Commit b2cc4c61 authored by Adrien Kohlbecker's avatar Adrien Kohlbecker Committed by Mayra Cabrera

Move to supported Elastic helm charts

Chart v3.0.0
parent 90784927
...@@ -662,7 +662,7 @@ Crossplane runs inside your Kubernetes cluster and supports secure connectivity ...@@ -662,7 +662,7 @@ Crossplane runs inside your Kubernetes cluster and supports secure connectivity
:uninstall-successful="applications.elastic_stack.uninstallSuccessful" :uninstall-successful="applications.elastic_stack.uninstallSuccessful"
:uninstall-failed="applications.elastic_stack.uninstallFailed" :uninstall-failed="applications.elastic_stack.uninstallFailed"
:disabled="!helmInstalled" :disabled="!helmInstalled"
title-link="https://github.com/helm/charts/tree/master/stable/elastic-stack" title-link="https://gitlab.com/gitlab-org/charts/elastic-stack"
> >
<div slot="description"> <div slot="description">
<p> <p>
......
...@@ -3,7 +3,7 @@ ...@@ -3,7 +3,7 @@
module Clusters module Clusters
module Applications module Applications
class ElasticStack < ApplicationRecord class ElasticStack < ApplicationRecord
VERSION = '2.0.0' VERSION = '3.0.0'
ELASTICSEARCH_PORT = 9200 ELASTICSEARCH_PORT = 9200
...@@ -18,7 +18,11 @@ module Clusters ...@@ -18,7 +18,11 @@ module Clusters
default_value_for :version, VERSION default_value_for :version, VERSION
def chart def chart
'stable/elastic-stack' 'elastic-stack/elastic-stack'
end
def repository
'https://charts.gitlab.io'
end end
def install_command def install_command
...@@ -27,8 +31,9 @@ module Clusters ...@@ -27,8 +31,9 @@ module Clusters
version: VERSION, version: VERSION,
rbac: cluster.platform_kubernetes_rbac?, rbac: cluster.platform_kubernetes_rbac?,
chart: chart, chart: chart,
repository: repository,
files: files, files: files,
preinstall: migrate_to_2_script, preinstall: migrate_to_3_script,
postinstall: post_install_script postinstall: post_install_script
) )
end end
...@@ -50,7 +55,7 @@ module Clusters ...@@ -50,7 +55,7 @@ module Clusters
strong_memoize(:elasticsearch_client) do strong_memoize(:elasticsearch_client) do
next unless kube_client next unless kube_client
proxy_url = kube_client.proxy_url('service', 'elastic-stack-elasticsearch-client', ::Clusters::Applications::ElasticStack::ELASTICSEARCH_PORT, Gitlab::Kubernetes::Helm::NAMESPACE) proxy_url = kube_client.proxy_url('service', service_name, ::Clusters::Applications::ElasticStack::ELASTICSEARCH_PORT, Gitlab::Kubernetes::Helm::NAMESPACE)
Elasticsearch::Client.new(url: proxy_url) do |faraday| Elasticsearch::Client.new(url: proxy_url) do |faraday|
# ensures headers containing auth data are appended to original client options # ensures headers containing auth data are appended to original client options
...@@ -70,21 +75,33 @@ module Clusters ...@@ -70,21 +75,33 @@ module Clusters
end end
end end
def filebeat7? def chart_above_v2?
Gem::Version.new(version) >= Gem::Version.new('2.0.0') Gem::Version.new(version) >= Gem::Version.new('2.0.0')
end end
def chart_above_v3?
