --git a/logstash/examples/oss/test/goss.yaml b/logstash/examples/oss/test/goss.yaml index 7d9bfefbe..8ea6b310e 100644 --- a/logstash/examples/oss/test/goss.yaml +++ b/logstash/examples/oss/test/goss.yaml @@ -10,7 +10,7 @@ http: timeout: 2000 body: - '"host" : "helm-logstash-oss-logstash-0"' - - '"version" : "7.8.0"' + - '"version" : "7.9.0"' - '"http_address" : "0.0.0.0:9600"' - '"name" : "helm-logstash-oss-logstash-0"' - '"status" : "green"' diff --git a/logstash/values.yaml b/logstash/values.yaml index 8fd6a4789..690575269 100755 --- a/logstash/values.yaml +++ b/logstash/values.yaml @@ -43,7 +43,7 @@ envFrom: [] secretMounts: [] image: "docker.elastic.co/logstash/logstash" -imageTag: "7.8.0-SNAPSHOT" +imageTag: "7.9.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" imagePullSecrets: [] diff --git a/metricbeat/Chart.yaml b/metricbeat/Chart.yaml index 1d42f81d0..aab9c85ce 100755 --- a/metricbeat/Chart.yaml +++ b/metricbeat/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: metricbeat -version: 7.8.0-SNAPSHOT -appVersion: 7.8.0-SNAPSHOT +version: 7.9.0-SNAPSHOT +appVersion: 7.9.0-SNAPSHOT sources: - https://github.com/elastic/beats icon: https://helm.elastic.co/icons/beats.png diff --git a/metricbeat/README.md b/metricbeat/README.md index 4bffdbc08..9da1b8d24 100644 --- a/metricbeat/README.md +++ b/metricbeat/README.md @@ -1,12 +1,20 @@ # Metricbeat Helm Chart + +This Helm chart is a lightweight way to configure and run our official +[Metricbeat Docker image][]. + +**Warning**: This branch is used for development, please use [7.7.1][] release +for released version. + + - [Requirements](#requirements) - [Installing](#installing) - - [Using Helm repository](#using-helm-repository) - - [Using the 7.x branch](#using-the-7x-branch) + - [Install released version using Helm repository](#install-released-version-using-helm-repository) + - [Install development version using 7.x branch and 7.9.0-SNAPSHOT versions](#install-development-version-using-7x-branch-and-790-snapshot-versions) - [Upgrading](#upgrading) - [Usage notes](#usage-notes) - [Configuration](#configuration) @@ -23,45 +31,30 @@ -This functionality is in beta and is subject to change. The design and code is -less mature than official GA features and is being provided as-is with no -warranties. Beta features are not subject to the support SLA of official GA -features. - -This Helm chart is a lightweight way to configure and run our official -[Metricbeat Docker image][]. - - ## Requirements -* [Helm][] >=2.8.0 and <3.0.0 (see [parent README][] for more details) +* [Helm][] >=2.8.0 and <3.0.0 * Kubernetes >=1.9 +See [supported configurations][] for more details. ## Installing -This chart is tested with the latest 7.8.0-SNAPSHOT versions. +This chart is tested with the latest 7.9.0-SNAPSHOT versions. -### Using Helm repository +### Install released version using Helm repository * Add the Elastic Helm charts repo: `helm repo add elastic https://helm.elastic.co` -* Install the latest 7.8 release: -`helm install --name metricbeat elastic/metricbeat --version=7.8.0` - -### Using the 7.x branch +* Install the latest 7.7 release: +`helm install --name metricbeat elastic/metricbeat` -* Clone the git repo and checkout the right branch: +### Install development version using 7.x branch and 7.9.0-SNAPSHOT versions - ```shell - git clone git@github.com:elastic/helm-charts.git - cd helm-charts - git checkout -b 7.x origin/7.x - ```` +* Clone the git repo: `git clone git@github.com:elastic/helm-charts.git` -* Install the latest 7.8.0-SNAPSHOT: -`helm install --name metricbeat ./helm-charts/metricbeat` +* Install it: `helm install --name metricbeat ./helm-charts/metricbeat` ## Upgrading @@ -123,7 +116,7 @@ as a reference. They are also used in the automated testing of this chart. | `hostPathRoot` | Fully-qualified [hostPath][] that will be used to persist Metricbeat registry data | `/var/lib` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The Metricbeat Docker image tag | `7.8.0-SNAPSHOT` | +| `imageTag` | The Metricbeat Docker image tag | `7.9.0-SNAPSHOT` | | `image` | The Metricbeat Docker image | `docker.elastic.co/beats/metricbeat` | | `labels` | Configurable [labels][] applied to all Metricbeat pods | `{}` | | `livenessProbe` | Parameters to pass to liveness [probe][] checks for values such as timeouts and thresholds | see [values.yaml][] | @@ -204,6 +197,8 @@ Please check [CONTRIBUTING.md][] before any contribution or for any questions about our development and testing process. +[#471]: https://github.com/elastic/helm-charts/pull/471 +[7.7.1]: https://github.com/elastic/helm-charts/blob/7.7.1/metricbeat/README.md [BREAKING_CHANGES.md]: https://github.com/elastic/helm-charts/blob/master/BREAKING_CHANGES.md [CHANGELOG.md]: https://github.com/elastic/helm-charts/blob/master/CHANGELOG.md [CONTRIBUTING.md]: https://github.com/elastic/helm-charts/blob/master/CONTRIBUTING.md @@ -224,14 +219,14 @@ about our development and testing process. [kube-state-metrics]: https://github.com/helm/charts/tree/7.x/stable/kube-state-metrics [kubernetes secrets]: https://kubernetes.io/docs/concepts/configuration/secret/ [labels]: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ -[metricbeat docker image]: https://www.elastic.co/guide/en/beats/metricbeat/7.8/running-on-docker.html +[metricbeat docker image]: https://www.elastic.co/guide/en/beats/metricbeat/7.x/running-on-docker.html [priorityClass]: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass [nodeSelector]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector -[parent readme]: https://github.com/elastic/helm-charts/tree/7.x/README.md [probe]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes [resources]: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ [securityContext]: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ [serviceAccount]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ +[supported configurations]: https://github.com/elastic/helm-charts/tree/7.x/README.md#supported-configurations [tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ [updateStrategy]: https://kubernetes.io/docs/tasks/manage-daemon/update-daemon-set/#daemonset-update-strategy [values.yaml]: https://github.com/elastic/helm-charts/tree/7.x/metricbeat/values.yaml diff --git a/metricbeat/examples/default/README.md b/metricbeat/examples/default/README.md index ad2538354..98f7a3448 100644 --- a/metricbeat/examples/default/README.md +++ b/metricbeat/examples/default/README.md @@ -1,6 +1,6 @@ # Default -This example deploy Metricbeat 7.8.0-SNAPSHOT using [default values][]. +This example deploy Metricbeat 7.9.0-SNAPSHOT using [default values][]. ## Usage diff --git a/metricbeat/examples/default/test/goss-metrics.yaml b/metricbeat/examples/default/test/goss-metrics.yaml index d053187a5..3d2f428b4 100644 --- a/metricbeat/examples/default/test/goss-metrics.yaml +++ b/metricbeat/examples/default/test/goss-metrics.yaml @@ -21,13 +21,13 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.8.0' + - 'metricbeat-7.9.0' 'http://elasticsearch-master:9200/_search?q=metricset.name:state_container%20AND%20kubernetes.container.name:metricbeat': status: 200 timeout: 2000 body: - - 'metricbeat-7.8.0' + - 'metricbeat-7.9.0' file: /usr/share/metricbeat/metricbeat.yml: @@ -41,4 +41,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: http://elasticsearch-master:9200' - - 'version: 7.8.0' + - 'version: 7.9.0' diff --git a/metricbeat/examples/default/test/goss.yaml b/metricbeat/examples/default/test/goss.yaml index 57729b462..da7e26905 100644 --- a/metricbeat/examples/default/test/goss.yaml +++ b/metricbeat/examples/default/test/goss.yaml @@ -25,12 +25,12 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.8.0' + - 'metricbeat-7.9.0' 'http://elasticsearch-master:9200/_search?q=metricset.name:container%20AND%20kubernetes.container.name:metricbeat': status: 200 timeout: 2000 body: - - 'metricbeat-7.8.0' + - 'metricbeat-7.9.0' file: /usr/share/metricbeat/metricbeat.yml: @@ -45,4 +45,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: http://elasticsearch-master:9200' - - 'version: 7.8.0' + - 'version: 7.9.0' diff --git a/metricbeat/examples/oss/README.md b/metricbeat/examples/oss/README.md index 66d300eb7..448adfbe7 100644 --- a/metricbeat/examples/oss/README.md +++ b/metricbeat/examples/oss/README.md @@ -1,6 +1,6 @@ # OSS -This example deploy Metricbeat 7.8.0-SNAPSHOT using [Metricbeat OSS][] version. +This example deploy Metricbeat 7.9.0-SNAPSHOT using [Metricbeat OSS][] version. ## Usage diff --git a/metricbeat/examples/oss/test/goss-metrics.yaml b/metricbeat/examples/oss/test/goss-metrics.yaml index a8af07519..bbc8020ec 100644 --- a/metricbeat/examples/oss/test/goss-metrics.yaml +++ b/metricbeat/examples/oss/test/goss-metrics.yaml @@ -21,12 +21,12 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.8.0' + - 'metricbeat-7.9.0' http://oss-master:9200/_search?q=metricset.name:state_deployment: status: 200 timeout: 2000 body: - - 'metricbeat-7.8.0' + - 'metricbeat-7.9.0' file: /usr/share/metricbeat/metricbeat.yml: @@ -39,4 +39,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: http://oss-master:9200' - - 'version: 7.8.0' + - 'version: 7.9.0' diff --git a/metricbeat/examples/oss/test/goss.yaml b/metricbeat/examples/oss/test/goss.yaml index 8a1bf3baa..609c4bdf5 100644 --- a/metricbeat/examples/oss/test/goss.yaml +++ b/metricbeat/examples/oss/test/goss.yaml @@ -25,12 +25,12 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.8.0' + - 'metricbeat-7.9.0' http://oss-master:9200/_search?q=metricset.name:container: status: 200 timeout: 2000 body: - - 'metricbeat-7.8.0' + - 'metricbeat-7.9.0' file: /usr/share/metricbeat/metricbeat.yml: @@ -44,4 +44,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: http://oss-master:9200' - - 'version: 7.8.0' + - 'version: 7.9.0' diff --git a/metricbeat/examples/security/README.md b/metricbeat/examples/security/README.md index 85d8ee505..91ab027b8 100644 --- a/metricbeat/examples/security/README.md +++ b/metricbeat/examples/security/README.md @@ -1,6 +1,6 @@ # Security -This example deploy Metricbeat 7.8.0-SNAPSHOT using authentication and TLS to connect to +This example deploy Metricbeat 7.9.0-SNAPSHOT using authentication and TLS to connect to Elasticsearch (see [values][]). diff --git a/metricbeat/examples/security/test/goss-metrics.yaml b/metricbeat/examples/security/test/goss-metrics.yaml index cf215bd65..aeb2910e4 100644 --- a/metricbeat/examples/security/test/goss-metrics.yaml +++ b/metricbeat/examples/security/test/goss-metrics.yaml @@ -21,7 +21,7 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.8.0' + - 'metricbeat-7.9.0' allow-insecure: true username: '{{ .Env.ELASTICSEARCH_USERNAME }}' password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' @@ -29,7 +29,7 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.8.0' + - 'metricbeat-7.9.0' allow-insecure: true username: '{{ .Env.ELASTICSEARCH_USERNAME }}' password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' @@ -45,4 +45,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: https://security-master:9200' - - 'version: 7.8.0' + - 'version: 7.9.0' diff --git a/metricbeat/examples/security/test/goss.yaml b/metricbeat/examples/security/test/goss.yaml index 58213e2e0..e2e5c2779 100644 --- a/metricbeat/examples/security/test/goss.yaml +++ b/metricbeat/examples/security/test/goss.yaml @@ -25,7 +25,7 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.8.0' + - 'metricbeat-7.9.0' allow-insecure: true username: '{{ .Env.ELASTICSEARCH_USERNAME }}' password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' @@ -33,7 +33,7 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.8.0' + - 'metricbeat-7.9.0' allow-insecure: true username: '{{ .Env.ELASTICSEARCH_USERNAME }}' password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' @@ -50,4 +50,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: https://security-master:9200' - - 'version: 7.8.0' + - 'version: 7.9.0' diff --git a/metricbeat/templates/daemonset.yaml b/metricbeat/templates/daemonset.yaml index 5bf720702..f40770f4b 100644 --- a/metricbeat/templates/daemonset.yaml +++ b/metricbeat/templates/daemonset.yaml @@ -143,7 +143,7 @@ spec: - name: data mountPath: /usr/share/metricbeat/data # Necessary when using autodiscovery; avoid mounting it otherwise - # See: https://www.elastic.co/guide/en/beats/metricbeat/7.8/configuration-autodiscover.html + # See: https://www.elastic.co/guide/en/beats/metricbeat/7.x/configuration-autodiscover.html - name: varrundockersock mountPath: /var/run/docker.sock readOnly: true diff --git a/metricbeat/values.yaml b/metricbeat/values.yaml index 783a09bb8..972c156de 100755 --- a/metricbeat/values.yaml +++ b/metricbeat/values.yaml @@ -159,7 +159,7 @@ extraInitContainers: "" hostPathRoot: /var/lib image: "docker.elastic.co/beats/metricbeat" -imageTag: "7.8.0-SNAPSHOT" +imageTag: "7.9.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" imagePullSecrets: [] From 6ad3a5fbe6258d273f554dfcd7ec7bec7c1f78c8 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Mon, 15 Jun 2020 08:40:23 +0200 Subject: [PATCH 037/151] [apm-server] increase memory limit (#664) --- apm-server/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apm-server/values.yaml b/apm-server/values.yaml index ea9860e38..af9e4eb8c 100755 --- a/apm-server/values.yaml +++ b/apm-server/values.yaml @@ -97,7 +97,7 @@ resources: memory: "100Mi" limits: cpu: "1000m" - memory: "200Mi" + memory: "512Mi" # Custom service account override that the pod will use serviceAccount: "" From ba17055a843b46a5c74693b759213eb30af4283f Mon Sep 17 00:00:00 2001 From: Florian Loretan Date: Wed, 17 Jun 2020 14:09:16 +0200 Subject: [PATCH 038/151] [elasticsearch] Disable service links to prevent very long startup times (#542) Prevents very long startup times when the namespace contains many services. Only valid for kubernetes versions >1.13 --- elasticsearch/README.md | 1 + elasticsearch/templates/statefulset.yaml | 3 +++ elasticsearch/values.yaml | 5 +++++ 3 files changed, 9 insertions(+) diff --git a/elasticsearch/README.md b/elasticsearch/README.md index 4f2cf3b0e..075038b37 100644 --- a/elasticsearch/README.md +++ b/elasticsearch/README.md @@ -109,6 +109,7 @@ support multiple versions with minimal changes. | `antiAffinity` | Setting this to hard enforces the [anti-affinity][] rules. If it is set to soft it will be done "best effort". Other values will be ignored | `hard` | | `clusterHealthCheckParams` | The [Elasticsearch cluster health status params][] that will be used by readiness [probe][] command | `wait_for_status=green&timeout=1s` | | `clusterName` | This will be used as the Elasticsearch [cluster.name][] and should be unique per cluster in the namespace | `elasticsearch` | +| `enableServiceLinks` | Set to false to disabling service links, which can cause slow pod startup times when there are many services in the current namespace. | `true` | | `envFrom` | Templatable string to be passed to the [environment from variables][] which will be appended to the `envFrom:` definition for the container | `[]` | | `esConfig` | Allows you to add any config files in `/usr/share/elasticsearch/config/` such as `elasticsearch.yml` and `log4j2.properties`. See [values.yaml][] for an example of the formatting | `{}` | | `esJavaOpts` | [Java options][] for Elasticsearch. This is where you should configure the [jvm heap size][] | `-Xmx1g -Xms1g` | diff --git a/elasticsearch/templates/statefulset.yaml b/elasticsearch/templates/statefulset.yaml index acb1afbc8..f79b8f48f 100644 --- a/elasticsearch/templates/statefulset.yaml +++ b/elasticsearch/templates/statefulset.yaml @@ -143,6 +143,9 @@ spec: {{- if .Values.imagePullSecrets }} imagePullSecrets: {{ toYaml .Values.imagePullSecrets | indent 8 }} + {{- end }} + {{- if semverCompare ">1.13" .Capabilities.KubeVersion.GitVersion }} + enableServiceLinks: {{ .Values.enableServiceLinks }} {{- end }} initContainers: {{- if .Values.sysctlInitContainer.enabled }} diff --git a/elasticsearch/values.yaml b/elasticsearch/values.yaml index 0571d951a..621cf9039 100755 --- a/elasticsearch/values.yaml +++ b/elasticsearch/values.yaml @@ -159,6 +159,11 @@ nodeAffinity: {} # the same time when bootstrapping the cluster podManagementPolicy: "Parallel" +# The environment variables injected by service links are not used, but can lead to slow Elasticsearch boot times when +# there are many services in the current namespace. +# If you experience slow pod startups you probably want to set this to `false`. +enableServiceLinks: true + protocol: http httpPort: 9200 transportPort: 9300 From 8409ed13040aaf28e04d87289b1811b90de25af0 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Thu, 18 Jun 2020 13:12:37 +0200 Subject: [PATCH 039/151] [apm-server] allow customizing probes (#671) This commit makes probes customizable using values. The values where already partly existing but weren't used in the deployment template. --- apm-server/templates/deployment.yaml | 12 +++--------- apm-server/values.yaml | 8 ++++++++ 2 files changed, 11 insertions(+), 9 deletions(-) diff --git a/apm-server/templates/deployment.yaml b/apm-server/templates/deployment.yaml index 87a1bc085..8ffd5ee39 100644 --- a/apm-server/templates/deployment.yaml +++ b/apm-server/templates/deployment.yaml @@ -88,15 +88,9 @@ spec: {{ toYaml .Values.podSecurityContext | indent 10 }} {{- end }} livenessProbe: - httpGet: - path: / - port: http - initialDelaySeconds: 30 +{{ toYaml .Values.livenessProbe | indent 10 }} readinessProbe: - httpGet: - path: / - port: http - initialDelaySeconds: 30 +{{ toYaml .Values.readinessProbe | indent 10 }} ports: - containerPort: {{ .Values.service.port }} name: http @@ -125,4 +119,4 @@ spec: {{- end }} {{- if .Values.extraContainers }} {{ tpl .Values.extraContainers . | indent 6 }} - {{- end }} \ No newline at end of file + {{- end }} diff --git a/apm-server/values.yaml b/apm-server/values.yaml index af9e4eb8c..23eefdfd2 100755 --- a/apm-server/values.yaml +++ b/apm-server/values.yaml @@ -80,12 +80,20 @@ podSecurityContext: privileged: false livenessProbe: + httpGet: + path: / + port: http + initialDelaySeconds: 30 failureThreshold: 3 initialDelaySeconds: 10 periodSeconds: 10 timeoutSeconds: 5 readinessProbe: + httpGet: + path: / + port: http + initialDelaySeconds: 30 failureThreshold: 3 initialDelaySeconds: 10 periodSeconds: 10 From d31b4a0131f3a9930ed5b13a5bd1f37414246eb8 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Thu, 18 Jun 2020 13:32:58 +0200 Subject: [PATCH 040/151] [elasticsearch] update kind example for version >= 0.7.0 (#669) --- .../examples/kubernetes-kind/Makefile | 5 +++- .../examples/kubernetes-kind/README.md | 14 +++++------ .../kubernetes-kind/values-local-path.yaml | 23 +++++++++++++++++++ 3 files changed, 33 insertions(+), 9 deletions(-) create mode 100644 elasticsearch/examples/kubernetes-kind/values-local-path.yaml diff --git a/elasticsearch/examples/kubernetes-kind/Makefile b/elasticsearch/examples/kubernetes-kind/Makefile index 9dad380be..af816a9d8 100644 --- a/elasticsearch/examples/kubernetes-kind/Makefile +++ b/elasticsearch/examples/kubernetes-kind/Makefile @@ -3,9 +3,12 @@ default: test RELEASE := helm-es-kind install: - kubectl apply -f https://raw.githubusercontent.com/rancher/local-path-provisioner/master/deploy/local-path-storage.yaml helm upgrade --wait --timeout=900 --install --values values.yaml $(RELEASE) ../../ +install-local-path: + kubectl apply -f https://raw.githubusercontent.com/rancher/local-path-provisioner/master/deploy/local-path-storage.yaml + helm upgrade --wait --timeout=900 --install --values values-local-path.yaml $(RELEASE) ../../ + test: install helm test $(RELEASE) diff --git a/elasticsearch/examples/kubernetes-kind/README.md b/elasticsearch/examples/kubernetes-kind/README.md index 6c806539b..4d74489f7 100644 --- a/elasticsearch/examples/kubernetes-kind/README.md +++ b/elasticsearch/examples/kubernetes-kind/README.md @@ -6,21 +6,19 @@ using [custom values][]. Note that this configuration should be used for test only and isn't recommended for production. +Note that Kind < 0.7.0 are affected by a [kind issue][] with mount points +created from PVCs not writable by non-root users. [kubernetes-sigs/kind#1157][] +fix it in Kind 0.7.0. -## Requirements - -There is currently an [kind issue][] with mount points created from PVCs not -writable by non-root users. [kubernetes-sigs/kind#1157][] should fix it in a -future release. - -Meanwhile, the workaround is to install manually +The workaround for Kind < 0.7.0 is to install manually [Rancher Local Path Provisioner][] and use `local-path` storage class for Elasticsearch volumes (see [Makefile][] instructions). ## Usage -* Deploy Elasticsearch chart with the default values: `make install` +* For Kind >= 0.7.0: Deploy Elasticsearch chart with the default values: `make install` +* For Kind < 0.7.0: Deploy Elasticsearch chart with `local-path` storage class: `make install-local-path` * You can now setup a port forward to query Elasticsearch API: diff --git a/elasticsearch/examples/kubernetes-kind/values-local-path.yaml b/elasticsearch/examples/kubernetes-kind/values-local-path.yaml new file mode 100644 index 000000000..500ad4b14 --- /dev/null +++ b/elasticsearch/examples/kubernetes-kind/values-local-path.yaml @@ -0,0 +1,23 @@ +--- +# Permit co-located instances for solitary minikube virtual machines. +antiAffinity: "soft" + +# Shrink default JVM heap. +esJavaOpts: "-Xmx128m -Xms128m" + +# Allocate smaller chunks of memory per pod. +resources: + requests: + cpu: "100m" + memory: "512M" + limits: + cpu: "1000m" + memory: "512M" + +# Request smaller persistent volumes. +volumeClaimTemplate: + accessModes: [ "ReadWriteOnce" ] + storageClassName: "local-path" + resources: + requests: + storage: 100M From 4f2e8f56b2469c817db83c3c96d431703e2e327b Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Thu, 18 Jun 2020 13:33:41 +0200 Subject: [PATCH 041/151] [helm] bump helm version to 2.16.9 (#667) --- README.md | 2 +- helpers/helm-tester/Dockerfile | 2 +- helpers/terraform/Dockerfile | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 7e503e084..ce4e30375 100644 --- a/README.md +++ b/README.md @@ -62,7 +62,7 @@ exact versions are defined under `KUBERNETES_VERSIONS` in ### Helm versions While we are checking backward compatibility, the charts are only tested with -Helm version mentioned in [helm-tester Dockerfile][] (currently 2.16.8). +Helm version mentioned in [helm-tester Dockerfile][] (currently 2.16.9). Note that we don't support [Helm 3][] version. ## ECK diff --git a/helpers/helm-tester/Dockerfile b/helpers/helm-tester/Dockerfile index 9640c9d69..50536ca3e 100644 --- a/helpers/helm-tester/Dockerfile +++ b/helpers/helm-tester/Dockerfile @@ -1,6 +1,6 @@ FROM python:3.7 -ENV HELM_VERSION=2.16.8 +ENV HELM_VERSION=2.16.9 RUN wget --no-verbose https://storage.googleapis.com/kubernetes-helm/helm-v${HELM_VERSION}-linux-amd64.tar.gz && \ tar xfv helm-v${HELM_VERSION}-linux-amd64.tar.gz && \ diff --git a/helpers/terraform/Dockerfile b/helpers/terraform/Dockerfile index b921c97de..a6f87a3bd 100644 --- a/helpers/terraform/Dockerfile +++ b/helpers/terraform/Dockerfile @@ -3,7 +3,7 @@ FROM centos:7 ENV VAULT_VERSION 0.9.3 ENV TERRAFORM_VERSION=0.11.7 ENV KUBECTL_VERSION=1.16.10 -ENV HELM_VERSION=2.16.8 +ENV HELM_VERSION=2.16.9 ENV DOCKER_VERSION=18.09.7 ENV JQ_VERSION=1.6 From 6d819a70535134823c25ad1b0c28f5901be45d56 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Thu, 18 Jun 2020 14:33:31 +0200 Subject: [PATCH 042/151] [logstash] add security example (#392) This commit add a security example to use Logstash Helm chart and Elasticsearch Helm chart with TLS encryption. --- elasticsearch/examples/security/Makefile | 6 ++- helpers/matrix.yml | 1 + logstash/examples/security/Makefile | 14 +++++ logstash/examples/security/README.md | 28 ++++++++++ logstash/examples/security/test/goss.yaml | 64 +++++++++++++++++++++++ logstash/examples/security/values.yaml | 40 ++++++++++++++ 6 files changed, 151 insertions(+), 2 deletions(-) create mode 100644 logstash/examples/security/Makefile create mode 100644 logstash/examples/security/README.md create mode 100644 logstash/examples/security/test/goss.yaml create mode 100644 logstash/examples/security/values.yaml diff --git a/elasticsearch/examples/security/Makefile b/elasticsearch/examples/security/Makefile index d8c6f11c7..46f0ee783 100644 --- a/elasticsearch/examples/security/Makefile +++ b/elasticsearch/examples/security/Makefile @@ -19,7 +19,7 @@ pull-elasticsearch-image: secrets: docker rm -f elastic-helm-charts-certs || true - rm -f elastic-certificates.p12 elastic-certificate.pem elastic-stack-ca.p12 || true + rm -f elastic-certificates.p12 elastic-certificate.pem elastic-certificate.crt elastic-stack-ca.p12 || true password=$$([ ! -z "$$ELASTIC_PASSWORD" ] && echo $$ELASTIC_PASSWORD || echo $$(docker run --rm busybox:1.31.1 /bin/sh -c "< /dev/urandom tr -cd '[:alnum:]' | head -c20")) && \ docker run --name elastic-helm-charts-certs -i -w /app \ $(ELASTICSEARCH_IMAGE) \ @@ -29,7 +29,9 @@ secrets: docker cp elastic-helm-charts-certs:/app/elastic-certificates.p12 ./ && \ docker rm -f elastic-helm-charts-certs && \ openssl pkcs12 -nodes -passin pass:'' -in elastic-certificates.p12 -out elastic-certificate.pem && \ + openssl x509 -outform der -in elastic-certificate.pem -out elastic-certificate.crt && \ kubectl create secret generic elastic-certificates --from-file=elastic-certificates.p12 && \ kubectl create secret generic elastic-certificate-pem --from-file=elastic-certificate.pem && \ + kubectl create secret generic elastic-certificate-crt --from-file=elastic-certificate.crt && \ kubectl create secret generic elastic-credentials --from-literal=password=$$password --from-literal=username=elastic && \ - rm -f elastic-certificates.p12 elastic-certificate.pem elastic-stack-ca.p12 + rm -f elastic-certificates.p12 elastic-certificate.pem elastic-certificate.crt elastic-stack-ca.p12 diff --git a/helpers/matrix.yml b/helpers/matrix.yml index aaba651f9..f51901f09 100644 --- a/helpers/matrix.yml +++ b/helpers/matrix.yml @@ -27,6 +27,7 @@ LOGSTASH_SUITE: - default - oss - elasticsearch + - security APM_SERVER_SUITE: - default - oss diff --git a/logstash/examples/security/Makefile b/logstash/examples/security/Makefile new file mode 100644 index 000000000..8bfee0711 --- /dev/null +++ b/logstash/examples/security/Makefile @@ -0,0 +1,14 @@ +default: test + +include ../../../helpers/examples.mk + +RELEASE := helm-logstash-security + +install: + helm upgrade --wait --timeout=900 --install $(RELEASE) --values values.yaml ../../ + +test: install goss + +purge: + helm del --purge $(RELEASE) + kubectl delete $$(kubectl get pvc -l release=$(RELEASE) -o name) diff --git a/logstash/examples/security/README.md b/logstash/examples/security/README.md new file mode 100644 index 000000000..0f9af83dd --- /dev/null +++ b/logstash/examples/security/README.md @@ -0,0 +1,28 @@ +# Security + +This example deploy Logstash 7.7.1 which connects to Elasticsearch using TLS +(see [values][]). + + +## Usage + +* Deploy [Elasticsearch Helm chart with security][]. + +* Deploy Logstash chart: `make install` + +* You can now setup a port forward to query Logstash indices: + + ``` + kubectl port-forward svc/elasticsearch-master 9200 + curl localhost:9200/_cat/indices + ``` + + +## Testing + +You can also run [goss integration tests][] using `make test` + + +[elasticsearch helm chart with security]: https://github.com/elastic/helm-charts/tree/master/elasticsearch/examples/security/ +[goss integration tests]: https://github.com/elastic/helm-charts/tree/master/logstash/examples/security/test/goss.yaml +[values]: https://github.com/elastic/helm-charts/tree/master/logstash/examples/security/values.yaml diff --git a/logstash/examples/security/test/goss.yaml b/logstash/examples/security/test/goss.yaml new file mode 100644 index 000000000..0102ad0d1 --- /dev/null +++ b/logstash/examples/security/test/goss.yaml @@ -0,0 +1,64 @@ +mount: + /usr/share/logstash/data: + exists: true + /usr/share/logstash/config/logstash.yml: + exists: true + opts: + - ro + /usr/share/logstash/pipeline/uptime.conf: + exists: true + opts: + - ro + +user: + logstash: + exists: true + uid: 1000 + gid: 1000 + +http: + http://localhost:9600?pretty: + status: 200 + timeout: 2000 + body: + - '"host" : "helm-logstash-security-logstash-0"' + - '"version" : "7.7.1"' + - '"http_address" : "0.0.0.0:9600"' + - '"name" : "helm-logstash-security-logstash-0"' + - '"status" : "green"' + - '"workers" : 1' + - '"batch_size" : 125' + - '"batch_delay" : 50' + https://security-master:9200/_cat/indices: + status: 200 + timeout: 2000 + body: + - 'logstash' + allow-insecure: true + username: '{{ .Env.ELASTICSEARCH_USERNAME }}' + password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' + +file: + /usr/share/logstash/config/logstash.yml: + exists: true + mode: "0644" + owner: root + group: logstash + filetype: file + contains: + - 'http.host: 0.0.0.0' + - 'xpack.monitoring.enabled: true' + - 'xpack.monitoring.elasticsearch.hosts: ["https://security-master:9200"]' + - 'xpack.monitoring.elasticsearch.ssl.certificate_authority: /usr/share/logstash/config/certs/elastic-certificate.crt' + /usr/share/logstash/pipeline/uptime.conf: + exists: true + mode: "0644" + owner: root + group: logstash + filetype: file + contains: + - 'input { exec { command => "uptime" interval => 30 } }' + - 'output { elasticsearch {' + - 'hosts => ["https://security-master:9200"]' + - 'cacert => "/usr/share/logstash/config/certs/elastic-certificate.crt"' + - 'index => "logstash"' diff --git a/logstash/examples/security/values.yaml b/logstash/examples/security/values.yaml new file mode 100644 index 000000000..1457d7865 --- /dev/null +++ b/logstash/examples/security/values.yaml @@ -0,0 +1,40 @@ +persistence: + enabled: true + +logstashConfig: + logstash.yml: | + http.host: 0.0.0.0 + xpack.monitoring.enabled: true + xpack.monitoring.elasticsearch.username: '${ELASTICSEARCH_USERNAME}' + xpack.monitoring.elasticsearch.password: '${ELASTICSEARCH_PASSWORD}' + xpack.monitoring.elasticsearch.hosts: ["https://security-master:9200"] + xpack.monitoring.elasticsearch.ssl.certificate_authority: /usr/share/logstash/config/certs/elastic-certificate.crt + +logstashPipeline: + uptime.conf: | + input { exec { command => "uptime" interval => 30 } } + output { elasticsearch { + hosts => ["https://security-master:9200"] + cacert => "/usr/share/logstash/config/certs/elastic-certificate.crt" + user => '${ELASTICSEARCH_USERNAME}' + password => '${ELASTICSEARCH_PASSWORD}' + index => "logstash" + } + } + +secretMounts: + - name: elastic-certificate-crt + secretName: elastic-certificate-crt + path: /usr/share/logstash/config/certs + +extraEnvs: + - name: 'ELASTICSEARCH_USERNAME' + valueFrom: + secretKeyRef: + name: elastic-credentials + key: username + - name: 'ELASTICSEARCH_PASSWORD' + valueFrom: + secretKeyRef: + name: elastic-credentials + key: password From e10a7d1f038b1e0808b2bfef9c77112b5e8a8d22 Mon Sep 17 00:00:00 2001 From: Philipp Gortan Date: Tue, 23 Jun 2020 09:53:40 +0200 Subject: [PATCH 043/151] podSecurityContext.runAsUser needs to be nulled as well for Openshift (#655) --- elasticsearch/examples/openshift/values.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/elasticsearch/examples/openshift/values.yaml b/elasticsearch/examples/openshift/values.yaml index 7f5cd8494..8a211268b 100644 --- a/elasticsearch/examples/openshift/values.yaml +++ b/elasticsearch/examples/openshift/values.yaml @@ -5,6 +5,7 @@ securityContext: podSecurityContext: fsGroup: null + runAsUser: null sysctlInitContainer: enabled: false From c72f37c955c30fd32ca4da0112d80cb6ee97fb4f Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Wed, 24 Jun 2020 11:21:07 +0200 Subject: [PATCH 044/151] [meta] disable stackdriver for gke test clusters (#687) --- helpers/terraform/main.tf | 2 ++ 1 file changed, 2 insertions(+) diff --git a/helpers/terraform/main.tf b/helpers/terraform/main.tf index 292c881fa..0d1ece129 100644 --- a/helpers/terraform/main.tf +++ b/helpers/terraform/main.tf @@ -16,6 +16,8 @@ resource "google_container_cluster" "cluster" { additional_zones = "${var.additional_zones}" min_master_version = "${var.kubernetes_version}" node_version = "${var.kubernetes_version}" + logging_service = "none" + monitoring_service = "none" network = "${var.network}" subnetwork = "${var.subnetwork}" From be7e3c4b738f13334d06045f77f15d41319a48f1 Mon Sep 17 00:00:00 2001 From: jim-barber-he <38272327+jim-barber-he@users.noreply.github.com> Date: Fri, 26 Jun 2020 16:48:16 +0800 Subject: [PATCH 045/151] Add ServiceAccount annotations (#686) Co-authored-by: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> --- apm-server/README.md | 1 + apm-server/templates/serviceaccount.yaml | 4 ++++ apm-server/tests/apmserver_test.py | 14 ++++++++++++++ apm-server/values.yaml | 4 ++++ elasticsearch/templates/serviceaccount.yaml | 4 ++++ elasticsearch/tests/elasticsearch_test.py | 16 ++++++++++++++++ elasticsearch/values.yaml | 1 + filebeat/README.md | 1 + filebeat/templates/serviceaccount.yaml | 4 ++++ filebeat/tests/filebeat_test.py | 14 ++++++++++++++ filebeat/values.yaml | 4 ++++ logstash/templates/serviceaccount.yaml | 4 ++++ logstash/tests/logstash_test.py | 16 ++++++++++++++++ logstash/values.yaml | 1 + metricbeat/README.md | 1 + metricbeat/templates/serviceaccount.yaml | 4 ++++ metricbeat/tests/metricbeat_test.py | 14 ++++++++++++++ metricbeat/values.yaml | 4 ++++ 18 files changed, 111 insertions(+) diff --git a/apm-server/README.md b/apm-server/README.md index 42c8debce..53d3b06fe 100644 --- a/apm-server/README.md +++ b/apm-server/README.md @@ -112,6 +112,7 @@ as a reference. They are also used in the automated testing of this chart. | `resources` | Allows you to set the [resources][] for the `Deployment` | see [values.yaml][] | | `secretMounts` | Allows you easily mount a secret as a file inside the `Deployment`. Useful for mounting certificates and other secrets. See [values.yaml][] for an example | `[]` | | `serviceAccount` | Custom [serviceAccount][] that APM Server will use during execution. By default will use the `serviceAccount` created by this chart | `""` | +| `serviceAccountAnnotations` | Annotations to be added to the ServiceAccount that is created by this chart. | `{}` | `service` | Configurable [service][] to expose the APM Server service. See [values.yaml][] for an example | see [values.yaml][] | | `terminationGracePeriod` | Termination period (in seconds) to wait before killing APM Server pod process on pod shutdown | `30` | | `tolerations` | Configurable [tolerations][] | `[]` | diff --git a/apm-server/templates/serviceaccount.yaml b/apm-server/templates/serviceaccount.yaml index 683838131..c03750aa7 100644 --- a/apm-server/templates/serviceaccount.yaml +++ b/apm-server/templates/serviceaccount.yaml @@ -3,6 +3,10 @@ apiVersion: v1 kind: ServiceAccount metadata: name: {{ template "apm.serviceAccount" . }} + annotations: + {{- with .Values.serviceAccountAnnotations }} + {{- toYaml . | nindent 4 }} + {{- end }} labels: app: "{{ template "apm.fullname" . }}" chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" diff --git a/apm-server/tests/apmserver_test.py b/apm-server/tests/apmserver_test.py index cb89d880e..2ce3b70b1 100644 --- a/apm-server/tests/apmserver_test.py +++ b/apm-server/tests/apmserver_test.py @@ -258,6 +258,20 @@ def test_adding_pod_labels(): ) +def test_adding_serviceaccount_annotations(): + config = """ +serviceAccountAnnotations: + eks.amazonaws.com/role-arn: arn:aws:iam::111111111111:role/k8s.clustername.namespace.serviceaccount +""" + r = helm_template(config) + assert ( + r["serviceaccount"][name]["metadata"]["annotations"][ + "eks.amazonaws.com/role-arn" + ] + == "arn:aws:iam::111111111111:role/k8s.clustername.namespace.serviceaccount" + ) + + def test_adding_a_node_selector(): config = """ nodeSelector: diff --git a/apm-server/values.yaml b/apm-server/values.yaml index 23eefdfd2..4999d97f7 100755 --- a/apm-server/values.yaml +++ b/apm-server/values.yaml @@ -110,6 +110,10 @@ resources: # Custom service account override that the pod will use serviceAccount: "" +# Annotations to add to the ServiceAccount that is created if the serviceAccount value isn't set. +serviceAccountAnnotations: {} + # eks.amazonaws.com/role-arn: arn:aws:iam::111111111111:role/k8s.clustername.namespace.serviceaccount + # A list of secrets and their paths to mount inside the pod secretMounts: [] # - name: elastic-certificate-pem diff --git a/elasticsearch/templates/serviceaccount.yaml b/elasticsearch/templates/serviceaccount.yaml index c85e37554..801d1cf90 100644 --- a/elasticsearch/templates/serviceaccount.yaml +++ b/elasticsearch/templates/serviceaccount.yaml @@ -8,6 +8,10 @@ metadata: {{- else }} name: {{ .Values.rbac.serviceAccountName | quote }} {{- end }} + annotations: + {{- with .Values.rbac.serviceAccountAnnotations }} + {{- toYaml . | nindent 4 }} + {{- end }} labels: heritage: {{ .Release.Service | quote }} release: {{ .Release.Name | quote }} diff --git a/elasticsearch/tests/elasticsearch_test.py b/elasticsearch/tests/elasticsearch_test.py index 87b598e0d..d5f583a18 100755 --- a/elasticsearch/tests/elasticsearch_test.py +++ b/elasticsearch/tests/elasticsearch_test.py @@ -576,6 +576,22 @@ def test_adding_pod_annotations(): ) +def test_adding_serviceaccount_annotations(): + config = """ +rbac: + create: true + serviceAccountAnnotations: + eks.amazonaws.com/role-arn: arn:aws:iam::111111111111:role/k8s.clustername.namespace.serviceaccount +""" + r = helm_template(config) + assert ( + r["serviceaccount"][uname]["metadata"]["annotations"][ + "eks.amazonaws.com/role-arn" + ] + == "arn:aws:iam::111111111111:role/k8s.clustername.namespace.serviceaccount" + ) + + def test_adding_a_node_selector(): config = """ nodeSelector: diff --git a/elasticsearch/values.yaml b/elasticsearch/values.yaml index 621cf9039..10e1c06b6 100755 --- a/elasticsearch/values.yaml +++ b/elasticsearch/values.yaml @@ -96,6 +96,7 @@ volumeClaimTemplate: rbac: create: false + serviceAccountAnnotations: {} serviceAccountName: "" podSecurityPolicy: diff --git a/filebeat/README.md b/filebeat/README.md index a2404f9ca..0de3823bd 100644 --- a/filebeat/README.md +++ b/filebeat/README.md @@ -115,6 +115,7 @@ as a reference. They are also used in the automated testing of this chart. | `resources` | Allows you to set the [resources][] for the `DaemonSet` | see [values.yaml][] | | `secretMounts` | Allows you easily mount a secret as a file inside the `DaemonSet`. Useful for mounting certificates and other secrets. See [values.yaml][] for an example | `[]` | | `serviceAccount` | Custom [serviceAccount][] that Filebeat will use during execution. By default will use the service account created by this chart | `""` | +| `serviceAccountAnnotations` | Annotations to be added to the ServiceAccount that is created by this chart. | `{}` | `terminationGracePeriod` | Termination period (in seconds) to wait before killing Filebeat pod process on pod shutdown | `30` | | `tolerations` | Configurable [tolerations][] | `[]` | | `updateStrategy` | The [updateStrategy][] for the `DaemonSet`. By default Kubernetes will kill and recreate pods on updates. Setting this to `OnDelete` will require that pods be deleted manually | `RollingUpdate` | diff --git a/filebeat/templates/serviceaccount.yaml b/filebeat/templates/serviceaccount.yaml index f398a58a9..8c0fcc60c 100644 --- a/filebeat/templates/serviceaccount.yaml +++ b/filebeat/templates/serviceaccount.yaml @@ -3,6 +3,10 @@ apiVersion: v1 kind: ServiceAccount metadata: name: {{ template "filebeat.serviceAccount" . }} + annotations: + {{- with .Values.serviceAccountAnnotations }} + {{- toYaml . | nindent 4 }} + {{- end }} labels: app: "{{ template "filebeat.fullname" . }}" chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" diff --git a/filebeat/tests/filebeat_test.py b/filebeat/tests/filebeat_test.py index a3eaff7c4..7c8dc0ad0 100644 --- a/filebeat/tests/filebeat_test.py +++ b/filebeat/tests/filebeat_test.py @@ -296,6 +296,20 @@ def test_adding_pod_labels(): ) +def test_adding_serviceaccount_annotations(): + config = """ +serviceAccountAnnotations: + eks.amazonaws.com/role-arn: arn:aws:iam::111111111111:role/k8s.clustername.namespace.serviceaccount +""" + r = helm_template(config) + assert ( + r["serviceaccount"][name]["metadata"]["annotations"][ + "eks.amazonaws.com/role-arn" + ] + == "arn:aws:iam::111111111111:role/k8s.clustername.namespace.serviceaccount" + ) + + def test_adding_a_node_selector(): config = """ nodeSelector: diff --git a/filebeat/values.yaml b/filebeat/values.yaml index 4cb871fe3..efa81910a 100755 --- a/filebeat/values.yaml +++ b/filebeat/values.yaml @@ -110,6 +110,10 @@ resources: # Custom service account override that the pod will use serviceAccount: "" +# Annotations to add to the ServiceAccount that is created if the serviceAccount value isn't set. +serviceAccountAnnotations: {} + # eks.amazonaws.com/role-arn: arn:aws:iam::111111111111:role/k8s.clustername.namespace.serviceaccount + # A list of secrets and their paths to mount inside the pod # This is useful for mounting certificates for security other sensitive values secretMounts: [] diff --git a/logstash/templates/serviceaccount.yaml b/logstash/templates/serviceaccount.yaml index 8302d1403..4508878b8 100644 --- a/logstash/templates/serviceaccount.yaml +++ b/logstash/templates/serviceaccount.yaml @@ -8,6 +8,10 @@ metadata: {{- else }} name: {{ .Values.rbac.serviceAccountName | quote }} {{- end }} + annotations: + {{- with .Values.rbac.serviceAccountAnnotations }} + {{- toYaml . | nindent 4 }} + {{- end }} labels: app: "{{ template "logstash.fullname" . }}" chart: "{{ .Chart.Name }}" diff --git a/logstash/tests/logstash_test.py b/logstash/tests/logstash_test.py index 55d838c1b..07bd7c877 100755 --- a/logstash/tests/logstash_test.py +++ b/logstash/tests/logstash_test.py @@ -350,6 +350,22 @@ def test_adding_pod_annotations(): ) +def test_adding_serviceaccount_annotations(): + config = """ +rbac: + create: true + serviceAccountAnnotations: + eks.amazonaws.com/role-arn: arn:aws:iam::111111111111:role/k8s.clustername.namespace.serviceaccount +""" + r = helm_template(config) + assert ( + r["serviceaccount"][name]["metadata"]["annotations"][ + "eks.amazonaws.com/role-arn" + ] + == "arn:aws:iam::111111111111:role/k8s.clustername.namespace.serviceaccount" + ) + + def test_adding_a_node_selector(): config = """ nodeSelector: diff --git a/logstash/values.yaml b/logstash/values.yaml index 690575269..835e1f192 100755 --- a/logstash/values.yaml +++ b/logstash/values.yaml @@ -70,6 +70,7 @@ volumeClaimTemplate: rbac: create: false + serviceAccountAnnotations: {} serviceAccountName: "" podSecurityPolicy: diff --git a/metricbeat/README.md b/metricbeat/README.md index 9da1b8d24..5185886e3 100644 --- a/metricbeat/README.md +++ b/metricbeat/README.md @@ -127,6 +127,7 @@ as a reference. They are also used in the automated testing of this chart. | `readinessProbe` | Parameters to pass to readiness [probe][] checks for values such as timeouts and thresholds | see [values.yaml][] | | `replicas` | The replica count for the Metricbeat deployment talking to kube-state-metrics | `1` | | `serviceAccount` | Custom [serviceAccount][] that Metricbeat will use during execution. By default will use the service account created by this chart | `""` | +| `serviceAccountAnnotations` | Annotations to be added to the ServiceAccount that is created by this chart. | `{}` | `terminationGracePeriod` | Termination period (in seconds) to wait before killing Metricbeat pod process on pod shutdown | `30` | | `updateStrategy` | The [updateStrategy][] for the DaemonSet By default Kubernetes will kill and recreate pods on updates. Setting this to `OnDelete` will require that pods be deleted manually | `RollingUpdate` | diff --git a/metricbeat/templates/serviceaccount.yaml b/metricbeat/templates/serviceaccount.yaml index 233064669..227534fa2 100644 --- a/metricbeat/templates/serviceaccount.yaml +++ b/metricbeat/templates/serviceaccount.yaml @@ -3,6 +3,10 @@ apiVersion: v1 kind: ServiceAccount metadata: name: {{ template "metricbeat.serviceAccount" . }} + annotations: + {{- with .Values.serviceAccountAnnotations }} + {{- toYaml . | nindent 4 }} + {{- end }} labels: app: "{{ template "metricbeat.fullname" . }}" chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" diff --git a/metricbeat/tests/metricbeat_test.py b/metricbeat/tests/metricbeat_test.py index 1e0e407d2..fae116de9 100644 --- a/metricbeat/tests/metricbeat_test.py +++ b/metricbeat/tests/metricbeat_test.py @@ -975,6 +975,20 @@ def test_adding_pod_labels(): ) +def test_adding_serviceaccount_annotations(): + config = """ +serviceAccountAnnotations: + eks.amazonaws.com/role-arn: arn:aws:iam::111111111111:role/k8s.clustername.namespace.serviceaccount +""" + r = helm_template(config) + assert ( + r["serviceaccount"][name]["metadata"]["annotations"][ + "eks.amazonaws.com/role-arn" + ] + == "arn:aws:iam::111111111111:role/k8s.clustername.namespace.serviceaccount" + ) + + def test_adding_env_from(): config = """ daemonset: diff --git a/metricbeat/values.yaml b/metricbeat/values.yaml index 972c156de..2a76820b2 100755 --- a/metricbeat/values.yaml +++ b/metricbeat/values.yaml @@ -224,6 +224,10 @@ podAnnotations: {} # Custom service account override that the pod will use serviceAccount: "" +# Annotations to add to the ServiceAccount that is created if the serviceAccount value isn't set. +serviceAccountAnnotations: {} + # eks.amazonaws.com/role-arn: arn:aws:iam::111111111111:role/k8s.clustername.namespace.serviceaccount + # How long to wait for metricbeat pods to stop gracefully terminationGracePeriod: 30 From e93a51d56d38fa850c72919ba3de6953e990e55e Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Mon, 29 Jun 2020 17:13:21 +0200 Subject: [PATCH 046/151] [logstash] fix version in security test (#697) This commit fixes the expected version in security goss test. --- logstash/examples/security/test/goss.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/logstash/examples/security/test/goss.yaml b/logstash/examples/security/test/goss.yaml index 0102ad0d1..7a7f90702 100644 --- a/logstash/examples/security/test/goss.yaml +++ b/logstash/examples/security/test/goss.yaml @@ -22,7 +22,7 @@ http: timeout: 2000 body: - '"host" : "helm-logstash-security-logstash-0"' - - '"version" : "7.7.1"' + - '"version" : "7.9.0"' - '"http_address" : "0.0.0.0:9600"' - '"name" : "helm-logstash-security-logstash-0"' - '"status" : "green"' From c0b75d5fa79b6facab1d6fa7f364c32df092a505 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C3=A9dric=20de=20Saint=20Martin?= Date: Mon, 29 Jun 2020 17:15:56 +0200 Subject: [PATCH 047/151] Elasticsearch: set PVC labels through setting all StatefulSet labels to its volumeClaimTemplate (#665) --- elasticsearch/templates/statefulset.yaml | 10 ++++++++++ elasticsearch/tests/elasticsearch_test.py | 16 ++++++++++++++++ elasticsearch/values.yaml | 3 +++ 3 files changed, 29 insertions(+) diff --git a/elasticsearch/templates/statefulset.yaml b/elasticsearch/templates/statefulset.yaml index f79b8f48f..6cc70377a 100644 --- a/elasticsearch/templates/statefulset.yaml +++ b/elasticsearch/templates/statefulset.yaml @@ -26,6 +26,16 @@ spec: volumeClaimTemplates: - metadata: name: {{ template "elasticsearch.uname" . }} + {{- if .Values.persistence.labels.enabled }} + labels: + heritage: {{ .Release.Service | quote }} + release: {{ .Release.Name | quote }} + chart: "{{ .Chart.Name }}" + app: "{{ template "elasticsearch.uname" . }}" + {{- range $key, $value := .Values.labels }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} {{- with .Values.persistence.annotations }} annotations: {{ toYaml . | indent 8 }} diff --git a/elasticsearch/tests/elasticsearch_test.py b/elasticsearch/tests/elasticsearch_test.py index d5f583a18..dfbff9033 100755 --- a/elasticsearch/tests/elasticsearch_test.py +++ b/elasticsearch/tests/elasticsearch_test.py @@ -84,8 +84,10 @@ def test_defaults(): assert c["volumeMounts"][0]["mountPath"] == "/usr/share/elasticsearch/data" assert c["volumeMounts"][0]["name"] == uname + # volumeClaimTemplates v = r["statefulset"][uname]["spec"]["volumeClaimTemplates"][0] assert v["metadata"]["name"] == uname + assert "labels" not in v["metadata"] assert v["spec"]["accessModes"] == ["ReadWriteOnce"] assert v["spec"]["resources"]["requests"]["storage"] == "30Gi" @@ -479,6 +481,20 @@ def test_adding_multiple_persistence_annotations(): assert annotations["world"] == "hello" +def test_enabling_persistence_label_in_volumeclaimtemplate(): + config = """ +persistence: + labels: + enabled: true +""" + r = helm_template(config) + volume_claim_template_labels = r["statefulset"][uname]["spec"][ + "volumeClaimTemplates" + ][0]["metadata"]["labels"] + statefulset_labels = r["statefulset"][uname]["metadata"]["labels"] + assert volume_claim_template_labels == statefulset_labels + + def test_adding_a_secret_mount(): config = """ secretMounts: diff --git a/elasticsearch/values.yaml b/elasticsearch/values.yaml index 10e1c06b6..7034ba296 100755 --- a/elasticsearch/values.yaml +++ b/elasticsearch/values.yaml @@ -119,6 +119,9 @@ podSecurityPolicy: persistence: enabled: true + labels: + # Add default labels for the volumeClaimTemplate fo the StatefulSet + enabled: false annotations: {} extraVolumes: [] From 0c1a5f32cc1c0daa4ff91264af05130ff0145344 Mon Sep 17 00:00:00 2001 From: Gavin Williams Date: Mon, 29 Jun 2020 19:34:31 +0100 Subject: [PATCH 048/151] [docs] Improve visibility of 6.8 and 7.x releases (#690) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Maxime Gréau --- README.md | 49 ++++++++++++++++++++++++++++++++++++++----------- 1 file changed, 38 insertions(+), 11 deletions(-) diff --git a/README.md b/README.md index ce4e30375..ac3050eaf 100644 --- a/README.md +++ b/README.md @@ -18,23 +18,35 @@ ## Charts -Please look in the chart directories for the documentation for each chart. These -Helm charts are designed to be a lightweight way to configure our official +These Helm charts are designed to be a lightweight way to configure our official Docker images. Links to the relevant Docker image documentation has also been added below. -| Chart | Docker documentation | -|--------------------------------------------|-----------------------------------------------------------------------------| -| [APM-Server](./apm-server/README.md) | https://www.elastic.co/guide/en/apm/server/7.8/running-on-docker.html | -| [Elasticsearch](./elasticsearch/README.md) | https://www.elastic.co/guide/en/elasticsearch/reference/7.8/docker.html | -| [Filebeat](./filebeat/README.md) | https://www.elastic.co/guide/en/beats/filebeat/7.8/running-on-docker.html | -| [Kibana](./kibana/README.md) | https://www.elastic.co/guide/en/kibana/7.8/docker.html | -| [Logstash](./logstash/README.md) | https://www.elastic.co/guide/en/logstash/7.8/docker.html | -| [Metricbeat](./metricbeat/README.md) | https://www.elastic.co/guide/en/beats/metricbeat/7.8/running-on-docker.html | +We recommend that the Helm chart version is aligned to the version of the product +you want to deploy. This will ensure that you using a chart version that has been +tested against the corresponding production version. +This will also ensure that the documentation and examples for the chart will work +with the version of the product you are installing. + +For example if you want to deploy an Elasticsearch `7.7.1` cluster, use the +corresponding `7.7.1` [tag][elasticsearch-771]. + +The `master` version of these charts are intended to support the latest pre-release +versions of our products, and therefore may or may not work with current released +versions. + +| Chart | Docker documentation | Latest 7 Version | Latest 6 Version | +|--------------------------------------------|-----------------------------------------------------------------------------|----------------------------|-----------------------------| +| [APM-Server](./apm-server/README.md) | https://www.elastic.co/guide/en/apm/server/7.8/running-on-docker.html | [`7.8.0`][apm-7] | [`6.8.10`][apm-6] | +| [Elasticsearch](./elasticsearch/README.md) | https://www.elastic.co/guide/en/elasticsearch/reference/7.8/docker.html | [`7.8.0`][elasticsearch-7] | [`6.8.10`][elasticsearch-6] | +| [Filebeat](./filebeat/README.md) | https://www.elastic.co/guide/en/beats/filebeat/7.8/running-on-docker.html | [`7.8.0`][filebeat-7] | [`6.8.10`][filebeat-6] | +| [Kibana](./kibana/README.md) | https://www.elastic.co/guide/en/kibana/7.8/docker.html | [`7.8.0`][kibana-7] | [`6.8.10`][kibana-6] | +| [Logstash](./logstash/README.md) | https://www.elastic.co/guide/en/logstash/7.8/docker.html | [`7.8.0`][logstash-7] | [`6.8.10`][logstash-6] | +| [Metricbeat](./metricbeat/README.md) | https://www.elastic.co/guide/en/beats/metricbeat/7.8/running-on-docker.html | [`7.8.0`][metricbeat-7] | [`6.8.10`][metricbeat-6] | ## Supported Configurations -Starting with 7.7.0 release, some charts are reaching GA. +Starting with the `7.7.0` release, some charts are reaching GA. Note that only the released charts coming from [Elastic Helm repo][] or [GitHub releases][] are supported. @@ -43,6 +55,7 @@ Note that only the released charts coming from [Elastic Helm repo][] or | | Elasticsearch | Kibana | Logstash | Filebeat | Metricbeat | APM Server | |-----|---------------|--------|----------|----------|------------|------------| +| 6.8 | Beta | Beta | Beta | Beta | Beta | Alpha | | 7.0 | Alpha | Alpha | / | / | / | / | | 7.1 | Beta | Beta | / | Beta | / | / | | 7.2 | Beta | Beta | / | Beta | Beta | / | @@ -81,3 +94,17 @@ Kubernetes. [helm-tester Dockerfile]: https://github.com/elastic/helm-charts/blob/7.x/helpers/helm-tester/Dockerfile [helpers/matrix.yml]: https://github.com/elastic/helm-charts/blob/7.x/helpers/matrix.yml [operator pattern]: https://kubernetes.io/docs/concepts/extend-kubernetes/operator/ +[elasticsearch-771]: https://github.com/elastic/helm-charts/tree/7.7.1/elasticsearch/ + +[apm-7]: https://github.com/elastic/helm-charts/tree/7.8.0/apm-server/README.md +[apm-6]: https://github.com/elastic/helm-charts/tree/6.8.10/apm-server/README.md +[elasticsearch-7]: https://github.com/elastic/helm-charts/tree/7.8.0/elasticsearch/README.md +[elasticsearch-6]: https://github.com/elastic/helm-charts/tree/6.8.10/elasticsearch/README.md +[filebeat-7]: https://github.com/elastic/helm-charts/tree/7.8.0/filebeat/README.md +[filebeat-6]: https://github.com/elastic/helm-charts/tree/6.8.10/filebeat/README.md +[kibana-7]: https://github.com/elastic/helm-charts/tree/7.8.0/kibana/README.md +[kibana-6]: https://github.com/elastic/helm-charts/tree/6.8.10/kibana/README.md +[logstash-7]: https://github.com/elastic/helm-charts/tree/7.8.0/logstash/README.md +[logstash-6]: https://github.com/elastic/helm-charts/tree/6.8.10/logstash/README.md +[metricbeat-7]: https://github.com/elastic/helm-charts/tree/7.8.0/metricbeat/README.md +[metricbeat-6]: https://github.com/elastic/helm-charts/tree/6.8.10/metricbeat/README.md From 6735988a776fd4d2585ac1052902134374129549 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Mon, 29 Jun 2020 21:42:45 +0200 Subject: [PATCH 049/151] [doc] fix copy-paste errors --- kibana/README.md | 2 +- logstash/README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/kibana/README.md b/kibana/README.md index f848fd2b9..1c93bff8c 100644 --- a/kibana/README.md +++ b/kibana/README.md @@ -142,7 +142,7 @@ An example can be found in [examples/security][]. Deploying OSS version of Elasticsearch can be done by setting `image` value to [kibana OSS Docker image][] -An example of APM Server deployment using OSS version can be found in +An example of Kibana deployment using OSS version can be found in [examples/oss][]. ### How to install plugins? diff --git a/logstash/README.md b/logstash/README.md index 546ad9d3a..038c12db7 100644 --- a/logstash/README.md +++ b/logstash/README.md @@ -150,7 +150,7 @@ using `http.host: 127.0.0.1`, default probes should be disabled or overrided Deploying OSS version of Elasticsearch can be done by setting `image` value to [Logstash OSS Docker image][] -An example of APM Server deployment using OSS version can be found in +An example of Logstash deployment using OSS version can be found in [examples/oss][]. ### How to install plugins? From c4504219cf29cbc9a4e227983418fec5d2a65fb1 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Mon, 29 Jun 2020 21:18:10 +0200 Subject: [PATCH 050/151] [logstash] add headless service for statefulset (#695) This commit add a mandatory headless service for Logstash statefulset. Headless service is required for Statefulsets. While Helm 2 allowed to deploy Statefulsets without a serviceName, Helm 3 enforce this requirement and fails if serviceName is missing. Note: Statefulsets don't accept serviceName field update during release upgrades. This change is therefore considered as a breaking change and will require using `helm upgrade --force` for upgrades. --- logstash/templates/service-headless.yaml | 23 +++++++++++++++++++++++ logstash/templates/statefulset.yaml | 6 ++---- logstash/tests/logstash_test.py | 5 +++-- 3 files changed, 28 insertions(+), 6 deletions(-) create mode 100644 logstash/templates/service-headless.yaml diff --git a/logstash/templates/service-headless.yaml b/logstash/templates/service-headless.yaml new file mode 100644 index 000000000..2bf840b34 --- /dev/null +++ b/logstash/templates/service-headless.yaml @@ -0,0 +1,23 @@ +--- +kind: Service +apiVersion: v1 +metadata: + name: "{{ template "logstash.fullname" . }}-headless" + labels: + app: "{{ template "logstash.fullname" . }}" + chart: "{{ .Chart.Name }}" + heritage: {{ .Release.Service | quote }} + release: {{ .Release.Name | quote }} +{{- if .Values.labels }} +{{ toYaml .Values.labels | indent 4 }} +{{- end }} +spec: + clusterIP: None + selector: + app: "{{ template "logstash.fullname" . }}" + ports: + - name: http + port: {{ .Values.httpPort }} +{{- if .Values.extraPorts }} +{{- toYaml .Values.extraPorts | nindent 2 }} +{{- end }} diff --git a/logstash/templates/statefulset.yaml b/logstash/templates/statefulset.yaml index 30dbb062f..18811ed21 100644 --- a/logstash/templates/statefulset.yaml +++ b/logstash/templates/statefulset.yaml @@ -12,9 +12,7 @@ metadata: {{ $key }}: {{ $value | quote }} {{- end }} spec: - {{- if .Values.service }} - serviceName: {{ template "logstash.fullname" . }} - {{- end }} + serviceName: {{ template "logstash.fullname" . }}-headless selector: matchLabels: app: "{{ template "logstash.fullname" . }}" @@ -151,7 +149,7 @@ spec: - name: http containerPort: {{ .Values.httpPort }} {{- if .Values.extraPorts }} - {{- toYaml .Values.extraPorts | nindent 8 }} + {{- toYaml .Values.extraPorts | nindent 8 }} {{- end }} resources: {{ toYaml .Values.resources | indent 10 }} diff --git a/logstash/tests/logstash_test.py b/logstash/tests/logstash_test.py index 07bd7c877..7aa81e69f 100755 --- a/logstash/tests/logstash_test.py +++ b/logstash/tests/logstash_test.py @@ -78,8 +78,9 @@ def test_defaults(): ) # Service - assert "serviceName" not in r["statefulset"][name]["spec"] - assert "service" not in r + assert r["statefulset"][name]["spec"]["serviceName"] == name + "-headless" + assert name + "-headless" in r["service"] + assert r["service"][name + "-headless"]["spec"]["ports"][0]["port"] == 9600 # Other assert r["statefulset"][name]["spec"]["template"]["spec"]["securityContext"] == { From 12233983b0bd19ea5898934d3d5836683ea27de5 Mon Sep 17 00:00:00 2001 From: bmilescu <64148122+bmilescu@users.noreply.github.com> Date: Thu, 2 Jul 2020 11:31:11 +0300 Subject: [PATCH 051/151] [filebeat] add permission to list nodes (#704) This commit add permission to list nodes. This is required when using `add_resource_metadata: node.enabled: true`. --- filebeat/templates/clusterrole.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/filebeat/templates/clusterrole.yaml b/filebeat/templates/clusterrole.yaml index 8bec82cd1..1742199ca 100644 --- a/filebeat/templates/clusterrole.yaml +++ b/filebeat/templates/clusterrole.yaml @@ -13,6 +13,7 @@ rules: - "" resources: - namespaces + - nodes - pods verbs: - get From feec7974e7bf0899913b5a99598be9674e924673 Mon Sep 17 00:00:00 2001 From: Gavin Williams Date: Wed, 8 Jul 2020 09:44:47 +0100 Subject: [PATCH 052/151] [testing] Ensure that the 'namespace' is specified in Helm command (#715) If the `--namespace` flag isn't provided to Helm, then it will use whatever the local configured namespace is, which could be different. This can lead to tests failing that expect the `.Release.Namespace` to resolve to `default` --- helpers/helpers.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helpers/helpers.py b/helpers/helpers.py index 19349b1f9..9af447a94 100644 --- a/helpers/helpers.py +++ b/helpers/helpers.py @@ -9,7 +9,7 @@ def helm_template(config): with tempfile.NamedTemporaryFile() as temp: with open(temp.name, "w") as values: values.write(config) - helm_cmd = "helm template -f {0} ./".format(temp.name) + helm_cmd = "helm template -f {0} --namespace default ./".format(temp.name) result = yaml.load_all(check_output(helm_cmd.split())) results = {} From a5fec3e70a076c7ab85a7a29d06c2e78a021aa44 Mon Sep 17 00:00:00 2001 From: kernkonzentrat Date: Wed, 8 Jul 2020 11:08:03 +0200 Subject: [PATCH 053/151] feat(metricbeat): annotation support for daemonset and deployment (#713) --- metricbeat/README.md | 2 ++ metricbeat/templates/daemonset.yaml | 6 ++++++ metricbeat/templates/deployment.yaml | 6 ++++++ metricbeat/tests/metricbeat_test.py | 24 ++++++++++++++++++++++++ metricbeat/values.yaml | 4 ++++ 5 files changed, 42 insertions(+) diff --git a/metricbeat/README.md b/metricbeat/README.md index 5185886e3..86e77ff61 100644 --- a/metricbeat/README.md +++ b/metricbeat/README.md @@ -87,6 +87,7 @@ as a reference. They are also used in the automated testing of this chart. | Parameter | Description | Default | |--------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------| | `clusterRoleRules` | Configurable [cluster role rules][] that Metricbeat uses to access Kubernetes resources | see [values.yaml][] | +| `daemonset.annotations` | Configurable [annotations][] for Metricbeat daemonset | `{}` | | `daemonset.affinity` | Configurable [affinity][] for Metricbeat daemonset | `{}` | | `daemonset.envFrom` | Templatable string of `envFrom` to be passed to the [environment from variables][] which will be appended to Metricbeat container for DaemonSet | `[]` | | `daemonset.extraEnvs` | Extra [environment variables][] which will be appended to Metricbeat container for DaemonSet | `[]` | @@ -99,6 +100,7 @@ as a reference. They are also used in the automated testing of this chart. | `daemonset.secretMounts` | Allows you easily mount a secret as a file inside the DaemonSet. Useful for mounting certificates and other secrets. See [values.yaml][] for an example | `[]` | | `daemonset.securityContext` | Configurable [securityContext][] for Metricbeat DaemonSet pod execution environment | see [values.yaml][] | | `daemonset.tolerations` | Configurable [tolerations][] for Metricbeat DaemonSet | `[]` | +| `deployment.annotations` | Configurable [annotations][] for Metricbeat Deployment | `{}` | | `deployment.affinity` | Configurable [affinity][] for Metricbeat Deployment | `{}` | | `deployment.envFrom` | Templatable string of `envFrom` to be passed to the [environment from variables][] which will be appended to Metricbeat container for Deployment | `[]` | | `deployment.extraEnvs` | Extra [environment variables][] which will be appended to Metricbeat container for Deployment | `[]` | diff --git a/metricbeat/templates/daemonset.yaml b/metricbeat/templates/daemonset.yaml index f40770f4b..dc261b977 100644 --- a/metricbeat/templates/daemonset.yaml +++ b/metricbeat/templates/daemonset.yaml @@ -11,6 +11,12 @@ metadata: {{- range $key, $value := .Values.labels }} {{ $key }}: {{ $value | quote }} {{- end }} + {{- if .Values.daemonset.annotations}} + annotations: + {{- range $key, $value := .Values.daemonset.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} spec: selector: matchLabels: diff --git a/metricbeat/templates/deployment.yaml b/metricbeat/templates/deployment.yaml index 830438835..3e62e7e51 100644 --- a/metricbeat/templates/deployment.yaml +++ b/metricbeat/templates/deployment.yaml @@ -8,6 +8,12 @@ metadata: chart: '{{ .Chart.Name }}-{{ .Chart.Version }}' heritage: '{{ .Release.Service }}' release: '{{ .Release.Name }}' + {{- if .Values.deployment.annotations}} + annotations: + {{- range $key, $value := .Values.deployment.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} spec: replicas: {{ .Values.replicas }} selector: diff --git a/metricbeat/tests/metricbeat_test.py b/metricbeat/tests/metricbeat_test.py index fae116de9..a0c97798c 100644 --- a/metricbeat/tests/metricbeat_test.py +++ b/metricbeat/tests/metricbeat_test.py @@ -1137,3 +1137,27 @@ def test_setting_fullnameOverride(): "type": "DirectoryOrCreate", }, } in volumes + + +def test_adding_annotations(): + config = """ +daemonset: + annotations: + foo: "bar" +""" + r = helm_template(config) + assert "foo" in r["daemonset"][name]["metadata"]["annotations"] + assert r["daemonset"][name]["metadata"]["annotations"]["foo"] == "bar" + assert "annotations" not in r["deployment"][name + "-metrics"]["metadata"] + config = """ +deployment: + annotations: + grault: "waldo" +""" + r = helm_template(config) + assert "grault" in r["deployment"][name + "-metrics"]["metadata"]["annotations"] + assert ( + r["deployment"][name + "-metrics"]["metadata"]["annotations"]["grault"] + == "waldo" + ) + assert "annotations" not in r["daemonset"][name]["metadata"] diff --git a/metricbeat/values.yaml b/metricbeat/values.yaml index 2a76820b2..9d53d08cd 100755 --- a/metricbeat/values.yaml +++ b/metricbeat/values.yaml @@ -1,6 +1,8 @@ --- daemonset: + # Annotations to apply to the daemonset + annotations: {} affinity: {} # Extra environment variables for Metricbeat container. envFrom: [] @@ -91,6 +93,8 @@ daemonset: tolerations: [] deployment: + # Annotations to apply to the deployment + annotations: {} affinity: {} # Extra environment variables for Metricbeat container. envFrom: [] From 6051c30cedf6dcce19876d89e8e39386205db28d Mon Sep 17 00:00:00 2001 From: Gavin Williams Date: Wed, 8 Jul 2020 11:04:21 +0100 Subject: [PATCH 054/151] [apm-server] Add to test matrix (#708) Spotted that the `apm-server` chart isn't being tested by PR suite. So add it to the `CHART` matrix. --- helpers/matrix.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/helpers/matrix.yml b/helpers/matrix.yml index f51901f09..3e5864839 100644 --- a/helpers/matrix.yml +++ b/helpers/matrix.yml @@ -4,6 +4,7 @@ CHART: - filebeat - metricbeat - logstash + - apm-server ES_SUITE: - default - config From 665e1b233fe5e03fceb0f0f1cb4c1e02f63f7120 Mon Sep 17 00:00:00 2001 From: Kirill Date: Wed, 8 Jul 2020 13:20:19 +0300 Subject: [PATCH 055/151] Support creating k8s helm secrets for logstash helm chart #705 (#712) Co-authored-by: Gavin Williams --- logstash/README.md | 1 + logstash/templates/secret.yaml | 27 ++++++ logstash/tests/logstash_test.py | 148 +++++++++++++++++++++++++++++++- logstash/values.yaml | 17 ++++ 4 files changed, 191 insertions(+), 2 deletions(-) create mode 100644 logstash/templates/secret.yaml diff --git a/logstash/README.md b/logstash/README.md index 038c12db7..f9ac32ff6 100644 --- a/logstash/README.md +++ b/logstash/README.md @@ -134,6 +134,7 @@ using `http.host: 127.0.0.1`, default probes should be disabled or overrided | `replicas` | Kubernetes replica count for the StatefulSet (i.e. how many pods) | `1` | | `resources` | Allows you to set the [resources][] for the StatefulSet | see [values.yaml][] | | `schedulerName` | Name of the [alternate scheduler][] | `""` | +| `secrets` | Allows you easily create a secret from as variables or file. For add secrets from file, add suffix `.filepath` to the key of secret key. The value will be encoded to base64. Useful for store certificates and other secrets. | See [values.yaml][] | | `secretMounts` | Allows you easily mount a secret as a file inside the StatefulSet. Useful for mounting certificates and other secrets. See [values.yaml][] for an example | `[]` | | `securityContext` | Allows you to set the [securityContext][] for the container | see [values.yaml][] | | `service` | Configurable [service][] to expose the Logstash service. | see [values.yaml][] | diff --git a/logstash/templates/secret.yaml b/logstash/templates/secret.yaml new file mode 100644 index 000000000..0abf78650 --- /dev/null +++ b/logstash/templates/secret.yaml @@ -0,0 +1,27 @@ +{{- if .Values.secrets }} +{{- $fullName := include "logstash.fullname" . -}} +{{- range .Values.secrets }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ printf "%s-%s" $fullName .name | quote }} + labels: + app: {{ $fullName | quote }} + chart: {{ $.Chart.Name | quote }} + heritage: {{ $.Release.Service | quote }} + release: {{ $.Release.Name | quote }} + {{- range $key, $value := $.Values.labels }} + {{ $key }}: {{ $value | quote }} + {{- end }} +data: +{{- range $key, $val := .value }} + {{- if hasSuffix "filepath" $key }} + {{ $key | replace ".filepath" "" }}: {{ $.Files.Get $val | b64enc | quote }} + {{ else }} + {{ $key }}: {{ $val | b64enc | quote }} + {{- end }} +{{- end }} +type: Opaque +{{- end }} +{{- end }} \ No newline at end of file diff --git a/logstash/tests/logstash_test.py b/logstash/tests/logstash_test.py index 7aa81e69f..513de1be0 100755 --- a/logstash/tests/logstash_test.py +++ b/logstash/tests/logstash_test.py @@ -1,10 +1,9 @@ +import base64 import os import sys sys.path.insert(1, os.path.join(sys.path[0], "../../helpers")) from helpers import helm_template -import yaml - name = "release-name-logstash" @@ -307,6 +306,151 @@ def test_adding_a_secret_mount_with_subpath(): } +def test_adding_a_secret(): + content = "LS1CRUdJTiBgUFJJVkFURSB" + config = """ +secrets: + - name: "env" + value: + ELASTICSEARCH_PASSWORD: {elk_pass} +""".format( + elk_pass=content + ) + content_b64 = base64.b64encode(content.encode("ascii")).decode("ascii") + + r = helm_template(config) + secret_name = name + "-env" + s = r["secret"][secret_name] + assert s["metadata"]["labels"]["app"] == name + assert len(r["secret"]) == 1 + assert len(s["data"]) == 1 + assert s["data"] == {"ELASTICSEARCH_PASSWORD": content_b64} + + +def test_adding_secret_from_file(): + content = """ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEApCt3ychnqZHsS +DylPFZn55xDaDcWco1oNFdBGzFjw+ +zkuMFMOv7ab+yOFwHeEeAAEkEgy1u +Da1vIscBs1K0kbEFRSqySLuNHWiJp +wK2cI/gJc+S9Qd9Qsn0XGjmjQ6P2p +ot2hvCOtnei998OmDSYORKBq2jiv/ +-----END RSA PRIVATE KEY----- +""" + config = """ +secrets: + - name: "tls" + value: + cert.key.filepath: "secrets/private.key" +""" + content_b64 = base64.b64encode(content.encode("ascii")).decode("ascii") + work_dir = os.path.join(os.path.abspath(os.getcwd()), "secrets") + filename = os.path.join(work_dir, "private.key") + os.makedirs(os.path.dirname(filename), exist_ok=True) + with open(filename, "w") as f: + f.write(content) + + with open(filename, "r") as f: + data = f.read() + assert data == content + + r = helm_template(config) + secret_name = name + "-tls" + s = r["secret"][secret_name] + assert s["metadata"]["labels"]["app"] == name + assert len(r["secret"]) == 1 + assert len(s["data"]) == 1 + assert s["data"] == { + "cert.key": content_b64, + } + + os.remove(filename) + os.rmdir(work_dir) + + +def test_adding_multiple_data_secret(): + content = { + "elk_pass": "LS1CRUdJTiBgUFJJVkFURSB", + "api_key": "ui2CsdUadTiBasRJRkl9tvNnw", + } + config = """ +secrets: + - name: "env" + value: + ELASTICSEARCH_PASSWORD: {elk_pass} + api_key: {api_key} +""".format( + elk_pass=content["elk_pass"], api_key=content["api_key"] + ) + content_b64 = { + "elk_pass": base64.b64encode(content["elk_pass"].encode("ascii")).decode( + "ascii" + ), + "api_key": base64.b64encode(content["api_key"].encode("ascii")).decode("ascii"), + } + + r = helm_template(config) + secret_name = name + "-env" + s = r["secret"][secret_name] + assert s["metadata"]["labels"]["app"] == name + assert len(r["secret"]) == 1 + assert len(s["data"]) == 2 + assert s["data"] == { + "ELASTICSEARCH_PASSWORD": content_b64["elk_pass"], + "api_key": content_b64["api_key"], + } + + +def test_adding_multiple_secrets(): + content = { + "elk_pass": "LS1CRUdJTiBgUFJJVkFURSB", + "cert_crt": "LS0tLS1CRUdJTiBlRJRALKJDDQVRFLS0tLS0K", + "cert_key": "LS0tLS1CRUdJTiBgUFJJVkFURSBLRVktLS0tLQo", + } + config = """ +secrets: + - name: "env" + value: + ELASTICSEARCH_PASSWORD: {elk_pass} + - name: "tls" + value: + cert.crt: {cert_crt} + cert.key: {cert_key} + +""".format( + elk_pass=content["elk_pass"], + cert_crt=content["cert_crt"], + cert_key=content["cert_key"], + ) + content_b64 = { + "elk_pass": base64.b64encode(content["elk_pass"].encode("ascii")).decode( + "ascii" + ), + "cert_crt": base64.b64encode(content["cert_crt"].encode("ascii")).decode( + "ascii" + ), + "cert_key": base64.b64encode(content["cert_key"].encode("ascii")).decode( + "ascii" + ), + } + + r = helm_template(config) + secret_names = {"env": name + "-env", "tls": name + "-tls"} + s_env = r["secret"][secret_names["env"]] + s_tls = r["secret"][secret_names["tls"]] + assert len(r["secret"]) == 2 + assert len(s_env["data"]) == 1 + assert s_env["data"] == { + "ELASTICSEARCH_PASSWORD": content_b64["elk_pass"], + } + assert len(s_tls["data"]) == 2 + assert s_tls["data"] == { + "cert.crt": content_b64["cert_crt"], + "cert.key": content_b64["cert_key"], + } + + def test_adding_image_pull_secrets(): config = """ imagePullSecrets: diff --git a/logstash/values.yaml b/logstash/values.yaml index 835e1f192..4fb8f18ed 100755 --- a/logstash/values.yaml +++ b/logstash/values.yaml @@ -39,6 +39,23 @@ envFrom: [] # - configMapRef: # name: config-map +# Add sensitive data to k8s secrets +secrets: [] +# - name: "env" +# value: +# ELASTICSEARCH_PASSWORD: "LS1CRUdJTiBgUFJJVkFURSB" +# api_key: ui2CsdUadTiBasRJRkl9tvNnw +# - name: "tls" +# value: +# ca.crt: | +# LS0tLS1CRUdJT0K +# LS0tLS1CRUdJT0K +# LS0tLS1CRUdJT0K +# LS0tLS1CRUdJT0K +# cert.crt: "LS0tLS1CRUdJTiBlRJRklDQVRFLS0tLS0K" +# cert.key.filepath: "secrets.crt" # The path to file should be relative to the `values.yaml` file. + + # A list of secrets and their paths to mount inside the pod secretMounts: [] From b09bbdc9e9fdbd3e6144c3be1a0a5233e0939b1b Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Wed, 8 Jul 2020 19:36:24 +0200 Subject: [PATCH 056/151] [filebeat] document probe workaround for kafka output (#699) This commit document the workaround to work with Filebeat output which don't support testing. This is required as the default readiness probe use `filebeat test output` command. --- filebeat/README.md | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/filebeat/README.md b/filebeat/README.md index 0de3823bd..398c6119c 100644 --- a/filebeat/README.md +++ b/filebeat/README.md @@ -22,6 +22,7 @@ for released version. - [How to use Filebeat with Elasticsearch with security (authentication and TLS) enabled?](#how-to-use-filebeat-with-elasticsearch-with-security-authentication-and-tls-enabled) - [How to install OSS version of Filebeat?](#how-to-install-oss-version-of-filebeat) - [Why is Filebeat host.name field set to Kubernetes pod name?](#why-is-filebeat-hostname-field-set-to-kubernetes-pod-name) + - [How to change readinessProbe for outputs which don't support testing](#how-to-change-readinessprobe-for-outputs-which-dont-support-testing) - [Contributing](#contributing) @@ -152,6 +153,28 @@ namespace which gives it access to the host loopback device, services listening on localhost, could be used to snoop on network activity of other pods on the same node. +### How to change readinessProbe for outputs which don't support testing + +Some [Filebeat outputs][] like [Kafka output][] don't support testing using +`filebeat test output` command which is used by Filebeat chart readiness probe. + +This makes Filebeat pods crash before being ready with the following message: +`Readiness probe failed: kafka output doesn't support testing`. + +The workaround when using this kind of output is to override the readiness probe +command to check Filebeat API instead (same as existing liveness probe). + +``` +readinessProbe: + exec: + command: + - sh + - -c + - | + #!/usr/bin/env bash -e + curl --fail 127.0.0.1:5066 +``` + ## Contributing @@ -173,11 +196,13 @@ about our development and testing process. [examples/security]: https://github.com/elastic/helm-charts/tree/7.x/filebeat/examples/security [filebeat docker image]: https://www.elastic.co/guide/en/beats/filebeat/7.x/running-on-docker.html [filebeat oss docker image]: https://www.docker.elastic.co/#filebeat-7-8-0-oss +[filebeat output]: https://www.elastic.co/guide/en/beats/filebeat/7.x/configuring-output.html [helm]: https://helm.sh [hostNetwork]: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#host-namespaces [hostPath]: https://kubernetes.io/docs/concepts/storage/volumes/#hostpath [imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images [imagePullSecrets]: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret +[kafka output]: https://www.elastic.co/guide/en/beats/filebeat/7.x/kafka-output.html [kubernetes secrets]: https://kubernetes.io/docs/concepts/configuration/secret/ [labels]: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ [nodeSelector]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector From 6ec92bdc74117c51a508ffa0d9a4ced7c7c3e73a Mon Sep 17 00:00:00 2001 From: Erik Aaron Hansen Date: Thu, 9 Jul 2020 11:05:28 +0200 Subject: [PATCH 057/151] Metricbeat daemonset deployment optional (#716) --- metricbeat/README.md | 8 +++++--- metricbeat/templates/daemonset.yaml | 2 ++ metricbeat/templates/deployment.yaml | 3 +++ metricbeat/tests/metricbeat_test.py | 21 +++++++++++++++++++++ metricbeat/values.yaml | 4 ++++ 5 files changed, 35 insertions(+), 3 deletions(-) diff --git a/metricbeat/README.md b/metricbeat/README.md index 86e77ff61..0940af0bb 100644 --- a/metricbeat/README.md +++ b/metricbeat/README.md @@ -87,8 +87,9 @@ as a reference. They are also used in the automated testing of this chart. | Parameter | Description | Default | |--------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------| | `clusterRoleRules` | Configurable [cluster role rules][] that Metricbeat uses to access Kubernetes resources | see [values.yaml][] | -| `daemonset.annotations` | Configurable [annotations][] for Metricbeat daemonset | `{}` | +| `daemonset.annotations` | Configurable [annotations][] for Metricbeat daemonset | `{}` | | `daemonset.affinity` | Configurable [affinity][] for Metricbeat daemonset | `{}` | +| `daemonset.enabled` | If true, enable daemonset | `true` | | `daemonset.envFrom` | Templatable string of `envFrom` to be passed to the [environment from variables][] which will be appended to Metricbeat container for DaemonSet | `[]` | | `daemonset.extraEnvs` | Extra [environment variables][] which will be appended to Metricbeat container for DaemonSet | `[]` | | `daemonset.extraVolumeMounts` | Templatable string of additional `volumeMounts` to be passed to the `tpl` function or DaemonSet | `[]` | @@ -100,8 +101,9 @@ as a reference. They are also used in the automated testing of this chart. | `daemonset.secretMounts` | Allows you easily mount a secret as a file inside the DaemonSet. Useful for mounting certificates and other secrets. See [values.yaml][] for an example | `[]` | | `daemonset.securityContext` | Configurable [securityContext][] for Metricbeat DaemonSet pod execution environment | see [values.yaml][] | | `daemonset.tolerations` | Configurable [tolerations][] for Metricbeat DaemonSet | `[]` | -| `deployment.annotations` | Configurable [annotations][] for Metricbeat Deployment | `{}` | +| `deployment.annotations` | Configurable [annotations][] for Metricbeat Deployment | `{}` | | `deployment.affinity` | Configurable [affinity][] for Metricbeat Deployment | `{}` | +| `deployment.enabled` | If true, enable deployment | `true` | | `deployment.envFrom` | Templatable string of `envFrom` to be passed to the [environment from variables][] which will be appended to Metricbeat container for Deployment | `[]` | | `deployment.extraEnvs` | Extra [environment variables][] which will be appended to Metricbeat container for Deployment | `[]` | | `deployment.extraVolumeMounts` | Templatable string of additional `volumeMounts` to be passed to the `tpl` function or DaemonSet | `[]` | @@ -129,7 +131,7 @@ as a reference. They are also used in the automated testing of this chart. | `readinessProbe` | Parameters to pass to readiness [probe][] checks for values such as timeouts and thresholds | see [values.yaml][] | | `replicas` | The replica count for the Metricbeat deployment talking to kube-state-metrics | `1` | | `serviceAccount` | Custom [serviceAccount][] that Metricbeat will use during execution. By default will use the service account created by this chart | `""` | -| `serviceAccountAnnotations` | Annotations to be added to the ServiceAccount that is created by this chart. | `{}` +| `serviceAccountAnnotations` | Annotations to be added to the ServiceAccount that is created by this chart. | `{}` | | `terminationGracePeriod` | Termination period (in seconds) to wait before killing Metricbeat pod process on pod shutdown | `30` | | `updateStrategy` | The [updateStrategy][] for the DaemonSet By default Kubernetes will kill and recreate pods on updates. Setting this to `OnDelete` will require that pods be deleted manually | `RollingUpdate` | diff --git a/metricbeat/templates/daemonset.yaml b/metricbeat/templates/daemonset.yaml index dc261b977..fe9b457d5 100644 --- a/metricbeat/templates/daemonset.yaml +++ b/metricbeat/templates/daemonset.yaml @@ -1,3 +1,4 @@ +{{- if .Values.daemonset.enabled }} --- apiVersion: apps/v1 kind: DaemonSet @@ -165,3 +166,4 @@ spec: {{- if .Values.extraContainers }} {{ tpl .Values.extraContainers . | indent 6 }} {{- end }} +{{- end }} diff --git a/metricbeat/templates/deployment.yaml b/metricbeat/templates/deployment.yaml index 3e62e7e51..abb02b4cc 100644 --- a/metricbeat/templates/deployment.yaml +++ b/metricbeat/templates/deployment.yaml @@ -1,3 +1,5 @@ +# Deploy singleton instance in the whole cluster for some unique data sources, like kube-state-metrics +{{- if .Values.deployment.enabled }} --- apiVersion: apps/v1 kind: Deployment @@ -129,3 +131,4 @@ spec: {{- if .Values.extraContainers }} {{ tpl .Values.extraContainers . | indent 6 }} {{- end }} +{{- end }} diff --git a/metricbeat/tests/metricbeat_test.py b/metricbeat/tests/metricbeat_test.py index a0c97798c..9f78aeb33 100644 --- a/metricbeat/tests/metricbeat_test.py +++ b/metricbeat/tests/metricbeat_test.py @@ -15,6 +15,7 @@ def test_defaults(): r = helm_template(config) assert name in r["daemonset"] + assert name + "-metrics" in r["deployment"] c = r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0] assert c["name"] == project @@ -1161,3 +1162,23 @@ def test_adding_annotations(): == "waldo" ) assert "annotations" not in r["daemonset"][name]["metadata"] + + +def test_disable_daemonset(): + config = """ +daemonset: + enabled: false +""" + r = helm_template(config) + + assert name not in r.get("daemonset", {}) + + +def test_disable_deployment(): + config = """ +deployment: + enabled: false +""" + r = helm_template(config) + + assert name + "-metrics" not in r.get("deployment", {}) diff --git a/metricbeat/values.yaml b/metricbeat/values.yaml index 9d53d08cd..09ac08f7d 100755 --- a/metricbeat/values.yaml +++ b/metricbeat/values.yaml @@ -4,6 +4,8 @@ daemonset: # Annotations to apply to the daemonset annotations: {} affinity: {} + # Include the daemonset + enabled: true # Extra environment variables for Metricbeat container. envFrom: [] # - configMapRef: @@ -96,6 +98,8 @@ deployment: # Annotations to apply to the deployment annotations: {} affinity: {} + # Include the deployment + enabled: true # Extra environment variables for Metricbeat container. envFrom: [] # - configMapRef: From f8add3d59b5db5a92ae7209a2c589cd88d12c774 Mon Sep 17 00:00:00 2001 From: Sergiy Kulanov Date: Mon, 13 Jul 2020 16:53:09 +0300 Subject: [PATCH 058/151] Make kube-state-metrics optional for installation (#387) In the most cases kube-state-metrics is already installed on the cluster, so let's just re-use it, instead of installing another one copy. By default, kube-state-metrics are installed as dependency, so this PR doesn't change the default behaviour Signed-off-by: Sergiy Kulanov --- metricbeat/README.md | 2 ++ metricbeat/requirements.lock | 4 +-- metricbeat/requirements.yaml | 1 + metricbeat/templates/deployment.yaml | 4 +++ metricbeat/tests/metricbeat_test.py | 47 ++++++++++++++++++++++++++++ metricbeat/values.yaml | 5 +++ 6 files changed, 61 insertions(+), 2 deletions(-) diff --git a/metricbeat/README.md b/metricbeat/README.md index 0940af0bb..4e925b1b1 100644 --- a/metricbeat/README.md +++ b/metricbeat/README.md @@ -122,6 +122,8 @@ as a reference. They are also used in the automated testing of this chart. | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | | `imageTag` | The Metricbeat Docker image tag | `7.9.0-SNAPSHOT` | | `image` | The Metricbeat Docker image | `docker.elastic.co/beats/metricbeat` | +| `kube_state_metrics.enabled` | Install [kube-state-metrics](https://github.com/helm/charts/tree/master/stable/kube-state-metrics) as a dependency | `true` | +| `kube_state_metrics.host` | Define kube-state-metrics endpoint for an existing deployment. Works only if `kube_state_metrics.enabled: false` | `""` | | `labels` | Configurable [labels][] applied to all Metricbeat pods | `{}` | | `livenessProbe` | Parameters to pass to liveness [probe][] checks for values such as timeouts and thresholds | see [values.yaml][] | | `managedServiceAccount` | Whether the `serviceAccount` should be managed by this helm chart. Set this to `false` in order to manage your own service account and related roles | `true` | diff --git a/metricbeat/requirements.lock b/metricbeat/requirements.lock index 9b027f8cc..63f207bdf 100644 --- a/metricbeat/requirements.lock +++ b/metricbeat/requirements.lock @@ -2,5 +2,5 @@ dependencies: - name: kube-state-metrics repository: https://kubernetes-charts.storage.googleapis.com version: 2.4.1 -digest: sha256:89fdea6b5f048652fc2d562ff59338a8cbf25f9053dc28976a1271b4387692b1 -generated: "2019-11-01T10:31:40.002896+01:00" +digest: sha256:948dca129bc7c16b138ed8bcbdf666c324d812e43af59d475b8bb74a53e99778 +generated: "2020-04-16T16:14:03.9537312+03:00" diff --git a/metricbeat/requirements.yaml b/metricbeat/requirements.yaml index 0f8c03d9c..2d78b382a 100644 --- a/metricbeat/requirements.yaml +++ b/metricbeat/requirements.yaml @@ -2,3 +2,4 @@ dependencies: - name: 'kube-state-metrics' version: '2.4.1' repository: '@stable' + condition: kube_state_metrics.enabled diff --git a/metricbeat/templates/deployment.yaml b/metricbeat/templates/deployment.yaml index abb02b4cc..dacf78310 100644 --- a/metricbeat/templates/deployment.yaml +++ b/metricbeat/templates/deployment.yaml @@ -98,7 +98,11 @@ spec: fieldRef: fieldPath: metadata.namespace - name: KUBE_STATE_METRICS_HOSTS + {{- if .Values.kube_state_metrics.enabled }} value: "$({{ .Release.Name | replace "-" "_" | upper }}_KUBE_STATE_METRICS_SERVICE_HOST):$({{ .Release.Name | replace "-" "_" | upper }}_KUBE_STATE_METRICS_SERVICE_PORT_HTTP)" + {{- else }} + value: {{ .Values.kube_state_metrics.host | default "kube-state-metrics:8080"}} + {{- end }} {{- if .Values.extraEnvs | default .Values.deployment.extraEnvs }} {{ toYaml ( .Values.extraEnvs | default .Values.deployment.extraEnvs ) | indent 8 }} {{- end }} diff --git a/metricbeat/tests/metricbeat_test.py b/metricbeat/tests/metricbeat_test.py index 9f78aeb33..7e1d6e5b9 100644 --- a/metricbeat/tests/metricbeat_test.py +++ b/metricbeat/tests/metricbeat_test.py @@ -6,6 +6,7 @@ project = "metricbeat" name = "release-name-" + project +kube_state_metric_name = "release-name-kube-state-metrics" def test_defaults(): @@ -17,6 +18,14 @@ def test_defaults(): assert name in r["daemonset"] assert name + "-metrics" in r["deployment"] + assert kube_state_metric_name in r["deployment"] + assert ( + r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["containers"][0][ + "env" + ][1]["value"] + == "$(RELEASE_NAME_KUBE_STATE_METRICS_SERVICE_HOST):$(RELEASE_NAME_KUBE_STATE_METRICS_SERVICE_PORT_HTTP)" + ) + c = r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0] assert c["name"] == project assert c["image"].startswith("docker.elastic.co/beats/" + project + ":") @@ -1182,3 +1191,41 @@ def test_disable_deployment(): r = helm_template(config) assert name + "-metrics" not in r.get("deployment", {}) + + +def test_do_not_install_kube_stat_metrics(): + config = """ +kube_state_metrics: + enabled: false +""" + r = helm_template(config) + + assert kube_state_metric_name not in r["deployment"] + assert ( + r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["containers"][0][ + "env" + ][1]["name"] + == "KUBE_STATE_METRICS_HOSTS" + ) + assert ( + r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["containers"][0][ + "env" + ][1]["value"] + == "kube-state-metrics:8080" + ) + + +def test_custom_kube_stat_metrics_host(): + config = """ +kube_state_metrics: + enabled: false + host: "kube-state-metrics.kube-system:9999" +""" + r = helm_template(config) + + assert ( + r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["containers"][0][ + "env" + ][1]["value"] + == "kube-state-metrics.kube-system:9999" + ) diff --git a/metricbeat/values.yaml b/metricbeat/values.yaml index 09ac08f7d..7362cc0b9 100755 --- a/metricbeat/values.yaml +++ b/metricbeat/values.yaml @@ -250,6 +250,11 @@ updateStrategy: RollingUpdate nameOverride: "" fullnameOverride: "" +kube_state_metrics: + enabled: true + # host is used only when kube_state_metrics.enabled: false + host: "" + # DEPRECATED affinity: {} envFrom: [] From 84300609596b68da0e0d2dda12e02f60327c546e Mon Sep 17 00:00:00 2001 From: Andreas Date: Mon, 13 Jul 2020 18:23:38 +0200 Subject: [PATCH 059/151] [elasticsearch] _helpers.tpl - elasticsearch.endpoints to use elasticsearch.uname (#670) This addressing an issue where nodes are unable to locate the masters when fullnameOverride is used, due to the cluster.initial_master_nodes having the wrong name of the nodes. --- elasticsearch/templates/_helpers.tpl | 2 +- elasticsearch/tests/elasticsearch_test.py | 14 ++++++++++++++ 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/elasticsearch/templates/_helpers.tpl b/elasticsearch/templates/_helpers.tpl index f7f212893..87783dae9 100755 --- a/elasticsearch/templates/_helpers.tpl +++ b/elasticsearch/templates/_helpers.tpl @@ -45,7 +45,7 @@ We truncate at 63 chars because some Kubernetes name fields are limited to this {{- define "elasticsearch.endpoints" -}} {{- $replicas := int (toString (.Values.replicas)) }} -{{- $uname := printf "%s-%s" .Values.clusterName .Values.nodeGroup }} +{{- $uname := (include "elasticsearch.uname" .) }} {{- range $i, $e := untilStep 0 $replicas 1 -}} {{ $uname }}-{{ $i }}, {{- end -}} diff --git a/elasticsearch/tests/elasticsearch_test.py b/elasticsearch/tests/elasticsearch_test.py index dfbff9033..063757362 100755 --- a/elasticsearch/tests/elasticsearch_test.py +++ b/elasticsearch/tests/elasticsearch_test.py @@ -1330,3 +1330,17 @@ def test_full_name_override(): assert "customfullName" in r["statefulset"] assert "customfullName" in r["service"] + + +def test_initial_master_nodes_when_using_full_name_override(): + config = """ +fullnameOverride: "customfullName" +""" + r = helm_template(config) + env = r["statefulset"]["customfullName"]["spec"]["template"]["spec"]["containers"][ + 0 + ]["env"] + assert { + "name": "cluster.initial_master_nodes", + "value": "customfullName-0," + "customfullName-1," + "customfullName-2,", + } in env From 5f5c0d3d6ce33937b99d184ba871dc9fe9d53ae4 Mon Sep 17 00:00:00 2001 From: Kirill Date: Wed, 15 Jul 2020 13:23:40 +0300 Subject: [PATCH 060/151] [logstash] Restart the logstash pod when the secrets have changed (#723) --- logstash/templates/statefulset.yaml | 7 +++++-- logstash/tests/logstash_test.py | 4 ++++ 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/logstash/templates/statefulset.yaml b/logstash/templates/statefulset.yaml index 18811ed21..9200cfc0c 100644 --- a/logstash/templates/statefulset.yaml +++ b/logstash/templates/statefulset.yaml @@ -47,14 +47,17 @@ spec: {{- range $key, $value := .Values.podAnnotations }} {{ $key }}: {{ $value | quote }} {{- end }} - {{/* This forces a restart if the configmap has changed */}} + {{- /* This forces a restart if the configmap has changed */}} {{- if .Values.logstashConfig }} configchecksum: {{ include (print .Template.BasePath "/configmap-config.yaml") . | sha256sum | trunc 63 }} {{- end }} - {{/* This forces a restart if the configmap has changed */}} + {{- /* This forces a restart if the configmap has changed */}} {{- if .Values.logstashPipeline }} pipelinechecksum: {{ include (print .Template.BasePath "/configmap-pipeline.yaml") . | sha256sum | trunc 63 }} {{- end }} + {{- if .Values.secrets }} + secretschecksum: {{ include (print .Template.BasePath "/secret.yaml") . | sha256sum | trunc 63 }} + {{- end }} spec: {{- if .Values.schedulerName }} schedulerName: "{{ .Values.schedulerName }}" diff --git a/logstash/tests/logstash_test.py b/logstash/tests/logstash_test.py index 513de1be0..6b29dacdf 100755 --- a/logstash/tests/logstash_test.py +++ b/logstash/tests/logstash_test.py @@ -325,6 +325,10 @@ def test_adding_a_secret(): assert len(r["secret"]) == 1 assert len(s["data"]) == 1 assert s["data"] == {"ELASTICSEARCH_PASSWORD": content_b64} + assert ( + "secretschecksum" + in r["statefulset"][name]["spec"]["template"]["metadata"]["annotations"] + ) def test_adding_secret_from_file(): From fc1bc13cde1c8459272a5c15edeeb2ed600b6366 Mon Sep 17 00:00:00 2001 From: Frederic Haase <44052928+fhaase2@users.noreply.github.com> Date: Wed, 15 Jul 2020 17:03:54 +0200 Subject: [PATCH 061/151] [elasticsearch] Update test image pull policy. (#727) --- elasticsearch/templates/test/test-elasticsearch-health.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/elasticsearch/templates/test/test-elasticsearch-health.yaml b/elasticsearch/templates/test/test-elasticsearch-health.yaml index 0aac728a8..a278b140a 100644 --- a/elasticsearch/templates/test/test-elasticsearch-health.yaml +++ b/elasticsearch/templates/test/test-elasticsearch-health.yaml @@ -11,6 +11,7 @@ spec: containers: - name: "{{ .Release.Name }}-{{ randAlpha 5 | lower }}-test" image: "{{ .Values.image }}:{{ .Values.imageTag }}" + imagePullPolicy: "{{ .Values.imagePullPolicy }}" command: - "sh" - "-c" From ff8ca5fa2fdade4309cebbc2b05cffb465ba650c Mon Sep 17 00:00:00 2001 From: DEBOJIT KAKOTI Date: Thu, 16 Jul 2020 15:04:55 +0530 Subject: [PATCH 062/151] [Kibana] Add loadbalancerIP to service spec in kibana (#726) --- kibana/templates/service.yaml | 3 +++ kibana/tests/kibana_test.py | 14 ++++++++++++++ kibana/values.yaml | 1 + 3 files changed, 18 insertions(+) diff --git a/kibana/templates/service.yaml b/kibana/templates/service.yaml index 71400a88d..dfb254c0c 100644 --- a/kibana/templates/service.yaml +++ b/kibana/templates/service.yaml @@ -13,6 +13,9 @@ metadata: {{- end }} spec: type: {{ .Values.service.type }} +{{- if .Values.service.loadBalancerIP }} + loadBalancerIP: {{ .Values.service.loadBalancerIP }} +{{- end }} {{- with .Values.service.loadBalancerSourceRanges }} loadBalancerSourceRanges: {{ toYaml . | indent 4 }} diff --git a/kibana/tests/kibana_test.py b/kibana/tests/kibana_test.py index 1341c6146..38a9fb154 100644 --- a/kibana/tests/kibana_test.py +++ b/kibana/tests/kibana_test.py @@ -51,6 +51,9 @@ def test_defaults(): # Make sure that the default 'loadBalancerSourceRanges' list is empty assert "loadBalancerSourceRanges" not in r["service"][name]["spec"] + # Make sure that the default 'loadBalancerIP' string is empty + assert "loadBalancerIP" not in r["service"][name]["spec"] + def test_overriding_the_elasticsearch_hosts(): config = """ @@ -615,3 +618,14 @@ def test_setting_fullnameOverride(): ] == "kibana" ) + + +def test_adding_loadBalancerIP(): + config = """ + service: + loadBalancerIP: 12.5.11.79 + """ + + r = helm_template(config) + + assert r["service"][name]["spec"]["loadBalancerIP"] == "12.5.11.79" diff --git a/kibana/values.yaml b/kibana/values.yaml index 4134ad0da..24f5f9326 100755 --- a/kibana/values.yaml +++ b/kibana/values.yaml @@ -95,6 +95,7 @@ updateStrategy: service: type: ClusterIP + loadBalancerIP: "" port: 5601 nodePort: "" labels: {} From a55efee270b3553cee90ef5ccad50b2bcfabe85e Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Fri, 17 Jul 2020 18:35:50 +0200 Subject: [PATCH 063/151] [doc] fix some links (#737) - Update oss docker image links to new Elastic registry - Fix some other links --- apm-server/README.md | 2 +- elasticsearch/README.md | 2 +- filebeat/README.md | 4 ++-- kibana/README.md | 3 ++- logstash/README.md | 2 +- metricbeat/README.md | 1 + 6 files changed, 8 insertions(+), 6 deletions(-) diff --git a/apm-server/README.md b/apm-server/README.md index 53d3b06fe..c1ff9abbc 100644 --- a/apm-server/README.md +++ b/apm-server/README.md @@ -151,7 +151,7 @@ about our development and testing process. [affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity [annotations]: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ [apm server docker image]: https://www.elastic.co/guide/en/apm/server/7.8/running-on-docker.html -[apm server oss docker image]: https://www.docker.elastic.co/#apm-server-7-8-0-oss +[apm server oss docker image]: https://www.docker.elastic.co/r/apm/apm-server-oss [default elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/README.md#default [environment variables]: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config [environment from variables]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables diff --git a/elasticsearch/README.md b/elasticsearch/README.md index 075038b37..8f112d3bf 100644 --- a/elasticsearch/README.md +++ b/elasticsearch/README.md @@ -402,7 +402,7 @@ about our development and testing process. [docker for mac]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/docker-for-mac [elasticsearch cluster health status params]: https://www.elastic.co/guide/en/elasticsearch/reference/7.x/cluster-health.html#request-params [elasticsearch docker image]: https://www.elastic.co/guide/en/elasticsearch/reference/7.x/docker.html -[elasticsearch oss docker image]: https://www.docker.elastic.co/#elasticsearch-7-8-0-oss +[elasticsearch oss docker image]: https://www.docker.elastic.co/r/elasticsearch/elasticsearch-oss [environment variables]: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config [environment from variables]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables [examples]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/ diff --git a/filebeat/README.md b/filebeat/README.md index 398c6119c..da25ccab1 100644 --- a/filebeat/README.md +++ b/filebeat/README.md @@ -195,8 +195,8 @@ about our development and testing process. [examples/oss]: https://github.com/elastic/helm-charts/tree/7.x/filebeat/examples/oss [examples/security]: https://github.com/elastic/helm-charts/tree/7.x/filebeat/examples/security [filebeat docker image]: https://www.elastic.co/guide/en/beats/filebeat/7.x/running-on-docker.html -[filebeat oss docker image]: https://www.docker.elastic.co/#filebeat-7-8-0-oss -[filebeat output]: https://www.elastic.co/guide/en/beats/filebeat/7.x/configuring-output.html +[filebeat oss docker image]: https://www.docker.elastic.co/r/beats/filebeat-oss +[filebeat outputs]: https://www.elastic.co/guide/en/beats/filebeat/7.x/configuring-output.html [helm]: https://helm.sh [hostNetwork]: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#host-namespaces [hostPath]: https://kubernetes.io/docs/concepts/storage/volumes/#hostpath diff --git a/kibana/README.md b/kibana/README.md index 1c93bff8c..3b78f3ef8 100644 --- a/kibana/README.md +++ b/kibana/README.md @@ -212,12 +212,13 @@ about our development and testing process. [examples]: https://github.com/elastic/helm-charts/tree/7.x/kibana/examples [examples/oss]: https://github.com/elastic/helm-charts/tree/7.x/kibana/examples/oss [examples/security]: https://github.com/elastic/helm-charts/tree/7.x/kibana/examples/security +[gke]: https://cloud.google.com/kubernetes-engine [helm]: https://helm.sh [imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images [imagePullSecrets]: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret [ingress]: https://kubernetes.io/docs/concepts/services-networking/ingress/ [kibana docker image]: https://www.elastic.co/guide/en/kibana/7.x/docker.html -[kibana oss docker image]: https://www.docker.elastic.co/#kibana-7-8-0-oss +[kibana oss docker image]: https://www.docker.elastic.co/r/kibana/kibana-oss [kubernetes secrets]: https://kubernetes.io/docs/concepts/configuration/secret/ [labels]: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ [lifecycle hooks]: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/ diff --git a/logstash/README.md b/logstash/README.md index f9ac32ff6..a38c7a381 100644 --- a/logstash/README.md +++ b/logstash/README.md @@ -204,7 +204,7 @@ about our development and testing process. [kubernetes secrets]: https://kubernetes.io/docs/concepts/configuration/secret/ [labels]: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ [logstash docker image]: https://www.elastic.co/guide/en/logstash/7.x/docker.html -[logstash oss docker image]: https://www.docker.elastic.co/#logstash-7-8-0-oss +[logstash oss docker image]: https://www.docker.elastic.co/r/logstash/logstash-oss [maxUnavailable]: https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget [node affinity settings]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#node-affinity-beta-feature [nodeSelector]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector diff --git a/metricbeat/README.md b/metricbeat/README.md index 4e925b1b1..770985fd6 100644 --- a/metricbeat/README.md +++ b/metricbeat/README.md @@ -227,6 +227,7 @@ about our development and testing process. [kubernetes secrets]: https://kubernetes.io/docs/concepts/configuration/secret/ [labels]: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ [metricbeat docker image]: https://www.elastic.co/guide/en/beats/metricbeat/7.x/running-on-docker.html +[metricbeat oss docker image]: https://www.docker.elastic.co/r/beats/metricbeat-oss [priorityClass]: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass [nodeSelector]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector [probe]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes From 837657868fbc51a1634e995c149f9a7804de9b2d Mon Sep 17 00:00:00 2001 From: AhmedSamirAhmed Date: Mon, 27 Jul 2020 10:42:17 +0200 Subject: [PATCH 064/151] Update README.md (#749) change https://github.com/elastic/helm-charts/tree/master/kibana/examples/security/security.yaml to be https://github.com/elastic/helm-charts/tree/master/kibana/examples/security/security.yml --- kibana/examples/security/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kibana/examples/security/README.md b/kibana/examples/security/README.md index a834df90a..c5cdc6037 100644 --- a/kibana/examples/security/README.md +++ b/kibana/examples/security/README.md @@ -25,4 +25,4 @@ You can also run [goss integration tests][] using `make test` [elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/security/ [goss integration tests]: https://github.com/elastic/helm-charts/tree/7.x/kibana/examples/security/test/goss.yaml -[values]: https://github.com/elastic/helm-charts/tree/7.x/kibana/examples/security/security.yaml +[values]: https://github.com/elastic/helm-charts/tree/7.x/kibana/examples/security/security.yml From aa7e446b0e71640c58cccab5f5f46ae1afe4f7f6 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Tue, 28 Jul 2020 18:18:46 +0200 Subject: [PATCH 065/151] [release] bump 7.x branch to 7.10.0-SNAPSHOT (#757) This commit bump the 7.x branch which will be dedicated to the 7.x.x releases for the Helm Charts. It will allow to: - test this branch with the daily Stack Docker images 7.10.0-SNAPSHOT via dedicated Jenkins jobs --- README.md | 24 +++++++++---------- apm-server/Chart.yaml | 4 ++-- apm-server/README.md | 10 ++++---- apm-server/examples/default/README.md | 2 +- apm-server/examples/default/test/goss.yaml | 2 +- apm-server/examples/oss/README.md | 2 +- apm-server/examples/oss/test/goss.yaml | 2 +- apm-server/examples/security/README.md | 2 +- apm-server/examples/security/test/goss.yaml | 2 +- apm-server/values.yaml | 2 +- elasticsearch/Chart.yaml | 4 ++-- elasticsearch/README.md | 10 ++++---- elasticsearch/examples/config/README.md | 2 +- elasticsearch/examples/default/README.md | 2 +- elasticsearch/examples/default/test/goss.yaml | 2 +- .../examples/docker-for-mac/README.md | 2 +- .../examples/kubernetes-kind/README.md | 2 +- elasticsearch/examples/microk8s/README.md | 2 +- elasticsearch/examples/minikube/README.md | 2 +- elasticsearch/examples/multi/README.md | 2 +- elasticsearch/examples/openshift/README.md | 2 +- .../examples/openshift/test/goss.yaml | 2 +- elasticsearch/examples/oss/README.md | 2 +- elasticsearch/examples/oss/test/goss.yaml | 2 +- elasticsearch/examples/security/README.md | 2 +- elasticsearch/examples/upgrade/README.md | 4 ++-- elasticsearch/examples/upgrade/test/goss.yaml | 2 +- elasticsearch/values.yaml | 2 +- filebeat/Chart.yaml | 4 ++-- filebeat/README.md | 8 +++---- filebeat/examples/default/README.md | 2 +- filebeat/examples/default/test/goss.yaml | 4 ++-- filebeat/examples/oss/README.md | 2 +- filebeat/examples/oss/test/goss.yaml | 2 +- filebeat/examples/security/README.md | 2 +- filebeat/examples/security/test/goss.yaml | 2 +- filebeat/values.yaml | 2 +- helpers/bumper.py | 2 +- helpers/examples.mk | 2 +- kibana/Chart.yaml | 4 ++-- kibana/README.md | 8 +++---- kibana/examples/default/README.md | 2 +- kibana/examples/default/test/goss.yaml | 2 +- kibana/examples/openshift/README.md | 2 +- kibana/examples/oss/README.md | 2 +- kibana/examples/security/README.md | 2 +- kibana/values.yaml | 2 +- logstash/Chart.yaml | 4 ++-- logstash/README.md | 8 +++---- logstash/examples/default/README.md | 2 +- logstash/examples/default/test/goss.yaml | 2 +- logstash/examples/elasticsearch/README.md | 2 +- .../examples/elasticsearch/test/goss.yaml | 2 +- logstash/examples/oss/README.md | 2 +- logstash/examples/oss/test/goss.yaml | 2 +- logstash/examples/security/test/goss.yaml | 2 +- logstash/values.yaml | 2 +- metricbeat/Chart.yaml | 4 ++-- metricbeat/README.md | 8 +++---- metricbeat/examples/default/README.md | 2 +- .../examples/default/test/goss-metrics.yaml | 6 ++--- metricbeat/examples/default/test/goss.yaml | 6 ++--- metricbeat/examples/oss/README.md | 2 +- .../examples/oss/test/goss-metrics.yaml | 6 ++--- metricbeat/examples/oss/test/goss.yaml | 6 ++--- metricbeat/examples/security/README.md | 2 +- .../examples/security/test/goss-metrics.yaml | 6 ++--- metricbeat/examples/security/test/goss.yaml | 6 ++--- metricbeat/values.yaml | 2 +- 69 files changed, 120 insertions(+), 120 deletions(-) diff --git a/README.md b/README.md index ac3050eaf..7dc4f21cd 100644 --- a/README.md +++ b/README.md @@ -37,12 +37,12 @@ versions. | Chart | Docker documentation | Latest 7 Version | Latest 6 Version | |--------------------------------------------|-----------------------------------------------------------------------------|----------------------------|-----------------------------| -| [APM-Server](./apm-server/README.md) | https://www.elastic.co/guide/en/apm/server/7.8/running-on-docker.html | [`7.8.0`][apm-7] | [`6.8.10`][apm-6] | -| [Elasticsearch](./elasticsearch/README.md) | https://www.elastic.co/guide/en/elasticsearch/reference/7.8/docker.html | [`7.8.0`][elasticsearch-7] | [`6.8.10`][elasticsearch-6] | -| [Filebeat](./filebeat/README.md) | https://www.elastic.co/guide/en/beats/filebeat/7.8/running-on-docker.html | [`7.8.0`][filebeat-7] | [`6.8.10`][filebeat-6] | -| [Kibana](./kibana/README.md) | https://www.elastic.co/guide/en/kibana/7.8/docker.html | [`7.8.0`][kibana-7] | [`6.8.10`][kibana-6] | -| [Logstash](./logstash/README.md) | https://www.elastic.co/guide/en/logstash/7.8/docker.html | [`7.8.0`][logstash-7] | [`6.8.10`][logstash-6] | -| [Metricbeat](./metricbeat/README.md) | https://www.elastic.co/guide/en/beats/metricbeat/7.8/running-on-docker.html | [`7.8.0`][metricbeat-7] | [`6.8.10`][metricbeat-6] | +| [APM-Server](./apm-server/README.md) | https://www.elastic.co/guide/en/apm/server/7.9/running-on-docker.html | [`7.8.1`][apm-7] | [`6.8.10`][apm-6] | +| [Elasticsearch](./elasticsearch/README.md) | https://www.elastic.co/guide/en/elasticsearch/reference/7.9/docker.html | [`7.8.1`][elasticsearch-7] | [`6.8.10`][elasticsearch-6] | +| [Filebeat](./filebeat/README.md) | https://www.elastic.co/guide/en/beats/filebeat/7.9/running-on-docker.html | [`7.8.1`][filebeat-7] | [`6.8.10`][filebeat-6] | +| [Kibana](./kibana/README.md) | https://www.elastic.co/guide/en/kibana/7.9/docker.html | [`7.8.1`][kibana-7] | [`6.8.10`][kibana-6] | +| [Logstash](./logstash/README.md) | https://www.elastic.co/guide/en/logstash/7.9/docker.html | [`7.8.1`][logstash-7] | [`6.8.10`][logstash-6] | +| [Metricbeat](./metricbeat/README.md) | https://www.elastic.co/guide/en/beats/metricbeat/7.9/running-on-docker.html | [`7.8.1`][metricbeat-7] | [`6.8.10`][metricbeat-6] | ## Supported Configurations @@ -96,15 +96,15 @@ Kubernetes. [operator pattern]: https://kubernetes.io/docs/concepts/extend-kubernetes/operator/ [elasticsearch-771]: https://github.com/elastic/helm-charts/tree/7.7.1/elasticsearch/ -[apm-7]: https://github.com/elastic/helm-charts/tree/7.8.0/apm-server/README.md +[apm-7]: https://github.com/elastic/helm-charts/tree/7.8.1/apm-server/README.md [apm-6]: https://github.com/elastic/helm-charts/tree/6.8.10/apm-server/README.md -[elasticsearch-7]: https://github.com/elastic/helm-charts/tree/7.8.0/elasticsearch/README.md +[elasticsearch-7]: https://github.com/elastic/helm-charts/tree/7.8.1/elasticsearch/README.md [elasticsearch-6]: https://github.com/elastic/helm-charts/tree/6.8.10/elasticsearch/README.md -[filebeat-7]: https://github.com/elastic/helm-charts/tree/7.8.0/filebeat/README.md +[filebeat-7]: https://github.com/elastic/helm-charts/tree/7.8.1/filebeat/README.md [filebeat-6]: https://github.com/elastic/helm-charts/tree/6.8.10/filebeat/README.md -[kibana-7]: https://github.com/elastic/helm-charts/tree/7.8.0/kibana/README.md +[kibana-7]: https://github.com/elastic/helm-charts/tree/7.8.1/kibana/README.md [kibana-6]: https://github.com/elastic/helm-charts/tree/6.8.10/kibana/README.md -[logstash-7]: https://github.com/elastic/helm-charts/tree/7.8.0/logstash/README.md +[logstash-7]: https://github.com/elastic/helm-charts/tree/7.8.1/logstash/README.md [logstash-6]: https://github.com/elastic/helm-charts/tree/6.8.10/logstash/README.md -[metricbeat-7]: https://github.com/elastic/helm-charts/tree/7.8.0/metricbeat/README.md +[metricbeat-7]: https://github.com/elastic/helm-charts/tree/7.8.1/metricbeat/README.md [metricbeat-6]: https://github.com/elastic/helm-charts/tree/6.8.10/metricbeat/README.md diff --git a/apm-server/Chart.yaml b/apm-server/Chart.yaml index eea03a313..9e4ee0d71 100755 --- a/apm-server/Chart.yaml +++ b/apm-server/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: apm-server -version: 7.9.0-SNAPSHOT -appVersion: 7.9.0-SNAPSHOT +version: 7.10.0-SNAPSHOT +appVersion: 7.10.0-SNAPSHOT sources: - https://github.com/elastic/apm icon: https://helm.elastic.co/icons/apm.png diff --git a/apm-server/README.md b/apm-server/README.md index c1ff9abbc..59a380a31 100644 --- a/apm-server/README.md +++ b/apm-server/README.md @@ -19,7 +19,7 @@ for released version. - [Requirements](#requirements) - [Installing](#installing) - [Install released version using Helm repository](#install-released-version-using-helm-repository) - - [Install development version using 7.x branch and 7.9.0-SNAPSHOT versions](#install-development-version-using-7x-branch-and-790-snapshot-versions) + - [Install development version using 7.x branch and 7.10.0-SNAPSHOT versions](#install-development-version-using-7x-branch-and-7100-snapshot-versions) - [Upgrading](#upgrading) - [Usage notes](#usage-notes) - [Configuration](#configuration) @@ -43,7 +43,7 @@ See [supported configurations][] for more details. ## Installing -This chart is tested with the latest 7.9.0-SNAPSHOT versions. +This chart is tested with the latest 7.10.0-SNAPSHOT versions. ### Install released version using Helm repository @@ -53,7 +53,7 @@ This chart is tested with the latest 7.9.0-SNAPSHOT versions. * Install the latest 7.7 release: `helm install --name apm-server elastic/apm-server` -### Install development version using 7.x branch and 7.9.0-SNAPSHOT versions +### Install development version using 7.x branch and 7.10.0-SNAPSHOT versions * Clone the git repo: `git clone git@github.com:elastic/helm-charts.git` @@ -95,7 +95,7 @@ as a reference. They are also used in the automated testing of this chart. | `fullnameOverride` | Overrides the full name of the resources. If not set the name will default to `.Release.Name` - `.Values.nameOverride` or `.Chart.Name` | `""` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The APM Server Docker image tag | `7.9.0-SNAPSHOT` | +| `imageTag` | The APM Server Docker image tag | `7.10.0-SNAPSHOT` | | `image` | The APM Server Docker image | `docker.elastic.co/apm/apm-server` | | `ingress` | Configurable [ingress][] to expose the APM Server service | see [values.yaml][] | | `labels` | Configurable [labels][] applied to all APM server pods | `{}` | @@ -150,7 +150,7 @@ about our development and testing process. [CONTRIBUTING.md]: https://github.com/elastic/helm-charts/blob/master/CONTRIBUTING.md [affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity [annotations]: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ -[apm server docker image]: https://www.elastic.co/guide/en/apm/server/7.8/running-on-docker.html +[apm server docker image]: https://www.elastic.co/guide/en/apm/server/7.9/running-on-docker.html [apm server oss docker image]: https://www.docker.elastic.co/r/apm/apm-server-oss [default elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/README.md#default [environment variables]: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config diff --git a/apm-server/examples/default/README.md b/apm-server/examples/default/README.md index d363b9497..9c6b913aa 100644 --- a/apm-server/examples/default/README.md +++ b/apm-server/examples/default/README.md @@ -1,6 +1,6 @@ # Default -This example deploy APM Server 7.9.0-SNAPSHOT using [default values][]. +This example deploy APM Server 7.10.0-SNAPSHOT using [default values][]. ## Usage diff --git a/apm-server/examples/default/test/goss.yaml b/apm-server/examples/default/test/goss.yaml index 5340a1d10..9dccc1d29 100644 --- a/apm-server/examples/default/test/goss.yaml +++ b/apm-server/examples/default/test/goss.yaml @@ -3,4 +3,4 @@ http: status: 200 timeout: 2000 body: - - '7.9.0' + - '7.10.0' diff --git a/apm-server/examples/oss/README.md b/apm-server/examples/oss/README.md index 11fe24458..4cb72b90c 100644 --- a/apm-server/examples/oss/README.md +++ b/apm-server/examples/oss/README.md @@ -1,6 +1,6 @@ # OSS -This example deploy APM Server 7.9.0-SNAPSHOT using [APM Server OSS][] version. +This example deploy APM Server 7.10.0-SNAPSHOT using [APM Server OSS][] version. ## Usage diff --git a/apm-server/examples/oss/test/goss.yaml b/apm-server/examples/oss/test/goss.yaml index 5340a1d10..9dccc1d29 100644 --- a/apm-server/examples/oss/test/goss.yaml +++ b/apm-server/examples/oss/test/goss.yaml @@ -3,4 +3,4 @@ http: status: 200 timeout: 2000 body: - - '7.9.0' + - '7.10.0' diff --git a/apm-server/examples/security/README.md b/apm-server/examples/security/README.md index 120a645c4..7e4bdf4a9 100644 --- a/apm-server/examples/security/README.md +++ b/apm-server/examples/security/README.md @@ -1,6 +1,6 @@ # Security -This example deploy APM Server 7.9.0-SNAPSHOT using authentication and TLS to connect to +This example deploy APM Server 7.10.0-SNAPSHOT using authentication and TLS to connect to Elasticsearch (see [values][]). diff --git a/apm-server/examples/security/test/goss.yaml b/apm-server/examples/security/test/goss.yaml index 5340a1d10..9dccc1d29 100644 --- a/apm-server/examples/security/test/goss.yaml +++ b/apm-server/examples/security/test/goss.yaml @@ -3,4 +3,4 @@ http: status: 200 timeout: 2000 body: - - '7.9.0' + - '7.10.0' diff --git a/apm-server/values.yaml b/apm-server/values.yaml index 4999d97f7..6b4974add 100755 --- a/apm-server/values.yaml +++ b/apm-server/values.yaml @@ -62,7 +62,7 @@ extraVolumes: [] # emptyDir: {} image: "docker.elastic.co/apm/apm-server" -imageTag: "7.9.0-SNAPSHOT" +imageTag: "7.10.