From 6da15a7942d829489b90ba8da3bdbad8b8f3105d Mon Sep 17 00:00:00 2001 From: Mariana Dima Date: Tue, 15 Feb 2022 17:11:05 +0100 Subject: [PATCH] Resolve kubernetes setup (#18) * fix docs * add scripts * script: enable execution permissions * ci: enable k8s specific validations (#19) * ci: enable k8s specific validations * add scripts * ci: use the rigth when * ci: enable k8s specific validations * ci: use the rigth when * script: enable execution permissions * script: enable execution permissions * ci: enable k8s specific validations * ci: use the rigth when * Update .ci/Jenkinsfile Co-authored-by: narph * delete cluster * test * add delete * ci: more resilience when installing kind See https://github.com/elastic/beats/pull/21857 * ci: argument in the signature is not needed * remove duplicate * ci: simplify kind/kubectl environment (#22) * revert aarch64 changes (#21) * revert aarch64 * fmt * rename * rename * rename * ci: run k8s validation for different versions (#25) Co-authored-by: Victor Martinez --- .ci/Jenkinsfile | 48 ++++++++++++++++++- deploy/kubernetes/Jenkinsfile.yml | 22 --------- deploy/kubernetes/README.md | 8 ++-- .../elastic-agent-standalone-kubernetes.yaml | 48 +++++++++---------- ...-agent-standalone-daemonset-configmap.yaml | 2 +- .../elastic-agent-standalone-daemonset.yaml | 12 ++--- ...elastic-agent-standalone-role-binding.yaml | 18 +++---- .../elastic-agent-standalone-role.yaml | 12 ++--- ...stic-agent-standalone-service-account.yaml | 4 +- 9 files changed, 98 insertions(+), 76 deletions(-) delete mode 100644 deploy/kubernetes/Jenkinsfile.yml diff --git a/.ci/Jenkinsfile b/.ci/Jenkinsfile index 51fba1cbc4a..6deb2d3ef8d 100644 --- a/.ci/Jenkinsfile +++ b/.ci/Jenkinsfile @@ -1,6 +1,6 @@ #!/usr/bin/env groovy -@Library('apm@feature/use-internal-ci') _ +@Library('apm@current') _ pipeline { agent { label 'ubuntu-20.04 && immutable' } @@ -99,6 +99,17 @@ pipeline { } } } + stage('K8s') { + when { + // TODO: Run only if changes in + // - "^deploy/kubernetes/.*" + // - "^version/docs/version.asciidoc" + expression { return env.PLATFORM == 'ubuntu-20.04 && immutable' } + } + steps { + runK8s(k8sVersion: 'v1.23.0', kindVersion: 'v0.11.1', context: "K8s-${PLATFORM}") + } + } } } } @@ -141,6 +152,17 @@ pipeline { } } } + stage('K8s') { + when { + // TODO: Run only if changes in + // - "^deploy/kubernetes/.*" + // - "^version/docs/version.asciidoc" + not { changeRequest() } + } + steps { + runAllK8s(["v1.23.0", "v1.22.0", "v1.21.1", "v1.20.7", "v1.19.11", "v1.18.19"]) + } + } stage('e2e tests') { when { beforeAgent true @@ -245,3 +267,27 @@ def withPackageDarwinEnv(Closure body) { body() } } + +def runAllK8s(versions) { + def parallelTasks = [:] + versions.each { version -> + node('ubuntu-20.04 && immutable') { + deleteDir() + unstash 'source' + runK8s(k8sVersion: version, kindVersion: 'v0.11.1', context: "K8s-${version}") + } + } + parallel(parallelTasks) +} + +def runK8s(Map args=[:]) { + withGithubNotify(context: args.context) { + withMageEnv(){ + withKindEnv(args) { + dir("${BASE_DIR}"){ + sh(label: "Deploy to kubernetes",script: "make -C deploy/kubernetes test") + } + } + } + } +} diff --git a/deploy/kubernetes/Jenkinsfile.yml b/deploy/kubernetes/Jenkinsfile.yml deleted file mode 100644 index 9828f892209..00000000000 --- a/deploy/kubernetes/Jenkinsfile.yml +++ /dev/null @@ -1,22 +0,0 @@ -when: - branches: true ## for all the branches - changeset: ## when PR contains any of those entries in the changeset - - "^deploy/kubernetes/.*" - - "^version/docs/version.asciidoc" - comments: ## when PR comment contains any of those entries - - "/test deploy/kubernetes" - labels: ## when PR labels matches any of those entries - - "kubernetes" - parameters: ## when parameter was selected in the UI. - - "kubernetes" - tags: true ## for all the tags -platform: "immutable && ubuntu-18" ## default label for all the stages -stages: - lint: - make: | - make -C deploy/kubernetes all; - make check-no-changes; - stage: lint - k8sTest: - k8sTest: "v1.23.0,v1.22.0,v1.21.1,v1.20.7,v1.19.11,v1.18.19" - stage: mandatory diff --git a/deploy/kubernetes/README.md b/deploy/kubernetes/README.md index b1ee4207d3e..f80e6f1f72e 100644 --- a/deploy/kubernetes/README.md +++ b/deploy/kubernetes/README.md @@ -2,12 +2,10 @@ ## Getting started -This is the list of officially supported Beats, with example manifests to run +This is the list of officially supported Elastic Agents, with example manifests to run them in Kubernetes: Beat | Description ---- | ---- -[filebeat](filebeat) | Tails and ships logs -[metricbeat](metricbeat) | Fetches sets of metrics from the operating system and services -[auditbeat](auditbeat) | Collect Linux audit framework data and monitor files integrity -[heartbeat](heartbeat) | Monitor services for their availability with active probing +[Elastic Agent managed](elastic-agent-managed) | Elastic Agent managed by Fleet setup +[Elastic Agent standalone](elastic-agent-standalone) | Standalone Elastic Agent setup diff --git a/deploy/kubernetes/elastic-agent-standalone-kubernetes.yaml b/deploy/kubernetes/elastic-agent-standalone-kubernetes.yaml index a46d8e3f4f6..6fded669bc6 100644 --- a/deploy/kubernetes/elastic-agent-standalone-kubernetes.yaml +++ b/deploy/kubernetes/elastic-agent-standalone-kubernetes.yaml @@ -4,7 +4,7 @@ metadata: name: agent-node-datastreams namespace: kube-system labels: - k8s-app: elastic-agent + k8s-app: elastic-agent-standalone data: agent.yml: |- outputs: @@ -512,27 +512,27 @@ data: apiVersion: apps/v1 kind: DaemonSet metadata: - name: elastic-agent + name: elastic-agent-standalone namespace: kube-system labels: - app: elastic-agent + app: elastic-agent-standalone spec: selector: matchLabels: - app: elastic-agent + app: elastic-agent-standalone template: metadata: labels: - app: elastic-agent + app: elastic-agent-standalone spec: tolerations: - key: node-role.kubernetes.io/master effect: NoSchedule - serviceAccountName: elastic-agent + serviceAccountName: elastic-agent-standalona hostNetwork: true dnsPolicy: ClusterFirstWithHostNet containers: - - name: elastic-agent + - name: elastic-agent-standalone image: docker.elastic.co/beats/elastic-agent:8.0.0 args: [ "-c", "/etc/agent.yml", @@ -599,50 +599,50 @@ spec: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: elastic-agent + name: elastic-agent-standalone subjects: - kind: ServiceAccount - name: elastic-agent + name: elastic-agent-standalone namespace: kube-system roleRef: kind: ClusterRole - name: elastic-agent + name: elastic-agent-standalone apiGroup: rbac.authorization.k8s.io --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: namespace: kube-system - name: elastic-agent + name: elastic-agent-standalone subjects: - kind: ServiceAccount - name: elastic-agent + name: elastic-agent-standalone namespace: kube-system roleRef: kind: Role - name: elastic-agent + name: elastic-agent-standalone apiGroup: rbac.authorization.k8s.io --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: elastic-agent-kubeadm-config + name: elastic-agent-standalone-kubeadm-config namespace: kube-system subjects: - kind: ServiceAccount - name: elastic-agent + name: elastic-agent-standalone namespace: kube-system roleRef: kind: Role - name: elastic-agent-kubeadm-config + name: elastic-agent-standalone-kubeadm-config apiGroup: rbac.authorization.k8s.io --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: elastic-agent + name: elastic-agent-standalone labels: - k8s-app: elastic-agent + k8s-app: elastic-agent-standalone rules: - apiGroups: [""] resources: @@ -689,11 +689,11 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - name: elastic-agent + name: elastic-agent-standalone # should be the namespace where elastic-agent is running namespace: kube-system labels: - k8s-app: elastic-agent + k8s-app: elastic-agent-standalone rules: - apiGroups: - coordination.k8s.io @@ -704,10 +704,10 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - name: elastic-agent-kubeadm-config + name: elastic-agent-standalone-kubeadm-config namespace: kube-system labels: - k8s-app: elastic-agent + k8s-app: elastic-agent-standalone rules: - apiGroups: [""] resources: @@ -719,8 +719,8 @@ rules: apiVersion: v1 kind: ServiceAccount metadata: - name: elastic-agent + name: elastic-agent-standalone namespace: kube-system labels: - k8s-app: elastic-agent + k8s-app: elastic-agent-standalone --- diff --git a/deploy/kubernetes/elastic-agent-standalone/elastic-agent-standalone-daemonset-configmap.yaml b/deploy/kubernetes/elastic-agent-standalone/elastic-agent-standalone-daemonset-configmap.yaml index 0ad4f609883..7375178badc 100644 --- a/deploy/kubernetes/elastic-agent-standalone/elastic-agent-standalone-daemonset-configmap.yaml +++ b/deploy/kubernetes/elastic-agent-standalone/elastic-agent-standalone-daemonset-configmap.yaml @@ -4,7 +4,7 @@ metadata: name: agent-node-datastreams namespace: kube-system labels: - k8s-app: elastic-agent + k8s-app: elastic-agent-standalone data: agent.yml: |- outputs: diff --git a/deploy/kubernetes/elastic-agent-standalone/elastic-agent-standalone-daemonset.yaml b/deploy/kubernetes/elastic-agent-standalone/elastic-agent-standalone-daemonset.yaml index 6cf04ef7fd4..afdd5763858 100644 --- a/deploy/kubernetes/elastic-agent-standalone/elastic-agent-standalone-daemonset.yaml +++ b/deploy/kubernetes/elastic-agent-standalone/elastic-agent-standalone-daemonset.yaml @@ -1,27 +1,27 @@ apiVersion: apps/v1 kind: DaemonSet metadata: - name: elastic-agent + name: elastic-agent-standalone namespace: kube-system labels: - app: elastic-agent + app: elastic-agent-standalone spec: selector: matchLabels: - app: elastic-agent + app: elastic-agent-standalone template: metadata: labels: - app: elastic-agent + app: elastic-agent-standalone spec: tolerations: - key: node-role.kubernetes.io/master effect: NoSchedule - serviceAccountName: elastic-agent + serviceAccountName: elastic-agent-standalone hostNetwork: true dnsPolicy: ClusterFirstWithHostNet containers: - - name: elastic-agent + - name: elastic-agent-standalone image: docker.elastic.co/beats/elastic-agent:%VERSION% args: [ "-c", "/etc/agent.yml", diff --git a/deploy/kubernetes/elastic-agent-standalone/elastic-agent-standalone-role-binding.yaml b/deploy/kubernetes/elastic-agent-standalone/elastic-agent-standalone-role-binding.yaml index 3dbc5a47fb6..cb1c21a2227 100644 --- a/deploy/kubernetes/elastic-agent-standalone/elastic-agent-standalone-role-binding.yaml +++ b/deploy/kubernetes/elastic-agent-standalone/elastic-agent-standalone-role-binding.yaml @@ -1,40 +1,40 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: elastic-agent + name: elastic-agent-standalone subjects: - kind: ServiceAccount - name: elastic-agent + name: elastic-agent-standalone namespace: kube-system roleRef: kind: ClusterRole - name: elastic-agent + name: elastic-agent-standalone apiGroup: rbac.authorization.k8s.io --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: namespace: kube-system - name: elastic-agent + name: elastic-agent-standalone subjects: - kind: ServiceAccount - name: elastic-agent + name: elastic-agent-standalone namespace: kube-system roleRef: kind: Role - name: elastic-agent + name: elastic-agent-standalone apiGroup: rbac.authorization.k8s.io --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: elastic-agent-kubeadm-config + name: elastic-agent-standalone-kubeadm-config namespace: kube-system subjects: - kind: ServiceAccount - name: elastic-agent + name: elastic-agent-standalone namespace: kube-system roleRef: kind: Role - name: elastic-agent-kubeadm-config + name: elastic-agent-standalone-kubeadm-config apiGroup: rbac.authorization.k8s.io diff --git a/deploy/kubernetes/elastic-agent-standalone/elastic-agent-standalone-role.yaml b/deploy/kubernetes/elastic-agent-standalone/elastic-agent-standalone-role.yaml index f0f6c2ca913..fe7d92d23c3 100644 --- a/deploy/kubernetes/elastic-agent-standalone/elastic-agent-standalone-role.yaml +++ b/deploy/kubernetes/elastic-agent-standalone/elastic-agent-standalone-role.yaml @@ -1,9 +1,9 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: elastic-agent + name: elastic-agent-standalone labels: - k8s-app: elastic-agent + k8s-app: elastic-agent-standalone rules: - apiGroups: [""] resources: @@ -50,11 +50,11 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - name: elastic-agent + name: elastic-agent-standalone # should be the namespace where elastic-agent is running namespace: kube-system labels: - k8s-app: elastic-agent + k8s-app: elastic-agent-standalone rules: - apiGroups: - coordination.k8s.io @@ -65,10 +65,10 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - name: elastic-agent-kubeadm-config + name: elastic-agent-standalone-kubeadm-config namespace: kube-system labels: - k8s-app: elastic-agent + k8s-app: elastic-agent-standalone rules: - apiGroups: [""] resources: diff --git a/deploy/kubernetes/elastic-agent-standalone/elastic-agent-standalone-service-account.yaml b/deploy/kubernetes/elastic-agent-standalone/elastic-agent-standalone-service-account.yaml index 43372b547d0..d6e983fc1d3 100644 --- a/deploy/kubernetes/elastic-agent-standalone/elastic-agent-standalone-service-account.yaml +++ b/deploy/kubernetes/elastic-agent-standalone/elastic-agent-standalone-service-account.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: elastic-agent + name: elastic-agent-standalone namespace: kube-system labels: - k8s-app: elastic-agent + k8s-app: elastic-agent-standalone