diff --git a/stable/graylog/Chart.yaml b/stable/graylog/Chart.yaml index 4dc672aefb17..0f9bfd2d913b 100755 --- a/stable/graylog/Chart.yaml +++ b/stable/graylog/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v1 name: graylog home: https://www.graylog.org -version: 1.6.1 +version: 1.6.2 appVersion: 3.1 description: Graylog is the centralized log management solution built to open standards for capturing, storing, and enabling real-time analysis of terabytes of machine data. keywords: diff --git a/stable/graylog/README.md b/stable/graylog/README.md index 426bcbdf97c0..e9869a9d4db0 100644 --- a/stable/graylog/README.md +++ b/stable/graylog/README.md @@ -109,9 +109,11 @@ The following table lists the configurable parameters of the Graylog chart and t | `graylog.tolerations` | Graylog server tolerations | `[]` | | `graylog.nodeSelector` | Graylog server node selector | `{}` | | `graylog.env` | Graylog server env variables | `{}` | +| `graylog.privileged` | Run as a privileged container | `false` | | `graylog.additionalJavaOpts` | Graylog service additional `JAVA_OPTS` | `` | | `graylog.service.type` | Kubernetes Service type | `ClusterIP` | | `graylog.service.port` | Graylog Service port | `9000` | +| `graylog.service.ports` | Graylog Service extra ports | `[]` | | `graylog.service.master.enabled` | If true, Graylog Master Service will be created | `true` | | `graylog.service.master.port` | Graylog Master Service port | `9000` | | `graylog.service.master.annotations` | Graylog Master Service annotations | `{}` | @@ -166,6 +168,7 @@ The following table lists the configurable parameters of the Graylog chart and t | `graylog.provisioner.enabled` | Enable optional Job to run an arbitrary Bash script | `false` | | `graylog.provisioner.useGraylogServiceAccount` | Use the same ServiceAccount used by Graylog pod | `false` | | `graylog.provisioner.script` | The contents of the provisioner Bash script | `` | +| `graylog.sidecarContainers` | Sidecar containers to run in the server statefulset | `[]` | | `graylog.extraVolumeMounts` | Additional Volume mounts | `[]` | | `graylog.extraVolumes` | Additional Volumes | `[]` | | `graylog.extraInitContainers` | Additional Init containers | `[]` | @@ -203,6 +206,19 @@ You can enable input ports by edit the `input` values. For example, you want to port: 5410 ``` +OR, if you want to expose only a single service with all the input ports open, you can do so by specifying the `service.ports` value: + +``` + service: + ports: + - name: gelf + port: 12222 + protocol: TCP + - name: syslog + port: 5410 + protocol: UDP +``` + Note: Name must be in IANA_SVC_NAME (at most 15 characters, matching regex [a-z0-9]([a-z0-9-]*[a-z0-9])* and it must contains at least one letter [a-z], hyphens cannot be adjacent to other hyphens) Note: The port list should be sorted by port number. diff --git a/stable/graylog/templates/statefulset.yaml b/stable/graylog/templates/statefulset.yaml index 41c6e04b8251..312592eeb358 100644 --- a/stable/graylog/templates/statefulset.yaml +++ b/stable/graylog/templates/statefulset.yaml @@ -120,9 +120,16 @@ spec: - name: {{ $key }} value: {{ $value | quote }} {{- end }} + securityContext: + privileged: {{ .Values.graylog.privileged }} ports: - containerPort: 9000 name: graylog + {{- range .Values.graylog.service.ports }} + - containerPort: {{ .port }} + name: {{ .name}} + protocol: {{ .protocol }} + {{- end }} {{- with .Values.graylog.input }} {{- if .udp }} {{- range .udp.ports }} @@ -193,6 +200,9 @@ spec: -u "{{ .Values.graylog.rootUsername }}:${GRAYLOG_PASSWORD_SECRET}" \ -H "X-Requested-By: {{ template "graylog.fullname" . }}" \ {{ template "graylog.formatUrl" (list . "localhost:9000/api/system/shutdown/shutdown") }} + {{- if .Values.graylog.sidecarContainers }} + {{ toYaml .Values.graylog.sidecarContainers | nindent 8 }} + {{- end }} terminationGracePeriodSeconds: {{ default 30 .Values.graylog.terminationGracePeriodSeconds }} volumes: - name: config @@ -220,7 +230,7 @@ spec: - name: kubectl emptyDir: {} {{- if .Values.graylog.extraVolumes }} -{{ toYaml .Values.graylog.extraVolumes | indent 8}} +{{ toYaml .Values.graylog.extraVolumes | indent 8 }} {{- end }} {{- if not .Values.graylog.persistence.enabled }} - name: journal diff --git a/stable/graylog/templates/web-service.yaml b/stable/graylog/templates/web-service.yaml index ec1cbc72cbf4..7e2714f3a704 100644 --- a/stable/graylog/templates/web-service.yaml +++ b/stable/graylog/templates/web-service.yaml @@ -20,6 +20,12 @@ spec: nodePort: {{ .Values.graylog.service.nodePort }} {{- end }} {{- end }} +{{- range .Values.graylog.service.ports }} + - name: {{ .name }} + port: {{ .port }} + protocol: {{ .protocol }} + targetPort: {{ .port }} +{{- end }} {{- if .Values.graylog.service.externalIPs }} externalIPs: {{ toYaml .Values.graylog.service.externalIPs | indent 4 }} @@ -28,7 +34,7 @@ spec: {{- if .Values.graylog.service.clusterIP }} clusterIP: {{ .Values.graylog.service.clusterIP }} {{- end }} -{{- end }} +{{- end }} selector: app.kubernetes.io/name: {{ template "graylog.name" . }} app.kubernetes.io/instance: "{{ .Release.Name }}" diff --git a/stable/graylog/values.yaml b/stable/graylog/values.yaml index 531e2ce8799d..65b6bc09e911 100644 --- a/stable/graylog/values.yaml +++ b/stable/graylog/values.yaml @@ -55,6 +55,10 @@ graylog: ## env: {} + ## Run as privileged container + ## + privileged: false + ## Pod affinity ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity ## @@ -110,6 +114,10 @@ graylog: # - name: graylog-plugin-auth-sso-3.0.0.jar # url: https://github.com/Graylog2/graylog-plugin-auth-sso/releases/download/3.0.0/graylog-plugin-auth-sso-3.0.0.jar + ## Sidecar containers + ## + sidecarContainers: [] + ## Additional init containers ## extraInitContainers: [] @@ -127,6 +135,9 @@ graylog: service: type: ClusterIP port: 9000 + ## Add additional ports for the service/statefulset to expose + ## + ports: [] headless: ## Add suffix to headless service name