Gem::Version.new(version) >= Gem::Version.new('3.0.0')
end
private private
def service_name
chart_above_v3? ? 'elastic-stack-elasticsearch-master' : 'elastic-stack-elasticsearch-client'
end
def pvc_selector
chart_above_v3? ? "app=elastic-stack-elasticsearch-master" : "release=elastic-stack"
end
def post_install_script def post_install_script
[ [
"timeout -t60 sh /data/helm/elastic-stack/config/wait-for-elasticsearch.sh http://elastic-stack-elasticsearch-client:9200" "timeout -t60 sh /data/helm/elastic-stack/config/wait-for-elasticsearch.sh http://elastic-stack-elasticsearch-master:9200"
] ]
end end
def post_delete_script def post_delete_script
[ [
Gitlab::Kubernetes::KubectlCmd.delete("pvc", "--selector", "release=elastic-stack") Gitlab::Kubernetes::KubectlCmd.delete("pvc", "--selector", pvc_selector, "--namespace", Gitlab::Kubernetes::Helm::NAMESPACE)
] ]
end end
...@@ -92,25 +109,19 @@ module Clusters ...@@ -92,25 +109,19 @@ module Clusters
cluster&.kubeclient&.core_client cluster&.kubeclient&.core_client
end end
def migrate_to_2_script def migrate_to_3_script
# Updating the chart to 2.0.0 includes an update of the filebeat chart from 1.7.0 to 3.1.1 https://github.com/helm/charts/pull/21640 return [] if !updating? || chart_above_v3?
# This includes the following commit that changes labels on the filebeat deployment https://github.com/helm/charts/commit/9b009170686c6f4b202c36ceb1da4bb9ba15ddd0
# Unfortunately those fields are immutable, and we can't use `helm upgrade` to change them. We first have to delete the associated filebeat resources # Chart version 3.0.0 moves to our own chart at https://gitlab.com/gitlab-org/charts/elastic-stack
# The following pre-install command runs before updating to 2.0.0 and sets filebeat.enable=false so the filebeat deployment is deleted. # and is not compatible with pre-existing resources. We first remove them.
# Then the main install command re-creates them properly
if updating? && !filebeat7?
[ [
Gitlab::Kubernetes::Helm::InstallCommand.new( Gitlab::Kubernetes::Helm::DeleteCommand.new(
name: 'elastic-stack', name: 'elastic-stack',
version: version,
rbac: cluster.platform_kubernetes_rbac?, rbac: cluster.platform_kubernetes_rbac?,
chart: chart,
files: files files: files
).install_command + ' --set filebeat.enabled\\=false' ).delete_command,
Gitlab::Kubernetes::KubectlCmd.delete("pvc", "--selector", "release=elastic-stack", "--namespace", Gitlab::Kubernetes::Helm::NAMESPACE)
] ]
else
[]
end
end end
end end
end end
......
...@@ -70,7 +70,7 @@ module PodLogs ...@@ -70,7 +70,7 @@ module PodLogs
client = cluster&.application_elastic_stack&.elasticsearch_client client = cluster&.application_elastic_stack&.elasticsearch_client
return error(_('Unable to connect to Elasticsearch')) unless client return error(_('Unable to connect to Elasticsearch')) unless client
filebeat7 = cluster.application_elastic_stack.filebeat7? chart_above_v2 = cluster.application_elastic_stack.chart_above_v2?
response = ::Gitlab::Elasticsearch::Logs::Lines.new(client).pod_logs( response = ::Gitlab::Elasticsearch::Logs::Lines.new(client).pod_logs(
namespace, namespace,
...@@ -80,7 +80,7 @@ module PodLogs ...@@ -80,7 +80,7 @@ module PodLogs
start_time: result[:start_time], start_time: result[:start_time],
end_time: result[:end_time], end_time: result[:end_time],
cursor: result[:cursor], cursor: result[:cursor],
filebeat7: filebeat7 chart_above_v2: chart_above_v2
) )
result.merge!(response) result.merge!(response)
......
---
title: Move to supported Elastic helm charts
merge_request: 30528
author:
type: changed
...@@ -505,20 +505,23 @@ Log data is automatically deleted after 30 days using [Curator](https://www.elas ...@@ -505,20 +505,23 @@ Log data is automatically deleted after 30 days using [Curator](https://www.elas
To enable log shipping: To enable log shipping:
1. Ensure your cluster contains at least 3 nodes of instance types larger than
`f1-micro`, `g1-small`, or `n1-standard-1`.
1. Navigate to **{cloud-gear}** **Operations > Kubernetes**. 1. Navigate to **{cloud-gear}** **Operations > Kubernetes**.
1. In **Kubernetes Cluster**, select a cluster. 1. In **Kubernetes Cluster**, select a cluster.
1. In the **Applications** section, find **Elastic Stack** and click **Install**. 1. In the **Applications** section, find **Elastic Stack** and click **Install**.
