Skip to content
This repository has been archived by the owner on Feb 22, 2022. It is now read-only.

[stable/graylog] Add sidecar support, privileged access and load balance across various inputs #21375

Merged
merged 3 commits into from
Mar 17, 2020
Merged

[stable/graylog] Add sidecar support, privileged access and load balance across various inputs #21375

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
33fcf04
[stable/graylog] Add support for a single LB for all inputs
cbarton Mar 11, 2020
c1e165c
[stable/graylog] Allow to run as privileged
cbarton Mar 11, 2020
08e3972
[stable/graylog] Add support for sidecar containers
cbarton Mar 11, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion stable/graylog/Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
apiVersion: v1
name: graylog
home: https://www.graylog.org
version: 1.6.1
version: 1.6.2
appVersion: 3.1
description: Graylog is the centralized log management solution built to open standards for capturing, storing, and enabling real-time analysis of terabytes of machine data.
keywords:
Expand Down
16 changes: 16 additions & 0 deletions stable/graylog/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -109,9 +109,11 @@ The following table lists the configurable parameters of the Graylog chart and t
| `graylog.tolerations` | Graylog server tolerations | `[]` |
| `graylog.nodeSelector` | Graylog server node selector | `{}` |
| `graylog.env` | Graylog server env variables | `{}` |
| `graylog.privileged` | Run as a privileged container | `false` |
| `graylog.additionalJavaOpts` | Graylog service additional `JAVA_OPTS` | `` |
| `graylog.service.type` | Kubernetes Service type | `ClusterIP` |
| `graylog.service.port` | Graylog Service port | `9000` |
| `graylog.service.ports` | Graylog Service extra ports | `[]` |
| `graylog.service.master.enabled` | If true, Graylog Master Service will be created | `true` |
| `graylog.service.master.port` | Graylog Master Service port | `9000` |
| `graylog.service.master.annotations` | Graylog Master Service annotations | `{}` |
Expand Down Expand Up @@ -166,6 +168,7 @@ The following table lists the configurable parameters of the Graylog chart and t
| `graylog.provisioner.enabled` | Enable optional Job to run an arbitrary Bash script | `false` |
| `graylog.provisioner.useGraylogServiceAccount` | Use the same ServiceAccount used by Graylog pod | `false` |
| `graylog.provisioner.script` | The contents of the provisioner Bash script | `` |
| `graylog.sidecarContainers` | Sidecar containers to run in the server statefulset | `[]` |
| `graylog.extraVolumeMounts` | Additional Volume mounts | `[]` |
| `graylog.extraVolumes` | Additional Volumes | `[]` |
| `graylog.extraInitContainers` | Additional Init containers | `[]` |
Expand Down Expand Up @@ -203,6 +206,19 @@ You can enable input ports by edit the `input` values. For example, you want to
port: 5410
```

OR, if you want to expose only a single service with all the input ports open, you can do so by specifying the `service.ports` value:

```
service:
ports:
- name: gelf
port: 12222
protocol: TCP
- name: syslog
port: 5410
protocol: UDP
```

Note: Name must be in IANA_SVC_NAME (at most 15 characters, matching regex [a-z0-9]([a-z0-9-]*[a-z0-9])* and it must contains at least one letter [a-z], hyphens cannot be adjacent to other hyphens)

Note: The port list should be sorted by port number.
Expand Down
12 changes: 11 additions & 1 deletion stable/graylog/templates/statefulset.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -120,9 +120,16 @@ spec:
- name: {{ $key }}
value: {{ $value | quote }}
{{- end }}
securityContext:
privileged: {{ .Values.graylog.privileged }}
ports:
- containerPort: 9000
name: graylog
{{- range .Values.graylog.service.ports }}
- containerPort: {{ .port }}
name: {{ .name}}
protocol: {{ .protocol }}
{{- end }}
{{- with .Values.graylog.input }}
{{- if .udp }}
{{- range .udp.ports }}
Expand Down Expand Up @@ -193,6 +200,9 @@ spec:
-u "{{ .Values.graylog.rootUsername }}:${GRAYLOG_PASSWORD_SECRET}" \
-H "X-Requested-By: {{ template "graylog.fullname" . }}" \
{{ template "graylog.formatUrl" (list . "localhost:9000/api/system/shutdown/shutdown") }}
{{- if .Values.graylog.sidecarContainers }}
{{ toYaml .Values.graylog.sidecarContainers | nindent 8 }}
{{- end }}
terminationGracePeriodSeconds: {{ default 30 .Values.graylog.terminationGracePeriodSeconds }}
volumes:
- name: config
Expand Down Expand Up @@ -220,7 +230,7 @@ spec:
- name: kubectl
emptyDir: {}
{{- if .Values.graylog.extraVolumes }}
{{ toYaml .Values.graylog.extraVolumes | indent 8}}
{{ toYaml .Values.graylog.extraVolumes | indent 8 }}
{{- end }}
{{- if not .Values.graylog.persistence.enabled }}
- name: journal
Expand Down
8 changes: 7 additions & 1 deletion stable/graylog/templates/web-service.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,12 @@ spec:
nodePort: {{ .Values.graylog.service.nodePort }}
{{- end }}
{{- end }}
{{- range .Values.graylog.service.ports }}
- name: {{ .name }}
port: {{ .port }}
protocol: {{ .protocol }}
targetPort: {{ .port }}
{{- end }}
{{- if .Values.graylog.service.externalIPs }}
externalIPs:
{{ toYaml .Values.graylog.service.externalIPs | indent 4 }}
Expand All @@ -28,7 +34,7 @@ spec:
{{- if .Values.graylog.service.clusterIP }}
clusterIP: {{ .Values.graylog.service.clusterIP }}
{{- end }}
{{- end }}
{{- end }}
selector:
app.kubernetes.io/name: {{ template "graylog.name" . }}
app.kubernetes.io/instance: "{{ .Release.Name }}"
Expand Down
11 changes: 11 additions & 0 deletions stable/graylog/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,10 @@ graylog:
##
env: {}

## Run as privileged container
##
privileged: false

## Pod affinity
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
##
Expand Down Expand Up @@ -110,6 +114,10 @@ graylog:
# - name: graylog-plugin-auth-sso-3.0.0.jar
# url: https://github.com/Graylog2/graylog-plugin-auth-sso/releases/download/3.0.0/graylog-plugin-auth-sso-3.0.0.jar

## Sidecar containers
##
sidecarContainers: []

## Additional init containers
##
extraInitContainers: []
Expand All @@ -127,6 +135,9 @@ graylog:
service:
type: ClusterIP
port: 9000
## Add additional ports for the service/statefulset to expose
##
ports: []

headless:
## Add suffix to headless service name
Expand Down