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" imagePullSecrets: [] diff --git a/elasticsearch/Chart.yaml b/elasticsearch/Chart.yaml index d86124b11..fbb3a8f30 100755 --- a/elasticsearch/Chart.yaml +++ b/elasticsearch/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: elasticsearch -version: 7.9.0-SNAPSHOT -appVersion: 7.9.0-SNAPSHOT +version: 7.10.0-SNAPSHOT +appVersion: 7.10.0-SNAPSHOT sources: - https://github.com/elastic/elasticsearch icon: https://helm.elastic.co/icons/elasticsearch.png diff --git a/elasticsearch/README.md b/elasticsearch/README.md index 8f112d3bf..5fabf48bf 100644 --- a/elasticsearch/README.md +++ b/elasticsearch/README.md @@ -14,7 +14,7 @@ for released version. - [Requirements](#requirements) - [Installing](#installing) - [Install released version using Helm repository](#install-released-version-using-helm-repository) - - [Install development version using 7.x branch and 7.9.0-SNAPSHOT versions](#install-development-version-using-7x-branch-and-790-snapshot-versions) + - [Install development version using 7.x branch and 7.10.0-SNAPSHOT versions](#install-development-version-using-7x-branch-and-7100-snapshot-versions) - [Upgrading](#upgrading) - [Usage notes](#usage-notes) - [Configuration](#configuration) @@ -53,7 +53,7 @@ See [supported configurations][] for more details. ## Installing -This chart is tested with the latest 7.9.0-SNAPSHOT versions. +This chart is tested with the latest 7.10.0-SNAPSHOT versions. ### Install released version using Helm repository @@ -63,7 +63,7 @@ This chart is tested with the latest 7.9.0-SNAPSHOT versions. * Install the latest 7.7 release: `helm install --name elasticsearch elastic/elasticsearch` -### Install development version using 7.x branch and 7.9.0-SNAPSHOT versions +### Install development version using 7.x branch and 7.10.0-SNAPSHOT versions * Clone the git repo: `git clone git@github.com:elastic/helm-charts.git` @@ -123,7 +123,7 @@ support multiple versions with minimal changes. | `httpPort` | The http port that Kubernetes will use for the healthchecks and the service. If you change this you will also need to set [http.port][] in `extraEnvs` | `9200` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The Elasticsearch Docker image tag | `7.9.0-SNAPSHOT` | +| `imageTag` | The Elasticsearch Docker image tag | `7.10.0-SNAPSHOT` | | `image` | The Elasticsearch Docker image | `docker.elastic.co/elasticsearch/elasticsearch` | | `ingress` | Configurable [ingress][] to expose the Elasticsearch service. See [values.yaml][] for an example | see [values.yaml][] | | `initResources` | Allows you to set the [resources][] for the `initContainer` in the StatefulSet | `{}` | @@ -395,7 +395,7 @@ about our development and testing process. [cluster.name]: https://www.elastic.co/guide/en/elasticsearch/reference/7.x/cluster.name.html [clustering and node discovery]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/README.md#clustering-and-node-discovery [config example]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/config/values.yaml -[curator]: https://www.elastic.co/guide/en/elasticsearch/client/curator/7.8/snapshot.html +[curator]: https://www.elastic.co/guide/en/elasticsearch/client/curator/7.9/snapshot.html [custom docker image]: https://www.elastic.co/guide/en/elasticsearch/reference/7.x/docker.html#_c_customized_image [deploys statefulsets serially]: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-management-policies [discovery.zen.minimum_master_nodes]: https://www.elastic.co/guide/en/elasticsearch/reference/7.x/discovery-settings.html#minimum_master_nodes diff --git a/elasticsearch/examples/config/README.md b/elasticsearch/examples/config/README.md index f3106b73f..22f8a759d 100644 --- a/elasticsearch/examples/config/README.md +++ b/elasticsearch/examples/config/README.md @@ -1,6 +1,6 @@ # Config -This example deploy a single node Elasticsearch 7.9.0-SNAPSHOT with authentication and +This example deploy a single node Elasticsearch 7.10.0-SNAPSHOT with authentication and custom [values][]. diff --git a/elasticsearch/examples/default/README.md b/elasticsearch/examples/default/README.md index 006ecef49..683dced8e 100644 --- a/elasticsearch/examples/default/README.md +++ b/elasticsearch/examples/default/README.md @@ -1,6 +1,6 @@ # Default -This example deploy a 3 nodes Elasticsearch 7.9.0-SNAPSHOT cluster using +This example deploy a 3 nodes Elasticsearch 7.10.0-SNAPSHOT cluster using [default values][]. diff --git a/elasticsearch/examples/default/test/goss.yaml b/elasticsearch/examples/default/test/goss.yaml index 528797760..d725807d5 100644 --- a/elasticsearch/examples/default/test/goss.yaml +++ b/elasticsearch/examples/default/test/goss.yaml @@ -15,7 +15,7 @@ http: status: 200 timeout: 2000 body: - - '"number" : "7.9.0-SNAPSHOT"' + - '"number" : "7.10.0-SNAPSHOT"' - '"cluster_name" : "elasticsearch"' - '"name" : "elasticsearch-master-0"' - 'You Know, for Search' diff --git a/elasticsearch/examples/docker-for-mac/README.md b/elasticsearch/examples/docker-for-mac/README.md index 496c7cbd0..acf62ed86 100644 --- a/elasticsearch/examples/docker-for-mac/README.md +++ b/elasticsearch/examples/docker-for-mac/README.md @@ -1,6 +1,6 @@ # Docker for Mac -This example deploy a 3 nodes Elasticsearch 7.9.0-SNAPSHOT cluster on [Docker for Mac][] +This example deploy a 3 nodes Elasticsearch 7.10.0-SNAPSHOT cluster on [Docker for Mac][] using [custom values][]. Note that this configuration should be used for test only and isn't recommended diff --git a/elasticsearch/examples/kubernetes-kind/README.md b/elasticsearch/examples/kubernetes-kind/README.md index 4d74489f7..ee0b407c1 100644 --- a/elasticsearch/examples/kubernetes-kind/README.md +++ b/elasticsearch/examples/kubernetes-kind/README.md @@ -1,6 +1,6 @@ # KIND -This example deploy a 3 nodes Elasticsearch 7.9.0-SNAPSHOT cluster on [Kind][] +This example deploy a 3 nodes Elasticsearch 7.10.0-SNAPSHOT cluster on [Kind][] using [custom values][]. Note that this configuration should be used for test only and isn't recommended diff --git a/elasticsearch/examples/microk8s/README.md b/elasticsearch/examples/microk8s/README.md index 2b909e4ad..458ec1933 100644 --- a/elasticsearch/examples/microk8s/README.md +++ b/elasticsearch/examples/microk8s/README.md @@ -1,6 +1,6 @@ # MicroK8S -This example deploy a 3 nodes Elasticsearch 7.9.0-SNAPSHOT cluster on [MicroK8S][] +This example deploy a 3 nodes Elasticsearch 7.10.0-SNAPSHOT cluster on [MicroK8S][] using [custom values][]. Note that this configuration should be used for test only and isn't recommended diff --git a/elasticsearch/examples/minikube/README.md b/elasticsearch/examples/minikube/README.md index 4e11c894b..2bb6a2af1 100644 --- a/elasticsearch/examples/minikube/README.md +++ b/elasticsearch/examples/minikube/README.md @@ -1,6 +1,6 @@ # Minikube -This example deploy a 3 nodes Elasticsearch 7.9.0-SNAPSHOT cluster on [Minikube][] +This example deploy a 3 nodes Elasticsearch 7.10.0-SNAPSHOT cluster on [Minikube][] using [custom values][]. If helm or kubectl timeouts occur, you may consider creating a minikube VM with diff --git a/elasticsearch/examples/multi/README.md b/elasticsearch/examples/multi/README.md index 93521c56d..59df52d91 100644 --- a/elasticsearch/examples/multi/README.md +++ b/elasticsearch/examples/multi/README.md @@ -1,6 +1,6 @@ # Multi -This example deploy an Elasticsearch 7.9.0-SNAPSHOT cluster composed of 2 different Helm +This example deploy an Elasticsearch 7.10.0-SNAPSHOT cluster composed of 2 different Helm releases: - `helm-es-multi-master` for the 3 master nodes using [master values][] diff --git a/elasticsearch/examples/openshift/README.md b/elasticsearch/examples/openshift/README.md index 5ad3fb33f..73a057d14 100644 --- a/elasticsearch/examples/openshift/README.md +++ b/elasticsearch/examples/openshift/README.md @@ -1,6 +1,6 @@ # OpenShift -This example deploy a 3 nodes Elasticsearch 7.9.0-SNAPSHOT cluster on [OpenShift][] +This example deploy a 3 nodes Elasticsearch 7.10.0-SNAPSHOT cluster on [OpenShift][] using [custom values][]. ## Usage diff --git a/elasticsearch/examples/openshift/test/goss.yaml b/elasticsearch/examples/openshift/test/goss.yaml index 0d1725b8e..aec60565f 100644 --- a/elasticsearch/examples/openshift/test/goss.yaml +++ b/elasticsearch/examples/openshift/test/goss.yaml @@ -11,7 +11,7 @@ http: status: 200 timeout: 2000 body: - - '"number" : "7.9.0"' + - '"number" : "7.10.0"' - '"cluster_name" : "elasticsearch"' - '"name" : "elasticsearch-master-0"' - 'You Know, for Search' diff --git a/elasticsearch/examples/oss/README.md b/elasticsearch/examples/oss/README.md index 640d40f5a..c44667f36 100644 --- a/elasticsearch/examples/oss/README.md +++ b/elasticsearch/examples/oss/README.md @@ -1,6 +1,6 @@ # OSS -This example deploy a 3 nodes Elasticsearch 7.9.0-SNAPSHOT cluster using +This example deploy a 3 nodes Elasticsearch 7.10.0-SNAPSHOT cluster using [Elasticsearch OSS][] version. ## Usage diff --git a/elasticsearch/examples/oss/test/goss.yaml b/elasticsearch/examples/oss/test/goss.yaml index 0c5153395..fa7bc9147 100644 --- a/elasticsearch/examples/oss/test/goss.yaml +++ b/elasticsearch/examples/oss/test/goss.yaml @@ -11,7 +11,7 @@ http: status: 200 timeout: 2000 body: - - '"number" : "7.9.0-SNAPSHOT"' + - '"number" : "7.10.0-SNAPSHOT"' - '"cluster_name" : "oss"' - '"name" : "oss-master-0"' - 'You Know, for Search' diff --git a/elasticsearch/examples/security/README.md b/elasticsearch/examples/security/README.md index a0fc53509..b25b9c8e7 100644 --- a/elasticsearch/examples/security/README.md +++ b/elasticsearch/examples/security/README.md @@ -1,6 +1,6 @@ # Security -This example deploy a 3 nodes Elasticsearch 7.9.0-SNAPSHOT with authentication and +This example deploy a 3 nodes Elasticsearch 7.10.0-SNAPSHOT with authentication and autogenerated certificates for TLS (see [values][]). Note that this configuration should be used for test only. For a production diff --git a/elasticsearch/examples/upgrade/README.md b/elasticsearch/examples/upgrade/README.md index c7efc788d..44798eefc 100644 --- a/elasticsearch/examples/upgrade/README.md +++ b/elasticsearch/examples/upgrade/README.md @@ -1,7 +1,7 @@ # Upgrade This example will deploy a 3 node Elasticsearch cluster using an old chart version, -then upgrade it to version 7.9.0-SNAPSHOT. +then upgrade it to version 7.10.0-SNAPSHOT. The following upgrades are tested: - Upgrade from [7.0.0-alpha1][] version on K8S <1.16 @@ -11,7 +11,7 @@ not compatible with K8S >= 1.16) ## Usage -Running `make install` command will do first install and 7.9.0-SNAPSHOT upgrade. +Running `make install` command will do first install and 7.10.0-SNAPSHOT upgrade. Note: [jq][] is a requirement for this make target. diff --git a/elasticsearch/examples/upgrade/test/goss.yaml b/elasticsearch/examples/upgrade/test/goss.yaml index 32436c811..b44cd445c 100644 --- a/elasticsearch/examples/upgrade/test/goss.yaml +++ b/elasticsearch/examples/upgrade/test/goss.yaml @@ -11,7 +11,7 @@ http: status: 200 timeout: 2000 body: - - '"number" : "7.9.0-SNAPSHOT"' + - '"number" : "7.10.0-SNAPSHOT"' - '"cluster_name" : "upgrade"' - '"name" : "upgrade-master-0"' - 'You Know, for Search' diff --git a/elasticsearch/values.yaml b/elasticsearch/values.yaml index 7034ba296..fc569440a 100755 --- a/elasticsearch/values.yaml +++ b/elasticsearch/values.yaml @@ -51,7 +51,7 @@ secretMounts: [] # defaultMode: 0755 image: "docker.elastic.co/elasticsearch/elasticsearch" -imageTag: "7.9.0-SNAPSHOT" +imageTag: "7.10.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" podAnnotations: {} diff --git a/filebeat/Chart.yaml b/filebeat/Chart.yaml index d9eb77476..99aff3d96 100755 --- a/filebeat/Chart.yaml +++ b/filebeat/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: filebeat -version: 7.9.0-SNAPSHOT -appVersion: 7.9.0-SNAPSHOT +version: 7.10.0-SNAPSHOT +appVersion: 7.10.0-SNAPSHOT sources: - https://github.com/elastic/beats icon: https://helm.elastic.co/icons/beats.png diff --git a/filebeat/README.md b/filebeat/README.md index da25ccab1..9ab275859 100644 --- a/filebeat/README.md +++ b/filebeat/README.md @@ -14,7 +14,7 @@ for released version. - [Requirements](#requirements) - [Installing](#installing) - [Install released version using Helm repository](#install-released-version-using-helm-repository) - - [Install development version using 7.x branch and 7.9.0-SNAPSHOT versions](#install-development-version-using-7x-branch-and-790-snapshot-versions) + - [Install development version using 7.x branch and 7.10.0-SNAPSHOT versions](#install-development-version-using-7x-branch-and-7100-snapshot-versions) - [Upgrading](#upgrading) - [Usage notes](#usage-notes) - [Configuration](#configuration) @@ -40,7 +40,7 @@ See [supported configurations][] for more details. ## Installing -This chart is tested with the latest 7.9.0-SNAPSHOT versions. +This chart is tested with the latest 7.10.0-SNAPSHOT versions. ### Install released version using Helm repository @@ -50,7 +50,7 @@ This chart is tested with the latest 7.9.0-SNAPSHOT versions. * Install the latest 7.7 release: `helm install --name filebeat elastic/filebeat` -### Install development version using 7.x branch and 7.9.0-SNAPSHOT versions +### Install development version using 7.x branch and 7.10.0-SNAPSHOT versions * Clone the git repo: `git clone git@github.com:elastic/helm-charts.git` @@ -102,7 +102,7 @@ as a reference. They are also used in the automated testing of this chart. | `hostPathRoot` | Fully-qualified [hostPath][] that will be used to persist Filebeat registry data | `/var/lib` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The Filebeat Docker image tag | `7.9.0-SNAPSHOT` | +| `imageTag` | The Filebeat Docker image tag | `7.10.0-SNAPSHOT` | | `image` | The Filebeat Docker image | `docker.elastic.co/beats/filebeat` | | `labels` | Configurable [labels][] applied to all Filebeat pods | `{}` | | `livenessProbe` | Parameters to pass to liveness [probe][] checks for values such as timeouts and thresholds | see [values.yaml][] | diff --git a/filebeat/examples/default/README.md b/filebeat/examples/default/README.md index 44189bf66..86e238e57 100644 --- a/filebeat/examples/default/README.md +++ b/filebeat/examples/default/README.md @@ -1,6 +1,6 @@ # Default -This example deploy Filebeat 7.9.0-SNAPSHOT using [default values][]. +This example deploy Filebeat 7.10.0-SNAPSHOT using [default values][]. ## Usage diff --git a/filebeat/examples/default/test/goss.yaml b/filebeat/examples/default/test/goss.yaml index 998df2a4f..e319fe7e5 100644 --- a/filebeat/examples/default/test/goss.yaml +++ b/filebeat/examples/default/test/goss.yaml @@ -29,7 +29,7 @@ http: status: 200 timeout: 2000 body: - - 'filebeat-7.9.0' + - 'filebeat-7.10.0' file: /usr/share/filebeat/filebeat.yml: @@ -44,4 +44,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: http://elasticsearch-master:9200' - - 'version: 7.9.0' + - 'version: 7.10.0' diff --git a/filebeat/examples/oss/README.md b/filebeat/examples/oss/README.md index e7923ec2c..d2e0df24f 100644 --- a/filebeat/examples/oss/README.md +++ b/filebeat/examples/oss/README.md @@ -1,6 +1,6 @@ # OSS -This example deploy Filebeat 7.9.0-SNAPSHOT using [Filebeat OSS][] version. +This example deploy Filebeat 7.10.0-SNAPSHOT using [Filebeat OSS][] version. ## Usage diff --git a/filebeat/examples/oss/test/goss.yaml b/filebeat/examples/oss/test/goss.yaml index 1c1ba79a7..b2cbc2345 100644 --- a/filebeat/examples/oss/test/goss.yaml +++ b/filebeat/examples/oss/test/goss.yaml @@ -19,4 +19,4 @@ http: status: 200 timeout: 2000 body: - - 'filebeat-7.9.0' + - 'filebeat-7.10.0' diff --git a/filebeat/examples/security/README.md b/filebeat/examples/security/README.md index 7c6c06ecb..954791c91 100644 --- a/filebeat/examples/security/README.md +++ b/filebeat/examples/security/README.md @@ -1,6 +1,6 @@ # Security -This example deploy Filebeat 7.9.0-SNAPSHOT using authentication and TLS to connect to +This example deploy Filebeat 7.10.0-SNAPSHOT using authentication and TLS to connect to Elasticsearch (see [values][]). diff --git a/filebeat/examples/security/test/goss.yaml b/filebeat/examples/security/test/goss.yaml index 00ae925da..44a6f89ee 100644 --- a/filebeat/examples/security/test/goss.yaml +++ b/filebeat/examples/security/test/goss.yaml @@ -3,7 +3,7 @@ http: status: 200 timeout: 2000 body: - - 'filebeat-7.9.0' + - 'filebeat-7.10.0' allow-insecure: true username: '{{ .Env.ELASTICSEARCH_USERNAME }}' password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' diff --git a/filebeat/values.yaml b/filebeat/values.yaml index efa81910a..fbb26ece5 100755 --- a/filebeat/values.yaml +++ b/filebeat/values.yaml @@ -52,7 +52,7 @@ envFrom: [] hostPathRoot: /var/lib hostNetworking: false image: "docker.elastic.co/beats/filebeat" -imageTag: "7.9.0-SNAPSHOT" +imageTag: "7.10.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" imagePullSecrets: [] diff --git a/helpers/bumper.py b/helpers/bumper.py index 34ffbd7d6..799f8b17d 100755 --- a/helpers/bumper.py +++ b/helpers/bumper.py @@ -20,7 +20,7 @@ os.chdir(os.path.join(os.path.dirname(__file__), "..")) versions = { - 7: os.environ.get("BUMPER_VERSION_7", "7.9.0-SNAPSHOT"), + 7: os.environ.get("BUMPER_VERSION_7", "7.10.0-SNAPSHOT"), } chart_version = versions[7] diff --git a/helpers/examples.mk b/helpers/examples.mk index 446f4f179..3857f9047 100644 --- a/helpers/examples.mk +++ b/helpers/examples.mk @@ -1,7 +1,7 @@ GOSS_VERSION := v0.3.6 GOSS_FILE ?= goss.yaml GOSS_SELECTOR ?= release=$(RELEASE) -STACK_VERSION := 7.9.0-SNAPSHOT +STACK_VERSION := 7.10.0-SNAPSHOT .PHONY: help help: ## Display this help diff --git a/kibana/Chart.yaml b/kibana/Chart.yaml index 509403938..1f17d9328 100755 --- a/kibana/Chart.yaml +++ b/kibana/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: kibana -version: 7.9.0-SNAPSHOT -appVersion: 7.9.0-SNAPSHOT +version: 7.10.0-SNAPSHOT +appVersion: 7.10.0-SNAPSHOT sources: - https://github.com/elastic/kibana icon: https://helm.elastic.co/icons/kibana.png diff --git a/kibana/README.md b/kibana/README.md index 3b78f3ef8..cad9948bf 100644 --- a/kibana/README.md +++ b/kibana/README.md @@ -14,7 +14,7 @@ for released version. - [Requirements](#requirements) - [Installing](#installing) - [Install released version using Helm repository](#install-released-version-using-helm-repository) - - [Install development version using 7.x branch and 7.9.0-SNAPSHOT versions](#install-development-version-using-7x-branch-and-790-snapshot-versions) + - [Install development version using 7.x branch and 7.10.0-SNAPSHOT versions](#install-development-version-using-7x-branch-and-7100-snapshot-versions) - [Upgrading](#upgrading) - [Usage notes](#usage-notes) - [Configuration](#configuration) @@ -41,7 +41,7 @@ See [supported configurations][] for more details. ## Installing -This chart is tested with the latest 7.9.0-SNAPSHOT versions. +This chart is tested with the latest 7.10.0-SNAPSHOT versions. ### Install released version using Helm repository @@ -51,7 +51,7 @@ This chart is tested with the latest 7.9.0-SNAPSHOT versions. * Install the latest 7.7 release: `helm install --name kibana elastic/kibana` -### Install development version using 7.x branch and 7.9.0-SNAPSHOT versions +### Install development version using 7.x branch and 7.10.0-SNAPSHOT versions * Clone the git repo: `git clone git@github.com:elastic/helm-charts.git` @@ -88,7 +88,7 @@ as a reference. They are also used in the automated testing of this chart. | `httpPort` | The http port that Kubernetes will use for the healthchecks and the service | `5601` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][]value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The Kibana Docker image tag | `7.9.0-SNAPSHOT` | +| `imageTag` | The Kibana Docker image tag | `7.10.0-SNAPSHOT` | | `image` | The Kibana Docker image | `docker.elastic.co/kibana/kibana` | | `ingress` | Configurable [ingress][] to expose the Kibana service. | see [values.yaml][] | | `kibanaConfig` | Allows you to add any config files in `/usr/share/kibana/config/` such as `kibana.yml` See [values.yaml][] for an example of the formatting | `{}` | diff --git a/kibana/examples/default/README.md b/kibana/examples/default/README.md index 0f2c1fd62..4e9b4a83d 100644 --- a/kibana/examples/default/README.md +++ b/kibana/examples/default/README.md @@ -1,6 +1,6 @@ # Default -This example deploy Kibana 7.9.0-SNAPSHOT using [default values][]. +This example deploy Kibana 7.10.0-SNAPSHOT using [default values][]. ## Usage diff --git a/kibana/examples/default/test/goss.yaml b/kibana/examples/default/test/goss.yaml index 301d1fa22..f80f67521 100644 --- a/kibana/examples/default/test/goss.yaml +++ b/kibana/examples/default/test/goss.yaml @@ -3,7 +3,7 @@ http: status: 200 timeout: 2000 body: - - '"number":"7.9.0"' + - '"number":"7.10.0"' http://localhost:5601/app/kibana: status: 200 diff --git a/kibana/examples/openshift/README.md b/kibana/examples/openshift/README.md index 56c7d73c4..582f9e844 100644 --- a/kibana/examples/openshift/README.md +++ b/kibana/examples/openshift/README.md @@ -1,6 +1,6 @@ # OpenShift -This example deploy Kibana 7.9.0-SNAPSHOT on [OpenShift][] using [custom values][]. +This example deploy Kibana 7.10.0-SNAPSHOT on [OpenShift][] using [custom values][]. ## Usage diff --git a/kibana/examples/oss/README.md b/kibana/examples/oss/README.md index 58fc7b09d..0f6d36790 100644 --- a/kibana/examples/oss/README.md +++ b/kibana/examples/oss/README.md @@ -1,6 +1,6 @@ # OSS -This example deploy Kibana 7.9.0-SNAPSHOT using [Kibana OSS][] version. +This example deploy Kibana 7.10.0-SNAPSHOT using [Kibana OSS][] version. ## Usage diff --git a/kibana/examples/security/README.md b/kibana/examples/security/README.md index c5cdc6037..02697e9aa 100644 --- a/kibana/examples/security/README.md +++ b/kibana/examples/security/README.md @@ -1,6 +1,6 @@ # Security -This example deploy Kibana 7.9.0-SNAPSHOT using authentication and TLS to connect to +This example deploy Kibana 7.10.0-SNAPSHOT using authentication and TLS to connect to Elasticsearch (see [values][]). diff --git a/kibana/values.yaml b/kibana/values.yaml index 24f5f9326..f2a2e7ab0 100755 --- a/kibana/values.yaml +++ b/kibana/values.yaml @@ -29,7 +29,7 @@ secretMounts: [] # subPath: kibana.keystore # optional image: "docker.elastic.co/kibana/kibana" -imageTag: "7.9.0-SNAPSHOT" +imageTag: "7.10.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" # additionals labels diff --git a/logstash/Chart.yaml b/logstash/Chart.yaml index 3d1426dd1..9cc96c030 100755 --- a/logstash/Chart.yaml +++ b/logstash/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: logstash -version: 7.9.0-SNAPSHOT -appVersion: 7.9.0-SNAPSHOT +version: 7.10.0-SNAPSHOT +appVersion: 7.10.0-SNAPSHOT sources: - https://github.com/elastic/logstash icon: https://helm.elastic.co/icons/logstash.png diff --git a/logstash/README.md b/logstash/README.md index a38c7a381..00fb85d37 100644 --- a/logstash/README.md +++ b/logstash/README.md @@ -19,7 +19,7 @@ for released version. - [Requirements](#requirements) - [Installing](#installing) - [Install released version using Helm repository](#install-released-version-using-helm-repository) - - [Install development version using 7.x branch and 7.9.0-SNAPSHOT versions](#install-development-version-using-7x-branch-and-790-snapshot-versions) + - [Install development version using 7.x branch and 7.10.0-SNAPSHOT versions](#install-development-version-using-7x-branch-and-7100-snapshot-versions) - [Upgrading](#upgrading) - [Usage notes](#usage-notes) - [Configuration](#configuration) @@ -43,7 +43,7 @@ See [supported configurations][] for more details. ## Installing -This chart is tested with the latest 7.9.0-SNAPSHOT versions. +This chart is tested with the latest 7.10.0-SNAPSHOT versions. ### Install released version using Helm repository @@ -53,7 +53,7 @@ This chart is tested with the latest 7.9.0-SNAPSHOT versions. * Install the latest 7.7 release: `helm install --name logstash elastic/logstash` -### Install development version using 7.x branch and 7.9.0-SNAPSHOT versions +### Install development version using 7.x branch and 7.10.0-SNAPSHOT versions * Clone the git repo: `git clone git@github.com:elastic/helm-charts.git` @@ -111,7 +111,7 @@ using `http.host: 127.0.0.1`, default probes should be disabled or overrided | `httpPort` | The http port that Kubernetes will use for the healthchecks and the service | `9600` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The Logstash Docker image tag | `7.9.0-SNAPSHOT` | +| `imageTag` | The Logstash Docker image tag | `7.10.0-SNAPSHOT` | | `image` | The Logstash Docker image | `docker.elastic.co/logstash/logstash` | | `labels` | Configurable [labels][] applied to all Logstash pods | `{}` | | `lifecycle` | Allows you to add lifecycle configuration. See [values.yaml][] for an example of the formatting | `{}` | diff --git a/logstash/examples/default/README.md b/logstash/examples/default/README.md index 25d51f678..24c939115 100644 --- a/logstash/examples/default/README.md +++ b/logstash/examples/default/README.md @@ -1,6 +1,6 @@ # Default -This example deploy Logstash 7.9.0-SNAPSHOT using [default values][]. +This example deploy Logstash 7.10.0-SNAPSHOT using [default values][]. ## Usage diff --git a/logstash/examples/default/test/goss.yaml b/logstash/examples/default/test/goss.yaml index 32a775264..79118426c 100644 --- a/logstash/examples/default/test/goss.yaml +++ b/logstash/examples/default/test/goss.yaml @@ -10,7 +10,7 @@ http: timeout: 2000 body: - '"host" : "helm-logstash-default-logstash-0"' - - '"version" : "7.9.0"' + - '"version" : "7.10.0"' - '"http_address" : "0.0.0.0:9600"' - '"name" : "helm-logstash-default-logstash-0"' - '"status" : "green"' diff --git a/logstash/examples/elasticsearch/README.md b/logstash/examples/elasticsearch/README.md index a99ebbcd5..5537e7415 100644 --- a/logstash/examples/elasticsearch/README.md +++ b/logstash/examples/elasticsearch/README.md @@ -1,6 +1,6 @@ # Elasticsearch -This example deploy Logstash 7.9.0-SNAPSHOT which connects to Elasticsearch (see +This example deploy Logstash 7.10.0-SNAPSHOT which connects to Elasticsearch (see [values][]). diff --git a/logstash/examples/elasticsearch/test/goss.yaml b/logstash/examples/elasticsearch/test/goss.yaml index df088b1a7..3cbef9c83 100644 --- a/logstash/examples/elasticsearch/test/goss.yaml +++ b/logstash/examples/elasticsearch/test/goss.yaml @@ -22,7 +22,7 @@ http: timeout: 2000 body: - '"host" : "helm-logstash-elasticsearch-logstash-0"' - - '"version" : "7.9.0"' + - '"version" : "7.10.0"' - '"http_address" : "0.0.0.0:9600"' - '"name" : "helm-logstash-elasticsearch-logstash-0"' - '"status" : "green"' diff --git a/logstash/examples/oss/README.md b/logstash/examples/oss/README.md index f02a7618c..59b2330d9 100644 --- a/logstash/examples/oss/README.md +++ b/logstash/examples/oss/README.md @@ -1,6 +1,6 @@ # OSS -This example deploy Logstash 7.9.0-SNAPSHOT using [Logstash OSS][] version. +This example deploy Logstash 7.10.0-SNAPSHOT using [Logstash OSS][] version. ## Usage diff --git a/logstash/examples/oss/test/goss.yaml b/logstash/examples/oss/test/goss.yaml index 8ea6b310e..b80245b8a 100644 --- a/logstash/examples/oss/test/goss.yaml +++ b/logstash/examples/oss/test/goss.yaml @@ -10,7 +10,7 @@ http: timeout: 2000 body: - '"host" : "helm-logstash-oss-logstash-0"' - - '"version" : "7.9.0"' + - '"version" : "7.10.0"' - '"http_address" : "0.0.0.0:9600"' - '"name" : "helm-logstash-oss-logstash-0"' - '"status" : "green"' diff --git a/logstash/examples/security/test/goss.yaml b/logstash/examples/security/test/goss.yaml index 7a7f90702..ea89b1b22 100644 --- a/logstash/examples/security/test/goss.yaml +++ b/logstash/examples/security/test/goss.yaml @@ -22,7 +22,7 @@ http: timeout: 2000 body: - '"host" : "helm-logstash-security-logstash-0"' - - '"version" : "7.9.0"' + - '"version" : "7.10.0"' - '"http_address" : "0.0.0.0:9600"' - '"name" : "helm-logstash-security-logstash-0"' - '"status" : "green"' diff --git a/logstash/values.yaml b/logstash/values.yaml index 4fb8f18ed..fd2f8ee22 100755 --- a/logstash/values.yaml +++ b/logstash/values.yaml @@ -60,7 +60,7 @@ secrets: [] secretMounts: [] image: "docker.elastic.co/logstash/logstash" -imageTag: "7.9.0-SNAPSHOT" +imageTag: "7.10.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" imagePullSecrets: [] diff --git a/metricbeat/Chart.yaml b/metricbeat/Chart.yaml index aab9c85ce..076b28bac 100755 --- a/metricbeat/Chart.yaml +++ b/metricbeat/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: metricbeat -version: 7.9.0-SNAPSHOT -appVersion: 7.9.0-SNAPSHOT +version: 7.10.0-SNAPSHOT +appVersion: 7.10.0-SNAPSHOT sources: - https://github.com/elastic/beats icon: https://helm.elastic.co/icons/beats.png diff --git a/metricbeat/README.md b/metricbeat/README.md index 770985fd6..c1db47f21 100644 --- a/metricbeat/README.md +++ b/metricbeat/README.md @@ -14,7 +14,7 @@ for released version. - [Requirements](#requirements) - [Installing](#installing) - [Install released version using Helm repository](#install-released-version-using-helm-repository) - - [Install development version using 7.x branch and 7.9.0-SNAPSHOT versions](#install-development-version-using-7x-branch-and-790-snapshot-versions) + - [Install development version using 7.x branch and 7.10.0-SNAPSHOT versions](#install-development-version-using-7x-branch-and-7100-snapshot-versions) - [Upgrading](#upgrading) - [Usage notes](#usage-notes) - [Configuration](#configuration) @@ -40,7 +40,7 @@ See [supported configurations][] for more details. ## Installing -This chart is tested with the latest 7.9.0-SNAPSHOT versions. +This chart is tested with the latest 7.10.0-SNAPSHOT versions. ### Install released version using Helm repository @@ -50,7 +50,7 @@ This chart is tested with the latest 7.9.0-SNAPSHOT versions. * Install the latest 7.7 release: `helm install --name metricbeat elastic/metricbeat` -### Install development version using 7.x branch and 7.9.0-SNAPSHOT versions +### Install development version using 7.x branch and 7.10.0-SNAPSHOT versions * Clone the git repo: `git clone git@github.com:elastic/helm-charts.git` @@ -120,7 +120,7 @@ as a reference. They are also used in the automated testing of this chart. | `hostPathRoot` | Fully-qualified [hostPath][] that will be used to persist Metricbeat registry data | `/var/lib` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The Metricbeat Docker image tag | `7.9.0-SNAPSHOT` | +| `imageTag` | The Metricbeat Docker image tag | `7.10.0-SNAPSHOT` | | `image` | The Metricbeat Docker image | `docker.elastic.co/beats/metricbeat` | | `kube_state_metrics.enabled` | Install [kube-state-metrics](https://github.com/helm/charts/tree/master/stable/kube-state-metrics) as a dependency | `true` | | `kube_state_metrics.host` | Define kube-state-metrics endpoint for an existing deployment. Works only if `kube_state_metrics.enabled: false` | `""` | diff --git a/metricbeat/examples/default/README.md b/metricbeat/examples/default/README.md index 98f7a3448..c500dce11 100644 --- a/metricbeat/examples/default/README.md +++ b/metricbeat/examples/default/README.md @@ -1,6 +1,6 @@ # Default -This example deploy Metricbeat 7.9.0-SNAPSHOT using [default values][]. +This example deploy Metricbeat 7.10.0-SNAPSHOT using [default values][]. ## Usage diff --git a/metricbeat/examples/default/test/goss-metrics.yaml b/metricbeat/examples/default/test/goss-metrics.yaml index 3d2f428b4..2fe8c091b 100644 --- a/metricbeat/examples/default/test/goss-metrics.yaml +++ b/metricbeat/examples/default/test/goss-metrics.yaml @@ -21,13 +21,13 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.9.0' + - 'metricbeat-7.10.0' 'http://elasticsearch-master:9200/_search?q=metricset.name:state_container%20AND%20kubernetes.container.name:metricbeat': status: 200 timeout: 2000 body: - - 'metricbeat-7.9.0' + - 'metricbeat-7.10.0' file: /usr/share/metricbeat/metricbeat.yml: @@ -41,4 +41,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: http://elasticsearch-master:9200' - - 'version: 7.9.0' + - 'version: 7.10.0' diff --git a/metricbeat/examples/default/test/goss.yaml b/metricbeat/examples/default/test/goss.yaml index da7e26905..6409430fc 100644 --- a/metricbeat/examples/default/test/goss.yaml +++ b/metricbeat/examples/default/test/goss.yaml @@ -25,12 +25,12 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.9.0' + - 'metricbeat-7.10.0' 'http://elasticsearch-master:9200/_search?q=metricset.name:container%20AND%20kubernetes.container.name:metricbeat': status: 200 timeout: 2000 body: - - 'metricbeat-7.9.0' + - 'metricbeat-7.10.0' file: /usr/share/metricbeat/metricbeat.yml: @@ -45,4 +45,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: http://elasticsearch-master:9200' - - 'version: 7.9.0' + - 'version: 7.10.0' diff --git a/metricbeat/examples/oss/README.md b/metricbeat/examples/oss/README.md index 448adfbe7..660c5e452 100644 --- a/metricbeat/examples/oss/README.md +++ b/metricbeat/examples/oss/README.md @@ -1,6 +1,6 @@ # OSS -This example deploy Metricbeat 7.9.0-SNAPSHOT using [Metricbeat OSS][] version. +This example deploy Metricbeat 7.10.0-SNAPSHOT using [Metricbeat OSS][] version. ## Usage diff --git a/metricbeat/examples/oss/test/goss-metrics.yaml b/metricbeat/examples/oss/test/goss-metrics.yaml index bbc8020ec..0cf994438 100644 --- a/metricbeat/examples/oss/test/goss-metrics.yaml +++ b/metricbeat/examples/oss/test/goss-metrics.yaml @@ -21,12 +21,12 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.9.0' + - 'metricbeat-7.10.0' http://oss-master:9200/_search?q=metricset.name:state_deployment: status: 200 timeout: 2000 body: - - 'metricbeat-7.9.0' + - 'metricbeat-7.10.0' file: /usr/share/metricbeat/metricbeat.yml: @@ -39,4 +39,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: http://oss-master:9200' - - 'version: 7.9.0' + - 'version: 7.10.0' diff --git a/metricbeat/examples/oss/test/goss.yaml b/metricbeat/examples/oss/test/goss.yaml index 609c4bdf5..eafd69b42 100644 --- a/metricbeat/examples/oss/test/goss.yaml +++ b/metricbeat/examples/oss/test/goss.yaml @@ -25,12 +25,12 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.9.0' + - 'metricbeat-7.10.0' http://oss-master:9200/_search?q=metricset.name:container: status: 200 timeout: 2000 body: - - 'metricbeat-7.9.0' + - 'metricbeat-7.10.0' file: /usr/share/metricbeat/metricbeat.yml: @@ -44,4 +44,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: http://oss-master:9200' - - 'version: 7.9.0' + - 'version: 7.10.0' diff --git a/metricbeat/examples/security/README.md b/metricbeat/examples/security/README.md index 91ab027b8..fe44f7172 100644 --- a/metricbeat/examples/security/README.md +++ b/metricbeat/examples/security/README.md @@ -1,6 +1,6 @@ # Security -This example deploy Metricbeat 7.9.0-SNAPSHOT using authentication and TLS to connect to +This example deploy Metricbeat 7.10.0-SNAPSHOT using authentication and TLS to connect to Elasticsearch (see [values][]). diff --git a/metricbeat/examples/security/test/goss-metrics.yaml b/metricbeat/examples/security/test/goss-metrics.yaml index aeb2910e4..ec617850f 100644 --- a/metricbeat/examples/security/test/goss-metrics.yaml +++ b/metricbeat/examples/security/test/goss-metrics.yaml @@ -21,7 +21,7 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.9.0' + - 'metricbeat-7.10.0' allow-insecure: true username: '{{ .Env.ELASTICSEARCH_USERNAME }}' password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' @@ -29,7 +29,7 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.9.0' + - 'metricbeat-7.10.0' allow-insecure: true username: '{{ .Env.ELASTICSEARCH_USERNAME }}' password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' @@ -45,4 +45,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: https://security-master:9200' - - 'version: 7.9.0' + - 'version: 7.10.0' diff --git a/metricbeat/examples/security/test/goss.yaml b/metricbeat/examples/security/test/goss.yaml index e2e5c2779..c511ddab2 100644 --- a/metricbeat/examples/security/test/goss.yaml +++ b/metricbeat/examples/security/test/goss.yaml @@ -25,7 +25,7 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.9.0' + - 'metricbeat-7.10.0' allow-insecure: true username: '{{ .Env.ELASTICSEARCH_USERNAME }}' password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' @@ -33,7 +33,7 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.9.0' + - 'metricbeat-7.10.0' allow-insecure: true username: '{{ .Env.ELASTICSEARCH_USERNAME }}' password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' @@ -50,4 +50,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: https://security-master:9200' - - 'version: 7.9.0' + - 'version: 7.10.0' diff --git a/metricbeat/values.yaml b/metricbeat/values.yaml index 7362cc0b9..6e2e04cef 100755 --- a/metricbeat/values.yaml +++ b/metricbeat/values.yaml @@ -167,7 +167,7 @@ extraInitContainers: "" hostPathRoot: /var/lib image: "docker.elastic.co/beats/metricbeat" -imageTag: "7.9.0-SNAPSHOT" +imageTag: "7.10.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" imagePullSecrets: [] From 8555428ebee7cd8b63799505600e103b970e4716 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Tue, 28 Jul 2020 18:19:13 +0200 Subject: [PATCH 066/151] [meta] add slack notifications to CI jobs (#760) This commit add Slack notifications to Elastic Release team Slack channel for helm-charts branch and staging job templates. --- .ci/jobs.t/elastic+helm-charts+{branch}+staging.yml | 7 +++++++ .ci/jobs.t/elastic+helm-charts+{branch}.yml | 7 +++++++ 2 files changed, 14 insertions(+) diff --git a/.ci/jobs.t/elastic+helm-charts+{branch}+staging.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+staging.yml index 2cef76997..5b8bc8bc9 100644 --- a/.ci/jobs.t/elastic+helm-charts+{branch}+staging.yml +++ b/.ci/jobs.t/elastic+helm-charts+{branch}+staging.yml @@ -44,3 +44,10 @@ - project: elastic+helm-charts+%BRANCH%+staging+cluster-cleanup current-parameters: true trigger-with-no-params: false + - slack: + notify-back-to-normal: True + notify-every-failure: True + room: infra-release-notify + team-domain: elastic + auth-token-id: release-slack-integration-token + auth-token-credential-id: release-slack-integration-token diff --git a/.ci/jobs.t/elastic+helm-charts+{branch}.yml b/.ci/jobs.t/elastic+helm-charts+{branch}.yml index f526b0db9..3b02beb85 100644 --- a/.ci/jobs.t/elastic+helm-charts+{branch}.yml +++ b/.ci/jobs.t/elastic+helm-charts+{branch}.yml @@ -46,3 +46,10 @@ - project: elastic+helm-charts+%BRANCH%+cluster-cleanup current-parameters: false trigger-with-no-params: true + - slack: + notify-back-to-normal: True + notify-every-failure: True + room: infra-release-notify + team-domain: elastic + auth-token-id: release-slack-integration-token + auth-token-credential-id: release-slack-integration-token From 8acfe40ffb575b76864316c0eb52f9dff81af3ae Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Tue, 28 Jul 2020 18:27:10 +0200 Subject: [PATCH 067/151] [doc] update doc links (#758) --- elasticsearch/README.md | 7 +++---- elasticsearch/examples/migration/README.md | 4 ++-- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/elasticsearch/README.md b/elasticsearch/README.md index 5fabf48bf..5cfab8b38 100644 --- a/elasticsearch/README.md +++ b/elasticsearch/README.md @@ -347,9 +347,8 @@ automated testing pipeline. 2. Add any required secrets or credentials into an Elasticsearch keystore following the [how to use the keystore][] guide. 3. Configure the [snapshot repository][] as you normally would. -4. To automate snapshots you can use a tool like [curator][]. In the future -there are plans to have Elasticsearch manage automated snapshots with -[Snapshot Lifecycle Management][]. +4. To automate snapshots you can use [Snapshot Lifecycle Management][] or a tool +like [curator][]. ### How to configure templates post-deployment? @@ -445,7 +444,7 @@ about our development and testing process. [secret]: https://kubernetes.io/docs/concepts/configuration/secret/#using-secrets [securityContext]: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ [service types]: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types -[snapshot lifecycle management]: https://github.com/elastic/elasticsearch/issues/38461 +[snapshot lifecycle management]: https://www.elastic.co/guide/en/elasticsearch/reference/7.x/snapshot-lifecycle-management.html [snapshot plugin]: https://www.elastic.co/guide/en/elasticsearch/plugins/7.x/repository.html [snapshot repository]: https://www.elastic.co/guide/en/elasticsearch/reference/7.x/modules-snapshots.html [supported configurations]: https://github.com/elastic/helm-charts/tree/7.x/README.md#supported-configurations diff --git a/elasticsearch/examples/migration/README.md b/elasticsearch/examples/migration/README.md index 59e07e21d..fc417f1ee 100644 --- a/elasticsearch/examples/migration/README.md +++ b/elasticsearch/examples/migration/README.md @@ -163,5 +163,5 @@ working correctly you can cleanup leftover resources from your old cluster. [data.yml]: https://github.com/elastic/helm-charts/blob/7.x/elasticsearch/examples/migration/data.yml [helm/charts]: https://github.com/helm/charts/tree/master/stable/elasticsearch [master.yml]: https://github.com/elastic/helm-charts/blob/7.x/elasticsearch/examples/migration/master.yml -[restoring to a different cluster guide]: https://www.elastic.co/guide/en/elasticsearch/reference/6.6/modules-snapshots.html#_restoring_to_a_different_cluster -[rolling upgrades guide]: https://www.elastic.co/guide/en/elasticsearch/reference/6.6/rolling-upgrades.html +[restoring to a different cluster guide]: https://www.elastic.co/guide/en/elasticsearch/reference/6.8/modules-snapshots.html#_restoring_to_a_different_cluster +[rolling upgrades guide]: https://www.elastic.co/guide/en/elasticsearch/reference/6.8/rolling-upgrades.html From e59d4f2f45dd0179e279cabd16b690adeabc319c Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Wed, 29 Jul 2020 07:29:03 +0200 Subject: [PATCH 068/151] [meta] add helm 3 beta support (#759) This PR add Helm 3 support in preview as the main blockers were fixed in previous PR. Note that adding automated tests with Helm 3 is still required to add full Helm 3 support. --- README.md | 8 +++++++- apm-server/README.md | 11 ++++++++--- elasticsearch/README.md | 11 ++++++++--- filebeat/README.md | 11 ++++++++--- kibana/README.md | 11 ++++++++--- logstash/README.md | 11 ++++++++--- metricbeat/README.md | 11 ++++++++--- 7 files changed, 55 insertions(+), 19 deletions(-) diff --git a/README.md b/README.md index 7dc4f21cd..bbc8cf1d0 100644 --- a/README.md +++ b/README.md @@ -11,6 +11,7 @@ - [Support Matrix](#support-matrix) - [Kubernetes Versions](#kubernetes-versions) - [Helm versions](#helm-versions) + - [Helm 3 beta](#helm-3-beta) - [ECK](#eck) @@ -76,7 +77,12 @@ exact versions are defined under `KUBERNETES_VERSIONS` in While we are checking backward compatibility, the charts are only tested with Helm version mentioned in [helm-tester Dockerfile][] (currently 2.16.9). -Note that we don't support [Helm 3][] version. + +#### Helm 3 beta + +While we don't have automated tests for [Helm 3][] yet, we fixed the main +blockers to use it. We now have enough feedbacks from internal and external +users to add support in beta. ## ECK diff --git a/apm-server/README.md b/apm-server/README.md index 59a380a31..4f72cd488 100644 --- a/apm-server/README.md +++ b/apm-server/README.md @@ -50,14 +50,18 @@ This chart is tested with the latest 7.10.0-SNAPSHOT versions. * Add the Elastic Helm charts repo: `helm repo add elastic https://helm.elastic.co` -* Install the latest 7.7 release: -`helm install --name apm-server elastic/apm-server` +* Install it: + - with Helm 2: `helm install --name apm-server elastic/apm-server` + - with [Helm 3 (beta)][]: `helm install apm-server elastic/apm-server` + ### Install development version using 7.x branch and 7.10.0-SNAPSHOT versions * Clone the git repo: `git clone git@github.com:elastic/helm-charts.git` -* Install it: `helm install --name apm-server ./helm-charts/apm-server` +* Install it: + - with Helm 2: `helm install --name apm-server ./helm-charts/apm-server --set imageTag=7.10.0-SNAPSHOT` + - with [Helm 3 (beta)][]: `helm install apm-server ./helm-charts/apm-server --set imageTag=7.10.0-SNAPSHOT` ## Upgrading @@ -159,6 +163,7 @@ about our development and testing process. [examples/oss]: https://github.com/elastic/helm-charts/tree/7.x/apm-server/examples/oss [examples/security]: https://github.com/elastic/helm-charts/tree/7.x/apm-server/examples/security [helm]: https://helm.sh +[helm 3 (beta)]: https://github.com/elastic/helm-charts/tree/master/README.md#helm-3-beta [horizontal pod autoscaler]: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ [imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images [imagePullSecrets]: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret diff --git a/elasticsearch/README.md b/elasticsearch/README.md index 5cfab8b38..9070d4f37 100644 --- a/elasticsearch/README.md +++ b/elasticsearch/README.md @@ -60,14 +60,18 @@ This chart is tested with the latest 7.10.0-SNAPSHOT versions. * Add the Elastic Helm charts repo: `helm repo add elastic https://helm.elastic.co` -* Install the latest 7.7 release: -`helm install --name elasticsearch elastic/elasticsearch` +* Install it: + - with Helm 2: `helm install --name elasticsearch elastic/elasticsearch` + - with [Helm 3 (beta)][]: `helm install elasticsearch elastic/elasticsearch` + ### Install development version using 7.x branch and 7.10.0-SNAPSHOT versions * Clone the git repo: `git clone git@github.com:elastic/helm-charts.git` -* Install it: `helm install --name elasticsearch ./helm-charts/elasticsearch` +* Install it: + - with Helm 2: `helm install --name elasticsearch ./helm-charts/elasticsearch --set imageTag=7.10.0-SNAPSHOT` + - with [Helm 3 (beta)][]: `helm install elasticsearch ./helm-charts/elasticsearch --set imageTag=7.10.0-SNAPSHOT` ## Upgrading @@ -410,6 +414,7 @@ about our development and testing process. [examples/security]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/security [gke]: https://cloud.google.com/kubernetes-engine [helm]: https://helm.sh +[helm 3 (beta)]: https://github.com/elastic/helm-charts/tree/master/README.md#helm-3-beta [helm/charts stable]: https://github.com/helm/charts/tree/master/stable/elasticsearch/ [how to install plugins guide]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/README.md#how-to-install-plugins [how to use the keystore]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/README.md#how-to-use-the-keystore diff --git a/filebeat/README.md b/filebeat/README.md index 9ab275859..61699b741 100644 --- a/filebeat/README.md +++ b/filebeat/README.md @@ -47,14 +47,18 @@ This chart is tested with the latest 7.10.0-SNAPSHOT versions. * Add the Elastic Helm charts repo: `helm repo add elastic https://helm.elastic.co` -* Install the latest 7.7 release: -`helm install --name filebeat elastic/filebeat` +* Install it: + - with Helm 2: `helm install --name filebeat elastic/filebeat` + - with [Helm 3 (beta)][]: `helm install filebeat elastic/filebeat` + ### Install development version using 7.x branch and 7.10.0-SNAPSHOT versions * Clone the git repo: `git clone git@github.com:elastic/helm-charts.git` -* Install it: `helm install --name filebeat ./helm-charts/filebeat` +* Install it: + - with Helm 2: `helm install --name filebeat ./helm-charts/filebeat --set imageTag=7.10.0-SNAPSHOT` + - with [Helm 3 (beta)][]: `helm install filebeat ./helm-charts/filebeat --set imageTag=7.10.0-SNAPSHOT` ## Upgrading @@ -198,6 +202,7 @@ about our development and testing process. [filebeat oss docker image]: https://www.docker.elastic.co/r/beats/filebeat-oss [filebeat outputs]: https://www.elastic.co/guide/en/beats/filebeat/7.x/configuring-output.html [helm]: https://helm.sh +[helm 3 (beta)]: https://github.com/elastic/helm-charts/tree/master/README.md#helm-3-beta [hostNetwork]: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#host-namespaces [hostPath]: https://kubernetes.io/docs/concepts/storage/volumes/#hostpath [imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images diff --git a/kibana/README.md b/kibana/README.md index cad9948bf..e2b7eec84 100644 --- a/kibana/README.md +++ b/kibana/README.md @@ -48,14 +48,18 @@ This chart is tested with the latest 7.10.0-SNAPSHOT versions. * Add the Elastic Helm charts repo: `helm repo add elastic https://helm.elastic.co` -* Install the latest 7.7 release: -`helm install --name kibana elastic/kibana` +* Install it: + - with Helm 2: `helm install --name kibana elastic/kibana` + - with [Helm 3 (beta)][]: `helm install kibana elastic/kibana` + ### Install development version using 7.x branch and 7.10.0-SNAPSHOT versions * Clone the git repo: `git clone git@github.com:elastic/helm-charts.git` -* Install it: `helm install --name kibana ./helm-charts/kibana` +* Install it: + - with Helm 2: `helm install --name kibana ./helm-charts/kibana --set imageTag=7.10.0-SNAPSHOT` + - with [Helm 3 (beta)][]: `helm install kibana ./helm-charts/kibana --set imageTag=7.10.0-SNAPSHOT` ## Upgrading @@ -214,6 +218,7 @@ about our development and testing process. [examples/security]: https://github.com/elastic/helm-charts/tree/7.x/kibana/examples/security [gke]: https://cloud.google.com/kubernetes-engine [helm]: https://helm.sh +[helm 3 (beta)]: https://github.com/elastic/helm-charts/tree/master/README.md#helm-3-beta [imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images [imagePullSecrets]: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret [ingress]: https://kubernetes.io/docs/concepts/services-networking/ingress/ diff --git a/logstash/README.md b/logstash/README.md index 00fb85d37..92cd3a59d 100644 --- a/logstash/README.md +++ b/logstash/README.md @@ -50,14 +50,18 @@ This chart is tested with the latest 7.10.0-SNAPSHOT versions. * Add the Elastic Helm charts repo: `helm repo add elastic https://helm.elastic.co` -* Install the latest 7.7 release: -`helm install --name logstash elastic/logstash` +* Install it: + - with Helm 2: `helm install --name logstash elastic/logstash` + - with [Helm 3 (beta)][]: `helm install logstash elastic/logstash` + ### Install development version using 7.x branch and 7.10.0-SNAPSHOT versions * Clone the git repo: `git clone git@github.com:elastic/helm-charts.git` -* Install it: `helm install --name logstash ./helm-charts/logstash` +* Install it: + - with Helm 2: `helm install --name logstash ./helm-charts/logstash --set imageTag=7.10.0-SNAPSHOT` + - with [Helm 3 (beta)][]: `helm install logstash ./helm-charts/logstash --set imageTag=7.10.0-SNAPSHOT` ## Upgrading @@ -199,6 +203,7 @@ about our development and testing process. [examples]: https://github.com/elastic/helm-charts/tree/7.x/logstash/examples [examples/oss]: https://github.com/elastic/helm-charts/tree/7.x/logstash/examples/oss [helm]: https://helm.sh +[helm 3 (beta)]: https://github.com/elastic/helm-charts/tree/master/README.md#helm-3-beta [imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images [imagePullSecrets]: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret [kubernetes secrets]: https://kubernetes.io/docs/concepts/configuration/secret/ diff --git a/metricbeat/README.md b/metricbeat/README.md index c1db47f21..e6e73774a 100644 --- a/metricbeat/README.md +++ b/metricbeat/README.md @@ -47,14 +47,18 @@ This chart is tested with the latest 7.10.0-SNAPSHOT versions. * Add the Elastic Helm charts repo: `helm repo add elastic https://helm.elastic.co` -* Install the latest 7.7 release: -`helm install --name metricbeat elastic/metricbeat` +* Install it: + - with Helm 2: `helm install --name metricbeat elastic/metricbeat` + - with [Helm 3 (beta)][]: `helm install metricbeat elastic/metricbeat` + ### Install development version using 7.x branch and 7.10.0-SNAPSHOT versions * Clone the git repo: `git clone git@github.com:elastic/helm-charts.git` -* Install it: `helm install --name metricbeat ./helm-charts/metricbeat` +* Install it: + - with Helm 2: `helm install --name metricbeat ./helm-charts/metricbeat --set imageTag=7.10.0-SNAPSHOT` + - with [Helm 3 (beta)][]: `helm install metricbeat ./helm-charts/metricbeat --set imageTag=7.10.0-SNAPSHOT` ## Upgrading @@ -219,6 +223,7 @@ about our development and testing process. [examples/oss]: https://github.com/elastic/helm-charts/tree/7.x/metricbeat/examples/oss [examples/security]: https://github.com/elastic/helm-charts/tree/7.x/metricbeat/examples/security [helm]: https://helm.sh +[helm 3 (beta)]: https://github.com/elastic/helm-charts/tree/master/README.md#helm-3-beta [hostPath]: https://kubernetes.io/docs/concepts/storage/volumes/#hostpath [hostNetwork]: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#host-namespaces [imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images From 4ef323e359660be8d4174a535f5823df3c4ba127 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Wed, 29 Jul 2020 07:49:09 +0200 Subject: [PATCH 069/151] [meta] remove branch specific staging jobs (#736) These jobs are replaced by a single job which can manage every branch in 47a45cf --- ...harts+{branch}+staging+cluster-cleanup.yml | 39 -------------- ...arts+{branch}+staging+cluster-creation.yml | 40 -------------- ...branch}+staging+integration-apm-server.yml | 45 ---------------- ...nch}+staging+integration-elasticsearch.yml | 54 ------------------- ...+{branch}+staging+integration-filebeat.yml | 45 ---------------- ...ts+{branch}+staging+integration-kibana.yml | 45 ---------------- ...+{branch}+staging+integration-logstash.yml | 45 ---------------- ...branch}+staging+integration-metricbeat.yml | 45 ---------------- .../elastic+helm-charts+{branch}+staging.yml | 53 ------------------ 9 files changed, 411 deletions(-) delete mode 100644 .ci/jobs.t/elastic+helm-charts+{branch}+staging+cluster-cleanup.yml delete mode 100644 .ci/jobs.t/elastic+helm-charts+{branch}+staging+cluster-creation.yml delete mode 100644 .ci/jobs.t/elastic+helm-charts+{branch}+staging+integration-apm-server.yml delete mode 100644 .ci/jobs.t/elastic+helm-charts+{branch}+staging+integration-elasticsearch.yml delete mode 100644 .ci/jobs.t/elastic+helm-charts+{branch}+staging+integration-filebeat.yml delete mode 100644 .ci/jobs.t/elastic+helm-charts+{branch}+staging+integration-kibana.yml delete mode 100644 .ci/jobs.t/elastic+helm-charts+{branch}+staging+integration-logstash.yml delete mode 100644 .ci/jobs.t/elastic+helm-charts+{branch}+staging+integration-metricbeat.yml delete mode 100644 .ci/jobs.t/elastic+helm-charts+{branch}+staging.yml diff --git a/.ci/jobs.t/elastic+helm-charts+{branch}+staging+cluster-cleanup.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+staging+cluster-cleanup.yml deleted file mode 100644 index 7c6bc2dc9..000000000 --- a/.ci/jobs.t/elastic+helm-charts+{branch}+staging+cluster-cleanup.yml +++ /dev/null @@ -1,39 +0,0 @@ ---- -- job: - name: elastic+helm-charts+%BRANCH%+staging+cluster-cleanup - display-name: elastic / helm-charts - staging - cluster cleanup - description: staging - cluster cleanup - parameters: - - string: - name: BUILD_ID - description: "The buildId for the staging images. (Example: 7.6.1-abcdabcd)" - scm: - - git: - wipe-workspace: 'True' - axes: - - axis: - type: slave - name: label - values: - - docker&&virtual - - axis: - type: yaml - name: KUBERNETES_VERSION - filename: helpers/matrix.yml - builders: - - shell: |- - #!/usr/local/bin/runbld - set -euo pipefail - - source /usr/local/bin/bash_standard_lib.sh - - set +x - VAULT_TOKEN=$(retry 5 vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID" secret_id="$VAULT_SECRET_ID") - export VAULT_TOKEN - unset VAULT_ROLE_ID VAULT_SECRET_ID - set -x - - cluster_name="helm-${KUBERNETES_VERSION//./}-${BUILD_ID//./-}" - - cd helpers/terraform/ - ./in-docker make destroy KUBERNETES_VERSION=${KUBERNETES_VERSION} CLUSTER_NAME=${cluster_name} diff --git a/.ci/jobs.t/elastic+helm-charts+{branch}+staging+cluster-creation.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+staging+cluster-creation.yml deleted file mode 100644 index 0279a6cfb..000000000 --- a/.ci/jobs.t/elastic+helm-charts+{branch}+staging+cluster-creation.yml +++ /dev/null @@ -1,40 +0,0 @@ ---- -- job: - name: elastic+helm-charts+%BRANCH%+staging+cluster-creation - display-name: elastic / helm-charts - staging - cluster creation - description: staging - cluster creation - parameters: - - string: - name: BUILD_ID - description: "The buildId for the staging images. (Example: 7.6.1-abcdabcd)" - scm: - - git: - wipe-workspace: 'True' - axes: - - axis: - type: slave - name: label - values: - - docker&&virtual - - axis: - type: yaml - name: KUBERNETES_VERSION - filename: helpers/matrix.yml - builders: - - shell: |- - #!/usr/local/bin/runbld - set -euo pipefail - - source /usr/local/bin/bash_standard_lib.sh - - set +x - VAULT_TOKEN=$(retry 5 vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID" secret_id="$VAULT_SECRET_ID") - export VAULT_TOKEN - unset VAULT_ROLE_ID VAULT_SECRET_ID - set -x - - cluster_name="helm-${KUBERNETES_VERSION//./}-${BUILD_ID//./-}" - - cd helpers/terraform/ - ./in-docker make up KUBERNETES_VERSION=${KUBERNETES_VERSION} CLUSTER_NAME=${cluster_name} - ./in-docker make k8s-staging-registry KUBERNETES_VERSION=${KUBERNETES_VERSION} CLUSTER_NAME=${cluster_name} diff --git a/.ci/jobs.t/elastic+helm-charts+{branch}+staging+integration-apm-server.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+staging+integration-apm-server.yml deleted file mode 100644 index 0496ad456..000000000 --- a/.ci/jobs.t/elastic+helm-charts+{branch}+staging+integration-apm-server.yml +++ /dev/null @@ -1,45 +0,0 @@ ---- -- job: - name: elastic+helm-charts+%BRANCH%+staging+integration-apm-server - display-name: elastic / helm-charts - staging - integration apm-server - description: staging - integration apm-server - parameters: - - string: - name: BUILD_ID - description: "The buildId for the staging images. (Example: 7.6.1-abcdabcd)" - scm: - - git: - wipe-workspace: 'True' - axes: - - axis: - type: slave - name: label - values: - - docker&&virtual - - axis: - type: yaml - name: APM_SERVER_SUITE - filename: helpers/matrix.yml - - axis: - type: yaml - name: KUBERNETES_VERSION - filename: helpers/matrix.yml - builders: - - shell: |- - #!/usr/local/bin/runbld - set -euo pipefail - - source /usr/local/bin/bash_standard_lib.sh - - set +x - VAULT_TOKEN=$(retry 5 vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID" secret_id="$VAULT_SECRET_ID") - export VAULT_TOKEN - unset VAULT_ROLE_ID VAULT_SECRET_ID - set -x - - env BUMPER_VERSION_7="$BUILD_ID" BUMPER_USE_STAGING_IMAGES="true" ./helpers/bumper.py - - cluster_name="helm-${KUBERNETES_VERSION//./}-${BUILD_ID//./-}" - - cd helpers/terraform/ - ./in-docker make integration KUBERNETES_VERSION=${KUBERNETES_VERSION} CLUSTER_NAME=${cluster_name} SUITE=${APM_SERVER_SUITE} CHART=apm-server diff --git a/.ci/jobs.t/elastic+helm-charts+{branch}+staging+integration-elasticsearch.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+staging+integration-elasticsearch.yml deleted file mode 100644 index e441f2141..000000000 --- a/.ci/jobs.t/elastic+helm-charts+{branch}+staging+integration-elasticsearch.yml +++ /dev/null @@ -1,54 +0,0 @@ ---- -- job: - name: elastic+helm-charts+%BRANCH%+staging+integration-elasticsearch - display-name: elastic / helm-charts - staging - integration elasticsearch - description: staging - integration elasticsearch - parameters: - - string: - name: BUILD_ID - description: "The buildId for the staging images. (Example: 7.6.1-abcdabcd)" - scm: - - git: - wipe-workspace: 'True' - axes: - - axis: - type: slave - name: label - values: - - docker&&virtual - - axis: - type: yaml - name: ES_SUITE - filename: helpers/matrix.yml - - axis: - type: yaml - name: KUBERNETES_VERSION - filename: helpers/matrix.yml - builders: - - shell: |- - #!/usr/local/bin/runbld - set -euo pipefail - - source /usr/local/bin/bash_standard_lib.sh - - set +x - VAULT_TOKEN=$(retry 5 vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID" secret_id="$VAULT_SECRET_ID") - export VAULT_TOKEN - unset VAULT_ROLE_ID VAULT_SECRET_ID - - DOCKER_PASSWORD=$(retry 5 vault read -field password secret/devops-ci/docker.elastic.co/devops-ci) - retry 5 docker login -u devops-ci -p $DOCKER_PASSWORD docker.elastic.co - unset DOCKER_PASSWORD - set -x - - env BUMPER_VERSION_7="$BUILD_ID" BUMPER_USE_STAGING_IMAGES="true" ./helpers/bumper.py - - cluster_name="helm-${KUBERNETES_VERSION//./}-${BUILD_ID//./-}" - - cd helpers/terraform/ - - # pull private images while we have the hosts docker daemon authenticated - make pull-private-images - - # the private images will be used in here - ./in-docker make integration KUBERNETES_VERSION=${KUBERNETES_VERSION} CLUSTER_NAME=${cluster_name} SUITE=${ES_SUITE} CHART=elasticsearch diff --git a/.ci/jobs.t/elastic+helm-charts+{branch}+staging+integration-filebeat.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+staging+integration-filebeat.yml deleted file mode 100644 index da18266be..000000000 --- a/.ci/jobs.t/elastic+helm-charts+{branch}+staging+integration-filebeat.yml +++ /dev/null @@ -1,45 +0,0 @@ ---- -- job: - name: elastic+helm-charts+%BRANCH%+staging+integration-filebeat - display-name: elastic / helm-charts - staging - integration filebeat - description: staging - integration filebeat - parameters: - - string: - name: BUILD_ID - description: "The buildId for the staging images. (Example: 7.6.1-abcdabcd)" - scm: - - git: - wipe-workspace: 'True' - axes: - - axis: - type: slave - name: label - values: - - docker&&virtual - - axis: - type: yaml - name: FILEBEAT_SUITE - filename: helpers/matrix.yml - - axis: - type: yaml - name: KUBERNETES_VERSION - filename: helpers/matrix.yml - builders: - - shell: |- - #!/usr/local/bin/runbld - set -euo pipefail - - source /usr/local/bin/bash_standard_lib.sh - - set +x - VAULT_TOKEN=$(retry 5 vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID" secret_id="$VAULT_SECRET_ID") - export VAULT_TOKEN - unset VAULT_ROLE_ID VAULT_SECRET_ID - set -x - - env BUMPER_VERSION_7="$BUILD_ID" BUMPER_USE_STAGING_IMAGES="true" ./helpers/bumper.py - - cluster_name="helm-${KUBERNETES_VERSION//./}-${BUILD_ID//./-}" - - cd helpers/terraform/ - ./in-docker make integration KUBERNETES_VERSION=${KUBERNETES_VERSION} CLUSTER_NAME=${cluster_name} SUITE=${FILEBEAT_SUITE} CHART=filebeat diff --git a/.ci/jobs.t/elastic+helm-charts+{branch}+staging+integration-kibana.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+staging+integration-kibana.yml deleted file mode 100644 index 8944098a1..000000000 --- a/.ci/jobs.t/elastic+helm-charts+{branch}+staging+integration-kibana.yml +++ /dev/null @@ -1,45 +0,0 @@ ---- -- job: - name: elastic+helm-charts+%BRANCH%+staging+integration-kibana - display-name: elastic / helm-charts - staging - integration kibana - description: staging - integration kibana - parameters: - - string: - name: BUILD_ID - description: "The buildId for the staging images. (Example: 7.6.1-abcdabcd)" - scm: - - git: - wipe-workspace: 'True' - axes: - - axis: - type: slave - name: label - values: - - docker&&virtual - - axis: - type: yaml - name: KIBANA_SUITE - filename: helpers/matrix.yml - - axis: - type: yaml - name: KUBERNETES_VERSION - filename: helpers/matrix.yml - builders: - - shell: |- - #!/usr/local/bin/runbld - set -euo pipefail - - source /usr/local/bin/bash_standard_lib.sh - - set +x - VAULT_TOKEN=$(retry 5 vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID" secret_id="$VAULT_SECRET_ID") - export VAULT_TOKEN - unset VAULT_ROLE_ID VAULT_SECRET_ID - set -x - - env BUMPER_VERSION_7="$BUILD_ID" BUMPER_USE_STAGING_IMAGES="true" ./helpers/bumper.py - - cluster_name="helm-${KUBERNETES_VERSION//./}-${BUILD_ID//./-}" - - cd helpers/terraform/ - ./in-docker make integration KUBERNETES_VERSION=${KUBERNETES_VERSION} CLUSTER_NAME=${cluster_name} SUITE=${KIBANA_SUITE} CHART=kibana diff --git a/.ci/jobs.t/elastic+helm-charts+{branch}+staging+integration-logstash.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+staging+integration-logstash.yml deleted file mode 100644 index 7db73f065..000000000 --- a/.ci/jobs.t/elastic+helm-charts+{branch}+staging+integration-logstash.yml +++ /dev/null @@ -1,45 +0,0 @@ ---- -- job: - name: elastic+helm-charts+%BRANCH%+staging+integration-logstash - display-name: elastic / helm-charts - staging - integration logstash - description: staging - integration logstash - parameters: - - string: - name: BUILD_ID - description: "The buildId for the staging images. (Example: 7.6.1-abcdabcd)" - scm: - - git: - wipe-workspace: 'True' - axes: - - axis: - type: slave - name: label - values: - - docker&&virtual - - axis: - type: yaml - name: LOGSTASH_SUITE - filename: helpers/matrix.yml - - axis: - type: yaml - name: KUBERNETES_VERSION - filename: helpers/matrix.yml - builders: - - shell: |- - #!/usr/local/bin/runbld - set -euo pipefail - - source /usr/local/bin/bash_standard_lib.sh - - set +x - VAULT_TOKEN=$(retry 5 vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID" secret_id="$VAULT_SECRET_ID") - export VAULT_TOKEN - unset VAULT_ROLE_ID VAULT_SECRET_ID - set -x - - env BUMPER_VERSION_7="$BUILD_ID" BUMPER_USE_STAGING_IMAGES="true" ./helpers/bumper.py - - cluster_name="helm-${KUBERNETES_VERSION//./}-${BUILD_ID//./-}" - - cd helpers/terraform/ - ./in-docker make integration KUBERNETES_VERSION=${KUBERNETES_VERSION} CLUSTER_NAME=${cluster_name} SUITE=${LOGSTASH_SUITE} CHART=logstash diff --git a/.ci/jobs.t/elastic+helm-charts+{branch}+staging+integration-metricbeat.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+staging+integration-metricbeat.yml deleted file mode 100644 index 1046c0a83..000000000 --- a/.ci/jobs.t/elastic+helm-charts+{branch}+staging+integration-metricbeat.yml +++ /dev/null @@ -1,45 +0,0 @@ ---- -- job: - name: elastic+helm-charts+%BRANCH%+staging+integration-metricbeat - display-name: elastic / helm-charts - staging - integration metricbeat - description: staging - integration metricbeat - parameters: - - string: - name: BUILD_ID - description: "The buildId for the staging images. (Example: 7.6.1-abcdabcd)" - scm: - - git: - wipe-workspace: 'True' - axes: - - axis: - type: slave - name: label - values: - - docker&&virtual - - axis: - type: yaml - name: METRICBEAT_SUITE - filename: helpers/matrix.yml - - axis: - type: yaml - name: KUBERNETES_VERSION - filename: helpers/matrix.yml - builders: - - shell: |- - #!/usr/local/bin/runbld - set -euo pipefail - - source /usr/local/bin/bash_standard_lib.sh - - set +x - VAULT_TOKEN=$(retry 5 vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID" secret_id="$VAULT_SECRET_ID") - export VAULT_TOKEN - unset VAULT_ROLE_ID VAULT_SECRET_ID - set -x - - env BUMPER_VERSION_7="$BUILD_ID" BUMPER_USE_STAGING_IMAGES="true" ./helpers/bumper.py - - cluster_name="helm-${KUBERNETES_VERSION//./}-${BUILD_ID//./-}" - - cd helpers/terraform/ - ./in-docker make integration KUBERNETES_VERSION=${KUBERNETES_VERSION} CLUSTER_NAME=${cluster_name} SUITE=${METRICBEAT_SUITE} CHART=metricbeat diff --git a/.ci/jobs.t/elastic+helm-charts+{branch}+staging.yml b/.ci/jobs.t/elastic+helm-charts+{branch}+staging.yml deleted file mode 100644 index 5b8bc8bc9..000000000 --- a/.ci/jobs.t/elastic+helm-charts+{branch}+staging.yml +++ /dev/null @@ -1,53 +0,0 @@ ---- -- job: - name: elastic+helm-charts+%BRANCH%+staging - display-name: elastic / helm-charts +%BRANCH%+ - staging tests - description: Staging image testing - concurrent: true - parameters: - - string: - name: BUILD_ID - description: "The buildId for the staging images. (Example: 7.8.0-abcdabcd)" - project-type: multijob - scm: - - git: - wipe-workspace: 'False' - builders: - - multijob: - name: template testing and kubernetes cluster creation - condition: SUCCESSFUL - projects: - - name: elastic+helm-charts+%BRANCH%+staging+cluster-creation - current-parameters: true - - multijob: - name: elasticsearch integration testing - condition: ALWAYS - projects: - - name: elastic+helm-charts+%BRANCH%+staging+integration-elasticsearch - current-parameters: true - - multijob: - name: integration testing - condition: ALWAYS - projects: - - name: elastic+helm-charts+%BRANCH%+staging+integration-kibana - current-parameters: true - - name: elastic+helm-charts+%BRANCH%+staging+integration-filebeat - current-parameters: true - - name: elastic+helm-charts+%BRANCH%+staging+integration-metricbeat - current-parameters: true - - name: elastic+helm-charts+%BRANCH%+staging+integration-logstash - current-parameters: true - - name: elastic+helm-charts+%BRANCH%+staging+integration-apm-server - current-parameters: true - publishers: - - trigger-parameterized-builds: - - project: elastic+helm-charts+%BRANCH%+staging+cluster-cleanup - current-parameters: true - trigger-with-no-params: false - - slack: - notify-back-to-normal: True - notify-every-failure: True - room: infra-release-notify - team-domain: elastic - auth-token-id: release-slack-integration-token - auth-token-credential-id: release-slack-integration-token From af48a183261da5a7052370102f469159b0d998d9 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Wed, 26 Aug 2020 11:55:03 +0200 Subject: [PATCH 070/151] [meta] drop gke 1.14 tests (#798) This PR fix CI builds failing because GKE 1.14 is no more available in GCP --- helpers/matrix.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/helpers/matrix.yml b/helpers/matrix.yml index 3e5864839..fb7b6d23e 100644 --- a/helpers/matrix.yml +++ b/helpers/matrix.yml @@ -34,6 +34,5 @@ APM_SERVER_SUITE: - oss - security KUBERNETES_VERSION: - - '1.14' - '1.15' - '1.16' From 5fa5c341d88b14105cae84f54238dd06edb4dc9f Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Thu, 27 Aug 2020 08:58:12 +0200 Subject: [PATCH 071/151] [helm] bump helm version to 2.16.10 (#797) --- README.md | 2 +- helpers/helm-tester/Dockerfile | 2 +- helpers/terraform/Dockerfile | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index bbc8cf1d0..e9306a19d 100644 --- a/README.md +++ b/README.md @@ -76,7 +76,7 @@ exact versions are defined under `KUBERNETES_VERSIONS` in ### Helm versions While we are checking backward compatibility, the charts are only tested with -Helm version mentioned in [helm-tester Dockerfile][] (currently 2.16.9). +Helm version mentioned in [helm-tester Dockerfile][] (currently 2.16.10). #### Helm 3 beta diff --git a/helpers/helm-tester/Dockerfile b/helpers/helm-tester/Dockerfile index 50536ca3e..d6652537f 100644 --- a/helpers/helm-tester/Dockerfile +++ b/helpers/helm-tester/Dockerfile @@ -1,6 +1,6 @@ FROM python:3.7 -ENV HELM_VERSION=2.16.9 +ENV HELM_VERSION=2.16.10 RUN wget --no-verbose https://storage.googleapis.com/kubernetes-helm/helm-v${HELM_VERSION}-linux-amd64.tar.gz && \ tar xfv helm-v${HELM_VERSION}-linux-amd64.tar.gz && \ diff --git a/helpers/terraform/Dockerfile b/helpers/terraform/Dockerfile index a6f87a3bd..a432de495 100644 --- a/helpers/terraform/Dockerfile +++ b/helpers/terraform/Dockerfile @@ -3,7 +3,7 @@ FROM centos:7 ENV VAULT_VERSION 0.9.3 ENV TERRAFORM_VERSION=0.11.7 ENV KUBECTL_VERSION=1.16.10 -ENV HELM_VERSION=2.16.9 +ENV HELM_VERSION=2.16.10 ENV DOCKER_VERSION=18.09.7 ENV JQ_VERSION=1.6 From 2cfd4eeb14dea5902c914266edfb6c05f1dd28de Mon Sep 17 00:00:00 2001 From: SlavaSubotskiy Date: Thu, 27 Aug 2020 12:45:22 +0300 Subject: [PATCH 072/151] Fix typo in FAQ (#744) Co-authored-by: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> --- filebeat/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/filebeat/README.md b/filebeat/README.md index 61699b741..339cfb1b5 100644 --- a/filebeat/README.md +++ b/filebeat/README.md @@ -150,7 +150,7 @@ The default Filebeat configuration is using Filebeat pod name for `agent.hostname` and `host.name` fields. The `hostname` of the Kubernetes nodes can be find in `kubernetes.node.name` field. If you would like to have `agent.hostname` and `host.name` fields set to the hostname of the nodes, you'll -need to set `daemonset.hostNetworking` value to true. +need to set `hostNetworking` value to true. Note that enabling [hostNetwork][] make Filebeat pod use the host network namespace which gives it access to the host loopback device, services listening From b2334b5c652b48c835945af1101b6a3044a56164 Mon Sep 17 00:00:00 2001 From: AhmedSamirAhmed Date: Thu, 27 Aug 2020 11:52:07 +0200 Subject: [PATCH 073/151] Missing deletion of "elastic-certificate-crt" (#752) --- elasticsearch/examples/security/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/elasticsearch/examples/security/Makefile b/elasticsearch/examples/security/Makefile index 46f0ee783..dcc3ec94d 100644 --- a/elasticsearch/examples/security/Makefile +++ b/elasticsearch/examples/security/Makefile @@ -9,7 +9,7 @@ install: helm upgrade --wait --timeout=600 --install --values ./security.yml $(RELEASE) ../../ purge: - kubectl delete secrets elastic-credentials elastic-certificates elastic-certificate-pem || true + kubectl delete secrets elastic-credentials elastic-certificates elastic-certificate-pem elastic-certificate-crt|| true helm del --purge $(RELEASE) test: secrets install goss From 2bd98f7b9782436d168a3e97d9c070d4e18bfbe0 Mon Sep 17 00:00:00 2001 From: Thomas Decaux Date: Thu, 27 Aug 2020 11:54:07 +0200 Subject: [PATCH 074/151] Remove duplicate "initialDelaySeconds" field (#763) --- apm-server/values.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/apm-server/values.yaml b/apm-server/values.yaml index 6b4974add..e4a0766fa 100755 --- a/apm-server/values.yaml +++ b/apm-server/values.yaml @@ -85,7 +85,6 @@ livenessProbe: port: http initialDelaySeconds: 30 failureThreshold: 3 - initialDelaySeconds: 10 periodSeconds: 10 timeoutSeconds: 5 @@ -95,7 +94,6 @@ readinessProbe: port: http initialDelaySeconds: 30 failureThreshold: 3 - initialDelaySeconds: 10 periodSeconds: 10 timeoutSeconds: 5 From 991cb1c7e8f4dea9336b6eff974811cdf57243e4 Mon Sep 17 00:00:00 2001 From: Simon Gurcke Date: Thu, 27 Aug 2020 20:13:19 +1000 Subject: [PATCH 075/151] [logstash] Fix headless service ports spec (#776) Co-authored-by: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> --- logstash/templates/service-headless.yaml | 9 +++++---- logstash/tests/logstash_test.py | 7 +++++++ 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/logstash/templates/service-headless.yaml b/logstash/templates/service-headless.yaml index 2bf840b34..157e4a66f 100644 --- a/logstash/templates/service-headless.yaml +++ b/logstash/templates/service-headless.yaml @@ -16,8 +16,9 @@ spec: selector: app: "{{ template "logstash.fullname" . }}" ports: - - name: http - port: {{ .Values.httpPort }} -{{- if .Values.extraPorts }} -{{- toYaml .Values.extraPorts | nindent 2 }} +{{- if .Values.service }} +{{ toYaml .Values.service.ports | indent 4 }} +{{- else }} + - name: http + port: {{ .Values.httpPort }} {{- end }} diff --git a/logstash/tests/logstash_test.py b/logstash/tests/logstash_test.py index 6b29dacdf..a96ce0a20 100755 --- a/logstash/tests/logstash_test.py +++ b/logstash/tests/logstash_test.py @@ -860,6 +860,13 @@ def test_adding_a_service(): "protocol": "TCP", "targetPort": 5044, } + h = r["service"][name + "-headless"] + assert h["spec"]["ports"][0] == { + "name": "beats", + "port": 5044, + "protocol": "TCP", + "targetPort": 5044, + } def test_setting_fullnameOverride(): From 0b14236346e656118ce1d80fee6b118caa3e4f03 Mon Sep 17 00:00:00 2001 From: Vadym Liubko Date: Thu, 27 Aug 2020 13:47:38 +0300 Subject: [PATCH 076/151] [metricbeat] Add missing labels for deployment (#770) Co-authored-by: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> --- metricbeat/templates/deployment.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/metricbeat/templates/deployment.yaml b/metricbeat/templates/deployment.yaml index dacf78310..6e9c28128 100644 --- a/metricbeat/templates/deployment.yaml +++ b/metricbeat/templates/deployment.yaml @@ -38,6 +38,9 @@ spec: chart: '{{ .Chart.Name }}-{{ .Chart.Version }}' heritage: '{{ .Release.Service }}' release: '{{ .Release.Name }}' + {{- range $key, $value := .Values.labels }} + {{ $key }}: {{ $value | quote }} + {{- end }} spec: affinity: {{ toYaml .Values.deployment.affinity | nindent 8 }} nodeSelector: {{ toYaml .Values.deployment.nodeSelector | nindent 8 }} From a3d081fd9bac9f197431c688fea04e429421c372 Mon Sep 17 00:00:00 2001 From: Dat Tang Date: Thu, 27 Aug 2020 15:29:51 +0200 Subject: [PATCH 077/151] Fix serviceAccount for APM server (#786) --- apm-server/templates/deployment.yaml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/apm-server/templates/deployment.yaml b/apm-server/templates/deployment.yaml index 8ffd5ee39..0cf3b50d9 100644 --- a/apm-server/templates/deployment.yaml +++ b/apm-server/templates/deployment.yaml @@ -33,9 +33,7 @@ spec: {{- if .Values.priorityClassName }} priorityClassName: {{ .Values.priorityClassName }} {{- end }} - {{- if .Values.serviceAccount }} - serviceAccountName: {{ .Values.serviceAccount }} - {{- end }} + serviceAccountName: {{ template "apm.serviceAccount" . }} volumes: {{- range .Values.secretMounts }} - name: {{ .name }} From 59b9786907a2b22d7b7e96a06bcd50e3458fbc3d Mon Sep 17 00:00:00 2001 From: Erik Aaron Hansen Date: Thu, 10 Sep 2020 14:11:18 +0200 Subject: [PATCH 078/151] [metricbeat] Support secrets (#778) --- metricbeat/README.md | 1 + metricbeat/templates/secret.yaml | 27 +++++ metricbeat/tests/metricbeat_test.py | 146 ++++++++++++++++++++++++++++ metricbeat/values.yaml | 16 +++ 4 files changed, 190 insertions(+) create mode 100644 metricbeat/templates/secret.yaml diff --git a/metricbeat/README.md b/metricbeat/README.md index e6e73774a..80747cc70 100644 --- a/metricbeat/README.md +++ b/metricbeat/README.md @@ -136,6 +136,7 @@ as a reference. They are also used in the automated testing of this chart. | `priorityClassName` | The name of the [PriorityClass][]. No default is supplied as the PriorityClass must be created first | `""` | | `readinessProbe` | Parameters to pass to readiness [probe][] checks for values such as timeouts and thresholds | see [values.yaml][] | | `replicas` | The replica count for the Metricbeat deployment talking to kube-state-metrics | `1` | +| `secrets` | Allows creating a secret from variables or a file. To add secrets from file, add suffix `.filepath` to the key of the secret key. The value will be encoded to base64. | See [values.yaml][] | | `serviceAccount` | Custom [serviceAccount][] that Metricbeat will use during execution. By default will use the service account created by this chart | `""` | | `serviceAccountAnnotations` | Annotations to be added to the ServiceAccount that is created by this chart. | `{}` | | `terminationGracePeriod` | Termination period (in seconds) to wait before killing Metricbeat pod process on pod shutdown | `30` | diff --git a/metricbeat/templates/secret.yaml b/metricbeat/templates/secret.yaml new file mode 100644 index 000000000..115034f8c --- /dev/null +++ b/metricbeat/templates/secret.yaml @@ -0,0 +1,27 @@ +{{- if .Values.secrets }} +{{- $fullName := include "metricbeat.fullname" . -}} +{{- range .Values.secrets }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ printf "%s-%s" $fullName .name | quote }} + labels: + app: {{ $fullName | quote }} + chart: {{ $.Chart.Name | quote }} + heritage: {{ $.Release.Service | quote }} + release: {{ $.Release.Name | quote }} + {{- range $key, $value := $.Values.labels }} + {{ $key }}: {{ $value | quote }} + {{- end }} +data: +{{- range $key, $val := .value }} + {{- if hasSuffix "filepath" $key }} + {{ $key | replace ".filepath" "" }}: {{ $.Files.Get $val | b64enc | quote }} + {{ else }} + {{ $key }}: {{ $val | b64enc | quote }} + {{- end }} +{{- end }} +type: Opaque +{{- end }} +{{- end }} diff --git a/metricbeat/tests/metricbeat_test.py b/metricbeat/tests/metricbeat_test.py index 7e1d6e5b9..fcc476c4c 100644 --- a/metricbeat/tests/metricbeat_test.py +++ b/metricbeat/tests/metricbeat_test.py @@ -1,5 +1,6 @@ import os import sys +import base64 sys.path.insert(1, os.path.join(sys.path[0], "../../helpers")) from helpers import helm_template @@ -1229,3 +1230,148 @@ def test_custom_kube_stat_metrics_host(): ][1]["value"] == "kube-state-metrics.kube-system:9999" ) + + +def test_adding_a_secret(): + content = "LS1CRUdJTiBgUFJJVkFURSB" + config = """ +secrets: + - name: "env" + value: + ELASTICSEARCH_PASSWORD: {elk_pass} +""".format( + elk_pass=content + ) + content_b64 = base64.b64encode(content.encode("ascii")).decode("ascii") + + r = helm_template(config) + secret_name = name + "-env" + s = r["secret"][secret_name] + assert s["metadata"]["labels"]["app"] == name + assert len(r["secret"]) == 1 + assert len(s["data"]) == 1 + assert s["data"] == {"ELASTICSEARCH_PASSWORD": content_b64} + + +def test_adding_secret_from_file(): + content = """ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEApCt3ychnqZHsS +DylPFZn55xDaDcWco1oNFdBGzFjw+ +zkuMFMOv7ab+yOFwHeEeAAEkEgy1u +Da1vIscBs1K0kbEFRSqySLuNHWiJp +wK2cI/gJc+S9Qd9Qsn0XGjmjQ6P2p +ot2hvCOtnei998OmDSYORKBq2jiv/ +-----END RSA PRIVATE KEY----- +""" + config = """ +secrets: + - name: "tls" + value: + cert.key.filepath: "secrets/private.key" +""" + content_b64 = base64.b64encode(content.encode("ascii")).decode("ascii") + work_dir = os.path.join(os.path.abspath(os.getcwd()), "secrets") + filename = os.path.join(work_dir, "private.key") + os.makedirs(os.path.dirname(filename), exist_ok=True) + with open(filename, "w") as f: + f.write(content) + + with open(filename, "r") as f: + data = f.read() + assert data == content + + r = helm_template(config) + secret_name = name + "-tls" + s = r["secret"][secret_name] + assert s["metadata"]["labels"]["app"] == name + assert len(r["secret"]) == 1 + assert len(s["data"]) == 1 + assert s["data"] == { + "cert.key": content_b64, + } + + os.remove(filename) + os.rmdir(work_dir) + + +def test_adding_multiple_data_secret(): + content = { + "elk_pass": "LS1CRUdJTiBgUFJJVkFURSB", + "api_key": "ui2CsdUadTiBasRJRkl9tvNnw", + } + config = """ +secrets: + - name: "env" + value: + ELASTICSEARCH_PASSWORD: {elk_pass} + api_key: {api_key} +""".format( + elk_pass=content["elk_pass"], api_key=content["api_key"] + ) + content_b64 = { + "elk_pass": base64.b64encode(content["elk_pass"].encode("ascii")).decode( + "ascii" + ), + "api_key": base64.b64encode(content["api_key"].encode("ascii")).decode("ascii"), + } + + r = helm_template(config) + secret_name = name + "-env" + s = r["secret"][secret_name] + assert s["metadata"]["labels"]["app"] == name + assert len(r["secret"]) == 1 + assert len(s["data"]) == 2 + assert s["data"] == { + "ELASTICSEARCH_PASSWORD": content_b64["elk_pass"], + "api_key": content_b64["api_key"], + } + + +def test_adding_multiple_secrets(): + content = { + "elk_pass": "LS1CRUdJTiBgUFJJVkFURSB", + "cert_crt": "LS0tLS1CRUdJTiBlRJRALKJDDQVRFLS0tLS0K", + "cert_key": "LS0tLS1CRUdJTiBgUFJJVkFURSBLRVktLS0tLQo", + } + config = """ +secrets: + - name: "env" + value: + ELASTICSEARCH_PASSWORD: {elk_pass} + - name: "tls" + value: + cert.crt: {cert_crt} + cert.key: {cert_key} + +""".format( + elk_pass=content["elk_pass"], + cert_crt=content["cert_crt"], + cert_key=content["cert_key"], + ) + content_b64 = { + "elk_pass": base64.b64encode(content["elk_pass"].encode("ascii")).decode( + "ascii" + ), + "cert_crt": base64.b64encode(content["cert_crt"].encode("ascii")).decode( + "ascii" + ), + "cert_key": base64.b64encode(content["cert_key"].encode("ascii")).decode( + "ascii" + ), + } + + r = helm_template(config) + secret_names = {"env": name + "-env", "tls": name + "-tls"} + s_env = r["secret"][secret_names["env"]] + s_tls = r["secret"][secret_names["tls"]] + assert len(r["secret"]) == 2 + assert len(s_env["data"]) == 1 + assert s_env["data"] == { + "ELASTICSEARCH_PASSWORD": content_b64["elk_pass"], + } + assert len(s_tls["data"]) == 2 + assert s_tls["data"] == { + "cert.crt": content_b64["cert_crt"], + "cert.key": content_b64["cert_key"], + } diff --git a/metricbeat/values.yaml b/metricbeat/values.yaml index 6e2e04cef..244526c01 100755 --- a/metricbeat/values.yaml +++ b/metricbeat/values.yaml @@ -255,6 +255,22 @@ kube_state_metrics: # host is used only when kube_state_metrics.enabled: false host: "" +# Add sensitive data to k8s secrets +secrets: [] +# - name: "env" +# value: +# ELASTICSEARCH_PASSWORD: "LS1CRUdJTiBgUFJJVkFURSB" +# api_key: ui2CsdUadTiBasRJRkl9tvNnw +# - name: "tls" +# value: +# ca.crt: | +# LS0tLS1CRUdJT0K +# LS0tLS1CRUdJT0K +# LS0tLS1CRUdJT0K +# LS0tLS1CRUdJT0K +# cert.crt: "LS0tLS1CRUdJTiBlRJRklDQVRFLS0tLS0K" +# cert.key.filepath: "secrets.crt" # The path to file should be relative to the `values.yaml` file. + # DEPRECATED affinity: {} envFrom: [] From 65bf107b04436c670210000691234b51acab9f2b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luan=20Guimar=C3=A3es?= Date: Wed, 16 Sep 2020 05:32:21 -0300 Subject: [PATCH 079/151] [elasticsearch] add loadBalancer externalTrafficPolicy option (#810) --- elasticsearch/README.md | 2 ++ elasticsearch/templates/service.yaml | 3 +++ elasticsearch/tests/elasticsearch_test.py | 17 +++++++++++++++++ elasticsearch/values.yaml | 1 + 4 files changed, 23 insertions(+) diff --git a/elasticsearch/README.md b/elasticsearch/README.md index 9070d4f37..eb335bc59 100644 --- a/elasticsearch/README.md +++ b/elasticsearch/README.md @@ -159,6 +159,7 @@ support multiple versions with minimal changes. | `secretMounts` | Allows you easily mount a secret as a file inside the StatefulSet. Useful for mounting certificates and other secrets. See [values.yaml][] for an example | `[]` | | `securityContext` | Allows you to set the [securityContext][] for the container | see [values.yaml][] | | `service.annotations` | [LoadBalancer annotations][] that Kubernetes will use for the service. This will configure load balancer if `service.type` is `LoadBalancer` | `{}` | +| `service.externalTrafficPolicy` | Some cloud providers allow you to specify the [LoadBalancer externalTrafficPolicy][]. Kubernetes will use this to preserve the client source IP. This will configure load balancer if `service.type` is `LoadBalancer` | `""` | | `service.httpPortName` | The name of the http port within the service | `http` | | `service.labelsHeadless` | Labels to be added to headless service | `{}` | | `service.labels` | Labels to be added to non-headless service | `{}` | @@ -429,6 +430,7 @@ about our development and testing process. [labels]: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ [lifecycle hooks]: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/ [loadBalancer annotations]: https://kubernetes.io/docs/concepts/services-networking/service/#ssl-support-on-aws +[loadBalancer externalTrafficPolicy]: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip [loadBalancer]: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer [maxUnavailable]: https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget [migration guide]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/migration/README.md diff --git a/elasticsearch/templates/service.yaml b/elasticsearch/templates/service.yaml index 2c8f852f8..ee7ba5c9c 100644 --- a/elasticsearch/templates/service.yaml +++ b/elasticsearch/templates/service.yaml @@ -40,6 +40,9 @@ spec: loadBalancerSourceRanges: {{ toYaml . | indent 4 }} {{- end }} +{{- if .Values.service.externalTrafficPolicy }} + externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy }} +{{- end }} --- kind: Service apiVersion: v1 diff --git a/elasticsearch/tests/elasticsearch_test.py b/elasticsearch/tests/elasticsearch_test.py index 063757362..5aa5fe272 100755 --- a/elasticsearch/tests/elasticsearch_test.py +++ b/elasticsearch/tests/elasticsearch_test.py @@ -862,6 +862,23 @@ def test_adding_a_loadBalancerIP(): assert r["service"][uname]["spec"]["loadBalancerIP"] == "12.4.19.81" +def test_adding_an_externalTrafficPolicy(): + config = "" + + r = helm_template(config) + + assert "externalTrafficPolicy" not in r["service"][uname]["spec"] + + config = """ + service: + externalTrafficPolicy: Local + """ + + r = helm_template(config) + + assert r["service"][uname]["spec"]["externalTrafficPolicy"] == "Local" + + def test_adding_a_label_on_non_headless_service(): config = "" diff --git a/elasticsearch/values.yaml b/elasticsearch/values.yaml index fc569440a..39dca078f 100755 --- a/elasticsearch/values.yaml +++ b/elasticsearch/values.yaml @@ -182,6 +182,7 @@ service: transportPortName: transport loadBalancerIP: "" loadBalancerSourceRanges: [] + externalTrafficPolicy: "" updateStrategy: RollingUpdate From 091de92e86248947e5f6a062b8e6dae02ff6abb1 Mon Sep 17 00:00:00 2001 From: Florian Loretan Date: Wed, 16 Sep 2020 15:11:38 +0200 Subject: [PATCH 080/151] Include pre-releases in the semver range. (#729) --- elasticsearch/templates/statefulset.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/elasticsearch/templates/statefulset.yaml b/elasticsearch/templates/statefulset.yaml index 6cc70377a..21c94c798 100644 --- a/elasticsearch/templates/statefulset.yaml +++ b/elasticsearch/templates/statefulset.yaml @@ -154,7 +154,7 @@ spec: imagePullSecrets: {{ toYaml .Values.imagePullSecrets | indent 8 }} {{- end }} - {{- if semverCompare ">1.13" .Capabilities.KubeVersion.GitVersion }} + {{- if semverCompare ">1.13-0" .Capabilities.KubeVersion.GitVersion }} enableServiceLinks: {{ .Values.enableServiceLinks }} {{- end }} initContainers: From e6e4e1aa77609ecd1b1c9bd620fd57417499abde Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Wed, 16 Sep 2020 18:25:50 +0200 Subject: [PATCH 081/151] [elasticsearch] fix secrets names in examples (#811) Kubernetes doesn't accept `_` characters in resources names. This commit fix the secrets names in the examples we provide by replacing `_` by `-`which Kubernetes is accepting. Source: https://github.com/helm/helm/issues/6477 --- elasticsearch/README.md | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/elasticsearch/README.md b/elasticsearch/README.md index eb335bc59..c0f53da52 100644 --- a/elasticsearch/README.md +++ b/elasticsearch/README.md @@ -292,16 +292,16 @@ Create the secret, the key name needs to be the keystore key path. In this example we will create a secret from a file and from a literal string. ``` -kubectl create secret generic encryption_key --from-file=xpack.watcher.encryption_key=./watcher_encryption_key -kubectl create secret generic slack_hook --from-literal=xpack.notification.slack.account.monitoring.secure_url='https://hooks.slack.com/services/asdasdasd/asdasdas/asdasd' +kubectl create secret generic encryption-key --from-file=xpack.watcher.encryption_key=./watcher_encryption_key +kubectl create secret generic slack-hook --from-literal=xpack.notification.slack.account.monitoring.secure_url='https://hooks.slack.com/services/asdasdasd/asdasdas/asdasd' ``` To add these secrets to the keystore: ``` keystore: - - secretName: encryption_key - - secretName: slack_hook + - secretName: encryption-key + - secretName: slack-hook ``` #### Multiple keys @@ -310,12 +310,12 @@ All keys in the secret will be added to the keystore. To create the previous example in one secret you could also do: ``` -kubectl create secret generic keystore_secrets --from-file=xpack.watcher.encryption_key=./watcher_encryption_key --from-literal=xpack.notification.slack.account.monitoring.secure_url='https://hooks.slack.com/services/asdasdasd/asdasdas/asdasd' +kubectl create secret generic keystore-secrets --from-file=xpack.watcher.encryption_key=./watcher_encryption_key --from-literal=xpack.notification.slack.account.monitoring.secure_url='https://hooks.slack.com/services/asdasdasd/asdasdas/asdasd' ``` ``` keystore: - - secretName: keystore_secrets + - secretName: keystore-secrets ``` #### Custom paths and keys @@ -328,7 +328,7 @@ example we will only add the `slack_hook` key from a secret that also has other keys. Our secret looks like this: ``` -kubectl create secret generic slack_secrets --from-literal=slack_channel='#general' --from-literal=slack_hook='https://hooks.slack.com/services/asdasdasd/asdasdas/asdasd' +kubectl create secret generic slack-secrets --from-literal=slack_channel='#general' --from-literal=slack_hook='https://hooks.slack.com/services/asdasdasd/asdasdas/asdasd' ``` We only want to add the `slack_hook` key to the keystore at path @@ -336,7 +336,7 @@ We only want to add the `slack_hook` key to the keystore at path ``` keystore: - - secretName: slack_secrets + - secretName: slack-secrets items: - key: slack_hook path: xpack.notification.slack.account.monitoring.secure_url From 8e39cde1b73dd88b7904cc166eec7553e21e1db8 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Wed, 23 Sep 2020 17:50:07 +0200 Subject: [PATCH 082/151] [helm] bump helm version to 2.16.12 (#816) --- README.md | 2 +- helpers/helm-tester/Dockerfile | 2 +- helpers/terraform/Dockerfile | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index e9306a19d..7e333bbb2 100644 --- a/README.md +++ b/README.md @@ -76,7 +76,7 @@ exact versions are defined under `KUBERNETES_VERSIONS` in ### Helm versions While we are checking backward compatibility, the charts are only tested with -Helm version mentioned in [helm-tester Dockerfile][] (currently 2.16.10). +Helm version mentioned in [helm-tester Dockerfile][] (currently 2.16.12). #### Helm 3 beta diff --git a/helpers/helm-tester/Dockerfile b/helpers/helm-tester/Dockerfile index d6652537f..08706c4eb 100644 --- a/helpers/helm-tester/Dockerfile +++ b/helpers/helm-tester/Dockerfile @@ -1,6 +1,6 @@ FROM python:3.7 -ENV HELM_VERSION=2.16.10 +ENV HELM_VERSION=2.16.12 RUN wget --no-verbose https://storage.googleapis.com/kubernetes-helm/helm-v${HELM_VERSION}-linux-amd64.tar.gz && \ tar xfv helm-v${HELM_VERSION}-linux-amd64.tar.gz && \ diff --git a/helpers/terraform/Dockerfile b/helpers/terraform/Dockerfile index a432de495..c8e07a69e 100644 --- a/helpers/terraform/Dockerfile +++ b/helpers/terraform/Dockerfile @@ -3,7 +3,7 @@ FROM centos:7 ENV VAULT_VERSION 0.9.3 ENV TERRAFORM_VERSION=0.11.7 ENV KUBECTL_VERSION=1.16.10 -ENV HELM_VERSION=2.16.10 +ENV HELM_VERSION=2.16.12 ENV DOCKER_VERSION=18.09.7 ENV JQ_VERSION=1.6 From 2e460017548dfa343a380df6792beb894620739d Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Wed, 30 Sep 2020 09:43:08 +0200 Subject: [PATCH 083/151] [elasticsearch][kibana] disable nss dentry cache (#818) This PR disable nss dentry cache for Elasticsearch and Kibana readinessProbe. On affected system (nss < 3.52), the curl commands used by readinessProbe are filling dentry cache which is observed in some cases to be never reclaimed. Elasticsearch and Kibana Docker images are based on CentOS 7 which is using nss-3.44.0-7.el7_7.x86_64 and are affected by this bug. This PR disable nss dentry cache in readinessProbe as a workaround. --- elasticsearch/templates/statefulset.yaml | 4 ++++ kibana/templates/deployment.yaml | 5 +++++ 2 files changed, 9 insertions(+) diff --git a/elasticsearch/templates/statefulset.yaml b/elasticsearch/templates/statefulset.yaml index 21c94c798..0450a0cbc 100644 --- a/elasticsearch/templates/statefulset.yaml +++ b/elasticsearch/templates/statefulset.yaml @@ -233,6 +233,10 @@ spec: # Once it has started only check that the node itself is responding START_FILE=/tmp/.es_start_file + # Disable nss cache to avoid filling dentry cache when calling curl + # This is required with Elasticsearch Docker using nss < 3.52 + export NSS_SDB_USE_CACHE=no + http () { local path="${1}" local args="${2}" diff --git a/kibana/templates/deployment.yaml b/kibana/templates/deployment.yaml index 5555d2ad0..44920abb9 100644 --- a/kibana/templates/deployment.yaml +++ b/kibana/templates/deployment.yaml @@ -105,6 +105,11 @@ spec: - -c - | #!/usr/bin/env bash -e + + # Disable nss cache to avoid filling dentry cache when calling curl + # This is required with Kibana Docker using nss < 3.52 + export NSS_SDB_USE_CACHE=no + http () { local path="${1}" set -- -XGET -s --fail -L From 45c054e3b1df2acc4606b17b9d58a493ab2baabd Mon Sep 17 00:00:00 2001 From: Hanfei Shen Date: Fri, 2 Oct 2020 20:24:01 +0800 Subject: [PATCH 084/151] support tpl in logstashConfig, logstashPipeline and kibanaConfig (#717) --- kibana/templates/configmap.yaml | 2 +- logstash/templates/configmap-config.yaml | 2 +- logstash/templates/configmap-pipeline.yaml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/kibana/templates/configmap.yaml b/kibana/templates/configmap.yaml index 2c9dc0fba..98977a840 100644 --- a/kibana/templates/configmap.yaml +++ b/kibana/templates/configmap.yaml @@ -8,6 +8,6 @@ metadata: data: {{- range $path, $config := .Values.kibanaConfig }} {{ $path }}: | -{{ $config | indent 4 -}} +{{ tpl $config $ | indent 4 -}} {{- end -}} {{- end -}} diff --git a/logstash/templates/configmap-config.yaml b/logstash/templates/configmap-config.yaml index e69d524d0..638038435 100644 --- a/logstash/templates/configmap-config.yaml +++ b/logstash/templates/configmap-config.yaml @@ -12,6 +12,6 @@ metadata: data: {{- range $path, $config := .Values.logstashConfig }} {{ $path }}: | -{{ $config | indent 4 -}} +{{ tpl $config $ | indent 4 -}} {{- end -}} {{- end -}} diff --git a/logstash/templates/configmap-pipeline.yaml b/logstash/templates/configmap-pipeline.yaml index 5ce180ff7..2a92bd4a1 100644 --- a/logstash/templates/configmap-pipeline.yaml +++ b/logstash/templates/configmap-pipeline.yaml @@ -12,6 +12,6 @@ metadata: data: {{- range $path, $config := .Values.logstashPipeline }} {{ $path }}: | -{{ $config | indent 4 -}} +{{ tpl $config $ | indent 4 -}} {{- end -}} {{- end -}} From b38a4fc8112d6ff5422514896e2dc611ac0947f7 Mon Sep 17 00:00:00 2001 From: Igor Kliushnikov Date: Fri, 2 Oct 2020 15:22:44 +0200 Subject: [PATCH 085/151] [metricbeat] support deployment/daemonset specific metrics (#820) * [metricbeat] support deployment/daemonset specific metrics * chore: rename test_adding_legacy_labels to test_adding_deprecated_labels --- metricbeat/README.md | 4 +- metricbeat/templates/daemonset.yaml | 12 ++++ metricbeat/templates/deployment.yaml | 15 +++++ metricbeat/tests/metricbeat_test.py | 87 ++++++++++++++++++++++++++-- metricbeat/values.yaml | 8 ++- 5 files changed, 117 insertions(+), 9 deletions(-) diff --git a/metricbeat/README.md b/metricbeat/README.md index 80747cc70..eb01eb7b8 100644 --- a/metricbeat/README.md +++ b/metricbeat/README.md @@ -92,6 +92,7 @@ as a reference. They are also used in the automated testing of this chart. |--------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------| | `clusterRoleRules` | Configurable [cluster role rules][] that Metricbeat uses to access Kubernetes resources | see [values.yaml][] | | `daemonset.annotations` | Configurable [annotations][] for Metricbeat daemonset | `{}` | +| `daemonset.labels` | Configurable [labels][] applied to all Metricbeat DaemonSet pods | `{}` | | `daemonset.affinity` | Configurable [affinity][] for Metricbeat daemonset | `{}` | | `daemonset.enabled` | If true, enable daemonset | `true` | | `daemonset.envFrom` | Templatable string of `envFrom` to be passed to the [environment from variables][] which will be appended to Metricbeat container for DaemonSet | `[]` | @@ -106,6 +107,7 @@ as a reference. They are also used in the automated testing of this chart. | `daemonset.securityContext` | Configurable [securityContext][] for Metricbeat DaemonSet pod execution environment | see [values.yaml][] | | `daemonset.tolerations` | Configurable [tolerations][] for Metricbeat DaemonSet | `[]` | | `deployment.annotations` | Configurable [annotations][] for Metricbeat Deployment | `{}` | +| `deployment.labels` | Configurable [labels][] applied to all Metricbeat Deployment pods | `{}` | | `deployment.affinity` | Configurable [affinity][] for Metricbeat Deployment | `{}` | | `deployment.enabled` | If true, enable deployment | `true` | | `deployment.envFrom` | Templatable string of `envFrom` to be passed to the [environment from variables][] which will be appended to Metricbeat container for Deployment | `[]` | @@ -128,7 +130,6 @@ as a reference. They are also used in the automated testing of this chart. | `image` | The Metricbeat Docker image | `docker.elastic.co/beats/metricbeat` | | `kube_state_metrics.enabled` | Install [kube-state-metrics](https://github.com/helm/charts/tree/master/stable/kube-state-metrics) as a dependency | `true` | | `kube_state_metrics.host` | Define kube-state-metrics endpoint for an existing deployment. Works only if `kube_state_metrics.enabled: false` | `""` | -| `labels` | Configurable [labels][] applied to all Metricbeat pods | `{}` | | `livenessProbe` | Parameters to pass to liveness [probe][] checks for values such as timeouts and thresholds | see [values.yaml][] | | `managedServiceAccount` | Whether the `serviceAccount` should be managed by this helm chart. Set this to `false` in order to manage your own service account and related roles | `true` | | `nameOverride` | Overrides the chart name for resources. If not set the name will default to `.Chart.Name` | `""` | @@ -157,6 +158,7 @@ as a reference. They are also used in the automated testing of this chart. | `resources` | Allows you to set the [resources][] for both Metricbeat DaemonSet and Deployment | `{}` | | `secretMounts` | Allows you easily mount a secret as a file inside DaemonSet and Deployment Useful for mounting certificates and other secrets | `[]` | | `tolerations` | Configurable [tolerations][] for both Metricbeat DaemonSet and Deployment | `[]` | +| `labels` | Configurable [labels][] applied to all Metricbeat pods | `[]` | ## FAQ diff --git a/metricbeat/templates/daemonset.yaml b/metricbeat/templates/daemonset.yaml index fe9b457d5..e8ef55ac9 100644 --- a/metricbeat/templates/daemonset.yaml +++ b/metricbeat/templates/daemonset.yaml @@ -9,9 +9,15 @@ metadata: chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" heritage: {{ .Release.Service | quote }} release: {{ .Release.Name | quote }} + {{- if .Values.daemonset.labels }} + {{- range $key, $value := .Values.daemonset.labels }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- else }} {{- range $key, $value := .Values.labels }} {{ $key }}: {{ $value | quote }} {{- end }} + {{- end }} {{- if .Values.daemonset.annotations}} annotations: {{- range $key, $value := .Values.daemonset.annotations }} @@ -41,9 +47,15 @@ spec: chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" heritage: {{ .Release.Service | quote }} release: {{ .Release.Name | quote }} + {{- if .Values.daemonset.labels }} + {{- range $key, $value := .Values.daemonset.labels }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- else }} {{- range $key, $value := .Values.labels }} {{ $key }}: {{ $value | quote }} {{- end }} + {{- end }} spec: affinity: {{ toYaml ( .Values.affinity | default .Values.daemonset.affinity ) | nindent 8 }} nodeSelector: {{ toYaml ( .Values.nodeSelector | default .Values.daemonset.nodeSelector ) | nindent 8 }} diff --git a/metricbeat/templates/deployment.yaml b/metricbeat/templates/deployment.yaml index 6e9c28128..e9d682b2e 100644 --- a/metricbeat/templates/deployment.yaml +++ b/metricbeat/templates/deployment.yaml @@ -10,6 +10,15 @@ metadata: chart: '{{ .Chart.Name }}-{{ .Chart.Version }}' heritage: '{{ .Release.Service }}' release: '{{ .Release.Name }}' + {{- if .Values.deployment.labels }} + {{- range $key, $value := .Values.deployment.labels }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- else }} + {{- range $key, $value := .Values.labels }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} {{- if .Values.deployment.annotations}} annotations: {{- range $key, $value := .Values.deployment.annotations }} @@ -38,9 +47,15 @@ spec: chart: '{{ .Chart.Name }}-{{ .Chart.Version }}' heritage: '{{ .Release.Service }}' release: '{{ .Release.Name }}' + {{- if .Values.deployment.labels }} + {{- range $key, $value := .Values.deployment.labels }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- else }} {{- range $key, $value := .Values.labels }} {{ $key }}: {{ $value | quote }} {{- end }} + {{- end }} spec: affinity: {{ toYaml .Values.deployment.affinity | nindent 8 }} nodeSelector: {{ toYaml .Values.deployment.nodeSelector | nindent 8 }} diff --git a/metricbeat/tests/metricbeat_test.py b/metricbeat/tests/metricbeat_test.py index fcc476c4c..79adb379b 100644 --- a/metricbeat/tests/metricbeat_test.py +++ b/metricbeat/tests/metricbeat_test.py @@ -968,24 +968,101 @@ def test_cluster_role_rules(): assert rules["resources"][0] == "something" -def test_adding_pod_labels(): +def test_adding_deprecated_labels(): config = """ labels: - app.kubernetes.io/name: metricbeat + app-test: metricbeat """ r = helm_template(config) + assert r["daemonset"][name]["metadata"]["labels"]["app-test"] == "metricbeat" assert ( - r["daemonset"][name]["metadata"]["labels"]["app.kubernetes.io/name"] + r["deployment"][name + "-metrics"]["metadata"]["labels"]["app-test"] == "metricbeat" ) assert ( - r["daemonset"][name]["spec"]["template"]["metadata"]["labels"][ - "app.kubernetes.io/name" + r["daemonset"][name]["spec"]["template"]["metadata"]["labels"]["app-test"] + == "metricbeat" + ) + assert ( + r["deployment"][name + "-metrics"]["spec"]["template"]["metadata"]["labels"][ + "app-test" + ] + == "metricbeat" + ) + + +def test_adding_daemonset_labels(): + config = """ +daemonset: + labels: + app-test: metricbeat +""" + r = helm_template(config) + assert r["daemonset"][name]["metadata"]["labels"]["app-test"] == "metricbeat" + assert ( + r["daemonset"][name]["spec"]["template"]["metadata"]["labels"]["app-test"] + == "metricbeat" + ) + + +def test_adding_daemonset_labels_surpasses_root_labels(): + config = """ +labels: + app-test: root-metricbeat +daemonset: + labels: + app-test: daemonset-metricbeat +""" + r = helm_template(config) + assert ( + r["daemonset"][name]["metadata"]["labels"]["app-test"] == "daemonset-metricbeat" + ) + assert ( + r["daemonset"][name]["spec"]["template"]["metadata"]["labels"]["app-test"] + == "daemonset-metricbeat" + ) + + +def test_adding_deployment_labels(): + config = """ +deployment: + labels: + app-test: metricbeat +""" + r = helm_template(config) + assert ( + r["deployment"][name + "-metrics"]["metadata"]["labels"]["app-test"] + == "metricbeat" + ) + assert ( + r["deployment"][name + "-metrics"]["spec"]["template"]["metadata"]["labels"][ + "app-test" ] == "metricbeat" ) +def test_adding_deployment_labels_surpasses_root_labels(): + config = """ +labels: + app-test: root-metricbeat +deployment: + labels: + app-test: deployment-metricbeat +""" + r = helm_template(config) + assert ( + r["deployment"][name + "-metrics"]["metadata"]["labels"]["app-test"] + == "deployment-metricbeat" + ) + assert ( + r["deployment"][name + "-metrics"]["spec"]["template"]["metadata"]["labels"][ + "app-test" + ] + == "deployment-metricbeat" + ) + + def test_adding_serviceaccount_annotations(): config = """ serviceAccountAnnotations: diff --git a/metricbeat/values.yaml b/metricbeat/values.yaml index 244526c01..560eced2a 100755 --- a/metricbeat/values.yaml +++ b/metricbeat/values.yaml @@ -3,6 +3,8 @@ daemonset: # Annotations to apply to the daemonset annotations: {} + # additionals labels + labels: {} affinity: {} # Include the daemonset enabled: true @@ -97,6 +99,8 @@ daemonset: deployment: # Annotations to apply to the deployment annotations: {} + # additionals labels + labels: {} affinity: {} # Include the deployment enabled: true @@ -197,9 +201,6 @@ readinessProbe: periodSeconds: 10 timeoutSeconds: 5 -# additionals labels -labels: {} - # Whether this chart should self-manage its service account, role, and associated role binding. managedServiceAccount: true @@ -285,3 +286,4 @@ podSecurityContext: {} resources: {} secretMounts: [] tolerations: [] +labels: {} From 288171ff8ff9af81601dfc50abb9c028ae1781ea Mon Sep 17 00:00:00 2001 From: orong-pp <35888887+orong-pp@users.noreply.github.com> Date: Mon, 5 Oct 2020 14:02:19 +0300 Subject: [PATCH 086/151] [filebeat] introduce dnsConfig values for the containers (#659) Co-authored-by: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> --- filebeat/README.md | 2 ++ filebeat/templates/daemonset.yaml | 3 +++ filebeat/values.yaml | 4 ++++ 3 files changed, 9 insertions(+) diff --git a/filebeat/README.md b/filebeat/README.md index 339cfb1b5..05a46adc9 100644 --- a/filebeat/README.md +++ b/filebeat/README.md @@ -103,6 +103,7 @@ as a reference. They are also used in the automated testing of this chart. | `filebeatConfig` | Allows you to add any config files in `/usr/share/filebeat` such as `filebeat.yml` | see [values.yaml][] | | `fullnameOverride` | Overrides the full name of the resources. If not set the name will default to " `.Release.Name` - `.Values.nameOverride or .Chart.Name` " | `""` | | `hostNetworking` | Use host networking in the DaemonSet so that hostname is reported correctly | `false` | +| `dnsConfig` | Configurable [dnsConfig][] | `{}` | | `hostPathRoot` | Fully-qualified [hostPath][] that will be used to persist Filebeat registry data | `/var/lib` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | @@ -204,6 +205,7 @@ about our development and testing process. [helm]: https://helm.sh [helm 3 (beta)]: https://github.com/elastic/helm-charts/tree/master/README.md#helm-3-beta [hostNetwork]: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#host-namespaces +[dnsConfig]: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/ [hostPath]: https://kubernetes.io/docs/concepts/storage/volumes/#hostpath [imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images [imagePullSecrets]: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret diff --git a/filebeat/templates/daemonset.yaml b/filebeat/templates/daemonset.yaml index 1cf3106e5..94e286bdf 100644 --- a/filebeat/templates/daemonset.yaml +++ b/filebeat/templates/daemonset.yaml @@ -56,6 +56,9 @@ spec: hostNetwork: true dnsPolicy: ClusterFirstWithHostNet {{- end }} + {{- if .Values.dnsConfig }} + dnsConfig: {{ toYaml .Values.dnsConfig | nindent 8 }} + {{- end }} volumes: {{- range .Values.secretMounts }} - name: {{ .name }} diff --git a/filebeat/values.yaml b/filebeat/values.yaml index fbb26ece5..3b2042660 100755 --- a/filebeat/values.yaml +++ b/filebeat/values.yaml @@ -51,6 +51,10 @@ envFrom: [] # Root directory where Filebeat will write data to in order to persist registry data across pod restarts (file position and other metadata). hostPathRoot: /var/lib hostNetworking: false +dnsConfig: {} +# options: +# - name: ndots +# value: "2" image: "docker.elastic.co/beats/filebeat" imageTag: "7.10.