220 lines
5.3 KiB
YAML
220 lines
5.3 KiB
YAML
apiVersion: beat.k8s.elastic.co/v1beta1
|
|
kind: Beat
|
|
metadata:
|
|
name: filebeat
|
|
spec:
|
|
type: filebeat
|
|
version: 8.3.1
|
|
elasticsearchRef:
|
|
name: elasticsearch
|
|
kibanaRef:
|
|
name: kibana
|
|
config:
|
|
filebeat:
|
|
autodiscover:
|
|
providers:
|
|
- type: kubernetes
|
|
node: ${NODE_NAME}
|
|
hints:
|
|
enabled: true
|
|
default_config:
|
|
type: container
|
|
paths:
|
|
- /var/log/containers/*${data.kubernetes.container.id}.log
|
|
processors:
|
|
- drop_fields:
|
|
fields:
|
|
- stream
|
|
- target
|
|
- host
|
|
ignore_missing: true
|
|
- rename:
|
|
fields:
|
|
- from: "kubernetes.node.name"
|
|
to: "host"
|
|
- from: "kubernetes.pod.name"
|
|
to: "pod"
|
|
- from: "kubernetes.labels.app"
|
|
to: "app"
|
|
- from: "kubernetes.namespace"
|
|
to: "namespace"
|
|
ignore_missing: true
|
|
- drop_fields:
|
|
fields:
|
|
- input
|
|
- agent
|
|
- container
|
|
- ecs
|
|
- host
|
|
- kubernetes
|
|
- log
|
|
- "@metadata"
|
|
ignore_missing: true
|
|
- decode_json_fields:
|
|
fields:
|
|
- message
|
|
max_depth: 2
|
|
expand_keys: true
|
|
target: ""
|
|
add_error_key: true
|
|
daemonSet:
|
|
podTemplate:
|
|
spec:
|
|
serviceAccountName: filebeat
|
|
automountServiceAccountToken: true
|
|
terminationGracePeriodSeconds: 30
|
|
dnsPolicy: ClusterFirstWithHostNet
|
|
hostNetwork: true # Allows to provide richer host metadata
|
|
containers:
|
|
- name: filebeat
|
|
securityContext:
|
|
runAsUser: 0
|
|
volumeMounts:
|
|
- name: varlogcontainers
|
|
mountPath: /var/log/containers
|
|
- name: varlogpods
|
|
mountPath: /var/log/pods
|
|
- name: varlibdockercontainers
|
|
mountPath: /var/lib/docker/containers
|
|
env:
|
|
- name: NODE_NAME
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: spec.nodeName
|
|
volumes:
|
|
- name: varlogcontainers
|
|
hostPath:
|
|
path: /var/log/containers
|
|
- name: varlogpods
|
|
hostPath:
|
|
path: /var/log/pods
|
|
- name: varlibdockercontainers
|
|
hostPath:
|
|
path: /var/lib/docker/containers
|
|
tolerations:
|
|
- operator: "Exists"
|
|
effect: "NoExecute"
|
|
- operator: "Exists"
|
|
effect: "NoSchedule"
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRole
|
|
metadata:
|
|
name: filebeat
|
|
rules:
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- namespaces
|
|
- pods
|
|
- nodes
|
|
verbs:
|
|
- get
|
|
- watch
|
|
- list
|
|
---
|
|
apiVersion: v1
|
|
kind: ServiceAccount
|
|
metadata:
|
|
name: filebeat
|
|
namespace: elastic-system
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRoleBinding
|
|
metadata:
|
|
name: filebeat
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: filebeat
|
|
namespace: elastic-system
|
|
roleRef:
|
|
kind: ClusterRole
|
|
name: filebeat
|
|
apiGroup: rbac.authorization.k8s.io
|
|
---
|
|
apiVersion: elasticsearch.k8s.elastic.co/v1
|
|
kind: Elasticsearch
|
|
metadata:
|
|
name: elasticsearch
|
|
spec:
|
|
version: 8.3.1
|
|
nodeSets:
|
|
- name: default
|
|
count: 3
|
|
config:
|
|
node.store.allow_mmap: false
|
|
xpack.security.authc:
|
|
anonymous:
|
|
username: anonymous
|
|
roles: superuser
|
|
authz_exception: false
|
|
volumeClaimTemplates:
|
|
- metadata:
|
|
name: elasticsearch-data
|
|
spec:
|
|
accessModes:
|
|
- ReadWriteOnce
|
|
resources:
|
|
requests:
|
|
storage: 5Gi
|
|
storageClassName: local-path
|
|
http:
|
|
tls:
|
|
selfSignedCertificate:
|
|
disabled: true
|
|
---
|
|
apiVersion: kibana.k8s.elastic.co/v1
|
|
kind: Kibana
|
|
metadata:
|
|
name: kibana
|
|
spec:
|
|
version: 8.3.1
|
|
count: 1
|
|
elasticsearchRef:
|
|
name: elasticsearch
|
|
http:
|
|
tls:
|
|
selfSignedCertificate:
|
|
disabled: true
|
|
#config:
|
|
#xpack.security.authc.realms.oidc.my_oidc:
|
|
#order: 1
|
|
#rp.client_id: "kibana"
|
|
#rp.response_type: code
|
|
#rp.redirect_uri: "https://kibana.k-space.ee/api/security/v1/oidc"
|
|
#op.issuer: "https://auth.k-space.ee"
|
|
#op.authorization_endpoint: "https://auth.k-space.ee/api/oidc/authorization"
|
|
#op.token_endpoint: "https://auth.k-space.ee/api/oidc/token"
|
|
#op.jwkset_path: "https://auth.k-space.ee/jwks.json"
|
|
#op.userinfo_endpoint: "https://auth.k-space.ee/api/oidc/userinfo"
|
|
#rp.post_logout_redirect_uri: "https://kibana.k-space.ee/logged_out"
|
|
#claims.principal: preferred_username
|
|
---
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: Ingress
|
|
metadata:
|
|
name: kibana
|
|
annotations:
|
|
kubernetes.io/ingress.class: traefik
|
|
cert-manager.io/cluster-issuer: default
|
|
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
|
traefik.ingress.kubernetes.io/router.middlewares: traefik-sso@kubernetescrd
|
|
traefik.ingress.kubernetes.io/router.tls: "true"
|
|
external-dns.alpha.kubernetes.io/target: traefik.k-space.ee
|
|
spec:
|
|
rules:
|
|
- host: kibana.k-space.ee
|
|
http:
|
|
paths:
|
|
- pathType: Prefix
|
|
path: "/"
|
|
backend:
|
|
service:
|
|
name: kibana-kb-http
|
|
port:
|
|
number: 5601
|
|
tls:
|
|
- hosts:
|
|
- kibana.k-space.ee
|
|
secretName: kibana-tls
|