logmower: Updates

This commit is contained in:
Lauri Võsandi 2022-12-14 18:56:08 +02:00
parent c65835c6a4
commit bccd2c6458

View File

@ -25,9 +25,10 @@ spec:
additionalMongodConfig: additionalMongodConfig:
systemLog: systemLog:
quiet: true quiet: true
members: 3 members: 2
arbiters: 1
type: ReplicaSet type: ReplicaSet
version: "6.0.2" version: "6.0.3"
security: security:
authentication: authentication:
modes: ["SCRAM"] modes: ["SCRAM"]
@ -62,6 +63,9 @@ spec:
limits: limits:
cpu: 4000m cpu: 4000m
memory: 1Gi memory: 1Gi
volumeMounts:
- name: journal-volume
mountPath: /data/journal
- name: mongodb-agent - name: mongodb-agent
resources: resources:
requests: requests:
@ -88,8 +92,21 @@ spec:
volumeClaimTemplates: volumeClaimTemplates:
- metadata: - metadata:
name: logs-volume name: logs-volume
labels:
usecase: logs
spec: spec:
storageClassName: local-path storageClassName: mongo
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 100Mi
- metadata:
name: journal-volume
labels:
usecase: journal
spec:
storageClassName: mongo
accessModes: accessModes:
- ReadWriteOnce - ReadWriteOnce
resources: resources:
@ -97,8 +114,10 @@ spec:
storage: 512Mi storage: 512Mi
- metadata: - metadata:
name: data-volume name: data-volume
labels:
usecase: data
spec: spec:
storageClassName: local-path storageClassName: mongo
accessModes: accessModes:
- ReadWriteOnce - ReadWriteOnce
resources: resources:
@ -125,9 +144,7 @@ spec:
serviceAccountName: logmower-shipper serviceAccountName: logmower-shipper
containers: containers:
- name: logmower-shipper - name: logmower-shipper
image: harbor.k-space.ee/k-space/logmower-shipper-prototype image: harbor.k-space.ee/k-space/logmower-shipper-prototype:latest
securityContext:
runAsUser: 0
env: env:
- name: NODE_NAME - name: NODE_NAME
valueFrom: valueFrom:
@ -141,8 +158,10 @@ spec:
ports: ports:
- containerPort: 8000 - containerPort: 8000
name: metrics name: metrics
securityContext:
readOnlyRootFilesystem: true
command: command:
- /log_shipper.py - /app/log_shipper.py
- --parse-json - --parse-json
- --normalize-log-level - --normalize-log-level
- --stream-to-log-level - --stream-to-log-level
@ -159,9 +178,6 @@ spec:
- name: etcmachineid - name: etcmachineid
mountPath: /etc/machine-id mountPath: /etc/machine-id
readOnly: true readOnly: true
- name: varlibdockercontainers
mountPath: /var/lib/docker/containers
readOnly: true
- name: varlog - name: varlog
mountPath: /var/log mountPath: /var/log
readOnly: true readOnly: true
@ -169,9 +185,6 @@ spec:
- name: etcmachineid - name: etcmachineid
hostPath: hostPath:
path: /etc/machine-id path: /etc/machine-id
- name: varlibdockercontainers
hostPath:
path: /var/lib/docker/containers
- name: varlog - name: varlog
hostPath: hostPath:
path: /var/log path: /var/log
@ -282,6 +295,38 @@ spec:
podMetricsEndpoints: podMetricsEndpoints:
- port: metrics - port: metrics
--- ---
apiVersion: monitoring.coreos.com/v1
kind: PrometheusRule
metadata:
name: logmower-shipper
spec:
groups:
- name: logmower-shipper
rules:
- alert: LogmowerSingleInsertionErrors
annotations:
summary: Logmower shipper is having issues submitting log records
to database
expr: rate(logmower_insertion_error_count_total[30m]) > 0
for: 0m
labels:
severity: warning
- alert: LogmowerBulkInsertionErrors
annotations:
summary: Logmower shipper is having issues submitting log records
to database
expr: rate(logmower_bulk_insertion_error_count_total[30m]) > 0
for: 0m
labels:
severity: warning
- alert: LogmowerHighDatabaseLatency
annotations:
summary: Database operations are slow
expr: histogram_quantile(0.95, logmower_database_operation_latency_bucket) > 10
for: 1m
labels:
severity: warning
---
apiVersion: networking.k8s.io/v1 apiVersion: networking.k8s.io/v1
kind: Ingress kind: Ingress
metadata: metadata:
@ -354,11 +399,35 @@ spec:
app: logmower-frontend app: logmower-frontend
spec: spec:
containers: containers:
- name: logmower-frontend - name: logmower-frontend
image: harbor.k-space.ee/k-space/logmower-frontend image: harbor.k-space.ee/k-space/logmower-frontend
ports: ports:
- containerPort: 8080 - containerPort: 8080
name: http name: http
securityContext:
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1000
resources:
limits:
memory: 50Mi
requests:
cpu: 1m
memory: 20Mi
volumeMounts:
- name : nginx-cache
mountPath: /var/cache/nginx/
- name : nginx-config
mountPath: /var/config/nginx/
- name: var-run
mountPath: /var/run/
volumes:
- emptyDir: {}
name: nginx-cache
- emptyDir: {}
name: nginx-config
- emptyDir: {}
name: var-run
--- ---
apiVersion: apps/v1 apiVersion: apps/v1
kind: Deployment kind: Deployment
@ -374,21 +443,31 @@ spec:
app: logmower-eventsource app: logmower-eventsource
spec: spec:
containers: containers:
- name: logmower-eventsource - name: logmower-eventsource
image: harbor.k-space.ee/k-space/logmower-eventsource image: harbor.k-space.ee/k-space/logmower-eventsource
command: command:
- npm - npm
- start - start
ports: ports:
- containerPort: 3002 - containerPort: 3002
name: nodejs name: nodejs
env: securityContext:
- name: MONGODB_HOST readOnlyRootFilesystem: true
valueFrom: runAsNonRoot: true
secretKeyRef: runAsUser: 1000
name: logmower-mongodb-application-readonly resources:
key: connectionString.standard limits:
cpu: 500m
memory: 200Mi
requests:
cpu: 10m
memory: 100Mi
env:
- name: MONGODB_HOST
valueFrom:
secretKeyRef:
name: logmower-mongodb-application-readonly
key: connectionString.standard
--- ---
apiVersion: networking.k8s.io/v1 apiVersion: networking.k8s.io/v1
kind: NetworkPolicy kind: NetworkPolicy