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" From 30373da5b020888efaf2282397495288e5a80544 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Wed, 14 Oct 2020 19:11:04 +0200 Subject: [PATCH 087/151] [logstash] use only httpPort in headless service (#839) This commit fix an issue introduced in 8ed75a9 where helm install/upgrade is failing if a NodePort service is defined (see [0] for more details). Logstash headless service used to manage Statefulset does not anymore include `.Values.service.ports` and include only Logstash httpPort. This is done because headless service `ports` doesn't accept `nodePort` values that can be included in `.Values.service.ports` when adding a NodePort service. [0]: https://github.com/elastic/helm-charts/issues/807 --- logstash/templates/service-headless.yaml | 4 ---- logstash/tests/logstash_test.py | 7 ------- 2 files changed, 11 deletions(-) diff --git a/logstash/templates/service-headless.yaml b/logstash/templates/service-headless.yaml index 157e4a66f..47148dfb0 100644 --- a/logstash/templates/service-headless.yaml +++ b/logstash/templates/service-headless.yaml @@ -16,9 +16,5 @@ spec: selector: app: "{{ template "logstash.fullname" . }}" ports: -{{- if .Values.service }} -{{ toYaml .Values.service.ports | indent 4 }} -{{- else }} - name: http port: {{ .Values.httpPort }} -{{- end }} diff --git a/logstash/tests/logstash_test.py b/logstash/tests/logstash_test.py index a96ce0a20..6b29dacdf 100755 --- a/logstash/tests/logstash_test.py +++ b/logstash/tests/logstash_test.py @@ -860,13 +860,6 @@ def test_adding_a_service(): "protocol": "TCP", "targetPort": 5044, } - h = r["service"][name + "-headless"] - assert h["spec"]["ports"][0] == { - "name": "beats", - "port": 5044, - "protocol": "TCP", - "targetPort": 5044, - } def test_setting_fullnameOverride(): From 22b0c8b1828ff0084155f8d3e75f493ce1399bc7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Belo?= <1877535+jnbelo@users.noreply.github.com> Date: Fri, 16 Oct 2020 14:15:37 +0100 Subject: [PATCH 088/151] Added ingress support to the logstash chart (#793) --- logstash/README.md | 7 +++++- logstash/templates/_helpers.tpl | 11 +++++++++ logstash/templates/ingress.yaml | 33 +++++++++++++++++++++++++++ logstash/tests/logstash_test.py | 40 ++++++++++++++++++++++++++------- logstash/values.yaml | 10 +++++++++ 5 files changed, 92 insertions(+), 9 deletions(-) create mode 100644 logstash/templates/ingress.yaml diff --git a/logstash/README.md b/logstash/README.md index 92cd3a59d..e5516a9ce 100644 --- a/logstash/README.md +++ b/logstash/README.md @@ -96,6 +96,8 @@ in this [note][]). to make default probes work. If restricting HTTP API to 127.0.0.1 is required by using `http.host: 127.0.0.1`, default probes should be disabled or overrided (see [values.yaml][] for the good syntax). +* An ingress is provided that can be used to expose the HTTP port. This can be +useful for the [http input plugin][], for instance. ## Configuration @@ -115,9 +117,10 @@ using `http.host: 127.0.0.1`, default probes should be disabled or overrided | `httpPort` | The http port that Kubernetes will use for the healthchecks and the service | `9600` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The Logstash Docker image tag | `7.10.0-SNAPSHOT` | +| `imageTag` | The Logstash Docker image tag | `8.0.0-SNAPSHOT` | | `image` | The Logstash Docker image | `docker.elastic.co/logstash/logstash` | | `labels` | Configurable [labels][] applied to all Logstash pods | `{}` | +| `ingress` | Configurable [ingress][] for external access to Logstash HTTP port. | see [values.yaml][] | | `lifecycle` | Allows you to add lifecycle configuration. See [values.yaml][] for an example of the formatting | `{}` | | `livenessProbe` | Configuration fields for the liveness [probe][] | see [values.yaml][] | | `logstashConfig` | Allows you to add any config files in `/usr/share/logstash/config/` such as `logstash.yml` and `log4j2.properties` See [values.yaml][] for an example of the formatting | `{}` | @@ -204,8 +207,10 @@ about our development and testing process. [examples/oss]: https://github.com/elastic/helm-charts/tree/7.x/logstash/examples/oss [helm]: https://helm.sh [helm 3 (beta)]: https://github.com/elastic/helm-charts/tree/master/README.md#helm-3-beta +[http input plugin]: https://www.elastic.co/guide/en/logstash/current/plugins-inputs-http.html [imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images [imagePullSecrets]: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret +[ingress]: https://kubernetes.io/docs/concepts/services-networking/ingress/ [kubernetes secrets]: https://kubernetes.io/docs/concepts/configuration/secret/ [labels]: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ [logstash docker image]: https://www.elastic.co/guide/en/logstash/7.x/docker.html diff --git a/logstash/templates/_helpers.tpl b/logstash/templates/_helpers.tpl index 162a3ee08..d240a026e 100755 --- a/logstash/templates/_helpers.tpl +++ b/logstash/templates/_helpers.tpl @@ -29,3 +29,14 @@ Return the appropriate apiVersion for statefulset. {{- print "apps/v1" -}} {{- end -}} {{- end -}} + +{{/* +Return the appropriate apiVersion for ingress. +*/}} +{{- define "logstash.ingress.apiVersion" -}} +{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}} +{{- print "extensions/v1beta1" -}} +{{- else -}} +{{- print "networking.k8s.io/v1beta1" -}} +{{- end -}} +{{- end -}} diff --git a/logstash/templates/ingress.yaml b/logstash/templates/ingress.yaml new file mode 100644 index 000000000..cef5666b9 --- /dev/null +++ b/logstash/templates/ingress.yaml @@ -0,0 +1,33 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "logstash.fullname" . -}} +apiVersion: {{ template "logstash.ingress.apiVersion" . }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + app: {{ $fullName | quote}} + chart: "{{ .Chart.Name }}" + heritage: {{ .Release.Service | quote }} + release: {{ .Release.Name | quote }} +{{- with .Values.ingress.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} +spec: +{{- if .Values.ingress.tls }} + tls: +{{ toYaml .Values.ingress.tls | indent 4 }} +{{- end }} + rules: + {{- range $.Values.ingress.hosts }} + - host: {{ .host }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + backend: + serviceName: {{ $fullName }} + servicePort: {{ .servicePort }} + {{- end }} + {{- end }} +{{- end }} diff --git a/logstash/tests/logstash_test.py b/logstash/tests/logstash_test.py index 6b29dacdf..caee32c29 100755 --- a/logstash/tests/logstash_test.py +++ b/logstash/tests/logstash_test.py @@ -234,7 +234,7 @@ def test_adding_persistence(): assert c["volumeMounts"][0]["mountPath"] == "/usr/share/logstash/data" assert c["volumeMounts"][0]["name"] == name - v = r["statefulset"]["release-name-logstash"]["spec"]["volumeClaimTemplates"][0] + v = r["statefulset"][name]["spec"]["volumeClaimTemplates"][0] assert v["metadata"]["name"] == name assert v["spec"]["accessModes"] == ["ReadWriteOnce"] assert v["spec"]["resources"]["requests"]["storage"] == "1Gi" @@ -540,9 +540,9 @@ def test_adding_a_node_affinity(): - myvalue """ r = helm_template(config) - assert r["statefulset"]["release-name-logstash"]["spec"]["template"]["spec"][ - "affinity" - ]["nodeAffinity"] == { + assert r["statefulset"][name]["spec"]["template"]["spec"]["affinity"][ + "nodeAffinity" + ] == { "preferredDuringSchedulingIgnoredDuringExecution": [ { "weight": 100, @@ -580,10 +580,9 @@ def test_adding_in_logstash_config(): s = r["statefulset"][name]["spec"]["template"]["spec"] - assert { - "configMap": {"name": "release-name-logstash-config"}, - "name": "logstashconfig", - } in s["volumes"] + assert {"configMap": {"name": name + "-config"}, "name": "logstashconfig",} in s[ + "volumes" + ] assert { "mountPath": "/usr/share/logstash/config/logstash.yml", "name": "logstashconfig", @@ -876,3 +875,28 @@ def test_setting_fullnameOverride(): ] == "logstash" ) + + +def test_adding_an_ingress(): + config = """ +ingress: + enabled: true + annotations: {} + hosts: + - host: logstash.local + paths: + - path: /logs + servicePort: 8080 +""" + r = helm_template(config) + s = r["ingress"][name] + assert s["metadata"]["name"] == name + assert len(s["spec"]["rules"]) == 1 + assert s["spec"]["rules"][0] == { + "host": "logstash.local", + "http": { + "paths": [ + {"path": "/logs", "backend": {"serviceName": name, "servicePort": 8080}} + ] + }, + } diff --git a/logstash/values.yaml b/logstash/values.yaml index fd2f8ee22..15d1e9ecb 100755 --- a/logstash/values.yaml +++ b/logstash/values.yaml @@ -246,3 +246,13 @@ service: {} # port: 8080 # protocol: TCP # targetPort: 8080 + +ingress: + enabled: false +# annotations: {} +# hosts: +# - host: logstash.local +# paths: +# - path: /logs +# servicePort: 8080 +# tls: [] From 5918d20a0cd8eb631c39cec3c58ae6be02c28dc2 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Fri, 16 Oct 2020 15:39:17 +0200 Subject: [PATCH 089/151] fixup! Added ingress support to the logstash chart (#793) --- logstash/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/logstash/README.md b/logstash/README.md index e5516a9ce..20c0814df 100644 --- a/logstash/README.md +++ b/logstash/README.md @@ -117,7 +117,7 @@ useful for the [http input plugin][], for instance. | `httpPort` | The http port that Kubernetes will use for the healthchecks and the service | `9600` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The Logstash Docker image tag | `8.0.0-SNAPSHOT` | +| `imageTag` | The Logstash Docker image tag | `7.9.3-SNAPSHOT` | | `image` | The Logstash Docker image | `docker.elastic.co/logstash/logstash` | | `labels` | Configurable [labels][] applied to all Logstash pods | `{}` | | `ingress` | Configurable [ingress][] for external access to Logstash HTTP port. | see [values.yaml][] | From d8f2b4bd267370d42267924fdfdef4705ef1c0ae Mon Sep 17 00:00:00 2001 From: Thomas Decaux Date: Tue, 20 Oct 2020 13:10:24 +0200 Subject: [PATCH 090/151] [Metricbeat] Dont generate config if not enabled (#767) If for daemonset/deployment is not enabled, dont generate useless config YAML. --- metricbeat/templates/configmap.yaml | 4 ++-- metricbeat/tests/metricbeat_test.py | 6 ++++++ 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/metricbeat/templates/configmap.yaml b/metricbeat/templates/configmap.yaml index 54183db1b..1272402b5 100644 --- a/metricbeat/templates/configmap.yaml +++ b/metricbeat/templates/configmap.yaml @@ -16,7 +16,7 @@ data: {{- end -}} {{- end -}} -{{- if .Values.daemonset.metricbeatConfig }} +{{- if and .Values.daemonset.enabled .Values.daemonset.metricbeatConfig }} --- apiVersion: v1 kind: ConfigMap @@ -34,7 +34,7 @@ data: {{- end -}} {{- end -}} -{{- if .Values.deployment.metricbeatConfig }} +{{- if and .Values.deployment.enabled .Values.deployment.metricbeatConfig }} --- apiVersion: v1 kind: ConfigMap diff --git a/metricbeat/tests/metricbeat_test.py b/metricbeat/tests/metricbeat_test.py index 79adb379b..557fd9cdb 100644 --- a/metricbeat/tests/metricbeat_test.py +++ b/metricbeat/tests/metricbeat_test.py @@ -1257,8 +1257,11 @@ def test_disable_daemonset(): enabled: false """ r = helm_template(config) + cfg = r["configmap"] assert name not in r.get("daemonset", {}) + assert name + "-daemonset-config" not in cfg + assert name + "-deployment-config" in cfg def test_disable_deployment(): @@ -1267,8 +1270,11 @@ def test_disable_deployment(): enabled: false """ r = helm_template(config) + cfg = r["configmap"] assert name + "-metrics" not in r.get("deployment", {}) + assert name + "-daemonset-config" in cfg + assert name + "-deployment-config" not in cfg def test_do_not_install_kube_stat_metrics(): From 5d351fb1e666c6b57f1c4832ececeb9ea269c563 Mon Sep 17 00:00:00 2001 From: Nassim Kammah Date: Wed, 21 Oct 2020 17:53:54 +0200 Subject: [PATCH 091/151] [all] Simplify doc in 7.x branch (#860) * Streamline charts README doc --- apm-server/README.md | 11 ++++------- elasticsearch/README.md | 10 ++++------ filebeat/README.md | 10 ++++------ kibana/README.md | 10 ++++------ logstash/README.md | 10 ++++------ metricbeat/README.md | 10 ++++------ 6 files changed, 24 insertions(+), 37 deletions(-) diff --git a/apm-server/README.md b/apm-server/README.md index 4f72cd488..769143f37 100644 --- a/apm-server/README.md +++ b/apm-server/README.md @@ -8,9 +8,7 @@ The design and code is less mature than official GA features and is being provided as-is with no warranties. Alpha features are not subject to the support SLA of official GA features (see [supported configurations][] for more details). -**Warning**: This branch is used for development, please use [7.7.1][] release -for released version. - +**Warning**: This branch is used for development, please use the latest [7.x][] release for released version. @@ -51,8 +49,8 @@ This chart is tested with the latest 7.10.0-SNAPSHOT versions. `helm repo add elastic https://helm.elastic.co` * Install it: - - with Helm 2: `helm install --name apm-server elastic/apm-server` - - with [Helm 3 (beta)][]: `helm install apm-server elastic/apm-server` + - with Helm 2: `helm install --name apm-server --version elastic/apm-server` + - with [Helm 3 (beta)][]: `helm install apm-server --version elastic/apm-server` ### Install development version using 7.x branch and 7.10.0-SNAPSHOT versions @@ -147,8 +145,7 @@ An example of APM Server deployment using OSS version can be found in Please check [CONTRIBUTING.md][] before any contribution or for any questions about our development and testing process. - -[7.7.1]: https://github.com/elastic/helm-charts/blob/7.7.1/apm-server/README.md +[7.x]: https://github.com/elastic/helm-charts/releases [BREAKING_CHANGES.md]: https://github.com/elastic/helm-charts/blob/master/BREAKING_CHANGES.md [CHANGELOG.md]: https://github.com/elastic/helm-charts/blob/master/CHANGELOG.md [CONTRIBUTING.md]: https://github.com/elastic/helm-charts/blob/master/CONTRIBUTING.md diff --git a/elasticsearch/README.md b/elasticsearch/README.md index c0f53da52..41cd4df01 100644 --- a/elasticsearch/README.md +++ b/elasticsearch/README.md @@ -3,9 +3,7 @@ This Helm chart is a lightweight way to configure and run our official [Elasticsearch Docker image][]. -**Warning**: This branch is used for development, please use [7.7.1][] release -for released version. - +**Warning**: This branch is used for development, please use the latest [7.x][] release for released version. @@ -61,8 +59,8 @@ This chart is tested with the latest 7.10.0-SNAPSHOT versions. `helm repo add elastic https://helm.elastic.co` * Install it: - - with Helm 2: `helm install --name elasticsearch elastic/elasticsearch` - - with [Helm 3 (beta)][]: `helm install elasticsearch elastic/elasticsearch` + - with Helm 2: `helm install --name elasticsearch --version elastic/elasticsearch` + - with [Helm 3 (beta)][]: `helm install elasticsearch --version elastic/elasticsearch` ### Install development version using 7.x branch and 7.10.0-SNAPSHOT versions @@ -387,7 +385,7 @@ lifecycle: Please check [CONTRIBUTING.md][] before any contribution or for any questions about our development and testing process. - +[7.x]: https://github.com/elastic/helm-charts/releases [#63]: https://github.com/elastic/helm-charts/issues/63 [7.7.1]: https://github.com/elastic/helm-charts/blob/7.7.1/elasticsearch/README.md [BREAKING_CHANGES.md]: https://github.com/elastic/helm-charts/blob/master/BREAKING_CHANGES.md diff --git a/filebeat/README.md b/filebeat/README.md index 05a46adc9..25d1b695c 100644 --- a/filebeat/README.md +++ b/filebeat/README.md @@ -3,9 +3,7 @@ This Helm chart is a lightweight way to configure and run our official [Filebeat Docker image][]. -**Warning**: This branch is used for development, please use [7.7.1][] release -for released version. - +**Warning**: This branch is used for development, please use the latest [7.x][] release for released version. @@ -48,8 +46,8 @@ This chart is tested with the latest 7.10.0-SNAPSHOT versions. `helm repo add elastic https://helm.elastic.co` * Install it: - - with Helm 2: `helm install --name filebeat elastic/filebeat` - - with [Helm 3 (beta)][]: `helm install filebeat elastic/filebeat` + - with Helm 2: `helm install --name filebeat --version elastic/filebeat` + - with [Helm 3 (beta)][]: `helm install filebeat --version elastic/filebeat` ### Install development version using 7.x branch and 7.10.0-SNAPSHOT versions @@ -186,7 +184,7 @@ readinessProbe: Please check [CONTRIBUTING.md][] before any contribution or for any questions about our development and testing process. - +[7.x]: https://github.com/elastic/helm-charts/releases [7.7.1]: https://github.com/elastic/helm-charts/blob/7.7.1/filebeat/README.md [BREAKING_CHANGES.md]: https://github.com/elastic/helm-charts/blob/master/BREAKING_CHANGES.md [CHANGELOG.md]: https://github.com/elastic/helm-charts/blob/master/CHANGELOG.md diff --git a/kibana/README.md b/kibana/README.md index e2b7eec84..73a79885c 100644 --- a/kibana/README.md +++ b/kibana/README.md @@ -3,9 +3,7 @@ This Helm chart is a lightweight way to configure and run our official [Kibana Docker image][]. -**Warning**: This branch is used for development, please use [7.7.1][] release -for released version. - +**Warning**: This branch is used for development, please use the latest [7.x][] release for released version. @@ -49,8 +47,8 @@ This chart is tested with the latest 7.10.0-SNAPSHOT versions. `helm repo add elastic https://helm.elastic.co` * Install it: - - with Helm 2: `helm install --name kibana elastic/kibana` - - with [Helm 3 (beta)][]: `helm install kibana elastic/kibana` + - with Helm 2: `helm install --name kibana --version elastic/kibana` + - with [Helm 3 (beta)][]: `helm install kibana --version elastic/kibana` ### Install development version using 7.x branch and 7.10.0-SNAPSHOT versions @@ -203,7 +201,7 @@ lifecycle: Please check [CONTRIBUTING.md][] before any contribution or for any questions about our development and testing process. - +[7.x]: https://github.com/elastic/helm-charts/releases [7.7.1]: https://github.com/elastic/helm-charts/blob/7.7.1/kibana/README.md [BREAKING_CHANGES.md]: https://github.com/elastic/helm-charts/blob/master/BREAKING_CHANGES.md [CHANGELOG.md]: https://github.com/elastic/helm-charts/blob/master/CHANGELOG.md diff --git a/logstash/README.md b/logstash/README.md index 20c0814df..0c3a9a39f 100644 --- a/logstash/README.md +++ b/logstash/README.md @@ -8,9 +8,7 @@ The design and code is less mature than official GA features and is being provided as-is with no warranties. Alpha features are not subject to the support SLA of official GA features (see [supported configurations][] for more details). -**Warning**: This branch is used for development, please use [7.7.1][] release -for released version. - +**Warning**: This branch is used for development, please use the latest [7.x][] release for released version. @@ -51,8 +49,8 @@ This chart is tested with the latest 7.10.0-SNAPSHOT versions. `helm repo add elastic https://helm.elastic.co` * Install it: - - with Helm 2: `helm install --name logstash elastic/logstash` - - with [Helm 3 (beta)][]: `helm install logstash elastic/logstash` + - with Helm 2: `helm install --name logstash --version elastic/logstash` + - with [Helm 3 (beta)][]: `helm install logstash --version elastic/logstash` ### Install development version using 7.x branch and 7.10.0-SNAPSHOT versions @@ -191,7 +189,7 @@ against best practices of containers and immutable infrastructure. Please check [CONTRIBUTING.md][] before any contribution or for any questions about our development and testing process. - +[7.x]: https://github.com/elastic/helm-charts/releases [7.7.1]: https://github.com/elastic/helm-charts/blob/7.7.1/logstash/README.md [BREAKING_CHANGES.md]: https://github.com/elastic/helm-charts/blob/master/BREAKING_CHANGES.md [CHANGELOG.md]: https://github.com/elastic/helm-charts/blob/master/CHANGELOG.md diff --git a/metricbeat/README.md b/metricbeat/README.md index eb01eb7b8..51f1bef1f 100644 --- a/metricbeat/README.md +++ b/metricbeat/README.md @@ -3,9 +3,7 @@ This Helm chart is a lightweight way to configure and run our official [Metricbeat Docker image][]. -**Warning**: This branch is used for development, please use [7.7.1][] release -for released version. - +**Warning**: This branch is used for development, please use the latest [7.x][] release for released version. @@ -48,8 +46,8 @@ This chart is tested with the latest 7.10.0-SNAPSHOT versions. `helm repo add elastic https://helm.elastic.co` * Install it: - - with Helm 2: `helm install --name metricbeat elastic/metricbeat` - - with [Helm 3 (beta)][]: `helm install metricbeat elastic/metricbeat` + - with Helm 2: `helm install --name metricbeat --version elastic/metricbeat` + - with [Helm 3 (beta)][]: `helm install metricbeat --version elastic/metricbeat` ### Install development version using 7.x branch and 7.10.0-SNAPSHOT versions @@ -210,7 +208,7 @@ same node. Please check [CONTRIBUTING.md][] before any contribution or for any questions about our development and testing process. - +[7.x]: https://github.com/elastic/helm-charts/releases [#471]: https://github.com/elastic/helm-charts/pull/471 [7.7.1]: https://github.com/elastic/helm-charts/blob/7.7.1/metricbeat/README.md [BREAKING_CHANGES.md]: https://github.com/elastic/helm-charts/blob/master/BREAKING_CHANGES.md From 65e19b53e4dfa6a875835aa2759e79366e49e4c4 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Tue, 27 Oct 2020 15:43:39 +0100 Subject: [PATCH 092/151] [elasticsearch] add coordinator node to multi test (#854) This commit add a coordinator node group to elasticsearch multi test. This also add ml and remote_cluster_client roles to default values. --- elasticsearch/examples/multi/Makefile | 2 ++ elasticsearch/examples/multi/README.md | 6 ++++-- elasticsearch/examples/multi/client.yml | 14 ++++++++++++++ elasticsearch/examples/multi/data.yml | 2 ++ elasticsearch/examples/multi/master.yml | 2 ++ elasticsearch/examples/multi/test/goss.yaml | 2 +- elasticsearch/values.yaml | 2 ++ 7 files changed, 27 insertions(+), 3 deletions(-) create mode 100644 elasticsearch/examples/multi/client.yml diff --git a/elasticsearch/examples/multi/Makefile b/elasticsearch/examples/multi/Makefile index 836ec2e0f..9682966cd 100644 --- a/elasticsearch/examples/multi/Makefile +++ b/elasticsearch/examples/multi/Makefile @@ -8,9 +8,11 @@ RELEASE := helm-es-multi-master install: helm upgrade --wait --timeout=600 --install --values ./master.yml $(PREFIX)-master ../../ helm upgrade --wait --timeout=600 --install --values ./data.yml $(PREFIX)-data ../../ + helm upgrade --wait --timeout=600 --install --values ./client.yml $(PREFIX)-client ../../ test: install goss purge: helm del --purge $(PREFIX)-master helm del --purge $(PREFIX)-data + helm del --purge $(PREFIX)-client diff --git a/elasticsearch/examples/multi/README.md b/elasticsearch/examples/multi/README.md index 59df52d91..ca787a7cc 100644 --- a/elasticsearch/examples/multi/README.md +++ b/elasticsearch/examples/multi/README.md @@ -1,14 +1,15 @@ # Multi -This example deploy an Elasticsearch 7.10.0-SNAPSHOT cluster composed of 2 different Helm +This example deploy an Elasticsearch 7.10.0-SNAPSHOT cluster composed of 3 different Helm releases: - `helm-es-multi-master` for the 3 master nodes using [master values][] - `helm-es-multi-data` for the 3 data nodes using [data values][] +- `helm-es-multi-client` for the 3 client nodes using [client values][] ## Usage -* Deploy the 2 Elasticsearch releases: `make install` +* Deploy the 3 Elasticsearch releases: `make install` * You can now setup a port forward to query Elasticsearch API: @@ -22,6 +23,7 @@ releases: You can also run [goss integration tests][] using `make test` +[client values]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/multi/client.yml [data values]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/multi/data.yml [goss integration tests]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/multi/test/goss.yaml [master values]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/multi/master.yml diff --git a/elasticsearch/examples/multi/client.yml b/elasticsearch/examples/multi/client.yml new file mode 100644 index 000000000..dbe5b05aa --- /dev/null +++ b/elasticsearch/examples/multi/client.yml @@ -0,0 +1,14 @@ +--- + +clusterName: "multi" +nodeGroup: "client" + +roles: + master: "false" + ingest: "false" + data: "false" + ml: "false" + remote_cluster_client: "false" + +persistence: + enabled: false diff --git a/elasticsearch/examples/multi/data.yml b/elasticsearch/examples/multi/data.yml index ecc689337..2e3a90935 100644 --- a/elasticsearch/examples/multi/data.yml +++ b/elasticsearch/examples/multi/data.yml @@ -7,3 +7,5 @@ roles: master: "false" ingest: "true" data: "true" + ml: "false" + remote_cluster_client: "false" diff --git a/elasticsearch/examples/multi/master.yml b/elasticsearch/examples/multi/master.yml index 2ca4cca8e..6b8c08293 100644 --- a/elasticsearch/examples/multi/master.yml +++ b/elasticsearch/examples/multi/master.yml @@ -7,3 +7,5 @@ roles: master: "true" ingest: "false" data: "false" + ml: "false" + remote_cluster_client: "false" diff --git a/elasticsearch/examples/multi/test/goss.yaml b/elasticsearch/examples/multi/test/goss.yaml index 18cb25063..794416b8f 100644 --- a/elasticsearch/examples/multi/test/goss.yaml +++ b/elasticsearch/examples/multi/test/goss.yaml @@ -5,5 +5,5 @@ http: body: - 'green' - '"cluster_name":"multi"' - - '"number_of_nodes":6' + - '"number_of_nodes":9' - '"number_of_data_nodes":3' diff --git a/elasticsearch/values.yaml b/elasticsearch/values.yaml index 39dca078f..918e43464 100755 --- a/elasticsearch/values.yaml +++ b/elasticsearch/values.yaml @@ -12,6 +12,8 @@ roles: master: "true" ingest: "true" data: "true" + remote_cluster_client: "true" +# ml: "true" # ml is not availble with elasticsearch-oss replicas: 3 minimumMasterNodes: 2 From 27dde9f6f3925225255b74b99b3c6623e159d626 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Tue, 3 Nov 2020 11:35:35 +0100 Subject: [PATCH 093/151] [meta] add support for helm 2.17.0 and k8s 1.17 (#880) - Bump Helm version used in tests from 2.16.2 to 2.17.0 - Add CI tests on GKE 1.17 --- README.md | 2 +- helpers/helm-tester/Dockerfile | 2 +- helpers/matrix.yml | 1 + helpers/terraform/Dockerfile | 2 +- 4 files changed, 4 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 7e333bbb2..6fb9d4a55 100644 --- a/README.md +++ b/README.md @@ -76,7 +76,7 @@ exact versions are defined under `KUBERNETES_VERSIONS` in ### Helm versions While we are checking backward compatibility, the charts are only tested with -Helm version mentioned in [helm-tester Dockerfile][] (currently 2.16.12). +Helm version mentioned in [helm-tester Dockerfile][] (currently 2.17.0). #### Helm 3 beta diff --git a/helpers/helm-tester/Dockerfile b/helpers/helm-tester/Dockerfile index 08706c4eb..b0cefa7b1 100644 --- a/helpers/helm-tester/Dockerfile +++ b/helpers/helm-tester/Dockerfile @@ -1,6 +1,6 @@ FROM python:3.7 -ENV HELM_VERSION=2.16.12 +ENV HELM_VERSION=2.17.0 RUN wget --no-verbose https://storage.googleapis.com/kubernetes-helm/helm-v${HELM_VERSION}-linux-amd64.tar.gz && \ tar xfv helm-v${HELM_VERSION}-linux-amd64.tar.gz && \ diff --git a/helpers/matrix.yml b/helpers/matrix.yml index fb7b6d23e..cdb1956a9 100644 --- a/helpers/matrix.yml +++ b/helpers/matrix.yml @@ -36,3 +36,4 @@ APM_SERVER_SUITE: KUBERNETES_VERSION: - '1.15' - '1.16' + - '1.17' diff --git a/helpers/terraform/Dockerfile b/helpers/terraform/Dockerfile index c8e07a69e..5f49abccd 100644 --- a/helpers/terraform/Dockerfile +++ b/helpers/terraform/Dockerfile @@ -3,7 +3,7 @@ FROM centos:7 ENV VAULT_VERSION 0.9.3 ENV TERRAFORM_VERSION=0.11.7 ENV KUBECTL_VERSION=1.16.10 -ENV HELM_VERSION=2.16.12 +ENV HELM_VERSION=2.17.0 ENV DOCKER_VERSION=18.09.7 ENV JQ_VERSION=1.6 From b25cc27a0d4982b08d0b426f80a3415507ca5ab3 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Tue, 3 Nov 2020 14:37:30 +0100 Subject: [PATCH 094/151] [metricbeat] use relocated stable repo for kube-state-metrics (#882) This commit update metricbeat chart dependencies to get kube-state-metrics subchart from the newly relocated stable repo url (https://charts.helm.sh/stable). This is required because the legacy stable repo url will not work anymore starting November 13th. More details in https://helm.sh/blog/new-location-stable-incubator-charts/ --- metricbeat/requirements.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/metricbeat/requirements.lock b/metricbeat/requirements.lock index 63f207bdf..3cbe95eaf 100644 --- a/metricbeat/requirements.lock +++ b/metricbeat/requirements.lock @@ -1,6 +1,6 @@ dependencies: - name: kube-state-metrics - repository: https://kubernetes-charts.storage.googleapis.com + repository: https://charts.helm.sh/stable version: 2.4.1 digest: sha256:948dca129bc7c16b138ed8bcbdf666c324d812e43af59d475b8bb74a53e99778 -generated: "2020-04-16T16:14:03.9537312+03:00" +generated: "2020-10-30T18:58:57.381827+01:00" From fc5714402def4013392fe4de387b0c4fb13e31b9 Mon Sep 17 00:00:00 2001 From: Nassim Kammah Date: Thu, 5 Nov 2020 14:12:28 +0100 Subject: [PATCH 095/151] Add warning comment placeholder (7.x branch) (#887) Relates to https://github.com/elastic/helm-charts/pull/884 --- apm-server/README.md | 1 + elasticsearch/README.md | 1 + filebeat/README.md | 1 + kibana/README.md | 1 + logstash/README.md | 1 + metricbeat/README.md | 1 + 6 files changed, 6 insertions(+) diff --git a/apm-server/README.md b/apm-server/README.md index 769143f37..eb37ab00d 100644 --- a/apm-server/README.md +++ b/apm-server/README.md @@ -8,6 +8,7 @@ The design and code is less mature than official GA features and is being provided as-is with no warranties. Alpha features are not subject to the support SLA of official GA features (see [supported configurations][] for more details). + **Warning**: This branch is used for development, please use the latest [7.x][] release for released version. diff --git a/elasticsearch/README.md b/elasticsearch/README.md index 41cd4df01..cde684c5f 100644 --- a/elasticsearch/README.md +++ b/elasticsearch/README.md @@ -3,6 +3,7 @@ This Helm chart is a lightweight way to configure and run our official [Elasticsearch Docker image][]. + **Warning**: This branch is used for development, please use the latest [7.x][] release for released version. diff --git a/filebeat/README.md b/filebeat/README.md index 25d1b695c..a42a84b4c 100644 --- a/filebeat/README.md +++ b/filebeat/README.md @@ -3,6 +3,7 @@ This Helm chart is a lightweight way to configure and run our official [Filebeat Docker image][]. + **Warning**: This branch is used for development, please use the latest [7.x][] release for released version. diff --git a/kibana/README.md b/kibana/README.md index 73a79885c..a41741f2a 100644 --- a/kibana/README.md +++ b/kibana/README.md @@ -3,6 +3,7 @@ This Helm chart is a lightweight way to configure and run our official [Kibana Docker image][]. + **Warning**: This branch is used for development, please use the latest [7.x][] release for released version. diff --git a/logstash/README.md b/logstash/README.md index 0c3a9a39f..b70e55ca0 100644 --- a/logstash/README.md +++ b/logstash/README.md @@ -8,6 +8,7 @@ The design and code is less mature than official GA features and is being provided as-is with no warranties. Alpha features are not subject to the support SLA of official GA features (see [supported configurations][] for more details). + **Warning**: This branch is used for development, please use the latest [7.x][] release for released version. diff --git a/metricbeat/README.md b/metricbeat/README.md index 51f1bef1f..f95ac71eb 100644 --- a/metricbeat/README.md +++ b/metricbeat/README.md @@ -3,6 +3,7 @@ This Helm chart is a lightweight way to configure and run our official [Metricbeat Docker image][]. + **Warning**: This branch is used for development, please use the latest [7.x][] release for released version. From c67eb24d2807b8e4fd1f81691b626f9f6657aa7f Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Tue, 10 Nov 2020 18:06:12 +0100 Subject: [PATCH 096/151] [meta] update rbac.authorization.k8s.io api (#890) This commit updates Kubernetes [rbac.authorization.k8s.io][0] api from v1beta1 in apm-server, filebeat and metricbeat charts. - `rbac.authorization.k8s.io/v1` has been released in Kubernetes 1.8 - `rbac.authorization.k8s.io/v1beta1` is being deprecated in Kubernetes 1.17 and will be fully removed in 1.22 In addition, this is required for Helm 3 support to make `helm lint --strict` happy. [0]: https://kubernetes.io/docs/reference/access-authn-authz/rbac/ --- apm-server/templates/clusterrole.yaml | 2 +- apm-server/templates/clusterrolebinding.yaml | 2 +- filebeat/templates/clusterrole.yaml | 2 +- filebeat/templates/clusterrolebinding.yaml | 2 +- metricbeat/templates/clusterrole.yaml | 2 +- metricbeat/templates/clusterrolebinding.yaml | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/apm-server/templates/clusterrole.yaml b/apm-server/templates/clusterrole.yaml index 6e0d2bc98..2d8e1ebf8 100644 --- a/apm-server/templates/clusterrole.yaml +++ b/apm-server/templates/clusterrole.yaml @@ -1,5 +1,5 @@ {{- if .Values.managedServiceAccount }} -apiVersion: rbac.authorization.k8s.io/v1beta1 +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: {{ template "apm.serviceAccount" . }}-cluster-role diff --git a/apm-server/templates/clusterrolebinding.yaml b/apm-server/templates/clusterrolebinding.yaml index 3060496bf..c65b2be8d 100644 --- a/apm-server/templates/clusterrolebinding.yaml +++ b/apm-server/templates/clusterrolebinding.yaml @@ -1,5 +1,5 @@ {{- if .Values.managedServiceAccount }} -apiVersion: rbac.authorization.k8s.io/v1beta1 +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: {{ template "apm.serviceAccount" . }}-cluster-role-binding diff --git a/filebeat/templates/clusterrole.yaml b/filebeat/templates/clusterrole.yaml index 1742199ca..36dc5d310 100644 --- a/filebeat/templates/clusterrole.yaml +++ b/filebeat/templates/clusterrole.yaml @@ -1,5 +1,5 @@ {{- if .Values.managedServiceAccount }} -apiVersion: rbac.authorization.k8s.io/v1beta1 +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: {{ template "filebeat.serviceAccount" . }}-cluster-role diff --git a/filebeat/templates/clusterrolebinding.yaml b/filebeat/templates/clusterrolebinding.yaml index 45436b76b..887775c2c 100644 --- a/filebeat/templates/clusterrolebinding.yaml +++ b/filebeat/templates/clusterrolebinding.yaml @@ -1,5 +1,5 @@ {{- if .Values.managedServiceAccount }} -apiVersion: rbac.authorization.k8s.io/v1beta1 +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: {{ template "filebeat.serviceAccount" . }}-cluster-role-binding diff --git a/metricbeat/templates/clusterrole.yaml b/metricbeat/templates/clusterrole.yaml index bbc209db7..851153f8e 100644 --- a/metricbeat/templates/clusterrole.yaml +++ b/metricbeat/templates/clusterrole.yaml @@ -1,5 +1,5 @@ {{- if .Values.managedServiceAccount }} -apiVersion: rbac.authorization.k8s.io/v1beta1 +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: {{ template "metricbeat.serviceAccount" . }}-cluster-role diff --git a/metricbeat/templates/clusterrolebinding.yaml b/metricbeat/templates/clusterrolebinding.yaml index dc785b2e0..e95a98db8 100644 --- a/metricbeat/templates/clusterrolebinding.yaml +++ b/metricbeat/templates/clusterrolebinding.yaml @@ -1,5 +1,5 @@ {{- if .Values.managedServiceAccount }} -apiVersion: rbac.authorization.k8s.io/v1beta1 +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: {{ template "metricbeat.serviceAccount" . }}-cluster-role-binding From 2dad57827b7c213c065c1f84fac2b9749ed44c0f Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Thu, 12 Nov 2020 09:55:08 +0100 Subject: [PATCH 097/151] [meta] increase helm timeout (#891) This commit increase the timeout for helm upgrade commands examples to avoid timeout error when deploying all example releases in // in helm test gke cluster. --- apm-server/examples/default/Makefile | 2 +- apm-server/examples/oss/Makefile | 2 +- apm-server/examples/security/Makefile | 2 +- elasticsearch/examples/config/Makefile | 2 +- elasticsearch/examples/default/Makefile | 4 ++-- elasticsearch/examples/docker-for-mac/Makefile | 2 +- elasticsearch/examples/kubernetes-kind/Makefile | 4 ++-- elasticsearch/examples/microk8s/Makefile | 2 +- elasticsearch/examples/migration/Makefile | 6 +++--- elasticsearch/examples/minikube/Makefile | 2 +- elasticsearch/examples/multi/Makefile | 6 +++--- elasticsearch/examples/openshift/Makefile | 2 +- elasticsearch/examples/oss/Makefile | 2 +- elasticsearch/examples/security/Makefile | 2 +- filebeat/examples/default/Makefile | 2 +- filebeat/examples/oss/Makefile | 2 +- filebeat/examples/security/Makefile | 2 +- kibana/examples/default/Makefile | 2 +- kibana/examples/openshift/Makefile | 6 +++--- kibana/examples/oss/Makefile | 2 +- kibana/examples/security/Makefile | 2 +- logstash/examples/default/Makefile | 4 ++-- logstash/examples/elasticsearch/Makefile | 4 ++-- logstash/examples/oss/Makefile | 4 ++-- logstash/examples/security/Makefile | 2 +- metricbeat/examples/default/Makefile | 2 +- metricbeat/examples/oss/Makefile | 2 +- metricbeat/examples/security/Makefile | 2 +- 28 files changed, 39 insertions(+), 39 deletions(-) diff --git a/apm-server/examples/default/Makefile b/apm-server/examples/default/Makefile index 23a7eedc6..d4638cb2e 100644 --- a/apm-server/examples/default/Makefile +++ b/apm-server/examples/default/Makefile @@ -5,7 +5,7 @@ include ../../../helpers/examples.mk RELEASE := helm-apm-server-default install: - helm upgrade --wait --timeout=600 --install $(RELEASE) ../../ + helm upgrade --wait --timeout=900 --install $(RELEASE) ../../ test: install goss diff --git a/apm-server/examples/oss/Makefile b/apm-server/examples/oss/Makefile index 175317b98..b82ea5a43 100644 --- a/apm-server/examples/oss/Makefile +++ b/apm-server/examples/oss/Makefile @@ -5,7 +5,7 @@ include ../../../helpers/examples.mk RELEASE := helm-apm-server-oss install: - helm upgrade --wait --timeout=600 --install $(RELEASE) --values values.yaml ../../ + helm upgrade --wait --timeout=900 --install $(RELEASE) --values values.yaml ../../ test: install goss diff --git a/apm-server/examples/security/Makefile b/apm-server/examples/security/Makefile index 2e9be1f86..3afb654d7 100644 --- a/apm-server/examples/security/Makefile +++ b/apm-server/examples/security/Makefile @@ -5,7 +5,7 @@ include ../../../helpers/examples.mk RELEASE := helm-apm-server-security install: - helm upgrade --wait --timeout=600 --install $(RELEASE) --values values.yaml ../../ + helm upgrade --wait --timeout=900 --install $(RELEASE) --values values.yaml ../../ test: install goss diff --git a/elasticsearch/examples/config/Makefile b/elasticsearch/examples/config/Makefile index a3f96174b..502531378 100644 --- a/elasticsearch/examples/config/Makefile +++ b/elasticsearch/examples/config/Makefile @@ -4,7 +4,7 @@ include ../../../helpers/examples.mk RELEASE := helm-es-config install: - helm upgrade --wait --timeout=600 --install $(RELEASE) --values ./values.yaml ../../ + helm upgrade --wait --timeout=900 --install $(RELEASE) --values ./values.yaml ../../ secrets: kubectl delete secret elastic-config-credentials elastic-config-secret elastic-config-slack elastic-config-custom-path || true diff --git a/elasticsearch/examples/default/Makefile b/elasticsearch/examples/default/Makefile index 5f5215c6b..15558c19a 100644 --- a/elasticsearch/examples/default/Makefile +++ b/elasticsearch/examples/default/Makefile @@ -5,10 +5,10 @@ include ../../../helpers/examples.mk RELEASE := helm-es-default install: - helm upgrade --wait --timeout=600 --install $(RELEASE) ../../ + helm upgrade --wait --timeout=900 --install $(RELEASE) ../../ restart: - helm upgrade --set terminationGracePeriod=121 --wait --timeout=600 --install $(RELEASE) ../../ + helm upgrade --set terminationGracePeriod=121 --wait --timeout=900 --install $(RELEASE) ../../ test: install goss diff --git a/elasticsearch/examples/docker-for-mac/Makefile b/elasticsearch/examples/docker-for-mac/Makefile index 398545e64..99894063d 100644 --- a/elasticsearch/examples/docker-for-mac/Makefile +++ b/elasticsearch/examples/docker-for-mac/Makefile @@ -3,7 +3,7 @@ default: test RELEASE := helm-es-docker-for-mac install: - helm upgrade --wait --timeout=900 --install --values values.yaml $(RELEASE) ../../ + helm upgrade --wait --timeout=1200 --install --values values.yaml $(RELEASE) ../../ test: install helm test $(RELEASE) diff --git a/elasticsearch/examples/kubernetes-kind/Makefile b/elasticsearch/examples/kubernetes-kind/Makefile index af816a9d8..f18f98668 100644 --- a/elasticsearch/examples/kubernetes-kind/Makefile +++ b/elasticsearch/examples/kubernetes-kind/Makefile @@ -3,11 +3,11 @@ default: test RELEASE := helm-es-kind install: - helm upgrade --wait --timeout=900 --install --values values.yaml $(RELEASE) ../../ + helm upgrade --wait --timeout=1200 --install --values values.yaml $(RELEASE) ../../ install-local-path: kubectl apply -f https://raw.githubusercontent.com/rancher/local-path-provisioner/master/deploy/local-path-storage.yaml - helm upgrade --wait --timeout=900 --install --values values-local-path.yaml $(RELEASE) ../../ + helm upgrade --wait --timeout=1200 --install --values values-local-path.yaml $(RELEASE) ../../ test: install helm test $(RELEASE) diff --git a/elasticsearch/examples/microk8s/Makefile b/elasticsearch/examples/microk8s/Makefile index 2c7d3d394..834b929e4 100644 --- a/elasticsearch/examples/microk8s/Makefile +++ b/elasticsearch/examples/microk8s/Makefile @@ -3,7 +3,7 @@ default: test RELEASE := helm-es-microk8s install: - helm upgrade --wait --timeout=900 --install --values values.yaml $(RELEASE) ../../ + helm upgrade --wait --timeout=1200 --install --values values.yaml $(RELEASE) ../../ test: install helm test $(RELEASE) diff --git a/elasticsearch/examples/migration/Makefile b/elasticsearch/examples/migration/Makefile index 3b1dac105..bcef97e6d 100644 --- a/elasticsearch/examples/migration/Makefile +++ b/elasticsearch/examples/migration/Makefile @@ -1,10 +1,10 @@ PREFIX := helm-es-migration data: - helm upgrade --wait --timeout=600 --install --values ./data.yml $(PREFIX)-data ../../ + helm upgrade --wait --timeout=900 --install --values ./data.yml $(PREFIX)-data ../../ master: - helm upgrade --wait --timeout=600 --install --values ./master.yml $(PREFIX)-master ../../ + helm upgrade --wait --timeout=900 --install --values ./master.yml $(PREFIX)-master ../../ client: - helm upgrade --wait --timeout=600 --install --values ./client.yml $(PREFIX)-client ../../ + helm upgrade --wait --timeout=900 --install --values ./client.yml $(PREFIX)-client ../../ diff --git a/elasticsearch/examples/minikube/Makefile b/elasticsearch/examples/minikube/Makefile index 97109ce8c..f8b7e7b6a 100644 --- a/elasticsearch/examples/minikube/Makefile +++ b/elasticsearch/examples/minikube/Makefile @@ -3,7 +3,7 @@ default: test RELEASE := helm-es-minikube install: - helm upgrade --wait --timeout=900 --install --values values.yaml $(RELEASE) ../../ + helm upgrade --wait --timeout=1200 --install --values values.yaml $(RELEASE) ../../ test: install helm test $(RELEASE) diff --git a/elasticsearch/examples/multi/Makefile b/elasticsearch/examples/multi/Makefile index 9682966cd..4e4835a03 100644 --- a/elasticsearch/examples/multi/Makefile +++ b/elasticsearch/examples/multi/Makefile @@ -6,9 +6,9 @@ PREFIX := helm-es-multi RELEASE := helm-es-multi-master install: - helm upgrade --wait --timeout=600 --install --values ./master.yml $(PREFIX)-master ../../ - helm upgrade --wait --timeout=600 --install --values ./data.yml $(PREFIX)-data ../../ - helm upgrade --wait --timeout=600 --install --values ./client.yml $(PREFIX)-client ../../ + helm upgrade --wait --timeout=900 --install --values ./master.yml $(PREFIX)-master ../../ + helm upgrade --wait --timeout=900 --install --values ./data.yml $(PREFIX)-data ../../ + helm upgrade --wait --timeout=900 --install --values ./client.yml $(PREFIX)-client ../../ test: install goss diff --git a/elasticsearch/examples/openshift/Makefile b/elasticsearch/examples/openshift/Makefile index 6e495916d..8d08d8959 100644 --- a/elasticsearch/examples/openshift/Makefile +++ b/elasticsearch/examples/openshift/Makefile @@ -7,7 +7,7 @@ template: helm template --values ./values.yaml ../../ install: - helm upgrade --wait --timeout=600 --install $(RELEASE) --values ./values.yaml ../../ + helm upgrade --wait --timeout=900 --install $(RELEASE) --values ./values.yaml ../../ test: install goss diff --git a/elasticsearch/examples/oss/Makefile b/elasticsearch/examples/oss/Makefile index e274659c6..fa69ddc2d 100644 --- a/elasticsearch/examples/oss/Makefile +++ b/elasticsearch/examples/oss/Makefile @@ -4,7 +4,7 @@ include ../../../helpers/examples.mk RELEASE := helm-es-oss install: - helm upgrade --wait --timeout=600 --install $(RELEASE) --values ./values.yaml ../../ + helm upgrade --wait --timeout=900 --install $(RELEASE) --values ./values.yaml ../../ test: install goss diff --git a/elasticsearch/examples/security/Makefile b/elasticsearch/examples/security/Makefile index dcc3ec94d..8465c14ee 100644 --- a/elasticsearch/examples/security/Makefile +++ b/elasticsearch/examples/security/Makefile @@ -6,7 +6,7 @@ RELEASE := helm-es-security ELASTICSEARCH_IMAGE := docker.elastic.co/elasticsearch/elasticsearch:$(STACK_VERSION) install: - helm upgrade --wait --timeout=600 --install --values ./security.yml $(RELEASE) ../../ + helm upgrade --wait --timeout=900 --install --values ./security.yml $(RELEASE) ../../ purge: kubectl delete secrets elastic-credentials elastic-certificates elastic-certificate-pem elastic-certificate-crt|| true diff --git a/filebeat/examples/default/Makefile b/filebeat/examples/default/Makefile index 6cfa6a648..937cea681 100644 --- a/filebeat/examples/default/Makefile +++ b/filebeat/examples/default/Makefile @@ -5,7 +5,7 @@ include ../../../helpers/examples.mk RELEASE := helm-filebeat-default install: - helm upgrade --wait --timeout=600 --install $(RELEASE) ../../ + helm upgrade --wait --timeout=900 --install $(RELEASE) ../../ test: install goss diff --git a/filebeat/examples/oss/Makefile b/filebeat/examples/oss/Makefile index e6b665412..fa3d507af 100644 --- a/filebeat/examples/oss/Makefile +++ b/filebeat/examples/oss/Makefile @@ -5,7 +5,7 @@ include ../../../helpers/examples.mk RELEASE := helm-filebeat-oss install: - helm upgrade --wait --timeout=600 --install $(RELEASE) --values values.yaml ../../ + helm upgrade --wait --timeout=900 --install $(RELEASE) --values values.yaml ../../ test: install goss diff --git a/filebeat/examples/security/Makefile b/filebeat/examples/security/Makefile index 6d79d4231..602dc4ae2 100644 --- a/filebeat/examples/security/Makefile +++ b/filebeat/examples/security/Makefile @@ -5,7 +5,7 @@ include ../../../helpers/examples.mk RELEASE := helm-filebeat-security install: - helm upgrade --wait --timeout=600 --install $(RELEASE) --values values.yaml ../../ + helm upgrade --wait --timeout=900 --install $(RELEASE) --values values.yaml ../../ test: install goss diff --git a/kibana/examples/default/Makefile b/kibana/examples/default/Makefile index 39caa3072..ea15adfd0 100644 --- a/kibana/examples/default/Makefile +++ b/kibana/examples/default/Makefile @@ -5,7 +5,7 @@ RELEASE := helm-kibana-default install: echo "Goss container: $(GOSS_CONTAINER)" - helm upgrade --wait --timeout=600 --install $(RELEASE) ../../ + helm upgrade --wait --timeout=900 --install $(RELEASE) ../../ test: install goss diff --git a/kibana/examples/openshift/Makefile b/kibana/examples/openshift/Makefile index 9dccc65ed..e1aadf2a0 100644 --- a/kibana/examples/openshift/Makefile +++ b/kibana/examples/openshift/Makefile @@ -6,10 +6,10 @@ RELEASE := kibana template: helm template --values ./values.yml ../../ -install: - helm upgrade --wait --timeout=600 --install --values ./values.yml $(RELEASE) ../../ +install: + helm upgrade --wait --timeout=900 --install --values ./values.yml $(RELEASE) ../../ test: install goss - + purge: helm del --purge $(RELEASE) diff --git a/kibana/examples/oss/Makefile b/kibana/examples/oss/Makefile index 77c6412db..16e974fcd 100644 --- a/kibana/examples/oss/Makefile +++ b/kibana/examples/oss/Makefile @@ -4,7 +4,7 @@ include ../../../helpers/examples.mk RELEASE := helm-kibana-oss install: - helm upgrade --wait --timeout=600 --install --values ./values.yml $(RELEASE) ../../ + helm upgrade --wait --timeout=900 --install --values ./values.yml $(RELEASE) ../../ test: install goss diff --git a/kibana/examples/security/Makefile b/kibana/examples/security/Makefile index d3a365fd7..107d8b74b 100644 --- a/kibana/examples/security/Makefile +++ b/kibana/examples/security/Makefile @@ -4,7 +4,7 @@ include ../../../helpers/examples.mk RELEASE := helm-kibana-security install: - helm upgrade --wait --timeout=600 --install --values ./security.yml $(RELEASE) ../../ + helm upgrade --wait --timeout=900 --install --values ./security.yml $(RELEASE) ../../ test: secrets install goss diff --git a/logstash/examples/default/Makefile b/logstash/examples/default/Makefile index 03d9592f1..0e295d765 100644 --- a/logstash/examples/default/Makefile +++ b/logstash/examples/default/Makefile @@ -5,10 +5,10 @@ include ../../../helpers/examples.mk RELEASE := helm-logstash-default install: - helm upgrade --wait --timeout=900 --install $(RELEASE) ../../ + helm upgrade --wait --timeout=1200 --install $(RELEASE) ../../ restart: - helm upgrade --set terminationGracePeriod=121 --wait --timeout=900 --install $(RELEASE) ../../ + helm upgrade --set terminationGracePeriod=121 --wait --timeout=1200 --install $(RELEASE) ../../ test: install goss diff --git a/logstash/examples/elasticsearch/Makefile b/logstash/examples/elasticsearch/Makefile index f78c42f4e..0323fcea5 100644 --- a/logstash/examples/elasticsearch/Makefile +++ b/logstash/examples/elasticsearch/Makefile @@ -5,10 +5,10 @@ include ../../../helpers/examples.mk RELEASE := helm-logstash-elasticsearch install: - helm upgrade --wait --timeout=900 --install $(RELEASE) --values ./values.yaml ../../ + helm upgrade --wait --timeout=1200 --install $(RELEASE) --values ./values.yaml ../../ restart: - helm upgrade --set terminationGracePeriod=121 --wait --timeout=900 --install $(RELEASE) ../../ + helm upgrade --set terminationGracePeriod=121 --wait --timeout=1200 --install $(RELEASE) ../../ test: install goss diff --git a/logstash/examples/oss/Makefile b/logstash/examples/oss/Makefile index 856234431..541d0182f 100644 --- a/logstash/examples/oss/Makefile +++ b/logstash/examples/oss/Makefile @@ -5,10 +5,10 @@ include ../../../helpers/examples.mk RELEASE := helm-logstash-oss install: - helm upgrade --wait --timeout=900 --install $(RELEASE) --values ./values.yaml ../../ + helm upgrade --wait --timeout=1200 --install $(RELEASE) --values ./values.yaml ../../ restart: - helm upgrade --set terminationGracePeriod=121 --wait --timeout=900 --install $(RELEASE) ../../ + helm upgrade --set terminationGracePeriod=121 --wait --timeout=1200 --install $(RELEASE) ../../ test: install goss diff --git a/logstash/examples/security/Makefile b/logstash/examples/security/Makefile index 8bfee0711..8bad0bc1c 100644 --- a/logstash/examples/security/Makefile +++ b/logstash/examples/security/Makefile @@ -5,7 +5,7 @@ include ../../../helpers/examples.mk RELEASE := helm-logstash-security install: - helm upgrade --wait --timeout=900 --install $(RELEASE) --values values.yaml ../../ + helm upgrade --wait --timeout=1200 --install $(RELEASE) --values values.yaml ../../ test: install goss diff --git a/metricbeat/examples/default/Makefile b/metricbeat/examples/default/Makefile index 833f62973..76da6b209 100644 --- a/metricbeat/examples/default/Makefile +++ b/metricbeat/examples/default/Makefile @@ -6,7 +6,7 @@ RELEASE = helm-metricbeat-default GOSS_SELECTOR = release=$(RELEASE),app=helm-metricbeat-default-metricbeat install: - helm upgrade --wait --timeout=600 --install $(RELEASE) ../../ + helm upgrade --wait --timeout=900 --install $(RELEASE) ../../ test-metrics: GOSS_FILE=goss-metrics.yaml make goss GOSS_SELECTOR=release=$(RELEASE),app=helm-metricbeat-default-metricbeat-metrics diff --git a/metricbeat/examples/oss/Makefile b/metricbeat/examples/oss/Makefile index 0e4828ed0..afe3c1f2c 100644 --- a/metricbeat/examples/oss/Makefile +++ b/metricbeat/examples/oss/Makefile @@ -6,7 +6,7 @@ RELEASE := helm-metricbeat-oss GOSS_SELECTOR = release=$(RELEASE),app=helm-metricbeat-oss-metricbeat install: - helm upgrade --wait --timeout=600 --install $(RELEASE) --values values.yaml ../../ + helm upgrade --wait --timeout=900 --install $(RELEASE) --values values.yaml ../../ purge: helm del --purge $(RELEASE) diff --git a/metricbeat/examples/security/Makefile b/metricbeat/examples/security/Makefile index 3f92e7fe2..acabeb20a 100644 --- a/metricbeat/examples/security/Makefile +++ b/metricbeat/examples/security/Makefile @@ -6,7 +6,7 @@ RELEASE := helm-metricbeat-security GOSS_SELECTOR = release=$(RELEASE),app=helm-metricbeat-security-metricbeat install: - helm upgrade --wait --timeout=600 --install $(RELEASE) --values values.yaml ../../ + helm upgrade --wait --timeout=900 --install $(RELEASE) --values values.yaml ../../ purge: helm del --purge $(RELEASE) From 2107d569962c4fe510d16eee19e430b0879c694f Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Wed, 18 Nov 2020 08:31:07 +0100 Subject: [PATCH 098/151] Helm 3 (#516) (#902) * bump helm version to helm 3.4.1 * update doc to make helm 3 the recommended version * update helm commands arguments for helm 3 * remove helm init and tiller install commands * add stable repo for metricbeat dependencies * remove the charts dance in helmignore (related to https://github.com/elastic/helm-charts/pull/127) * optimize docker images * replace deprecated gitversion capability (related to https://github.com/helm/helm/pull/5601) * remove some heritage labels in immutable fields --- README.md | 9 +-- apm-server/README.md | 81 +++++++++---------- apm-server/examples/default/Makefile | 4 +- apm-server/examples/oss/Makefile | 4 +- apm-server/examples/security/Makefile | 4 +- apm-server/templates/_helpers.tpl | 4 +- elasticsearch/README.md | 14 ++-- elasticsearch/examples/config/Makefile | 4 +- elasticsearch/examples/default/Makefile | 6 +- .../examples/docker-for-mac/Makefile | 4 +- .../examples/kubernetes-kind/Makefile | 6 +- elasticsearch/examples/microk8s/Makefile | 4 +- elasticsearch/examples/migration/Makefile | 6 +- elasticsearch/examples/minikube/Makefile | 4 +- elasticsearch/examples/multi/Makefile | 12 +-- elasticsearch/examples/openshift/Makefile | 4 +- elasticsearch/examples/oss/Makefile | 4 +- elasticsearch/examples/security/Makefile | 4 +- elasticsearch/examples/upgrade/Makefile | 7 +- .../examples/upgrade/scripts/upgrade.sh | 4 +- elasticsearch/templates/NOTES.txt | 2 +- elasticsearch/templates/_helpers.tpl | 4 +- elasticsearch/templates/statefulset.yaml | 4 +- elasticsearch/tests/elasticsearch_test.py | 5 +- filebeat/README.md | 78 +++++++++--------- filebeat/examples/default/Makefile | 4 +- filebeat/examples/oss/Makefile | 4 +- filebeat/examples/security/Makefile | 4 +- helpers/common.mk | 10 +-- helpers/helm-tester/Dockerfile | 10 +-- helpers/helpers.py | 2 +- helpers/terraform/Dockerfile | 11 +-- helpers/terraform/Makefile | 12 +-- kibana/README.md | 9 +-- kibana/examples/default/Makefile | 4 +- kibana/examples/openshift/Makefile | 4 +- kibana/examples/oss/Makefile | 4 +- kibana/examples/security/Makefile | 4 +- kibana/templates/_helpers.tpl | 2 +- logstash/README.md | 12 +-- logstash/examples/default/Makefile | 6 +- logstash/examples/elasticsearch/Makefile | 6 +- logstash/examples/oss/Makefile | 6 +- logstash/examples/security/Makefile | 4 +- logstash/templates/_helpers.tpl | 4 +- logstash/templates/service.yaml | 1 - metricbeat/README.md | 11 ++- metricbeat/examples/default/Makefile | 4 +- metricbeat/examples/oss/Makefile | 4 +- metricbeat/examples/security/Makefile | 4 +- metricbeat/templates/deployment.yaml | 2 - 51 files changed, 201 insertions(+), 229 deletions(-) diff --git a/README.md b/README.md index 6fb9d4a55..2e3e581ef 100644 --- a/README.md +++ b/README.md @@ -11,7 +11,6 @@ - [Support Matrix](#support-matrix) - [Kubernetes Versions](#kubernetes-versions) - [Helm versions](#helm-versions) - - [Helm 3 beta](#helm-3-beta) - [ECK](#eck) @@ -76,13 +75,8 @@ exact versions are defined under `KUBERNETES_VERSIONS` in ### Helm versions While we are checking backward compatibility, the charts are only tested with -Helm version mentioned in [helm-tester Dockerfile][] (currently 2.17.0). +Helm version mentioned in [helm-tester Dockerfile][] (currently 3.4.1). -#### Helm 3 beta - -While we don't have automated tests for [Helm 3][] yet, we fixed the main -blockers to use it. We now have enough feedbacks from internal and external -users to add support in beta. ## ECK @@ -96,7 +90,6 @@ Kubernetes. [elastic cloud on kubernetes]: https://github.com/elastic/cloud-on-k8s [elastic helm repo]: https://helm.elastic.co [github releases]: https://github.com/elastic/helm-charts/releases -[helm 3]: https://v3.helm.sh [helm-tester Dockerfile]: https://github.com/elastic/helm-charts/blob/7.x/helpers/helm-tester/Dockerfile [helpers/matrix.yml]: https://github.com/elastic/helm-charts/blob/7.x/helpers/matrix.yml [operator pattern]: https://kubernetes.io/docs/concepts/extend-kubernetes/operator/ diff --git a/apm-server/README.md b/apm-server/README.md index eb37ab00d..8570ff52b 100644 --- a/apm-server/README.md +++ b/apm-server/README.md @@ -50,8 +50,8 @@ This chart is tested with the latest 7.10.0-SNAPSHOT versions. `helm repo add elastic https://helm.elastic.co` * Install it: - - with Helm 2: `helm install --name apm-server --version elastic/apm-server` - - with [Helm 3 (beta)][]: `helm install apm-server --version elastic/apm-server` + - with Helm 3: `helm install apm-server --version elastic/apm-server` + - with Helm 2 (deprecated): `helm install --name apm-server --version elastic/apm-server` ### Install development version using 7.x branch and 7.10.0-SNAPSHOT versions @@ -59,8 +59,8 @@ This chart is tested with the latest 7.10.0-SNAPSHOT versions. * Clone the git repo: `git clone git@github.com:elastic/helm-charts.git` * Install it: - - with Helm 2: `helm install --name apm-server ./helm-charts/apm-server --set imageTag=7.10.0-SNAPSHOT` - - with [Helm 3 (beta)][]: `helm install apm-server ./helm-charts/apm-server --set imageTag=7.10.0-SNAPSHOT` + - with Helm 3: `helm install apm-server ./helm-charts/apm-server --set imageTag=7.10.0-SNAPSHOT` + - with Helm 2 (deprecated): `helm install --name apm-server ./helm-charts/apm-server --set imageTag=7.10.0-SNAPSHOT` ## Upgrading @@ -84,42 +84,42 @@ as a reference. They are also used in the automated testing of this chart. ## Configuration -| Parameter | Description | Default | -|--------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------| -| `affinity` | Configurable [affinity][] | `{}` | -| `apmConfig` | Allows you to add any config files in `/usr/share/apm-server/config` such as `apm-server.yml` | see [values.yaml][] | -| `autoscaling` | Enable the [horizontal pod autoscaler][] | `enabled: false` | -| `envFrom` | Templatable string to be passed to the [environment from variables][] which will be appended to the `envFrom:` definition for the container | `[]` | -| `extraContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | -| `extraEnvs` | Extra [environment variables][] which will be appended to the `env:` definition for the container | `[]` | -| `extraInitContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | -| `extraVolumeMounts` | List of additional `volumeMounts` | `[]` | -| `extraVolumes` | List of additional `volumes` | `[]` | -| `fullnameOverride` | Overrides the full name of the resources. If not set the name will default to `.Release.Name` - `.Values.nameOverride` or `.Chart.Name` | `""` | -| `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | -| `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The APM Server Docker image tag | `7.10.0-SNAPSHOT` | -| `image` | The APM Server Docker image | `docker.elastic.co/apm/apm-server` | -| `ingress` | Configurable [ingress][] to expose the APM Server service | see [values.yaml][] | -| `labels` | Configurable [labels][] applied to all APM server pods | `{}` | -| `lifecycle` | Configurable [lifecycle hooks][] | `false` | -| `livenessProbe` | Parameters to pass to liveness [probe][] checks for values such as timeouts and thresholds | see [values.yaml][] | -| `managedServiceAccount` | Whether the `serviceAccount` should be managed by this Helm chart. Set this to `false` in order to manage your own service account and related roles | `true` | -| `nameOverride` | Overrides the chart name for resources. If not set the name will default to `.Chart.Name` | `""` | -| `nodeSelector` | Configurable [nodeSelector][] | `{}` | -| `podAnnotations` | Configurable [annotations][] applied to all APM Server pods | `{}` | -| `podSecurityContext` | Configurable [podSecurityContext][] for APM Server pod execution environment | see [values.yaml][] | -| `priorityClassName` | The name of the [PriorityClass][]. No default is supplied as the `PriorityClass` must be created first | `""` | -| `readinessProbe` | Parameters to pass to readiness [probe][] checks for values such as timeouts and thresholds | see [values.yaml][] | -| `replicas` | Number of APM servers to run | `1` | -| `resources` | Allows you to set the [resources][] for the `Deployment` | see [values.yaml][] | -| `secretMounts` | Allows you easily mount a secret as a file inside the `Deployment`. Useful for mounting certificates and other secrets. See [values.yaml][] for an example | `[]` | -| `serviceAccount` | Custom [serviceAccount][] that APM Server will use during execution. By default will use the `serviceAccount` created by this chart | `""` | -| `serviceAccountAnnotations` | Annotations to be added to the ServiceAccount that is created by this chart. | `{}` -| `service` | Configurable [service][] to expose the APM Server service. See [values.yaml][] for an example | see [values.yaml][] | -| `terminationGracePeriod` | Termination period (in seconds) to wait before killing APM Server pod process on pod shutdown | `30` | -| `tolerations` | Configurable [tolerations][] | `[]` | -| `updateStrategy` | Allows you to change the default [updateStrategy][] for the deployment | see [values.yaml][] | +| Parameter | Description | Default | +|-----------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------| +| `affinity` | Configurable [affinity][] | `{}` | +| `apmConfig` | Allows you to add any config files in `/usr/share/apm-server/config` such as `apm-server.yml` | see [values.yaml][] | +| `autoscaling` | Enable the [horizontal pod autoscaler][] | `enabled: false` | +| `envFrom` | Templatable string to be passed to the [environment from variables][] which will be appended to the `envFrom:` definition for the container | `[]` | +| `extraContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | +| `extraEnvs` | Extra [environment variables][] which will be appended to the `env:` definition for the container | `[]` | +| `extraInitContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | +| `extraVolumeMounts` | List of additional `volumeMounts` | `[]` | +| `extraVolumes` | List of additional `volumes` | `[]` | +| `fullnameOverride` | Overrides the full name of the resources. If not set the name will default to `.Release.Name` - `.Values.nameOverride` or `.Chart.Name` | `""` | +| `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | +| `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | +| `imageTag` | The APM Server Docker image tag | `7.10.0-SNAPSHOT` | +| `image` | The APM Server Docker image | `docker.elastic.co/apm/apm-server` | +| `ingress` | Configurable [ingress][] to expose the APM Server service | see [values.yaml][] | +| `labels` | Configurable [labels][] applied to all APM server pods | `{}` | +| `lifecycle` | Configurable [lifecycle hooks][] | `false` | +| `livenessProbe` | Parameters to pass to liveness [probe][] checks for values such as timeouts and thresholds | see [values.yaml][] | +| `managedServiceAccount` | Whether the `serviceAccount` should be managed by this Helm chart. Set this to `false` in order to manage your own service account and related roles | `true` | +| `nameOverride` | Overrides the chart name for resources. If not set the name will default to `.Chart.Name` | `""` | +| `nodeSelector` | Configurable [nodeSelector][] | `{}` | +| `podAnnotations` | Configurable [annotations][] applied to all APM Server pods | `{}` | +| `podSecurityContext` | Configurable [podSecurityContext][] for APM Server pod execution environment | see [values.yaml][] | +| `priorityClassName` | The name of the [PriorityClass][]. No default is supplied as the `PriorityClass` must be created first | `""` | +| `readinessProbe` | Parameters to pass to readiness [probe][] checks for values such as timeouts and thresholds | see [values.yaml][] | +| `replicas` | Number of APM servers to run | `1` | +| `resources` | Allows you to set the [resources][] for the `Deployment` | see [values.yaml][] | +| `secretMounts` | Allows you easily mount a secret as a file inside the `Deployment`. Useful for mounting certificates and other secrets. See [values.yaml][] for an example | `[]` | +| `serviceAccount` | Custom [serviceAccount][] that APM Server will use during execution. By default will use the `serviceAccount` created by this chart | `""` | +| `serviceAccountAnnotations` | Annotations to be added to the ServiceAccount that is created by this chart. | `{}` | +| `service` | Configurable [service][] to expose the APM Server service. See [values.yaml][] for an example | see [values.yaml][] | +| `terminationGracePeriod` | Termination period (in seconds) to wait before killing APM Server pod process on pod shutdown | `30` | +| `tolerations` | Configurable [tolerations][] | `[]` | +| `updateStrategy` | Allows you to change the default [updateStrategy][] for the deployment | see [values.yaml][] | ## FAQ @@ -161,7 +161,6 @@ about our development and testing process. [examples/oss]: https://github.com/elastic/helm-charts/tree/7.x/apm-server/examples/oss [examples/security]: https://github.com/elastic/helm-charts/tree/7.x/apm-server/examples/security [helm]: https://helm.sh -[helm 3 (beta)]: https://github.com/elastic/helm-charts/tree/master/README.md#helm-3-beta [horizontal pod autoscaler]: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ [imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images [imagePullSecrets]: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret diff --git a/apm-server/examples/default/Makefile b/apm-server/examples/default/Makefile index d4638cb2e..57c4116d2 100644 --- a/apm-server/examples/default/Makefile +++ b/apm-server/examples/default/Makefile @@ -5,9 +5,9 @@ include ../../../helpers/examples.mk RELEASE := helm-apm-server-default install: - helm upgrade --wait --timeout=900 --install $(RELEASE) ../../ + helm upgrade --wait --timeout=900s --install $(RELEASE) ../../ test: install goss purge: - helm del --purge $(RELEASE) + helm del $(RELEASE) diff --git a/apm-server/examples/oss/Makefile b/apm-server/examples/oss/Makefile index b82ea5a43..61ad62b28 100644 --- a/apm-server/examples/oss/Makefile +++ b/apm-server/examples/oss/Makefile @@ -5,9 +5,9 @@ include ../../../helpers/examples.mk RELEASE := helm-apm-server-oss install: - helm upgrade --wait --timeout=900 --install $(RELEASE) --values values.yaml ../../ + helm upgrade --wait --timeout=900s --install $(RELEASE) --values values.yaml ../../ test: install goss purge: - helm del --purge $(RELEASE) + helm del $(RELEASE) diff --git a/apm-server/examples/security/Makefile b/apm-server/examples/security/Makefile index 3afb654d7..de704f595 100644 --- a/apm-server/examples/security/Makefile +++ b/apm-server/examples/security/Makefile @@ -5,9 +5,9 @@ include ../../../helpers/examples.mk RELEASE := helm-apm-server-security install: - helm upgrade --wait --timeout=900 --install $(RELEASE) --values values.yaml ../../ + helm upgrade --wait --timeout=900s --install $(RELEASE) --values values.yaml ../../ test: install goss purge: - helm del --purge $(RELEASE) + helm del $(RELEASE) diff --git a/apm-server/templates/_helpers.tpl b/apm-server/templates/_helpers.tpl index abc1361ea..6f64c4b38 100755 --- a/apm-server/templates/_helpers.tpl +++ b/apm-server/templates/_helpers.tpl @@ -23,14 +23,14 @@ We truncate at 63 chars because some Kubernetes name fields are limited to this Return the appropriate apiVersion for ingress. */}} {{- define "apm.ingress.apiVersion" -}} -{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}} +{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.Version -}} {{- print "extensions/v1beta1" -}} {{- else -}} {{- print "networking.k8s.io/v1beta1" -}} {{- end -}} {{- end -}} {{- define "apm.autoscaling.apiVersion" -}} -{{- if semverCompare "<1.12-0" .Capabilities.KubeVersion.GitVersion -}} +{{- if semverCompare "<1.12-0" .Capabilities.KubeVersion.Version -}} {{- print "autoscaling/v2beta1" -}} {{- else -}} {{- print "autoscaling/v2beta2" -}} diff --git a/elasticsearch/README.md b/elasticsearch/README.md index cde684c5f..1afd20496 100644 --- a/elasticsearch/README.md +++ b/elasticsearch/README.md @@ -60,8 +60,9 @@ This chart is tested with the latest 7.10.0-SNAPSHOT versions. `helm repo add elastic https://helm.elastic.co` * Install it: - - with Helm 2: `helm install --name elasticsearch --version elastic/elasticsearch` - - with [Helm 3 (beta)][]: `helm install elasticsearch --version elastic/elasticsearch` + - with Helm 3: `helm install elasticsearch --version elastic/elasticsearch` + - with Helm 2 (deprecated): `helm install --name elasticsearch --version elastic/elasticsearch` + ### Install development version using 7.x branch and 7.10.0-SNAPSHOT versions @@ -69,8 +70,8 @@ This chart is tested with the latest 7.10.0-SNAPSHOT versions. * Clone the git repo: `git clone git@github.com:elastic/helm-charts.git` * Install it: - - with Helm 2: `helm install --name elasticsearch ./helm-charts/elasticsearch --set imageTag=7.10.0-SNAPSHOT` - - with [Helm 3 (beta)][]: `helm install elasticsearch ./helm-charts/elasticsearch --set imageTag=7.10.0-SNAPSHOT` + - with Helm 3: `helm install elasticsearch ./helm-charts/elasticsearch --set imageTag=7.10.0-SNAPSHOT` + - with Helm 2 (deprecated): `helm install --name elasticsearch ./helm-charts/elasticsearch --set imageTag=7.10.0-SNAPSHOT` ## Upgrading @@ -126,7 +127,7 @@ support multiple versions with minimal changes. | `httpPort` | The http port that Kubernetes will use for the healthchecks and the service. If you change this you will also need to set [http.port][] in `extraEnvs` | `9200` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The Elasticsearch Docker image tag | `7.10.0-SNAPSHOT` | +| `imageTag` | The Elasticsearch Docker image tag | `7.10.0-SNAPSHOT` | | `image` | The Elasticsearch Docker image | `docker.elastic.co/elasticsearch/elasticsearch` | | `ingress` | Configurable [ingress][] to expose the Elasticsearch service. See [values.yaml][] for an example | see [values.yaml][] | | `initResources` | Allows you to set the [resources][] for the `initContainer` in the StatefulSet | `{}` | @@ -158,7 +159,7 @@ support multiple versions with minimal changes. | `secretMounts` | Allows you easily mount a secret as a file inside the StatefulSet. Useful for mounting certificates and other secrets. See [values.yaml][] for an example | `[]` | | `securityContext` | Allows you to set the [securityContext][] for the container | see [values.yaml][] | | `service.annotations` | [LoadBalancer annotations][] that Kubernetes will use for the service. This will configure load balancer if `service.type` is `LoadBalancer` | `{}` | -| `service.externalTrafficPolicy` | Some cloud providers allow you to specify the [LoadBalancer externalTrafficPolicy][]. Kubernetes will use this to preserve the client source IP. This will configure load balancer if `service.type` is `LoadBalancer` | `""` | +| `service.externalTrafficPolicy` | Some cloud providers allow you to specify the [LoadBalancer externalTrafficPolicy][]. Kubernetes will use this to preserve the client source IP. This will configure load balancer if `service.type` is `LoadBalancer` | `""` | | `service.httpPortName` | The name of the http port within the service | `http` | | `service.labelsHeadless` | Labels to be added to headless service | `{}` | | `service.labels` | Labels to be added to non-headless service | `{}` | @@ -414,7 +415,6 @@ about our development and testing process. [examples/security]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/security [gke]: https://cloud.google.com/kubernetes-engine [helm]: https://helm.sh -[helm 3 (beta)]: https://github.com/elastic/helm-charts/tree/master/README.md#helm-3-beta [helm/charts stable]: https://github.com/helm/charts/tree/master/stable/elasticsearch/ [how to install plugins guide]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/README.md#how-to-install-plugins [how to use the keystore]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/README.md#how-to-use-the-keystore diff --git a/elasticsearch/examples/config/Makefile b/elasticsearch/examples/config/Makefile index 502531378..9eee45df2 100644 --- a/elasticsearch/examples/config/Makefile +++ b/elasticsearch/examples/config/Makefile @@ -4,7 +4,7 @@ include ../../../helpers/examples.mk RELEASE := helm-es-config install: - helm upgrade --wait --timeout=900 --install $(RELEASE) --values ./values.yaml ../../ + helm upgrade --wait --timeout=900s --install $(RELEASE) --values ./values.yaml ../../ secrets: kubectl delete secret elastic-config-credentials elastic-config-secret elastic-config-slack elastic-config-custom-path || true @@ -16,4 +16,4 @@ secrets: test: secrets install goss purge: - helm del --purge $(RELEASE) + helm del $(RELEASE) diff --git a/elasticsearch/examples/default/Makefile b/elasticsearch/examples/default/Makefile index 15558c19a..beb90461d 100644 --- a/elasticsearch/examples/default/Makefile +++ b/elasticsearch/examples/default/Makefile @@ -5,12 +5,12 @@ include ../../../helpers/examples.mk RELEASE := helm-es-default install: - helm upgrade --wait --timeout=900 --install $(RELEASE) ../../ + helm upgrade --wait --timeout=900s --install $(RELEASE) ../../ restart: - helm upgrade --set terminationGracePeriod=121 --wait --timeout=900 --install $(RELEASE) ../../ + helm upgrade --set terminationGracePeriod=121 --wait --timeout=900s --install $(RELEASE) ../../ test: install goss purge: - helm del --purge $(RELEASE) + helm del $(RELEASE) diff --git a/elasticsearch/examples/docker-for-mac/Makefile b/elasticsearch/examples/docker-for-mac/Makefile index 99894063d..705b08f0b 100644 --- a/elasticsearch/examples/docker-for-mac/Makefile +++ b/elasticsearch/examples/docker-for-mac/Makefile @@ -3,10 +3,10 @@ default: test RELEASE := helm-es-docker-for-mac install: - helm upgrade --wait --timeout=1200 --install --values values.yaml $(RELEASE) ../../ + helm upgrade --wait --timeout=1200s --install --values values.yaml $(RELEASE) ../../ test: install helm test $(RELEASE) purge: - helm del --purge $(RELEASE) + helm del $(RELEASE) diff --git a/elasticsearch/examples/kubernetes-kind/Makefile b/elasticsearch/examples/kubernetes-kind/Makefile index f18f98668..3f6bdead9 100644 --- a/elasticsearch/examples/kubernetes-kind/Makefile +++ b/elasticsearch/examples/kubernetes-kind/Makefile @@ -3,14 +3,14 @@ default: test RELEASE := helm-es-kind install: - helm upgrade --wait --timeout=1200 --install --values values.yaml $(RELEASE) ../../ + helm upgrade --wait --timeout=1200s --install --values values.yaml $(RELEASE) ../../ install-local-path: kubectl apply -f https://raw.githubusercontent.com/rancher/local-path-provisioner/master/deploy/local-path-storage.yaml - helm upgrade --wait --timeout=1200 --install --values values-local-path.yaml $(RELEASE) ../../ + helm upgrade --wait --timeout=1200s --install --values values-local-path.yaml $(RELEASE) ../../ test: install helm test $(RELEASE) purge: - helm del --purge $(RELEASE) + helm del $(RELEASE) diff --git a/elasticsearch/examples/microk8s/Makefile b/elasticsearch/examples/microk8s/Makefile index 834b929e4..3ce3ebdef 100644 --- a/elasticsearch/examples/microk8s/Makefile +++ b/elasticsearch/examples/microk8s/Makefile @@ -3,10 +3,10 @@ default: test RELEASE := helm-es-microk8s install: - helm upgrade --wait --timeout=1200 --install --values values.yaml $(RELEASE) ../../ + helm upgrade --wait --timeout=1200s --install --values values.yaml $(RELEASE) ../../ test: install helm test $(RELEASE) purge: - helm del --purge $(RELEASE) + helm del $(RELEASE) diff --git a/elasticsearch/examples/migration/Makefile b/elasticsearch/examples/migration/Makefile index bcef97e6d..efd4abfc5 100644 --- a/elasticsearch/examples/migration/Makefile +++ b/elasticsearch/examples/migration/Makefile @@ -1,10 +1,10 @@ PREFIX := helm-es-migration data: - helm upgrade --wait --timeout=900 --install --values ./data.yml $(PREFIX)-data ../../ + helm upgrade --wait --timeout=900s --install --values ./data.yml $(PREFIX)-data ../../ master: - helm upgrade --wait --timeout=900 --install --values ./master.yml $(PREFIX)-master ../../ + helm upgrade --wait --timeout=900s --install --values ./master.yml $(PREFIX)-master ../../ client: - helm upgrade --wait --timeout=900 --install --values ./client.yml $(PREFIX)-client ../../ + helm upgrade --wait --timeout=900s --install --values ./client.yml $(PREFIX)-client ../../ diff --git a/elasticsearch/examples/minikube/Makefile b/elasticsearch/examples/minikube/Makefile index f8b7e7b6a..09b61f81d 100644 --- a/elasticsearch/examples/minikube/Makefile +++ b/elasticsearch/examples/minikube/Makefile @@ -3,10 +3,10 @@ default: test RELEASE := helm-es-minikube install: - helm upgrade --wait --timeout=1200 --install --values values.yaml $(RELEASE) ../../ + helm upgrade --wait --timeout=1200s --install --values values.yaml $(RELEASE) ../../ test: install helm test $(RELEASE) purge: - helm del --purge $(RELEASE) + helm del $(RELEASE) diff --git a/elasticsearch/examples/multi/Makefile b/elasticsearch/examples/multi/Makefile index 4e4835a03..bb3da7267 100644 --- a/elasticsearch/examples/multi/Makefile +++ b/elasticsearch/examples/multi/Makefile @@ -6,13 +6,13 @@ PREFIX := helm-es-multi RELEASE := helm-es-multi-master install: - helm upgrade --wait --timeout=900 --install --values ./master.yml $(PREFIX)-master ../../ - helm upgrade --wait --timeout=900 --install --values ./data.yml $(PREFIX)-data ../../ - helm upgrade --wait --timeout=900 --install --values ./client.yml $(PREFIX)-client ../../ + helm upgrade --wait --timeout=900s --install --values ./master.yml $(PREFIX)-master ../../ + helm upgrade --wait --timeout=900s --install --values ./data.yml $(PREFIX)-data ../../ + helm upgrade --wait --timeout=900s --install --values ./client.yml $(PREFIX)-client ../../ test: install goss purge: - helm del --purge $(PREFIX)-master - helm del --purge $(PREFIX)-data - helm del --purge $(PREFIX)-client + helm del $(PREFIX)-master + helm del $(PREFIX)-data + helm del $(PREFIX)-client diff --git a/elasticsearch/examples/openshift/Makefile b/elasticsearch/examples/openshift/Makefile index 8d08d8959..653288854 100644 --- a/elasticsearch/examples/openshift/Makefile +++ b/elasticsearch/examples/openshift/Makefile @@ -7,9 +7,9 @@ template: helm template --values ./values.yaml ../../ install: - helm upgrade --wait --timeout=900 --install $(RELEASE) --values ./values.yaml ../../ + helm upgrade --wait --timeout=900s --install $(RELEASE) --values ./values.yaml ../../ test: install goss purge: - helm del --purge $(RELEASE) + helm del $(RELEASE) diff --git a/elasticsearch/examples/oss/Makefile b/elasticsearch/examples/oss/Makefile index fa69ddc2d..e57284176 100644 --- a/elasticsearch/examples/oss/Makefile +++ b/elasticsearch/examples/oss/Makefile @@ -4,9 +4,9 @@ include ../../../helpers/examples.mk RELEASE := helm-es-oss install: - helm upgrade --wait --timeout=900 --install $(RELEASE) --values ./values.yaml ../../ + helm upgrade --wait --timeout=900s --install $(RELEASE) --values ./values.yaml ../../ test: install goss purge: - helm del --purge $(RELEASE) + helm del $(RELEASE) diff --git a/elasticsearch/examples/security/Makefile b/elasticsearch/examples/security/Makefile index 8465c14ee..c92916085 100644 --- a/elasticsearch/examples/security/Makefile +++ b/elasticsearch/examples/security/Makefile @@ -6,11 +6,11 @@ RELEASE := helm-es-security ELASTICSEARCH_IMAGE := docker.elastic.co/elasticsearch/elasticsearch:$(STACK_VERSION) install: - helm upgrade --wait --timeout=900 --install --values ./security.yml $(RELEASE) ../../ + helm upgrade --wait --timeout=900s --install --values ./security.yml $(RELEASE) ../../ purge: kubectl delete secrets elastic-credentials elastic-certificates elastic-certificate-pem elastic-certificate-crt|| true - helm del --purge $(RELEASE) + helm del $(RELEASE) test: secrets install goss diff --git a/elasticsearch/examples/upgrade/Makefile b/elasticsearch/examples/upgrade/Makefile index f890d502c..8c7ac79f2 100644 --- a/elasticsearch/examples/upgrade/Makefile +++ b/elasticsearch/examples/upgrade/Makefile @@ -7,10 +7,7 @@ RELEASE := helm-es-upgrade install: ./scripts/upgrade.sh --release $(RELEASE) -init: - helm init --client-only - -test: init install goss +test: install goss purge: - helm del --purge $(RELEASE) + helm del $(RELEASE) diff --git a/elasticsearch/examples/upgrade/scripts/upgrade.sh b/elasticsearch/examples/upgrade/scripts/upgrade.sh index 6d0aa9ffc..59853e094 100755 --- a/elasticsearch/examples/upgrade/scripts/upgrade.sh +++ b/elasticsearch/examples/upgrade/scripts/upgrade.sh @@ -67,10 +67,10 @@ helm repo add elastic https://helm.elastic.co # Initial install printf "Installing Elasticsearch chart %s\n" "$FROM" -helm upgrade --wait --timeout=600 --install "$RELEASE" elastic/elasticsearch --version "$FROM" --set clusterName=upgrade +helm upgrade --wait --timeout=600s --install "$RELEASE" elastic/elasticsearch --version "$FROM" --set clusterName=upgrade kubectl rollout status sts/upgrade-master --timeout=600s # Upgrade printf "Upgrading Elasticsearch chart\n" -helm upgrade --wait --timeout=600 --set terminationGracePeriod=121 --install "$RELEASE" ../../ --set clusterName=upgrade +helm upgrade --wait --timeout=600s --set terminationGracePeriod=121 --install "$RELEASE" ../../ --set clusterName=upgrade kubectl rollout status sts/upgrade-master --timeout=600s diff --git a/elasticsearch/templates/NOTES.txt b/elasticsearch/templates/NOTES.txt index 3841adafc..73edf425a 100755 --- a/elasticsearch/templates/NOTES.txt +++ b/elasticsearch/templates/NOTES.txt @@ -1,4 +1,4 @@ 1. Watch all cluster members come up. $ kubectl get pods --namespace={{ .Release.Namespace }} -l app={{ template "elasticsearch.uname" . }} -w 2. Test cluster health using Helm test. - $ helm test {{ .Release.Name }} --cleanup + $ helm test {{ .Release.Name }} diff --git a/elasticsearch/templates/_helpers.tpl b/elasticsearch/templates/_helpers.tpl index 87783dae9..247d4ee00 100755 --- a/elasticsearch/templates/_helpers.tpl +++ b/elasticsearch/templates/_helpers.tpl @@ -68,7 +68,7 @@ We truncate at 63 chars because some Kubernetes name fields are limited to this Return the appropriate apiVersion for statefulset. */}} {{- define "elasticsearch.statefulset.apiVersion" -}} -{{- if semverCompare "<1.9-0" .Capabilities.KubeVersion.GitVersion -}} +{{- if semverCompare "<1.9-0" .Capabilities.KubeVersion.Version -}} {{- print "apps/v1beta2" -}} {{- else -}} {{- print "apps/v1" -}} @@ -79,7 +79,7 @@ Return the appropriate apiVersion for statefulset. Return the appropriate apiVersion for ingress. */}} {{- define "elasticsearch.ingress.apiVersion" -}} -{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}} +{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.Version -}} {{- print "extensions/v1beta1" -}} {{- else -}} {{- print "networking.k8s.io/v1beta1" -}} diff --git a/elasticsearch/templates/statefulset.yaml b/elasticsearch/templates/statefulset.yaml index 0450a0cbc..892538638 100644 --- a/elasticsearch/templates/statefulset.yaml +++ b/elasticsearch/templates/statefulset.yaml @@ -28,7 +28,6 @@ spec: name: {{ template "elasticsearch.uname" . }} {{- if .Values.persistence.labels.enabled }} labels: - heritage: {{ .Release.Service | quote }} release: {{ .Release.Name | quote }} chart: "{{ .Chart.Name }}" app: "{{ template "elasticsearch.uname" . }}" @@ -47,7 +46,6 @@ spec: metadata: name: "{{ template "elasticsearch.uname" . }}" labels: - heritage: {{ .Release.Service | quote }} release: {{ .Release.Name | quote }} chart: "{{ .Chart.Name }}" app: "{{ template "elasticsearch.uname" . }}" @@ -154,7 +152,7 @@ spec: imagePullSecrets: {{ toYaml .Values.imagePullSecrets | indent 8 }} {{- end }} - {{- if semverCompare ">1.13-0" .Capabilities.KubeVersion.GitVersion }} + {{- if semverCompare ">1.13-0" .Capabilities.KubeVersion.Version }} enableServiceLinks: {{ .Values.enableServiceLinks }} {{- end }} initContainers: diff --git a/elasticsearch/tests/elasticsearch_test.py b/elasticsearch/tests/elasticsearch_test.py index 5aa5fe272..39c02b307 100755 --- a/elasticsearch/tests/elasticsearch_test.py +++ b/elasticsearch/tests/elasticsearch_test.py @@ -492,7 +492,10 @@ def test_enabling_persistence_label_in_volumeclaimtemplate(): "volumeClaimTemplates" ][0]["metadata"]["labels"] statefulset_labels = r["statefulset"][uname]["metadata"]["labels"] - assert volume_claim_template_labels == statefulset_labels + expected_labels = statefulset_labels + # heritage label shouldn't be present in volumeClaimTemplates labels + expected_labels.pop("heritage") + assert volume_claim_template_labels == expected_labels def test_adding_a_secret_mount(): diff --git a/filebeat/README.md b/filebeat/README.md index a42a84b4c..081786d82 100644 --- a/filebeat/README.md +++ b/filebeat/README.md @@ -47,8 +47,9 @@ This chart is tested with the latest 7.10.0-SNAPSHOT versions. `helm repo add elastic https://helm.elastic.co` * Install it: - - with Helm 2: `helm install --name filebeat --version elastic/filebeat` - - with [Helm 3 (beta)][]: `helm install filebeat --version elastic/filebeat` + - with Helm 3: `helm install filebeat --version elastic/filebeat` + - with Helm 2 (deprecated): `helm install --name filebeat --version elastic/filebeat` + ### Install development version using 7.x branch and 7.10.0-SNAPSHOT versions @@ -56,8 +57,8 @@ This chart is tested with the latest 7.10.0-SNAPSHOT versions. * Clone the git repo: `git clone git@github.com:elastic/helm-charts.git` * Install it: - - with Helm 2: `helm install --name filebeat ./helm-charts/filebeat --set imageTag=7.10.0-SNAPSHOT` - - with [Helm 3 (beta)][]: `helm install filebeat ./helm-charts/filebeat --set imageTag=7.10.0-SNAPSHOT` + - with Helm 3: `helm install filebeat ./helm-charts/filebeat --set imageTag=7.10.0-SNAPSHOT` + - with Helm 2 (deprecated): `helm install --name filebeat ./helm-charts/filebeat --set imageTag=7.10.0-SNAPSHOT` ## Upgrading @@ -90,40 +91,40 @@ as a reference. They are also used in the automated testing of this chart. ## Configuration -| Parameter | Description | Default | -|--------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------| -| `affinity` | Configurable [affinity][] | `{}` | -| `envFrom` | Templatable string of envFrom to be passed to the [environment from variables][] which will be appended to the `envFrom:` definition for the container | `[]` | -| `extraContainers` | List of additional init containers to be added at the DaemonSet | `""` | -| `extraEnvs` | Extra [environment variables][] which will be appended to the `env:` definition for the container | `[]` | -| `extraInitContainers` | List of additional init containers to be added at the DaemonSet. It also accepts a templatable string of additional containers to be passed to the `tpl` function | `[]` | -| `extraVolumeMounts` | List of additional volumeMounts to be mounted on the DaemonSet | `[]` | -| `extraVolumes` | List of additional volumes to be mounted on the DaemonSet | `[]` | -| `filebeatConfig` | Allows you to add any config files in `/usr/share/filebeat` such as `filebeat.yml` | see [values.yaml][] | -| `fullnameOverride` | Overrides the full name of the resources. If not set the name will default to " `.Release.Name` - `.Values.nameOverride or .Chart.Name` " | `""` | -| `hostNetworking` | Use host networking in the DaemonSet so that hostname is reported correctly | `false` | -| `dnsConfig` | Configurable [dnsConfig][] | `{}` | -| `hostPathRoot` | Fully-qualified [hostPath][] that will be used to persist Filebeat registry data | `/var/lib` | -| `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | -| `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The Filebeat Docker image tag | `7.10.0-SNAPSHOT` | -| `image` | The Filebeat Docker image | `docker.elastic.co/beats/filebeat` | -| `labels` | Configurable [labels][] applied to all Filebeat pods | `{}` | -| `livenessProbe` | Parameters to pass to liveness [probe][] checks for values such as timeouts and thresholds | see [values.yaml][] | -| `managedServiceAccount` | Whether the `serviceAccount` should be managed by this Helm chart. Set this to `false` in order to manage your own service account and related roles | `true` | -| `nameOverride` | Overrides the chart name for resources. If not set the name will default to `.Chart.Name` | `""` | -| `nodeSelector` | Configurable [nodeSelector][] | `{}` | -| `podAnnotations` | Configurable [annotations][] applied to all Filebeat pods | `{}` | -| `podSecurityContext` | Configurable [podSecurityContext][] for Filebeat pod execution environment | see [values.yaml][] | -| `priorityClassName` | The name of the [PriorityClass][]. No default is supplied as the PriorityClass must be created first | `""` | -| `readinessProbe` | Parameters to pass to readiness [probe][] checks for values such as timeouts and thresholds | see [values.yaml][] | -| `resources` | Allows you to set the [resources][] for the `DaemonSet` | see [values.yaml][] | -| `secretMounts` | Allows you easily mount a secret as a file inside the `DaemonSet`. Useful for mounting certificates and other secrets. See [values.yaml][] for an example | `[]` | -| `serviceAccount` | Custom [serviceAccount][] that Filebeat will use during execution. By default will use the service account created by this chart | `""` | -| `serviceAccountAnnotations` | Annotations to be added to the ServiceAccount that is created by this chart. | `{}` -| `terminationGracePeriod` | Termination period (in seconds) to wait before killing Filebeat pod process on pod shutdown | `30` | -| `tolerations` | Configurable [tolerations][] | `[]` | -| `updateStrategy` | The [updateStrategy][] for the `DaemonSet`. By default Kubernetes will kill and recreate pods on updates. Setting this to `OnDelete` will require that pods be deleted manually | `RollingUpdate` | +| Parameter | Description | Default | +|-----------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------| +| `affinity` | Configurable [affinity][] | `{}` | +| `envFrom` | Templatable string of envFrom to be passed to the [environment from variables][] which will be appended to the `envFrom:` definition for the container | `[]` | +| `extraContainers` | List of additional init containers to be added at the DaemonSet | `""` | +| `extraEnvs` | Extra [environment variables][] which will be appended to the `env:` definition for the container | `[]` | +| `extraInitContainers` | List of additional init containers to be added at the DaemonSet. It also accepts a templatable string of additional containers to be passed to the `tpl` function | `[]` | +| `extraVolumeMounts` | List of additional volumeMounts to be mounted on the DaemonSet | `[]` | +| `extraVolumes` | List of additional volumes to be mounted on the DaemonSet | `[]` | +| `filebeatConfig` | Allows you to add any config files in `/usr/share/filebeat` such as `filebeat.yml` | see [values.yaml][] | +| `fullnameOverride` | Overrides the full name of the resources. If not set the name will default to " `.Release.Name` - `.Values.nameOverride or .Chart.Name` " | `""` | +| `hostNetworking` | Use host networking in the DaemonSet so that hostname is reported correctly | `false` | +| `dnsConfig` | Configurable [dnsConfig][] | `{}` | +| `hostPathRoot` | Fully-qualified [hostPath][] that will be used to persist Filebeat registry data | `/var/lib` | +| `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | +| `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | +| `imageTag` | The Filebeat Docker image tag | `7.10.0-SNAPSHOT` | +| `image` | The Filebeat Docker image | `docker.elastic.co/beats/filebeat` | +| `labels` | Configurable [labels][] applied to all Filebeat pods | `{}` | +| `livenessProbe` | Parameters to pass to liveness [probe][] checks for values such as timeouts and thresholds | see [values.yaml][] | +| `managedServiceAccount` | Whether the `serviceAccount` should be managed by this Helm chart. Set this to `false` in order to manage your own service account and related roles | `true` | +| `nameOverride` | Overrides the chart name for resources. If not set the name will default to `.Chart.Name` | `""` | +| `nodeSelector` | Configurable [nodeSelector][] | `{}` | +| `podAnnotations` | Configurable [annotations][] applied to all Filebeat pods | `{}` | +| `podSecurityContext` | Configurable [podSecurityContext][] for Filebeat pod execution environment | see [values.yaml][] | +| `priorityClassName` | The name of the [PriorityClass][]. No default is supplied as the PriorityClass must be created first | `""` | +| `readinessProbe` | Parameters to pass to readiness [probe][] checks for values such as timeouts and thresholds | see [values.yaml][] | +| `resources` | Allows you to set the [resources][] for the `DaemonSet` | see [values.yaml][] | +| `secretMounts` | Allows you easily mount a secret as a file inside the `DaemonSet`. Useful for mounting certificates and other secrets. See [values.yaml][] for an example | `[]` | +| `serviceAccount` | Custom [serviceAccount][] that Filebeat will use during execution. By default will use the service account created by this chart | `""` | +| `serviceAccountAnnotations` | Annotations to be added to the ServiceAccount that is created by this chart. | `{}` | +| `terminationGracePeriod` | Termination period (in seconds) to wait before killing Filebeat pod process on pod shutdown | `30` | +| `tolerations` | Configurable [tolerations][] | `[]` | +| `updateStrategy` | The [updateStrategy][] for the `DaemonSet`. By default Kubernetes will kill and recreate pods on updates. Setting this to `OnDelete` will require that pods be deleted manually | `RollingUpdate` | ## FAQ @@ -202,7 +203,6 @@ about our development and testing process. [filebeat oss docker image]: https://www.docker.elastic.co/r/beats/filebeat-oss [filebeat outputs]: https://www.elastic.co/guide/en/beats/filebeat/7.x/configuring-output.html [helm]: https://helm.sh -[helm 3 (beta)]: https://github.com/elastic/helm-charts/tree/master/README.md#helm-3-beta [hostNetwork]: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#host-namespaces [dnsConfig]: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/ [hostPath]: https://kubernetes.io/docs/concepts/storage/volumes/#hostpath diff --git a/filebeat/examples/default/Makefile b/filebeat/examples/default/Makefile index 937cea681..e27affffc 100644 --- a/filebeat/examples/default/Makefile +++ b/filebeat/examples/default/Makefile @@ -5,9 +5,9 @@ include ../../../helpers/examples.mk RELEASE := helm-filebeat-default install: - helm upgrade --wait --timeout=900 --install $(RELEASE) ../../ + helm upgrade --wait --timeout=900s --install $(RELEASE) ../../ test: install goss purge: - helm del --purge $(RELEASE) + helm del $(RELEASE) diff --git a/filebeat/examples/oss/Makefile b/filebeat/examples/oss/Makefile index fa3d507af..455c2e63a 100644 --- a/filebeat/examples/oss/Makefile +++ b/filebeat/examples/oss/Makefile @@ -5,9 +5,9 @@ include ../../../helpers/examples.mk RELEASE := helm-filebeat-oss install: - helm upgrade --wait --timeout=900 --install $(RELEASE) --values values.yaml ../../ + helm upgrade --wait --timeout=900s --install $(RELEASE) --values values.yaml ../../ test: install goss purge: - helm del --purge $(RELEASE) + helm del $(RELEASE) diff --git a/filebeat/examples/security/Makefile b/filebeat/examples/security/Makefile index 602dc4ae2..50c0b5bed 100644 --- a/filebeat/examples/security/Makefile +++ b/filebeat/examples/security/Makefile @@ -5,9 +5,9 @@ include ../../../helpers/examples.mk RELEASE := helm-filebeat-security install: - helm upgrade --wait --timeout=900 --install $(RELEASE) --values values.yaml ../../ + helm upgrade --wait --timeout=900s --install $(RELEASE) --values values.yaml ../../ test: install goss purge: - helm del --purge $(RELEASE) + helm del $(RELEASE) diff --git a/helpers/common.mk b/helpers/common.mk index d98b0c61f..f7debead3 100644 --- a/helpers/common.mk +++ b/helpers/common.mk @@ -13,18 +13,10 @@ build: ## Build helm-tester docker image .PHONY: deps deps: ## Update helm charts dependencies - sed --in-place '/charts\//d' ./.helmignore helm dependency update -.PHONY: helm -helm: ## Deploy helm on k8s cluster - kubectl get cs - kubectl create clusterrolebinding add-on-cluster-admin --clusterrole=cluster-admin --serviceaccount=kube-system:default || true - helm init --wait --upgrade - .PHONY: lint lint: ## Lint helm templates - grep 'charts/' ./.helmignore || echo 'charts/' >> ./.helmignore helm lint --strict ./ .PHONY: lint-python @@ -44,4 +36,4 @@ test: build ## Run all tests in a docker container docker run --rm -i --user "$$(id -u):$$(id -g)" -v $$(pwd)/../:/app -w /app/$$(basename $$(pwd)) helm-tester make test-all .PHONY: test-all ## Run all tests -test-all: lint deps template pytest +test-all: deps lint template pytest diff --git a/helpers/helm-tester/Dockerfile b/helpers/helm-tester/Dockerfile index b0cefa7b1..96ad4c483 100644 --- a/helpers/helm-tester/Dockerfile +++ b/helpers/helm-tester/Dockerfile @@ -1,13 +1,13 @@ FROM python:3.7 -ENV HELM_VERSION=2.17.0 +ENV HELM_VERSION=3.4.1 -RUN wget --no-verbose https://storage.googleapis.com/kubernetes-helm/helm-v${HELM_VERSION}-linux-amd64.tar.gz && \ +RUN wget --no-verbose https://get.helm.sh/helm-v${HELM_VERSION}-linux-amd64.tar.gz && \ tar xfv helm-v${HELM_VERSION}-linux-amd64.tar.gz && \ mv linux-amd64/helm /usr/local/bin/ && \ - rm -rf linux-amd64 && \ - HOME=/ helm init --client-only && \ - chmod 777 -R /.helm + mkdir --parents --mode=777 /.config/helm && \ + HOME=/ helm repo add stable https://charts.helm.sh/stable && \ + rm -rf helm-v${HELM_VERSION}-linux-amd64.tar.gz linux-amd64 COPY requirements.txt /usr/src/app/ RUN pip install --no-cache-dir -r /usr/src/app/requirements.txt diff --git a/helpers/helpers.py b/helpers/helpers.py index 9af447a94..4cc96756e 100644 --- a/helpers/helpers.py +++ b/helpers/helpers.py @@ -9,7 +9,7 @@ def helm_template(config): with tempfile.NamedTemporaryFile() as temp: with open(temp.name, "w") as values: values.write(config) - helm_cmd = "helm template -f {0} --namespace default ./".format(temp.name) + helm_cmd = "helm template release-name -f {0} ./".format(temp.name) result = yaml.load_all(check_output(helm_cmd.split())) results = {} diff --git a/helpers/terraform/Dockerfile b/helpers/terraform/Dockerfile index 5f49abccd..3540dfb60 100644 --- a/helpers/terraform/Dockerfile +++ b/helpers/terraform/Dockerfile @@ -3,7 +3,7 @@ FROM centos:7 ENV VAULT_VERSION 0.9.3 ENV TERRAFORM_VERSION=0.11.7 ENV KUBECTL_VERSION=1.16.10 -ENV HELM_VERSION=2.17.0 +ENV HELM_VERSION=3.4.1 ENV DOCKER_VERSION=18.09.7 ENV JQ_VERSION=1.6 @@ -22,6 +22,7 @@ RUN yum -y install \ RUN curl -O https://releases.hashicorp.com/vault/${VAULT_VERSION}/vault_${VAULT_VERSION}_linux_amd64.zip && \ unzip vault_${VAULT_VERSION}_linux_amd64.zip -d /usr/local/bin/ && \ chmod +x /usr/local/bin/vault && \ + rm -f vault_${VAULT_VERSION}_linux_amd64.zip && \ vault version RUN curl -O https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_amd64.zip && \ @@ -34,17 +35,17 @@ RUN curl -O https://storage.googleapis.com/kubernetes-release/release/v${KUBECTL chmod a+x /usr/local/bin/kubectl && \ kubectl version --client -RUN curl -O https://storage.googleapis.com/kubernetes-helm/helm-v${HELM_VERSION}-linux-amd64.tar.gz && \ +RUN curl -O https://get.helm.sh/helm-v${HELM_VERSION}-linux-amd64.tar.gz && \ tar xfv helm-v${HELM_VERSION}-linux-amd64.tar.gz && \ mv linux-amd64/helm /usr/local/bin/ && \ - rm -rf linux-amd64 && \ + rm -rf helm-v${HELM_VERSION}-linux-amd64.tar.gz linux-amd64 && \ helm version --client RUN curl -O https://download.docker.com/linux/static/stable/x86_64/docker-${DOCKER_VERSION}.tgz && \ tar xfv docker* && \ mv docker/docker /usr/local/bin && \ - rm -rf docker/ && \ - docker + rm -rf docker-${DOCKER_VERSION}.tgz docker/ && \ + docker -v RUN curl -O -L https://github.com/stedolan/jq/releases/download/jq-${JQ_VERSION}/jq-linux64 && \ mv jq-linux64 /usr/local/bin/jq && \ diff --git a/helpers/terraform/Makefile b/helpers/terraform/Makefile index a6dcff24b..8d448c3e3 100644 --- a/helpers/terraform/Makefile +++ b/helpers/terraform/Makefile @@ -65,8 +65,8 @@ creds: credentials.json ## Get gke credentials kubectl create namespace $(NAMESPACE) || true kubectl config set-context $$(kubectl config current-context) --namespace=$(NAMESPACE) -.PHONY: k8s -k8s: apply creds ## Configure gke cluster +.PHONY: up +up: apply creds ## Configure gke cluster kubectl get cs .PHONY: k8s-staging-registry @@ -77,15 +77,10 @@ k8s-staging-registry: creds ## Create the staging registry auth secret in k8s --docker-username="devops-ci" \ --docker-password="$$DOCKER_PASSWORD" -.PHONY: up -up: k8s ## Install helm on gke cluster - kubectl create clusterrolebinding add-on-cluster-admin --clusterrole=cluster-admin --serviceaccount=kube-system:default || true - for i in 1 2 3 4 5; do helm init --wait --upgrade && break || sleep 5; done - .PHONY: integration integration: creds ## Deploy helm chart and run integration tests cd ../../$(CHART)/ && \ - helm init --client-only && \ + helm repo add stable https://charts.helm.sh/stable && \ helm dependency update && \ cd ./examples/$(SUITE) && \ make @@ -98,4 +93,3 @@ build: ## Build helm-charts docker image pull-private-images: ## Pull private images used in testing cd ../../elasticsearch/examples/security/ && \ make pull-elasticsearch-image - diff --git a/kibana/README.md b/kibana/README.md index a41741f2a..3b7207513 100644 --- a/kibana/README.md +++ b/kibana/README.md @@ -48,8 +48,8 @@ This chart is tested with the latest 7.10.0-SNAPSHOT versions. `helm repo add elastic https://helm.elastic.co` * Install it: - - with Helm 2: `helm install --name kibana --version elastic/kibana` - - with [Helm 3 (beta)][]: `helm install kibana --version elastic/kibana` + - with Helm 3: `helm install kibana --version elastic/kibana` + - with Helm 2 (deprecated): `helm install --name kibana --version elastic/kibana` ### Install development version using 7.x branch and 7.10.0-SNAPSHOT versions @@ -57,8 +57,8 @@ This chart is tested with the latest 7.10.0-SNAPSHOT versions. * Clone the git repo: `git clone git@github.com:elastic/helm-charts.git` * Install it: - - with Helm 2: `helm install --name kibana ./helm-charts/kibana --set imageTag=7.10.0-SNAPSHOT` - - with [Helm 3 (beta)][]: `helm install kibana ./helm-charts/kibana --set imageTag=7.10.0-SNAPSHOT` + - with Helm 3: `helm install kibana ./helm-charts/kibana --set imageTag=7.10.0-SNAPSHOT` + - with Helm 2 (deprecated): `helm install --name kibana ./helm-charts/kibana --set imageTag=7.10.0-SNAPSHOT` ## Upgrading @@ -217,7 +217,6 @@ about our development and testing process. [examples/security]: https://github.com/elastic/helm-charts/tree/7.x/kibana/examples/security [gke]: https://cloud.google.com/kubernetes-engine [helm]: https://helm.sh -[helm 3 (beta)]: https://github.com/elastic/helm-charts/tree/master/README.md#helm-3-beta [imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images [imagePullSecrets]: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret [ingress]: https://kubernetes.io/docs/concepts/services-networking/ingress/ diff --git a/kibana/examples/default/Makefile b/kibana/examples/default/Makefile index ea15adfd0..4c6a6e6d8 100644 --- a/kibana/examples/default/Makefile +++ b/kibana/examples/default/Makefile @@ -5,9 +5,9 @@ RELEASE := helm-kibana-default install: echo "Goss container: $(GOSS_CONTAINER)" - helm upgrade --wait --timeout=900 --install $(RELEASE) ../../ + helm upgrade --wait --timeout=900s --install $(RELEASE) ../../ test: install goss purge: - helm del --purge $(RELEASE) + helm del $(RELEASE) diff --git a/kibana/examples/openshift/Makefile b/kibana/examples/openshift/Makefile index e1aadf2a0..8435ba2fe 100644 --- a/kibana/examples/openshift/Makefile +++ b/kibana/examples/openshift/Makefile @@ -7,9 +7,9 @@ template: helm template --values ./values.yml ../../ install: - helm upgrade --wait --timeout=900 --install --values ./values.yml $(RELEASE) ../../ + helm upgrade --wait --timeout=900s --install --values ./values.yml $(RELEASE) ../../ test: install goss purge: - helm del --purge $(RELEASE) + helm del $(RELEASE) diff --git a/kibana/examples/oss/Makefile b/kibana/examples/oss/Makefile index 16e974fcd..cbda8764d 100644 --- a/kibana/examples/oss/Makefile +++ b/kibana/examples/oss/Makefile @@ -4,9 +4,9 @@ include ../../../helpers/examples.mk RELEASE := helm-kibana-oss install: - helm upgrade --wait --timeout=900 --install --values ./values.yml $(RELEASE) ../../ + helm upgrade --wait --timeout=900s --install --values ./values.yml $(RELEASE) ../../ test: install goss purge: - helm del --purge $(RELEASE) + helm del $(RELEASE) diff --git a/kibana/examples/security/Makefile b/kibana/examples/security/Makefile index 107d8b74b..2fa8607e6 100644 --- a/kibana/examples/security/Makefile +++ b/kibana/examples/security/Makefile @@ -4,13 +4,13 @@ include ../../../helpers/examples.mk RELEASE := helm-kibana-security install: - helm upgrade --wait --timeout=900 --install --values ./security.yml $(RELEASE) ../../ + helm upgrade --wait --timeout=900s --install --values ./security.yml $(RELEASE) ../../ test: secrets install goss purge: kubectl delete secret kibana || true - helm del --purge $(RELEASE) + helm del $(RELEASE) secrets: encryptionkey=$$(docker run --rm busybox:1.31.1 /bin/sh -c "< /dev/urandom tr -dc _A-Za-z0-9 | head -c50") && \ diff --git a/kibana/templates/_helpers.tpl b/kibana/templates/_helpers.tpl index d2ab927b6..d03cc29cf 100755 --- a/kibana/templates/_helpers.tpl +++ b/kibana/templates/_helpers.tpl @@ -23,7 +23,7 @@ We truncate at 63 chars because some Kubernetes name fields are limited to this Return the appropriate apiVersion for ingress. */}} {{- define "kibana.ingress.apiVersion" -}} -{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}} +{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.Version -}} {{- print "extensions/v1beta1" -}} {{- else -}} {{- print "networking.k8s.io/v1beta1" -}} diff --git a/logstash/README.md b/logstash/README.md index b70e55ca0..0f01132b0 100644 --- a/logstash/README.md +++ b/logstash/README.md @@ -50,8 +50,9 @@ This chart is tested with the latest 7.10.0-SNAPSHOT versions. `helm repo add elastic https://helm.elastic.co` * Install it: - - with Helm 2: `helm install --name logstash --version elastic/logstash` - - with [Helm 3 (beta)][]: `helm install logstash --version elastic/logstash` + - with Helm 3: `helm install logstash --version elastic/logstash` + - with Helm 2 (deprecated): `helm install --name logstash --version elastic/logstash` + ### Install development version using 7.x branch and 7.10.0-SNAPSHOT versions @@ -59,8 +60,8 @@ This chart is tested with the latest 7.10.0-SNAPSHOT versions. * Clone the git repo: `git clone git@github.com:elastic/helm-charts.git` * Install it: - - with Helm 2: `helm install --name logstash ./helm-charts/logstash --set imageTag=7.10.0-SNAPSHOT` - - with [Helm 3 (beta)][]: `helm install logstash ./helm-charts/logstash --set imageTag=7.10.0-SNAPSHOT` + - with Helm 3: `helm install logstash ./helm-charts/logstash --set imageTag=7.10.0-SNAPSHOT` + - with Helm 2 (deprecated): `helm install --name logstash ./helm-charts/logstash --set imageTag=7.10.0-SNAPSHOT` ## Upgrading @@ -116,7 +117,7 @@ useful for the [http input plugin][], for instance. | `httpPort` | The http port that Kubernetes will use for the healthchecks and the service | `9600` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The Logstash Docker image tag | `7.9.3-SNAPSHOT` | +| `imageTag` | The Logstash Docker image tag | `7.10.0-SNAPSHOT` | | `image` | The Logstash Docker image | `docker.elastic.co/logstash/logstash` | | `labels` | Configurable [labels][] applied to all Logstash pods | `{}` | | `ingress` | Configurable [ingress][] for external access to Logstash HTTP port. | see [values.yaml][] | @@ -205,7 +206,6 @@ about our development and testing process. [examples]: https://github.com/elastic/helm-charts/tree/7.x/logstash/examples [examples/oss]: https://github.com/elastic/helm-charts/tree/7.x/logstash/examples/oss [helm]: https://helm.sh -[helm 3 (beta)]: https://github.com/elastic/helm-charts/tree/master/README.md#helm-3-beta [http input plugin]: https://www.elastic.co/guide/en/logstash/current/plugins-inputs-http.html [imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images [imagePullSecrets]: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret diff --git a/logstash/examples/default/Makefile b/logstash/examples/default/Makefile index 0e295d765..4c5920df5 100644 --- a/logstash/examples/default/Makefile +++ b/logstash/examples/default/Makefile @@ -5,12 +5,12 @@ include ../../../helpers/examples.mk RELEASE := helm-logstash-default install: - helm upgrade --wait --timeout=1200 --install $(RELEASE) ../../ + helm upgrade --wait --timeout=1200s --install $(RELEASE) ../../ restart: - helm upgrade --set terminationGracePeriod=121 --wait --timeout=1200 --install $(RELEASE) ../../ + helm upgrade --set terminationGracePeriod=121 --wait --timeout=1200s --install $(RELEASE) ../../ test: install goss purge: - helm del --purge $(RELEASE) + helm del $(RELEASE) diff --git a/logstash/examples/elasticsearch/Makefile b/logstash/examples/elasticsearch/Makefile index 0323fcea5..b11f714e3 100644 --- a/logstash/examples/elasticsearch/Makefile +++ b/logstash/examples/elasticsearch/Makefile @@ -5,13 +5,13 @@ include ../../../helpers/examples.mk RELEASE := helm-logstash-elasticsearch install: - helm upgrade --wait --timeout=1200 --install $(RELEASE) --values ./values.yaml ../../ + helm upgrade --wait --timeout=1200s --install $(RELEASE) --values ./values.yaml ../../ restart: - helm upgrade --set terminationGracePeriod=121 --wait --timeout=1200 --install $(RELEASE) ../../ + helm upgrade --set terminationGracePeriod=121 --wait --timeout=1200s --install $(RELEASE) ../../ test: install goss purge: - helm del --purge $(RELEASE) + helm del $(RELEASE) kubectl delete $$(kubectl get pvc -l release=$(RELEASE) -o name) diff --git a/logstash/examples/oss/Makefile b/logstash/examples/oss/Makefile index 541d0182f..81c83f702 100644 --- a/logstash/examples/oss/Makefile +++ b/logstash/examples/oss/Makefile @@ -5,12 +5,12 @@ include ../../../helpers/examples.mk RELEASE := helm-logstash-oss install: - helm upgrade --wait --timeout=1200 --install $(RELEASE) --values ./values.yaml ../../ + helm upgrade --wait --timeout=1200s --install $(RELEASE) --values ./values.yaml ../../ restart: - helm upgrade --set terminationGracePeriod=121 --wait --timeout=1200 --install $(RELEASE) ../../ + helm upgrade --set terminationGracePeriod=121 --wait --timeout=1200s --install $(RELEASE) ../../ test: install goss purge: - helm del --purge $(RELEASE) + helm del $(RELEASE) diff --git a/logstash/examples/security/Makefile b/logstash/examples/security/Makefile index 8bad0bc1c..ef8ebf13e 100644 --- a/logstash/examples/security/Makefile +++ b/logstash/examples/security/Makefile @@ -5,10 +5,10 @@ include ../../../helpers/examples.mk RELEASE := helm-logstash-security install: - helm upgrade --wait --timeout=1200 --install $(RELEASE) --values values.yaml ../../ + helm upgrade --wait --timeout=1200s --install $(RELEASE) --values values.yaml ../../ test: install goss purge: - helm del --purge $(RELEASE) + helm del $(RELEASE) kubectl delete $$(kubectl get pvc -l release=$(RELEASE) -o name) diff --git a/logstash/templates/_helpers.tpl b/logstash/templates/_helpers.tpl index d240a026e..13c76fde6 100755 --- a/logstash/templates/_helpers.tpl +++ b/logstash/templates/_helpers.tpl @@ -23,7 +23,7 @@ We truncate at 63 chars because some Kubernetes name fields are limited to this Return the appropriate apiVersion for statefulset. */}} {{- define "logstash.statefulset.apiVersion" -}} -{{- if semverCompare "<1.9-0" .Capabilities.KubeVersion.GitVersion -}} +{{- if semverCompare "<1.9-0" .Capabilities.KubeVersion.Version -}} {{- print "apps/v1beta2" -}} {{- else -}} {{- print "apps/v1" -}} @@ -34,7 +34,7 @@ Return the appropriate apiVersion for statefulset. Return the appropriate apiVersion for ingress. */}} {{- define "logstash.ingress.apiVersion" -}} -{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}} +{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.Version -}} {{- print "extensions/v1beta1" -}} {{- else -}} {{- print "networking.k8s.io/v1beta1" -}} diff --git a/logstash/templates/service.yaml b/logstash/templates/service.yaml index 6cbca1ee4..6540c8c61 100644 --- a/logstash/templates/service.yaml +++ b/logstash/templates/service.yaml @@ -16,7 +16,6 @@ spec: selector: app: "{{ template "logstash.fullname" . }}" chart: "{{ .Chart.Name }}" - heritage: {{ .Release.Service | quote }} release: {{ .Release.Name | quote }} ports: {{ toYaml .Values.service.ports | indent 4 }} diff --git a/metricbeat/README.md b/metricbeat/README.md index f95ac71eb..ce8bcf32b 100644 --- a/metricbeat/README.md +++ b/metricbeat/README.md @@ -47,8 +47,8 @@ This chart is tested with the latest 7.10.0-SNAPSHOT versions. `helm repo add elastic https://helm.elastic.co` * Install it: - - with Helm 2: `helm install --name metricbeat --version elastic/metricbeat` - - with [Helm 3 (beta)][]: `helm install metricbeat --version elastic/metricbeat` + - with Helm 3: `helm install metricbeat --version elastic/metricbeat` + - with Helm 2 (deprecated): `helm install --name metricbeat --version elastic/metricbeat` ### Install development version using 7.x branch and 7.10.0-SNAPSHOT versions @@ -56,8 +56,8 @@ This chart is tested with the latest 7.10.0-SNAPSHOT versions. * Clone the git repo: `git clone git@github.com:elastic/helm-charts.git` * Install it: - - with Helm 2: `helm install --name metricbeat ./helm-charts/metricbeat --set imageTag=7.10.0-SNAPSHOT` - - with [Helm 3 (beta)][]: `helm install metricbeat ./helm-charts/metricbeat --set imageTag=7.10.0-SNAPSHOT` + - with Helm 3: `helm install metricbeat ./helm-charts/metricbeat --set imageTag=7.10.0-SNAPSHOT` + - with Helm 2 (deprecated): `helm install --name metricbeat ./helm-charts/metricbeat --set imageTag=7.10.0-SNAPSHOT` ## Upgrading @@ -125,7 +125,7 @@ as a reference. They are also used in the automated testing of this chart. | `hostPathRoot` | Fully-qualified [hostPath][] that will be used to persist Metricbeat registry data | `/var/lib` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The Metricbeat Docker image tag | `7.10.0-SNAPSHOT` | +| `imageTag` | The Metricbeat Docker image tag | `7.10.0-SNAPSHOT` | | `image` | The Metricbeat Docker image | `docker.elastic.co/beats/metricbeat` | | `kube_state_metrics.enabled` | Install [kube-state-metrics](https://github.com/helm/charts/tree/master/stable/kube-state-metrics) as a dependency | `true` | | `kube_state_metrics.host` | Define kube-state-metrics endpoint for an existing deployment. Works only if `kube_state_metrics.enabled: false` | `""` | @@ -225,7 +225,6 @@ about our development and testing process. [examples/oss]: https://github.com/elastic/helm-charts/tree/7.x/metricbeat/examples/oss [examples/security]: https://github.com/elastic/helm-charts/tree/7.x/metricbeat/examples/security [helm]: https://helm.sh -[helm 3 (beta)]: https://github.com/elastic/helm-charts/tree/master/README.md#helm-3-beta [hostPath]: https://kubernetes.io/docs/concepts/storage/volumes/#hostpath [hostNetwork]: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#host-namespaces [imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images diff --git a/metricbeat/examples/default/Makefile b/metricbeat/examples/default/Makefile index 76da6b209..6ff5a30e7 100644 --- a/metricbeat/examples/default/Makefile +++ b/metricbeat/examples/default/Makefile @@ -6,7 +6,7 @@ RELEASE = helm-metricbeat-default GOSS_SELECTOR = release=$(RELEASE),app=helm-metricbeat-default-metricbeat install: - helm upgrade --wait --timeout=900 --install $(RELEASE) ../../ + helm upgrade --wait --timeout=900s --install $(RELEASE) ../../ test-metrics: GOSS_FILE=goss-metrics.yaml make goss GOSS_SELECTOR=release=$(RELEASE),app=helm-metricbeat-default-metricbeat-metrics @@ -14,4 +14,4 @@ test-metrics: test: install goss test-metrics purge: - helm del --purge $(RELEASE) + helm del $(RELEASE) diff --git a/metricbeat/examples/oss/Makefile b/metricbeat/examples/oss/Makefile index afe3c1f2c..acb1124bc 100644 --- a/metricbeat/examples/oss/Makefile +++ b/metricbeat/examples/oss/Makefile @@ -6,10 +6,10 @@ RELEASE := helm-metricbeat-oss GOSS_SELECTOR = release=$(RELEASE),app=helm-metricbeat-oss-metricbeat install: - helm upgrade --wait --timeout=900 --install $(RELEASE) --values values.yaml ../../ + helm upgrade --wait --timeout=900s --install $(RELEASE) --values values.yaml ../../ purge: - helm del --purge $(RELEASE) + helm del $(RELEASE) test-metrics: GOSS_FILE=goss-metrics.yaml make goss GOSS_SELECTOR=release=$(RELEASE),app=helm-metricbeat-oss-metricbeat-metrics diff --git a/metricbeat/examples/security/Makefile b/metricbeat/examples/security/Makefile index acabeb20a..d57cb05be 100644 --- a/metricbeat/examples/security/Makefile +++ b/metricbeat/examples/security/Makefile @@ -6,10 +6,10 @@ RELEASE := helm-metricbeat-security GOSS_SELECTOR = release=$(RELEASE),app=helm-metricbeat-security-metricbeat install: - helm upgrade --wait --timeout=900 --install $(RELEASE) --values values.yaml ../../ + helm upgrade --wait --timeout=900s --install $(RELEASE) --values values.yaml ../../ purge: - helm del --purge $(RELEASE) + helm del $(RELEASE) test-metrics: GOSS_FILE=goss-metrics.yaml make goss GOSS_SELECTOR=release=$(RELEASE),app=helm-metricbeat-security-metricbeat-metrics diff --git a/metricbeat/templates/deployment.yaml b/metricbeat/templates/deployment.yaml index e9d682b2e..cc97f20e5 100644 --- a/metricbeat/templates/deployment.yaml +++ b/metricbeat/templates/deployment.yaml @@ -30,7 +30,6 @@ spec: selector: matchLabels: app: '{{ template "metricbeat.fullname" . }}-metrics' - heritage: '{{ .Release.Service }}' release: '{{ .Release.Name }}' template: metadata: @@ -45,7 +44,6 @@ spec: labels: app: '{{ template "metricbeat.fullname" . }}-metrics' chart: '{{ .Chart.Name }}-{{ .Chart.Version }}' - heritage: '{{ .Release.Service }}' release: '{{ .Release.Name }}' {{- if .Values.deployment.labels }} {{- range $key, $value := .Values.deployment.labels }} From aefe09cc133a31c2cd003938acf18a5b66392999 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Wed, 18 Nov 2020 18:20:40 +0100 Subject: [PATCH 099/151] [meta] add link to eck chart doc (#910) This commit add a link to ECK chart and documentation. Fix #829 --- README.md | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 2e3e581ef..951fb8a15 100644 --- a/README.md +++ b/README.md @@ -35,14 +35,14 @@ The `master` version of these charts are intended to support the latest pre-rele versions of our products, and therefore may or may not work with current released versions. -| Chart | Docker documentation | Latest 7 Version | Latest 6 Version | -|--------------------------------------------|-----------------------------------------------------------------------------|----------------------------|-----------------------------| -| [APM-Server](./apm-server/README.md) | https://www.elastic.co/guide/en/apm/server/7.9/running-on-docker.html | [`7.8.1`][apm-7] | [`6.8.10`][apm-6] | -| [Elasticsearch](./elasticsearch/README.md) | https://www.elastic.co/guide/en/elasticsearch/reference/7.9/docker.html | [`7.8.1`][elasticsearch-7] | [`6.8.10`][elasticsearch-6] | -| [Filebeat](./filebeat/README.md) | https://www.elastic.co/guide/en/beats/filebeat/7.9/running-on-docker.html | [`7.8.1`][filebeat-7] | [`6.8.10`][filebeat-6] | -| [Kibana](./kibana/README.md) | https://www.elastic.co/guide/en/kibana/7.9/docker.html | [`7.8.1`][kibana-7] | [`6.8.10`][kibana-6] | -| [Logstash](./logstash/README.md) | https://www.elastic.co/guide/en/logstash/7.9/docker.html | [`7.8.1`][logstash-7] | [`6.8.10`][logstash-6] | -| [Metricbeat](./metricbeat/README.md) | https://www.elastic.co/guide/en/beats/metricbeat/7.9/running-on-docker.html | [`7.8.1`][metricbeat-7] | [`6.8.10`][metricbeat-6] | +| Chart | Docker documentation | Latest 7 Version | Latest 6 Version | +|--------------------------------------------|---------------------------------------------------------------------------------|----------------------------|-----------------------------| +| [APM-Server](./apm-server/README.md) | https://www.elastic.co/guide/en/apm/server/current/running-on-docker.html | [`7.9.3`][apm-7] | [`6.8.13`][apm-6] | +| [Elasticsearch](./elasticsearch/README.md) | https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html | [`7.9.3`][elasticsearch-7] | [`6.8.13`][elasticsearch-6] | +| [Filebeat](./filebeat/README.md) | https://www.elastic.co/guide/en/beats/filebeat/current/running-on-docker.html | [`7.9.3`][filebeat-7] | [`6.8.13`][filebeat-6] | +| [Kibana](./kibana/README.md) | https://www.elastic.co/guide/en/kibana/current/docker.html | [`7.9.3`][kibana-7] | [`6.8.13`][kibana-6] | +| [Logstash](./logstash/README.md) | https://www.elastic.co/guide/en/logstash/current/docker.html | [`7.9.3`][logstash-7] | [`6.8.13`][logstash-6] | +| [Metricbeat](./metricbeat/README.md) | https://www.elastic.co/guide/en/beats/metricbeat/current/running-on-docker.html | [`7.9.3`][metricbeat-7] | [`6.8.13`][metricbeat-6] | ## Supported Configurations @@ -83,10 +83,13 @@ Helm version mentioned in [helm-tester Dockerfile][] (currently 3.4.1). In addition of these Helm charts, Elastic also provides [Elastic Cloud on Kubernetes][] which is based on [Operator pattern][] and is Elastic recommended way to deploy Elasticsearch, Kibana and APM Server on -Kubernetes. +Kubernetes. There is a dedicated Helm chart for ECK which can be found +[in ECK repo][eck-chart] ([documentation][eck-chart-doc]). [currently tested]: https://devops-ci.elastic.co/job/elastic+helm-charts+7.x/ +[eck-chart]: https://github.com/elastic/cloud-on-k8s/tree/master/deploy +[eck-chart-doc]: https://www.elastic.co/guide/en/cloud-on-k8s/current/k8s-install-helm.html [elastic cloud on kubernetes]: https://github.com/elastic/cloud-on-k8s [elastic helm repo]: https://helm.elastic.co [github releases]: https://github.com/elastic/helm-charts/releases From bcc1208812e2ec5cb33842790cfb763d14f8ca85 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Wed, 18 Nov 2020 18:37:42 +0100 Subject: [PATCH 100/151] [elasticsearch] update test hook annotations (#911) This commit update Elasticsearch chart test hook annotations for Helm 3 and add a new annotation to automate test pod deletion when test is successful. Related to https://github.com/elastic/helm-charts/issues/401#issuecomment-729555952 --- elasticsearch/templates/test/test-elasticsearch-health.