Skip to content

Commit

Permalink
Merge pull request #40 from clouddrove/feat/filebeat
Browse files Browse the repository at this point in the history
Feat: Introducing Filebeat addon
  • Loading branch information
themaniskshah authored Oct 6, 2023
2 parents b53e931 + b4662a4 commit 8a03f43
Show file tree
Hide file tree
Showing 21 changed files with 600 additions and 10 deletions.
113 changes: 113 additions & 0 deletions _examples/complete/config/override-filebeat.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,113 @@
## Node affinity for particular node in which labels key is "Infra-Services" and value is "true"
daemonset:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: "eks.amazonaws.com/nodegroup"
operator: In
values:
- "critical"
## Using limits and requests
resources:
limits:
cpu: "300m"
memory: "200Mi"
requests:
cpu: 100m
memory: 100Mi
# Include the daemonset
enabled: true
extraEnvs:
- name: "ELASTICSEARCH_USERNAME"
valueFrom:
secretKeyRef:
name: elasticsearch-master-credentials
key: username
- name: "ELASTICSEARCH_PASSWORD"
valueFrom:
secretKeyRef:
name: elasticsearch-master-credentials
key: password
# Allows you to add any config files in /usr/share/filebeat
# such as filebeat.yml for daemonset
filebeatConfig:
filebeat.yml: |
filebeat.inputs:
- type: container
paths:
- /var/log/containers/*.log
processors:
- add_kubernetes_metadata:
host: ${NODE_NAME}
matchers:
- logs_path:
logs_path: "/var/log/containers/"
output.elasticsearch:
host: '${NODE_NAME}'
hosts: '["https://${ELASTICSEARCH_HOSTS:elasticsearch-master:9200}"]'
username: '${ELASTICSEARCH_USERNAME}'
password: '${ELASTICSEARCH_PASSWORD}'
protocol: https
ssl.certificate_authorities: ["/usr/share/filebeat/certs/ca.crt"]
# A list of secrets and their paths to mount inside the pod
# This is useful for mounting certificates for security other sensitive values
secretMounts:
- name: elasticsearch-master-certs
secretName: elasticsearch-master-certs
path: /usr/share/filebeat/certs/

deployment:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: "eks.amazonaws.com/nodegroup"
operator: In
values:
- "critical"

## Using limits and requests
resources:
limits:
cpu: "300m"
memory: "200Mi"
requests:
cpu: 100m
memory: 100Mi

extraEnvs:
- name: "ELASTICSEARCH_USERNAME"
valueFrom:
secretKeyRef:
name: elasticsearch-master-credentials
key: username
- name: "ELASTICSEARCH_PASSWORD"
valueFrom:
secretKeyRef:
name: elasticsearch-master-credentials
key: password
# such as filebeat.yml for deployment
filebeatConfig:
filebeat.yml: |
filebeat.inputs:
- type: log
paths:
- /usr/share/filebeat/logs/filebeat
output.elasticsearch:
host: "${NODE_NAME}"
hosts: '["https://${ELASTICSEARCH_HOSTS:elasticsearch-master:9200}"]'
username: "${ELASTICSEARCH_USERNAME}"
password: "${ELASTICSEARCH_PASSWORD}"
protocol: https
ssl.certificate_authorities: ["/usr/share/filebeat/certs/ca.crt"]
# A list of secrets and their paths to mount inside the pod
# This is useful for mounting certificates for security other sensitive values
secretMounts:
- name: elasticsearch-master-certs
secretName: elasticsearch-master-certs
path: /usr/share/filebeat/certs/
4 changes: 3 additions & 1 deletion _examples/complete/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -142,7 +142,6 @@ resource "aws_iam_policy" "node_additional" {
},
]
})

tags = local.tags
}

Expand All @@ -169,6 +168,7 @@ module "addons" {
velero = true
keda = true
certification_manager = true
filebeat = true

# -- Addons with mandatory variable
istio_ingress = true
Expand Down Expand Up @@ -197,6 +197,7 @@ module "addons" {
kube_state_metrics_helm_config = { values = [file("./config/override-kube-state-matrics.yaml")] }
keda_helm_config = { values = [file("./config/keda/override-keda.yaml")] }
certification_manager_helm_config = { values = [file("./config/override-certification-manager.yaml")] }
filebeat_helm_config = { values = [file("./config/override-filebeat.yaml")] }

# -- Override Helm Release attributes
metrics_server_extra_configs = var.metrics_server_extra_configs
Expand All @@ -218,6 +219,7 @@ module "addons" {
keda_extra_configs = var.keda_extra_configs
certification_manager_extra_configs = var.certification_manager_extra_configs
external_secrets_extra_configs = var.external_secrets_extra_configs
filebeat_extra_configs = var.filebeat_extra_configs

# -- Custom IAM Policy Json for Addon's ServiceAccount
cluster_autoscaler_iampolicy_json_content = file("./custom-iam-policies/cluster-autoscaler.json")
Expand Down
6 changes: 6 additions & 0 deletions _examples/complete/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -174,4 +174,10 @@ variable "external_secrets_extra_configs" {
default = {
secret_manager_name = "external_secrets_addon"
}
}