NOTE: **Note:** NOTE: **Note:**
The [`stable/elastic-stack`](https://github.com/helm/charts/tree/master/stable/elastic-stack) The [`gitlab/elastic-stack`](https://gitlab.com/gitlab-org/charts/elastic-stack)
chart is used to install this application with a chart is used to install this application with a
[`values.yaml`](https://gitlab.com/gitlab-org/gitlab/blob/master/vendor/elastic_stack/values.yaml) [`values.yaml`](https://gitlab.com/gitlab-org/gitlab/blob/master/vendor/elastic_stack/values.yaml)
file. file.
NOTE: **Note:** NOTE: **Note:**
The chart will deploy 5 Elasticsearch nodes: 2 masters, 2 data and 1 client node, The chart deploys 3 identical Elasticsearch pods which can't be colocated, and each
with resource requests totalling 0.125 CPU and 4.5GB RAM. Each data node requests 1.5GB of memory, require 1 CPU and 2 GB of RAM, making them incompatible with clusters containing
which makes it incompatible with clusters of `f1-micro` and `g1-small` instance types. fewer than 3 nodes or consisting of `f1-micro`, `g1-small`, `n1-standard-1`, or
`*-highcpu-2` instance types.
NOTE: **Note:** NOTE: **Note:**
The Elastic Stack cluster application is intended as a log aggregation solution and is not related to our The Elastic Stack cluster application is intended as a log aggregation solution and is not related to our
...@@ -542,20 +545,23 @@ logstash: ...@@ -542,20 +545,23 @@ logstash:
kibana: kibana:
enabled: true enabled: true
env: elasticsearchHosts: http://elastic-stack-elasticsearch-master.gitlab-managed-apps.svc.cluster.local:9200
ELASTICSEARCH_HOSTS: http://elastic-stack-elasticsearch-client.gitlab-managed-apps.svc.cluster.local:9200
elasticseach-curator:
enabled: false
``` ```
Then install it on your cluster: Then install it on your cluster:
```shell ```shell
helm install --name kibana stable/elastic-stack --values kibana.yml helm repo add gitlab https://charts.gitlab.io
helm install --name kibana gitlab/elastic-stack --values kibana.yml
``` ```
To access Kibana, forward the port to your local machine: To access Kibana, forward the port to your local machine:
```shell ```shell
kubectl port-forward svc/kibana 5601:443 kubectl port-forward svc/kibana 5601:5601
``` ```
Then, you can visit Kibana at `http://localhost:5601`. Then, you can visit Kibana at `http://localhost:5601`.
...@@ -1069,7 +1075,7 @@ You can check the default [`values.yaml`](https://gitlab.com/gitlab-org/gitlab/- ...@@ -1069,7 +1075,7 @@ You can check the default [`values.yaml`](https://gitlab.com/gitlab-org/gitlab/-
You can customize the installation of Elastic Stack by defining You can customize the installation of Elastic Stack by defining
`.gitlab/managed-apps/elastic-stack/values.yaml` file in your cluster `.gitlab/managed-apps/elastic-stack/values.yaml` file in your cluster
management project. Refer to the management project. Refer to the
[chart](https://github.com/helm/charts/blob/master/stable/elastic-stack/values.yaml) for the [chart](https://gitlab.com/gitlab-org/charts/elastic-stack) for the
available configuration options. available configuration options.
NOTE: **Note:** NOTE: **Note:**
......
...@@ -21,8 +21,13 @@ module Security ...@@ -21,8 +21,13 @@ module Security
aggregate_results = elasticsearch_client.msearch(body: body) aggregate_results = elasticsearch_client.msearch(body: body)
nginx_results, modsec_results = aggregate_results['responses'] nginx_results, modsec_results = aggregate_results['responses']
if chart_above_v3?
