diff --git a/inventory/sample/group_vars/k8s-cluster/addons.yml b/inventory/sample/group_vars/k8s-cluster/addons.yml index 7c9057e71..962bcb96a 100644 --- a/inventory/sample/group_vars/k8s-cluster/addons.yml +++ b/inventory/sample/group_vars/k8s-cluster/addons.yml @@ -2,9 +2,6 @@ # RBAC required. see docs/getting-started.md for access details. dashboard_enabled: true -# Monitoring apps for k8s -efk_enabled: false - # Helm deployment helm_enabled: false diff --git a/roles/download/defaults/main.yml b/roles/download/defaults/main.yml index 8d1549af5..969f66b3c 100644 --- a/roles/download/defaults/main.yml +++ b/roles/download/defaults/main.yml @@ -169,15 +169,6 @@ kubednsautoscaler_image_repo: "gcr.io/google_containers/cluster-proportional-aut kubednsautoscaler_image_tag: "{{ kubednsautoscaler_version }}" test_image_repo: busybox test_image_tag: latest -elasticsearch_version: "v5.6.4" -elasticsearch_image_repo: "k8s.gcr.io/elasticsearch" -elasticsearch_image_tag: "{{ elasticsearch_version }}" -fluentd_version: "v2.0.4" -fluentd_image_repo: "k8s.gcr.io/fluentd-elasticsearch" -fluentd_image_tag: "{{ fluentd_version }}" -kibana_version: "5.6.4" -kibana_image_repo: "docker.elastic.co/kibana/kibana" -kibana_image_tag: "{{ kibana_version }}" helm_version: "v2.9.1" helm_image_repo: "lachlanevenson/k8s-helm" helm_image_tag: "{{ helm_version }}" @@ -479,33 +470,6 @@ downloads: tag: "{{ test_image_tag }}" sha256: "{{ testbox_digest_checksum|default(None) }}" - elasticsearch: - enabled: "{{ efk_enabled }}" - container: true - repo: "{{ elasticsearch_image_repo }}" - tag: "{{ elasticsearch_image_tag }}" - sha256: "{{ elasticsearch_digest_checksum|default(None) }}" - groups: - - kube-node - - fluentd: - enabled: "{{ efk_enabled }}" - container: true - repo: "{{ fluentd_image_repo }}" - tag: "{{ fluentd_image_tag }}" - sha256: "{{ fluentd_digest_checksum|default(None) }}" - groups: - - kube-node - - kibana: - enabled: "{{ efk_enabled }}" - container: true - repo: "{{ kibana_image_repo }}" - tag: "{{ kibana_image_tag }}" - sha256: "{{ kibana_digest_checksum|default(None) }}" - groups: - - kube-node - helm: enabled: "{{ helm_enabled }}" container: true diff --git a/roles/kubernetes-apps/efk/elasticsearch/defaults/main.yml b/roles/kubernetes-apps/efk/elasticsearch/defaults/main.yml deleted file mode 100644 index d38ba6a6b..000000000 --- a/roles/kubernetes-apps/efk/elasticsearch/defaults/main.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -elasticsearch_cpu_limit: 1000m -elasticsearch_mem_limit: 0M -elasticsearch_cpu_requests: 100m -elasticsearch_mem_requests: 0M -elasticsearch_service_port: 9200 diff --git a/roles/kubernetes-apps/efk/elasticsearch/meta/main.yml b/roles/kubernetes-apps/efk/elasticsearch/meta/main.yml deleted file mode 100644 index 0fa1b05d8..000000000 --- a/roles/kubernetes-apps/efk/elasticsearch/meta/main.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -# TODO: bradbeam add in curator -# https://github.com/Skillshare/kubernetes-efk/blob/master/configs/elasticsearch.yml#L94 -# - role: download -# file: "{{ downloads.curator }}" diff --git a/roles/kubernetes-apps/efk/elasticsearch/tasks/main.yml b/roles/kubernetes-apps/efk/elasticsearch/tasks/main.yml deleted file mode 100644 index 888cbd189..000000000 --- a/roles/kubernetes-apps/efk/elasticsearch/tasks/main.yml +++ /dev/null @@ -1,38 +0,0 @@ ---- -- name: "ElasticSearch | Write efk manifests (RBAC)" - template: - src: "{{ item }}" - dest: "{{ kube_config_dir }}/{{ item }}" - with_items: - - "efk-sa.yml" - - "efk-clusterrolebinding.yml" - run_once: true - -- name: "ElasticSearch | Create Serviceaccount and Clusterrolebinding (RBAC)" - command: "{{ bin_dir }}/kubectl apply -f {{ kube_config_dir }}/{{ item }} -n kube-system" - with_items: - - "efk-sa.yml" - - "efk-clusterrolebinding.yml" - run_once: true - -- name: "ElasticSearch | Write ES deployment" - template: - src: elasticsearch-deployment.yml.j2 - dest: "{{ kube_config_dir }}/elasticsearch-deployment.yaml" - register: es_deployment_manifest - -- name: "ElasticSearch | Create ES deployment" - command: "{{ bin_dir }}/kubectl apply -f {{ kube_config_dir }}/elasticsearch-deployment.yaml -n kube-system" - run_once: true - when: es_deployment_manifest.changed - -- name: "ElasticSearch | Write ES service " - template: - src: elasticsearch-service.yml.j2 - dest: "{{ kube_config_dir }}/elasticsearch-service.yaml" - register: es_service_manifest - -- name: "ElasticSearch | Create ES service" - command: "{{ bin_dir }}/kubectl apply -f {{ kube_config_dir }}/elasticsearch-service.yaml -n kube-system" - run_once: true - when: es_service_manifest.changed diff --git a/roles/kubernetes-apps/efk/elasticsearch/templates/efk-clusterrolebinding.yml b/roles/kubernetes-apps/efk/elasticsearch/templates/efk-clusterrolebinding.yml deleted file mode 100644 index 4b9ab0067..000000000 --- a/roles/kubernetes-apps/efk/elasticsearch/templates/efk-clusterrolebinding.yml +++ /dev/null @@ -1,17 +0,0 @@ ---- -kind: ClusterRoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: efk - namespace: kube-system - labels: - kubernetes.io/cluster-service: "true" - addonmanager.kubernetes.io/mode: Reconcile -subjects: - - kind: ServiceAccount - name: efk - namespace: kube-system -roleRef: - kind: ClusterRole - name: cluster-admin - apiGroup: rbac.authorization.k8s.io diff --git a/roles/kubernetes-apps/efk/elasticsearch/templates/efk-sa.yml b/roles/kubernetes-apps/efk/elasticsearch/templates/efk-sa.yml deleted file mode 100644 index 01e774e96..000000000 --- a/roles/kubernetes-apps/efk/elasticsearch/templates/efk-sa.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: efk - namespace: kube-system - labels: - kubernetes.io/cluster-service: "true" - addonmanager.kubernetes.io/mode: Reconcile diff --git a/roles/kubernetes-apps/efk/elasticsearch/templates/elasticsearch-deployment.yml.j2 b/roles/kubernetes-apps/efk/elasticsearch/templates/elasticsearch-deployment.yml.j2 deleted file mode 100644 index ad1adc536..000000000 --- a/roles/kubernetes-apps/efk/elasticsearch/templates/elasticsearch-deployment.yml.j2 +++ /dev/null @@ -1,62 +0,0 @@ ---- -# https://raw.githubusercontent.com/kubernetes/kubernetes/v1.10.2/cluster/addons/fluentd-elasticsearch/es-statefulset.yaml -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: elasticsearch-logging - namespace: kube-system - labels: - k8s-app: elasticsearch-logging - version: "{{ elasticsearch_image_tag }}" - kubernetes.io/cluster-service: "true" - addonmanager.kubernetes.io/mode: Reconcile -spec: - serviceName: elasticsearch-logging - replicas: 2 - selector: - matchLabels: - k8s-app: elasticsearch-logging - version: "{{ elasticsearch_image_tag }}" - template: - metadata: - labels: - k8s-app: elasticsearch-logging - version: "{{ elasticsearch_image_tag }}" - kubernetes.io/cluster-service: "true" - spec: - containers: - - image: "{{ elasticsearch_image_repo }}:{{ elasticsearch_image_tag }}" - name: elasticsearch-logging - resources: - # need more cpu upon initialization, therefore burstable class - limits: - cpu: {{ elasticsearch_cpu_limit }} -{% if elasticsearch_mem_limit is defined and elasticsearch_mem_limit != "0M" %} - memory: "{{ elasticsearch_mem_limit }}" -{% endif %} - requests: - cpu: {{ elasticsearch_cpu_requests }} -{% if elasticsearch_mem_requests is defined and elasticsearch_mem_requests != "0M" %} - memory: "{{ elasticsearch_mem_requests }}" -{% endif %} - ports: - - containerPort: 9200 - name: db - protocol: TCP - - containerPort: 9300 - name: transport - protocol: TCP - volumeMounts: - - name: es-persistent-storage - mountPath: /data - volumes: - - name: es-persistent-storage - emptyDir: {} - serviceAccountName: efk - initContainers: - - image: alpine:3.6 - command: ["/sbin/sysctl", "-w", "vm.max_map_count=262144"] - name: elasticsearch-logging-init - securityContext: - privileged: true - diff --git a/roles/kubernetes-apps/efk/elasticsearch/templates/elasticsearch-service.yml.j2 