From 8922a7dc253830e57e4b68a658f93a12dba4f49e Mon Sep 17 00:00:00 2001 From: badra001 Date: Fri, 16 Sep 2022 13:16:59 -0400 Subject: [PATCH] update --- examples/efk/images.tf | 41 ++++++ examples/efk/main.tf | 125 ++++++++++++------ examples/efk/main.tf.orig | 241 ++++++++++++++++++++++++++++++++++ examples/efk/variables.elk.tf | 2 +- 4 files changed, 368 insertions(+), 41 deletions(-) create mode 100644 examples/efk/main.tf.orig diff --git a/examples/efk/images.tf b/examples/efk/images.tf index e0f84da..87dd361 100644 --- a/examples/efk/images.tf +++ b/examples/efk/images.tf @@ -1,6 +1,7 @@ module "images" { source = "git@github.e.it.census.gov:terraform-modules/aws-ecr-copy-images.git" + profile = var.profile application_list = [] application_name = format("eks/%v", var.cluster_name) image_config = var.image_config @@ -16,3 +17,43 @@ module "images" { ## source_password = "" ## source_username = "" } + + +## image_info = { +## "elastic/elasticsearch#7.14.0" = { +## "dest_full_path" = "817869416306.dkr.ecr.us-gov-east-1.amazonaws.com/eks/test-cluster-name/elastic/elasticsearch:7.14.0" +## "dest_registry" = "817869416306.dkr.ecr.us-gov-east-1.amazonaws.com" +## "dest_repository" = "eks/test-cluster-name/elastic/elasticsearch" +## "enabled" = true +## "key" = "elastic/elasticsearch#7.14.0" +## "name" = "elastic/elasticsearch" +## "source_full_path" = "docker.elastic.co/elasticsearch/elasticsearch:7.14.0" +## "source_image" = "elasticsearch/elasticsearch" +## "source_registry" = "docker.elastic.co" +## "tag" = "7.14.0" +## } +## "elastic/kibana#7.14.0" = { +## "dest_full_path" = "817869416306.dkr.ecr.us-gov-east-1.amazonaws.com/eks/test-cluster-name/elastic/kibana:7.14.0" +## "dest_registry" = "817869416306.dkr.ecr.us-gov-east-1.amazonaws.com" +## "dest_repository" = "eks/test-cluster-name/elastic/kibana" +## "enabled" = true +## "key" = "elastic/kibana#7.14.0" +## "name" = "elastic/kibana" +## "source_full_path" = "docker.elastic.co/kibana/kibana:7.14.0" +## "source_image" = "kibana/kibana" +## "source_registry" = "docker.elastic.co" +## "tag" = "7.14.0" +## } +## "fluent/fluentd-kubernetes-daemonset#v1.13.3-debian-elasticsearch7-1.2" = { +## "dest_full_path" = "817869416306.dkr.ecr.us-gov-east-1.amazonaws.com/eks/test-cluster-name/fluent/fluentd-kubernetes-daemonset:v1.13.3-debian-elasticsearch7-1.2" +## "dest_registry" = "817869416306.dkr.ecr.us-gov-east-1.amazonaws.com" +## "dest_repository" = "eks/test-cluster-name/fluent/fluentd-kubernetes-daemonset" +## "enabled" = true +## "key" = "fluent/fluentd-kubernetes-daemonset#v1.13.3-debian-elasticsearch7-1.2" +## "name" = "fluent/fluentd-kubernetes-daemonset" +## "source_full_path" = "docker.io/fluent/fluentd-kubernetes-daemonset:v1.13.3-debian-elasticsearch7-1.2" +## "source_image" = "fluent/fluentd-kubernetes-daemonset" +## "source_registry" = "docker.io" +## "tag" = "v1.13.3-debian-elasticsearch7-1.2" +## } +## } diff --git a/examples/efk/main.tf b/examples/efk/main.tf index 77f7a38..91adba4 100644 --- a/examples/efk/main.tf +++ b/examples/efk/main.tf @@ -1,5 +1,6 @@ resource "kubernetes_namespace" "logging" { - depends_on = [null_resource.copy_images] + # depends_on = [null_resource.copy_images] + depends_on = [module.images] metadata { name = "logging" @@ -9,20 +10,64 @@ resource "kubernetes_namespace" "logging" { } } +## image_info = { +## "elastic/elasticsearch#7.14.0" = { +## "dest_full_path" = "817869416306.dkr.ecr.us-gov-east-1.amazonaws.com/eks/test-cluster-name/elastic/elasticsearch:7.14.0" +## "dest_registry" = "817869416306.dkr.ecr.us-gov-east-1.amazonaws.com" +## "dest_repository" = "eks/test-cluster-name/elastic/elasticsearch" +## "enabled" = true +## "key" = "elastic/elasticsearch#7.14.0" +## "name" = "elastic/elasticsearch" +## "source_full_path" = "docker.elastic.co/elasticsearch/elasticsearch:7.14.0" +## "source_image" = "elasticsearch/elasticsearch" +## "source_registry" = "docker.elastic.co" +## "tag" = "7.14.0" +## } +## +## image_config +## { +## enabled = true +## dest_path = null +## name = "fluent/fluentd-kubernetes-daemonset" +## source_image = "fluent/fluentd-kubernetes-daemonset" +## source_registry = "docker.io" +## source_tag = null +## tag = "v1.13.3-debian-elasticsearch7-1.2" +## }, +## ] +## +## chart_config = [ +## { +## name = "elasticsearch" +## chart_name = "elasticsearch" +## chart_version = "7.14.0" +## source_repository = "https://helm.elastic.co" +## image_reference = "elastic/elasticsearch" +## image_tag = "7.14.0" +## enabled = true +## }, + +locals { + charts = { for c in var.chart_config : c.name => merge(c, { image_key = format("%v#%v", c.image_reference, c.image_tag) }) } +} + resource "helm_release" "elasticsearch" { - chart = "elasticsearch" - version = var.elasticsearch_chart_version - name = "elasticsearch" + depends_on = [module.images] + for_each = { "elasticsearch" = local.charts["elasticsearch"] } + chart = each.key + version = each.value.chart_version + name = each.value.chart_name namespace = kubernetes_namespace.logging.metadata[0].name - repository = "https://helm.elastic.co" + repository = each.value.source_repository set { - name = "image" - value = local.image_repos["elastic/elasticsearch"] + name = "image" + # value = local.image_repos["elastic/elasticsearch"] + value = format("%v/%v", module.images.images[each.value.image_key].dest_registry, module.images.images[each.value.image_key].dest_registry) } set { name = "imageTag" - value = var.elasticsearch_tag + value = each.value.image_tag } # set { @@ -54,21 +99,22 @@ resource "helm_release" "elasticsearch" { } resource "helm_release" "kibana" { - chart = "kibana" - version = var.kibana_chart_version - name = "kibana" + depends_on = [module.images, helm_release.elasticsearch] + for_each = { "kibana" = local.charts["kibana"] } + chart = each.key + version = each.value.chart_version + name = each.value.chart_name namespace = kubernetes_namespace.logging.metadata[0].name - repository = "https://helm.elastic.co" - - depends_on = [helm_release.elasticsearch] + repository = each.value.source_repository set { - name = "image" - value = local.image_repos["elastic/kibana"] + name = "image" + # value = local.image_repos["elastic/kibana"] + value = format("%v/%v", module.images.images[each.value.image_key].dest_registry, module.images.images[each.value.image_key].dest_registry) } set { name = "imageTag" - value = var.kibana_tag + value = each.value.image_tag } set { @@ -109,6 +155,28 @@ resource "helm_release" "kibana" { timeout = 180 } +resource "helm_release" "fluentd" { + depends_on = [module.images, helm_release.elasticsearch] + for_each = { "fluentd" = local.charts["fluentd"] } + chart = each.key + version = each.value.chart_version + name = each.value.chart_name + namespace = kubernetes_namespace.logging.metadata[0].name + repository = each.value.source_repository + + set { + name = "image.repository" + value = format("%v/%v", module.images.images[each.value.image_key].dest_registry, module.images.images[each.value.image_key].dest_registry) + } + set { + name = "image.tag" + value = each.value.image_tag + } + + timeout = 180 +} + + resource "kubernetes_config_map" "elasticsearch-output" { metadata { name = "elasticsearch-output" @@ -216,26 +284,3 @@ resource "kubernetes_config_map" "apache-log-parser" { EOF } } - -resource "helm_release" "fluentd" { - chart = "fluentd" - version = var.fluentd_chart_version - name = "fluentd" - namespace = kubernetes_namespace.logging.metadata[0].name - repository = "https://fluent.github.io/helm-charts" - - depends_on = [helm_release.elasticsearch] - - set { - name = "image.repository" - value = local.image_repos["fluent/fluentd-kubernetes-daemonset"] - } - set { - name = "image.tag" - value = var.fluentd_tag - } - - timeout = 180 -} - - diff --git a/examples/efk/main.tf.orig b/examples/efk/main.tf.orig new file mode 100644 index 0000000..77f7a38 --- /dev/null +++ b/examples/efk/main.tf.orig @@ -0,0 +1,241 @@ +resource "kubernetes_namespace" "logging" { + depends_on = [null_resource.copy_images] + + metadata { + name = "logging" + labels = { + istio-injection = "enabled" + } + } +} + +resource "helm_release" "elasticsearch" { + chart = "elasticsearch" + version = var.elasticsearch_chart_version + name = "elasticsearch" + namespace = kubernetes_namespace.logging.metadata[0].name + repository = "https://helm.elastic.co" + + set { + name = "image" + value = local.image_repos["elastic/elasticsearch"] + } + set { + name = "imageTag" + value = var.elasticsearch_tag + } + + # set { + # name = "master.livenessProbe.enabled" + # value = "false" + # } + # set { + # name = "master.readinessProbe.enabled" + # value = "false" + # } + # set { + # name = "coordinating.livenessProbe.enabled" + # value = "false" + # } + # set { + # name = "coordinating.readinessProbe.enabled" + # value = "false" + # } + # set { + # name = "data.livenessProbe.enabled" + # value = "false" + # } + # set { + # name = "data.readinessProbe.enabled" + # value = "false" + # } + + timeout = 300 +} + +resource "helm_release" "kibana" { + chart = "kibana" + version = var.kibana_chart_version + name = "kibana" + namespace = kubernetes_namespace.logging.metadata[0].name + repository = "https://helm.elastic.co" + + depends_on = [helm_release.elasticsearch] + + set { + name = "image" + value = local.image_repos["elastic/kibana"] + } + set { + name = "imageTag" + value = var.kibana_tag + } + + set { + name = "persistence.storageClass" + value = "efs" + } + + set { + name = "elasticsearch.enabled" + value = "false" + } + set { + name = "elasticsearch.external.hosts[0]" + value = "elasticsearch-coordinating-only.logging.svc.cluster.local" + } + set { + name = "elasticsearch.external.port" + value = "9200" + } + set { + name = "elasticsearch.hosts[0]" + value = "elasticsearch-coordinating-only.logging.svc.cluster.local" + } + set { + name = "elasticsearch.port" + value = "9200" + } + + # set { + # name = "livenessProbe.enabled" + # value = "false" + # } + # set { + # name = "readinessProbe.enabled" + # value = "false" + # } + + timeout = 180 +} + +resource "kubernetes_config_map" "elasticsearch-output" { + metadata { + name = "elasticsearch-output" + namespace = kubernetes_namespace.logging.metadata[0].name + } + + data = { + "fluentd.conf" = < + @type null + + + # TCP input to receive logs from the forwarders + + @type forward + bind 0.0.0.0 + port 24224 + + + # HTTP input for the liveness and readiness probes + + @type http + bind 0.0.0.0 + port 9880 + + + # Throw the healthcheck to the standard output instead of forwarding it + + @type stdout + + + # Send the logs to the standard output + + @type elasticsearch + include_tag_key true + host "#{ENV['ELASTICSEARCH_HOST']}" + port "#{ENV['ELASTICSEARCH_PORT']}" + logstash_format true + + @type file + path /opt/bitnami/fluentd/logs/buffers/logs.buffer + flush_thread_count 2 + flush_interval 5s + + +EOF + } +} + +resource "kubernetes_config_map" "apache-log-parser" { + metadata { + name = "apache-log-parser" + namespace = kubernetes_namespace.logging.metadata[0].name + } + + data = { + "fluentd.conf" = < + @type null + + + # HTTP input for the liveness and readiness probes + + @type http + port 9880 + + + # Throw the healthcheck to the standard output instead of forwarding it + + @type stdout + + + # Get the logs from the containers running in the cluster + # This block parses logs using an expression valid for the Apache log format + # Update this depending on your application log format + + @type tail + path /var/log/containers/*.log + pos_file /opt/bitnami/fluentd/logs/buffers/fluentd-docker.pos + tag www.log + + @type regexp + expression /^(?[^ ]*) [^ ]* (?[^ ]*) \[(? + + + # Forward all logs to the aggregators + + @type forward + + host fluentd-0.fluentd-headless.logging.svc.cluster.local + port 24224 + + + + @type file + path /opt/bitnami/fluentd/logs/buffers/logs.buffer + flush_thread_count 2 + flush_interval 5s + + +EOF + } +} + +resource "helm_release" "fluentd" { + chart = "fluentd" + version = var.fluentd_chart_version + name = "fluentd" + namespace = kubernetes_namespace.logging.metadata[0].name + repository = "https://fluent.github.io/helm-charts" + + depends_on = [helm_release.elasticsearch] + + set { + name = "image.repository" + value = local.image_repos["fluent/fluentd-kubernetes-daemonset"] + } + set { + name = "image.tag" + value = var.fluentd_tag + } + + timeout = 180 +} + + diff --git a/examples/efk/variables.elk.tf b/examples/efk/variables.elk.tf index 09c375b..0d890e0 100644 --- a/examples/efk/variables.elk.tf +++ b/examples/efk/variables.elk.tf @@ -18,7 +18,7 @@ variable "chart_config" { type = list(object({ name = string, chart_name = string, - tag = string, + chart_version = string, source_repository = string, image_reference = string image_tag = string