nginx_total_requests = nginx_results.dig('hits', 'total', 'value').to_f
modsec_total_requests = modsec_results.dig('hits', 'total', 'value').to_f
else
nginx_total_requests = nginx_results.dig('hits', 'total').to_f nginx_total_requests = nginx_results.dig('hits', 'total').to_f
modsec_total_requests = modsec_results.dig('hits', 'total').to_f modsec_total_requests = modsec_results.dig('hits', 'total').to_f
end
anomalous_traffic_count = nginx_total_requests.zero? ? 0 : (modsec_total_requests / nginx_total_requests).round(2) anomalous_traffic_count = nginx_total_requests.zero? ? 0 : (modsec_total_requests / nginx_total_requests).round(2)
...@@ -41,11 +46,19 @@ module Security ...@@ -41,11 +46,19 @@ module Security
end end
def elasticsearch_client def elasticsearch_client
@client ||= @environment.deployment_platform&.cluster&.application_elastic_stack&.elasticsearch_client @elasticsearch_client ||= application_elastic_stack&.elasticsearch_client
end end
private private
def application_elastic_stack
@application_elastic_stack ||= @environment.deployment_platform&.cluster&.application_elastic_stack
end
def chart_above_v3?
application_elastic_stack.chart_above_v3?
end
def body def body
[ [
{ index: indices }, { index: indices },
...@@ -68,7 +81,7 @@ module Security ...@@ -68,7 +81,7 @@ module Security
# indices # indices
def indices def indices
(@from.to_date..@to.to_date).map do |day| (@from.to_date..@to.to_date).map do |day|
"filebeat-*-#{day.strftime('%Y.%m.%d')}" chart_above_v3? ? "filebeat-*-#{day.strftime('%Y.%m.%d')}-*" : "filebeat-*-#{day.strftime('%Y.%m.%d')}"
end end
end end
......
...@@ -24,6 +24,7 @@ describe Projects::Security::WafAnomaliesController do ...@@ -24,6 +24,7 @@ describe Projects::Security::WafAnomaliesController do
allow_next_instance_of(::Security::WafAnomalySummaryService) do |instance| allow_next_instance_of(::Security::WafAnomalySummaryService) do |instance|
allow(instance).to receive(:elasticsearch_client).at_most(3).times { es_client } allow(instance).to receive(:elasticsearch_client).at_most(3).times { es_client }
allow(instance).to receive(:chart_above_v3?) { true }
end end
end end
......
...@@ -9,13 +9,14 @@ describe Security::WafAnomalySummaryService do ...@@ -9,13 +9,14 @@ describe Security::WafAnomalySummaryService do
end end
let(:es_client) { double(Elasticsearch::Client) } let(:es_client) { double(Elasticsearch::Client) }
let(:chart_above_v3) { true }
let(:empty_response) do let(:empty_response) do
{ {
'took' => 40, 'took' => 40,
'timed_out' => false, 'timed_out' => false,
'_shards' => { 'total' => 11, 'successful' => 11, 'skipped' => 0, 'failed' => 0 }, '_shards' => { 'total' => 11, 'successful' => 11, 'skipped' => 0, 'failed' => 0 },
'hits' => { 'total' => 0, 'max_score' => 0.0, 'hits' => [] }, 'hits' => { 'total' => { 'value' => 0, 'relation' => 'gte' }, 'max_score' => 0.0, 'hits' => [] },
'aggregations' => { 'aggregations' => {
'counts' => { 'counts' => {
'buckets' => [] 'buckets' => []
...@@ -27,7 +28,7 @@ describe Security::WafAnomalySummaryService do ...@@ -27,7 +28,7 @@ describe Security::WafAnomalySummaryService do
let(:nginx_response) do let(:nginx_response) do
empty_response.deep_merge( empty_response.deep_merge(
'hits' => { 'total' => 3 }, 'hits' => { 'total' => { 'value' => 3 } },
'aggregations' => { 'aggregations' => {
'counts' => { 'counts' => {
'buckets' => [ 'buckets' => [
...@@ -42,6 +43,38 @@ describe Security::WafAnomalySummaryService do ...@@ -42,6 +43,38 @@ describe Security::WafAnomalySummaryService do
end end
let(:modsec_response) do let(:modsec_response) do
empty_response.deep_merge(
'hits' => { 'total' => { 'value' => 1 } },
'aggregations' => {
'counts' => {
'buckets' => [
{ 'key_as_string' => '2019-12-04T23:00:00.000Z', 'key' => 1575500400000, 'doc_count' => 0 },
