elastic-system: Add Syslog ingestion

elastic-system/application.yml

@@ -1,3 +1,4 @@
+---
 apiVersion: beat.k8s.elastic.co/v1beta1
 kind: Beat
 metadata:
@@ -78,6 +79,103 @@ spec:
         - operator: "Exists"
           effect: "NoSchedule"
 ---
+apiVersion: beat.k8s.elastic.co/v1beta1
+kind: Beat
+metadata:
+  name: filebeat-syslog
+spec:
+  type: filebeat
+  version: 8.4.1
+  elasticsearchRef:
+    name: elasticsearch
+  kibanaRef:
+    name: kibana
+  config:
+    logging:
+      level: warning
+    http:
+      enabled: true
+      port: 5066
+    filebeat:
+      inputs:
+        - type: syslog
+          format: rfc5424
+          protocol.udp:
+            host: "0.0.0.0:1514"
+        - type: syslog
+          format: rfc5424
+          protocol.tcp:
+            host: "0.0.0.0:1514"
+  deployment:
+    replicas: 2
+    podTemplate:
+      spec:
+        terminationGracePeriodSeconds: 30
+        containers:
+        - name: filebeat
+          resources:
+            limits:
+              memory: 200Mi
+            requests:
+              cpu: 100m
+              memory: 100Mi
+          ports:
+            - containerPort: 1514
+              name: syslog
+              protocol: UDP
+          volumeMounts:
+            - name: filebeat-registry
+              mountPath: /usr/share/filebeat/data
+        - name: exporter
+          image: sepa/beats-exporter
+          args:
+            - -p=5066
+          ports:
+            - containerPort: 8080
+              name: exporter
+              protocol: TCP
+        volumes:
+          - name: filebeat-registry
+            emptyDir: {}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: filebeat-syslog-udp
+  annotations:
+    external-dns.alpha.kubernetes.io/hostname: syslog.k-space.ee
+    metallb.universe.tf/allow-shared-ip: syslog.k-space.ee
+spec:
+  type: LoadBalancer
+  externalTrafficPolicy: Local
+  loadBalancerIP: 172.20.51.4
+  ports:
+    - name: filebeat-syslog
+      port: 514
+      protocol: UDP
+      targetPort: 1514
+  selector:
+    beat.k8s.elastic.co/name: filebeat-syslog
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: filebeat-syslog-tcp
+  annotations:
+    external-dns.alpha.kubernetes.io/hostname: syslog.k-space.ee
+    metallb.universe.tf/allow-shared-ip: syslog.k-space.ee
+spec:
+  type: LoadBalancer
+  externalTrafficPolicy: Local
+  loadBalancerIP: 172.20.51.4
+  ports:
+    - name: filebeat-syslog
+      port: 514
+      protocol: TCP
+      targetPort: 1514
+  selector:
+    beat.k8s.elastic.co/name: filebeat-syslog
+---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:

logging/application.yml

@@ -1,69 +0,0 @@
----
-apiVersion: v1
-kind: Service
-metadata:
-  name: graylog-gelf-tcp
-  labels:
-    app: graylog
-spec:
-  ports:
-    - name: graylog-gelf-tcp
-      port: 12201
-      protocol: TCP
-      targetPort: 12201
-  selector:
-    app: graylog
----
-apiVersion: v1
-kind: Service
-metadata:
-  name: graylog-logstash
-  labels:
-    app: graylog
-spec:
-  ports:
-    - name: graylog-logstash
-      port: 5044
-      protocol: TCP
-  selector:
-    app: graylog
----
-apiVersion: v1
-kind: Service
-metadata:
-  name: graylog-syslog-tcp
-  labels:
-    app: graylog
-  annotations:
-    external-dns.alpha.kubernetes.io/hostname: syslog.k-space.ee
-    metallb.universe.tf/allow-shared-ip: syslog.k-space.ee
-spec:
-  type: LoadBalancer
-  externalTrafficPolicy: Local
-  loadBalancerIP: 172.20.51.4
-  ports:
-    - name: graylog-syslog
-      port: 514
-      protocol: TCP
-  selector:
-    app: graylog
----
-apiVersion: v1
-kind: Service
-metadata:
-  name: graylog-syslog-udp
-  labels:
-    app: graylog
-  annotations:
-    external-dns.alpha.kubernetes.io/hostname: syslog.k-space.ee
-    metallb.universe.tf/allow-shared-ip: syslog.k-space.ee
-spec:
-  type: LoadBalancer
-  externalTrafficPolicy: Local
-  loadBalancerIP: 172.20.51.4
-  ports:
-    - name: graylog-syslog
-      port: 514
-      protocol: UDP
-  selector:
-    app: graylog