clean-up kubectl since graylog detects the masternode now, supply data_dir for graylog 6

metron2 · metron2 · commit 0c4fb5bdd177 · 2024-05-30T14:04:31.000-04:00
Signed-off-by: metron2 &lt;derek.griffiths@cyber.gc.ca&gt;
diff --git a/charts/graylog/Chart.yaml b/charts/graylog/Chart.yaml
@@ -1,7 +1,7 @@
 apiVersion: v2
 name: graylog
 home: https://www.graylog.org
-version: 2.3.7
+version: 2.3.8
 appVersion: 5.2.6
 description: Graylog is the centralized log management solution built to open
   standards for capturing, storing, and enabling real-time analysis of terabytes
diff --git a/charts/graylog/templates/configmap.yaml b/charts/graylog/templates/configmap.yaml
@@ -149,6 +149,7 @@ data:
   {{- end }}
   {{- if .Values.graylog.trustedProxies }}
     trusted_proxies = {{.Values.graylog.trustedProxies}}
+    data_dir = /usr/share/graylog/data
   {{- end }}
   {{- if .Values.graylog.config }}
 {{ .Values.graylog.config | indent 4 }}
@@ -162,36 +163,6 @@ data:
     find ${GRAYLOG_HOME}/plugins-default/ -type f -exec cp {} ${GRAYLOG_PLUGIN_DIR} \;
     # Looking for Master IP
     retry=1
-    for i in {0..2}
-    do
-      MASTER_IP=`/k8s/kubectl --namespace {{ .Release.Namespace }} get pod -o jsonpath='{range .items[*]}{.metadata.name} {.status.podIP}{"\n"}{end}' -l graylog-role=master --field-selector=status.phase=Running|awk '{print $2}'`
-      SELF_IP=`/k8s/kubectl --namespace {{ .Release.Namespace }} get pod $HOSTNAME -o jsonpath='{.status.podIP}'`
-      echo "Current master is $MASTER_IP"
-      echo "Self IP is $SELF_IP"
-      retry=$((retry+1))
-      [[ ! -z "$MASTER_IP" ]] && break
-      echo "[Try ${retry}/3] Waiting for master node..."
-      sleep 2
-    done
-    if [[ -z "$MASTER_IP" ]]; then
-      echo "Launching $HOSTNAME as master"
-      export GRAYLOG_IS_MASTER="true"
-      export GRAYLOG_IS_LEADER="true"
-      /k8s/kubectl --namespace {{ .Release.Namespace }} label --overwrite pod $HOSTNAME graylog-role="master"
-    else
-      # When container was recreated or restart, MASTER_IP == SELF_IP, running as master and no need to change label graylog-role="master"
-      if [ "$SELF_IP" == "$MASTER_IP" ];then
-        echo "Launching $HOSTNAME as master"
-        export GRAYLOG_IS_MASTER="true"
-        export GRAYLOG_IS_LEADER="true"
-      else
-        # MASTER_IP != SELF_IP, running as coordinating
-        echo "Launching $HOSTNAME as coordinating"
-        export GRAYLOG_IS_MASTER="false"
-        export GRAYLOG_IS_LEADER="false"
-        /k8s/kubectl --namespace {{ .Release.Namespace }} label --overwrite pod $HOSTNAME graylog-role="coordinating"
-      fi
-    fi
     # Download plugins
   {{- if .Values.graylog.plugins.proxy.enabled }}
     export https_proxy={{ .Values.graylog.plugins.proxy.host }}
diff --git a/charts/graylog/templates/statefulset.yaml b/charts/graylog/templates/statefulset.yaml
@@ -7,6 +7,7 @@ metadata:
 {{- with .Values.graylog.customLabels }}
 {{ . | toYaml | indent 4 }}
 {{- end }}
+{{ $graylogVersion := .Values.graylog.image.tag | default .Chart.AppVersion }}
 spec:
   serviceName: {{ template "graylog.service.headless.name" . }}
   replicas: {{ .Values.graylog.replicas }}
@@ -74,14 +75,6 @@ spec:
               rm -rf /usr/share/graylog/data/journal/messagejournal-0