{ 'key_as_string' => '2019-12-05T00:00:00.000Z', 'key' => 1575504000000, 'doc_count' => 0 },
{ 'key_as_string' => '2019-12-05T01:00:00.000Z', 'key' => 1575507600000, 'doc_count' => 0 },
{ 'key_as_string' => '2019-12-05T08:00:00.000Z', 'key' => 1575532800000, 'doc_count' => 1 }
]
}
}
)
end
let(:nginx_response_es6) do
empty_response.deep_merge(
'hits' => { 'total' => 3 },
'aggregations' => {
'counts' => {
'buckets' => [
{ 'key_as_string' => '2020-02-14T23:00:00.000Z', 'key' => 1575500400000, 'doc_count' => 1 },
{ 'key_as_string' => '2020-02-15T00:00:00.000Z', 'key' => 1575504000000, 'doc_count' => 0 },
{ 'key_as_string' => '2020-02-15T01:00:00.000Z', 'key' => 1575507600000, 'doc_count' => 0 },
{ 'key_as_string' => '2020-02-15T08:00:00.000Z', 'key' => 1575532800000, 'doc_count' => 2 }
]
}
}
)
end
let(:modsec_response_es6) do
empty_response.deep_merge( empty_response.deep_merge(
'hits' => { 'total' => 1 }, 'hits' => { 'total' => 1 },
'aggregations' => { 'aggregations' => {
...@@ -99,6 +132,9 @@ describe Security::WafAnomalySummaryService do ...@@ -99,6 +132,9 @@ describe Security::WafAnomalySummaryService do
allow(environment.deployment_platform.cluster).to receive_message_chain( allow(environment.deployment_platform.cluster).to receive_message_chain(
:application_elastic_stack, :elasticsearch_client :application_elastic_stack, :elasticsearch_client
) { es_client } ) { es_client }
allow(environment.deployment_platform.cluster).to receive_message_chain(
:application_elastic_stack, :chart_above_v3?
) { chart_above_v3 }
end end
context 'no requests' do context 'no requests' do
...@@ -142,11 +178,28 @@ describe Security::WafAnomalySummaryService do ...@@ -142,11 +178,28 @@ describe Security::WafAnomalySummaryService do
expect(results.fetch(:anomalous_traffic)).to eq 0.33 expect(results.fetch(:anomalous_traffic)).to eq 0.33
end end
end end
context 'with legacy es6 cluster' do
let(:chart_above_v3) { false }
let(:nginx_results) { nginx_response_es6 }
let(:modsec_results) { modsec_response_es6 }
it 'returns results', :aggregate_failures do
results = subject.execute
expect(results.fetch(:status)).to eq :success
expect(results.fetch(:interval)).to eq 'day'
expect(results.fetch(:total_traffic)).to eq 3
expect(results.fetch(:anomalous_traffic)).to eq 0.33
end
end
end end
context 'with review app' do context 'with review app' do
it 'resolves transaction_id from external_url' do it 'resolves transaction_id from external_url' do
allow(subject).to receive(:elasticsearch_client) { es_client } allow(subject).to receive(:elasticsearch_client) { es_client }
allow(subject).to receive(:chart_above_v3?) { chart_above_v3 }
expect(es_client).to receive(:msearch).with( expect(es_client).to receive(:msearch).with(
body: array_including( body: array_including(
...@@ -182,6 +235,7 @@ describe Security::WafAnomalySummaryService do ...@@ -182,6 +235,7 @@ describe Security::WafAnomalySummaryService do
) )
allow(subject).to receive(:elasticsearch_client) { es_client } allow(subject).to receive(:elasticsearch_client) { es_client }
allow(subject).to receive(:chart_above_v3?) { chart_above_v3 }
expect(es_client).to receive(:msearch).with( expect(es_client).to receive(:msearch).with(
body: array_including( body: array_including(
...@@ -218,6 +272,7 @@ describe Security::WafAnomalySummaryService do ...@@ -218,6 +272,7 @@ describe Security::WafAnomalySummaryService do
) )
allow(subject).to receive(:elasticsearch_client) { es_client } allow(subject).to receive(:elasticsearch_client) { es_client }
allow(subject).to receive(:chart_above_v3?) { chart_above_v3 }
expect(es_client).to receive(:msearch).with( expect(es_client).to receive(:msearch).with(
body: array_including( body: array_including(
......
