diff --git a/metricbeat/README.md b/metricbeat/README.md
index bf804138f..1a413cce5 100644
--- a/metricbeat/README.md
+++ b/metricbeat/README.md
@@ -65,38 +65,64 @@ helm install --name metricbeat elastic/metricbeat --set imageTag=7.6.2
## Configuration
-| Parameter | Description | Default |
-| ------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------- |
-| `metricbeatConfig` | Allows you to add any config files in `/usr/share/metricbeat` such as `metricbeat.yml`. See [values.yaml](https://github.com/elastic/helm-charts/tree/master/metricbeat/values.yaml) for an example of the formatting with the default configuration. | see [values.yaml](https://github.com/elastic/helm-charts/tree/master/metricbeat/values.yaml) |
-| `extraContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` |
-| `extraInitContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` |
-| `extraEnvs` | Extra [environment variables](https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config) which will be appended to the `env:` definition for the container | `[]` |
-| `extraVolumeMounts` | Templatable string of additional volumeMounts to be passed to the `tpl` function | `""` |
-| `extraVolumes` | Templatable string of additional volumes to be passed to the `tpl` function | `""` |
-| `envFrom` | Templatable string of envFrom to be passed to the [environment from variables](https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables) which will be appended to the `envFrom:` definition for the container | `[]` |
-| `hostPathRoot` | Fully-qualified [hostPath](https://kubernetes.io/docs/concepts/storage/volumes/#hostpath) that will be used to persist Metricbeat registry data | `/var/lib` |
-| `image` | The Metricbeat docker image | `docker.elastic.co/beats/metricbeat` |
-| `imageTag` | The Metricbeat docker image tag | `7.6.2` |
-| `imagePullPolicy` | The Kubernetes [imagePullPolicy](https://kubernetes.io/docs/concepts/containers/images/#updating-images) value | `IfNotPresent` |
-| `imagePullSecrets` | Configuration for [imagePullSecrets](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret) so that you can use a private registry for your image | `[]` |
-| `labels` | Configurable [label](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/) applied to all Metricbeat pods | `{}` |
-| `managedServiceAccount` | Whether the `serviceAccount` should be managed by this helm chart. Set this to `false` in order to manage your own service account and related roles. | `true` |
-| `clusterRoleRules` | Configurable [cluster role rules](https://kubernetes.io/docs/reference/access-authn-authz/rbac/#role-and-clusterrole) that Metricbeat uses to access Kubernetes resources. | see [values.yaml](https://github.com/elastic/helm-charts/tree/master/metricbeat/values.yaml) |
-| `podAnnotations` | Configurable [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) applied to all Metricbeat pods | `{}` |
-| `podSecurityContext` | Configurable [podSecurityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) for Metricbeat pod execution environment | `runAsUser: 0`
`privileged: false` |
-| `livenessProbe` | Parameters to pass to [liveness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/) checks for values such as timeouts and thresholds. | `failureThreshold: 3`
`initialDelaySeconds: 10`
`periodSeconds: 10`
`successThreshold: 3`
`timeoutSeconds: 5` |
-| `readinessProbe` | Parameters to pass to [readiness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/) checks for values such as timeouts and thresholds. | `failureThreshold: 3`
`initialDelaySeconds: 10`
`periodSeconds: 10`
`successThreshold: 3`
`timeoutSeconds: 5` |
-| `resources` | Allows you to set the [resources](https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/) for the `DaemonSet` | `requests.cpu: 100m`
`requests.memory: 100Mi`
`limits.cpu: 1000m`
`limits.memory: 200Mi` |
-| `serviceAccount` | Custom [serviceAccount](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/) that Metricbeat will use during execution. By default will use the service account created by this chart. | `""` |
-| `secretMounts` | Allows you easily mount a secret as a file inside the `DaemonSet`. Useful for mounting certificates and other secrets. See [values.yaml](https://github.com/elastic/helm-charts/tree/master/metricbeat/values.yaml) for an example | `[]` |
-| `terminationGracePeriod` | Termination period (in seconds) to wait before killing Metricbeat pod process on pod shutdown | `30` |
-| `tolerations` | Configurable [tolerations](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` |
-| `nodeSelector` | Configurable [nodeSelector](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector) | `{}` |
-| `affinity` | Configurable [affinity](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity) | `{}` |
-| `updateStrategy` | The [updateStrategy](https://kubernetes.io/docs/tasks/manage-daemon/update-daemon-set/#daemonset-update-strategy) for the `DaemonSet`. By default Kubernetes will kill and recreate pods on updates. Setting this to `OnDelete` will require that pods be deleted manually. | `RollingUpdate` |
-| `priorityClassName` | The [name of the PriorityClass](https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass). No default is supplied as the PriorityClass must be created first. | `""` |
-| `replicas` | The replica count for the metricbeat deployment talking to kube-state-metrics | `1` |
-| `fullnameOverride` | Overrides the full name of the resources. If not set the name will default to "`.Release.Name`-`.Values.nameOverride or .Chart.Name`" | `""` |
+| Parameter | Description | Default |
+| --- | --- | --- |
+| `daemonset.affinity` | Configurable [affinity][] for Metricbeat `DaemonSet`. | `{}` |
+| `daemonset.envFrom` | Templatable string of `envFrom` to be passed to the [environment from variables][] which will be appended to Metricbeat container for `DaemonSet`. | `[]` |
+| `daemonset.extraEnvs` | Extra [environment variables][] which will be appended to Metricbeat container for `DaemonSet`. | `[]` |
+| `daemonset.extraVolumes` | Templatable string of additional volumes to be passed to the `tpl` function or `DaemonSet`. | `[]` |
+| `daemonset.extraVolumeMounts` | Templatable string of additional volumeMounts to be passed to the `tpl` function or `DaemonSet`. | `[]` |
+| `daemonset.metricbeatConfig` | Allows you to add any config files in `/usr/share/metricbeat` such as `metricbeat.yml` for Metricbeat `DaemonSet`. | see [values.yaml][] |
+| `daemonset.nodeSelector` | Configurable [nodeSelector][] for Metricbeat `DaemonSet`. | `{}` |
+| `daemonset.secretMounts` | Allows you easily mount a secret as a file inside the `DaemonSet`. Useful for mounting certificates and other secrets. See [values.yaml][] for an example | `[]` |
+| `daemonset.securityContext` | Configurable [securityContext][] for Metricbeat `DaemonSet` pod execution environment. | `runAsUser: 0`
`privileged: false` |
+| `daemonset.resources` | Allows you to set the [resources][] for Metricbeat `DaemonSet`. | `requests.cpu: 100m`
`requests.memory: 100Mi`
`limits.cpu: 1000m`
`limits.memory: 200Mi` |
+| `daemonset.tolerations` | Configurable [tolerations][] for Metricbeat `DaemonSet`. | `[]` |
+| `deployment.affinity` | Configurable [affinity][] for Metricbeat `Deployment`. | `{}` |
+| `deployment.envFrom` | Templatable string of `envFrom` to be passed to the [environment from variables][] which will be appended to Metricbeat container for `Deployment`. | `[]` |
+| `deployment.extraEnvs` | Extra [environment variables][] which will be appended to Metricbeat container for `Deployment`. | `[]` |
+| `deployment.extraVolumes` | Templatable string of additional volumes to be passed to the `tpl` function or `Deployment`. | `[]` |
+| `deployment.extraVolumeMounts` | Templatable string of additional volumeMounts to be passed to the `tpl` function or `DaemonSet`. | `[]` |
