From 00d53c59b502b29ef963287800a632c7dbf6b456 Mon Sep 17 00:00:00 2001 From: Paritosh Paliwal Date: Tue, 13 Feb 2024 16:07:55 +0530 Subject: [PATCH] Helm discovery changes - Review (#58) * Helm chart changes to support Kubernetes Discovery module (Job/CronJob) --- charts/common/templates/role.yaml | 19 +++ charts/common/templates/rolebinding.yaml | 19 +++ charts/logan/Chart.yaml | 2 +- charts/logan/templates/discovery-cronjob.yaml | 141 ++++++++++++++++++ .../logan/templates/fluentd-deployment.yaml | 108 -------------- charts/logan/templates/objects-configmap.yaml | 110 -------------- charts/logan/values.yaml | 55 ++++++- charts/oci-onm/Chart.yaml | 2 +- charts/oci-onm/values.yaml | 6 +- util/build_stack.sh | 122 +++++++-------- 10 files changed, 292 insertions(+), 292 deletions(-) create mode 100644 charts/common/templates/role.yaml create mode 100644 charts/common/templates/rolebinding.yaml create mode 100644 charts/logan/templates/discovery-cronjob.yaml delete mode 100644 charts/logan/templates/fluentd-deployment.yaml delete mode 100644 charts/logan/templates/objects-configmap.yaml diff --git a/charts/common/templates/role.yaml b/charts/common/templates/role.yaml new file mode 100644 index 00000000..7d216829 --- /dev/null +++ b/charts/common/templates/role.yaml @@ -0,0 +1,19 @@ +# Copyright (c) 2023, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl. + +{{- if eq (include "common.createServiceAccount" .) "true" }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ include "common.resourceNamePrefix" . }} + namespace: {{ include "common.namespace" . }} +rules: + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["create"] + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get", "patch"] + resourceNames: ["{{ include "common.resourceNamePrefix" . }}-discovery-state-tracker"] +{{- end }} \ No newline at end of file diff --git a/charts/common/templates/rolebinding.yaml b/charts/common/templates/rolebinding.yaml new file mode 100644 index 00000000..7ddf53c6 --- /dev/null +++ b/charts/common/templates/rolebinding.yaml @@ -0,0 +1,19 @@ +# Copyright (c) 2023, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl. + +{{- if eq (include "common.createServiceAccount" .) "true" }} +--- +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ include "common.resourceNamePrefix" . }} + namespace: {{ include "common.namespace" . }} +roleRef: + kind: Role + name: {{ include "common.resourceNamePrefix" . }} + apiGroup: rbac.authorization.k8s.io +subjects: +- kind: ServiceAccount + name: {{ include "common.resourceNamePrefix" . }} + namespace: {{ include "common.namespace" . }} +{{- end }} diff --git a/charts/logan/Chart.yaml b/charts/logan/Chart.yaml index 72be057e..00ddb4b6 100644 --- a/charts/logan/Chart.yaml +++ b/charts/logan/Chart.yaml @@ -5,7 +5,7 @@ apiVersion: v2 name: oci-onm-logan description: Charts for sending Kubernetes platform logs, compute logs, and Kubernetes Objects information to OCI Logging Analytics. type: application -version: 3.2.2 +version: 3.3.0 appVersion: "3.0.0" dependencies: diff --git a/charts/logan/templates/discovery-cronjob.yaml b/charts/logan/templates/discovery-cronjob.yaml new file mode 100644 index 00000000..02585f4f --- /dev/null +++ b/charts/logan/templates/discovery-cronjob.yaml @@ -0,0 +1,141 @@ +{{- $authtype := .Values.authtype | lower }} +{{- $resourceNamePrefix := .Values.global.resourceNamePrefix }} +{{- $kubernetesClusterName := (include "logan.kubernetesClusterName" .) }} +{{- $kubernetesClusterId := (include "logan.kubernetesClusterId" .) }} +{{- $kubernetesNamespace := (include "logan.namespace" .) }} +{{- $serviceAccount := (include "logan.serviceAccount" .) }} +apiVersion: batch/v1 +kind: CronJob +metadata: + name: {{ .Values.global.resourceNamePrefix }}-discovery + namespace: {{ $kubernetesNamespace }} +spec: + schedule: {{ .Values.k8sDiscovery.objects.cronSchedule | quote }} + startingDeadlineSeconds: 120 + concurrencyPolicy: Replace + successfulJobsHistoryLimit: {{ .Values.k8sDiscovery.objects.successfulJobsHistoryLimit }} + failedJobsHistoryLimit: {{ .Values.k8sDiscovery.objects.failedJobsHistoryLimit }} + jobTemplate: + spec: + backoffLimit: 2 + template: + spec: + restartPolicy: {{ .Values.k8sDiscovery.objects.restartPolicy }} + serviceAccountName: {{ $serviceAccount }} + containers: + - name: k8-discovery-job + image: {{ .Values.image.url }} + {{- if eq $authtype "config" }} + volumeMounts: + - name: ociconfigdir + mountPath: {{ .Values.oci.path }} + readOnly: true + {{- end }} + command: + {{- /* object discovery script */}} + - oci-logan-kubernetes-discovery + {{- /* mandatory inputs */}} + - --kubernetes_cluster_id + - {{ $kubernetesClusterId }} + - --kubernetes_cluster_name + - {{ $kubernetesClusterName }} + - --kubernetes_cluster_namespace + - {{ $kubernetesNamespace }} + - --oci_la_namespace + {{- if .Values.ociLANamespace }} + - {{ .Values.ociLANamespace }} + {{- else }} + {{- required "ociLANamespace is required" .Values.ociLANamespace }} + {{- end }} + - --oci_la_log_group_id + {{- if .Values.k8sDiscovery.objects.ociLALogGroupID }} + - {{ .Values.k8sDiscovery.objects.ociLALogGroupID }} + {{- else if .Values.ociLALogGroupID }} + - {{ .Values.ociLALogGroupID }} + {{- else }} + {{- required "ociLALogGroupID is required" .Values.ociLALogGroupID }} + {{- end }} + {{- /* mandatory inputs when authtype is set as config */}} + {{- if eq .Values.authtype "config" }} + {{- if and .Values.oci.path .Values.oci.file }} + - --config_file_location + - {{ .Values.oci.path -}}/{{ .Values.oci.file }} + {{- else }} + {{- required "{{ .Values.oci.path -}}/{{ .Values.oci.file }} is required" .Values.oci.path }} + {{- end }} + {{- end }} + {{- /* optional discovery job configuration */}} + {{- if and .Values.ociLAClusterEntityID $resourceNamePrefix }} + - --oci_la_cluster_entity_id + - {{ .Values.ociLAClusterEntityID }} + - --kubernetes_resourcename_prefix + - {{ $resourceNamePrefix }} + {{- end }} + {{- if .Values.k8sDiscovery.objects.discoveryMode }} + - --discovery + - {{ .Values.k8sDiscovery.objects.discoveryMode }} + {{- end }} + {{- if .Values.k8sDiscovery.objects.log_format }} + - --log_format + - {{ .Values.k8sDiscovery.objects.log_format }} + {{- end }} + {{- if .Values.k8sDiscovery.objects.log_level }} + - --log_level + - {{ .Values.k8sDiscovery.objects.log_level }} + {{- end }} + {{- if and .Values.k8sDiscovery.objects.enable_threading .Values.k8sDiscovery.objects.thread_count }} + - --enable_threading + - --thread_count + - {{ .Values.k8sDiscovery.objects.thread_count | quote }} + {{- end }} + {{- if .Values.k8sDiscovery.objects.chunk_limit }} + - --chunk_limit + - {{ .Values.k8sDiscovery.objects.chunk_limit | quote }} + {{- end }} + {{- if .Values.k8sDiscovery.objects.collect_warning_events_only }} + - --collect_warning_events_only + {{- end }} + {{- /* optional kubernetes cluster configuration */}} + {{- if .Values.k8sDiscovery.kubeClientOptions.kubernetes_url }} + - --kubernetes_url + - {{ .Values.k8sDiscovery.kubeClientOptions.kubernetes_url }} + {{- end }} + {{- if .Values.k8sDiscovery.kubeClientOptions.client_cert }} + - --client_cert + - {{ .Values.k8sDiscovery.kubeClientOptions.client_cert }} + {{- end }} + {{- if .Values.k8sDiscovery.kubeClientOptions.client_key }} + - --client_key + - {{ .Values.k8sDiscovery.kubeClientOptions.client_key }} + {{- end }} + {{- if .Values.k8sDiscovery.kubeClientOptions.ca_file }} + - --ca_file + - {{ .Values.k8sDiscovery.kubeClientOptions.ca_file }} + {{- end }} + {{- if eq .Values.k8sDiscovery.kubeClientOptions.verify_ssl true }} + - --verify_ssl + {{- end }} + {{- if .Values.k8sDiscovery.kubeClientOptions.bearer_token_file }} + - --bearer_token_file + - {{ .Values.k8sDiscovery.kubeClientOptions.bearer_token_file }} + {{- end }} + {{- if .Values.k8sDiscovery.kubeClientOptions.secret_dir }} + - --secret_dir + - {{ .Values.k8sDiscovery.kubeClientOptions.secret_dir }} + {{- end }} + {{- /* developer options - optional */}} + {{- if .Values.k8sDiscovery.oci_la_endpoint }} + - --endpoint + - {{ .Values.k8sDiscovery.oci_la_endpoint }} + {{- else if .Values.ociLAEndpoint }} + - --endpoint + - {{ .Values.ociLAEndpoint }} + {{- end }} + {{- if eq $authtype "config" }} + volumes: + - name: ociconfigdir + projected: + sources: + - secret: + name: {{ $resourceNamePrefix }}-oci-config + {{- end }} \ No newline at end of file diff --git a/charts/logan/templates/fluentd-deployment.yaml b/charts/logan/templates/fluentd-deployment.yaml deleted file mode 100644 index 4386940b..00000000 --- a/charts/logan/templates/fluentd-deployment.yaml +++ /dev/null @@ -1,108 +0,0 @@ -# Copyright (c) 2023, Oracle and/or its affiliates. -# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl. - ---- -{{- $authtype := .Values.authtype | lower }} -{{- $imagePullSecrets := .Values.image.imagePullSecrets }} -{{- $resourceNamePrefix := (include "logan.resourceNamePrefix" .) }} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ $resourceNamePrefix }}-logan - namespace: {{ include "logan.namespace" . }} - labels: - app: {{ $resourceNamePrefix }}-logan - version: v1 -spec: - selector: - matchLabels: - app: {{ $resourceNamePrefix }}-logan - version: v1 - template: - metadata: - annotations: - {{- if eq $authtype "config" }} - checksum/secrets: {{ include (print $.Template.BasePath "/oci-config-secret.yaml") . | sha256sum }} - {{- end}} - checksum/configmap: {{ include (print $.Template.BasePath "/objects-configmap.yaml") . | sha256sum }} - labels: - app: {{ $resourceNamePrefix }}-logan - version: v1 - spec: - serviceAccountName: {{ include "logan.serviceAccount" . }} - {{- if $imagePullSecrets }} - imagePullSecrets: - - name: {{ .Values.image.imagePullSecrets }} - {{- end}} - containers: - - name: {{ $resourceNamePrefix }}-fluentd - image: {{ .Values.image.url }} - imagePullPolicy: {{ default "IfNotPresent" .Values.image.imagePullPolicy }} - {{- if .Values.privileged }} - securityContext: - privileged: {{ .Values.privileged }} - {{- end}} - env: - - name: FLUENTD_CONF - value: {{ .Values.fluentd.path }}/{{ .Values.fluentd.file }} - - name: K8S_NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - - name: FLUENT_OCI_DEFAULT_LOGGROUP_ID - value: {{ .Values.ociLALogGroupID }} - - name: FLUENT_OCI_NAMESPACE - value: {{ .Values.ociLANamespace }} - - name: FLUENT_OCI_KUBERNETES_CLUSTER_ID - value: {{ include "logan.kubernetesClusterId" . }} - - name: FLUENT_OCI_KUBERNETES_CLUSTER_NAME - value: {{ include "logan.kubernetesClusterName" . }} - {{- if eq $authtype "config" }} - - name: FLUENT_OCI_CONFIG_LOCATION - value: {{ .Values.oci.path }}/{{ .Values.oci.file }} - {{- end }} - {{- if .Values.extraEnv }} - {{- toYaml .Values.extraEnv | nindent 10 }} - {{- end }} - {{- if .Values.resources }} - resources: {{- toYaml .Values.resources | nindent 10 }} - {{- end }} - volumeMounts: - # RW mount to