...@@ -13,7 +13,7 @@ module Gitlab ...@@ -13,7 +13,7 @@ module Gitlab
@client = client @client = client
end end
def pod_logs(namespace, pod_name: nil, container_name: nil, search: nil, start_time: nil, end_time: nil, cursor: nil, filebeat7: true) def pod_logs(namespace, pod_name: nil, container_name: nil, search: nil, start_time: nil, end_time: nil, cursor: nil, chart_above_v2: true)
query = { bool: { must: [] } }.tap do |q| query = { bool: { must: [] } }.tap do |q|
filter_pod_name(q, pod_name) filter_pod_name(q, pod_name)
filter_namespace(q, namespace) filter_namespace(q, namespace)
...@@ -22,7 +22,7 @@ module Gitlab ...@@ -22,7 +22,7 @@ module Gitlab
filter_times(q, start_time, end_time) filter_times(q, start_time, end_time)
end end
body = build_body(query, cursor, filebeat7) body = build_body(query, cursor, chart_above_v2)
response = @client.search body: body response = @client.search body: body
format_response(response) format_response(response)
...@@ -30,8 +30,8 @@ module Gitlab ...@@ -30,8 +30,8 @@ module Gitlab
private private
def build_body(query, cursor = nil, filebeat7 = true) def build_body(query, cursor = nil, chart_above_v2 = true)
offset_field = filebeat7 ? "log.offset" : "offset" offset_field = chart_above_v2 ? "log.offset" : "offset"
body = { body = {
query: query, query: query,
# reverse order so we can query N-most recent records # reverse order so we can query N-most recent records
......
...@@ -36,8 +36,6 @@ module Gitlab ...@@ -36,8 +36,6 @@ module Gitlab
@rbac @rbac
end end
private
def delete_command def delete_command
command = ['helm', 'delete', '--purge', name] + tls_flags_if_remote_tiller command = ['helm', 'delete', '--purge', name] + tls_flags_if_remote_tiller
......
...@@ -37,6 +37,8 @@ module Gitlab ...@@ -37,6 +37,8 @@ module Gitlab
@rbac @rbac
end end
private
# Uses `helm upgrade --install` which means we can use this for both # Uses `helm upgrade --install` which means we can use this for both
# installation and uprade of applications # installation and uprade of applications
def install_command def install_command
...@@ -53,8 +55,6 @@ module Gitlab ...@@ -53,8 +55,6 @@ module Gitlab
command.shelljoin command.shelljoin
end end
private
def install_flag def install_flag
['--install'] ['--install']
end end
......
...@@ -90,7 +90,7 @@ describe Gitlab::Elasticsearch::Logs::Lines do ...@@ -90,7 +90,7 @@ describe Gitlab::Elasticsearch::Logs::Lines do
it 'can search on filebeat 6' do it 'can search on filebeat 6' do
expect(client).to receive(:search).with(body: a_hash_equal_to_json(body_with_filebeat_6)).and_return(es_response) expect(client).to receive(:search).with(body: a_hash_equal_to_json(body_with_filebeat_6)).and_return(es_response)
result = subject.pod_logs(namespace, pod_name: pod_name, filebeat7: false) result = subject.pod_logs(namespace, pod_name: pod_name, chart_above_v2: false)
expect(result).to eq(logs: [es_message_4, es_message_3, es_message_2, es_message_1], cursor: cursor) expect(result).to eq(logs: [es_message_4, es_message_3, es_message_2, es_message_1], cursor: cursor)
end end
end end
......