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/elasticsearch/templates/test/test-elasticsearch-health.yaml b/elasticsearch/templates/test/test-elasticsearch-health.yaml index a278b140a..dd5eaa043 100644 --- a/elasticsearch/templates/test/test-elasticsearch-health.yaml +++ b/elasticsearch/templates/test/test-elasticsearch-health.yaml @@ -4,7 +4,8 @@ kind: Pod metadata: name: "{{ .Release.Name }}-{{ randAlpha 5 | lower }}-test" annotations: - "helm.sh/hook": test-success + "helm.sh/hook": test + "helm.sh/hook-delete-policy": hook-succeeded spec: securityContext: {{ toYaml .Values.podSecurityContext | indent 4 }} From e208babe2a16a8064ada7dd277747baac985e987 Mon Sep 17 00:00:00 2001 From: cospeedster <52749645+cospeedster@users.noreply.github.com> Date: Wed, 18 Nov 2020 21:18:12 +0100 Subject: [PATCH 101/151] [elasticsearch] Fix spelling (#897) --- elasticsearch/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/elasticsearch/values.yaml b/elasticsearch/values.yaml index 918e43464..deb69e7fb 100755 --- a/elasticsearch/values.yaml +++ b/elasticsearch/values.yaml @@ -122,7 +122,7 @@ podSecurityPolicy: persistence: enabled: true labels: - # Add default labels for the volumeClaimTemplate fo the StatefulSet + # Add default labels for the volumeClaimTemplate of the StatefulSet enabled: false annotations: {} From 1f4203250f8a4f2aae6d29d5113f2b2a744ea6d0 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Thu, 19 Nov 2020 17:37:30 +0100 Subject: [PATCH 102/151] [meta] bump 7.x branch to 7.11.0-SNAPSHOT (#915) This commit bump the 7.x branch which will be dedicated to the 7.x.x releases for the Helm Charts. It will allow to: - test this branch with the daily Stack Docker images 7.11.0-SNAPSHOT via dedicated Jenkins jobs --- README.md | 66 ++++++++++--------- apm-server/Chart.yaml | 4 +- apm-server/README.md | 14 ++-- apm-server/examples/default/README.md | 2 +- apm-server/examples/default/test/goss.yaml | 2 +- apm-server/examples/oss/README.md | 2 +- apm-server/examples/oss/test/goss.yaml | 2 +- apm-server/examples/security/README.md | 2 +- apm-server/examples/security/test/goss.yaml | 2 +- apm-server/values.yaml | 2 +- elasticsearch/Chart.yaml | 4 +- elasticsearch/README.md | 12 ++-- elasticsearch/examples/config/README.md | 2 +- elasticsearch/examples/default/README.md | 2 +- elasticsearch/examples/default/test/goss.yaml | 2 +- .../examples/docker-for-mac/README.md | 2 +- .../examples/kubernetes-kind/README.md | 2 +- elasticsearch/examples/microk8s/README.md | 2 +- elasticsearch/examples/minikube/README.md | 2 +- elasticsearch/examples/multi/README.md | 2 +- elasticsearch/examples/openshift/README.md | 2 +- .../examples/openshift/test/goss.yaml | 2 +- elasticsearch/examples/oss/README.md | 2 +- elasticsearch/examples/oss/test/goss.yaml | 2 +- elasticsearch/examples/security/README.md | 2 +- elasticsearch/examples/upgrade/README.md | 4 +- elasticsearch/examples/upgrade/test/goss.yaml | 2 +- elasticsearch/values.yaml | 2 +- filebeat/Chart.yaml | 4 +- filebeat/README.md | 12 ++-- filebeat/examples/default/README.md | 2 +- filebeat/examples/default/test/goss.yaml | 4 +- filebeat/examples/oss/README.md | 2 +- filebeat/examples/oss/test/goss.yaml | 2 +- filebeat/examples/security/README.md | 2 +- filebeat/examples/security/test/goss.yaml | 2 +- filebeat/values.yaml | 2 +- helpers/bumper.py | 2 +- helpers/examples.mk | 2 +- kibana/Chart.yaml | 4 +- kibana/README.md | 12 ++-- kibana/examples/default/README.md | 2 +- kibana/examples/default/test/goss.yaml | 2 +- kibana/examples/openshift/README.md | 2 +- kibana/examples/oss/README.md | 2 +- kibana/examples/security/README.md | 2 +- kibana/values.yaml | 2 +- logstash/Chart.yaml | 4 +- logstash/README.md | 12 ++-- logstash/examples/default/README.md | 2 +- logstash/examples/default/test/goss.yaml | 2 +- logstash/examples/elasticsearch/README.md | 2 +- .../examples/elasticsearch/test/goss.yaml | 2 +- logstash/examples/oss/README.md | 2 +- logstash/examples/oss/test/goss.yaml | 2 +- logstash/examples/security/test/goss.yaml | 2 +- logstash/values.yaml | 2 +- metricbeat/Chart.yaml | 4 +- metricbeat/README.md | 12 ++-- metricbeat/examples/default/README.md | 2 +- .../examples/default/test/goss-metrics.yaml | 6 +- metricbeat/examples/default/test/goss.yaml | 6 +- metricbeat/examples/oss/README.md | 2 +- .../examples/oss/test/goss-metrics.yaml | 6 +- metricbeat/examples/oss/test/goss.yaml | 6 +- metricbeat/examples/security/README.md | 2 +- .../examples/security/test/goss-metrics.yaml | 6 +- metricbeat/examples/security/test/goss.yaml | 6 +- metricbeat/values.yaml | 2 +- 69 files changed, 153 insertions(+), 151 deletions(-) diff --git a/README.md b/README.md index 951fb8a15..b8b40cb54 100644 --- a/README.md +++ b/README.md @@ -35,14 +35,14 @@ The `master` version of these charts are intended to support the latest pre-rele versions of our products, and therefore may or may not work with current released versions. -| Chart | Docker documentation | Latest 7 Version | Latest 6 Version | -|--------------------------------------------|---------------------------------------------------------------------------------|----------------------------|-----------------------------| -| [APM-Server](./apm-server/README.md) | https://www.elastic.co/guide/en/apm/server/current/running-on-docker.html | [`7.9.3`][apm-7] | [`6.8.13`][apm-6] | -| [Elasticsearch](./elasticsearch/README.md) | https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html | [`7.9.3`][elasticsearch-7] | [`6.8.13`][elasticsearch-6] | -| [Filebeat](./filebeat/README.md) | https://www.elastic.co/guide/en/beats/filebeat/current/running-on-docker.html | [`7.9.3`][filebeat-7] | [`6.8.13`][filebeat-6] | -| [Kibana](./kibana/README.md) | https://www.elastic.co/guide/en/kibana/current/docker.html | [`7.9.3`][kibana-7] | [`6.8.13`][kibana-6] | -| [Logstash](./logstash/README.md) | https://www.elastic.co/guide/en/logstash/current/docker.html | [`7.9.3`][logstash-7] | [`6.8.13`][logstash-6] | -| [Metricbeat](./metricbeat/README.md) | https://www.elastic.co/guide/en/beats/metricbeat/current/running-on-docker.html | [`7.9.3`][metricbeat-7] | [`6.8.13`][metricbeat-6] | +| Chart | Docker documentation | Latest 7 Version | Latest 6 Version | +|--------------------------------------------|---------------------------------------------------------------------------------|-----------------------------|-----------------------------| +| [APM-Server](./apm-server/README.md) | https://www.elastic.co/guide/en/apm/server/current/running-on-docker.html | [`7.10.0`][apm-7] | [`6.8.13`][apm-6] | +| [Elasticsearch](./elasticsearch/README.md) | https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html | [`7.10.0`][elasticsearch-7] | [`6.8.13`][elasticsearch-6] | +| [Filebeat](./filebeat/README.md) | https://www.elastic.co/guide/en/beats/filebeat/current/running-on-docker.html | [`7.10.0`][filebeat-7] | [`6.8.13`][filebeat-6] | +| [Kibana](./kibana/README.md) | https://www.elastic.co/guide/en/kibana/current/docker.html | [`7.10.0`][kibana-7] | [`6.8.13`][kibana-6] | +| [Logstash](./logstash/README.md) | https://www.elastic.co/guide/en/logstash/current/docker.html | [`7.10.0`][logstash-7] | [`6.8.13`][logstash-6] | +| [Metricbeat](./metricbeat/README.md) | https://www.elastic.co/guide/en/beats/metricbeat/current/running-on-docker.html | [`7.10.0`][metricbeat-7] | [`6.8.13`][metricbeat-6] | ## Supported Configurations @@ -53,18 +53,20 @@ Note that only the released charts coming from [Elastic Helm repo][] or ### Support Matrix -| | Elasticsearch | Kibana | Logstash | Filebeat | Metricbeat | APM Server | -|-----|---------------|--------|----------|----------|------------|------------| -| 6.8 | Beta | Beta | Beta | Beta | Beta | Alpha | -| 7.0 | Alpha | Alpha | / | / | / | / | -| 7.1 | Beta | Beta | / | Beta | / | / | -| 7.2 | Beta | Beta | / | Beta | Beta | / | -| 7.3 | Beta | Beta | / | Beta | Beta | / | -| 7.4 | Beta | Beta | / | Beta | Beta | / | -| 7.5 | Beta | Beta | Beta | Beta | Beta | Alpha | -| 7.6 | Beta | Beta | Beta | Beta | Beta | Alpha | -| 7.7 | GA | GA | Beta | GA | GA | Beta | -| 7.x | GA | GA | Beta | GA | GA | Beta | +| | Elasticsearch | Kibana | Logstash | Filebeat | Metricbeat | APM Server | +|------|---------------|--------|----------|----------|------------|------------| +| 6.8 | Beta | Beta | Beta | Beta | Beta | Alpha | +| 7.0 | Alpha | Alpha | / | / | / | / | +| 7.1 | Beta | Beta | / | Beta | / | / | +| 7.2 | Beta | Beta | / | Beta | Beta | / | +| 7.3 | Beta | Beta | / | Beta | Beta | / | +| 7.4 | Beta | Beta | / | Beta | Beta | / | +| 7.5 | Beta | Beta | Beta | Beta | Beta | Alpha | +| 7.6 | Beta | Beta | Beta | Beta | Beta | Alpha | +| 7.7 | GA | GA | Beta | GA | GA | Beta | +| 7.8 | GA | GA | Beta | GA | GA | Beta | +| 7.9 | GA | GA | Beta | GA | GA | Beta | +| 7.10 | GA | GA | Beta | GA | GA | Beta | ### Kubernetes Versions @@ -98,15 +100,15 @@ Kubernetes. There is a dedicated Helm chart for ECK which can be found [operator pattern]: https://kubernetes.io/docs/concepts/extend-kubernetes/operator/ [elasticsearch-771]: https://github.com/elastic/helm-charts/tree/7.7.1/elasticsearch/ -[apm-7]: https://github.com/elastic/helm-charts/tree/7.8.1/apm-server/README.md -[apm-6]: https://github.com/elastic/helm-charts/tree/6.8.10/apm-server/README.md -[elasticsearch-7]: https://github.com/elastic/helm-charts/tree/7.8.1/elasticsearch/README.md -[elasticsearch-6]: https://github.com/elastic/helm-charts/tree/6.8.10/elasticsearch/README.md -[filebeat-7]: https://github.com/elastic/helm-charts/tree/7.8.1/filebeat/README.md -[filebeat-6]: https://github.com/elastic/helm-charts/tree/6.8.10/filebeat/README.md -[kibana-7]: https://github.com/elastic/helm-charts/tree/7.8.1/kibana/README.md -[kibana-6]: https://github.com/elastic/helm-charts/tree/6.8.10/kibana/README.md -[logstash-7]: https://github.com/elastic/helm-charts/tree/7.8.1/logstash/README.md -[logstash-6]: https://github.com/elastic/helm-charts/tree/6.8.10/logstash/README.md -[metricbeat-7]: https://github.com/elastic/helm-charts/tree/7.8.1/metricbeat/README.md -[metricbeat-6]: https://github.com/elastic/helm-charts/tree/6.8.10/metricbeat/README.md +[apm-7]: https://github.com/elastic/helm-charts/tree/7.10.0/apm-server/README.md +[apm-6]: https://github.com/elastic/helm-charts/tree/6.8.13/apm-server/README.md +[elasticsearch-7]: https://github.com/elastic/helm-charts/tree/7.10.0/elasticsearch/README.md +[elasticsearch-6]: https://github.com/elastic/helm-charts/tree/6.8.13/elasticsearch/README.md +[filebeat-7]: https://github.com/elastic/helm-charts/tree/7.10.0/filebeat/README.md +[filebeat-6]: https://github.com/elastic/helm-charts/tree/6.8.13/filebeat/README.md +[kibana-7]: https://github.com/elastic/helm-charts/tree/7.10.0/kibana/README.md +[kibana-6]: https://github.com/elastic/helm-charts/tree/6.8.13/kibana/README.md +[logstash-7]: https://github.com/elastic/helm-charts/tree/7.10.0/logstash/README.md +[logstash-6]: https://github.com/elastic/helm-charts/tree/6.8.13/logstash/README.md +[metricbeat-7]: https://github.com/elastic/helm-charts/tree/7.10.0/metricbeat/README.md +[metricbeat-6]: https://github.com/elastic/helm-charts/tree/6.8.13/metricbeat/README.md diff --git a/apm-server/Chart.yaml b/apm-server/Chart.yaml index 9e4ee0d71..0f9e159c8 100755 --- a/apm-server/Chart.yaml +++ b/apm-server/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: apm-server -version: 7.10.0-SNAPSHOT -appVersion: 7.10.0-SNAPSHOT +version: 7.11.0-SNAPSHOT +appVersion: 7.11.0-SNAPSHOT sources: - https://github.com/elastic/apm icon: https://helm.elastic.co/icons/apm.png diff --git a/apm-server/README.md b/apm-server/README.md index 8570ff52b..1cf4a5c3f 100644 --- a/apm-server/README.md +++ b/apm-server/README.md @@ -18,7 +18,7 @@ SLA of official GA features (see [supported configurations][] for more details). - [Requirements](#requirements) - [Installing](#installing) - [Install released version using Helm repository](#install-released-version-using-helm-repository) - - [Install development version using 7.x branch and 7.10.0-SNAPSHOT versions](#install-development-version-using-7x-branch-and-7100-snapshot-versions) + - [Install development version using 7.x branch and 7.11.0-SNAPSHOT versions](#install-development-version-using-7x-branch-and-7110-snapshot-versions) - [Upgrading](#upgrading) - [Usage notes](#usage-notes) - [Configuration](#configuration) @@ -42,7 +42,7 @@ See [supported configurations][] for more details. ## Installing -This chart is tested with the latest 7.10.0-SNAPSHOT versions. +This chart is tested with the latest 7.11.0-SNAPSHOT versions. ### Install released version using Helm repository @@ -54,13 +54,13 @@ This chart is tested with the latest 7.10.0-SNAPSHOT versions. - with Helm 2 (deprecated): `helm install --name apm-server --version elastic/apm-server` -### Install development version using 7.x branch and 7.10.0-SNAPSHOT versions +### Install development version using 7.x branch and 7.11.0-SNAPSHOT versions * Clone the git repo: `git clone git@github.com:elastic/helm-charts.git` * Install it: - - with Helm 3: `helm install apm-server ./helm-charts/apm-server --set imageTag=7.10.0-SNAPSHOT` - - with Helm 2 (deprecated): `helm install --name apm-server ./helm-charts/apm-server --set imageTag=7.10.0-SNAPSHOT` + - with Helm 3: `helm install apm-server ./helm-charts/apm-server --set imageTag=7.11.0-SNAPSHOT` + - with Helm 2 (deprecated): `helm install --name apm-server ./helm-charts/apm-server --set imageTag=7.11.0-SNAPSHOT` ## Upgrading @@ -98,7 +98,7 @@ as a reference. They are also used in the automated testing of this chart. | `fullnameOverride` | Overrides the full name of the resources. If not set the name will default to `.Release.Name` - `.Values.nameOverride` or `.Chart.Name` | `""` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The APM Server Docker image tag | `7.10.0-SNAPSHOT` | +| `imageTag` | The APM Server Docker image tag | `7.11.0-SNAPSHOT` | | `image` | The APM Server Docker image | `docker.elastic.co/apm/apm-server` | | `ingress` | Configurable [ingress][] to expose the APM Server service | see [values.yaml][] | | `labels` | Configurable [labels][] applied to all APM server pods | `{}` | @@ -152,7 +152,7 @@ about our development and testing process. [CONTRIBUTING.md]: https://github.com/elastic/helm-charts/blob/master/CONTRIBUTING.md [affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity [annotations]: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ -[apm server docker image]: https://www.elastic.co/guide/en/apm/server/7.9/running-on-docker.html +[apm server docker image]: https://www.elastic.co/guide/en/apm/server/7.10/running-on-docker.html [apm server oss docker image]: https://www.docker.elastic.co/r/apm/apm-server-oss [default elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/README.md#default [environment variables]: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config diff --git a/apm-server/examples/default/README.md b/apm-server/examples/default/README.md index 9c6b913aa..41b36d9b0 100644 --- a/apm-server/examples/default/README.md +++ b/apm-server/examples/default/README.md @@ -1,6 +1,6 @@ # Default -This example deploy APM Server 7.10.0-SNAPSHOT using [default values][]. +This example deploy APM Server 7.11.0-SNAPSHOT using [default values][]. ## Usage diff --git a/apm-server/examples/default/test/goss.yaml b/apm-server/examples/default/test/goss.yaml index 9dccc1d29..7659f1f86 100644 --- a/apm-server/examples/default/test/goss.yaml +++ b/apm-server/examples/default/test/goss.yaml @@ -3,4 +3,4 @@ http: status: 200 timeout: 2000 body: - - '7.10.0' + - "7.11.0" diff --git a/apm-server/examples/oss/README.md b/apm-server/examples/oss/README.md index 4cb72b90c..af01d5382 100644 --- a/apm-server/examples/oss/README.md +++ b/apm-server/examples/oss/README.md @@ -1,6 +1,6 @@ # OSS -This example deploy APM Server 7.10.0-SNAPSHOT using [APM Server OSS][] version. +This example deploy APM Server 7.11.0-SNAPSHOT using [APM Server OSS][] version. ## Usage diff --git a/apm-server/examples/oss/test/goss.yaml b/apm-server/examples/oss/test/goss.yaml index 9dccc1d29..7659f1f86 100644 --- a/apm-server/examples/oss/test/goss.yaml +++ b/apm-server/examples/oss/test/goss.yaml @@ -3,4 +3,4 @@ http: status: 200 timeout: 2000 body: - - '7.10.0' + - "7.11.0" diff --git a/apm-server/examples/security/README.md b/apm-server/examples/security/README.md index 7e4bdf4a9..0ec439728 100644 --- a/apm-server/examples/security/README.md +++ b/apm-server/examples/security/README.md @@ -1,6 +1,6 @@ # Security -This example deploy APM Server 7.10.0-SNAPSHOT using authentication and TLS to connect to +This example deploy APM Server 7.11.0-SNAPSHOT using authentication and TLS to connect to Elasticsearch (see [values][]). diff --git a/apm-server/examples/security/test/goss.yaml b/apm-server/examples/security/test/goss.yaml index 9dccc1d29..7659f1f86 100644 --- a/apm-server/examples/security/test/goss.yaml +++ b/apm-server/examples/security/test/goss.yaml @@ -3,4 +3,4 @@ http: status: 200 timeout: 2000 body: - - '7.10.0' + - "7.11.0" diff --git a/apm-server/values.yaml b/apm-server/values.yaml index e4a0766fa..07657e14d 100755 --- a/apm-server/values.yaml +++ b/apm-server/values.yaml @@ -62,7 +62,7 @@ extraVolumes: [] # emptyDir: {} image: "docker.elastic.co/apm/apm-server" -imageTag: "7.10.0-SNAPSHOT" +imageTag: "7.11.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" imagePullSecrets: [] diff --git a/elasticsearch/Chart.yaml b/elasticsearch/Chart.yaml index fbb3a8f30..a0ca627d1 100755 --- a/elasticsearch/Chart.yaml +++ b/elasticsearch/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: elasticsearch -version: 7.10.0-SNAPSHOT -appVersion: 7.10.0-SNAPSHOT +version: 7.11.0-SNAPSHOT +appVersion: 7.11.0-SNAPSHOT sources: - https://github.com/elastic/elasticsearch icon: https://helm.elastic.co/icons/elasticsearch.png diff --git a/elasticsearch/README.md b/elasticsearch/README.md index 1afd20496..2a59d0c8c 100644 --- a/elasticsearch/README.md +++ b/elasticsearch/README.md @@ -13,7 +13,7 @@ This Helm chart is a lightweight way to configure and run our official - [Requirements](#requirements) - [Installing](#installing) - [Install released version using Helm repository](#install-released-version-using-helm-repository) - - [Install development version using 7.x branch and 7.10.0-SNAPSHOT versions](#install-development-version-using-7x-branch-and-7100-snapshot-versions) + - [Install development version using 7.x branch and 7.11.0-SNAPSHOT versions](#install-development-version-using-7x-branch-and-7110-snapshot-versions) - [Upgrading](#upgrading) - [Usage notes](#usage-notes) - [Configuration](#configuration) @@ -52,7 +52,7 @@ See [supported configurations][] for more details. ## Installing -This chart is tested with the latest 7.10.0-SNAPSHOT versions. +This chart is tested with the latest 7.11.0-SNAPSHOT versions. ### Install released version using Helm repository @@ -65,13 +65,13 @@ This chart is tested with the latest 7.10.0-SNAPSHOT versions. -### Install development version using 7.x branch and 7.10.0-SNAPSHOT versions +### Install development version using 7.x branch and 7.11.0-SNAPSHOT versions * Clone the git repo: `git clone git@github.com:elastic/helm-charts.git` * Install it: - - with Helm 3: `helm install elasticsearch ./helm-charts/elasticsearch --set imageTag=7.10.0-SNAPSHOT` - - with Helm 2 (deprecated): `helm install --name elasticsearch ./helm-charts/elasticsearch --set imageTag=7.10.0-SNAPSHOT` + - with Helm 3: `helm install elasticsearch ./helm-charts/elasticsearch --set imageTag=7.11.0-SNAPSHOT` + - with Helm 2 (deprecated): `helm install --name elasticsearch ./helm-charts/elasticsearch --set imageTag=7.11.0-SNAPSHOT` ## Upgrading @@ -127,7 +127,7 @@ support multiple versions with minimal changes. | `httpPort` | The http port that Kubernetes will use for the healthchecks and the service. If you change this you will also need to set [http.port][] in `extraEnvs` | `9200` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The Elasticsearch Docker image tag | `7.10.0-SNAPSHOT` | +| `imageTag` | The Elasticsearch Docker image tag | `7.11.0-SNAPSHOT` | | `image` | The Elasticsearch Docker image | `docker.elastic.co/elasticsearch/elasticsearch` | | `ingress` | Configurable [ingress][] to expose the Elasticsearch service. See [values.yaml][] for an example | see [values.yaml][] | | `initResources` | Allows you to set the [resources][] for the `initContainer` in the StatefulSet | `{}` | diff --git a/elasticsearch/examples/config/README.md b/elasticsearch/examples/config/README.md index 22f8a759d..ade8c2946 100644 --- a/elasticsearch/examples/config/README.md +++ b/elasticsearch/examples/config/README.md @@ -1,6 +1,6 @@ # Config -This example deploy a single node Elasticsearch 7.10.0-SNAPSHOT with authentication and +This example deploy a single node Elasticsearch 7.11.0-SNAPSHOT with authentication and custom [values][]. diff --git a/elasticsearch/examples/default/README.md b/elasticsearch/examples/default/README.md index 683dced8e..a1c52d0b5 100644 --- a/elasticsearch/examples/default/README.md +++ b/elasticsearch/examples/default/README.md @@ -1,6 +1,6 @@ # Default -This example deploy a 3 nodes Elasticsearch 7.10.0-SNAPSHOT cluster using +This example deploy a 3 nodes Elasticsearch 7.11.0-SNAPSHOT cluster using [default values][]. diff --git a/elasticsearch/examples/default/test/goss.yaml b/elasticsearch/examples/default/test/goss.yaml index d725807d5..7c3714448 100644 --- a/elasticsearch/examples/default/test/goss.yaml +++ b/elasticsearch/examples/default/test/goss.yaml @@ -15,7 +15,7 @@ http: status: 200 timeout: 2000 body: - - '"number" : "7.10.0-SNAPSHOT"' + - '"number" : "7.11.0-SNAPSHOT"' - '"cluster_name" : "elasticsearch"' - '"name" : "elasticsearch-master-0"' - 'You Know, for Search' diff --git a/elasticsearch/examples/docker-for-mac/README.md b/elasticsearch/examples/docker-for-mac/README.md index acf62ed86..27524cbbc 100644 --- a/elasticsearch/examples/docker-for-mac/README.md +++ b/elasticsearch/examples/docker-for-mac/README.md @@ -1,6 +1,6 @@ # Docker for Mac -This example deploy a 3 nodes Elasticsearch 7.10.0-SNAPSHOT cluster on [Docker for Mac][] +This example deploy a 3 nodes Elasticsearch 7.11.0-SNAPSHOT cluster on [Docker for Mac][] using [custom values][]. Note that this configuration should be used for test only and isn't recommended diff --git a/elasticsearch/examples/kubernetes-kind/README.md b/elasticsearch/examples/kubernetes-kind/README.md index ee0b407c1..170af0a78 100644 --- a/elasticsearch/examples/kubernetes-kind/README.md +++ b/elasticsearch/examples/kubernetes-kind/README.md @@ -1,6 +1,6 @@ # KIND -This example deploy a 3 nodes Elasticsearch 7.10.0-SNAPSHOT cluster on [Kind][] +This example deploy a 3 nodes Elasticsearch 7.11.0-SNAPSHOT cluster on [Kind][] using [custom values][]. Note that this configuration should be used for test only and isn't recommended diff --git a/elasticsearch/examples/microk8s/README.md b/elasticsearch/examples/microk8s/README.md index 458ec1933..a1e75a44a 100644 --- a/elasticsearch/examples/microk8s/README.md +++ b/elasticsearch/examples/microk8s/README.md @@ -1,6 +1,6 @@ # MicroK8S -This example deploy a 3 nodes Elasticsearch 7.10.0-SNAPSHOT cluster on [MicroK8S][] +This example deploy a 3 nodes Elasticsearch 7.11.0-SNAPSHOT cluster on [MicroK8S][] using [custom values][]. Note that this configuration should be used for test only and isn't recommended diff --git a/elasticsearch/examples/minikube/README.md b/elasticsearch/examples/minikube/README.md index 2bb6a2af1..812651597 100644 --- a/elasticsearch/examples/minikube/README.md +++ b/elasticsearch/examples/minikube/README.md @@ -1,6 +1,6 @@ # Minikube -This example deploy a 3 nodes Elasticsearch 7.10.0-SNAPSHOT cluster on [Minikube][] +This example deploy a 3 nodes Elasticsearch 7.11.0-SNAPSHOT cluster on [Minikube][] using [custom values][]. If helm or kubectl timeouts occur, you may consider creating a minikube VM with diff --git a/elasticsearch/examples/multi/README.md b/elasticsearch/examples/multi/README.md index ca787a7cc..6fa970832 100644 --- a/elasticsearch/examples/multi/README.md +++ b/elasticsearch/examples/multi/README.md @@ -1,6 +1,6 @@ # Multi -This example deploy an Elasticsearch 7.10.0-SNAPSHOT cluster composed of 3 different Helm +This example deploy an Elasticsearch 7.11.0-SNAPSHOT cluster composed of 3 different Helm releases: - `helm-es-multi-master` for the 3 master nodes using [master values][] diff --git a/elasticsearch/examples/openshift/README.md b/elasticsearch/examples/openshift/README.md index 73a057d14..6b8c63334 100644 --- a/elasticsearch/examples/openshift/README.md +++ b/elasticsearch/examples/openshift/README.md @@ -1,6 +1,6 @@ # OpenShift -This example deploy a 3 nodes Elasticsearch 7.10.0-SNAPSHOT cluster on [OpenShift][] +This example deploy a 3 nodes Elasticsearch 7.11.0-SNAPSHOT cluster on [OpenShift][] using [custom values][]. ## Usage diff --git a/elasticsearch/examples/openshift/test/goss.yaml b/elasticsearch/examples/openshift/test/goss.yaml index aec60565f..3df11695b 100644 --- a/elasticsearch/examples/openshift/test/goss.yaml +++ b/elasticsearch/examples/openshift/test/goss.yaml @@ -11,7 +11,7 @@ http: status: 200 timeout: 2000 body: - - '"number" : "7.10.0"' + - '"number" : "7.11.0"' - '"cluster_name" : "elasticsearch"' - '"name" : "elasticsearch-master-0"' - 'You Know, for Search' diff --git a/elasticsearch/examples/oss/README.md b/elasticsearch/examples/oss/README.md index c44667f36..6e8bf8953 100644 --- a/elasticsearch/examples/oss/README.md +++ b/elasticsearch/examples/oss/README.md @@ -1,6 +1,6 @@ # OSS -This example deploy a 3 nodes Elasticsearch 7.10.0-SNAPSHOT cluster using +This example deploy a 3 nodes Elasticsearch 7.11.0-SNAPSHOT cluster using [Elasticsearch OSS][] version. ## Usage diff --git a/elasticsearch/examples/oss/test/goss.yaml b/elasticsearch/examples/oss/test/goss.yaml index fa7bc9147..36d5ff001 100644 --- a/elasticsearch/examples/oss/test/goss.yaml +++ b/elasticsearch/examples/oss/test/goss.yaml @@ -11,7 +11,7 @@ http: status: 200 timeout: 2000 body: - - '"number" : "7.10.0-SNAPSHOT"' + - '"number" : "7.11.0-SNAPSHOT"' - '"cluster_name" : "oss"' - '"name" : "oss-master-0"' - 'You Know, for Search' diff --git a/elasticsearch/examples/security/README.md b/elasticsearch/examples/security/README.md index b25b9c8e7..52e7cce50 100644 --- a/elasticsearch/examples/security/README.md +++ b/elasticsearch/examples/security/README.md @@ -1,6 +1,6 @@ # Security -This example deploy a 3 nodes Elasticsearch 7.10.0-SNAPSHOT with authentication and +This example deploy a 3 nodes Elasticsearch 7.11.0-SNAPSHOT with authentication and autogenerated certificates for TLS (see [values][]). Note that this configuration should be used for test only. For a production diff --git a/elasticsearch/examples/upgrade/README.md b/elasticsearch/examples/upgrade/README.md index 44798eefc..7efc96204 100644 --- a/elasticsearch/examples/upgrade/README.md +++ b/elasticsearch/examples/upgrade/README.md @@ -1,7 +1,7 @@ # Upgrade This example will deploy a 3 node Elasticsearch cluster using an old chart version, -then upgrade it to version 7.10.0-SNAPSHOT. +then upgrade it to version 7.11.0-SNAPSHOT. The following upgrades are tested: - Upgrade from [7.0.0-alpha1][] version on K8S <1.16 @@ -11,7 +11,7 @@ not compatible with K8S >= 1.16) ## Usage -Running `make install` command will do first install and 7.10.0-SNAPSHOT upgrade. +Running `make install` command will do first install and 7.11.0-SNAPSHOT upgrade. Note: [jq][] is a requirement for this make target. diff --git a/elasticsearch/examples/upgrade/test/goss.yaml b/elasticsearch/examples/upgrade/test/goss.yaml index b44cd445c..dd4f5e0be 100644 --- a/elasticsearch/examples/upgrade/test/goss.yaml +++ b/elasticsearch/examples/upgrade/test/goss.yaml @@ -11,7 +11,7 @@ http: status: 200 timeout: 2000 body: - - '"number" : "7.10.0-SNAPSHOT"' + - '"number" : "7.11.0-SNAPSHOT"' - '"cluster_name" : "upgrade"' - '"name" : "upgrade-master-0"' - 'You Know, for Search' diff --git a/elasticsearch/values.yaml b/elasticsearch/values.yaml index deb69e7fb..6f5790c71 100755 --- a/elasticsearch/values.yaml +++ b/elasticsearch/values.yaml @@ -53,7 +53,7 @@ secretMounts: [] # defaultMode: 0755 image: "docker.elastic.co/elasticsearch/elasticsearch" -imageTag: "7.10.0-SNAPSHOT" +imageTag: "7.11.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" podAnnotations: {} diff --git a/filebeat/Chart.yaml b/filebeat/Chart.yaml index 99aff3d96..f8da77138 100755 --- a/filebeat/Chart.yaml +++ b/filebeat/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: filebeat -version: 7.10.0-SNAPSHOT -appVersion: 7.10.0-SNAPSHOT +version: 7.11.0-SNAPSHOT +appVersion: 7.11.0-SNAPSHOT sources: - https://github.com/elastic/beats icon: https://helm.elastic.co/icons/beats.png diff --git a/filebeat/README.md b/filebeat/README.md index 081786d82..7348b7bd7 100644 --- a/filebeat/README.md +++ b/filebeat/README.md @@ -13,7 +13,7 @@ This Helm chart is a lightweight way to configure and run our official - [Requirements](#requirements) - [Installing](#installing) - [Install released version using Helm repository](#install-released-version-using-helm-repository) - - [Install development version using 7.x branch and 7.10.0-SNAPSHOT versions](#install-development-version-using-7x-branch-and-7100-snapshot-versions) + - [Install development version using 7.x branch and 7.11.0-SNAPSHOT versions](#install-development-version-using-7x-branch-and-7110-snapshot-versions) - [Upgrading](#upgrading) - [Usage notes](#usage-notes) - [Configuration](#configuration) @@ -39,7 +39,7 @@ See [supported configurations][] for more details. ## Installing -This chart is tested with the latest 7.10.0-SNAPSHOT versions. +This chart is tested with the latest 7.11.0-SNAPSHOT versions. ### Install released version using Helm repository @@ -52,13 +52,13 @@ This chart is tested with the latest 7.10.0-SNAPSHOT versions. -### Install development version using 7.x branch and 7.10.0-SNAPSHOT versions +### Install development version using 7.x branch and 7.11.0-SNAPSHOT versions * Clone the git repo: `git clone git@github.com:elastic/helm-charts.git` * Install it: - - with Helm 3: `helm install filebeat ./helm-charts/filebeat --set imageTag=7.10.0-SNAPSHOT` - - with Helm 2 (deprecated): `helm install --name filebeat ./helm-charts/filebeat --set imageTag=7.10.0-SNAPSHOT` + - with Helm 3: `helm install filebeat ./helm-charts/filebeat --set imageTag=7.11.0-SNAPSHOT` + - with Helm 2 (deprecated): `helm install --name filebeat ./helm-charts/filebeat --set imageTag=7.11.0-SNAPSHOT` ## Upgrading @@ -107,7 +107,7 @@ as a reference. They are also used in the automated testing of this chart. | `hostPathRoot` | Fully-qualified [hostPath][] that will be used to persist Filebeat registry data | `/var/lib` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The Filebeat Docker image tag | `7.10.0-SNAPSHOT` | +| `imageTag` | The Filebeat Docker image tag | `7.11.0-SNAPSHOT` | | `image` | The Filebeat Docker image | `docker.elastic.co/beats/filebeat` | | `labels` | Configurable [labels][] applied to all Filebeat pods | `{}` | | `livenessProbe` | Parameters to pass to liveness [probe][] checks for values such as timeouts and thresholds | see [values.yaml][] | diff --git a/filebeat/examples/default/README.md b/filebeat/examples/default/README.md index 86e238e57..48f0e7129 100644 --- a/filebeat/examples/default/README.md +++ b/filebeat/examples/default/README.md @@ -1,6 +1,6 @@ # Default -This example deploy Filebeat 7.10.0-SNAPSHOT using [default values][]. +This example deploy Filebeat 7.11.0-SNAPSHOT using [default values][]. ## Usage diff --git a/filebeat/examples/default/test/goss.yaml b/filebeat/examples/default/test/goss.yaml index e319fe7e5..4d0d21a96 100644 --- a/filebeat/examples/default/test/goss.yaml +++ b/filebeat/examples/default/test/goss.yaml @@ -29,7 +29,7 @@ http: status: 200 timeout: 2000 body: - - 'filebeat-7.10.0' + - 'filebeat-7.11.0' file: /usr/share/filebeat/filebeat.yml: @@ -44,4 +44,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: http://elasticsearch-master:9200' - - 'version: 7.10.0' + - 'version: 7.11.0' diff --git a/filebeat/examples/oss/README.md b/filebeat/examples/oss/README.md index d2e0df24f..9fcda0c39 100644 --- a/filebeat/examples/oss/README.md +++ b/filebeat/examples/oss/README.md @@ -1,6 +1,6 @@ # OSS -This example deploy Filebeat 7.10.0-SNAPSHOT using [Filebeat OSS][] version. +This example deploy Filebeat 7.11.0-SNAPSHOT using [Filebeat OSS][] version. ## Usage diff --git a/filebeat/examples/oss/test/goss.yaml b/filebeat/examples/oss/test/goss.yaml index b2cbc2345..1fe1b7f26 100644 --- a/filebeat/examples/oss/test/goss.yaml +++ b/filebeat/examples/oss/test/goss.yaml @@ -19,4 +19,4 @@ http: status: 200 timeout: 2000 body: - - 'filebeat-7.10.0' + - "filebeat-7.11.0" diff --git a/filebeat/examples/security/README.md b/filebeat/examples/security/README.md index 954791c91..9e0a75ffc 100644 --- a/filebeat/examples/security/README.md +++ b/filebeat/examples/security/README.md @@ -1,6 +1,6 @@ # Security -This example deploy Filebeat 7.10.0-SNAPSHOT using authentication and TLS to connect to +This example deploy Filebeat 7.11.0-SNAPSHOT using authentication and TLS to connect to Elasticsearch (see [values][]). diff --git a/filebeat/examples/security/test/goss.yaml b/filebeat/examples/security/test/goss.yaml index 44a6f89ee..7422cfeec 100644 --- a/filebeat/examples/security/test/goss.yaml +++ b/filebeat/examples/security/test/goss.yaml @@ -3,7 +3,7 @@ http: status: 200 timeout: 2000 body: - - 'filebeat-7.10.0' + - "filebeat-7.11.0" allow-insecure: true username: '{{ .Env.ELASTICSEARCH_USERNAME }}' password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' diff --git a/filebeat/values.yaml b/filebeat/values.yaml index 3b2042660..bbccfdfc3 100755 --- a/filebeat/values.yaml +++ b/filebeat/values.yaml @@ -56,7 +56,7 @@ dnsConfig: {} # - name: ndots # value: "2" image: "docker.elastic.co/beats/filebeat" -imageTag: "7.10.0-SNAPSHOT" +imageTag: "7.11.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" imagePullSecrets: [] diff --git a/helpers/bumper.py b/helpers/bumper.py index 799f8b17d..e60f29862 100755 --- a/helpers/bumper.py +++ b/helpers/bumper.py @@ -20,7 +20,7 @@ os.chdir(os.path.join(os.path.dirname(__file__), "..")) versions = { - 7: os.environ.get("BUMPER_VERSION_7", "7.10.0-SNAPSHOT"), + 7: os.environ.get("BUMPER_VERSION_7", "7.11.0-SNAPSHOT"), } chart_version = versions[7] diff --git a/helpers/examples.mk b/helpers/examples.mk index 3857f9047..b190b4d87 100644 --- a/helpers/examples.mk +++ b/helpers/examples.mk @@ -1,7 +1,7 @@ GOSS_VERSION := v0.3.6 GOSS_FILE ?= goss.yaml GOSS_SELECTOR ?= release=$(RELEASE) -STACK_VERSION := 7.10.0-SNAPSHOT +STACK_VERSION := 7.11.0-SNAPSHOT .PHONY: help help: ## Display this help diff --git a/kibana/Chart.yaml b/kibana/Chart.yaml index 1f17d9328..5419729c7 100755 --- a/kibana/Chart.yaml +++ b/kibana/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: kibana -version: 7.10.0-SNAPSHOT -appVersion: 7.10.0-SNAPSHOT +version: 7.11.0-SNAPSHOT +appVersion: 7.11.0-SNAPSHOT sources: - https://github.com/elastic/kibana icon: https://helm.elastic.co/icons/kibana.png diff --git a/kibana/README.md b/kibana/README.md index 3b7207513..6306146c9 100644 --- a/kibana/README.md +++ b/kibana/README.md @@ -13,7 +13,7 @@ This Helm chart is a lightweight way to configure and run our official - [Requirements](#requirements) - [Installing](#installing) - [Install released version using Helm repository](#install-released-version-using-helm-repository) - - [Install development version using 7.x branch and 7.10.0-SNAPSHOT versions](#install-development-version-using-7x-branch-and-7100-snapshot-versions) + - [Install development version using 7.x branch and 7.11.0-SNAPSHOT versions](#install-development-version-using-7x-branch-and-7110-snapshot-versions) - [Upgrading](#upgrading) - [Usage notes](#usage-notes) - [Configuration](#configuration) @@ -40,7 +40,7 @@ See [supported configurations][] for more details. ## Installing -This chart is tested with the latest 7.10.0-SNAPSHOT versions. +This chart is tested with the latest 7.11.0-SNAPSHOT versions. ### Install released version using Helm repository @@ -52,13 +52,13 @@ This chart is tested with the latest 7.10.0-SNAPSHOT versions. - with Helm 2 (deprecated): `helm install --name kibana --version elastic/kibana` -### Install development version using 7.x branch and 7.10.0-SNAPSHOT versions +### Install development version using 7.x branch and 7.11.0-SNAPSHOT versions * Clone the git repo: `git clone git@github.com:elastic/helm-charts.git` * Install it: - - with Helm 3: `helm install kibana ./helm-charts/kibana --set imageTag=7.10.0-SNAPSHOT` - - with Helm 2 (deprecated): `helm install --name kibana ./helm-charts/kibana --set imageTag=7.10.0-SNAPSHOT` + - with Helm 3: `helm install kibana ./helm-charts/kibana --set imageTag=7.11.0-SNAPSHOT` + - with Helm 2 (deprecated): `helm install --name kibana ./helm-charts/kibana --set imageTag=7.11.0-SNAPSHOT` ## Upgrading @@ -91,7 +91,7 @@ as a reference. They are also used in the automated testing of this chart. | `httpPort` | The http port that Kubernetes will use for the healthchecks and the service | `5601` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][]value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The Kibana Docker image tag | `7.10.0-SNAPSHOT` | +| `imageTag` | The Kibana Docker image tag | `7.11.0-SNAPSHOT` | | `image` | The Kibana Docker image | `docker.elastic.co/kibana/kibana` | | `ingress` | Configurable [ingress][] to expose the Kibana service. | see [values.yaml][] | | `kibanaConfig` | Allows you to add any config files in `/usr/share/kibana/config/` such as `kibana.yml` See [values.yaml][] for an example of the formatting | `{}` | diff --git a/kibana/examples/default/README.md b/kibana/examples/default/README.md index 4e9b4a83d..e1c88d066 100644 --- a/kibana/examples/default/README.md +++ b/kibana/examples/default/README.md @@ -1,6 +1,6 @@ # Default -This example deploy Kibana 7.10.0-SNAPSHOT using [default values][]. +This example deploy Kibana 7.11.0-SNAPSHOT using [default values][]. ## Usage diff --git a/kibana/examples/default/test/goss.yaml b/kibana/examples/default/test/goss.yaml index f80f67521..97f22e3da 100644 --- a/kibana/examples/default/test/goss.yaml +++ b/kibana/examples/default/test/goss.yaml @@ -3,7 +3,7 @@ http: status: 200 timeout: 2000 body: - - '"number":"7.10.0"' + - '"number":"7.11.0"' http://localhost:5601/app/kibana: status: 200 diff --git a/kibana/examples/openshift/README.md b/kibana/examples/openshift/README.md index 582f9e844..e93e5d236 100644 --- a/kibana/examples/openshift/README.md +++ b/kibana/examples/openshift/README.md @@ -1,6 +1,6 @@ # OpenShift -This example deploy Kibana 7.10.0-SNAPSHOT on [OpenShift][] using [custom values][]. +This example deploy Kibana 7.11.0-SNAPSHOT on [OpenShift][] using [custom values][]. ## Usage diff --git a/kibana/examples/oss/README.md b/kibana/examples/oss/README.md index 0f6d36790..0881aafd8 100644 --- a/kibana/examples/oss/README.md +++ b/kibana/examples/oss/README.md @@ -1,6 +1,6 @@ # OSS -This example deploy Kibana 7.10.0-SNAPSHOT using [Kibana OSS][] version. +This example deploy Kibana 7.11.0-SNAPSHOT using [Kibana OSS][] version. ## Usage diff --git a/kibana/examples/security/README.md b/kibana/examples/security/README.md index 02697e9aa..0d224ff93 100644 --- a/kibana/examples/security/README.md +++ b/kibana/examples/security/README.md @@ -1,6 +1,6 @@ # Security -This example deploy Kibana 7.10.0-SNAPSHOT using authentication and TLS to connect to +This example deploy Kibana 7.11.0-SNAPSHOT using authentication and TLS to connect to Elasticsearch (see [values][]). diff --git a/kibana/values.yaml b/kibana/values.yaml index f2a2e7ab0..7bf72185a 100755 --- a/kibana/values.yaml +++ b/kibana/values.yaml @@ -29,7 +29,7 @@ secretMounts: [] # subPath: kibana.keystore # optional image: "docker.elastic.co/kibana/kibana" -imageTag: "7.10.0-SNAPSHOT" +imageTag: "7.11.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" # additionals labels diff --git a/logstash/Chart.yaml b/logstash/Chart.yaml index 9cc96c030..faa19198c 100755 --- a/logstash/Chart.yaml +++ b/logstash/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: logstash -version: 7.10.0-SNAPSHOT -appVersion: 7.10.0-SNAPSHOT +version: 7.11.0-SNAPSHOT +appVersion: 7.11.0-SNAPSHOT sources: - https://github.com/elastic/logstash icon: https://helm.elastic.co/icons/logstash.png diff --git a/logstash/README.md b/logstash/README.md index 0f01132b0..61c8cff2b 100644 --- a/logstash/README.md +++ b/logstash/README.md @@ -18,7 +18,7 @@ SLA of official GA features (see [supported configurations][] for more details). - [Requirements](#requirements) - [Installing](#installing) - [Install released version using Helm repository](#install-released-version-using-helm-repository) - - [Install development version using 7.x branch and 7.10.0-SNAPSHOT versions](#install-development-version-using-7x-branch-and-7100-snapshot-versions) + - [Install development version using 7.x branch and 7.11.0-SNAPSHOT versions](#install-development-version-using-7x-branch-and-7110-snapshot-versions) - [Upgrading](#upgrading) - [Usage notes](#usage-notes) - [Configuration](#configuration) @@ -42,7 +42,7 @@ See [supported configurations][] for more details. ## Installing -This chart is tested with the latest 7.10.0-SNAPSHOT versions. +This chart is tested with the latest 7.11.0-SNAPSHOT versions. ### Install released version using Helm repository @@ -55,13 +55,13 @@ This chart is tested with the latest 7.10.0-SNAPSHOT versions. -### Install development version using 7.x branch and 7.10.0-SNAPSHOT versions +### Install development version using 7.x branch and 7.11.0-SNAPSHOT versions * Clone the git repo: `git clone git@github.com:elastic/helm-charts.git` * Install it: - - with Helm 3: `helm install logstash ./helm-charts/logstash --set imageTag=7.10.0-SNAPSHOT` - - with Helm 2 (deprecated): `helm install --name logstash ./helm-charts/logstash --set imageTag=7.10.0-SNAPSHOT` + - with Helm 3: `helm install logstash ./helm-charts/logstash --set imageTag=7.11.0-SNAPSHOT` + - with Helm 2 (deprecated): `helm install --name logstash ./helm-charts/logstash --set imageTag=7.11.0-SNAPSHOT` ## Upgrading @@ -117,7 +117,7 @@ useful for the [http input plugin][], for instance. | `httpPort` | The http port that Kubernetes will use for the healthchecks and the service | `9600` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The Logstash Docker image tag | `7.10.0-SNAPSHOT` | +| `imageTag` | The Logstash Docker image tag | `7.11.0-SNAPSHOT` | | `image` | The Logstash Docker image | `docker.elastic.co/logstash/logstash` | | `labels` | Configurable [labels][] applied to all Logstash pods | `{}` | | `ingress` | Configurable [ingress][] for external access to Logstash HTTP port. | see [values.yaml][] | diff --git a/logstash/examples/default/README.md b/logstash/examples/default/README.md index 24c939115..02595122f 100644 --- a/logstash/examples/default/README.md +++ b/logstash/examples/default/README.md @@ -1,6 +1,6 @@ # Default -This example deploy Logstash 7.10.0-SNAPSHOT using [default values][]. +This example deploy Logstash 7.11.0-SNAPSHOT using [default values][]. ## Usage diff --git a/logstash/examples/default/test/goss.yaml b/logstash/examples/default/test/goss.yaml index 79118426c..b23d5deae 100644 --- a/logstash/examples/default/test/goss.yaml +++ b/logstash/examples/default/test/goss.yaml @@ -10,7 +10,7 @@ http: timeout: 2000 body: - '"host" : "helm-logstash-default-logstash-0"' - - '"version" : "7.10.0"' + - '"version" : "7.11.0"' - '"http_address" : "0.0.0.0:9600"' - '"name" : "helm-logstash-default-logstash-0"' - '"status" : "green"' diff --git a/logstash/examples/elasticsearch/README.md b/logstash/examples/elasticsearch/README.md index 5537e7415..cc4f7308e 100644 --- a/logstash/examples/elasticsearch/README.md +++ b/logstash/examples/elasticsearch/README.md @@ -1,6 +1,6 @@ # Elasticsearch -This example deploy Logstash 7.10.0-SNAPSHOT which connects to Elasticsearch (see +This example deploy Logstash 7.11.0-SNAPSHOT which connects to Elasticsearch (see [values][]). diff --git a/logstash/examples/elasticsearch/test/goss.yaml b/logstash/examples/elasticsearch/test/goss.yaml index 3cbef9c83..a5364c930 100644 --- a/logstash/examples/elasticsearch/test/goss.yaml +++ b/logstash/examples/elasticsearch/test/goss.yaml @@ -22,7 +22,7 @@ http: timeout: 2000 body: - '"host" : "helm-logstash-elasticsearch-logstash-0"' - - '"version" : "7.10.0"' + - '"version" : "7.11.0"' - '"http_address" : "0.0.0.0:9600"' - '"name" : "helm-logstash-elasticsearch-logstash-0"' - '"status" : "green"' diff --git a/logstash/examples/oss/README.md b/logstash/examples/oss/README.md index 59b2330d9..229f720ef 100644 --- a/logstash/examples/oss/README.md +++ b/logstash/examples/oss/README.md @@ -1,6 +1,6 @@ # OSS -This example deploy Logstash 7.10.0-SNAPSHOT using [Logstash OSS][] version. +This example deploy Logstash 7.11.0-SNAPSHOT using [Logstash OSS][] version. ## Usage diff --git a/logstash/examples/oss/test/goss.yaml b/logstash/examples/oss/test/goss.yaml index b80245b8a..cc67594d8 100644 --- a/logstash/examples/oss/test/goss.yaml +++ b/logstash/examples/oss/test/goss.yaml @@ -10,7 +10,7 @@ http: timeout: 2000 body: - '"host" : "helm-logstash-oss-logstash-0"' - - '"version" : "7.10.0"' + - '"version" : "7.11.0"' - '"http_address" : "0.0.0.0:9600"' - '"name" : "helm-logstash-oss-logstash-0"' - '"status" : "green"' diff --git a/logstash/examples/security/test/goss.yaml b/logstash/examples/security/test/goss.yaml index ea89b1b22..5d622e8d0 100644 --- a/logstash/examples/security/test/goss.yaml +++ b/logstash/examples/security/test/goss.yaml @@ -22,7 +22,7 @@ http: timeout: 2000 body: - '"host" : "helm-logstash-security-logstash-0"' - - '"version" : "7.10.0"' + - '"version" : "7.11.0"' - '"http_address" : "0.0.0.0:9600"' - '"name" : "helm-logstash-security-logstash-0"' - '"status" : "green"' diff --git a/logstash/values.yaml b/logstash/values.yaml index 15d1e9ecb..3cc83c174 100755 --- a/logstash/values.yaml +++ b/logstash/values.yaml @@ -60,7 +60,7 @@ secrets: [] secretMounts: [] image: "docker.elastic.co/logstash/logstash" -imageTag: "7.10.0-SNAPSHOT" +imageTag: "7.11.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" imagePullSecrets: [] diff --git a/metricbeat/Chart.yaml b/metricbeat/Chart.yaml index 076b28bac..c180b16dc 100755 --- a/metricbeat/Chart.yaml +++ b/metricbeat/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: metricbeat -version: 7.10.0-SNAPSHOT -appVersion: 7.10.0-SNAPSHOT +version: 7.11.0-SNAPSHOT +appVersion: 7.11.0-SNAPSHOT sources: - https://github.com/elastic/beats icon: https://helm.elastic.co/icons/beats.png diff --git a/metricbeat/README.md b/metricbeat/README.md index ce8bcf32b..396a9fd54 100644 --- a/metricbeat/README.md +++ b/metricbeat/README.md @@ -13,7 +13,7 @@ This Helm chart is a lightweight way to configure and run our official - [Requirements](#requirements) - [Installing](#installing) - [Install released version using Helm repository](#install-released-version-using-helm-repository) - - [Install development version using 7.x branch and 7.10.0-SNAPSHOT versions](#install-development-version-using-7x-branch-and-7100-snapshot-versions) + - [Install development version using 7.x branch and 7.11.0-SNAPSHOT versions](#install-development-version-using-7x-branch-and-7110-snapshot-versions) - [Upgrading](#upgrading) - [Usage notes](#usage-notes) - [Configuration](#configuration) @@ -39,7 +39,7 @@ See [supported configurations][] for more details. ## Installing -This chart is tested with the latest 7.10.0-SNAPSHOT versions. +This chart is tested with the latest 7.11.0-SNAPSHOT versions. ### Install released version using Helm repository @@ -51,13 +51,13 @@ This chart is tested with the latest 7.10.0-SNAPSHOT versions. - with Helm 2 (deprecated): `helm install --name metricbeat --version elastic/metricbeat` -### Install development version using 7.x branch and 7.10.0-SNAPSHOT versions +### Install development version using 7.x branch and 7.11.0-SNAPSHOT versions * Clone the git repo: `git clone git@github.com:elastic/helm-charts.git` * Install it: - - with Helm 3: `helm install metricbeat ./helm-charts/metricbeat --set imageTag=7.10.0-SNAPSHOT` - - with Helm 2 (deprecated): `helm install --name metricbeat ./helm-charts/metricbeat --set imageTag=7.10.0-SNAPSHOT` + - with Helm 3: `helm install metricbeat ./helm-charts/metricbeat --set imageTag=7.11.0-SNAPSHOT` + - with Helm 2 (deprecated): `helm install --name metricbeat ./helm-charts/metricbeat --set imageTag=7.11.0-SNAPSHOT` ## Upgrading @@ -125,7 +125,7 @@ as a reference. They are also used in the automated testing of this chart. | `hostPathRoot` | Fully-qualified [hostPath][] that will be used to persist Metricbeat registry data | `/var/lib` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The Metricbeat Docker image tag | `7.10.0-SNAPSHOT` | +| `imageTag` | The Metricbeat Docker image tag | `7.11.0-SNAPSHOT` | | `image` | The Metricbeat Docker image | `docker.elastic.co/beats/metricbeat` | | `kube_state_metrics.enabled` | Install [kube-state-metrics](https://github.com/helm/charts/tree/master/stable/kube-state-metrics) as a dependency | `true` | | `kube_state_metrics.host` | Define kube-state-metrics endpoint for an existing deployment. Works only if `kube_state_metrics.enabled: false` | `""` | diff --git a/metricbeat/examples/default/README.md b/metricbeat/examples/default/README.md index c500dce11..55359c86a 100644 --- a/metricbeat/examples/default/README.md +++ b/metricbeat/examples/default/README.md @@ -1,6 +1,6 @@ # Default -This example deploy Metricbeat 7.10.0-SNAPSHOT using [default values][]. +This example deploy Metricbeat 7.11.0-SNAPSHOT using [default values][]. ## Usage diff --git a/metricbeat/examples/default/test/goss-metrics.yaml b/metricbeat/examples/default/test/goss-metrics.yaml index 2fe8c091b..56b789fc6 100644 --- a/metricbeat/examples/default/test/goss-metrics.yaml +++ b/metricbeat/examples/default/test/goss-metrics.yaml @@ -21,13 +21,13 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.10.0' + - "metricbeat-7.11.0" 'http://elasticsearch-master:9200/_search?q=metricset.name:state_container%20AND%20kubernetes.container.name:metricbeat': status: 200 timeout: 2000 body: - - 'metricbeat-7.10.0' + - "metricbeat-7.11.0" file: /usr/share/metricbeat/metricbeat.yml: @@ -41,4 +41,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: http://elasticsearch-master:9200' - - 'version: 7.10.0' + - 'version: 7.11.0' diff --git a/metricbeat/examples/default/test/goss.yaml b/metricbeat/examples/default/test/goss.yaml index 6409430fc..5550710da 100644 --- a/metricbeat/examples/default/test/goss.yaml +++ b/metricbeat/examples/default/test/goss.yaml @@ -25,12 +25,12 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.10.0' + - 'metricbeat-7.11.0' 'http://elasticsearch-master:9200/_search?q=metricset.name:container%20AND%20kubernetes.container.name:metricbeat': status: 200 timeout: 2000 body: - - 'metricbeat-7.10.0' + - 'metricbeat-7.11.0' file: /usr/share/metricbeat/metricbeat.yml: @@ -45,4 +45,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: http://elasticsearch-master:9200' - - 'version: 7.10.0' + - 'version: 7.11.0' diff --git a/metricbeat/examples/oss/README.md b/metricbeat/examples/oss/README.md index 660c5e452..fc8e93195 100644 --- a/metricbeat/examples/oss/README.md +++ b/metricbeat/examples/oss/README.md @@ -1,6 +1,6 @@ # OSS -This example deploy Metricbeat 7.10.0-SNAPSHOT using [Metricbeat OSS][] version. +This example deploy Metricbeat 7.11.0-SNAPSHOT using [Metricbeat OSS][] version. ## Usage diff --git a/metricbeat/examples/oss/test/goss-metrics.yaml b/metricbeat/examples/oss/test/goss-metrics.yaml index 0cf994438..591d69ba3 100644 --- a/metricbeat/examples/oss/test/goss-metrics.yaml +++ b/metricbeat/examples/oss/test/goss-metrics.yaml @@ -21,12 +21,12 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.10.0' + - 'metricbeat-7.11.0' http://oss-master:9200/_search?q=metricset.name:state_deployment: status: 200 timeout: 2000 body: - - 'metricbeat-7.10.0' + - 'metricbeat-7.11.0' file: /usr/share/metricbeat/metricbeat.yml: @@ -39,4 +39,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: http://oss-master:9200' - - 'version: 7.10.0' + - 'version: 7.11.0' diff --git a/metricbeat/examples/oss/test/goss.yaml b/metricbeat/examples/oss/test/goss.yaml index eafd69b42..6784002c4 100644 --- a/metricbeat/examples/oss/test/goss.yaml +++ b/metricbeat/examples/oss/test/goss.yaml @@ -25,12 +25,12 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.10.0' + - 'metricbeat-7.11.0' http://oss-master:9200/_search?q=metricset.name:container: status: 200 timeout: 2000 body: - - 'metricbeat-7.10.0' + - 'metricbeat-7.11.0' file: /usr/share/metricbeat/metricbeat.yml: @@ -44,4 +44,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: http://oss-master:9200' - - 'version: 7.10.0' + - 'version: 7.11.0' diff --git a/metricbeat/examples/security/README.md b/metricbeat/examples/security/README.md index fe44f7172..0d5751914 100644 --- a/metricbeat/examples/security/README.md +++ b/metricbeat/examples/security/README.md @@ -1,6 +1,6 @@ # Security -This example deploy Metricbeat 7.10.0-SNAPSHOT using authentication and TLS to connect to +This example deploy Metricbeat 7.11.0-SNAPSHOT using authentication and TLS to connect to Elasticsearch (see [values][]). diff --git a/metricbeat/examples/security/test/goss-metrics.yaml b/metricbeat/examples/security/test/goss-metrics.yaml index ec617850f..fbe450c9e 100644 --- a/metricbeat/examples/security/test/goss-metrics.yaml +++ b/metricbeat/examples/security/test/goss-metrics.yaml @@ -21,7 +21,7 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.10.0' + - 'metricbeat-7.11.0' allow-insecure: true username: '{{ .Env.ELASTICSEARCH_USERNAME }}' password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' @@ -29,7 +29,7 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.10.0' + - 'metricbeat-7.11.0' allow-insecure: true username: '{{ .Env.ELASTICSEARCH_USERNAME }}' password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' @@ -45,4 +45,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: https://security-master:9200' - - 'version: 7.10.0' + - 'version: 7.11.0' diff --git a/metricbeat/examples/security/test/goss.yaml b/metricbeat/examples/security/test/goss.yaml index c511ddab2..333065e9f 100644 --- a/metricbeat/examples/security/test/goss.yaml +++ b/metricbeat/examples/security/test/goss.yaml @@ -25,7 +25,7 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.10.0' + - 'metricbeat-7.11.0' allow-insecure: true username: '{{ .Env.ELASTICSEARCH_USERNAME }}' password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' @@ -33,7 +33,7 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.10.0' + - 'metricbeat-7.11.0' allow-insecure: true username: '{{ .Env.ELASTICSEARCH_USERNAME }}' password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' @@ -50,4 +50,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: https://security-master:9200' - - 'version: 7.10.0' + - 'version: 7.11.0' diff --git a/metricbeat/values.yaml b/metricbeat/values.yaml index 560eced2a..a7ae34b41 100755 --- a/metricbeat/values.yaml +++ b/metricbeat/values.yaml @@ -171,7 +171,7 @@ extraInitContainers: "" hostPathRoot: /var/lib image: "docker.elastic.co/beats/metricbeat" -imageTag: "7.10.0-SNAPSHOT" +imageTag: "7.11.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" imagePullSecrets: [] From ba1b1653aea31a1c27042cb149c1bbf038a97347 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Fri, 20 Nov 2020 16:32:09 +0100 Subject: [PATCH 103/151] [7.x] [meta] upgrade test (#907) (#920) --- apm-server/examples/upgrade/Makefile | 15 ++++ apm-server/examples/upgrade/README.md | 21 ++++++ apm-server/examples/upgrade/test/goss.yaml | 6 ++ apm-server/examples/upgrade/values.yaml | 12 +++ elasticsearch/examples/upgrade/Makefile | 4 +- elasticsearch/examples/upgrade/README.md | 18 +---- elasticsearch/examples/upgrade/test/goss.yaml | 4 +- elasticsearch/examples/upgrade/values.yaml | 2 + filebeat/examples/upgrade/Makefile | 15 ++++ filebeat/examples/upgrade/README.md | 21 ++++++ filebeat/examples/upgrade/test/goss.yaml | 45 ++++++++++++ filebeat/examples/upgrade/values.yaml | 4 + helpers/matrix.yml | 11 ++- helpers/upgrade.sh | 73 +++++++++++++++++++ kibana/examples/upgrade/Makefile | 16 ++++ kibana/examples/upgrade/README.md | 21 ++++++ kibana/examples/upgrade/test/goss.yaml | 14 ++++ kibana/examples/upgrade/values.yaml | 2 + logstash/examples/upgrade/Makefile | 15 ++++ logstash/examples/upgrade/README.md | 19 +++++ logstash/examples/upgrade/test/goss.yaml | 43 +++++++++++ logstash/examples/upgrade/values.yaml | 1 + metricbeat/examples/upgrade/Makefile | 17 +++++ metricbeat/examples/upgrade/README.md | 21 ++++++ .../examples/upgrade/test/goss-metrics.yaml | 42 +++++++++++ metricbeat/examples/upgrade/test/goss.yaml | 46 ++++++++++++ metricbeat/examples/upgrade/values.yaml | 4 + 27 files changed, 492 insertions(+), 20 deletions(-) create mode 100644 apm-server/examples/upgrade/Makefile create mode 100644 apm-server/examples/upgrade/README.md create mode 100644 apm-server/examples/upgrade/test/goss.yaml create mode 100644 apm-server/examples/upgrade/values.yaml create mode 100644 elasticsearch/examples/upgrade/values.yaml create mode 100644 filebeat/examples/upgrade/Makefile create mode 100644 filebeat/examples/upgrade/README.md create mode 100644 filebeat/examples/upgrade/test/goss.yaml create mode 100644 filebeat/examples/upgrade/values.yaml create mode 100755 helpers/upgrade.sh create mode 100644 kibana/examples/upgrade/Makefile create mode 100644 kibana/examples/upgrade/README.md create mode 100644 kibana/examples/upgrade/test/goss.yaml create mode 100644 kibana/examples/upgrade/values.yaml create mode 100644 logstash/examples/upgrade/Makefile create mode 100644 logstash/examples/upgrade/README.md create mode 100644 logstash/examples/upgrade/test/goss.yaml create mode 100644 logstash/examples/upgrade/values.yaml create mode 100644 metricbeat/examples/upgrade/Makefile create mode 100644 metricbeat/examples/upgrade/README.md create mode 100644 metricbeat/examples/upgrade/test/goss-metrics.yaml create mode 100644 metricbeat/examples/upgrade/test/goss.yaml create mode 100644 metricbeat/examples/upgrade/values.yaml diff --git a/apm-server/examples/upgrade/Makefile b/apm-server/examples/upgrade/Makefile new file mode 100644 index 000000000..02ea4dbcb --- /dev/null +++ b/apm-server/examples/upgrade/Makefile @@ -0,0 +1,15 @@ +default: test + +include ../../../helpers/examples.mk + +CHART := apm-server +RELEASE := helm-apm-server-upgrade +FROM := 7.6.0 # 7.6.0 is the first release for apm-server + +install: + ../../../helpers/upgrade.sh --chart $(CHART) --release $(RELEASE) --from $(FROM) + +test: install goss + +purge: + helm del $(RELEASE) diff --git a/apm-server/examples/upgrade/README.md b/apm-server/examples/upgrade/README.md new file mode 100644 index 000000000..835b3c7ed --- /dev/null +++ b/apm-server/examples/upgrade/README.md @@ -0,0 +1,21 @@ +# Upgrade + +This example will deploy APM Server chart using an old chart version, +then upgrade it. + + +## Usage + +* Add the Elastic Helm charts repo: `helm repo add elastic https://helm.elastic.co` + +* Deploy [Elasticsearch Helm chart][]: `helm install elasticsearch elastic/elasticsearch` + +* Deploy and upgrade APM Server chart with the default values: `make install` + + +## Testing + +You can also run [goss integration tests][] using `make test`. + + +[goss integration tests]: https://github.com/elastic/helm-charts/tree/master/apm-server/examples/upgrade/test/goss.yaml diff --git a/apm-server/examples/upgrade/test/goss.yaml b/apm-server/examples/upgrade/test/goss.yaml new file mode 100644 index 000000000..7659f1f86 --- /dev/null +++ b/apm-server/examples/upgrade/test/goss.yaml @@ -0,0 +1,6 @@ +http: + http://localhost:8200?pretty: + status: 200 + timeout: 2000 + body: + - "7.11.0" diff --git a/apm-server/examples/upgrade/values.yaml b/apm-server/examples/upgrade/values.yaml new file mode 100644 index 000000000..4b66615c5 --- /dev/null +++ b/apm-server/examples/upgrade/values.yaml @@ -0,0 +1,12 @@ +--- +apmConfig: + apm-server.yml: | + apm-server: + host: "0.0.0.0:8200" + + queue: {} + output.file: + enabled: false + + output.elasticsearch: + hosts: ["http://upgrade-master:9200"] diff --git a/elasticsearch/examples/upgrade/Makefile b/elasticsearch/examples/upgrade/Makefile index 8c7ac79f2..da2cd541a 100644 --- a/elasticsearch/examples/upgrade/Makefile +++ b/elasticsearch/examples/upgrade/Makefile @@ -2,10 +2,12 @@ default: test include ../../../helpers/examples.mk +CHART := elasticsearch RELEASE := helm-es-upgrade +FROM := 7.4.0 # versions before 7.4.O aren't compatible with Kubernetes >= 1.16.0 install: - ./scripts/upgrade.sh --release $(RELEASE) + ../../../helpers/upgrade.sh --chart $(CHART) --release $(RELEASE) --from $(FROM) test: install goss diff --git a/elasticsearch/examples/upgrade/README.md b/elasticsearch/examples/upgrade/README.md index 7efc96204..85977f52e 100644 --- a/elasticsearch/examples/upgrade/README.md +++ b/elasticsearch/examples/upgrade/README.md @@ -1,19 +1,12 @@ # Upgrade -This example will deploy a 3 node Elasticsearch cluster using an old chart version, -then upgrade it to version 7.11.0-SNAPSHOT. - -The following upgrades are tested: -- Upgrade from [7.0.0-alpha1][] version on K8S <1.16 -- Upgrade from [7.4.0][] version on K8S >=1.16 (Elasticsearch chart < 7.4.0 are -not compatible with K8S >= 1.16) +This example will deploy a 3 node Elasticsearch cluster chart using an old chart +version, then upgrade it. ## Usage -Running `make install` command will do first install and 7.11.0-SNAPSHOT upgrade. - -Note: [jq][] is a requirement for this make target. +* Deploy and upgrade Elasticsearch chart with the default values: `make install` ## Testing @@ -21,7 +14,4 @@ Note: [jq][] is a requirement for this make target. You can also run [goss integration tests][] using `make test`. -[7.0.0-alpha1]: https://github.com/elastic/helm-charts/releases/tag/7.0.0-alpha1 -[7.4.0]: https://github.com/elastic/helm-charts/releases/tag/7.4.0 -[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/upgrade/test/goss.yaml -[jq]: https://stedolan.github.io/jq/ +[goss integration tests]: https://github.com/elastic/helm-charts/tree/master/elasticsearch/examples/upgrade/test/goss.yaml diff --git a/elasticsearch/examples/upgrade/test/goss.yaml b/elasticsearch/examples/upgrade/test/goss.yaml index dd4f5e0be..b02f83166 100644 --- a/elasticsearch/examples/upgrade/test/goss.yaml +++ b/elasticsearch/examples/upgrade/test/goss.yaml @@ -3,7 +3,7 @@ http: status: 200 timeout: 2000 body: - - 'green' + - "green" - '"number_of_nodes":3' - '"number_of_data_nodes":3' @@ -14,4 +14,4 @@ http: - '"number" : "7.11.0-SNAPSHOT"' - '"cluster_name" : "upgrade"' - '"name" : "upgrade-master-0"' - - 'You Know, for Search' + - "You Know, for Search" diff --git a/elasticsearch/examples/upgrade/values.yaml b/elasticsearch/examples/upgrade/values.yaml new file mode 100644 index 000000000..de0283af4 --- /dev/null +++ b/elasticsearch/examples/upgrade/values.yaml @@ -0,0 +1,2 @@ +--- +clusterName: upgrade diff --git a/filebeat/examples/upgrade/Makefile b/filebeat/examples/upgrade/Makefile new file mode 100644 index 000000000..252b39250 --- /dev/null +++ b/filebeat/examples/upgrade/Makefile @@ -0,0 +1,15 @@ +default: test + +include ../../../helpers/examples.mk + +CHART := filebeat +RELEASE := helm-filebeat-upgrade +FROM := 7.9.0 # registry file version 1 not supported error with previous version + +install: + ../../../helpers/upgrade.sh --chart $(CHART) --release $(RELEASE) --from $(FROM) + +test: install goss + +purge: + helm del $(RELEASE) diff --git a/filebeat/examples/upgrade/README.md b/filebeat/examples/upgrade/README.md new file mode 100644 index 000000000..fa3ee3b85 --- /dev/null +++ b/filebeat/examples/upgrade/README.md @@ -0,0 +1,21 @@ +# Upgrade + +This example will deploy Filebeat chart using an old chart version, +then upgrade it. + + +## Usage + +* Add the Elastic Helm charts repo: `helm repo add elastic https://helm.elastic.co` + +* Deploy [Elasticsearch Helm chart][]: `helm install elasticsearch elastic/elasticsearch` + +* Deploy and upgrade Filebeat chart with the default values: `make install` + + +## Testing + +You can also run [goss integration tests][] using `make test`. + + +[goss integration tests]: https://github.com/elastic/helm-charts/tree/master/filebeat/examples/upgrade/test/goss.yaml diff --git a/filebeat/examples/upgrade/test/goss.yaml b/filebeat/examples/upgrade/test/goss.yaml new file mode 100644 index 000000000..ad1f61e5a --- /dev/null +++ b/filebeat/examples/upgrade/test/goss.yaml @@ -0,0 +1,45 @@ +port: + tcp:5066: + listening: true + ip: + - "127.0.0.1" + +mount: + /usr/share/filebeat/data: + exists: true + /run/docker.sock: + exists: true + /var/lib/docker/containers: + exists: true + opts: + - ro + /usr/share/filebeat/filebeat.yml: + exists: true + opts: + - ro + +user: + filebeat: + exists: true + uid: 1000 + gid: 1000 + +http: + http://upgrade-master:9200/_cat/indices: + status: 200 + timeout: 2000 + body: + - "filebeat-7.11.0" + +file: + /usr/share/filebeat/filebeat.yml: + exists: true + contains: + - "add_kubernetes_metadata" + - "output.elasticsearch" + +command: + cd /usr/share/filebeat && filebeat test output: + exit-status: 0 + stdout: + - "elasticsearch: http://upgrade-master:9200" diff --git a/filebeat/examples/upgrade/values.yaml b/filebeat/examples/upgrade/values.yaml new file mode 100644 index 000000000..8b230601e --- /dev/null +++ b/filebeat/examples/upgrade/values.yaml @@ -0,0 +1,4 @@ +--- +extraEnvs: + - name: ELASTICSEARCH_HOSTS + value: upgrade-master:9200 diff --git a/helpers/matrix.yml b/helpers/matrix.yml index cdb1956a9..a8fd93a32 100644 --- a/helpers/matrix.yml +++ b/helpers/matrix.yml @@ -16,24 +16,29 @@ KIBANA_SUITE: - default - oss - security + - upgrade FILEBEAT_SUITE: - default - oss - security + - upgrade METRICBEAT_SUITE: - default - oss - security + #- upgrade TODO: uncomment after 7.10.0 release LOGSTASH_SUITE: - default - oss - elasticsearch - security + - upgrade APM_SERVER_SUITE: - default - oss - security + - upgrade KUBERNETES_VERSION: - - '1.15' - - '1.16' - - '1.17' + - "1.15" + - "1.16" + - "1.17" diff --git a/helpers/upgrade.sh b/helpers/upgrade.sh new file mode 100755 index 000000000..269b64d8a --- /dev/null +++ b/helpers/upgrade.sh @@ -0,0 +1,73 @@ +#!/usr/bin/env bash +# +# upgrade.sh deploy some Helm chart to a specific released version, +# then upgrade it. +# +# An optional version can be specified for Docker image tag to use for upgrade. +# This is required for master branch because upgrade from Elasticsearch 7.X +# to 8.0.0-SNAPSHOT doesn't work. +# +set -euo pipefail + +TO="" + +usage() { + cat <<-EOF + USAGE: + $0 --chart --release --from [--to ] + $0 --help + + OPTIONS: + --chart + Name of the Elastic Helm chart to install (ie: elasticsearch) + --release + Name of the Helm release to install (ie: helm-upgrade-elasticsearch) + --from + Version to use for first install (ie: 7.7.0) + --to + Version of the Docker images to use for upgrade (ie: 7.10.0) + EOF + exit 1 +} + +while [[ $# -gt 0 ]] +do + key="$1" + + case $key in + --help) + usage + ;; + --chart) + CHART="$2" + shift 2 + ;; + --release) + RELEASE="$2" + shift 2 + ;; + --from) + FROM="$2" + shift 2 + ;; + --to) + TO="--set imageTag=$2" + shift 2 + ;; + *) + log "Unrecognized argument: '$key'" + usage + ;; + esac +done + +helm repo add elastic https://helm.elastic.co + +# Initial install +printf "Installing %s %s\n" "$RELEASE" "$FROM" +helm upgrade --wait --timeout=1200s --install --version "$FROM" --values values.yaml "$RELEASE" elastic/"$CHART" + +# Upgrade +printf "Upgrading %s\n" "$RELEASE" +# shellcheck disable=SC2086 +helm upgrade --wait --timeout=1200s --install --set terminationGracePeriod=121 $TO --values values.yaml "$RELEASE" ../../ diff --git a/kibana/examples/upgrade/Makefile b/kibana/examples/upgrade/Makefile new file mode 100644 index 000000000..6fcb2103e --- /dev/null +++ b/kibana/examples/upgrade/Makefile @@ -0,0 +1,16 @@ +default: test + +include ../../../helpers/examples.mk + +CHART := kibana +RELEASE := helm-kibana-upgrade +FROM := 7.4.0 # versions before 7.4.O aren't compatible with Kubernetes >= 1.16.0 +TO := 7.10.0 # required to use with Elasticsearch 7.10.0 + +install: + ../../../helpers/upgrade.sh --chart $(CHART) --release $(RELEASE) --from $(FROM) --to $(TO) + +test: install goss + +purge: + helm del $(RELEASE) diff --git a/kibana/examples/upgrade/README.md b/kibana/examples/upgrade/README.md new file mode 100644 index 000000000..ad28f65c6 --- /dev/null +++ b/kibana/examples/upgrade/README.md @@ -0,0 +1,21 @@ +# Upgrade + +This example will deploy Kibana chart using an old chart version, +then upgrade it. + + +## Usage + +* Add the Elastic Helm charts repo: `helm repo add elastic https://helm.elastic.co` + +* Deploy [Elasticsearch Helm chart][]: `helm install elasticsearch elastic/elasticsearch` + +* Deploy and upgrade Kibana chart with the default values: `make install` + + +## Testing + +You can also run [goss integration tests][] using `make test`. + + +[goss integration tests]: https://github.com/elastic/helm-charts/tree/master/kibana/examples/upgrade/test/goss.yaml diff --git a/kibana/examples/upgrade/test/goss.yaml b/kibana/examples/upgrade/test/goss.yaml new file mode 100644 index 000000000..5b3a1b28a --- /dev/null +++ b/kibana/examples/upgrade/test/goss.yaml @@ -0,0 +1,14 @@ +http: + http://localhost:5601/api/status: + status: 200 + timeout: 2000 + body: + - '"number":"7.10.0"' + + http://localhost:5601/app/kibana: + status: 200 + timeout: 2000 + + http://helm-kibana-upgrade-kibana:5601/app/kibana: + status: 200 + timeout: 2000 diff --git a/kibana/examples/upgrade/values.yaml b/kibana/examples/upgrade/values.yaml new file mode 100644 index 000000000..01d99c838 --- /dev/null +++ b/kibana/examples/upgrade/values.yaml @@ -0,0 +1,2 @@ +--- +elasticsearchHosts: "http://upgrade-master:9200" diff --git a/logstash/examples/upgrade/Makefile b/logstash/examples/upgrade/Makefile new file mode 100644 index 000000000..db739a141 --- /dev/null +++ b/logstash/examples/upgrade/Makefile @@ -0,0 +1,15 @@ +default: test + +include ../../../helpers/examples.mk + +CHART := logstash +RELEASE := helm-logstash-upgrade +FROM := 7.9.0 # upgrade from version < 7.9.0 is failing due to headless service breaking change + +install: + ../../../helpers/upgrade.sh --chart $(CHART) --release $(RELEASE) --from $(FROM) + +test: install goss + +purge: + helm del $(RELEASE) diff --git a/logstash/examples/upgrade/README.md b/logstash/examples/upgrade/README.md new file mode 100644 index 000000000..c8986a070 --- /dev/null +++ b/logstash/examples/upgrade/README.md @@ -0,0 +1,19 @@ +# Upgrade + +This example will deploy Logstash chart using an old chart version, +then upgrade it. + + +## Usage + +* Add the Elastic Helm charts repo: `helm repo add elastic https://helm.elastic.co` + +* Deploy and upgrade Logstash chart with the default values: `make install` + + +## Testing + +You can also run [goss integration tests][] using `make test`. + + +[goss integration tests]: https://github.com/elastic/helm-charts/tree/master/logstash/examples/upgrade/test/goss.yaml diff --git a/logstash/examples/upgrade/test/goss.yaml b/logstash/examples/upgrade/test/goss.yaml new file mode 100644 index 000000000..19a5ccb6b --- /dev/null +++ b/logstash/examples/upgrade/test/goss.yaml @@ -0,0 +1,43 @@ +user: + logstash: + exists: true + uid: 1000 + gid: 1000 + +http: + http://localhost:9600?pretty: + status: 200 + timeout: 2000 + body: + - '"host" : "helm-logstash-upgrade-logstash-0"' + - '"version" : "7.11.0"' + - '"http_address" : "0.0.0.0:9600"' + - '"name" : "helm-logstash-upgrade-logstash-0"' + - '"status" : "green"' + - '"workers" : 1' + - '"batch_size" : 125' + - '"batch_delay" : 50' + +file: + /usr/share/logstash/config/logstash.yml: + exists: true + mode: "0644" + owner: logstash + group: root + filetype: file + contains: + - 'http.host: "0.0.0.0"' + - 'xpack.monitoring.elasticsearch.hosts: [ "http://elasticsearch:9200" ]' + /usr/share/logstash/pipeline/logstash.conf: + exists: true + mode: "0644" + owner: logstash + group: root + filetype: file + contains: + - "input {" + - "beats {" + - "port => 5044" + - "output {" + - "stdout {" + - "codec => rubydebug" diff --git a/logstash/examples/upgrade/values.yaml b/logstash/examples/upgrade/values.yaml new file mode 100644 index 000000000..ed97d539c --- /dev/null +++ b/logstash/examples/upgrade/values.yaml @@ -0,0 +1 @@ +--- diff --git a/metricbeat/examples/upgrade/Makefile b/metricbeat/examples/upgrade/Makefile new file mode 100644 index 000000000..d2d8d8509 --- /dev/null +++ b/metricbeat/examples/upgrade/Makefile @@ -0,0 +1,17 @@ +default: test + +include ../../../helpers/examples.mk + +CHART := metricbeat +RELEASE := helm-metricbeat-upgrade +#FROM := 7.10.0 # upgrade from version < 7.10.0 is failing due to selector + # breaking change in https://github.com/elastic/helm-charts/pull/516 + +install: + ../../../helpers/upgrade.sh --chart $(CHART) --release $(RELEASE) --from $(FROM) + +#TODO: uncomment after 7.10.0 release +test: #install goss + +purge: + helm del $(RELEASE) diff --git a/metricbeat/examples/upgrade/README.md b/metricbeat/examples/upgrade/README.md new file mode 100644 index 000000000..4c1821b1f --- /dev/null +++ b/metricbeat/examples/upgrade/README.md @@ -0,0 +1,21 @@ +# Upgrade + +This example will deploy Metricbeat chart using an old chart version, +then upgrade it. + + +## Usage + +* Add the Elastic Helm charts repo: `helm repo add elastic https://helm.elastic.co` + +* Deploy [Elasticsearch Helm chart][]: `helm install elasticsearch elastic/elasticsearch` + +* Deploy and upgrade Metricbeat chart with the default values: `make install` + + +## Testing + +You can also run [goss integration tests][] using `make test`. + + +[goss integration tests]: https://github.com/elastic/helm-charts/tree/master/metricbeat/examples/upgrade/test/goss.yaml diff --git a/metricbeat/examples/upgrade/test/goss-metrics.yaml b/metricbeat/examples/upgrade/test/goss-metrics.yaml new file mode 100644 index 000000000..ed1d30db3 --- /dev/null +++ b/metricbeat/examples/upgrade/test/goss-metrics.yaml @@ -0,0 +1,42 @@ +port: + tcp:5066: + listening: true + ip: + - "127.0.0.1" + +mount: + /usr/share/metricbeat/metricbeat.yml: + exists: true + opts: + - ro + +user: + metricbeat: + exists: true + uid: 1000 + gid: 1000 + +http: + http://upgrade-master:9200/_cat/indices: + status: 200 + timeout: 2000 + body: + - "metricbeat-7.10.0" + + ? "http://upgrade-master:9200/_search?q=metricset.name:state_container%20AND%20kubernetes.container.name:metricbeat" + : status: 200 + timeout: 2000 + body: + - "metricbeat-7.10.0" + +file: + /usr/share/metricbeat/metricbeat.yml: + exists: true + contains: + - "output.elasticsearch" + +command: + cd /usr/share/metricbeat && metricbeat test output: + exit-status: 0 + stdout: + - "elasticsearch: http://upgrade-master:9200" diff --git a/metricbeat/examples/upgrade/test/goss.yaml b/metricbeat/examples/upgrade/test/goss.yaml new file mode 100644 index 000000000..e39d75ab9 --- /dev/null +++ b/metricbeat/examples/upgrade/test/goss.yaml @@ -0,0 +1,46 @@ +port: + tcp:5066: + listening: true + ip: + - "127.0.0.1" + +mount: + /usr/share/metricbeat/data: + exists: true + /run/docker.sock: + exists: true + /usr/share/metricbeat/metricbeat.yml: + exists: true + opts: + - ro + +user: + metricbeat: + exists: true + uid: 1000 + gid: 1000 + +http: + http://upgrade-master:9200/_cat/indices: + status: 200 + timeout: 2000 + body: + - "metricbeat-7.11.0" + ? "http://upgrade-master:9200/_search?q=metricset.name:container%20AND%20kubernetes.container.name:metricbeat" + : status: 200 + timeout: 2000 + body: + - "metricbeat-7.11.0" + +file: + /usr/share/metricbeat/metricbeat.yml: + exists: true + contains: + - "add_kubernetes_metadata" + - "output.elasticsearch" + +command: + cd /usr/share/metricbeat && metricbeat test output: + exit-status: 0 + stdout: + - "elasticsearch: http://upgrade-master:9200" diff --git a/metricbeat/examples/upgrade/values.yaml b/metricbeat/examples/upgrade/values.yaml new file mode 100644 index 000000000..8b230601e --- /dev/null +++ b/metricbeat/examples/upgrade/values.yaml @@ -0,0 +1,4 @@ +--- +extraEnvs: + - name: ELASTICSEARCH_HOSTS + value: upgrade-master:9200 From 5f41b3e6ac96ed12b941e18ed175b8973263bba0 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Fri, 20 Nov 2020 17:51:31 +0100 Subject: [PATCH 104/151] [7.x] [meta] remove support for k8s <1.14 & helm <2.17.0 (#916) (#923) This commit remove the code support for k8s version < 1.14. This allows us to remove some helpers which aren't working anymore with Helm 2. ``` Error: render error in "logstash/templates/statefulset.yaml": template: logstash/templates/_helpers.tpl:26:43: executing "logstash.statefulset.apiVersion" at <.Capabilities.KubeVersion.Version>: can't evaluate field Version in type *version.Info ``` In addition this also remove support for helm version < 2.17.0 which is the last Helm 2 version. --- apm-server/README.md | 4 ++-- apm-server/templates/_helpers.tpl | 17 ----------------- apm-server/templates/hpa.yaml | 2 +- apm-server/templates/ingress.yaml | 2 +- elasticsearch/README.md | 4 ++-- elasticsearch/templates/_helpers.tpl | 22 ---------------------- elasticsearch/templates/ingress.yaml | 2 +- elasticsearch/templates/statefulset.yaml | 4 +--- filebeat/README.md | 4 ++-- kibana/README.md | 4 ++-- kibana/templates/_helpers.tpl | 11 ----------- kibana/templates/ingress.yaml | 2 +- logstash/README.md | 4 ++-- logstash/templates/_helpers.tpl | 22 ---------------------- logstash/templates/ingress.yaml | 4 ++-- logstash/templates/statefulset.yaml | 2 +- metricbeat/README.md | 4 ++-- 17 files changed, 20 insertions(+), 94 deletions(-) diff --git a/apm-server/README.md b/apm-server/README.md index 1cf4a5c3f..dfffce418 100644 --- a/apm-server/README.md +++ b/apm-server/README.md @@ -34,8 +34,8 @@ SLA of official GA features (see [supported configurations][] for more details). ## Requirements -* Kubernetes >= 1.9 -* [Helm][] >= 2.8.0 +* Kubernetes >= 1.14 +* [Helm][] >= 2.17.0 See [supported configurations][] for more details. diff --git a/apm-server/templates/_helpers.tpl b/apm-server/templates/_helpers.tpl index 6f64c4b38..d36af2029 100755 --- a/apm-server/templates/_helpers.tpl +++ b/apm-server/templates/_helpers.tpl @@ -19,23 +19,6 @@ We truncate at 63 chars because some Kubernetes name fields are limited to this {{- end -}} {{- end -}} -{{/* -Return the appropriate apiVersion for ingress. -*/}} -{{- define "apm.ingress.apiVersion" -}} -{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.Version -}} -{{- print "extensions/v1beta1" -}} -{{- else -}} -{{- print "networking.k8s.io/v1beta1" -}} -{{- end -}} -{{- end -}} -{{- define "apm.autoscaling.apiVersion" -}} -{{- if semverCompare "<1.12-0" .Capabilities.KubeVersion.Version -}} -{{- print "autoscaling/v2beta1" -}} -{{- else -}} -{{- print "autoscaling/v2beta2" -}} -{{- end -}} -{{- end -}} {{/* Use the fullname if the serviceAccount value is not set */}} diff --git a/apm-server/templates/hpa.yaml b/apm-server/templates/hpa.yaml index 928f25789..a254adb09 100644 --- a/apm-server/templates/hpa.yaml +++ b/apm-server/templates/hpa.yaml @@ -1,5 +1,5 @@ {{- if .Values.autoscaling.enabled }} -apiVersion: {{ template "apm.autoscaling.apiVersion" . }} +apiVersion: autoscaling/v2beta2 kind: HorizontalPodAutoscaler metadata: name: {{ template "apm.fullname" . }} diff --git a/apm-server/templates/ingress.yaml b/apm-server/templates/ingress.yaml index bfaa0f0e5..64ebcced9 100644 --- a/apm-server/templates/ingress.yaml +++ b/apm-server/templates/ingress.yaml @@ -2,7 +2,7 @@ {{- $fullName := include "apm.fullname" . -}} {{- $servicePort := .Values.service.port -}} {{- $ingressPath := .Values.ingress.path -}} -apiVersion: {{ template "apm.ingress.apiVersion" . }} +apiVersion: networking.k8s.io/v1beta1 kind: Ingress metadata: name: {{ template "apm.fullname" . }} diff --git a/elasticsearch/README.md b/elasticsearch/README.md index 2a59d0c8c..dd3fab733 100644 --- a/elasticsearch/README.md +++ b/elasticsearch/README.md @@ -41,8 +41,8 @@ This Helm chart is a lightweight way to configure and run our official ## Requirements -* [Helm][] >=2.8.0 and <3.0.0 -* Kubernetes >=1.8 +* Kubernetes >= 1.14 +* [Helm][] >= 2.17.0 * Minimum cluster requirements include the following to run this chart with default settings. All of these settings are configurable. * Three Kubernetes nodes to respect the default "hard" affinity settings diff --git a/elasticsearch/templates/_helpers.tpl b/elasticsearch/templates/_helpers.tpl index 247d4ee00..d373f2a84 100755 --- a/elasticsearch/templates/_helpers.tpl +++ b/elasticsearch/templates/_helpers.tpl @@ -63,25 +63,3 @@ We truncate at 63 chars because some Kubernetes name fields are limited to this {{- end -}} {{- end -}} {{- end -}} - -{{/* -Return the appropriate apiVersion for statefulset. -*/}} -{{- define "elasticsearch.statefulset.apiVersion" -}} -{{- if semverCompare "<1.9-0" .Capabilities.KubeVersion.Version -}} -{{- print "apps/v1beta2" -}} -{{- else -}} -{{- print "apps/v1" -}} -{{- end -}} -{{- end -}} - -{{/* -Return the appropriate apiVersion for ingress. -*/}} -{{- define "elasticsearch.ingress.apiVersion" -}} -{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.Version -}} -{{- print "extensions/v1beta1" -}} -{{- else -}} -{{- print "networking.k8s.io/v1beta1" -}} -{{- end -}} -{{- end -}} diff --git a/elasticsearch/templates/ingress.yaml b/elasticsearch/templates/ingress.yaml index b863ff400..e34b475e1 100644 --- a/elasticsearch/templates/ingress.yaml +++ b/elasticsearch/templates/ingress.yaml @@ -2,7 +2,7 @@ {{- $fullName := include "elasticsearch.uname" . -}} {{- $servicePort := .Values.httpPort -}} {{- $ingressPath := .Values.ingress.path -}} -apiVersion: {{ template "elasticsearch.ingress.apiVersion" . }} +apiVersion: networking.k8s.io/v1beta1 kind: Ingress metadata: name: {{ $fullName }} diff --git a/elasticsearch/templates/statefulset.yaml b/elasticsearch/templates/statefulset.yaml index 892538638..654feded7 100644 --- a/elasticsearch/templates/statefulset.yaml +++ b/elasticsearch/templates/statefulset.yaml @@ -1,5 +1,5 @@ --- -apiVersion: {{ template "elasticsearch.statefulset.apiVersion" . }} +apiVersion: apps/v1 kind: StatefulSet metadata: name: {{ template "elasticsearch.uname" . }} @@ -152,9 +152,7 @@ spec: imagePullSecrets: {{ toYaml .Values.imagePullSecrets | indent 8 }} {{- end }} - {{- if semverCompare ">1.13-0" .Capabilities.KubeVersion.Version }} enableServiceLinks: {{ .Values.enableServiceLinks }} - {{- end }} initContainers: {{- if .Values.sysctlInitContainer.enabled }} - name: configure-sysctl diff --git a/filebeat/README.md b/filebeat/README.md index 7348b7bd7..fcd0e2d85 100644 --- a/filebeat/README.md +++ b/filebeat/README.md @@ -31,8 +31,8 @@ This Helm chart is a lightweight way to configure and run our official ## Requirements -* [Helm][] >=2.8.0 and <3.0.0 -* Kubernetes >=1.9 +* Kubernetes >= 1.14 +* [Helm][] >= 2.17.0 See [supported configurations][] for more details. diff --git a/kibana/README.md b/kibana/README.md index 6306146c9..c770f3ebd 100644 --- a/kibana/README.md +++ b/kibana/README.md @@ -33,8 +33,8 @@ This Helm chart is a lightweight way to configure and run our official ## Requirements -* [Helm][] >=2.8.0 and <3.0.0 -* Kubernetes >=1.9 +* Kubernetes >= 1.14 +* [Helm][] >= 2.17.0 See [supported configurations][] for more details. diff --git a/kibana/templates/_helpers.tpl b/kibana/templates/_helpers.tpl index d03cc29cf..407e29680 100755 --- a/kibana/templates/_helpers.tpl +++ b/kibana/templates/_helpers.tpl @@ -19,17 +19,6 @@ We truncate at 63 chars because some Kubernetes name fields are limited to this {{- end -}} {{- end -}} -{{/* -Return the appropriate apiVersion for ingress. -*/}} -{{- define "kibana.ingress.apiVersion" -}} -{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.Version -}} -{{- print "extensions/v1beta1" -}} -{{- else -}} -{{- print "networking.k8s.io/v1beta1" -}} -{{- end -}} -{{- end -}} - {{/* Common labels */}} diff --git a/kibana/templates/ingress.yaml b/kibana/templates/ingress.yaml index e62977495..fd4eae24a 100644 --- a/kibana/templates/ingress.yaml +++ b/kibana/templates/ingress.yaml @@ -2,7 +2,7 @@ {{- $fullName := include "kibana.fullname" . -}} {{- $servicePort := .Values.service.port -}} {{- $ingressPath := .Values.ingress.path -}} -apiVersion: {{ template "kibana.ingress.apiVersion" . }} +apiVersion: networking.k8s.io/v1beta1 kind: Ingress metadata: name: {{ $fullName }} diff --git a/logstash/README.md b/logstash/README.md index 61c8cff2b..fa0d2aab9 100644 --- a/logstash/README.md +++ b/logstash/README.md @@ -34,8 +34,8 @@ SLA of official GA features (see [supported configurations][] for more details). ## Requirements -* [Helm][] >=2.8.0 and <3.0.0 -* Kubernetes >=1.8 +* Kubernetes >= 1.14 +* [Helm][] >= 2.17.0 See [supported configurations][] for more details. diff --git a/logstash/templates/_helpers.tpl b/logstash/templates/_helpers.tpl index 13c76fde6..82aad6075 100755 --- a/logstash/templates/_helpers.tpl +++ b/logstash/templates/_helpers.tpl @@ -18,25 +18,3 @@ We truncate at 63 chars because some Kubernetes name fields are limited to this {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} {{- end -}} {{- end -}} - -{{/* -Return the appropriate apiVersion for statefulset. -*/}} -{{- define "logstash.statefulset.apiVersion" -}} -{{- if semverCompare "<1.9-0" .Capabilities.KubeVersion.Version -}} -{{- print "apps/v1beta2" -}} -{{- else -}} -{{- print "apps/v1" -}} -{{- end -}} -{{- end -}} - -{{/* -Return the appropriate apiVersion for ingress. -*/}} -{{- define "logstash.ingress.apiVersion" -}} -{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.Version -}} -{{- print "extensions/v1beta1" -}} -{{- else -}} -{{- print "networking.k8s.io/v1beta1" -}} -{{- end -}} -{{- end -}} diff --git a/logstash/templates/ingress.yaml b/logstash/templates/ingress.yaml index cef5666b9..a4aeb145e 100644 --- a/logstash/templates/ingress.yaml +++ b/logstash/templates/ingress.yaml @@ -1,6 +1,6 @@ {{- if .Values.ingress.enabled -}} {{- $fullName := include "logstash.fullname" . -}} -apiVersion: {{ template "logstash.ingress.apiVersion" . }} +apiVersion: networking.k8s.io/v1beta1 kind: Ingress metadata: name: {{ $fullName }} @@ -28,6 +28,6 @@ spec: backend: serviceName: {{ $fullName }} servicePort: {{ .servicePort }} - {{- end }} + {{- end }} {{- end }} {{- end }} diff --git a/logstash/templates/statefulset.yaml b/logstash/templates/statefulset.yaml index 9200cfc0c..55548eced 100644 --- a/logstash/templates/statefulset.yaml +++ b/logstash/templates/statefulset.yaml @@ -1,5 +1,5 @@ --- -apiVersion: {{ template "logstash.statefulset.apiVersion" . }} +apiVersion: apps/v1 kind: StatefulSet metadata: name: {{ template "logstash.fullname" . }} diff --git a/metricbeat/README.md b/metricbeat/README.md index 396a9fd54..28cd6a354 100644 --- a/metricbeat/README.md +++ b/metricbeat/README.md @@ -32,8 +32,8 @@ This Helm chart is a lightweight way to configure and run our official ## Requirements -* [Helm][] >=2.8.0 and <3.0.0 -* Kubernetes >=1.9 +* Kubernetes >= 1.14 +* [Helm][] >= 2.17.0 See [supported configurations][] for more details. From c57b5c9bb498cd727ca545e16d550c62ead89517 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Mon, 23 Nov 2020 09:58:26 +0100 Subject: [PATCH 105/151] [meta] remove version from dev install section title (#928) This commit update charts readme to remove the version from the dev install section title. This is required to simplify bumping automation and avoid having to manage toc update. This was done in 7.9 branch in #831 Also remove a unused link --- apm-server/README.md | 7 ++++--- elasticsearch/README.md | 9 ++++----- filebeat/README.md | 8 +++----- kibana/README.md | 8 ++++---- logstash/README.md | 9 ++++----- metricbeat/README.md | 8 ++++---- 6 files changed, 23 insertions(+), 26 deletions(-) diff --git a/apm-server/README.md b/apm-server/README.md index dfffce418..bab2cf9bf 100644 --- a/apm-server/README.md +++ b/apm-server/README.md @@ -42,7 +42,7 @@ See [supported configurations][] for more details. ## Installing -This chart is tested with the latest 7.11.0-SNAPSHOT versions. +This chart is tested with the latest 7.11.0-SNAPSHOT version. ### Install released version using Helm repository @@ -53,11 +53,12 @@ This chart is tested with the latest 7.11.0-SNAPSHOT versions. - with Helm 3: `helm install apm-server --version elastic/apm-server` - with Helm 2 (deprecated): `helm install --name apm-server --version elastic/apm-server` - -### Install development version using 7.x branch and 7.11.0-SNAPSHOT versions +### Install development version from a branch * Clone the git repo: `git clone git@github.com:elastic/helm-charts.git` +* Checkout the branch : `git checkout 7.x` + * Install it: - with Helm 3: `helm install apm-server ./helm-charts/apm-server --set imageTag=7.11.0-SNAPSHOT` - with Helm 2 (deprecated): `helm install --name apm-server ./helm-charts/apm-server --set imageTag=7.11.0-SNAPSHOT` diff --git a/elasticsearch/README.md b/elasticsearch/README.md index dd3fab733..807113981 100644 --- a/elasticsearch/README.md +++ b/elasticsearch/README.md @@ -52,7 +52,7 @@ See [supported configurations][] for more details. ## Installing -This chart is tested with the latest 7.11.0-SNAPSHOT versions. +This chart is tested with the latest 7.11.0-SNAPSHOT version. ### Install released version using Helm repository @@ -63,12 +63,12 @@ This chart is tested with the latest 7.11.0-SNAPSHOT versions. - with Helm 3: `helm install elasticsearch --version elastic/elasticsearch` - with Helm 2 (deprecated): `helm install --name elasticsearch --version elastic/elasticsearch` - - -### Install development version using 7.x branch and 7.11.0-SNAPSHOT versions +### Install development version from a branch * Clone the git repo: `git clone git@github.com:elastic/helm-charts.git` +* Checkout the branch : `git checkout 7.x` + * Install it: - with Helm 3: `helm install elasticsearch ./helm-charts/elasticsearch --set imageTag=7.11.0-SNAPSHOT` - with Helm 2 (deprecated): `helm install --name elasticsearch ./helm-charts/elasticsearch --set imageTag=7.11.0-SNAPSHOT` @@ -389,7 +389,6 @@ about our development and testing process. [7.x]: https://github.com/elastic/helm-charts/releases [#63]: https://github.com/elastic/helm-charts/issues/63 -[7.7.1]: https://github.com/elastic/helm-charts/blob/7.7.1/elasticsearch/README.md [BREAKING_CHANGES.md]: https://github.com/elastic/helm-charts/blob/master/BREAKING_CHANGES.md [CHANGELOG.md]: https://github.com/elastic/helm-charts/blob/master/CHANGELOG.md [CONTRIBUTING.md]: https://github.com/elastic/helm-charts/blob/master/CONTRIBUTING.md diff --git a/filebeat/README.md b/filebeat/README.md index fcd0e2d85..949ba218f 100644 --- a/filebeat/README.md +++ b/filebeat/README.md @@ -39,7 +39,7 @@ See [supported configurations][] for more details. ## Installing -This chart is tested with the latest 7.11.0-SNAPSHOT versions. +This chart is tested with the latest 7.11.0-SNAPSHOT version. ### Install released version using Helm repository @@ -50,12 +50,11 @@ This chart is tested with the latest 7.11.0-SNAPSHOT versions. - with Helm 3: `helm install filebeat --version elastic/filebeat` - with Helm 2 (deprecated): `helm install --name filebeat --version elastic/filebeat` - - -### Install development version using 7.x branch and 7.11.0-SNAPSHOT versions +### Install development version from a branch * Clone the git repo: `git clone git@github.com:elastic/helm-charts.git` +* Checkout the branch : `git checkout 7.x` * Install it: - with Helm 3: `helm install filebeat ./helm-charts/filebeat --set imageTag=7.11.0-SNAPSHOT` - with Helm 2 (deprecated): `helm install --name filebeat ./helm-charts/filebeat --set imageTag=7.11.0-SNAPSHOT` @@ -187,7 +186,6 @@ Please check [CONTRIBUTING.md][] before any contribution or for any questions about our development and testing process. [7.x]: https://github.com/elastic/helm-charts/releases -[7.7.1]: https://github.com/elastic/helm-charts/blob/7.7.1/filebeat/README.md [BREAKING_CHANGES.md]: https://github.com/elastic/helm-charts/blob/master/BREAKING_CHANGES.md [CHANGELOG.md]: https://github.com/elastic/helm-charts/blob/master/CHANGELOG.md [CONTRIBUTING.md]: https://github.com/elastic/helm-charts/blob/master/CONTRIBUTING.md diff --git a/kibana/README.md b/kibana/README.md index c770f3ebd..8b63e2deb 100644 --- a/kibana/README.md +++ b/kibana/README.md @@ -40,7 +40,7 @@ See [supported configurations][] for more details. ## Installing -This chart is tested with the latest 7.11.0-SNAPSHOT versions. +This chart is tested with the latest 7.11.0-SNAPSHOT version. ### Install released version using Helm repository @@ -51,11 +51,12 @@ This chart is tested with the latest 7.11.0-SNAPSHOT versions. - with Helm 3: `helm install kibana --version elastic/kibana` - with Helm 2 (deprecated): `helm install --name kibana --version elastic/kibana` - -### Install development version using 7.x branch and 7.11.0-SNAPSHOT versions +### Install development version from a branch * Clone the git repo: `git clone git@github.com:elastic/helm-charts.git` +* Checkout the branch : `git checkout 7.x` + * Install it: - with Helm 3: `helm install kibana ./helm-charts/kibana --set imageTag=7.11.0-SNAPSHOT` - with Helm 2 (deprecated): `helm install --name kibana ./helm-charts/kibana --set imageTag=7.11.0-SNAPSHOT` @@ -203,7 +204,6 @@ Please check [CONTRIBUTING.md][] before any contribution or for any questions about our development and testing process. [7.x]: https://github.com/elastic/helm-charts/releases -[7.7.1]: https://github.com/elastic/helm-charts/blob/7.7.1/kibana/README.md [BREAKING_CHANGES.md]: https://github.com/elastic/helm-charts/blob/master/BREAKING_CHANGES.md [CHANGELOG.md]: https://github.com/elastic/helm-charts/blob/master/CHANGELOG.md [CONTRIBUTING.md]: https://github.com/elastic/helm-charts/blob/master/CONTRIBUTING.md diff --git a/logstash/README.md b/logstash/README.md index fa0d2aab9..2b38847f4 100644 --- a/logstash/README.md +++ b/logstash/README.md @@ -42,7 +42,7 @@ See [supported configurations][] for more details. ## Installing -This chart is tested with the latest 7.11.0-SNAPSHOT versions. +This chart is tested with the latest 7.11.0-SNAPSHOT version. ### Install released version using Helm repository @@ -53,12 +53,12 @@ This chart is tested with the latest 7.11.0-SNAPSHOT versions. - with Helm 3: `helm install logstash --version elastic/logstash` - with Helm 2 (deprecated): `helm install --name logstash --version elastic/logstash` - - -### Install development version using 7.x branch and 7.11.0-SNAPSHOT versions +### Install development version from a branch * Clone the git repo: `git clone git@github.com:elastic/helm-charts.git` +* Checkout the branch : `git checkout 7.x` + * Install it: - with Helm 3: `helm install logstash ./helm-charts/logstash --set imageTag=7.11.0-SNAPSHOT` - with Helm 2 (deprecated): `helm install --name logstash ./helm-charts/logstash --set imageTag=7.11.0-SNAPSHOT` @@ -192,7 +192,6 @@ Please check [CONTRIBUTING.md][] before any contribution or for any questions about our development and testing process. [7.x]: https://github.com/elastic/helm-charts/releases -[7.7.1]: https://github.com/elastic/helm-charts/blob/7.7.1/logstash/README.md [BREAKING_CHANGES.md]: https://github.com/elastic/helm-charts/blob/master/BREAKING_CHANGES.md [CHANGELOG.md]: https://github.com/elastic/helm-charts/blob/master/CHANGELOG.md [CONTRIBUTING.md]: https://github.com/elastic/helm-charts/blob/master/CONTRIBUTING.md diff --git a/metricbeat/README.md b/metricbeat/README.md index 28cd6a354..66a566c99 100644 --- a/metricbeat/README.md +++ b/metricbeat/README.md @@ -39,7 +39,7 @@ See [supported configurations][] for more details. ## Installing -This chart is tested with the latest 7.11.0-SNAPSHOT versions. +This chart is tested with the latest 7.11.0-SNAPSHOT version. ### Install released version using Helm repository @@ -50,11 +50,12 @@ This chart is tested with the latest 7.11.0-SNAPSHOT versions. - with Helm 3: `helm install metricbeat --version elastic/metricbeat` - with Helm 2 (deprecated): `helm install --name metricbeat --version elastic/metricbeat` - -### Install development version using 7.x branch and 7.11.0-SNAPSHOT versions +### Install development version from a branch * Clone the git repo: `git clone git@github.com:elastic/helm-charts.git` +* Checkout the branch : `git checkout 7.x` + * Install it: - with Helm 3: `helm install metricbeat ./helm-charts/metricbeat --set imageTag=7.11.0-SNAPSHOT` - with Helm 2 (deprecated): `helm install --name metricbeat ./helm-charts/metricbeat --set imageTag=7.11.0-SNAPSHOT` @@ -211,7 +212,6 @@ about our development and testing process. [7.x]: https://github.com/elastic/helm-charts/releases [#471]: https://github.com/elastic/helm-charts/pull/471 -[7.7.1]: https://github.com/elastic/helm-charts/blob/7.7.1/metricbeat/README.md [BREAKING_CHANGES.md]: https://github.com/elastic/helm-charts/blob/master/BREAKING_CHANGES.md [CHANGELOG.md]: https://github.com/elastic/helm-charts/blob/master/CHANGELOG.md [CONTRIBUTING.md]: https://github.com/elastic/helm-charts/blob/master/CONTRIBUTING.md From 1618ff3391f4b16f559f479ca8888a98f490b644 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Mon, 23 Nov 2020 10:02:30 +0100 Subject: [PATCH 106/151] [meta] fix toc --- apm-server/README.md | 2 +- elasticsearch/README.md | 2 +- filebeat/README.md | 2 +- kibana/README.md | 2 +- logstash/README.md | 2 +- metricbeat/README.md | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/apm-server/README.md b/apm-server/README.md index bab2cf9bf..2e039bd6a 100644 --- a/apm-server/README.md +++ b/apm-server/README.md @@ -18,7 +18,7 @@ SLA of official GA features (see [supported configurations][] for more details). - [Requirements](#requirements) - [Installing](#installing) - [Install released version using Helm repository](#install-released-version-using-helm-repository) - - [Install development version using 7.x branch and 7.11.0-SNAPSHOT versions](#install-development-version-using-7x-branch-and-7110-snapshot-versions) + - [Install development version from a branch](#install-development-version-from-a-branch) - [Upgrading](#upgrading) - [Usage notes](#usage-notes) - [Configuration](#configuration) diff --git a/elasticsearch/README.md b/elasticsearch/README.md index 807113981..160d191f8 100644 --- a/elasticsearch/README.md +++ b/elasticsearch/README.md @@ -13,7 +13,7 @@ This Helm chart is a lightweight way to configure and run our official - [Requirements](#requirements) - [Installing](#installing) - [Install released version using Helm repository](#install-released-version-using-helm-repository) - - [Install development version using 7.x branch and 7.11.0-SNAPSHOT versions](#install-development-version-using-7x-branch-and-7110-snapshot-versions) + - [Install development version from a branch](#install-development-version-from-a-branch) - [Upgrading](#upgrading) - [Usage notes](#usage-notes) - [Configuration](#configuration) diff --git a/filebeat/README.md b/filebeat/README.md index 949ba218f..c961da056 100644 --- a/filebeat/README.md +++ b/filebeat/README.md @@ -13,7 +13,7 @@ This Helm chart is a lightweight way to configure and run our official - [Requirements](#requirements) - [Installing](#installing) - [Install released version using Helm repository](#install-released-version-using-helm-repository) - - [Install development version using 7.x branch and 7.11.0-SNAPSHOT versions](#install-development-version-using-7x-branch-and-7110-snapshot-versions) + - [Install development version from a branch](#install-development-version-from-a-branch) - [Upgrading](#upgrading) - [Usage notes](#usage-notes) - [Configuration](#configuration) diff --git a/kibana/README.md b/kibana/README.md index 8b63e2deb..0155e457e 100644 --- a/kibana/README.md +++ b/kibana/README.md @@ -13,7 +13,7 @@ This Helm chart is a lightweight way to configure and run our official - [Requirements](#requirements) - [Installing](#installing) - [Install released version using Helm repository](#install-released-version-using-helm-repository) - - [Install development version using 7.x branch and 7.11.0-SNAPSHOT versions](#install-development-version-using-7x-branch-and-7110-snapshot-versions) + - [Install development version from a branch](#install-development-version-from-a-branch) - [Upgrading](#upgrading) - [Usage notes](#usage-notes) - [Configuration](#configuration) diff --git a/logstash/README.md b/logstash/README.md index 2b38847f4..1698bf59d 100644 --- a/logstash/README.md +++ b/logstash/README.md @@ -18,7 +18,7 @@ SLA of official GA features (see [supported configurations][] for more details). - [Requirements](#requirements) - [Installing](#installing) - [Install released version using Helm repository](#install-released-version-using-helm-repository) - - [Install development version using 7.x branch and 7.11.0-SNAPSHOT versions](#install-development-version-using-7x-branch-and-7110-snapshot-versions) + - [Install development version from a branch](#install-development-version-from-a-branch) - [Upgrading](#upgrading) - [Usage notes](#usage-notes) - [Configuration](#configuration) diff --git a/metricbeat/README.md b/metricbeat/README.md index 66a566c99..190f5d631 100644 --- a/metricbeat/README.md +++ b/metricbeat/README.md @@ -13,7 +13,7 @@ This Helm chart is a lightweight way to configure and run our official - [Requirements](#requirements) - [Installing](#installing) - [Install released version using Helm repository](#install-released-version-using-helm-repository) - - [Install development version using 7.x branch and 7.11.0-SNAPSHOT versions](#install-development-version-using-7x-branch-and-7110-snapshot-versions) + - [Install development version from a branch](#install-development-version-from-a-branch) - [Upgrading](#upgrading) - [Usage notes](#usage-notes) - [Configuration](#configuration) From 6dc09757215332bbf063af9edd9ac37604e6ebd8 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Wed, 25 Nov 2020 19:31:49 +0100 Subject: [PATCH 107/151] [7.x] [meta] stabilize CI tests (#935) (#938) This PR add some improvements to stabilize CI tests which are flaking at this time: - watch resources rollout after upgrade to ensure that goss tests when rollout is done - use newest running pod for goss tests to ensure that it is not using a pod from previous release or a pod which is terminating - remove mention of hostname in goss tests to ensure that test can run in every pods of the Statefulsets, DaemonSets or Deployments - increase some more timeouts for Elasticsearch tests - standardize examples to simplify maintenance and diff --- .github/ISSUE_TEMPLATE/bug_report.md | 2 +- apm-server/examples/default/Makefile | 2 +- apm-server/examples/oss/Makefile | 2 +- apm-server/examples/security/Makefile | 2 +- apm-server/examples/upgrade/Makefile | 1 + elasticsearch/examples/config/Makefile | 4 +- elasticsearch/examples/config/test/goss.yaml | 5 +-- elasticsearch/examples/default/Makefile | 6 +-- elasticsearch/examples/default/test/goss.yaml | 7 ++-- .../examples/docker-for-mac/Makefile | 3 +- .../examples/kubernetes-kind/Makefile | 5 ++- elasticsearch/examples/microk8s/Makefile | 3 +- elasticsearch/examples/migration/Makefile | 6 +-- elasticsearch/examples/migration/README.md | 14 +++---- .../migration/{client.yml => client.yaml} | 0 .../migration/{data.yml => data.yaml} | 0 .../migration/{master.yml => master.yaml} | 0 elasticsearch/examples/minikube/Makefile | 3 +- elasticsearch/examples/multi/Makefile | 7 ++-- elasticsearch/examples/multi/README.md | 6 +-- .../multi/{client.yml => client.yaml} | 0 .../examples/multi/{data.yml => data.yaml} | 0 .../multi/{master.yml => master.yaml} | 0 elasticsearch/examples/openshift/Makefile | 6 +-- .../examples/openshift/test/goss.yaml | 5 +-- elasticsearch/examples/oss/Makefile | 4 +- elasticsearch/examples/oss/test/goss.yaml | 1 - elasticsearch/examples/security/Makefile | 9 +++-- .../examples/security/test/goss.yaml | 37 +++++++++---------- .../security/{security.yml => values.yaml} | 0 elasticsearch/examples/upgrade/Makefile | 1 + elasticsearch/examples/upgrade/test/goss.yaml | 1 - filebeat/examples/default/Makefile | 2 +- filebeat/examples/oss/Makefile | 2 +- filebeat/examples/security/Makefile | 2 +- filebeat/examples/upgrade/Makefile | 1 + helpers/examples.mk | 3 +- kibana/examples/default/Makefile | 4 +- kibana/examples/openshift/Makefile | 4 +- kibana/examples/oss/Makefile | 3 +- .../examples/oss/{values.yml => values.yaml} | 0 kibana/examples/security/Makefile | 3 +- kibana/examples/security/README.md | 2 +- .../security/{security.yml => values.yaml} | 0 kibana/examples/upgrade/Makefile | 1 + logstash/examples/default/Makefile | 6 +-- logstash/examples/default/test/goss.yaml | 14 +++---- logstash/examples/elasticsearch/Makefile | 6 +-- .../examples/elasticsearch/test/goss.yaml | 8 ++-- logstash/examples/oss/Makefile | 6 +-- logstash/examples/oss/test/goss.yaml | 2 - logstash/examples/security/Makefile | 3 +- logstash/examples/security/test/goss.yaml | 16 ++++---- logstash/examples/upgrade/Makefile | 1 + logstash/examples/upgrade/test/goss.yaml | 2 - metricbeat/examples/default/Makefile | 2 +- metricbeat/examples/oss/Makefile | 8 ++-- metricbeat/examples/security/Makefile | 8 ++-- metricbeat/examples/upgrade/Makefile | 3 ++ 59 files changed, 125 insertions(+), 129 deletions(-) rename elasticsearch/examples/migration/{client.yml => client.yaml} (100%) rename elasticsearch/examples/migration/{data.yml => data.yaml} (100%) rename elasticsearch/examples/migration/{master.yml => master.yaml} (100%) rename elasticsearch/examples/multi/{client.yml => client.yaml} (100%) rename elasticsearch/examples/multi/{data.yml => data.yaml} (100%) rename elasticsearch/examples/multi/{master.yml => master.yaml} (100%) rename elasticsearch/examples/security/{security.yml => values.yaml} (100%) rename kibana/examples/oss/{values.yml => values.yaml} (100%) rename kibana/examples/security/{security.yml => values.yaml} (100%) diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md index 61de9e089..46fd7c261 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.md +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -18,7 +18,7 @@ e.g. `helm get elasticsearch` (replace `elasticsearch` with the name of your hel *Be careful to obfuscate every secrets (credentials, token, public IP, ...) that could be visible in the output before copy-pasting.* -*If you find some secrets in plain text in `helm get release` output you should use [Kubernetes Secrets](https://kubernetes.io/docs/concepts/configuration/secret/) to managed them is a secure way (see [Security Example](https://github.com/elastic/helm-charts/blob/master/elasticsearch/examples/security/security.yml#L23-L38)).* +*If you find some secrets in plain text in `helm get release` output you should use [Kubernetes Secrets](https://kubernetes.io/docs/concepts/configuration/secret/) to managed them is a secure way (see [Security Example](https://github.com/elastic/helm-charts/blob/master/elasticsearch/examples/security/values.yaml#L23-L38)).*