store tail plugin output plugin buffer and logs - - name: basedir - mountPath: {{ .Values.fluentd.baseDir }} - {{- if eq $authtype "config" }} - # Mount directory where oci config exists - - name: ociconfigdir - mountPath: {{ .Values.oci.path }} - readOnly: true - {{- end }} - # Mount directory where fluentd config exists - - name: fluentdconfigdir - mountPath: {{ .Values.fluentd.path }} - readOnly: true - {{- if .Values.extraVolumeMounts }} - {{- toYaml .Values.extraVolumeMounts | nindent 8 }} - {{- end }} - terminationGracePeriodSeconds: 30 - volumes: - {{- if .Values.extraVolumes }} - {{- toYaml .Values.extraVolumes | nindent 6 }} - {{- end }} - # RW mount to store tail plugin output plugin buffer and logs - - name: basedir - hostPath: - path: {{ .Values.fluentd.baseDir }} - {{- if eq $authtype "config" }} - # Mount directory where oci config exists - - name: ociconfigdir - projected: - sources: - - secret: - name: {{ $resourceNamePrefix }}-oci-config - {{- end }} - # Mount directory where fluentd config exists - - name: fluentdconfigdir - configMap: - # Provide the name of the ConfigMap to mount. - name: {{ $resourceNamePrefix }}-objects diff --git a/charts/logan/templates/objects-configmap.yaml b/charts/logan/templates/objects-configmap.yaml deleted file mode 100644 index c4836a0d..00000000 --- a/charts/logan/templates/objects-configmap.yaml +++ /dev/null @@ -1,110 +0,0 @@ -# Copyright (c) 2023, Oracle and/or its affiliates. -# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl. - -{{- $kubernetesClusterName := (include "logan.kubernetesClusterName" .) }} -{{- $kubernetesClusterId := (include "logan.kubernetesClusterId" .) }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "logan.resourceNamePrefix" . }}-objects - namespace: {{ include "logan.namespace" . }} -data: - # fluentd config file data. - fluent.conf: | - @include kubernetes.conf - {{- $authtype := .Values.authtype | lower }} - # Match block to set info required for oci-logging-analytics fluentd output plugin - - @type oci-logging-analytics - enable_ruby true - namespace "{{ .Values.ociLANamespace }}" - endpoint "{{ .Values.fluentd.ociLoggingAnalyticsOutputPlugin.endpoint }}" - {{- if eq $authtype "config" }} - config_file_location {{ .Values.oci.path }}/{{ .Values.oci.file }} - profile_name "{{ .Values.fluentd.ociLoggingAnalyticsOutputPlugin.profile_name }}" - {{- end }} - plugin_log_location "{{ .Values.fluentd.baseDir }}" - plugin_log_level "{{ .Values.fluentd.ociLoggingAnalyticsOutputPlugin.plugin_log_level }}" - plugin_log_file_size "{{ .Values.fluentd.ociLoggingAnalyticsOutputPlugin.plugin_log_file_size }}" - plugin_log_file_count "{{ .Values.fluentd.ociLoggingAnalyticsOutputPlugin.plugin_log_file_count }}" - - @type file - path {{ .Values.fluentd.baseDir }}/oci_la_fluentd_outplugin/objects/buffer/ - flush_thread_count "{{ .Values.fluentd.ociLoggingAnalyticsOutputPlugin.buffer.flush_thread_count }}" - chunk_limit_size "2m" - total_limit_size "{{ .Values.fluentd.ociLoggingAnalyticsOutputPlugin.buffer.total_limit_size }}" - flush_interval "{{ .Values.fluentd.ociLoggingAnalyticsOutputPlugin.buffer.flush_interval }}" - flush_thread_interval "{{ .Values.fluentd.ociLoggingAnalyticsOutputPlugin.buffer.flush_thread_interval }}" - flush_thread_burst_interval "{{ .Values.fluentd.ociLoggingAnalyticsOutputPlugin.buffer.flush_thread_burst_interval }}" - retry_wait "{{ .Values.fluentd.ociLoggingAnalyticsOutputPlugin.buffer.retry_wait }}" - retry_max_times "{{ .Values.fluentd.ociLoggingAnalyticsOutputPlugin.buffer.retry_max_times }}" - retry_exponential_backoff_base "{{ .Values.fluentd.ociLoggingAnalyticsOutputPlugin.buffer.retry_exponential_backoff_base }}" - retry_forever "{{ .Values.fluentd.ociLoggingAnalyticsOutputPlugin.buffer.retry_forever }}" - disable_chunk_backup "{{ .Values.fluentd.ociLoggingAnalyticsOutputPlugin.buffer.disable_chunk_backup }}" - - - # kubernetes config file data which is included in main fluentd config file. - kubernetes.conf: | - {{- $freq := .Values.objectsPollingFrequency }} - # To ignore all the fluentd core generated events - - {{- if .Values.fluentd.kubernetesObjects }} - {{- range $name, $logDefinition := .Values.fluentd.kubernetesObjects.objectsList }} - - @type kubernetes_objects - tag k8s.* - {{- if ($logDefinition).api_version }} - api_version {{ $logDefinition.api_version }} - {{- end }} - {{- if ($logDefinition).api_endpoint }} - api_endpoint {{ $logDefinition.api_endpoint }} - {{- end }} - {{- if eq "events" $name }} - - resource_name {{ $name }} - - {{ else }} - - resource_name {{ $name }} - interval {{ $.Values.objectsPollingFrequency }} - - {{- end }} - - {{- if eq "cron_jobs" $name }} - # To support cronJob Object collection for Kubernetes versions <= 1.19 where cronJob is available under v1beta1 api version - - @type kubernetes_objects - tag k8s.* - api_version v1beta1 - api_endpoint apis/batch - - - resource_name cron_jobs - interval {{ $.Values.objectsPollingFrequency }} - - - {{- end }} - {{- end }} - - @type record_transformer - enable_ruby true - - {{- if .Values.fluentd.kubernetesObjects.metadata }} - oci_la_metadata ${{"{{"}}"Kubernetes Cluster Name":"{{ $kubernetesClusterName }}", "Kubernetes Cluster ID": "{{ $kubernetesClusterId }}" {{- range $k, $v := .Values.fluentd.kubernetesObjects.metadata }},{{ $k | quote }}: {{ $v | quote -}} {{- end }}{{"}}"}} - {{- else }} - oci_la_metadata ${{"{{"}}"Kubernetes Cluster Name":"{{ $kubernetesClusterName }}", "Kubernetes Cluster ID": "{{ $kubernetesClusterId }}" {{- range $k, $v := .Values.metadata }},{{ $k | quote }}: {{ $v | quote -}} {{- end }}{{"}}"}} - {{- end }} - oci_la_log_group_id "{{ .Values.fluentd.kubernetesObjects.ociLALogGroupID | default .Values.ociLALogGroupID }}" - oci_la_log_set "{{ .Values.fluentd.kubernetesObjects.ociLALogSet | default .Values.ociLALogSet }}" - oci_la_log_path ${tag} - oci_la_log_source_name "Kubernetes Object Logs" - message ${record} - tag ${tag} - - - {{- end }} diff --git a/charts/logan/values.yaml b/charts/logan/values.yaml index 00d37dba..893ca412 100644 --- a/charts/logan/values.yaml +++ b/charts/logan/values.yaml @@ -38,22 +38,23 @@ authtype: InstancePrincipal # -- Kubernetes Namespace for deploying monitoring resources deployed by this chart. namespace: "{{ .Values.global.namespace }}" - # -- Resoure Name Prefix: Wherever allowed, this prefix will be used with all resources used by this chart resourceNamePrefix: "{{ .Values.global.resourceNamePrefix }}" # -- Kubernetes ServiceAccount serviceAccount: "{{ .Values.global.resourceNamePrefix }}" + image: # Image pull secrets for. Secret must be in the namespace defined by namespace imagePullSecrets: # -- Replace this value with actual docker image url - url: container-registry.oracle.com/oci_observability_management/oci-la-fluentd-collector:1.2.0 + url: iad.ocir.io/id3m3bqjn6oc/k8-objects-discovery:master-5e03e34 #TODO # -- Image pull policy imagePullPolicy: Always # -- Logging Analytics namespace. Can be found in OCI console --> Logging Analytics --> Administration --> Service ociLANamespace: + # -- OCID of Logging Analytics Log Group to send logs to. # Can be overridden for individual log types. # e.g. ocid1.loganalyticsloggroup.oc1.phx.amaaaaasdfaskriauucc55rlwlxe4ahe2vfmtuoqa6qsgu7mb6jugxacsk6a @@ -524,3 +525,53 @@ fluentd: api_endpoint: apis/batch endpoint_slices: api_endpoint: apis/discovery.k8s.io + +# k8sDiscovery: defines properties that affect kubernetes objects discovery +k8sDiscovery: + # objects: defines inputs for K8s objects discovery + objects: + # cronSchedule: cronjob schedule to run object discovery job + cronSchedule: "*/5 * * * *" + # restartPolicy: "Never" or "OnFailure" + # Failed containers will be removed by job in case restartPolicy is not set as Never + # Ref - https://github.com/kubernetes/kubernetes/issues/74848 + restartPolicy: "Never" + # successfulJobsHistoryLimit: specify how many completed jobs should be kept + successfulJobsHistoryLimit: 3 + # failedJobsHistoryLimit: specify how many failed jobs should be kept + failedJobsHistoryLimit : 3 + # ociLALogGroupID: OCI LA Loggroup to store the k8s discovery logs + ociLALogGroupID: + # discoveryMode: discovery mode to be used - ["infra", "object"] + discoveryMode: "object" + # Log format to be used - ["text", "json"] + log_format: "text" + # log_level: defines log level for discovery job [trace|debug|info|warn|error|fatal] + log_level: "info" + # enable_threading: Defaults to sequential execution when not set (Boolean) + # When true, must also set thread_count + enable_threading: false + # thread_count: Number of parallel threads to be used while making requests to API server + # Expects enable_threading to be set as true + thread_count: + # chunk_limit: Max number of objects that can be fetched via K8s GET API call. Default: 1000 + chunk_limit: + # collect_warning_events_only: flag to only collect warning event logs + # Default: All logs are collected and sent to OCI logging analytics for processing + collect_warning_events_only: false + # kubernetes: kubernetes cluster related inputs for kubernetes disocvery job + kubeClientOptions: + # kubernetes_url: Kubernetes API server URL. + kubernetes_url: + # client_cert: Path to certificate file for Kubernetes HTTPs/SSL server certificate validation + client_cert: + # client_key: Path to key for Kubernetes HTTPs/SSL server certificate validation + client_key: + # ca_file: Path to CA file for Kubernetes HTTPs/SSL server certificate validation + ca_file: + # verify_ssl: Validate SSL certificates while creating kube clients - [true, false] + verify_ssl: false + # bearer_token_file: Path to bearer token file if basic authentication is used + bearer_token_file: + # secret_dir: Path to Kubernetes service account token file to access Kubernetes API + secret_dir: \ No newline at end of file diff --git a/charts/oci-onm/Chart.yaml b/charts/oci-onm/Chart.yaml index f0d4c997..9f8e3c2b 100644 --- a/charts/oci-onm/Chart.yaml +++ b/charts/oci-onm/Chart.yaml @@ -32,7 +32,7 @@ dependencies: repository: "file://../common" condition: oci-onm-common.enabled - name: oci-onm-logan - version: "3.2.2" + version: "3.3.0" repository: "file://../logan" condition: oci-onm-logan.enabled - name: oci-onm-mgmt-agent diff --git a/charts/oci-onm/values.yaml b/charts/oci-onm/values.yaml index d96b0189..c374bca9 100644 --- a/charts/oci-onm/values.yaml +++ b/charts/oci-onm/values.yaml @@ -31,11 +31,13 @@ oci-onm-logan: kubernetesClusterID: "{{ .Values.global.kubernetesClusterID }}" kubernetesClusterName: "{{ .Values.global.kubernetesClusterName }}" image: - url: container-registry.oracle.com/oci_observability_management/oci-la-fluentd-collector:1.2.0 + url: iad.ocir.io/id3m3bqjn6oc/k8-objects-discovery:master-5e03e34 #TODO # Go to OCI Logging Analytics Administration, click Service Details, and note the namespace