elastic · Crazybus · Jul 8, 2019 · May 9, 2019 · Jun 11, 2019 · Jun 12, 2019
diff --git a/helpers/bumper.py b/helpers/bumper.py
@@ -13,7 +13,7 @@
 }
 
 file_patterns = [
-    '*/examples/*/test/goss.y*ml',
+    '*/examples/*/test/goss*.y*ml',
     '*/examples/*/*.y*ml',
     '*/README.md',
     '*/values.y*ml',

diff --git a/helpers/common.mk b/helpers/common.mk
@@ -3,6 +3,7 @@ default: test
 .ONESHELL:
 
 lint:
+	grep 'charts/' ./.helmignore || echo 'charts/' >> ./.helmignore
 	helm lint --strict ./
 
 template:
@@ -15,7 +16,11 @@ build:
 pytest:
 	pytest -sv --color=yes
 
-test-all: template lint pytest
+deps:
+	sed --in-place '/charts\//d' ./.helmignore
+	helm dependency update
+
+test-all: lint deps template pytest
 
 test: build
 	docker run --rm -i --user "$$(id -u):$$(id -g)" -v $$(pwd)/../:/app -w /app/$$(basename $$(pwd)) helm-tester make test-all

diff --git a/helpers/examples.mk b/helpers/examples.mk
@@ -1,8 +1,10 @@
 GOSS_VERSION := v0.3.6
+GOSS_FILE ?= goss.yaml
+GOSS_SELECTOR ?= release=$(RELEASE)
 
 goss:
-	GOSS_CONTAINER=$$(kubectl get pods -l release=$(RELEASE) -o name | awk -F'/' 'NR==1{ print $$NF }') && \
+	GOSS_CONTAINER=$$(kubectl get --no-headers=true pods -l $(GOSS_SELECTOR) -o custom-columns=:metadata.name | sed -n 1p ) && \
 	echo Testing with pod: $$GOSS_CONTAINER && \
-	kubectl cp test/*.yaml $$GOSS_CONTAINER:/tmp/goss.yaml && \
-	kubectl exec $$GOSS_CONTAINER -- sh -c "cd /tmp/ && curl -s -L https://github.com/aelsabbahy/goss/releases/download/$(GOSS_VERSION)/goss-linux-amd64 -o goss && chmod +rx ./goss && ./goss validate --retry-timeout 30s --sleep 5s --color --format documentation"
+	kubectl cp test/$(GOSS_FILE) $$GOSS_CONTAINER:/tmp/$(GOSS_FILE) && \
+	kubectl exec $$GOSS_CONTAINER -- sh -c "cd /tmp/ && curl -s -L https://github.com/aelsabbahy/goss/releases/download/$(GOSS_VERSION)/goss-linux-amd64 -o goss && chmod +rx ./goss && ./goss --gossfile $(GOSS_FILE) validate --retry-timeout 30s --sleep 5s --color --format documentation"
 
diff --git a/helpers/helm-tester/Dockerfile b/helpers/helm-tester/Dockerfile
@@ -5,4 +5,6 @@ ENV HELM_VERSION=2.14.0
 RUN wget https://storage.googleapis.com/kubernetes-helm/helm-v${HELM_VERSION}-linux-amd64.tar.gz && \
     tar xfv helm-v${HELM_VERSION}-linux-amd64.tar.gz && \
     mv linux-amd64/helm /usr/local/bin/ && \
-    rm -rf linux-amd64
+    rm -rf linux-amd64 && \
+    HOME=/ helm init --client-only && \
+    chmod 777 -R /.helm
diff --git a/helpers/matrix.yml b/helpers/matrix.yml
@@ -2,6 +2,7 @@ CHART:
   - elasticsearch
   - kibana
   - filebeat
+  - metricbeat
 ES_SUITE:
   - default
   - multi
@@ -19,6 +20,11 @@ FILEBEAT_SUITE:
   - oss
   - security
   - 6.x
+METRICBEAT_SUITE:
+  - default
+  - oss
+  - security
+  - 6.x
 KUBERNETES_VERSION:
   - '1.11'
   - '1.12'

diff --git a/helpers/terraform/Makefile b/helpers/terraform/Makefile
@@ -62,7 +62,10 @@ up: k8s
 	for i in 1 2 3 4 5; do helm init --wait --upgrade && break || sleep 5; done
 
 integration: creds
-	cd ../../$(CHART)/examples/$(SUITE) && \
+	cd ../../$(CHART)/ && \
+	helm init --client-only && \
+	helm dependency update && \
+	cd ./examples/$(SUITE) && \
 	make
 
 build: 