Output of helm get release diff --git a/apm-server/examples/default/Makefile b/apm-server/examples/default/Makefile index 57c4116d2..5658ff024 100644 --- a/apm-server/examples/default/Makefile +++ b/apm-server/examples/default/Makefile @@ -5,7 +5,7 @@ include ../../../helpers/examples.mk RELEASE := helm-apm-server-default install: - helm upgrade --wait --timeout=900s --install $(RELEASE) ../../ + helm upgrade --wait --timeout=$(TIMEOUT) --install $(RELEASE) ../../ test: install goss diff --git a/apm-server/examples/oss/Makefile b/apm-server/examples/oss/Makefile index 61ad62b28..686864878 100644 --- a/apm-server/examples/oss/Makefile +++ b/apm-server/examples/oss/Makefile @@ -5,7 +5,7 @@ include ../../../helpers/examples.mk RELEASE := helm-apm-server-oss install: - helm upgrade --wait --timeout=900s --install $(RELEASE) --values values.yaml ../../ + helm upgrade --wait --timeout=$(TIMEOUT) --install --values values.yaml $(RELEASE) ../../ test: install goss diff --git a/apm-server/examples/security/Makefile b/apm-server/examples/security/Makefile index de704f595..47cd9dd3b 100644 --- a/apm-server/examples/security/Makefile +++ b/apm-server/examples/security/Makefile @@ -5,7 +5,7 @@ include ../../../helpers/examples.mk RELEASE := helm-apm-server-security install: - helm upgrade --wait --timeout=900s --install $(RELEASE) --values values.yaml ../../ + helm upgrade --wait --timeout=$(TIMEOUT) --install --values values.yaml $(RELEASE) ../../ test: install goss diff --git a/apm-server/examples/upgrade/Makefile b/apm-server/examples/upgrade/Makefile index 02ea4dbcb..fa16a4d48 100644 --- a/apm-server/examples/upgrade/Makefile +++ b/apm-server/examples/upgrade/Makefile @@ -8,6 +8,7 @@ FROM := 7.6.0 # 7.6.0 is the first release for apm-server install: ../../../helpers/upgrade.sh --chart $(CHART) --release $(RELEASE) --from $(FROM) + kubectl rollout status deployment $(RELEASE)-apm-server test: install goss diff --git a/elasticsearch/examples/config/Makefile b/elasticsearch/examples/config/Makefile index 9eee45df2..9ae9c3788 100644 --- a/elasticsearch/examples/config/Makefile +++ b/elasticsearch/examples/config/Makefile @@ -1,10 +1,12 @@ default: test + include ../../../helpers/examples.mk RELEASE := helm-es-config +TIMEOUT := 1200s install: - helm upgrade --wait --timeout=900s --install $(RELEASE) --values ./values.yaml ../../ + helm upgrade --wait --timeout=$(TIMEOUT) --install --values values.yaml $(RELEASE) ../../ secrets: kubectl delete secret elastic-config-credentials elastic-config-secret elastic-config-slack elastic-config-custom-path || true diff --git a/elasticsearch/examples/config/test/goss.yaml b/elasticsearch/examples/config/test/goss.yaml index 848701370..51c4907f5 100644 --- a/elasticsearch/examples/config/test/goss.yaml +++ b/elasticsearch/examples/config/test/goss.yaml @@ -3,7 +3,7 @@ http: status: 200 timeout: 2000 body: - - 'green' + - "green" - '"number_of_nodes":1' - '"number_of_data_nodes":1' @@ -12,8 +12,7 @@ http: timeout: 2000 body: - '"cluster_name" : "config"' - - '"name" : "config-master-0"' - - 'You Know, for Search' + - "You Know, for Search" command: "elasticsearch-keystore list": diff --git a/elasticsearch/examples/default/Makefile b/elasticsearch/examples/default/Makefile index beb90461d..389bf99e3 100644 --- a/elasticsearch/examples/default/Makefile +++ b/elasticsearch/examples/default/Makefile @@ -3,12 +3,10 @@ default: test include ../../../helpers/examples.mk RELEASE := helm-es-default +TIMEOUT := 1200s install: - helm upgrade --wait --timeout=900s --install $(RELEASE) ../../ - -restart: - helm upgrade --set terminationGracePeriod=121 --wait --timeout=900s --install $(RELEASE) ../../ + helm upgrade --wait --timeout=$(TIMEOUT) --install $(RELEASE) ../../ test: install goss diff --git a/elasticsearch/examples/default/test/goss.yaml b/elasticsearch/examples/default/test/goss.yaml index 7c3714448..99dcc5a9b 100644 --- a/elasticsearch/examples/default/test/goss.yaml +++ b/elasticsearch/examples/default/test/goss.yaml @@ -1,13 +1,13 @@ kernel-param: vm.max_map_count: - value: '262144' + value: "262144" http: http://elasticsearch-master:9200/_cluster/health: status: 200 timeout: 2000 body: - - 'green' + - "green" - '"number_of_nodes":3' - '"number_of_data_nodes":3' @@ -17,8 +17,7 @@ http: body: - '"number" : "7.11.0-SNAPSHOT"' - '"cluster_name" : "elasticsearch"' - - '"name" : "elasticsearch-master-0"' - - 'You Know, for Search' + - "You Know, for Search" file: /usr/share/elasticsearch/data: diff --git a/elasticsearch/examples/docker-for-mac/Makefile b/elasticsearch/examples/docker-for-mac/Makefile index 705b08f0b..18fd053d8 100644 --- a/elasticsearch/examples/docker-for-mac/Makefile +++ b/elasticsearch/examples/docker-for-mac/Makefile @@ -1,9 +1,10 @@ default: test RELEASE := helm-es-docker-for-mac +TIMEOUT := 1200s install: - helm upgrade --wait --timeout=1200s --install --values values.yaml $(RELEASE) ../../ + helm upgrade --wait --timeout=$(TIMEOUT) --install --values values.yaml $(RELEASE) ../../ test: install helm test $(RELEASE) diff --git a/elasticsearch/examples/kubernetes-kind/Makefile b/elasticsearch/examples/kubernetes-kind/Makefile index 3f6bdead9..9e5602d49 100644 --- a/elasticsearch/examples/kubernetes-kind/Makefile +++ b/elasticsearch/examples/kubernetes-kind/Makefile @@ -1,13 +1,14 @@ default: test RELEASE := helm-es-kind +TIMEOUT := 1200s install: - helm upgrade --wait --timeout=1200s --install --values values.yaml $(RELEASE) ../../ + helm upgrade --wait --timeout=$(TIMEOUT) --install --values values.yaml $(RELEASE) ../../ install-local-path: kubectl apply -f https://raw.githubusercontent.com/rancher/local-path-provisioner/master/deploy/local-path-storage.yaml - helm upgrade --wait --timeout=1200s --install --values values-local-path.yaml $(RELEASE) ../../ + helm upgrade --wait --timeout=$(TIMEOUT) --install --values values-local-path.yaml $(RELEASE) ../../ test: install helm test $(RELEASE) diff --git a/elasticsearch/examples/microk8s/Makefile b/elasticsearch/examples/microk8s/Makefile index 3ce3ebdef..2d0012d8a 100644 --- a/elasticsearch/examples/microk8s/Makefile +++ b/elasticsearch/examples/microk8s/Makefile @@ -1,9 +1,10 @@ default: test RELEASE := helm-es-microk8s +TIMEOUT := 1200s install: - helm upgrade --wait --timeout=1200s --install --values values.yaml $(RELEASE) ../../ + helm upgrade --wait --timeout=$(TIMEOUT) --install --values values.yaml $(RELEASE) ../../ test: install helm test $(RELEASE) diff --git a/elasticsearch/examples/migration/Makefile b/elasticsearch/examples/migration/Makefile index efd4abfc5..020906f92 100644 --- a/elasticsearch/examples/migration/Makefile +++ b/elasticsearch/examples/migration/Makefile @@ -1,10 +1,10 @@ PREFIX := helm-es-migration data: - helm upgrade --wait --timeout=900s --install --values ./data.yml $(PREFIX)-data ../../ + helm upgrade --wait --timeout=$(TIMEOUT) --install --values data.yaml $(PREFIX)-data ../../ master: - helm upgrade --wait --timeout=900s --install --values ./master.yml $(PREFIX)-master ../../ + helm upgrade --wait --timeout=$(TIMEOUT) --install --values master.yaml $(PREFIX)-master ../../ client: - helm upgrade --wait --timeout=900s --install --values ./client.yml $(PREFIX)-client ../../ + helm upgrade --wait --timeout=$(TIMEOUT) --install --values client.yaml $(PREFIX)-client ../../ diff --git a/elasticsearch/examples/migration/README.md b/elasticsearch/examples/migration/README.md index fc417f1ee..b0a5cc3b3 100644 --- a/elasticsearch/examples/migration/README.md +++ b/elasticsearch/examples/migration/README.md @@ -56,7 +56,7 @@ cluster is healthy before continuing: ``` * Deploy new data nodes which will join the existing cluster. Take a look at the -configuration in [data.yml][]: +configuration in [data.yaml][]: ``` make data @@ -102,7 +102,7 @@ nodes as to not lose quorum: ``` * Now deploy a single new master so that we have 3 masters again. See -[master.yml][] for the configuration: +[master.yaml][] for the configuration: ``` make master @@ -114,7 +114,7 @@ nodes as to not lose quorum: kubectl scale statefulsets my-release-elasticsearch-master --replicas=1 ``` -* Edit the masters in [masters.yml][] to 2 and redeploy: +* Edit the masters in [masters.yaml][] to 2 and redeploy: ``` make master @@ -126,7 +126,7 @@ nodes as to not lose quorum: kubectl scale statefulsets my-release-elasticsearch-master --replicas=0 ``` -* Edit the [masters.yml][] to have 3 replicas and remove the +* Edit the [masters.yaml][] to have 3 replicas and remove the `discovery.zen.ping.unicast.hosts` entry from `extraEnvs` then redeploy the masters. This will make sure all 3 masters are running in the new cluster and are pointing at each other for discovery: @@ -160,8 +160,8 @@ client nodes: working correctly you can cleanup leftover resources from your old cluster. [basic license]: https://www.elastic.co/subscriptions -[data.yml]: https://github.com/elastic/helm-charts/blob/7.x/elasticsearch/examples/migration/data.yml -[helm/charts]: https://github.com/helm/charts/tree/master/stable/elasticsearch -[master.yml]: https://github.com/elastic/helm-charts/blob/7.x/elasticsearch/examples/migration/master.yml +[data.yaml]: https://github.com/elastic/helm-charts/blob/7.x/elasticsearch/examples/migration/data.yaml +[helm/charts]: https://github.com/helm/charts/tree/7.x/stable/elasticsearch +[master.yaml]: https://github.com/elastic/helm-charts/blob/7.x/elasticsearch/examples/migration/master.yaml [restoring to a different cluster guide]: https://www.elastic.co/guide/en/elasticsearch/reference/6.8/modules-snapshots.html#_restoring_to_a_different_cluster [rolling upgrades guide]: https://www.elastic.co/guide/en/elasticsearch/reference/6.8/rolling-upgrades.html diff --git a/elasticsearch/examples/migration/client.yml b/elasticsearch/examples/migration/client.yaml similarity index 100% rename from elasticsearch/examples/migration/client.yml rename to elasticsearch/examples/migration/client.yaml diff --git a/elasticsearch/examples/migration/data.yml b/elasticsearch/examples/migration/data.yaml similarity index 100% rename from elasticsearch/examples/migration/data.yml rename to elasticsearch/examples/migration/data.yaml diff --git a/elasticsearch/examples/migration/master.yml b/elasticsearch/examples/migration/master.yaml similarity index 100% rename from elasticsearch/examples/migration/master.yml rename to elasticsearch/examples/migration/master.yaml diff --git a/elasticsearch/examples/minikube/Makefile b/elasticsearch/examples/minikube/Makefile index 09b61f81d..1021d9867 100644 --- a/elasticsearch/examples/minikube/Makefile +++ b/elasticsearch/examples/minikube/Makefile @@ -1,9 +1,10 @@ default: test RELEASE := helm-es-minikube +TIMEOUT := 1200s install: - helm upgrade --wait --timeout=1200s --install --values values.yaml $(RELEASE) ../../ + helm upgrade --wait --timeout=$(TIMEOUT) --install --values values.yaml $(RELEASE) ../../ test: install helm test $(RELEASE) diff --git a/elasticsearch/examples/multi/Makefile b/elasticsearch/examples/multi/Makefile index bb3da7267..243e50435 100644 --- a/elasticsearch/examples/multi/Makefile +++ b/elasticsearch/examples/multi/Makefile @@ -4,11 +4,12 @@ include ../../../helpers/examples.mk PREFIX := helm-es-multi RELEASE := helm-es-multi-master +TIMEOUT := 1200s install: - helm upgrade --wait --timeout=900s --install --values ./master.yml $(PREFIX)-master ../../ - helm upgrade --wait --timeout=900s --install --values ./data.yml $(PREFIX)-data ../../ - helm upgrade --wait --timeout=900s --install --values ./client.yml $(PREFIX)-client ../../ + helm upgrade --wait --timeout=$(TIMEOUT) --install --values master.yaml $(PREFIX)-master ../../ + helm upgrade --wait --timeout=$(TIMEOUT) --install --values data.yaml $(PREFIX)-data ../../ + helm upgrade --wait --timeout=$(TIMEOUT) --install --values client.yaml $(PREFIX)-client ../../ test: install goss diff --git a/elasticsearch/examples/multi/README.md b/elasticsearch/examples/multi/README.md index 6fa970832..d0e1b8da0 100644 --- a/elasticsearch/examples/multi/README.md +++ b/elasticsearch/examples/multi/README.md @@ -23,7 +23,7 @@ releases: You can also run [goss integration tests][] using `make test` -[client values]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/multi/client.yml -[data values]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/multi/data.yml +[client values]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/multi/client.yaml +[data values]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/multi/data.yaml [goss integration tests]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/multi/test/goss.yaml -[master values]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/multi/master.yml +[master values]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/multi/master.yaml diff --git a/elasticsearch/examples/multi/client.yml b/elasticsearch/examples/multi/client.yaml similarity index 100% rename from elasticsearch/examples/multi/client.yml rename to elasticsearch/examples/multi/client.yaml diff --git a/elasticsearch/examples/multi/data.yml b/elasticsearch/examples/multi/data.yaml similarity index 100% rename from elasticsearch/examples/multi/data.yml rename to elasticsearch/examples/multi/data.yaml diff --git a/elasticsearch/examples/multi/master.yml b/elasticsearch/examples/multi/master.yaml similarity index 100% rename from elasticsearch/examples/multi/master.yml rename to elasticsearch/examples/multi/master.yaml diff --git a/elasticsearch/examples/openshift/Makefile b/elasticsearch/examples/openshift/Makefile index 653288854..078c33c9d 100644 --- a/elasticsearch/examples/openshift/Makefile +++ b/elasticsearch/examples/openshift/Makefile @@ -1,13 +1,11 @@ default: test + include ../../../helpers/examples.mk RELEASE := elasticsearch -template: - helm template --values ./values.yaml ../../ - install: - helm upgrade --wait --timeout=900s --install $(RELEASE) --values ./values.yaml ../../ + helm upgrade --wait --timeout=$(TIMEOUT) --install --values values.yaml $(RELEASE) ../../ test: install goss diff --git a/elasticsearch/examples/openshift/test/goss.yaml b/elasticsearch/examples/openshift/test/goss.yaml index 3df11695b..f7eeb8ac6 100644 --- a/elasticsearch/examples/openshift/test/goss.yaml +++ b/elasticsearch/examples/openshift/test/goss.yaml @@ -3,7 +3,7 @@ http: status: 200 timeout: 2000 body: - - 'green' + - "green" - '"number_of_nodes":3' - '"number_of_data_nodes":3' @@ -13,5 +13,4 @@ http: body: - '"number" : "7.11.0"' - '"cluster_name" : "elasticsearch"' - - '"name" : "elasticsearch-master-0"' - - 'You Know, for Search' + - "You Know, for Search" diff --git a/elasticsearch/examples/oss/Makefile b/elasticsearch/examples/oss/Makefile index e57284176..e7425e74a 100644 --- a/elasticsearch/examples/oss/Makefile +++ b/elasticsearch/examples/oss/Makefile @@ -1,10 +1,12 @@ default: test + include ../../../helpers/examples.mk RELEASE := helm-es-oss +TIMEOUT := 1200s install: - helm upgrade --wait --timeout=900s --install $(RELEASE) --values ./values.yaml ../../ + helm upgrade --wait --timeout=$(TIMEOUT) --install --values values.yaml $(RELEASE) ../../ test: install goss diff --git a/elasticsearch/examples/oss/test/goss.yaml b/elasticsearch/examples/oss/test/goss.yaml index 36d5ff001..bf24f033a 100644 --- a/elasticsearch/examples/oss/test/goss.yaml +++ b/elasticsearch/examples/oss/test/goss.yaml @@ -13,5 +13,4 @@ http: body: - '"number" : "7.11.0-SNAPSHOT"' - '"cluster_name" : "oss"' - - '"name" : "oss-master-0"' - 'You Know, for Search' diff --git a/elasticsearch/examples/security/Makefile b/elasticsearch/examples/security/Makefile index c92916085..beddbefd5 100644 --- a/elasticsearch/examples/security/Makefile +++ b/elasticsearch/examples/security/Makefile @@ -4,16 +4,17 @@ include ../../../helpers/examples.mk RELEASE := helm-es-security ELASTICSEARCH_IMAGE := docker.elastic.co/elasticsearch/elasticsearch:$(STACK_VERSION) +TIMEOUT := 1200s install: - helm upgrade --wait --timeout=900s --install --values ./security.yml $(RELEASE) ../../ + helm upgrade --wait --timeout=$(TIMEOUT) --install --values values.yaml $(RELEASE) ../../ + +test: secrets install goss purge: kubectl delete secrets elastic-credentials elastic-certificates elastic-certificate-pem elastic-certificate-crt|| true helm del $(RELEASE) -test: secrets install goss - pull-elasticsearch-image: docker pull $(ELASTICSEARCH_IMAGE) @@ -33,5 +34,5 @@ secrets: kubectl create secret generic elastic-certificates --from-file=elastic-certificates.p12 && \ kubectl create secret generic elastic-certificate-pem --from-file=elastic-certificate.pem && \ kubectl create secret generic elastic-certificate-crt --from-file=elastic-certificate.crt && \ - kubectl create secret generic elastic-credentials --from-literal=password=$$password --from-literal=username=elastic && \ + kubectl create secret generic elastic-credentials --from-literal=password=$$password --from-literal=username=elastic && \ rm -f elastic-certificates.p12 elastic-certificate.pem elastic-certificate.crt elastic-stack-ca.p12 diff --git a/elasticsearch/examples/security/test/goss.yaml b/elasticsearch/examples/security/test/goss.yaml index c6d4b987b..6bb224324 100644 --- a/elasticsearch/examples/security/test/goss.yaml +++ b/elasticsearch/examples/security/test/goss.yaml @@ -3,10 +3,10 @@ http: status: 200 timeout: 2000 allow-insecure: true - username: '{{ .Env.ELASTIC_USERNAME }}' - password: '{{ .Env.ELASTIC_PASSWORD }}' + username: "{{ .Env.ELASTIC_USERNAME }}" + password: "{{ .Env.ELASTIC_PASSWORD }}" body: - - 'green' + - "green" - '"number_of_nodes":3' - '"number_of_data_nodes":3' @@ -14,32 +14,31 @@ http: status: 200 timeout: 2000 allow-insecure: true - username: '{{ .Env.ELASTIC_USERNAME }}' - password: '{{ .Env.ELASTIC_PASSWORD }}' + username: "{{ .Env.ELASTIC_USERNAME }}" + password: "{{ .Env.ELASTIC_PASSWORD }}" body: - '"cluster_name" : "security"' - - '"name" : "security-master-0"' - - 'You Know, for Search' + - "You Know, for Search" https://localhost:9200/_xpack/license: status: 200 timeout: 2000 allow-insecure: true - username: '{{ .Env.ELASTIC_USERNAME }}' - password: '{{ .Env.ELASTIC_PASSWORD }}' + username: "{{ .Env.ELASTIC_USERNAME }}" + password: "{{ .Env.ELASTIC_PASSWORD }}" body: - - 'active' - - 'basic' + - "active" + - "basic" file: /usr/share/elasticsearch/config/elasticsearch.yml: exists: true contains: - - 'xpack.security.enabled: true' - - 'xpack.security.transport.ssl.enabled: true' - - 'xpack.security.transport.ssl.verification_mode: certificate' - - 'xpack.security.transport.ssl.keystore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12' - - 'xpack.security.transport.ssl.truststore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12' - - 'xpack.security.http.ssl.enabled: true' - - 'xpack.security.http.ssl.truststore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12' - - 'xpack.security.http.ssl.keystore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12' + - "xpack.security.enabled: true" + - "xpack.security.transport.ssl.enabled: true" + - "xpack.security.transport.ssl.verification_mode: certificate" + - "xpack.security.transport.ssl.keystore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12" + - "xpack.security.transport.ssl.truststore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12" + - "xpack.security.http.ssl.enabled: true" + - "xpack.security.http.ssl.truststore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12" + - "xpack.security.http.ssl.keystore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12" diff --git a/elasticsearch/examples/security/security.yml b/elasticsearch/examples/security/values.yaml similarity index 100% rename from elasticsearch/examples/security/security.yml rename to elasticsearch/examples/security/values.yaml diff --git a/elasticsearch/examples/upgrade/Makefile b/elasticsearch/examples/upgrade/Makefile index da2cd541a..813e050e1 100644 --- a/elasticsearch/examples/upgrade/Makefile +++ b/elasticsearch/examples/upgrade/Makefile @@ -8,6 +8,7 @@ FROM := 7.4.0 # versions before 7.4.O aren't compatible with Kubernetes >= 1.16. install: ../../../helpers/upgrade.sh --chart $(CHART) --release $(RELEASE) --from $(FROM) + kubectl rollout status statefulset elasticsearch-master test: install goss diff --git a/elasticsearch/examples/upgrade/test/goss.yaml b/elasticsearch/examples/upgrade/test/goss.yaml index b02f83166..29d37348a 100644 --- a/elasticsearch/examples/upgrade/test/goss.yaml +++ b/elasticsearch/examples/upgrade/test/goss.yaml @@ -13,5 +13,4 @@ http: body: - '"number" : "7.11.0-SNAPSHOT"' - '"cluster_name" : "upgrade"' - - '"name" : "upgrade-master-0"' - "You Know, for Search" diff --git a/filebeat/examples/default/Makefile b/filebeat/examples/default/Makefile index e27affffc..b39ece967 100644 --- a/filebeat/examples/default/Makefile +++ b/filebeat/examples/default/Makefile @@ -5,7 +5,7 @@ include ../../../helpers/examples.mk RELEASE := helm-filebeat-default install: - helm upgrade --wait --timeout=900s --install $(RELEASE) ../../ + helm upgrade --wait --timeout=$(TIMEOUT) --install $(RELEASE) ../../ test: install goss diff --git a/filebeat/examples/oss/Makefile b/filebeat/examples/oss/Makefile index 455c2e63a..3caa17af1 100644 --- a/filebeat/examples/oss/Makefile +++ b/filebeat/examples/oss/Makefile @@ -5,7 +5,7 @@ include ../../../helpers/examples.mk RELEASE := helm-filebeat-oss install: - helm upgrade --wait --timeout=900s --install $(RELEASE) --values values.yaml ../../ + helm upgrade --wait --timeout=$(TIMEOUT) --install --values values.yaml $(RELEASE) ../../ test: install goss diff --git a/filebeat/examples/security/Makefile b/filebeat/examples/security/Makefile index 50c0b5bed..7bec9abec 100644 --- a/filebeat/examples/security/Makefile +++ b/filebeat/examples/security/Makefile @@ -5,7 +5,7 @@ include ../../../helpers/examples.mk RELEASE := helm-filebeat-security install: - helm upgrade --wait --timeout=900s --install $(RELEASE) --values values.yaml ../../ + helm upgrade --wait --timeout=$(TIMEOUT) --install --values values.yaml $(RELEASE) ../../ test: install goss diff --git a/filebeat/examples/upgrade/Makefile b/filebeat/examples/upgrade/Makefile index 252b39250..054b53c23 100644 --- a/filebeat/examples/upgrade/Makefile +++ b/filebeat/examples/upgrade/Makefile @@ -8,6 +8,7 @@ FROM := 7.9.0 # registry file version 1 not supported error with previous versio install: ../../../helpers/upgrade.sh --chart $(CHART) --release $(RELEASE) --from $(FROM) + kubectl rollout status daemonset $(RELEASE)-filebeat test: install goss diff --git a/helpers/examples.mk b/helpers/examples.mk index b190b4d87..d065f346b 100644 --- a/helpers/examples.mk +++ b/helpers/examples.mk @@ -2,6 +2,7 @@ GOSS_VERSION := v0.3.6 GOSS_FILE ?= goss.yaml GOSS_SELECTOR ?= release=$(RELEASE) STACK_VERSION := 7.11.0-SNAPSHOT +TIMEOUT := 900s .PHONY: help help: ## Display this help @@ -9,7 +10,7 @@ help: ## Display this help .PHONY: goss goss: ## Run goss tests - GOSS_CONTAINER=$$(kubectl get --no-headers=true pods -l $(GOSS_SELECTOR) -o custom-columns=:metadata.name | sed -n 1p ) && \ + GOSS_CONTAINER=$$(kubectl get --no-headers=true pods -l $(GOSS_SELECTOR) -o custom-columns=:metadata.name --field-selector=status.phase=Running --sort-by=.metadata.creationTimestamp | tail -1 ) && \ echo Testing with pod: $$GOSS_CONTAINER && \ kubectl cp test/$(GOSS_FILE) $$GOSS_CONTAINER:/tmp/$(GOSS_FILE) && \ kubectl exec $$GOSS_CONTAINER -- sh -c "cd /tmp/ && curl -s -L https://github.com/aelsabbahy/goss/releases/download/$(GOSS_VERSION)/goss-linux-amd64 -o goss && chmod +rx ./goss && ./goss --gossfile $(GOSS_FILE) validate --retry-timeout 300s --sleep 5s --color --format documentation" diff --git a/kibana/examples/default/Makefile b/kibana/examples/default/Makefile index 4c6a6e6d8..d181571fa 100644 --- a/kibana/examples/default/Makefile +++ b/kibana/examples/default/Makefile @@ -1,11 +1,11 @@ default: test + include ../../../helpers/examples.mk RELEASE := helm-kibana-default install: - echo "Goss container: $(GOSS_CONTAINER)" - helm upgrade --wait --timeout=900s --install $(RELEASE) ../../ + helm upgrade --wait --timeout=$(TIMEOUT) --install $(RELEASE) ../../ test: install goss diff --git a/kibana/examples/openshift/Makefile b/kibana/examples/openshift/Makefile index 8435ba2fe..35b66d02b 100644 --- a/kibana/examples/openshift/Makefile +++ b/kibana/examples/openshift/Makefile @@ -4,10 +4,10 @@ include ../../../helpers/examples.mk RELEASE := kibana template: - helm template --values ./values.yml ../../ + helm template --values values.yaml ../../ install: - helm upgrade --wait --timeout=900s --install --values ./values.yml $(RELEASE) ../../ + helm upgrade --wait --timeout=$(TIMEOUT) --install --values values.yaml $(RELEASE) ../../ test: install goss diff --git a/kibana/examples/oss/Makefile b/kibana/examples/oss/Makefile index cbda8764d..c4804946a 100644 --- a/kibana/examples/oss/Makefile +++ b/kibana/examples/oss/Makefile @@ -1,10 +1,11 @@ default: test + include ../../../helpers/examples.mk RELEASE := helm-kibana-oss install: - helm upgrade --wait --timeout=900s --install --values ./values.yml $(RELEASE) ../../ + helm upgrade --wait --timeout=$(TIMEOUT) --install --values values.yaml $(RELEASE) ../../ test: install goss diff --git a/kibana/examples/oss/values.yml b/kibana/examples/oss/values.yaml similarity index 100% rename from kibana/examples/oss/values.yml rename to kibana/examples/oss/values.yaml diff --git a/kibana/examples/security/Makefile b/kibana/examples/security/Makefile index 2fa8607e6..034c8c5cc 100644 --- a/kibana/examples/security/Makefile +++ b/kibana/examples/security/Makefile @@ -1,10 +1,11 @@ default: test + include ../../../helpers/examples.mk RELEASE := helm-kibana-security install: - helm upgrade --wait --timeout=900s --install --values ./security.yml $(RELEASE) ../../ + helm upgrade --wait --timeout=$(TIMEOUT) --install --values values.yaml $(RELEASE) ../../ test: secrets install goss diff --git a/kibana/examples/security/README.md b/kibana/examples/security/README.md index 0d224ff93..c4c7e84d8 100644 --- a/kibana/examples/security/README.md +++ b/kibana/examples/security/README.md @@ -25,4 +25,4 @@ You can also run [goss integration tests][] using `make test` [elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/security/ [goss integration tests]: https://github.com/elastic/helm-charts/tree/7.x/kibana/examples/security/test/goss.yaml -[values]: https://github.com/elastic/helm-charts/tree/7.x/kibana/examples/security/security.yml +[values]: https://github.com/elastic/helm-charts/tree/7.x/kibana/examples/security/values.yaml diff --git a/kibana/examples/security/security.yml b/kibana/examples/security/values.yaml similarity index 100% rename from kibana/examples/security/security.yml rename to kibana/examples/security/values.yaml diff --git a/kibana/examples/upgrade/Makefile b/kibana/examples/upgrade/Makefile index 6fcb2103e..988c56c00 100644 --- a/kibana/examples/upgrade/Makefile +++ b/kibana/examples/upgrade/Makefile @@ -9,6 +9,7 @@ TO := 7.10.0 # required to use with Elasticsearch 7.10.0 install: ../../../helpers/upgrade.sh --chart $(CHART) --release $(RELEASE) --from $(FROM) --to $(TO) + kubectl rollout status deployment $(RELEASE)-kibana test: install goss diff --git a/logstash/examples/default/Makefile b/logstash/examples/default/Makefile index 4c5920df5..03d77f816 100644 --- a/logstash/examples/default/Makefile +++ b/logstash/examples/default/Makefile @@ -3,12 +3,10 @@ default: test include ../../../helpers/examples.mk RELEASE := helm-logstash-default +TIMEOUT := 1200s install: - helm upgrade --wait --timeout=1200s --install $(RELEASE) ../../ - -restart: - helm upgrade --set terminationGracePeriod=121 --wait --timeout=1200s --install $(RELEASE) ../../ + helm upgrade --wait --timeout=$(TIMEOUT) --install $(RELEASE) ../../ test: install goss diff --git a/logstash/examples/default/test/goss.yaml b/logstash/examples/default/test/goss.yaml index b23d5deae..30692c5ba 100644 --- a/logstash/examples/default/test/goss.yaml +++ b/logstash/examples/default/test/goss.yaml @@ -9,10 +9,8 @@ http: status: 200 timeout: 2000 body: - - '"host" : "helm-logstash-default-logstash-0"' - '"version" : "7.11.0"' - '"http_address" : "0.0.0.0:9600"' - - '"name" : "helm-logstash-default-logstash-0"' - '"status" : "green"' - '"workers" : 1' - '"batch_size" : 125' @@ -35,9 +33,9 @@ file: group: root filetype: file contains: - - 'input {' - - 'beats {' - - 'port => 5044' - - 'output {' - - 'stdout {' - - 'codec => rubydebug' + - "input {" + - "beats {" + - "port => 5044" + - "output {" + - "stdout {" + - "codec => rubydebug" diff --git a/logstash/examples/elasticsearch/Makefile b/logstash/examples/elasticsearch/Makefile index b11f714e3..6b914df90 100644 --- a/logstash/examples/elasticsearch/Makefile +++ b/logstash/examples/elasticsearch/Makefile @@ -3,12 +3,10 @@ default: test include ../../../helpers/examples.mk RELEASE := helm-logstash-elasticsearch +TIMEOUT := 1200s install: - helm upgrade --wait --timeout=1200s --install $(RELEASE) --values ./values.yaml ../../ - -restart: - helm upgrade --set terminationGracePeriod=121 --wait --timeout=1200s --install $(RELEASE) ../../ + helm upgrade --wait --timeout=$(TIMEOUT) --install --values values.yaml $(RELEASE) ../../ test: install goss diff --git a/logstash/examples/elasticsearch/test/goss.yaml b/logstash/examples/elasticsearch/test/goss.yaml index a5364c930..44dde4e7b 100644 --- a/logstash/examples/elasticsearch/test/goss.yaml +++ b/logstash/examples/elasticsearch/test/goss.yaml @@ -21,10 +21,8 @@ http: status: 200 timeout: 2000 body: - - '"host" : "helm-logstash-elasticsearch-logstash-0"' - '"version" : "7.11.0"' - '"http_address" : "0.0.0.0:9600"' - - '"name" : "helm-logstash-elasticsearch-logstash-0"' - '"status" : "green"' - '"workers" : 1' - '"batch_size" : 125' @@ -33,7 +31,7 @@ http: status: 200 timeout: 2000 body: - - 'logstash' + - "logstash" file: /usr/share/logstash/config/logstash.yml: @@ -43,8 +41,8 @@ file: group: logstash filetype: file contains: - - 'http.host: 0.0.0.0' - - 'xpack.monitoring.enabled: false' + - "http.host: 0.0.0.0" + - "xpack.monitoring.enabled: false" /usr/share/logstash/pipeline/uptime.conf: exists: true mode: "0644" diff --git a/logstash/examples/oss/Makefile b/logstash/examples/oss/Makefile index 81c83f702..8f96d8286 100644 --- a/logstash/examples/oss/Makefile +++ b/logstash/examples/oss/Makefile @@ -3,12 +3,10 @@ default: test include ../../../helpers/examples.mk RELEASE := helm-logstash-oss +TIMEOUT := 1200s install: - helm upgrade --wait --timeout=1200s --install $(RELEASE) --values ./values.yaml ../../ - -restart: - helm upgrade --set terminationGracePeriod=121 --wait --timeout=1200s --install $(RELEASE) ../../ + helm upgrade --wait --timeout=$(TIMEOUT) --install --values values.yaml $(RELEASE) ../../ test: install goss diff --git a/logstash/examples/oss/test/goss.yaml b/logstash/examples/oss/test/goss.yaml index cc67594d8..c9e7db754 100644 --- a/logstash/examples/oss/test/goss.yaml +++ b/logstash/examples/oss/test/goss.yaml @@ -9,10 +9,8 @@ http: status: 200 timeout: 2000 body: - - '"host" : "helm-logstash-oss-logstash-0"' - '"version" : "7.11.0"' - '"http_address" : "0.0.0.0:9600"' - - '"name" : "helm-logstash-oss-logstash-0"' - '"status" : "green"' - '"workers" : 1' - '"batch_size" : 125' diff --git a/logstash/examples/security/Makefile b/logstash/examples/security/Makefile index ef8ebf13e..d5bfcb2f8 100644 --- a/logstash/examples/security/Makefile +++ b/logstash/examples/security/Makefile @@ -3,9 +3,10 @@ default: test include ../../../helpers/examples.mk RELEASE := helm-logstash-security +TIMEOUT := 1200s install: - helm upgrade --wait --timeout=1200s --install $(RELEASE) --values values.yaml ../../ + helm upgrade --wait --timeout=$(TIMEOUT) --install --values values.yaml $(RELEASE) ../../ test: install goss diff --git a/logstash/examples/security/test/goss.yaml b/logstash/examples/security/test/goss.yaml index 5d622e8d0..db45c2012 100644 --- a/logstash/examples/security/test/goss.yaml +++ b/logstash/examples/security/test/goss.yaml @@ -21,10 +21,8 @@ http: status: 200 timeout: 2000 body: - - '"host" : "helm-logstash-security-logstash-0"' - '"version" : "7.11.0"' - '"http_address" : "0.0.0.0:9600"' - - '"name" : "helm-logstash-security-logstash-0"' - '"status" : "green"' - '"workers" : 1' - '"batch_size" : 125' @@ -33,10 +31,10 @@ http: status: 200 timeout: 2000 body: - - 'logstash' + - "logstash" allow-insecure: true - username: '{{ .Env.ELASTICSEARCH_USERNAME }}' - password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' + username: "{{ .Env.ELASTICSEARCH_USERNAME }}" + password: "{{ .Env.ELASTICSEARCH_PASSWORD }}" file: /usr/share/logstash/config/logstash.yml: @@ -46,10 +44,10 @@ file: group: logstash filetype: file contains: - - 'http.host: 0.0.0.0' - - 'xpack.monitoring.enabled: true' + - "http.host: 0.0.0.0" + - "xpack.monitoring.enabled: true" - 'xpack.monitoring.elasticsearch.hosts: ["https://security-master:9200"]' - - 'xpack.monitoring.elasticsearch.ssl.certificate_authority: /usr/share/logstash/config/certs/elastic-certificate.crt' + - "xpack.monitoring.elasticsearch.ssl.certificate_authority: /usr/share/logstash/config/certs/elastic-certificate.crt" /usr/share/logstash/pipeline/uptime.conf: exists: true mode: "0644" @@ -58,7 +56,7 @@ file: filetype: file contains: - 'input { exec { command => "uptime" interval => 30 } }' - - 'output { elasticsearch {' + - "output { elasticsearch {" - 'hosts => ["https://security-master:9200"]' - 'cacert => "/usr/share/logstash/config/certs/elastic-certificate.crt"' - 'index => "logstash"' diff --git a/logstash/examples/upgrade/Makefile b/logstash/examples/upgrade/Makefile index db739a141..e5ee63671 100644 --- a/logstash/examples/upgrade/Makefile +++ b/logstash/examples/upgrade/Makefile @@ -8,6 +8,7 @@ FROM := 7.9.0 # upgrade from version < 7.9.0 is failing due to headless service install: ../../../helpers/upgrade.sh --chart $(CHART) --release $(RELEASE) --from $(FROM) + kubectl rollout status statefulset $(RELEASE)-logstash test: install goss diff --git a/logstash/examples/upgrade/test/goss.yaml b/logstash/examples/upgrade/test/goss.yaml index 19a5ccb6b..30692c5ba 100644 --- a/logstash/examples/upgrade/test/goss.yaml +++ b/logstash/examples/upgrade/test/goss.yaml @@ -9,10 +9,8 @@ http: status: 200 timeout: 2000 body: - - '"host" : "helm-logstash-upgrade-logstash-0"' - '"version" : "7.11.0"' - '"http_address" : "0.0.0.0:9600"' - - '"name" : "helm-logstash-upgrade-logstash-0"' - '"status" : "green"' - '"workers" : 1' - '"batch_size" : 125' diff --git a/metricbeat/examples/default/Makefile b/metricbeat/examples/default/Makefile index 6ff5a30e7..bcd4fb77b 100644 --- a/metricbeat/examples/default/Makefile +++ b/metricbeat/examples/default/Makefile @@ -6,7 +6,7 @@ RELEASE = helm-metricbeat-default GOSS_SELECTOR = release=$(RELEASE),app=helm-metricbeat-default-metricbeat install: - helm upgrade --wait --timeout=900s --install $(RELEASE) ../../ + helm upgrade --wait --timeout=$(TIMEOUT) --install $(RELEASE) ../../ test-metrics: GOSS_FILE=goss-metrics.yaml make goss GOSS_SELECTOR=release=$(RELEASE),app=helm-metricbeat-default-metricbeat-metrics diff --git a/metricbeat/examples/oss/Makefile b/metricbeat/examples/oss/Makefile index acb1124bc..534201044 100644 --- a/metricbeat/examples/oss/Makefile +++ b/metricbeat/examples/oss/Makefile @@ -6,12 +6,12 @@ RELEASE := helm-metricbeat-oss GOSS_SELECTOR = release=$(RELEASE),app=helm-metricbeat-oss-metricbeat install: - helm upgrade --wait --timeout=900s --install $(RELEASE) --values values.yaml ../../ - -purge: - helm del $(RELEASE) + helm upgrade --wait --timeout=$(TIMEOUT) --install --values values.yaml $(RELEASE) ../../ test-metrics: GOSS_FILE=goss-metrics.yaml make goss GOSS_SELECTOR=release=$(RELEASE),app=helm-metricbeat-oss-metricbeat-metrics test: install goss test-metrics + +purge: + helm del $(RELEASE) diff --git a/metricbeat/examples/security/Makefile b/metricbeat/examples/security/Makefile index d57cb05be..2433d8e95 100644 --- a/metricbeat/examples/security/Makefile +++ b/metricbeat/examples/security/Makefile @@ -6,12 +6,12 @@ RELEASE := helm-metricbeat-security GOSS_SELECTOR = release=$(RELEASE),app=helm-metricbeat-security-metricbeat install: - helm upgrade --wait --timeout=900s --install $(RELEASE) --values values.yaml ../../ - -purge: - helm del $(RELEASE) + helm upgrade --wait --timeout=$(TIMEOUT) --install --values values.yaml $(RELEASE) ../../ test-metrics: GOSS_FILE=goss-metrics.yaml make goss GOSS_SELECTOR=release=$(RELEASE),app=helm-metricbeat-security-metricbeat-metrics test: install goss test-metrics + +purge: + helm del $(RELEASE) diff --git a/metricbeat/examples/upgrade/Makefile b/metricbeat/examples/upgrade/Makefile index d2d8d8509..7d32e41dc 100644 --- a/metricbeat/examples/upgrade/Makefile +++ b/metricbeat/examples/upgrade/Makefile @@ -9,6 +9,9 @@ RELEASE := helm-metricbeat-upgrade install: ../../../helpers/upgrade.sh --chart $(CHART) --release $(RELEASE) --from $(FROM) + kubectl rollout status daemonset $(RELEASE)-metricbeat + kubectl rollout status deployment $(RELEASE)-metricbeat-metrics + kubectl rollout status deployment $(RELEASE)-kube-state-metrics #TODO: uncomment after 7.10.0 release test: #install goss From c78b55aa356f318d2ad2c1986c951f46a41f1fdc Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Thu, 26 Nov 2020 09:19:17 +0100 Subject: [PATCH 108/151] [7.x] ES Statefulset empty initContainers fix (#795) (#943) Co-authored-by: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Co-authored-by: cloudziu --- elasticsearch/templates/statefulset.yaml | 2 ++ elasticsearch/tests/elasticsearch_test.py | 5 +---- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/elasticsearch/templates/statefulset.yaml b/elasticsearch/templates/statefulset.yaml index 654feded7..70dd1a3cc 100644 --- a/elasticsearch/templates/statefulset.yaml +++ b/elasticsearch/templates/statefulset.yaml @@ -153,6 +153,7 @@ spec: {{ toYaml .Values.imagePullSecrets | indent 8 }} {{- end }} enableServiceLinks: {{ .Values.enableServiceLinks }} + {{- if or (.Values.extraInitContainers) (.Values.sysctlInitContainer.enabled) (.Values.keystore) }} initContainers: {{- if .Values.sysctlInitContainer.enabled }} - name: configure-sysctl @@ -210,6 +211,7 @@ spec: {{ tpl .Values.extraInitContainers . | indent 6 }} {{- else }} {{ toYaml .Values.extraInitContainers | indent 6 }} + {{- end }} {{- end }} {{- end }} containers: diff --git a/elasticsearch/tests/elasticsearch_test.py b/elasticsearch/tests/elasticsearch_test.py index 39c02b307..a55132f64 100755 --- a/elasticsearch/tests/elasticsearch_test.py +++ b/elasticsearch/tests/elasticsearch_test.py @@ -418,10 +418,7 @@ def test_sysctl_init_container_disabled(): enabled: false """ r = helm_template(config) - initContainers = r["statefulset"][uname]["spec"]["template"]["spec"][ - "initContainers" - ] - assert initContainers is None + assert "initContainers" not in r["statefulset"][uname]["spec"]["template"]["spec"] def test_sysctl_init_container_enabled(): From dd5cf8ee5a983158a67f92addb9650a56bc4ca4d Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Thu, 26 Nov 2020 09:19:51 +0100 Subject: [PATCH 109/151] [7.x] [logstash] add rbac custom annotations (#764) (#946) Co-authored-by: Michael Borens --- logstash/templates/serviceaccount.yaml | 6 ++++++ logstash/tests/logstash_test.py | 2 ++ logstash/values.yaml | 4 ++++ 3 files changed, 12 insertions(+) diff --git a/logstash/templates/serviceaccount.yaml b/logstash/templates/serviceaccount.yaml index 4508878b8..bb72735b6 100644 --- a/logstash/templates/serviceaccount.yaml +++ b/logstash/templates/serviceaccount.yaml @@ -17,4 +17,10 @@ metadata: chart: "{{ .Chart.Name }}" heritage: {{ .Release.Service | quote }} release: {{ .Release.Name | quote }} + {{- if .Values.rbac.annotations }} + annotations: + {{- range $key, $value := .Values.rbac.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} {{- end -}} diff --git a/logstash/tests/logstash_test.py b/logstash/tests/logstash_test.py index caee32c29..1555b960c 100755 --- a/logstash/tests/logstash_test.py +++ b/logstash/tests/logstash_test.py @@ -760,6 +760,8 @@ def test_pod_security_policy(): rbac: create: true serviceAccountName: "" + annotations: + "eks.amazonaws.com/role-arn": "test-rbac-annotations" podSecurityPolicy: create: true diff --git a/logstash/values.yaml b/logstash/values.yaml index 3cc83c174..d197fb6a9 100755 --- a/logstash/values.yaml +++ b/logstash/values.yaml @@ -89,6 +89,10 @@ rbac: create: false serviceAccountAnnotations: {} serviceAccountName: "" + annotations: {} + #annotation1: "value1" + #annotation2: "value2" + #annotation3: "value3" podSecurityPolicy: create: false From b75f2fc0944cefdc4e8ef2848e01e96f2df8dc36 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Tue, 1 Dec 2020 10:25:00 +0100 Subject: [PATCH 110/151] [7.x] [meta] enable metricbeat upgrade test (#940) (#951) This commit enable Metricbeat upgrade test which where disable before 7.10.0 release because Metricbeat 7.10.0 introduce breaking change preventing upgrade from previous version. Version post 7.10.0 will now be tested for upgrade from 7.10.0. --- helpers/matrix.yml | 2 +- metricbeat/examples/upgrade/Makefile | 5 ++--- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/helpers/matrix.yml b/helpers/matrix.yml index a8fd93a32..aa2f4b3c4 100644 --- a/helpers/matrix.yml +++ b/helpers/matrix.yml @@ -26,7 +26,7 @@ METRICBEAT_SUITE: - default - oss - security - #- upgrade TODO: uncomment after 7.10.0 release + - upgrade LOGSTASH_SUITE: - default - oss diff --git a/metricbeat/examples/upgrade/Makefile b/metricbeat/examples/upgrade/Makefile index 7d32e41dc..5cd564fcc 100644 --- a/metricbeat/examples/upgrade/Makefile +++ b/metricbeat/examples/upgrade/Makefile @@ -4,7 +4,7 @@ include ../../../helpers/examples.mk CHART := metricbeat RELEASE := helm-metricbeat-upgrade -#FROM := 7.10.0 # upgrade from version < 7.10.0 is failing due to selector +FROM := 7.10.0 # upgrade from version < 7.10.0 is failing due to selector # breaking change in https://github.com/elastic/helm-charts/pull/516 install: @@ -13,8 +13,7 @@ install: kubectl rollout status deployment $(RELEASE)-metricbeat-metrics kubectl rollout status deployment $(RELEASE)-kube-state-metrics -#TODO: uncomment after 7.10.0 release -test: #install goss +test: install goss purge: helm del $(RELEASE) From 5bbbd9052b0260f0330392c2dc32433b6cec5c59 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Tue, 1 Dec 2020 17:09:38 +0100 Subject: [PATCH 111/151] [7.x] [apm-server] Add missing fields to HPA (#782) (#956) Co-authored-by: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Co-authored-by: David --- apm-server/README.md | 2 +- apm-server/templates/hpa.yaml | 9 +++++++++ apm-server/tests/apmserver_test.py | 10 ++++++++++ apm-server/values.yaml | 3 +++ 4 files changed, 23 insertions(+), 1 deletion(-) diff --git a/apm-server/README.md b/apm-server/README.md index 2e039bd6a..b7e1f67b6 100644 --- a/apm-server/README.md +++ b/apm-server/README.md @@ -89,7 +89,7 @@ as a reference. They are also used in the automated testing of this chart. |-----------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------| | `affinity` | Configurable [affinity][] | `{}` | | `apmConfig` | Allows you to add any config files in `/usr/share/apm-server/config` such as `apm-server.yml` | see [values.yaml][] | -| `autoscaling` | Enable the [horizontal pod autoscaler][] | `enabled: false` | +| `autoscaling` | Enable the [horizontal pod autoscaler][] | see [values.yaml][] | | `envFrom` | Templatable string to be passed to the [environment from variables][] which will be appended to the `envFrom:` definition for the container | `[]` | | `extraContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | | `extraEnvs` | Extra [environment variables][] which will be appended to the `env:` definition for the container | `[]` | diff --git a/apm-server/templates/hpa.yaml b/apm-server/templates/hpa.yaml index a254adb09..b78724124 100644 --- a/apm-server/templates/hpa.yaml +++ b/apm-server/templates/hpa.yaml @@ -14,4 +14,13 @@ spec: apiVersion: apps/v1 kind: Deployment name: {{ template "apm.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.averageCpuUtilization }} {{- end }} diff --git a/apm-server/tests/apmserver_test.py b/apm-server/tests/apmserver_test.py index 2ce3b70b1..a3b1419df 100644 --- a/apm-server/tests/apmserver_test.py +++ b/apm-server/tests/apmserver_test.py @@ -341,3 +341,13 @@ def test_setting_fullnameOverride(): ] == project ) + + +def test_enabling_horizontal_pod_autoscaler(): + config = """ +autoscaling: + enabled: true +""" + r = helm_template(config) + + assert "horizontalpodautoscaler" in r diff --git a/apm-server/values.yaml b/apm-server/values.yaml index 07657e14d..0d3d3326a 100755 --- a/apm-server/values.yaml +++ b/apm-server/values.yaml @@ -140,6 +140,9 @@ fullnameOverride: "" autoscaling: enabled: false + minReplicas: 1 + maxReplicas: 3 + averageCpuUtilization: 50 ingress: enabled: false From a62852a5ba207ae9c206c57dc9fdb030d4fc70f9 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Tue, 1 Dec 2020 19:07:45 +0100 Subject: [PATCH 112/151] [7.x] [kibana] add service.httpPortName config in chart (#843) (#959) Co-authored-by: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Co-authored-by: Thomas Decaux --- kibana/templates/service.yaml | 2 +- kibana/tests/kibana_test.py | 13 +++++++++++++ kibana/values.yaml | 1 + 3 files changed, 15 insertions(+), 1 deletion(-) diff --git a/kibana/templates/service.yaml b/kibana/templates/service.yaml index dfb254c0c..fbced7344 100644 --- a/kibana/templates/service.yaml +++ b/kibana/templates/service.yaml @@ -26,7 +26,7 @@ spec: nodePort: {{ .Values.service.nodePort }} {{- end }} protocol: TCP - name: http + name: {{ .Values.service.httpPortName | default "http" }} targetPort: {{ .Values.httpPort }} selector: app: {{ .Chart.Name }} diff --git a/kibana/tests/kibana_test.py b/kibana/tests/kibana_test.py index 38a9fb154..d58da0301 100644 --- a/kibana/tests/kibana_test.py +++ b/kibana/tests/kibana_test.py @@ -629,3 +629,16 @@ def test_adding_loadBalancerIP(): r = helm_template(config) assert r["service"][name]["spec"]["loadBalancerIP"] == "12.5.11.79" + + +def test_service_port_name(): + r = helm_template("") + + config = """ + service: + httpPortName: istio + """ + + r = helm_template(config) + + assert r["service"][name]["spec"]["ports"][0]["name"] == "istio" diff --git a/kibana/values.yaml b/kibana/values.yaml index 7bf72185a..c83ca14fe 100755 --- a/kibana/values.yaml +++ b/kibana/values.yaml @@ -107,6 +107,7 @@ service: # service.beta.kubernetes.io/cce-load-balancer-internal-vpc: "true" loadBalancerSourceRanges: [] # 0.0.0.0/0 + httpPortName: http ingress: enabled: false From a251320d365dcde4531c5a922e5e0d33f94d53ae Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Thu, 10 Dec 2020 16:18:34 +0100 Subject: [PATCH 113/151] [7.x] [meta] add config for backport (#971) (#974) This commit add the config file to manage backport PR using https://github.com/sqren/backport --- .backportrc.json | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 .backportrc.json diff --git a/.backportrc.json b/.backportrc.json new file mode 100644 index 000000000..001ba1941 --- /dev/null +++ b/.backportrc.json @@ -0,0 +1,8 @@ +{ + "upstream": "elastic/helm-charts", + "targetBranchChoices": ["6.8", "7.10", "7.x"], + "all": true, + "prFilter": "label:need-backport", + "targetPRLabels": ["backport"], + "sourcePRLabels": ["backported"] +} From d7dfd07773d4506fa661d722405f784751c03891 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Fri, 18 Dec 2020 19:31:12 +0100 Subject: [PATCH 114/151] [7.x] [meta] bump helm to 3.4.2 (#977) (#988) This commit bump the tested Helm version from 3.4.1 to 3.4.2 --- README.md | 2 +- helpers/helm-tester/Dockerfile | 2 +- helpers/terraform/Dockerfile | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index b8b40cb54..be24a058c 100644 --- a/README.md +++ b/README.md @@ -77,7 +77,7 @@ exact versions are defined under `KUBERNETES_VERSIONS` in ### Helm versions While we are checking backward compatibility, the charts are only tested with -Helm version mentioned in [helm-tester Dockerfile][] (currently 3.4.1). +Helm version mentioned in [helm-tester Dockerfile][] (currently 3.4.2). ## ECK diff --git a/helpers/helm-tester/Dockerfile b/helpers/helm-tester/Dockerfile index 96ad4c483..0a4de30d4 100644 --- a/helpers/helm-tester/Dockerfile +++ b/helpers/helm-tester/Dockerfile @@ -1,6 +1,6 @@ FROM python:3.7 -ENV HELM_VERSION=3.4.1 +ENV HELM_VERSION=3.4.2 RUN wget --no-verbose https://get.helm.sh/helm-v${HELM_VERSION}-linux-amd64.tar.gz && \ tar xfv helm-v${HELM_VERSION}-linux-amd64.tar.gz && \ diff --git a/helpers/terraform/Dockerfile b/helpers/terraform/Dockerfile index 3540dfb60..a7189fa0b 100644 --- a/helpers/terraform/Dockerfile +++ b/helpers/terraform/Dockerfile @@ -3,7 +3,7 @@ FROM centos:7 ENV VAULT_VERSION 0.9.3 ENV TERRAFORM_VERSION=0.11.7 ENV KUBECTL_VERSION=1.16.10 -ENV HELM_VERSION=3.4.1 +ENV HELM_VERSION=3.4.2 ENV DOCKER_VERSION=18.09.7 ENV JQ_VERSION=1.6 From 86d6e176f9cb98ea75548ddf93d851bfea3dce48 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Fri, 18 Dec 2020 19:35:30 +0100 Subject: [PATCH 115/151] [7.x] elasticsearch: add emptyDir to podSecurityPolicy as allowed volume-type (#975) (#982) Co-authored-by: unki --- elasticsearch/values.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/elasticsearch/values.yaml b/elasticsearch/values.yaml index 6f5790c71..4705c2757 100755 --- a/elasticsearch/values.yaml +++ b/elasticsearch/values.yaml @@ -118,6 +118,7 @@ podSecurityPolicy: - secret - configMap - persistentVolumeClaim + - emptyDir persistence: enabled: true From 60a55aaea8af90cb5d1a5d805ea55f72d2e04f4d Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Mon, 21 Dec 2020 08:48:58 +0100 Subject: [PATCH 116/151] [7.x] [all] add hostaliases (#970) (#985) This commit allow to define hostAliases in all charts kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases --- apm-server/README.md | 2 ++ apm-server/templates/deployment.yaml | 3 ++ apm-server/tests/apmserver_test.py | 15 +++++++++ apm-server/values.yaml | 6 ++++ elasticsearch/README.md | 2 ++ elasticsearch/templates/statefulset.yaml | 3 ++ elasticsearch/tests/elasticsearch_test.py | 14 ++++++++ elasticsearch/values.yaml | 6 ++++ filebeat/README.md | 7 ++-- filebeat/templates/daemonset.yaml | 3 ++ filebeat/tests/filebeat_test.py | 14 ++++++++ filebeat/values.yaml | 5 +++ kibana/README.md | 2 ++ kibana/templates/deployment.yaml | 3 ++ kibana/tests/kibana_test.py | 15 +++++++++ kibana/values.yaml | 6 ++++ logstash/README.md | 2 ++ logstash/templates/statefulset.yaml | 3 ++ logstash/tests/logstash_test.py | 14 ++++++++ logstash/values.yaml | 6 ++++ metricbeat/README.md | 3 ++ metricbeat/templates/daemonset.yaml | 3 ++ metricbeat/templates/deployment.yaml | 3 ++ metricbeat/tests/metricbeat_test.py | 39 +++++++++++++++++++++++ metricbeat/values.yaml | 10 ++++++ 25 files changed, 186 insertions(+), 3 deletions(-) diff --git a/apm-server/README.md b/apm-server/README.md index b7e1f67b6..eae1e0f41 100644 --- a/apm-server/README.md +++ b/apm-server/README.md @@ -97,6 +97,7 @@ as a reference. They are also used in the automated testing of this chart. | `extraVolumeMounts` | List of additional `volumeMounts` | `[]` | | `extraVolumes` | List of additional `volumes` | `[]` | | `fullnameOverride` | Overrides the full name of the resources. If not set the name will default to `.Release.Name` - `.Values.nameOverride` or `.Chart.Name` | `""` | +| `hostAliases` | Configurable [hostAliases][] | `[]` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | | `imageTag` | The APM Server Docker image tag | `7.11.0-SNAPSHOT` | @@ -163,6 +164,7 @@ about our development and testing process. [examples/security]: https://github.com/elastic/helm-charts/tree/7.x/apm-server/examples/security [helm]: https://helm.sh [horizontal pod autoscaler]: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ +[hostAliases]: https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ [imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images [imagePullSecrets]: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret [ingress]: https://kubernetes.io/docs/concepts/services-networking/ingress/ diff --git a/apm-server/templates/deployment.yaml b/apm-server/templates/deployment.yaml index 0cf3b50d9..ca3248cd2 100644 --- a/apm-server/templates/deployment.yaml +++ b/apm-server/templates/deployment.yaml @@ -34,6 +34,9 @@ spec: priorityClassName: {{ .Values.priorityClassName }} {{- end }} serviceAccountName: {{ template "apm.serviceAccount" . }} + {{- if .Values.hostAliases }} + hostAliases: {{ toYaml .Values.hostAliases | nindent 6 }} + {{- end }} volumes: {{- range .Values.secretMounts }} - name: {{ .name }} diff --git a/apm-server/tests/apmserver_test.py b/apm-server/tests/apmserver_test.py index a3b1419df..b6b8218af 100644 --- a/apm-server/tests/apmserver_test.py +++ b/apm-server/tests/apmserver_test.py @@ -26,6 +26,8 @@ def test_defaults(): assert c["image"].startswith("docker.elastic.co/apm/apm-server:") assert c["ports"][0]["containerPort"] == 8200 + assert "hostAliases" not in r["deployment"][name]["spec"]["template"]["spec"] + def test_adding_a_extra_container(): config = """ @@ -351,3 +353,16 @@ def test_enabling_horizontal_pod_autoscaler(): r = helm_template(config) assert "horizontalpodautoscaler" in r + + +def test_hostaliases(): + config = """ +hostAliases: +- ip: "127.0.0.1" + hostnames: + - "foo.local" + - "bar.local" +""" + r = helm_template(config) + hostAliases = r["deployment"][name]["spec"]["template"]["spec"]["hostAliases"] + assert {"ip": "127.0.0.1", "hostnames": ["foo.local", "bar.local"]} in hostAliases diff --git a/apm-server/values.yaml b/apm-server/values.yaml index 0d3d3326a..3c0a49875 100755 --- a/apm-server/values.yaml +++ b/apm-server/values.yaml @@ -61,6 +61,12 @@ extraVolumes: [] # - name: extras # emptyDir: {} +hostAliases: [] +#- ip: "127.0.0.1" +# hostnames: +# - "foo.local" +# - "bar.local" + image: "docker.elastic.co/apm/apm-server" imageTag: "7.11.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" diff --git a/elasticsearch/README.md b/elasticsearch/README.md index 160d191f8..b1e238024 100644 --- a/elasticsearch/README.md +++ b/elasticsearch/README.md @@ -124,6 +124,7 @@ support multiple versions with minimal changes. | `extraVolumeMounts` | Templatable string of additional `volumeMounts` to be passed to the `tpl` function | `""` | | `extraVolumes` | Templatable string of additional `volumes` to be passed to the `tpl` function | `""` | | `fullnameOverride` | Overrides the `clusterName` and `nodeGroup` when used in the naming of resources. This should only be used when using a single `nodeGroup`, otherwise you will have name conflicts | `""` | +| `hostAliases` | Configurable [hostAliases][] | `[]` | | `httpPort` | The http port that Kubernetes will use for the healthchecks and the service. If you change this you will also need to set [http.port][] in `extraEnvs` | `9200` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | @@ -423,6 +424,7 @@ about our development and testing process. [ingress]: https://kubernetes.io/docs/concepts/services-networking/ingress/ [java options]: https://www.elastic.co/guide/en/elasticsearch/reference/7.x/jvm-options.html [jvm heap size]: https://www.elastic.co/guide/en/elasticsearch/reference/7.x/heap-size.html +[hostAliases]: https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ [kind]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/kubernetes-kind [kubernetes secrets]: https://kubernetes.io/docs/concepts/configuration/secret/ [labels]: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ diff --git a/elasticsearch/templates/statefulset.yaml b/elasticsearch/templates/statefulset.yaml index 70dd1a3cc..e44a01624 100644 --- a/elasticsearch/templates/statefulset.yaml +++ b/elasticsearch/templates/statefulset.yaml @@ -153,6 +153,9 @@ spec: {{ toYaml .Values.imagePullSecrets | indent 8 }} {{- end }} enableServiceLinks: {{ .Values.enableServiceLinks }} + {{- if .Values.hostAliases }} + hostAliases: {{ toYaml .Values.hostAliases | nindent 8 }} + {{- end }} {{- if or (.Values.extraInitContainers) (.Values.sysctlInitContainer.enabled) (.Values.keystore) }} initContainers: {{- if .Values.sysctlInitContainer.enabled }} diff --git a/elasticsearch/tests/elasticsearch_test.py b/elasticsearch/tests/elasticsearch_test.py index a55132f64..f414d68e1 100755 --- a/elasticsearch/tests/elasticsearch_test.py +++ b/elasticsearch/tests/elasticsearch_test.py @@ -141,6 +141,7 @@ def test_defaults(): assert "tolerations" not in r["statefulset"][uname]["spec"]["template"]["spec"] assert "nodeSelector" not in r["statefulset"][uname]["spec"]["template"]["spec"] assert "ingress" not in r + assert "hostAliases" not in r["statefulset"][uname]["spec"]["template"]["spec"] def test_increasing_the_replicas(): @@ -1361,3 +1362,16 @@ def test_initial_master_nodes_when_using_full_name_override(): "name": "cluster.initial_master_nodes", "value": "customfullName-0," + "customfullName-1," + "customfullName-2,", } in env + + +def test_hostaliases(): + config = """ +hostAliases: +- ip: "127.0.0.1" + hostnames: + - "foo.local" + - "bar.local" +""" + r = helm_template(config) + hostAliases = r["statefulset"][uname]["spec"]["template"]["spec"]["hostAliases"] + assert {"ip": "127.0.0.1", "hostnames": ["foo.local", "bar.local"]} in hostAliases diff --git a/elasticsearch/values.yaml b/elasticsearch/values.yaml index 4705c2757..40583e8be 100755 --- a/elasticsearch/values.yaml +++ b/elasticsearch/values.yaml @@ -52,6 +52,12 @@ secretMounts: [] # path: /usr/share/elasticsearch/config/certs # defaultMode: 0755 +hostAliases: [] +#- ip: "127.0.0.1" +# hostnames: +# - "foo.local" +# - "bar.local" + image: "docker.elastic.co/elasticsearch/elasticsearch" imageTag: "7.11.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" diff --git a/filebeat/README.md b/filebeat/README.md index c961da056..9f5abc3c9 100644 --- a/filebeat/README.md +++ b/filebeat/README.md @@ -93,6 +93,7 @@ as a reference. They are also used in the automated testing of this chart. | Parameter | Description | Default | |-----------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------| | `affinity` | Configurable [affinity][] | `{}` | +| `dnsConfig` | Configurable [dnsConfig][] | `{}` | | `envFrom` | Templatable string of envFrom to be passed to the [environment from variables][] which will be appended to the `envFrom:` definition for the container | `[]` | | `extraContainers` | List of additional init containers to be added at the DaemonSet | `""` | | `extraEnvs` | Extra [environment variables][] which will be appended to the `env:` definition for the container | `[]` | @@ -101,8 +102,8 @@ as a reference. They are also used in the automated testing of this chart. | `extraVolumes` | List of additional volumes to be mounted on the DaemonSet | `[]` | | `filebeatConfig` | Allows you to add any config files in `/usr/share/filebeat` such as `filebeat.yml` | see [values.yaml][] | | `fullnameOverride` | Overrides the full name of the resources. If not set the name will default to " `.Release.Name` - `.Values.nameOverride or .Chart.Name` " | `""` | +| `hostAliases` | Configurable [hostAliases][] | `[]` | | `hostNetworking` | Use host networking in the DaemonSet so that hostname is reported correctly | `false` | -| `dnsConfig` | Configurable [dnsConfig][] | `{}` | | `hostPathRoot` | Fully-qualified [hostPath][] that will be used to persist Filebeat registry data | `/var/lib` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | @@ -191,7 +192,7 @@ about our development and testing process. [CONTRIBUTING.md]: https://github.com/elastic/helm-charts/blob/master/CONTRIBUTING.md [affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity [annotations]: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ -[default Filebeat Helm chart]: https://github.com/elastic/helm-charts/tree/7.x/filebeat/README.md#default +[dnsConfig]: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/ [environment variables]: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config [environment from variables]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables [examples]: https://github.com/elastic/helm-charts/tree/7.x/filebeat/examples @@ -201,8 +202,8 @@ about our development and testing process. [filebeat oss docker image]: https://www.docker.elastic.co/r/beats/filebeat-oss [filebeat outputs]: https://www.elastic.co/guide/en/beats/filebeat/7.x/configuring-output.html [helm]: https://helm.sh +[hostAliases]: https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ [hostNetwork]: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#host-namespaces -[dnsConfig]: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/ [hostPath]: https://kubernetes.io/docs/concepts/storage/volumes/#hostpath [imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images [imagePullSecrets]: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret diff --git a/filebeat/templates/daemonset.yaml b/filebeat/templates/daemonset.yaml index 94e286bdf..1708eb5e6 100644 --- a/filebeat/templates/daemonset.yaml +++ b/filebeat/templates/daemonset.yaml @@ -59,6 +59,9 @@ spec: {{- if .Values.dnsConfig }} dnsConfig: {{ toYaml .Values.dnsConfig | nindent 8 }} {{- end }} + {{- if .Values.hostAliases }} + hostAliases: {{ toYaml .Values.hostAliases | nindent 6 }} + {{- end }} volumes: {{- range .Values.secretMounts }} - name: {{ .name }} diff --git a/filebeat/tests/filebeat_test.py b/filebeat/tests/filebeat_test.py index 7c8dc0ad0..feaba4f56 100644 --- a/filebeat/tests/filebeat_test.py +++ b/filebeat/tests/filebeat_test.py @@ -30,6 +30,7 @@ def test_defaults(): # Empty customizable defaults assert "imagePullSecrets" not in r["daemonset"][name]["spec"]["template"]["spec"] assert "tolerations" not in r["daemonset"][name]["spec"]["template"]["spec"] + assert "hostAliases" not in r["daemonset"][name]["spec"]["template"]["spec"] assert r["daemonset"][name]["spec"]["updateStrategy"]["type"] == "RollingUpdate" @@ -400,3 +401,16 @@ def test_setting_fullnameOverride(): "type": "DirectoryOrCreate", }, } in volumes + + +def test_hostaliases(): + config = """ +hostAliases: +- ip: "127.0.0.1" + hostnames: + - "foo.local" + - "bar.local" +""" + r = helm_template(config) + hostAliases = r["daemonset"][name]["spec"]["template"]["spec"]["hostAliases"] + assert {"ip": "127.0.0.1", "hostnames": ["foo.local", "bar.local"]} in hostAliases diff --git a/filebeat/values.yaml b/filebeat/values.yaml index bbccfdfc3..9c0fcd7d8 100755 --- a/filebeat/values.yaml +++ b/filebeat/values.yaml @@ -55,6 +55,11 @@ dnsConfig: {} # options: # - name: ndots # value: "2" +hostAliases: [] +#- ip: "127.0.0.1" +# hostnames: +# - "foo.local" +# - "bar.local" image: "docker.elastic.co/beats/filebeat" imageTag: "7.11.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" diff --git a/kibana/README.md b/kibana/README.md index 0155e457e..b5ced97a7 100644 --- a/kibana/README.md +++ b/kibana/README.md @@ -89,6 +89,7 @@ as a reference. They are also used in the automated testing of this chart. | `extraInitContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | | `fullnameOverride` | Overrides the full name of the resources. If not set the name will default to " `.Release.Name` - `.Values.nameOverride orChart.Name` " | `""` | | `healthCheckPath` | The path used for the readinessProbe to check that Kibana is ready. If you are setting `server.basePath` you will also need to update this to `/${basePath}/app/kibana` | `/app/kibana` | +| `hostAliases` | Configurable [hostAliases][] | `[]` | | `httpPort` | The http port that Kubernetes will use for the healthchecks and the service | `5601` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][]value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | @@ -217,6 +218,7 @@ about our development and testing process. [examples/security]: https://github.com/elastic/helm-charts/tree/7.x/kibana/examples/security [gke]: https://cloud.google.com/kubernetes-engine [helm]: https://helm.sh +[hostAliases]: https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ [imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images [imagePullSecrets]: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret [ingress]: https://kubernetes.io/docs/concepts/services-networking/ingress/ diff --git a/kibana/templates/deployment.yaml b/kibana/templates/deployment.yaml index 44920abb9..ba4400b78 100644 --- a/kibana/templates/deployment.yaml +++ b/kibana/templates/deployment.yaml @@ -36,6 +36,9 @@ spec: {{- if .Values.serviceAccount }} serviceAccount: {{ .Values.serviceAccount }} {{- end }} + {{- if .Values.hostAliases }} + hostAliases: {{ toYaml .Values.hostAliases | nindent 6 }} + {{- end }} volumes: {{- range .Values.secretMounts }} - name: {{ .name }} diff --git a/kibana/tests/kibana_test.py b/kibana/tests/kibana_test.py index d58da0301..b188db456 100644 --- a/kibana/tests/kibana_test.py +++ b/kibana/tests/kibana_test.py @@ -54,6 +54,8 @@ def test_defaults(): # Make sure that the default 'loadBalancerIP' string is empty assert "loadBalancerIP" not in r["service"][name]["spec"] + assert "hostAliases" not in r["deployment"][name]["spec"]["template"]["spec"] + def test_overriding_the_elasticsearch_hosts(): config = """ @@ -642,3 +644,16 @@ def test_service_port_name(): r = helm_template(config) assert r["service"][name]["spec"]["ports"][0]["name"] == "istio" + + +def test_hostaliases(): + config = """ +hostAliases: +- ip: "127.0.0.1" + hostnames: + - "foo.local" + - "bar.local" +""" + r = helm_template(config) + hostAliases = r["deployment"][name]["spec"]["template"]["spec"]["hostAliases"] + assert {"ip": "127.0.0.1", "hostnames": ["foo.local", "bar.local"]} in hostAliases diff --git a/kibana/values.yaml b/kibana/values.yaml index c83ca14fe..8169e80db 100755 --- a/kibana/values.yaml +++ b/kibana/values.yaml @@ -28,6 +28,12 @@ secretMounts: [] # path: /usr/share/kibana/data/kibana.keystore # subPath: kibana.keystore # optional +hostAliases: [] +#- ip: "127.0.0.1" +# hostnames: +# - "foo.local" +# - "bar.local" + image: "docker.elastic.co/kibana/kibana" imageTag: "7.11.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" diff --git a/logstash/README.md b/logstash/README.md index 1698bf59d..bbfd8bc57 100644 --- a/logstash/README.md +++ b/logstash/README.md @@ -114,6 +114,7 @@ useful for the [http input plugin][], for instance. | `extraVolumeMounts` | Templatable string of additional `volumeMounts` to be passed to the `tpl` function | `""` | | `extraVolumes` | Templatable string of additional `volumes` to be passed to the `tpl` function | `""` | | `fullnameOverride` | Overrides the full name of the resources. If not set the name will default to " `.Release.Name` - `.Values.nameOverride or .Chart.Name` " | `""` | +| `hostAliases` | Configurable [hostAliases][] | `[]` | | `httpPort` | The http port that Kubernetes will use for the healthchecks and the service | `9600` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | @@ -205,6 +206,7 @@ about our development and testing process. [examples]: https://github.com/elastic/helm-charts/tree/7.x/logstash/examples [examples/oss]: https://github.com/elastic/helm-charts/tree/7.x/logstash/examples/oss [helm]: https://helm.sh +[hostAliases]: https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ [http input plugin]: https://www.elastic.co/guide/en/logstash/current/plugins-inputs-http.html [imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images [imagePullSecrets]: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret diff --git a/logstash/templates/statefulset.yaml b/logstash/templates/statefulset.yaml index 55548eced..7f17586b4 100644 --- a/logstash/templates/statefulset.yaml +++ b/logstash/templates/statefulset.yaml @@ -133,6 +133,9 @@ spec: {{- if .Values.imagePullSecrets }} imagePullSecrets: {{ toYaml .Values.imagePullSecrets | indent 8 }} + {{- end}} + {{- if .Values.hostAliases }} + hostAliases: {{ toYaml .Values.hostAliases | nindent 6 }} {{- end }} {{- if .Values.extraInitContainers }} initContainers: diff --git a/logstash/tests/logstash_test.py b/logstash/tests/logstash_test.py index 1555b960c..ac5633e05 100755 --- a/logstash/tests/logstash_test.py +++ b/logstash/tests/logstash_test.py @@ -100,6 +100,7 @@ def test_defaults(): assert "imagePullSecrets" not in r["statefulset"][name]["spec"]["template"]["spec"] assert "tolerations" not in r["statefulset"][name]["spec"]["template"]["spec"] assert "nodeSelector" not in r["statefulset"][name]["spec"]["template"]["spec"] + assert "hostAliases" not in r["statefulset"][name]["spec"]["template"]["spec"] def test_increasing_the_replicas(): @@ -902,3 +903,16 @@ def test_adding_an_ingress(): ] }, } + + +def test_hostaliases(): + config = """ +hostAliases: +- ip: "127.0.0.1" + hostnames: + - "foo.local" + - "bar.local" +""" + r = helm_template(config) + hostAliases = r["statefulset"][name]["spec"]["template"]["spec"]["hostAliases"] + assert {"ip": "127.0.0.1", "hostnames": ["foo.local", "bar.local"]} in hostAliases diff --git a/logstash/values.yaml b/logstash/values.yaml index d197fb6a9..23ac43895 100755 --- a/logstash/values.yaml +++ b/logstash/values.yaml @@ -59,6 +59,12 @@ secrets: [] # A list of secrets and their paths to mount inside the pod secretMounts: [] +hostAliases: [] +#- ip: "127.0.0.1" +# hostnames: +# - "foo.local" +# - "bar.local" + image: "docker.elastic.co/logstash/logstash" imageTag: "7.11.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" diff --git a/metricbeat/README.md b/metricbeat/README.md index 190f5d631..57462ba74 100644 --- a/metricbeat/README.md +++ b/metricbeat/README.md @@ -99,6 +99,7 @@ as a reference. They are also used in the automated testing of this chart. | `daemonset.extraEnvs` | Extra [environment variables][] which will be appended to Metricbeat container for DaemonSet | `[]` | | `daemonset.extraVolumeMounts` | Templatable string of additional `volumeMounts` to be passed to the `tpl` function or DaemonSet | `[]` | | `daemonset.extraVolumes` | Templatable string of additional `volumes` to be passed to the `tpl` function or DaemonSet | `[]` | +| `daemonset.hostAliases` | Configurable [hostAliases][] for Metricbeat DaemonSet | `[]` | | `daemonset.hostNetworking` | Enable Metricbeat DaemonSet to use `hostNetwork` | `false` | | `daemonset.metricbeatConfig` | Allows you to add any config files in `/usr/share/metricbeat` such as `metricbeat.yml` for Metricbeat DaemonSet | see [values.yaml][] | | `daemonset.nodeSelector` | Configurable [nodeSelector][] for Metricbeat DaemonSet | `{}` | @@ -114,6 +115,7 @@ as a reference. They are also used in the automated testing of this chart. | `deployment.extraEnvs` | Extra [environment variables][] which will be appended to Metricbeat container for Deployment | `[]` | | `deployment.extraVolumeMounts` | Templatable string of additional `volumeMounts` to be passed to the `tpl` function or DaemonSet | `[]` | | `deployment.extraVolumes` | Templatable string of additional `volumes` to be passed to the `tpl` function or Deployment | `[]` | +| `deployment.hostAliases` | Configurable [hostAliases][] for Metricbeat Deployment | `[]` | | `deployment.metricbeatConfig` | Allows you to add any config files in `/usr/share/metricbeat` such as `metricbeat.yml` for Metricbeat Deployment | see [values.yaml][] | | `deployment.nodeSelector` | Configurable [nodeSelector][] for Metricbeat Deployment | `{}` | | `deployment.resources` | Allows you to set the [resources][] for Metricbeat Deployment | see [values.yaml][] | @@ -225,6 +227,7 @@ about our development and testing process. [examples/oss]: https://github.com/elastic/helm-charts/tree/7.x/metricbeat/examples/oss [examples/security]: https://github.com/elastic/helm-charts/tree/7.x/metricbeat/examples/security [helm]: https://helm.sh +[hostAliases]: https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ [hostPath]: https://kubernetes.io/docs/concepts/storage/volumes/#hostpath [hostNetwork]: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#host-namespaces [imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images diff --git a/metricbeat/templates/daemonset.yaml b/metricbeat/templates/daemonset.yaml index e8ef55ac9..b96b876d4 100644 --- a/metricbeat/templates/daemonset.yaml +++ b/metricbeat/templates/daemonset.yaml @@ -69,6 +69,9 @@ spec: {{- end }} serviceAccountName: {{ template "metricbeat.serviceAccount" . }} terminationGracePeriodSeconds: {{ .Values.terminationGracePeriod }} + {{- if .Values.daemonset.hostAliases }} + hostAliases: {{ toYaml .Values.daemonset.hostAliases | nindent 6 }} + {{- end }} volumes: {{- range .Values.secretMounts | default .Values.daemonset.secretMounts }} - name: {{ .name }} diff --git a/metricbeat/templates/deployment.yaml b/metricbeat/templates/deployment.yaml index cc97f20e5..740c1b7b1 100644 --- a/metricbeat/templates/deployment.yaml +++ b/metricbeat/templates/deployment.yaml @@ -63,6 +63,9 @@ spec: {{- end }} serviceAccountName: {{ template "metricbeat.serviceAccount" . }} terminationGracePeriodSeconds: {{ .Values.terminationGracePeriod }} + {{- if .Values.deployment.hostAliases }} + hostAliases: {{ toYaml .Values.deployment.hostAliases | nindent 6 }} + {{- end }} volumes: {{- range .Values.secretMounts | default .Values.deployment.secretMounts }} - name: {{ .name }} diff --git a/metricbeat/tests/metricbeat_test.py b/metricbeat/tests/metricbeat_test.py index 557fd9cdb..bcfcb5d8a 100644 --- a/metricbeat/tests/metricbeat_test.py +++ b/metricbeat/tests/metricbeat_test.py @@ -160,6 +160,12 @@ def test_defaults(): "limits": {"cpu": "1000m", "memory": "200Mi"}, } + assert "hostAliases" not in r["daemonset"][name]["spec"]["template"]["spec"] + assert ( + "hostAliases" + not in r["deployment"][name + "-metrics"]["spec"]["template"]["spec"] + ) + def test_adding_a_extra_container(): config = """ @@ -1458,3 +1464,36 @@ def test_adding_multiple_secrets(): "cert.crt": content_b64["cert_crt"], "cert.key": content_b64["cert_key"], } + + +def test_hostaliases(): + config = """ +daemonset: + hostAliases: + - ip: "127.0.0.1" + hostnames: + - "foo.local" + - "bar.local" +""" + r = helm_template(config) + assert ( + "hostAliases" + not in r["deployment"][name + "-metrics"]["spec"]["template"]["spec"] + ) + hostAliases = r["daemonset"][name]["spec"]["template"]["spec"]["hostAliases"] + assert {"ip": "127.0.0.1", "hostnames": ["foo.local", "bar.local"]} in hostAliases + + config = """ +deployment: + hostAliases: + - ip: "127.0.0.1" + hostnames: + - "foo.local" + - "bar.local" +""" + r = helm_template(config) + assert "hostAliases" not in r["daemonset"][name]["spec"]["template"]["spec"] + hostAliases = r["deployment"][name + "-metrics"]["spec"]["template"]["spec"][ + "hostAliases" + ] + assert {"ip": "127.0.0.1", "hostnames": ["foo.local", "bar.local"]} in hostAliases diff --git a/metricbeat/values.yaml b/metricbeat/values.yaml index a7ae34b41..c8c88662c 100755 --- a/metricbeat/values.yaml +++ b/metricbeat/values.yaml @@ -22,6 +22,11 @@ daemonset: # - name: extras # mountPath: /usr/share/extras # readOnly: true + hostAliases: [] + #- ip: "127.0.0.1" + # hostnames: + # - "foo.local" + # - "bar.local" hostNetworking: false # Allows you to add any config files in /usr/share/metricbeat # such as metricbeat.yml for daemonset @@ -120,6 +125,11 @@ deployment: # mountPath: /usr/share/extras # readOnly: true # such as metricbeat.yml for deployment + hostAliases: [] + #- ip: "127.0.0.1" + # hostnames: + # - "foo.local" + # - "bar.local" metricbeatConfig: metricbeat.yml: | metricbeat.modules: From d1f1b59c6a568376e55600e7cf341a356cc5d0b6 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Tue, 5 Jan 2021 17:40:01 +0100 Subject: [PATCH 117/151] Filebeat deployment support feature (#964) (#1005) Co-authored-by: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Co-authored-by: John Torakis --- filebeat/README.md | 109 +- filebeat/examples/deployment/Makefile | 13 + filebeat/examples/deployment/README.md | 27 + filebeat/examples/deployment/test/goss.yaml | 6 + filebeat/examples/deployment/values.yaml | 16 + filebeat/templates/configmap.yaml | 36 + filebeat/templates/daemonset.yaml | 80 +- filebeat/templates/deployment.yaml | 157 +++ filebeat/tests/filebeat_test.py | 1131 +++++++++++++++++-- filebeat/values.yaml | 209 ++-- helpers/matrix.yml | 1 + 11 files changed, 1548 insertions(+), 237 deletions(-) create mode 100644 filebeat/examples/deployment/Makefile create mode 100644 filebeat/examples/deployment/README.md create mode 100644 filebeat/examples/deployment/test/goss.yaml create mode 100644 filebeat/examples/deployment/values.yaml create mode 100644 filebeat/templates/deployment.yaml diff --git a/filebeat/README.md b/filebeat/README.md index 9f5abc3c9..e49f7c80d 100644 --- a/filebeat/README.md +++ b/filebeat/README.md @@ -17,6 +17,7 @@ This Helm chart is a lightweight way to configure and run our official - [Upgrading](#upgrading) - [Usage notes](#usage-notes) - [Configuration](#configuration) + - [Deprecated](#deprecated) - [FAQ](#faq) - [How to use Filebeat with Elasticsearch with security (authentication and TLS) enabled?](#how-to-use-filebeat-with-elasticsearch-with-security-authentication-and-tls-enabled) - [How to install OSS version of Filebeat?](#how-to-install-oss-version-of-filebeat) @@ -88,44 +89,76 @@ activate it by setting `hostNetworking: true` in [values.yaml][]. as a reference. They are also used in the automated testing of this chart. -## Configuration - -| Parameter | Description | Default | -|-----------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------| -| `affinity` | Configurable [affinity][] | `{}` | -| `dnsConfig` | Configurable [dnsConfig][] | `{}` | -| `envFrom` | Templatable string of envFrom to be passed to the [environment from variables][] which will be appended to the `envFrom:` definition for the container | `[]` | -| `extraContainers` | List of additional init containers to be added at the DaemonSet | `""` | -| `extraEnvs` | Extra [environment variables][] which will be appended to the `env:` definition for the container | `[]` | -| `extraInitContainers` | List of additional init containers to be added at the DaemonSet. It also accepts a templatable string of additional containers to be passed to the `tpl` function | `[]` | -| `extraVolumeMounts` | List of additional volumeMounts to be mounted on the DaemonSet | `[]` | -| `extraVolumes` | List of additional volumes to be mounted on the DaemonSet | `[]` | -| `filebeatConfig` | Allows you to add any config files in `/usr/share/filebeat` such as `filebeat.yml` | see [values.yaml][] | -| `fullnameOverride` | Overrides the full name of the resources. If not set the name will default to " `.Release.Name` - `.Values.nameOverride or .Chart.Name` " | `""` | -| `hostAliases` | Configurable [hostAliases][] | `[]` | -| `hostNetworking` | Use host networking in the DaemonSet so that hostname is reported correctly | `false` | -| `hostPathRoot` | Fully-qualified [hostPath][] that will be used to persist Filebeat registry data | `/var/lib` | -| `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | -| `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The Filebeat Docker image tag | `7.11.0-SNAPSHOT` | -| `image` | The Filebeat Docker image | `docker.elastic.co/beats/filebeat` | -| `labels` | Configurable [labels][] applied to all Filebeat pods | `{}` | -| `livenessProbe` | Parameters to pass to liveness [probe][] checks for values such as timeouts and thresholds | see [values.yaml][] | -| `managedServiceAccount` | Whether the `serviceAccount` should be managed by this Helm chart. Set this to `false` in order to manage your own service account and related roles | `true` | -| `nameOverride` | Overrides the chart name for resources. If not set the name will default to `.Chart.Name` | `""` | -| `nodeSelector` | Configurable [nodeSelector][] | `{}` | -| `podAnnotations` | Configurable [annotations][] applied to all Filebeat pods | `{}` | -| `podSecurityContext` | Configurable [podSecurityContext][] for Filebeat pod execution environment | see [values.yaml][] | -| `priorityClassName` | The name of the [PriorityClass][]. No default is supplied as the PriorityClass must be created first | `""` | -| `readinessProbe` | Parameters to pass to readiness [probe][] checks for values such as timeouts and thresholds | see [values.yaml][] | -| `resources` | Allows you to set the [resources][] for the `DaemonSet` | see [values.yaml][] | -| `secretMounts` | Allows you easily mount a secret as a file inside the `DaemonSet`. Useful for mounting certificates and other secrets. See [values.yaml][] for an example | `[]` | -| `serviceAccount` | Custom [serviceAccount][] that Filebeat will use during execution. By default will use the service account created by this chart | `""` | -| `serviceAccountAnnotations` | Annotations to be added to the ServiceAccount that is created by this chart. | `{}` | -| `terminationGracePeriod` | Termination period (in seconds) to wait before killing Filebeat pod process on pod shutdown | `30` | -| `tolerations` | Configurable [tolerations][] | `[]` | -| `updateStrategy` | The [updateStrategy][] for the `DaemonSet`. By default Kubernetes will kill and recreate pods on updates. Setting this to `OnDelete` will require that pods be deleted manually | `RollingUpdate` | - +| Parameter | Description | Default | +|--------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------| +| `daemonset.annotations` | Configurable [annotations][] for filebeat daemonset | `{}` | +| `daemonset.labels` | Configurable [labels][] applied to all filebeat DaemonSet pods | `{}` | +| `daemonset.affinity` | Configurable [affinity][] for filebeat daemonset | `{}` | +| `daemonset.enabled` | If true, enable daemonset | `true` | +| `daemonset.envFrom` | Templatable string of `envFrom` to be passed to the [environment from variables][] which will be appended to filebeat container for DaemonSet | `[]` | +| `daemonset.extraEnvs` | Extra [environment variables][] which will be appended to filebeat container for DaemonSet | `[]` | +| `daemonset.extraVolumeMounts` | Templatable string of additional `volumeMounts` to be passed to the `tpl` function for DaemonSet | `[]` | +| `daemonset.extraVolumes` | Templatable string of additional `volumes` to be passed to the `tpl` function for DaemonSet | `[]` | +| `daemonset.hostAliases` | Configurable [hostAliases][] for filebeat DaemonSet | `[]` | +| `daemonset.hostNetworking` | Enable filebeat DaemonSet to use `hostNetwork` | `false` | +| `daemonset.filebeatConfig` | Allows you to add any config files in `/usr/share/filebeat` such as `filebeat.yml` for filebeat DaemonSet | see [values.yaml][] | +| `daemonset.nodeSelector` | Configurable [nodeSelector][] for filebeat DaemonSet | `{}` | +| `daemonset.secretMounts` | Allows you easily mount a secret as a file inside the DaemonSet. Useful for mounting certificates and other secrets. See [values.yaml][] for an example | `[]` | +| `daemonset.podSecurityContext` | Configurable [podSecurityContext][] for filebeat DaemonSet pod execution environment | see [values.yaml][] | +| `daemonset.resources` | Allows you to set the [resources][] for filebeat DaemonSet | see [values.yaml][] | +| `daemonset.tolerations` | Configurable [tolerations][] for filebeat DaemonSet | `[]` | +| `deployment.annotations` | Configurable [annotations][] for filebeat Deployment | `{}` | +| `deployment.labels` | Configurable [labels][] applied to all filebeat Deployment pods | `{}` | +| `deployment.affinity` | Configurable [affinity][] for filebeat Deployment | `{}` | +| `deployment.enabled` | If true, enable deployment | `false` | +| `deployment.envFrom` | Templatable string of `envFrom` to be passed to the [environment from variables][] which will be appended to filebeat container for Deployment | `[]` | +| `deployment.extraEnvs` | Extra [environment variables][] which will be appended to filebeat container for Deployment | `[]` | +| `deployment.extraVolumeMounts` | Templatable string of additional `volumeMounts` to be passed to the `tpl` function for DaemonSet | `[]` | +| `deployment.extraVolumes` | Templatable string of additional `volumes` to be passed to the `tpl` function for Deployment | `[]` | +| `daemonset.hostAliases` | Configurable [hostAliases][] for filebeat Deployment | `[]` | +| `deployment.filebeatConfig` | Allows you to add any config files in `/usr/share/filebeat` such as `filebeat.yml` for filebeat Deployment | see [values.yaml][] | +| `deployment.nodeSelector` | Configurable [nodeSelector][] for filebeat Deployment | `{}` | +| `deployment.secretMounts` | Allows you easily mount a secret as a file inside the Deployment Useful for mounting certificates and other secrets. See [values.yaml][] for an example | `[]` | +| `deployment.resources` | Allows you to set the [resources][] for filebeat Deployment | see [values.yaml][] | +| `deployment.securityContext` | Configurable [securityContext][] for filebeat Deployment pod execution environment | see [values.yaml][] | +| `deployment.tolerations` | Configurable [tolerations][] for filebeat Deployment | `[]` | +| `replicas` | The replica count for the Filebeat deployment | `1` | +| `extraContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | +| `extraInitContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | +| `fullnameOverride` | Overrides the full name of the resources. If not set the name will default to " `.Release.Name` - `.Values.nameOverride or .Chart.Name` " | `""` | +| `hostPathRoot` | Fully-qualified [hostPath][] that will be used to persist filebeat registry data | `/var/lib` | +| `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | +| `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | +| `imageTag` | The filebeat Docker image tag | `8.0.0-SNAPSHOT` | +| `image` | The filebeat Docker image | `docker.elastic.co/beats/filebeat` | +| `livenessProbe` | Parameters to pass to liveness [probe][] checks for values such as timeouts and thresholds | see [values.yaml][] | +| `managedServiceAccount` | Whether the `serviceAccount` should be managed by this helm chart. Set this to `false` in order to manage your own service account and related roles | `true` | +| `nameOverride` | Overrides the chart name for resources. If not set the name will default to `.Chart.Name` | `""` | +| `podAnnotations` | Configurable [annotations][] applied to all filebeat pods | `{}` | +| `priorityClassName` | The name of the [PriorityClass][]. No default is supplied as the PriorityClass must be created first | `""` | +| `readinessProbe` | Parameters to pass to readiness [probe][] checks for values such as timeouts and thresholds | see [values.yaml][] | +| `serviceAccount` | Custom [serviceAccount][] that filebeat will use during execution. By default will use the service account created by this chart | `""` | +| `serviceAccountAnnotations` | Annotations to be added to the ServiceAccount that is created by this chart. | `{}` | +| `terminationGracePeriod` | Termination period (in seconds) to wait before killing filebeat pod process on pod shutdown | `30` | +| `updateStrategy` | The [updateStrategy][] for the DaemonSet By default Kubernetes will kill and recreate pods on updates. Setting this to `OnDelete` will require that pods be deleted manually | `RollingUpdate` | + +### Deprecated + +| Parameter | Description | Default | +|----------------------|------------------------------------------------------------------------------------------------------------------------------------------------------|---------| +| `affinity` | Configurable [affinity][] for filebeat DaemonSet | `{}` | +| `envFrom` | Templatable string to be passed to the [environment from variables][] which will be appended to filebeat container for both DaemonSet and Deployment | `[]` | +| `extraEnvs` | Extra [environment variables][] which will be appended to filebeat container for both DaemonSet and Deployment | `[]` | +| `extraVolumeMounts` | Templatable string of additional `volumeMounts` to be passed to the `tpl` function for both DaemonSet and Deployment | `[]` | +| `extraVolumes` | Templatable string of additional `volumes` to be passed to the `tpl` function for both DaemonSet and Deployment | `[]` | +| `filebeatConfig` | Allows you to add any config files in `/usr/share/filebeat` such as `filebeat.yml` for both filebeat DaemonSet and Deployment | `{}` | +| `hostAliases` | Configurable [hostAliases][] | `[]` | +| `nodeSelector` | Configurable [nodeSelector][] for filebeat DaemonSet | `{}` | +| `podSecurityContext` | Configurable [securityContext][] for filebeat DaemonSet and Deployment pod execution environment | `{}` | +| `resources` | Allows you to set the [resources][] for both filebeat DaemonSet and Deployment | `{}` | +| `secretMounts` | Allows you easily mount a secret as a file inside DaemonSet and Deployment Useful for mounting certificates and other secrets | `[]` | +| `tolerations` | Configurable [tolerations][] for both filebeat DaemonSet and Deployment | `[]` | +| `labels` | Configurable [labels][] applied to all filebeat pods | `{}` | ## FAQ diff --git a/filebeat/examples/deployment/Makefile b/filebeat/examples/deployment/Makefile new file mode 100644 index 000000000..0bc285379 --- /dev/null +++ b/filebeat/examples/deployment/Makefile @@ -0,0 +1,13 @@ +default: test + +include ../../../helpers/examples.mk + +RELEASE := helm-filebeat-deployment + +install: + helm upgrade --wait --timeout=$(TIMEOUT) --install --values values.yaml $(RELEASE) ../../ + +test: install goss + +purge: + helm del $(RELEASE) diff --git a/filebeat/examples/deployment/README.md b/filebeat/examples/deployment/README.md new file mode 100644 index 000000000..b41e681e4 --- /dev/null +++ b/filebeat/examples/deployment/README.md @@ -0,0 +1,27 @@ +# Default + +This example deploy Filebeat 8.0.0-SNAPSHOT using [default values][] as a Kubernetes Deployment. + + +## Usage + +* Deploy [Elasticsearch Helm chart][]. + +* Deploy Filebeat chart with the default values: `make install` + +* You can now setup a port forward to query Filebeat indices: + + ``` + kubectl port-forward svc/elasticsearch-master 9200 + curl localhost:9200/_cat/indices + ``` + + +## Testing + +You can also run [goss integration tests][] using `make test` + + +[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/master/elasticsearch/examples/default/ +[goss integration tests]: https://github.com/elastic/helm-charts/tree/master/filebeat/examples/deployment/test/goss.yaml +[default values]: https://github.com/elastic/helm-charts/tree/master/filebeat/values.yaml diff --git a/filebeat/examples/deployment/test/goss.yaml b/filebeat/examples/deployment/test/goss.yaml new file mode 100644 index 000000000..3f4015cae --- /dev/null +++ b/filebeat/examples/deployment/test/goss.yaml @@ -0,0 +1,6 @@ +http: + http://elasticsearch-master:9200/_cat/indices: + status: 200 + timeout: 2000 + body: + - 'filebeat-7.11.0' diff --git a/filebeat/examples/deployment/values.yaml b/filebeat/examples/deployment/values.yaml new file mode 100644 index 000000000..bf1cf06c1 --- /dev/null +++ b/filebeat/examples/deployment/values.yaml @@ -0,0 +1,16 @@ +deployment: + enabled: true + +daemonset: + enabled: false + +filebeatConfig: + filebeat.yml: | + filebeat.inputs: + - type: log + paths: + - /usr/share/filebeat/logs/filebeat + + output.elasticsearch: + host: '${NODE_NAME}' + hosts: '${ELASTICSEARCH_HOSTS:elasticsearch-master:9200}' \ No newline at end of file diff --git a/filebeat/templates/configmap.yaml b/filebeat/templates/configmap.yaml index 32df8d87c..559abe1ed 100644 --- a/filebeat/templates/configmap.yaml +++ b/filebeat/templates/configmap.yaml @@ -15,3 +15,39 @@ data: {{ $config | indent 4 -}} {{- end -}} {{- end -}} + +{{- if and .Values.daemonset.enabled .Values.daemonset.filebeatConfig }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "filebeat.fullname" . }}-daemonset-config + labels: + app: "{{ template "filebeat.fullname" . }}" + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + heritage: {{ .Release.Service | quote }} + release: {{ .Release.Name | quote }} +data: +{{- range $path, $config := .Values.daemonset.filebeatConfig }} + {{ $path }}: | +{{ $config | indent 4 -}} +{{- end -}} +{{- end -}} + +{{- if and .Values.deployment.enabled .Values.deployment.filebeatConfig }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "filebeat.fullname" . }}-deployment-config + labels: + app: "{{ template "filebeat.fullname" . }}" + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + heritage: {{ .Release.Service | quote }} + release: {{ .Release.Name | quote }} +data: +{{- range $path, $config := .Values.deployment.filebeatConfig }} + {{ $path }}: | +{{ $config | indent 4 -}} +{{- end -}} +{{- end -}} diff --git a/filebeat/templates/daemonset.yaml b/filebeat/templates/daemonset.yaml index 1708eb5e6..923e90e3f 100644 --- a/filebeat/templates/daemonset.yaml +++ b/filebeat/templates/daemonset.yaml @@ -1,3 +1,4 @@ +{{- if .Values.daemonset.enabled }} --- apiVersion: apps/v1 kind: DaemonSet @@ -8,9 +9,21 @@ metadata: chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" heritage: {{ .Release.Service | quote }} release: {{ .Release.Name | quote }} + {{- if .Values.daemonset.labels }} + {{- range $key, $value := .Values.daemonset.labels }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- else }} {{- range $key, $value := .Values.labels }} {{ $key }}: {{ $value | quote }} {{- end }} + {{- end }} + {{- if .Values.daemonset.annotations }} + annotations: + {{- range $key, $value := .Values.daemonset.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} spec: selector: matchLabels: @@ -25,7 +38,7 @@ spec: {{ $key }}: {{ $value | quote }} {{- end }} {{/* This forces a restart if the configmap has changed */}} - {{- if .Values.filebeatConfig }} + {{- if or .Values.filebeatConfig .Values.daemonset.filebeatConfig }} configChecksum: {{ include (print .Template.BasePath "/configmap.yaml") . | sha256sum | trunc 63 }} {{- end }} name: "{{ template "filebeat.fullname" . }}" @@ -34,36 +47,36 @@ spec: chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" heritage: {{ .Release.Service | quote }} release: {{ .Release.Name | quote }} + {{- if .Values.daemonset.labels }} + {{- range $key, $value := .Values.daemonset.labels }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- else }} {{- range $key, $value := .Values.labels }} {{ $key }}: {{ $value | quote }} {{- end }} + {{- end }} spec: - {{- with .Values.tolerations }} - tolerations: {{ toYaml . | nindent 6 }} - {{- end }} - {{- with .Values.nodeSelector }} - nodeSelector: {{ toYaml . | nindent 8 }} - {{- end }} + tolerations: {{ toYaml ( .Values.tolerations | default .Values.daemonset.tolerations ) | nindent 8 }} + nodeSelector: {{ toYaml ( .Values.nodeSelector | default .Values.daemonset.nodeSelector ) | nindent 8 }} {{- if .Values.priorityClassName }} priorityClassName: {{ .Values.priorityClassName }} {{- end }} - {{- with .Values.affinity }} - affinity: {{ toYaml . | nindent 8 -}} - {{- end }} + affinity: {{ toYaml ( .Values.affinity | default .Values.daemonset.affinity ) | nindent 8 }} serviceAccountName: {{ template "filebeat.serviceAccount" . }} terminationGracePeriodSeconds: {{ .Values.terminationGracePeriod }} - {{- if .Values.hostNetworking }} + {{- if .Values.daemonset.hostNetworking }} hostNetwork: true dnsPolicy: ClusterFirstWithHostNet {{- end }} {{- if .Values.dnsConfig }} dnsConfig: {{ toYaml .Values.dnsConfig | nindent 8 }} {{- end }} - {{- if .Values.hostAliases }} - hostAliases: {{ toYaml .Values.hostAliases | nindent 6 }} + {{- if .Values.hostAliases | default .Values.daemonset.hostAliases }} + hostAliases: {{ toYaml ( .Values.hostAliases | default .Values.daemonset.hostAliases ) | nindent 8 }} {{- end }} volumes: - {{- range .Values.secretMounts }} + {{- range .Values.secretMounts | default .Values.daemonset.secretMounts }} - name: {{ .name }} secret: secretName: {{ .secretName }} @@ -73,6 +86,11 @@ spec: configMap: defaultMode: 0600 name: {{ template "filebeat.fullname" . }}-config + {{- else if .Values.daemonset.filebeatConfig }} + - name: filebeat-config + configMap: + defaultMode: 0600 + name: {{ template "filebeat.fullname" . }}-daemonset-config {{- end }} - name: data hostPath: @@ -87,8 +105,8 @@ spec: - name: varrundockersock hostPath: path: /var/run/docker.sock - {{- if .Values.extraVolumes }} -{{ toYaml .Values.extraVolumes | indent 6 }} + {{- if .Values.extraVolumes | default .Values.daemonset.extraVolumes }} +{{ toYaml ( .Values.extraVolumes | default .Values.daemonset.extraVolumes ) | indent 6 }} {{- end }} {{- if .Values.imagePullSecrets }} imagePullSecrets: @@ -121,7 +139,7 @@ spec: readinessProbe: {{ toYaml .Values.readinessProbe | indent 10 }} resources: -{{ toYaml .Values.resources | indent 10 }} +{{ toYaml ( .Values.resources | default .Values.daemonset.resources ) | indent 10 }} env: - name: POD_NAMESPACE valueFrom: @@ -131,19 +149,13 @@ spec: valueFrom: fieldRef: fieldPath: spec.nodeName -{{- if .Values.extraEnvs }} -{{ toYaml .Values.extraEnvs | indent 8 }} -{{- end }} -{{- if .Values.envFrom }} - envFrom: -{{ toYaml .Values.envFrom | indent 10 }} -{{- end }} -{{- if .Values.podSecurityContext }} - securityContext: -{{ toYaml .Values.podSecurityContext | indent 10 }} +{{- if .Values.extraEnvs | default .Values.daemonset.extraEnvs }} +{{ toYaml ( .Values.extraEnvs | default .Values.daemonset.extraEnvs ) | indent 8 }} {{- end }} + envFrom: {{ toYaml ( .Values.envFrom | default .Values.daemonset.envFrom ) | nindent 10 }} + securityContext: {{ toYaml ( .Values.podSecurityContext | default .Values.daemonset.securityContext ) | nindent 10 }} volumeMounts: - {{- range .Values.secretMounts }} + {{- range .Values.secretMounts | default .Values.daemonset.secretMounts }} - name: {{ .name }} mountPath: {{ .path }} {{- if .subPath }} @@ -151,11 +163,18 @@ spec: {{- end }} {{- end }} {{- range $path, $config := .Values.filebeatConfig }} + - name: filebeat-config + mountPath: /usr/share/filebeat/{{ $path }} + readOnly: true + subPath: {{ $path }} + {{ else }} + {{- range $path, $config := .Values.daemonset.filebeatConfig }} - name: filebeat-config mountPath: /usr/share/filebeat/{{ $path }} readOnly: true subPath: {{ $path }} {{- end }} + {{- end }} - name: data mountPath: /usr/share/filebeat/data - name: varlibdockercontainers @@ -169,9 +188,10 @@ spec: - name: varrundockersock mountPath: /var/run/docker.sock readOnly: true - {{- if .Values.extraVolumeMounts }} -{{ toYaml .Values.extraVolumeMounts | indent 8 }} + {{- if .Values.extraVolumeMounts | default .Values.daemonset.extraVolumeMounts }} +{{ toYaml (.Values.extraVolumeMounts | default .Values.daemonset.extraVolumeMounts ) | indent 8 }} {{- end }} {{- if .Values.extraContainers }} {{ tpl .Values.extraContainers . | indent 6 }} {{- end }} +{{- end }} diff --git a/filebeat/templates/deployment.yaml b/filebeat/templates/deployment.yaml new file mode 100644 index 000000000..a8fd82649 --- /dev/null +++ b/filebeat/templates/deployment.yaml @@ -0,0 +1,157 @@ +# Deploy singleton instance in the whole cluster for some unique data sources, like aws input +{{- if .Values.deployment.enabled }} +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "filebeat.fullname" . }} + labels: + app: "{{ template "filebeat.fullname" . }}" + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + heritage: '{{ .Release.Service }}' + release: {{ .Release.Name }} + {{- if .Values.deployment.labels }} + {{- range $key, $value := .Values.deployment.labels }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- else }} + {{- range $key, $value := .Values.labels }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + {{- if .Values.deployment.annotations }} + annotations: + {{- range $key, $value := .Values.deployment.