# ------------------ FILEBEAT -------------------------------------------------
variable "filebeat_extra_configs" {
type = any
default = {}
}
2 changes: 1 addition & 1 deletion addons/aws-ebs-csi-driver/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ The [Amazon Elastic Block Store Container Storage](https://aws.amazon.com/ebs/)

## Installation
Below terraform script shows how to use AWS EBS CSI Driver Terraform Addon, A complete example is also given [here](https://github.com/clouddrove/terraform-helm-eks-addons/blob/master/_examples/complete/main.tf).
```bash
```hcl
module "addons" {
source = "clouddrove/eks-addons/aws"
version = "0.0.1"
Expand Down
2 changes: 1 addition & 1 deletion addons/aws-efs-csi-driver/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ Amazon EFS CSI driver supports dynamic provisioning and static provisioning. Cur

## Installation
Below terraform script shows how to use AWS EFS CSI Driver Terraform Addon, A complete example is also given [here](https://github.com/clouddrove/terraform-helm-eks-addons/blob/master/_examples/complete/main.tf).
```bash
```hcl
module "addons" {
source = "clouddrove/eks-addons/aws"
version = "0.0.1"
Expand Down
2 changes: 1 addition & 1 deletion addons/aws-load-balancer-controller/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ AWS Load Balancer controller manages the following AWS resources

## Installation
Below terraform script shows how to use AWS Load Balancer Controller Terraform Addon, A complete example is also given [here](https://github.com/clouddrove/terraform-helm-eks-addons/blob/master/_examples/complete/main.tf).
```bash
```hcl
module "addons" {
source = "clouddrove/eks-addons/aws"
version = "0.0.1"
Expand Down
2 changes: 1 addition & 1 deletion addons/aws-node-termination-handler/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ The AWS Node Termination Handler (NTH) project ensures that the Kubernetes contr

## Installation
Below terraform script shows how to use Node Termination Handler Terraform Addon, A complete example is also given [here](https://github.com/clouddrove/terraform-helm-eks-addons/blob/master/_examples/complete/main.tf).
```bash
```hcl
module "addons" {
source = "clouddrove/eks-addons/aws"
version = "0.0.1"
Expand Down
2 changes: 1 addition & 1 deletion addons/calico-tigera/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ For multi-tenant Kubernetes environments where isolation of tenants from each ot
- Calico is an CNI addon, so this must be installed before EKS default CNI (aws-node).
- If you see `aws-node` pods after cluster creation `kubectl get pods -n kube-system` then you can just delete them by running `kubectl delete ds aws-node -n kube-system`

```bash
```hcl
module "addons" {
source = "clouddrove/eks-addons/aws"
version = "0.0.1"
Expand Down
2 changes: 1 addition & 1 deletion addons/cluster-autoscaler/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ Cluster Autoscaler is a tool that automatically adjusts the size of the Kubernet

## Installation
Below terraform script shows how to use Cluster Autoscaler Terraform Addon, A complete example is also given [here](https://github.com/clouddrove/terraform-helm-eks-addons/blob/master/_examples/complete/main.tf).
```bash
```hcl
module "addons" {
source = "clouddrove/eks-addons/aws"
version = "0.0.1"
Expand Down
6 changes: 3 additions & 3 deletions addons/external-secrets/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -12,15 +12,15 @@ and they also need to change properties (`name`,`namespace`,`secretKey`) of Exte

- If users wants to add more secrets then they can use following template in `external-secret.yaml` under data:

```bash
```yml
data:
- secretKey: do_not_delete_this_key # -- AWS Secret-Manager secret key
remoteRef:
key: addon-external_secrets # -- Same as 'externalsecrets_manifest["secret_manager_name"]
property: do_not_delete_this_key # -- AWS Secret-Manager secret key
```
user also need to provide `secret_manager_name` inside `externalsecrets_manifest` variable in varriable.tf as below
```bash
```hcl
variable "externalsecrets_manifest" {
type = object({
secret_store_manifest_file_path = string
Expand All @@ -37,7 +37,7 @@ variable "externalsecrets_manifest" {
```

Calling `externalsecrets_manifest` variable in main.tf as below -
```bash
```hcl
module "addons" {
source = "clouddrove/eks-addons/aws"
version = "0.0.1"
Expand Down
20 changes: 20 additions & 0 deletions addons/filebeat/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
# Filebeat Helm Chart
Filebeat is a logging agent installed on the machine generating the log files, tailing them, and forwarding the data to either Logstash for more advanced processing or directly into Elasticsearch for indexing.

## Installation
Below terraform script shows how to use Filebeat Terraform Addon, A complete example is also given [here](https://github.com/clouddrove/terraform-helm-eks-addons/blob/master/_examples/complete/main.tf).

```hcl
module "addons" {
source = "clouddrove/eks-addons/aws"
version = "0.1.0"
depends_on = [module.eks]
eks_cluster_name = module.eks.cluster_name
filebeat = true
}
```

<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
Loading

0 comments on commit 8a03f43

Please sign in to comment.