               rm -rf /usr/share/graylog/data/journal/recovery-point-offset-checkpoint
             {{- end }}
-              {{- if .Values.graylog.init.kubectlLocation }}
-              wget {{ .Values.graylog.init.kubectlLocation }} -O /k8s/kubectl
-              {{- else }}
-              {{.Capabilities.KubeVersion}}
-              wget https://dl.k8s.io/release/{{ .Values.graylog.init.kubectlVersion | default (regexReplaceAll "-.+" .Capabilities.KubeVersion.Version "") }}/bin/linux/amd64/kubectl -O /k8s/kubectl
-              {{- end }}
-              chmod +x /k8s/kubectl
-
               GRAYLOG_HOME=/usr/share/graylog
               chown -R 1100:1100 ${GRAYLOG_HOME}/data/
           securityContext:
@@ -94,8 +87,6 @@ spec:
           volumeMounts:
             - name: journal
               mountPath: /usr/share/graylog/data/journal
-            - name: kubectl
-              mountPath: /k8s
 {{- if .Values.graylog.init.resources }}
           resources:
 {{ toYaml .Values.graylog.init.resources | indent 12 }}
@@ -110,6 +101,12 @@ spec:
           command:
             - /entrypoint.sh
           env:
+            # Kubernetes Auto Master Selection
+            # https://go2docs.graylog.org/5-0/downloading_and_installing_graylog/docker_installation.htm#KubernetesAutomaticMasterSelection
+            - name: POD_NAME
+              valueFrom:
+                fieldRef:
+                  fieldPath: metadata.name
             - name: GRAYLOG_SERVER_JAVA_OPTS
               {{- $javaOpts := .Values.graylog.javaOpts }}
               {{- if .Values.graylog.heapSize }}
@@ -231,26 +228,21 @@ spec:
             - name: files
               mountPath: /etc/graylog/server
           {{- end }}
-            - name: kubectl
-              mountPath: /k8s
+
           {{- if .Values.graylog.extraVolumeMounts }}
           {{ toYaml .Values.graylog.extraVolumeMounts | nindent 12 }}
           {{- end }}
-          {{ $graylogVersion := .Values.graylog.image.tag | default .Chart.AppVersion }}
-          {{- if semverCompare "< 4.2.0-0" ( $graylogVersion ) }}
           lifecycle:
             preStop:
               exec:
                 command:
                   - bash
                   - -ec
                   - |
-                    ROOT_PASSWORD=`/k8s/kubectl get secret {{ template "graylog.fullname" . }} -o "jsonpath={.data['graylog-password-secret']}" | base64 -d`
                     curl {{ if .Values.graylog.tls.enabled }}-k{{ end }} -XPOST -sS \
-                      -u "{{ .Values.graylog.rootUsername }}:${ROOT_PASSWORD}" \
+                      -u "{{ .Values.graylog.rootUsername }}:${GRAYLOG_PASSWORD_SECRET}" \
                       -H "X-Requested-By: {{ template "graylog.fullname" . }}" \
                       {{ template "graylog.formatUrl" (list . "localhost:9000/api/system/shutdown/shutdown") }}
-          {{- end }}
       {{- if .Values.graylog.sidecarContainers }}
         {{ toYaml .Values.graylog.sidecarContainers | nindent 8 }}
       {{- end }}
@@ -278,8 +270,6 @@ spec:
           configMap:
             name: {{ template "graylog.fullname" . }}-files
         {{- end }}
-        - name: kubectl
-          emptyDir: {}
         {{- if .Values.graylog.extraVolumes }}
         {{ toYaml .Values.graylog.extraVolumes | nindent 8 }}
         {{- end }}