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} +spec: + replicas: {{ .Values.replicas }} + selector: + matchLabels: + app: "{{ template "filebeat.fullname" . }}" + release: {{ .Release.Name | quote }} + template: + metadata: + annotations: + {{- range $key, $value := .Values.podAnnotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{/* This forces a restart if the configmap has changed */}} + {{- if or .Values.filebeatConfig .Values.deployment.filebeatConfig }} + configChecksum: {{ include (print .Template.BasePath "/configmap.yaml") . | sha256sum | trunc 63 }} + {{- end }} + labels: + app: '{{ template "filebeat.fullname" . }}' + chart: '{{ .Chart.Name }}-{{ .Chart.Version }}' + release: '{{ .Release.Name }}' + {{- if .Values.deployment.labels }} + {{- range $key, $value := .Values.deployment.labels }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- else }} + {{- range $key, $value := .Values.labels }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + spec: + affinity: {{ toYaml .Values.deployment.affinity | nindent 8 }} + nodeSelector: {{ toYaml .Values.deployment.nodeSelector | nindent 8 }} + tolerations: {{ toYaml ( .Values.tolerations | default .Values.deployment.tolerations ) | nindent 8 }} + {{- if .Values.priorityClassName }} + priorityClassName: {{ .Values.priorityClassName }} + {{- end }} + serviceAccountName: {{ template "filebeat.serviceAccount" . }} + terminationGracePeriodSeconds: {{ .Values.terminationGracePeriod }} + {{- if .Values.deployment.hostAliases }} + hostAliases: {{ toYaml .Values.deployment.hostAliases | nindent 8 }} + {{- end }} + volumes: + {{- range .Values.secretMounts | default .Values.deployment.secretMounts }} + - name: {{ .name }} + secret: + secretName: {{ .secretName }} + {{- end }} + {{- if .Values.filebeatConfig }} + - name: filebeat-config + configMap: + defaultMode: 0600 + name: {{ template "filebeat.fullname" . }}-config + {{- else if .Values.deployment.filebeatConfig }} + - name: filebeat-config + configMap: + defaultMode: 0600 + name: {{ template "filebeat.fullname" . }}-deployment-config + {{- end }} + {{- if .Values.extraVolumes | default .Values.deployment.extraVolumes }} +{{ toYaml ( .Values.extraVolumes | default .Values.deployment.extraVolumes ) | indent 6 }} + {{- end }} + {{- if .Values.imagePullSecrets }} + imagePullSecrets: +{{ toYaml .Values.imagePullSecrets | indent 8 }} + {{- end }} + {{- if .Values.extraInitContainers }} + initContainers: + # All the other beats accept a string here while + # filebeat accepts a valid yaml array. We're keeping + # this as a backwards compatible change, while adding + # also a way to pass a string as other templates to + # make these implementations consistent. + # https://github.com/elastic/helm-charts/issues/490 + {{- if eq "string" (printf "%T" .Values.extraInitContainers) }} +{{ tpl .Values.extraInitContainers . | indent 6 }} + {{- else }} +{{ toYaml .Values.extraInitContainers | indent 6 }} + {{- end }} + {{- end }} + containers: + - name: "filebeat" + image: "{{ .Values.image }}:{{ .Values.imageTag }}" + imagePullPolicy: "{{ .Values.imagePullPolicy }}" + args: + - "-e" + - "-E" + - "http.enabled=true" + livenessProbe: +{{ toYaml .Values.livenessProbe | indent 10 }} + readinessProbe: +{{ toYaml .Values.readinessProbe | indent 10 }} + resources: {{ toYaml ( .Values.resources | default .Values.deployment.resources ) | nindent 10 }} + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace +{{- if .Values.extraEnvs | default .Values.deployment.extraEnvs }} +{{ toYaml ( .Values.extraEnvs | default .Values.deployment.extraEnvs ) | indent 8 }} +{{- end }} + envFrom: {{ toYaml ( .Values.envFrom | default .Values.deployment.envFrom ) | nindent 10 }} + securityContext: {{ toYaml ( .Values.podSecurityContext | default .Values.deployment.securityContext ) | nindent 10 }} + volumeMounts: + {{- range .Values.secretMounts | default .Values.deployment.secretMounts }} + - name: {{ .name }} + mountPath: {{ .path }} + {{- if .subPath }} + subPath: {{ .subPath }} + {{- end }} + {{- end }} + {{- range $path, $config := .Values.filebeatConfig }} + - name: filebeat-config + mountPath: /usr/share/filebeat/{{ $path }} + readOnly: true + subPath: {{ $path }} + {{ else }} + {{- range $path, $config := .Values.deployment.filebeatConfig }} + - name: filebeat-config + mountPath: /usr/share/filebeat/{{ $path }} + readOnly: true + subPath: {{ $path }} + {{- end }} + {{- end }} + {{- if .Values.extraVolumeMounts | default .Values.deployment.extraVolumeMounts }} +{{ toYaml ( .Values.extraVolumeMounts | default .Values.deployment.extraVolumeMounts ) | indent 8 }} + {{- end }} + {{- if .Values.extraContainers }} +{{ tpl .Values.extraContainers . | indent 6 }} + {{- end }} +{{- end }} diff --git a/filebeat/tests/filebeat_test.py b/filebeat/tests/filebeat_test.py index feaba4f56..9460e8ec6 100644 --- a/filebeat/tests/filebeat_test.py +++ b/filebeat/tests/filebeat_test.py @@ -15,6 +15,7 @@ def test_defaults(): r = helm_template(config) assert name in r["daemonset"] + assert "deployment" not in r c = r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0] assert c["name"] == project @@ -27,10 +28,26 @@ def test_defaults(): assert "filebeat test output" in c["readinessProbe"]["exec"]["command"][-1] + assert r["daemonset"][name]["spec"]["template"]["spec"]["tolerations"] == [] + + assert "hostNetwork" not in r["daemonset"][name]["spec"]["template"]["spec"] + assert "dnsPolicy" not in r["daemonset"][name]["spec"]["template"]["spec"] + + assert ( + r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][ + "securityContext" + ]["runAsUser"] + == 0 + ) + assert ( + r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][ + "securityContext" + ]["privileged"] + == False + ) + # Empty customizable defaults assert "imagePullSecrets" not in r["daemonset"][name]["spec"]["template"]["spec"] - assert "tolerations" not in r["daemonset"][name]["spec"]["template"]["spec"] - assert "hostAliases" not in r["daemonset"][name]["spec"]["template"]["spec"] assert r["daemonset"][name]["spec"]["updateStrategy"]["type"] == "RollingUpdate" @@ -38,77 +55,263 @@ def test_defaults(): r["daemonset"][name]["spec"]["template"]["spec"]["serviceAccountName"] == name ) - volumes = r["daemonset"][name]["spec"]["template"]["spec"]["volumes"] + cfg = r["configmap"] + + assert name + "-config" not in cfg + assert name + "-daemonset-config" in cfg + + assert "filebeat.yml" in cfg[name + "-daemonset-config"]["data"] + + daemonset = r["daemonset"][name]["spec"]["template"]["spec"] + + assert { + "configMap": {"name": name + "-config", "defaultMode": 0o600}, + "name": project + "-config", + } not in daemonset["volumes"] + assert { + "configMap": {"name": name + "-daemonset-config", "defaultMode": 0o600}, + "name": project + "-config", + } in daemonset["volumes"] + assert { "name": "data", "hostPath": { "path": "/var/lib/" + name + "-default-data", "type": "DirectoryOrCreate", }, - } in volumes + } in daemonset["volumes"] + + assert { + "mountPath": "/usr/share/filebeat/filebeat.yml", + "name": project + "-config", + "subPath": "filebeat.yml", + "readOnly": True, + } in daemonset["containers"][0]["volumeMounts"] + assert daemonset["containers"][0]["resources"] == { + "requests": {"cpu": "100m", "memory": "100Mi"}, + "limits": {"cpu": "1000m", "memory": "200Mi"}, + } -def test_adding_envs(): + +def test_enable_deployment(): config = """ -extraEnvs: -- name: LOG_LEVEL - value: DEBUG -""" +deployment: + enabled: true + """ + r = helm_template(config) - envs = r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0]["env"] - assert {"name": "LOG_LEVEL", "value": "DEBUG"} in envs + + assert name in r["deployment"] + + c = r["deployment"][name]["spec"]["template"]["spec"]["containers"][0] + assert c["name"] == project + assert c["image"].startswith("docker.elastic.co/beats/" + project + ":") + + assert c["env"][0]["name"] == "POD_NAMESPACE" + assert c["env"][0]["valueFrom"]["fieldRef"]["fieldPath"] == "metadata.namespace" + + assert "curl --fail 127.0.0.1:5066" in c["livenessProbe"]["exec"]["command"][-1] + + assert "filebeat test output" in c["readinessProbe"]["exec"]["command"][-1] + + assert r["deployment"][name]["spec"]["template"]["spec"]["tolerations"] == [] + + assert "hostNetwork" not in r["deployment"][name]["spec"]["template"]["spec"] + assert "dnsPolicy" not in r["deployment"][name]["spec"]["template"]["spec"] + + assert ( + r["deployment"][name]["spec"]["template"]["spec"]["containers"][0][ + "securityContext" + ]["runAsUser"] + == 0 + ) + assert ( + r["deployment"][name]["spec"]["template"]["spec"]["containers"][0][ + "securityContext" + ]["privileged"] + == False + ) + + # Empty customizable defaults + assert "imagePullSecrets" not in r["deployment"][name]["spec"]["template"]["spec"] + + assert ( + r["deployment"][name]["spec"]["template"]["spec"]["serviceAccountName"] == name + ) + + cfg = r["configmap"] + + assert name + "-config" not in cfg + assert name + "-deployment-config" in cfg + + assert "filebeat.yml" in cfg[name + "-deployment-config"]["data"] + + deployment = r["deployment"][name]["spec"]["template"]["spec"] + + assert { + "configMap": {"name": name + "-config", "defaultMode": 0o600}, + "name": project + "-config", + } not in deployment["volumes"] + assert { + "configMap": {"name": name + "-deployment-config", "defaultMode": 0o600}, + "name": project + "-config", + } in deployment["volumes"] + + assert { + "mountPath": "/usr/share/filebeat/filebeat.yml", + "name": project + "-config", + "subPath": "filebeat.yml", + "readOnly": True, + } in deployment["containers"][0]["volumeMounts"] + + assert deployment["containers"][0]["resources"] == { + "requests": {"cpu": "100m", "memory": "100Mi"}, + "limits": {"cpu": "1000m", "memory": "200Mi"}, + } def test_adding_a_extra_container(): config = """ +deployment: + enabled: true extraContainers: | - name: do-something image: busybox command: ['do', 'something'] """ r = helm_template(config) - extraContainer = r["daemonset"][name]["spec"]["template"]["spec"]["containers"] + extraContainerDaemonset = r["daemonset"][name]["spec"]["template"]["spec"][ + "containers" + ] + assert { + "name": "do-something", + "image": "busybox", + "command": ["do", "something"], + } in extraContainerDaemonset + deployment_name = name + extraContainerDeployment = r["deployment"][deployment_name]["spec"]["template"][ + "spec" + ]["containers"] assert { "name": "do-something", "image": "busybox", "command": ["do", "something"], - } in extraContainer + } in extraContainerDeployment def test_adding_init_containers_as_yaml(): config = """ +deployment: + enabled: true extraInitContainers: - name: dummy-init image: busybox command: ['echo', 'hey'] """ r = helm_template(config) - initContainers = r["daemonset"][name]["spec"]["template"]["spec"]["initContainers"] + initContainersDaemonset = r["daemonset"][name]["spec"]["template"]["spec"][ + "initContainers" + ] + assert { + "name": "dummy-init", + "image": "busybox", + "command": ["echo", "hey"], + } in initContainersDaemonset + deployment_name = name + initContainersDeployment = r["deployment"][deployment_name]["spec"]["template"][ + "spec" + ]["initContainers"] assert { "name": "dummy-init", "image": "busybox", "command": ["echo", "hey"], - } in initContainers + } in initContainersDeployment -def test_adding_init_containers(): +def test_adding_a_extra_init_container(): config = """ +deployment: + enabled: true extraInitContainers: | - - name: dummy-init + - name: do-something image: busybox - command: ['echo', 'hey'] + command: ['do', 'something'] """ r = helm_template(config) - initContainers = r["daemonset"][name]["spec"]["template"]["spec"]["initContainers"] + extraInitContainerDaemonset = r["daemonset"][name]["spec"]["template"]["spec"][ + "initContainers" + ] assert { - "name": "dummy-init", + "name": "do-something", "image": "busybox", - "command": ["echo", "hey"], - } in initContainers + "command": ["do", "something"], + } in extraInitContainerDaemonset + deployment_name = name + extraInitContainerDeployment = r["deployment"][deployment_name]["spec"]["template"][ + "spec" + ]["initContainers"] + assert { + "name": "do-something", + "image": "busybox", + "command": ["do", "something"], + } in extraInitContainerDeployment + + +def test_adding_envs(): + config = """ +deployment: + enabled: true +daemonset: + extraEnvs: + - name: LOG_LEVEL + value: DEBUG +""" + r = helm_template(config) + assert {"name": "LOG_LEVEL", "value": "DEBUG"} in r["daemonset"][name]["spec"][ + "template" + ]["spec"]["containers"][0]["env"] + assert {"name": "LOG_LEVEL", "value": "DEBUG"} not in r["deployment"][name]["spec"][ + "template" + ]["spec"]["containers"][0]["env"] + + config = """ +deployment: + enabled: true + extraEnvs: + - name: LOG_LEVEL + value: DEBUG +""" + r = helm_template(config) + assert {"name": "LOG_LEVEL", "value": "DEBUG"} in r["deployment"][name]["spec"][ + "template" + ]["spec"]["containers"][0]["env"] + assert {"name": "LOG_LEVEL", "value": "DEBUG"} not in r["daemonset"][name]["spec"][ + "template" + ]["spec"]["containers"][0]["env"] + + +def test_adding_deprecated_envs(): + config = """ +deployment: + enabled: true +extraEnvs: +- name: LOG_LEVEL + value: DEBUG +""" + r = helm_template(config) + assert {"name": "LOG_LEVEL", "value": "DEBUG"} in r["daemonset"][name]["spec"][ + "template" + ]["spec"]["containers"][0]["env"] + assert {"name": "LOG_LEVEL", "value": "DEBUG"} in r["deployment"][name]["spec"][ + "template" + ]["spec"]["containers"][0]["env"] def test_adding_image_pull_secrets(): config = """ +deployment: + enabled: true imagePullSecrets: - name: test-registry """ @@ -117,10 +320,70 @@ def test_adding_image_pull_secrets(): r["daemonset"][name]["spec"]["template"]["spec"]["imagePullSecrets"][0]["name"] == "test-registry" ) + assert ( + r["deployment"][name]["spec"]["template"]["spec"]["imagePullSecrets"][0]["name"] + == "test-registry" + ) + + +def test_adding_host_networking(): + config = """ +deployment: + enabled: true +daemonset: + hostNetworking: true +""" + r = helm_template(config) + assert r["daemonset"][name]["spec"]["template"]["spec"]["hostNetwork"] is True + assert ( + r["daemonset"][name]["spec"]["template"]["spec"]["dnsPolicy"] + == "ClusterFirstWithHostNet" + ) + assert "hostNetwork" not in r["deployment"][name]["spec"]["template"]["spec"] + assert "dnsPolicy" not in r["deployment"][name]["spec"]["template"]["spec"] def test_adding_tolerations(): config = """ +deployment: + enabled: true +daemonset: + tolerations: + - key: "key1" + operator: "Equal" + value: "value1" + effect: "NoExecute" + tolerationSeconds: 3600 +""" + r = helm_template(config) + assert ( + r["daemonset"][name]["spec"]["template"]["spec"]["tolerations"][0]["key"] + == "key1" + ) + assert r["deployment"][name]["spec"]["template"]["spec"]["tolerations"] == [] + + config = """ +deployment: + enabled: true + tolerations: + - key: "key1" + operator: "Equal" + value: "value1" + effect: "NoExecute" + tolerationSeconds: 3600 +""" + r = helm_template(config) + assert ( + r["deployment"][name]["spec"]["template"]["spec"]["tolerations"][0]["key"] + == "key1" + ) + assert r["daemonset"][name]["spec"]["template"]["spec"]["tolerations"] == [] + + +def test_adding_deprecated_tolerations(): + config = """ +deployment: + enabled: true tolerations: - key: "key1" operator: "Equal" @@ -133,6 +396,10 @@ def test_adding_tolerations(): r["daemonset"][name]["spec"]["template"]["spec"]["tolerations"][0]["key"] == "key1" ) + assert ( + r["deployment"][name]["spec"]["template"]["spec"]["tolerations"][0]["key"] + == "key1" + ) def test_override_the_default_update_strategy(): @@ -144,21 +411,10 @@ def test_override_the_default_update_strategy(): assert r["daemonset"][name]["spec"]["updateStrategy"]["type"] == "OnDelete" -def test_host_networking(): - config = """ -hostNetworking: true -""" - r = helm_template(config) - assert r["daemonset"][name]["spec"]["template"]["spec"]["hostNetwork"] is True - config = """ -hostNetworking: false -""" - r = helm_template(config) - assert "hostNetwork" not in r["daemonset"][name]["spec"]["template"]["spec"] - - def test_setting_a_custom_service_account(): config = """ +deployment: + enabled: true serviceAccount: notdefault """ r = helm_template(config) @@ -166,6 +422,10 @@ def test_setting_a_custom_service_account(): r["daemonset"][name]["spec"]["template"]["spec"]["serviceAccountName"] == "notdefault" ) + assert ( + r["deployment"][name]["spec"]["template"]["spec"]["serviceAccountName"] + == "notdefault" + ) def test_self_managing_rbac_resources(): @@ -180,84 +440,395 @@ def test_self_managing_rbac_resources(): def test_setting_pod_security_context(): config = """ +deployment: + enabled: true +daemonset: + securityContext: + runAsUser: 1001 + privileged: false +""" + r = helm_template(config) + assert ( + r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][ + "securityContext" + ]["runAsUser"] + == 1001 + ) + assert ( + r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][ + "securityContext" + ]["privileged"] + == False + ) + assert ( + r["deployment"][name]["spec"]["template"]["spec"]["containers"][0][ + "securityContext" + ]["runAsUser"] + == 0 + ) + assert ( + r["deployment"][name]["spec"]["template"]["spec"]["containers"][0][ + "securityContext" + ]["privileged"] + == False + ) + + config = """ +deployment: + enabled: true + securityContext: + runAsUser: 1001 + privileged: false +""" + r = helm_template(config) + assert ( + r["deployment"][name]["spec"]["template"]["spec"]["containers"][0][ + "securityContext" + ]["runAsUser"] + == 1001 + ) + assert ( + r["deployment"][name]["spec"]["template"]["spec"]["containers"][0][ + "securityContext" + ]["privileged"] + == False + ) + assert ( + r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][ + "securityContext" + ]["runAsUser"] + == 0 + ) + assert ( + r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][ + "securityContext" + ]["privileged"] + == False + ) + + +def test_setting_deprecated_pod_security_context(): + config = """ +deployment: + enabled: true podSecurityContext: runAsUser: 1001 privileged: false """ r = helm_template(config) - c = r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0] - assert c["securityContext"]["runAsUser"] == 1001 - assert c["securityContext"]["privileged"] == False + assert ( + r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][ + "securityContext" + ]["runAsUser"] + == 1001 + ) + assert ( + r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][ + "securityContext" + ]["privileged"] + == False + ) + assert ( + r["deployment"][name]["spec"]["template"]["spec"]["containers"][0][ + "securityContext" + ]["runAsUser"] + == 1001 + ) + assert ( + r["deployment"][name]["spec"]["template"]["spec"]["containers"][0][ + "securityContext" + ]["privileged"] + == False + ) def test_adding_in_filebeat_config(): config = """ +daemonset: + filebeatConfig: + filebeat.yml: | + key: daemonset + daemonset-config.yml: | + hello = daemonset + +deployment: + enabled: true + filebeatConfig: + filebeat.yml: | + key: deployment + deployment-config.yml: | + hello = deployment +""" + r = helm_template(config) + cfg = r["configmap"] + + assert "filebeat.yml" in cfg[name + "-daemonset-config"]["data"] + assert "daemonset-config.yml" in cfg[name + "-daemonset-config"]["data"] + assert "deployment-config.yml" not in cfg[name + "-daemonset-config"]["data"] + assert "filebeat.yml" in cfg[name + "-deployment-config"]["data"] + assert "deployment-config.yml" in cfg[name + "-deployment-config"]["data"] + assert "daemonset-config.yml" not in cfg[name + "-deployment-config"]["data"] + + assert "key: daemonset" in cfg[name + "-daemonset-config"]["data"]["filebeat.yml"] + assert "key: deployment" in cfg[name + "-deployment-config"]["data"]["filebeat.yml"] + + assert ( + "hello = daemonset" + in cfg[name + "-daemonset-config"]["data"]["daemonset-config.yml"] + ) + assert ( + "hello = deployment" + in cfg[name + "-deployment-config"]["data"]["deployment-config.yml"] + ) + + daemonset = r["daemonset"][name]["spec"]["template"]["spec"] + assert { + "mountPath": "/usr/share/filebeat/daemonset-config.yml", + "name": project + "-config", + "subPath": "daemonset-config.yml", + "readOnly": True, + } in daemonset["containers"][0]["volumeMounts"] + + deployment = r["deployment"][name]["spec"]["template"]["spec"] + assert { + "mountPath": "/usr/share/filebeat/deployment-config.yml", + "name": project + "-config", + "subPath": "deployment-config.yml", + "readOnly": True, + } in deployment["containers"][0]["volumeMounts"] + + +def test_adding_in_deprecated_filebeat_config(): + config = """ +deployment: + enabled: true filebeatConfig: filebeat.yml: | key: nestedkey: value dot.notation: test - - other-config.yml: | - hello = world """ r = helm_template(config) c = r["configmap"][name + "-config"]["data"] assert "filebeat.yml" in c - assert "other-config.yml" in c assert "nestedkey: value" in c["filebeat.yml"] assert "dot.notation: test" in c["filebeat.yml"] - assert "hello = world" in c["other-config.yml"] - - d = r["daemonset"][name]["spec"]["template"]["spec"] + daemonset = r["daemonset"][name]["spec"]["template"]["spec"] assert { "configMap": {"name": name + "-config", "defaultMode": 0o600}, "name": project + "-config", - } in d["volumes"] + } in daemonset["volumes"] assert { "mountPath": "/usr/share/filebeat/filebeat.yml", "name": project + "-config", "subPath": "filebeat.yml", "readOnly": True, - } in d["containers"][0]["volumeMounts"] + } in daemonset["containers"][0]["volumeMounts"] + + assert ( + "configChecksum" + in r["daemonset"][name]["spec"]["template"]["metadata"]["annotations"] + ) + + deployment = r["deployment"][name]["spec"]["template"]["spec"] + assert { - "mountPath": "/usr/share/filebeat/other-config.yml", + "configMap": {"name": name + "-config", "defaultMode": 0o600}, "name": project + "-config", - "subPath": "other-config.yml", + } in deployment["volumes"] + assert { + "mountPath": "/usr/share/filebeat/filebeat.yml", + "name": project + "-config", + "subPath": "filebeat.yml", "readOnly": True, - } in d["containers"][0]["volumeMounts"] + } in deployment["containers"][0]["volumeMounts"] assert ( "configChecksum" - in r["daemonset"][name]["spec"]["template"]["metadata"]["annotations"] + in r["deployment"][name]["spec"]["template"]["metadata"]["annotations"] ) def test_adding_a_secret_mount(): config = """ +deployment: + enabled: true +daemonset: + secretMounts: + - name: elastic-certificates + secretName: elastic-certificates-name + path: /usr/share/filebeat/config/certs +""" + r = helm_template(config) + assert ( + { + "mountPath": "/usr/share/filebeat/config/certs", + "name": "elastic-certificates", + } + in r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][ + "volumeMounts" + ] + ) + assert { + "name": "elastic-certificates", + "secret": {"secretName": "elastic-certificates-name"}, + } in r["daemonset"][name]["spec"]["template"]["spec"]["volumes"] + + assert ( + { + "mountPath": "/usr/share/filebeat/config/certs", + "name": "elastic-certificates", + } + not in r["deployment"][name]["spec"]["template"]["spec"]["containers"][0][ + "volumeMounts" + ] + ) + assert { + "name": "elastic-certificates", + "secret": {"secretName": "elastic-certificates-name"}, + } not in r["deployment"][name]["spec"]["template"]["spec"]["volumes"] + + config = """ +deployment: + enabled: true + secretMounts: + - name: elastic-certificates + secretName: elastic-certificates-name + path: /usr/share/filebeat/config/certs +""" + r = helm_template(config) + assert ( + { + "mountPath": "/usr/share/filebeat/config/certs", + "name": "elastic-certificates", + } + in r["deployment"][name]["spec"]["template"]["spec"]["containers"][0][ + "volumeMounts" + ] + ) + assert { + "name": "elastic-certificates", + "secret": {"secretName": "elastic-certificates-name"}, + } in r["deployment"][name]["spec"]["template"]["spec"]["volumes"] + + assert ( + { + "mountPath": "/usr/share/filebeat/config/certs", + "name": "elastic-certificates", + } + not in r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][ + "volumeMounts" + ] + ) + assert { + "name": "elastic-certificates", + "secret": {"secretName": "elastic-certificates-name"}, + } not in r["daemonset"][name]["spec"]["template"]["spec"]["volumes"] + + +def test_adding_a_deprecated_secret_mount(): + config = """ +deployment: + enabled: true secretMounts: - name: elastic-certificates - secretName: elastic-certs + secretName: elastic-certificates-name path: /usr/share/filebeat/config/certs """ r = helm_template(config) - s = r["daemonset"][name]["spec"]["template"]["spec"] - assert s["containers"][0]["volumeMounts"][0] == { + assert ( + { + "mountPath": "/usr/share/filebeat/config/certs", + "name": "elastic-certificates", + } + in r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][ + "volumeMounts" + ] + ) + assert { + "name": "elastic-certificates", + "secret": {"secretName": "elastic-certificates-name"}, + } in r["daemonset"][name]["spec"]["template"]["spec"]["volumes"] + + assert r["deployment"][name]["spec"]["template"]["spec"]["containers"][0][ + "volumeMounts" + ][0] == { "mountPath": "/usr/share/filebeat/config/certs", "name": "elastic-certificates", } - assert s["volumes"][0] == { + assert r["deployment"][name]["spec"]["template"]["spec"]["volumes"][0] == { "name": "elastic-certificates", - "secret": {"secretName": "elastic-certs"}, + "secret": {"secretName": "elastic-certificates-name"}, } def test_adding_a_extra_volume_with_volume_mount(): config = """ +deployment: + enabled: true +daemonset: + extraVolumes: + - name: extras + emptyDir: {} + extraVolumeMounts: + - name: extras + mountPath: /usr/share/extras + readOnly: true +""" + r = helm_template(config) + assert {"name": "extras", "emptyDir": {}} in r["daemonset"][name]["spec"][ + "template" + ]["spec"]["volumes"] + assert {"name": "extras", "mountPath": "/usr/share/extras", "readOnly": True,} in r[ + "daemonset" + ][name]["spec"]["template"]["spec"]["containers"][0]["volumeMounts"] + assert {"name": "extras", "emptyDir": {}} not in r["deployment"][name]["spec"][ + "template" + ]["spec"]["volumes"] + assert ( + {"name": "extras", "mountPath": "/usr/share/extras", "readOnly": True,} + not in r["deployment"][name]["spec"]["template"]["spec"]["containers"][0][ + "volumeMounts" + ] + ) + + config = """ +deployment: + enabled: true + extraVolumes: + - name: extras + emptyDir: {} + extraVolumeMounts: + - name: extras + mountPath: /usr/share/extras + readOnly: true +""" + r = helm_template(config) + assert {"name": "extras", "emptyDir": {}} in r["deployment"][name]["spec"][ + "template" + ]["spec"]["volumes"] + assert {"name": "extras", "mountPath": "/usr/share/extras", "readOnly": True,} in r[ + "deployment" + ][name]["spec"]["template"]["spec"]["containers"][0]["volumeMounts"] + assert {"name": "extras", "emptyDir": {}} not in r["daemonset"][name]["spec"][ + "template" + ]["spec"]["volumes"] + assert ( + {"name": "extras", "mountPath": "/usr/share/extras", "readOnly": True,} + not in r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][ + "volumeMounts" + ] + ) + + +def test_adding_a_deprecated_extra_volume_with_volume_mount(): + config = """ +deployment: + enabled: true extraVolumes: - name: extras emptyDir: {} @@ -267,52 +838,53 @@ def test_adding_a_extra_volume_with_volume_mount(): readOnly: true """ r = helm_template(config) - extraVolume = r["daemonset"][name]["spec"]["template"]["spec"]["volumes"] - assert {"name": "extras", "emptyDir": {}} in extraVolume - extraVolumeMounts = r["daemonset"][name]["spec"]["template"]["spec"]["containers"][ - 0 - ]["volumeMounts"] - assert { - "name": "extras", - "mountPath": "/usr/share/extras", - "readOnly": True, - } in extraVolumeMounts + assert {"name": "extras", "emptyDir": {}} in r["daemonset"][name]["spec"][ + "template" + ]["spec"]["volumes"] + assert {"name": "extras", "mountPath": "/usr/share/extras", "readOnly": True,} in r[ + "daemonset" + ][name]["spec"]["template"]["spec"]["containers"][0]["volumeMounts"] + assert {"name": "extras", "emptyDir": {}} in r["deployment"][name]["spec"][ + "template" + ]["spec"]["volumes"] + assert {"name": "extras", "mountPath": "/usr/share/extras", "readOnly": True,} in r[ + "deployment" + ][name]["spec"]["template"]["spec"]["containers"][0]["volumeMounts"] -def test_adding_pod_labels(): +def test_adding_a_node_selector(): config = """ -labels: - app.kubernetes.io/name: filebeat +deployment: + enabled: true +daemonset: + nodeSelector: + disktype: ssd """ r = helm_template(config) assert ( - r["daemonset"][name]["metadata"]["labels"]["app.kubernetes.io/name"] - == "filebeat" - ) - assert ( - r["daemonset"][name]["spec"]["template"]["metadata"]["labels"][ - "app.kubernetes.io/name" - ] - == "filebeat" + r["daemonset"][name]["spec"]["template"]["spec"]["nodeSelector"]["disktype"] + == "ssd" ) + assert r["deployment"][name]["spec"]["template"]["spec"]["nodeSelector"] == {} - -def test_adding_serviceaccount_annotations(): config = """ -serviceAccountAnnotations: - eks.amazonaws.com/role-arn: arn:aws:iam::111111111111:role/k8s.clustername.namespace.serviceaccount +deployment: + enabled: true + nodeSelector: + disktype: ssd """ r = helm_template(config) assert ( - r["serviceaccount"][name]["metadata"]["annotations"][ - "eks.amazonaws.com/role-arn" - ] - == "arn:aws:iam::111111111111:role/k8s.clustername.namespace.serviceaccount" + r["deployment"][name]["spec"]["template"]["spec"]["nodeSelector"]["disktype"] + == "ssd" ) + assert r["daemonset"][name]["spec"]["template"]["spec"]["nodeSelector"] == {} -def test_adding_a_node_selector(): +def test_adding_deprecated_node_selector(): config = """ +deployment: + enabled: true nodeSelector: disktype: ssd """ @@ -321,10 +893,73 @@ def test_adding_a_node_selector(): r["daemonset"][name]["spec"]["template"]["spec"]["nodeSelector"]["disktype"] == "ssd" ) + assert ( + "disktype" + not in r["deployment"][name]["spec"]["template"]["spec"]["nodeSelector"] + ) def test_adding_an_affinity_rule(): config = """ +deployment: + enabled: true +daemonset: + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: app + operator: In + values: + - filebeat + topologyKey: kubernetes.io/hostname +""" + + r = helm_template(config) + assert ( + r["daemonset"][name]["spec"]["template"]["spec"]["affinity"]["podAntiAffinity"][ + "requiredDuringSchedulingIgnoredDuringExecution" + ][0]["topologyKey"] + == "kubernetes.io/hostname" + ) + assert ( + "podAntiAffinity" + not in r["deployment"][name]["spec"]["template"]["spec"]["affinity"] + ) + + config = """ +deployment: + enabled: true + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: app + operator: In + values: + - filebeat + topologyKey: kubernetes.io/hostname +""" + + r = helm_template(config) + assert ( + r["deployment"][name]["spec"]["template"]["spec"]["affinity"][ + "podAntiAffinity" + ]["requiredDuringSchedulingIgnoredDuringExecution"][0]["topologyKey"] + == "kubernetes.io/hostname" + ) + assert ( + "podAntiAffinity" + not in r["daemonset"][name]["spec"]["template"]["spec"]["affinity"] + ) + + +def test_adding_deprecated_affinity_rule(): + config = """ +deployment: + enabled: true affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: @@ -344,41 +979,273 @@ def test_adding_an_affinity_rule(): ][0]["topologyKey"] == "kubernetes.io/hostname" ) + assert r["deployment"][name]["spec"]["template"]["spec"]["affinity"] == {} def test_priority_class_name(): config = """ +deployment: + enabled: true priorityClassName: "" """ r = helm_template(config) - spec = r["daemonset"][name]["spec"]["template"]["spec"] - assert "priorityClassName" not in spec + daemonset_spec = r["daemonset"][name]["spec"]["template"]["spec"] + deployment_spec = r["deployment"][name]["spec"]["template"]["spec"] + assert "priorityClassName" not in daemonset_spec + assert "priorityClassName" not in deployment_spec config = """ +deployment: + enabled: true priorityClassName: "highest" """ r = helm_template(config) - priority_class_name = r["daemonset"][name]["spec"]["template"]["spec"][ + daemonset_priority_class_name = r["daemonset"][name]["spec"]["template"]["spec"][ "priorityClassName" ] - assert priority_class_name == "highest" + deployment_priority_class_name = r["deployment"][name]["spec"]["template"]["spec"][ + "priorityClassName" + ] + assert daemonset_priority_class_name == "highest" + assert deployment_priority_class_name == "highest" + + +def test_adding_deprecated_labels(): + config = """ +deployment: + enabled: true +labels: + app-test: filebeat +""" + r = helm_template(config) + assert r["daemonset"][name]["metadata"]["labels"]["app-test"] == "filebeat" + assert r["deployment"][name]["metadata"]["labels"]["app-test"] == "filebeat" + assert ( + r["daemonset"][name]["spec"]["template"]["metadata"]["labels"]["app-test"] + == "filebeat" + ) + assert ( + r["deployment"][name]["spec"]["template"]["metadata"]["labels"]["app-test"] + == "filebeat" + ) + + +def test_adding_daemonset_labels(): + config = """ +daemonset: + labels: + app-test: filebeat +""" + r = helm_template(config) + assert r["daemonset"][name]["metadata"]["labels"]["app-test"] == "filebeat" + assert ( + r["daemonset"][name]["spec"]["template"]["metadata"]["labels"]["app-test"] + == "filebeat" + ) + + +def test_adding_daemonset_labels_surpasses_root_labels(): + config = """ +labels: + app-test: root-filebeat +daemonset: + labels: + app-test: daemonset-filebeat +""" + r = helm_template(config) + assert ( + r["daemonset"][name]["metadata"]["labels"]["app-test"] == "daemonset-filebeat" + ) + assert ( + r["daemonset"][name]["spec"]["template"]["metadata"]["labels"]["app-test"] + == "daemonset-filebeat" + ) + + +def test_adding_deployment_labels(): + config = """ +deployment: + enabled: true + labels: + app-test: filebeat +""" + r = helm_template(config) + assert r["deployment"][name]["metadata"]["labels"]["app-test"] == "filebeat" + assert ( + r["deployment"][name]["spec"]["template"]["metadata"]["labels"]["app-test"] + == "filebeat" + ) + + +def test_adding_deployment_labels_surpasses_root_labels(): + config = """ +labels: + app-test: root-filebeat +deployment: + enabled: true + labels: + app-test: deployment-filebeat +""" + r = helm_template(config) + assert ( + r["deployment"][name]["metadata"]["labels"]["app-test"] == "deployment-filebeat" + ) + assert ( + r["deployment"][name]["spec"]["template"]["metadata"]["labels"]["app-test"] + == "deployment-filebeat" + ) + + +def test_adding_serviceaccount_annotations(): + config = """ +serviceAccountAnnotations: + eks.amazonaws.com/role-arn: arn:aws:iam::111111111111:role/k8s.clustername.namespace.serviceaccount +""" + r = helm_template(config) + assert ( + r["serviceaccount"][name]["metadata"]["annotations"][ + "eks.amazonaws.com/role-arn" + ] + == "arn:aws:iam::111111111111:role/k8s.clustername.namespace.serviceaccount" + ) def test_adding_env_from(): config = """ +deployment: + enabled: true +daemonset: + envFrom: + - configMapRef: + name: configmap-name +""" + r = helm_template(config) + assert r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0]["envFrom"][ + 0 + ]["configMapRef"] == {"name": "configmap-name"} + assert ( + r["deployment"][name]["spec"]["template"]["spec"]["containers"][0]["envFrom"] + == [] + ) + + config = """ +deployment: + enabled: true + envFrom: + - configMapRef: + name: configmap-name +""" + r = helm_template(config) + assert r["deployment"][name]["spec"]["template"]["spec"]["containers"][0][ + "envFrom" + ][0]["configMapRef"] == {"name": "configmap-name"} + assert ( + r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0]["envFrom"] + == [] + ) + + +def test_adding_deprecated_env_from(): + config = """ +deployment: + enabled: true envFrom: - configMapRef: name: configmap-name """ r = helm_template(config) - configMapRef = r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][ + assert r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0]["envFrom"][ + 0 + ]["configMapRef"] == {"name": "configmap-name"} + assert r["deployment"][name]["spec"]["template"]["spec"]["containers"][0][ "envFrom" - ][0]["configMapRef"] - assert configMapRef == {"name": "configmap-name"} + ][0]["configMapRef"] == {"name": "configmap-name"} + + +def test_overriding_resources(): + config = """ +deployment: + enabled: true +daemonset: + resources: + limits: + cpu: "25m" + memory: "128Mi" + requests: + cpu: "25m" + memory: "128Mi" +""" + r = helm_template(config) + assert r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][ + "resources" + ] == { + "requests": {"cpu": "25m", "memory": "128Mi"}, + "limits": {"cpu": "25m", "memory": "128Mi"}, + } + assert r["deployment"][name]["spec"]["template"]["spec"]["containers"][0][ + "resources" + ] == { + "requests": {"cpu": "100m", "memory": "100Mi"}, + "limits": {"cpu": "1000m", "memory": "200Mi"}, + } + + config = """ +deployment: + enabled: true + resources: + limits: + cpu: "25m" + memory: "128Mi" + requests: + cpu: "25m" + memory: "128Mi" +""" + r = helm_template(config) + assert r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][ + "resources" + ] == { + "requests": {"cpu": "100m", "memory": "100Mi"}, + "limits": {"cpu": "1000m", "memory": "200Mi"}, + } + assert r["deployment"][name]["spec"]["template"]["spec"]["containers"][0][ + "resources" + ] == { + "requests": {"cpu": "25m", "memory": "128Mi"}, + "limits": {"cpu": "25m", "memory": "128Mi"}, + } + + +def test_adding_deprecated_resources(): + config = """ +deployment: + enabled: true +resources: + limits: + cpu: "25m" + memory: "128Mi" + requests: + cpu: "25m" + memory: "128Mi" +""" + r = helm_template(config) + assert r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][ + "resources" + ] == { + "requests": {"cpu": "25m", "memory": "128Mi"}, + "limits": {"cpu": "25m", "memory": "128Mi"}, + } + assert r["deployment"][name]["spec"]["template"]["spec"]["containers"][0][ + "resources" + ] == { + "requests": {"cpu": "25m", "memory": "128Mi"}, + "limits": {"cpu": "25m", "memory": "128Mi"}, + } def test_setting_fullnameOverride(): config = """ +deployment: + enabled: true fullnameOverride: 'filebeat-custom' """ r = helm_template(config) @@ -401,16 +1268,84 @@ def test_setting_fullnameOverride(): "type": "DirectoryOrCreate", }, } in volumes + assert custom_name in r["deployment"] + assert ( + r["deployment"][custom_name]["spec"]["template"]["spec"]["containers"][0][ + "name" + ] + == project + ) + assert ( + r["deployment"][custom_name]["spec"]["template"]["spec"]["serviceAccountName"] + == name + ) + + +def test_adding_annotations(): + config = """ +deployment: + enabled: true +daemonset: + annotations: + foo: "bar" +""" + r = helm_template(config) + assert "foo" in r["daemonset"][name]["metadata"]["annotations"] + assert r["daemonset"][name]["metadata"]["annotations"]["foo"] == "bar" + assert "annotations" not in r["deployment"][name]["metadata"] + config = """ +deployment: + enabled: true + annotations: + grault: "waldo" +""" + r = helm_template(config) + assert "grault" in r["deployment"][name]["metadata"]["annotations"] + assert r["deployment"][name]["metadata"]["annotations"]["grault"] == "waldo" + assert "annotations" not in r["daemonset"][name]["metadata"] + + +def test_disable_daemonset(): + config = """ +deployment: + enabled: true +daemonset: + enabled: false +""" + r = helm_template(config) + cfg = r["configmap"] + + assert name not in r.get("daemonset", {}) + assert name + "-daemonset-config" not in cfg + assert name + "-deployment-config" in cfg def test_hostaliases(): config = """ -hostAliases: -- ip: "127.0.0.1" - hostnames: - - "foo.local" - - "bar.local" +deployment: + enabled: true +daemonset: + hostAliases: + - ip: "127.0.0.1" + hostnames: + - "foo.local" + - "bar.local" """ r = helm_template(config) + assert "hostAliases" not in r["deployment"][name]["spec"]["template"]["spec"] hostAliases = r["daemonset"][name]["spec"]["template"]["spec"]["hostAliases"] assert {"ip": "127.0.0.1", "hostnames": ["foo.local", "bar.local"]} in hostAliases + + config = """ +deployment: + enabled: true + hostAliases: + - ip: "127.0.0.1" + hostnames: + - "foo.local" + - "bar.local" +""" + r = helm_template(config) + assert "hostAliases" not in r["daemonset"][name]["spec"]["template"]["spec"] + hostAliases = r["deployment"][name]["spec"]["template"]["spec"]["hostAliases"] + assert {"ip": "127.0.0.1", "hostnames": ["foo.local", "bar.local"]} in hostAliases diff --git a/filebeat/values.yaml b/filebeat/values.yaml index 9c0fcd7d8..023e2c514 100755 --- a/filebeat/values.yaml +++ b/filebeat/values.yaml @@ -1,38 +1,127 @@ --- -# Allows you to add any config files in /usr/share/filebeat -# such as filebeat.yml -filebeatConfig: - filebeat.yml: | - filebeat.inputs: - - type: container - paths: - - /var/log/containers/*.log - processors: - - add_kubernetes_metadata: - host: ${NODE_NAME} - matchers: - - logs_path: - logs_path: "/var/log/containers/" - - output.elasticsearch: - host: '${NODE_NAME}' - hosts: '${ELASTICSEARCH_HOSTS:elasticsearch-master:9200}' - -# Extra environment variables to append to the DaemonSet pod spec. -# This will be appended to the current 'env:' key. You can use any of the kubernetes env -# syntax here -extraEnvs: [] -# - name: MY_ENVIRONMENT_VAR -# value: the_value_goes_here - -extraVolumeMounts: [] +daemonset: + # Annotations to apply to the daemonset + annotations: {} + # additionals labels + labels: {} + affinity: {} + # Include the daemonset + enabled: true + # Extra environment variables for Filebeat container. + envFrom: [] + # - configMapRef: + # name: config-secret + extraEnvs: [] + # - name: MY_ENVIRONMENT_VAR + # value: the_value_goes_here + extraVolumes: [] + # - name: extras + # emptyDir: {} + extraVolumeMounts: [] + # - name: extras + # mountPath: /usr/share/extras + # readOnly: true + hostNetworking: false + # Allows you to add any config files in /usr/share/filebeat + # such as filebeat.yml for daemonset + filebeatConfig: + filebeat.yml: | + filebeat.inputs: + - type: container + paths: + - /var/log/containers/*.log + processors: + - add_kubernetes_metadata: + host: ${NODE_NAME} + matchers: + - logs_path: + logs_path: "/var/log/containers/" + + output.elasticsearch: + host: '${NODE_NAME}' + hosts: '${ELASTICSEARCH_HOSTS:elasticsearch-master:9200}' + nodeSelector: {} + # A list of secrets and their paths to mount inside the pod + # This is useful for mounting certificates for security other sensitive values + secretMounts: [] + # - name: filebeat-certificates + # secretName: filebeat-certificates + # path: /usr/share/filebeat/certs + # Various pod security context settings. Bear in mind that many of these have an impact on Filebeat functioning properly. + # + # - User that the container will execute as. Typically necessary to run as root (0) in order to properly collect host container logs. + # - Whether to execute the Filebeat containers as privileged containers. Typically not necessarily unless running within environments such as OpenShift. + securityContext: + runAsUser: 0 + privileged: false + resources: + requests: + cpu: "100m" + memory: "100Mi" + limits: + cpu: "1000m" + memory: "200Mi" + tolerations: [] + +deployment: + # Annotations to apply to the deployment + annotations: {} + # additionals labels + labels: {} + affinity: {} + # Include the deployment + enabled: false + # Extra environment variables for Filebeat container. + envFrom: [] + # - configMapRef: + # name: config-secret + extraEnvs: [] + # - name: MY_ENVIRONMENT_VAR + # value: the_value_goes_here + # Allows you to add any config files in /usr/share/filebeat + extraVolumes: [] + # - name: extras + # emptyDir: {} + extraVolumeMounts: [] # - name: extras # mountPath: /usr/share/extras # readOnly: true - -extraVolumes: [] - # - name: extras - # emptyDir: {} + # such as filebeat.yml for deployment + filebeatConfig: + filebeat.yml: | + filebeat.inputs: + - type: tcp + max_message_size: 10MiB + host: "localhost:9000" + + output.elasticsearch: + host: '${NODE_NAME}' + hosts: '${ELASTICSEARCH_HOSTS:elasticsearch-master:9200}' + nodeSelector: {} + # A list of secrets and their paths to mount inside the pod + # This is useful for mounting certificates for security other sensitive values + secretMounts: [] + # - name: filebeat-certificates + # secretName: filebeat-certificates + # path: /usr/share/filebeat/certs + # + # - User that the container will execute as. + # Not necessary to run as root (0) as the Filebeat Deployment use cases do not need access to Kubernetes Node internals + # - Typically not necessarily unless running within environments such as OpenShift. + securityContext: + runAsUser: 0 + privileged: false + resources: + requests: + cpu: "100m" + memory: "100Mi" + limits: + cpu: "1000m" + memory: "200Mi" + tolerations: [] + +# Replicas being used for the filebeat deployment +replicas: 1 extraContainers: "" # - name: dummy-init @@ -41,16 +130,10 @@ extraContainers: "" extraInitContainers: [] # - name: dummy-init -# image: busybox -# command: ['echo', 'hey'] - -envFrom: [] -# - configMapRef: -# name: configmap-name # Root directory where Filebeat will write data to in order to persist registry data across pod restarts (file position and other metadata). hostPathRoot: /var/lib -hostNetworking: false + dnsConfig: {} # options: # - name: ndots @@ -94,51 +177,19 @@ readinessProbe: # Whether this chart should self-manage its service account, role, and associated role binding. managedServiceAccount: true -# additionals labels -labels: {} - podAnnotations: {} # iam.amazonaws.com/role: es-cluster -# Various pod security context settings. Bear in mind that many of these have an impact on Filebeat functioning properly. -# -# - User that the container will execute as. Typically necessary to run as root (0) in order to properly collect host container logs. -# - Whether to execute the Filebeat containers as privileged containers. Typically not necessarily unless running within environments such as OpenShift. -podSecurityContext: - runAsUser: 0 - privileged: false - -resources: - requests: - cpu: "100m" - memory: "100Mi" - limits: - cpu: "1000m" - memory: "200Mi" - # Custom service account override that the pod will use serviceAccount: "" # Annotations to add to the ServiceAccount that is created if the serviceAccount value isn't set. serviceAccountAnnotations: {} - # eks.amazonaws.com/role-arn: arn:aws:iam::111111111111:role/k8s.clustername.namespace.serviceaccount -# A list of secrets and their paths to mount inside the pod -# This is useful for mounting certificates for security other sensitive values -secretMounts: [] -# - name: filebeat-certificates -# secretName: filebeat-certificates -# path: /usr/share/filebeat/certs + # eks.amazonaws.com/role-arn: arn:aws:iam::111111111111:role/k8s.clustername.namespace.serviceaccount # How long to wait for Filebeat pods to stop gracefully terminationGracePeriod: 30 - -tolerations: [] - -nodeSelector: {} - -affinity: {} - # This is the PriorityClass settings as defined in # https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass priorityClassName: "" @@ -149,3 +200,19 @@ updateStrategy: RollingUpdate # Only edit these if you know what you're doing nameOverride: "" fullnameOverride: "" + +# DEPRECATED +affinity: {} +envFrom: [] +extraEnvs: [] +extraVolumes: [] +extraVolumeMounts: [] +# Allows you to add any config files in /usr/share/filebeat +# such as filebeat.yml for both daemonset and deployment +filebeatConfig: {} +nodeSelector: {} +podSecurityContext: {} +resources: {} +secretMounts: [] +tolerations: [] +labels: {} diff --git a/helpers/matrix.yml b/helpers/matrix.yml index aa2f4b3c4..575afaba6 100644 --- a/helpers/matrix.yml +++ b/helpers/matrix.yml @@ -19,6 +19,7 @@ KIBANA_SUITE: - upgrade FILEBEAT_SUITE: - default + - deployment - oss - security - upgrade From 73fff217238883387ce65d9a5d3f577635d014aa Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Tue, 5 Jan 2021 19:39:19 +0100 Subject: [PATCH 118/151] [filebeat] Configurable ClusterRole (#978) (#1007) Co-authored-by: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Co-authored-by: Nick --- filebeat/README.md | 2 ++ filebeat/templates/clusterrole.yaml | 12 +----------- filebeat/values.yaml | 14 +++++++++++++- 3 files changed, 16 insertions(+), 12 deletions(-) diff --git a/filebeat/README.md b/filebeat/README.md index e49f7c80d..48a4213a0 100644 --- a/filebeat/README.md +++ b/filebeat/README.md @@ -91,6 +91,7 @@ as a reference. They are also used in the automated testing of this chart. | Parameter | Description | Default | |--------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------| +| `clusterRoleRules` | Configurable [cluster role rules][] that Filebeat uses to access Kubernetes resources | see [values.yaml][] | | `daemonset.annotations` | Configurable [annotations][] for filebeat daemonset | `{}` | | `daemonset.labels` | Configurable [labels][] applied to all filebeat DaemonSet pods | `{}` | | `daemonset.affinity` | Configurable [affinity][] for filebeat daemonset | `{}` | @@ -225,6 +226,7 @@ about our development and testing process. [CONTRIBUTING.md]: https://github.com/elastic/helm-charts/blob/master/CONTRIBUTING.md [affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity [annotations]: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ +[cluster role rules]: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#role-and-clusterrole [dnsConfig]: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/ [environment variables]: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config [environment from variables]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables diff --git a/filebeat/templates/clusterrole.yaml b/filebeat/templates/clusterrole.yaml index 36dc5d310..754dfd578 100644 --- a/filebeat/templates/clusterrole.yaml +++ b/filebeat/templates/clusterrole.yaml @@ -8,15 +8,5 @@ metadata: chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" heritage: {{ .Release.Service | quote }} release: {{ .Release.Name | quote }} -rules: -- apiGroups: - - "" - resources: - - namespaces - - nodes - - pods - verbs: - - get - - list - - watch +rules: {{ toYaml .Values.clusterRoleRules | nindent 2 -}} {{- end -}} diff --git a/filebeat/values.yaml b/filebeat/values.yaml index 023e2c514..f8de289bc 100755 --- a/filebeat/values.yaml +++ b/filebeat/values.yaml @@ -20,7 +20,7 @@ daemonset: extraVolumeMounts: [] # - name: extras # mountPath: /usr/share/extras - # readOnly: true + # readOnly: true hostNetworking: false # Allows you to add any config files in /usr/share/filebeat # such as filebeat.yml for daemonset @@ -177,6 +177,18 @@ readinessProbe: # Whether this chart should self-manage its service account, role, and associated role binding. managedServiceAccount: true +clusterRoleRules: +- apiGroups: + - "" + resources: + - namespaces + - nodes + - pods + verbs: + - get + - list + - watch + podAnnotations: {} # iam.amazonaws.com/role: es-cluster From d6f78442fc54f5ffeed58f00d7b428e953a73ea2 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Wed, 6 Jan 2021 11:01:41 +0100 Subject: [PATCH 119/151] [filebeat][metricbeat] Update documentation on port collisions for multiple beats agents with hostNetworking enabled. (#997) (#1011) Co-authored-by: ksorensen@scramsystems.com Co-authored-by: kwsorensen Co-authored-by: ksorensen@scramsystems.com --- filebeat/README.md | 8 ++++++++ metricbeat/README.md | 8 ++++++++ 2 files changed, 16 insertions(+) diff --git a/filebeat/README.md b/filebeat/README.md index 48a4213a0..f5f413ccc 100644 --- a/filebeat/README.md +++ b/filebeat/README.md @@ -192,6 +192,14 @@ namespace which gives it access to the host loopback device, services listening on localhost, could be used to snoop on network activity of other pods on the same node. +### How do I get multiple beats agents working with hostNetworking enabled? + +The default http port for multiple beats agents may be on the same port, for +example, Filebeats and Metricbeats both default to 5066. When `hostNetworking` +is enabled this will cause collisions when standing up the http server. The work +around for this is to set `http.port` in the config file for one of the beats agent +to use a different port. + ### How to change readinessProbe for outputs which don't support testing Some [Filebeat outputs][] like [Kafka output][] don't support testing using diff --git a/metricbeat/README.md b/metricbeat/README.md index 57462ba74..5742bc7c0 100644 --- a/metricbeat/README.md +++ b/metricbeat/README.md @@ -206,6 +206,14 @@ namespace which gives it access to the host loopback device, services listening on localhost, could be used to snoop on network activity of other pods on the same node. +### How do I get multiple beats agents working with hostNetworking enabled? + +The default http port for multiple beats agents may be on the same port, for +example, Filebeats and Metricbeats both default to 5066. When `hostNetworking` +is enabled this will cause collisions when standing up the http server. The work +around for this is to set `http.port` in the config file for one of the beats agent +to use a different port. + ## Contributing From ae7526ccfe9dcb9742a598c5961f85a4db90b629 Mon Sep 17 00:00:00 2001 From: Kevin Smith <42681130+kevinsmithwrs@users.noreply.github.com> Date: Tue, 22 Dec 2020 05:12:19 -0500 Subject: [PATCH 120/151] [elasticsearch][kibana] Add flexible ingress (#994) Co-authored-by: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> --- elasticsearch/templates/ingress.yaml | 20 +++++- elasticsearch/tests/elasticsearch_test.py | 48 ++++++++++++++ elasticsearch/values.yaml | 5 +- kibana/templates/ingress.yaml | 26 +++++++- kibana/tests/kibana_test.py | 76 +++++++++++++++++++++++ kibana/values.yaml | 5 +- 6 files changed, 172 insertions(+), 8 deletions(-) diff --git a/elasticsearch/templates/ingress.yaml b/elasticsearch/templates/ingress.yaml index e34b475e1..bcb2befa6 100644 --- a/elasticsearch/templates/ingress.yaml +++ b/elasticsearch/templates/ingress.yaml @@ -1,6 +1,6 @@ {{- if .Values.ingress.enabled -}} {{- $fullName := include "elasticsearch.uname" . -}} -{{- $servicePort := .Values.httpPort -}} +{{- $httpPort := .Values.httpPort -}} {{- $ingressPath := .Values.ingress.path -}} apiVersion: networking.k8s.io/v1beta1 kind: Ingress @@ -17,22 +17,38 @@ metadata: spec: {{- if .Values.ingress.tls }} tls: + {{- if .ingressPath }} {{- range .Values.ingress.tls }} - hosts: {{- range .hosts }} - {{ . }} {{- end }} secretName: {{ .secretName }} + {{- end }} + {{- else }} +{{ toYaml .Values.ingress.tls | indent 4 }} {{- end }} {{- end }} rules: {{- range .Values.ingress.hosts }} + {{- if $ingressPath }} - host: {{ . }} http: paths: - path: {{ $ingressPath }} backend: serviceName: {{ $fullName }} - servicePort: {{ $servicePort }} + servicePort: {{ $httpPort }} + {{- else }} + - host: {{ .host }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + backend: + serviceName: {{ $fullName }} + servicePort: {{ .servicePort | default $httpPort }} + {{- end }} + {{- end }} {{- end }} {{- end }} diff --git a/elasticsearch/tests/elasticsearch_test.py b/elasticsearch/tests/elasticsearch_test.py index f414d68e1..db2bc0d24 100755 --- a/elasticsearch/tests/elasticsearch_test.py +++ b/elasticsearch/tests/elasticsearch_test.py @@ -691,6 +691,54 @@ def test_adding_a_node_affinity(): def test_adding_an_ingress_rule(): config = """ +ingress: + enabled: true + annotations: + kubernetes.io/ingress.class: nginx + hosts: + - host: elasticsearch.elastic.co + paths: + - path: / + - host: '' + paths: + - path: / + - path: /mypath + servicePort: 8888 + - host: elasticsearch.hello.there + paths: + - path: / + servicePort: 9999 + tls: + - secretName: elastic-co-wildcard + hosts: + - elasticsearch.elastic.co +""" + + r = helm_template(config) + assert uname in r["ingress"] + i = r["ingress"][uname]["spec"] + assert i["tls"][0]["hosts"][0] == "elasticsearch.elastic.co" + assert i["tls"][0]["secretName"] == "elastic-co-wildcard" + + assert i["rules"][0]["host"] == "elasticsearch.elastic.co" + assert i["rules"][0]["http"]["paths"][0]["path"] == "/" + assert i["rules"][0]["http"]["paths"][0]["backend"]["serviceName"] == uname + assert i["rules"][0]["http"]["paths"][0]["backend"]["servicePort"] == 9200 + assert i["rules"][1]["host"] == None + assert i["rules"][1]["http"]["paths"][0]["path"] == "/" + assert i["rules"][1]["http"]["paths"][0]["backend"]["serviceName"] == uname + assert i["rules"][1]["http"]["paths"][0]["backend"]["servicePort"] == 9200 + assert i["rules"][1]["http"]["paths"][1]["path"] == "/mypath" + assert i["rules"][1]["http"]["paths"][1]["backend"]["serviceName"] == uname + assert i["rules"][1]["http"]["paths"][1]["backend"]["servicePort"] == 8888 + assert i["rules"][2]["host"] == "elasticsearch.hello.there" + assert i["rules"][2]["http"]["paths"][0]["path"] == "/" + assert i["rules"][2]["http"]["paths"][0]["backend"]["serviceName"] == uname + assert i["rules"][2]["http"]["paths"][0]["backend"]["servicePort"] == 9999 + + +def test_adding_a_deprecated_ingress_rule(): + config = """ ingress: enabled: true annotations: diff --git a/elasticsearch/values.yaml b/elasticsearch/values.yaml index 40583e8be..8ed7cb4e3 100755 --- a/elasticsearch/values.yaml +++ b/elasticsearch/values.yaml @@ -243,9 +243,10 @@ ingress: annotations: {} # kubernetes.io/ingress.class: nginx # kubernetes.io/tls-acme: "true" - path: / hosts: - - chart-example.local + - host: chart-example.local + paths: + - path: / tls: [] # - secretName: chart-example-tls # hosts: diff --git a/kibana/templates/ingress.yaml b/kibana/templates/ingress.yaml index fd4eae24a..f79255f30 100644 --- a/kibana/templates/ingress.yaml +++ b/kibana/templates/ingress.yaml @@ -1,6 +1,6 @@ {{- if .Values.ingress.enabled -}} {{- $fullName := include "kibana.fullname" . -}} -{{- $servicePort := .Values.service.port -}} +{{- $httpPort := .Values.httpPort -}} {{- $ingressPath := .Values.ingress.path -}} apiVersion: networking.k8s.io/v1beta1 kind: Ingress @@ -14,16 +14,38 @@ metadata: spec: {{- if .Values.ingress.tls }} tls: + {{- if .ingressPath }} + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- else }} {{ toYaml .Values.ingress.tls | indent 4 }} + {{- end }} {{- end }} rules: {{- range .Values.ingress.hosts }} + {{- if $ingressPath }} - host: {{ . }} http: paths: - path: {{ $ingressPath }} backend: serviceName: {{ $fullName }} - servicePort: {{ $servicePort }} + servicePort: {{ $httpPort }} + {{- else }} + - host: {{ .host }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + backend: + serviceName: {{ $fullName }} + servicePort: {{ .servicePort | default $httpPort }} + {{- end }} + {{- end }} {{- end }} {{- end }} diff --git a/kibana/tests/kibana_test.py b/kibana/tests/kibana_test.py index b188db456..5a3f30b34 100644 --- a/kibana/tests/kibana_test.py +++ b/kibana/tests/kibana_test.py @@ -206,6 +206,54 @@ def test_adding_a_extra_init_container(): def test_adding_an_ingress_rule(): config = """ +ingress: + enabled: true + annotations: + kubernetes.io/ingress.class: nginx + hosts: + - host: kibana.elastic.co + paths: + - path: / + - path: /testpath + servicePort: 8888 + - host: '' + paths: + - path: / + - host: kibana.hello.there + paths: + - path: /mypath + servicePort: 9999 + tls: + - secretName: elastic-co-wildcard + hosts: + - kibana.elastic.co +""" + + r = helm_template(config) + assert name in r["ingress"] + i = r["ingress"][name]["spec"] + assert i["tls"][0]["hosts"][0] == "kibana.elastic.co" + assert i["tls"][0]["secretName"] == "elastic-co-wildcard" + + assert i["rules"][0]["host"] == "kibana.elastic.co" + assert i["rules"][0]["http"]["paths"][0]["path"] == "/" + assert i["rules"][0]["http"]["paths"][0]["backend"]["serviceName"] == name + assert i["rules"][0]["http"]["paths"][0]["backend"]["servicePort"] == 5601 + assert i["rules"][0]["http"]["paths"][1]["path"] == "/testpath" + assert i["rules"][0]["http"]["paths"][1]["backend"]["serviceName"] == name + assert i["rules"][0]["http"]["paths"][1]["backend"]["servicePort"] == 8888 + assert i["rules"][1]["host"] == None + assert i["rules"][1]["http"]["paths"][0]["path"] == "/" + assert i["rules"][1]["http"]["paths"][0]["backend"]["serviceName"] == name + assert i["rules"][1]["http"]["paths"][0]["backend"]["servicePort"] == 5601 + assert i["rules"][2]["host"] == "kibana.hello.there" + assert i["rules"][2]["http"]["paths"][0]["path"] == "/mypath" + assert i["rules"][2]["http"]["paths"][0]["backend"]["serviceName"] == name + assert i["rules"][2]["http"]["paths"][0]["backend"]["servicePort"] == 9999 + + +def test_adding_a_deprecated_ingress_rule(): + config = """ ingress: enabled: true annotations: @@ -233,6 +281,34 @@ def test_adding_an_ingress_rule(): def test_adding_an_ingress_rule_wildcard(): config = """ +ingress: + enabled: true + annotations: + kubernetes.io/ingress.class: nginx + hosts: + - host: kibana.elastic.co + paths: + - path: / + tls: + - secretName: elastic-co-wildcard + hosts: + - "*.elastic.co" +""" + + r = helm_template(config) + assert name in r["ingress"] + i = r["ingress"][name]["spec"] + assert i["tls"][0]["hosts"][0] == "*.elastic.co" + assert i["tls"][0]["secretName"] == "elastic-co-wildcard" + + assert i["rules"][0]["host"] == "kibana.elastic.co" + assert i["rules"][0]["http"]["paths"][0]["path"] == "/" + assert i["rules"][0]["http"]["paths"][0]["backend"]["serviceName"] == name + assert i["rules"][0]["http"]["paths"][0]["backend"]["servicePort"] == 5601 + + +def test_adding_a_deprecated_ingress_rule_wildcard(): + config = """ ingress: enabled: true annotations: diff --git a/kibana/values.yaml b/kibana/values.yaml index 8169e80db..a84a29746 100755 --- a/kibana/values.yaml +++ b/kibana/values.yaml @@ -120,9 +120,10 @@ ingress: annotations: {} # kubernetes.io/ingress.class: nginx # kubernetes.io/tls-acme: "true" - path: / hosts: - - chart-example.local + - host: chart-example.local + paths: + - path: / tls: [] # - secretName: chart-example-tls # hosts: From ae168fd305bac6f3e414f92aff3195108d55ad2b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C3=A9dric=20de=20Saint=20Martin?= Date: Mon, 4 Jan 2021 12:58:27 +0100 Subject: [PATCH 121/151] Add support for NetworkPolicy. (#498) --- elasticsearch/README.md | 1 + elasticsearch/examples/networkpolicy/Makefile | 13 +++ .../examples/networkpolicy/values.yml | 37 ++++++++ elasticsearch/templates/networkpolicy.yaml | 61 ++++++++++++ elasticsearch/tests/elasticsearch_test.py | 94 +++++++++++++++++++ elasticsearch/values.yaml | 57 ++++++++++- 6 files changed, 262 insertions(+), 1 deletion(-) create mode 100644 elasticsearch/examples/networkpolicy/Makefile create mode 100644 elasticsearch/examples/networkpolicy/values.yml create mode 100644 elasticsearch/templates/networkpolicy.yaml diff --git a/elasticsearch/README.md b/elasticsearch/README.md index b1e238024..459ebfd93 100644 --- a/elasticsearch/README.md +++ b/elasticsearch/README.md @@ -141,6 +141,7 @@ support multiple versions with minimal changes. | `minimumMasterNodes` | The value for [discovery.zen.minimum_master_nodes][]. Should be set to `(master_eligible_nodes / 2) + 1`. Ignored in Elasticsearch versions >= 7 | `2` | | `nameOverride` | Overrides the `clusterName` when used in the naming of resources | `""` | | `networkHost` | Value for the [network.host Elasticsearch setting][] | `0.0.0.0` | +| `networkPolicy` | The [NetworkPolicy](https://kubernetes.io/docs/concepts/services-networking/network-policies/) to set. See [`values.yaml`](./values.yaml) for an example | `{http.enabled: false,transport.enabled: false}`| | `nodeAffinity` | Value for the [node affinity settings][] | `{}` | | `nodeGroup` | This is the name that will be used for each group of nodes in the cluster. The name will be `clusterName-nodeGroup-X` , `nameOverride-nodeGroup-X` if a `nameOverride` is specified, and `fullnameOverride-X` if a `fullnameOverride` is specified | `master` | | `nodeSelector` | Configurable [nodeSelector][] so that you can target specific nodes for your Elasticsearch cluster | `{}` | diff --git a/elasticsearch/examples/networkpolicy/Makefile b/elasticsearch/examples/networkpolicy/Makefile new file mode 100644 index 000000000..38dd40d3d --- /dev/null +++ b/elasticsearch/examples/networkpolicy/Makefile @@ -0,0 +1,13 @@ +default: test +include ../../../helpers/examples.mk + +RELEASE := helm-es-networkpolicy + +install: + helm upgrade --wait --timeout=600s --install $(RELEASE) --values ./values.yaml ../../ ; \ + +restart: + helm upgrade --set terminationGracePeriod=121 --wait --timeout=600s --install $(RELEASE) --values ./values.yaml ../../ ; \ + +purge: + helm del --purge $(RELEASE) diff --git a/elasticsearch/examples/networkpolicy/values.yml b/elasticsearch/examples/networkpolicy/values.yml new file mode 100644 index 000000000..2f8178529 --- /dev/null +++ b/elasticsearch/examples/networkpolicy/values.yml @@ -0,0 +1,37 @@ +networkPolicy: + http: + enabled: true + explicitNamespacesSelector: + # Accept from namespaces with all those different rules (from whitelisted Pods) + matchLabels: + role: frontend + matchExpressions: + - {key: role, operator: In, values: [frontend]} + additionalRules: + - podSelector: + matchLabels: + role: frontend + - podSelector: + matchExpressions: + - key: role + operator: In + values: + - frontend + transport: + enabled: true + allowExternal: true + explicitNamespacesSelector: + matchLabels: + role: frontend + matchExpressions: + - {key: role, operator: In, values: [frontend]} + additionalRules: + - podSelector: + matchLabels: + role: frontend + - podSelector: + matchExpressions: + - key: role + operator: In + values: + - frontend diff --git a/elasticsearch/templates/networkpolicy.yaml b/elasticsearch/templates/networkpolicy.yaml new file mode 100644 index 000000000..80c0c9ed4 --- /dev/null +++ b/elasticsearch/templates/networkpolicy.yaml @@ -0,0 +1,61 @@ +{{- if (or .Values.networkPolicy.http.enabled .Values.networkPolicy.transport.enabled) }} +kind: NetworkPolicy +apiVersion: networking.k8s.io/v1 +metadata: + name: {{ template "elasticsearch.uname" . }} + labels: + heritage: {{ .Release.Service | quote }} + release: {{ .Release.Name | quote }} + chart: "{{ .Chart.Name }}" + app: "{{ template "elasticsearch.uname" . }}" +spec: + podSelector: + matchLabels: + app: "{{ template "elasticsearch.uname" . }}" + ingress: # Allow inbound connections + +{{- if .Values.networkPolicy.http.enabled }} + # For HTTP access + - ports: + - port: {{ .Values.httpPort }} + from: + # From authorized Pods (having the correct label) + - podSelector: + matchLabels: + {{ template "elasticsearch.uname" . }}-http-client: "true" +{{- with .Values.networkPolicy.http.explicitNamespacesSelector }} + # From authorized namespaces + namespaceSelector: +{{ toYaml . | indent 12 }} +{{- end }} +{{- with .Values.networkPolicy.transport.additionalRules }} + # Or from custom additional rules +{{ toYaml . | indent 8 }} +{{- end }} +{{- end }} + +{{- if .Values.networkPolicy.transport.enabled }} + # For transport access + - ports: + - port: {{ .Values.transportPort }} + from: + # From authorized Pods (having the correct label) + - podSelector: + matchLabels: + {{ template "elasticsearch.uname" . }}-transport-client: "true" +{{- with .Values.networkPolicy.transport.explicitNamespacesSelector }} + # From authorized namespaces + namespaceSelector: +{{ toYaml . | indent 12 }} +{{- end }} +{{- with .Values.networkPolicy.transport.additionalRules }} + # Or from custom additional rules +{{ toYaml . | indent 8 }} +{{- end }} + # Or from other ElasticSearch Pods + - podSelector: + matchLabels: + app: "{{ template "elasticsearch.uname" . }}" +{{- end }} + +{{- end }} diff --git a/elasticsearch/tests/elasticsearch_test.py b/elasticsearch/tests/elasticsearch_test.py index db2bc0d24..75147c5ff 100755 --- a/elasticsearch/tests/elasticsearch_test.py +++ b/elasticsearch/tests/elasticsearch_test.py @@ -1423,3 +1423,97 @@ def test_hostaliases(): r = helm_template(config) hostAliases = r["statefulset"][uname]["spec"]["template"]["spec"]["hostAliases"] assert {"ip": "127.0.0.1", "hostnames": ["foo.local", "bar.local"]} in hostAliases + + +def test_network_policy(): + config = """ +networkPolicy: + http: + enabled: true + explicitNamespacesSelector: + # Accept from namespaces with all those different rules (from whitelisted Pods) + matchLabels: + role: frontend + matchExpressions: + - {key: role, operator: In, values: [frontend]} + additionalRules: + - podSelector: + matchLabels: + role: frontend + - podSelector: + matchExpressions: + - key: role + operator: In + values: + - frontend + transport: + enabled: true + allowExternal: true + explicitNamespacesSelector: + matchLabels: + role: frontend + matchExpressions: + - {key: role, operator: In, values: [frontend]} + additionalRules: + - podSelector: + matchLabels: + role: frontend + - podSelector: + matchExpressions: + - key: role + operator: In + values: + - frontend + +""" + r = helm_template(config) + ingress = r["networkpolicy"][uname]["spec"]["ingress"] + pod_selector = r["networkpolicy"][uname]["spec"]["podSelector"] + http = ingress[0] + transport = ingress[1] + assert http["from"] == [ + { + "podSelector": { + "matchLabels": {"elasticsearch-master-http-client": "true"} + }, + "namespaceSelector": { + "matchExpressions": [ + {"key": "role", "operator": "In", "values": ["frontend"]} + ], + "matchLabels": {"role": "frontend"}, + }, + }, + {"podSelector": {"matchLabels": {"role": "frontend"}}}, + { + "podSelector": { + "matchExpressions": [ + {"key": "role", "operator": "In", "values": ["frontend"]} + ] + } + }, + ] + assert http["ports"][0]["port"] == 9200 + assert transport["from"] == [ + { + "podSelector": { + "matchLabels": {"elasticsearch-master-transport-client": "true"} + }, + "namespaceSelector": { + "matchExpressions": [ + {"key": "role", "operator": "In", "values": ["frontend"]} + ], + "matchLabels": {"role": "frontend"}, + }, + }, + {"podSelector": {"matchLabels": {"role": "frontend"}}}, + { + "podSelector": { + "matchExpressions": [ + {"key": "role", "operator": "In", "values": ["frontend"]} + ] + } + }, + {"podSelector": {"matchLabels": {"app": "elasticsearch-master"}}}, + ] + assert transport["ports"][0]["port"] == 9300 + assert pod_selector == {"matchLabels": {"app": "elasticsearch-master",}} diff --git a/elasticsearch/values.yaml b/elasticsearch/values.yaml index 8ed7cb4e3..0ef108cc2 100755 --- a/elasticsearch/values.yaml +++ b/elasticsearch/values.yaml @@ -124,7 +124,7 @@ podSecurityPolicy: - secret - configMap - persistentVolumeClaim - - emptyDir + - emptyDir persistence: enabled: true @@ -283,6 +283,61 @@ sysctlInitContainer: keystore: [] +networkPolicy: + ## Enable creation of NetworkPolicy resources. Only Ingress traffic is filtered for now. + ## In order for a Pod to access Elasticsearch, it needs to have the following label: + ## {{ template "uname" . }}-client: "true" + ## Example for default configuration to access HTTP port: + ## elasticsearch-master-http-client: "true" + ## Example for default configuration to access transport port: + ## elasticsearch-master-transport-client: "true" + + http: + enabled: false + ## if explicitNamespacesSelector is not set or set to {}, only client Pods being in the networkPolicy's namespace + ## and matching all criteria can reach the DB. + ## But sometimes, we want the Pods to be accessible to clients from other namespaces, in this case, we can use this + ## parameter to select these namespaces + ## + # explicitNamespacesSelector: + # # Accept from namespaces with all those different rules (only from whitelisted Pods) + # matchLabels: + # role: frontend + # matchExpressions: + # - {key: role, operator: In, values: [frontend]} + + ## Additional NetworkPolicy Ingress "from" rules to set. Note that all rules are OR-ed. + ## + # additionalRules: + # - podSelector: + # matchLabels: + # role: frontend + # - podSelector: + # matchExpressions: + # - key: role + # operator: In + # values: + # - frontend + + transport: + ## Note that all Elasticsearch Pods can talks to themselves using transport port even if enabled. + enabled: false + # explicitNamespacesSelector: + # matchLabels: + # role: frontend + # matchExpressions: + # - {key: role, operator: In, values: [frontend]} + # additionalRules: + # - podSelector: + # matchLabels: + # role: frontend + # - podSelector: + # matchExpressions: + # - key: role + # operator: In + # values: + # - frontend + # Deprecated # please use the above podSecurityContext.fsGroup instead fsGroup: "" From 2ce8f7f78b4b7581808cdc3b975f491179924de0 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Tue, 5 Jan 2021 16:47:39 +0100 Subject: [PATCH 122/151] [logstash] disable privileged container in psp (#1000) --- logstash/tests/logstash_test.py | 2 +- logstash/values.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/logstash/tests/logstash_test.py b/logstash/tests/logstash_test.py index ac5633e05..ebb679b98 100755 --- a/logstash/tests/logstash_test.py +++ b/logstash/tests/logstash_test.py @@ -789,7 +789,7 @@ def test_pod_security_policy(): r["statefulset"][name]["spec"]["template"]["spec"]["serviceAccountName"] == name ) psp_spec = r["podsecuritypolicy"][name]["spec"] - assert psp_spec["privileged"] is True + assert psp_spec["privileged"] is False def test_external_pod_security_policy(): diff --git a/logstash/values.yaml b/logstash/values.yaml index 23ac43895..19c723c47 100755 --- a/logstash/values.yaml +++ b/logstash/values.yaml @@ -104,7 +104,7 @@ podSecurityPolicy: create: false name: "" spec: - privileged: true + privileged: false fsGroup: rule: RunAsAny runAsUser: From 425b74fc30603522bd2efca222a069d8011a2fb9 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Wed, 6 Jan 2021 09:32:58 +0100 Subject: [PATCH 123/151] [apm-server] run as non root user (#996) --- apm-server/templates/deployment.yaml | 8 ++++++-- apm-server/tests/apmserver_test.py | 16 +++++++++++++--- apm-server/values.yaml | 9 ++++++++- 3 files changed, 27 insertions(+), 6 deletions(-) diff --git a/apm-server/templates/deployment.yaml b/apm-server/templates/deployment.yaml index ca3248cd2..fa87cfa5a 100644 --- a/apm-server/templates/deployment.yaml +++ b/apm-server/templates/deployment.yaml @@ -30,6 +30,10 @@ spec: configChecksum: {{ include (print .Template.BasePath "/configmap.yaml") . | sha256sum | trunc 63 }} {{- end }} spec: +{{- if .Values.podSecurityContext }} + securityContext: +{{ toYaml .Values.podSecurityContext | indent 10 }} +{{- end }} {{- if .Values.priorityClassName }} priorityClassName: {{ .Values.priorityClassName }} {{- end }} @@ -84,9 +88,9 @@ spec: envFrom: {{ toYaml .Values.envFrom | indent 10 }} {{- end }} -{{- if .Values.podSecurityContext }} +{{- if .Values.securityContext }} securityContext: -{{ toYaml .Values.podSecurityContext | indent 10 }} +{{ toYaml .Values.securityContext | indent 10 }} {{- end }} livenessProbe: {{ toYaml .Values.livenessProbe | indent 10 }} diff --git a/apm-server/tests/apmserver_test.py b/apm-server/tests/apmserver_test.py index b6b8218af..c86a5348d 100644 --- a/apm-server/tests/apmserver_test.py +++ b/apm-server/tests/apmserver_test.py @@ -146,16 +146,26 @@ def test_self_managing_rbac_resources(): assert "clusterrolebinding" not in r +def test_setting_container_security_context(): + config = """ +securityContext: + runAsUser: 1001 + privileged: true +""" + r = helm_template(config) + c = r["deployment"][name]["spec"]["template"]["spec"]["containers"][0] + assert c["securityContext"]["runAsUser"] == 1001 + assert c["securityContext"]["privileged"] is True + + def test_setting_pod_security_context(): config = """ podSecurityContext: runAsUser: 1001 - privileged: false """ r = helm_template(config) - c = r["deployment"][name]["spec"]["template"]["spec"]["containers"][0] + c = r["deployment"][name]["spec"]["template"]["spec"] assert c["securityContext"]["runAsUser"] == 1001 - assert c["securityContext"]["privileged"] is False def test_adding_in_apm_config(): diff --git a/apm-server/values.yaml b/apm-server/values.yaml index 3c0a49875..4f802c9ed 100755 --- a/apm-server/values.yaml +++ b/apm-server/values.yaml @@ -82,8 +82,15 @@ podAnnotations: {} labels: {} podSecurityContext: - runAsUser: 0 + fsGroup: 1000 + runAsUser: 1000 + runAsGroup: 0 + +securityContext: privileged: false + runAsNonRoot: true + runAsUser: 1000 + runAsGroup: 0 livenessProbe: httpGet: From 5c1f00cecb4ec981a2e16b401769e030cf24d74e Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Wed, 6 Jan 2021 20:35:00 +0100 Subject: [PATCH 124/151] [elasticsearch] fix secrets in config example (#1012) --- elasticsearch/examples/config/test/goss.yaml | 4 ++++ elasticsearch/examples/config/values.yaml | 5 +++-- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/elasticsearch/examples/config/test/goss.yaml b/elasticsearch/examples/config/test/goss.yaml index 51c4907f5..455da3603 100644 --- a/elasticsearch/examples/config/test/goss.yaml +++ b/elasticsearch/examples/config/test/goss.yaml @@ -2,6 +2,8 @@ http: http://localhost:9200/_cluster/health: status: 200 timeout: 2000 + username: "{{ .Env.ELASTIC_USERNAME }}" + password: "{{ .Env.ELASTIC_PASSWORD }}" body: - "green" - '"number_of_nodes":1' @@ -10,6 +12,8 @@ http: http://localhost:9200: status: 200 timeout: 2000 + username: "{{ .Env.ELASTIC_USERNAME }}" + password: "{{ .Env.ELASTIC_PASSWORD }}" body: - '"cluster_name" : "config"' - "You Know, for Search" diff --git a/elasticsearch/examples/config/values.yaml b/elasticsearch/examples/config/values.yaml index ebde4f4d9..d417ce84b 100644 --- a/elasticsearch/examples/config/values.yaml +++ b/elasticsearch/examples/config/values.yaml @@ -7,12 +7,12 @@ extraEnvs: - name: ELASTIC_PASSWORD valueFrom: secretKeyRef: - name: elastic-credentials + name: elastic-config-credentials key: password - name: ELASTIC_USERNAME valueFrom: secretKeyRef: - name: elastic-credentials + name: elastic-config-credentials key: username # This is just a dummy file to make sure that @@ -20,6 +20,7 @@ extraEnvs: # as a custom elasticsearch.yml esConfig: elasticsearch.yml: | + xpack.security.enabled: true path.data: /usr/share/elasticsearch/data keystore: From e5c936b31ee77ba500f05f98aed6b450017f7ca7 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Thu, 14 Jan 2021 12:55:22 +0100 Subject: [PATCH 125/151] NIT Update backport config and small doc fixes (#1017) --- .backportrc.json | 2 +- README.md | 12 ++++++------ filebeat/README.md | 9 ++++++--- 3 files changed, 13 insertions(+), 10 deletions(-) diff --git a/.backportrc.json b/.backportrc.json index 001ba1941..94675147c 100644 --- a/.backportrc.json +++ b/.backportrc.json @@ -1,6 +1,6 @@ { "upstream": "elastic/helm-charts", - "targetBranchChoices": ["6.8", "7.10", "7.x"], + "targetBranchChoices": ["6.8", "7.10", "7.11", "7.x"], "all": true, "prFilter": "label:need-backport", "targetPRLabels": ["backport"], diff --git a/README.md b/README.md index be24a058c..4c5a42f4d 100644 --- a/README.md +++ b/README.md @@ -37,12 +37,12 @@ versions. | Chart | Docker documentation | Latest 7 Version | Latest 6 Version | |--------------------------------------------|---------------------------------------------------------------------------------|-----------------------------|-----------------------------| -| [APM-Server](./apm-server/README.md) | https://www.elastic.co/guide/en/apm/server/current/running-on-docker.html | [`7.10.0`][apm-7] | [`6.8.13`][apm-6] | -| [Elasticsearch](./elasticsearch/README.md) | https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html | [`7.10.0`][elasticsearch-7] | [`6.8.13`][elasticsearch-6] | -| [Filebeat](./filebeat/README.md) | https://www.elastic.co/guide/en/beats/filebeat/current/running-on-docker.html | [`7.10.0`][filebeat-7] | [`6.8.13`][filebeat-6] | -| [Kibana](./kibana/README.md) | https://www.elastic.co/guide/en/kibana/current/docker.html | [`7.10.0`][kibana-7] | [`6.8.13`][kibana-6] | -| [Logstash](./logstash/README.md) | https://www.elastic.co/guide/en/logstash/current/docker.html | [`7.10.0`][logstash-7] | [`6.8.13`][logstash-6] | -| [Metricbeat](./metricbeat/README.md) | https://www.elastic.co/guide/en/beats/metricbeat/current/running-on-docker.html | [`7.10.0`][metricbeat-7] | [`6.8.13`][metricbeat-6] | +| [APM-Server](./apm-server/README.md) | https://www.elastic.co/guide/en/apm/server/current/running-on-docker.html | [`7.10.1`][apm-7] | [`6.8.13`][apm-6] | +| [Elasticsearch](./elasticsearch/README.md) | https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html | [`7.10.1`][elasticsearch-7] | [`6.8.13`][elasticsearch-6] | +| [Filebeat](./filebeat/README.md) | https://www.elastic.co/guide/en/beats/filebeat/current/running-on-docker.html | [`7.10.1`][filebeat-7] | [`6.8.13`][filebeat-6] | +| [Kibana](./kibana/README.md) | https://www.elastic.co/guide/en/kibana/current/docker.html | [`7.10.1`][kibana-7] | [`6.8.13`][kibana-6] | +| [Logstash](./logstash/README.md) | https://www.elastic.co/guide/en/logstash/current/docker.html | [`7.10.1`][logstash-7] | [`6.8.13`][logstash-6] | +| [Metricbeat](./metricbeat/README.md) | https://www.elastic.co/guide/en/beats/metricbeat/current/running-on-docker.html | [`7.10.1`][metricbeat-7] | [`6.8.13`][metricbeat-6] | ## Supported Configurations diff --git a/filebeat/README.md b/filebeat/README.md index f5f413ccc..f3b0b2484 100644 --- a/filebeat/README.md +++ b/filebeat/README.md @@ -22,6 +22,7 @@ This Helm chart is a lightweight way to configure and run our official - [How to use Filebeat with Elasticsearch with security (authentication and TLS) enabled?](#how-to-use-filebeat-with-elasticsearch-with-security-authentication-and-tls-enabled) - [How to install OSS version of Filebeat?](#how-to-install-oss-version-of-filebeat) - [Why is Filebeat host.name field set to Kubernetes pod name?](#why-is-filebeat-hostname-field-set-to-kubernetes-pod-name) + - [How do I get multiple beats agents working with hostNetworking enabled?](#how-do-i-get-multiple-beats-agents-working-with-hostnetworking-enabled) - [How to change readinessProbe for outputs which don't support testing](#how-to-change-readinessprobe-for-outputs-which-dont-support-testing) - [Contributing](#contributing) @@ -89,6 +90,8 @@ activate it by setting `hostNetworking: true` in [values.yaml][]. as a reference. They are also used in the automated testing of this chart. +## Configuration + | Parameter | Description | Default | |--------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------| | `clusterRoleRules` | Configurable [cluster role rules][] that Filebeat uses to access Kubernetes resources | see [values.yaml][] | @@ -194,9 +197,9 @@ same node. ### How do I get multiple beats agents working with hostNetworking enabled? -The default http port for multiple beats agents may be on the same port, for -example, Filebeats and Metricbeats both default to 5066. When `hostNetworking` -is enabled this will cause collisions when standing up the http server. The work +The default http port for multiple beats agents may be on the same port, for +example, Filebeats and Metricbeats both default to 5066. When `hostNetworking` +is enabled this will cause collisions when standing up the http server. The work around for this is to set `http.port` in the config file for one of the beats agent to use a different port. From 83edfe2eb06c77a5a650df4d173d4ab060b4fecf Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Thu, 14 Jan 2021 13:14:18 +0100 Subject: [PATCH 126/151] [filebeat] fix documentation --- filebeat/README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/filebeat/README.md b/filebeat/README.md index f3b0b2484..61e3e55c9 100644 --- a/filebeat/README.md +++ b/filebeat/README.md @@ -71,9 +71,9 @@ upgrading to a new chart version. ## Usage notes * The default Filebeat configuration file for this chart is configured to use an -Filebeat endpoint. Without any additional changes, Filebeat will send -documents to the service URL that the Filebeat Helm chart sets up by -default. You may either set the `FILEBEAT_HOSTS` environment variable in +Elasticsearch endpoint. Without any additional changes, Filebeat will send +documents to the service URL that the Elasticsearch Helm chart sets up by +default. You may either set the `ELASTICSEARCH_HOSTS` environment variable in `extraEnvs` to override this endpoint or modify the default `filebeatConfig` to change this behavior. * The default Filebeat configuration file is also configured to capture From b31bcf19b45e45c3dafe3219962326b39c08f926 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Fri, 15 Jan 2021 16:48:58 +0100 Subject: [PATCH 127/151] [meta] fix transient errors with stable repository (#1018) --- helpers/terraform/Makefile | 2 -- metricbeat/examples/default/Makefile | 2 ++ metricbeat/examples/oss/Makefile | 2 ++ metricbeat/examples/security/Makefile | 2 ++ metricbeat/examples/upgrade/Makefile | 2 ++ 5 files changed, 8 insertions(+), 2 deletions(-) diff --git a/helpers/terraform/Makefile b/helpers/terraform/Makefile index 8d448c3e3..25e516db0 100644 --- a/helpers/terraform/Makefile +++ b/helpers/terraform/Makefile @@ -80,8 +80,6 @@ k8s-staging-registry: creds ## Create the staging registry auth secret in k8s .PHONY: integration integration: creds ## Deploy helm chart and run integration tests cd ../../$(CHART)/ && \ - helm repo add stable https://charts.helm.sh/stable && \ - helm dependency update && \ cd ./examples/$(SUITE) && \ make diff --git a/metricbeat/examples/default/Makefile b/metricbeat/examples/default/Makefile index bcd4fb77b..ab8e6aacf 100644 --- a/metricbeat/examples/default/Makefile +++ b/metricbeat/examples/default/Makefile @@ -6,6 +6,8 @@ RELEASE = helm-metricbeat-default GOSS_SELECTOR = release=$(RELEASE),app=helm-metricbeat-default-metricbeat install: + helm repo add stable https://charts.helm.sh/stable + helm dependency update ../../ helm upgrade --wait --timeout=$(TIMEOUT) --install $(RELEASE) ../../ test-metrics: diff --git a/metricbeat/examples/oss/Makefile b/metricbeat/examples/oss/Makefile index 534201044..81334c998 100644 --- a/metricbeat/examples/oss/Makefile +++ b/metricbeat/examples/oss/Makefile @@ -6,6 +6,8 @@ RELEASE := helm-metricbeat-oss GOSS_SELECTOR = release=$(RELEASE),app=helm-metricbeat-oss-metricbeat install: + helm repo add stable https://charts.helm.sh/stable + helm dependency update ../../ helm upgrade --wait --timeout=$(TIMEOUT) --install --values values.yaml $(RELEASE) ../../ test-metrics: diff --git a/metricbeat/examples/security/Makefile b/metricbeat/examples/security/Makefile index 2433d8e95..81049b709 100644 --- a/metricbeat/examples/security/Makefile +++ b/metricbeat/examples/security/Makefile @@ -6,6 +6,8 @@ RELEASE := helm-metricbeat-security GOSS_SELECTOR = release=$(RELEASE),app=helm-metricbeat-security-metricbeat install: + helm repo add stable https://charts.helm.sh/stable + helm dependency update ../../ helm upgrade --wait --timeout=$(TIMEOUT) --install --values values.yaml $(RELEASE) ../../ test-metrics: diff --git a/metricbeat/examples/upgrade/Makefile b/metricbeat/examples/upgrade/Makefile index 5cd564fcc..e18cb8435 100644 --- a/metricbeat/examples/upgrade/Makefile +++ b/metricbeat/examples/upgrade/Makefile @@ -8,6 +8,8 @@ FROM := 7.10.0 # upgrade from version < 7.10.0 is failing due to selector # breaking change in https://github.com/elastic/helm-charts/pull/516 install: + helm repo add stable https://charts.helm.sh/stable + helm dependency update ../../ ../../../helpers/upgrade.sh --chart $(CHART) --release $(RELEASE) --from $(FROM) kubectl rollout status daemonset $(RELEASE)-metricbeat kubectl rollout status deployment $(RELEASE)-metricbeat-metrics From 94d85b8121cbe5af9b7ad4b4b12072be4ee63b9d Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Tue, 19 Jan 2021 18:17:57 +0100 Subject: [PATCH 128/151] [meta] bump helm version to 3.5.0 (#1025) This commit add support for helm 3.5.0 --- README.md | 2 +- helpers/helm-tester/Dockerfile | 2 +- helpers/terraform/Dockerfile | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 4c5a42f4d..05e811e8f 100644 --- a/README.md +++ b/README.md @@ -77,7 +77,7 @@ exact versions are defined under `KUBERNETES_VERSIONS` in ### Helm versions While we are checking backward compatibility, the charts are only tested with -Helm version mentioned in [helm-tester Dockerfile][] (currently 3.4.2). +Helm version mentioned in [helm-tester Dockerfile][] (currently 3.5.0). ## ECK diff --git a/helpers/helm-tester/Dockerfile b/helpers/helm-tester/Dockerfile index 0a4de30d4..fbf325d5b 100644 --- a/helpers/helm-tester/Dockerfile +++ b/helpers/helm-tester/Dockerfile @@ -1,6 +1,6 @@ FROM python:3.7 -ENV HELM_VERSION=3.4.2 +ENV HELM_VERSION=3.5.0 RUN wget --no-verbose https://get.helm.sh/helm-v${HELM_VERSION}-linux-amd64.tar.gz && \ tar xfv helm-v${HELM_VERSION}-linux-amd64.tar.gz && \ diff --git a/helpers/terraform/Dockerfile b/helpers/terraform/Dockerfile index a7189fa0b..cc3bcebb2 100644 --- a/helpers/terraform/Dockerfile +++ b/helpers/terraform/Dockerfile @@ -3,7 +3,7 @@ FROM centos:7 ENV VAULT_VERSION 0.9.3 ENV TERRAFORM_VERSION=0.11.7 ENV KUBECTL_VERSION=1.16.10 -ENV HELM_VERSION=3.4.2 +ENV HELM_VERSION=3.5.0 ENV DOCKER_VERSION=18.09.7 ENV JQ_VERSION=1.6 From 5e9889e4834f998f25154567b68bb4f610a04e42 Mon Sep 17 00:00:00 2001 From: Aidan <63606283+artificial-aidan@users.noreply.github.com> Date: Wed, 27 Jan 2021 02:05:30 -0800 Subject: [PATCH 129/151] Fix post-lifecycle hook example (#1028) --- kibana/README.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/kibana/README.md b/kibana/README.md index b5ced97a7..dc22e565a 100644 --- a/kibana/README.md +++ b/kibana/README.md @@ -9,7 +9,6 @@ This Helm chart is a lightweight way to configure and run our official - - [Requirements](#requirements) - [Installing](#installing) - [Install released version using Helm repository](#install-released-version-using-helm-repository) @@ -195,7 +194,7 @@ lifecycle: # Import a dashboard KB_URL=http://localhost:5601 while [[ "$(curl -s -o /dev/null -w '%{http_code}\n' -L $KB_URL)" != "200" ]]; do sleep 1; done - curl -XPOST "$KB_URL/api/kibana/dashboards/import" -H "Content-Type: application/json" -H 'kbn-xsrf: true' -d'"objects":[{"type":"index-pattern","id":"my-pattern","attributes":{"title":"my-pattern-*"}},{"type":"dashboard","id":"my-dashboard","attributes":{"title":"Look at my dashboard"}}]}' + curl -XPOST "$KB_URL/api/kibana/dashboards/import" -H "Content-Type: application/json" -H 'kbn-xsrf: true' -d'{"objects":[{"type":"index-pattern","id":"my-pattern","attributes":{"title":"my-pattern-*"}},{"type":"dashboard","id":"my-dashboard","attributes":{"title":"Look at my dashboard"}}]}' ``` From 2ea24825abed1ffd51130b851a8c4c0a40277dd0 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Thu, 28 Jan 2021 08:12:34 +0100 Subject: [PATCH 130/151] [meta] add build status and artifact hub badges (#1033) This commit is adding Artifact Hub badges to main and charts README pages. Also add build status badges to charts README pages (was only present on main README page). --- README.md | 2 +- apm-server/README.md | 2 ++ elasticsearch/README.md | 2 ++ filebeat/README.md | 2 ++ kibana/README.md | 2 ++ logstash/README.md | 2 ++ metricbeat/README.md | 8 +++++--- 7 files changed, 16 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 05e811e8f..74b46f176 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # Elastic Stack Kubernetes Helm Charts -[![Build Status](https://img.shields.io/jenkins/s/https/devops-ci.elastic.co/job/elastic+helm-charts+7.x.svg)](https://devops-ci.elastic.co/job/elastic+helm-charts+7.x/) +[![Build Status](https://img.shields.io/jenkins/s/https/devops-ci.elastic.co/job/elastic+helm-charts+7.x.svg)](https://devops-ci.elastic.co/job/elastic+helm-charts+7.x/) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/elastic)](https://artifacthub.io/packages/search?repo=elastic) diff --git a/apm-server/README.md b/apm-server/README.md index eae1e0f41..2a3baad9f 100644 --- a/apm-server/README.md +++ b/apm-server/README.md @@ -1,5 +1,7 @@ # APM Server Helm Chart +[![Build Status](https://img.shields.io/jenkins/s/https/devops-ci.elastic.co/job/elastic+helm-charts+master.svg)](https://devops-ci.elastic.co/job/elastic+helm-charts+master/) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/elastic)](https://artifacthub.io/packages/search?repo=elastic) + This Helm chart is a lightweight way to configure and run our official [APM Server Docker image][]. diff --git a/elasticsearch/README.md b/elasticsearch/README.md index 459ebfd93..2e8076766 100644 --- a/elasticsearch/README.md +++ b/elasticsearch/README.md @@ -1,5 +1,7 @@ # Elasticsearch Helm Chart +[![Build Status](https://img.shields.io/jenkins/s/https/devops-ci.elastic.co/job/elastic+helm-charts+master.svg)](https://devops-ci.elastic.co/job/elastic+helm-charts+master/) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/elastic)](https://artifacthub.io/packages/search?repo=elastic) + This Helm chart is a lightweight way to configure and run our official [Elasticsearch Docker image][]. diff --git a/filebeat/README.md b/filebeat/README.md index 61e3e55c9..71189704a 100644 --- a/filebeat/README.md +++ b/filebeat/README.md @@ -1,5 +1,7 @@ # Filebeat Helm Chart +[![Build Status](https://img.shields.io/jenkins/s/https/devops-ci.elastic.co/job/elastic+helm-charts+master.svg)](https://devops-ci.elastic.co/job/elastic+helm-charts+master/) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/elastic)](https://artifacthub.io/packages/search?repo=elastic) + This Helm chart is a lightweight way to configure and run our official [Filebeat Docker image][]. diff --git a/kibana/README.md b/kibana/README.md index dc22e565a..51a2201fd 100644 --- a/kibana/README.md +++ b/kibana/README.md @@ -1,5 +1,7 @@ # Kibana Helm Chart +[![Build Status](https://img.shields.io/jenkins/s/https/devops-ci.elastic.co/job/elastic+helm-charts+master.svg)](https://devops-ci.elastic.co/job/elastic+helm-charts+master/) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/elastic)](https://artifacthub.io/packages/search?repo=elastic) + This Helm chart is a lightweight way to configure and run our official [Kibana Docker image][]. diff --git a/logstash/README.md b/logstash/README.md index bbfd8bc57..cea59c970 100644 --- a/logstash/README.md +++ b/logstash/README.md @@ -1,5 +1,7 @@ # Logstash Helm Chart +[![Build Status](https://img.shields.io/jenkins/s/https/devops-ci.elastic.co/job/elastic+helm-charts+master.svg)](https://devops-ci.elastic.co/job/elastic+helm-charts+master/) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/elastic)](https://artifacthub.io/packages/search?repo=elastic) + This Helm chart is a lightweight way to configure and run our official [Logstash Docker image][]. diff --git a/metricbeat/README.md b/metricbeat/README.md index 5742bc7c0..f04b2f210 100644 --- a/metricbeat/README.md +++ b/metricbeat/README.md @@ -1,5 +1,7 @@ # Metricbeat Helm Chart +[![Build Status](https://img.shields.io/jenkins/s/https/devops-ci.elastic.co/job/elastic+helm-charts+master.svg)](https://devops-ci.elastic.co/job/elastic+helm-charts+master/) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/elastic)](https://artifacthub.io/packages/search?repo=elastic) + This Helm chart is a lightweight way to configure and run our official [Metricbeat Docker image][]. @@ -208,9 +210,9 @@ same node. ### How do I get multiple beats agents working with hostNetworking enabled? -The default http port for multiple beats agents may be on the same port, for -example, Filebeats and Metricbeats both default to 5066. When `hostNetworking` -is enabled this will cause collisions when standing up the http server. The work +The default http port for multiple beats agents may be on the same port, for +example, Filebeats and Metricbeats both default to 5066. When `hostNetworking` +is enabled this will cause collisions when standing up the http server. The work around for this is to set `http.port` in the config file for one of the beats agent to use a different port. From 3824081d9190f40307ae499db59e94a874bf71ad Mon Sep 17 00:00:00 2001 From: Clement Chevalier <69809982+clemcvlcs@users.noreply.github.com> Date: Thu, 28 Jan 2021 12:41:19 +0100 Subject: [PATCH 131/151] [filebeat] variable maxUnavailable updateStrategy (#809) --- filebeat/README.md | 2 ++ filebeat/templates/daemonset.yaml | 4 ++++ filebeat/tests/filebeat_test.py | 23 ++++++++++++++++++++++- filebeat/values.yaml | 2 ++ 4 files changed, 30 insertions(+), 1 deletion(-) diff --git a/filebeat/README.md b/filebeat/README.md index 71189704a..782c489f7 100644 --- a/filebeat/README.md +++ b/filebeat/README.md @@ -108,6 +108,7 @@ as a reference. They are also used in the automated testing of this chart. | `daemonset.hostAliases` | Configurable [hostAliases][] for filebeat DaemonSet | `[]` | | `daemonset.hostNetworking` | Enable filebeat DaemonSet to use `hostNetwork` | `false` | | `daemonset.filebeatConfig` | Allows you to add any config files in `/usr/share/filebeat` such as `filebeat.yml` for filebeat DaemonSet | see [values.yaml][] | +| `daemonset.maxUnavailable` | The [maxUnavailable][] value for the pod disruption budget. By default this will prevent Kubernetes from having more than 1 unhealthy pod in the node group | `1` | | `daemonset.nodeSelector` | Configurable [nodeSelector][] for filebeat DaemonSet | `{}` | | `daemonset.secretMounts` | Allows you easily mount a secret as a file inside the DaemonSet. Useful for mounting certificates and other secrets. See [values.yaml][] for an example | `[]` | | `daemonset.podSecurityContext` | Configurable [podSecurityContext][] for filebeat DaemonSet pod execution environment | see [values.yaml][] | @@ -258,6 +259,7 @@ about our development and testing process. [kafka output]: https://www.elastic.co/guide/en/beats/filebeat/7.x/kafka-output.html [kubernetes secrets]: https://kubernetes.io/docs/concepts/configuration/secret/ [labels]: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ +[maxUnavailable]: https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget [nodeSelector]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector [podSecurityContext]: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ [priorityClass]: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass diff --git a/filebeat/templates/daemonset.yaml b/filebeat/templates/daemonset.yaml index 923e90e3f..2989e36c2 100644 --- a/filebeat/templates/daemonset.yaml +++ b/filebeat/templates/daemonset.yaml @@ -30,6 +30,10 @@ spec: app: "{{ template "filebeat.fullname" . }}" release: {{ .Release.Name | quote }} updateStrategy: + {{- if eq .Values.updateStrategy "RollingUpdate" }} + rollingUpdate: + maxUnavailable: {{ .Values.daemonset.maxUnavailable }} + {{- end }} type: {{ .Values.updateStrategy }} template: metadata: diff --git a/filebeat/tests/filebeat_test.py b/filebeat/tests/filebeat_test.py index 9460e8ec6..0a1c100dc 100644 --- a/filebeat/tests/filebeat_test.py +++ b/filebeat/tests/filebeat_test.py @@ -51,6 +51,13 @@ def test_defaults(): assert r["daemonset"][name]["spec"]["updateStrategy"]["type"] == "RollingUpdate" + assert ( + r["daemonset"][name]["spec"]["updateStrategy"]["rollingUpdate"][ + "maxUnavailable" + ] + == 1 + ) + assert ( r["daemonset"][name]["spec"]["template"]["spec"]["serviceAccountName"] == name ) @@ -404,7 +411,21 @@ def test_adding_deprecated_tolerations(): def test_override_the_default_update_strategy(): config = """ -updateStrategy: OnDelete + daemonset: + maxUnavailable: 2 +""" + + r = helm_template(config) + assert r["daemonset"][name]["spec"]["updateStrategy"]["type"] == "RollingUpdate" + assert ( + r["daemonset"][name]["spec"]["updateStrategy"]["rollingUpdate"][ + "maxUnavailable" + ] + == 2 + ) + + config = """ + updateStrategy: OnDelete """ r = helm_template(config) diff --git a/filebeat/values.yaml b/filebeat/values.yaml index f8de289bc..e1ee3e416 100755 --- a/filebeat/values.yaml +++ b/filebeat/values.yaml @@ -40,6 +40,8 @@ daemonset: output.elasticsearch: host: '${NODE_NAME}' hosts: '${ELASTICSEARCH_HOSTS:elasticsearch-master:9200}' + # Only used when updateStrategy is set to "RollingUpdate" + maxUnavailable: 1 nodeSelector: {} # A list of secrets and their paths to mount inside the pod # This is useful for mounting certificates for security other sensitive values From 316708d404822e12b218a90d64c332d50110c074 Mon Sep 17 00:00:00 2001 From: Yousaf Syed Date: Wed, 3 Feb 2021 18:30:09 +0100 Subject: [PATCH 132/151] [metricbeat] Fixing the respository of kube-state-metrics for metricbeats (#1039) --- metricbeat/README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/metricbeat/README.md b/metricbeat/README.md index f04b2f210..3784f8d58 100644 --- a/metricbeat/README.md +++ b/metricbeat/README.md @@ -49,6 +49,7 @@ This chart is tested with the latest 7.11.0-SNAPSHOT version. `helm repo add elastic https://helm.elastic.co` * Install it: + - Add the Elastic Helm charts repo (required for kube-state-metrics chart dependency): `helm repo add stable https://charts.helm.sh/stable` - with Helm 3: `helm install metricbeat --version elastic/metricbeat` - with Helm 2 (deprecated): `helm install --name metricbeat --version elastic/metricbeat` From 2a6af4c6d19ca3c1632dd37c1b468ca565c0c5ef Mon Sep 17 00:00:00 2001 From: "Daniel (ht)" Date: Wed, 3 Feb 2021 17:50:04 +0800 Subject: [PATCH 133/151] fix: security.yaml is 404 (#1040) fix: security.yaml is 404 --- elasticsearch/examples/security/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/elasticsearch/examples/security/README.md b/elasticsearch/examples/security/README.md index 52e7cce50..802120997 100644 --- a/elasticsearch/examples/security/README.md +++ b/elasticsearch/examples/security/README.md @@ -26,4 +26,4 @@ You can also run [goss integration tests][] using `make test` [goss integration tests]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/security/test/goss.yaml [official docs]: https://www.elastic.co/guide/en/elasticsearch/reference/7.x/configuring-tls.html#node-certificates -[values]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/security/security.yaml +[values]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/security/values.yaml From a2c132412975cffcc7ed897aae74339a24d0e566 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Tue, 16 Feb 2021 18:29:59 +0100 Subject: [PATCH 134/151] [elasticsearch][kibana] remove oss examples (#1046) (#1052) --- apm-server/README.md | 2 +- apm-server/examples/oss/README.md | 4 +- apm-server/examples/oss/test/goss.yaml | 7 +- apm-server/examples/oss/values.yaml | 14 ++-- elasticsearch/README.md | 11 --- elasticsearch/examples/oss/Makefile | 14 ---- elasticsearch/examples/oss/README.md | 23 ------ elasticsearch/examples/oss/test/goss.yaml | 16 ---- elasticsearch/examples/oss/values.yaml | 4 - elasticsearch/tests/elasticsearch_test.py | 10 --- elasticsearch/values.yaml | 2 +- filebeat/README.md | 4 +- filebeat/examples/deployment/README.md | 2 +- filebeat/examples/oss/test/goss.yaml | 4 +- filebeat/examples/oss/values.yaml | 23 +++++- helpers/matrix.yml | 2 - kibana/README.md | 11 --- kibana/examples/oss/Makefile | 13 ---- kibana/examples/oss/README.md | 27 ------- kibana/examples/oss/test/goss.yaml | 4 - kibana/examples/oss/values.yaml | 4 - logstash/README.md | 2 +- metricbeat/README.md | 2 +- .../examples/oss/test/goss-metrics.yaml | 11 ++- metricbeat/examples/oss/test/goss.yaml | 11 ++- metricbeat/examples/oss/values.yaml | 77 +++++++++++++++++-- 26 files changed, 123 insertions(+), 181 deletions(-) delete mode 100644 elasticsearch/examples/oss/Makefile delete mode 100644 elasticsearch/examples/oss/README.md delete mode 100644 elasticsearch/examples/oss/test/goss.yaml delete mode 100644 elasticsearch/examples/oss/values.yaml delete mode 100644 kibana/examples/oss/Makefile delete mode 100644 kibana/examples/oss/README.md delete mode 100644 kibana/examples/oss/test/goss.yaml delete mode 100644 kibana/examples/oss/values.yaml diff --git a/apm-server/README.md b/apm-server/README.md index 2a3baad9f..c700c1aad 100644 --- a/apm-server/README.md +++ b/apm-server/README.md @@ -138,7 +138,7 @@ An example can be found in [examples/security][]. ### How to install OSS version of APM Server? -Deploying OSS version of Elasticsearch can be done by setting `image` value to +Deploying OSS version of APM Server can be done by setting `image` value to [APM Server OSS Docker image][] An example of APM Server deployment using OSS version can be found in diff --git a/apm-server/examples/oss/README.md b/apm-server/examples/oss/README.md index af01d5382..a997541fc 100644 --- a/apm-server/examples/oss/README.md +++ b/apm-server/examples/oss/README.md @@ -12,7 +12,7 @@ This example deploy APM Server 7.11.0-SNAPSHOT using [APM Server OSS][] version. * You can now setup a port forward to query APM indices: ``` - kubectl port-forward svc/oss-master 9200 + kubectl port-forward svc/elasticsearch-master 9200 curl localhost:9200/_cat/indices ``` @@ -23,5 +23,5 @@ You can also run [goss integration tests][] using `make test` [apm server oss]: https://www.elastic.co/downloads/apm-oss -[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/oss/ +[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/default/ [goss integration tests]: https://github.com/elastic/helm-charts/tree/7.x/apm-server/examples/oss/test/goss.yaml diff --git a/apm-server/examples/oss/test/goss.yaml b/apm-server/examples/oss/test/goss.yaml index 7659f1f86..c2c3aaf62 100644 --- a/apm-server/examples/oss/test/goss.yaml +++ b/apm-server/examples/oss/test/goss.yaml @@ -3,4 +3,9 @@ http: status: 200 timeout: 2000 body: - - "7.11.0" + - '7.11.0' + http://elasticsearch-master:9200/_cat/indices: + status: 200 + timeout: 2000 + body: + - 'apm-oss-7.11.0' diff --git a/apm-server/examples/oss/values.yaml b/apm-server/examples/oss/values.yaml index 330c27b69..69dffa2dc 100644 --- a/apm-server/examples/oss/values.yaml +++ b/apm-server/examples/oss/values.yaml @@ -10,12 +10,8 @@ apmConfig: enabled: false output.elasticsearch: - hosts: ["http://oss-master:9200"] - ## If you have security enabled- you'll need to add the credentials - ## as environment variables - # username: "${ELASTICSEARCH_USERNAME}" - # password: "${ELASTICSEARCH_PASSWORD}" - ## If SSL is enabled - # protocol: https - # ssl.certificate_authorities: - # - /usr/share/apm-server/config/certs/elastic-ca.pem + hosts: ["http://elasticsearch-master:9200"] + index: "apm-oss-%{[observer.version]}-%{+yyyy.MM.dd}" + + setup.template.name: "apm-server" + setup.template.pattern: "apm-oss-*" diff --git a/elasticsearch/README.md b/elasticsearch/README.md index 2e8076766..4b5b12dfa 100644 --- a/elasticsearch/README.md +++ b/elasticsearch/README.md @@ -26,7 +26,6 @@ This Helm chart is a lightweight way to configure and run our official - [Clustering and Node Discovery](#clustering-and-node-discovery) - [How to deploy clusters with security (authentication and TLS) enabled?](#how-to-deploy-clusters-with-security-authentication-and-tls-enabled) - [How to migrate from helm/charts stable chart?](#how-to-migrate-from-helmcharts-stable-chart) - - [How to install OSS version of Elasticsearch?](#how-to-install-oss-version-of-elasticsearch) - [How to install plugins?](#how-to-install-plugins) - [How to use the keystore?](#how-to-use-the-keystore) - [Basic example](#basic-example) @@ -255,14 +254,6 @@ An example of Elasticsearch cluster using security can be found in If you currently have a cluster deployed with the [helm/charts stable][] chart you can follow the [migration guide][]. -### How to install OSS version of Elasticsearch? - -Deploying OSS version of Elasticsearch can be done by setting `image` value to -[Elasticsearch OSS Docker image][] - -An example of Elasticsearch cluster using OSS version can be found in -[examples/oss][]. - ### How to install plugins? The recommended way to install plugins into our Docker images is to create a @@ -409,12 +400,10 @@ about our development and testing process. [docker for mac]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/docker-for-mac [elasticsearch cluster health status params]: https://www.elastic.co/guide/en/elasticsearch/reference/7.x/cluster-health.html#request-params [elasticsearch docker image]: https://www.elastic.co/guide/en/elasticsearch/reference/7.x/docker.html -[elasticsearch oss docker image]: https://www.docker.elastic.co/r/elasticsearch/elasticsearch-oss [environment variables]: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config [environment from variables]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables [examples]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/ [examples/multi]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/multi -[examples/oss]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/oss [examples/security]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/security [gke]: https://cloud.google.com/kubernetes-engine [helm]: https://helm.sh diff --git a/elasticsearch/examples/oss/Makefile b/elasticsearch/examples/oss/Makefile deleted file mode 100644 index e7425e74a..000000000 --- a/elasticsearch/examples/oss/Makefile +++ /dev/null @@ -1,14 +0,0 @@ -default: test - -include ../../../helpers/examples.mk - -RELEASE := helm-es-oss -TIMEOUT := 1200s - -install: - helm upgrade --wait --timeout=$(TIMEOUT) --install --values values.yaml $(RELEASE) ../../ - -test: install goss - -purge: - helm del $(RELEASE) diff --git a/elasticsearch/examples/oss/README.md b/elasticsearch/examples/oss/README.md deleted file mode 100644 index 6e8bf8953..000000000 --- a/elasticsearch/examples/oss/README.md +++ /dev/null @@ -1,23 +0,0 @@ -# OSS - -This example deploy a 3 nodes Elasticsearch 7.11.0-SNAPSHOT cluster using -[Elasticsearch OSS][] version. - -## Usage - -* Deploy Elasticsearch chart with the default values: `make install` - -* You can now setup a port forward to query Elasticsearch API: - - ``` - kubectl port-forward svc/oss-master 9200 - curl localhost:9200/_cat/indices - ``` - -## Testing - -You can also run [goss integration tests][] using `make test` - - -[elasticsearch oss]: https://www.elastic.co/downloads/elasticsearch-oss -[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/oss/test/goss.yaml diff --git a/elasticsearch/examples/oss/test/goss.yaml b/elasticsearch/examples/oss/test/goss.yaml deleted file mode 100644 index bf24f033a..000000000 --- a/elasticsearch/examples/oss/test/goss.yaml +++ /dev/null @@ -1,16 +0,0 @@ -http: - http://localhost:9200/_cluster/health: - status: 200 - timeout: 2000 - body: - - 'green' - - '"number_of_nodes":3' - - '"number_of_data_nodes":3' - - http://localhost:9200: - status: 200 - timeout: 2000 - body: - - '"number" : "7.11.0-SNAPSHOT"' - - '"cluster_name" : "oss"' - - 'You Know, for Search' diff --git a/elasticsearch/examples/oss/values.yaml b/elasticsearch/examples/oss/values.yaml deleted file mode 100644 index adcb7df3e..000000000 --- a/elasticsearch/examples/oss/values.yaml +++ /dev/null @@ -1,4 +0,0 @@ ---- - -clusterName: "oss" -image: "docker.elastic.co/elasticsearch/elasticsearch-oss" diff --git a/elasticsearch/tests/elasticsearch_test.py b/elasticsearch/tests/elasticsearch_test.py index 75147c5ff..2c2bb06bd 100755 --- a/elasticsearch/tests/elasticsearch_test.py +++ b/elasticsearch/tests/elasticsearch_test.py @@ -1065,16 +1065,6 @@ def test_esMajorVersion_always_wins(): assert r["statefulset"][uname]["metadata"]["annotations"]["esMajorVersion"] == "7" -def test_esMajorVersion_parse_image_tag_for_oss_image(): - config = """ - image: docker.elastic.co/elasticsearch/elasticsearch-oss - imageTag: 6.3.2 - """ - - r = helm_template(config) - assert r["statefulset"][uname]["metadata"]["annotations"]["esMajorVersion"] == "6" - - def test_set_pod_security_context(): config = "" r = helm_template(config) diff --git a/elasticsearch/values.yaml b/elasticsearch/values.yaml index 0ef108cc2..f94686eb7 100755 --- a/elasticsearch/values.yaml +++ b/elasticsearch/values.yaml @@ -13,7 +13,7 @@ roles: ingest: "true" data: "true" remote_cluster_client: "true" -# ml: "true" # ml is not availble with elasticsearch-oss + ml: "true" replicas: 3 minimumMasterNodes: 2 diff --git a/filebeat/README.md b/filebeat/README.md index 782c489f7..192707279 100644 --- a/filebeat/README.md +++ b/filebeat/README.md @@ -136,7 +136,7 @@ as a reference. They are also used in the automated testing of this chart. | `hostPathRoot` | Fully-qualified [hostPath][] that will be used to persist filebeat registry data | `/var/lib` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The filebeat Docker image tag | `8.0.0-SNAPSHOT` | +| `imageTag` | The filebeat Docker image tag | `7.11.0-SNAPSHOT` | | `image` | The filebeat Docker image | `docker.elastic.co/beats/filebeat` | | `livenessProbe` | Parameters to pass to liveness [probe][] checks for values such as timeouts and thresholds | see [values.yaml][] | | `managedServiceAccount` | Whether the `serviceAccount` should be managed by this helm chart. Set this to `false` in order to manage your own service account and related roles | `true` | @@ -179,7 +179,7 @@ An example can be found in [examples/security][]. ### How to install OSS version of Filebeat? -Deploying OSS version of Elasticsearch can be done by setting `image` value to +Deploying OSS version of Filebeat can be done by setting `image` value to [Filebeat OSS Docker image][] An example of Filebeat deployment using OSS version can be found in diff --git a/filebeat/examples/deployment/README.md b/filebeat/examples/deployment/README.md index b41e681e4..af408e7df 100644 --- a/filebeat/examples/deployment/README.md +++ b/filebeat/examples/deployment/README.md @@ -1,6 +1,6 @@ # Default -This example deploy Filebeat 8.0.0-SNAPSHOT using [default values][] as a Kubernetes Deployment. +This example deploy Filebeat 7.11.0-SNAPSHOT using [default values][] as a Kubernetes Deployment. ## Usage diff --git a/filebeat/examples/oss/test/goss.yaml b/filebeat/examples/oss/test/goss.yaml index 1fe1b7f26..37af11048 100644 --- a/filebeat/examples/oss/test/goss.yaml +++ b/filebeat/examples/oss/test/goss.yaml @@ -15,8 +15,8 @@ user: gid: 1000 http: - http://oss-master:9200/_cat/indices: + http://elasticsearch-master:9200/_cat/indices: status: 200 timeout: 2000 body: - - "filebeat-7.11.0" + - "filebeat-oss-7.11.0" diff --git a/filebeat/examples/oss/values.yaml b/filebeat/examples/oss/values.yaml index 0b9a414f7..7f713fede 100644 --- a/filebeat/examples/oss/values.yaml +++ b/filebeat/examples/oss/values.yaml @@ -1,5 +1,22 @@ image: docker.elastic.co/beats/filebeat-oss -extraEnvs: - - name: ELASTICSEARCH_HOSTS - value: oss-master:9200 +daemonset: + filebeatConfig: + filebeat.yml: | + filebeat.inputs: + - type: container + paths: + - /var/log/containers/*.log + processors: + - add_kubernetes_metadata: + host: ${NODE_NAME} + matchers: + - logs_path: + logs_path: "/var/log/containers/" + output.elasticsearch: + host: '${NODE_NAME}' + hosts: "elasticsearch-master:9200" + index: "filebeat-oss-%{[agent.version]}-%{+yyyy.MM.dd}" + setup.ilm.enabled: false + setup.template.name: "filebeat" + setup.template.pattern: "filebeat-oss-*" diff --git a/helpers/matrix.yml b/helpers/matrix.yml index 575afaba6..b1c44fab0 100644 --- a/helpers/matrix.yml +++ b/helpers/matrix.yml @@ -9,12 +9,10 @@ ES_SUITE: - default - config - multi - - oss - security - upgrade KIBANA_SUITE: - default - - oss - security - upgrade FILEBEAT_SUITE: diff --git a/kibana/README.md b/kibana/README.md index 51a2201fd..f908c99a7 100644 --- a/kibana/README.md +++ b/kibana/README.md @@ -22,7 +22,6 @@ This Helm chart is a lightweight way to configure and run our official - [FAQ](#faq) - [How to deploy this chart on a specific K8S distribution?](#how-to-deploy-this-chart-on-a-specific-k8s-distribution) - [How to use Kibana with security (authentication and TLS) enabled?](#how-to-use-kibana-with-security-authentication-and-tls-enabled) - - [How to install OSS version of Kibana?](#how-to-install-oss-version-of-kibana) - [How to install plugins?](#how-to-install-plugins) - [How to import objects post-deployment?](#how-to-import-objects-post-deployment) - [Contributing](#contributing) @@ -143,14 +142,6 @@ outside of this chart and accessed using [environment variables][] and volumes. An example can be found in [examples/security][]. -### How to install OSS version of Kibana? - -Deploying OSS version of Elasticsearch can be done by setting `image` value to -[kibana OSS Docker image][] - -An example of Kibana deployment using OSS version can be found in -[examples/oss][]. - ### How to install plugins? The recommended way to install plugins into our Docker images is to create a @@ -215,7 +206,6 @@ about our development and testing process. [environment variables]: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config [environment from variables]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables [examples]: https://github.com/elastic/helm-charts/tree/7.x/kibana/examples -[examples/oss]: https://github.com/elastic/helm-charts/tree/7.x/kibana/examples/oss [examples/security]: https://github.com/elastic/helm-charts/tree/7.x/kibana/examples/security [gke]: https://cloud.google.com/kubernetes-engine [helm]: https://helm.sh @@ -224,7 +214,6 @@ about our development and testing process. [imagePullSecrets]: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret [ingress]: https://kubernetes.io/docs/concepts/services-networking/ingress/ [kibana docker image]: https://www.elastic.co/guide/en/kibana/7.x/docker.html -[kibana oss docker image]: https://www.docker.elastic.co/r/kibana/kibana-oss [kubernetes secrets]: https://kubernetes.io/docs/concepts/configuration/secret/ [labels]: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ [lifecycle hooks]: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/ diff --git a/kibana/examples/oss/Makefile b/kibana/examples/oss/Makefile deleted file mode 100644 index c4804946a..000000000 --- a/kibana/examples/oss/Makefile +++ /dev/null @@ -1,13 +0,0 @@ -default: test - -include ../../../helpers/examples.mk - -RELEASE := helm-kibana-oss - -install: - helm upgrade --wait --timeout=$(TIMEOUT) --install --values values.yaml $(RELEASE) ../../ - -test: install goss - -purge: - helm del $(RELEASE) diff --git a/kibana/examples/oss/README.md b/kibana/examples/oss/README.md deleted file mode 100644 index 0881aafd8..000000000 --- a/kibana/examples/oss/README.md +++ /dev/null @@ -1,27 +0,0 @@ -# OSS - -This example deploy Kibana 7.11.0-SNAPSHOT using [Kibana OSS][] version. - - -## Usage - -* Deploy [Elasticsearch Helm chart][]. - -* Deploy Kibana chart with the default values: `make install` - -* You can now setup a port forward to query Kibana indices: - - ``` - kubectl port-forward svc/oss-master 9200 - curl localhost:9200/_cat/indices - ``` - - -## Testing - -You can also run [goss integration tests][] using `make test` - - -[kibana oss]: https://www.elastic.co/downloads/kibana-oss -[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/oss/ -[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.x/kibana/examples/oss/test/goss.yaml diff --git a/kibana/examples/oss/test/goss.yaml b/kibana/examples/oss/test/goss.yaml deleted file mode 100644 index 35aee7dd4..000000000 --- a/kibana/examples/oss/test/goss.yaml +++ /dev/null @@ -1,4 +0,0 @@ -http: - http://localhost:5601/app/kibana: - status: 200 - timeout: 2000 diff --git a/kibana/examples/oss/values.yaml b/kibana/examples/oss/values.yaml deleted file mode 100644 index eb0203c75..000000000 --- a/kibana/examples/oss/values.yaml +++ /dev/null @@ -1,4 +0,0 @@ ---- - -image: "docker.elastic.co/kibana/kibana-oss" -elasticsearchHosts: "http://oss-master:9200" diff --git a/logstash/README.md b/logstash/README.md index cea59c970..97fa733df 100644 --- a/logstash/README.md +++ b/logstash/README.md @@ -158,7 +158,7 @@ useful for the [http input plugin][], for instance. ### How to install OSS version of Logstash? -Deploying OSS version of Elasticsearch can be done by setting `image` value to +Deploying OSS version of Logstash can be done by setting `image` value to [Logstash OSS Docker image][] An example of Logstash deployment using OSS version can be found in diff --git a/metricbeat/README.md b/metricbeat/README.md index 3784f8d58..dfd0ad65b 100644 --- a/metricbeat/README.md +++ b/metricbeat/README.md @@ -178,7 +178,7 @@ An example can be found in [examples/security][]. ### How to install OSS version of Metricbeat? -Deploying OSS version of Elasticsearch can be done by setting `image` value to +Deploying OSS version of Metricbeat can be done by setting `image` value to [Metricbeat OSS Docker image][] An example of Metricbeat deployment using OSS version can be found in diff --git a/metricbeat/examples/oss/test/goss-metrics.yaml b/metricbeat/examples/oss/test/goss-metrics.yaml index 591d69ba3..8d49193c6 100644 --- a/metricbeat/examples/oss/test/goss-metrics.yaml +++ b/metricbeat/examples/oss/test/goss-metrics.yaml @@ -17,16 +17,16 @@ user: gid: 1000 http: - http://oss-master:9200/_cat/indices: + http://elasticsearch-master:9200/_cat/indices: status: 200 timeout: 2000 body: - - 'metricbeat-7.11.0' - http://oss-master:9200/_search?q=metricset.name:state_deployment: + - 'metricbeat-oss-7.11.0' + http://elasticsearch-master:9200/_search?q=metricset.name:state_deployment: status: 200 timeout: 2000 body: - - 'metricbeat-7.11.0' + - 'metricbeat-oss-7.11.0' file: /usr/share/metricbeat/metricbeat.yml: @@ -38,5 +38,4 @@ command: cd /usr/share/metricbeat && metricbeat test output: exit-status: 0 stdout: - - 'elasticsearch: http://oss-master:9200' - - 'version: 7.11.0' + - 'elasticsearch: http://elasticsearch-master:9200' diff --git a/metricbeat/examples/oss/test/goss.yaml b/metricbeat/examples/oss/test/goss.yaml index 6784002c4..d4640ce00 100644 --- a/metricbeat/examples/oss/test/goss.yaml +++ b/metricbeat/examples/oss/test/goss.yaml @@ -21,16 +21,16 @@ user: gid: 1000 http: - http://oss-master:9200/_cat/indices: + http://elasticsearch-master:9200/_cat/indices: status: 200 timeout: 2000 body: - - 'metricbeat-7.11.0' - http://oss-master:9200/_search?q=metricset.name:container: + - 'metricbeat-oss-7.11.0' + http://elasticsearch-master:9200/_search?q=metricset.name:container: status: 200 timeout: 2000 body: - - 'metricbeat-7.11.0' + - 'metricbeat-oss-7.11.0' file: /usr/share/metricbeat/metricbeat.yml: @@ -43,5 +43,4 @@ command: cd /usr/share/metricbeat && metricbeat test output: exit-status: 0 stdout: - - 'elasticsearch: http://oss-master:9200' - - 'version: 7.11.0' + - 'elasticsearch: http://elasticsearch-master:9200' diff --git a/metricbeat/examples/oss/values.yaml b/metricbeat/examples/oss/values.yaml index 29791cc2c..26b3b61cb 100644 --- a/metricbeat/examples/oss/values.yaml +++ b/metricbeat/examples/oss/values.yaml @@ -1,11 +1,76 @@ image: docker.elastic.co/beats/metricbeat-oss daemonset: - extraEnvs: - - name: ELASTICSEARCH_HOSTS - value: oss-master:9200 + metricbeatConfig: + metricbeat.yml: | + metricbeat.modules: + - module: kubernetes + metricsets: + - container + - node + - pod + - system + - volume + period: 10s + host: "${NODE_NAME}" + hosts: ["https://${NODE_NAME}:10250"] + bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token + ssl.verification_mode: "none" + # If using Red Hat OpenShift remove ssl.verification_mode entry and + # uncomment these settings: + #ssl.certificate_authorities: + #- /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt + processors: + - add_kubernetes_metadata: ~ + - module: kubernetes + enabled: true + metricsets: + - event + - module: system + period: 10s + metricsets: + - cpu + - load + - memory + - network + - process + - process_summary + processes: ['.