value. ociLANamespace: # OCI Logging Analytics Default Log Group OCID ociLALogGroupID: + # OCI Logging Analytics Entity OCID representing the target cluster + ociLAClusterEntityID: oci-onm-mgmt-agent: oci-onm-common: @@ -52,4 +54,4 @@ oci-onm-mgmt-agent: # Replace this value with actual docker image URL for Management Agent url: container-registry.oracle.com/oci_observability_management/oci-management-agent:1.2.0 # Image secrets to use for pulling container image (base64 encoded content of ~/.docker/config.json file) - secret: + secret: \ No newline at end of file diff --git a/util/build_stack.sh b/util/build_stack.sh index 915266d7..f97a3430 100755 --- a/util/build_stack.sh +++ b/util/build_stack.sh @@ -23,12 +23,17 @@ ROOT_DIR=".." ROOT_DIR=$(abspath $ROOT_DIR) # Convert to absolute path RELEASE_PATH="$ROOT_DIR/releases" -TEMP_ZIP="${RELEASE_PATH}/temp.zip" -TEMP_DIR="${RELEASE_PATH}/temp" +UTIL_PATH="$ROOT_DIR/util" +BUILD_ZIP="${UTIL_PATH}/temp.zip" +BUILD_DIR="${UTIL_PATH}/temp" + +HELM_SOURCE="$BUILD_DIR/charts" +MODULES_SOURCE="$BUILD_DIR/terraform/modules" + +STACK_BUILD_PATH="$BUILD_DIR/terraform/oke" +HELM_SYMLINK="$STACK_BUILD_PATH/charts" +MODULES_SYMLINK="$STACK_BUILD_PATH/modules" -HELM_SOURCE="$ROOT_DIR/charts" -MODULES_SOURCE="$ROOT_DIR/terraform/modules" -ROOT_MODULE_PATH="$ROOT_DIR/terraform/oke" # Usage Instructions usage=" @@ -97,97 +102,78 @@ RELEASE_ZIP="${RELEASE_PATH}/${release_name}.zip" # Disclaimer echo -e "\nDisclaimers - \n" if [ -n "$INCLUDE_LOCAL_HELM" ]; then - echo -e "-d option passed - local helm-chart files will be part of stack zip" + echo -e "\t-d option passed - local helm-chart files will be part of stack zip" else - echo -e "-d option NOT passed - local helm-chart files will NOT be part of stack zip" + echo -e "\t-d option NOT passed - local helm-chart files will NOT be part of stack zip" fi if [ -n "$LIVE_LAB_BUILD" ]; then - echo -e "-l option passed - livelab specific zip will be created" + echo -e "\t-l option passed - livelab specific zip will be created" fi -# Echo Build Parameters -echo -e "" -echo -e "Build parameters - " -echo -e "" -echo -e "ROOT_DIR = $ROOT_DIR" -echo -e "HELM_SOURCE = $HELM_SOURCE" -echo -e "MODULES_SOURCE = $MODULES_SOURCE" -echo -e "TEMP_DIR = $TEMP_DIR" -echo -e "TEMP_ZIP = $TEMP_ZIP" -echo -e "RELEASE_ZIP = $RELEASE_ZIP" -echo -e "ROOT_MODULE_PATH = $ROOT_MODULE_PATH" -echo -e "" - # Start -echo -e "Building -\n" +echo -e "\nBuilding -\n" + +# Clean up stale temp build dirs and zip file +rm "$BUILD_ZIP" 2>/dev/null || : +rm -rf "$BUILD_DIR" 2>/dev/null || : # Create a release DIR if it does not exist already. if test ! -d "$RELEASE_PATH"; then - mkdir "${RELEASE_PATH}" || error_and_exit "Could not create releases DIR." - echo -e "Created release DIR: ${RELEASE_PATH}" + mkdir "${RELEASE_PATH}" || error_and_exit "ERROR: mkdir ${RELEASE_PATH}" + echo -e "Created release direcotory - \$PROJECT_HOME/releases" fi -#clean up old zip -rm "${RELEASE_ZIP}" 2>/dev/null && echo -e "Removed stale release zip - ${RELEASE_ZIP}" +# Clean up old zip +rm "${RELEASE_ZIP}" 2>/dev/null && echo -e "Removed old stack - ${RELEASE_ZIP}" -# Clean up stale dirs and files -rm "$TEMP_ZIP" 2>/dev/null && echo -e "Removed stale temp zip - $TEMP_ZIP" -rm -rf "$TEMP_DIR" 2>/dev/null && echo -e "Removed stale temp dir - $TEMP_DIR" - -# Switch to Root Module for gitzip -cd $ROOT_MODULE_PATH || error_and_exit "Failed to Switch to root module" -echo -e "Switched to Root Module - $ROOT_MODULE_PATH" +# Switch to project's root for git archive +cd $ROOT_DIR || error_and_exit "ERROR: cd $ROOT_DIR" # Create git archive as temp.zip -git archive HEAD -o "$TEMP_ZIP" --format=zip >/dev/null || error_and_exit "git archive failed." -echo -e "Created Git archive - $TEMP_ZIP" +git archive HEAD -o "$BUILD_ZIP" --format=zip >/dev/null || error_and_exit "ERROR: git archive HEAD -o $BUILD_ZIP --format=zip" +echo -e "Created git archive - $BUILD_ZIP" -# unzip the temp.zip file -unzip -d "$TEMP_DIR" "$TEMP_ZIP" >/dev/null || error_and_exit "Could not unzip temp.zip" -echo -e "Unzipped temp.zip to $TEMP_DIR" +# Unzip the temp.zip file +unzip -d "$BUILD_DIR" "$BUILD_ZIP" >/dev/null || error_and_exit "ERROR: unzip -d $BUILD_DIR $BUILD_ZIP" +echo -e "Unzipped git archive - $BUILD_DIR" -# remove the helm-chart symlink -rm "$TEMP_DIR/charts" || error_and_exit "Could not remove helm-chart symlink" -echo -e "Removed helm-chart symlink - $TEMP_DIR/charts" +# Remove the helm-chart symlink +rm "$HELM_SYMLINK" || error_and_exit "ERROR: rm $HELM_SYMLINK" +echo -e "Removed helm-chart symlink - $HELM_SYMLINK" if [ -n "$INCLUDE_LOCAL_HELM" ]; then # copy the helm-chart - cp -R "$HELM_SOURCE" "$TEMP_DIR" || error_and_exit "Could not copy helm chart" - echo -e "Copied helm-chart to $TEMP_DIR" + cp -R "$HELM_SOURCE" "$STACK_BUILD_PATH" || error_and_exit "ERROR: cp -R $HELM_SOURCE $STACK_BUILD_PATH" + echo -e "Copied helm-chart at - $STACK_BUILD_PATH" fi -# remove the terraform modules symlink -rm "$TEMP_DIR/modules" || error_and_exit "Could not remove modules symlink" -echo -e "Removed terraform modules symlink - $TEMP_DIR/modules" +# Remove the terraform modules symlink +rm "$MODULES_SYMLINK" || error_and_exit "ERROR: rm $MODULES_SYMLINK" +echo -e "Removed terraform modules symlink - $MODULES_SYMLINK" -# copy the modules -cp -R "$MODULES_SOURCE" "$TEMP_DIR" || error_and_exit "Could not copy modules" -echo -e "Copied orignal modules to $TEMP_DIR" +# Copy the modules +cp -R "$MODULES_SOURCE" "$STACK_BUILD_PATH" || error_and_exit "ERROR: cp -R $MODULES_SOURCE $STACK_BUILD_PATH" +echo -e "Copied terraform modules at - $STACK_BUILD_PATH" -# switch back to temp dir -cd "$TEMP_DIR" || error_and_exit "Could not switch to temp dir" -echo -e "Switched to $TEMP_DIR" +# Switch back to stack dir +cd "$STACK_BUILD_PATH" || error_and_exit "ERROR: cd $STACK_BUILD_PATH" -# update livelab switch input to true +# Update livelab switch input to true if [ -n "$LIVE_LAB_BUILD" ]; then - sed "s/false/true/g" -i livelab_switch.tf - echo -e "Enabled livelab switch in livelab_switch.tf" + sed "s/false/true/g" -i livelab_switch.tf || error_and_exit "ERROR: sed \"s/false/true/g\" -i livelab_switch.tf" + echo -e "Enabled livelab switch in $STACK_BUILD_PATH/livelab_switch.tf" fi -# create zip -zip -r "${RELEASE_ZIP}" . >/dev/null || error_and_exit "Could not zip $TEMP_DIR" - -# switch back to util dir -cd "$RELEASE_PATH" || error_and_exit "Could not switch to $RELEASE_PATH" +# Create final stack zip +zip -r "${RELEASE_ZIP}" . >/dev/null || error_and_exit "ERROR: zip -r ${RELEASE_ZIP} ." -# Clean up stale dirs and files -rm "$TEMP_ZIP" 2>/dev/null && echo -e "Removed stale temp zip - $TEMP_ZIP" -rm -rf "$TEMP_DIR" 2>/dev/null && echo -e "Removed stale temp dir - $TEMP_DIR" - -# Start +# Display Output echo -e "\nOutput -\n" +echo -e "Stack Created - ${RELEASE_ZIP}" -echo -e "New Release Created - $RELEASE_PATH/$release_name.zip" - - +# Switch back to util dir +cd "$RELEASE_PATH" || error_and_exit "ERROR: cd $RELEASE_PATH" +# Clean up stale dirs and files +rm "$BUILD_ZIP" 2>/dev/null || error_and_exit "ERROR: rm $BUILD_ZIP" +rm -rf "$BUILD_DIR" 2>/dev/null || error_and_exit "ERROR: rm -rf $BUILD_DIR" \ No newline at end of file