b/roles/kubernetes-apps/efk/elasticsearch/templates/elasticsearch-service.yml.j2 deleted file mode 100644 index 789ecb215..000000000 --- a/roles/kubernetes-apps/efk/elasticsearch/templates/elasticsearch-service.yml.j2 +++ /dev/null @@ -1,18 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - name: elasticsearch-logging - namespace: "kube-system" - labels: - k8s-app: elasticsearch-logging - kubernetes.io/cluster-service: "true" - kubernetes.io/name: "Elasticsearch" -spec: - ports: - - port: {{ elasticsearch_service_port }} - protocol: TCP - targetPort: db - selector: - k8s-app: elasticsearch-logging - diff --git a/roles/kubernetes-apps/efk/fluentd/defaults/main.yml b/roles/kubernetes-apps/efk/fluentd/defaults/main.yml deleted file mode 100644 index 0305a5f7a..000000000 --- a/roles/kubernetes-apps/efk/fluentd/defaults/main.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -fluentd_cpu_limit: 0m -fluentd_mem_limit: 500Mi -fluentd_cpu_requests: 100m -fluentd_mem_requests: 200Mi -fluentd_config_dir: /etc/fluent/config.d -# fluentd_config_file: fluentd.conf diff --git a/roles/kubernetes-apps/efk/fluentd/tasks/main.yml b/roles/kubernetes-apps/efk/fluentd/tasks/main.yml deleted file mode 100644 index f444c79b6..000000000 --- a/roles/kubernetes-apps/efk/fluentd/tasks/main.yml +++ /dev/null @@ -1,22 +0,0 @@ ---- -- name: "Fluentd | copy config file" - template: - src: fluentd-config.yml.j2 - dest: "{{ kube_config_dir }}/fluentd-config.yaml" - register: fluentd_config - -- name: "Fluentd | create configMap" - command: "{{bin_dir}}/kubectl apply -f {{ kube_config_dir }}/fluentd-config.yaml" - run_once: true - when: fluentd_config.changed - -- name: "Fluentd | Write fluentd daemonset" - template: - src: fluentd-ds.yml.j2 - dest: "{{ kube_config_dir }}/fluentd-ds.yaml" - register: fluentd_ds_manifest - -- name: "Fluentd | Create fluentd daemonset" - command: "{{ bin_dir }}/kubectl apply -f {{ kube_config_dir }}/fluentd-ds.yaml -n kube-system" - run_once: true - when: fluentd_ds_manifest.changed diff --git a/roles/kubernetes-apps/efk/fluentd/templates/fluentd-config.yml.j2 b/roles/kubernetes-apps/efk/fluentd/templates/fluentd-config.yml.j2 deleted file mode 100644 index 0b0229f69..000000000 --- a/roles/kubernetes-apps/efk/fluentd/templates/fluentd-config.yml.j2 +++ /dev/null @@ -1,441 +0,0 @@ ---- -# https://raw.githubusercontent.com/kubernetes/kubernetes/release-1.10/cluster/addons/fluentd-elasticsearch/fluentd-es-configmap.yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: fluentd-config - namespace: "kube-system" - labels: - addonmanager.kubernetes.io/mode: Reconcile -data: - system.conf: |- - - root_dir /tmp/fluentd-buffers/ - - - containers.input.conf: |- - # This configuration file for Fluentd / td-agent is used - # to watch changes to Docker log files. The kubelet creates symlinks that - # capture the pod name, namespace, container name & Docker container ID - # to the docker logs for pods in the /var/log/containers directory on the host. - # If running this fluentd configuration in a Docker container, the /var/log - # directory should be mounted in the container. - # - # These logs are then submitted to Elasticsearch which assumes the - # installation of the fluent-plugin-elasticsearch & the - # fluent-plugin-kubernetes_metadata_filter plugins. - # See https://github.com/uken/fluent-plugin-elasticsearch & - # https://github.com/fabric8io/fluent-plugin-kubernetes_metadata_filter for - # more information about the plugins. - # - # Example - # ======= - # A line in the Docker log file might look like this JSON: - # - # {"log":"2014/09/25 21:15:03 Got request with path wombat\n", - # "stream":"stderr", - # "time":"2014-09-25T21:15:03.499185026Z"} - # - # The time_format specification below makes sure we properly - # parse the time format produced by Docker. This will be - # submitted to Elasticsearch and should appear like: - # $ curl 