From 7f6cebe9b0f1cdcb11e76e357030b77dfe048f35 Mon Sep 17 00:00:00 2001 From: Thom Heymann Date: Wed, 16 Oct 2024 11:58:45 +0100 Subject: [PATCH 1/4] Enable Kubernetes Otel flow --- .../onboarding_flow_form.tsx | 4 +- .../use_custom_cards_for_category.tsx | 149 ++++- .../otel_kubernetes/otel_kubernetes_panel.tsx | 17 +- .../quickstart_flows/otel_logs/index.tsx | 546 ++---------------- .../public/application/shared/logo_icon.tsx | 2 + .../public/assets/java.svg | 8 +- .../public/assets/ruby.svg | 130 +++++ .../lib/api_key/create_install_api_key.ts | 5 +- .../lib/api_key/create_shipper_api_key.ts | 9 +- .../api_key/has_log_monitoring_privileges.ts | 9 +- .../server/lib/api_key/monitoring_config.ts | 17 - .../server/lib/api_key/privileges.ts | 26 + .../server/routes/kubernetes/route.ts | 4 +- .../authentication.ts | 6 +- 14 files changed, 351 insertions(+), 581 deletions(-) create mode 100644 x-pack/plugins/observability_solution/observability_onboarding/public/assets/ruby.svg delete mode 100644 x-pack/plugins/observability_solution/observability_onboarding/server/lib/api_key/monitoring_config.ts create mode 100644 x-pack/plugins/observability_solution/observability_onboarding/server/lib/api_key/privileges.ts diff --git a/x-pack/plugins/observability_solution/observability_onboarding/public/application/onboarding_flow_form/onboarding_flow_form.tsx b/x-pack/plugins/observability_solution/observability_onboarding/public/application/onboarding_flow_form/onboarding_flow_form.tsx index 01a1e066c4ddb..9a46cf885b285 100644 --- a/x-pack/plugins/observability_solution/observability_onboarding/public/application/onboarding_flow_form/onboarding_flow_form.tsx +++ b/x-pack/plugins/observability_solution/observability_onboarding/public/application/onboarding_flow_form/onboarding_flow_form.tsx @@ -56,7 +56,7 @@ export const OnboardingFlowForm: FunctionComponent = () => { 'Monitor your host and the services running on it, set-up SLO, get alerted, remediate performance issues', } ), - logos: ['kubernetes', 'opentelemetry', 'apache', 'mysql'], + logos: ['opentelemetry', 'apache', 'mysql'], }, { id: 'kubernetes', @@ -86,7 +86,7 @@ export const OnboardingFlowForm: FunctionComponent = () => { 'Monitor the frontend and backend application that you have developed, set-up synthetic monitors', } ), - logos: ['opentelemetry', 'java', 'javascript', 'dotnet'], + logos: ['opentelemetry', 'java', 'ruby', 'dotnet'], }, { id: 'cloud', diff --git a/x-pack/plugins/observability_solution/observability_onboarding/public/application/onboarding_flow_form/use_custom_cards_for_category.tsx b/x-pack/plugins/observability_solution/observability_onboarding/public/application/onboarding_flow_form/use_custom_cards_for_category.tsx index 4910f6de28904..f7b32f4d62fea 100644 --- a/x-pack/plugins/observability_solution/observability_onboarding/public/application/onboarding_flow_form/use_custom_cards_for_category.tsx +++ b/x-pack/plugins/observability_solution/observability_onboarding/public/application/onboarding_flow_form/use_custom_cards_for_category.tsx @@ -33,6 +33,10 @@ export function useCustomCardsForCategory( const { href: autoDetectUrl } = reactRouterNavigate(history, `/auto-detect/${location.search}`); const { href: otelLogsUrl } = reactRouterNavigate(history, `/otel-logs/${location.search}`); const { href: kubernetesUrl } = reactRouterNavigate(history, `/kubernetes/${location.search}`); + const { href: otelKubernetesUrl } = reactRouterNavigate( + history, + `/otel-kubernetes/${location.search}` + ); const apmUrl = `${getUrlForApp?.('apm')}/${isServerless ? 'onboarding' : 'tutorial'}`; const otelApmUrl = isServerless ? `${apmUrl}?agent=openTelemetry` : apmUrl; @@ -44,9 +48,14 @@ export function useCustomCardsForCategory( id: 'auto-detect-logs', name: 'auto-detect-logs-virtual', type: 'virtual', - title: 'Auto-detect Integrations with Elastic Agent', + title: i18n.translate( + 'xpack.observability_onboarding.useCustomCardsForCategory.autoDetectTitle', + { + defaultMessage: 'Auto-detect Integrations with Elastic Agent', + } + ), description: i18n.translate( - 'xpack.observability_onboarding.useCustomCardsForCategory.scanYourHostForLabel', + 'xpack.observability_onboarding.useCustomCardsForCategory.autoDetectDescription', { defaultMessage: 'Scan your host for log and metric files, auto-install integrations', } @@ -75,8 +84,19 @@ export function useCustomCardsForCategory( id: 'otel-logs', name: 'custom-logs-virtual', type: 'virtual', - title: 'Elastic Distribution for OTel Collector', - description: 'Collect logs and host metrics using the Elastic Distro for OTel Collector ', + title: i18n.translate( + 'xpack.observability_onboarding.useCustomCardsForCategory.logsOtelTitle', + { + defaultMessage: 'Host monitoring with EDOT Collector', + } + ), + description: i18n.translate( + 'xpack.observability_onboarding.useCustomCardsForCategory.logsOtelDescription', + { + defaultMessage: + 'Collect logs and host metrics with the Elastic Distro for OTel Collector', + } + ), extraLabelsBadges: [ @@ -105,8 +125,19 @@ export function useCustomCardsForCategory( id: 'kubernetes-quick-start', name: 'kubernetes-quick-start', type: 'virtual', - title: 'Elastic Agent', - description: 'Monitor your Kubernetes cluster with Elastic Agent, collect container logs', + title: i18n.translate( + 'xpack.observability_onboarding.useCustomCardsForCategory.kubernetesTitle', + { + defaultMessage: 'Kubernetes monitoring with Elastic