diff --git a/metricbeat/.helmignore b/metricbeat/.helmignore
@@ -0,0 +1,2 @@
+tests/
+.pytest_cache/
diff --git a/metricbeat/Chart.yaml b/metricbeat/Chart.yaml
@@ -0,0 +1,11 @@
+description: Official Elastic helm chart for Metricbeat
+home: https://github.com/elastic/helm-charts
+maintainers:
+- email: helm-charts@elastic.co
+  name: Elastic
+name: metricbeat
+version: 7.2.0
+appVersion: 7.2.0
+sources:
+  - https://github.com/elastic/beats
+icon: https://helm.elastic.co/icons/metricbeat.png
diff --git a/metricbeat/Makefile b/metricbeat/Makefile
@@ -0,0 +1 @@
+include ../helpers/common.mk
diff --git a/metricbeat/README.md b/metricbeat/README.md
@@ -0,0 +1,112 @@
+# Metricbeat Helm Chart
+
+This functionality is in beta and is subject to change. The design and code is less mature than official GA features and is being provided as-is with no warranties. Beta features are not subject to the support SLA of official GA features.
+
+This helm chart is a lightweight way to configure and run our official [Metricbeat docker image](https://www.elastic.co/guide/en/beats/metricbeat/current/running-on-docker.html).
+
+## Requirements
+
+* Kubernetes >= 1.8
+* [Helm](https://helm.sh/) >= 2.8.0
+
+## Installing
+
+* Add the elastic helm charts repo
+  ```
+  helm repo add elastic https://helm.elastic.co
+  ```
+* Install it
+  ```
+  helm install --name metricbeat elastic/metricbeat --version 7.2.0
+  ```
+
+## Compatibility
+
+This chart is tested with the latest supported versions. The currently tested versions are:
+
+| 6.x   | 7.x   |
+| ----- | ----- |
+| 6.8.1 | 7.2.0 |
+
+Examples of installing older major versions can be found in the [examples](./examples) directory.
+
+While only the latest releases are tested, it is possible to easily install old or new releases by overriding the `imageTag`. To install version `7.2.0` of metricbeat it would look like this:
+
+```
+helm install --name metricbeat elastic/metricbeat --version 7.2.0 --set imageTag=7.2.0
+```
+
+
+## Configuration
+| Parameter                | Description                                                                                                                                                                                                                                                                 | Default                                                                                                                   |
+| ------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------- |
+| `metricbeatConfig`       | Allows you to add any config files in `/usr/share/metricbeat` such as `metricbeat.yml`. See [values.yaml](./values.yaml) for an example of the formatting with the default configuration.                                                                                   | see [values.yaml](./values.yaml)                                                                                          |
+| `extraEnvs`              | Extra [environment variables](https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config) which will be appended to the `env:` definition for the container                          | `[]`                                                                                                                      |
+| `extraVolumeMounts`      | Any extra volumes mounts to define for the Metricbeat container                                                                                                                                                                                                             | `[]`                                                                                                                      |
+| `extraVolumes`           | Any extra volumes to define for the pod                                                                                                                                                                                                                                     | `[]`                                                                                                                      |
+| `hostPathRoot`           | Fully-qualified [hostPath](https://kubernetes.io/docs/concepts/storage/volumes/#hostpath) that will be used to persist Metricbeat registry data                                                                                                                             | `/var/lib`                                                                                                                |
+| `image`                  | The Metricbeat docker image                                                                                                                                                                                                                                                 | `docker.elastic.co/beats/metricbeat`                                                                                      |
+| `imageTag`               | The Metricbeat docker image tag                                                                                                                                                                                                                                             | `7.2.0`                                                                                                                   |
+| `imagePullPolicy`        | The Kubernetes [imagePullPolicy](https://kubernetes.io/docs/concepts/containers/images/#updating-images) value                                                                                                                                                              | `IfNotPresent`                                                                                                            |