+| `deployment.metricbeatConfig` | Allows you to add any config files in `/usr/share/metricbeat` such as `metricbeat.yml` for Metricbeat `Deployment`. | see [values.yaml][] |
+| `deployment.nodeSelector` | Configurable [nodeSelector][] for Metricbeat `Deployment`. | `{}` |
+| `deployment.secretMounts` | Allows you easily mount a secret as a file inside the `Deployment`. Useful for mounting certificates and other secrets. See [values.yaml][] for an example | `[]` |
+| `deployment.securityContext` | Configurable [securityContext][] for Metricbeat `Deployment` pod execution environment. | `runAsUser: 0`
`privileged: false` |
+| `deployment.resources` | Allows you to set the [resources][] for Metricbeat `Deployment`. | `requests.cpu: 100m`
`requests.memory: 100Mi`
`limits.cpu: 1000m`
`limits.memory: 200Mi` |
+| `deployment.tolerations` | Configurable [tolerations][] for Metricbeat `Deployment`. | `[]` |
+| `extraContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` |
+| `extraInitContainers` | Templatable string of additional containers to be passed to the `tpl` function | `""` |
+| `hostPathRoot` | Fully-qualified [hostPath][] that will be used to persist Metricbeat registry data | `/var/lib` |
+| `image` | The Metricbeat docker image | `docker.elastic.co/beats/metricbeat` |
+| `imageTag` | The Metricbeat docker image tag | `7.6.2` |
+| `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` |
+| `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` |
+| `labels` | Configurable [label][] applied to all Metricbeat pods | `{}` |
+| `managedServiceAccount` | Whether the `serviceAccount` should be managed by this helm chart. Set this to `false` in order to manage your own service account and related roles. | `true` |
+| `clusterRoleRules` | Configurable [cluster role rules][] that Metricbeat uses to access Kubernetes resources. | see [values.yaml][] |
+| `podAnnotations` | Configurable [annotations][] applied to all Metricbeat pods | `{}` |
+| `livenessProbe` | Parameters to pass to [liveness probe][] checks for values such as timeouts and thresholds. | `failureThreshold: 3`
`initialDelaySeconds: 10`
`periodSeconds: 10`
`successThreshold: 3`
`timeoutSeconds: 5` |
+| `readinessProbe` | Parameters to pass to [readiness probe][] checks for values such as timeouts and thresholds. | `failureThreshold: 3`
`initialDelaySeconds: 10`
`periodSeconds: 10`
`successThreshold: 3`
`timeoutSeconds: 5` |
+| `serviceAccount` | Custom [serviceAccount][] that Metricbeat will use during execution. By default will use the service account created by this chart. | `""` |
+| `terminationGracePeriod` | Termination period (in seconds) to wait before killing Metricbeat pod process on pod shutdown | `30` |
+| `updateStrategy` | The [updateStrategy][] for the `DaemonSet`. By default Kubernetes will kill and recreate pods on updates. Setting this to `OnDelete` will require that pods be deleted manually. | `RollingUpdate` |
+| `priorityClassName` | The [name of the PriorityClass][]. No default is supplied as the PriorityClass must be created first. | `""` |
+| `replicas` | The replica count for the metricbeat deployment talking to kube-state-metrics | `1` |
+| `fullnameOverride` | Overrides the full name of the resources. If not set the name will default to "`.Release.Name`-`.Values.nameOverride or .Chart.Name`" | `""` |
+
+### Deprecated
+| Parameter | Description | Default |
+| --- | --- | --- |
+| `affinity` | Configurable [affinity][] for Metricbeat `DaemonSet`. | `{}` |
+| `extraEnvs` | Extra [environment variables][] which will be appended to Metricbeat container for both `DaemonSet` and `Deployment`. | `[]` |
+| `extraVolumes` | Templatable string of additional volumes to be passed to the `tpl` function for both `DaemonSet` and `Deployment`. | `[]` |
+| `extraVolumeMounts` | Templatable string of additional volumeMounts to be passed to the `tpl` function for both `DaemonSet` and `Deployment`. | `[]` |
+| `deployment.envFrom` | Templatable string to be passed to the [environment from variables][] which will be appended to Metricbeat container for both `DaemonSet` and `Deployment`. | `[]` |
+| `metricbeatConfig` | Allows you to add any config files in `/usr/share/metricbeat` such as `metricbeat.yml` for both Metricbeat `DaemonSet` and `Deployment`. | `{}` |
+| `nodeSelector` | Configurable [nodeSelector][] for Metricbeat `DaemonSet`. | `{}` |
+| `podSecurityContext` | Configurable [securityContext][] for Metricbeat `DaemonSet` and `Deployment` pod execution environment. | `{}` |
+| `resources` | Allows you to set the [resources][] for both Metricbeat `DaemonSet` and `Deployment`. | `{}` |
+| `secretMounts` | Allows you easily mount a secret as a file inside `DaemonSet` and `Deployment`. Useful for mounting certificates and other secrets. | `[]` |
+| `tolerations` | Configurable [tolerations][] for both Metricbeat `DaemonSet` and `Deployment`. | `[]` |
## Examples
@@ -146,3 +172,23 @@ To run the goss tests against the default example:
cd examples/default
make goss
```
+
+[affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
+[annotations]: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
+[cluster role rules]: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#role-and-clusterrole
+[environment variables]: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config
+[environment from variables]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables
+[hostPath]: https://kubernetes.io/docs/concepts/storage/volumes/#hostpath
+[imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images
+[imagePullSecrets]: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret
+[label]: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
+[liveness probe]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/
+[name of the PriorityClass]: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass
+[nodeSelector]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
+[securityContext]: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
+[readiness probe]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/
+[resources]: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
+[serviceAccount]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
+[tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
+[updateStrategy]: https://kubernetes.io/docs/tasks/manage-daemon/update-daemon-set/#daemonset-update-strategy
+[values.yaml]: https://github.com/elastic/helm-charts/tree/master/metricbeat/values.yaml
diff --git a/metricbeat/examples/6.x/test/goss-metrics.yaml b/metricbeat/examples/6.x/test/goss-metrics.yaml
index 8f60496c0..b255e48d1 100644
--- a/metricbeat/examples/6.x/test/goss-metrics.yaml
+++ b/metricbeat/examples/6.x/test/goss-metrics.yaml
@@ -5,7 +5,7 @@ port:
- '127.0.0.1'
mount:
- /usr/share/metricbeat/kube-state-metrics-metricbeat.yml:
+ /usr/share/metricbeat/metricbeat.yml:
exists: true
opts:
- ro
@@ -32,7 +32,6 @@ file:
/usr/share/metricbeat/metricbeat.yml:
exists: true
contains:
- - 'add_kubernetes_metadata'
- 'output.elasticsearch'
command:
diff --git a/metricbeat/examples/default/test/goss-metrics.yaml b/metricbeat/examples/default/test/goss-metrics.yaml
index e079450d6..a6a81a47a 100644
--- a/metricbeat/examples/default/test/goss-metrics.yaml
+++ b/metricbeat/examples/default/test/goss-metrics.yaml
@@ -5,7 +5,7 @@ port:
- '127.0.0.1'
mount:
- /usr/share/metricbeat/kube-state-metrics-metricbeat.yml:
+ /usr/share/metricbeat/metricbeat.yml:
exists: true
opts:
- ro
@@ -33,7 +33,6 @@ file:
/usr/share/metricbeat/metricbeat.yml:
exists: true
contains:
- - 'add_kubernetes_metadata'
- 'output.elasticsearch'
- 'elasticsearch-master:9200'
diff --git a/metricbeat/examples/oss/test/goss-metrics.yaml b/metricbeat/examples/oss/test/goss-metrics.yaml
index 251165a9a..3b665cbf2 100644