...@@ -75,4 +75,10 @@ describe Gitlab::Kubernetes::Helm::DeleteCommand do ...@@ -75,4 +75,10 @@ describe Gitlab::Kubernetes::Helm::DeleteCommand do
it_behaves_like 'helm command' do it_behaves_like 'helm command' do
let(:command) { delete_command } let(:command) { delete_command }
end end
describe '#delete_command' do
it 'deletes the release' do
expect(subject.delete_command).to eq('helm delete --purge app-name')
end
end
end end
...@@ -19,8 +19,9 @@ describe Clusters::Applications::ElasticStack do ...@@ -19,8 +19,9 @@ describe Clusters::Applications::ElasticStack do
it 'is initialized with elastic stack arguments' do it 'is initialized with elastic stack arguments' do
expect(subject.name).to eq('elastic-stack') expect(subject.name).to eq('elastic-stack')
expect(subject.chart).to eq('stable/elastic-stack') expect(subject.chart).to eq('elastic-stack/elastic-stack')
expect(subject.version).to eq('2.0.0') expect(subject.version).to eq('3.0.0')
expect(subject.repository).to eq('https://charts.gitlab.io')
expect(subject).to be_rbac expect(subject).to be_rbac
expect(subject.files).to eq(elastic_stack.files) expect(subject.files).to eq(elastic_stack.files)
expect(subject.preinstall).to be_empty expect(subject.preinstall).to be_empty
...@@ -42,7 +43,19 @@ describe Clusters::Applications::ElasticStack do ...@@ -42,7 +43,19 @@ describe Clusters::Applications::ElasticStack do
it 'includes a preinstall script' do it 'includes a preinstall script' do
expect(subject.preinstall).not_to be_empty expect(subject.preinstall).not_to be_empty
expect(subject.preinstall.first).to include("filebeat.enable") expect(subject.preinstall.first).to include("delete")
end
end
context 'on versions older than 3' do
before do
elastic_stack.status = elastic_stack.status_states[:updating]
elastic_stack.version = "2.9.0"
end
it 'includes a preinstall script' do
expect(subject.preinstall).not_to be_empty
expect(subject.preinstall.first).to include("delete")
end end
end end
...@@ -50,8 +63,44 @@ describe Clusters::Applications::ElasticStack do ...@@ -50,8 +63,44 @@ describe Clusters::Applications::ElasticStack do
let(:elastic_stack) { create(:clusters_applications_elastic_stack, :errored, version: '0.0.1') } let(:elastic_stack) { create(:clusters_applications_elastic_stack, :errored, version: '0.0.1') }
it 'is initialized with the locked version' do it 'is initialized with the locked version' do
expect(subject.version).to eq('2.0.0') expect(subject.version).to eq('3.0.0')
end
end
end end
describe '#chart_above_v2?' do
let(:elastic_stack) { create(:clusters_applications_elastic_stack, version: version) }
subject { elastic_stack.chart_above_v2? }
context 'on v1.9.0' do
let(:version) { '1.9.0' }
it { is_expected.to be_falsy }
end
context 'on v2.0.0' do
let(:version) { '2.0.0' }
it { is_expected.to be_truthy }
end
end
describe '#chart_above_v3?' do
let(:elastic_stack) { create(:clusters_applications_elastic_stack, version: version) }
subject { elastic_stack.chart_above_v3? }
context 'on v1.9.0' do
let(:version) { '1.9.0' }
it { is_expected.to be_falsy }
end
context 'on v3.0.0' do
let(:version) { '3.0.0' }
it { is_expected.to be_truthy }
end end
end end
...@@ -70,7 +119,7 @@ describe Clusters::Applications::ElasticStack do ...@@ -70,7 +119,7 @@ describe Clusters::Applications::ElasticStack do
it 'specifies a post delete command to remove custom resource definitions' do it 'specifies a post delete command to remove custom resource definitions' do
expect(subject.postdelete).to eq([ expect(subject.postdelete).to eq([
'kubectl delete pvc --selector release\\=elastic-stack' 'kubectl delete pvc --selector app\\=elastic-stack-elasticsearch-master --namespace gitlab-managed-apps'
]) ])
end end
end end
......