+| `imagePullSecrets`       | Configuration for [imagePullSecrets](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret) so that you can use a private registry for your image                                                        | `[]`                                                                                                                      |
+| `managedServiceAccount`  | Whether the `serviceAccount` should be managed by this helm chart. Set this to `false` in order to manage your own service account and related roles.                                                                                                                       | `true`                                                                                                                    |
+| `podAnnotations`         | Configurable [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) applied to all Metricbeat pods                                                                                                                                   | `{}`                                                                                                                      |
+| `podSecurityContext`     | Configurable [podSecurityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) for Metricbeat pod execution environment                                                                                                                      | `runAsUser: 0`<br>`privileged: false`                                                                                     |
+| `livenessProbe`          | Parameters to pass to [liveness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/) checks for values such as timeouts and thresholds.                                                                                    | `failureThreshold: 3`<br>`initialDelaySeconds: 10`<br>`periodSeconds: 10`<br>`successThreshold: 3`<br>`timeoutSeconds: 5` |
+| `readinessProbe`         | Parameters to pass to [readiness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/) checks for values such as timeouts and thresholds.                                                                                   | `failureThreshold: 3`<br>`initialDelaySeconds: 10`<br>`periodSeconds: 10`<br>`successThreshold: 3`<br>`timeoutSeconds: 5` |
+| `resources`              | Allows you to set the [resources](https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/) for the `DaemonSet`                                                                                                                                | `requests.cpu: 100m`<br>`requests.memory: 100Mi`<br>`limits.cpu: 1000m`<br>`limits.memory: 200Mi`                         |
+| `serviceAccount`         | Custom [serviceAccount](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/) that Metricbeat will use during execution. By default will use the service account created by this chart.                                                      | `""`                                                                                                                      |
+| `secretMounts`           | Allows you easily mount a secret as a file inside the `DaemonSet`. Useful for mounting certificates and other secrets. See [values.yaml](./values.yaml) for an example                                                                                                      | `[]`                                                                                                                      |
+| `terminationGracePeriod` | Termination period (in seconds) to wait before killing Metricbeat pod process on pod shutdown                                                                                                                                                                               | `30`                                                                                                                      |
+| `tolerations`            | Configurable [tolerations](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/)                                                                                                                                                                         | `[]`                                                                                                                      |
+| `updateStrategy`         | The [updateStrategy](https://kubernetes.io/docs/tasks/manage-daemon/update-daemon-set/#daemonset-update-strategy) for the `DaemonSet`. By default Kubernetes will kill and recreate pods on updates. Setting this to `OnDelete` will require that pods be deleted manually. | `RollingUpdate`                                                                                                           |
+| `replicas`               | The replica count for the metricbeat deployment talking to kube-state-metrics                                                                                                                                                                                               | `1`                                                                                                                       |
+
+## Examples
+
+In [examples/](./examples) you will find some example configurations. These examples are used for the automated testing of this helm chart.
+
+### Default
+