*'] + process.include_top_n: + by_cpu: 5 + by_memory: 5 + - module: system + period: 1m + metricsets: + - filesystem + - fsstat + processors: + - drop_event.when.regexp: + system.filesystem.mount_point: '^/(sys|cgroup|proc|dev|etc|host|lib)($|/)' + output.elasticsearch: + hosts: "elasticsearch-master:9200" + index: "metricbeat-oss-%{[agent.version]}-%{+yyyy.MM.dd}" + setup.ilm.enabled: false + setup.template.name: "metricbeat" + setup.template.pattern: "metricbeat-oss-*" deployment: - extraEnvs: - - name: ELASTICSEARCH_HOSTS - value: oss-master:9200 + metricbeatConfig: + metricbeat.yml: | + metricbeat.modules: + - module: kubernetes + enabled: true + metricsets: + - state_node + - state_deployment + - state_replicaset + - state_pod + - state_container + period: 10s + hosts: ["${KUBE_STATE_METRICS_HOSTS}"] + output.elasticsearch: + hosts: "elasticsearch-master:9200" + index: "metricbeat-oss-%{[agent.version]}-%{+yyyy.MM.dd}" + setup.ilm.enabled: false + setup.template.name: "metricbeat" + setup.template.pattern: "metricbeat-oss-*" From 5092c2f87aa4d749f6e63ed58372cb4bba06d8bd Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Tue, 23 Feb 2021 17:11:00 +0100 Subject: [PATCH 135/151] [7.x] [logstash] Add support to use pattern files (#883) (#1079) Co-authored-by: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Co-authored-by: Tuan Anh Nguyen <48820639+tuananhnguyen-ct@users.noreply.github.com> --- logstash/README.md | 2 ++ logstash/templates/configmap-pattern.yaml | 17 +++++++++++++++++ logstash/templates/statefulset.yaml | 16 ++++++++++++++++ logstash/tests/logstash_test.py | 19 +++++++++++++++++++ logstash/values.yaml | 6 ++++++ 5 files changed, 60 insertions(+) create mode 100644 logstash/templates/configmap-pattern.yaml diff --git a/logstash/README.md b/logstash/README.md index 97fa733df..bb7dca235 100644 --- a/logstash/README.md +++ b/logstash/README.md @@ -129,6 +129,8 @@ useful for the [http input plugin][], for instance. | `logstashConfig` | Allows you to add any config files in `/usr/share/logstash/config/` such as `logstash.yml` and `log4j2.properties` See [values.yaml][] for an example of the formatting | `{}` | | `logstashJavaOpts` | Java options for Logstash. This is where you should configure the JVM heap size | `-Xmx1g -Xms1g` | | `logstashPipeline` | Allows you to add any pipeline files in `/usr/share/logstash/pipeline/` | `{}` | +| `logstashPatternDir` | Allows you to define a custom directory to store patten files | `/usr/share/logstash/patterns/` | +| `logstashPattern` | Allows you to add any pattern files in `logstashPatternDir` | `{}` | | `maxUnavailable` | The [maxUnavailable][] value for the pod disruption budget. By default this will prevent Kubernetes from having more than 1 unhealthy pod in the node group | `1` | | `nameOverride` | Overrides the chart name for resources. If not set the name will default to `.Chart.Name` | `""` | | `nodeAffinity` | Value for the [node affinity settings][] | `{}` | diff --git a/logstash/templates/configmap-pattern.yaml b/logstash/templates/configmap-pattern.yaml new file mode 100644 index 000000000..0eb58593d --- /dev/null +++ b/logstash/templates/configmap-pattern.yaml @@ -0,0 +1,17 @@ +{{- if .Values.logstashPattern }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "logstash.fullname" . }}-pattern + labels: + app: "{{ template "logstash.fullname" . }}" + chart: "{{ .Chart.Name }}" + heritage: {{ .Release.Service | quote }} + release: {{ .Release.Name | quote }} +data: +{{- range $path, $config := .Values.logstashPattern }} + {{ $path }}: | +{{ tpl $config $ | indent 4 -}} +{{- end -}} +{{- end -}} diff --git a/logstash/templates/statefulset.yaml b/logstash/templates/statefulset.yaml index 7f17586b4..de511c03f 100644 --- a/logstash/templates/statefulset.yaml +++ b/logstash/templates/statefulset.yaml @@ -55,6 +55,9 @@ spec: {{- if .Values.logstashPipeline }} pipelinechecksum: {{ include (print .Template.BasePath "/configmap-pipeline.yaml") . | sha256sum | trunc 63 }} {{- end }} + {{- if .Values.logstashPattern }} + patternchecksum: {{ include (print .Template.BasePath "/configmap-pattern.yaml") . | sha256sum | trunc 63 }} + {{- end }} {{- if .Values.secrets }} secretschecksum: {{ include (print .Template.BasePath "/secret.yaml") . | sha256sum | trunc 63 }} {{- end }} @@ -127,6 +130,11 @@ spec: configMap: name: {{ template "logstash.fullname" . }}-pipeline {{- end }} + {{- if .Values.logstashPattern }} + - name: logstashpattern + configMap: + name: {{ template "logstash.fullname" . }}-pattern + {{- end }} {{- if .Values.extraVolumes }} {{ tpl .Values.extraVolumes . | indent 8 }} {{- end }} @@ -191,6 +199,14 @@ spec: mountPath: /usr/share/logstash/pipeline/{{ $path }} subPath: {{ $path }} {{- end -}} + {{- if .Values.logstashPattern }} + {{- $logstashPatternDir := .Values.logstashPatternDir -}} + {{- range $path, $config := .Values.logstashPattern }} + - name: logstashpattern + mountPath: {{ $logstashPatternDir }}{{ $path }} + subPath: {{ $path }} + {{- end -}} + {{- end -}} {{- if .Values.extraVolumeMounts }} {{ tpl .Values.extraVolumeMounts . | indent 10 }} {{- end }} diff --git a/logstash/tests/logstash_test.py b/logstash/tests/logstash_test.py index ebb679b98..6c76501cb 100755 --- a/logstash/tests/logstash_test.py +++ b/logstash/tests/logstash_test.py @@ -622,6 +622,25 @@ def test_adding_in_pipeline(): ) +def test_adding_in_pattern(): + config = """ +logstashPattern: + pattern.conf: | + DPKG_VERSION [-+~<>\.0-9a-zA-Z]+ +""" + r = helm_template(config) + c = r["configmap"][name + "-pattern"]["data"] + + assert "pattern.conf" in c + + assert "DPKG_VERSION [-+~<>\.0-9a-zA-Z]+" in c["pattern.conf"] + + assert ( + "patternchecksum" + in r["statefulset"][name]["spec"]["template"]["metadata"]["annotations"] + ) + + def test_priority_class_name(): config = """ priorityClassName: "" diff --git a/logstash/values.yaml b/logstash/values.yaml index 19c723c47..a6e15ec39 100755 --- a/logstash/values.yaml +++ b/logstash/values.yaml @@ -25,6 +25,12 @@ logstashPipeline: {} # } # output { stdout { } } +# Allows you to add any pattern files in your custom pattern dir +logstashPatternDir: "/usr/share/logstash/patterns/" +logstashPattern: {} +# pattern.conf: | +# DPKG_VERSION [-+~<>\.0-9a-zA-Z]+ + # Extra environment variables to append to this nodeGroup # This will be appended to the current 'env:' key. You can use any of the kubernetes env # syntax here From 70f3d8ebf1d9f3a2aea103e431bac336d31ff212 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Tue, 23 Feb 2021 20:14:19 +0100 Subject: [PATCH 136/151] [7.x] [meta] bump helm support to 3.5.2 (#1065) (#1082) This commit add support of Helm 3.5.2. https://github.com/helm/helm/releases/tag/v3.5.2 --- README.md | 2 +- helpers/helm-tester/Dockerfile | 2 +- helpers/terraform/Dockerfile | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 74b46f176..c18ff136f 100644 --- a/README.md +++ b/README.md @@ -77,7 +77,7 @@ exact versions are defined under `KUBERNETES_VERSIONS` in ### Helm versions While we are checking backward compatibility, the charts are only tested with -Helm version mentioned in [helm-tester Dockerfile][] (currently 3.5.0). +Helm version mentioned in [helm-tester Dockerfile][] (currently 3.5.2). ## ECK diff --git a/helpers/helm-tester/Dockerfile b/helpers/helm-tester/Dockerfile index fbf325d5b..75c5fedba 100644 --- a/helpers/helm-tester/Dockerfile +++ b/helpers/helm-tester/Dockerfile @@ -1,6 +1,6 @@ FROM python:3.7 -ENV HELM_VERSION=3.5.0 +ENV HELM_VERSION=3.5.2 RUN wget --no-verbose https://get.helm.sh/helm-v${HELM_VERSION}-linux-amd64.tar.gz && \ tar xfv helm-v${HELM_VERSION}-linux-amd64.tar.gz && \ diff --git a/helpers/terraform/Dockerfile b/helpers/terraform/Dockerfile index cc3bcebb2..2ae9670b8 100644 --- a/helpers/terraform/Dockerfile +++ b/helpers/terraform/Dockerfile @@ -3,7 +3,7 @@ FROM centos:7 ENV VAULT_VERSION 0.9.3 ENV TERRAFORM_VERSION=0.11.7 ENV KUBECTL_VERSION=1.16.10 -ENV HELM_VERSION=3.5.0 +ENV HELM_VERSION=3.5.2 ENV DOCKER_VERSION=18.09.7 ENV JQ_VERSION=1.6 From fee836bff90bf37ec4f24436079268fd89ca94b8 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Tue, 9 Mar 2021 12:14:34 +0100 Subject: [PATCH 137/151] [7.x] [apm-server] Add option loadBalancerIP to service (#1075) (#1093) Co-authored-by: Thomas Decaux --- apm-server/templates/service.yaml | 7 +++++++ apm-server/tests/apmserver_test.py | 14 ++++++++++++++ apm-server/values.yaml | 1 + 3 files changed, 22 insertions(+) diff --git a/apm-server/templates/service.yaml b/apm-server/templates/service.yaml index 09b8d19e0..f569cb19e 100644 --- a/apm-server/templates/service.yaml +++ b/apm-server/templates/service.yaml @@ -13,6 +13,13 @@ metadata: {{- end }} spec: type: {{ .Values.service.type }} +{{- if .Values.service.loadBalancerIP }} + loadBalancerIP: {{ .Values.service.loadBalancerIP }} +{{- end }} +{{- with .Values.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: +{{ toYaml . | indent 4 }} +{{- end }} ports: - port: {{ .Values.service.port }} {{- with .Values.service.nodePort }} diff --git a/apm-server/tests/apmserver_test.py b/apm-server/tests/apmserver_test.py index c86a5348d..d60007f3e 100644 --- a/apm-server/tests/apmserver_test.py +++ b/apm-server/tests/apmserver_test.py @@ -26,6 +26,9 @@ def test_defaults(): assert c["image"].startswith("docker.elastic.co/apm/apm-server:") assert c["ports"][0]["containerPort"] == 8200 + # Make sure that the default 'loadBalancerIP' string is empty + assert "loadBalancerIP" not in r["service"][name]["spec"] + assert "hostAliases" not in r["deployment"][name]["spec"]["template"]["spec"] @@ -376,3 +379,14 @@ def test_hostaliases(): r = helm_template(config) hostAliases = r["deployment"][name]["spec"]["template"]["spec"]["hostAliases"] assert {"ip": "127.0.0.1", "hostnames": ["foo.local", "bar.local"]} in hostAliases + + +def test_adding_loadBalancerIP(): + config = """ + service: + loadBalancerIP: 12.5.11.79 + """ + + r = helm_template(config) + + assert r["service"][name]["spec"]["loadBalancerIP"] == "12.5.11.79" diff --git a/apm-server/values.yaml b/apm-server/values.yaml index 4f802c9ed..2a015b310 100755 --- a/apm-server/values.yaml +++ b/apm-server/values.yaml @@ -172,6 +172,7 @@ ingress: service: type: ClusterIP + loadBalancerIP: "" port: 8200 nodePort: "" annotations: {} From 82a174c6e2f9ba13554546d0ad27505046d48f7f Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Wed, 10 Mar 2021 08:52:03 +0100 Subject: [PATCH 138/151] [meta] bump 7.x branch to 7.12.0-SNAPSHOT (#1094) --- README.md | 37 ++++++++++--------- apm-server/Chart.yaml | 4 +- apm-server/README.md | 10 ++--- apm-server/examples/default/README.md | 2 +- apm-server/examples/default/test/goss.yaml | 2 +- apm-server/examples/oss/README.md | 2 +- apm-server/examples/oss/test/goss.yaml | 4 +- apm-server/examples/security/README.md | 2 +- apm-server/examples/security/test/goss.yaml | 2 +- apm-server/examples/upgrade/test/goss.yaml | 2 +- apm-server/values.yaml | 2 +- elasticsearch/Chart.yaml | 4 +- elasticsearch/README.md | 10 ++--- elasticsearch/examples/config/README.md | 2 +- elasticsearch/examples/default/README.md | 2 +- elasticsearch/examples/default/test/goss.yaml | 2 +- .../examples/docker-for-mac/README.md | 2 +- .../examples/kubernetes-kind/README.md | 2 +- elasticsearch/examples/microk8s/README.md | 2 +- elasticsearch/examples/minikube/README.md | 2 +- elasticsearch/examples/multi/README.md | 2 +- elasticsearch/examples/openshift/README.md | 2 +- .../examples/openshift/test/goss.yaml | 2 +- elasticsearch/examples/security/README.md | 2 +- elasticsearch/examples/upgrade/test/goss.yaml | 2 +- elasticsearch/values.yaml | 2 +- filebeat/Chart.yaml | 4 +- filebeat/README.md | 8 ++-- filebeat/examples/default/README.md | 2 +- filebeat/examples/default/test/goss.yaml | 4 +- filebeat/examples/deployment/README.md | 2 +- filebeat/examples/deployment/test/goss.yaml | 2 +- filebeat/examples/oss/README.md | 2 +- filebeat/examples/oss/test/goss.yaml | 2 +- filebeat/examples/security/README.md | 2 +- filebeat/examples/security/test/goss.yaml | 2 +- filebeat/examples/upgrade/test/goss.yaml | 2 +- filebeat/values.yaml | 2 +- helpers/bumper.py | 2 +- helpers/examples.mk | 2 +- kibana/Chart.yaml | 4 +- kibana/README.md | 8 ++-- kibana/examples/default/README.md | 2 +- kibana/examples/default/test/goss.yaml | 2 +- kibana/examples/openshift/README.md | 2 +- kibana/examples/security/README.md | 2 +- kibana/examples/upgrade/Makefile | 3 +- kibana/examples/upgrade/test/goss.yaml | 2 +- kibana/values.yaml | 2 +- logstash/Chart.yaml | 4 +- logstash/README.md | 8 ++-- logstash/examples/default/README.md | 2 +- logstash/examples/default/test/goss.yaml | 2 +- logstash/examples/elasticsearch/README.md | 2 +- .../examples/elasticsearch/test/goss.yaml | 2 +- logstash/examples/oss/README.md | 2 +- logstash/examples/oss/test/goss.yaml | 2 +- logstash/examples/security/test/goss.yaml | 2 +- logstash/examples/upgrade/test/goss.yaml | 2 +- logstash/values.yaml | 2 +- metricbeat/Chart.yaml | 4 +- metricbeat/README.md | 8 ++-- metricbeat/examples/default/README.md | 2 +- .../examples/default/test/goss-metrics.yaml | 6 +-- metricbeat/examples/default/test/goss.yaml | 6 +-- metricbeat/examples/oss/README.md | 2 +- .../examples/oss/test/goss-metrics.yaml | 4 +- metricbeat/examples/oss/test/goss.yaml | 4 +- metricbeat/examples/security/README.md | 2 +- .../examples/security/test/goss-metrics.yaml | 6 +-- metricbeat/examples/security/test/goss.yaml | 6 +-- .../examples/upgrade/test/goss-metrics.yaml | 4 +- metricbeat/examples/upgrade/test/goss.yaml | 4 +- metricbeat/values.yaml | 2 +- 74 files changed, 132 insertions(+), 132 deletions(-) diff --git a/README.md b/README.md index c18ff136f..2e94d5729 100644 --- a/README.md +++ b/README.md @@ -37,12 +37,12 @@ versions. | Chart | Docker documentation | Latest 7 Version | Latest 6 Version | |--------------------------------------------|---------------------------------------------------------------------------------|-----------------------------|-----------------------------| -| [APM-Server](./apm-server/README.md) | https://www.elastic.co/guide/en/apm/server/current/running-on-docker.html | [`7.10.1`][apm-7] | [`6.8.13`][apm-6] | -| [Elasticsearch](./elasticsearch/README.md) | https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html | [`7.10.1`][elasticsearch-7] | [`6.8.13`][elasticsearch-6] | -| [Filebeat](./filebeat/README.md) | https://www.elastic.co/guide/en/beats/filebeat/current/running-on-docker.html | [`7.10.1`][filebeat-7] | [`6.8.13`][filebeat-6] | -| [Kibana](./kibana/README.md) | https://www.elastic.co/guide/en/kibana/current/docker.html | [`7.10.1`][kibana-7] | [`6.8.13`][kibana-6] | -| [Logstash](./logstash/README.md) | https://www.elastic.co/guide/en/logstash/current/docker.html | [`7.10.1`][logstash-7] | [`6.8.13`][logstash-6] | -| [Metricbeat](./metricbeat/README.md) | https://www.elastic.co/guide/en/beats/metricbeat/current/running-on-docker.html | [`7.10.1`][metricbeat-7] | [`6.8.13`][metricbeat-6] | +| [APM-Server](./apm-server/README.md) | https://www.elastic.co/guide/en/apm/server/current/running-on-docker.html | [`7.11.1`][apm-7] | [`6.8.14`][apm-6] | +| [Elasticsearch](./elasticsearch/README.md) | https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html | [`7.11.1`][elasticsearch-7] | [`6.8.14`][elasticsearch-6] | +| [Filebeat](./filebeat/README.md) | https://www.elastic.co/guide/en/beats/filebeat/current/running-on-docker.html | [`7.11.1`][filebeat-7] | [`6.8.14`][filebeat-6] | +| [Kibana](./kibana/README.md) | https://www.elastic.co/guide/en/kibana/current/docker.html | [`7.11.1`][kibana-7] | [`6.8.14`][kibana-6] | +| [Logstash](./logstash/README.md) | https://www.elastic.co/guide/en/logstash/current/docker.html | [`7.11.1`][logstash-7] | [`6.8.14`][logstash-6] | +| [Metricbeat](./metricbeat/README.md) | https://www.elastic.co/guide/en/beats/metricbeat/current/running-on-docker.html | [`7.11.1`][metricbeat-7] | [`6.8.14`][metricbeat-6] | ## Supported Configurations @@ -67,6 +67,7 @@ Note that only the released charts coming from [Elastic Helm repo][] or | 7.8 | GA | GA | Beta | GA | GA | Beta | | 7.9 | GA | GA | Beta | GA | GA | Beta | | 7.10 | GA | GA | Beta | GA | GA | Beta | +| 7.11 | GA | GA | Beta | GA | GA | Beta | ### Kubernetes Versions @@ -100,15 +101,15 @@ Kubernetes. There is a dedicated Helm chart for ECK which can be found [operator pattern]: https://kubernetes.io/docs/concepts/extend-kubernetes/operator/ [elasticsearch-771]: https://github.com/elastic/helm-charts/tree/7.7.1/elasticsearch/ -[apm-7]: https://github.com/elastic/helm-charts/tree/7.10.0/apm-server/README.md -[apm-6]: https://github.com/elastic/helm-charts/tree/6.8.13/apm-server/README.md -[elasticsearch-7]: https://github.com/elastic/helm-charts/tree/7.10.0/elasticsearch/README.md -[elasticsearch-6]: https://github.com/elastic/helm-charts/tree/6.8.13/elasticsearch/README.md -[filebeat-7]: https://github.com/elastic/helm-charts/tree/7.10.0/filebeat/README.md -[filebeat-6]: https://github.com/elastic/helm-charts/tree/6.8.13/filebeat/README.md -[kibana-7]: https://github.com/elastic/helm-charts/tree/7.10.0/kibana/README.md -[kibana-6]: https://github.com/elastic/helm-charts/tree/6.8.13/kibana/README.md -[logstash-7]: https://github.com/elastic/helm-charts/tree/7.10.0/logstash/README.md -[logstash-6]: https://github.com/elastic/helm-charts/tree/6.8.13/logstash/README.md -[metricbeat-7]: https://github.com/elastic/helm-charts/tree/7.10.0/metricbeat/README.md -[metricbeat-6]: https://github.com/elastic/helm-charts/tree/6.8.13/metricbeat/README.md +[apm-7]: https://github.com/elastic/helm-charts/tree/7.11.1/apm-server/README.md +[apm-6]: https://github.com/elastic/helm-charts/tree/6.8.14/apm-server/README.md +[elasticsearch-7]: https://github.com/elastic/helm-charts/tree/7.11.1/elasticsearch/README.md +[elasticsearch-6]: https://github.com/elastic/helm-charts/tree/6.8.14/elasticsearch/README.md +[filebeat-7]: https://github.com/elastic/helm-charts/tree/7.11.1/filebeat/README.md +[filebeat-6]: https://github.com/elastic/helm-charts/tree/6.8.14/filebeat/README.md +[kibana-7]: https://github.com/elastic/helm-charts/tree/7.11.1/kibana/README.md +[kibana-6]: https://github.com/elastic/helm-charts/tree/6.8.14/kibana/README.md +[logstash-7]: https://github.com/elastic/helm-charts/tree/7.11.1/logstash/README.md +[logstash-6]: https://github.com/elastic/helm-charts/tree/6.8.14/logstash/README.md +[metricbeat-7]: https://github.com/elastic/helm-charts/tree/7.11.1/metricbeat/README.md +[metricbeat-6]: https://github.com/elastic/helm-charts/tree/6.8.14/metricbeat/README.md diff --git a/apm-server/Chart.yaml b/apm-server/Chart.yaml index 0f9e159c8..0a85f33fe 100755 --- a/apm-server/Chart.yaml +++ b/apm-server/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: apm-server -version: 7.11.0-SNAPSHOT -appVersion: 7.11.0-SNAPSHOT +version: 7.12.0-SNAPSHOT +appVersion: 7.12.0-SNAPSHOT sources: - https://github.com/elastic/apm icon: https://helm.elastic.co/icons/apm.png diff --git a/apm-server/README.md b/apm-server/README.md index c700c1aad..3921571e8 100644 --- a/apm-server/README.md +++ b/apm-server/README.md @@ -44,7 +44,7 @@ See [supported configurations][] for more details. ## Installing -This chart is tested with the latest 7.11.0-SNAPSHOT version. +This chart is tested with the latest 7.12.0-SNAPSHOT version. ### Install released version using Helm repository @@ -62,8 +62,8 @@ This chart is tested with the latest 7.11.0-SNAPSHOT version. * Checkout the branch : `git checkout 7.x` * Install it: - - with Helm 3: `helm install apm-server ./helm-charts/apm-server --set imageTag=7.11.0-SNAPSHOT` - - with Helm 2 (deprecated): `helm install --name apm-server ./helm-charts/apm-server --set imageTag=7.11.0-SNAPSHOT` + - with Helm 3: `helm install apm-server ./helm-charts/apm-server --set imageTag=7.12.0-SNAPSHOT` + - with Helm 2 (deprecated): `helm install --name apm-server ./helm-charts/apm-server --set imageTag=7.12.0-SNAPSHOT` ## Upgrading @@ -102,7 +102,7 @@ as a reference. They are also used in the automated testing of this chart. | `hostAliases` | Configurable [hostAliases][] | `[]` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The APM Server Docker image tag | `7.11.0-SNAPSHOT` | +| `imageTag` | The APM Server Docker image tag | `7.12.0-SNAPSHOT` | | `image` | The APM Server Docker image | `docker.elastic.co/apm/apm-server` | | `ingress` | Configurable [ingress][] to expose the APM Server service | see [values.yaml][] | | `labels` | Configurable [labels][] applied to all APM server pods | `{}` | @@ -156,7 +156,7 @@ about our development and testing process. [CONTRIBUTING.md]: https://github.com/elastic/helm-charts/blob/master/CONTRIBUTING.md [affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity [annotations]: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ -[apm server docker image]: https://www.elastic.co/guide/en/apm/server/7.10/running-on-docker.html +[apm server docker image]: https://www.elastic.co/guide/en/apm/server/7.12/running-on-docker.html [apm server oss docker image]: https://www.docker.elastic.co/r/apm/apm-server-oss [default elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/README.md#default [environment variables]: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config diff --git a/apm-server/examples/default/README.md b/apm-server/examples/default/README.md index 41b36d9b0..d6454e8c5 100644 --- a/apm-server/examples/default/README.md +++ b/apm-server/examples/default/README.md @@ -1,6 +1,6 @@ # Default -This example deploy APM Server 7.11.0-SNAPSHOT using [default values][]. +This example deploy APM Server 7.12.0-SNAPSHOT using [default values][]. ## Usage diff --git a/apm-server/examples/default/test/goss.yaml b/apm-server/examples/default/test/goss.yaml index 7659f1f86..a417816ba 100644 --- a/apm-server/examples/default/test/goss.yaml +++ b/apm-server/examples/default/test/goss.yaml @@ -3,4 +3,4 @@ http: status: 200 timeout: 2000 body: - - "7.11.0" + - "7.12.0" diff --git a/apm-server/examples/oss/README.md b/apm-server/examples/oss/README.md index a997541fc..92fe0f73d 100644 --- a/apm-server/examples/oss/README.md +++ b/apm-server/examples/oss/README.md @@ -1,6 +1,6 @@ # OSS -This example deploy APM Server 7.11.0-SNAPSHOT using [APM Server OSS][] version. +This example deploy APM Server 7.12.0-SNAPSHOT using [APM Server OSS][] version. ## Usage diff --git a/apm-server/examples/oss/test/goss.yaml b/apm-server/examples/oss/test/goss.yaml index c2c3aaf62..a4561dae0 100644 --- a/apm-server/examples/oss/test/goss.yaml +++ b/apm-server/examples/oss/test/goss.yaml @@ -3,9 +3,9 @@ http: status: 200 timeout: 2000 body: - - '7.11.0' + - '7.12.0' http://elasticsearch-master:9200/_cat/indices: status: 200 timeout: 2000 body: - - 'apm-oss-7.11.0' + - 'apm-oss-7.12.0' diff --git a/apm-server/examples/security/README.md b/apm-server/examples/security/README.md index 0ec439728..1399691e5 100644 --- a/apm-server/examples/security/README.md +++ b/apm-server/examples/security/README.md @@ -1,6 +1,6 @@ # Security -This example deploy APM Server 7.11.0-SNAPSHOT using authentication and TLS to connect to +This example deploy APM Server 7.12.0-SNAPSHOT using authentication and TLS to connect to Elasticsearch (see [values][]). diff --git a/apm-server/examples/security/test/goss.yaml b/apm-server/examples/security/test/goss.yaml index 7659f1f86..a417816ba 100644 --- a/apm-server/examples/security/test/goss.yaml +++ b/apm-server/examples/security/test/goss.yaml @@ -3,4 +3,4 @@ http: status: 200 timeout: 2000 body: - - "7.11.0" + - "7.12.0" diff --git a/apm-server/examples/upgrade/test/goss.yaml b/apm-server/examples/upgrade/test/goss.yaml index 7659f1f86..a417816ba 100644 --- a/apm-server/examples/upgrade/test/goss.yaml +++ b/apm-server/examples/upgrade/test/goss.yaml @@ -3,4 +3,4 @@ http: status: 200 timeout: 2000 body: - - "7.11.0" + - "7.12.0" diff --git a/apm-server/values.yaml b/apm-server/values.yaml index 2a015b310..bf2967aef 100755 --- a/apm-server/values.yaml +++ b/apm-server/values.yaml @@ -68,7 +68,7 @@ hostAliases: [] # - "bar.local" image: "docker.elastic.co/apm/apm-server" -imageTag: "7.11.0-SNAPSHOT" +imageTag: "7.12.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" imagePullSecrets: [] diff --git a/elasticsearch/Chart.yaml b/elasticsearch/Chart.yaml index a0ca627d1..4ee440e1a 100755 --- a/elasticsearch/Chart.yaml +++ b/elasticsearch/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: elasticsearch -version: 7.11.0-SNAPSHOT -appVersion: 7.11.0-SNAPSHOT +version: 7.12.0-SNAPSHOT +appVersion: 7.12.0-SNAPSHOT sources: - https://github.com/elastic/elasticsearch icon: https://helm.elastic.co/icons/elasticsearch.png diff --git a/elasticsearch/README.md b/elasticsearch/README.md index 4b5b12dfa..8ab700f0c 100644 --- a/elasticsearch/README.md +++ b/elasticsearch/README.md @@ -53,7 +53,7 @@ See [supported configurations][] for more details. ## Installing -This chart is tested with the latest 7.11.0-SNAPSHOT version. +This chart is tested with the latest 7.12.0-SNAPSHOT version. ### Install released version using Helm repository @@ -71,8 +71,8 @@ This chart is tested with the latest 7.11.0-SNAPSHOT version. * Checkout the branch : `git checkout 7.x` * Install it: - - with Helm 3: `helm install elasticsearch ./helm-charts/elasticsearch --set imageTag=7.11.0-SNAPSHOT` - - with Helm 2 (deprecated): `helm install --name elasticsearch ./helm-charts/elasticsearch --set imageTag=7.11.0-SNAPSHOT` + - with Helm 3: `helm install elasticsearch ./helm-charts/elasticsearch --set imageTag=7.12.0-SNAPSHOT` + - with Helm 2 (deprecated): `helm install --name elasticsearch ./helm-charts/elasticsearch --set imageTag=7.12.0-SNAPSHOT` ## Upgrading @@ -129,7 +129,7 @@ support multiple versions with minimal changes. | `httpPort` | The http port that Kubernetes will use for the healthchecks and the service. If you change this you will also need to set [http.port][] in `extraEnvs` | `9200` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The Elasticsearch Docker image tag | `7.11.0-SNAPSHOT` | +| `imageTag` | The Elasticsearch Docker image tag | `7.12.0-SNAPSHOT` | | `image` | The Elasticsearch Docker image | `docker.elastic.co/elasticsearch/elasticsearch` | | `ingress` | Configurable [ingress][] to expose the Elasticsearch service. See [values.yaml][] for an example | see [values.yaml][] | | `initResources` | Allows you to set the [resources][] for the `initContainer` in the StatefulSet | `{}` | @@ -390,7 +390,7 @@ about our development and testing process. [alternate scheduler]: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/#specify-schedulers-for-pods [annotations]: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ [anti-affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity -[cluster.name]: https://www.elastic.co/guide/en/elasticsearch/reference/7.x/cluster.name.html +[cluster.name]: https://www.elastic.co/guide/en/elasticsearch/reference/7.x/important-settings.html#cluster-name [clustering and node discovery]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/README.md#clustering-and-node-discovery [config example]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/examples/config/values.yaml [curator]: https://www.elastic.co/guide/en/elasticsearch/client/curator/7.9/snapshot.html diff --git a/elasticsearch/examples/config/README.md b/elasticsearch/examples/config/README.md index ade8c2946..3413c8bd9 100644 --- a/elasticsearch/examples/config/README.md +++ b/elasticsearch/examples/config/README.md @@ -1,6 +1,6 @@ # Config -This example deploy a single node Elasticsearch 7.11.0-SNAPSHOT with authentication and +This example deploy a single node Elasticsearch 7.12.0-SNAPSHOT with authentication and custom [values][]. diff --git a/elasticsearch/examples/default/README.md b/elasticsearch/examples/default/README.md index a1c52d0b5..a8d55a866 100644 --- a/elasticsearch/examples/default/README.md +++ b/elasticsearch/examples/default/README.md @@ -1,6 +1,6 @@ # Default -This example deploy a 3 nodes Elasticsearch 7.11.0-SNAPSHOT cluster using +This example deploy a 3 nodes Elasticsearch 7.12.0-SNAPSHOT cluster using [default values][]. diff --git a/elasticsearch/examples/default/test/goss.yaml b/elasticsearch/examples/default/test/goss.yaml index 99dcc5a9b..cea0e1be4 100644 --- a/elasticsearch/examples/default/test/goss.yaml +++ b/elasticsearch/examples/default/test/goss.yaml @@ -15,7 +15,7 @@ http: status: 200 timeout: 2000 body: - - '"number" : "7.11.0-SNAPSHOT"' + - '"number" : "7.12.0-SNAPSHOT"' - '"cluster_name" : "elasticsearch"' - "You Know, for Search" diff --git a/elasticsearch/examples/docker-for-mac/README.md b/elasticsearch/examples/docker-for-mac/README.md index 27524cbbc..730aeefc0 100644 --- a/elasticsearch/examples/docker-for-mac/README.md +++ b/elasticsearch/examples/docker-for-mac/README.md @@ -1,6 +1,6 @@ # Docker for Mac -This example deploy a 3 nodes Elasticsearch 7.11.0-SNAPSHOT cluster on [Docker for Mac][] +This example deploy a 3 nodes Elasticsearch 7.12.0-SNAPSHOT cluster on [Docker for Mac][] using [custom values][]. Note that this configuration should be used for test only and isn't recommended diff --git a/elasticsearch/examples/kubernetes-kind/README.md b/elasticsearch/examples/kubernetes-kind/README.md index 170af0a78..fc2439cb3 100644 --- a/elasticsearch/examples/kubernetes-kind/README.md +++ b/elasticsearch/examples/kubernetes-kind/README.md @@ -1,6 +1,6 @@ # KIND -This example deploy a 3 nodes Elasticsearch 7.11.0-SNAPSHOT cluster on [Kind][] +This example deploy a 3 nodes Elasticsearch 7.12.0-SNAPSHOT cluster on [Kind][] using [custom values][]. Note that this configuration should be used for test only and isn't recommended diff --git a/elasticsearch/examples/microk8s/README.md b/elasticsearch/examples/microk8s/README.md index a1e75a44a..8c9b39299 100644 --- a/elasticsearch/examples/microk8s/README.md +++ b/elasticsearch/examples/microk8s/README.md @@ -1,6 +1,6 @@ # MicroK8S -This example deploy a 3 nodes Elasticsearch 7.11.0-SNAPSHOT cluster on [MicroK8S][] +This example deploy a 3 nodes Elasticsearch 7.12.0-SNAPSHOT cluster on [MicroK8S][] using [custom values][]. Note that this configuration should be used for test only and isn't recommended diff --git a/elasticsearch/examples/minikube/README.md b/elasticsearch/examples/minikube/README.md index 812651597..5c06eb555 100644 --- a/elasticsearch/examples/minikube/README.md +++ b/elasticsearch/examples/minikube/README.md @@ -1,6 +1,6 @@ # Minikube -This example deploy a 3 nodes Elasticsearch 7.11.0-SNAPSHOT cluster on [Minikube][] +This example deploy a 3 nodes Elasticsearch 7.12.0-SNAPSHOT cluster on [Minikube][] using [custom values][]. If helm or kubectl timeouts occur, you may consider creating a minikube VM with diff --git a/elasticsearch/examples/multi/README.md b/elasticsearch/examples/multi/README.md index d0e1b8da0..befed7bdd 100644 --- a/elasticsearch/examples/multi/README.md +++ b/elasticsearch/examples/multi/README.md @@ -1,6 +1,6 @@ # Multi -This example deploy an Elasticsearch 7.11.0-SNAPSHOT cluster composed of 3 different Helm +This example deploy an Elasticsearch 7.12.0-SNAPSHOT cluster composed of 3 different Helm releases: - `helm-es-multi-master` for the 3 master nodes using [master values][] diff --git a/elasticsearch/examples/openshift/README.md b/elasticsearch/examples/openshift/README.md index 6b8c63334..331e4f8c8 100644 --- a/elasticsearch/examples/openshift/README.md +++ b/elasticsearch/examples/openshift/README.md @@ -1,6 +1,6 @@ # OpenShift -This example deploy a 3 nodes Elasticsearch 7.11.0-SNAPSHOT cluster on [OpenShift][] +This example deploy a 3 nodes Elasticsearch 7.12.0-SNAPSHOT cluster on [OpenShift][] using [custom values][]. ## Usage diff --git a/elasticsearch/examples/openshift/test/goss.yaml b/elasticsearch/examples/openshift/test/goss.yaml index f7eeb8ac6..dd5d8350f 100644 --- a/elasticsearch/examples/openshift/test/goss.yaml +++ b/elasticsearch/examples/openshift/test/goss.yaml @@ -11,6 +11,6 @@ http: status: 200 timeout: 2000 body: - - '"number" : "7.11.0"' + - '"number" : "7.12.0"' - '"cluster_name" : "elasticsearch"' - "You Know, for Search" diff --git a/elasticsearch/examples/security/README.md b/elasticsearch/examples/security/README.md index 802120997..180e3c4a4 100644 --- a/elasticsearch/examples/security/README.md +++ b/elasticsearch/examples/security/README.md @@ -1,6 +1,6 @@ # Security -This example deploy a 3 nodes Elasticsearch 7.11.0-SNAPSHOT with authentication and +This example deploy a 3 nodes Elasticsearch 7.12.0-SNAPSHOT with authentication and autogenerated certificates for TLS (see [values][]). Note that this configuration should be used for test only. For a production diff --git a/elasticsearch/examples/upgrade/test/goss.yaml b/elasticsearch/examples/upgrade/test/goss.yaml index 29d37348a..e68971dd4 100644 --- a/elasticsearch/examples/upgrade/test/goss.yaml +++ b/elasticsearch/examples/upgrade/test/goss.yaml @@ -11,6 +11,6 @@ http: status: 200 timeout: 2000 body: - - '"number" : "7.11.0-SNAPSHOT"' + - '"number" : "7.12.0-SNAPSHOT"' - '"cluster_name" : "upgrade"' - "You Know, for Search" diff --git a/elasticsearch/values.yaml b/elasticsearch/values.yaml index f94686eb7..e56cd285f 100755 --- a/elasticsearch/values.yaml +++ b/elasticsearch/values.yaml @@ -59,7 +59,7 @@ hostAliases: [] # - "bar.local" image: "docker.elastic.co/elasticsearch/elasticsearch" -imageTag: "7.11.0-SNAPSHOT" +imageTag: "7.12.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" podAnnotations: {} diff --git a/filebeat/Chart.yaml b/filebeat/Chart.yaml index f8da77138..ddf938120 100755 --- a/filebeat/Chart.yaml +++ b/filebeat/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: filebeat -version: 7.11.0-SNAPSHOT -appVersion: 7.11.0-SNAPSHOT +version: 7.12.0-SNAPSHOT +appVersion: 7.12.0-SNAPSHOT sources: - https://github.com/elastic/beats icon: https://helm.elastic.co/icons/beats.png diff --git a/filebeat/README.md b/filebeat/README.md index 192707279..151245044 100644 --- a/filebeat/README.md +++ b/filebeat/README.md @@ -43,7 +43,7 @@ See [supported configurations][] for more details. ## Installing -This chart is tested with the latest 7.11.0-SNAPSHOT version. +This chart is tested with the latest 7.12.0-SNAPSHOT version. ### Install released version using Helm repository @@ -60,8 +60,8 @@ This chart is tested with the latest 7.11.0-SNAPSHOT version. * Checkout the branch : `git checkout 7.x` * Install it: - - with Helm 3: `helm install filebeat ./helm-charts/filebeat --set imageTag=7.11.0-SNAPSHOT` - - with Helm 2 (deprecated): `helm install --name filebeat ./helm-charts/filebeat --set imageTag=7.11.0-SNAPSHOT` + - with Helm 3: `helm install filebeat ./helm-charts/filebeat --set imageTag=7.12.0-SNAPSHOT` + - with Helm 2 (deprecated): `helm install --name filebeat ./helm-charts/filebeat --set imageTag=7.12.0-SNAPSHOT` ## Upgrading @@ -136,7 +136,7 @@ as a reference. They are also used in the automated testing of this chart. | `hostPathRoot` | Fully-qualified [hostPath][] that will be used to persist filebeat registry data | `/var/lib` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The filebeat Docker image tag | `7.11.0-SNAPSHOT` | +| `imageTag` | The filebeat Docker image tag | `7.12.0-SNAPSHOT` | | `image` | The filebeat Docker image | `docker.elastic.co/beats/filebeat` | | `livenessProbe` | Parameters to pass to liveness [probe][] checks for values such as timeouts and thresholds | see [values.yaml][] | | `managedServiceAccount` | Whether the `serviceAccount` should be managed by this helm chart. Set this to `false` in order to manage your own service account and related roles | `true` | diff --git a/filebeat/examples/default/README.md b/filebeat/examples/default/README.md index 48f0e7129..3f5b36be5 100644 --- a/filebeat/examples/default/README.md +++ b/filebeat/examples/default/README.md @@ -1,6 +1,6 @@ # Default -This example deploy Filebeat 7.11.0-SNAPSHOT using [default values][]. +This example deploy Filebeat 7.12.0-SNAPSHOT using [default values][]. ## Usage diff --git a/filebeat/examples/default/test/goss.yaml b/filebeat/examples/default/test/goss.yaml index 4d0d21a96..65320f0c5 100644 --- a/filebeat/examples/default/test/goss.yaml +++ b/filebeat/examples/default/test/goss.yaml @@ -29,7 +29,7 @@ http: status: 200 timeout: 2000 body: - - 'filebeat-7.11.0' + - 'filebeat-7.12.0' file: /usr/share/filebeat/filebeat.yml: @@ -44,4 +44,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: http://elasticsearch-master:9200' - - 'version: 7.11.0' + - 'version: 7.12.0' diff --git a/filebeat/examples/deployment/README.md b/filebeat/examples/deployment/README.md index af408e7df..0dd03896b 100644 --- a/filebeat/examples/deployment/README.md +++ b/filebeat/examples/deployment/README.md @@ -1,6 +1,6 @@ # Default -This example deploy Filebeat 7.11.0-SNAPSHOT using [default values][] as a Kubernetes Deployment. +This example deploy Filebeat 7.12.0-SNAPSHOT using [default values][] as a Kubernetes Deployment. ## Usage diff --git a/filebeat/examples/deployment/test/goss.yaml b/filebeat/examples/deployment/test/goss.yaml index 3f4015cae..1ff96cce8 100644 --- a/filebeat/examples/deployment/test/goss.yaml +++ b/filebeat/examples/deployment/test/goss.yaml @@ -3,4 +3,4 @@ http: status: 200 timeout: 2000 body: - - 'filebeat-7.11.0' + - 'filebeat-7.12.0' diff --git a/filebeat/examples/oss/README.md b/filebeat/examples/oss/README.md index 9fcda0c39..705dd13a3 100644 --- a/filebeat/examples/oss/README.md +++ b/filebeat/examples/oss/README.md @@ -1,6 +1,6 @@ # OSS -This example deploy Filebeat 7.11.0-SNAPSHOT using [Filebeat OSS][] version. +This example deploy Filebeat 7.12.0-SNAPSHOT using [Filebeat OSS][] version. ## Usage diff --git a/filebeat/examples/oss/test/goss.yaml b/filebeat/examples/oss/test/goss.yaml index 37af11048..ed6cb82cc 100644 --- a/filebeat/examples/oss/test/goss.yaml +++ b/filebeat/examples/oss/test/goss.yaml @@ -19,4 +19,4 @@ http: status: 200 timeout: 2000 body: - - "filebeat-oss-7.11.0" + - "filebeat-oss-7.12.0" diff --git a/filebeat/examples/security/README.md b/filebeat/examples/security/README.md index 9e0a75ffc..a822fbd7b 100644 --- a/filebeat/examples/security/README.md +++ b/filebeat/examples/security/README.md @@ -1,6 +1,6 @@ # Security -This example deploy Filebeat 7.11.0-SNAPSHOT using authentication and TLS to connect to +This example deploy Filebeat 7.12.0-SNAPSHOT using authentication and TLS to connect to Elasticsearch (see [values][]). diff --git a/filebeat/examples/security/test/goss.yaml b/filebeat/examples/security/test/goss.yaml index 7422cfeec..145ae2be0 100644 --- a/filebeat/examples/security/test/goss.yaml +++ b/filebeat/examples/security/test/goss.yaml @@ -3,7 +3,7 @@ http: status: 200 timeout: 2000 body: - - "filebeat-7.11.0" + - "filebeat-7.12.0" allow-insecure: true username: '{{ .Env.ELASTICSEARCH_USERNAME }}' password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' diff --git a/filebeat/examples/upgrade/test/goss.yaml b/filebeat/examples/upgrade/test/goss.yaml index ad1f61e5a..85b6ceb53 100644 --- a/filebeat/examples/upgrade/test/goss.yaml +++ b/filebeat/examples/upgrade/test/goss.yaml @@ -29,7 +29,7 @@ http: status: 200 timeout: 2000 body: - - "filebeat-7.11.0" + - "filebeat-7.12.0" file: /usr/share/filebeat/filebeat.yml: diff --git a/filebeat/values.yaml b/filebeat/values.yaml index e1ee3e416..bf266c581 100755 --- a/filebeat/values.yaml +++ b/filebeat/values.yaml @@ -146,7 +146,7 @@ hostAliases: [] # - "foo.local" # - "bar.local" image: "docker.elastic.co/beats/filebeat" -imageTag: "7.11.0-SNAPSHOT" +imageTag: "7.12.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" imagePullSecrets: [] diff --git a/helpers/bumper.py b/helpers/bumper.py index e60f29862..455da6517 100755 --- a/helpers/bumper.py +++ b/helpers/bumper.py @@ -20,7 +20,7 @@ os.chdir(os.path.join(os.path.dirname(__file__), "..")) versions = { - 7: os.environ.get("BUMPER_VERSION_7", "7.11.0-SNAPSHOT"), + 7: os.environ.get("BUMPER_VERSION_7", "7.12.0-SNAPSHOT"), } chart_version = versions[7] diff --git a/helpers/examples.mk b/helpers/examples.mk index d065f346b..03b0e0ede 100644 --- a/helpers/examples.mk +++ b/helpers/examples.mk @@ -1,7 +1,7 @@ GOSS_VERSION := v0.3.6 GOSS_FILE ?= goss.yaml GOSS_SELECTOR ?= release=$(RELEASE) -STACK_VERSION := 7.11.0-SNAPSHOT +STACK_VERSION := 7.12.0-SNAPSHOT TIMEOUT := 900s .PHONY: help diff --git a/kibana/Chart.yaml b/kibana/Chart.yaml index 5419729c7..1b7f4dea4 100755 --- a/kibana/Chart.yaml +++ b/kibana/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: kibana -version: 7.11.0-SNAPSHOT -appVersion: 7.11.0-SNAPSHOT +version: 7.12.0-SNAPSHOT +appVersion: 7.12.0-SNAPSHOT sources: - https://github.com/elastic/kibana icon: https://helm.elastic.co/icons/kibana.png diff --git a/kibana/README.md b/kibana/README.md index f908c99a7..e84e3d405 100644 --- a/kibana/README.md +++ b/kibana/README.md @@ -40,7 +40,7 @@ See [supported configurations][] for more details. ## Installing -This chart is tested with the latest 7.11.0-SNAPSHOT version. +This chart is tested with the latest 7.12.0-SNAPSHOT version. ### Install released version using Helm repository @@ -58,8 +58,8 @@ This chart is tested with the latest 7.11.0-SNAPSHOT version. * Checkout the branch : `git checkout 7.x` * Install it: - - with Helm 3: `helm install kibana ./helm-charts/kibana --set imageTag=7.11.0-SNAPSHOT` - - with Helm 2 (deprecated): `helm install --name kibana ./helm-charts/kibana --set imageTag=7.11.0-SNAPSHOT` + - with Helm 3: `helm install kibana ./helm-charts/kibana --set imageTag=7.12.0-SNAPSHOT` + - with Helm 2 (deprecated): `helm install --name kibana ./helm-charts/kibana --set imageTag=7.12.0-SNAPSHOT` ## Upgrading @@ -93,7 +93,7 @@ as a reference. They are also used in the automated testing of this chart. | `httpPort` | The http port that Kubernetes will use for the healthchecks and the service | `5601` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][]value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The Kibana Docker image tag | `7.11.0-SNAPSHOT` | +| `imageTag` | The Kibana Docker image tag | `7.12.0-SNAPSHOT` | | `image` | The Kibana Docker image | `docker.elastic.co/kibana/kibana` | | `ingress` | Configurable [ingress][] to expose the Kibana service. | see [values.yaml][] | | `kibanaConfig` | Allows you to add any config files in `/usr/share/kibana/config/` such as `kibana.yml` See [values.yaml][] for an example of the formatting | `{}` | diff --git a/kibana/examples/default/README.md b/kibana/examples/default/README.md index e1c88d066..e94b13f37 100644 --- a/kibana/examples/default/README.md +++ b/kibana/examples/default/README.md @@ -1,6 +1,6 @@ # Default -This example deploy Kibana 7.11.0-SNAPSHOT using [default values][]. +This example deploy Kibana 7.12.0-SNAPSHOT using [default values][]. ## Usage diff --git a/kibana/examples/default/test/goss.yaml b/kibana/examples/default/test/goss.yaml index 97f22e3da..3b34e09c9 100644 --- a/kibana/examples/default/test/goss.yaml +++ b/kibana/examples/default/test/goss.yaml @@ -3,7 +3,7 @@ http: status: 200 timeout: 2000 body: - - '"number":"7.11.0"' + - '"number":"7.12.0"' http://localhost:5601/app/kibana: status: 200 diff --git a/kibana/examples/openshift/README.md b/kibana/examples/openshift/README.md index e93e5d236..afbf9cebc 100644 --- a/kibana/examples/openshift/README.md +++ b/kibana/examples/openshift/README.md @@ -1,6 +1,6 @@ # OpenShift -This example deploy Kibana 7.11.0-SNAPSHOT on [OpenShift][] using [custom values][]. +This example deploy Kibana 7.12.0-SNAPSHOT on [OpenShift][] using [custom values][]. ## Usage diff --git a/kibana/examples/security/README.md b/kibana/examples/security/README.md index c4c7e84d8..f60fa9b6a 100644 --- a/kibana/examples/security/README.md +++ b/kibana/examples/security/README.md @@ -1,6 +1,6 @@ # Security -This example deploy Kibana 7.11.0-SNAPSHOT using authentication and TLS to connect to +This example deploy Kibana 7.12.0-SNAPSHOT using authentication and TLS to connect to Elasticsearch (see [values][]). diff --git a/kibana/examples/upgrade/Makefile b/kibana/examples/upgrade/Makefile index 988c56c00..b01368a95 100644 --- a/kibana/examples/upgrade/Makefile +++ b/kibana/examples/upgrade/Makefile @@ -5,10 +5,9 @@ include ../../../helpers/examples.mk CHART := kibana RELEASE := helm-kibana-upgrade FROM := 7.4.0 # versions before 7.4.O aren't compatible with Kubernetes >= 1.16.0 -TO := 7.10.0 # required to use with Elasticsearch 7.10.0 install: - ../../../helpers/upgrade.sh --chart $(CHART) --release $(RELEASE) --from $(FROM) --to $(TO) + ../../../helpers/upgrade.sh --chart $(CHART) --release $(RELEASE) --from $(FROM) kubectl rollout status deployment $(RELEASE)-kibana test: install goss diff --git a/kibana/examples/upgrade/test/goss.yaml b/kibana/examples/upgrade/test/goss.yaml index 5b3a1b28a..53a1a3292 100644 --- a/kibana/examples/upgrade/test/goss.yaml +++ b/kibana/examples/upgrade/test/goss.yaml @@ -3,7 +3,7 @@ http: status: 200 timeout: 2000 body: - - '"number":"7.10.0"' + - '"number":"7.12.0"' http://localhost:5601/app/kibana: status: 200 diff --git a/kibana/values.yaml b/kibana/values.yaml index a84a29746..a248ee0c3 100755 --- a/kibana/values.yaml +++ b/kibana/values.yaml @@ -35,7 +35,7 @@ hostAliases: [] # - "bar.local" image: "docker.elastic.co/kibana/kibana" -imageTag: "7.11.0-SNAPSHOT" +imageTag: "7.12.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" # additionals labels diff --git a/logstash/Chart.yaml b/logstash/Chart.yaml index faa19198c..304bcb5a7 100755 --- a/logstash/Chart.yaml +++ b/logstash/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: logstash -version: 7.11.0-SNAPSHOT -appVersion: 7.11.0-SNAPSHOT +version: 7.12.0-SNAPSHOT +appVersion: 7.12.0-SNAPSHOT sources: - https://github.com/elastic/logstash icon: https://helm.elastic.co/icons/logstash.png diff --git a/logstash/README.md b/logstash/README.md index bb7dca235..07cc3acae 100644 --- a/logstash/README.md +++ b/logstash/README.md @@ -44,7 +44,7 @@ See [supported configurations][] for more details. ## Installing -This chart is tested with the latest 7.11.0-SNAPSHOT version. +This chart is tested with the latest 7.12.0-SNAPSHOT version. ### Install released version using Helm repository @@ -62,8 +62,8 @@ This chart is tested with the latest 7.11.0-SNAPSHOT version. * Checkout the branch : `git checkout 7.x` * Install it: - - with Helm 3: `helm install logstash ./helm-charts/logstash --set imageTag=7.11.0-SNAPSHOT` - - with Helm 2 (deprecated): `helm install --name logstash ./helm-charts/logstash --set imageTag=7.11.0-SNAPSHOT` + - with Helm 3: `helm install logstash ./helm-charts/logstash --set imageTag=7.12.0-SNAPSHOT` + - with Helm 2 (deprecated): `helm install --name logstash ./helm-charts/logstash --set imageTag=7.12.0-SNAPSHOT` ## Upgrading @@ -120,7 +120,7 @@ useful for the [http input plugin][], for instance. | `httpPort` | The http port that Kubernetes will use for the healthchecks and the service | `9600` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The Logstash Docker image tag | `7.11.0-SNAPSHOT` | +| `imageTag` | The Logstash Docker image tag | `7.12.0-SNAPSHOT` | | `image` | The Logstash Docker image | `docker.elastic.co/logstash/logstash` | | `labels` | Configurable [labels][] applied to all Logstash pods | `{}` | | `ingress` | Configurable [ingress][] for external access to Logstash HTTP port. | see [values.yaml][] | diff --git a/logstash/examples/default/README.md b/logstash/examples/default/README.md index 02595122f..7e7d60004 100644 --- a/logstash/examples/default/README.md +++ b/logstash/examples/default/README.md @@ -1,6 +1,6 @@ # Default -This example deploy Logstash 7.11.0-SNAPSHOT using [default values][]. +This example deploy Logstash 7.12.0-SNAPSHOT using [default values][]. ## Usage diff --git a/logstash/examples/default/test/goss.yaml b/logstash/examples/default/test/goss.yaml index 30692c5ba..dbe2fa2b9 100644 --- a/logstash/examples/default/test/goss.yaml +++ b/logstash/examples/default/test/goss.yaml @@ -9,7 +9,7 @@ http: status: 200 timeout: 2000 body: - - '"version" : "7.11.0"' + - '"version" : "7.12.0"' - '"http_address" : "0.0.0.0:9600"' - '"status" : "green"' - '"workers" : 1' diff --git a/logstash/examples/elasticsearch/README.md b/logstash/examples/elasticsearch/README.md index cc4f7308e..113ba1eb7 100644 --- a/logstash/examples/elasticsearch/README.md +++ b/logstash/examples/elasticsearch/README.md @@ -1,6 +1,6 @@ # Elasticsearch -This example deploy Logstash 7.11.0-SNAPSHOT which connects to Elasticsearch (see +This example deploy Logstash 7.12.0-SNAPSHOT which connects to Elasticsearch (see [values][]). diff --git a/logstash/examples/elasticsearch/test/goss.yaml b/logstash/examples/elasticsearch/test/goss.yaml index 44dde4e7b..5fa73dede 100644 --- a/logstash/examples/elasticsearch/test/goss.yaml +++ b/logstash/examples/elasticsearch/test/goss.yaml @@ -21,7 +21,7 @@ http: status: 200 timeout: 2000 body: - - '"version" : "7.11.0"' + - '"version" : "7.12.0"' - '"http_address" : "0.0.0.0:9600"' - '"status" : "green"' - '"workers" : 1' diff --git a/logstash/examples/oss/README.md b/logstash/examples/oss/README.md index 229f720ef..9a598c1dc 100644 --- a/logstash/examples/oss/README.md +++ b/logstash/examples/oss/README.md @@ -1,6 +1,6 @@ # OSS -This example deploy Logstash 7.11.0-SNAPSHOT using [Logstash OSS][] version. +This example deploy Logstash 7.12.0-SNAPSHOT using [Logstash OSS][] version. ## Usage diff --git a/logstash/examples/oss/test/goss.yaml b/logstash/examples/oss/test/goss.yaml index c9e7db754..cf00a7bea 100644 --- a/logstash/examples/oss/test/goss.yaml +++ b/logstash/examples/oss/test/goss.yaml @@ -9,7 +9,7 @@ http: status: 200 timeout: 2000 body: - - '"version" : "7.11.0"' + - '"version" : "7.12.0"' - '"http_address" : "0.0.0.0:9600"' - '"status" : "green"' - '"workers" : 1' diff --git a/logstash/examples/security/test/goss.yaml b/logstash/examples/security/test/goss.yaml index db45c2012..a3d1611ee 100644 --- a/logstash/examples/security/test/goss.yaml +++ b/logstash/examples/security/test/goss.yaml @@ -21,7 +21,7 @@ http: status: 200 timeout: 2000 body: - - '"version" : "7.11.0"' + - '"version" : "7.12.0"' - '"http_address" : "0.0.0.0:9600"' - '"status" : "green"' - '"workers" : 1' diff --git a/logstash/examples/upgrade/test/goss.yaml b/logstash/examples/upgrade/test/goss.yaml index 30692c5ba..dbe2fa2b9 100644 --- a/logstash/examples/upgrade/test/goss.yaml +++ b/logstash/examples/upgrade/test/goss.yaml @@ -9,7 +9,7 @@ http: status: 200 timeout: 2000 body: - - '"version" : "7.11.0"' + - '"version" : "7.12.0"' - '"http_address" : "0.0.0.0:9600"' - '"status" : "green"' - '"workers" : 1' diff --git a/logstash/values.yaml b/logstash/values.yaml index a6e15ec39..b2028be6c 100755 --- a/logstash/values.yaml +++ b/logstash/values.yaml @@ -72,7 +72,7 @@ hostAliases: [] # - "bar.local" image: "docker.elastic.co/logstash/logstash" -imageTag: "7.11.0-SNAPSHOT" +imageTag: "7.12.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" imagePullSecrets: [] diff --git a/metricbeat/Chart.yaml b/metricbeat/Chart.yaml index c180b16dc..2bfa23c68 100755 --- a/metricbeat/Chart.yaml +++ b/metricbeat/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: metricbeat -version: 7.11.0-SNAPSHOT -appVersion: 7.11.0-SNAPSHOT +version: 7.12.0-SNAPSHOT +appVersion: 7.12.0-SNAPSHOT sources: - https://github.com/elastic/beats icon: https://helm.elastic.co/icons/beats.png diff --git a/metricbeat/README.md b/metricbeat/README.md index dfd0ad65b..2bcf11504 100644 --- a/metricbeat/README.md +++ b/metricbeat/README.md @@ -41,7 +41,7 @@ See [supported configurations][] for more details. ## Installing -This chart is tested with the latest 7.11.0-SNAPSHOT version. +This chart is tested with the latest 7.12.0-SNAPSHOT version. ### Install released version using Helm repository @@ -60,8 +60,8 @@ This chart is tested with the latest 7.11.0-SNAPSHOT version. * Checkout the branch : `git checkout 7.x` * Install it: - - with Helm 3: `helm install metricbeat ./helm-charts/metricbeat --set imageTag=7.11.0-SNAPSHOT` - - with Helm 2 (deprecated): `helm install --name metricbeat ./helm-charts/metricbeat --set imageTag=7.11.0-SNAPSHOT` + - with Helm 3: `helm install metricbeat ./helm-charts/metricbeat --set imageTag=7.12.0-SNAPSHOT` + - with Helm 2 (deprecated): `helm install --name metricbeat ./helm-charts/metricbeat --set imageTag=7.12.0-SNAPSHOT` ## Upgrading @@ -131,7 +131,7 @@ as a reference. They are also used in the automated testing of this chart. | `hostPathRoot` | Fully-qualified [hostPath][] that will be used to persist Metricbeat registry data | `/var/lib` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The Metricbeat Docker image tag | `7.11.0-SNAPSHOT` | +| `imageTag` | The Metricbeat Docker image tag | `7.12.0-SNAPSHOT` | | `image` | The Metricbeat Docker image | `docker.elastic.co/beats/metricbeat` | | `kube_state_metrics.enabled` | Install [kube-state-metrics](https://github.com/helm/charts/tree/master/stable/kube-state-metrics) as a dependency | `true` | | `kube_state_metrics.host` | Define kube-state-metrics endpoint for an existing deployment. Works only if `kube_state_metrics.enabled: false` | `""` | diff --git a/metricbeat/examples/default/README.md b/metricbeat/examples/default/README.md index 55359c86a..8c3db7411 100644 --- a/metricbeat/examples/default/README.md +++ b/metricbeat/examples/default/README.md @@ -1,6 +1,6 @@ # Default -This example deploy Metricbeat 7.11.0-SNAPSHOT using [default values][]. +This example deploy Metricbeat 7.12.0-SNAPSHOT using [default values][]. ## Usage diff --git a/metricbeat/examples/default/test/goss-metrics.yaml b/metricbeat/examples/default/test/goss-metrics.yaml index 56b789fc6..7ed9e54fb 100644 --- a/metricbeat/examples/default/test/goss-metrics.yaml +++ b/metricbeat/examples/default/test/goss-metrics.yaml @@ -21,13 +21,13 @@ http: status: 200 timeout: 2000 body: - - "metricbeat-7.11.0" + - "metricbeat-7.12.0" 'http://elasticsearch-master:9200/_search?q=metricset.name:state_container%20AND%20kubernetes.container.name:metricbeat': status: 200 timeout: 2000 body: - - "metricbeat-7.11.0" + - "metricbeat-7.12.0" file: /usr/share/metricbeat/metricbeat.yml: @@ -41,4 +41,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: http://elasticsearch-master:9200' - - 'version: 7.11.0' + - 'version: 7.12.0' diff --git a/metricbeat/examples/default/test/goss.yaml b/metricbeat/examples/default/test/goss.yaml index 5550710da..d87116b95 100644 --- a/metricbeat/examples/default/test/goss.yaml +++ b/metricbeat/examples/default/test/goss.yaml @@ -25,12 +25,12 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.11.0' + - 'metricbeat-7.12.0' 'http://elasticsearch-master:9200/_search?q=metricset.name:container%20AND%20kubernetes.container.name:metricbeat': status: 200 timeout: 2000 body: - - 'metricbeat-7.11.0' + - 'metricbeat-7.12.0' file: /usr/share/metricbeat/metricbeat.yml: @@ -45,4 +45,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: http://elasticsearch-master:9200' - - 'version: 7.11.0' + - 'version: 7.12.0' diff --git a/metricbeat/examples/oss/README.md b/metricbeat/examples/oss/README.md index fc8e93195..5cb6452bc 100644 --- a/metricbeat/examples/oss/README.md +++ b/metricbeat/examples/oss/README.md @@ -1,6 +1,6 @@ # OSS -This example deploy Metricbeat 7.11.0-SNAPSHOT using [Metricbeat OSS][] version. +This example deploy Metricbeat 7.12.0-SNAPSHOT using [Metricbeat OSS][] version. ## Usage diff --git a/metricbeat/examples/oss/test/goss-metrics.yaml b/metricbeat/examples/oss/test/goss-metrics.yaml index 8d49193c6..51f868106 100644 --- a/metricbeat/examples/oss/test/goss-metrics.yaml +++ b/metricbeat/examples/oss/test/goss-metrics.yaml @@ -21,12 +21,12 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-oss-7.11.0' + - 'metricbeat-oss-7.12.0' http://elasticsearch-master:9200/_search?q=metricset.name:state_deployment: status: 200 timeout: 2000 body: - - 'metricbeat-oss-7.11.0' + - 'metricbeat-oss-7.12.0' file: /usr/share/metricbeat/metricbeat.yml: diff --git a/metricbeat/examples/oss/test/goss.yaml b/metricbeat/examples/oss/test/goss.yaml index d4640ce00..890f0bd95 100644 --- a/metricbeat/examples/oss/test/goss.yaml +++ b/metricbeat/examples/oss/test/goss.yaml @@ -25,12 +25,12 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-oss-7.11.0' + - 'metricbeat-oss-7.12.0' http://elasticsearch-master:9200/_search?q=metricset.name:container: status: 200 timeout: 2000 body: - - 'metricbeat-oss-7.11.0' + - 'metricbeat-oss-7.12.0' file: /usr/share/metricbeat/metricbeat.yml: diff --git a/metricbeat/examples/security/README.md b/metricbeat/examples/security/README.md index 0d5751914..5bdf95988 100644 --- a/metricbeat/examples/security/README.md +++ b/metricbeat/examples/security/README.md @@ -1,6 +1,6 @@ # Security -This example deploy Metricbeat 7.11.0-SNAPSHOT using authentication and TLS to connect to +This example deploy Metricbeat 7.12.0-SNAPSHOT using authentication and TLS to connect to Elasticsearch (see [values][]). diff --git a/metricbeat/examples/security/test/goss-metrics.yaml b/metricbeat/examples/security/test/goss-metrics.yaml index fbe450c9e..6982d8be8 100644 --- a/metricbeat/examples/security/test/goss-metrics.yaml +++ b/metricbeat/examples/security/test/goss-metrics.yaml @@ -21,7 +21,7 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.11.0' + - 'metricbeat-7.12.0' allow-insecure: true username: '{{ .Env.ELASTICSEARCH_USERNAME }}' password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' @@ -29,7 +29,7 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.11.0' + - 'metricbeat-7.12.0' allow-insecure: true username: '{{ .Env.ELASTICSEARCH_USERNAME }}' password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' @@ -45,4 +45,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: https://security-master:9200' - - 'version: 7.11.0' + - 'version: 7.12.0' diff --git a/metricbeat/examples/security/test/goss.yaml b/metricbeat/examples/security/test/goss.yaml index 333065e9f..5ace7dc76 100644 --- a/metricbeat/examples/security/test/goss.yaml +++ b/metricbeat/examples/security/test/goss.yaml @@ -25,7 +25,7 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.11.0' + - 'metricbeat-7.12.0' allow-insecure: true username: '{{ .Env.ELASTICSEARCH_USERNAME }}' password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' @@ -33,7 +33,7 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.11.0' + - 'metricbeat-7.12.0' allow-insecure: true username: '{{ .Env.ELASTICSEARCH_USERNAME }}' password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' @@ -50,4 +50,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: https://security-master:9200' - - 'version: 7.11.0' + - 'version: 7.12.0' diff --git a/metricbeat/examples/upgrade/test/goss-metrics.yaml b/metricbeat/examples/upgrade/test/goss-metrics.yaml index ed1d30db3..bd510e19d 100644 --- a/metricbeat/examples/upgrade/test/goss-metrics.yaml +++ b/metricbeat/examples/upgrade/test/goss-metrics.yaml @@ -21,13 +21,13 @@ http: status: 200 timeout: 2000 body: - - "metricbeat-7.10.0" + - "metricbeat-7.12.0" ? "http://upgrade-master:9200/_search?q=metricset.name:state_container%20AND%20kubernetes.container.name:metricbeat" : status: 200 timeout: 2000 body: - - "metricbeat-7.10.0" + - "metricbeat-7.12.0" file: /usr/share/metricbeat/metricbeat.yml: diff --git a/metricbeat/examples/upgrade/test/goss.yaml b/metricbeat/examples/upgrade/test/goss.yaml index e39d75ab9..67461fe5d 100644 --- a/metricbeat/examples/upgrade/test/goss.yaml +++ b/metricbeat/examples/upgrade/test/goss.yaml @@ -25,12 +25,12 @@ http: status: 200 timeout: 2000 body: - - "metricbeat-7.11.0" + - "metricbeat-7.12.0" ? "http://upgrade-master:9200/_search?q=metricset.name:container%20AND%20kubernetes.container.name:metricbeat" : status: 200 timeout: 2000 body: - - "metricbeat-7.11.0" + - "metricbeat-7.12.0" file: /usr/share/metricbeat/metricbeat.yml: diff --git a/metricbeat/values.yaml b/metricbeat/values.yaml index c8c88662c..830fbe386 100755 --- a/metricbeat/values.yaml +++ b/metricbeat/values.yaml @@ -181,7 +181,7 @@ extraInitContainers: "" hostPathRoot: /var/lib image: "docker.elastic.co/beats/metricbeat" -imageTag: "7.11.0-SNAPSHOT" +imageTag: "7.12.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" imagePullSecrets: [] From 3ffc414dbfdbbed2337d7cfb0f7ae4c4082ccac8 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Thu, 18 Mar 2021 15:25:04 +0100 Subject: [PATCH 139/151] [meta] bump 7.x branch to 7.13.0-SNAPSHOT (#1114) This commit bump the 7.x branch which will be dedicated to the 7.x.x releases for the Helm Charts. It will allow to: - test this branch with the daily Stack Docker images 7.13.0-SNAPSHOT via dedicated Jenkins jobs --- apm-server/Chart.yaml | 4 ++-- apm-server/README.md | 10 +++++----- apm-server/examples/default/README.md | 2 +- apm-server/examples/default/test/goss.yaml | 2 +- apm-server/examples/oss/README.md | 2 +- apm-server/examples/oss/test/goss.yaml | 4 ++-- apm-server/examples/security/README.md | 2 +- apm-server/examples/security/test/goss.yaml | 2 +- apm-server/examples/upgrade/test/goss.yaml | 2 +- apm-server/values.yaml | 2 +- elasticsearch/Chart.yaml | 4 ++-- elasticsearch/README.md | 8 ++++---- elasticsearch/examples/config/README.md | 2 +- elasticsearch/examples/default/README.md | 2 +- elasticsearch/examples/default/test/goss.yaml | 2 +- elasticsearch/examples/docker-for-mac/README.md | 2 +- elasticsearch/examples/kubernetes-kind/README.md | 2 +- elasticsearch/examples/microk8s/README.md | 2 +- elasticsearch/examples/minikube/README.md | 2 +- elasticsearch/examples/multi/README.md | 2 +- elasticsearch/examples/openshift/README.md | 2 +- elasticsearch/examples/openshift/test/goss.yaml | 2 +- elasticsearch/examples/security/README.md | 2 +- elasticsearch/examples/upgrade/test/goss.yaml | 2 +- elasticsearch/values.yaml | 2 +- filebeat/Chart.yaml | 4 ++-- filebeat/README.md | 8 ++++---- filebeat/examples/default/README.md | 2 +- filebeat/examples/default/test/goss.yaml | 4 ++-- filebeat/examples/deployment/README.md | 2 +- filebeat/examples/deployment/test/goss.yaml | 2 +- filebeat/examples/oss/README.md | 2 +- filebeat/examples/oss/test/goss.yaml | 2 +- filebeat/examples/security/README.md | 2 +- filebeat/examples/security/test/goss.yaml | 2 +- filebeat/examples/upgrade/test/goss.yaml | 2 +- filebeat/values.yaml | 2 +- helpers/bumper.py | 2 +- helpers/examples.mk | 2 +- kibana/Chart.yaml | 4 ++-- kibana/README.md | 8 ++++---- kibana/examples/default/README.md | 2 +- kibana/examples/default/test/goss.yaml | 2 +- kibana/examples/openshift/README.md | 2 +- kibana/examples/security/README.md | 2 +- kibana/examples/upgrade/test/goss.yaml | 2 +- kibana/values.yaml | 2 +- logstash/Chart.yaml | 4 ++-- logstash/README.md | 8 ++++---- logstash/examples/default/README.md | 2 +- logstash/examples/default/test/goss.yaml | 2 +- logstash/examples/elasticsearch/README.md | 2 +- logstash/examples/elasticsearch/test/goss.yaml | 2 +- logstash/examples/oss/README.md | 2 +- logstash/examples/oss/test/goss.yaml | 2 +- logstash/examples/security/test/goss.yaml | 2 +- logstash/examples/upgrade/test/goss.yaml | 2 +- logstash/values.yaml | 2 +- metricbeat/Chart.yaml | 4 ++-- metricbeat/README.md | 8 ++++---- metricbeat/examples/default/README.md | 2 +- metricbeat/examples/default/test/goss-metrics.yaml | 6 +++--- metricbeat/examples/default/test/goss.yaml | 6 +++--- metricbeat/examples/oss/README.md | 2 +- metricbeat/examples/oss/test/goss-metrics.yaml | 4 ++-- metricbeat/examples/oss/test/goss.yaml | 4 ++-- metricbeat/examples/security/README.md | 2 +- metricbeat/examples/security/test/goss-metrics.yaml | 6 +++--- metricbeat/examples/security/test/goss.yaml | 6 +++--- metricbeat/examples/upgrade/test/goss-metrics.yaml | 4 ++-- metricbeat/examples/upgrade/test/goss.yaml | 4 ++-- metricbeat/values.yaml | 2 +- 72 files changed, 111 insertions(+), 111 deletions(-) diff --git a/apm-server/Chart.yaml b/apm-server/Chart.yaml index 0a85f33fe..ae0994ba6 100755 --- a/apm-server/Chart.yaml +++ b/apm-server/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: apm-server -version: 7.12.0-SNAPSHOT -appVersion: 7.12.0-SNAPSHOT +version: 7.13.0-SNAPSHOT +appVersion: 7.13.0-SNAPSHOT sources: - https://github.com/elastic/apm icon: https://helm.elastic.co/icons/apm.png diff --git a/apm-server/README.md b/apm-server/README.md index 3921571e8..a324d25a6 100644 --- a/apm-server/README.md +++ b/apm-server/README.md @@ -44,7 +44,7 @@ See [supported configurations][] for more details. ## Installing -This chart is tested with the latest 7.12.0-SNAPSHOT version. +This chart is tested with the latest 7.13.0-SNAPSHOT version. ### Install released version using Helm repository @@ -62,8 +62,8 @@ This chart is tested with the latest 7.12.0-SNAPSHOT version. * Checkout the branch : `git checkout 7.x` * Install it: - - with Helm 3: `helm install apm-server ./helm-charts/apm-server --set imageTag=7.12.0-SNAPSHOT` - - with Helm 2 (deprecated): `helm install --name apm-server ./helm-charts/apm-server --set imageTag=7.12.0-SNAPSHOT` + - with Helm 3: `helm install apm-server ./helm-charts/apm-server --set imageTag=7.13.0-SNAPSHOT` + - with Helm 2 (deprecated): `helm install --name apm-server ./helm-charts/apm-server --set imageTag=7.13.0-SNAPSHOT` ## Upgrading @@ -102,7 +102,7 @@ as a reference. They are also used in the automated testing of this chart. | `hostAliases` | Configurable [hostAliases][] | `[]` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The APM Server Docker image tag | `7.12.0-SNAPSHOT` | +| `imageTag` | The APM Server Docker image tag | `7.13.0-SNAPSHOT` | | `image` | The APM Server Docker image | `docker.elastic.co/apm/apm-server` | | `ingress` | Configurable [ingress][] to expose the APM Server service | see [values.yaml][] | | `labels` | Configurable [labels][] applied to all APM server pods | `{}` | @@ -156,7 +156,7 @@ about our development and testing process. [CONTRIBUTING.md]: https://github.com/elastic/helm-charts/blob/master/CONTRIBUTING.md [affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity [annotations]: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ -[apm server docker image]: https://www.elastic.co/guide/en/apm/server/7.12/running-on-docker.html +[apm server docker image]: https://www.elastic.co/guide/en/apm/server/7.13/running-on-docker.html [apm server oss docker image]: https://www.docker.elastic.co/r/apm/apm-server-oss [default elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/README.md#default [environment variables]: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config diff --git a/apm-server/examples/default/README.md b/apm-server/examples/default/README.md index d6454e8c5..81d8d1048 100644 --- a/apm-server/examples/default/README.md +++ b/apm-server/examples/default/README.md @@ -1,6 +1,6 @@ # Default -This example deploy APM Server 7.12.0-SNAPSHOT using [default values][]. +This example deploy APM Server 7.13.0-SNAPSHOT using [default values][]. ## Usage diff --git a/apm-server/examples/default/test/goss.yaml b/apm-server/examples/default/test/goss.yaml index a417816ba..366ca343f 100644 --- a/apm-server/examples/default/test/goss.yaml +++ b/apm-server/examples/default/test/goss.yaml @@ -3,4 +3,4 @@ http: status: 200 timeout: 2000 body: - - "7.12.0" + - "7.13.0" diff --git a/apm-server/examples/oss/README.md b/apm-server/examples/oss/README.md index 92fe0f73d..088e2a6fc 100644 --- a/apm-server/examples/oss/README.md +++ b/apm-server/examples/oss/README.md @@ -1,6 +1,6 @@ # OSS -This example deploy APM Server 7.12.0-SNAPSHOT using [APM Server OSS][] version. +This example deploy APM Server 7.13.0-SNAPSHOT using [APM Server OSS][] version. ## Usage diff --git a/apm-server/examples/oss/test/goss.yaml b/apm-server/examples/oss/test/goss.yaml index a4561dae0..20f8154bb 100644 --- a/apm-server/examples/oss/test/goss.yaml +++ b/apm-server/examples/oss/test/goss.yaml @@ -3,9 +3,9 @@ http: status: 200 timeout: 2000 body: - - '7.12.0' + - '7.13.0' http://elasticsearch-master:9200/_cat/indices: status: 200 timeout: 2000 body: - - 'apm-oss-7.12.0' + - 'apm-oss-7.13.0' diff --git a/apm-server/examples/security/README.md b/apm-server/examples/security/README.md index 1399691e5..dec218585 100644 --- a/apm-server/examples/security/README.md +++ b/apm-server/examples/security/README.md @@ -1,6 +1,6 @@ # Security -This example deploy APM Server 7.12.0-SNAPSHOT using authentication and TLS to connect to +This example deploy APM Server 7.13.0-SNAPSHOT using authentication and TLS to connect to Elasticsearch (see [values][]). diff --git a/apm-server/examples/security/test/goss.yaml b/apm-server/examples/security/test/goss.yaml index a417816ba..366ca343f 100644 --- a/apm-server/examples/security/test/goss.yaml +++ b/apm-server/examples/security/test/goss.yaml @@ -3,4 +3,4 @@ http: status: 200 timeout: 2000 body: - - "7.12.0" + - "7.13.0" diff --git a/apm-server/examples/upgrade/test/goss.yaml b/apm-server/examples/upgrade/test/goss.yaml index a417816ba..366ca343f 100644 --- a/apm-server/examples/upgrade/test/goss.yaml +++ b/apm-server/examples/upgrade/test/goss.yaml @@ -3,4 +3,4 @@ http: status: 200 timeout: 2000 body: - - "7.12.0" + - "7.13.0" diff --git a/apm-server/values.yaml b/apm-server/values.yaml index bf2967aef..788575bbf 100755 --- a/apm-server/values.yaml +++ b/apm-server/values.yaml @@ -68,7 +68,7 @@ hostAliases: [] # - "bar.local" image: "docker.elastic.co/apm/apm-server" -imageTag: "7.12.0-SNAPSHOT" +imageTag: "7.13.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" imagePullSecrets: [] diff --git a/elasticsearch/Chart.yaml b/elasticsearch/Chart.yaml index 4ee440e1a..755e4ad4c 100755 --- a/elasticsearch/Chart.yaml +++ b/elasticsearch/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: elasticsearch -version: 7.12.0-SNAPSHOT -appVersion: 7.12.0-SNAPSHOT +version: 7.13.0-SNAPSHOT +appVersion: 7.13.0-SNAPSHOT sources: - https://github.com/elastic/elasticsearch icon: https://helm.elastic.co/icons/elasticsearch.png diff --git a/elasticsearch/README.md b/elasticsearch/README.md index 8ab700f0c..0e4722b4b 100644 --- a/elasticsearch/README.md +++ b/elasticsearch/README.md @@ -53,7 +53,7 @@ See [supported configurations][] for more details. ## Installing -This chart is tested with the latest 7.12.0-SNAPSHOT version. +This chart is tested with the latest 7.13.0-SNAPSHOT version. ### Install released version using Helm repository @@ -71,8 +71,8 @@ This chart is tested with the latest 7.12.0-SNAPSHOT version. * Checkout the branch : `git checkout 7.x` * Install it: - - with Helm 3: `helm install elasticsearch ./helm-charts/elasticsearch --set imageTag=7.12.0-SNAPSHOT` - - with Helm 2 (deprecated): `helm install --name elasticsearch ./helm-charts/elasticsearch --set imageTag=7.12.0-SNAPSHOT` + - with Helm 3: `helm install elasticsearch ./helm-charts/elasticsearch --set imageTag=7.13.0-SNAPSHOT` + - with Helm 2 (deprecated): `helm install --name elasticsearch ./helm-charts/elasticsearch --set imageTag=7.13.0-SNAPSHOT` ## Upgrading @@ -129,7 +129,7 @@ support multiple versions with minimal changes. | `httpPort` | The http port that Kubernetes will use for the healthchecks and the service. If you change this you will also need to set [http.port][] in `extraEnvs` | `9200` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The Elasticsearch Docker image tag | `7.12.0-SNAPSHOT` | +| `imageTag` | The Elasticsearch Docker image tag | `7.13.0-SNAPSHOT` | | `image` | The Elasticsearch Docker image | `docker.elastic.co/elasticsearch/elasticsearch` | | `ingress` | Configurable [ingress][] to expose the Elasticsearch service. See [values.yaml][] for an example | see [values.yaml][] | | `initResources` | Allows you to set the [resources][] for the `initContainer` in the StatefulSet | `{}` | diff --git a/elasticsearch/examples/config/README.md b/elasticsearch/examples/config/README.md index 3413c8bd9..8b48ca82c 100644 --- a/elasticsearch/examples/config/README.md +++ b/elasticsearch/examples/config/README.md @@ -1,6 +1,6 @@ # Config -This example deploy a single node Elasticsearch 7.12.0-SNAPSHOT with authentication and +This example deploy a single node Elasticsearch 7.13.0-SNAPSHOT with authentication and custom [values][]. diff --git a/elasticsearch/examples/default/README.md b/elasticsearch/examples/default/README.md index a8d55a866..3f52d248f 100644 --- a/elasticsearch/examples/default/README.md +++ b/elasticsearch/examples/default/README.md @@ -1,6 +1,6 @@ # Default -This example deploy a 3 nodes Elasticsearch 7.12.0-SNAPSHOT cluster using +This example deploy a 3 nodes Elasticsearch 7.13.0-SNAPSHOT cluster using [default values][]. diff --git a/elasticsearch/examples/default/test/goss.yaml b/elasticsearch/examples/default/test/goss.yaml index cea0e1be4..4815a8c60 100644 --- a/elasticsearch/examples/default/test/goss.yaml +++ b/elasticsearch/examples/default/test/goss.yaml @@ -15,7 +15,7 @@ http: status: 200 timeout: 2000 body: - - '"number" : "7.12.0-SNAPSHOT"' + - '"number" : "7.13.0-SNAPSHOT"' - '"cluster_name" : "elasticsearch"' - "You Know, for Search" diff --git a/elasticsearch/examples/docker-for-mac/README.md b/elasticsearch/examples/docker-for-mac/README.md index 730aeefc0..d3d4261da 100644 --- a/elasticsearch/examples/docker-for-mac/README.md +++ b/elasticsearch/examples/docker-for-mac/README.md @@ -1,6 +1,6 @@ # Docker for Mac -This example deploy a 3 nodes Elasticsearch 7.12.0-SNAPSHOT cluster on [Docker for Mac][] +This example deploy a 3 nodes Elasticsearch 7.13.0-SNAPSHOT cluster on [Docker for Mac][] using [custom values][]. Note that this configuration should be used for test only and isn't recommended diff --git a/elasticsearch/examples/kubernetes-kind/README.md b/elasticsearch/examples/kubernetes-kind/README.md index fc2439cb3..f8fee3b97 100644 --- a/elasticsearch/examples/kubernetes-kind/README.md +++ b/elasticsearch/examples/kubernetes-kind/README.md @@ -1,6 +1,6 @@ # KIND -This example deploy a 3 nodes Elasticsearch 7.12.0-SNAPSHOT cluster on [Kind][] +This example deploy a 3 nodes Elasticsearch 7.13.0-SNAPSHOT cluster on [Kind][] using [custom values][]. Note that this configuration should be used for test only and isn't recommended diff --git a/elasticsearch/examples/microk8s/README.md b/elasticsearch/examples/microk8s/README.md index 8c9b39299..c1492c8b6 100644 --- a/elasticsearch/examples/microk8s/README.md +++ b/elasticsearch/examples/microk8s/README.md @@ -1,6 +1,6 @@ # MicroK8S -This example deploy a 3 nodes Elasticsearch 7.12.0-SNAPSHOT cluster on [MicroK8S][] +This example deploy a 3 nodes Elasticsearch 7.13.0-SNAPSHOT cluster on [MicroK8S][] using [custom values][]. Note that this configuration should be used for test only and isn't recommended diff --git a/elasticsearch/examples/minikube/README.md b/elasticsearch/examples/minikube/README.md index 5c06eb555..5c97fc6ce 100644 --- a/elasticsearch/examples/minikube/README.md +++ b/elasticsearch/examples/minikube/README.md @@ -1,6 +1,6 @@ # Minikube -This example deploy a 3 nodes Elasticsearch 7.12.0-SNAPSHOT cluster on [Minikube][] +This example deploy a 3 nodes Elasticsearch 7.13.0-SNAPSHOT cluster on [Minikube][] using [custom values][]. If helm or kubectl timeouts occur, you may consider creating a minikube VM with diff --git a/elasticsearch/examples/multi/README.md b/elasticsearch/examples/multi/README.md index befed7bdd..ad0dbe1e9 100644 --- a/elasticsearch/examples/multi/README.md +++ b/elasticsearch/examples/multi/README.md @@ -1,6 +1,6 @@ # Multi -This example deploy an Elasticsearch 7.12.0-SNAPSHOT cluster composed of 3 different Helm +This example deploy an Elasticsearch 7.13.0-SNAPSHOT cluster composed of 3 different Helm releases: - `helm-es-multi-master` for the 3 master nodes using [master values][] diff --git a/elasticsearch/examples/openshift/README.md b/elasticsearch/examples/openshift/README.md index 331e4f8c8..233aa2cf2 100644 --- a/elasticsearch/examples/openshift/README.md +++ b/elasticsearch/examples/openshift/README.md @@ -1,6 +1,6 @@ # OpenShift -This example deploy a 3 nodes Elasticsearch 7.12.0-SNAPSHOT cluster on [OpenShift][] +This example deploy a 3 nodes Elasticsearch 7.13.0-SNAPSHOT cluster on [OpenShift][] using [custom values][]. ## Usage diff --git a/elasticsearch/examples/openshift/test/goss.yaml b/elasticsearch/examples/openshift/test/goss.yaml index dd5d8350f..1cb6c61c7 100644 --- a/elasticsearch/examples/openshift/test/goss.yaml +++ b/elasticsearch/examples/openshift/test/goss.yaml @@ -11,6 +11,6 @@ http: status: 200 timeout: 2000 body: - - '"number" : "7.12.0"' + - '"number" : "7.13.0"' - '"cluster_name" : "elasticsearch"' - "You Know, for Search" diff --git a/elasticsearch/examples/security/README.md b/elasticsearch/examples/security/README.md index 180e3c4a4..9426d3926 100644 --- a/elasticsearch/examples/security/README.md +++ b/elasticsearch/examples/security/README.md @@ -1,6 +1,6 @@ # Security -This example deploy a 3 nodes Elasticsearch 7.12.0-SNAPSHOT with authentication and +This example deploy a 3 nodes Elasticsearch 7.13.0-SNAPSHOT with authentication and autogenerated certificates for TLS (see [values][]). Note that this configuration should be used for test only. For a production diff --git a/elasticsearch/examples/upgrade/test/goss.yaml b/elasticsearch/examples/upgrade/test/goss.yaml index e68971dd4..167e68056 100644 --- a/elasticsearch/examples/upgrade/test/goss.yaml +++ b/elasticsearch/examples/upgrade/test/goss.yaml @@ -11,6 +11,6 @@ http: status: 200 timeout: 2000 body: - - '"number" : "7.12.0-SNAPSHOT"' + - '"number" : "7.13.0-SNAPSHOT"' - '"cluster_name" : "upgrade"' - "You Know, for Search" diff --git a/elasticsearch/values.yaml b/elasticsearch/values.yaml index e56cd285f..1192c23b1 100755 --- a/elasticsearch/values.yaml +++ b/elasticsearch/values.yaml @@ -59,7 +59,7 @@ hostAliases: [] # - "bar.local" image: "docker.elastic.co/elasticsearch/elasticsearch" -imageTag: "7.12.0-SNAPSHOT" +imageTag: "7.13.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" podAnnotations: {} diff --git a/filebeat/Chart.yaml b/filebeat/Chart.yaml index ddf938120..4950399fb 100755 --- a/filebeat/Chart.yaml +++ b/filebeat/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: filebeat -version: 7.12.0-SNAPSHOT -appVersion: 7.12.0-SNAPSHOT +version: 7.13.0-SNAPSHOT +appVersion: 7.13.0-SNAPSHOT sources: - https://github.com/elastic/beats icon: https://helm.elastic.co/icons/beats.png diff --git a/filebeat/README.md b/filebeat/README.md index 151245044..8f1962fea 100644 --- a/filebeat/README.md +++ b/filebeat/README.md @@ -43,7 +43,7 @@ See [supported configurations][] for more details. ## Installing -This chart is tested with the latest 7.12.0-SNAPSHOT version. +This chart is tested with the latest 7.13.0-SNAPSHOT version. ### Install released version using Helm repository @@ -60,8 +60,8 @@ This chart is tested with the latest 7.12.0-SNAPSHOT version. * Checkout the branch : `git checkout 7.x` * Install it: - - with Helm 3: `helm install filebeat ./helm-charts/filebeat --set imageTag=7.12.0-SNAPSHOT` - - with Helm 2 (deprecated): `helm install --name filebeat ./helm-charts/filebeat --set imageTag=7.12.0-SNAPSHOT` + - with Helm 3: `helm install filebeat ./helm-charts/filebeat --set imageTag=7.13.0-SNAPSHOT` + - with Helm 2 (deprecated): `helm install --name filebeat ./helm-charts/filebeat --set imageTag=7.13.0-SNAPSHOT` ## Upgrading @@ -136,7 +136,7 @@ as a reference. They are also used in the automated testing of this chart. | `hostPathRoot` | Fully-qualified [hostPath][] that will be used to persist filebeat registry data | `/var/lib` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The filebeat Docker image tag | `7.12.0-SNAPSHOT` | +| `imageTag` | The filebeat Docker image tag | `7.13.0-SNAPSHOT` | | `image` | The filebeat Docker image | `docker.elastic.co/beats/filebeat` | | `livenessProbe` | Parameters to pass to liveness [probe][] checks for values such as timeouts and thresholds | see [values.yaml][] | | `managedServiceAccount` | Whether the `serviceAccount` should be managed by this helm chart. Set this to `false` in order to manage your own service account and related roles | `true` | diff --git a/filebeat/examples/default/README.md b/filebeat/examples/default/README.md index 3f5b36be5..c2eab6a58 100644 --- a/filebeat/examples/default/README.md +++ b/filebeat/examples/default/README.md @@ -1,6 +1,6 @@ # Default -This example deploy Filebeat 7.12.0-SNAPSHOT using [default values][]. +This example deploy Filebeat 7.13.0-SNAPSHOT using [default values][]. ## Usage diff --git a/filebeat/examples/default/test/goss.yaml b/filebeat/examples/default/test/goss.yaml index 65320f0c5..666d90857 100644 --- a/filebeat/examples/default/test/goss.yaml +++ b/filebeat/examples/default/test/goss.yaml @@ -29,7 +29,7 @@ http: status: 200 timeout: 2000 body: - - 'filebeat-7.12.0' + - 'filebeat-7.13.0' file: /usr/share/filebeat/filebeat.yml: @@ -44,4 +44,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: http://elasticsearch-master:9200' - - 'version: 7.12.0' + - 'version: 7.13.0' diff --git a/filebeat/examples/deployment/README.md b/filebeat/examples/deployment/README.md index 0dd03896b..0988a5270 100644 --- a/filebeat/examples/deployment/README.md +++ b/filebeat/examples/deployment/README.md @@ -1,6 +1,6 @@ # Default -This example deploy Filebeat 7.12.0-SNAPSHOT using [default values][] as a Kubernetes Deployment. +This example deploy Filebeat 7.13.0-SNAPSHOT using [default values][] as a Kubernetes Deployment. ## Usage diff --git a/filebeat/examples/deployment/test/goss.yaml b/filebeat/examples/deployment/test/goss.yaml index 1ff96cce8..dab4d63b1 100644 --- a/filebeat/examples/deployment/test/goss.yaml +++ b/filebeat/examples/deployment/test/goss.yaml @@ -3,4 +3,4 @@ http: status: 200 timeout: 2000 body: - - 'filebeat-7.12.0' + - 'filebeat-7.13.0' diff --git a/filebeat/examples/oss/README.md b/filebeat/examples/oss/README.md index 705dd13a3..4d2146417 100644 --- a/filebeat/examples/oss/README.md +++ b/filebeat/examples/oss/README.md @@ -1,6 +1,6 @@ # OSS -This example deploy Filebeat 7.12.0-SNAPSHOT using [Filebeat OSS][] version. +This example deploy Filebeat 7.13.0-SNAPSHOT using [Filebeat OSS][] version. ## Usage diff --git a/filebeat/examples/oss/test/goss.yaml b/filebeat/examples/oss/test/goss.yaml index ed6cb82cc..826ec0e8a 100644 --- a/filebeat/examples/oss/test/goss.yaml +++ b/filebeat/examples/oss/test/goss.yaml @@ -19,4 +19,4 @@ http: status: 200 timeout: 2000 body: - - "filebeat-oss-7.12.0" + - "filebeat-oss-7.13.0" diff --git a/filebeat/examples/security/README.md b/filebeat/examples/security/README.md index a822fbd7b..116d180c9 100644 --- a/filebeat/examples/security/README.md +++ b/filebeat/examples/security/README.md @@ -1,6 +1,6 @@ # Security -This example deploy Filebeat 7.12.0-SNAPSHOT using authentication and TLS to connect to +This example deploy Filebeat 7.13.0-SNAPSHOT using authentication and TLS to connect to Elasticsearch (see [values][]). diff --git a/filebeat/examples/security/test/goss.yaml b/filebeat/examples/security/test/goss.yaml index 145ae2be0..9b6ba4282 100644 --- a/filebeat/examples/security/test/goss.yaml +++ b/filebeat/examples/security/test/goss.yaml @@ -3,7 +3,7 @@ http: status: 200 timeout: 2000 body: - - "filebeat-7.12.0" + - "filebeat-7.13.0" allow-insecure: true username: '{{ .Env.ELASTICSEARCH_USERNAME }}' password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' diff --git a/filebeat/examples/upgrade/test/goss.yaml b/filebeat/examples/upgrade/test/goss.yaml index 85b6ceb53..f4743c47f 100644 --- a/filebeat/examples/upgrade/test/goss.yaml +++ b/filebeat/examples/upgrade/test/goss.yaml @@ -29,7 +29,7 @@ http: status: 200 timeout: 2000 body: - - "filebeat-7.12.0" + - "filebeat-7.13.0" file: /usr/share/filebeat/filebeat.yml: diff --git a/filebeat/values.yaml b/filebeat/values.yaml index bf266c581..82abda129 100755 --- a/filebeat/values.yaml +++ b/filebeat/values.yaml @@ -146,7 +146,7 @@ hostAliases: [] # - "foo.local" # - "bar.local" image: "docker.elastic.co/beats/filebeat" -imageTag: "7.12.0-SNAPSHOT" +imageTag: "7.13.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" imagePullSecrets: [] diff --git a/helpers/bumper.py b/helpers/bumper.py index 455da6517..72551a945 100755 --- a/helpers/bumper.py +++ b/helpers/bumper.py @@ -20,7 +20,7 @@ os.chdir(os.path.join(os.path.dirname(__file__), "..")) versions = { - 7: os.environ.get("BUMPER_VERSION_7", "7.12.0-SNAPSHOT"), + 7: os.environ.get("BUMPER_VERSION_7", "7.13.0-SNAPSHOT"), } chart_version = versions[7] diff --git a/helpers/examples.mk b/helpers/examples.mk index 03b0e0ede..6786adac0 100644 --- a/helpers/examples.mk +++ b/helpers/examples.mk @@ -1,7 +1,7 @@ GOSS_VERSION := v0.3.6 GOSS_FILE ?= goss.yaml GOSS_SELECTOR ?= release=$(RELEASE) -STACK_VERSION := 7.12.0-SNAPSHOT +STACK_VERSION := 7.13.0-SNAPSHOT TIMEOUT := 900s .PHONY: help diff --git a/kibana/Chart.yaml b/kibana/Chart.yaml index 1b7f4dea4..eeaaf2738 100755 --- a/kibana/Chart.yaml +++ b/kibana/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: kibana -version: 7.12.0-SNAPSHOT -appVersion: 7.12.0-SNAPSHOT +version: 7.13.0-SNAPSHOT +appVersion: 7.13.0-SNAPSHOT sources: - https://github.com/elastic/kibana icon: https://helm.elastic.co/icons/kibana.png diff --git a/kibana/README.md b/kibana/README.md index e84e3d405..e7712bcc2 100644 --- a/kibana/README.md +++ b/kibana/README.md @@ -40,7 +40,7 @@ See [supported configurations][] for more details. ## Installing -This chart is tested with the latest 7.12.0-SNAPSHOT version. +This chart is tested with the latest 7.13.0-SNAPSHOT version. ### Install released version using Helm repository @@ -58,8 +58,8 @@ This chart is tested with the latest 7.12.0-SNAPSHOT version. * Checkout the branch : `git checkout 7.x` * Install it: - - with Helm 3: `helm install kibana ./helm-charts/kibana --set imageTag=7.12.0-SNAPSHOT` - - with Helm 2 (deprecated): `helm install --name kibana ./helm-charts/kibana --set imageTag=7.12.0-SNAPSHOT` + - with Helm 3: `helm install kibana ./helm-charts/kibana --set imageTag=7.13.0-SNAPSHOT` + - with Helm 2 (deprecated): `helm install --name kibana ./helm-charts/kibana --set imageTag=7.13.0-SNAPSHOT` ## Upgrading @@ -93,7 +93,7 @@ as a reference. They are also used in the automated testing of this chart. | `httpPort` | The http port that Kubernetes will use for the healthchecks and the service | `5601` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][]value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The Kibana Docker image tag | `7.12.0-SNAPSHOT` | +| `imageTag` | The Kibana Docker image tag | `7.13.0-SNAPSHOT` | | `image` | The Kibana Docker image | `docker.elastic.co/kibana/kibana` | | `ingress` | Configurable [ingress][] to expose the Kibana service. | see [values.yaml][] | | `kibanaConfig` | Allows you to add any config files in `/usr/share/kibana/config/` such as `kibana.yml` See [values.yaml][] for an example of the formatting | `{}` | diff --git a/kibana/examples/default/README.md b/kibana/examples/default/README.md index e94b13f37..3bbf88e17 100644 --- a/kibana/examples/default/README.md +++ b/kibana/examples/default/README.md @@ -1,6 +1,6 @@ # Default -This example deploy Kibana 7.12.0-SNAPSHOT using [default values][]. +This example deploy Kibana 7.13.0-SNAPSHOT using [default values][]. ## Usage diff --git a/kibana/examples/default/test/goss.yaml b/kibana/examples/default/test/goss.yaml index 3b34e09c9..cc14584bb 100644 --- a/kibana/examples/default/test/goss.yaml +++ b/kibana/examples/default/test/goss.yaml @@ -3,7 +3,7 @@ http: status: 200 timeout: 2000 body: - - '"number":"7.12.0"' + - '"number":"7.13.0"' http://localhost:5601/app/kibana: status: 200 diff --git a/kibana/examples/openshift/README.md b/kibana/examples/openshift/README.md index afbf9cebc..4fe3d41cf 100644 --- a/kibana/examples/openshift/README.md +++ b/kibana/examples/openshift/README.md @@ -1,6 +1,6 @@ # OpenShift -This example deploy Kibana 7.12.0-SNAPSHOT on [OpenShift][] using [custom values][]. +This example deploy Kibana 7.13.0-SNAPSHOT on [OpenShift][] using [custom values][]. ## Usage diff --git a/kibana/examples/security/README.md b/kibana/examples/security/README.md index f60fa9b6a..a6dd5f4f5 100644 --- a/kibana/examples/security/README.md +++ b/kibana/examples/security/README.md @@ -1,6 +1,6 @@ # Security -This example deploy Kibana 7.12.0-SNAPSHOT using authentication and TLS to connect to +This example deploy Kibana 7.13.0-SNAPSHOT using authentication and TLS to connect to Elasticsearch (see [values][]). diff --git a/kibana/examples/upgrade/test/goss.yaml b/kibana/examples/upgrade/test/goss.yaml index 53a1a3292..5ed7422ad 100644 --- a/kibana/examples/upgrade/test/goss.yaml +++ b/kibana/examples/upgrade/test/goss.yaml @@ -3,7 +3,7 @@ http: status: 200 timeout: 2000 body: - - '"number":"7.12.0"' + - '"number":"7.13.0"' http://localhost:5601/app/kibana: status: 200 diff --git a/kibana/values.yaml b/kibana/values.yaml index a248ee0c3..af9fb58b0 100755 --- a/kibana/values.yaml +++ b/kibana/values.yaml @@ -35,7 +35,7 @@ hostAliases: [] # - "bar.local" image: "docker.elastic.co/kibana/kibana" -imageTag: "7.12.0-SNAPSHOT" +imageTag: "7.13.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" # additionals labels diff --git a/logstash/Chart.yaml b/logstash/Chart.yaml index 304bcb5a7..acae12fe5 100755 --- a/logstash/Chart.yaml +++ b/logstash/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: logstash -version: 7.12.0-SNAPSHOT -appVersion: 7.12.0-SNAPSHOT +version: 7.13.0-SNAPSHOT +appVersion: 7.13.0-SNAPSHOT sources: - https://github.com/elastic/logstash icon: https://helm.elastic.co/icons/logstash.png diff --git a/logstash/README.md b/logstash/README.md index 07cc3acae..3c0a03d22 100644 --- a/logstash/README.md +++ b/logstash/README.md @@ -44,7 +44,7 @@ See [supported configurations][] for more details. ## Installing -This chart is tested with the latest 7.12.0-SNAPSHOT version. +This chart is tested with the latest 7.13.0-SNAPSHOT version. ### Install released version using Helm repository @@ -62,8 +62,8 @@ This chart is tested with the latest 7.12.0-SNAPSHOT version. * Checkout the branch : `git checkout 7.x` * Install it: - - with Helm 3: `helm install logstash ./helm-charts/logstash --set imageTag=7.12.0-SNAPSHOT` - - with Helm 2 (deprecated): `helm install --name logstash ./helm-charts/logstash --set imageTag=7.12.0-SNAPSHOT` + - with Helm 3: `helm install logstash ./helm-charts/logstash --set imageTag=7.13.0-SNAPSHOT` + - with Helm 2 (deprecated): `helm install --name logstash ./helm-charts/logstash --set imageTag=7.13.0-SNAPSHOT` ## Upgrading @@ -120,7 +120,7 @@ useful for the [http input plugin][], for instance. | `httpPort` | The http port that Kubernetes will use for the healthchecks and the service | `9600` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The Logstash Docker image tag | `7.12.0-SNAPSHOT` | +| `imageTag` | The Logstash Docker image tag | `7.13.0-SNAPSHOT` | | `image` | The Logstash Docker image | `docker.elastic.co/logstash/logstash` | | `labels` | Configurable [labels][] applied to all Logstash pods | `{}` | | `ingress` | Configurable [ingress][] for external access to Logstash HTTP port. | see [values.yaml][] | diff --git a/logstash/examples/default/README.md b/logstash/examples/default/README.md index 7e7d60004..41b80baef 100644 --- a/logstash/examples/default/README.md +++ b/logstash/examples/default/README.md @@ -1,6 +1,6 @@ # Default -This example deploy Logstash 7.12.0-SNAPSHOT using [default values][]. +This example deploy Logstash 7.13.0-SNAPSHOT using [default values][]. ## Usage diff --git a/logstash/examples/default/test/goss.yaml b/logstash/examples/default/test/goss.yaml index dbe2fa2b9..83abad235 100644 --- a/logstash/examples/default/test/goss.yaml +++ b/logstash/examples/default/test/goss.yaml @@ -9,7 +9,7 @@ http: status: 200 timeout: 2000 body: - - '"version" : "7.12.0"' + - '"version" : "7.13.0"' - '"http_address" : "0.0.0.0:9600"' - '"status" : "green"' - '"workers" : 1' diff --git a/logstash/examples/elasticsearch/README.md b/logstash/examples/elasticsearch/README.md index 113ba1eb7..d7ce03970 100644 --- a/logstash/examples/elasticsearch/README.md +++ b/logstash/examples/elasticsearch/README.md @@ -1,6 +1,6 @@ # Elasticsearch -This example deploy Logstash 7.12.0-SNAPSHOT which connects to Elasticsearch (see +This example deploy Logstash 7.13.0-SNAPSHOT which connects to Elasticsearch (see [values][]). diff --git a/logstash/examples/elasticsearch/test/goss.yaml b/logstash/examples/elasticsearch/test/goss.yaml index 5fa73dede..9fd57998d 100644 --- a/logstash/examples/elasticsearch/test/goss.yaml +++ b/logstash/examples/elasticsearch/test/goss.yaml @@ -21,7 +21,7 @@ http: status: 200 timeout: 2000 body: - - '"version" : "7.12.0"' + - '"version" : "7.13.0"' - '"http_address" : "0.0.0.0:9600"' - '"status" : "green"' - '"workers" : 1' diff --git a/logstash/examples/oss/README.md b/logstash/examples/oss/README.md index 9a598c1dc..5bcb7ac8a 100644 --- a/logstash/examples/oss/README.md +++ b/logstash/examples/oss/README.md @@ -1,6 +1,6 @@ # OSS -This example deploy Logstash 7.12.0-SNAPSHOT using [Logstash OSS][] version. +This example deploy Logstash 7.13.0-SNAPSHOT using [Logstash OSS][] version. ## Usage diff --git a/logstash/examples/oss/test/goss.yaml b/logstash/examples/oss/test/goss.yaml index cf00a7bea..80e5ead13 100644 --- a/logstash/examples/oss/test/goss.yaml +++ b/logstash/examples/oss/test/goss.yaml @@ -9,7 +9,7 @@ http: status: 200 timeout: 2000 body: - - '"version" : "7.12.0"' + - '"version" : "7.13.0"' - '"http_address" : "0.0.0.0:9600"' - '"status" : "green"' - '"workers" : 1' diff --git a/logstash/examples/security/test/goss.yaml b/logstash/examples/security/test/goss.yaml index a3d1611ee..e850810b0 100644 --- a/logstash/examples/security/test/goss.yaml +++ b/logstash/examples/security/test/goss.yaml @@ -21,7 +21,7 @@ http: status: 200 timeout: 2000 body: - - '"version" : "7.12.0"' + - '"version" : "7.13.0"' - '"http_address" : "0.0.0.0:9600"' - '"status" : "green"' - '"workers" : 1' diff --git a/logstash/examples/upgrade/test/goss.yaml b/logstash/examples/upgrade/test/goss.yaml index dbe2fa2b9..83abad235 100644 --- a/logstash/examples/upgrade/test/goss.yaml +++ b/logstash/examples/upgrade/test/goss.yaml @@ -9,7 +9,7 @@ http: status: 200 timeout: 2000 body: - - '"version" : "7.12.0"' + - '"version" : "7.13.0"' - '"http_address" : "0.0.0.0:9600"' - '"status" : "green"' - '"workers" : 1' diff --git a/logstash/values.yaml b/logstash/values.yaml index b2028be6c..bfb2b748a 100755 --- a/logstash/values.yaml +++ b/logstash/values.yaml @@ -72,7 +72,7 @@ hostAliases: [] # - "bar.local" image: "docker.elastic.co/logstash/logstash" -imageTag: "7.12.0-SNAPSHOT" +imageTag: "7.13.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" imagePullSecrets: [] diff --git a/metricbeat/Chart.yaml b/metricbeat/Chart.yaml index 2bfa23c68..8ce8163ec 100755 --- a/metricbeat/Chart.yaml +++ b/metricbeat/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: metricbeat -version: 7.12.0-SNAPSHOT -appVersion: 7.12.0-SNAPSHOT +version: 7.13.0-SNAPSHOT +appVersion: 7.13.0-SNAPSHOT sources: - https://github.com/elastic/beats icon: https://helm.elastic.co/icons/beats.png diff --git a/metricbeat/README.md b/metricbeat/README.md index 2bcf11504..d540e80bb 100644 --- a/metricbeat/README.md +++ b/metricbeat/README.md @@ -41,7 +41,7 @@ See [supported configurations][] for more details. ## Installing -This chart is tested with the latest 7.12.0-SNAPSHOT version. +This chart is tested with the latest 7.13.0-SNAPSHOT version. ### Install released version using Helm repository @@ -60,8 +60,8 @@ This chart is tested with the latest 7.12.0-SNAPSHOT version. * Checkout the branch : `git checkout 7.x` * Install it: - - with Helm 3: `helm install metricbeat ./helm-charts/metricbeat --set imageTag=7.12.0-SNAPSHOT` - - with Helm 2 (deprecated): `helm install --name metricbeat ./helm-charts/metricbeat --set imageTag=7.12.0-SNAPSHOT` + - with Helm 3: `helm install metricbeat ./helm-charts/metricbeat --set imageTag=7.13.0-SNAPSHOT` + - with Helm 2 (deprecated): `helm install --name metricbeat ./helm-charts/metricbeat --set imageTag=7.13.0-SNAPSHOT` ## Upgrading @@ -131,7 +131,7 @@ as a reference. They are also used in the automated testing of this chart. | `hostPathRoot` | Fully-qualified [hostPath][] that will be used to persist Metricbeat registry data | `/var/lib` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The Metricbeat Docker image tag | `7.12.0-SNAPSHOT` | +| `imageTag` | The Metricbeat Docker image tag | `7.13.0-SNAPSHOT` | | `image` | The Metricbeat Docker image | `docker.elastic.co/beats/metricbeat` | | `kube_state_metrics.enabled` | Install [kube-state-metrics](https://github.com/helm/charts/tree/master/stable/kube-state-metrics) as a dependency | `true` | | `kube_state_metrics.host` | Define kube-state-metrics endpoint for an existing deployment. Works only if `kube_state_metrics.enabled: false` | `""` | diff --git a/metricbeat/examples/default/README.md b/metricbeat/examples/default/README.md index 8c3db7411..66ef8e57a 100644 --- a/metricbeat/examples/default/README.md +++ b/metricbeat/examples/default/README.md @@ -1,6 +1,6 @@ # Default -This example deploy Metricbeat 7.12.0-SNAPSHOT using [default values][]. +This example deploy Metricbeat 7.13.0-SNAPSHOT using [default values][]. ## Usage diff --git a/metricbeat/examples/default/test/goss-metrics.yaml b/metricbeat/examples/default/test/goss-metrics.yaml index 7ed9e54fb..1afbb4265 100644 --- a/metricbeat/examples/default/test/goss-metrics.yaml +++ b/metricbeat/examples/default/test/goss-metrics.yaml @@ -21,13 +21,13 @@ http: status: 200 timeout: 2000 body: - - "metricbeat-7.12.0" + - "metricbeat-7.13.0" 'http://elasticsearch-master:9200/_search?q=metricset.name:state_container%20AND%20kubernetes.container.name:metricbeat': status: 200 timeout: 2000 body: - - "metricbeat-7.12.0" + - "metricbeat-7.13.0" file: /usr/share/metricbeat/metricbeat.yml: @@ -41,4 +41,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: http://elasticsearch-master:9200' - - 'version: 7.12.0' + - 'version: 7.13.0' diff --git a/metricbeat/examples/default/test/goss.yaml b/metricbeat/examples/default/test/goss.yaml index d87116b95..2e9e29b64 100644 --- a/metricbeat/examples/default/test/goss.yaml +++ b/metricbeat/examples/default/test/goss.yaml @@ -25,12 +25,12 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.12.0' + - 'metricbeat-7.13.0' 'http://elasticsearch-master:9200/_search?q=metricset.name:container%20AND%20kubernetes.container.name:metricbeat': status: 200 timeout: 2000 body: - - 'metricbeat-7.12.0' + - 'metricbeat-7.13.0' file: /usr/share/metricbeat/metricbeat.yml: @@ -45,4 +45,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: http://elasticsearch-master:9200' - - 'version: 7.12.0' + - 'version: 7.13.0' diff --git a/metricbeat/examples/oss/README.md b/metricbeat/examples/oss/README.md index 5cb6452bc..67bb5c9cb 100644 --- a/metricbeat/examples/oss/README.md +++ b/metricbeat/examples/oss/README.md @@ -1,6 +1,6 @@ # OSS -This example deploy Metricbeat 7.12.0-SNAPSHOT using [Metricbeat OSS][] version. +This example deploy Metricbeat 7.13.0-SNAPSHOT using [Metricbeat OSS][] version. ## Usage diff --git a/metricbeat/examples/oss/test/goss-metrics.yaml b/metricbeat/examples/oss/test/goss-metrics.yaml index 51f868106..482e5b61e 100644 --- a/metricbeat/examples/oss/test/goss-metrics.yaml +++ b/metricbeat/examples/oss/test/goss-metrics.yaml @@ -21,12 +21,12 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-oss-7.12.0' + - 'metricbeat-oss-7.13.0' http://elasticsearch-master:9200/_search?q=metricset.name:state_deployment: status: 200 timeout: 2000 body: - - 'metricbeat-oss-7.12.0' + - 'metricbeat-oss-7.13.0' file: /usr/share/metricbeat/metricbeat.yml: diff --git a/metricbeat/examples/oss/test/goss.yaml b/metricbeat/examples/oss/test/goss.yaml index 890f0bd95..686dddcb1 100644 --- a/metricbeat/examples/oss/test/goss.yaml +++ b/metricbeat/examples/oss/test/goss.yaml @@ -25,12 +25,12 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-oss-7.12.0' + - 'metricbeat-oss-7.13.0' http://elasticsearch-master:9200/_search?q=metricset.name:container: status: 200 timeout: 2000 body: - - 'metricbeat-oss-7.12.0' + - 'metricbeat-oss-7.13.0' file: /usr/share/metricbeat/metricbeat.yml: diff --git a/metricbeat/examples/security/README.md b/metricbeat/examples/security/README.md index 5bdf95988..0514206e9 100644 --- a/metricbeat/examples/security/README.md +++ b/metricbeat/examples/security/README.md @@ -1,6 +1,6 @@ # Security -This example deploy Metricbeat 7.12.0-SNAPSHOT using authentication and TLS to connect to +This example deploy Metricbeat 7.13.0-SNAPSHOT using authentication and TLS to connect to Elasticsearch (see [values][]). diff --git a/metricbeat/examples/security/test/goss-metrics.yaml b/metricbeat/examples/security/test/goss-metrics.yaml index 6982d8be8..168b02260 100644 --- a/metricbeat/examples/security/test/goss-metrics.yaml +++ b/metricbeat/examples/security/test/goss-metrics.yaml @@ -21,7 +21,7 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.12.0' + - 'metricbeat-7.13.0' allow-insecure: true username: '{{ .Env.ELASTICSEARCH_USERNAME }}' password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' @@ -29,7 +29,7 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.12.0' + - 'metricbeat-7.13.0' allow-insecure: true username: '{{ .Env.ELASTICSEARCH_USERNAME }}' password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' @@ -45,4 +45,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: https://security-master:9200' - - 'version: 7.12.0' + - 'version: 7.13.0' diff --git a/metricbeat/examples/security/test/goss.yaml b/metricbeat/examples/security/test/goss.yaml index 5ace7dc76..5915c35c5 100644 --- a/metricbeat/examples/security/test/goss.yaml +++ b/metricbeat/examples/security/test/goss.yaml @@ -25,7 +25,7 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.12.0' + - 'metricbeat-7.13.0' allow-insecure: true username: '{{ .Env.ELASTICSEARCH_USERNAME }}' password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' @@ -33,7 +33,7 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.12.0' + - 'metricbeat-7.13.0' allow-insecure: true username: '{{ .Env.ELASTICSEARCH_USERNAME }}' password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' @@ -50,4 +50,4 @@ command: exit-status: 0 stdout: - 'elasticsearch: https://security-master:9200' - - 'version: 7.12.0' + - 'version: 7.13.0' diff --git a/metricbeat/examples/upgrade/test/goss-metrics.yaml b/metricbeat/examples/upgrade/test/goss-metrics.yaml index bd510e19d..a542fbc8a 100644 --- a/metricbeat/examples/upgrade/test/goss-metrics.yaml +++ b/metricbeat/examples/upgrade/test/goss-metrics.yaml @@ -21,13 +21,13 @@ http: status: 200 timeout: 2000 body: - - "metricbeat-7.12.0" + - "metricbeat-7.13.0" ? "http://upgrade-master:9200/_search?q=metricset.name:state_container%20AND%20kubernetes.container.name:metricbeat" : status: 200 timeout: 2000 body: - - "metricbeat-7.12.0" + - "metricbeat-7.13.0" file: /usr/share/metricbeat/metricbeat.yml: diff --git a/metricbeat/examples/upgrade/test/goss.yaml b/metricbeat/examples/upgrade/test/goss.yaml index 67461fe5d..7057b3991 100644 --- a/metricbeat/examples/upgrade/test/goss.yaml +++ b/metricbeat/examples/upgrade/test/goss.yaml @@ -25,12 +25,12 @@ http: status: 200 timeout: 2000 body: - - "metricbeat-7.12.0" + - "metricbeat-7.13.0" ? "http://upgrade-master:9200/_search?q=metricset.name:container%20AND%20kubernetes.container.name:metricbeat" : status: 200 timeout: 2000 body: - - "metricbeat-7.12.0" + - "metricbeat-7.13.0" file: /usr/share/metricbeat/metricbeat.yml: diff --git a/metricbeat/values.yaml b/metricbeat/values.yaml index 830fbe386..112ecfb83 100755 --- a/metricbeat/values.yaml +++ b/metricbeat/values.yaml @@ -181,7 +181,7 @@ extraInitContainers: "" hostPathRoot: /var/lib image: "docker.elastic.co/beats/metricbeat" -imageTag: "7.12.0-SNAPSHOT" +imageTag: "7.13.