...@@ -255,7 +255,7 @@ describe ::PodLogs::ElasticsearchService do ...@@ -255,7 +255,7 @@ describe ::PodLogs::ElasticsearchService do
.and_return(Elasticsearch::Transport::Client.new) .and_return(Elasticsearch::Transport::Client.new)
allow_any_instance_of(::Gitlab::Elasticsearch::Logs::Lines) allow_any_instance_of(::Gitlab::Elasticsearch::Logs::Lines)
.to receive(:pod_logs) .to receive(:pod_logs)
.with(namespace, pod_name: pod_name, container_name: container_name, search: search, start_time: start_time, end_time: end_time, cursor: cursor, filebeat7: true) .with(namespace, pod_name: pod_name, container_name: container_name, search: search, start_time: start_time, end_time: end_time, cursor: cursor, chart_above_v2: true)
.and_return({ logs: expected_logs, cursor: expected_cursor }) .and_return({ logs: expected_logs, cursor: expected_cursor })
result = subject.send(:pod_logs, result_arg) result = subject.send(:pod_logs, result_arg)
......
# Default values for elastic-stack.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
elasticsearch: elasticsearch:
enabled: true enabled: true
cluster: # prefix elasticsearch resources with the name of the releases
env: # looks like we can't use {{ .Release.Name }}-elasticsearch
MINIMUM_MASTER_NODES: "1" # https://github.com/helm/helm/issues/2133
master: clusterName: "elastic-stack-elasticsearch"
replicas: 2
client:
replicas: 1
data:
replicas: 2
kibana:
enabled: false
logstash:
enabled: false
filebeat: filebeat:
enabled: true enabled: true
config: filebeatConfig:
filebeat.yml: |
output.file.enabled: false output.file.enabled: false
output.elasticsearch: output.elasticsearch:
enabled: true hosts: ["http://elastic-stack-elasticsearch-master:9200"]
hosts: ["http://elastic-stack-elasticsearch-client:9200"]
filebeat.inputs: filebeat.inputs:
- type: log - type: container
enabled: true
paths: paths:
- /var/log/*.log - '/var/lib/docker/containers/*/*.log'
- /var/log/messages
- /var/log/syslog
- type: docker
containers.ids:
- "*"
json.keys_under_root: true json.keys_under_root: true
json.ignore_decoding_error: true json.ignore_decoding_error: true
processors: processors:
- add_kubernetes_metadata: - add_id:
- drop_event: target_field: tie_breaker_id
when: - add_cloud_metadata: ~
equals: - add_kubernetes_metadata: ~
kubernetes.container.name: "filebeat"
- decode_json_fields: - decode_json_fields:
fields: ["message"] fields: ["message"]
when: when:
equals: equals:
kubernetes.container.namespace: "gitlab-managed-apps"
kubernetes.container.name: "modsecurity-log" kubernetes.container.name: "modsecurity-log"
kibana:
fluentd:
enabled: false
fluent-bit:
enabled: false
nginx-ldapauth-proxy:
enabled: false enabled: false
elasticsearchHosts: "http://elastic-stack-elasticsearch-master:9200"
elasticsearch-curator: elasticsearch-curator:
enabled: true enabled: true
...@@ -63,7 +44,7 @@ elasticsearch-curator: ...@@ -63,7 +44,7 @@ elasticsearch-curator:
--- ---
client: client:
hosts: hosts:
- elastic-stack-elasticsearch-client - elastic-stack-elasticsearch-master
port: 9200 port: 9200
action_file_yml: |- action_file_yml: |-
--- ---
...@@ -76,6 +57,7 @@ elasticsearch-curator: ...@@ -76,6 +57,7 @@ elasticsearch-curator:
actionable list of indices (ignore_empty_list) and exit cleanly. actionable list of indices (ignore_empty_list) and exit cleanly.
options: options:
ignore_empty_list: True ignore_empty_list: True
allow_ilm_indices: True
filters: filters:
- filtertype: pattern - filtertype: pattern
kind: prefix kind: prefix
...@@ -86,17 +68,3 @@ elasticsearch-curator: ...@@ -86,17 +68,3 @@ elasticsearch-curator:
timestring: '%Y.%m.%d' timestring: '%Y.%m.%d'
unit: days unit: days
unit_count: 30 unit_count: 30
2:
action: delete_indices
description: >-
Indices created by filebeat 6.7.0 are incompatible with filebeat 7,
so they will be deleted.
options:
ignore_empty_list: True
filters:
- filtertype: pattern
kind: prefix
value: filebeat-6.7.0-
elasticsearch-exporter:
enabled: false
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment