Skip to content

Commit

Permalink
Elastic agent on k8s (#19727)
Browse files Browse the repository at this point in the history
  • Loading branch information
ChrsMark authored Jul 28, 2020
1 parent 401b4ea commit 9f99091
Show file tree
Hide file tree
Showing 7 changed files with 397 additions and 0 deletions.
147 changes: 147 additions & 0 deletions deploy/kubernetes/elastic-agent-kubernetes.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,147 @@
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: agent-ingest-management-nodescope
namespace: kube-system
labels:
app: agent-ingest-management-nodescope
group: ingest-management
spec:
selector:
matchLabels:
app: agent-ingest-management-nodescope
template:
metadata:
labels:
app: agent-ingest-management-nodescope
group: ingest-management
spec:
serviceAccountName: agent-ingest-management
hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet
containers:
- name: agent-ingest-management-nodescope
image: docker.elastic.co/beats/elastic-agent:8.0.0-SNAPSHOT
env:
- name: FLEET_ENROLL
value: "1"
# Use enrollment key of node scope configuration to distinguish node scope datasets
- name: FLEET_ENROLLMENT_TOKEN
value:
- name: KIBANA_HOST
value: "http://kibana:5601"
- name: NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
securityContext:
runAsUser: 0
resources:
limits:
memory: 200Mi
requests:
cpu: 100m
memory: 100Mi
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: agent-ingest-management-clusterscope
namespace: kube-system
labels:
app: agent-ingest-management-clusterscope
group: ingest-management
spec:
selector:
matchLabels:
app: agent-ingest-management-clusterscope
template:
metadata:
labels:
app: agent-ingest-management-clusterscope
group: ingest-management
spec:
serviceAccountName: agent-ingest-management
containers:
- name: agent-ingest-management-clusterscope
image: docker.elastic.co/beats/elastic-agent:8.0.0-SNAPSHOT
env:
- name: FLEET_ENROLL
value: "1"
# Use enrollment key of cluster scope configuration to distinguish node scope datasets
- name: FLEET_ENROLLMENT_TOKEN
value:
- name: KIBANA_HOST
value: "http://kibana:5601"
- name: NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
securityContext:
runAsUser: 0
resources:
limits:
memory: 200Mi
requests:
cpu: 100m
memory: 100Mi
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: agent-ingest-management
subjects:
- kind: ServiceAccount
name: agent-ingest-management
namespace: kube-system
roleRef:
kind: ClusterRole
name: agent-ingest-management
apiGroup: rbac.authorization.k8s.io
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: agent-ingest-management
labels:
k8s-app: agent-ingest-management
rules:
- apiGroups: [""]
resources:
- nodes
- namespaces
- events
- pods
- secrets
verbs: ["get", "list", "watch"]
- apiGroups: ["extensions"]
resources:
- replicasets
verbs: ["get", "list", "watch"]
- apiGroups: ["apps"]
resources:
- statefulsets
- deployments
- replicasets
verbs: ["get", "list", "watch"]
- apiGroups:
- ""
resources:
- nodes/stats
verbs:
- get
# required for apiserver
- nonResourceURLs:
- "/metrics"
verbs:
- get
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: agent-ingest-management
namespace: kube-system
labels:
k8s-app: agent-ingest-management
---
44 changes: 44 additions & 0 deletions deploy/kubernetes/elastic-agent/elastic-agent-daemonset.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: agent-ingest-management-nodescope
namespace: kube-system
labels:
app: agent-ingest-management-nodescope
group: ingest-management
spec:
selector:
matchLabels:
app: agent-ingest-management-nodescope
template:
metadata:
labels:
app: agent-ingest-management-nodescope
group: ingest-management
spec:
serviceAccountName: agent-ingest-management
hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet
containers:
- name: agent-ingest-management-nodescope
image: docker.elastic.co/beats/elastic-agent:8.0.0-SNAPSHOT
env:
- name: FLEET_ENROLL
value: "1"
# Use enrollment key of node scope configuration to distinguish node scope datasets
- name: FLEET_ENROLLMENT_TOKEN
value:
- name: KIBANA_HOST
value: "http://kibana:5601"
- name: NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
securityContext:
runAsUser: 0
resources:
limits:
memory: 200Mi
requests:
cpu: 100m
memory: 100Mi
42 changes: 42 additions & 0 deletions deploy/kubernetes/elastic-agent/elastic-agent-deployment.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: agent-ingest-management-clusterscope
namespace: kube-system
labels:
app: agent-ingest-management-clusterscope
group: ingest-management
spec:
selector:
matchLabels:
app: agent-ingest-management-clusterscope
template:
metadata:
labels:
app: agent-ingest-management-clusterscope
group: ingest-management
spec:
serviceAccountName: agent-ingest-management
containers:
- name: agent-ingest-management-clusterscope
image: docker.elastic.co/beats/elastic-agent:8.0.0-SNAPSHOT
env:
- name: FLEET_ENROLL
value: "1"
# Use enrollment key of cluster scope configuration to distinguish node scope datasets
- name: FLEET_ENROLLMENT_TOKEN
value:
- name: KIBANA_HOST
value: "http://kibana:5601"
- name: NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
securityContext:
runAsUser: 0
resources:
limits:
memory: 200Mi
requests:
cpu: 100m
memory: 100Mi
12 changes: 12 additions & 0 deletions deploy/kubernetes/elastic-agent/elastic-agent-role-binding.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: agent-ingest-management
subjects:
- kind: ServiceAccount
name: agent-ingest-management
namespace: kube-system
roleRef:
kind: ClusterRole
name: agent-ingest-management
apiGroup: rbac.authorization.k8s.io
36 changes: 36 additions & 0 deletions deploy/kubernetes/elastic-agent/elastic-agent-role.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: agent-ingest-management
labels:
k8s-app: agent-ingest-management
rules:
- apiGroups: [""]
resources:
- nodes
- namespaces
- events
- pods
- secrets
verbs: ["get", "list", "watch"]
- apiGroups: ["extensions"]
resources:
- replicasets
verbs: ["get", "list", "watch"]
- apiGroups: ["apps"]
resources:
- statefulsets
- deployments
- replicasets
verbs: ["get", "list", "watch"]
- apiGroups:
- ""
resources:
- nodes/stats
verbs:
- get
# required for apiserver
- nonResourceURLs:
- "/metrics"
verbs:
- get
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: agent-ingest-management
namespace: kube-system
labels:
k8s-app: agent-ingest-management
Loading

0 comments on commit 9f99091

Please sign in to comment.