Agent', + } + ), + description: i18n.translate( + 'xpack.observability_onboarding.useCustomCardsForCategory.kubernetesDescription', + { + defaultMessage: + 'Monitor your Kubernetes cluster with Elastic Agent, collect container logs', + } + ), extraLabelsBadges: [ @@ -125,11 +156,22 @@ export function useCustomCardsForCategory( isQuickstart: true, }, { - id: 'otel-logs', - name: 'custom-logs-virtual', + id: 'otel-kubernetes', + name: 'otel-kubernetes-virtual', type: 'virtual', - title: 'Elastic Distribution for OTel Collector', - description: 'Collect logs, metrics and traces for Kubernetes cluster monitoring', + title: i18n.translate( + 'xpack.observability_onboarding.useCustomCardsForCategory.kubernetesOtelTitle', + { + defaultMessage: 'Kubernetes monitoring with EDOT Collector', + } + ), + description: i18n.translate( + 'xpack.observability_onboarding.useCustomCardsForCategory.kubernetesOtelDescription', + { + defaultMessage: + 'Unified Kubernetes observability with Elastic Distro for OTel Collector', + } + ), extraLabelsBadges: [ @@ -142,9 +184,10 @@ export function useCustomCardsForCategory( src: http?.staticAssets.getPluginAssetHref('opentelemetry.svg') ?? '', }, ], - url: otelLogsUrl, + url: isServerless ? otelLogsUrl : otelKubernetesUrl, version: '', integration: '', + isQuickstart: !isServerless, }, ]; @@ -153,8 +196,18 @@ export function useCustomCardsForCategory( { id: 'apm-virtual', type: 'virtual', - title: 'Elastic APM', - description: 'Collect distributed traces from your applications with Elastic APM', + title: i18n.translate( + 'xpack.observability_onboarding.useCustomCardsForCategory.apmTitle', + { + defaultMessage: 'Elastic APM', + } + ), + description: i18n.translate( + 'xpack.observability_onboarding.useCustomCardsForCategory.apmDescription', + { + defaultMessage: 'Collect distributed traces from your applications with Elastic APM', + } + ), name: 'apm', categories: ['observability'], icons: [ @@ -170,8 +223,18 @@ export function useCustomCardsForCategory( { id: 'otel-virtual', type: 'virtual', - title: 'OpenTelemetry', - description: 'Collect distributed traces with OpenTelemetry', + title: i18n.translate( + 'xpack.observability_onboarding.useCustomCardsForCategory.apmOtelTitle', + { + defaultMessage: 'OpenTelemetry', + } + ), + description: i18n.translate( + 'xpack.observability_onboarding.useCustomCardsForCategory.apmOtelDescription', + { + defaultMessage: 'Collect distributed traces with OpenTelemetry', + } + ), name: 'otel', categories: ['observability'], icons: [ @@ -187,8 +250,18 @@ export function useCustomCardsForCategory( { id: 'synthetics-virtual', type: 'virtual', - title: 'Synthetic monitor', - description: 'Monitor endpoints, pages, and user journeys', + title: i18n.translate( + 'xpack.observability_onboarding.useCustomCardsForCategory.syntheticsTitle', + { + defaultMessage: 'Synthetic monitor', + } + ), + description: i18n.translate( + 'xpack.observability_onboarding.useCustomCardsForCategory.syntheticsDescription', + { + defaultMessage: 'Monitor endpoints, pages, and user journeys', + } + ), name: 'synthetics', categories: ['observability'], icons: [ @@ -208,8 +281,18 @@ export function useCustomCardsForCategory( { id: 'azure-logs-virtual', type: 'virtual', - title: 'Azure', - description: 'Collect logs from Microsoft Azure', + title: i18n.translate( + 'xpack.observability_onboarding.useCustomCardsForCategory.azureTitle', + { + defaultMessage: 'Azure', + } + ), + description: i18n.translate( + 'xpack.observability_onboarding.useCustomCardsForCategory.azureDescription', + { + defaultMessage: 'Collect logs from Microsoft Azure', + } + ), name: 'azure', categories: ['observability'], icons: [], @@ -222,8 +305,18 @@ export function useCustomCardsForCategory( { id: 'aws-logs-virtual', type: 'virtual', - title: 'AWS', - description: 'Collect logs from Amazon Web Services (AWS)', + title: i18n.translate( + 'xpack.observability_onboarding.useCustomCardsForCategory.awsTitle', + { + defaultMessage: 'AWS', + } + ), + description: i18n.translate( + 'xpack.observability_onboarding.useCustomCardsForCategory.awsDescription', + { + defaultMessage: 'Collect logs from Amazon Web Services (AWS)', + } + ), name: 'aws', categories: ['observability'], icons: [], @@ -236,8 +329,18 @@ export function useCustomCardsForCategory( { id: 'gcp-logs-virtual', type: 'virtual', - title: 'Google Cloud Platform', - description: 'Collect logs from Google Cloud Platform', + title: i18n.translate( + 'xpack.observability_onboarding.useCustomCardsForCategory.gcpTitle', + { + defaultMessage: 'Google Cloud Platform', + } + ), + description: i18n.translate( + 'xpack.observability_onboarding.useCustomCardsForCategory.gcpDescription', + { + defaultMessage: 'Collect logs from Google Cloud Platform', + } + ), name: 'gcp', categories: ['observability'], icons: [], diff --git a/x-pack/plugins/observability_solution/observability_onboarding/public/application/quickstart_flows/otel_kubernetes/otel_kubernetes_panel.tsx b/x-pack/plugins/observability_solution/observability_onboarding/public/application/quickstart_flows/otel_kubernetes/otel_kubernetes_panel.tsx index c745793c47b3a..78b5c4f12a41f 100644 --- a/x-pack/plugins/observability_solution/observability_onboarding/public/application/quickstart_flows/otel_kubernetes/otel_kubernetes_panel.tsx +++ b/x-pack/plugins/observability_solution/observability_onboarding/public/application/quickstart_flows/otel_kubernetes/otel_kubernetes_panel.tsx @@ -30,6 +30,10 @@ import { CopyToClipboardButton } from '../shared/copy_to_clipboard_button'; import { ObservabilityOnboardingContextValue } from '../../../plugin'; import { useKubernetesFlow } from '../kubernetes/use_kubernetes_flow'; +const OTEL_HELM_CHARTS_REPO = 'https://open-telemetry.github.io/opentelemetry-helm-charts'; +const OTEL_KUBE_STACK_VERSION = '0.3.0'; +const OTEL_KUBE_STACK_VALUES_FILE_URL = + 'https://raw.githubusercontent.com/elastic/opentelemetry/refs/heads/main/resources/kubernetes/operator/helm/values.yaml'; const CLUSTER_OVERVIEW_DASHBOARD_ID = 'kubernetes_otel-cluster-overview'; export const OtelKubernetesPanel: React.FC = () => { @@ -48,10 +52,7 @@ export const OtelKubernetesPanel: React.FC = () => { } const namespace = 'opentelemetry-operator-system'; - const valuesFile = - 'https://raw.githubusercontent.com/elastic/opentelemetry/refs/heads/main/resources/kubernetes/operator/helm/values.yaml'; - - const addRepoCommand = `helm repo add open-telemetry 'https://open-telemetry.github.io/opentelemetry-helm-charts' --force-update`; + const addRepoCommand = `helm repo add open-telemetry '${OTEL_HELM_CHARTS_REPO}' --force-update`; const installStackCommand = data ? `kubectl create namespace ${namespace} kubectl create secret generic elastic-secret-otel \\ @@ -60,8 +61,8 @@ kubectl create secret generic elastic-secret-otel \\ --from-literal=elastic_api_key='${data.apiKeyEncoded}' helm install opentelemetry-kube-stack open-telemetry/opentelemetry-kube-stack \\ --namespace ${namespace} \\ - --create-namespace \\ - --values '${valuesFile}'` + --values '${OTEL_KUBE_STACK_VALUES_FILE_URL}' \\ + --version '${OTEL_KUBE_STACK_VERSION}'` : undefined; return ( @@ -143,7 +144,7 @@ helm install opentelemetry-kube-stack open-telemetry/opentelemetry-kube-stack \\ { }, [getDeeplinks]); const installTabContents = [ - { - id: 'kubernetes', - name: 'Kubernetes', - prompt: ( - <> - -

- {i18n.translate( - 'xpack.observability_onboarding.otelLogsPanel.kubernetesApplyCommandPromptLabel', - { - defaultMessage: - 'From the directory where the manifest is downloaded, run the following command to install the collector on every node of your cluster:', - } - )} -

-
- - - ), - firstStepTitle: i18n.translate( - 'xpack.observability_onboarding.otelLogsPanel.steps.downloadManifest', - { defaultMessage: 'Download the manifest:' } - ), - content: `apiVersion: v1 -kind: ServiceAccount -metadata: - name: elastic-otel-collector-agent - namespace: default - labels: - app.kubernetes.io/name: elastic-opentelemetry-collector - app.kubernetes.io/version: "${agentVersion}" ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: elastic-otel-collector-agent - labels: - app.kubernetes.io/name: elastic-opentelemetry-collector - app.kubernetes.io/version: "${agentVersion}" -rules: - - apiGroups: [""] - resources: ["pods", "namespaces", "nodes"] - verbs: ["get", "watch", "list"] - - apiGroups: ["apps"] - resources: ["daemonsets", "deployments", "replicasets", "statefulsets"] - verbs: ["get", "list", "watch"] - - apiGroups: ["extensions"] - resources: ["daemonsets", "deployments", "replicasets"] - verbs: ["get", "list", "watch"] - - apiGroups: [ "" ] - resources: [ "nodes/stats" ] - verbs: [ "get", "watch", "list" ] - - apiGroups: [ "" ] - resources: [ "nodes/proxy" ] - verbs: [ "get" ] - - apiGroups: [ "" ] - resources: ["configmaps"] - verbs: ["get"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: elastic-otel-collector-agent - labels: - app.kubernetes.io/name: elastic-opentelemetry-collector - app.kubernetes.io/version: "${agentVersion}" -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: elastic-otel-collector-agent -subjects: - - kind: ServiceAccount - name: elastic-otel-collector-agent - namespace: default ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: elastic-otel-collector-agent - namespace: default - labels: - app.kubernetes.io/name: elastic-opentelemetry-collector - app.kubernetes.io/version: "${agentVersion}" -data: - otel.yaml: | - exporters: - debug: - verbosity: basic - elasticsearch: - endpoints: - - \${env:ES_ENDPOINT} - api_key: \${env:ES_API_KEY} - logs_dynamic_index: - enabled: true - mapping: - mode: ecs - processors: - elasticinframetrics: - add_system_metrics: true - add_k8s_metrics: true - resourcedetection/eks: - detectors: [env, eks] - timeout: 15s - override: true - eks: - resource_attributes: - k8s.cluster.name: - enabled: true - resourcedetection/gcp: - detectors: [env, gcp] - timeout: 2s - override: false - resource/k8s: - attributes: - - key: service.name - from_attribute: app.label.component - action: insert - attributes/k8s_logs_dataset: - actions: - - key: data_stream.dataset - value: "kubernetes.container_logs" - action: upsert - attributes/dataset: - actions: - - key: event.dataset - from_attribute: data_stream.dataset - action: upsert - resource/cloud: - attributes: - - key: cloud.instance.id - from_attribute: host.id - action: insert - resource/process: - attributes: - - key: process.executable.name - action: delete - - key: process.executable.path - action: delete - resourcedetection/system: - detectors: ["system", "ec2"] - system: - hostname_sources: [ "os" ] - resource_attributes: - host.name: - enabled: true - host.id: - enabled: false - host.arch: - enabled: true - host.ip: - enabled: true - host.mac: - enabled: true - host.cpu.vendor.id: - enabled: true - host.cpu.family: - enabled: true - host.cpu.model.id: - enabled: true - host.cpu.model.name: - enabled: true - host.cpu.stepping: - enabled: true - host.cpu.cache.l2.size: - enabled: true - os.description: - enabled: true - os.type: - enabled: true - ec2: - resource_attributes: - host.name: - enabled: false - host.id: - enabled: true - k8sattributes: - filter: - node_from_env_var: K8S_NODE_NAME - passthrough: false - pod_association: - - sources: - - from: resource_attribute - name: k8s.pod.ip - - sources: - - from: resource_attribute - name: k8s.pod.uid - - sources: - - from: connection - extract: - metadata: - - "k8s.namespace.name" - - "k8s.deployment.name" - - "k8s.statefulset.name" - - "k8s.daemonset.name" - - "k8s.cronjob.name" - - "k8s.job.name" - - "k8s.node.name" - - "k8s.pod.name" - - "k8s.pod.uid" - - "k8s.pod.start_time" - labels: - - tag_name: app.label.component - key: app.kubernetes.io/component - from: pod - extensions: - file_storage: - directory: /var/lib/otelcol - receivers: - filelog: - retry_on_failure: - enabled: true - start_at: end - exclude: - - /var/log/pods/default_elastic-otel-collector-agent*_*/elastic-opentelemetry-collector/*.log - include: - - /var/log/pods/*/*/*.log - include_file_name: false - include_file_path: true - storage: file_storage - operators: - - id: container-parser - type: container - hostmetrics: - collection_interval: 10s - root_path: /hostfs - scrapers: - cpu: - metrics: - system.cpu.utilization: - enabled: true - system.cpu.logical.count: - enabled: true - memory: - metrics: - system.memory.utilization: - enabled: true - process: - mute_process_exe_error: true - mute_process_io_error: true - mute_process_user_error: true - metrics: - process.threads: - enabled: true - process.open_file_descriptors: - enabled: true - process.memory.utilization: - enabled: true - process.disk.operations: - enabled: true - network: - processes: - load: - disk: - filesystem: - exclude_mount_points: - mount_points: - - /dev/* - - /proc/* - - /sys/* - - /run/k3s/containerd/* - - /var/lib/docker/* - - /var/lib/kubelet/* - - /snap/* - match_type: regexp - exclude_fs_types: - fs_types: - - autofs - - binfmt_misc - - bpf - - cgroup2 - - configfs - - debugfs - - devpts - - devtmpfs - - fusectl - - hugetlbfs - - iso9660 - - mqueue - - nsfs - - overlay - - proc - - procfs - - pstore - - rpc_pipefs - - securityfs - - selinuxfs - - squashfs - - sysfs - - tracefs - match_type: strict - kubeletstats: - auth_type: serviceAccount - collection_interval: 20s - endpoint: \${env:K8S_NODE_NAME}:10250 - node: '\${env:K8S_NODE_NAME}' - # Required to work for all CSPs without an issue - insecure_skip_verify: true - k8s_api_config: - auth_type: serviceAccount - metrics: - k8s.pod.cpu.node.utilization: - enabled: true - k8s.container.cpu_limit_utilization: - enabled: true - k8s.pod.cpu_limit_utilization: - enabled: true - k8s.container.cpu_request_utilization: - enabled: true - k8s.container.memory_limit_utilization: - enabled: true - k8s.pod.memory_limit_utilization: - enabled: true - k8s.container.memory_request_utilization: - enabled: true - k8s.node.uptime: - enabled: true - k8s.node.cpu.usage: - enabled: true - k8s.pod.cpu.usage: - enabled: true - extra_metadata_labels: - - container.id - - service: - extensions: [file_storage] - pipelines: - logs: - exporters: - - elasticsearch - - debug - processors: - - k8sattributes - - resourcedetection/system - - resourcedetection/eks - - resourcedetection/gcp - - resource/k8s - - resource/cloud - - attributes/k8s_logs_dataset - receivers: - - filelog - metrics: - exporters: - - debug - - elasticsearch - processors: - - k8sattributes - - elasticinframetrics - - resourcedetection/system - - resourcedetection/eks - - resourcedetection/gcp - - resource/k8s - - resource/cloud - - attributes/dataset - - resource/process - receivers: - - kubeletstats - - hostmetrics ---- -apiVersion: apps/v1 -kind: DaemonSet -metadata: - name: elastic-otel-collector-agent - namespace: default - labels: - app.kubernetes.io/name: elastic-opentelemetry-collector - app.kubernetes.io/version: "${agentVersion}" -spec: - selector: - matchLabels: - app.kubernetes.io/name: elastic-opentelemetry-collector - app.kubernetes.io/version: "${agentVersion}" - template: - metadata: - labels: - app.kubernetes.io/name: elastic-opentelemetry-collector - app.kubernetes.io/version: "${agentVersion}" - spec: - serviceAccountName: elastic-otel-collector-agent - securityContext: - runAsUser: 0 - runAsGroup: 0 - hostNetwork: true - dnsPolicy: ClusterFirstWithHostNet - containers: - - name: elastic-opentelemetry-collector - command: [/usr/share/elastic-agent/elastic-agent] - args: ["otel", "-c", "/etc/elastic-agent/otel.yaml"] - image: docker.elastic.co/beats/elastic-agent:${agentVersion} - imagePullPolicy: IfNotPresent - env: - - name: MY_POD_IP - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: status.podIP - - name: K8S_NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - - name: ES_ENDPOINT - valueFrom: - secretKeyRef: - key: es_endpoint - name: elastic-secret-otel - - name: ES_API_KEY - valueFrom: - secretKeyRef: - key: es_api_key - name: elastic-secret-otel - volumeMounts: - - mountPath: /etc/elastic-agent/otel.yaml - name: opentelemetry-collector-configmap - readOnly: true - subPath: otel.yaml - - name: varlogpods - mountPath: /var/log/pods - readOnly: true - - name: varlibdockercontainers - mountPath: /var/lib/docker/containers - readOnly: true - - name: varlibotelcol - mountPath: /var/lib/otelcol - - name: hostfs - mountPath: /hostfs - readOnly: true - mountPropagation: HostToContainer - - volumes: - - name: opentelemetry-collector-configmap - configMap: - name: elastic-otel-collector-agent - defaultMode: 0640 - - name: varlogpods - hostPath: - path: /var/log/pods - - name: varlibdockercontainers - hostPath: - path: /var/lib/docker/containers - - name: varlibotelcol - hostPath: - path: /var/lib/otelcol - type: DirectoryOrCreate - - name: hostfs - hostPath: - path: /`, - type: 'download', - fileName: 'otel-collector-k8s.yml', - }, { id: 'linux', name: 'Linux', @@ -613,39 +161,20 @@ rm ./otel.yml && cp ./otel_samples/platformlogs_hostmetrics.yml ./otel.yml && mk