+* Deploy the [default Elasticsearch helm chart](../elasticsearch/README.md#default)
+* Deploy Metricbeat with the default values
+  ```
+  cd examples/default
+  make
+  ```
+* You can now setup a port forward for Elasticsearch to observe Metricbeat indices
+  ```
+  kubectl port-forward svc/elasticsearch-master 9200
+  curl localhost:9200/_cat/indices
+  ```
+
+## Testing
+
+This chart uses [pytest](https://docs.pytest.org/en/latest/) to test the templating logic. The dependencies for testing can be installed from the [`requirements.txt`](../requirements.txt) in the parent directory.
+
+```
+pip install -r ../requirements.txt
+make pytest
+```
+
+You can also use `helm template` to look at the YAML being generated
+
+```
+make template
+```
+
+It is possible to run all of the tests and linting inside of a docker container
+
+```
+make test
+```
+
+## Integration Testing
+
+Integration tests are run using [goss](https://github.com/aelsabbahy/goss/blob/master/docs/manual.md) which is a serverspec like tool written in golang. See [goss.yaml](examples/default/test/goss.yaml) for an example of what the tests look like.
+
+To run the goss tests against the default example:
+```
+cd examples/default
+make goss
+```
diff --git a/metricbeat/examples/6.x/Makefile b/metricbeat/examples/6.x/Makefile
@@ -0,0 +1,17 @@
+default: test
+
+include ../../../helpers/examples.mk
+
+RELEASE := helm-metricbeat-six
+GOSS_SELECTOR = release=$(RELEASE),app=helm-metricbeat-six-metricbeat
+
+install:
+	helm upgrade --wait --timeout=600 --install $(RELEASE) --values values.yaml ../../
+
+purge:
+	helm del --purge $(RELEASE)
+
+test-metrics:
+	 GOSS_FILE=goss-metrics.yaml make goss GOSS_SELECTOR=release=$(RELEASE),app=helm-metricbeat-six-metricbeat-metrics
+
+test: install goss test-metrics
diff --git a/metricbeat/examples/6.x/test/goss-metrics.yaml b/metricbeat/examples/6.x/test/goss-metrics.yaml
@@ -0,0 +1,43 @@
+port:
+  tcp:5066:
+    listening: true
+    ip:
+    - '127.0.0.1'
+
+mount:
+  /usr/share/metricbeat/kube-state-metrics-metricbeat.yml:
+    exists: true
+    opts:
+      - ro
+
+user:
+  metricbeat:
+    exists: true
+    uid: 1000
+    gid: 1000
+
+http:
+  http://six-master:9200/_cat/indices:
+    status: 200
+    timeout: 2000
+    body:
+      - 'metricbeat-6.8.1'
+  http://six-master:9200/_search?q=metricset.name:state_deployment:
+    status: 200
+    timeout: 2000
+    body:
+      - 'metricbeat-6.8.1'
+
+file:
+  /usr/share/metricbeat/metricbeat.yml:
+    exists: true
+    contains:
+      - 'add_kubernetes_metadata'
+      - 'output.elasticsearch'
+
+command:
+  cd /usr/share/metricbeat && metricbeat test output:
+    exit-status: 0
+    stdout:
+      - 'elasticsearch: http://six-master:9200'
+      - 'version: 6.8.1'
diff --git a/metricbeat/examples/6.x/test/goss.yaml b/metricbeat/examples/6.x/test/goss.yaml
@@ -0,0 +1,51 @@
+port:
+  tcp:5066:
+    listening: true
+    ip:
+    - '127.0.0.1'
+
+mount:
+  /usr/share/metricbeat/data:
+    exists: true
+  /run/docker.sock:
+    exists: true
+  /var/lib/docker/containers:
+    exists: true
+    opts:
+      - ro
+  /usr/share/metricbeat/metricbeat.yml:
+    exists: true
+    opts:
+      - ro
+
+user:
+  metricbeat:
+    exists: true
+    uid: 1000
+    gid: 1000
+
+http:
+  http://six-master:9200/_cat/indices:
+    status: 200
+    timeout: 2000
+    body:
+      - 'metricbeat-6.8.1'
+  http://six-master:9200/_search?q=metricset.name:container:
+    status: 200
+    timeout: 2000
+    body:
+      - 'metricbeat-6.8.1'
+
+file:
+  /usr/share/metricbeat/metricbeat.yml:
+    exists: true
+    contains:
+      - 'add_kubernetes_metadata'
+      - 'output.elasticsearch'
+
+command:
+  cd /usr/share/metricbeat && metricbeat test output:
+    exit-status: 0
+    stdout:
+      - 'elasticsearch: http://six-master:9200'
+      - 'version: 6.8.1'
diff --git a/metricbeat/examples/6.x/values.yaml b/metricbeat/examples/6.x/values.yaml
@@ -0,0 +1,5 @@
+imageTag: 6.8.1
+
+extraEnvs:
+  - name: ELASTICSEARCH_HOSTS
+    value: six-master:9200
diff --git a/metricbeat/examples/default/Makefile b/metricbeat/examples/default/Makefile
@@ -0,0 +1,17 @@
+default: test
+
+include ../../../helpers/examples.mk
+
+RELEASE = helm-metricbeat-default
+GOSS_SELECTOR = release=$(RELEASE),app=helm-metricbeat-default-metricbeat
+
+install:
+	helm upgrade --wait --timeout=600 --install $(RELEASE) ../../
+
+test-metrics:
+	 GOSS_FILE=goss-metrics.yaml make goss GOSS_SELECTOR=release=$(RELEASE),app=helm-metricbeat-default-metricbeat-metrics
+
+test: install goss test-metrics
+
+purge:
+	helm del --purge $(RELEASE)
diff --git a/metricbeat/examples/default/test/goss-metrics.yaml b/metricbeat/examples/default/test/goss-metrics.yaml
@@ -0,0 +1,44 @@
+port:
+  tcp:5066:
+    listening: true
+    ip:
+    - '127.0.0.1'
+
+mount:
+  /usr/share/metricbeat/kube-state-metrics-metricbeat.yml:
+    exists: true
+    opts:
+      - ro
+
+user:
+  metricbeat:
+    exists: true
+    uid: 1000
+    gid: 1000
+
+http:
+  http://elasticsearch-master:9200/_cat/indices:
+    status: 200
+    timeout: 2000
+    body:
+      - 'metricbeat-7.2.0'
+  http://elasticsearch-master:9200/_search?q=metricset.name:state_deployment:
+    status: 200
+    timeout: 2000
+    body:
+      - 'metricbeat-7.2.0'
+
+file:
+  /usr/share/metricbeat/metricbeat.yml:
+    exists: true
+    contains:
+      - 'add_kubernetes_metadata'
+      - 'output.elasticsearch'
+      - 'elasticsearch-master:9200'
+
+command:
+  cd /usr/share/metricbeat && metricbeat test output:
+    exit-status: 0
+    stdout:
+      - 'elasticsearch: http://elasticsearch-master:9200'
+      - 'version: 7.2.0'