Skip to content

Commit

Permalink
[stable/graylog] Add sidecar support, privileged access and load bala…
Browse files Browse the repository at this point in the history 
…nce across various inputs (helm#21375)

* [stable/graylog] Add support for a single LB for all inputs

Opens up the option to host all inputs behind a single service instead
of requiring n+2 services for UDP and TCP

Signed-off-by: Chris Barton <chris.barton@recurly.com>

* [stable/graylog] Add support for sidecar containers

There are cases when a sidecar container is appropriate to run with the
Graylog server. One such use case is mounting a FUSE backend for
enterprise archives

Signed-off-by: Chris Barton <chris.barton@recurly.com>

* [stable/graylog] Allow to run as privileged

Signed-off-by: Chris Barton <chris.barton@recurly.com>
Signed-off-by: Adrien Loiseau <adrien.loiseau@logic-immo.com>
  • Loading branch information
@cbarton @li-adrienloiseau
cbarton authored and li-adrienloiseau committed Jul 29, 2020
1 parent fdc64c6 commit e125d0a
Show file tree
Hide file tree
Showing 5 changed files with 46 additions and 3 deletions.
2 changes: 1 addition & 1 deletion stable/graylog/Chart.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
apiVersion: v1
name: graylog
home: https://www.graylog.org
version: 1.6.1
version: 1.6.2
appVersion: 3.1
description: Graylog is the centralized log management solution built to open standards for capturing, storing, and enabling real-time analysis of terabytes of machine data.
keywords:
Expand Down
16 changes: 16 additions & 0 deletions stable/graylog/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -109,9 +109,11 @@ The following table lists the configurable parameters of the Graylog chart and t
| `graylog.tolerations` | Graylog server tolerations | `[]` |
| `graylog.nodeSelector` | Graylog server node selector | `{}` |
| `graylog.env` | Graylog server env variables | `{}` |
| `graylog.privileged` | Run as a privileged container | `false` |
| `graylog.additionalJavaOpts` | Graylog service additional `JAVA_OPTS` | `` |
| `graylog.service.type` | Kubernetes Service type | `ClusterIP` |
| `graylog.service.port` | Graylog Service port | `9000` |
| `graylog.service.ports` | Graylog Service extra ports | `[]` |
| `graylog.service.master.enabled` | If true, Graylog Master Service will be created | `true` |
| `graylog.service.master.port` | Graylog Master Service port | `9000` |
| `graylog.service.master.annotations` | Graylog Master Service annotations | `{}` |
Expand Down Expand Up @@ -166,6 +168,7 @@ The following table lists the configurable parameters of the Graylog chart and t
| `graylog.provisioner.enabled` | Enable optional Job to run an arbitrary Bash script | `false` |
| `graylog.provisioner.useGraylogServiceAccount` | Use the same ServiceAccount used by Graylog pod | `false` |
| `graylog.provisioner.script` | The contents of the provisioner Bash script | `` |
| `graylog.sidecarContainers` | Sidecar containers to run in the server statefulset | `[]` |
| `graylog.extraVolumeMounts` | Additional Volume mounts | `[]` |
| `graylog.extraVolumes` | Additional Volumes | `[]` |
| `graylog.extraInitContainers` | Additional Init containers | `[]` |
Expand Down Expand Up @@ -203,6 +206,19 @@ You can enable input ports by edit the `input` values. For example, you want to
port: 5410
```
OR, if you want to expose only a single service with all the input ports open, you can do so by specifying the `service.ports` value:
```
service:
ports:
- name: gelf
port: 12222
protocol: TCP
- name: syslog
port: 5410
protocol: UDP
```
Note: Name must be in IANA_SVC_NAME (at most 15 characters, matching regex [a-z0-9]([a-z0-9-]*[a-z0-9])* and it must contains at least one letter [a-z], hyphens cannot be adjacent to other hyphens)
Note: The port list should be sorted by port number.
Expand Down
12 changes: 11 additions & 1 deletion stable/graylog/templates/statefulset.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -120,9 +120,16 @@ spec:
- name: {{ $key }}
value: {{ $value | quote }}
{{- end }}
securityContext:
privileged: {{ .Values.graylog.privileged }}
ports:
- containerPort: 9000
name: graylog
{{- range .Values.graylog.service.ports }}
- containerPort: {{ .port }}
name: {{ .name}}
protocol: {{ .protocol }}
{{- end }}
{{- with .Values.graylog.input }}
{{- if .udp }}
{{- range .udp.ports }}
Expand Down Expand Up @@ -193,6 +200,9 @@ spec:
-u "{{ .Values.graylog.rootUsername }}:${GRAYLOG_PASSWORD_SECRET}" \
-H "X-Requested-By: {{ template "graylog.fullname" . }}" \
{{ template "graylog.formatUrl" (list . "localhost:9000/api/system/shutdown/shutdown") }}
{{- if .Values.graylog.sidecarContainers }}
{{ toYaml .Values.graylog.sidecarContainers | nindent 8 }}
{{- end }}
terminationGracePeriodSeconds: {{ default 30 .Values.graylog.terminationGracePeriodSeconds }}
volumes:
- name: config
Expand Down Expand Up @@ -220,7 +230,7 @@ spec:
- name: kubectl
emptyDir: {}
{{- if .Values.graylog.extraVolumes }}
{{ toYaml .Values.graylog.extraVolumes | indent 8}}
{{ toYaml .Values.graylog.extraVolumes | indent 8 }}
{{- end }}
{{- if not .Values.graylog.persistence.enabled }}
- name: journal
Expand Down
8 changes: 7 additions & 1 deletion stable/graylog/templates/web-service.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,12 @@ spec:
nodePort: {{ .Values.graylog.service.nodePort }}
{{- end }}
{{- end }}
{{- range .Values.graylog.service.ports }}
- name: {{ .name }}
port: {{ .port }}
protocol: {{ .protocol }}
targetPort: {{ .port }}
{{- end }}
{{- if .Values.graylog.service.externalIPs }}
externalIPs:
{{ toYaml .Values.graylog.service.externalIPs | indent 4 }}
Expand All @@ -28,7 +34,7 @@ spec:
{{- if .Values.graylog.service.clusterIP }}
clusterIP: {{ .Values.graylog.service.clusterIP }}
{{- end }}
{{- end }}
{{- end }}
selector:
app.kubernetes.io/name: {{ template "graylog.name" . }}
app.kubernetes.io/instance: "{{ .Release.Name }}"
Expand Down
11 changes: 11 additions & 0 deletions stable/graylog/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,10 @@ graylog:
##
env: {}

## Run as privileged container
##
privileged: false

## Pod affinity
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
##
Expand Down Expand Up @@ -110,6 +114,10 @@ graylog:
# - name: graylog-plugin-auth-sso-3.0.0.jar
# url: https://github.com/Graylog2/graylog-plugin-auth-sso/releases/download/3.0.0/graylog-plugin-auth-sso-3.0.0.jar

## Sidecar containers
##
sidecarContainers: []

## Additional init containers
##
extraInitContainers: []
Expand All @@ -127,6 +135,9 @@ graylog:
service:
type: ClusterIP
port: 9000
## Add additional ports for the service/statefulset to expose
##
ports: []

headless:
## Add suffix to headless service name
Expand Down

0 comments on commit e125d0a

Please sign in to comment.