- {selectedContent.type === 'download' ? ( - - {i18n.translate( - 'xpack.observability_onboarding.installOtelCollector.configStep.downloadConfigButton', - { defaultMessage: 'Download manifest' } - )} - - ) : ( - - {(copy) => ( - - {i18n.translate( - 'xpack.observability_onboarding.installOtelCollector.configStep.copyCommand', - { defaultMessage: 'Copy to clipboard' } - )} - - )} - - )} + + {(copy) => ( + + {i18n.translate( + 'xpack.observability_onboarding.installOtelCollector.configStep.copyCommand', + { defaultMessage: 'Copy to clipboard' } + )} + + )} + @@ -673,35 +202,28 @@ rm ./otel.yml && cp ./otel_samples/platformlogs_hostmetrics.yml ./otel.yml && mk } )}

- {selectedTab !== 'kubernetes' && ( -

- {i18n.translate( - 'xpack.observability_onboarding.otelLogsPanel.historicalDataDescription2', - { - defaultMessage: - 'The default log path is /var/log/*. You can change this path in the otel.yml file if needed.', - } - )} -

- )} +

+ {i18n.translate( + 'xpack.observability_onboarding.otelLogsPanel.historicalDataDescription2', + { + defaultMessage: + 'The default log path is /var/log/*. You can change this path in the otel.yml file if needed.', + } + )} +

- {selectedContent.prompt} - {selectedContent.start && ( - <> - -

- {i18n.translate( - 'xpack.observability_onboarding.otelLogsPanel.p.startTheCollectorLabel', - { - defaultMessage: 'Run the following command to start the collector', - } - )} -

-
- - - )} + +

+ {i18n.translate( + 'xpack.observability_onboarding.otelLogsPanel.p.startTheCollectorLabel', + { + defaultMessage: 'Run the following command to start the collector', + } + )} +

+
+ ), }, diff --git a/x-pack/plugins/observability_solution/observability_onboarding/public/application/shared/logo_icon.tsx b/x-pack/plugins/observability_solution/observability_onboarding/public/application/shared/logo_icon.tsx index bd95473c15617..9efba65d1c299 100644 --- a/x-pack/plugins/observability_solution/observability_onboarding/public/application/shared/logo_icon.tsx +++ b/x-pack/plugins/observability_solution/observability_onboarding/public/application/shared/logo_icon.tsx @@ -27,6 +27,7 @@ export type SupportedLogo = | 'mysql' | 'postgresql' | 'redis' + | 'ruby' | 'haproxy' | 'rabbitmq' | 'kafka' @@ -54,6 +55,7 @@ export function isSupportedLogo(logo: string): logo is SupportedLogo { 'mysql', 'postgresql', 'redis', + 'ruby', 'haproxy', 'rabbitmq', 'kafka', diff --git a/x-pack/plugins/observability_solution/observability_onboarding/public/assets/java.svg b/x-pack/plugins/observability_solution/observability_onboarding/public/assets/java.svg index 943e009ec8dfe..73e5416d10c73 100644 --- a/x-pack/plugins/observability_solution/observability_onboarding/public/assets/java.svg +++ b/x-pack/plugins/observability_solution/observability_onboarding/public/assets/java.svg @@ -1,3 +1,7 @@ - - + + + + + + diff --git a/x-pack/plugins/observability_solution/observability_onboarding/public/assets/ruby.svg b/x-pack/plugins/observability_solution/observability_onboarding/public/assets/ruby.svg new file mode 100644 index 0000000000000..22398b4d03641 --- /dev/null +++ b/x-pack/plugins/observability_solution/observability_onboarding/public/assets/ruby.svg @@ -0,0 +1,130 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/x-pack/plugins/observability_solution/observability_onboarding/server/lib/api_key/create_install_api_key.ts b/x-pack/plugins/observability_solution/observability_onboarding/server/lib/api_key/create_install_api_key.ts index eddc5e10b5c65..3a5680b499055 100644 --- a/x-pack/plugins/observability_solution/observability_onboarding/server/lib/api_key/create_install_api_key.ts +++ b/x-pack/plugins/observability_solution/observability_onboarding/server/lib/api_key/create_install_api_key.ts @@ -21,10 +21,7 @@ export function createInstallApiKey(name: string): CreateAPIKeyParams { }, kibana_role_descriptors: { can_install_integrations: { - elasticsearch: { - cluster: [], - indices: [], - }, + elasticsearch: {}, kibana: [ { feature: { diff --git a/x-pack/plugins/observability_solution/observability_onboarding/server/lib/api_key/create_shipper_api_key.ts b/x-pack/plugins/observability_solution/observability_onboarding/server/lib/api_key/create_shipper_api_key.ts index 942ebdbbd07cd..bdfdd202a962e 100644 --- a/x-pack/plugins/observability_solution/observability_onboarding/server/lib/api_key/create_shipper_api_key.ts +++ b/x-pack/plugins/observability_solution/observability_onboarding/server/lib/api_key/create_shipper_api_key.ts @@ -6,9 +6,9 @@ */ import { ElasticsearchClient } from '@kbn/core/server'; -import { cluster, indices } from './monitoring_config'; +import { MONITOR_CLUSTER, INDEX_LOGS_AND_METRICS, WRITE_APM_EVENTS } from './privileges'; -export function createShipperApiKey(esClient: ElasticsearchClient, name: string) { +export function createShipperApiKey(esClient: ElasticsearchClient, name: string, withAPM = false) { // Based on https://www.elastic.co/guide/en/fleet/master/grant-access-to-elasticsearch.html#create-api-key-standalone-agent return esClient.security.createApiKey({ body: { @@ -19,8 +19,9 @@ export function createShipperApiKey(esClient: ElasticsearchClient, name: string) }, role_descriptors: { standalone_agent: { - cluster, - indices, + cluster: [MONITOR_CLUSTER], + indices: [INDEX_LOGS_AND_METRICS], + applications: withAPM ? [WRITE_APM_EVENTS] : undefined, }, }, }, diff --git a/x-pack/plugins/observability_solution/observability_onboarding/server/lib/api_key/has_log_monitoring_privileges.ts b/x-pack/plugins/observability_solution/observability_onboarding/server/lib/api_key/has_log_monitoring_privileges.ts index a7aec8eefa293..0593a7f761e1e 100644 --- a/x-pack/plugins/observability_solution/observability_onboarding/server/lib/api_key/has_log_monitoring_privileges.ts +++ b/x-pack/plugins/observability_solution/observability_onboarding/server/lib/api_key/has_log_monitoring_privileges.ts @@ -6,13 +6,14 @@ */ import { ElasticsearchClient } from '@kbn/core/server'; -import { cluster, indices } from './monitoring_config'; +import { MONITOR_CLUSTER, INDEX_LOGS_AND_METRICS, WRITE_APM_EVENTS } from './privileges'; -export async function hasLogMonitoringPrivileges(esClient: ElasticsearchClient) { +export async function hasLogMonitoringPrivileges(esClient: ElasticsearchClient, withAPM = false) { const res = await esClient.security.hasPrivileges({ body: { - index: indices, - cluster: [...cluster, 'manage_own_api_key'], + cluster: [MONITOR_CLUSTER, 'manage_own_api_key'], + index: [INDEX_LOGS_AND_METRICS], + application: withAPM ? [WRITE_APM_EVENTS] : undefined, }, }); diff --git a/x-pack/plugins/observability_solution/observability_onboarding/server/lib/api_key/monitoring_config.ts b/x-pack/plugins/observability_solution/observability_onboarding/server/lib/api_key/monitoring_config.ts deleted file mode 100644 index 675dde6f25a4b..0000000000000 --- a/x-pack/plugins/observability_solution/observability_onboarding/server/lib/api_key/monitoring_config.ts +++ /dev/null @@ -1,17 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -export const cluster = ['monitor']; - -export const privileges = ['auto_configure', 'create_doc']; - -export const indices = [ - { - names: ['logs-*-*', 'metrics-*-*'], - privileges, - }, -]; diff --git a/x-pack/plugins/observability_solution/observability_onboarding/server/lib/api_key/privileges.ts b/x-pack/plugins/observability_solution/observability_onboarding/server/lib/api_key/privileges.ts new file mode 100644 index 0000000000000..7c3b5999842bd --- /dev/null +++ b/x-pack/plugins/observability_solution/observability_onboarding/server/lib/api_key/privileges.ts @@ -0,0 +1,26 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { estypes } from '@elastic/elasticsearch'; + +/** + * Grants all cluster read-only operations, like cluster health and state, hot threads, node info, node and cluster stats, and pending cluster tasks. + */ +export const MONITOR_CLUSTER: estypes.SecurityClusterPrivilege = 'monitor'; + +// https://www.elastic.co/guide/en/fleet/master/grant-access-to-elasticsearch.html#create-api-key-standalone-agent +export const INDEX_LOGS_AND_METRICS: estypes.SecurityIndicesPrivileges = { + names: ['logs-*-*', 'metrics-*-*'], + privileges: ['auto_configure', 'create_doc'], +}; + +// https://www.elastic.co/guide/en/observability/master/apm-api-key.html#apm-create-api-key-workflow-es +export const WRITE_APM_EVENTS: estypes.SecurityApplicationPrivileges = { + application: 'apm', + privileges: ['event:write', 'config_agent:read'], + resources: ['*'], +}; diff --git a/x-pack/plugins/observability_solution/observability_onboarding/server/routes/kubernetes/route.ts b/x-pack/plugins/observability_solution/observability_onboarding/server/routes/kubernetes/route.ts index 33a501bd184b9..691c28f5a14e6 100644 --- a/x-pack/plugins/observability_solution/observability_onboarding/server/routes/kubernetes/route.ts +++ b/x-pack/plugins/observability_solution/observability_onboarding/server/routes/kubernetes/route.ts @@ -45,7 +45,7 @@ const createKubernetesOnboardingFlowRoute = createObservabilityOnboardingServerR elasticsearch: { client }, } = await context.core; - const hasPrivileges = await hasLogMonitoringPrivileges(client.asCurrentUser); + const hasPrivileges = await hasLogMonitoringPrivileges(client.asCurrentUser, true); if (!hasPrivileges) { throw Boom.forbidden( @@ -57,7 +57,7 @@ const createKubernetesOnboardingFlowRoute = createObservabilityOnboardingServerR const packageClient = fleetPluginStart.packageService.asScoped(request); const [{ encoded: apiKeyEncoded }, elasticAgentVersion] = await Promise.all([ - createShipperApiKey(client.asCurrentUser, 'kubernetes_onboarding'), + createShipperApiKey(client.asCurrentUser, `${params.body.pkgName}_onboarding`, true), getAgentVersion(fleetPluginStart, kibanaVersion), // System package is always required packageClient.ensureInstalledPackage({ pkgName: 'system' }), diff --git a/x-pack/plugins/observability_solution/observability_onboarding/server/test_helpers/create_observability_onboarding_users/authentication.ts b/x-pack/plugins/observability_solution/observability_onboarding/server/test_helpers/create_observability_onboarding_users/authentication.ts index 340f0cb615651..eafcc5a2e92c6 