'http://elasticsearch-logging:9200/_search?pretty' - # ... - # { - # "_index" : "logstash-2014.09.25", - # "_type" : "fluentd", - # "_id" : "VBrbor2QTuGpsQyTCdfzqA", - # "_score" : 1.0, - # "_source":{"log":"2014/09/25 22:45:50 Got request with path wombat\n", - # "stream":"stderr","tag":"docker.container.all", - # "@timestamp":"2014-09-25T22:45:50+00:00"} - # }, - # ... - # - # The Kubernetes fluentd plugin is used to write the Kubernetes metadata to the log - # record & add labels to the log record if properly configured. This enables users - # to filter & search logs on any metadata. - # For example a Docker container's logs might be in the directory: - # - # /var/lib/docker/containers/997599971ee6366d4a5920d25b79286ad45ff37a74494f262e3bc98d909d0a7b - # - # and in the file: - # - # 997599971ee6366d4a5920d25b79286ad45ff37a74494f262e3bc98d909d0a7b-json.log - # - # where 997599971ee6... is the Docker ID of the running container. - # The Kubernetes kubelet makes a symbolic link to this file on the host machine - # in the /var/log/containers directory which includes the pod name and the Kubernetes - # container name: - # - # synthetic-logger-0.25lps-pod_default_synth-lgr-997599971ee6366d4a5920d25b79286ad45ff37a74494f262e3bc98d909d0a7b.log - # -> - # /var/lib/docker/containers/997599971ee6366d4a5920d25b79286ad45ff37a74494f262e3bc98d909d0a7b/997599971ee6366d4a5920d25b79286ad45ff37a74494f262e3bc98d909d0a7b-json.log - # - # The /var/log directory on the host is mapped to the /var/log directory in the container - # running this instance of Fluentd and we end up collecting the file: - # - # /var/log/containers/synthetic-logger-0.25lps-pod_default_synth-lgr-997599971ee6366d4a5920d25b79286ad45ff37a74494f262e3bc98d909d0a7b.log - # - # This results in the tag: - # - # var.log.containers.synthetic-logger-0.25lps-pod_default_synth-lgr-997599971ee6366d4a5920d25b79286ad45ff37a74494f262e3bc98d909d0a7b.log - # - # The Kubernetes fluentd plugin is used to extract the namespace, pod name & container name - # which are added to the log message as a kubernetes field object & the Docker container ID - # is also added under the docker field object. - # The final tag is: - # - # kubernetes.var.log.containers.synthetic-logger-0.25lps-pod_default_synth-lgr-997599971ee6366d4a5920d25b79286ad45ff37a74494f262e3bc98d909d0a7b.log - # - # And the final log record look like: - # - # { - # "log":"2014/09/25 21:15:03 Got request with path wombat\n", - # "stream":"stderr", - # "time":"2014-09-25T21:15:03.499185026Z", - # "kubernetes": { - # "namespace": "default", - # "pod_name": "synthetic-logger-0.25lps-pod", - # "container_name": "synth-lgr" - # }, - # "docker": { - # "container_id": "997599971ee6366d4a5920d25b79286ad45ff37a74494f262e3bc98d909d0a7b" - # } - # } - # - # This makes it easier for users to search for logs by pod name or by - # the name of the Kubernetes container regardless of how many times the - # Kubernetes pod has been restarted (resulting in a several Docker container IDs). - - # Json Log Example: - # {"log":"[info:2016-02-16T16:04:05.930-08:00] Some log text here\n","stream":"stdout","time":"2016-02-17T00:04:05.931087621Z"} - # CRI Log Example: - # 2016-02-17T00:04:05.931087621Z stdout F [info:2016-02-16T16:04:05.930-08:00] Some log text here - - @id fluentd-containers.log - @type tail - path /var/log/containers/*.log - pos_file /var/log/es-containers.log.pos - time_format %Y-%m-%dT%H:%M:%S.%NZ - tag raw.kubernetes.* - read_from_head true - - @type multi_format - - format json - time_key time - time_format %Y-%m-%dT%H:%M:%S.%NZ - - - format /^(? - - - - # Detect exceptions in the log output and forward them as one log entry. - - @id raw.kubernetes - @type detect_exceptions - remove_tag_prefix raw - message log - stream stream - multiline_flush_interval 5 - max_bytes 500000 - max_lines 1000 - - - system.input.conf: |- - # Example: - # 2015-12-21 23:17:22,066 [salt.state ][INFO ] Completed state [net.ipv4.ip_forward] at time 23:17:22.066081 - - @id minion - @type tail - format /^(?