--- a/metricbeat/examples/oss/test/goss-metrics.yaml
+++ b/metricbeat/examples/oss/test/goss-metrics.yaml
@@ -5,7 +5,7 @@ port:
- '127.0.0.1'
mount:
- /usr/share/metricbeat/kube-state-metrics-metricbeat.yml:
+ /usr/share/metricbeat/metricbeat.yml:
exists: true
opts:
- ro
@@ -32,7 +32,6 @@ file:
/usr/share/metricbeat/metricbeat.yml:
exists: true
contains:
- - 'add_kubernetes_metadata'
- 'output.elasticsearch'
command:
diff --git a/metricbeat/examples/oss/values.yaml b/metricbeat/examples/oss/values.yaml
index 89f2d453c..29791cc2c 100644
--- a/metricbeat/examples/oss/values.yaml
+++ b/metricbeat/examples/oss/values.yaml
@@ -1,5 +1,11 @@
image: docker.elastic.co/beats/metricbeat-oss
-extraEnvs:
- - name: ELASTICSEARCH_HOSTS
- value: oss-master:9200
+daemonset:
+ extraEnvs:
+ - name: ELASTICSEARCH_HOSTS
+ value: oss-master:9200
+
+deployment:
+ extraEnvs:
+ - name: ELASTICSEARCH_HOSTS
+ value: oss-master:9200
diff --git a/metricbeat/examples/security/test/goss-metrics.yaml b/metricbeat/examples/security/test/goss-metrics.yaml
index 1b8e35c69..4f08a9f6c 100644
--- a/metricbeat/examples/security/test/goss-metrics.yaml
+++ b/metricbeat/examples/security/test/goss-metrics.yaml
@@ -5,7 +5,7 @@ port:
- '127.0.0.1'
mount:
- /usr/share/metricbeat/kube-state-metrics-metricbeat.yml:
+ /usr/share/metricbeat/metricbeat.yml:
exists: true
opts:
- ro
@@ -38,7 +38,6 @@ file:
/usr/share/metricbeat/metricbeat.yml:
exists: true
contains:
- - 'add_kubernetes_metadata'
- 'output.elasticsearch'
command:
diff --git a/metricbeat/examples/security/values.yaml b/metricbeat/examples/security/values.yaml
index 8b48e814e..2939d1c20 100644
--- a/metricbeat/examples/security/values.yaml
+++ b/metricbeat/examples/security/values.yaml
@@ -1,91 +1,110 @@
-metricbeatConfig:
- metricbeat.yml: |
- metricbeat.modules:
- - module: kubernetes
- metricsets:
- - container
- - node
- - pod
- - system
- - volume
- period: 10s
- host: "${NODE_NAME}"
- hosts: ["https://${NODE_NAME}:10250"]
- bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
- ssl.verification_mode: "none"
- # If using Red Hat OpenShift remove ssl.verification_mode entry and
- # uncomment these settings:
- #ssl.certificate_authorities:
- #- /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
- processors:
- - add_kubernetes_metadata: ~
- - module: kubernetes
- enabled: true
- metricsets:
- - event
- - module: system
- period: 10s
- metricsets:
- - cpu
- - load
- - memory
- - network
- - process
- - process_summary
- processes: ['.*']
- process.include_top_n:
- by_cpu: 5
- by_memory: 5
- - module: system
- period: 1m
- metricsets:
- - filesystem
- - fsstat
- processors:
- - drop_event.when.regexp:
- system.filesystem.mount_point: '^/(sys|cgroup|proc|dev|etc|host|lib)($|/)'
-
- output.elasticsearch:
- username: '${ELASTICSEARCH_USERNAME}'
- password: '${ELASTICSEARCH_PASSWORD}'
- protocol: https
- hosts: ["security-master:9200"]
- ssl.certificate_authorities:
- - /usr/share/metricbeat/config/certs/elastic-certificate.pem
-
- kube-state-metrics-metricbeat.yml: |
- metricbeat.modules:
- - module: kubernetes
- enabled: true
- metricsets:
- - state_node
- - state_deployment
- - state_replicaset
- - state_pod
- - state_container
- period: 10s
- hosts: ["${KUBE_STATE_METRICS_HOSTS}"]
- output.elasticsearch:
- username: '${ELASTICSEARCH_USERNAME}'
- password: '${ELASTICSEARCH_PASSWORD}'
- protocol: https
- hosts: ["security-master:9200"]
- ssl.certificate_authorities:
- - /usr/share/metricbeat/config/certs/elastic-certificate.pem
-
-secretMounts:
+daemonset:
+ extraEnvs:
+ - name: 'ELASTICSEARCH_USERNAME'
+ valueFrom:
+ secretKeyRef:
+ name: elastic-credentials
+ key: username
+ - name: 'ELASTICSEARCH_PASSWORD'
+ valueFrom:
+ secretKeyRef:
+ name: elastic-credentials
+ key: password
+ # Allows you to add any config files in /usr/share/metricbeat
+ # such as metricbeat.yml for daemonset
+ metricbeatConfig:
+ metricbeat.yml: |
+ metricbeat.modules:
+ - module: kubernetes
+ metricsets:
+ - container
+ - node
+ - pod
+ - system
+ - volume
+ period: 10s
+ host: "${NODE_NAME}"
+ hosts: ["https://${NODE_NAME}:10250"]
+ bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
+ ssl.verification_mode: "none"
+ # If using Red Hat OpenShift remove ssl.verification_mode entry and
+ # uncomment these settings:
+ #ssl.certificate_authorities:
+ #- /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
+ processors:
+ - add_kubernetes_metadata: ~
+ - module: kubernetes
+ enabled: true
+ metricsets:
+ - event
+ - module: system
+ period: 10s
+ metricsets:
+ - cpu
+ - load
+ - memory
+ - network
+ - process
+ - process_summary
+ processes: ['.*']
+ process.include_top_n:
+ by_cpu: 5
+ by_memory: 5
+ - module: system
+ period: 1m
+ metricsets:
+ - filesystem
+ - fsstat
+ processors:
+ - drop_event.when.regexp:
+ system.filesystem.mount_point: '^/(sys|cgroup|proc|dev|etc|host|lib)($|/)'
+ output.elasticsearch:
+ username: '${ELASTICSEARCH_USERNAME}'
+ password: '${ELASTICSEARCH_PASSWORD}'
+ protocol: https
+ hosts: ["security-master:9200"]
+ ssl.certificate_authorities:
+ - /usr/share/metricbeat/config/certs/elastic-certificate.pem
+ secretMounts:
- name: elastic-certificate-pem
secretName: elastic-certificate-pem
path: /usr/share/metricbeat/config/certs
-extraEnvs:
- - name: 'ELASTICSEARCH_USERNAME'
- valueFrom:
- secretKeyRef:
- name: elastic-credentials
- key: username
- - name: 'ELASTICSEARCH_PASSWORD'
- valueFrom:
- secretKeyRef:
- name: elastic-credentials
- key: password
+deployment:
+ extraEnvs:
+ - name: 'ELASTICSEARCH_USERNAME'
+ valueFrom:
+ secretKeyRef:
+ name: elastic-credentials
+ key: username
+ - name: 'ELASTICSEARCH_PASSWORD'
+ valueFrom:
+ secretKeyRef:
+ name: elastic-credentials
+ key: password
+ # Allows you to add any config files in /usr/share/metricbeat
+ # such as metricbeat.yml for deployment
+ metricbeatConfig:
+ metricbeat.yml: |
+ metricbeat.modules:
+ - module: kubernetes
+ enabled: true
+ metricsets:
+ - state_node
+ - state_deployment
+ - state_replicaset
+ - state_pod
+ - state_container
+ period: 10s
+ hosts: ["${KUBE_STATE_METRICS_HOSTS}"]
+ output.elasticsearch:
+ username: '${ELASTICSEARCH_USERNAME}'
+ password: '${ELASTICSEARCH_PASSWORD}'
+ protocol: https
+ hosts: ["security-master:9200"]
+ ssl.certificate_authorities:
+ - /usr/share/metricbeat/config/certs/elastic-certificate.pem
+ secretMounts:
+ - name: elastic-certificate-pem
+ secretName: elastic-certificate-pem
+ path: /usr/share/metricbeat/config/certs
diff --git a/metricbeat/templates/configmap.yaml b/metricbeat/templates/configmap.yaml
index 09e381ce7..54183db1b 100644
--- a/metricbeat/templates/configmap.yaml
+++ b/metricbeat/templates/configmap.yaml
@@ -15,3 +15,39 @@ data:
{{ $config | indent 4 -}}
{{- end -}}
{{- end -}}
+
+{{- if .Values.daemonset.metricbeatConfig }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ template "metricbeat.fullname" . }}-daemonset-config
+ labels:
+ app: "{{ template "metricbeat.fullname" . }}"
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ heritage: {{ .Release.Service | quote }}
+ release: {{ .Release.Name | quote }}
+data:
+{{- range $path, $config := .Values.daemonset.metricbeatConfig }}
+ {{ $path }}: |
+{{ $config | indent 4 -}}
+{{- end -}}
+{{- end -}}
+
+{{- if .Values.deployment.metricbeatConfig }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ template "metricbeat.fullname" . }}-deployment-config
+ labels:
+ app: "{{ template "metricbeat.fullname" . }}"
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ heritage: {{ .Release.Service | quote }}
+ release: {{ .Release.Name | quote }}
+data:
+{{- range $path, $config := .Values.deployment.metricbeatConfig }}
+ {{ $path }}: |
+{{ $config | indent 4 -}}
+{{- end -}}
+{{- end -}}
diff --git a/metricbeat/templates/daemonset.yaml b/metricbeat/templates/daemonset.yaml
index 4ef74e6b9..b057059e0 100644
--- a/metricbeat/templates/daemonset.yaml
+++ b/metricbeat/templates/daemonset.yaml
@@ -38,22 +38,16 @@ spec:
{{ $key }}: {{ $value | quote }}
{{- end }}
spec:
- {{- with .Values.tolerations }}
- tolerations: {{ toYaml . | nindent 6 }}
- {{- end }}
- {{- with .Values.nodeSelector }}
- nodeSelector: {{ toYaml . | nindent 8 }}
- {{- end }}
+ affinity: {{ toYaml ( .Values.affinity | default .Values.daemonset.affinity ) | nindent 8 }}
+ nodeSelector: {{ toYaml ( .Values.nodeSelector | default .Values.daemonset.nodeSelector ) | nindent 8 }}
+ tolerations: {{ toYaml ( .Values.tolerations | default .Values.daemonset.tolerations ) | nindent 8 }}
{{- if .Values.priorityClassName }}
priorityClassName: {{ .Values.priorityClassName }}
{{- end }}
- {{- with .Values.affinity }}
- affinity: {{ toYaml . | nindent 8 -}}
- {{- end }}
serviceAccountName: {{ template "metricbeat.serviceAccount" . }}
terminationGracePeriodSeconds: {{ .Values.terminationGracePeriod }}
volumes:
- {{- range .Values.secretMounts }}
+ {{- range .Values.secretMounts | default .Values.daemonset.secretMounts }}
- name: {{ .name }}
secret:
secretName: {{ .secretName }}
@@ -63,6 +57,11 @@ spec:
configMap:
defaultMode: 0600
name: {{ template "metricbeat.fullname" . }}-config
+ {{- else if .Values.daemonset.metricbeatConfig }}
+ - name: metricbeat-config
+ configMap:
+ defaultMode: 0600
+ name: {{ template "metricbeat.fullname" . }}-daemonset-config
{{- end }}
- name: data
hostPath:
@@ -77,8 +76,8 @@ spec:
- name: cgroup
hostPath:
path: /sys/fs/cgroup
- {{- if .Values.extraVolumes }}
-{{ toYaml .Values.extraVolumes | indent 6 }}
+ {{- if .Values.extraVolumes | default .Values.daemonset.extraVolumes }}
+{{ toYaml ( .Values.extraVolumes | default .Values.daemonset.extraVolumes ) | indent 6 }}
{{- end }}
{{- if .Values.imagePullSecrets }}
imagePullSecrets:
@@ -101,8 +100,7 @@ spec:
{{ toYaml .Values.livenessProbe | indent 10 }}
readinessProbe:
{{ toYaml .Values.readinessProbe | indent 10 }}
- resources:
-{{ toYaml .Values.resources | indent 10 }}
+ resources: {{ toYaml ( .Values.resources | default .Values.daemonset.resources ) | nindent 10 }}
env:
- name: POD_NAMESPACE
valueFrom:
@@ -112,19 +110,13 @@ spec:
valueFrom:
fieldRef:
fieldPath: spec.nodeName
-{{- if .Values.extraEnvs }}
-{{ toYaml .Values.extraEnvs | indent 8 }}
-{{- end }}
-{{- if .Values.envFrom }}
- envFrom:
-{{ toYaml .Values.envFrom | indent 10 }}
-{{- end }}
-{{- if .Values.podSecurityContext }}
- securityContext:
-{{ toYaml .Values.podSecurityContext | indent 10 }}
+{{- if .Values.extraEnvs | default .Values.daemonset.extraEnvs }}
+{{ toYaml ( .Values.extraEnvs | default .Values.daemonset.extraEnvs ) | indent 8 }}
{{- end }}
+ envFrom: {{ toYaml ( .Values.envFrom | default .Values.daemonset.envFrom ) | nindent 10 }}
+ securityContext: {{ toYaml ( .Values.podSecurityContext | default .Values.daemonset.securityContext ) | nindent 10 }}
volumeMounts:
- {{- range .Values.secretMounts }}
+ {{- range .Values.secretMounts | default .Values.daemonset.secretMounts }}
- name: {{ .name }}
mountPath: {{ .path }}
{{- if .subPath }}
@@ -136,6 +128,13 @@ spec:
mountPath: /usr/share/metricbeat/{{ $path }}
readOnly: true
subPath: {{ $path }}
+ {{ else }}
+ {{- range $path, $config := .Values.daemonset.metricbeatConfig }}
+ - name: metricbeat-config
+ mountPath: /usr/share/metricbeat/{{ $path }}
+ readOnly: true
+ subPath: {{ $path }}
+ {{- end }}
{{- end }}
- name: data
mountPath: /usr/share/metricbeat/data
@@ -150,8 +149,8 @@ spec:
- name: cgroup
mountPath: /hostfs/sys/fs/cgroup
readOnly: true
- {{- if .Values.extraVolumeMounts }}
-{{ toYaml .Values.extraVolumeMounts | indent 8 }}
+ {{- if .Values.extraVolumeMounts | default .Values.daemonset.extraVolumeMounts }}
+{{ toYaml ( .Values.extraVolumeMounts | default .Values.daemonset.extraVolumeMounts ) | indent 8 }}
{{- end }}
{{- if .Values.extraContainers }}
{{ tpl .Values.extraContainers . | indent 6 }}
diff --git a/metricbeat/templates/deployment.yaml b/metricbeat/templates/deployment.yaml
index 225160b47..ca056d42b 100644
--- a/metricbeat/templates/deployment.yaml
+++ b/metricbeat/templates/deployment.yaml
@@ -32,17 +32,16 @@ spec:
heritage: '{{ .Release.Service }}'
release: '{{ .Release.Name }}'
spec:
- {{- with .Values.tolerations }}
- tolerations:
-{{ toYaml . | indent 6 }}
- {{- end }}
+ affinity: {{ toYaml .Values.deployment.affinity | nindent 8 }}
+ nodeSelector: {{ toYaml .Values.deployment.nodeSelector | nindent 8 }}
+ tolerations: {{ toYaml ( .Values.tolerations | default .Values.deployment.tolerations ) | nindent 8 }}
{{- if .Values.priorityClassName }}
priorityClassName: {{ .Values.priorityClassName }}
{{- end }}
serviceAccountName: {{ template "metricbeat.serviceAccount" . }}
terminationGracePeriodSeconds: {{ .Values.terminationGracePeriod }}
volumes:
- {{- range .Values.secretMounts }}
+ {{- range .Values.secretMounts | default .Values.deployment.secretMounts }}
- name: {{ .name }}
secret:
secretName: {{ .secretName }}
@@ -52,9 +51,14 @@ spec:
configMap:
defaultMode: 0600
name: {{ template "metricbeat.fullname" . }}-config
+ {{- else if .Values.deployment.metricbeatConfig }}
+ - name: metricbeat-config
+ configMap:
+ defaultMode: 0600
+ name: {{ template "metricbeat.fullname" . }}-deployment-config
{{- end }}
- {{- if .Values.extraVolumes }}
-{{ toYaml .Values.extraVolumes | indent 6 }}
+ {{- if .Values.extraVolumes | default .Values.deployment.extraVolumes }}
+{{ toYaml ( .Values.extraVolumes | default .Values.deployment.extraVolumes ) | indent 6 }}
{{- end }}
{{- if .Values.imagePullSecrets }}
imagePullSecrets:
@@ -69,8 +73,6 @@ spec:
image: "{{ .Values.image }}:{{ .Values.imageTag }}"
imagePullPolicy: "{{ .Values.imagePullPolicy }}"
args:
- - "-c"
- - "/usr/share/metricbeat/kube-state-metrics-metricbeat.yml"
- "-e"
- "-E"
- "http.enabled=true"
@@ -78,8 +80,7 @@ spec:
{{ toYaml .Values.livenessProbe | indent 10 }}
readinessProbe:
{{ toYaml .Values.readinessProbe | indent 10 }}
- resources:
-{{ toYaml .Values.resources | indent 10 }}
+ resources: {{ toYaml ( .Values.resources | default .Values.deployment.resources ) | nindent 10 }}
env:
- name: POD_NAMESPACE
valueFrom:
@@ -87,19 +88,13 @@ spec:
fieldPath: metadata.namespace
- name: KUBE_STATE_METRICS_HOSTS
value: "$({{ .Release.Name | replace "-" "_" | upper }}_KUBE_STATE_METRICS_SERVICE_HOST):$({{ .Release.Name | replace "-" "_" | upper }}_KUBE_STATE_METRICS_SERVICE_PORT_HTTP)"
-{{- if .Values.extraEnvs }}
-{{ toYaml .Values.extraEnvs | indent 8 }}
-{{- end }}
-{{- if .Values.envFrom }}
- envFrom:
-{{ toYaml .Values.envFrom | indent 10 }}
-{{- end }}
-{{- if .Values.podSecurityContext }}
- securityContext:
-{{ toYaml .Values.podSecurityContext | indent 10 }}
+{{- if .Values.extraEnvs | default .Values.deployment.extraEnvs }}
+{{ toYaml ( .Values.extraEnvs | default .Values.deployment.extraEnvs ) | indent 8 }}
{{- end }}
+ envFrom: {{ toYaml ( .Values.envFrom | default .Values.deployment.envFrom ) | nindent 10 }}
+ securityContext: {{ toYaml ( .Values.podSecurityContext | default .Values.deployment.securityContext ) | nindent 10 }}
volumeMounts:
- {{- range .Values.secretMounts }}
+ {{- range .Values.secretMounts | default .Values.deployment.secretMounts }}
- name: {{ .name }}
mountPath: {{ .path }}
{{- if .subPath }}
@@ -111,9 +106,16 @@ spec:
mountPath: /usr/share/metricbeat/{{ $path }}
readOnly: true
subPath: {{ $path }}
+ {{ else }}
+ {{- range $path, $config := .Values.deployment.metricbeatConfig }}
+ - name: metricbeat-config
+ mountPath: /usr/share/metricbeat/{{ $path }}
+ readOnly: true
+ subPath: {{ $path }}
+ {{- end }}
{{- end }}
- {{- if .Values.extraVolumeMounts }}
-{{ toYaml .Values.extraVolumeMounts | indent 8 }}
+ {{- if .Values.extraVolumeMounts | default .Values.deployment.extraVolumeMounts }}
+{{ toYaml ( .Values.extraVolumeMounts | default .Values.deployment.extraVolumeMounts ) | indent 8 }}
{{- end }}
{{- if .Values.extraContainers }}
{{ tpl .Values.extraContainers . | indent 6 }}
diff --git a/metricbeat/tests/metricbeat_test.py b/metricbeat/tests/metricbeat_test.py
index 447f5cf3f..91c1bfeed 100644
--- a/metricbeat/tests/metricbeat_test.py
+++ b/metricbeat/tests/metricbeat_test.py
@@ -27,9 +27,39 @@ def test_defaults():
assert "metricbeat test output" in c["readinessProbe"]["exec"]["command"][-1]
+ assert r["daemonset"][name]["spec"]["template"]["spec"]["tolerations"] == []
+ assert (
+ r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["tolerations"]
+ == []
+ )
+
+ assert (
+ r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][
+ "securityContext"
+ ]["runAsUser"]
+ == 0
+ )
+ assert (
+ r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][
+ "securityContext"
+ ]["privileged"]
+ == False
+ )
+ assert (
+ r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["containers"][0][
+ "securityContext"
+ ]["runAsUser"]
+ == 0
+ )
+ assert (
+ r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["containers"][0][
+ "securityContext"
+ ]["privileged"]
+ == False
+ )
+
# Empty customizable defaults
assert "imagePullSecrets" not in r["daemonset"][name]["spec"]["template"]["spec"]
- assert "tolerations" not in r["daemonset"][name]["spec"]["template"]["spec"]
assert r["daemonset"][name]["spec"]["updateStrategy"]["type"] == "RollingUpdate"
@@ -37,14 +67,75 @@ def test_defaults():
r["daemonset"][name]["spec"]["template"]["spec"]["serviceAccountName"] == name
)
- volumes = r["daemonset"][name]["spec"]["template"]["spec"]["volumes"]
+ cfg = r["configmap"]
+
+ assert name + "-config" not in cfg
+ assert name + "-daemonset-config" in cfg
+ assert name + "-deployment-config" in cfg
+
+ assert "metricbeat.yml" in cfg[name + "-daemonset-config"]["data"]
+ assert "metricbeat.yml" in cfg[name + "-deployment-config"]["data"]
+
+ assert "module: system" in cfg[name + "-daemonset-config"]["data"]["metricbeat.yml"]
+ assert (
+ "module: system"
+ not in cfg[name + "-deployment-config"]["data"]["metricbeat.yml"]
+ )
+ assert "state_pod" not in cfg[name + "-daemonset-config"]["data"]["metricbeat.yml"]
+ assert "state_pod" in cfg[name + "-deployment-config"]["data"]["metricbeat.yml"]
+
+ daemonset = r["daemonset"][name]["spec"]["template"]["spec"]
+
+ assert {
+ "configMap": {"name": name + "-config", "defaultMode": 0o600},
+ "name": project + "-config",
+ } not in daemonset["volumes"]
+ assert {
+ "configMap": {"name": name + "-daemonset-config", "defaultMode": 0o600},
+ "name": project + "-config",
+ } in daemonset["volumes"]
+
assert {
"name": "data",
"hostPath": {
"path": "/var/lib/" + name + "-default-data",
"type": "DirectoryOrCreate",
},
- } in volumes
+ } in daemonset["volumes"]
+
+ assert {
+ "mountPath": "/usr/share/metricbeat/metricbeat.yml",
+ "name": project + "-config",
+ "subPath": "metricbeat.yml",
+ "readOnly": True,
+ } in daemonset["containers"][0]["volumeMounts"]
+
+ deployment = r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]
+
+ assert {
+ "configMap": {"name": name + "-config", "defaultMode": 0o600},
+ "name": project + "-config",
+ } not in deployment["volumes"]
+ assert {
+ "configMap": {"name": name + "-deployment-config", "defaultMode": 0o600},
+ "name": project + "-config",
+ } in deployment["volumes"]
+
+ assert {
+ "mountPath": "/usr/share/metricbeat/metricbeat.yml",
+ "name": project + "-config",
+ "subPath": "metricbeat.yml",
+ "readOnly": True,
+ } in deployment["containers"][0]["volumeMounts"]
+
+ assert daemonset["containers"][0]["resources"] == {
+ "requests": {"cpu": "100m", "memory": "100Mi"},
+ "limits": {"cpu": "1000m", "memory": "200Mi"},
+ }
+ assert deployment["containers"][0]["resources"] == {
+ "requests": {"cpu": "100m", "memory": "100Mi"},
+ "limits": {"cpu": "1000m", "memory": "200Mi"},
+ }
def test_adding_a_extra_container():
@@ -103,13 +194,47 @@ def test_adding_a_extra_init_container():
def test_adding_envs():
config = """
+daemonset:
+ extraEnvs:
+ - name: LOG_LEVEL
+ value: DEBUG
+"""
+ r = helm_template(config)
+ assert {"name": "LOG_LEVEL", "value": "DEBUG"} in r["daemonset"][name]["spec"][
+ "template"
+ ]["spec"]["containers"][0]["env"]
+ assert {"name": "LOG_LEVEL", "value": "DEBUG"} not in r["deployment"][
+ name + "-metrics"
+ ]["spec"]["template"]["spec"]["containers"][0]["env"]
+
+ config = """
+deployment:
+ extraEnvs:
+ - name: LOG_LEVEL
+ value: DEBUG
+"""
+ r = helm_template(config)
+ assert {"name": "LOG_LEVEL", "value": "DEBUG"} in r["deployment"][
+ name + "-metrics"
+ ]["spec"]["template"]["spec"]["containers"][0]["env"]
+ assert {"name": "LOG_LEVEL", "value": "DEBUG"} not in r["daemonset"][name]["spec"][
+ "template"
+ ]["spec"]["containers"][0]["env"]
+
+
+def test_adding_deprecated_envs():
+ config = """
extraEnvs:
- name: LOG_LEVEL
value: DEBUG
"""
r = helm_template(config)
- envs = r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0]["env"]
- assert {"name": "LOG_LEVEL", "value": "DEBUG"} in envs
+ assert {"name": "LOG_LEVEL", "value": "DEBUG"} in r["daemonset"][name]["spec"][
+ "template"
+ ]["spec"]["containers"][0]["env"]
+ assert {"name": "LOG_LEVEL", "value": "DEBUG"} in r["deployment"][
+ name + "-metrics"
+ ]["spec"]["template"]["spec"]["containers"][0]["env"]
def test_adding_image_pull_secrets():
@@ -126,6 +251,45 @@ def test_adding_image_pull_secrets():
def test_adding_tolerations():
config = """
+daemonset:
+ tolerations:
+ - key: "key1"
+ operator: "Equal"
+ value: "value1"
+ effect: "NoExecute"
+ tolerationSeconds: 3600
+"""
+ r = helm_template(config)
+ assert (
+ r["daemonset"][name]["spec"]["template"]["spec"]["tolerations"][0]["key"]
+ == "key1"
+ )
+ assert (
+ r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["tolerations"]
+ == []
+ )
+
+ config = """
+deployment:
+ tolerations:
+ - key: "key1"
+ operator: "Equal"
+ value: "value1"
+ effect: "NoExecute"
+ tolerationSeconds: 3600
+"""
+ r = helm_template(config)
+ assert (
+ r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["tolerations"][
+ 0
+ ]["key"]
+ == "key1"
+ )
+ assert r["daemonset"][name]["spec"]["template"]["spec"]["tolerations"] == []
+
+
+def test_adding_deprecated_tolerations():
+ config = """
tolerations:
- key: "key1"
operator: "Equal"
@@ -138,6 +302,12 @@ def test_adding_tolerations():
r["daemonset"][name]["spec"]["template"]["spec"]["tolerations"][0]["key"]
== "key1"
)
+ assert (
+ r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["tolerations"][
+ 0
+ ]["key"]
+ == "key1"
+ )
def test_override_the_default_update_strategy():
@@ -172,18 +342,162 @@ def test_self_managing_rbac_resources():
def test_setting_pod_security_context():
config = """
+daemonset:
+ securityContext:
+ runAsUser: 1001
+ privileged: false
+"""
+ r = helm_template(config)
+ assert (
+ r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][
+ "securityContext"
+ ]["runAsUser"]
+ == 1001
+ )
+ assert (
+ r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][
+ "securityContext"
+ ]["privileged"]
+ == False
+ )
+ assert (
+ r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["containers"][0][
+ "securityContext"
+ ]["runAsUser"]
+ == 0
+ )
+ assert (
+ r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["containers"][0][
+ "securityContext"
+ ]["privileged"]
+ == False
+ )
+
+ config = """
+deployment:
+ securityContext:
+ runAsUser: 1001
+ privileged: false
+"""
+ r = helm_template(config)
+ assert (
+ r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["containers"][0][
+ "securityContext"
+ ]["runAsUser"]
+ == 1001
+ )
+ assert (
+ r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["containers"][0][
+ "securityContext"
+ ]["privileged"]
+ == False
+ )
+ assert (
+ r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][
+ "securityContext"
+ ]["runAsUser"]
+ == False
+ )
+ assert (
+ r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][
+ "securityContext"
+ ]["privileged"]
+ == False
+ )
+
+
+def test_setting_deprecated_pod_security_context():
+ config = """
podSecurityContext:
runAsUser: 1001
privileged: false
"""
r = helm_template(config)
- c = r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0]
- assert c["securityContext"]["runAsUser"] == 1001
- assert c["securityContext"]["privileged"] == False
+ assert (
+ r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][
+ "securityContext"
+ ]["runAsUser"]
+ == 1001
+ )
+ assert (
+ r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][
+ "securityContext"
+ ]["privileged"]
+ == False
+ )
+ assert (
+ r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["containers"][0][
+ "securityContext"
+ ]["runAsUser"]
+ == 1001
+ )
+ assert (
+ r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["containers"][0][
+ "securityContext"
+ ]["privileged"]
+ == False
+ )
def test_adding_in_metricbeat_config():
config = """
+daemonset:
+ metricbeatConfig:
+ metricbeat.yml: |
+ key: daemonset
+ daemonset-config.yml: |
+ hello = daemonset
+
+deployment:
+ metricbeatConfig:
+ metricbeat.yml: |
+ key: deployment
+ deployment-config.yml: |
+ hello = deployment
+"""
+ r = helm_template(config)
+ cfg = r["configmap"]
+
+ assert "metricbeat.yml" in cfg[name + "-daemonset-config"]["data"]
+ assert "daemonset-config.yml" in cfg[name + "-daemonset-config"]["data"]
+ assert "deployment-config.yml" not in cfg[name + "-daemonset-config"]["data"]
+ assert "metricbeat.yml" in cfg[name + "-deployment-config"]["data"]
+ assert "deployment-config.yml" in cfg[name + "-deployment-config"]["data"]
+ assert "daemonset-config.yml" not in cfg[name + "-deployment-config"]["data"]
+
+ assert "key: daemonset" in cfg[name + "-daemonset-config"]["data"]["metricbeat.yml"]
+ assert (
+ "key: deployment" in cfg[name + "-deployment-config"]["data"]["metricbeat.yml"]
+ )
+
+ assert (
+ "hello = daemonset"
+ in cfg[name + "-daemonset-config"]["data"]["daemonset-config.yml"]
+ )
+ assert (
+ "hello = deployment"
+ in cfg[name + "-deployment-config"]["data"]["deployment-config.yml"]
+ )
+
+ daemonset = r["daemonset"][name]["spec"]["template"]["spec"]
+ assert {
+ "mountPath": "/usr/share/metricbeat/daemonset-config.yml",
+ "name": project + "-config",
+ "subPath": "daemonset-config.yml",
+ "readOnly": True,
+ } in daemonset["containers"][0]["volumeMounts"]
+
+ deployment = r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]
+ assert {
+ "mountPath": "/usr/share/metricbeat/deployment-config.yml",
+ "name": project + "-config",
+ "subPath": "deployment-config.yml",
+ "readOnly": True,
+ } in deployment["containers"][0]["volumeMounts"]
+
+
+def test_adding_in_deprecated_metricbeat_config():
+ config = """
metricbeatConfig:
metricbeat.yml: |
key:
@@ -231,18 +545,109 @@ def test_adding_in_metricbeat_config():
def test_adding_a_secret_mount():
config = """
+daemonset:
+ secretMounts:
+ - name: elastic-certificates
+ secretName: elastic-certificates-name
+ path: /usr/share/metricbeat/config/certs
+"""
+ r = helm_template(config)
+ assert (
+ {
+ "mountPath": "/usr/share/metricbeat/config/certs",
+ "name": "elastic-certificates",
+ }
+ in r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][
+ "volumeMounts"
+ ]
+ )
+ assert {
+ "name": "elastic-certificates",
+ "secret": {"secretName": "elastic-certificates-name"},
+ } in r["daemonset"][name]["spec"]["template"]["spec"]["volumes"]
+
+ assert (
+ {
+ "mountPath": "/usr/share/metricbeat/config/certs",
+ "name": "elastic-certificates",
+ }
+ not in r["deployment"][name + "-metrics"]["spec"]["template"]["spec"][
+ "containers"
+ ][0]["volumeMounts"]
+ )
+ assert {
+ "name": "elastic-certificates",
+ "secret": {"secretName": "elastic-certificates-name"},
+ } not in r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["volumes"]
+
+ config = """
+deployment:
+ secretMounts:
+ - name: elastic-certificates
+ secretName: elastic-certificates-name
+ path: /usr/share/metricbeat/config/certs
+"""
+ r = helm_template(config)
+ assert (
+ {
+ "mountPath": "/usr/share/metricbeat/config/certs",
+ "name": "elastic-certificates",
+ }
+ in r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["containers"][
+ 0
+ ]["volumeMounts"]
+ )
+ assert {
+ "name": "elastic-certificates",
+ "secret": {"secretName": "elastic-certificates-name"},
+ } in r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["volumes"]
+
+ assert (
+ {
+ "mountPath": "/usr/share/metricbeat/config/certs",
+ "name": "elastic-certificates",
+ }
+ not in r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][
+ "volumeMounts"
+ ]
+ )
+ assert {
+ "name": "elastic-certificates",
+ "secret": {"secretName": "elastic-certificates-name"},
+ } not in r["daemonset"][name]["spec"]["template"]["spec"]["volumes"]
+
+
+def test_adding_a_deprecated_secret_mount():
+ config = """
secretMounts:
- name: elastic-certificates
secretName: elastic-certificates-name
path: /usr/share/metricbeat/config/certs
"""
r = helm_template(config)
- s = r["daemonset"][name]["spec"]["template"]["spec"]
- assert s["containers"][0]["volumeMounts"][0] == {
+ assert (
+ {
+ "mountPath": "/usr/share/metricbeat/config/certs",
+ "name": "elastic-certificates",
+ }
+ in r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][
+ "volumeMounts"
+ ]
+ )
+ assert {
+ "name": "elastic-certificates",
+ "secret": {"secretName": "elastic-certificates-name"},
+ } in r["daemonset"][name]["spec"]["template"]["spec"]["volumes"]
+
+ assert r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["containers"][
+ 0
+ ]["volumeMounts"][0] == {
"mountPath": "/usr/share/metricbeat/config/certs",
"name": "elastic-certificates",
}
- assert s["volumes"][0] == {
+ assert r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["volumes"][
+ 0
+ ] == {
"name": "elastic-certificates",
"secret": {"secretName": "elastic-certificates-name"},
}
@@ -250,6 +655,62 @@ def test_adding_a_secret_mount():
def test_adding_a_extra_volume_with_volume_mount():
config = """
+daemonset:
+ extraVolumes:
+ - name: extras
+ emptyDir: {}
+ extraVolumeMounts:
+ - name: extras
+ mountPath: /usr/share/extras
+ readOnly: true
+"""
+ r = helm_template(config)
+ assert {"name": "extras", "emptyDir": {}} in r["daemonset"][name]["spec"][
+ "template"
+ ]["spec"]["volumes"]
+ assert {"name": "extras", "mountPath": "/usr/share/extras", "readOnly": True,} in r[
+ "daemonset"
+ ][name]["spec"]["template"]["spec"]["containers"][0]["volumeMounts"]
+ assert {"name": "extras", "emptyDir": {}} not in r["deployment"][name + "-metrics"][
+ "spec"
+ ]["template"]["spec"]["volumes"]
+ assert (
+ {"name": "extras", "mountPath": "/usr/share/extras", "readOnly": True,}
+ not in r["deployment"][name + "-metrics"]["spec"]["template"]["spec"][
+ "containers"
+ ][0]["volumeMounts"]
+ )
+
+ config = """
+deployment:
+ extraVolumes:
+ - name: extras
+ emptyDir: {}
+ extraVolumeMounts:
+ - name: extras
+ mountPath: /usr/share/extras
+ readOnly: true
+"""
+ r = helm_template(config)
+ assert {"name": "extras", "emptyDir": {}} in r["deployment"][name + "-metrics"][
+ "spec"
+ ]["template"]["spec"]["volumes"]
+ assert {"name": "extras", "mountPath": "/usr/share/extras", "readOnly": True,} in r[
+ "deployment"
+ ][name + "-metrics"]["spec"]["template"]["spec"]["containers"][0]["volumeMounts"]
+ assert {"name": "extras", "emptyDir": {}} not in r["daemonset"][name]["spec"][
+ "template"
+ ]["spec"]["volumes"]
+ assert (
+ {"name": "extras", "mountPath": "/usr/share/extras", "readOnly": True,}
+ not in r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][
+ "volumeMounts"
+ ]
+ )
+
+
+def test_adding_a_deprecated_extra_volume_with_volume_mount():
+ config = """
extraVolumes:
- name: extras
emptyDir: {}
@@ -259,20 +720,53 @@ def test_adding_a_extra_volume_with_volume_mount():
readOnly: true
"""
r = helm_template(config)
- extraVolume = r["daemonset"][name]["spec"]["template"]["spec"]["volumes"]
- assert {"name": "extras", "emptyDir": {}} in extraVolume
- extraVolumeMounts = r["daemonset"][name]["spec"]["template"]["spec"]["containers"][
- 0
- ]["volumeMounts"]
- assert {
- "name": "extras",
- "mountPath": "/usr/share/extras",
- "readOnly": True,
- } in extraVolumeMounts
+ assert {"name": "extras", "emptyDir": {}} in r["daemonset"][name]["spec"][
+ "template"
+ ]["spec"]["volumes"]
+ assert {"name": "extras", "mountPath": "/usr/share/extras", "readOnly": True,} in r[
+ "daemonset"
+ ][name]["spec"]["template"]["spec"]["containers"][0]["volumeMounts"]
+ assert {"name": "extras", "emptyDir": {}} in r["deployment"][name + "-metrics"][
+ "spec"
+ ]["template"]["spec"]["volumes"]
+ assert {"name": "extras", "mountPath": "/usr/share/extras", "readOnly": True,} in r[
+ "deployment"
+ ][name + "-metrics"]["spec"]["template"]["spec"]["containers"][0]["volumeMounts"]
def test_adding_a_node_selector():
config = """
+daemonset:
+ nodeSelector:
+ disktype: ssd
+"""
+ r = helm_template(config)
+ assert (
+ r["daemonset"][name]["spec"]["template"]["spec"]["nodeSelector"]["disktype"]
+ == "ssd"
+ )
+ assert (
+ r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["nodeSelector"]
+ == {}
+ )
+
+ config = """
+deployment:
+ nodeSelector:
+ disktype: ssd
+"""
+ r = helm_template(config)
+ assert (
+ r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["nodeSelector"][
+ "disktype"
+ ]
+ == "ssd"
+ )
+ assert r["daemonset"][name]["spec"]["template"]["spec"]["nodeSelector"] == {}
+
+
+def test_adding_deprecated_node_selector():
+ config = """
nodeSelector:
disktype: ssd
"""
@@ -304,6 +798,53 @@ def test_adding_an_affinity_rule():
][0]["topologyKey"]
== "kubernetes.io/hostname"
)
+ assert (
+ r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["affinity"] == {}
+ )
+
+ config = """
+daemonset:
+ affinity:
+ podAntiAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ - labelSelector:
+ matchExpressions:
+ - key: app
+ operator: In
+ values:
+ - metricbeat
+ topologyKey: kubernetes.io/hostname
+"""
+
+ r = helm_template(config)
+ assert (
+ r["daemonset"][name]["spec"]["template"]["spec"]["affinity"]["podAntiAffinity"][
+ "requiredDuringSchedulingIgnoredDuringExecution"
+ ][0]["topologyKey"]
+ == "kubernetes.io/hostname"
+ )
+
+ config = """
+deployment:
+ affinity:
+ podAntiAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ - labelSelector:
+ matchExpressions:
+ - key: app
+ operator: In
+ values:
+ - metricbeat
+ topologyKey: kubernetes.io/hostname
+"""
+
+ r = helm_template(config)
+ assert (
+ r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["affinity"][
+ "podAntiAffinity"
+ ]["requiredDuringSchedulingIgnoredDuringExecution"][0]["topologyKey"]
+ == "kubernetes.io/hostname"
+ )
def test_priority_class_name():
@@ -374,15 +915,126 @@ def test_adding_pod_labels():
def test_adding_env_from():
config = """
+daemonset:
+ envFrom:
+ - configMapRef:
+ name: configmap-name
+"""
+ r = helm_template(config)
+ assert r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0]["envFrom"][
+ 0
+ ]["configMapRef"] == {"name": "configmap-name"}
+ assert (
+ r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["containers"][0][
+ "envFrom"
+ ]
+ == []
+ )
+
+ config = """
+deployment:
+ envFrom:
+ - configMapRef:
+ name: configmap-name
+"""
+ r = helm_template(config)
+ assert r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["containers"][
+ 0
+ ]["envFrom"][0]["configMapRef"] == {"name": "configmap-name"}
+ assert (
+ r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0]["envFrom"]
+ == []
+ )
+
+
+def test_adding_deprecated_env_from():
+ config = """
envFrom:
- configMapRef:
name: configmap-name
"""
r = helm_template(config)
- configMapRef = r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][
- "envFrom"
- ][0]["configMapRef"]
- assert configMapRef == {"name": "configmap-name"}
+ assert r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0]["envFrom"][
+ 0
+ ]["configMapRef"] == {"name": "configmap-name"}
+ assert r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["containers"][
+ 0
+ ]["envFrom"][0]["configMapRef"] == {"name": "configmap-name"}
+
+
+def test_overriding_resources():
+ config = """
+daemonset:
+ resources:
+ limits:
+ cpu: "25m"
+ memory: "128Mi"
+ requests:
+ cpu: "25m"
+ memory: "128Mi"
+"""
+ r = helm_template(config)
+ assert r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][
+ "resources"
+ ] == {
+ "requests": {"cpu": "25m", "memory": "128Mi"},
+ "limits": {"cpu": "25m", "memory": "128Mi"},
+ }
+ assert r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["containers"][
+ 0
+ ]["resources"] == {
+ "requests": {"cpu": "100m", "memory": "100Mi"},
+ "limits": {"cpu": "1000m", "memory": "200Mi"},
+ }
+
+ config = """
+deployment:
+ resources:
+ limits:
+ cpu: "25m"
+ memory: "128Mi"
+ requests:
+ cpu: "25m"
+ memory: "128Mi"
+"""
+ r = helm_template(config)
+ assert r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][
+ "resources"
+ ] == {
+ "requests": {"cpu": "100m", "memory": "100Mi"},
+ "limits": {"cpu": "1000m", "memory": "200Mi"},
+ }
+ assert r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["containers"][
+ 0
+ ]["resources"] == {
+ "requests": {"cpu": "25m", "memory": "128Mi"},
+ "limits": {"cpu": "25m", "memory": "128Mi"},
+ }
+
+
+def test_adding_deprecated_resources():
+ config = """
+resources:
+ limits:
+ cpu: "25m"
+ memory: "128Mi"
+ requests:
+ cpu: "25m"
+ memory: "128Mi"
+"""
+ r = helm_template(config)
+ assert r["daemonset"][name]["spec"]["template"]["spec"]["containers"][0][
+ "resources"
+ ] == {
+ "requests": {"cpu": "25m", "memory": "128Mi"},
+ "limits": {"cpu": "25m", "memory": "128Mi"},
+ }
+ assert r["deployment"][name + "-metrics"]["spec"]["template"]["spec"]["containers"][
+ 0
+ ]["resources"] == {
+ "requests": {"cpu": "25m", "memory": "128Mi"},
+ "limits": {"cpu": "25m", "memory": "128Mi"},
+ }
def test_setting_fullnameOverride():
diff --git a/metricbeat/values.yaml b/metricbeat/values.yaml
index e89225f1f..a2b328d1a 100755
--- a/metricbeat/values.yaml
+++ b/metricbeat/values.yaml
@@ -1,72 +1,147 @@
---
-# Allows you to add any config files in /usr/share/metricbeat
-# such as metricbeat.yml
-metricbeatConfig:
- metricbeat.yml: |
- metricbeat.modules:
- - module: kubernetes
- metricsets:
- - container
- - node
- - pod
- - system
- - volume
- period: 10s
- host: "${NODE_NAME}"
- hosts: ["https://${NODE_NAME}:10250"]
- bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
- ssl.verification_mode: "none"
- # If using Red Hat OpenShift remove ssl.verification_mode entry and
- # uncomment these settings:
- #ssl.certificate_authorities:
- #- /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
- processors:
- - add_kubernetes_metadata: ~
- - module: kubernetes
- enabled: true
- metricsets:
- - event
- - module: system
- period: 10s
- metricsets:
- - cpu
- - load
- - memory
- - network
- - process
- - process_summary
- processes: ['.*']
- process.include_top_n:
- by_cpu: 5
- by_memory: 5
- - module: system
- period: 1m
- metricsets:
- - filesystem
- - fsstat
- processors:
- - drop_event.when.regexp:
- system.filesystem.mount_point: '^/(sys|cgroup|proc|dev|etc|host|lib)($|/)'
- output.elasticsearch:
- hosts: '${ELASTICSEARCH_HOSTS:elasticsearch-master:9200}'
-
- kube-state-metrics-metricbeat.yml: |
- metricbeat.modules:
- - module: kubernetes
- enabled: true
- metricsets:
- - state_node
- - state_deployment
- - state_replicaset
- - state_pod
- - state_container
- period: 10s
- hosts: ["${KUBE_STATE_METRICS_HOSTS}"]
- output.elasticsearch:
- hosts: '${ELASTICSEARCH_HOSTS:elasticsearch-master:9200}'
-# Replicas being used for the kube-state-metrics metricbeat deployment
+daemonset:
+ affinity: {}
+ # Extra environment variables for Metricbeat container.
+ envFrom: []
+ # - configMapRef:
+ # name: config-secret
+ extraEnvs: []
+ # - name: MY_ENVIRONMENT_VAR
+ # value: the_value_goes_here
+ extraVolumes: []
+ # - name: extras
+ # emptyDir: {}
+ extraVolumeMounts: []
+ # - name: extras
+ # mountPath: /usr/share/extras
+ # readOnly: true
+ # Allows you to add any config files in /usr/share/metricbeat
+ # such as metricbeat.yml for daemonset
+ metricbeatConfig:
+ metricbeat.yml: |
+ metricbeat.modules:
+ - module: kubernetes
+ metricsets:
+ - container
+ - node
+ - pod
+ - system
+ - volume
+ period: 10s
+ host: "${NODE_NAME}"
+ hosts: ["https://${NODE_NAME}:10250"]
+ bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
+ ssl.verification_mode: "none"
+ # If using Red Hat OpenShift remove ssl.verification_mode entry and
+ # uncomment these settings:
+ #ssl.certificate_authorities:
+ #- /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
+ processors:
+ - add_kubernetes_metadata: ~
+ - module: kubernetes
+ enabled: true
+ metricsets:
+ - event
+ - module: system
+ period: 10s
+ metricsets:
+ - cpu
+ - load
+ - memory
+ - network
+ - process
+ - process_summary
+ processes: ['.*']
+ process.include_top_n:
+ by_cpu: 5
+ by_memory: 5
+ - module: system
+ period: 1m
+ metricsets:
+ - filesystem
+ - fsstat
+ processors:
+ - drop_event.when.regexp:
+ system.filesystem.mount_point: '^/(sys|cgroup|proc|dev|etc|host|lib)($|/)'
+ output.elasticsearch:
+ hosts: '${ELASTICSEARCH_HOSTS:elasticsearch-master:9200}'
+ nodeSelector: {}
+ # A list of secrets and their paths to mount inside the pod
+ # This is useful for mounting certificates for security other sensitive values
+ secretMounts: []
+ # - name: metricbeat-certificates
+ # secretName: metricbeat-certificates
+ # path: /usr/share/metricbeat/certs
+ # Various pod security context settings. Bear in mind that many of these have an impact on metricbeat functioning properly.
+ # - Filesystem group for the metricbeat user. The official elastic docker images always have an id of 1000.
+ # - User that the container will execute as. Typically necessary to run as root (0) in order to properly collect host container logs.
+ # - Whether to execute the metricbeat containers as privileged containers. Typically not necessarily unless running within environments such as OpenShift.
+ securityContext:
+ runAsUser: 0
+ privileged: false
+ resources:
+ requests:
+ cpu: "100m"
+ memory: "100Mi"
+ limits:
+ cpu: "1000m"
+ memory: "200Mi"
+ tolerations: []
+
+deployment:
+ affinity: {}
+ # Extra environment variables for Metricbeat container.
+ envFrom: []
+ # - configMapRef:
+ # name: config-secret
+ extraEnvs: []
+ # - name: MY_ENVIRONMENT_VAR
+ # value: the_value_goes_here
+ # Allows you to add any config files in /usr/share/metricbeat
+ extraVolumes: []
+ # - name: extras
+ # emptyDir: {}
+ extraVolumeMounts: []
+ # - name: extras
+ # mountPath: /usr/share/extras
+ # readOnly: true
+ # such as metricbeat.yml for deployment
+ metricbeatConfig:
+ metricbeat.yml: |
+ metricbeat.modules:
+ - module: kubernetes
+ enabled: true
+ metricsets:
+ - state_node
+ - state_deployment
+ - state_replicaset
+ - state_pod
+ - state_container
+ period: 10s
+ hosts: ["${KUBE_STATE_METRICS_HOSTS}"]
+ output.elasticsearch:
+ hosts: '${ELASTICSEARCH_HOSTS:elasticsearch-master:9200}'
+ nodeSelector: {}
+ # A list of secrets and their paths to mount inside the pod
+ # This is useful for mounting certificates for security other sensitive values
+ secretMounts: []
+ # - name: metricbeat-certificates
+ # secretName: metricbeat-certificates
+ # path: /usr/share/metricbeat/certs
+ securityContext:
+ runAsUser: 0
+ privileged: false
+ resources:
+ requests:
+ cpu: "100m"
+ memory: "100Mi"
+ limits:
+ cpu: "1000m"
+ memory: "200Mi"
+ tolerations: []
+# Replicas being used for the kube-state-metrics metricbeat deployment
replicas: 1
extraContainers: ""
@@ -79,26 +154,6 @@ extraInitContainers: ""
# image: busybox
# command: ['echo', 'hey']
-# Extra environment variables to append to the DaemonSet pod spec.
-# This will be appended to the current 'env:' key. You can use any of the kubernetes env
-# syntax here
-extraEnvs: []
-# - name: MY_ENVIRONMENT_VAR
-# value: the_value_goes_here
-
-extraVolumeMounts: []
- # - name: extras
- # mountPath: /usr/share/extras
- # readOnly: true
-
-extraVolumes: []
- # - name: extras
- # emptyDir: {}
-
-envFrom: []
- # - configMapRef:
- # name: config-secret
-
# Root directory where metricbeat will write data to in order to persist registry data across pod restarts (file position and other metadata).
hostPathRoot: /var/lib
@@ -165,42 +220,12 @@ clusterRoleRules:
podAnnotations: {}
# iam.amazonaws.com/role: es-cluster
-# Various pod security context settings. Bear in mind that many of these have an impact on metricbeat functioning properly.
-#
-# - Filesystem group for the metricbeat user. The official elastic docker images always have an id of 1000.
-# - User that the container will execute as. Typically necessary to run as root (0) in order to properly collect host container logs.
-# - Whether to execute the metricbeat containers as privileged containers. Typically not necessarily unless running within environments such as OpenShift.
-podSecurityContext:
- runAsUser: 0
- privileged: false
-
-resources:
- requests:
- cpu: "100m"
- memory: "100Mi"
- limits:
- cpu: "1000m"
- memory: "200Mi"
-
# Custom service account override that the pod will use
serviceAccount: ""
-# A list of secrets and their paths to mount inside the pod
-# This is useful for mounting certificates for security other sensitive values
-secretMounts: []
-# - name: metricbeat-certificates
-# secretName: metricbeat-certificates
-# path: /usr/share/metricbeat/certs
-
# How long to wait for metricbeat pods to stop gracefully
terminationGracePeriod: 30
-tolerations: []
-
-nodeSelector: {}
-
-affinity: {}
-
# This is the PriorityClass settings as defined in
# https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass
priorityClassName: ""
@@ -211,3 +236,18 @@ updateStrategy: RollingUpdate
# Only edit these if you know what you're doing
nameOverride: ""
fullnameOverride: ""
+
+# DEPRECATED
+affinity: {}
+envFrom: []
+extraEnvs: []
+extraVolumes: []
+extraVolumeMounts: []
+# Allows you to add any config files in /usr/share/metricbeat
+# such as metricbeat.yml for both daemonset and deployment
+metricbeatConfig: {}
+nodeSelector: {}
+podSecurityContext: {}
+resources: {}
+secretMounts: []
+tolerations: []