kubernetes deployment - user-defined persistent volumes #174

mmguero · 2023-03-29T20:39:09Z

Sub-issue of #149

while we're testing with some local nfs volumes, the user will need to define whatever kind of persistentvolume backing storage as they want. I'm not sure the best way to do this. My guess is that the easiest thing to do will be to require them to create and populate the contents of that 01-volumes.yml file themselves, and that they must define, using the same names, the volumes and volume claims in that example. Then those can get created and we can use them by those names.

The text was updated successfully, but these errors were encountered:

…rting

…mple

mmguero · 2023-04-24T21:16:46Z

Here's what's going in the docs for this issue. We're just going to require the user to create it:

Malcolm requires persistent storage to be configured for its configuration and data files. There are various implementations for provisioning PersistentVolume resources using storage classes. Regardless of the types of storage underlying the PersistentVolumes, Malcolm requires the following PersistentVolumeClaims to be defined in the malcolm namespace:

config-claim - storage for configuration files
opensearch-backup-claim - storage for OpenSearch snapshots (if using a local OpenSearch instance)
opensearch-claim - storage for OpenSearch indices (if using a local OpenSearch instance)
pcap-claim - storage for PCAP artifacts
runtime-logs-claim - storage for runtime logs for some containers (e.g., nginx, Arkime)
suricata-claim - storage for Suricata logs
zeek-claim - storage for Zeek logs and files extracted by Zeek

An example of how these PersistentVolume and PersistentVolumeClaim objects could be defined in the kubernetes/01-volumes.yml.example manifest file. Before running Malcolm, copy the 01-volumes.yml.example file to 01-volumes.yml and modify (or replace) its contents to define your PersistentVolumeClaim objects.

If you attempt to start Malcolm without these PersistentVolumeClaims defined in a YAML file in Malcolm's ./kubernetes/ directory, you'll get an error like this:

$ ./scripts/start -f /path/to/kubeconfig.yml
Exception: Storage objects required by Malcolm are not defined in /home/user/Malcolm/kubernetes: {'PersistentVolumeClaim': ['pcap-claim', 'zeek-claim', 'suricata-claim', 'config-claim', 'runtime-logs-claim', 'opensearch-claim', 'opensearch-backup-claim']}

Malcolm v23.05.0 Malcolm v23.05.0 is a major release with new features, enhancements, component version updates and bug fixes. IMPORTANT NOTE: Malcolm v23.05.0 has completely changed the way it manages its settings: rather than using environment variables found at the top of the `docker-compose.yml` file, it uses environment variables in `.env` files inside of the `config` directory. The locations of a number of configuration files have also changed. It's not recommended to update to Malcolm v23.05.0 from a previous version of Malcolm. Instead, shut down Malcolm, rename your old Malcolm installation directory to something else, and reconfigure Malcolm using `./scripts/configure` and `./scripts/auth_setup`. v23.04.0...v23.05.0 * New features - integrate [ICSNPP-Synchrophasor](https://github.com/cisagov/icsnpp-synchrophasor/) parser (#190) - [End-to-end Malcolm and Hedgehog Linux ISO Installation]((https://idaholab.github.io/Malcolm/docs/malcolm-hedgehog-e2e-iso-install.html#InstallationExample) document (#181) - support Malcolm deployment with Kubernetes (#149) + see [Deploying Malcolm with Kubernetes](https://idaholab.github.io/Malcolm/docs/kubernetes.html#Kubernetes) + This could be considered a "beta" release for Malcolm deployment with Kubernetes, as there is still [some work](https://github.com/idaholab/Malcolm/issues?q=is%3Aissue+is%3Aopen+kubernetes) to be done in this area. Please let us know what issues or suggestions you have via the [issue tracker](https://github.com/idaholab/Malcolm/issues) or via email to [[email protected]](mailto:[email protected]?subject=Malcolm). + contributing issues: * inotify issue (#168) * htadmin/nginx and htpasswd (#169) * opensearch (#170) * uploading large PCAP files (#171) * script consolidation (#172) * documentation (#173) * user-defined persistent volumes (#174) * opensearch keystore (#176) * expose other TCP services (#183) * provide with filebeat access to nginx access and error logs (#186) * use Secrets for some environment variables instead of ConfigMaps (#189) * Enhancements and fixes * remove name-map-ui container (#165) in favor of using NetBox for asset identification * Python script refactoring, consolidation and cleanup * standardization of Docker container entrypoints * create `./scripts/configure` alias for `./scripts/install.py --configure` * Component version updates - Arkime to [v4.3.0](https://github.com/arkime/arkime/blob/fa0db2415bdc109be7a4dd8ee2c2838673980b5f/CHANGELOG#L33-L72) - Capa to [v5.1.0](https://github.com/mandiant/capa/releases/tag/v5.1.0) - Fluent Bit to [v2.1.2](https://fluentbit.io/announcements/v2.1.2/) - NetBox to [v3.5.0](https://github.com/netbox-community/netbox/releases/tag/v3.5.0) - NGINX to [v1.22.1](http://nginx.org/en/CHANGES-1.22) - Supercronic to [v0.2.24](https://github.com/aptible/supercronic/releases/tag/v0.2.24) - Suricata to [v6.0.10](https://suricata.io/2023/01/31/suricata-6-0-10-released/) - Yara to [v4.3.0](https://github.com/VirusTotal/yara/releases/tag/v4.3.0) - Zeek to [v5.2.1](https://github.com/zeek/zeek/releases/tag/v5.2.1)