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" imagePullSecrets: [] From 8398eca08ad0e4b2eea0a8b5d179fc119733b22f Mon Sep 17 00:00:00 2001 From: Conky5 Date: Tue, 23 Mar 2021 10:34:29 -0400 Subject: [PATCH 140/151] Remove slack notification Remove the CI slack notification, these tests are too flaky and create a lot of non-actionable noise in this notification room. Backport of https://github.com/elastic/helm-charts/pull/1119 --- .ci/jobs.t/elastic+helm-charts+{branch}.yml | 7 ------- 1 file changed, 7 deletions(-) diff --git a/.ci/jobs.t/elastic+helm-charts+{branch}.yml b/.ci/jobs.t/elastic+helm-charts+{branch}.yml index 3b02beb85..f526b0db9 100644 --- a/.ci/jobs.t/elastic+helm-charts+{branch}.yml +++ b/.ci/jobs.t/elastic+helm-charts+{branch}.yml @@ -46,10 +46,3 @@ - project: elastic+helm-charts+%BRANCH%+cluster-cleanup current-parameters: false trigger-with-no-params: true - - slack: - notify-back-to-normal: True - notify-every-failure: True - room: infra-release-notify - team-domain: elastic - auth-token-id: release-slack-integration-token - auth-token-credential-id: release-slack-integration-token From b97d46edf68d2ec5c10da36fc6c43a8c746ac827 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Tue, 13 Apr 2021 07:54:20 +0200 Subject: [PATCH 141/151] [7.x] [meta] add tests for k8s 1.18 and remove 1.15 (#1141) (#1144) This commit remove tests on GKE 1.15 and add tests on GKE 1.18 following new GKE version updates: https://cloud.google.com/kubernetes-engine/docs/release-notes#April_06_2021 --- helpers/matrix.yml | 2 +- helpers/terraform/Makefile | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/helpers/matrix.yml b/helpers/matrix.yml index b1c44fab0..00bf37aad 100644 --- a/helpers/matrix.yml +++ b/helpers/matrix.yml @@ -38,6 +38,6 @@ APM_SERVER_SUITE: - security - upgrade KUBERNETES_VERSION: - - "1.15" - "1.16" - "1.17" + - "1.18" diff --git a/helpers/terraform/Makefile b/helpers/terraform/Makefile index 25e516db0..639ef285a 100644 --- a/helpers/terraform/Makefile +++ b/helpers/terraform/Makefile @@ -1,6 +1,6 @@ GOOGLE_PROJECT := elastic-ci-prod CLUSTER_NAME := helm-elasticsearch-test -KUBERNETES_VERSION := 1.15 +KUBERNETES_VERSION := 1.16 CHART := elasticsearch SUITE := default NAMESPACE := helm-charts-testing From 4b5bcadcfa91a64f4d4f883881e751cd40e19d3c Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Tue, 13 Apr 2021 08:33:29 +0200 Subject: [PATCH 142/151] [7.x] [meta] update PyYAML dependencies (#1140) (#1147) This commit bump PyYAML dependencies to fix CVE-2020-14343 more details: https://github.com/advisories/GHSA-8q59-q68h-6hv4 --- helpers/helm-tester/requirements.txt | 2 +- requirements.txt | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/helpers/helm-tester/requirements.txt b/helpers/helm-tester/requirements.txt index 5c1ffd763..d7ac62303 100644 --- a/helpers/helm-tester/requirements.txt +++ b/helpers/helm-tester/requirements.txt @@ -5,6 +5,6 @@ more-itertools==7.2.0 pluggy==0.13.0 py==1.8.0 pytest==4.1.0 -PyYAML==4.2b4 +PyYAML==5.4 six==1.12.0 zipp==0.6.0 diff --git a/requirements.txt b/requirements.txt index 420c28292..d940c204e 100644 --- a/requirements.txt +++ b/requirements.txt @@ -6,6 +6,6 @@ more-itertools==7.2.0 pluggy==0.13.0 py==1.8.0 pytest==4.1.0 -PyYAML==4.2b4 +PyYAML==5.4 six==1.12.0 zipp==0.6.0 From 0294334c5973a6e1e53e7c45610fdfad0aba1b89 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Fri, 23 Apr 2021 18:48:33 +0200 Subject: [PATCH 143/151] [7.x] [elasticsearch] heap size is no longer defaulted to 1g (#1135) (#1159) see #1089 Co-authored-by: AndreasChristianson <33329956+AndreasChristianson@users.noreply.github.com> --- elasticsearch/README.md | 142 ++++++++++++++++++++-------------------- 1 file changed, 71 insertions(+), 71 deletions(-) diff --git a/elasticsearch/README.md b/elasticsearch/README.md index 0e4722b4b..cd481510f 100644 --- a/elasticsearch/README.md +++ b/elasticsearch/README.md @@ -108,77 +108,77 @@ support multiple versions with minimal changes. ## Configuration -| Parameter | Description | Default | -|------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------| -| `antiAffinityTopologyKey` | The [anti-affinity][] topology key. By default this will prevent multiple Elasticsearch nodes from running on the same Kubernetes node | `kubernetes.io/hostname` | -| `antiAffinity` | Setting this to hard enforces the [anti-affinity][] rules. If it is set to soft it will be done "best effort". Other values will be ignored | `hard` | -| `clusterHealthCheckParams` | The [Elasticsearch cluster health status params][] that will be used by readiness [probe][] command | `wait_for_status=green&timeout=1s` | -| `clusterName` | This will be used as the Elasticsearch [cluster.name][] and should be unique per cluster in the namespace | `elasticsearch` | -| `enableServiceLinks` | Set to false to disabling service links, which can cause slow pod startup times when there are many services in the current namespace. | `true` | -| `envFrom` | Templatable string to be passed to the [environment from variables][] which will be appended to the `envFrom:` definition for the container | `[]` | -| `esConfig` | Allows you to add any config files in `/usr/share/elasticsearch/config/` such as `elasticsearch.yml` and `log4j2.properties`. See [values.yaml][] for an example of the formatting | `{}` | -| `esJavaOpts` | [Java options][] for Elasticsearch. This is where you should configure the [jvm heap size][] | `-Xmx1g -Xms1g` | -| `esMajorVersion` | Used to set major version specific configuration. If you are using a custom image and not running the default Elasticsearch version you will need to set this to the version you are running (e.g. `esMajorVersion: 6`) | `""` | -| `extraContainers` | Templatable string of additional `containers` to be passed to the `tpl` function | `""` | -| `extraEnvs` | Extra [environment variables][] which will be appended to the `env:` definition for the container | `[]` | -| `extraInitContainers` | Templatable string of additional `initContainers` to be passed to the `tpl` function | `""` | -| `extraVolumeMounts` | Templatable string of additional `volumeMounts` to be passed to the `tpl` function | `""` | -| `extraVolumes` | Templatable string of additional `volumes` to be passed to the `tpl` function | `""` | -| `fullnameOverride` | Overrides the `clusterName` and `nodeGroup` when used in the naming of resources. This should only be used when using a single `nodeGroup`, otherwise you will have name conflicts | `""` | -| `hostAliases` | Configurable [hostAliases][] | `[]` | -| `httpPort` | The http port that Kubernetes will use for the healthchecks and the service. If you change this you will also need to set [http.port][] in `extraEnvs` | `9200` | -| `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | -| `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The Elasticsearch Docker image tag | `7.13.0-SNAPSHOT` | -| `image` | The Elasticsearch Docker image | `docker.elastic.co/elasticsearch/elasticsearch` | -| `ingress` | Configurable [ingress][] to expose the Elasticsearch service. See [values.yaml][] for an example | see [values.yaml][] | -| `initResources` | Allows you to set the [resources][] for the `initContainer` in the StatefulSet | `{}` | -| `keystore` | Allows you map Kubernetes secrets into the keystore. See the [config example][] and [how to use the keystore][] | `[]` | -| `labels` | Configurable [labels][] applied to all Elasticsearch pods | `{}` | -| `lifecycle` | Allows you to add [lifecycle hooks][]. See [values.yaml][] for an example of the formatting | `{}` | -| `masterService` | The service name used to connect to the masters. You only need to set this if your master `nodeGroup` is set to something other than `master`. See [Clustering and Node Discovery][] for more information | `""` | -| `masterTerminationFix` | A workaround needed for Elasticsearch < 7.2 to prevent master status being lost during restarts [#63][] | `false` | -| `maxUnavailable` | The [maxUnavailable][] value for the pod disruption budget. By default this will prevent Kubernetes from having more than 1 unhealthy pod in the node group | `1` | -| `minimumMasterNodes` | The value for [discovery.zen.minimum_master_nodes][]. Should be set to `(master_eligible_nodes / 2) + 1`. Ignored in Elasticsearch versions >= 7 | `2` | -| `nameOverride` | Overrides the `clusterName` when used in the naming of resources | `""` | -| `networkHost` | Value for the [network.host Elasticsearch setting][] | `0.0.0.0` | -| `networkPolicy` | The [NetworkPolicy](https://kubernetes.io/docs/concepts/services-networking/network-policies/) to set. See [`values.yaml`](./values.yaml) for an example | `{http.enabled: false,transport.enabled: false}`| -| `nodeAffinity` | Value for the [node affinity settings][] | `{}` | -| `nodeGroup` | This is the name that will be used for each group of nodes in the cluster. The name will be `clusterName-nodeGroup-X` , `nameOverride-nodeGroup-X` if a `nameOverride` is specified, and `fullnameOverride-X` if a `fullnameOverride` is specified | `master` | -| `nodeSelector` | Configurable [nodeSelector][] so that you can target specific nodes for your Elasticsearch cluster | `{}` | -| `persistence` | Enables a persistent volume for Elasticsearch data. Can be disabled for nodes that only have [roles][] which don't require persistent data | see [values.yaml][] | -| `podAnnotations` | Configurable [annotations][] applied to all Elasticsearch pods | `{}` | -| `podManagementPolicy` | By default Kubernetes [deploys StatefulSets serially][]. This deploys them in parallel so that they can discover each other | `Parallel` | -| `podSecurityContext` | Allows you to set the [securityContext][] for the pod | see [values.yaml][] | -| `podSecurityPolicy` | Configuration for create a pod security policy with minimal permissions to run this Helm chart with `create: true`. Also can be used to reference an external pod security policy with `name: "externalPodSecurityPolicy"` | see [values.yaml][] | -| `priorityClassName` | The name of the [PriorityClass][]. No default is supplied as the PriorityClass must be created first | `""` | -| `protocol` | The protocol that will be used for the readiness [probe][]. Change this to `https` if you have `xpack.security.http.ssl.enabled` set | `http` | -| `rbac` | Configuration for creating a role, role binding and ServiceAccount as part of this Helm chart with `create: true`. Also can be used to reference an external ServiceAccount with `serviceAccountName: "externalServiceAccountName"` | see [values.yaml][] | -| `readinessProbe` | Configuration fields for the readiness [probe][] | see [values.yaml][] | -| `replicas` | Kubernetes replica count for the StatefulSet (i.e. how many pods) | `3` | -| `resources` | Allows you to set the [resources][] for the StatefulSet | see [values.yaml][] | -| `roles` | A hash map with the specific [roles][] for the `nodeGroup` | see [values.yaml][] | -| `schedulerName` | Name of the [alternate scheduler][] | `""` | -| `secretMounts` | Allows you easily mount a secret as a file inside the StatefulSet. Useful for mounting certificates and other secrets. See [values.yaml][] for an example | `[]` | -| `securityContext` | Allows you to set the [securityContext][] for the container | see [values.yaml][] | -| `service.annotations` | [LoadBalancer annotations][] that Kubernetes will use for the service. This will configure load balancer if `service.type` is `LoadBalancer` | `{}` | -| `service.externalTrafficPolicy` | Some cloud providers allow you to specify the [LoadBalancer externalTrafficPolicy][]. Kubernetes will use this to preserve the client source IP. This will configure load balancer if `service.type` is `LoadBalancer` | `""` | -| `service.httpPortName` | The name of the http port within the service | `http` | -| `service.labelsHeadless` | Labels to be added to headless service | `{}` | -| `service.labels` | Labels to be added to non-headless service | `{}` | -| `service.loadBalancerIP` | Some cloud providers allow you to specify the [loadBalancer][] IP. If the `loadBalancerIP` field is not specified, the IP is dynamically assigned. If you specify a `loadBalancerIP` but your cloud provider does not support the feature, it is ignored. | `""` | -| `service.loadBalancerSourceRanges` | The IP ranges that are allowed to access | `[]` | -| `service.nodePort` | Custom [nodePort][] port that can be set if you are using `service.type: nodePort` | `""` | -| `service.transportPortName` | The name of the transport port within the service | `transport` | -| `service.type` | Elasticsearch [Service Types][] | `ClusterIP` | -| `sidecarResources` | Allows you to set the [resources][] for the sidecar containers in the StatefulSet | {} | -| `sysctlInitContainer` | Allows you to disable the `sysctlInitContainer` if you are setting [sysctl vm.max_map_count][] with another method | `enabled: true` | -| `sysctlVmMaxMapCount` | Sets the [sysctl vm.max_map_count][] needed for Elasticsearch | `262144` | -| `terminationGracePeriod` | The [terminationGracePeriod][] in seconds used when trying to stop the pod | `120` | -| `tolerations` | Configurable [tolerations][] | `[]` | -| `transportPort` | The transport port that Kubernetes will use for the service. If you change this you will also need to set [transport port configuration][] in `extraEnvs` | `9300` | -| `updateStrategy` | The [updateStrategy][] for the StatefulSet. By default Kubernetes will wait for the cluster to be green after upgrading each pod. Setting this to `OnDelete` will allow you to manually delete each pod during upgrades | `RollingUpdate` | -| `volumeClaimTemplate` | Configuration for the [volumeClaimTemplate for StatefulSets][]. You will want to adjust the storage (default `30Gi` ) and the `storageClassName` if you are using a different storage class | see [values.yaml][] | +| Parameter | Description | Default | +|------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------| +| `antiAffinityTopologyKey` | The [anti-affinity][] topology key. By default this will prevent multiple Elasticsearch nodes from running on the same Kubernetes node | `kubernetes.io/hostname` | +| `antiAffinity` | Setting this to hard enforces the [anti-affinity][] rules. If it is set to soft it will be done "best effort". Other values will be ignored | `hard` | +| `clusterHealthCheckParams` | The [Elasticsearch cluster health status params][] that will be used by readiness [probe][] command | `wait_for_status=green&timeout=1s` | +| `clusterName` | This will be used as the Elasticsearch [cluster.name][] and should be unique per cluster in the namespace | `elasticsearch` | +| `enableServiceLinks` | Set to false to disabling service links, which can cause slow pod startup times when there are many services in the current namespace. | `true` | +| `envFrom` | Templatable string to be passed to the [environment from variables][] which will be appended to the `envFrom:` definition for the container | `[]` | +| `esConfig` | Allows you to add any config files in `/usr/share/elasticsearch/config/` such as `elasticsearch.yml` and `log4j2.properties`. See [values.yaml][] for an example of the formatting | `{}` | +| `esJavaOpts` | [Java options][] for Elasticsearch. This is where you could configure the [jvm heap size][] | `""` | +| `esMajorVersion` | Used to set major version specific configuration. If you are using a custom image and not running the default Elasticsearch version you will need to set this to the version you are running (e.g. `esMajorVersion: 6`) | `""` | +| `extraContainers` | Templatable string of additional `containers` to be passed to the `tpl` function | `""` | +| `extraEnvs` | Extra [environment variables][] which will be appended to the `env:` definition for the container | `[]` | +| `extraInitContainers` | Templatable string of additional `initContainers` to be passed to the `tpl` function | `""` | +| `extraVolumeMounts` | Templatable string of additional `volumeMounts` to be passed to the `tpl` function | `""` | +| `extraVolumes` | Templatable string of additional `volumes` to be passed to the `tpl` function | `""` | +| `fullnameOverride` | Overrides the `clusterName` and `nodeGroup` when used in the naming of resources. This should only be used when using a single `nodeGroup`, otherwise you will have name conflicts | `""` | +| `hostAliases` | Configurable [hostAliases][] | `[]` | +| `httpPort` | The http port that Kubernetes will use for the healthchecks and the service. If you change this you will also need to set [http.port][] in `extraEnvs` | `9200` | +| `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | +| `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | +| `imageTag` | The Elasticsearch Docker image tag | `7.13.0-SNAPSHOT` | +| `image` | The Elasticsearch Docker image | `docker.elastic.co/elasticsearch/elasticsearch` | +| `ingress` | Configurable [ingress][] to expose the Elasticsearch service. See [values.yaml][] for an example | see [values.yaml][] | +| `initResources` | Allows you to set the [resources][] for the `initContainer` in the StatefulSet | `{}` | +| `keystore` | Allows you map Kubernetes secrets into the keystore. See the [config example][] and [how to use the keystore][] | `[]` | +| `labels` | Configurable [labels][] applied to all Elasticsearch pods | `{}` | +| `lifecycle` | Allows you to add [lifecycle hooks][]. See [values.yaml][] for an example of the formatting | `{}` | +| `masterService` | The service name used to connect to the masters. You only need to set this if your master `nodeGroup` is set to something other than `master`. See [Clustering and Node Discovery][] for more information | `""` | +| `masterTerminationFix` | A workaround needed for Elasticsearch < 7.2 to prevent master status being lost during restarts [#63][] | `false` | +| `maxUnavailable` | The [maxUnavailable][] value for the pod disruption budget. By default this will prevent Kubernetes from having more than 1 unhealthy pod in the node group | `1` | +| `minimumMasterNodes` | The value for [discovery.zen.minimum_master_nodes][]. Should be set to `(master_eligible_nodes / 2) + 1`. Ignored in Elasticsearch versions >= 7 | `2` | +| `nameOverride` | Overrides the `clusterName` when used in the naming of resources | `""` | +| `networkHost` | Value for the [network.host Elasticsearch setting][] | `0.0.0.0` | +| `networkPolicy` | The [NetworkPolicy](https://kubernetes.io/docs/concepts/services-networking/network-policies/) to set. See [`values.yaml`](./values.yaml) for an example | `{http.enabled: false,transport.enabled: false}` | +| `nodeAffinity` | Value for the [node affinity settings][] | `{}` | +| `nodeGroup` | This is the name that will be used for each group of nodes in the cluster. The name will be `clusterName-nodeGroup-X` , `nameOverride-nodeGroup-X` if a `nameOverride` is specified, and `fullnameOverride-X` if a `fullnameOverride` is specified | `master` | +| `nodeSelector` | Configurable [nodeSelector][] so that you can target specific nodes for your Elasticsearch cluster | `{}` | +| `persistence` | Enables a persistent volume for Elasticsearch data. Can be disabled for nodes that only have [roles][] which don't require persistent data | see [values.yaml][] | +| `podAnnotations` | Configurable [annotations][] applied to all Elasticsearch pods | `{}` | +| `podManagementPolicy` | By default Kubernetes [deploys StatefulSets serially][]. This deploys them in parallel so that they can discover each other | `Parallel` | +| `podSecurityContext` | Allows you to set the [securityContext][] for the pod | see [values.yaml][] | +| `podSecurityPolicy` | Configuration for create a pod security policy with minimal permissions to run this Helm chart with `create: true`. Also can be used to reference an external pod security policy with `name: "externalPodSecurityPolicy"` | see [values.yaml][] | +| `priorityClassName` | The name of the [PriorityClass][]. No default is supplied as the PriorityClass must be created first | `""` | +| `protocol` | The protocol that will be used for the readiness [probe][]. Change this to `https` if you have `xpack.security.http.ssl.enabled` set | `http` | +| `rbac` | Configuration for creating a role, role binding and ServiceAccount as part of this Helm chart with `create: true`. Also can be used to reference an external ServiceAccount with `serviceAccountName: "externalServiceAccountName"` | see [values.yaml][] | +| `readinessProbe` | Configuration fields for the readiness [probe][] | see [values.yaml][] | +| `replicas` | Kubernetes replica count for the StatefulSet (i.e. how many pods) | `3` | +| `resources` | Allows you to set the [resources][] for the StatefulSet | see [values.yaml][] | +| `roles` | A hash map with the specific [roles][] for the `nodeGroup` | see [values.yaml][] | +| `schedulerName` | Name of the [alternate scheduler][] | `""` | +| `secretMounts` | Allows you easily mount a secret as a file inside the StatefulSet. Useful for mounting certificates and other secrets. See [values.yaml][] for an example | `[]` | +| `securityContext` | Allows you to set the [securityContext][] for the container | see [values.yaml][] | +| `service.annotations` | [LoadBalancer annotations][] that Kubernetes will use for the service. This will configure load balancer if `service.type` is `LoadBalancer` | `{}` | +| `service.externalTrafficPolicy` | Some cloud providers allow you to specify the [LoadBalancer externalTrafficPolicy][]. Kubernetes will use this to preserve the client source IP. This will configure load balancer if `service.type` is `LoadBalancer` | `""` | +| `service.httpPortName` | The name of the http port within the service | `http` | +| `service.labelsHeadless` | Labels to be added to headless service | `{}` | +| `service.labels` | Labels to be added to non-headless service | `{}` | +| `service.loadBalancerIP` | Some cloud providers allow you to specify the [loadBalancer][] IP. If the `loadBalancerIP` field is not specified, the IP is dynamically assigned. If you specify a `loadBalancerIP` but your cloud provider does not support the feature, it is ignored. | `""` | +| `service.loadBalancerSourceRanges` | The IP ranges that are allowed to access | `[]` | +| `service.nodePort` | Custom [nodePort][] port that can be set if you are using `service.type: nodePort` | `""` | +| `service.transportPortName` | The name of the transport port within the service | `transport` | +| `service.type` | Elasticsearch [Service Types][] | `ClusterIP` | +| `sidecarResources` | Allows you to set the [resources][] for the sidecar containers in the StatefulSet | {} | +| `sysctlInitContainer` | Allows you to disable the `sysctlInitContainer` if you are setting [sysctl vm.max_map_count][] with another method | `enabled: true` | +| `sysctlVmMaxMapCount` | Sets the [sysctl vm.max_map_count][] needed for Elasticsearch | `262144` | +| `terminationGracePeriod` | The [terminationGracePeriod][] in seconds used when trying to stop the pod | `120` | +| `tolerations` | Configurable [tolerations][] | `[]` | +| `transportPort` | The transport port that Kubernetes will use for the service. If you change this you will also need to set [transport port configuration][] in `extraEnvs` | `9300` | +| `updateStrategy` | The [updateStrategy][] for the StatefulSet. By default Kubernetes will wait for the cluster to be green after upgrading each pod. Setting this to `OnDelete` will allow you to manually delete each pod during upgrades | `RollingUpdate` | +| `volumeClaimTemplate` | Configuration for the [volumeClaimTemplate for StatefulSets][]. You will want to adjust the storage (default `30Gi` ) and the `storageClassName` if you are using a different storage class | see [values.yaml][] | ### Deprecated From e38c292d10fe7717b1dcfbbfa5b39ca24f1b1732 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Fri, 23 Apr 2021 18:55:38 +0200 Subject: [PATCH 144/151] [7.x] [meta] update backport config for 7.12 branch (#1112) (#1165) This commits update sqren/backport config to handle `7.12` branch. Also remove `7.10` and `7.11` branchs. --- .backportrc.json | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.backportrc.json b/.backportrc.json index 94675147c..379e703e1 100644 --- a/.backportrc.json +++ b/.backportrc.json @@ -1,6 +1,10 @@ { "upstream": "elastic/helm-charts", - "targetBranchChoices": ["6.8", "7.10", "7.11", "7.x"], + "targetBranchChoices": [ + "6.8", + "7.12", + "7.x" + ], "all": true, "prFilter": "label:need-backport", "targetPRLabels": ["backport"], From 8f7af49958fd3d70f01b54e61063822373c0bb81 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Fri, 23 Apr 2021 19:06:32 +0200 Subject: [PATCH 145/151] [7.x] [elasticsearch] Mark esMajorVersion as deprecated (#1109) (#1168) Co-authored-by: Karoline Pauls <43616133+karolinepauls@users.noreply.github.com> --- elasticsearch/README.md | 142 ++++++++++++++++++++-------------------- 1 file changed, 71 insertions(+), 71 deletions(-) diff --git a/elasticsearch/README.md b/elasticsearch/README.md index cd481510f..362fd6795 100644 --- a/elasticsearch/README.md +++ b/elasticsearch/README.md @@ -108,77 +108,77 @@ support multiple versions with minimal changes. ## Configuration -| Parameter | Description | Default | -|------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------| -| `antiAffinityTopologyKey` | The [anti-affinity][] topology key. By default this will prevent multiple Elasticsearch nodes from running on the same Kubernetes node | `kubernetes.io/hostname` | -| `antiAffinity` | Setting this to hard enforces the [anti-affinity][] rules. If it is set to soft it will be done "best effort". Other values will be ignored | `hard` | -| `clusterHealthCheckParams` | The [Elasticsearch cluster health status params][] that will be used by readiness [probe][] command | `wait_for_status=green&timeout=1s` | -| `clusterName` | This will be used as the Elasticsearch [cluster.name][] and should be unique per cluster in the namespace | `elasticsearch` | -| `enableServiceLinks` | Set to false to disabling service links, which can cause slow pod startup times when there are many services in the current namespace. | `true` | -| `envFrom` | Templatable string to be passed to the [environment from variables][] which will be appended to the `envFrom:` definition for the container | `[]` | -| `esConfig` | Allows you to add any config files in `/usr/share/elasticsearch/config/` such as `elasticsearch.yml` and `log4j2.properties`. See [values.yaml][] for an example of the formatting | `{}` | -| `esJavaOpts` | [Java options][] for Elasticsearch. This is where you could configure the [jvm heap size][] | `""` | -| `esMajorVersion` | Used to set major version specific configuration. If you are using a custom image and not running the default Elasticsearch version you will need to set this to the version you are running (e.g. `esMajorVersion: 6`) | `""` | -| `extraContainers` | Templatable string of additional `containers` to be passed to the `tpl` function | `""` | -| `extraEnvs` | Extra [environment variables][] which will be appended to the `env:` definition for the container | `[]` | -| `extraInitContainers` | Templatable string of additional `initContainers` to be passed to the `tpl` function | `""` | -| `extraVolumeMounts` | Templatable string of additional `volumeMounts` to be passed to the `tpl` function | `""` | -| `extraVolumes` | Templatable string of additional `volumes` to be passed to the `tpl` function | `""` | -| `fullnameOverride` | Overrides the `clusterName` and `nodeGroup` when used in the naming of resources. This should only be used when using a single `nodeGroup`, otherwise you will have name conflicts | `""` | -| `hostAliases` | Configurable [hostAliases][] | `[]` | -| `httpPort` | The http port that Kubernetes will use for the healthchecks and the service. If you change this you will also need to set [http.port][] in `extraEnvs` | `9200` | -| `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | -| `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The Elasticsearch Docker image tag | `7.13.0-SNAPSHOT` | -| `image` | The Elasticsearch Docker image | `docker.elastic.co/elasticsearch/elasticsearch` | -| `ingress` | Configurable [ingress][] to expose the Elasticsearch service. See [values.yaml][] for an example | see [values.yaml][] | -| `initResources` | Allows you to set the [resources][] for the `initContainer` in the StatefulSet | `{}` | -| `keystore` | Allows you map Kubernetes secrets into the keystore. See the [config example][] and [how to use the keystore][] | `[]` | -| `labels` | Configurable [labels][] applied to all Elasticsearch pods | `{}` | -| `lifecycle` | Allows you to add [lifecycle hooks][]. See [values.yaml][] for an example of the formatting | `{}` | -| `masterService` | The service name used to connect to the masters. You only need to set this if your master `nodeGroup` is set to something other than `master`. See [Clustering and Node Discovery][] for more information | `""` | -| `masterTerminationFix` | A workaround needed for Elasticsearch < 7.2 to prevent master status being lost during restarts [#63][] | `false` | -| `maxUnavailable` | The [maxUnavailable][] value for the pod disruption budget. By default this will prevent Kubernetes from having more than 1 unhealthy pod in the node group | `1` | -| `minimumMasterNodes` | The value for [discovery.zen.minimum_master_nodes][]. Should be set to `(master_eligible_nodes / 2) + 1`. Ignored in Elasticsearch versions >= 7 | `2` | -| `nameOverride` | Overrides the `clusterName` when used in the naming of resources | `""` | -| `networkHost` | Value for the [network.host Elasticsearch setting][] | `0.0.0.0` | -| `networkPolicy` | The [NetworkPolicy](https://kubernetes.io/docs/concepts/services-networking/network-policies/) to set. See [`values.yaml`](./values.yaml) for an example | `{http.enabled: false,transport.enabled: false}` | -| `nodeAffinity` | Value for the [node affinity settings][] | `{}` | -| `nodeGroup` | This is the name that will be used for each group of nodes in the cluster. The name will be `clusterName-nodeGroup-X` , `nameOverride-nodeGroup-X` if a `nameOverride` is specified, and `fullnameOverride-X` if a `fullnameOverride` is specified | `master` | -| `nodeSelector` | Configurable [nodeSelector][] so that you can target specific nodes for your Elasticsearch cluster | `{}` | -| `persistence` | Enables a persistent volume for Elasticsearch data. Can be disabled for nodes that only have [roles][] which don't require persistent data | see [values.yaml][] | -| `podAnnotations` | Configurable [annotations][] applied to all Elasticsearch pods | `{}` | -| `podManagementPolicy` | By default Kubernetes [deploys StatefulSets serially][]. This deploys them in parallel so that they can discover each other | `Parallel` | -| `podSecurityContext` | Allows you to set the [securityContext][] for the pod | see [values.yaml][] | -| `podSecurityPolicy` | Configuration for create a pod security policy with minimal permissions to run this Helm chart with `create: true`. Also can be used to reference an external pod security policy with `name: "externalPodSecurityPolicy"` | see [values.yaml][] | -| `priorityClassName` | The name of the [PriorityClass][]. No default is supplied as the PriorityClass must be created first | `""` | -| `protocol` | The protocol that will be used for the readiness [probe][]. Change this to `https` if you have `xpack.security.http.ssl.enabled` set | `http` | -| `rbac` | Configuration for creating a role, role binding and ServiceAccount as part of this Helm chart with `create: true`. Also can be used to reference an external ServiceAccount with `serviceAccountName: "externalServiceAccountName"` | see [values.yaml][] | -| `readinessProbe` | Configuration fields for the readiness [probe][] | see [values.yaml][] | -| `replicas` | Kubernetes replica count for the StatefulSet (i.e. how many pods) | `3` | -| `resources` | Allows you to set the [resources][] for the StatefulSet | see [values.yaml][] | -| `roles` | A hash map with the specific [roles][] for the `nodeGroup` | see [values.yaml][] | -| `schedulerName` | Name of the [alternate scheduler][] | `""` | -| `secretMounts` | Allows you easily mount a secret as a file inside the StatefulSet. Useful for mounting certificates and other secrets. See [values.yaml][] for an example | `[]` | -| `securityContext` | Allows you to set the [securityContext][] for the container | see [values.yaml][] | -| `service.annotations` | [LoadBalancer annotations][] that Kubernetes will use for the service. This will configure load balancer if `service.type` is `LoadBalancer` | `{}` | -| `service.externalTrafficPolicy` | Some cloud providers allow you to specify the [LoadBalancer externalTrafficPolicy][]. Kubernetes will use this to preserve the client source IP. This will configure load balancer if `service.type` is `LoadBalancer` | `""` | -| `service.httpPortName` | The name of the http port within the service | `http` | -| `service.labelsHeadless` | Labels to be added to headless service | `{}` | -| `service.labels` | Labels to be added to non-headless service | `{}` | -| `service.loadBalancerIP` | Some cloud providers allow you to specify the [loadBalancer][] IP. If the `loadBalancerIP` field is not specified, the IP is dynamically assigned. If you specify a `loadBalancerIP` but your cloud provider does not support the feature, it is ignored. | `""` | -| `service.loadBalancerSourceRanges` | The IP ranges that are allowed to access | `[]` | -| `service.nodePort` | Custom [nodePort][] port that can be set if you are using `service.type: nodePort` | `""` | -| `service.transportPortName` | The name of the transport port within the service | `transport` | -| `service.type` | Elasticsearch [Service Types][] | `ClusterIP` | -| `sidecarResources` | Allows you to set the [resources][] for the sidecar containers in the StatefulSet | {} | -| `sysctlInitContainer` | Allows you to disable the `sysctlInitContainer` if you are setting [sysctl vm.max_map_count][] with another method | `enabled: true` | -| `sysctlVmMaxMapCount` | Sets the [sysctl vm.max_map_count][] needed for Elasticsearch | `262144` | -| `terminationGracePeriod` | The [terminationGracePeriod][] in seconds used when trying to stop the pod | `120` | -| `tolerations` | Configurable [tolerations][] | `[]` | -| `transportPort` | The transport port that Kubernetes will use for the service. If you change this you will also need to set [transport port configuration][] in `extraEnvs` | `9300` | -| `updateStrategy` | The [updateStrategy][] for the StatefulSet. By default Kubernetes will wait for the cluster to be green after upgrading each pod. Setting this to `OnDelete` will allow you to manually delete each pod during upgrades | `RollingUpdate` | -| `volumeClaimTemplate` | Configuration for the [volumeClaimTemplate for StatefulSets][]. You will want to adjust the storage (default `30Gi` ) and the `storageClassName` if you are using a different storage class | see [values.yaml][] | +| Parameter | Description | Default | +|------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------| +| `antiAffinityTopologyKey` | The [anti-affinity][] topology key. By default this will prevent multiple Elasticsearch nodes from running on the same Kubernetes node | `kubernetes.io/hostname` | +| `antiAffinity` | Setting this to hard enforces the [anti-affinity][] rules. If it is set to soft it will be done "best effort". Other values will be ignored | `hard` | +| `clusterHealthCheckParams` | The [Elasticsearch cluster health status params][] that will be used by readiness [probe][] command | `wait_for_status=green&timeout=1s` | +| `clusterName` | This will be used as the Elasticsearch [cluster.name][] and should be unique per cluster in the namespace | `elasticsearch` | +| `enableServiceLinks` | Set to false to disabling service links, which can cause slow pod startup times when there are many services in the current namespace. | `true` | +| `envFrom` | Templatable string to be passed to the [environment from variables][] which will be appended to the `envFrom:` definition for the container | `[]` | +| `esConfig` | Allows you to add any config files in `/usr/share/elasticsearch/config/` such as `elasticsearch.yml` and `log4j2.properties`. See [values.yaml][] for an example of the formatting | `{}` | +| `esJavaOpts` | [Java options][] for Elasticsearch. This is where you could configure the [jvm heap size][] | `""` | +| `esMajorVersion` | Deprecated. Instead, use the version of the chart corresponding to your ES minor version. Used to set major version specific configuration. If you are using a custom image and not running the default Elasticsearch version you will need to set this to the version you are running (e.g. `esMajorVersion: 6`) | `""` | +| `extraContainers` | Templatable string of additional `containers` to be passed to the `tpl` function | `""` | +| `extraEnvs` | Extra [environment variables][] which will be appended to the `env:` definition for the container | `[]` | +| `extraInitContainers` | Templatable string of additional `initContainers` to be passed to the `tpl` function | `""` | +| `extraVolumeMounts` | Templatable string of additional `volumeMounts` to be passed to the `tpl` function | `""` | +| `extraVolumes` | Templatable string of additional `volumes` to be passed to the `tpl` function | `""` | +| `fullnameOverride` | Overrides the `clusterName` and `nodeGroup` when used in the naming of resources. This should only be used when using a single `nodeGroup`, otherwise you will have name conflicts | `""` | +| `hostAliases` | Configurable [hostAliases][] | `[]` | +| `httpPort` | The http port that Kubernetes will use for the healthchecks and the service. If you change this you will also need to set [http.port][] in `extraEnvs` | `9200` | +| `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | +| `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | +| `imageTag` | The Elasticsearch Docker image tag | `7.13.0-SNAPSHOT` | +| `image` | The Elasticsearch Docker image | `docker.elastic.co/elasticsearch/elasticsearch` | +| `ingress` | Configurable [ingress][] to expose the Elasticsearch service. See [values.yaml][] for an example | see [values.yaml][] | +| `initResources` | Allows you to set the [resources][] for the `initContainer` in the StatefulSet | `{}` | +| `keystore` | Allows you map Kubernetes secrets into the keystore. See the [config example][] and [how to use the keystore][] | `[]` | +| `labels` | Configurable [labels][] applied to all Elasticsearch pods | `{}` | +| `lifecycle` | Allows you to add [lifecycle hooks][]. See [values.yaml][] for an example of the formatting | `{}` | +| `masterService` | The service name used to connect to the masters. You only need to set this if your master `nodeGroup` is set to something other than `master`. See [Clustering and Node Discovery][] for more information | `""` | +| `masterTerminationFix` | A workaround needed for Elasticsearch < 7.2 to prevent master status being lost during restarts [#63][] | `false` | +| `maxUnavailable` | The [maxUnavailable][] value for the pod disruption budget. By default this will prevent Kubernetes from having more than 1 unhealthy pod in the node group | `1` | +| `minimumMasterNodes` | The value for [discovery.zen.minimum_master_nodes][]. Should be set to `(master_eligible_nodes / 2) + 1`. Ignored in Elasticsearch versions >= 7 | `2` | +| `nameOverride` | Overrides the `clusterName` when used in the naming of resources | `""` | +| `networkHost` | Value for the [network.host Elasticsearch setting][] | `0.0.0.0` | +| `networkPolicy` | The [NetworkPolicy](https://kubernetes.io/docs/concepts/services-networking/network-policies/) to set. See [`values.yaml`](./values.yaml) for an example | `{http.enabled: false,transport.enabled: false}` | +| `nodeAffinity` | Value for the [node affinity settings][] | `{}` | +| `nodeGroup` | This is the name that will be used for each group of nodes in the cluster. The name will be `clusterName-nodeGroup-X` , `nameOverride-nodeGroup-X` if a `nameOverride` is specified, and `fullnameOverride-X` if a `fullnameOverride` is specified | `master` | +| `nodeSelector` | Configurable [nodeSelector][] so that you can target specific nodes for your Elasticsearch cluster | `{}` | +| `persistence` | Enables a persistent volume for Elasticsearch data. Can be disabled for nodes that only have [roles][] which don't require persistent data | see [values.yaml][] | +| `podAnnotations` | Configurable [annotations][] applied to all Elasticsearch pods | `{}` | +| `podManagementPolicy` | By default Kubernetes [deploys StatefulSets serially][]. This deploys them in parallel so that they can discover each other | `Parallel` | +| `podSecurityContext` | Allows you to set the [securityContext][] for the pod | see [values.yaml][] | +| `podSecurityPolicy` | Configuration for create a pod security policy with minimal permissions to run this Helm chart with `create: true`. Also can be used to reference an external pod security policy with `name: "externalPodSecurityPolicy"` | see [values.yaml][] | +| `priorityClassName` | The name of the [PriorityClass][]. No default is supplied as the PriorityClass must be created first | `""` | +| `protocol` | The protocol that will be used for the readiness [probe][]. Change this to `https` if you have `xpack.security.http.ssl.enabled` set | `http` | +| `rbac` | Configuration for creating a role, role binding and ServiceAccount as part of this Helm chart with `create: true`. Also can be used to reference an external ServiceAccount with `serviceAccountName: "externalServiceAccountName"` | see [values.yaml][] | +| `readinessProbe` | Configuration fields for the readiness [probe][] | see [values.yaml][] | +| `replicas` | Kubernetes replica count for the StatefulSet (i.e. how many pods) | `3` | +| `resources` | Allows you to set the [resources][] for the StatefulSet | see [values.yaml][] | +| `roles` | A hash map with the specific [roles][] for the `nodeGroup` | see [values.yaml][] | +| `schedulerName` | Name of the [alternate scheduler][] | `""` | +| `secretMounts` | Allows you easily mount a secret as a file inside the StatefulSet. Useful for mounting certificates and other secrets. See [values.yaml][] for an example | `[]` | +| `securityContext` | Allows you to set the [securityContext][] for the container | see [values.yaml][] | +| `service.annotations` | [LoadBalancer annotations][] that Kubernetes will use for the service. This will configure load balancer if `service.type` is `LoadBalancer` | `{}` | +| `service.externalTrafficPolicy` | Some cloud providers allow you to specify the [LoadBalancer externalTrafficPolicy][]. Kubernetes will use this to preserve the client source IP. This will configure load balancer if `service.type` is `LoadBalancer` | `""` | +| `service.httpPortName` | The name of the http port within the service | `http` | +| `service.labelsHeadless` | Labels to be added to headless service | `{}` | +| `service.labels` | Labels to be added to non-headless service | `{}` | +| `service.loadBalancerIP` | Some cloud providers allow you to specify the [loadBalancer][] IP. If the `loadBalancerIP` field is not specified, the IP is dynamically assigned. If you specify a `loadBalancerIP` but your cloud provider does not support the feature, it is ignored. | `""` | +| `service.loadBalancerSourceRanges` | The IP ranges that are allowed to access | `[]` | +| `service.nodePort` | Custom [nodePort][] port that can be set if you are using `service.type: nodePort` | `""` | +| `service.transportPortName` | The name of the transport port within the service | `transport` | +| `service.type` | Elasticsearch [Service Types][] | `ClusterIP` | +| `sidecarResources` | Allows you to set the [resources][] for the sidecar containers in the StatefulSet | {} | +| `sysctlInitContainer` | Allows you to disable the `sysctlInitContainer` if you are setting [sysctl vm.max_map_count][] with another method | `enabled: true` | +| `sysctlVmMaxMapCount` | Sets the [sysctl vm.max_map_count][] needed for Elasticsearch | `262144` | +| `terminationGracePeriod` | The [terminationGracePeriod][] in seconds used when trying to stop the pod | `120` | +| `tolerations` | Configurable [tolerations][] | `[]` | +| `transportPort` | The transport port that Kubernetes will use for the service. If you change this you will also need to set [transport port configuration][] in `extraEnvs` | `9300` | +| `updateStrategy` | The [updateStrategy][] for the StatefulSet. By default Kubernetes will wait for the cluster to be green after upgrading each pod. Setting this to `OnDelete` will allow you to manually delete each pod during upgrades | `RollingUpdate` | +| `volumeClaimTemplate` | Configuration for the [volumeClaimTemplate for StatefulSets][]. You will want to adjust the storage (default `30Gi` ) and the `storageClassName` if you are using a different storage class | see [values.yaml][] | ### Deprecated From ca4c1c72a5fa46bc673235870fb9d792a26fb937 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Fri, 23 Apr 2021 19:44:48 +0200 Subject: [PATCH 146/151] [7.x] [meta] add helm 3.5.3 support (#1128) (#1162) This commit bump the Helm version used in helm-charts tests to 3.5.3. --- README.md | 2 +- helpers/helm-tester/Dockerfile | 2 +- helpers/terraform/Dockerfile | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 2e94d5729..12654560a 100644 --- a/README.md +++ b/README.md @@ -78,7 +78,7 @@ exact versions are defined under `KUBERNETES_VERSIONS` in ### Helm versions While we are checking backward compatibility, the charts are only tested with -Helm version mentioned in [helm-tester Dockerfile][] (currently 3.5.2). +Helm version mentioned in [helm-tester Dockerfile][] (currently 3.5.3). ## ECK diff --git a/helpers/helm-tester/Dockerfile b/helpers/helm-tester/Dockerfile index 75c5fedba..0ac396abd 100644 --- a/helpers/helm-tester/Dockerfile +++ b/helpers/helm-tester/Dockerfile @@ -1,6 +1,6 @@ FROM python:3.7 -ENV HELM_VERSION=3.5.2 +ENV HELM_VERSION=3.5.3 RUN wget --no-verbose https://get.helm.sh/helm-v${HELM_VERSION}-linux-amd64.tar.gz && \ tar xfv helm-v${HELM_VERSION}-linux-amd64.tar.gz && \ diff --git a/helpers/terraform/Dockerfile b/helpers/terraform/Dockerfile index 2ae9670b8..fd92e1c0f 100644 --- a/helpers/terraform/Dockerfile +++ b/helpers/terraform/Dockerfile @@ -3,7 +3,7 @@ FROM centos:7 ENV VAULT_VERSION 0.9.3 ENV TERRAFORM_VERSION=0.11.7 ENV KUBECTL_VERSION=1.16.10 -ENV HELM_VERSION=3.5.2 +ENV HELM_VERSION=3.5.3 ENV DOCKER_VERSION=18.09.7 ENV JQ_VERSION=1.6 From b76312122a37398e2a11e2be91e366069d7f8c88 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Fri, 23 Apr 2021 19:53:13 +0200 Subject: [PATCH 147/151] [7.x] Bump py from 1.8.0 to 1.10.0 in /helpers/helm-tester (#1154) (#1171) Bumps [py](https://github.com/pytest-dev/py) from 1.8.0 to 1.10.0. - [Release notes](https://github.com/pytest-dev/py/releases) - [Changelog](https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst) - [Commits](https://github.com/pytest-dev/py/compare/1.8.0...1.10.0) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- helpers/helm-tester/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helpers/helm-tester/requirements.txt b/helpers/helm-tester/requirements.txt index d7ac62303..7d643131b 100644 --- a/helpers/helm-tester/requirements.txt +++ b/helpers/helm-tester/requirements.txt @@ -3,7 +3,7 @@ attrs==19.1.0 importlib-metadata==0.23 more-itertools==7.2.0 pluggy==0.13.0 -py==1.8.0 +py==1.10.0 pytest==4.1.0 PyYAML==5.4 six==1.12.0 From e24e7cfecf4385b699e60d8590236d085dacc7d2 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Fri, 23 Apr 2021 19:53:59 +0200 Subject: [PATCH 148/151] [7.x] Bump py from 1.8.0 to 1.10.0 (#1155) (#1174) Bumps [py](https://github.com/pytest-dev/py) from 1.8.0 to 1.10.0. - [Release notes](https://github.com/pytest-dev/py/releases) - [Changelog](https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst) - [Commits](https://github.com/pytest-dev/py/compare/1.8.0...1.10.0) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index d940c204e..35e093e54 100644 --- a/requirements.txt +++ b/requirements.txt @@ -4,7 +4,7 @@ black==19.10b0 importlib-metadata==0.23 more-itertools==7.2.0 pluggy==0.13.0 -py==1.8.0 +py==1.10.0 pytest==4.1.0 PyYAML==5.4 six==1.12.0 From 547a1b05b5985206b93be45ddbcd7e5a834b4bee Mon Sep 17 00:00:00 2001 From: Nithya Date: Mon, 10 May 2021 17:48:33 +0530 Subject: [PATCH 149/151] [7.x][logstash] Add option loadBalancerIP to service (#1099) (#1175) --- logstash/templates/service.yaml | 7 +++++++ logstash/tests/logstash_test.py | 13 +++++++++++++ logstash/values.yaml | 1 + 3 files changed, 21 insertions(+) diff --git a/logstash/templates/service.yaml b/logstash/templates/service.yaml index 6540c8c61..d3a61bc7a 100644 --- a/logstash/templates/service.yaml +++ b/logstash/templates/service.yaml @@ -13,6 +13,13 @@ metadata: {{ toYaml .Values.service.annotations | indent 4 }} spec: type: {{ .Values.service.type }} +{{- if .Values.service.loadBalancerIP }} + loadBalancerIP: {{ .Values.service.loadBalancerIP }} +{{- end }} +{{- with .Values.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: +{{ toYaml . | indent 4 }} +{{- end }} selector: app: "{{ template "logstash.fullname" . }}" chart: "{{ .Chart.Name }}" diff --git a/logstash/tests/logstash_test.py b/logstash/tests/logstash_test.py index 6c76501cb..3f44ceb9c 100755 --- a/logstash/tests/logstash_test.py +++ b/logstash/tests/logstash_test.py @@ -881,6 +881,8 @@ def test_adding_a_service(): "protocol": "TCP", "targetPort": 5044, } + # Make sure that the default 'loadBalancerIP' string is empty + assert "loadBalancerIP" not in s["spec"] def test_setting_fullnameOverride(): @@ -935,3 +937,14 @@ def test_hostaliases(): r = helm_template(config) hostAliases = r["statefulset"][name]["spec"]["template"]["spec"]["hostAliases"] assert {"ip": "127.0.0.1", "hostnames": ["foo.local", "bar.local"]} in hostAliases + + +def test_adding_loadBalancerIP(): + config = """ + service: + loadBalancerIP: 12.5.11.79 + """ + + r = helm_template(config) + + assert r["service"][name]["spec"]["loadBalancerIP"] == "12.5.11.79" diff --git a/logstash/values.yaml b/logstash/values.yaml index bfb2b748a..d20c4d630 100755 --- a/logstash/values.yaml +++ b/logstash/values.yaml @@ -253,6 +253,7 @@ lifecycle: {} service: {} # annotations: {} # type: ClusterIP +# loadBalancerIP: "" # ports: # - name: beats # port: 5044 From 6bacc55748e17c4b10f80f6a2db23a8ada599cf4 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Thu, 20 May 2021 15:54:41 +0200 Subject: [PATCH 150/151] [meta] remove gke 1.16 tests (#1184) (#1194) This commit remove tests on GKE 1.16 following new GKE version updates: https://cloud.google.com/kubernetes-engine/docs/release-notes#May_04_2021 --- helpers/matrix.yml | 1 - helpers/terraform/Dockerfile | 2 +- helpers/terraform/Makefile | 2 +- 3 files changed, 2 insertions(+), 3 deletions(-) diff --git a/helpers/matrix.yml b/helpers/matrix.yml index 00bf37aad..9a2d15bca 100644 --- a/helpers/matrix.yml +++ b/helpers/matrix.yml @@ -38,6 +38,5 @@ APM_SERVER_SUITE: - security - upgrade KUBERNETES_VERSION: - - "1.16" - "1.17" - "1.18" diff --git a/helpers/terraform/Dockerfile b/helpers/terraform/Dockerfile index fd92e1c0f..1a652c103 100644 --- a/helpers/terraform/Dockerfile +++ b/helpers/terraform/Dockerfile @@ -2,7 +2,7 @@ FROM centos:7 ENV VAULT_VERSION 0.9.3 ENV TERRAFORM_VERSION=0.11.7 -ENV KUBECTL_VERSION=1.16.10 +ENV KUBECTL_VERSION=1.17.17 ENV HELM_VERSION=3.5.3 ENV DOCKER_VERSION=18.09.7 ENV JQ_VERSION=1.6 diff --git a/helpers/terraform/Makefile b/helpers/terraform/Makefile index 639ef285a..5339fcb4b 100644 --- a/helpers/terraform/Makefile +++ b/helpers/terraform/Makefile @@ -1,6 +1,6 @@ GOOGLE_PROJECT := elastic-ci-prod CLUSTER_NAME := helm-elasticsearch-test -KUBERNETES_VERSION := 1.16 +KUBERNETES_VERSION := 1.17 CHART := elasticsearch SUITE := default NAMESPACE := helm-charts-testing From 305a424a798b0f4835e654e2eadeaa450cee9a25 Mon Sep 17 00:00:00 2001 From: Julien Mailleret <8582351+jmlrt@users.noreply.github.com> Date: Tue, 25 May 2021 14:53:24 +0200 Subject: [PATCH 151/151] [meta] bump 7.x branch to 7.14.0-SNAPSHOT This commit bump the 7.x branch which will be dedicated to the 7.x.x releases for the Helm Charts. It will allow to: - test this branch with the daily Stack Docker images 7.14.0-SNAPSHOT via dedicated Jenkins jobs --- apm-server/Chart.yaml | 4 +- apm-server/README.md | 10 ++-- apm-server/examples/default/README.md | 2 +- apm-server/examples/default/test/goss.yaml | 2 +- apm-server/examples/oss/README.md | 2 +- apm-server/examples/oss/test/goss.yaml | 4 +- apm-server/examples/security/README.md | 2 +- apm-server/examples/security/test/goss.yaml | 2 +- apm-server/examples/upgrade/test/goss.yaml | 2 +- apm-server/values.yaml | 38 ++++++++------ elasticsearch/Chart.yaml | 4 +- elasticsearch/README.md | 8 +-- elasticsearch/examples/config/README.md | 2 +- elasticsearch/examples/default/README.md | 2 +- elasticsearch/examples/default/test/goss.yaml | 2 +- .../examples/docker-for-mac/README.md | 2 +- .../examples/kubernetes-kind/README.md | 2 +- elasticsearch/examples/microk8s/README.md | 2 +- elasticsearch/examples/minikube/README.md | 2 +- elasticsearch/examples/multi/README.md | 2 +- elasticsearch/examples/openshift/README.md | 2 +- .../examples/openshift/test/goss.yaml | 2 +- elasticsearch/examples/security/README.md | 2 +- elasticsearch/examples/upgrade/test/goss.yaml | 2 +- elasticsearch/values.yaml | 34 ++++++++----- filebeat/Chart.yaml | 4 +- filebeat/README.md | 8 +-- filebeat/examples/default/README.md | 2 +- filebeat/examples/default/test/goss.yaml | 14 ++--- filebeat/examples/deployment/README.md | 2 +- filebeat/examples/deployment/test/goss.yaml | 2 +- filebeat/examples/oss/README.md | 2 +- filebeat/examples/oss/test/goss.yaml | 4 +- filebeat/examples/security/README.md | 2 +- filebeat/examples/security/test/goss.yaml | 6 +-- filebeat/examples/upgrade/test/goss.yaml | 2 +- filebeat/values.yaml | 37 +++++++------- helpers/bumper.py | 2 +- helpers/examples.mk | 2 +- kibana/Chart.yaml | 4 +- kibana/README.md | 8 +-- kibana/examples/default/README.md | 2 +- kibana/examples/default/test/goss.yaml | 2 +- kibana/examples/openshift/README.md | 2 +- kibana/examples/security/README.md | 2 +- kibana/examples/upgrade/test/goss.yaml | 2 +- kibana/values.yaml | 19 ++++--- logstash/Chart.yaml | 4 +- logstash/README.md | 12 ++--- logstash/examples/default/README.md | 2 +- logstash/examples/default/test/goss.yaml | 2 +- logstash/examples/elasticsearch/README.md | 2 +- .../examples/elasticsearch/test/goss.yaml | 2 +- logstash/examples/oss/README.md | 2 +- logstash/examples/oss/test/goss.yaml | 14 ++--- logstash/examples/security/test/goss.yaml | 2 +- logstash/examples/upgrade/test/goss.yaml | 2 +- logstash/values.yaml | 28 ++++++---- metricbeat/Chart.yaml | 4 +- metricbeat/README.md | 8 +-- metricbeat/examples/default/README.md | 2 +- .../examples/default/test/goss-metrics.yaml | 18 +++---- metricbeat/examples/default/test/goss.yaml | 20 ++++---- metricbeat/examples/oss/README.md | 2 +- .../examples/oss/test/goss-metrics.yaml | 10 ++-- metricbeat/examples/oss/test/goss.yaml | 12 ++--- metricbeat/examples/security/README.md | 2 +- .../examples/security/test/goss-metrics.yaml | 20 ++++---- metricbeat/examples/security/test/goss.yaml | 22 ++++---- .../examples/upgrade/test/goss-metrics.yaml | 4 +- metricbeat/examples/upgrade/test/goss.yaml | 4 +- metricbeat/values.yaml | 51 ++++++++++--------- 72 files changed, 275 insertions(+), 244 deletions(-) diff --git a/apm-server/Chart.yaml b/apm-server/Chart.yaml index ae0994ba6..b0969f2c9 100755 --- a/apm-server/Chart.yaml +++ b/apm-server/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: apm-server -version: 7.13.0-SNAPSHOT -appVersion: 7.13.0-SNAPSHOT +version: 7.14.0-SNAPSHOT +appVersion: 7.14.0-SNAPSHOT sources: - https://github.com/elastic/apm icon: https://helm.elastic.co/icons/apm.png diff --git a/apm-server/README.md b/apm-server/README.md index a324d25a6..de0bf01ea 100644 --- a/apm-server/README.md +++ b/apm-server/README.md @@ -44,7 +44,7 @@ See [supported configurations][] for more details. ## Installing -This chart is tested with the latest 7.13.0-SNAPSHOT version. +This chart is tested with the latest 7.14.0-SNAPSHOT version. ### Install released version using Helm repository @@ -62,8 +62,8 @@ This chart is tested with the latest 7.13.0-SNAPSHOT version. * Checkout the branch : `git checkout 7.x` * Install it: - - with Helm 3: `helm install apm-server ./helm-charts/apm-server --set imageTag=7.13.0-SNAPSHOT` - - with Helm 2 (deprecated): `helm install --name apm-server ./helm-charts/apm-server --set imageTag=7.13.0-SNAPSHOT` + - with Helm 3: `helm install apm-server ./helm-charts/apm-server --set imageTag=7.14.0-SNAPSHOT` + - with Helm 2 (deprecated): `helm install --name apm-server ./helm-charts/apm-server --set imageTag=7.14.0-SNAPSHOT` ## Upgrading @@ -102,7 +102,7 @@ as a reference. They are also used in the automated testing of this chart. | `hostAliases` | Configurable [hostAliases][] | `[]` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The APM Server Docker image tag | `7.13.0-SNAPSHOT` | +| `imageTag` | The APM Server Docker image tag | `7.14.0-SNAPSHOT` | | `image` | The APM Server Docker image | `docker.elastic.co/apm/apm-server` | | `ingress` | Configurable [ingress][] to expose the APM Server service | see [values.yaml][] | | `labels` | Configurable [labels][] applied to all APM server pods | `{}` | @@ -156,7 +156,7 @@ about our development and testing process. [CONTRIBUTING.md]: https://github.com/elastic/helm-charts/blob/master/CONTRIBUTING.md [affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity [annotations]: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ -[apm server docker image]: https://www.elastic.co/guide/en/apm/server/7.13/running-on-docker.html +[apm server docker image]: https://www.elastic.co/guide/en/apm/server/7.14/running-on-docker.html [apm server oss docker image]: https://www.docker.elastic.co/r/apm/apm-server-oss [default elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/7.x/elasticsearch/README.md#default [environment variables]: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config diff --git a/apm-server/examples/default/README.md b/apm-server/examples/default/README.md index 81d8d1048..72c5ed8ae 100644 --- a/apm-server/examples/default/README.md +++ b/apm-server/examples/default/README.md @@ -1,6 +1,6 @@ # Default -This example deploy APM Server 7.13.0-SNAPSHOT using [default values][]. +This example deploy APM Server 7.14.0-SNAPSHOT using [default values][]. ## Usage diff --git a/apm-server/examples/default/test/goss.yaml b/apm-server/examples/default/test/goss.yaml index 366ca343f..8225dbb4e 100644 --- a/apm-server/examples/default/test/goss.yaml +++ b/apm-server/examples/default/test/goss.yaml @@ -3,4 +3,4 @@ http: status: 200 timeout: 2000 body: - - "7.13.0" + - "7.14.0" diff --git a/apm-server/examples/oss/README.md b/apm-server/examples/oss/README.md index 088e2a6fc..4d8a72701 100644 --- a/apm-server/examples/oss/README.md +++ b/apm-server/examples/oss/README.md @@ -1,6 +1,6 @@ # OSS -This example deploy APM Server 7.13.0-SNAPSHOT using [APM Server OSS][] version. +This example deploy APM Server 7.14.0-SNAPSHOT using [APM Server OSS][] version. ## Usage diff --git a/apm-server/examples/oss/test/goss.yaml b/apm-server/examples/oss/test/goss.yaml index 20f8154bb..59024a33d 100644 --- a/apm-server/examples/oss/test/goss.yaml +++ b/apm-server/examples/oss/test/goss.yaml @@ -3,9 +3,9 @@ http: status: 200 timeout: 2000 body: - - '7.13.0' + - "7.14.0" http://elasticsearch-master:9200/_cat/indices: status: 200 timeout: 2000 body: - - 'apm-oss-7.13.0' + - "apm-oss-7.14.0" diff --git a/apm-server/examples/security/README.md b/apm-server/examples/security/README.md index dec218585..1e54af22f 100644 --- a/apm-server/examples/security/README.md +++ b/apm-server/examples/security/README.md @@ -1,6 +1,6 @@ # Security -This example deploy APM Server 7.13.0-SNAPSHOT using authentication and TLS to connect to +This example deploy APM Server 7.14.0-SNAPSHOT using authentication and TLS to connect to Elasticsearch (see [values][]). diff --git a/apm-server/examples/security/test/goss.yaml b/apm-server/examples/security/test/goss.yaml index 366ca343f..8225dbb4e 100644 --- a/apm-server/examples/security/test/goss.yaml +++ b/apm-server/examples/security/test/goss.yaml @@ -3,4 +3,4 @@ http: status: 200 timeout: 2000 body: - - "7.13.0" + - "7.14.0" diff --git a/apm-server/examples/upgrade/test/goss.yaml b/apm-server/examples/upgrade/test/goss.yaml index 366ca343f..8225dbb4e 100644 --- a/apm-server/examples/upgrade/test/goss.yaml +++ b/apm-server/examples/upgrade/test/goss.yaml @@ -3,4 +3,4 @@ http: status: 200 timeout: 2000 body: - - "7.13.0" + - "7.14.0" diff --git a/apm-server/values.yaml b/apm-server/values.yaml index 788575bbf..45a24c2d9 100755 --- a/apm-server/values.yaml +++ b/apm-server/values.yaml @@ -33,7 +33,8 @@ extraInitContainers: "" # Extra environment variables to append to the DaemonSet pod spec. # This will be appended to the current 'env:' key. You can use any of the kubernetes env # syntax here -extraEnvs: [] +extraEnvs: + [] # - name: 'ELASTICSEARCH_USERNAME' # valueFrom: # secretKeyRef: @@ -52,12 +53,14 @@ envFrom: [] # - configMapRef: # name: config-map -extraVolumeMounts: [] +extraVolumeMounts: + [] # - name: extras # mountPath: /usr/share/extras # readOnly: true -extraVolumes: [] +extraVolumes: + [] # - name: extras # emptyDir: {} @@ -68,14 +71,15 @@ hostAliases: [] # - "bar.local" image: "docker.elastic.co/apm/apm-server" -imageTag: "7.13.0-SNAPSHOT" +imageTag: "7.14.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" imagePullSecrets: [] # Whether this chart should self-manage its service account, role, and associated role binding. managedServiceAccount: true -podAnnotations: {} +podAnnotations: + {} # iam.amazonaws.com/role: es-cluster # additionals labels @@ -111,18 +115,19 @@ readinessProbe: timeoutSeconds: 5 resources: - requests: - cpu: "100m" - memory: "100Mi" - limits: - cpu: "1000m" - memory: "512Mi" + requests: + cpu: "100m" + memory: "100Mi" + limits: + cpu: "1000m" + memory: "512Mi" # Custom service account override that the pod will use serviceAccount: "" # Annotations to add to the ServiceAccount that is created if the serviceAccount value isn't set. -serviceAccountAnnotations: {} +serviceAccountAnnotations: + {} # eks.amazonaws.com/role-arn: arn:aws:iam::111111111111:role/k8s.clustername.namespace.serviceaccount # A list of secrets and their paths to mount inside the pod @@ -159,7 +164,8 @@ autoscaling: ingress: enabled: false - annotations: {} + annotations: + {} # kubernetes.io/ingress.class: nginx # kubernetes.io/tls-acme: "true" path: / @@ -175,14 +181,16 @@ service: loadBalancerIP: "" port: 8200 nodePort: "" - annotations: {} + annotations: + {} # cloud.google.com/load-balancer-type: "Internal" # service.beta.kubernetes.io/aws-load-balancer-internal: 0.0.0.0/0 # service.beta.kubernetes.io/azure-load-balancer-internal: "true" # service.beta.kubernetes.io/openstack-internal-load-balancer: "true" # service.beta.kubernetes.io/cce-load-balancer-internal-vpc: "true" -lifecycle: {} +lifecycle: + {} # preStop: # exec: # command: ["/bin/sh", "-c", "echo Hello from the postStart handler > /usr/share/message"] diff --git a/elasticsearch/Chart.yaml b/elasticsearch/Chart.yaml index 755e4ad4c..03f606fb1 100755 --- a/elasticsearch/Chart.yaml +++ b/elasticsearch/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: elasticsearch -version: 7.13.0-SNAPSHOT -appVersion: 7.13.0-SNAPSHOT +version: 7.14.0-SNAPSHOT +appVersion: 7.14.0-SNAPSHOT sources: - https://github.com/elastic/elasticsearch icon: https://helm.elastic.co/icons/elasticsearch.png diff --git a/elasticsearch/README.md b/elasticsearch/README.md index 362fd6795..da024dce6 100644 --- a/elasticsearch/README.md +++ b/elasticsearch/README.md @@ -53,7 +53,7 @@ See [supported configurations][] for more details. ## Installing -This chart is tested with the latest 7.13.0-SNAPSHOT version. +This chart is tested with the latest 7.14.0-SNAPSHOT version. ### Install released version using Helm repository @@ -71,8 +71,8 @@ This chart is tested with the latest 7.13.0-SNAPSHOT version. * Checkout the branch : `git checkout 7.x` * Install it: - - with Helm 3: `helm install elasticsearch ./helm-charts/elasticsearch --set imageTag=7.13.0-SNAPSHOT` - - with Helm 2 (deprecated): `helm install --name elasticsearch ./helm-charts/elasticsearch --set imageTag=7.13.0-SNAPSHOT` + - with Helm 3: `helm install elasticsearch ./helm-charts/elasticsearch --set imageTag=7.14.0-SNAPSHOT` + - with Helm 2 (deprecated): `helm install --name elasticsearch ./helm-charts/elasticsearch --set imageTag=7.14.0-SNAPSHOT` ## Upgrading @@ -129,7 +129,7 @@ support multiple versions with minimal changes. | `httpPort` | The http port that Kubernetes will use for the healthchecks and the service. If you change this you will also need to set [http.port][] in `extraEnvs` | `9200` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The Elasticsearch Docker image tag | `7.13.0-SNAPSHOT` | +| `imageTag` | The Elasticsearch Docker image tag | `7.14.0-SNAPSHOT` | | `image` | The Elasticsearch Docker image | `docker.elastic.co/elasticsearch/elasticsearch` | | `ingress` | Configurable [ingress][] to expose the Elasticsearch service. See [values.yaml][] for an example | see [values.yaml][] | | `initResources` | Allows you to set the [resources][] for the `initContainer` in the StatefulSet | `{}` | diff --git a/elasticsearch/examples/config/README.md b/elasticsearch/examples/config/README.md index 8b48ca82c..0f0b14066 100644 --- a/elasticsearch/examples/config/README.md +++ b/elasticsearch/examples/config/README.md @@ -1,6 +1,6 @@ # Config -This example deploy a single node Elasticsearch 7.13.0-SNAPSHOT with authentication and +This example deploy a single node Elasticsearch 7.14.0-SNAPSHOT with authentication and custom [values][]. diff --git a/elasticsearch/examples/default/README.md b/elasticsearch/examples/default/README.md index 3f52d248f..9d7cf9965 100644 --- a/elasticsearch/examples/default/README.md +++ b/elasticsearch/examples/default/README.md @@ -1,6 +1,6 @@ # Default -This example deploy a 3 nodes Elasticsearch 7.13.0-SNAPSHOT cluster using +This example deploy a 3 nodes Elasticsearch 7.14.0-SNAPSHOT cluster using [default values][]. diff --git a/elasticsearch/examples/default/test/goss.yaml b/elasticsearch/examples/default/test/goss.yaml index 4815a8c60..856b1009a 100644 --- a/elasticsearch/examples/default/test/goss.yaml +++ b/elasticsearch/examples/default/test/goss.yaml @@ -15,7 +15,7 @@ http: status: 200 timeout: 2000 body: - - '"number" : "7.13.0-SNAPSHOT"' + - '"number" : "7.14.0-SNAPSHOT"' - '"cluster_name" : "elasticsearch"' - "You Know, for Search" diff --git a/elasticsearch/examples/docker-for-mac/README.md b/elasticsearch/examples/docker-for-mac/README.md index d3d4261da..21a19a278 100644 --- a/elasticsearch/examples/docker-for-mac/README.md +++ b/elasticsearch/examples/docker-for-mac/README.md @@ -1,6 +1,6 @@ # Docker for Mac -This example deploy a 3 nodes Elasticsearch 7.13.0-SNAPSHOT cluster on [Docker for Mac][] +This example deploy a 3 nodes Elasticsearch 7.14.0-SNAPSHOT cluster on [Docker for Mac][] using [custom values][]. Note that this configuration should be used for test only and isn't recommended diff --git a/elasticsearch/examples/kubernetes-kind/README.md b/elasticsearch/examples/kubernetes-kind/README.md index f8fee3b97..9c8e12752 100644 --- a/elasticsearch/examples/kubernetes-kind/README.md +++ b/elasticsearch/examples/kubernetes-kind/README.md @@ -1,6 +1,6 @@ # KIND -This example deploy a 3 nodes Elasticsearch 7.13.0-SNAPSHOT cluster on [Kind][] +This example deploy a 3 nodes Elasticsearch 7.14.0-SNAPSHOT cluster on [Kind][] using [custom values][]. Note that this configuration should be used for test only and isn't recommended diff --git a/elasticsearch/examples/microk8s/README.md b/elasticsearch/examples/microk8s/README.md index c1492c8b6..5eaa7bea6 100644 --- a/elasticsearch/examples/microk8s/README.md +++ b/elasticsearch/examples/microk8s/README.md @@ -1,6 +1,6 @@ # MicroK8S -This example deploy a 3 nodes Elasticsearch 7.13.0-SNAPSHOT cluster on [MicroK8S][] +This example deploy a 3 nodes Elasticsearch 7.14.0-SNAPSHOT cluster on [MicroK8S][] using [custom values][]. Note that this configuration should be used for test only and isn't recommended diff --git a/elasticsearch/examples/minikube/README.md b/elasticsearch/examples/minikube/README.md index 5c97fc6ce..ae2f1bcae 100644 --- a/elasticsearch/examples/minikube/README.md +++ b/elasticsearch/examples/minikube/README.md @@ -1,6 +1,6 @@ # Minikube -This example deploy a 3 nodes Elasticsearch 7.13.0-SNAPSHOT cluster on [Minikube][] +This example deploy a 3 nodes Elasticsearch 7.14.0-SNAPSHOT cluster on [Minikube][] using [custom values][]. If helm or kubectl timeouts occur, you may consider creating a minikube VM with diff --git a/elasticsearch/examples/multi/README.md b/elasticsearch/examples/multi/README.md index ad0dbe1e9..6746c27bf 100644 --- a/elasticsearch/examples/multi/README.md +++ b/elasticsearch/examples/multi/README.md @@ -1,6 +1,6 @@ # Multi -This example deploy an Elasticsearch 7.13.0-SNAPSHOT cluster composed of 3 different Helm +This example deploy an Elasticsearch 7.14.0-SNAPSHOT cluster composed of 3 different Helm releases: - `helm-es-multi-master` for the 3 master nodes using [master values][] diff --git a/elasticsearch/examples/openshift/README.md b/elasticsearch/examples/openshift/README.md index 233aa2cf2..d89d00644 100644 --- a/elasticsearch/examples/openshift/README.md +++ b/elasticsearch/examples/openshift/README.md @@ -1,6 +1,6 @@ # OpenShift -This example deploy a 3 nodes Elasticsearch 7.13.0-SNAPSHOT cluster on [OpenShift][] +This example deploy a 3 nodes Elasticsearch 7.14.0-SNAPSHOT cluster on [OpenShift][] using [custom values][]. ## Usage diff --git a/elasticsearch/examples/openshift/test/goss.yaml b/elasticsearch/examples/openshift/test/goss.yaml index 1cb6c61c7..990af66cc 100644 --- a/elasticsearch/examples/openshift/test/goss.yaml +++ b/elasticsearch/examples/openshift/test/goss.yaml @@ -11,6 +11,6 @@ http: status: 200 timeout: 2000 body: - - '"number" : "7.13.0"' + - '"number" : "7.14.0"' - '"cluster_name" : "elasticsearch"' - "You Know, for Search" diff --git a/elasticsearch/examples/security/README.md b/elasticsearch/examples/security/README.md index 9426d3926..1a1db8297 100644 --- a/elasticsearch/examples/security/README.md +++ b/elasticsearch/examples/security/README.md @@ -1,6 +1,6 @@ # Security -This example deploy a 3 nodes Elasticsearch 7.13.0-SNAPSHOT with authentication and +This example deploy a 3 nodes Elasticsearch 7.14.0-SNAPSHOT with authentication and autogenerated certificates for TLS (see [values][]). Note that this configuration should be used for test only. For a production diff --git a/elasticsearch/examples/upgrade/test/goss.yaml b/elasticsearch/examples/upgrade/test/goss.yaml index 167e68056..8b476d144 100644 --- a/elasticsearch/examples/upgrade/test/goss.yaml +++ b/elasticsearch/examples/upgrade/test/goss.yaml @@ -11,6 +11,6 @@ http: status: 200 timeout: 2000 body: - - '"number" : "7.13.0-SNAPSHOT"' + - '"number" : "7.14.0-SNAPSHOT"' - '"cluster_name" : "upgrade"' - "You Know, for Search" diff --git a/elasticsearch/values.yaml b/elasticsearch/values.yaml index 1192c23b1..f097d1109 100755 --- a/elasticsearch/values.yaml +++ b/elasticsearch/values.yaml @@ -59,10 +59,11 @@ hostAliases: [] # - "bar.local" image: "docker.elastic.co/elasticsearch/elasticsearch" -imageTag: "7.13.0-SNAPSHOT" +imageTag: "7.14.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" -podAnnotations: {} +podAnnotations: + {} # iam.amazonaws.com/role: es-cluster # additionals labels @@ -78,7 +79,8 @@ resources: cpu: "1000m" memory: "2Gi" -initResources: {} +initResources: + {} # limits: # cpu: "25m" # # memory: "128Mi" @@ -86,7 +88,8 @@ initResources: {} # cpu: "25m" # memory: "128Mi" -sidecarResources: {} +sidecarResources: + {} # limits: # cpu: "25m" # # memory: "128Mi" @@ -97,7 +100,7 @@ sidecarResources: {} networkHost: "0.0.0.0" volumeClaimTemplate: - accessModes: [ "ReadWriteOnce" ] + accessModes: ["ReadWriteOnce"] resources: requests: storage: 30Gi @@ -133,21 +136,25 @@ persistence: enabled: false annotations: {} -extraVolumes: [] +extraVolumes: + [] # - name: extras # emptyDir: {} -extraVolumeMounts: [] +extraVolumeMounts: + [] # - name: extras # mountPath: /usr/share/extras # readOnly: true -extraContainers: [] +extraContainers: + [] # - name: do-something # image: busybox # command: ['do', 'something'] -extraInitContainers: [] +extraInitContainers: + [] # - name: do-something # image: busybox # command: ['do', 'something'] @@ -207,7 +214,7 @@ podSecurityContext: securityContext: capabilities: drop: - - ALL + - ALL # readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 1000 @@ -240,7 +247,8 @@ tolerations: [] # Only enable this if you have security enabled on your cluster ingress: enabled: false - annotations: {} + annotations: + {} # kubernetes.io/ingress.class: nginx # kubernetes.io/tls-acme: "true" hosts: @@ -258,7 +266,8 @@ fullnameOverride: "" # https://github.com/elastic/helm-charts/issues/63 masterTerminationFix: false -lifecycle: {} +lifecycle: + {} # preStop: # exec: # command: ["/bin/sh", "-c", "echo Hello from the postStart handler > /usr/share/message"] @@ -305,7 +314,6 @@ networkPolicy: # role: frontend # matchExpressions: # - {key: role, operator: In, values: [frontend]} - ## Additional NetworkPolicy Ingress "from" rules to set. Note that all rules are OR-ed. ## # additionalRules: diff --git a/filebeat/Chart.yaml b/filebeat/Chart.yaml index 4950399fb..e4ce9669e 100755 --- a/filebeat/Chart.yaml +++ b/filebeat/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: filebeat -version: 7.13.0-SNAPSHOT -appVersion: 7.13.0-SNAPSHOT +version: 7.14.0-SNAPSHOT +appVersion: 7.14.0-SNAPSHOT sources: - https://github.com/elastic/beats icon: https://helm.elastic.co/icons/beats.png diff --git a/filebeat/README.md b/filebeat/README.md index 8f1962fea..666d24e50 100644 --- a/filebeat/README.md +++ b/filebeat/README.md @@ -43,7 +43,7 @@ See [supported configurations][] for more details. ## Installing -This chart is tested with the latest 7.13.0-SNAPSHOT version. +This chart is tested with the latest 7.14.0-SNAPSHOT version. ### Install released version using Helm repository @@ -60,8 +60,8 @@ This chart is tested with the latest 7.13.0-SNAPSHOT version. * Checkout the branch : `git checkout 7.x` * Install it: - - with Helm 3: `helm install filebeat ./helm-charts/filebeat --set imageTag=7.13.0-SNAPSHOT` - - with Helm 2 (deprecated): `helm install --name filebeat ./helm-charts/filebeat --set imageTag=7.13.0-SNAPSHOT` + - with Helm 3: `helm install filebeat ./helm-charts/filebeat --set imageTag=7.14.0-SNAPSHOT` + - with Helm 2 (deprecated): `helm install --name filebeat ./helm-charts/filebeat --set imageTag=7.14.0-SNAPSHOT` ## Upgrading @@ -136,7 +136,7 @@ as a reference. They are also used in the automated testing of this chart. | `hostPathRoot` | Fully-qualified [hostPath][] that will be used to persist filebeat registry data | `/var/lib` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The filebeat Docker image tag | `7.13.0-SNAPSHOT` | +| `imageTag` | The filebeat Docker image tag | `7.14.0-SNAPSHOT` | | `image` | The filebeat Docker image | `docker.elastic.co/beats/filebeat` | | `livenessProbe` | Parameters to pass to liveness [probe][] checks for values such as timeouts and thresholds | see [values.yaml][] | | `managedServiceAccount` | Whether the `serviceAccount` should be managed by this helm chart. Set this to `false` in order to manage your own service account and related roles | `true` | diff --git a/filebeat/examples/default/README.md b/filebeat/examples/default/README.md index c2eab6a58..ba221dd96 100644 --- a/filebeat/examples/default/README.md +++ b/filebeat/examples/default/README.md @@ -1,6 +1,6 @@ # Default -This example deploy Filebeat 7.13.0-SNAPSHOT using [default values][]. +This example deploy Filebeat 7.14.0-SNAPSHOT using [default values][]. ## Usage diff --git a/filebeat/examples/default/test/goss.yaml b/filebeat/examples/default/test/goss.yaml index 666d90857..07b2f3d2a 100644 --- a/filebeat/examples/default/test/goss.yaml +++ b/filebeat/examples/default/test/goss.yaml @@ -2,7 +2,7 @@ port: tcp:5066: listening: true ip: - - '127.0.0.1' + - "127.0.0.1" mount: /usr/share/filebeat/data: @@ -29,19 +29,19 @@ http: status: 200 timeout: 2000 body: - - 'filebeat-7.13.0' + - "filebeat-7.14.0" file: /usr/share/filebeat/filebeat.yml: exists: true contains: - - 'add_kubernetes_metadata' - - 'output.elasticsearch' - - 'elasticsearch-master:9200' + - "add_kubernetes_metadata" + - "output.elasticsearch" + - "elasticsearch-master:9200" command: cd /usr/share/filebeat && filebeat test output: exit-status: 0 stdout: - - 'elasticsearch: http://elasticsearch-master:9200' - - 'version: 7.13.0' + - "elasticsearch: http://elasticsearch-master:9200" + - "version: 7.14.0" diff --git a/filebeat/examples/deployment/README.md b/filebeat/examples/deployment/README.md index 0988a5270..13ccc91f3 100644 --- a/filebeat/examples/deployment/README.md +++ b/filebeat/examples/deployment/README.md @@ -1,6 +1,6 @@ # Default -This example deploy Filebeat 7.13.0-SNAPSHOT using [default values][] as a Kubernetes Deployment. +This example deploy Filebeat 7.14.0-SNAPSHOT using [default values][] as a Kubernetes Deployment. ## Usage diff --git a/filebeat/examples/deployment/test/goss.yaml b/filebeat/examples/deployment/test/goss.yaml index dab4d63b1..93e1ba689 100644 --- a/filebeat/examples/deployment/test/goss.yaml +++ b/filebeat/examples/deployment/test/goss.yaml @@ -3,4 +3,4 @@ http: status: 200 timeout: 2000 body: - - 'filebeat-7.13.0' + - "filebeat-7.14.0" diff --git a/filebeat/examples/oss/README.md b/filebeat/examples/oss/README.md index 4d2146417..0e0420036 100644 --- a/filebeat/examples/oss/README.md +++ b/filebeat/examples/oss/README.md @@ -1,6 +1,6 @@ # OSS -This example deploy Filebeat 7.13.0-SNAPSHOT using [Filebeat OSS][] version. +This example deploy Filebeat 7.14.0-SNAPSHOT using [Filebeat OSS][] version. ## Usage diff --git a/filebeat/examples/oss/test/goss.yaml b/filebeat/examples/oss/test/goss.yaml index 826ec0e8a..f76e8f64a 100644 --- a/filebeat/examples/oss/test/goss.yaml +++ b/filebeat/examples/oss/test/goss.yaml @@ -2,7 +2,7 @@ port: tcp:5066: listening: true ip: - - '127.0.0.1' + - "127.0.0.1" mount: /usr/share/filebeat/data: @@ -19,4 +19,4 @@ http: status: 200 timeout: 2000 body: - - "filebeat-oss-7.13.0" + - "filebeat-oss-7.14.0" diff --git a/filebeat/examples/security/README.md b/filebeat/examples/security/README.md index 116d180c9..7882eaaab 100644 --- a/filebeat/examples/security/README.md +++ b/filebeat/examples/security/README.md @@ -1,6 +1,6 @@ # Security -This example deploy Filebeat 7.13.0-SNAPSHOT using authentication and TLS to connect to +This example deploy Filebeat 7.14.0-SNAPSHOT using authentication and TLS to connect to Elasticsearch (see [values][]). diff --git a/filebeat/examples/security/test/goss.yaml b/filebeat/examples/security/test/goss.yaml index 9b6ba4282..f0bbd60ab 100644 --- a/filebeat/examples/security/test/goss.yaml +++ b/filebeat/examples/security/test/goss.yaml @@ -3,7 +3,7 @@ http: status: 200 timeout: 2000 body: - - "filebeat-7.13.0" + - "filebeat-7.14.0" allow-insecure: true - username: '{{ .Env.ELASTICSEARCH_USERNAME }}' - password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' + username: "{{ .Env.ELASTICSEARCH_USERNAME }}" + password: "{{ .Env.ELASTICSEARCH_PASSWORD }}" diff --git a/filebeat/examples/upgrade/test/goss.yaml b/filebeat/examples/upgrade/test/goss.yaml index f4743c47f..5233b2085 100644 --- a/filebeat/examples/upgrade/test/goss.yaml +++ b/filebeat/examples/upgrade/test/goss.yaml @@ -29,7 +29,7 @@ http: status: 200 timeout: 2000 body: - - "filebeat-7.13.0" + - "filebeat-7.14.0" file: /usr/share/filebeat/filebeat.yml: diff --git a/filebeat/values.yaml b/filebeat/values.yaml index 82abda129..ddf51a1cb 100755 --- a/filebeat/values.yaml +++ b/filebeat/values.yaml @@ -14,10 +14,12 @@ daemonset: extraEnvs: [] # - name: MY_ENVIRONMENT_VAR # value: the_value_goes_here - extraVolumes: [] + extraVolumes: + [] # - name: extras # emptyDir: {} - extraVolumeMounts: [] + extraVolumeMounts: + [] # - name: extras # mountPath: /usr/share/extras # readOnly: true @@ -146,7 +148,7 @@ hostAliases: [] # - "foo.local" # - "bar.local" image: "docker.elastic.co/beats/filebeat" -imageTag: "7.13.0-SNAPSHOT" +imageTag: "7.14.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" imagePullSecrets: [] @@ -180,26 +182,27 @@ readinessProbe: managedServiceAccount: true clusterRoleRules: -- apiGroups: - - "" - resources: - - namespaces - - nodes - - pods - verbs: - - get - - list - - watch - -podAnnotations: {} + - apiGroups: + - "" + resources: + - namespaces + - nodes + - pods + verbs: + - get + - list + - watch + +podAnnotations: + {} # iam.amazonaws.com/role: es-cluster # Custom service account override that the pod will use serviceAccount: "" # Annotations to add to the ServiceAccount that is created if the serviceAccount value isn't set. -serviceAccountAnnotations: {} - +serviceAccountAnnotations: + {} # eks.amazonaws.com/role-arn: arn:aws:iam::111111111111:role/k8s.clustername.namespace.serviceaccount # How long to wait for Filebeat pods to stop gracefully diff --git a/helpers/bumper.py b/helpers/bumper.py index 72551a945..b40a2d8a5 100755 --- a/helpers/bumper.py +++ b/helpers/bumper.py @@ -20,7 +20,7 @@ os.chdir(os.path.join(os.path.dirname(__file__), "..")) versions = { - 7: os.environ.get("BUMPER_VERSION_7", "7.13.0-SNAPSHOT"), + 7: os.environ.get("BUMPER_VERSION_7", "7.14.0-SNAPSHOT"), } chart_version = versions[7] diff --git a/helpers/examples.mk b/helpers/examples.mk index 6786adac0..a09a9c436 100644 --- a/helpers/examples.mk +++ b/helpers/examples.mk @@ -1,7 +1,7 @@ GOSS_VERSION := v0.3.6 GOSS_FILE ?= goss.yaml GOSS_SELECTOR ?= release=$(RELEASE) -STACK_VERSION := 7.13.0-SNAPSHOT +STACK_VERSION := 7.14.0-SNAPSHOT TIMEOUT := 900s .PHONY: help diff --git a/kibana/Chart.yaml b/kibana/Chart.yaml index eeaaf2738..33c8e05ff 100755 --- a/kibana/Chart.yaml +++ b/kibana/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: kibana -version: 7.13.0-SNAPSHOT -appVersion: 7.13.0-SNAPSHOT +version: 7.14.0-SNAPSHOT +appVersion: 7.14.0-SNAPSHOT sources: - https://github.com/elastic/kibana icon: https://helm.elastic.co/icons/kibana.png diff --git a/kibana/README.md b/kibana/README.md index e7712bcc2..9dbece640 100644 --- a/kibana/README.md +++ b/kibana/README.md @@ -40,7 +40,7 @@ See [supported configurations][] for more details. ## Installing -This chart is tested with the latest 7.13.0-SNAPSHOT version. +This chart is tested with the latest 7.14.0-SNAPSHOT version. ### Install released version using Helm repository @@ -58,8 +58,8 @@ This chart is tested with the latest 7.13.0-SNAPSHOT version. * Checkout the branch : `git checkout 7.x` * Install it: - - with Helm 3: `helm install kibana ./helm-charts/kibana --set imageTag=7.13.0-SNAPSHOT` - - with Helm 2 (deprecated): `helm install --name kibana ./helm-charts/kibana --set imageTag=7.13.0-SNAPSHOT` + - with Helm 3: `helm install kibana ./helm-charts/kibana --set imageTag=7.14.0-SNAPSHOT` + - with Helm 2 (deprecated): `helm install --name kibana ./helm-charts/kibana --set imageTag=7.14.0-SNAPSHOT` ## Upgrading @@ -93,7 +93,7 @@ as a reference. They are also used in the automated testing of this chart. | `httpPort` | The http port that Kubernetes will use for the healthchecks and the service | `5601` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][]value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The Kibana Docker image tag | `7.13.0-SNAPSHOT` | +| `imageTag` | The Kibana Docker image tag | `7.14.0-SNAPSHOT` | | `image` | The Kibana Docker image | `docker.elastic.co/kibana/kibana` | | `ingress` | Configurable [ingress][] to expose the Kibana service. | see [values.yaml][] | | `kibanaConfig` | Allows you to add any config files in `/usr/share/kibana/config/` such as `kibana.yml` See [values.yaml][] for an example of the formatting | `{}` | diff --git a/kibana/examples/default/README.md b/kibana/examples/default/README.md index 3bbf88e17..de07e9cb5 100644 --- a/kibana/examples/default/README.md +++ b/kibana/examples/default/README.md @@ -1,6 +1,6 @@ # Default -This example deploy Kibana 7.13.0-SNAPSHOT using [default values][]. +This example deploy Kibana 7.14.0-SNAPSHOT using [default values][]. ## Usage diff --git a/kibana/examples/default/test/goss.yaml b/kibana/examples/default/test/goss.yaml index cc14584bb..c700211b6 100644 --- a/kibana/examples/default/test/goss.yaml +++ b/kibana/examples/default/test/goss.yaml @@ -3,7 +3,7 @@ http: status: 200 timeout: 2000 body: - - '"number":"7.13.0"' + - '"number":"7.14.0"' http://localhost:5601/app/kibana: status: 200 diff --git a/kibana/examples/openshift/README.md b/kibana/examples/openshift/README.md index 4fe3d41cf..a8bd27d15 100644 --- a/kibana/examples/openshift/README.md +++ b/kibana/examples/openshift/README.md @@ -1,6 +1,6 @@ # OpenShift -This example deploy Kibana 7.13.0-SNAPSHOT on [OpenShift][] using [custom values][]. +This example deploy Kibana 7.14.0-SNAPSHOT on [OpenShift][] using [custom values][]. ## Usage diff --git a/kibana/examples/security/README.md b/kibana/examples/security/README.md index a6dd5f4f5..11e351092 100644 --- a/kibana/examples/security/README.md +++ b/kibana/examples/security/README.md @@ -1,6 +1,6 @@ # Security -This example deploy Kibana 7.13.0-SNAPSHOT using authentication and TLS to connect to +This example deploy Kibana 7.14.0-SNAPSHOT using authentication and TLS to connect to Elasticsearch (see [values][]). diff --git a/kibana/examples/upgrade/test/goss.yaml b/kibana/examples/upgrade/test/goss.yaml index 5ed7422ad..7fc0adbe3 100644 --- a/kibana/examples/upgrade/test/goss.yaml +++ b/kibana/examples/upgrade/test/goss.yaml @@ -3,7 +3,7 @@ http: status: 200 timeout: 2000 body: - - '"number":"7.13.0"' + - '"number":"7.14.0"' http://localhost:5601/app/kibana: status: 200 diff --git a/kibana/values.yaml b/kibana/values.yaml index af9fb58b0..b39362288 100755 --- a/kibana/values.yaml +++ b/kibana/values.yaml @@ -35,13 +35,14 @@ hostAliases: [] # - "bar.local" image: "docker.elastic.co/kibana/kibana" -imageTag: "7.13.0-SNAPSHOT" +imageTag: "7.14.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" # additionals labels labels: {} -podAnnotations: {} +podAnnotations: + {} # iam.amazonaws.com/role: es-cluster resources: @@ -73,7 +74,7 @@ podSecurityContext: securityContext: capabilities: drop: - - ALL + - ALL # readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 1000 @@ -105,19 +106,22 @@ service: port: 5601 nodePort: "" labels: {} - annotations: {} + annotations: + {} # cloud.google.com/load-balancer-type: "Internal" # service.beta.kubernetes.io/aws-load-balancer-internal: 0.0.0.0/0 # service.beta.kubernetes.io/azure-load-balancer-internal: "true" # service.beta.kubernetes.io/openstack-internal-load-balancer: "true" # service.beta.kubernetes.io/cce-load-balancer-internal-vpc: "true" - loadBalancerSourceRanges: [] + loadBalancerSourceRanges: + [] # 0.0.0.0/0 httpPortName: http ingress: enabled: false - annotations: {} + annotations: + {} # kubernetes.io/ingress.class: nginx # kubernetes.io/tls-acme: "true" hosts: @@ -144,7 +148,8 @@ affinity: {} nameOverride: "" fullnameOverride: "" -lifecycle: {} +lifecycle: + {} # preStop: # exec: # command: ["/bin/sh", "-c", "echo Hello from the postStart handler > /usr/share/message"] diff --git a/logstash/Chart.yaml b/logstash/Chart.yaml index acae12fe5..89db41f12 100755 --- a/logstash/Chart.yaml +++ b/logstash/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: logstash -version: 7.13.0-SNAPSHOT -appVersion: 7.13.0-SNAPSHOT +version: 7.14.0-SNAPSHOT +appVersion: 7.14.0-SNAPSHOT sources: - https://github.com/elastic/logstash icon: https://helm.elastic.co/icons/logstash.png diff --git a/logstash/README.md b/logstash/README.md index 3c0a03d22..4367e5fa9 100644 --- a/logstash/README.md +++ b/logstash/README.md @@ -44,7 +44,7 @@ See [supported configurations][] for more details. ## Installing -This chart is tested with the latest 7.13.0-SNAPSHOT version. +This chart is tested with the latest 7.14.0-SNAPSHOT version. ### Install released version using Helm repository @@ -62,8 +62,8 @@ This chart is tested with the latest 7.13.0-SNAPSHOT version. * Checkout the branch : `git checkout 7.x` * Install it: - - with Helm 3: `helm install logstash ./helm-charts/logstash --set imageTag=7.13.0-SNAPSHOT` - - with Helm 2 (deprecated): `helm install --name logstash ./helm-charts/logstash --set imageTag=7.13.0-SNAPSHOT` + - with Helm 3: `helm install logstash ./helm-charts/logstash --set imageTag=7.14.0-SNAPSHOT` + - with Helm 2 (deprecated): `helm install --name logstash ./helm-charts/logstash --set imageTag=7.14.0-SNAPSHOT` ## Upgrading @@ -120,7 +120,7 @@ useful for the [http input plugin][], for instance. | `httpPort` | The http port that Kubernetes will use for the healthchecks and the service | `9600` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The Logstash Docker image tag | `7.13.0-SNAPSHOT` | +| `imageTag` | The Logstash Docker image tag | `7.14.0-SNAPSHOT` | | `image` | The Logstash Docker image | `docker.elastic.co/logstash/logstash` | | `labels` | Configurable [labels][] applied to all Logstash pods | `{}` | | `ingress` | Configurable [ingress][] for external access to Logstash HTTP port. | see [values.yaml][] | @@ -129,8 +129,8 @@ useful for the [http input plugin][], for instance. | `logstashConfig` | Allows you to add any config files in `/usr/share/logstash/config/` such as `logstash.yml` and `log4j2.properties` See [values.yaml][] for an example of the formatting | `{}` | | `logstashJavaOpts` | Java options for Logstash. This is where you should configure the JVM heap size | `-Xmx1g -Xms1g` | | `logstashPipeline` | Allows you to add any pipeline files in `/usr/share/logstash/pipeline/` | `{}` | -| `logstashPatternDir` | Allows you to define a custom directory to store patten files | `/usr/share/logstash/patterns/` | -| `logstashPattern` | Allows you to add any pattern files in `logstashPatternDir` | `{}` | +| `logstashPatternDir` | Allows you to define a custom directory to store patten files | `/usr/share/logstash/patterns/` | +| `logstashPattern` | Allows you to add any pattern files in `logstashPatternDir` | `{}` | | `maxUnavailable` | The [maxUnavailable][] value for the pod disruption budget. By default this will prevent Kubernetes from having more than 1 unhealthy pod in the node group | `1` | | `nameOverride` | Overrides the chart name for resources. If not set the name will default to `.Chart.Name` | `""` | | `nodeAffinity` | Value for the [node affinity settings][] | `{}` | diff --git a/logstash/examples/default/README.md b/logstash/examples/default/README.md index 41b80baef..beec5bfce 100644 --- a/logstash/examples/default/README.md +++ b/logstash/examples/default/README.md @@ -1,6 +1,6 @@ # Default -This example deploy Logstash 7.13.0-SNAPSHOT using [default values][]. +This example deploy Logstash 7.14.0-SNAPSHOT using [default values][]. ## Usage diff --git a/logstash/examples/default/test/goss.yaml b/logstash/examples/default/test/goss.yaml index 83abad235..e11dc7d0f 100644 --- a/logstash/examples/default/test/goss.yaml +++ b/logstash/examples/default/test/goss.yaml @@ -9,7 +9,7 @@ http: status: 200 timeout: 2000 body: - - '"version" : "7.13.0"' + - '"version" : "7.14.0"' - '"http_address" : "0.0.0.0:9600"' - '"status" : "green"' - '"workers" : 1' diff --git a/logstash/examples/elasticsearch/README.md b/logstash/examples/elasticsearch/README.md index d7ce03970..875733b3d 100644 --- a/logstash/examples/elasticsearch/README.md +++ b/logstash/examples/elasticsearch/README.md @@ -1,6 +1,6 @@ # Elasticsearch -This example deploy Logstash 7.13.0-SNAPSHOT which connects to Elasticsearch (see +This example deploy Logstash 7.14.0-SNAPSHOT which connects to Elasticsearch (see [values][]). diff --git a/logstash/examples/elasticsearch/test/goss.yaml b/logstash/examples/elasticsearch/test/goss.yaml index 9fd57998d..92ad2d3bf 100644 --- a/logstash/examples/elasticsearch/test/goss.yaml +++ b/logstash/examples/elasticsearch/test/goss.yaml @@ -21,7 +21,7 @@ http: status: 200 timeout: 2000 body: - - '"version" : "7.13.0"' + - '"version" : "7.14.0"' - '"http_address" : "0.0.0.0:9600"' - '"status" : "green"' - '"workers" : 1' diff --git a/logstash/examples/oss/README.md b/logstash/examples/oss/README.md index 5bcb7ac8a..bfec27d0f 100644 --- a/logstash/examples/oss/README.md +++ b/logstash/examples/oss/README.md @@ -1,6 +1,6 @@ # OSS -This example deploy Logstash 7.13.0-SNAPSHOT using [Logstash OSS][] version. +This example deploy Logstash 7.14.0-SNAPSHOT using [Logstash OSS][] version. ## Usage diff --git a/logstash/examples/oss/test/goss.yaml b/logstash/examples/oss/test/goss.yaml index 80e5ead13..a5fad88a0 100644 --- a/logstash/examples/oss/test/goss.yaml +++ b/logstash/examples/oss/test/goss.yaml @@ -9,7 +9,7 @@ http: status: 200 timeout: 2000 body: - - '"version" : "7.13.0"' + - '"version" : "7.14.0"' - '"http_address" : "0.0.0.0:9600"' - '"status" : "green"' - '"workers" : 1' @@ -32,9 +32,9 @@ file: group: root filetype: file contains: - - 'input {' - - 'beats {' - - 'port => 5044' - - 'output {' - - 'stdout {' - - 'codec => rubydebug' + - "input {" + - "beats {" + - "port => 5044" + - "output {" + - "stdout {" + - "codec => rubydebug" diff --git a/logstash/examples/security/test/goss.yaml b/logstash/examples/security/test/goss.yaml index e850810b0..550c9ea77 100644 --- a/logstash/examples/security/test/goss.yaml +++ b/logstash/examples/security/test/goss.yaml @@ -21,7 +21,7 @@ http: status: 200 timeout: 2000 body: - - '"version" : "7.13.0"' + - '"version" : "7.14.0"' - '"http_address" : "0.0.0.0:9600"' - '"status" : "green"' - '"workers" : 1' diff --git a/logstash/examples/upgrade/test/goss.yaml b/logstash/examples/upgrade/test/goss.yaml index 83abad235..e11dc7d0f 100644 --- a/logstash/examples/upgrade/test/goss.yaml +++ b/logstash/examples/upgrade/test/goss.yaml @@ -9,7 +9,7 @@ http: status: 200 timeout: 2000 body: - - '"version" : "7.13.0"' + - '"version" : "7.14.0"' - '"http_address" : "0.0.0.0:9600"' - '"status" : "green"' - '"workers" : 1' diff --git a/logstash/values.yaml b/logstash/values.yaml index d20c4d630..5d9175728 100755 --- a/logstash/values.yaml +++ b/logstash/values.yaml @@ -61,7 +61,6 @@ secrets: [] # cert.crt: "LS0tLS1CRUdJTiBlRJRklDQVRFLS0tLS0K" # cert.key.filepath: "secrets.crt" # The path to file should be relative to the `values.yaml` file. - # A list of secrets and their paths to mount inside the pod secretMounts: [] @@ -72,7 +71,7 @@ hostAliases: [] # - "bar.local" image: "docker.elastic.co/logstash/logstash" -imageTag: "7.13.0-SNAPSHOT" +imageTag: "7.14.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" imagePullSecrets: [] @@ -92,7 +91,7 @@ resources: memory: "1536Mi" volumeClaimTemplate: - accessModes: [ "ReadWriteOnce" ] + accessModes: ["ReadWriteOnce"] resources: requests: storage: 1Gi @@ -101,7 +100,8 @@ rbac: create: false serviceAccountAnnotations: {} serviceAccountName: "" - annotations: {} + annotations: + {} #annotation1: "value1" #annotation2: "value2" #annotation3: "value3" @@ -128,21 +128,25 @@ persistence: enabled: false annotations: {} -extraVolumes: "" +extraVolumes: + "" # - name: extras # emptyDir: {} -extraVolumeMounts: "" +extraVolumeMounts: + "" # - name: extras # mountPath: /usr/share/extras # readOnly: true -extraContainers: "" +extraContainers: + "" # - name: do-something # image: busybox # command: ['do', 'something'] -extraInitContainers: "" +extraInitContainers: + "" # - name: do-something # image: busybox # command: ['do', 'something'] @@ -170,7 +174,8 @@ podManagementPolicy: "Parallel" httpPort: 9600 # Custom ports to add to logstash -extraPorts: [] +extraPorts: + [] # - name: beats # containerPort: 5001 @@ -188,7 +193,7 @@ podSecurityContext: securityContext: capabilities: drop: - - ALL + - ALL # readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 1000 @@ -242,7 +247,8 @@ tolerations: [] nameOverride: "" fullnameOverride: "" -lifecycle: {} +lifecycle: + {} # preStop: # exec: # command: ["/bin/sh", "-c", "echo Hello from the postStart handler > /usr/share/message"] diff --git a/metricbeat/Chart.yaml b/metricbeat/Chart.yaml index 8ce8163ec..5cbed0fb2 100755 --- a/metricbeat/Chart.yaml +++ b/metricbeat/Chart.yaml @@ -5,8 +5,8 @@ maintainers: - email: helm-charts@elastic.co name: Elastic name: metricbeat -version: 7.13.0-SNAPSHOT -appVersion: 7.13.0-SNAPSHOT +version: 7.14.0-SNAPSHOT +appVersion: 7.14.0-SNAPSHOT sources: - https://github.com/elastic/beats icon: https://helm.elastic.co/icons/beats.png diff --git a/metricbeat/README.md b/metricbeat/README.md index d540e80bb..92efff165 100644 --- a/metricbeat/README.md +++ b/metricbeat/README.md @@ -41,7 +41,7 @@ See [supported configurations][] for more details. ## Installing -This chart is tested with the latest 7.13.0-SNAPSHOT version. +This chart is tested with the latest 7.14.0-SNAPSHOT version. ### Install released version using Helm repository @@ -60,8 +60,8 @@ This chart is tested with the latest 7.13.0-SNAPSHOT version. * Checkout the branch : `git checkout 7.x` * Install it: - - with Helm 3: `helm install metricbeat ./helm-charts/metricbeat --set imageTag=7.13.0-SNAPSHOT` - - with Helm 2 (deprecated): `helm install --name metricbeat ./helm-charts/metricbeat --set imageTag=7.13.0-SNAPSHOT` + - with Helm 3: `helm install metricbeat ./helm-charts/metricbeat --set imageTag=7.14.0-SNAPSHOT` + - with Helm 2 (deprecated): `helm install --name metricbeat ./helm-charts/metricbeat --set imageTag=7.14.0-SNAPSHOT` ## Upgrading @@ -131,7 +131,7 @@ as a reference. They are also used in the automated testing of this chart. | `hostPathRoot` | Fully-qualified [hostPath][] that will be used to persist Metricbeat registry data | `/var/lib` | | `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | | `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The Metricbeat Docker image tag | `7.13.0-SNAPSHOT` | +| `imageTag` | The Metricbeat Docker image tag | `7.14.0-SNAPSHOT` | | `image` | The Metricbeat Docker image | `docker.elastic.co/beats/metricbeat` | | `kube_state_metrics.enabled` | Install [kube-state-metrics](https://github.com/helm/charts/tree/master/stable/kube-state-metrics) as a dependency | `true` | | `kube_state_metrics.host` | Define kube-state-metrics endpoint for an existing deployment. Works only if `kube_state_metrics.enabled: false` | `""` | diff --git a/metricbeat/examples/default/README.md b/metricbeat/examples/default/README.md index 66ef8e57a..a957afe20 100644 --- a/metricbeat/examples/default/README.md +++ b/metricbeat/examples/default/README.md @@ -1,6 +1,6 @@ # Default -This example deploy Metricbeat 7.13.0-SNAPSHOT using [default values][]. +This example deploy Metricbeat 7.14.0-SNAPSHOT using [default values][]. ## Usage diff --git a/metricbeat/examples/default/test/goss-metrics.yaml b/metricbeat/examples/default/test/goss-metrics.yaml index 1afbb4265..461f4d701 100644 --- a/metricbeat/examples/default/test/goss-metrics.yaml +++ b/metricbeat/examples/default/test/goss-metrics.yaml @@ -2,7 +2,7 @@ port: tcp:5066: listening: true ip: - - '127.0.0.1' + - "127.0.0.1" mount: /usr/share/metricbeat/metricbeat.yml: @@ -21,24 +21,24 @@ http: status: 200 timeout: 2000 body: - - "metricbeat-7.13.0" + - "metricbeat-7.14.0" - 'http://elasticsearch-master:9200/_search?q=metricset.name:state_container%20AND%20kubernetes.container.name:metricbeat': - status: 200 + ? "http://elasticsearch-master:9200/_search?q=metricset.name:state_container%20AND%20kubernetes.container.name:metricbeat" + : status: 200 timeout: 2000 body: - - "metricbeat-7.13.0" + - "metricbeat-7.14.0" file: /usr/share/metricbeat/metricbeat.yml: exists: true contains: - - 'output.elasticsearch' - - 'elasticsearch-master:9200' + - "output.elasticsearch" + - "elasticsearch-master:9200" command: cd /usr/share/metricbeat && metricbeat test output: exit-status: 0 stdout: - - 'elasticsearch: http://elasticsearch-master:9200' - - 'version: 7.13.0' + - "elasticsearch: http://elasticsearch-master:9200" + - "version: 7.14.0" diff --git a/metricbeat/examples/default/test/goss.yaml b/metricbeat/examples/default/test/goss.yaml index 2e9e29b64..4ee50a3a5 100644 --- a/metricbeat/examples/default/test/goss.yaml +++ b/metricbeat/examples/default/test/goss.yaml @@ -2,7 +2,7 @@ port: tcp:5066: listening: true ip: - - '127.0.0.1' + - "127.0.0.1" mount: /usr/share/metricbeat/data: @@ -25,24 +25,24 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.13.0' - 'http://elasticsearch-master:9200/_search?q=metricset.name:container%20AND%20kubernetes.container.name:metricbeat': - status: 200 + - "metricbeat-7.14.0" + ? "http://elasticsearch-master:9200/_search?q=metricset.name:container%20AND%20kubernetes.container.name:metricbeat" + : status: 200 timeout: 2000 body: - - 'metricbeat-7.13.0' + - "metricbeat-7.14.0" file: /usr/share/metricbeat/metricbeat.yml: exists: true contains: - - 'add_kubernetes_metadata' - - 'output.elasticsearch' - - 'elasticsearch-master:9200' + - "add_kubernetes_metadata" + - "output.elasticsearch" + - "elasticsearch-master:9200" command: cd /usr/share/metricbeat && metricbeat test output: exit-status: 0 stdout: - - 'elasticsearch: http://elasticsearch-master:9200' - - 'version: 7.13.0' + - "elasticsearch: http://elasticsearch-master:9200" + - "version: 7.14.0" diff --git a/metricbeat/examples/oss/README.md b/metricbeat/examples/oss/README.md index 67bb5c9cb..16adfb9fc 100644 --- a/metricbeat/examples/oss/README.md +++ b/metricbeat/examples/oss/README.md @@ -1,6 +1,6 @@ # OSS -This example deploy Metricbeat 7.13.0-SNAPSHOT using [Metricbeat OSS][] version. +This example deploy Metricbeat 7.14.0-SNAPSHOT using [Metricbeat OSS][] version. ## Usage diff --git a/metricbeat/examples/oss/test/goss-metrics.yaml b/metricbeat/examples/oss/test/goss-metrics.yaml index 482e5b61e..c55542112 100644 --- a/metricbeat/examples/oss/test/goss-metrics.yaml +++ b/metricbeat/examples/oss/test/goss-metrics.yaml @@ -2,7 +2,7 @@ port: tcp:5066: listening: true ip: - - '127.0.0.1' + - "127.0.0.1" mount: /usr/share/metricbeat/metricbeat.yml: @@ -21,21 +21,21 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-oss-7.13.0' + - "metricbeat-oss-7.14.0" http://elasticsearch-master:9200/_search?q=metricset.name:state_deployment: status: 200 timeout: 2000 body: - - 'metricbeat-oss-7.13.0' + - "metricbeat-oss-7.14.0" file: /usr/share/metricbeat/metricbeat.yml: exists: true contains: - - 'output.elasticsearch' + - "output.elasticsearch" command: cd /usr/share/metricbeat && metricbeat test output: exit-status: 0 stdout: - - 'elasticsearch: http://elasticsearch-master:9200' + - "elasticsearch: http://elasticsearch-master:9200" diff --git a/metricbeat/examples/oss/test/goss.yaml b/metricbeat/examples/oss/test/goss.yaml index 686dddcb1..3902fb32f 100644 --- a/metricbeat/examples/oss/test/goss.yaml +++ b/metricbeat/examples/oss/test/goss.yaml @@ -2,7 +2,7 @@ port: tcp:5066: listening: true ip: - - '127.0.0.1' + - "127.0.0.1" mount: /usr/share/metricbeat/data: @@ -25,22 +25,22 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-oss-7.13.0' + - "metricbeat-oss-7.14.0" http://elasticsearch-master:9200/_search?q=metricset.name:container: status: 200 timeout: 2000 body: - - 'metricbeat-oss-7.13.0' + - "metricbeat-oss-7.14.0" file: /usr/share/metricbeat/metricbeat.yml: exists: true contains: - - 'add_kubernetes_metadata' - - 'output.elasticsearch' + - "add_kubernetes_metadata" + - "output.elasticsearch" command: cd /usr/share/metricbeat && metricbeat test output: exit-status: 0 stdout: - - 'elasticsearch: http://elasticsearch-master:9200' + - "elasticsearch: http://elasticsearch-master:9200" diff --git a/metricbeat/examples/security/README.md b/metricbeat/examples/security/README.md index 0514206e9..7c9edeafc 100644 --- a/metricbeat/examples/security/README.md +++ b/metricbeat/examples/security/README.md @@ -1,6 +1,6 @@ # Security -This example deploy Metricbeat 7.13.0-SNAPSHOT using authentication and TLS to connect to +This example deploy Metricbeat 7.14.0-SNAPSHOT using authentication and TLS to connect to Elasticsearch (see [values][]). diff --git a/metricbeat/examples/security/test/goss-metrics.yaml b/metricbeat/examples/security/test/goss-metrics.yaml index 168b02260..48f97af25 100644 --- a/metricbeat/examples/security/test/goss-metrics.yaml +++ b/metricbeat/examples/security/test/goss-metrics.yaml @@ -2,7 +2,7 @@ port: tcp:5066: listening: true ip: - - '127.0.0.1' + - "127.0.0.1" mount: /usr/share/metricbeat/metricbeat.yml: @@ -21,28 +21,28 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.13.0' + - "metricbeat-7.14.0" allow-insecure: true - username: '{{ .Env.ELASTICSEARCH_USERNAME }}' - password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' + username: "{{ .Env.ELASTICSEARCH_USERNAME }}" + password: "{{ .Env.ELASTICSEARCH_PASSWORD }}" https://security-master:9200/_search?q=metricset.name:state_deployment: status: 200 timeout: 2000 body: - - 'metricbeat-7.13.0' + - "metricbeat-7.14.0" allow-insecure: true - username: '{{ .Env.ELASTICSEARCH_USERNAME }}' - password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' + username: "{{ .Env.ELASTICSEARCH_USERNAME }}" + password: "{{ .Env.ELASTICSEARCH_PASSWORD }}" file: /usr/share/metricbeat/metricbeat.yml: exists: true contains: - - 'output.elasticsearch' + - "output.elasticsearch" command: cd /usr/share/metricbeat && metricbeat test output: exit-status: 0 stdout: - - 'elasticsearch: https://security-master:9200' - - 'version: 7.13.0' + - "elasticsearch: https://security-master:9200" + - "version: 7.14.0" diff --git a/metricbeat/examples/security/test/goss.yaml b/metricbeat/examples/security/test/goss.yaml index 5915c35c5..13b7541b5 100644 --- a/metricbeat/examples/security/test/goss.yaml +++ b/metricbeat/examples/security/test/goss.yaml @@ -2,7 +2,7 @@ port: tcp:5066: listening: true ip: - - '127.0.0.1' + - "127.0.0.1" mount: /usr/share/metricbeat/data: @@ -25,29 +25,29 @@ http: status: 200 timeout: 2000 body: - - 'metricbeat-7.13.0' + - "metricbeat-7.14.0" allow-insecure: true - username: '{{ .Env.ELASTICSEARCH_USERNAME }}' - password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' + username: "{{ .Env.ELASTICSEARCH_USERNAME }}" + password: "{{ .Env.ELASTICSEARCH_PASSWORD }}" https://security-master:9200/_search?q=metricset.name:container: status: 200 timeout: 2000 body: - - 'metricbeat-7.13.0' + - "metricbeat-7.14.0" allow-insecure: true - username: '{{ .Env.ELASTICSEARCH_USERNAME }}' - password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' + username: "{{ .Env.ELASTICSEARCH_USERNAME }}" + password: "{{ .Env.ELASTICSEARCH_PASSWORD }}" file: /usr/share/metricbeat/metricbeat.yml: exists: true contains: - - 'add_kubernetes_metadata' - - 'output.elasticsearch' + - "add_kubernetes_metadata" + - "output.elasticsearch" command: cd /usr/share/metricbeat && metricbeat test output: exit-status: 0 stdout: - - 'elasticsearch: https://security-master:9200' - - 'version: 7.13.0' + - "elasticsearch: https://security-master:9200" + - "version: 7.14.0" diff --git a/metricbeat/examples/upgrade/test/goss-metrics.yaml b/metricbeat/examples/upgrade/test/goss-metrics.yaml index a542fbc8a..aa1a0831b 100644 --- a/metricbeat/examples/upgrade/test/goss-metrics.yaml +++ b/metricbeat/examples/upgrade/test/goss-metrics.yaml @@ -21,13 +21,13 @@ http: status: 200 timeout: 2000 body: - - "metricbeat-7.13.0" + - "metricbeat-7.14.0" ? "http://upgrade-master:9200/_search?q=metricset.name:state_container%20AND%20kubernetes.container.name:metricbeat" : status: 200 timeout: 2000 body: - - "metricbeat-7.13.0" + - "metricbeat-7.14.0" file: /usr/share/metricbeat/metricbeat.yml: diff --git a/metricbeat/examples/upgrade/test/goss.yaml b/metricbeat/examples/upgrade/test/goss.yaml index 7057b3991..6697251e6 100644 --- a/metricbeat/examples/upgrade/test/goss.yaml +++ b/metricbeat/examples/upgrade/test/goss.yaml @@ -25,12 +25,12 @@ http: status: 200 timeout: 2000 body: - - "metricbeat-7.13.0" + - "metricbeat-7.14.0" ? "http://upgrade-master:9200/_search?q=metricset.name:container%20AND%20kubernetes.container.name:metricbeat" : status: 200 timeout: 2000 body: - - "metricbeat-7.13.0" + - "metricbeat-7.14.0" file: /usr/share/metricbeat/metricbeat.yml: diff --git a/metricbeat/values.yaml b/metricbeat/values.yaml index 112ecfb83..12e76179b 100755 --- a/metricbeat/values.yaml +++ b/metricbeat/values.yaml @@ -1,5 +1,4 @@ --- - daemonset: # Annotations to apply to the daemonset annotations: {} @@ -181,7 +180,7 @@ extraInitContainers: "" hostPathRoot: /var/lib image: "docker.elastic.co/beats/metricbeat" -imageTag: "7.13.0-SNAPSHOT" +imageTag: "7.14.0-SNAPSHOT" imagePullPolicy: "IfNotPresent" imagePullSecrets: [] @@ -215,36 +214,38 @@ readinessProbe: managedServiceAccount: true clusterRoleRules: -- apiGroups: [""] - resources: - - nodes - - namespaces - - events - - pods - verbs: ["get", "list", "watch"] -- apiGroups: ["extensions"] - resources: - - replicasets - verbs: ["get", "list", "watch"] -- apiGroups: ["apps"] - resources: - - statefulsets - - deployments - - replicasets - verbs: ["get", "list", "watch"] -- apiGroups: [""] - resources: - - nodes/stats - verbs: ["get"] + - apiGroups: [""] + resources: + - nodes + - namespaces + - events + - pods + verbs: ["get", "list", "watch"] + - apiGroups: ["extensions"] + resources: + - replicasets + verbs: ["get", "list", "watch"] + - apiGroups: ["apps"] + resources: + - statefulsets + - deployments + - replicasets + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: + - nodes/stats + verbs: ["get"] -podAnnotations: {} +podAnnotations: + {} # iam.amazonaws.com/role: es-cluster # Custom service account override that the pod will use serviceAccount: "" # Annotations to add to the ServiceAccount that is created if the serviceAccount value isn't set. -serviceAccountAnnotations: {} +serviceAccountAnnotations: + {} # eks.amazonaws.com/role-arn: arn:aws:iam::111111111111:role/k8s.clustername.namespace.serviceaccount # How long to wait for metricbeat pods to stop gracefully