100644 --- a/x-pack/plugins/observability_solution/observability_onboarding/server/test_helpers/create_observability_onboarding_users/authentication.ts +++ b/x-pack/plugins/observability_solution/observability_onboarding/server/test_helpers/create_observability_onboarding_users/authentication.ts @@ -5,7 +5,7 @@ * 2.0. */ -import { cluster, indices } from '../../lib/api_key/monitoring_config'; +import { MONITOR_CLUSTER, INDEX_LOGS_AND_METRICS } from '../../lib/api_key/privileges'; export enum ObservabilityOnboardingUsername { noAccessUser = 'no_access_user', @@ -21,8 +21,8 @@ export enum ObservabilityOnboardingCustomRolename { export const customRoles = { [ObservabilityOnboardingCustomRolename.logMonitoringUser]: { elasticsearch: { - cluster: [...cluster, 'manage_own_api_key'], - indices, + cluster: [MONITOR_CLUSTER, 'manage_own_api_key'], + indices: [INDEX_LOGS_AND_METRICS], }, }, }; From 101590332ca310c82bcef9e751a44688dffbd179 Mon Sep 17 00:00:00 2001 From: Thom Heymann Date: Wed, 16 Oct 2024 13:11:22 +0100 Subject: [PATCH 2/4] Show card on serverless --- .../onboarding_flow_form/use_custom_cards_for_category.tsx | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/x-pack/plugins/observability_solution/observability_onboarding/public/application/onboarding_flow_form/use_custom_cards_for_category.tsx b/x-pack/plugins/observability_solution/observability_onboarding/public/application/onboarding_flow_form/use_custom_cards_for_category.tsx index f7b32f4d62fea..10b2c52e441ee 100644 --- a/x-pack/plugins/observability_solution/observability_onboarding/public/application/onboarding_flow_form/use_custom_cards_for_category.tsx +++ b/x-pack/plugins/observability_solution/observability_onboarding/public/application/onboarding_flow_form/use_custom_cards_for_category.tsx @@ -184,10 +184,10 @@ export function useCustomCardsForCategory( src: http?.staticAssets.getPluginAssetHref('opentelemetry.svg') ?? '', }, ], - url: isServerless ? otelLogsUrl : otelKubernetesUrl, + url: otelKubernetesUrl, version: '', integration: '', - isQuickstart: !isServerless, + isQuickstart: true, }, ]; From 8b5360a79fe15166df8a7d7afae546e78d61c8d2 Mon Sep 17 00:00:00 2001 From: Thom Heymann Date: Wed, 16 Oct 2024 13:25:02 +0100 Subject: [PATCH 3/4] . --- x-pack/plugins/translations/translations/fr-FR.json | 5 +---- x-pack/plugins/translations/translations/ja-JP.json | 5 +---- x-pack/plugins/translations/translations/zh-CN.json | 5 +---- 3 files changed, 3 insertions(+), 12 deletions(-) diff --git a/x-pack/plugins/translations/translations/fr-FR.json b/x-pack/plugins/translations/translations/fr-FR.json index d2c35721fdddb..2ee2b8fce8879 100644 --- a/x-pack/plugins/translations/translations/fr-FR.json +++ b/x-pack/plugins/translations/translations/fr-FR.json @@ -32021,7 +32021,6 @@ "xpack.observability_onboarding.installElasticAgent.troubleshooting": "Résolution des problèmes", "xpack.observability_onboarding.installIntegration.error.unauthorized": "Le privilège Kibana {requiredKibanaPrivileges} requis est manquant. Veuillez ajouter le privilège requis au rôle de l'utilisateur authentifié.", "xpack.observability_onboarding.installOtelCollector.configStep.copyCommand": "Copier dans le presse-papiers", - "xpack.observability_onboarding.installOtelCollector.configStep.downloadConfigButton": "Télécharger le manifeste", "xpack.observability_onboarding.otelLogs.status.failed": "Échec de l'installation de l'intégration", "xpack.observability_onboarding.otelLogs.status.failedDetails": "Les données entrantes peuvent ne pas être indexées correctement. Détails :", "xpack.observability_onboarding.otelLogsPanel.choosePlatform": "Choisissez une plateforme", @@ -32032,11 +32031,9 @@ "xpack.observability_onboarding.otelLogsPanel.feedbackButtons.title": "Donner un retour", "xpack.observability_onboarding.otelLogsPanel.historicalDataDescription": "Les nouveaux messages de log sont collectés à partir de la configuration.", "xpack.observability_onboarding.otelLogsPanel.historicalDataDescription2": "Le chemin des logs par défaut est /var/log/*. Vous pouvez si nécessaire modifier ce chemin dans le fichier otel.yml.", - "xpack.observability_onboarding.otelLogsPanel.kubernetesApplyCommandPromptLabel": "À partir du répertoire où le manifeste est téléchargé, exécutez la commande suivante pour installer le collecteur sur chaque nœud de votre cluster :", "xpack.observability_onboarding.otelLogsPanel.limitationTitle": "Informations sur la configuration", "xpack.observability_onboarding.otelLogsPanel.p.runTheCommandOnYourHostLabel": "Exécutez la commande suivante sur votre hôte pour télécharger et configurer le collecteur.", "xpack.observability_onboarding.otelLogsPanel.p.startTheCollectorLabel": "Exécutez la commande suivante pour lancer le collecteur", - "xpack.observability_onboarding.otelLogsPanel.steps.downloadManifest": "Télécharger le manifeste :", "xpack.observability_onboarding.otelLogsPanel.steps.platform": "Sélectionnez votre plateforme", "xpack.observability_onboarding.otelLogsPanel.steps.start": "Lancez le collecteur", "xpack.observability_onboarding.otelLogsPanel.techPreviewBadge.label": "Version d'évaluation technique", @@ -47509,4 +47506,4 @@ "xpack.watcher.watchEdit.thresholdWatchExpression.aggType.fieldIsRequiredValidationMessage": "Ce champ est requis.", "xpack.watcher.watcherDescription": "Détectez les modifications survenant dans vos données en créant, gérant et monitorant des alertes." } -} +} \ No newline at end of file diff --git a/x-pack/plugins/translations/translations/ja-JP.json b/x-pack/plugins/translations/translations/ja-JP.json index bc4f0b3f6cf1a..1a5fb75c723a9 100644 --- a/x-pack/plugins/translations/translations/ja-JP.json +++ b/x-pack/plugins/translations/translations/ja-JP.json @@ -31766,7 +31766,6 @@ "xpack.observability_onboarding.installElasticAgent.troubleshooting": "トラブルシューティング", "xpack.observability_onboarding.installIntegration.error.unauthorized": "必要なkibana権限{requiredKibanaPrivileges}がありません。