Malcolm v23.05.0 Malcolm v23.05.0 is a major release with new features, enhancements, component version updates and bug fixes. IMPORTANT NOTE: Malcolm v23.05.0 has completely changed the way it manages its settings: rather than using environment variables found at the top of the `docker-compose.yml` file, it uses environment variables in `.env` files inside of the `config` directory. The locations of a number of configuration files have also changed. It's not recommended to update to Malcolm v23.05.0 from a previous version of Malcolm. Instead, shut down Malcolm, rename your old Malcolm installation directory to something else, and reconfigure Malcolm using `./scripts/configure` and `./scripts/auth_setup`. v23.04.0...v23.05.0 * New features - integrate [ICSNPP-Synchrophasor](https://github.com/cisagov/icsnpp-synchrophasor/) parser (idaholab#190) - [End-to-end Malcolm and Hedgehog Linux ISO Installation((cisagov://cisagov.github.io/Malcolm/docs/malcolm-hedgehog-e2e-iso-install.html#InstallationExample) document (idaholab#181) - support Malcolm deployment with Kubernetes (idaholab#149) + see [Deploying Malcolm with Kubernetes](https://idaholab.github.io/Malcolm/docs/kubernetes.html#Kubernetes) + This could be considered a "beta" release for Malcolm deployment with Kubernetes, as there is still [some work](https://github.com/idaholab/Malcolm/issues?q=is%3Aissue+is%3Aopen+kubernetes) to be done in this area. Please let us know what issues or suggestions you have via the [issue tracker](https://github.com/idaholab/Malcolm/issues) or via email to [[email protected]](mailto:[email protected]?subject=Malcolm). + contributing issues: * inotify issue (idaholab#168) * htadmin/nginx and htpasswd (idaholab#169) * opensearch (idaholab#170) * uploading large PCAP files (idaholab#171) * script consolidation (idaholab#172) * documentation (idaholab#173) * user-defined persistent volumes (idaholab#174) * opensearch keystore (idaholab#176) * expose other TCP services (idaholab#183) * provide with filebeat access to nginx access and error logs (idaholab#186) * use Secrets for some environment variables instead of ConfigMaps (idaholab#189) * Enhancements and fixes * remove name-map-ui container (idaholab#165) in favor of using NetBox for asset identification * Python script refactoring, consolidation and cleanup * standardization of Docker container entrypoints * create `./scripts/configure` alias for `./scripts/install.py --configure` * Component version updates - Arkime to [v4.3.0](https://github.com/arkime/arkime/blob/fa0db2415bdc109be7a4dd8ee2c2838673980b5f/CHANGELOG#L33-L72) - Capa to [v5.1.0](https://github.com/mandiant/capa/releases/tag/v5.1.0) - Fluent Bit to [v2.1.2](https://fluentbit.io/announcements/v2.1.2/) - NetBox to [v3.5.0](https://github.com/netbox-community/netbox/releases/tag/v3.5.0) - NGINX to [v1.22.1](http://nginx.org/en/CHANGES-1.22) - Supercronic to [v0.2.24](https://github.com/aptible/supercronic/releases/tag/v0.2.24) - Suricata to [v6.0.10](https://suricata.io/2023/01/31/suricata-6-0-10-released/) - Yara to [v4.3.0](https://github.com/VirusTotal/yara/releases/tag/v4.3.0) - Zeek to [v5.2.1](https://github.com/zeek/zeek/releases/tag/v5.2.1)

mmguero added the cloud Relating to deployment of Malcolm in the cloud and/or with Kubernetes label Mar 29, 2023

mmguero added this to Malcolm Mar 29, 2023

mmguero moved this to Todo in Malcolm Apr 14, 2023

mmguero added a commit that referenced this issue Apr 24, 2023

for #174, check for required PersistentVolumeClaim entries before sta…

0ff6c35

…rting

mmguero added a commit that referenced this issue Apr 24, 2023

for #174, don't define volumes but give example in 01-volumes.yml.exa…

92ea3aa

…mple

mmguero moved this from Todo to Done in Malcolm Apr 24, 2023

mmguero closed this as completed Apr 24, 2023

mmguero added this to the v23.05.0 milestone Apr 26, 2023

mmguero self-assigned this Apr 27, 2023

This was referenced May 1, 2023

Malcolm v23.05.0 #191

Merged

Malcolm v23.05.0 cisagov/Malcolm#249

Merged

mmguero moved this from Done to Released in Malcolm May 1, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

kubernetes deployment - user-defined persistent volumes #174

kubernetes deployment - user-defined persistent volumes #174

mmguero commented Mar 29, 2023

mmguero commented Apr 24, 2023

kubernetes deployment - user-defined persistent volumes #174

kubernetes deployment - user-defined persistent volumes #174

Comments

mmguero commented Mar 29, 2023

mmguero commented Apr 24, 2023