From 89e9d1675041234f58374616d0a95b27d2c80c79 Mon Sep 17 00:00:00 2001 From: Julien Mailleret Date: Wed, 15 Apr 2020 21:43:17 +0200 Subject: [PATCH] [metricbeat] split volumes and volumeMounts for daemonset and deployment --- metricbeat/README.md | 84 +++++++++++++++------------- metricbeat/templates/daemonset.yaml | 8 +-- metricbeat/templates/deployment.yaml | 8 +-- metricbeat/tests/metricbeat_test.py | 78 ++++++++++++++++++++++---- metricbeat/values.yaml | 25 ++++++--- 5 files changed, 136 insertions(+), 67 deletions(-) diff --git a/metricbeat/README.md b/metricbeat/README.md index 48eda68dd..991aa1447 100644 --- a/metricbeat/README.md +++ b/metricbeat/README.md @@ -65,52 +65,56 @@ helm install --name metricbeat elastic/metricbeat --set imageTag=7.6.2 ## Configuration -| Parameter | Description | Default | -| --- | --- | --- | -| `daemonset.affinity` | Configurable [affinity][] for Metricbeat `DaemonSet`. | `{}` | -| `daemonset.envFrom` | Templatable string of `envFrom` to be passed to the [environment from variables][] which will be appended to Metricbeat container for `DaemonSet`. | `[]` | -| `daemonset.extraEnvs` | Extra [environment variables][] which will be appended to Metricbeat container for `DaemonSet`. | `[]` | -| `daemonset.metricbeatConfig` | Allows you to add any config files in `/usr/share/metricbeat` such as `metricbeat.yml` for Metricbeat `DaemonSet`. | see [values.yaml][] | -| `daemonset.nodeSelector` | Configurable [nodeSelector][] for Metricbeat `DaemonSet`. | `{}` | -| `daemonset.securityContext` | Configurable [securityContext][] for Metricbeat `DaemonSet` pod execution environment. | `runAsUser: 0`
`privileged: false` | -| `daemonset.resources` | Allows you to set the [resources][] for Metricbeat `DaemonSet`. | `requests.cpu: 100m`
`requests.memory: 100Mi`
`limits.cpu: 1000m`
`limits.memory: 200Mi` | -| `daemonset.tolerations` | Configurable [tolerations][] for Metricbeat `DaemonSet`. | `[]` | -| `deployment.affinity` | Configurable [affinity][] for Metricbeat `Deployment`. | `{}` | -| `deployment.envFrom` | Templatable string of `envFrom` to be passed to the [environment from variables][] which will be appended to Metricbeat container for `Deployment`. | `[]` | -| `deployment.extraEnvs` | Extra [environment variables][] which will be appended to Metricbeat container for `deployment`. | `[]` | -| `deployment.metricbeatConfig` | Allows you to add any config files in `/usr/share/metricbeat` such as `metricbeat.yml` for Metricbeat `Deployment`. | see [values.yaml][] | -| `deployment.nodeSelector` | Configurable [nodeSelector][] for Metricbeat `Deployment`. | `{}` | -| `deployment.securityContext` | Configurable [securityContext][] for Metricbeat `Deployment` pod execution environment. | `runAsUser: 0`
`privileged: false` | -| `deployment.resources` | Allows you to set the [resources][] for Metricbeat `Deployment`. | `requests.cpu: 100m`
`requests.memory: 100Mi`
`limits.cpu: 1000m`
`limits.memory: 200Mi` | -| `deployment.tolerations` | Configurable [tolerations][] for Metricbeat `Deployment`. | `[]` | -| `extraContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | -| `extraInitContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | -| `extraVolumeMounts` | Templatable string of additional volumeMounts to be passed to the `tpl` function | `""` | -| `extraVolumes` | Templatable string of additional volumes to be passed to the `tpl` function | `""` | -| `hostPathRoot` | Fully-qualified [hostPath][] that will be used to persist Metricbeat registry data | `/var/lib` | -| `image` | The Metricbeat docker image | `docker.elastic.co/beats/metricbeat` | -| `imageTag` | The Metricbeat docker image tag | `7.6.2` | -| `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | -| `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `labels` | Configurable [label][] applied to all Metricbeat pods | `{}` | -| `managedServiceAccount` | Whether the `serviceAccount` should be managed by this helm chart. Set this to `false` in order to manage your own service account and related roles. | `true` | -| `clusterRoleRules` | Configurable [cluster role rules][] that Metricbeat uses to access Kubernetes resources. | see [values.yaml][] | -| `podAnnotations` | Configurable [annotations][] applied to all Metricbeat pods | `{}` | -| `livenessProbe` | Parameters to pass to [liveness probe][] checks for values such as timeouts and thresholds. | `failureThreshold: 3`
`initialDelaySeconds: 10`
`periodSeconds: 10`
`successThreshold: 3`
`timeoutSeconds: 5` | -| `readinessProbe` | Parameters to pass to [readiness probe][] checks for values such as timeouts and thresholds. | `failureThreshold: 3`
`initialDelaySeconds: 10`
`periodSeconds: 10`
`successThreshold: 3`
`timeoutSeconds: 5` | -| `serviceAccount` | Custom [serviceAccount][] that Metricbeat will use during execution. By default will use the service account created by this chart. | `""` | -| `secretMounts` | Allows you easily mount a secret as a file inside the `DaemonSet`. Useful for mounting certificates and other secrets. See [values.yaml][] for an example | `[]` | -| `terminationGracePeriod` | Termination period (in seconds) to wait before killing Metricbeat pod process on pod shutdown | `30` | -| `updateStrategy` | The [updateStrategy][] for the `DaemonSet`. By default Kubernetes will kill and recreate pods on updates. Setting this to `OnDelete` will require that pods be deleted manually. | `RollingUpdate` | -| `priorityClassName` | The [name of the PriorityClass][]. No default is supplied as the PriorityClass must be created first. | `""` | -| `replicas` | The replica count for the metricbeat deployment talking to kube-state-metrics | `1` | -| `fullnameOverride` | Overrides the full name of the resources. If not set the name will default to "`.Release.Name`-`.Values.nameOverride or .Chart.Name`" | `""` | +| Parameter | Description | Default | +| --- | --- | --- | +| `daemonset.affinity` | Configurable [affinity][] for Metricbeat `DaemonSet`. | `{}` | +| `daemonset.envFrom` | Templatable string of `envFrom` to be passed to the [environment from variables][] which will be appended to Metricbeat container for `DaemonSet`. | `[]` | +| `daemonset.extraEnvs` | Extra [environment variables][] which will be appended to Metricbeat container for `DaemonSet`. | `[]` | +| `daemonset.extraVolumes` | Templatable string of additional volumes to be passed to the `tpl` function or `DaemonSet`. | `[]` | +| `daemonset.extraVolumeMounts` | Templatable string of additional volumeMounts to be passed to the `tpl` function or `DaemonSet`. | `[]` | +| `daemonset.metricbeatConfig` | Allows you to add any config files in `/usr/share/metricbeat` such as `metricbeat.yml` for Metricbeat `DaemonSet`. | see [values.yaml][] | +| `daemonset.nodeSelector` | Configurable [nodeSelector][] for Metricbeat `DaemonSet`. | `{}` | +| `daemonset.securityContext` | Configurable [securityContext][] for Metricbeat `DaemonSet` pod execution environment. | `runAsUser: 0`
`privileged: false` | +| `daemonset.resources` | Allows you to set the [resources][] for Metricbeat `DaemonSet`. | `requests.cpu: 100m`
`requests.memory: 100Mi`
`limits.cpu: 1000m`
`limits.memory: 200Mi` | +| `daemonset.tolerations` | Configurable [tolerations][] for Metricbeat `DaemonSet`. | `[]` | +| `deployment.affinity` | Configurable [affinity][] for Metricbeat `Deployment`. | `{}` | +| `deployment.envFrom` | Templatable string of `envFrom` to be passed to the [environment from variables][] which will be appended to Metricbeat container for `Deployment`. | `[]` | +| `deployment.extraEnvs` | Extra [environment variables][] which will be appended to Metricbeat container for `Deployment`. | `[]` | +| `deployment.extraVolumes` | Templatable string of additional volumes to be passed to the `tpl` function or `Deployment`. | `[]` | +| `deployment.extraVolumeMounts` | Templatable string of additional volumeMounts to be passed to the `tpl` function or `DaemonSet`. | `[]` | +| `deployment.metricbeatConfig` | Allows you to add any config files in `/usr/share/metricbeat` such as `metricbeat.yml` for Metricbeat `Deployment`. | see [values.yaml][] | +| `deployment.nodeSelector` | Configurable [nodeSelector][] for Metricbeat `Deployment`. | `{}` | +| `deployment.securityContext` | Configurable [securityContext][] for Metricbeat `Deployment` pod execution environment. | `runAsUser: 0`
`privileged: false` | +| `deployment.resources` | Allows you to set the [resources][] for Metricbeat `Deployment`. | `requests.cpu: 100m`
`requests.memory: 100Mi`
`limits.cpu: 1000m`
`limits.memory: 200Mi` | +| `deployment.tolerations` | Configurable [tolerations][] for Metricbeat `Deployment`. | `[]` | +| `extraContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | +| `extraInitContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` | +| `hostPathRoot` | Fully-qualified [hostPath][] that will be used to persist Metricbeat registry data | `/var/lib` | +| `image` | The Metricbeat docker image | `docker.elastic.co/beats/metricbeat` | +| `imageTag` | The Metricbeat docker image tag | `7.6.2` | +| `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | +| `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | +| `labels` | Configurable [label][] applied to all Metricbeat pods | `{}` | +| `managedServiceAccount` | Whether the `serviceAccount` should be managed by this helm chart. Set this to `false` in order to manage your own service account and related roles. | `true` | +| `clusterRoleRules` | Configurable [cluster role rules][] that Metricbeat uses to access Kubernetes resources. | see [values.yaml][] | +| `podAnnotations` | Configurable [annotations][] applied to all Metricbeat pods | `{}` | +| `livenessProbe` | Parameters to pass to [liveness probe][] checks for values such as timeouts and thresholds. | `failureThreshold: 3`
`initialDelaySeconds: 10`
`periodSeconds: 10`
`successThreshold: 3`
`timeoutSeconds: 5` | +| `readinessProbe` | Parameters to pass to [readiness probe][] checks for values such as timeouts and thresholds. | `failureThreshold: 3`
`initialDelaySeconds: 10`
`periodSeconds: 10`
`successThreshold: 3`
`timeoutSeconds: 5` | +| `serviceAccount` | Custom [serviceAccount][] that Metricbeat will use during execution. By default will use the service account created by this chart. | `""` | +| `secretMounts` | Allows you easily mount a secret as a file inside the `DaemonSet`. Useful for mounting certificates and other secrets. See [values.yaml][] for an example | `[]` | +| `terminationGracePeriod` | Termination period (in seconds) to wait before killing Metricbeat pod process on pod shutdown | `30` | +| `updateStrategy` | The [updateStrategy][] for the `DaemonSet`. By default Kubernetes will kill and recreate pods on updates. Setting this to `OnDelete` will require that pods be deleted manually. | `RollingUpdate` | +| `priorityClassName` | The [name of the PriorityClass][]. No default is supplied as the PriorityClass must be created first. | `""` | +| `replicas` | The replica count for the metricbeat deployment talking to kube-state-metrics | `1` | +| `fullnameOverride` | Overrides the full name of the resources. If not set the name will default to "`.Release.Name`-`.Values.nameOverride or .Chart.Name`" | `""` | ### Deprecated | Parameter | Description | Default | | --- | --- | --- | | `affinity` | Configurable [affinity][] for Metricbeat `DaemonSet`. | `{}` | | `extraEnvs` | Extra [environment variables][] which will be appended to Metricbeat container for both `DaemonSet` and `Deployment`. | `[]` | +| `extraVolumes` | Templatable string of additional volumes to be passed to the `tpl` function for both `DaemonSet` and `Deployment`. | `[]` | +| `extraVolumeMounts` | Templatable string of additional volumeMounts to be passed to the `tpl` function for both `DaemonSet` and `Deployment`. | `[]` | | `deployment.envFrom` | Templatable string to be passed to the [environment from variables][] which will be appended to Metricbeat container for both `DaemonSet` and `Deployment`. | `[]` | | `metricbeatConfig` | Allows you to add any config files in `/usr/share/metricbeat` such as `metricbeat.yml` for both Metricbeat `DaemonSet` and `Deployment`. | `{}` | | `nodeSelector` | Configurable [nodeSelector][] for Metricbeat `DaemonSet`. | `{}` | diff --git a/metricbeat/templates/daemonset.yaml b/metricbeat/templates/daemonset.yaml index 57832ac9a..4a2c53366 100644 --- a/metricbeat/templates/daemonset.yaml +++ b/metricbeat/templates/daemonset.yaml @@ -76,8 +76,8 @@ spec: - name: cgroup hostPath: path: /sys/fs/cgroup - {{- if .Values.extraVolumes }} -{{ toYaml .Values.extraVolumes | indent 6 }} + {{- if .Values.extraVolumes | default .Values.daemonset.extraVolumes }} +{{ toYaml ( .Values.extraVolumes | default .Values.daemonset.extraVolumes ) | indent 6 }} {{- end }} {{- if .Values.imagePullSecrets }} imagePullSecrets: @@ -151,8 +151,8 @@ spec: - name: cgroup mountPath: /hostfs/sys/fs/cgroup readOnly: true - {{- if .Values.extraVolumeMounts }} -{{ toYaml .Values.extraVolumeMounts | indent 8 }} + {{- if .Values.extraVolumeMounts | default .Values.daemonset.extraVolumeMounts }} +{{ toYaml ( .Values.extraVolumeMounts | default .Values.daemonset.extraVolumeMounts ) | indent 8 }} {{- end }} {{- if .Values.extraContainers }} {{ tpl .Values.extraContainers . | indent 6 }} diff --git a/metricbeat/templates/deployment.yaml b/metricbeat/templates/deployment.yaml index 83bfeb1b4..482e78b8a 100644 --- a/metricbeat/templates/deployment.yaml +++ b/metricbeat/templates/deployment.yaml @@ -57,8 +57,8 @@ spec: defaultMode: 0600 name: {{ template "metricbeat.fullname" . }}-deployment-config {{- end }} - {{- if .Values.extraVolumes }} -{{ toYaml .Values.extraVolumes | indent 6 }} + {{- if .Values.extraVolumes | default .Values.deployment.extraVolumes }} +{{ toYaml ( .Values.extraVolumes | default .Values.deployment.extraVolumes ) | indent 6 }} {{- end }} {{- if .Values.imagePullSecrets }} imagePullSecrets: @@ -116,8 +116,8 @@ spec: subPath: {{ $path }} {{- end }} {{- end }} - {{- if .Values.extraVolumeMounts }} -{{ toYaml .Values.extraVolumeMounts | indent 8 }} + {{- if .Values.extraVolumeMounts | default .Values.deployment.extraVolumeMounts }} +{{ toYaml ( .Values.extraVolumeMounts | default .Values.deployment.extraVolumeMounts ) | indent 8 }} {{- end }} {{- if .Values.extraContainers }} {{ tpl .Values.extraContainers . | indent 6 }} diff --git a/metricbeat/tests/metricbeat_test.py b/metricbeat/tests/metricbeat_test.py index 7daa6411e..d3b1eeee1 100644 --- a/metricbeat/tests/metricbeat_test.py +++ b/metricbeat/tests/metricbeat_test.py @@ -564,6 +564,62 @@ def test_adding_a_secret_mount(): def test_adding_a_extra_volume_with_volume_mount(): config = """ +daemonset: + extraVolumes: + - name: extras + emptyDir: {} + extraVolumeMounts: + - name: extras + mountPath: /usr/share/extras + readOnly: true +""" + r = helm_template(config) + assert {"name": "extras", "emptyDir": {}} in r["daemonset"][name]["spec"][ + "template" + ]["spec"]["volumes"] + assert {"name": "extras", "mountPath": "/usr/share/extras", "readOnly": True,} in r[ + "daemonset" + ][name]["spec"]["template"]["spec"]["containers"][0]["volumeMounts"] + assert {"name": "extras", "emptyDir": {}} not in r["deployment"][name + "-metrics"][ + "spec" + ]["template"]["spec"]["volumes"] + assert ( + {"name": "extras", "mountPath": "/usr/share/extras", "readOnly": True,} + not in r["deployment"][name + "-metrics"]["spec"]["template"]["spec"][ + "containers" + ][0]["volumeMounts"] + ) + + config = """ +deployment: + extraVolumes: + - name: extras + emptyDir: {} + extraVolumeMounts: + - name: extras + mountPath: /usr/share/extras + readOnly: true +""" + r = helm_template(config) + assert {"name": "extras", "emptyDir": {}} in r["deployment"][name + "-metrics"][ + "spec" + ]["template"]["spec"]["volumes"] + assert {"name": "extras", "mountPath": "/usr/share/extras", "readOnly": True,} in r[ + "deployment" + ][name + "-metrics"]["spec"]["template"]["spec"]["containers"][0]["volumeMounts"] + assert {"name": "extras", "emptyDir": {}} not in r["daemonset"][name]["spec"][ + "template" + ]["spec"]["volumes"] + assert ( + {"name": "extras", "mountPath": "/usr/share/extras", "readOnly": True,} + not in r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][ + "volumeMounts" + ] + ) + + +def test_adding_a_deprecated_extra_volume_with_volume_mount(): + config = """ extraVolumes: - name: extras emptyDir: {} @@ -573,16 +629,18 @@ def test_adding_a_extra_volume_with_volume_mount(): readOnly: true """ r = helm_template(config) - extraVolume = r["daemonset"][name]["spec"]["template"]["spec"]["volumes"] - assert {"name": "extras", "emptyDir": {}} in extraVolume - extraVolumeMounts = r["daemonset"][name]["spec"]["template"]["spec"]["containers"][ - 0 - ]["volumeMounts"] - assert { - "name": "extras", - "mountPath": "/usr/share/extras", - "readOnly": True, - } in extraVolumeMounts + assert {"name": "extras", "emptyDir": {}} in r["daemonset"][name]["spec"][ + "template" + ]["spec"]["volumes"] + assert {"name": "extras", "mountPath": "/usr/share/extras", "readOnly": True,} in r[ + "daemonset" + ][name]["spec"]["template"]["spec"]["containers"][0]["volumeMounts"] + assert {"name": "extras", "emptyDir": {}} in r["deployment"][name + "-metrics"][ + "spec" + ]["template"]["spec"]["volumes"] + assert {"name": "extras", "mountPath": "/usr/share/extras", "readOnly": True,} in r[ + "deployment" + ][name + "-metrics"]["spec"]["template"]["spec"]["containers"][0]["volumeMounts"] def test_adding_a_node_selector(): diff --git a/metricbeat/values.yaml b/metricbeat/values.yaml index f28786b54..0d30ca08e 100755 --- a/metricbeat/values.yaml +++ b/metricbeat/values.yaml @@ -9,6 +9,13 @@ daemonset: extraEnvs: [] # - name: MY_ENVIRONMENT_VAR # value: the_value_goes_here + extraVolumes: [] + # - name: extras + # emptyDir: {} + extraVolumeMounts: [] + # - name: extras + # mountPath: /usr/share/extras + # readOnly: true # Allows you to add any config files in /usr/share/metricbeat # such as metricbeat.yml for daemonset metricbeatConfig: @@ -86,6 +93,13 @@ deployment: # - name: MY_ENVIRONMENT_VAR # value: the_value_goes_here # Allows you to add any config files in /usr/share/metricbeat + extraVolumes: [] + # - name: extras + # emptyDir: {} + extraVolumeMounts: [] + # - name: extras + # mountPath: /usr/share/extras + # readOnly: true # such as metricbeat.yml for deployment metricbeatConfig: metricbeat.yml: | @@ -128,15 +142,6 @@ extraInitContainers: "" # image: busybox # command: ['echo', 'hey'] -extraVolumeMounts: [] - # - name: extras - # mountPath: /usr/share/extras - # readOnly: true - -extraVolumes: [] - # - name: extras - # emptyDir: {} - # Root directory where metricbeat will write data to in order to persist registry data across pod restarts (file position and other metadata). hostPathRoot: /var/lib @@ -231,6 +236,8 @@ fullnameOverride: "" affinity: {} envFrom: [] extraEnvs: [] +extraVolumes: [] +extraVolumeMounts: [] # Allows you to add any config files in /usr/share/metricbeat # such as metricbeat.yml for both daemonset and deployment metricbeatConfig: {}