認証されたユーザーのロールに必要な権限を追加してください。", "xpack.observability_onboarding.installOtelCollector.configStep.copyCommand": "クリップボードにコピー", - "xpack.observability_onboarding.installOtelCollector.configStep.downloadConfigButton": "マニフェストのダウンロード", "xpack.observability_onboarding.otelLogs.status.failed": "統合のインストールに失敗しました", "xpack.observability_onboarding.otelLogs.status.failedDetails": "受信データは正しくインデックス化されていない可能性があります。詳細:", "xpack.observability_onboarding.otelLogsPanel.choosePlatform": "プラットフォームを選択", @@ -31777,11 +31776,9 @@ "xpack.observability_onboarding.otelLogsPanel.feedbackButtons.title": "フィードバックを作成する", "xpack.observability_onboarding.otelLogsPanel.historicalDataDescription": "今後、新しいログメッセージはセットアップから収集されます。", "xpack.observability_onboarding.otelLogsPanel.historicalDataDescription2": "デフォルトのログのパスは/var/log/*です。必要に応じて、otel.ymlファイルでこのパスを変更できます。", - "xpack.observability_onboarding.otelLogsPanel.kubernetesApplyCommandPromptLabel": "マニフェストがダウンロードされるディレクトリから、次のコマンドを実行し、クラスターのすべてのノードでコレクターをインストールします。", "xpack.observability_onboarding.otelLogsPanel.limitationTitle": "構成情報", "xpack.observability_onboarding.otelLogsPanel.p.runTheCommandOnYourHostLabel": "ホストで次のコマンドを実行して、コレクターをダウンロード、構成します。", "xpack.observability_onboarding.otelLogsPanel.p.startTheCollectorLabel": "コレクターを開始するには、次のコマンドを実行してください", - "xpack.observability_onboarding.otelLogsPanel.steps.downloadManifest": "マニフェストをダウンロード:", "xpack.observability_onboarding.otelLogsPanel.steps.platform": "プラットフォームを選択", "xpack.observability_onboarding.otelLogsPanel.steps.start": "コレクターを開始", "xpack.observability_onboarding.otelLogsPanel.techPreviewBadge.label": "テクニカルプレビュー", @@ -47247,4 +47244,4 @@ "xpack.watcher.watchEdit.thresholdWatchExpression.aggType.fieldIsRequiredValidationMessage": "フィールドを選択してください。", "xpack.watcher.watcherDescription": "アラートの作成、管理、監視によりデータへの変更を検知します。" } -} +} \ No newline at end of file diff --git a/x-pack/plugins/translations/translations/zh-CN.json b/x-pack/plugins/translations/translations/zh-CN.json index e018909babf64..c0c74a821050e 100644 --- a/x-pack/plugins/translations/translations/zh-CN.json +++ b/x-pack/plugins/translations/translations/zh-CN.json @@ -31808,7 +31808,6 @@ "xpack.observability_onboarding.installElasticAgent.troubleshooting": "故障排除", "xpack.observability_onboarding.installIntegration.error.unauthorized": "缺失所需的 Kibana 权限 {requiredKibanaPrivileges},请将所需权限添加到已通过身份验证的用户的角色。", "xpack.observability_onboarding.installOtelCollector.configStep.copyCommand": "复制到剪贴板", - "xpack.observability_onboarding.installOtelCollector.configStep.downloadConfigButton": "下载清单", "xpack.observability_onboarding.otelLogs.status.failed": "集成安装失败", "xpack.observability_onboarding.otelLogs.status.failedDetails": "传入数据可能未正确索引。详情:", "xpack.observability_onboarding.otelLogsPanel.choosePlatform": "选择平台", @@ -31819,11 +31818,9 @@ "xpack.observability_onboarding.otelLogsPanel.feedbackButtons.title": "反馈", "xpack.observability_onboarding.otelLogsPanel.historicalDataDescription": "将从设置完成后收集新的日志消息。", "xpack.observability_onboarding.otelLogsPanel.historicalDataDescription2": "默认日志路径为 /var/log/*。如果需要,可以在 otel.yml 文件中更改此路径。", - "xpack.observability_onboarding.otelLogsPanel.kubernetesApplyCommandPromptLabel": "从下载清单的目录中,运行以下命令以在您集群的每个节点上安装收集器:", "xpack.observability_onboarding.otelLogsPanel.limitationTitle": "配置信息", "xpack.observability_onboarding.otelLogsPanel.p.runTheCommandOnYourHostLabel": "在您的主机上运行以下命令,以下载和配置收集器。", "xpack.observability_onboarding.otelLogsPanel.p.startTheCollectorLabel": "运行以下命令以启动收集器", - "xpack.observability_onboarding.otelLogsPanel.steps.downloadManifest": "下载清单:", "xpack.observability_onboarding.otelLogsPanel.steps.platform": "选择平台", "xpack.observability_onboarding.otelLogsPanel.steps.start": "启动收集器", "xpack.observability_onboarding.otelLogsPanel.techPreviewBadge.label": "技术预览", @@ -47300,4 +47297,4 @@ "xpack.watcher.watchEdit.thresholdWatchExpression.aggType.fieldIsRequiredValidationMessage": "此字段必填。", "xpack.watcher.watcherDescription": "通过创建、管理和监测警报来检测数据中的更改。" } -} +} \ No newline at end of file From 32159c2f7e84be98be222af34f0af4d4859a9e8a Mon Sep 17 00:00:00 2001 From: Thom Heymann Date: Wed, 16 Oct 2024 16:25:25 +0100 Subject: [PATCH 4/4] . --- .../quickstart_flows/otel_kubernetes/otel_kubernetes_panel.tsx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/x-pack/plugins/observability_solution/observability_onboarding/public/application/quickstart_flows/otel_kubernetes/otel_kubernetes_panel.tsx b/x-pack/plugins/observability_solution/observability_onboarding/public/application/quickstart_flows/otel_kubernetes/otel_kubernetes_panel.tsx index 78b5c4f12a41f..9d3e07cc2f612 100644 --- a/x-pack/plugins/observability_solution/observability_onboarding/public/application/quickstart_flows/otel_kubernetes/otel_kubernetes_panel.tsx +++ b/x-pack/plugins/observability_solution/observability_onboarding/public/application/quickstart_flows/otel_kubernetes/otel_kubernetes_panel.tsx @@ -228,7 +228,7 @@ spec: