diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 94589924..0dd5ab1e 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -1,4 +1,4 @@
-# # # # Copyright (c) 2023, Oracle and/or its affiliates.
+# # # # Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# # # # Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
name: Release Charts
diff --git a/.gitignore b/.gitignore
index 7903a784..85b0ada5 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
.DS_Store
@@ -32,7 +32,9 @@ crash.*.log
# control as they are data points which are potentially sensitive and subject
# to change depending on the environment.
*.tfvars
+!*.auto.tfvars
*.tfvars.json
+!*.auto.tfvars.json
# Include sample tfvars
!terraform-sample.tfvars
@@ -69,4 +71,7 @@ meta-schema.yaml
releases/
# vscode
-.vscode
\ No newline at end of file
+.vscode
+
+# debug files
+tf-debug/
\ No newline at end of file
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 4b542536..f0c2d52d 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
repos:
diff --git a/charts/common/Chart.yaml b/charts/common/Chart.yaml
index 568b1c4f..abc5d238 100644
--- a/charts/common/Chart.yaml
+++ b/charts/common/Chart.yaml
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
apiVersion: v2
diff --git a/charts/common/templates/_helpers.tpl b/charts/common/templates/_helpers.tpl
index ef8035e6..672022d2 100644
--- a/charts/common/templates/_helpers.tpl
+++ b/charts/common/templates/_helpers.tpl
@@ -1,5 +1,5 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
# tpl render function
diff --git a/charts/common/templates/clusterrole.yaml b/charts/common/templates/clusterrole.yaml
index 3777c82a..e916b0fc 100644
--- a/charts/common/templates/clusterrole.yaml
+++ b/charts/common/templates/clusterrole.yaml
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
{{- if eq (include "common.createServiceAccount" .) "true" }}
diff --git a/charts/common/templates/clusterrolebinding.yaml b/charts/common/templates/clusterrolebinding.yaml
index f720358f..52b8dad4 100644
--- a/charts/common/templates/clusterrolebinding.yaml
+++ b/charts/common/templates/clusterrolebinding.yaml
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
{{- if eq (include "common.createServiceAccount" .) "true" }}
diff --git a/charts/common/templates/namespace.yaml b/charts/common/templates/namespace.yaml
index f3e0f150..c8931111 100644
--- a/charts/common/templates/namespace.yaml
+++ b/charts/common/templates/namespace.yaml
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
{{- if eq (include "common.createNamespace" .) "true" }}
diff --git a/charts/common/templates/role.yaml b/charts/common/templates/role.yaml
index 7d216829..92b09b42 100644
--- a/charts/common/templates/role.yaml
+++ b/charts/common/templates/role.yaml
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
{{- if eq (include "common.createServiceAccount" .) "true" }}
diff --git a/charts/common/templates/rolebinding.yaml b/charts/common/templates/rolebinding.yaml
index 7ddf53c6..186cfeb6 100644
--- a/charts/common/templates/rolebinding.yaml
+++ b/charts/common/templates/rolebinding.yaml
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
{{- if eq (include "common.createServiceAccount" .) "true" }}
diff --git a/charts/common/templates/serviceAccount.yaml b/charts/common/templates/serviceAccount.yaml
index 5ca351e1..1def18bd 100644
--- a/charts/common/templates/serviceAccount.yaml
+++ b/charts/common/templates/serviceAccount.yaml
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
{{- if eq (include "common.createServiceAccount" .) "true" }}
diff --git a/charts/common/values.yaml b/charts/common/values.yaml
index 5ab34a6d..63fb6b0b 100644
--- a/charts/common/values.yaml
+++ b/charts/common/values.yaml
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
# -- Automatically create, a readonly cluster role, cluster role binding and
diff --git a/charts/logan/Chart.yaml b/charts/logan/Chart.yaml
index f6df5a18..1feeada9 100644
--- a/charts/logan/Chart.yaml
+++ b/charts/logan/Chart.yaml
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
apiVersion: v2
diff --git a/charts/logan/templates/_helpers.tpl b/charts/logan/templates/_helpers.tpl
index 974684b5..1518d17c 100644
--- a/charts/logan/templates/_helpers.tpl
+++ b/charts/logan/templates/_helpers.tpl
@@ -1,5 +1,5 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
# tpl render function
diff --git a/charts/logan/templates/ekscp-logs-configmap.yaml b/charts/logan/templates/ekscp-logs-configmap.yaml
index 30c91521..a6b170dc 100644
--- a/charts/logan/templates/ekscp-logs-configmap.yaml
+++ b/charts/logan/templates/ekscp-logs-configmap.yaml
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
{{- if .Values.enableEKSControlPlaneLogs }}
{{- $kubernetesClusterName := (include "logan.kubernetesClusterName" .) }}
diff --git a/charts/logan/templates/fluentd-daemonset.yaml b/charts/logan/templates/fluentd-daemonset.yaml
index 670507e5..3338789b 100644
--- a/charts/logan/templates/fluentd-daemonset.yaml
+++ b/charts/logan/templates/fluentd-daemonset.yaml
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
---
diff --git a/charts/logan/templates/fluentd-deployment.yaml b/charts/logan/templates/fluentd-deployment.yaml
index 582f0a8d..251a6eb8 100644
--- a/charts/logan/templates/fluentd-deployment.yaml
+++ b/charts/logan/templates/fluentd-deployment.yaml
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
---
diff --git a/charts/logan/templates/logs-configmap.yaml b/charts/logan/templates/logs-configmap.yaml
index 3a786dbd..513e64d7 100644
--- a/charts/logan/templates/logs-configmap.yaml
+++ b/charts/logan/templates/logs-configmap.yaml
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
{{- $kubernetesClusterName := (include "logan.kubernetesClusterName" .) }}
diff --git a/charts/logan/templates/oci-config-secret.yaml b/charts/logan/templates/oci-config-secret.yaml
index 6f291d2e..08d2c123 100644
--- a/charts/logan/templates/oci-config-secret.yaml
+++ b/charts/logan/templates/oci-config-secret.yaml
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
{{- $authtype := .Values.authtype | lower }}
diff --git a/charts/logan/values.yaml b/charts/logan/values.yaml
index bda49f73..dd4e9592 100644
--- a/charts/logan/values.yaml
+++ b/charts/logan/values.yaml
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
global:
diff --git a/charts/mgmt-agent/.helmignore b/charts/mgmt-agent/.helmignore
index a23e8f3a..b48cd989 100644
--- a/charts/mgmt-agent/.helmignore
+++ b/charts/mgmt-agent/.helmignore
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
# Patterns to ignore when building packages.
diff --git a/charts/mgmt-agent/Chart.yaml b/charts/mgmt-agent/Chart.yaml
index a993ce1d..cf5ab742 100644
--- a/charts/mgmt-agent/Chart.yaml
+++ b/charts/mgmt-agent/Chart.yaml
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
apiVersion: v2
diff --git a/charts/mgmt-agent/resources/input.rsp b/charts/mgmt-agent/resources/input.rsp
index abc612c1..dc9d61c5 100644
--- a/charts/mgmt-agent/resources/input.rsp
+++ b/charts/mgmt-agent/resources/input.rsp
@@ -1,2 +1,2 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
diff --git a/charts/mgmt-agent/resources/mgmtagent_kubernetes_dashboard.json b/charts/mgmt-agent/resources/mgmtagent_kubernetes_dashboard.json
index fdfd317a..e2642659 100644
--- a/charts/mgmt-agent/resources/mgmtagent_kubernetes_dashboard.json
+++ b/charts/mgmt-agent/resources/mgmtagent_kubernetes_dashboard.json
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
{
diff --git a/charts/mgmt-agent/templates/_helpers.tpl b/charts/mgmt-agent/templates/_helpers.tpl
index 3fe0694e..1bb71621 100644
--- a/charts/mgmt-agent/templates/_helpers.tpl
+++ b/charts/mgmt-agent/templates/_helpers.tpl
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
# tpl render function
diff --git a/charts/mgmt-agent/templates/metric_server.yaml b/charts/mgmt-agent/templates/metric_server.yaml
index 6e5defd1..e8c11fb8 100644
--- a/charts/mgmt-agent/templates/metric_server.yaml
+++ b/charts/mgmt-agent/templates/metric_server.yaml
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
{{- if .Values.deployMetricServer }}
diff --git a/charts/mgmt-agent/templates/metrics-configmap.yaml b/charts/mgmt-agent/templates/metrics-configmap.yaml
index 6fad8980..c09296ba 100644
--- a/charts/mgmt-agent/templates/metrics-configmap.yaml
+++ b/charts/mgmt-agent/templates/metrics-configmap.yaml
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
apiVersion: v1
diff --git a/charts/mgmt-agent/templates/mgmt-agent-headless-service.yaml b/charts/mgmt-agent/templates/mgmt-agent-headless-service.yaml
index 9dd63879..a2eea6bd 100644
--- a/charts/mgmt-agent/templates/mgmt-agent-headless-service.yaml
+++ b/charts/mgmt-agent/templates/mgmt-agent-headless-service.yaml
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
apiVersion: v1
diff --git a/charts/mgmt-agent/templates/mgmt-agent-secrets.yaml b/charts/mgmt-agent/templates/mgmt-agent-secrets.yaml
index b8545b9d..9f14f93f 100644
--- a/charts/mgmt-agent/templates/mgmt-agent-secrets.yaml
+++ b/charts/mgmt-agent/templates/mgmt-agent-secrets.yaml
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
apiVersion: v1
diff --git a/charts/mgmt-agent/templates/mgmt-agent-statefulset.yaml b/charts/mgmt-agent/templates/mgmt-agent-statefulset.yaml
index 76279b26..5cf8da12 100644
--- a/charts/mgmt-agent/templates/mgmt-agent-statefulset.yaml
+++ b/charts/mgmt-agent/templates/mgmt-agent-statefulset.yaml
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
apiVersion: apps/v1
diff --git a/charts/mgmt-agent/values.yaml b/charts/mgmt-agent/values.yaml
index dd4cb3c7..0ac47f82 100644
--- a/charts/mgmt-agent/values.yaml
+++ b/charts/mgmt-agent/values.yaml
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
global:
diff --git a/charts/oci-onm/Chart.yaml b/charts/oci-onm/Chart.yaml
index f00762fb..166cec95 100644
--- a/charts/oci-onm/Chart.yaml
+++ b/charts/oci-onm/Chart.yaml
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
apiVersion: v2
diff --git a/charts/oci-onm/templates/_helpers.tpl b/charts/oci-onm/templates/_helpers.tpl
index 9600d4db..e8f706a4 100644
--- a/charts/oci-onm/templates/_helpers.tpl
+++ b/charts/oci-onm/templates/_helpers.tpl
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
# tpl render function
diff --git a/charts/oci-onm/values.yaml b/charts/oci-onm/values.yaml
index fc8a79f4..33bb6b3d 100644
--- a/charts/oci-onm/values.yaml
+++ b/charts/oci-onm/values.yaml
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
global:
diff --git a/logan/docker-images/v1.0/debian-deprecated/Dockerfile b/logan/docker-images/v1.0/debian-deprecated/Dockerfile
index d7b74e46..86c71af3 100644
--- a/logan/docker-images/v1.0/debian-deprecated/Dockerfile
+++ b/logan/docker-images/v1.0/debian-deprecated/Dockerfile
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
### Referred version from fluentd-kubernetes-daemonset gitgub repo ###
diff --git a/logan/docker-images/v1.0/debian-deprecated/Gemfile b/logan/docker-images/v1.0/debian-deprecated/Gemfile
index ca3fd5b0..6d2e878d 100644
--- a/logan/docker-images/v1.0/debian-deprecated/Gemfile
+++ b/logan/docker-images/v1.0/debian-deprecated/Gemfile
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
source "https://rubygems.org"
diff --git a/logan/docker-images/v1.0/debian-deprecated/entrypoint.sh b/logan/docker-images/v1.0/debian-deprecated/entrypoint.sh
index b62287b1..21ca47e4 100644
--- a/logan/docker-images/v1.0/debian-deprecated/entrypoint.sh
+++ b/logan/docker-images/v1.0/debian-deprecated/entrypoint.sh
@@ -1,6 +1,6 @@
#!/usr/bin/env sh
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
exec fluentd -c ${FLUENTD_CONF} -p /fluentd/plugins --gemfile /fluentd/Gemfile ${FLUENTD_OPT}
diff --git a/logan/docker-images/v1.0/oraclelinux/8-deprecated/Dockerfile b/logan/docker-images/v1.0/oraclelinux/8-deprecated/Dockerfile
index e83717c4..f6ad9542 100644
--- a/logan/docker-images/v1.0/oraclelinux/8-deprecated/Dockerfile
+++ b/logan/docker-images/v1.0/oraclelinux/8-deprecated/Dockerfile
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
## To build/install all the dependencies
diff --git a/logan/docker-images/v1.0/oraclelinux/8-deprecated/Gemfile b/logan/docker-images/v1.0/oraclelinux/8-deprecated/Gemfile
index c24ac7e1..6526ecd2 100644
--- a/logan/docker-images/v1.0/oraclelinux/8-deprecated/Gemfile
+++ b/logan/docker-images/v1.0/oraclelinux/8-deprecated/Gemfile
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
source "https://rubygems.org"
diff --git a/logan/docker-images/v1.0/oraclelinux/8-deprecated/entrypoint.sh b/logan/docker-images/v1.0/oraclelinux/8-deprecated/entrypoint.sh
index 04709ea7..9cb17ce1 100644
--- a/logan/docker-images/v1.0/oraclelinux/8-deprecated/entrypoint.sh
+++ b/logan/docker-images/v1.0/oraclelinux/8-deprecated/entrypoint.sh
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
#!/usr/bin/env sh
diff --git a/logan/docker-images/v1.0/oraclelinux/8-slim/Dockerfile b/logan/docker-images/v1.0/oraclelinux/8-slim/Dockerfile
index f72a5518..b8a6ce40 100644
--- a/logan/docker-images/v1.0/oraclelinux/8-slim/Dockerfile
+++ b/logan/docker-images/v1.0/oraclelinux/8-slim/Dockerfile
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
### Build the docker image using multi-stage build
diff --git a/logan/docker-images/v1.0/oraclelinux/8-slim/Gemfile b/logan/docker-images/v1.0/oraclelinux/8-slim/Gemfile
index 6a425a2c..68a33e46 100644
--- a/logan/docker-images/v1.0/oraclelinux/8-slim/Gemfile
+++ b/logan/docker-images/v1.0/oraclelinux/8-slim/Gemfile
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
source "https://rubygems.org"
diff --git a/logan/docker-images/v1.0/oraclelinux/8-slim/entrypoint.sh b/logan/docker-images/v1.0/oraclelinux/8-slim/entrypoint.sh
index 04709ea7..9cb17ce1 100644
--- a/logan/docker-images/v1.0/oraclelinux/8-slim/entrypoint.sh
+++ b/logan/docker-images/v1.0/oraclelinux/8-slim/entrypoint.sh
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
#!/usr/bin/env sh
diff --git a/logan/kubernetes-resources/logs-collection/configmap-cri.yaml b/logan/kubernetes-resources/logs-collection/configmap-cri.yaml
index 4b05b80e..1b8c5cf7 100644
--- a/logan/kubernetes-resources/logs-collection/configmap-cri.yaml
+++ b/logan/kubernetes-resources/logs-collection/configmap-cri.yaml
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
apiVersion: v1
diff --git a/logan/kubernetes-resources/logs-collection/configmap-docker.yaml b/logan/kubernetes-resources/logs-collection/configmap-docker.yaml
index 1917ec42..348f7b89 100644
--- a/logan/kubernetes-resources/logs-collection/configmap-docker.yaml
+++ b/logan/kubernetes-resources/logs-collection/configmap-docker.yaml
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
apiVersion: v1
diff --git a/logan/kubernetes-resources/logs-collection/fluentd-daemonset.yaml b/logan/kubernetes-resources/logs-collection/fluentd-daemonset.yaml
index dcf20a2b..9c1096d5 100644
--- a/logan/kubernetes-resources/logs-collection/fluentd-daemonset.yaml
+++ b/logan/kubernetes-resources/logs-collection/fluentd-daemonset.yaml
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
---
diff --git a/logan/kubernetes-resources/logs-collection/secrets.yaml b/logan/kubernetes-resources/logs-collection/secrets.yaml
index f76435c7..7e6e8ad7 100644
--- a/logan/kubernetes-resources/logs-collection/secrets.yaml
+++ b/logan/kubernetes-resources/logs-collection/secrets.yaml
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
apiVersion: v1
diff --git a/logan/kubernetes-resources/objects-collection/configmap-objects.yaml b/logan/kubernetes-resources/objects-collection/configmap-objects.yaml
index a0b141c7..1117fa80 100644
--- a/logan/kubernetes-resources/objects-collection/configmap-objects.yaml
+++ b/logan/kubernetes-resources/objects-collection/configmap-objects.yaml
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
apiVersion: v1
diff --git a/logan/kubernetes-resources/objects-collection/fluentd-deployment.yaml b/logan/kubernetes-resources/objects-collection/fluentd-deployment.yaml
index 57dfdc9d..143e10b4 100644
--- a/logan/kubernetes-resources/objects-collection/fluentd-deployment.yaml
+++ b/logan/kubernetes-resources/objects-collection/fluentd-deployment.yaml
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
---
diff --git a/logan/kubernetes-resources/objects-collection/secrets.yaml b/logan/kubernetes-resources/objects-collection/secrets.yaml
index f76435c7..7e6e8ad7 100644
--- a/logan/kubernetes-resources/objects-collection/secrets.yaml
+++ b/logan/kubernetes-resources/objects-collection/secrets.yaml
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
apiVersion: v1
diff --git a/terraform/modules/dashboards/dashboard-inputs.tf b/terraform/modules/dashboards/dashboard-inputs.tf
new file mode 100644
index 00000000..3dc5107b
--- /dev/null
+++ b/terraform/modules/dashboards/dashboard-inputs.tf
@@ -0,0 +1,17 @@
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
+
+# Compartment for creating dashboards and it's associated saved-searches
+variable "compartment_ocid" {
+ type = string
+}
+
+variable "debug" {
+ type = bool
+ default = false
+}
+
+variable "tags" {
+ type = object({ freeformTags = map(string), definedTags = map(string) })
+ default = { "freeformTags" = {}, "definedTags" = {} }
+}
\ No newline at end of file
diff --git a/terraform/modules/dashboards/dashboard.tf b/terraform/modules/dashboards/dashboard.tf
index 6a5da5ec..f22650e7 100644
--- a/terraform/modules/dashboards/dashboard.tf
+++ b/terraform/modules/dashboards/dashboard.tf
@@ -1,11 +1,39 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
locals {
dashboards = ["cluster.json", "node.json", "pod.json", "workload.json", "service-type-lb.json"]
+
+ #tags
+ defined_tags = module.format_tags.defined_tags_string
+ freeform_tags = module.format_tags.freeform_tags_string
+
+ template_values = {
+ "compartment_ocid" = "${var.compartment_ocid}"
+
+ # Expected format of tags: https://docs.oracle.com/en-us/iaas/api/#/en/managementdashboard/20200901/ManagementDashboardImportDetails/
+ "defined_tags" = local.defined_tags
+ "freeform_tags" = local.freeform_tags
+ }
+}
+
+# format tags; as required in dashboard JSON files
+module "format_tags" {
+ source = "./format_tags"
+ tags = var.tags
}
resource "oci_management_dashboard_management_dashboards_import" "multi_management_dashboards_import" {
for_each = toset(local.dashboards)
- import_details = templatefile(format("%s/%s/%s", "${path.module}", "dashboards_json", each.value), { "compartment_ocid" : "${var.compartment_ocid}" })
+ import_details = templatefile(format("%s/%s/%s", "${path.module}", "dashboards_json", each.value), local.template_values)
+
+ lifecycle {
+ ignore_changes = [import_details]
+ }
}
+
+resource "local_file" "dashboard_template" {
+ for_each = var.debug ? toset(local.dashboards) : []
+ content = templatefile(format("%s/%s/%s", "${path.module}", "dashboards_json", each.value), local.template_values)
+ filename = "${path.module}/tf-debug/${each.value}"
+}
\ No newline at end of file
diff --git a/terraform/modules/dashboards/dashboards_json/cluster.json b/terraform/modules/dashboards/dashboards_json/cluster.json
index a0cb9d02..31a7046b 100644
--- a/terraform/modules/dashboards/dashboards_json/cluster.json
+++ b/terraform/modules/dashboards/dashboards_json/cluster.json
@@ -599,8 +599,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "jet-modules/dashboards/widgets/lxSavedSearchWidget.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [],
"drilldownConfig": []
},
@@ -676,8 +676,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "visualizations/chartWidgetTemplate.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [
{
"name": "log-analytics-log-group-compartment",
@@ -815,8 +815,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "visualizations/chartWidgetTemplate.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [
{
"name": "log-analytics-log-group-compartment",
@@ -1025,8 +1025,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "jet-modules/dashboards/widgets/lxSavedSearchWidget.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [],
"drilldownConfig": []
},
@@ -1103,8 +1103,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "jet-modules/dashboards/widgets/lxSavedSearchWidget.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [],
"drilldownConfig": []
},
@@ -1234,8 +1234,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "jet-modules/dashboards/widgets/lxSavedSearchWidget.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [],
"drilldownConfig": []
},
@@ -1391,8 +1391,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "jet-modules/dashboards/widgets/lxSavedSearchWidget.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [],
"drilldownConfig": []
},
@@ -1528,8 +1528,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "visualizations/chartWidgetTemplate.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [
{
"name": "log-analytics-log-group-compartment",
@@ -1712,8 +1712,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "visualizations/chartWidgetTemplate.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [
{
"name": "log-analytics-log-group-compartment",
@@ -1903,8 +1903,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "visualizations/chartWidgetTemplate.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [
{
"name": "log-analytics-log-group-compartment",
@@ -2108,8 +2108,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "jet-modules/dashboards/widgets/lxSavedSearchWidget.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [],
"drilldownConfig": []
},
@@ -2239,8 +2239,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "visualizations/chartWidgetTemplate.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [
{
"name": "log-analytics-log-group-compartment",
@@ -2423,8 +2423,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "visualizations/chartWidgetTemplate.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [
{
"name": "log-analytics-log-group-compartment",
@@ -2607,8 +2607,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "visualizations/chartWidgetTemplate.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [
{
"name": "log-analytics-log-group-compartment",
@@ -2738,8 +2738,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "visualizations/chartWidgetTemplate.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [
{
"name": "log-analytics-log-group-compartment",
@@ -2930,8 +2930,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "visualizations/chartWidgetTemplate.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [
{
"name": "log-analytics-log-group-compartment",
@@ -3176,8 +3176,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "visualizations/chartWidgetTemplate.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [
{
"name": "log-analytics-log-group-compartment",
@@ -3306,8 +3306,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "visualizations/chartWidgetTemplate.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [
{
"name": "log-analytics-log-group-compartment",
@@ -3491,8 +3491,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "visualizations/chartWidgetTemplate.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [
{
"name": "log-analytics-log-group-compartment",
@@ -3675,8 +3675,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "visualizations/chartWidgetTemplate.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [
{
"name": "log-analytics-log-group-compartment",
@@ -3880,8 +3880,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "visualizations/chartWidgetTemplate.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [
{
"name": "log-analytics-log-group-compartment",
@@ -3994,8 +3994,8 @@
}
],
"drilldownConfig": [],
- "freeformTags": {},
- "definedTags": {}
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags}
}
]
}
diff --git a/terraform/modules/dashboards/dashboards_json/node.json b/terraform/modules/dashboards/dashboards_json/node.json
index 37db3276..adefe542 100644
--- a/terraform/modules/dashboards/dashboards_json/node.json
+++ b/terraform/modules/dashboards/dashboards_json/node.json
@@ -276,8 +276,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "jet-modules/dashboards/widgets/lxSavedSearchWidget.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [],
"drilldownConfig": []
},
@@ -422,8 +422,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "jet-modules/dashboards/widgets/lxSavedSearchWidget.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [],
"drilldownConfig": []
},
@@ -798,8 +798,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "visualizations/chartWidgetTemplate.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [
{
"name": "log-analytics-log-group-compartment",
@@ -1045,8 +1045,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "jet-modules/dashboards/widgets/lxSavedSearchWidget.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [],
"drilldownConfig": []
},
@@ -1309,8 +1309,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "jet-modules/dashboards/widgets/lxSavedSearchWidget.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [],
"drilldownConfig": []
},
@@ -1445,8 +1445,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "jet-modules/dashboards/widgets/lxSavedSearchWidget.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [],
"drilldownConfig": []
},
@@ -1577,8 +1577,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "jet-modules/dashboards/widgets/lxSavedSearchWidget.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [],
"drilldownConfig": []
},
@@ -1710,8 +1710,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "jet-modules/dashboards/widgets/lxSavedSearchWidget.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [],
"drilldownConfig": []
}
@@ -1786,8 +1786,8 @@
}
],
"drilldownConfig": [],
- "freeformTags": {},
- "definedTags": {}
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags}
}
]
}
diff --git a/terraform/modules/dashboards/dashboards_json/pod.json b/terraform/modules/dashboards/dashboards_json/pod.json
index c1d95b51..583e4061 100644
--- a/terraform/modules/dashboards/dashboards_json/pod.json
+++ b/terraform/modules/dashboards/dashboards_json/pod.json
@@ -366,8 +366,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "jet-modules/dashboards/widgets/lxSavedSearchWidget.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [],
"drilldownConfig": []
},
@@ -434,8 +434,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "jet-modules/dashboards/widgets/lxSavedSearchWidget.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [],
"drilldownConfig": []
},
@@ -591,8 +591,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "jet-modules/dashboards/widgets/lxSavedSearchWidget.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [],
"drilldownConfig": []
},
@@ -737,8 +737,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "jet-modules/dashboards/widgets/lxSavedSearchWidget.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [],
"drilldownConfig": []
},
@@ -873,8 +873,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "visualizations/chartWidgetTemplate.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [
{
"name": "log-analytics-log-group-compartment",
@@ -1065,8 +1065,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "visualizations/chartWidgetTemplate.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [
{
"name": "log-analytics-log-group-compartment",
@@ -1275,8 +1275,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "jet-modules/dashboards/widgets/lxSavedSearchWidget.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [],
"drilldownConfig": []
},
@@ -1486,8 +1486,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "jet-modules/dashboards/widgets/lxSavedSearchWidget.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [],
"drilldownConfig": []
},
@@ -1694,8 +1694,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "visualizations/chartWidgetTemplate.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [
{
"name": "log-analytics-log-group-compartment",
@@ -1814,8 +1814,8 @@
}
],
"drilldownConfig": [],
- "freeformTags": {},
- "definedTags": {}
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags}
}
]
}
diff --git a/terraform/modules/dashboards/dashboards_json/service-type-lb.json b/terraform/modules/dashboards/dashboards_json/service-type-lb.json
index a6227f3c..f02fe91c 100644
--- a/terraform/modules/dashboards/dashboards_json/service-type-lb.json
+++ b/terraform/modules/dashboards/dashboards_json/service-type-lb.json
@@ -13,7 +13,8 @@
"shared": false
}
},
- "freeformTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"id": "ocid1.managementdashboard.oc1..aaaaaaaa7tmp6wlxgpkjavvyeuvdn3eevm32pmski2z4m22w3jxhtq32h6rq",
"isFavorite": false,
"isOobDashboard": false,
@@ -159,7 +160,8 @@
"shared": false
}
},
- "freeformTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"id": "ocid1.managementsavedsearch.oc1..aaaaaaaa76smhssp5m56wt4eehroipemhm2tzhwtg7znrsjt43vhqrbwsaia",
"isOobSavedSearch": false,
"lifecycleState": "ACTIVE",
@@ -367,7 +369,8 @@
"shared": false
}
},
- "freeformTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"id": "ocid1.managementsavedsearch.oc1..aaaaaaaa7zwdwtcluaapibq7pkw3d5mbrnvkulkz5ovgb2bs6ntxfqd7fj7a",
"isOobSavedSearch": false,
"lifecycleState": "ACTIVE",
@@ -590,7 +593,8 @@
"shared": false
}
},
- "freeformTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"id": "ocid1.managementsavedsearch.oc1..aaaaaaaa3pqjk76dbx4sa2633flzikbg76bjuhaxrcmgy2ul6ayznkr7uxma",
"isOobSavedSearch": false,
"lifecycleState": "ACTIVE",
@@ -871,7 +875,8 @@
"shared": false
}
},
- "freeformTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"id": "ocid1.managementsavedsearch.oc1..aaaaaaaakhx6idmt4r6tkl4ev5fijc5ojr7mgpgc3cluggh7oarmennj63zq",
"isOobSavedSearch": false,
"lifecycleState": "ACTIVE",
@@ -1093,7 +1098,8 @@
"shared": false
}
},
- "freeformTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"id": "ocid1.managementsavedsearch.oc1..aaaaaaaa2ctxqgooubu2oqvz6p2u7tnrlbr6davpwt5fxdmqg3hafktdtk4a",
"isOobSavedSearch": false,
"lifecycleState": "ACTIVE",
@@ -1201,7 +1207,8 @@
"shared": false
}
},
- "freeformTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"id": "ocid1.managementsavedsearch.oc1..aaaaaaaao66kcpdxkzv7euzz2nolnheoztvhjj4ireqfkalgzvg27xtb3wqa",
"isOobSavedSearch": false,
"lifecycleState": "ACTIVE",
@@ -1295,7 +1302,8 @@
"shared": true
}
},
- "freeformTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"id": "ocid1.managementsavedsearch.oc1..aaaaaaaamzjz6demzwue2rr2whhgiml3wrf3oe5vlln6avfwdtjjjfwarjba",
"isOobSavedSearch": false,
"lifecycleState": "ACTIVE",
@@ -1526,7 +1534,8 @@
"shared": false
}
},
- "freeformTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"id": "ocid1.managementsavedsearch.oc1..aaaaaaaanonr7kl5v3cycwxl45h4n5ybz76meoudfgpc5gbsggtxf3djduqa",
"isOobSavedSearch": false,
"lifecycleState": "ACTIVE",
@@ -1821,7 +1830,8 @@
"shared": false
}
},
- "freeformTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"id": "ocid1.managementsavedsearch.oc1..aaaaaaaaijqkcnwvt4fpevll6y5aa5xkhz27suolsc35t5m7ri4a2sth6cqq",
"isOobSavedSearch": false,
"lifecycleState": "ACTIVE",
@@ -1876,7 +1886,8 @@
"shared": false
}
},
- "freeformTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"id": "ocid1.managementsavedsearch.oc1..aaaaaaaanuh7tdxvj52bx5th2iqnndjzfr3i6mejbqiziil24v7xmwuvwxmq",
"isOobSavedSearch": false,
"lifecycleState": "ACTIVE",
@@ -1990,7 +2001,8 @@
"shared": false
}
},
- "freeformTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"id": "ocid1.managementsavedsearch.oc1..aaaaaaaakzhn2cfwz2cz6btwvfk5b6vt4jcr2djfmrc5sz6pyxbjuuwgb22a",
"isOobSavedSearch": false,
"lifecycleState": "ACTIVE",
@@ -2262,7 +2274,8 @@
"shared": true
}
},
- "freeformTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"id": "ocid1.managementsavedsearch.oc1..aaaaaaaau76opbz75ozaotvdpne4g76z267pm6djgehamu2paiutwff5uwna",
"isOobSavedSearch": false,
"lifecycleState": "ACTIVE",
diff --git a/terraform/modules/dashboards/dashboards_json/workload.json b/terraform/modules/dashboards/dashboards_json/workload.json
index 19f5c791..2034e9a6 100644
--- a/terraform/modules/dashboards/dashboards_json/workload.json
+++ b/terraform/modules/dashboards/dashboards_json/workload.json
@@ -428,8 +428,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "jet-modules/dashboards/widgets/lxSavedSearchWidget.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [],
"drilldownConfig": []
},
@@ -509,8 +509,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "visualizations/chartWidgetTemplate.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [
{
"name": "log-analytics-log-group-compartment",
@@ -639,8 +639,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "visualizations/chartWidgetTemplate.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [
{
"name": "log-analytics-log-group-compartment",
@@ -849,8 +849,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "jet-modules/dashboards/widgets/lxSavedSearchWidget.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [],
"drilldownConfig": []
},
@@ -930,8 +930,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "visualizations/chartWidgetTemplate.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [
{
"name": "log-analytics-log-group-compartment",
@@ -1114,8 +1114,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "visualizations/chartWidgetTemplate.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [
{
"name": "log-analytics-log-group-compartment",
@@ -1365,8 +1365,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "visualizations/chartWidgetTemplate.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [
{
"name": "log-analytics-log-group-compartment",
@@ -1616,8 +1616,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "visualizations/chartWidgetTemplate.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [
{
"name": "log-analytics-log-group-compartment",
@@ -1805,8 +1805,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "visualizations/chartWidgetTemplate.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [
{
"name": "log-analytics-log-group-compartment",
@@ -1989,8 +1989,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "visualizations/chartWidgetTemplate.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [
{
"name": "log-analytics-log-group-compartment",
@@ -2119,8 +2119,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "visualizations/chartWidgetTemplate.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [
{
"name": "log-analytics-log-group-compartment",
@@ -2311,8 +2311,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "visualizations/chartWidgetTemplate.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [
{
"name": "log-analytics-log-group-compartment",
@@ -2445,8 +2445,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "visualizations/chartWidgetTemplate.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [
{
"name": "log-analytics-log-group-compartment",
@@ -2635,8 +2635,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "visualizations/chartWidgetTemplate.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [
{
"name": "log-analytics-log-group-compartment",
@@ -2886,8 +2886,8 @@
"metadataVersion": "2.0",
"widgetTemplate": "visualizations/chartWidgetTemplate.html",
"widgetVM": "jet-modules/dashboards/widgets/lxSavedSearchWidget",
- "freeformTags": {},
- "definedTags": {},
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags},
"parametersConfig": [
{
"name": "log-analytics-log-group-compartment",
@@ -3006,8 +3006,8 @@
}
],
"drilldownConfig": [],
- "freeformTags": {},
- "definedTags": {}
+ "freeformTags": ${freeform_tags},
+ "definedTags": ${defined_tags}
}
]
}
diff --git a/terraform/modules/dashboards/format_tags/format_tags.tf b/terraform/modules/dashboards/format_tags/format_tags.tf
new file mode 100644
index 00000000..ccfe7b03
--- /dev/null
+++ b/terraform/modules/dashboards/format_tags/format_tags.tf
@@ -0,0 +1,105 @@
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
+
+variable "tags" {
+ type = object({ freeformTags = map(string), definedTags = map(string) })
+ default = { "freeformTags" = {}, "definedTags" = {} }
+}
+
+# "freeformTags" = {
+# "project" = "logan",
+# "owner" = "paritosh"
+# },
+# "definedTags" = {
+# "Oracle-Recommended-Tags.ResourceOwner" = "paritosh",
+# "Oracle-Recommended-Tags.ResourceType" = "DevResource",
+# "OracleInternalReserved.OwnerEmail" = "paritosh.paliwal@oracle.com"
+# }
+
+locals {
+ freeform_tags = var.tags.freeformTags
+ # freeform_tags = tomap({
+ # "owner" = "paritosh"
+ # "project" = "logan"
+ # })
+
+ freeform_tags_string = "{${join(",", [for key, value in var.tags.freeformTags : "\"${key}\": \"${value}\""])}}"
+ # freeform_tags_string = "{\"owner\": \"paritosh\",\"project\": \"logan\"}"
+
+ defined_tags = var.tags.definedTags
+ # defined_tags = tomap({
+ # "Oracle-Recommended-Tags.ResourceOwner" = "paritosh"
+ # "Oracle-Recommended-Tags.ResourceType" = "DevResource"
+ # "OracleInternalReserved.OwnerEmail" = "paritosh.paliwal@oracle.com"
+ # })
+
+ defined_tag_list_by_ns = { for key, value in local.defined_tags : "\"${split(".", key)[0]}\"" => "\"${split(".", key)[1]}\": \"${value}\""... }
+ # defined_tag_list_by_ns = {
+ # "\"Oracle-Recommended-Tags\"" = [
+ # "\"ResourceOwner\": \"paritosh\"",
+ # "\"ResourceType\": \"DevResource\"",
+ # ]
+ # "\"OracleInternalReserved\"" = [
+ # "\"OwnerEmail\": \"paritosh.paliwal@oracle.com\"",
+ # ]
+ # }
+
+ defined_tags_by_ns = { for ns, tag_list in local.defined_tag_list_by_ns : ns => join(", ", tag_list) }
+ # defined_tags_by_ns = {
+ # "\"Oracle-Recommended-Tags\"" = "\"ResourceOwner\": \"paritosh\", \"ResourceType\": \"DevResource\""
+ # "\"OracleInternalReserved\"" = "\"OwnerEmail\": \"paritosh.paliwal@oracle.com\""
+ # }
+
+ defined_tags_list = [for ns, tags in local.defined_tags_by_ns : "${ns}: {${tags}}"]
+ # defined_tags_list = [
+ # "\"Oracle-Recommended-Tags\": {\"ResourceOwner\": \"paritosh\", \"ResourceType\": \"DevResource\"}",
+ # "\"OracleInternalReserved\": {\"OwnerEmail\": \"paritosh.paliwal@oracle.com\"}",
+ # ]
+
+ # Expected format of tags: https://docs.oracle.com/en-us/iaas/api/#/en/managementdashboard/20200901/ManagementDashboardImportDetails/
+
+ defined_tags_string = "{${join(", ", local.defined_tags_list)}}"
+ # defined_tags_string = "{\"Oracle-Recommended-Tags\": {\"ResourceOwner\": \"paritosh\", \"ResourceType\": \"DevResource\"}, \"OracleInternalReserved\": {\"OwnerEmail\": \"paritosh.paliwal@oracle.com\"}}"
+}
+
+output "defined_tags_string" {
+ value = local.defined_tags_string
+}
+
+output "freeform_tags_string" {
+ value = local.freeform_tags_string
+}
+
+## Debug Outputs
+
+# output "tags" {
+# value = var.tags
+# }
+
+# output "freeform_tags" {
+# value = local.freeform_tags
+# }
+
+# output "freeform_tags_string" {
+# value = local.freeform_tags_string
+# }
+
+# output "defined_tags" {
+# value = local.defined_tags
+# }
+
+# output "defined_tag_list_by_ns" {
+# value = local.defined_tag_list_by_ns
+# }
+
+# output "defined_tags_by_ns" {
+# value = local.defined_tags_by_ns
+# }
+
+# output "defined_tags_list" {
+# value = local.defined_tags_list
+# }
+
+# output "defined_tags_string" {
+# value = local.defined_tags_string
+# }
\ No newline at end of file
diff --git a/terraform/modules/dashboards/inputs.tf b/terraform/modules/dashboards/inputs.tf
deleted file mode 100644
index 2b9b506e..00000000
--- a/terraform/modules/dashboards/inputs.tf
+++ /dev/null
@@ -1,7 +0,0 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
-# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
-
-# Compartment for creating dashboards and it's associated saved-searches
-variable "compartment_ocid" {
- type = string
-}
diff --git a/terraform/modules/logan/provider.tf b/terraform/modules/dashboards/required-providers.tf
similarity index 51%
rename from terraform/modules/logan/provider.tf
rename to terraform/modules/dashboards/required-providers.tf
index 370a4ebe..72a223c4 100644
--- a/terraform/modules/logan/provider.tf
+++ b/terraform/modules/dashboards/required-providers.tf
@@ -1,13 +1,12 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
terraform {
- required_version = ">= 1.0"
+ required_version = ">= 1.2"
required_providers {
oci = {
source = "oracle/oci"
- version = ">= 4.96.0"
- # https://registry.terraform.io/providers/hashicorp/oci/4.85.0
+ version = "~> 5.46"
}
}
-}
+}
\ No newline at end of file
diff --git a/terraform/modules/helm/inputs.tf b/terraform/modules/helm/helm-inputs.tf
similarity index 65%
rename from terraform/modules/helm/inputs.tf
rename to terraform/modules/helm/helm-inputs.tf
index ef3b9c0f..0a3f442c 100644
--- a/terraform/modules/helm/inputs.tf
+++ b/terraform/modules/helm/helm-inputs.tf
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
####
@@ -10,52 +10,39 @@ variable "generate_helm_template" {
default = false
}
-variable "install_helm" {
+variable "install_helm_chart" {
type = bool
default = true
}
-variable "use_local_helm_chart" {
- type = bool
- default = false
+variable "local_helm_chart" {
+ type = string
+ default = null
}
####
## Helm chart
####
-# Used for local testing
-# Absoulte path to helm chart directory
-variable "helm_abs_path" {
- type = string
- default = "optional"
+# Option to use latest helm chart
+variable "helm_chart_version" {
+ type = string
}
####
-## OKE Cluster Information
+## Kubernetes Cluster Information
####
-# OKE Cluster Compartment
-variable "oke_compartment_ocid" {
+# Kubernetes Cluster OCID
+variable "kubernetes_cluster_id" {
type = string
}
-# OKE Cluster OCID
-variable "oke_cluster_ocid" {
+# Kubernetes Cluster Name
+variable "kubernetes_cluster_name" {
type = string
}
-# OKE Cluster Name
-variable "oke_cluster_name" {
- type = string
-}
-
-# OKE Cluster Entity OCID
-variable "oke_cluster_entity_ocid" {
- type = string
- default = "DEFAULT" # Keep default as DEFAULT
-}
-
# Kubernetes Namespace
variable "kubernetes_namespace" {
type = string
@@ -66,22 +53,27 @@ variable "kubernetes_namespace" {
####
# OCI Logging Analytics LogGroup OCID
-variable "oci_la_logGroup_id" {
+variable "oci_la_log_group_ocid" {
type = string
default = ""
}
-# Log Analytics Namespace
+# OCI Log Analytics Namespace
variable "oci_la_namespace" {
type = string
}
+# OCI Logging Analytics Kubernetes Cluster Entity OCID
+variable "oci_la_cluster_entity_ocid" {
+ type = string
+}
+
####
## Fluentd Configuration
####
# Fluentd Base Directory
-variable "fluentd_baseDir_path" {
+variable "fluentd_base_dir_path" {
type = string
default = "/var/log"
}
@@ -90,6 +82,7 @@ variable "fluentd_baseDir_path" {
## Management Agent Configuration
####
+# Management Agent Key
variable "mgmt_agent_install_key_content" {
type = string
}
@@ -114,4 +107,14 @@ variable "deploy_mushop_config" {
variable "livelab_service_account" {
type = string
default = ""
+}
+
+####
+## Others
+####
+
+# Save data resources in local_file for debug purposes
+variable "debug" {
+ type = bool
+ default = false
}
\ No newline at end of file
diff --git a/terraform/modules/helm/outputs.tf b/terraform/modules/helm/helm-outputs.tf
similarity index 64%
rename from terraform/modules/helm/outputs.tf
rename to terraform/modules/helm/helm-outputs.tf
index 00e8298a..0225c48e 100644
--- a/terraform/modules/helm/outputs.tf
+++ b/terraform/modules/helm/helm-outputs.tf
@@ -1,17 +1,18 @@
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
+
locals {
cmd_1_helm_repo_add = "helm repo add oci-onm https://oracle-quickstart.github.io/oci-kubernetes-monitoring"
cmd_2_helm_repo_update = "helm repo update"
- helm_install_opt_entity_id = var.oke_cluster_entity_ocid == "DEFAULT" ? "" : "--set oci-onm-logan.ociLAClusterEntityID=${var.oke_cluster_entity_ocid}"
-
cmd_3_helm_install = join(" ", [
"helm install oci-kubernetes-monitoring oci-onm/oci-onm",
- "--set global.namespace=${local.k8s_namespace}",
- "--set global.kubernetesClusterID=${var.oke_cluster_ocid}",
- "--set global.kubernetesClusterName=${var.oke_cluster_name}",
- "--set oci-onm-logan.ociLALogGroupID=${var.oci_la_logGroup_id}",
+ "--set global.namespace=${var.kubernetes_namespace}",
+ "--set global.kubernetesClusterID=${var.kubernetes_cluster_id}",
+ "--set global.kubernetesClusterName=${local.kubernetes_cluster_name}",
+ "--set oci-onm-logan.ociLALogGroupID=${var.oci_la_log_group_ocid}",
"--set oci-onm-logan.ociLANamespace=${var.oci_la_namespace}",
- local.helm_install_opt_entity_id,
+ "--set oci-onm-logan.ociLAClusterEntityID=${var.oci_la_cluster_entity_ocid}",
"--set oci-onm-mgmt-agent.deployMetricServer=${var.opt_deploy_metric_server}",
"--set oci-onm-mgmt-agent.mgmtagent.installKeyFileContent=${var.mgmt_agent_install_key_content}"
])
diff --git a/terraform/modules/helm/helm.tf b/terraform/modules/helm/helm.tf
index a2b2b9be..5aa1d0e1 100644
--- a/terraform/modules/helm/helm.tf
+++ b/terraform/modules/helm/helm.tf
@@ -1,24 +1,31 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
locals {
- helm_repo_url = "https://oracle-quickstart.github.io/oci-kubernetes-monitoring"
- helm_repo_chart = "oci-onm"
+ remote_helm_repo = "https://oracle-quickstart.github.io/oci-kubernetes-monitoring"
+ chart_name = "oci-onm"
- k8s_namespace = var.deploy_mushop_config ? "livelab-test" : var.kubernetes_namespace
+ is_local_helm_chart = var.local_helm_chart != null
+
+ chart = local.is_local_helm_chart ? var.local_helm_chart : local.chart_name
+ repository = local.is_local_helm_chart ? null : local.remote_helm_repo
+ version = local.is_local_helm_chart ? null : var.helm_chart_version
+
+ kubernetes_cluster_name = var.kubernetes_cluster_name
helm_inputs = {
# global
- "global.namespace" = local.k8s_namespace
- "global.kubernetesClusterID" = var.oke_cluster_ocid
- "global.kubernetesClusterName" = var.oke_cluster_name
+ "global.namespace" = var.kubernetes_namespace
+ "global.kubernetesClusterID" = var.kubernetes_cluster_id
+ "global.kubernetesClusterName" = local.kubernetes_cluster_name
# oci-onm-logan
- "oci-onm-logan.ociLANamespace" = var.oci_la_namespace
- "oci-onm-logan.ociLALogGroupID" = var.oci_la_logGroup_id
- "oci-onm-logan.fluentd.baseDir" = var.fluentd_baseDir_path
+ "oci-onm-logan.ociLANamespace" = var.oci_la_namespace
+ "oci-onm-logan.ociLALogGroupID" = var.oci_la_log_group_ocid
+ "oci-onm-logan.fluentd.baseDir" = var.fluentd_base_dir_path
+ "oci-onm-logan.ociLAClusterEntityID" = var.oci_la_cluster_entity_ocid
- #oci-onm-mgmt-agent
+ # oci-onm-mgmt-agent
"oci-onm-mgmt-agent.mgmtagent.installKeyFileContent" = var.mgmt_agent_install_key_content
"oci-onm-mgmt-agent.deployMetricServer" = var.opt_deploy_metric_server
}
@@ -33,10 +40,12 @@ locals {
# Create helm release
resource "helm_release" "oci-kubernetes-monitoring" {
name = "oci-kubernetes-monitoring"
- repository = var.use_local_helm_chart ? null : local.helm_repo_url
- chart = var.use_local_helm_chart ? var.helm_abs_path : local.helm_repo_chart
+ repository = local.repository
+ chart = local.chart
+ version = local.version
wait = true
dependency_update = true
+ cleanup_on_fail = true
atomic = true
values = var.deploy_mushop_config ? ["${file("${path.module}/mushop_values.yaml")}"] : null
@@ -49,14 +58,6 @@ resource "helm_release" "oci-kubernetes-monitoring" {
}
}
- dynamic "set" {
- for_each = var.oke_cluster_entity_ocid == "DEFAULT" ? [] : ["run_once"]
- content {
- name = "oci-onm-logan.ociLAClusterEntityID"
- value = var.oke_cluster_entity_ocid
- }
- }
-
dynamic "set" {
for_each = var.deploy_mushop_config ? local.mushop_helm_inputs : {}
content {
@@ -65,16 +66,17 @@ resource "helm_release" "oci-kubernetes-monitoring" {
}
}
- count = var.install_helm ? 1 : 0
+ count = var.install_helm_chart ? 1 : 0
}
# Create helm template
data "helm_template" "oci-kubernetes-monitoring" {
name = "oci-kubernetes-monitoring"
- # default behaviour is to use remote helm repo | var.use_local_helm_chart = false
+ # default behavior is to use remote helm repo | var.use_local_helm_chart = false
# the option to use local helm chart is for development purpose only
- repository = var.use_local_helm_chart ? null : local.helm_repo_url
- chart = var.use_local_helm_chart ? var.helm_abs_path : local.helm_repo_chart
+ repository = local.repository
+ chart = local.chart
+ version = local.version
dependency_update = true
values = var.deploy_mushop_config ? ["${file("${path.module}/mushop_values.yaml")}"] : null
@@ -87,14 +89,6 @@ data "helm_template" "oci-kubernetes-monitoring" {
}
}
- dynamic "set" {
- for_each = var.oke_cluster_entity_ocid == "DEFAULT" ? [] : ["run_once"]
- content {
- name = "oci-onm-logan.ociLAClusterEntityID"
- value = var.oke_cluster_entity_ocid
- }
- }
-
dynamic "set" {
for_each = var.deploy_mushop_config ? local.mushop_helm_inputs : {}
content {
@@ -105,3 +99,9 @@ data "helm_template" "oci-kubernetes-monitoring" {
count = var.generate_helm_template ? 1 : 0
}
+
+resource "local_file" "helm_template" {
+ count = var.debug && var.generate_helm_template ? 1 : 0
+ content = jsonencode(data.helm_template.oci-kubernetes-monitoring[0])
+ filename = "${path.module}/tf-debug/helm_template.json"
+}
\ No newline at end of file
diff --git a/terraform/modules/helm/local/.gitignore b/terraform/modules/helm/local/.gitignore
index bc1f496f..05b845f9 100644
--- a/terraform/modules/helm/local/.gitignore
+++ b/terraform/modules/helm/local/.gitignore
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
*
diff --git a/terraform/modules/helm/mushop_values.yaml b/terraform/modules/helm/mushop_values.yaml
index ea67b92a..9be4643d 100644
--- a/terraform/modules/helm/mushop_values.yaml
+++ b/terraform/modules/helm/mushop_values.yaml
@@ -1,3 +1,5 @@
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
oci-onm-common:
fluentd:
customLogs:
diff --git a/terraform/modules/helm/provider.tf b/terraform/modules/helm/required-providers.tf
similarity index 52%
rename from terraform/modules/helm/provider.tf
rename to terraform/modules/helm/required-providers.tf
index 9c529672..18c625a2 100644
--- a/terraform/modules/helm/provider.tf
+++ b/terraform/modules/helm/required-providers.tf
@@ -1,16 +1,12 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
terraform {
- required_version = ">= 1.0"
+ required_version = ">= 1.2"
required_providers {
helm = {
source = "hashicorp/helm"
- version = "2.7.1"
- }
- oci = {
- source = "oracle/oci"
- version = ">= 4.96.0"
+ version = "~> 2.7"
}
}
}
\ No newline at end of file
diff --git a/terraform/modules/iam/iam-debug.tf b/terraform/modules/iam/iam-debug.tf
new file mode 100644
index 00000000..d16a2327
--- /dev/null
+++ b/terraform/modules/iam/iam-debug.tf
@@ -0,0 +1,2 @@
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
\ No newline at end of file
diff --git a/terraform/modules/iam/inputs.tf b/terraform/modules/iam/iam-inputs.tf
similarity index 56%
rename from terraform/modules/iam/inputs.tf
rename to terraform/modules/iam/iam-inputs.tf
index 900269a9..4c1661db 100644
--- a/terraform/modules/iam/inputs.tf
+++ b/terraform/modules/iam/iam-inputs.tf
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
# tenancy ocid
@@ -19,4 +19,16 @@ variable "oke_compartment_ocid" {
# OKE Cluster OCID
variable "oke_cluster_ocid" {
type = string
+}
+
+# Save data resources in local_file for debug purposes
+variable "debug" {
+ type = bool
+ default = false
+}
+
+# OCI Tags
+variable "tags" {
+ type = object({ freeformTags = map(string), definedTags = map(string) })
+ default = { "freeformTags" = {}, "definedTags" = {} }
}
\ No newline at end of file
diff --git a/terraform/modules/iam/outputs.tf b/terraform/modules/iam/iam-outputs.tf
similarity index 83%
rename from terraform/modules/iam/outputs.tf
rename to terraform/modules/iam/iam-outputs.tf
index 10537beb..3b68f4b3 100644
--- a/terraform/modules/iam/outputs.tf
+++ b/terraform/modules/iam/iam-outputs.tf
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
output "oke_dynamic_group_ocid" {
diff --git a/terraform/modules/iam/iam.tf b/terraform/modules/iam/iam.tf
index ba2594a1..343c0ad1 100644
--- a/terraform/modules/iam/iam.tf
+++ b/terraform/modules/iam/iam.tf
@@ -1,16 +1,18 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
locals {
cluster_ocid_md5 = md5(var.oke_cluster_ocid)
- # Dynmaic Group
+ # Dynamic Group
dynamic_group_name = "oci-kubernetes-monitoring-${local.cluster_ocid_md5}"
dynamic_group_desc = "Auto generated by Resource Manager Stack - oci-kubernetes-monitoring. Required for monitoring OKE Cluster - ${var.oke_cluster_ocid}"
instances_in_compartment_rule = ["ALL {instance.compartment.id = '${var.oke_compartment_ocid}'}"]
management_agent_rule = ["ALL {resource.type='managementagent', resource.compartment.id='${var.oci_onm_compartment_ocid}'}"]
dynamic_group_matching_rules = concat(local.instances_in_compartment_rule, local.management_agent_rule)
complied_dynamic_group_rules = "ANY {${join(",", local.dynamic_group_matching_rules)}}"
+ defined_namespaces = join(",", [for namespace in module.tag_namespaces.namespaces : "target.tag-namespace.name='${namespace}'"])
+ tags_policy_where_clause = length(var.tags.definedTags) == 0 ? "" : " where any {${local.defined_namespaces}}"
# Policy
policy_name = "oci-kubernetes-monitoring-${local.cluster_ocid_md5}"
@@ -19,25 +21,47 @@ locals {
mgmt_agent_stmt = ["Allow dynamic-group ${local.dynamic_group_name} to use METRICS in ${local.policy_scope} WHERE target.metrics.namespace = 'mgmtagent_kubernetes_metrics'"]
fluentd_agent_stmt = ["Allow dynamic-group ${local.dynamic_group_name} to {LOG_ANALYTICS_LOG_GROUP_UPLOAD_LOGS} in ${local.policy_scope}"]
discovery_api_stmt = ["Allow dynamic-group ${local.dynamic_group_name} to {LOG_ANALYTICS_DISCOVERY_UPLOAD} in tenancy"]
- compiled_policy_statements = concat(local.fluentd_agent_stmt, local.mgmt_agent_stmt, local.discovery_api_stmt)
+ tag_namespace_stmt = ["Allow dynamic-group ${local.dynamic_group_name} to use tag-namespaces in tenancy${local.tags_policy_where_clause}"]
+ compiled_policy_statements = concat(local.fluentd_agent_stmt, local.mgmt_agent_stmt, local.tag_namespace_stmt, local.discovery_api_stmt)
}
-# Dynmaic Group
+# https://docs.oracle.com/en-us/iaas/api/#/en/identity/20160918/DynamicGroup/
resource "oci_identity_dynamic_group" "oke_dynamic_group" {
name = local.dynamic_group_name
description = local.dynamic_group_desc
compartment_id = var.root_compartment_ocid
matching_rule = local.complied_dynamic_group_rules
- #provider = oci.home_region
+
+ #tags
+ defined_tags = var.tags.definedTags
+ freeform_tags = var.tags.freeformTags
+
+ lifecycle {
+ ignore_changes = [defined_tags, freeform_tags]
+ }
}
-# Policy
+# https://docs.oracle.com/en-us/iaas/api/#/en/identity/20160918/Policy/
resource "oci_identity_policy" "oke_monitoring_policy" {
name = local.policy_name
description = local.policy_desc
compartment_id = var.root_compartment_ocid
statements = local.compiled_policy_statements
- #provider = oci.home_region
+
+ #tags
+ defined_tags = var.tags.definedTags
+ freeform_tags = var.tags.freeformTags
+
+ lifecycle {
+ ignore_changes = [defined_tags, freeform_tags]
+ }
depends_on = [oci_identity_dynamic_group.oke_dynamic_group]
}
+
+# Parse defined tags
+module "tag_namespaces" {
+ source = "./parse_namespaces"
+ definedTags = var.tags.definedTags
+}
+
diff --git a/terraform/modules/iam/parse_namespaces/namespaces.tf b/terraform/modules/iam/parse_namespaces/namespaces.tf
new file mode 100644
index 00000000..ba405319
--- /dev/null
+++ b/terraform/modules/iam/parse_namespaces/namespaces.tf
@@ -0,0 +1,40 @@
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
+
+variable "definedTags" {
+ type = map(string)
+ default = {}
+}
+
+# definedTags = tomap({
+# "Oracle-Recommended-Tags.ResourceOwner" = "paritosh"
+# "Oracle-Recommended-Tags.ResourceUsage" = "DevResource"
+# })
+
+locals {
+ keys = [for k, v in var.definedTags : split(".", k)]
+ # keys = [
+ # tolist([
+ # "Oracle-Recommended-Tags",
+ # "ResourceOwner",
+ # ]),
+ # tolist([
+ # "Oracle-Recommended-Tags",
+ # "ResourceUsage",
+ # ]),
+ # ]
+
+ namespaces = distinct([for ns in local.keys : ns[0] if length(ns) > 0])
+ # namespaces = tolist([
+ # "Oracle-Recommended-Tags",
+ # ])
+
+}
+
+# output "keys" {
+# value = local.keys
+# }
+
+output "namespaces" {
+ value = local.namespaces
+}
\ No newline at end of file
diff --git a/terraform/modules/dashboards/provider.tf b/terraform/modules/iam/required-providers.tf
similarity index 51%
rename from terraform/modules/dashboards/provider.tf
rename to terraform/modules/iam/required-providers.tf
index 370a4ebe..72a223c4 100644
--- a/terraform/modules/dashboards/provider.tf
+++ b/terraform/modules/iam/required-providers.tf
@@ -1,13 +1,12 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
terraform {
- required_version = ">= 1.0"
+ required_version = ">= 1.2"
required_providers {
oci = {
source = "oracle/oci"
- version = ">= 4.96.0"
- # https://registry.terraform.io/providers/hashicorp/oci/4.85.0
+ version = "~> 5.46"
}
}
-}
+}
\ No newline at end of file
diff --git a/terraform/modules/livelab/inputs.tf b/terraform/modules/livelab/inputs.tf
index 9619d199..856e4210 100644
--- a/terraform/modules/livelab/inputs.tf
+++ b/terraform/modules/livelab/inputs.tf
@@ -1,7 +1,12 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
-# OCID of user running the marketplace app / Resoruce Manager stack
+# OCID of user running the marketplace app / Resource Manager stack
variable "current_user_ocid" {
type = string
+}
+
+variable "debug" {
+ type = bool
+ default = false
}
\ No newline at end of file
diff --git a/terraform/modules/livelab/livelab.tf b/terraform/modules/livelab/livelab.tf
index 549d9db9..e3c73e38 100644
--- a/terraform/modules/livelab/livelab.tf
+++ b/terraform/modules/livelab/livelab.tf
@@ -1,11 +1,11 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
locals {
- oci_username = data.oci_identity_user.livelab_user.name
- livelab_res_num = trimprefix(trimsuffix(lower(local.oci_username), "-user"), "ll")
- livelab_reservationId = "resr${local.livelab_res_num}"
- livelab_fluentd_baseDir_path = "/var/log/${local.livelab_reservationId}"
+ oci_username = data.oci_identity_user.livelab_user.name
+ livelab_res_num = trimprefix(trimsuffix(lower(local.oci_username), "-user"), "ll")
+ livelab_reservationId = "resr${local.livelab_res_num}"
+ livelab_fluentd_base_dir_path = "/var/log/${local.livelab_reservationId}"
}
data "oci_identity_user" "livelab_user" {
diff --git a/terraform/modules/livelab/outputs.tf b/terraform/modules/livelab/outputs.tf
index 71edd61b..aacb0365 100644
--- a/terraform/modules/livelab/outputs.tf
+++ b/terraform/modules/livelab/outputs.tf
@@ -1,10 +1,10 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
output "service_account" {
value = local.livelab_reservationId
}
-output "fluentd_baseDir_path" {
- value = local.livelab_fluentd_baseDir_path
+output "fluentd_base_dir_path" {
+ value = local.livelab_fluentd_base_dir_path
}
\ No newline at end of file
diff --git a/terraform/modules/livelab/provider.tf b/terraform/modules/livelab/provider.tf
index a820a625..72a223c4 100644
--- a/terraform/modules/livelab/provider.tf
+++ b/terraform/modules/livelab/provider.tf
@@ -1,13 +1,12 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
terraform {
- required_version = ">= 1.0"
+ required_version = ">= 1.2"
required_providers {
oci = {
source = "oracle/oci"
- version = ">= 4.96.0"
- # https://registry.terraform.io/providers/hashicorp/oci/4.85.0
+ version = "~> 5.46"
}
}
}
\ No newline at end of file
diff --git a/terraform/modules/logan/inputs.tf b/terraform/modules/logan/inputs.tf
deleted file mode 100644
index abcb1336..00000000
--- a/terraform/modules/logan/inputs.tf
+++ /dev/null
@@ -1,30 +0,0 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
-# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
-
-# tenancy OCID
-variable "tenancy_ocid" {
- type = string
-}
-
-# Option to create Logging Analytics
-variable "create_new_logGroup" { # opt_create_new_logGroup
- type = bool
- default = false
-}
-
-# Compartment for creating new LogGroup, if opted in by user
-variable "compartment_ocid" {
- type = string
-}
-
-# OCI Logging Analytics LogGroup OCID
-variable "existing_logGroup_id" {
- type = string
- default = ""
-}
-
-# New Log Group to collect Kubernetes data
-variable "new_logGroup_name" {
- type = string
- default = "" // This is expected to rasie terraform error if ran with default value
-}
\ No newline at end of file
diff --git a/terraform/modules/logan/logAnalytics.tf b/terraform/modules/logan/logAnalytics.tf
deleted file mode 100644
index bc1d2888..00000000
--- a/terraform/modules/logan/logAnalytics.tf
+++ /dev/null
@@ -1,31 +0,0 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
-# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
-
-data "oci_log_analytics_namespaces" "logan_namespaces" {
- compartment_id = var.tenancy_ocid
-}
-
-locals {
- oci_la_namespace = data.oci_log_analytics_namespaces.logan_namespaces.namespace_collection[0].items[0].namespace
- final_oci_la_logGroup_id = var.create_new_logGroup ? oci_log_analytics_log_analytics_log_group.new_log_group[0].id : var.existing_logGroup_id
-}
-
-resource "oci_log_analytics_log_analytics_log_group" "new_log_group" {
- compartment_id = var.compartment_ocid
- display_name = var.new_logGroup_name
- namespace = local.oci_la_namespace
- description = "LogGroup for Kubernetes Logs"
-
- count = var.create_new_logGroup ? 1 : 0
-
- # Preconditions are supported in terraform v 1.2.0+
- # Resource Manager supports 1.1.x as of Oct 18th, 2022
- #
-
- # lifecycle {
- # precondition {
- # condition = data.oci_log_analytics_namespaces.logan_namespaces.namespace_collection[0].items[0].is_onboarded == true
- # error_message = "Tenancy is not on-boarded to OCI Logging Analytics Service in ${var.region} region."
- # }
- # }
-}
\ No newline at end of file
diff --git a/terraform/modules/logan/logan-debug.tf b/terraform/modules/logan/logan-debug.tf
new file mode 100644
index 00000000..5455a18d
--- /dev/null
+++ b/terraform/modules/logan/logan-debug.tf
@@ -0,0 +1,28 @@
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
+
+resource "local_file" "oke_cluster_entity" {
+ count = !local.create_new_k8s_entity && var.debug ? 1 : 0
+ content = jsonencode(data.oci_log_analytics_log_analytics_entity.oke_cluster_entity[0])
+ filename = "${path.module}/tf-debug/oke_cluster_entity.json"
+}
+
+resource "local_file" "logan_namespaces" {
+ count = var.debug ? 1 : 0
+ content = jsonencode(data.oci_log_analytics_namespaces.logan_namespaces)
+ filename = "${path.module}/tf-debug/logan_namespaces.json"
+}
+
+# Following resource to be used for dev validations
+
+# data "oci_log_analytics_log_analytics_entity" "stack_created_entity" {
+# count = var.debug && local.create_new_k8s_entity ? 1 : 0
+# log_analytics_entity_id = oci_log_analytics_log_analytics_entity.oke_entity[0].id
+# namespace = local.oci_la_namespace
+# }
+
+# resource "local_file" "stack_created_entity" {
+# count = var.debug && local.create_new_k8s_entity ? 1 : 0
+# content = jsonencode(data.oci_log_analytics_log_analytics_entity.stack_created_entity)
+# filename = "${path.module}/tf-debug/stack_created_entity.json"
+# }
\ No newline at end of file
diff --git a/terraform/modules/logan/logan-input-validations.tf b/terraform/modules/logan/logan-input-validations.tf
new file mode 100644
index 00000000..87a6d28f
--- /dev/null
+++ b/terraform/modules/logan/logan-input-validations.tf
@@ -0,0 +1,15 @@
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
+
+# Case: User Opt to NOT create a new log group
+resource "null_resource" "user_opts_out_to_create_log_group_check" {
+ count = !var.opt_create_new_la_log_group ? 1 : 0
+ lifecycle {
+ # Not a User Facing Error
+ # Check: User has provided an existing log group id
+ precondition {
+ condition = var.log_group_ocid != null
+ error_message = "var.log_group_ocid must be set to a valid value when var.opt_create_new_la_log_group is false."
+ }
+ }
+}
\ No newline at end of file
diff --git a/terraform/modules/logan/logan-inputs.tf b/terraform/modules/logan/logan-inputs.tf
new file mode 100644
index 00000000..cc584bee
--- /dev/null
+++ b/terraform/modules/logan/logan-inputs.tf
@@ -0,0 +1,60 @@
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
+
+# tenancy OCID
+variable "tenancy_ocid" {
+ type = string
+}
+
+# region
+variable "region" {
+ type = string
+}
+
+# Compartment for creating new logan resources
+variable "compartment_ocid" {
+ type = string
+}
+
+# Option to create Logging Analytics
+variable "opt_create_new_la_log_group" {
+ type = bool
+}
+
+# OCI Logging Analytics Log Group name (user input)
+variable "log_group_display_name" {
+ type = string
+}
+
+# OCI Logging Analytics LogGroup OCID (user input)
+variable "log_group_ocid" {
+ type = string
+}
+
+# OKE Cluster Entity OCID
+variable "oke_entity_ocid" {
+ type = string
+}
+
+# OKE Entity metadata
+variable "entity_metadata_list" {
+ type = list(object({ name = string, type = string, value = string }))
+}
+
+# OKE Entity name
+variable "new_entity_name" {
+ type = string
+ default = null
+}
+
+# Save data resources in local_file for debug purposes
+variable "debug" {
+ type = bool
+ default = false
+}
+
+# OCI Tags
+variable "tags" {
+ type = object({ freeformTags = map(string), definedTags = map(string) })
+ default = { "freeformTags" = {}, "definedTags" = {} }
+}
\ No newline at end of file
diff --git a/terraform/modules/logan/logan-outputs.tf b/terraform/modules/logan/logan-outputs.tf
new file mode 100644
index 00000000..f4eb8a62
--- /dev/null
+++ b/terraform/modules/logan/logan-outputs.tf
@@ -0,0 +1,14 @@
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
+
+output "oci_la_namespace" {
+ value = local.oci_la_namespace
+}
+
+output "log_group_ocid" {
+ value = !var.opt_create_new_la_log_group ? var.log_group_ocid : oci_log_analytics_log_analytics_log_group.new_log_group[0].id
+}
+
+output "oke_entity_ocid" {
+ value = local.create_new_k8s_entity ? oci_log_analytics_log_analytics_entity.oke_entity[0].id : var.oke_entity_ocid
+}
\ No newline at end of file
diff --git a/terraform/modules/logan/logan.tf b/terraform/modules/logan/logan.tf
new file mode 100644
index 00000000..d9adfc49
--- /dev/null
+++ b/terraform/modules/logan/logan.tf
@@ -0,0 +1,101 @@
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
+
+locals {
+ oci_la_namespace = data.oci_log_analytics_namespaces.logan_namespaces.namespace_collection[0].items[0].namespace
+ k8s_entity_type = "Kubernetes Cluster"
+ create_new_k8s_entity = var.oke_entity_ocid == null
+}
+
+data "oci_log_analytics_namespaces" "logan_namespaces" {
+ compartment_id = var.tenancy_ocid
+
+ lifecycle {
+ # User Facing Error
+ postcondition {
+ condition = !(self.namespace_collection == null)
+ error_message = "Tenancy is not on-boarded to OCI Logging Analytics service."
+ }
+ }
+}
+
+data "oci_log_analytics_log_analytics_entity" "oke_cluster_entity" {
+ count = !local.create_new_k8s_entity ? 1 : 0
+ log_analytics_entity_id = var.oke_entity_ocid
+ namespace = local.oci_la_namespace
+
+ lifecycle {
+ # User Facing Error
+ postcondition {
+ # Incorrect Entity OCID check
+ condition = self.entity_type_name != null
+ error_message = <<-EOT
+ Authorization failed or requested resource not found.
+ EOT
+ }
+
+ # User Facing Error
+ postcondition {
+ # Incorrect Entity Type check
+ condition = self.entity_type_name == local.k8s_entity_type
+ error_message = "Invalid Entity Type. Entity must be of type: Kubernetes Cluster."
+ }
+ }
+}
+
+resource "oci_log_analytics_log_analytics_log_group" "new_log_group" {
+ count = var.opt_create_new_la_log_group ? 1 : 0
+ #Required
+ compartment_id = var.compartment_ocid
+ display_name = var.log_group_display_name # display_name is updatable property
+ namespace = local.oci_la_namespace
+ description = "LogGroup for Kubernetes Logs"
+
+ #tags
+ defined_tags = var.tags.definedTags
+ freeform_tags = var.tags.freeformTags
+
+ lifecycle {
+ ignore_changes = [defined_tags, freeform_tags]
+ }
+}
+
+resource "oci_log_analytics_log_analytics_entity" "oke_entity" {
+ count = local.create_new_k8s_entity ? 1 : 0
+ #Required
+ compartment_id = var.compartment_ocid
+ entity_type_name = local.k8s_entity_type
+ name = var.new_entity_name
+ namespace = local.oci_la_namespace
+
+ metadata {
+ dynamic "items" {
+ for_each = [for x in var.entity_metadata_list : x]
+ content {
+ name = items.value.name
+ value = items.value.value
+ type = items.value.type
+ }
+ }
+ }
+
+ # Optional
+ # cloud_resource_id = null #TODO
+
+ # Tags
+ defined_tags = var.tags.definedTags
+ freeform_tags = var.tags.freeformTags
+
+ lifecycle {
+ ignore_changes = [name, metadata, defined_tags, freeform_tags, ]
+ # Not a User Facing Error
+ precondition {
+ condition = !(var.new_entity_name == null && var.oke_entity_ocid == null)
+ error_message = <<-EOT
+ Cause : This is likely a logical error with the terraform module.
+ Fix : Report the issue at https://github.com/oracle-quickstart/oci-kubernetes-monitoring/issues
+ Error : var.new_entity_name and var.oke_entity_ocid, both can not be null
+ EOT
+ }
+ }
+}
\ No newline at end of file
diff --git a/terraform/modules/logan/outputs.tf b/terraform/modules/logan/outputs.tf
deleted file mode 100644
index d8e43019..00000000
--- a/terraform/modules/logan/outputs.tf
+++ /dev/null
@@ -1,10 +0,0 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
-# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
-
-output "oci_la_namespace" {
- value = local.oci_la_namespace
-}
-
-output "oci_la_logGroup_ocid" {
- value = local.final_oci_la_logGroup_id
-}
diff --git a/terraform/modules/iam/provider.tf b/terraform/modules/logan/required-providers.tf
similarity index 51%
rename from terraform/modules/iam/provider.tf
rename to terraform/modules/logan/required-providers.tf
index 370a4ebe..72a223c4 100644
--- a/terraform/modules/iam/provider.tf
+++ b/terraform/modules/logan/required-providers.tf
@@ -1,13 +1,12 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
terraform {
- required_version = ">= 1.0"
+ required_version = ">= 1.2"
required_providers {
oci = {
source = "oracle/oci"
- version = ">= 4.96.0"
- # https://registry.terraform.io/providers/hashicorp/oci/4.85.0
+ version = "~> 5.46"
}
}
-}
+}
\ No newline at end of file
diff --git a/terraform/oke/developer-options.tf b/terraform/modules/main/developer-options.tf
similarity index 95%
rename from terraform/oke/developer-options.tf
rename to terraform/modules/main/developer-options.tf
index 9fdffdb9..2dcf4ebb 100644
--- a/terraform/oke/developer-options.tf
+++ b/terraform/modules/main/developer-options.tf
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
####
@@ -60,4 +60,4 @@ variable "toggle_logan_module" {
variable "toggle_iam_module" {
type = bool
default = true
-}
+}
\ No newline at end of file
diff --git a/terraform/modules/main/main-debug.tf b/terraform/modules/main/main-debug.tf
new file mode 100644
index 00000000..89541cdb
--- /dev/null
+++ b/terraform/modules/main/main-debug.tf
@@ -0,0 +1,5 @@
+resource "local_file" "oci_containerengine_clusters" {
+ count = var.debug ? 1 : 0
+ content = jsonencode(data.oci_containerengine_clusters.oke_clusters)
+ filename = "${path.module}/tf-debug/oci_containerengine_clusters.json"
+}
\ No newline at end of file
diff --git a/terraform/modules/main/main-inputs.tf b/terraform/modules/main/main-inputs.tf
new file mode 100644
index 00000000..d5cf547b
--- /dev/null
+++ b/terraform/modules/main/main-inputs.tf
@@ -0,0 +1,171 @@
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
+
+####
+## Provider Variables
+####
+
+variable "tenancy_ocid" {
+ type = string
+}
+
+variable "region" {
+ type = string
+}
+
+variable "user_ocid" {
+ type = string
+ default = ""
+}
+
+variable "private_key_path" {
+ type = string
+ default = ""
+}
+
+variable "fingerprint" {
+ type = string
+ default = ""
+}
+
+####
+## Boat configuration - Used for internal development purpose only.
+####
+
+# Option to enable BOAT authentication.
+variable "boat_auth" {
+ type = bool
+ default = false
+}
+
+# OCID of BOAT tenancy.
+variable "boat_tenancy_ocid" {
+ type = string
+ default = ""
+}
+
+####
+## Shared Inputs
+####
+
+# Compartment for creating OCI Observability and Management resources
+variable "oci_onm_compartment_ocid" {
+ type = string
+}
+
+# OKE Cluster Compartment
+variable "oke_compartment_ocid" {
+ type = string
+}
+
+# OKE Cluster OCID
+variable "oke_cluster_ocid" {
+ type = string
+}
+
+# OCI Tags
+variable "tags" {
+ type = object({ freeformTags = map(string), definedTags = map(string) })
+ default = { "freeformTags" = {}, "definedTags" = {} }
+}
+
+####
+## IAM Module Inputs
+####
+
+# Option to create Dynamic Group and Policies
+variable "opt_create_dynamicGroup_and_policies" {
+ type = bool
+ default = false
+}
+
+####
+## Dashboards Module Inputs
+####
+
+# Option to import dashboards
+variable "opt_import_dashboards" {
+ type = bool
+ default = true
+}
+
+####
+## Logan Module
+####
+
+# Option to create Logging Analytics
+variable "opt_create_new_la_log_group" {
+ type = bool
+ default = false
+}
+
+# New Log Group to collect Kubernetes data
+variable "log_group_name" {
+ type = string
+}
+
+####
+## Helm Module
+####
+
+# Option to install helm chart
+variable "install_helm_chart" {
+ type = bool
+}
+
+# Option to use latest helm chart
+variable "helm_chart_version" {
+ type = string
+}
+
+# Kubernetes Namespace
+variable "kubernetes_namespace" {
+ type = string
+ default = "oci-onm"
+}
+
+# Kubernetes Cluster OCID
+variable "kubernetes_cluster_id" {
+ type = string
+}
+
+# Kubernetes Cluster Name
+variable "kubernetes_cluster_name" {
+ type = string
+}
+
+# Local Path to oci-onm helm chart
+variable "path_to_local_onm_helm_chart" {
+ type = string
+}
+
+# Option to deploy metric server
+variable "opt_deploy_metric_server" {
+ type = bool
+}
+
+# Fluentd Base Directory
+variable "fluentd_base_dir_path" {
+ type = string
+ default = "/var/log"
+}
+
+# OKE Cluster Entity OCID
+variable "oke_cluster_entity_ocid" {
+ type = string
+}
+
+# OCI Logging Analytics LogGroup OCID provided by user
+variable "log_group_ocid" {
+ type = string
+}
+
+####
+## Developer Options
+####
+
+# Save data resources in local_file for debug purposes
+variable "debug" {
+ type = bool
+ default = false
+}
\ No newline at end of file
diff --git a/terraform/oke/outputs.tf b/terraform/modules/main/main-outputs.tf
similarity index 59%
rename from terraform/oke/outputs.tf
rename to terraform/modules/main/main-outputs.tf
index 682e8092..7b772797 100644
--- a/terraform/oke/outputs.tf
+++ b/terraform/modules/main/main-outputs.tf
@@ -1,9 +1,9 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
-# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
+# # Copyright (c) 2023, 2024, Oracle and/or its affiliates.
+# # Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
-###
-# Module outputs
-###
+# ###
+# # Module outputs
+# ###
output "cmd_1_helm_repo_add" {
value = local.module_controls_enable_helm_module ? module.helm_release[0].cmd_1_helm_repo_add : null
@@ -17,28 +17,24 @@ output "cmd_3_helm_install" {
value = local.module_controls_enable_helm_module ? module.helm_release[0].cmd_3_helm_install : null
}
-output "oke_cluster_name" {
- value = local.oke_cluster_name
-}
-
-output "oke_cluster_entity_ocid" {
- value = var.oke_cluster_entity_ocid == "DEFAULT" ? null : var.oke_cluster_entity_ocid
-}
-
output "oke_dynamic_group_ocid" {
- value = local.module_controls_enable_iam_module ? module.policy_and_dynamic-group[0].oke_dynamic_group_ocid : null
+ value = local.module_controls_enable_iam_module ? module.iam[0].oke_dynamic_group_ocid : null
}
output "oke_monitoring_policy_ocid" {
- value = local.module_controls_enable_iam_module ? module.policy_and_dynamic-group[0].oke_monitoring_policy_ocid : null
+ value = local.module_controls_enable_iam_module ? module.iam[0].oke_monitoring_policy_ocid : null
}
output "oci_la_namespace" {
- value = local.module_controls_enable_logan_module ? module.loggingAnalytics[0].oci_la_namespace : null
+ value = local.module_controls_enable_logan_module ? module.logan[0].oci_la_namespace : null
+}
+
+output "oci_la_log_group_ocid" {
+ value = local.module_controls_enable_logan_module ? module.logan[0].log_group_ocid : null
}
-output "oci_la_logGroup_ocid" {
- value = local.module_controls_enable_logan_module ? module.loggingAnalytics[0].oci_la_logGroup_ocid : null
+output "oke_cluster_entity_ocid" {
+ value = local.module_controls_enable_logan_module ? module.logan[0].oke_entity_ocid : null
}
output "mgmt_agent_install_key" {
diff --git a/terraform/modules/main/main-required-providers.tf b/terraform/modules/main/main-required-providers.tf
new file mode 100644
index 00000000..9b6d8aea
--- /dev/null
+++ b/terraform/modules/main/main-required-providers.tf
@@ -0,0 +1,21 @@
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
+
+terraform {
+ required_version = ">= 1.2"
+ required_providers {
+ oci = {
+ source = "oracle/oci"
+ version = "~> 5.46"
+ configuration_aliases = [oci, oci.home_region]
+ }
+ helm = {
+ source = "hashicorp/helm"
+ version = "~> 2.7"
+ }
+ local = {
+ source = "hashicorp/local"
+ version = "~> 2.5.1"
+ }
+ }
+}
\ No newline at end of file
diff --git a/terraform/modules/main/main.tf b/terraform/modules/main/main.tf
new file mode 100644
index 00000000..2958beb7
--- /dev/null
+++ b/terraform/modules/main/main.tf
@@ -0,0 +1,157 @@
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
+
+locals {
+ local_helm_path = var.path_to_local_onm_helm_chart != null && var.toggle_use_local_helm_chart ? abspath(var.path_to_local_onm_helm_chart) : null
+
+ # Log Group Display Name
+ default_log_group_display_name = local.new_oke_entity_name
+ log_group_display_name = var.log_group_name != null ? var.log_group_name : local.default_log_group_display_name
+
+ # OKE Metadata
+ all_clusters_in_compartment = data.oci_containerengine_clusters.oke_clusters.clusters
+ cluster_data = [for c in local.all_clusters_in_compartment : c if c.id == var.oke_cluster_ocid][0]
+
+ # OCI LA Kubernetes Cluster Entity Name
+ # OKE always responds with same time format string in UTC regardless or realm or region [Validated with OKE Team]
+ oke_metadata_time_created = local.cluster_data.metadata[0].time_created # "2021-05-21 16:20:30 +0000 UTC"
+ oke_time_created_rfc3398 = replace(replace(local.oke_metadata_time_created, " +0000 UTC", "Z", ), " ", "T") #"2021-05-21T16:20:30Z"
+ oke_metadata_is_private = !local.cluster_data.endpoint_config[0].is_public_ip_enabled
+ oke_name = local.cluster_data.name
+ new_oke_entity_name = "${local.oke_name}_${local.oke_time_created_rfc3398}"
+ k8s_version = local.cluster_data.kubernetes_version
+
+ entity_metadata_list = [
+ { name : "cluster", value : local.new_oke_entity_name, type : "k8s_solution" },
+ { name : "cluster_name", value : local.oke_name, type : "k8s_solution" },
+ { name : "cluster_date", value : local.oke_time_created_rfc3398, type : "k8s_solution" },
+ { name : "cluster_ocid", value : var.oke_cluster_ocid, type : "k8s_solution" },
+ { name : "solution_type", value : "OKE", type : "k8s_solution" },
+ { name : "k8s_version", value : local.k8s_version, type : "k8s_solution" },
+ { name : "metrics_namespace", value : "mgmtagent_kubernetes_metrics", type : "k8s_solution" },
+ { name : "onm_compartment", value : var.oci_onm_compartment_ocid, type : "k8s_solution" },
+ { name : "deployment_status", value : "UNKNOWN", type : "k8s_solution" },
+ { name : "deployment_stack_ocid", value : "UNKNOWN", type : "k8s_solution" }
+ ]
+
+ # OKE Cluster Name in Helm
+ oke_cluster_name_in_helm = var.kubernetes_cluster_name == null ? local.new_oke_entity_name : var.kubernetes_cluster_name
+
+ # Module Controls are are final verdicts on if a module should be executed or not
+ # Module dependencies should be included here as well so a module does not run when it's dependent module is disabled
+
+ module_controls_enable_iam_module = alltrue([var.toggle_iam_module, var.opt_create_dynamicGroup_and_policies])
+ module_controls_enable_logan_module = alltrue([var.toggle_logan_module])
+ module_controls_enable_mgmt_agent_module = alltrue([var.toggle_mgmt_agent_module])
+ module_controls_enable_helm_module = alltrue([var.toggle_helm_module, local.module_controls_enable_mgmt_agent_module, local.module_controls_enable_logan_module])
+ module_controls_enable_dashboards_module = alltrue([var.toggle_dashboards_module, var.opt_import_dashboards])
+}
+
+# We are querying all clusters in the compartment cause
+# OKE service does not support data resource for specific OKE Cluster
+data "oci_containerengine_clusters" "oke_clusters" {
+ compartment_id = var.oke_compartment_ocid
+}
+
+# Create Required Policies and Dynamic Group
+# Needs to be called with OCI Home Region Provider
+module "iam" {
+ source = "../iam"
+ count = local.module_controls_enable_iam_module ? 1 : 0
+
+ root_compartment_ocid = var.tenancy_ocid
+ oci_onm_compartment_ocid = var.oci_onm_compartment_ocid
+ oke_compartment_ocid = var.oke_compartment_ocid
+ oke_cluster_ocid = var.oke_cluster_ocid
+ tags = var.tags
+
+ providers = {
+ oci = oci.home_region
+ }
+}
+
+# Create Logging Analytics Resources
+module "logan" {
+ source = "../logan"
+ count = local.module_controls_enable_logan_module ? 1 : 0
+
+ tenancy_ocid = var.tenancy_ocid
+ region = var.region
+ compartment_ocid = var.oci_onm_compartment_ocid
+
+ new_entity_name = local.new_oke_entity_name
+ entity_metadata_list = local.entity_metadata_list
+ oke_entity_ocid = var.oke_cluster_entity_ocid
+
+ opt_create_new_la_log_group = var.opt_create_new_la_log_group
+ log_group_ocid = var.log_group_ocid
+ log_group_display_name = local.log_group_display_name
+
+ debug = var.debug
+ tags = var.tags
+}
+
+# Create a management agent key
+module "management_agent" {
+ source = "../mgmt_agent"
+ count = local.module_controls_enable_mgmt_agent_module ? 1 : 0
+
+ uniquifier = md5(var.oke_cluster_ocid)
+ compartment_ocid = var.oci_onm_compartment_ocid
+ tags = var.tags
+ debug = var.debug
+}
+
+# deploy oke-monitoring solution (helm release)
+module "helm_release" {
+ source = "../helm"
+ count = local.module_controls_enable_helm_module ? 1 : 0
+
+ # module controls
+ install_helm_chart = var.install_helm_chart && var.toggle_install_helm
+ generate_helm_template = var.toggle_generate_helm_template
+ debug = var.debug
+
+ deploy_mushop_config = false #var.livelab_switch
+
+ # helm command
+ local_helm_chart = local.local_helm_path
+ helm_chart_version = var.helm_chart_version
+
+ # values.yaml
+ kubernetes_cluster_id = var.kubernetes_cluster_id
+ kubernetes_cluster_name = local.oke_cluster_name_in_helm
+ kubernetes_namespace = var.kubernetes_namespace
+ oci_la_log_group_ocid = module.logan[0].log_group_ocid
+ oci_la_namespace = module.logan[0].oci_la_namespace
+ oci_la_cluster_entity_ocid = module.logan[0].oke_entity_ocid
+ mgmt_agent_install_key_content = module.management_agent[0].mgmt_agent_install_key_content
+ opt_deploy_metric_server = var.opt_deploy_metric_server
+ fluentd_base_dir_path = var.fluentd_base_dir_path
+ # livelab_service_account = local.livelab_service_account
+}
+
+# Import Kubernetes Dashboards
+module "import_kubernetes_dashboards" {
+ source = "../dashboards"
+ count = local.module_controls_enable_dashboards_module ? 1 : 0
+
+ compartment_ocid = var.oci_onm_compartment_ocid
+ debug = var.debug
+ tags = var.tags
+}
+
+# // Only execute for livelab stack
+# // livelab module only supports local users
+# // it will error out when an identity domain user is used and livelab_switch is set as true
+# module "livelab" {
+# source = "./modules/livelab"
+# current_user_ocid = var.current_user_ocid
+# debug = var.debug
+
+# count = local.module_controls_enable_livelab_module ? 1 : 0
+
+# /* providers = {
+# oci = oci.home_region
+# } */
+# }
\ No newline at end of file
diff --git a/terraform/modules/mgmt_agent/agent-debug.tf b/terraform/modules/mgmt_agent/agent-debug.tf
new file mode 100644
index 00000000..83f60ee7
--- /dev/null
+++ b/terraform/modules/mgmt_agent/agent-debug.tf
@@ -0,0 +1,8 @@
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
+
+resource "local_file" "inputRspFileContent" {
+ count = var.debug ? 1 : 0
+ content = base64decode(local.inputRspFileContent)
+ filename = "${path.module}/tf-debug/inputRspFileContent.txt"
+}
\ No newline at end of file
diff --git a/terraform/modules/mgmt_agent/agent-inputs.tf b/terraform/modules/mgmt_agent/agent-inputs.tf
new file mode 100644
index 00000000..4dafa780
--- /dev/null
+++ b/terraform/modules/mgmt_agent/agent-inputs.tf
@@ -0,0 +1,24 @@
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
+
+# A unique key to be associated with a single OKE cluster
+variable "uniquifier" {
+ type = string
+}
+
+# OCID of compartment where management agent installation key is to be created
+variable "compartment_ocid" {
+ type = string
+}
+
+# Save data resources in local_file for debug purposes
+variable "debug" {
+ type = bool
+ default = false
+}
+
+# OCI Tags
+variable "tags" {
+ type = object({ freeformTags = map(string), definedTags = map(string) })
+ default = { "freeformTags" = {}, "definedTags" = {} }
+}
\ No newline at end of file
diff --git a/terraform/modules/mgmt_agent/outputs.tf b/terraform/modules/mgmt_agent/agent-outputs.tf
similarity index 78%
rename from terraform/modules/mgmt_agent/outputs.tf
rename to terraform/modules/mgmt_agent/agent-outputs.tf
index 13298f06..1a6ec619 100644
--- a/terraform/modules/mgmt_agent/outputs.tf
+++ b/terraform/modules/mgmt_agent/agent-outputs.tf
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
# Management Agent Install Key
diff --git a/terraform/modules/mgmt_agent/agent.tf b/terraform/modules/mgmt_agent/agent.tf
index 8dfd8481..92cdcce0 100644
--- a/terraform/modules/mgmt_agent/agent.tf
+++ b/terraform/modules/mgmt_agent/agent.tf
@@ -1,9 +1,30 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
locals {
- installKey = oci_management_agent_management_agent_install_key.Kubernetes_AgentInstallKey.key
- inputRspFileContent = base64encode(join("\n", ["ManagementAgentInstallKey = ${local.installKey}", "AgentDisplayName = k8_mgmt_agent-${var.uniquifier}"]))
+ install_key = oci_management_agent_management_agent_install_key.Kubernetes_AgentInstallKey.key
+ freeform_tags = module.format_tags.freeform_tags_string
+ defined_tags = module.format_tags.defined_tags_string
+ inputRspFileContent = base64encode(join("\n", [
+ "ManagementAgentInstallKey = ${local.install_key}",
+ "AgentDisplayName = k8_mgmt_agent-${var.uniquifier}",
+ "FreeFormTags = ${local.freeform_tags}",
+ "DefinedTags = ${local.defined_tags}"
+ ]))
+}
+
+output "defined_tags_string" {
+ value = module.format_tags.defined_tags_string
+}
+
+output "freeform_tags_string" {
+ value = module.format_tags.freeform_tags_string
+}
+
+# format tags; as required in Agent Response file
+module "format_tags" {
+ source = "./format_tags"
+ tags = var.tags
}
resource "oci_management_agent_management_agent_install_key" "Kubernetes_AgentInstallKey" {
diff --git a/terraform/modules/mgmt_agent/format_tags/format_tags.tf b/terraform/modules/mgmt_agent/format_tags/format_tags.tf
new file mode 100644
index 00000000..83a221b1
--- /dev/null
+++ b/terraform/modules/mgmt_agent/format_tags/format_tags.tf
@@ -0,0 +1,101 @@
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
+
+# Goal:
+# Format the tags input from OCI RMS stack into acceptable value for Management Agent Response File
+# Ref - https://docs.oracle.com/en-us/iaas/management-agents/doc/install-management-agent-chapter.html#OCIAG-GUID-3008AAB9-B871-47B6-BC05-3A6FE5BDD470
+
+variable "tags" {
+ type = object({ freeformTags = map(string), definedTags = map(string) })
+ default = { "freeformTags" = {}, "definedTags" = {} }
+}
+
+# tags = {
+# "definedTags" = tomap({
+# "Oracle-Recommended-Tags.ResourceOwner" = "paritosh"
+# "Oracle-Recommended-Tags.ResourceType" = "DevResource"
+# "OracleInternalReserved.OwnerEmail" = "paritosh.paliwal@oracle.com"
+# })
+# "freeformTags" = tomap({
+# "project" = "logan"
+# "test_number" = "1"
+# })
+# }
+
+locals {
+ freeform_tags = var.tags.freeformTags
+ # freeform_tags_string = "{{\"project\": \"logan\",{\"test_number\": \"1\"}"
+
+ freeform_tags_string = "[${join(",", [for key, value in var.tags.freeformTags : "{\"${key}\": \"${value}\"}"])}]"
+ # freeform_tags_string = "[{\"project\": \"logan\"},{\"test_number\": \"1\"}]"
+
+
+ defined_tags = var.tags.definedTags
+ # defined_tags = tomap({
+ # "Oracle-Recommended-Tags.ResourceOwner" = "paritosh"
+ # "Oracle-Recommended-Tags.ResourceType" = "DevResource"
+ # "OracleInternalReserved.OwnerEmail" = "paritosh.paliwal@oracle.com"
+ # })
+
+ defined_tag_list_by_ns = { for key, value in local.defined_tags : "\"${split(".", key)[0]}\"" => "\"${split(".", key)[1]}\": \"${value}\""... }
+ # defined_tag_list_by_ns = {
+ # "\"Oracle-Recommended-Tags\"" = [
+ # "\"ResourceOwner\": \"paritosh\"",
+ # "\"ResourceType\": \"DevResource\"",
+ # ]
+ # "\"OracleInternalReserved\"" = [
+ # "\"OwnerEmail\": \"paritosh.paliwal@oracle.com\"",
+ # ]
+ # }
+
+ defined_tags_by_ns = { for ns, tag_list in local.defined_tag_list_by_ns : ns => "{ ${join(", ", [for tag in tag_list : "${tag}"])} }" }
+ # defined_tags_by_ns = {
+ # "\"Oracle-Recommended-Tags\"" = "{\"ResourceOwner\": \"paritosh\"}, {\"ResourceType\": \"DevResource\"}"
+ # "\"OracleInternalReserved\"" = "{\"OwnerEmail\": \"paritosh.paliwal@oracle.com\"}"
+ # }
+
+ defined_tags_list = [for ns, tags in local.defined_tags_by_ns : "{${ns} : ${tags}}"]
+ # defined_tags_list = [
+ # "{\"Oracle-Recommended-Tags\" : { \"ResourceOwner\": \"paritosh\", \"ResourceType\": \"DevResource\" }}",
+ # "{\"OracleInternalReserved\" : { \"OwnerEmail\": \"paritosh.paliwal@oracle.com\" }}",
+
+ defined_tags_string = "[${join(", ", local.defined_tags_list)}]"
+ # defined_tags_string = "[{\"Oracle-Recommended-Tags\" : { \"ResourceOwner\": \"paritosh\", \"ResourceType\": \"DevResource\" }}, {\"OracleInternalReserved\" : { \"OwnerEmail\": \"paritosh.paliwal@oracle.com\" }}]"
+
+}
+
+output "defined_tags_string" {
+ value = local.defined_tags_string
+}
+
+output "freeform_tags_string" {
+ value = local.freeform_tags_string
+}
+
+# # Debug Outputs
+
+# output "tags" {
+# value = var.tags
+# }
+
+# output "freeform_tags" {
+# value = local.freeform_tags
+# }
+
+
+
+# output "defined_tags" {
+# value = local.defined_tags
+# }
+
+# output "defined_tag_list_by_ns" {
+# value = local.defined_tag_list_by_ns
+# }
+
+# output "defined_tags_by_ns" {
+# value = local.defined_tags_by_ns
+# }
+
+# output "defined_tags_list" {
+# value = local.defined_tags_list
+# }
\ No newline at end of file
diff --git a/terraform/modules/mgmt_agent/inputs.tf b/terraform/modules/mgmt_agent/inputs.tf
deleted file mode 100644
index 4f389324..00000000
--- a/terraform/modules/mgmt_agent/inputs.tf
+++ /dev/null
@@ -1,12 +0,0 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
-# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
-
-# A unique key to be associated with a single OKE cluster
-variable "uniquifier" {
- type = string
-}
-
-# OCID of compartment where management agent installation key is to be created
-variable "compartment_ocid" {
- type = string
-}
\ No newline at end of file
diff --git a/terraform/modules/mgmt_agent/provider.tf b/terraform/modules/mgmt_agent/required-providers.tf
similarity index 62%
rename from terraform/modules/mgmt_agent/provider.tf
rename to terraform/modules/mgmt_agent/required-providers.tf
index 38621564..0db741be 100644
--- a/terraform/modules/mgmt_agent/provider.tf
+++ b/terraform/modules/mgmt_agent/required-providers.tf
@@ -1,12 +1,12 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
terraform {
- required_version = ">= 1.0"
+ required_version = ">= 1.2"
required_providers {
oci = {
source = "oracle/oci"
- version = ">= 4.96.0"
+ version = "~> 5.46"
}
}
}
diff --git a/terraform/modules/rms_pe/required-providers.tf b/terraform/modules/rms_pe/required-providers.tf
new file mode 100644
index 00000000..72a223c4
--- /dev/null
+++ b/terraform/modules/rms_pe/required-providers.tf
@@ -0,0 +1,12 @@
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
+
+terraform {
+ required_version = ">= 1.2"
+ required_providers {
+ oci = {
+ source = "oracle/oci"
+ version = "~> 5.46"
+ }
+ }
+}
\ No newline at end of file
diff --git a/terraform/modules/rms_pe/rms-debug.tf b/terraform/modules/rms_pe/rms-debug.tf
new file mode 100644
index 00000000..d16a2327
--- /dev/null
+++ b/terraform/modules/rms_pe/rms-debug.tf
@@ -0,0 +1,2 @@
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
\ No newline at end of file
diff --git a/terraform/modules/rms_pe/rms-inputs.tf b/terraform/modules/rms_pe/rms-inputs.tf
new file mode 100644
index 00000000..f463e1c9
--- /dev/null
+++ b/terraform/modules/rms_pe/rms-inputs.tf
@@ -0,0 +1,50 @@
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
+
+# # RMS private endpoint OCID provided by user
+variable "private_endpoint_ocid" {
+ type = string
+ # Not a User Facing Error
+ validation {
+ condition = var.private_endpoint_ocid == null ? true : length(regexall("^ocid1\\.ormprivateendpoint\\S*$", var.private_endpoint_ocid)) > 0
+ error_message = "Incorrect format: var.private_endpoint_ocid"
+ }
+}
+
+# OCI Subnet OCID provided by user
+variable "oke_subnet_ocid" {
+ type = string
+ # Not a User Facing Error
+ validation {
+ condition = var.oke_subnet_ocid == null ? true : length(regexall("^ocid1\\.subnet\\S*$", var.oke_subnet_ocid)) > 0
+ error_message = "Incorrect format: var.oke_subnet_ocid"
+ }
+}
+
+# Compartment to host RMS private endpoint
+variable "pe_compartment_ocid" {
+ type = string
+}
+
+# OKE Cluster Private IP Address
+variable "private_ip_address" {
+ type = string
+ nullable = false
+}
+
+# OKE Cluster OCID
+variable "oke_vcn_ocid" {
+ type = string
+}
+
+# OCI Tags
+variable "tags" {
+ type = object({ freeformTags = map(string), definedTags = map(string) })
+ default = { "freeformTags" = {}, "definedTags" = {} }
+}
+
+# Save data resources in local_file for debug purposes
+variable "debug" {
+ type = bool
+ default = false
+}
\ No newline at end of file
diff --git a/terraform/modules/rms_pe/rms-outputs.tf b/terraform/modules/rms_pe/rms-outputs.tf
new file mode 100644
index 00000000..2806e8a2
--- /dev/null
+++ b/terraform/modules/rms_pe/rms-outputs.tf
@@ -0,0 +1,6 @@
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
+
+output "private_endpoint_reachable_ip" {
+ value = data.oci_resourcemanager_private_endpoint_reachable_ip.reachable_ip.ip_address
+}
\ No newline at end of file
diff --git a/terraform/modules/rms_pe/rms_pe.tf b/terraform/modules/rms_pe/rms_pe.tf
new file mode 100644
index 00000000..8a649316
--- /dev/null
+++ b/terraform/modules/rms_pe/rms_pe.tf
@@ -0,0 +1,63 @@
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
+
+locals {
+ private_endpoint_ocid = var.private_endpoint_ocid == null ? oci_resourcemanager_private_endpoint.rms_pe[0].id : var.private_endpoint_ocid
+}
+
+# https://docs.oracle.com/en-us/iaas/api/#/en/resourcemanager/20180917/PrivateEndpoint/
+resource "oci_resourcemanager_private_endpoint" "rms_pe" {
+ count = var.private_endpoint_ocid == null ? 1 : 0
+ compartment_id = var.pe_compartment_ocid
+ display_name = "oci-kubernetes-monitoring"
+ vcn_id = var.oke_vcn_ocid
+ subnet_id = var.oke_subnet_ocid
+
+ # tags
+ defined_tags = var.tags.definedTags
+ freeform_tags = var.tags.freeformTags
+
+ lifecycle {
+ ignore_changes = [defined_tags, freeform_tags]
+ # Not a User Facing Error
+ precondition {
+ condition = var.oke_subnet_ocid != null
+ error_message = <<-EOT
+ Cause : This is likely a logical error with the terraform module.
+ Fix : Report the issue at https://github.com/oracle-quickstart/oci-kubernetes-monitoring/issues
+ Error : var.oke_subnet_ocid is NULL in rme_pe module
+ EOT
+ }
+ }
+}
+
+data "oci_core_subnet" "oke_subnet" {
+ count = var.oke_subnet_ocid != null ? 1 : 0
+ subnet_id = var.oke_subnet_ocid
+
+ lifecycle {
+ # User Facing Error
+ postcondition {
+ condition = self.vcn_id == var.oke_vcn_ocid
+ error_message = "Invalid Subnet. Subnet must be part of OKE cluster's VCN."
+ }
+ }
+}
+
+data "oci_resourcemanager_private_endpoint" "rms_pe" {
+ count = var.private_endpoint_ocid != null ? 1 : 0
+ private_endpoint_id = var.private_endpoint_ocid
+
+ lifecycle {
+ # User Facing Error
+ postcondition {
+ condition = self.vcn_id == var.oke_vcn_ocid
+ error_message = "Invalid Subnet. Private Endpoint must be configured with OKE cluster's VCN."
+ }
+ }
+}
+
+data "oci_resourcemanager_private_endpoint_reachable_ip" "reachable_ip" {
+ private_endpoint_id = local.private_endpoint_ocid
+ private_ip = var.private_ip_address
+}
\ No newline at end of file
diff --git a/terraform/oke/datasources.tf b/terraform/oke/datasources.tf
deleted file mode 100644
index cadf5e6c..00000000
--- a/terraform/oke/datasources.tf
+++ /dev/null
@@ -1,17 +0,0 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
-# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
-
-data "oci_identity_tenancy" "tenant_details" {
- tenancy_id = var.tenancy_ocid
-}
-
-data "oci_identity_regions" "region_map" {
-}
-
-data "oci_containerengine_cluster_kube_config" "oke" {
- cluster_id = var.oke_cluster_ocid
-}
-
-data "oci_containerengine_clusters" "oke_clusters" {
- compartment_id = var.oke_compartment_ocid
-}
\ No newline at end of file
diff --git a/terraform/oke/inputs.tf b/terraform/oke/inputs.tf
deleted file mode 100644
index 64bd2968..00000000
--- a/terraform/oke/inputs.tf
+++ /dev/null
@@ -1,174 +0,0 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
-# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
-
-# When defined in the Terraform configuration, the following variables automatically prepopulate with values on the Console pages used to create and edit the stack.
-# The stack's values are used when you select the Terraform actions Plan, Apply, and Destroy.
-# - tenancy_ocid (tenancy OCID)
-# - region (region)
-#
-# Ref - https://docs.oracle.com/en-us/iaas/Content/ResourceManager/Concepts/terraformconfigresourcemanager_topic-schema.htm#console-howto__prepop
-
-####
-## Provider Variables
-####
-
-variable "tenancy_ocid" {
- type = string
-}
-
-variable "region" {
- type = string
-}
-
-variable "user_ocid" {
- type = string
- default = ""
-}
-
-variable "private_key_path" {
- type = string
- default = ""
-}
-
-variable "fingerprint" {
- type = string
- default = ""
-}
-
-####
-## Stack Variable - Auto-pupulated while running RM Stack
-####
-
-# Stack compartment - where marketplace app / Resoruce Manager stack is executed
-variable "compartment_ocid" {
- type = string
- default = ""
-}
-
-# OCID of user running the marketplace app / Resoruce Manager stack
-variable "current_user_ocid" {
- type = string
- default = ""
-}
-
-####
-## Boat configuration - Used for internal developement purpose only.
-####
-
-# Option to enable BOAT authentication.
-variable "boat_auth" {
- type = bool
- default = false
-}
-
-# OCID of BOAT tenancy.
-variable "boat_tenancy_ocid" {
- type = string
- default = ""
-}
-
-####
-## Optional Inputs
-####
-
-# Option to create Dynamic Group and Policies
-variable "opt_create_dynamicGroup_and_policies" {
- type = bool
- default = false
-}
-
-# Option to import dashboards
-variable "opt_import_dashboards" {
- type = bool
- default = true
-}
-
-####
-## OKE Cluster Information
-####
-
-# OKE Cluster Compartment
-variable "oke_compartment_ocid" {
- type = string
-}
-
-# OKE Cluster OCID
-variable "oke_cluster_ocid" {
- type = string
-}
-
-# Kubernetes Namespace
-variable "kubernetes_namespace" {
- type = string
- default = "oci-onm"
-}
-
-####
-## OCI Observability and Management Information
-####
-
-# Stack Deployment Options
-variable "stack_deployment_option" {
- type = string
- default = "Full"
-}
-
-# Compartment for creating OCI Observability and Management resources
-variable "oci_onm_compartment_ocid" {
- type = string
- default = ""
-}
-
-# Option to create Logging Analytics
-variable "opt_create_new_la_logGroup" {
- type = bool
- default = false
-}
-
-# OCI Logging Analytics LogGroup OCID
-variable "oci_la_logGroup_id" {
- type = string
- default = ""
-}
-
-# New Log Group to collect Kubernetes data
-variable "oci_la_logGroup_name" {
- type = string
- default = ""
-}
-
-# Fluentd Base Directory
-variable "fluentd_baseDir_path" {
- type = string
- default = "/var/log"
-}
-
-####
-## Fluentd Configuration
-####
-
-####
-## Management Agent Configuration
-####
-
-# Option to deploy metric server
-variable "opt_deploy_metric_server" {
- type = bool
- default = true
-}
-
-####
-## Input options hidden from stack UI
-####
-
-# OKE Cluster Name
-variable "oke_cluster_name" {
- type = string
- default = "DEFAULT"
-}
-
-# OKE Cluster Entity OCID
-variable "oke_cluster_entity_ocid" {
- type = string
- default = "DEFAULT"
-}
\ No newline at end of file
diff --git a/terraform/oke/livelab_switch.tf b/terraform/oke/livelab_switch.tf
deleted file mode 100644
index ad96eb30..00000000
--- a/terraform/oke/livelab_switch.tf
+++ /dev/null
@@ -1,15 +0,0 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
-# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
-
-####
-## livelab
-####
-
-## Note - /util/build_stack.sh script modifies below input from "FALSE" to "TRUE", while generating livelab build, hence
-## - Do not add additional inputs here &
-## - Do not modify this file
-
-variable "livelab_switch" {
- type = bool
- default = false
-}
\ No newline at end of file
diff --git a/terraform/oke/main.tf b/terraform/oke/main.tf
deleted file mode 100644
index 62e0667b..00000000
--- a/terraform/oke/main.tf
+++ /dev/null
@@ -1,105 +0,0 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
-# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
-
-locals {
- livelab_service_account = var.livelab_switch ? module.livelab[0].service_account : ""
- fluentd_baseDir_path = var.livelab_switch ? module.livelab[0].fluentd_baseDir_path : var.fluentd_baseDir_path
-
- ### helm
- # Fetch OKE cluster name from OCI OKE Service if user does not provide a name of the target cluster
- oke_cluster_name = var.oke_cluster_name == "DEFAULT" ? [for c in data.oci_containerengine_clusters.oke_clusters.clusters : c.name if c.id == var.oke_cluster_ocid][0] : var.oke_cluster_name
- deploy_helm = var.stack_deployment_option == "Full" ? true : false
-
- ## Module Controls are are final verdicts on if a module should be executed or not
- ## Module dependencies should be included here as well so a module does not run when it's depenedent moudle is disabled
-
- module_controls_enable_livelab_module = alltrue([var.toggle_livelab_module, var.livelab_switch])
- module_controls_enable_dashboards_module = alltrue([var.toggle_dashboards_module, var.opt_import_dashboards])
- module_controls_enable_iam_module = alltrue([var.toggle_iam_module, var.opt_create_dynamicGroup_and_policies, !var.livelab_switch])
- module_controls_enable_logan_module = alltrue([var.toggle_logan_module])
- module_controls_enable_mgmt_agent_module = alltrue([var.toggle_mgmt_agent_module])
- module_controls_enable_helm_module = alltrue([var.toggle_helm_module, local.module_controls_enable_mgmt_agent_module, local.module_controls_enable_logan_module])
-}
-
-// Only execute for livelab stack
-// livelab module only supports local users
-// it will error out when an identity domain user is used and livelab_switch is set as true
-module "livelab" {
- source = "./modules/livelab"
- current_user_ocid = var.current_user_ocid
-
- count = local.module_controls_enable_livelab_module ? 1 : 0
-
- /* providers = {
- oci = oci.home_region
- } */
-}
-
-// Create Required Polcies and Dynamic Group
-// Needs to be called with OCI Home Region Provider
-module "policy_and_dynamic-group" {
- source = "./modules/iam"
- root_compartment_ocid = var.tenancy_ocid
- oci_onm_compartment_ocid = var.oci_onm_compartment_ocid
- oke_compartment_ocid = var.oke_compartment_ocid
- oke_cluster_ocid = var.oke_cluster_ocid
-
- count = local.module_controls_enable_iam_module ? 1 : 0
-
- providers = {
- oci = oci.home_region
- }
-}
-
-// Create Logging Analytics Resorces
-module "loggingAnalytics" {
- source = "./modules/logan"
- tenancy_ocid = var.tenancy_ocid
- create_new_logGroup = var.opt_create_new_la_logGroup
- new_logGroup_name = var.oci_la_logGroup_name
- compartment_ocid = var.oci_onm_compartment_ocid
- existing_logGroup_id = var.oci_la_logGroup_id
-
- count = local.module_controls_enable_logan_module ? 1 : 0
-}
-
-# Create a management agent key
-module "management_agent" {
- source = "./modules/mgmt_agent"
- uniquifier = md5(var.oke_cluster_ocid)
- compartment_ocid = var.oci_onm_compartment_ocid
-
- count = local.module_controls_enable_mgmt_agent_module ? 1 : 0
-}
-
-// deploy oke-monitoring solution (helm release)
-module "helm_release" {
- source = "./modules/helm"
- helm_abs_path = abspath("./charts/oci-onm")
- use_local_helm_chart = var.toggle_use_local_helm_chart
- install_helm = local.deploy_helm && var.toggle_install_helm
- generate_helm_template = var.toggle_generate_helm_template
- oke_compartment_ocid = var.oke_compartment_ocid
- oke_cluster_ocid = var.oke_cluster_ocid
- kubernetes_namespace = var.kubernetes_namespace
- oci_la_logGroup_id = module.loggingAnalytics[0].oci_la_logGroup_ocid
- oci_la_namespace = module.loggingAnalytics[0].oci_la_namespace
- fluentd_baseDir_path = local.fluentd_baseDir_path
- mgmt_agent_install_key_content = module.management_agent[0].mgmt_agent_install_key_content
- opt_deploy_metric_server = var.livelab_switch ? false : var.opt_deploy_metric_server
- deploy_mushop_config = var.livelab_switch
- livelab_service_account = local.livelab_service_account
- oke_cluster_name = local.oke_cluster_name
- oke_cluster_entity_ocid = var.oke_cluster_entity_ocid
-
- count = local.module_controls_enable_helm_module ? 1 : 0
-}
-
-// Import Kubernetes Dashboards
-module "import_kubernetes_dashbords" {
- source = "./modules/dashboards"
- compartment_ocid = var.oci_onm_compartment_ocid
-
- count = local.module_controls_enable_dashboards_module ? 1 : 0
- depends_on = [module.helm_release]
-}
\ No newline at end of file
diff --git a/terraform/oke/oci_images.tf b/terraform/oke/oci_images.tf
index 52340ca2..d16a2327 100644
--- a/terraform/oke/oci_images.tf
+++ b/terraform/oke/oci_images.tf
@@ -1,2 +1,2 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
\ No newline at end of file
diff --git a/terraform/oke/providers.tf b/terraform/oke/providers.tf
index 33453510..5022aed5 100644
--- a/terraform/oke/providers.tf
+++ b/terraform/oke/providers.tf
@@ -1,32 +1,46 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
-terraform {
- required_version = ">= 1.0.0, <= 1.6"
- required_providers {
- oci = {
- source = "oracle/oci"
- version = ">= 4.96.0"
- }
- helm = {
- source = "hashicorp/helm"
- version = "2.7.1"
- }
- local = {
- source = "hashicorp/local"
- version = "2.2.3"
- }
+##### Note #####
+## Locals, resources and provider in this file should not depend on any other file
+## so that we can move providers.tf file to a main module when it's required to run main module independent of the stack
+## TODO: Main module should be able to execute idependenlty of the stack.
+## - This requirement is not met yet and is Work in progress.
+##### Note #####
+
+locals {
+ # OCI Provider config
+ home_region_key = data.oci_identity_tenancy.tenant_details.home_region_key
+ home_region = [for r in data.oci_identity_regions.region_map.regions : r.name if r.key == local.home_region_key][0]
+
+
+ # Helm provider config
+ oke_host = yamldecode(data.oci_containerengine_cluster_kube_config.oke.content)["clusters"][0]["cluster"]["server"]
+
+ cluster_private_ip_port = replace(local.oke_host, "https://", "")
+ cluster_private_ip = split(":", local.cluster_private_ip_port)[0]
+ cluster_private_port = split(":", local.cluster_private_ip_port)[1]
+
+ oke_cert = base64decode(yamldecode(data.oci_containerengine_cluster_kube_config.oke.content)["clusters"][0]["cluster"]["certificate-authority-data"])
+
+ kube_config = {
+ host = local.use_rms_private_endpoint ? "https://${module.rms_private_endpoint[0].private_endpoint_reachable_ip}:${local.cluster_private_port}" : local.oke_host
+ cluster_ca_certificate = local.use_rms_private_endpoint ? null : local.oke_cert
+ cluster_id = var.oke_cluster_ocid #yamldecode(data.oci_containerengine_cluster_kube_config.oke.content)["users"][0]["user"]["exec"]["args"][4]
+ cluster_region = var.region #yamldecode(data.oci_containerengine_cluster_kube_config.oke.content)["users"][0]["user"]["exec"]["args"][6]
+ insecure = local.use_rms_private_endpoint
}
}
-locals {
- cluster_endpoint = yamldecode(data.oci_containerengine_cluster_kube_config.oke.content)["clusters"][0]["cluster"]["server"]
- cluster_ca_certificate = base64decode(yamldecode(data.oci_containerengine_cluster_kube_config.oke.content)["clusters"][0]["cluster"]["certificate-authority-data"])
- cluster_id = yamldecode(data.oci_containerengine_cluster_kube_config.oke.content)["users"][0]["user"]["exec"]["args"][4]
- cluster_region = yamldecode(data.oci_containerengine_cluster_kube_config.oke.content)["users"][0]["user"]["exec"]["args"][6]
+data "oci_identity_tenancy" "tenant_details" {
+ tenancy_id = var.tenancy_ocid
+}
- home_region_key = data.oci_identity_tenancy.tenant_details.home_region_key
- home_region = var.livelab_switch ? "us-phoenix-1" : [for r in data.oci_identity_regions.region_map.regions : r.name if r.key == local.home_region_key][0]
+data "oci_identity_regions" "region_map" {
+}
+
+data "oci_containerengine_cluster_kube_config" "oke" {
+ cluster_id = var.oke_cluster_ocid
}
provider "oci" {
@@ -48,13 +62,16 @@ provider "oci" {
provider "helm" {
kubernetes {
- host = local.cluster_endpoint
- cluster_ca_certificate = local.cluster_ca_certificate
+ host = local.kube_config.host
+ cluster_ca_certificate = local.kube_config.cluster_ca_certificate
exec {
api_version = "client.authentication.k8s.io/v1beta1"
- args = ["ce", "cluster", "generate-token", "--cluster-id", local.cluster_id, "--region", local.cluster_region]
- command = "oci"
+ args = ["ce", "cluster", "generate-token", "--cluster-id",
+ local.kube_config.cluster_id, "--region", local.kube_config.cluster_region]
+ command = "oci"
}
+ insecure = local.kube_config.insecure
}
}
+provider "local" {}
\ No newline at end of file
diff --git a/terraform/oke/schema.yaml b/terraform/oke/schema.yaml
index 90ae17ca..cf191504 100644
--- a/terraform/oke/schema.yaml
+++ b/terraform/oke/schema.yaml
@@ -1,10 +1,10 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
# yaml-language-server: $schema=./meta-schema.yaml
title: OCI Kubernetes Monitoring Solution
-description: "OCI Kubernetes Monitoring Solution is a turn-key Kubernetes monitoring and management package based on the following OCI services: Logging Analytics, Monitoring, and Management Agent."
-informationalText: "OCI Kubernetes Monitoring Solution is a turn-key Kubernetes monitoring and management package based on the following OCI services: Logging Analytics, Monitoring, and Management Agent."
+description: "Monitor, manage, and generate insights into your Kubernetes deployed in OCI, third party public clouds, private clouds, or on-premises including managed Kubernetes deployments. The solution utilizes the following OCI services: Logging Analytics, Monitoring, and Management Agent."
+informationalText: "Monitor, manage, and generate insights into your Kubernetes deployed in OCI, third party public clouds, private clouds, or on-premises including managed Kubernetes deployments. The solution utilizes the following OCI services: Logging Analytics, Monitoring, and Management Agent."
schemaVersion: 1.1.0
version: "20221004"
@@ -20,192 +20,295 @@ locale: "en"
variableGroups:
- title: "hidden inputs"
variables:
- - tenancy_ocid
- - region
- - user_ocid
- - private_key_path
- - fingerprint
- - boat_auth
- - boat_tenancy_ocid
- - toggle_generate_helm_template
- - toggle_install_helm
- - toggle_use_local_helm_chart
- - toggle_dashboards_module
- - toggle_helm_module
- - toggle_mgmt_agent_module
- - toggle_logan_module
- - toggle_livelab_module
- - toggle_iam_module
- - compartment_ocid
- - kubernetes_namespace
- - current_user_ocid
- - livelab_switch
- - oke_cluster_name
- - oke_cluster_entity_ocid
- - stack_deployment_option
+ - ${tenancy_ocid}
+ - ${region}
+ - ${user_ocid}
+ - ${private_key_path}
+ - ${fingerprint}
+ - ${boat_auth}
+ - ${boat_tenancy_ocid}
+ - ${compartment_ocid}
+ - ${current_user_ocid}
+ - ${oke_cluster_name}
visible: false
+ # These variables are utilized for QA validation and testing. They are not meant to be used in production.
+ - title: "hidden dev inputs"
+ variables:
+ - ${CLIENT_HOST_OVERRIDES}
+ - ${debug}
+ visible: false
+
- title: Select an OKE cluster deployed in this region to start monitoring
- description: "Use CLI (Helm) if your cluster does not have a public API endpoint or if it's restricted from accessing container-registry.oracle.com. See: https://github.com/oracle-quickstart/oci-kubernetes-monitoring"
variables:
- - oke_compartment_ocid
- - oke_cluster_ocid
+ - ${oke_compartment_ocid}
+ - ${oke_cluster_ocid}
+ - ${connect_via_private_endpoint}
+ - ${oke_subnet_or_pe_ocid}
+
+ - title: Create dynamic group and policy (tenancy level admin access required)
+ variables:
+ - ${dropdown_create_dynamic_group_and_policies}
- - title: "OCI Observability and Management Services Configuration"
- description: "For a list of resources created, see: https://github.com/oracle-quickstart/oci-kubernetes-monitoring"
+ - title: Create resources for OCI Observability and Management services
variables:
- - opt_deploy_metric_server
- - oci_onm_compartment_ocid
- - opt_create_new_la_logGroup
- - oci_la_logGroup_id
- - oci_la_logGroup_name
- - fluentd_baseDir_path
-
- - title: Advanced Configuration
+ - ${oci_onm_compartment_ocid}
+ - ${opt_create_new_la_log_group}
+ - ${oci_la_log_group_ocid}
+ - ${oci_la_log_group_name}
+ - ${opt_create_oci_la_entity}
+ - ${oke_cluster_entity_ocid}
+ - ${opt_import_dashboards}
+
+ - title: Advanced configuration
variables:
- - opt_create_dynamicGroup_and_policies
- - opt_import_dashboards
+ - ${show_advanced_options}
+ - ${stack_deployment_option}
+ - ${opt_deploy_metric_server}
+ - ${helm_chart_version}
+ - ${fluentd_base_dir_path}
+ - ${tags}
+ - ${template_id}
variables:
- ####
- ## OKE Cluster Information
+ #### [Section]
+ ## Select an OKE cluster deployed in this region to start monitoring
####
# OKE Cluster Compartment
oke_compartment_ocid:
type: oci:identity:compartment:id
required: true
- title: "Select OKE cluster compartment"
- default: compartment_ocid
+ title: OKE cluster compartment
+ default: ${compartment_ocid}
# OKE Cluster OCID
oke_cluster_ocid:
type: oci:container:cluster:id
dependsOn:
compartmentId: ${oke_compartment_ocid}
- title: Select OKE cluster
+ title: OKE cluster
required: true
- # kubernetes_namespace:
- # type: string
- # minLength: 1
- # maxLength: 63
- # title: Kubernetes Namespace
- # description: Kubernetes Namespace in which the monitoring solution to be deployed
- # default: kube-system
- # pattern: '^([a-z0-9]|[a-z][a-z\-0-9]*[a-z0-9])$' #Ref - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names
- # required: true
+ # Option to enable/disable metric server installation during helm deployment
+ connect_via_private_endpoint:
+ type: boolean
+ title: OKE cluster is private
+ default: false
+ visible:
+ and:
+ - eq:
+ - ${stack_deployment_option}
+ - "Full"
- ####
- ## OCI Observability and Management Services Configuration
+ # OKE Cluster OCID
+ oke_subnet_or_pe_ocid:
+ type: string
+ title: OKE node subnet OCID / RMS private endpoint OCID
+ description: |-
+ Stack connects to private OKE cluster through an RMS Private Endpoint.
+ If you provide subnet OCID, an RMS private endpoint resource is created.
+ Alternatively, you can also provide OCID of an existing RMS private endpoint.
+ The subnet's security list must allow egress connection to OKE cluster's API endpoint.
+ Typically, this is oke-nodesubnet and not oke-k8sApiEndpoint-subnet.
+ required: true
+ pattern: 'ocid1\.(subnet|ormprivateendpoint)\.[a-z,0-9]+\.[-a-z0-9]+\.[.a-z0-9]+$'
+ # maxLength: 93 # Don't set as realm ID is part of OCID
+ # minLength: 81 # Do not set min length
+ visible:
+ and:
+ - ${connect_via_private_endpoint}
+ - eq:
+ - ${stack_deployment_option}
+ - "Full"
+
+ #### [Section]
+ ## Create Dynamic Group and Policy (tenancy level admin access required)
####
- # Stack Deployment Options
- stack_deployment_option:
- title: Deployment options
- description: 'The "Full" option creates both OCI and K8s resources.'
+ # Option to create Dynamic Group and Policies
+ dropdown_create_dynamic_group_and_policies:
type: enum
- enum: # Dev Note - # Any change in following options must be refactored across schema.yaml
- - "Full"
- - "Only OCI Resources"
- default: "Full"
+ title: " "
+ description: |-
+ Create the dynamic group and policy before creating the stack.
+ Reference: oci-kubernetes-monitoring#pre-requisites.
+ If node pools and the OKE cluster are in different compartments, then manually create the dynamic group and policy or edit the dynamic group created by the stack.
+ enum: # Any change in options string will need to reflect in local.create_dg_and_policy as well
+ - "Create required IAM resources as part of the stack" # Setting enum as "True" fails to save input via stack UI
+ - "I have already created the required IAM resources"
+ default: "" # Setting this value to "", forces user to select from one of the dropdown options
required: true
- visible:
- not:
- - livelab_switch
- # Option to enable/disable metric server installation during helm deployment
- opt_deploy_metric_server:
- type: boolean
- title: Enable Metric Server installation
- description: Clear this check box if Metric Server is already installed in your cluster.
- default: true
- visible:
- and:
- - eq:
- - ${stack_deployment_option}
- - "Full"
- - not:
- - livelab_switch
+ #### [Section]
+ ## OCI Observability and Management Services Configuration
+ ####
# Compartment for creating OCI Observability and Management resources
oci_onm_compartment_ocid:
type: oci:identity:compartment:id
required: true
- title: Select compartment for Logging Analytics, Management Agent, and Monitoring service resources.
- description: "This compartment will be used for creating dashboards, log groups, entities, Management Agent keys, metric namespaces, and related resources. For a full list of resources, see: https://github.com/oracle-quickstart/oci-kubernetes-monitoring"
- default: compartment_ocid
+ title: Compartment for resources of OCI services
+ description: |-
+ This is the compartment in which dashboards, log group, entity, Management Agent key, metric namespace, and other related OCI resources are created.
+ For the full list of resources, see oci-kubernetes-monitoring.
+ default: ${compartment_ocid}
# Option to create Logging Analytics
- opt_create_new_la_logGroup: # change this to create new log group
+ opt_create_new_la_log_group: # change this to create new log group
type: boolean
- title: Select this check box if you want to create a new log group.
+ title: Create a new log group
default: false
- visible:
- not:
- - livelab_switch
# OCI Logging Analytics LogGroup OCID of existing LogGroup
- oci_la_logGroup_id:
+ oci_la_log_group_ocid:
type: oci:logan:loggroup:id
dependsOn:
compartmentId: ${oci_onm_compartment_ocid}
title: OCI Logging Analytics log group
- description: Log groups are logical containers for log data, and they provide access control for your data using IAM policies.
+ description: Log groups are logical containers for log data. They provide access control for your data by using IAM policies.
required: true
visible:
not:
- - opt_create_new_la_logGroup
+ - ${opt_create_new_la_log_group}
# New Log Group to collect Kubernetes data
- oci_la_logGroup_name:
+ oci_la_log_group_name:
type: string
- maxLength: 255
- minLength: 1
- required: true
+ # maxLength: 100 # Do not use maxLength
+ #minLength: 1
+ required: false
title: OCI Logging Analytics log group name
- description: "Tip: To make the log group easy to find in Dashboards and Logs Explorer pages, provide a unique name associated with your cluster name."
+ description: |-
+ To make the log group easy-to-find in Dashboards and Log Explorer pages, provide a unique name related to your cluster name.
+ If not provided, the stack creates a log group based on OKE cluster's name and creation date.
visible:
and:
- - opt_create_new_la_logGroup
- pattern: '^([a-zA-Z0-9]|[a-zA-Z0-9][\\ a-zA-Z0-9_\-]*[\\a-zA-Z\-0-9_])$'
+ - ${opt_create_new_la_log_group}
+ pattern: '(^\S.*\S$|^$)'
- # Fluentd Base Directory
- fluentd_baseDir_path:
+ # Option to create a new OCI Logging Analytics Entity
+ opt_create_oci_la_entity:
+ type: boolean
+ title: Create a new Logging Analytics entity for this cluster
+ description: Clear the check box if you want to use an existing Logging Analytics entity.
+ default: true
+
+ # User Provided OCI Logging Analytics Entity OCID
+ oke_cluster_entity_ocid:
type: string
- maxLength: 255
- minLength: 1
- title: FluentD working directory
- description: A directory on the node (with read & write permission) to use for storing data related to Fluentd.
- default: /var/log
+ title: OCID of OCI Logging Analytics entity
+ # default: "null"
+ description: This must be a valid Logging Analytics entity of the type Kubernetes Cluster.
required: true
- pattern: '^/[\w- /]*$'
+ pattern: '^(ocid1\.loganalyticsentity\.\S+$)'
+ # maxLength: 93 # Don't set as realm ID is part of OCID
+ # minLength: 93 # Don't add minLength to support optional field
visible:
and:
- - eq:
- - ${stack_deployment_option}
- - "Full"
- - not:
- - livelab_switch
+ - not:
+ - ${opt_create_oci_la_entity}
- ####
- ## Optional Inputs
+ # Option to import Kubernetes Dashboards
+ opt_import_dashboards:
+ type: boolean
+ title: Import dashboards
+ description: Ensure to manually delete the dashboards when you destroy the stack since the dashboards are not deleted automatically.
+ default: true
+
+ #### [Section]
+ ## Advanced Configuration
####
- # Option to create Dynamic Group and Policies
- opt_create_dynamicGroup_and_policies:
+ # Option to enable/disable metric server installation during helm deployment
+ show_advanced_options:
+ title: Show advanced configuration
+ description: |-
+ Keep the check box enabled for the advanced options to take effect.
type: boolean
- title: Select this check box to create OCI IAM dynamic groups and policies which are required for the monitoring solution
- #description: "Ref: https://github.com/oracle-quickstart/oci-kubernetes-monitoring#pre-requisites"
- description: "Note: If node pools and the OKE cluster are in different compartments, then the dynamic group definition must be updated."
default: false
+
+ # Stack Deployment Options
+ stack_deployment_option:
+ title: Deployment type
+ description: |-
+ Select "Only OCI Resources" to skip helm chart installation on to your OKE cluster.
+ Manually install the helm chart using the helm commands provided in the stack output.
+ type: enum
+ enum: # Dev Note - # Any change in following options must be refactored across schema.yaml
+ - "Full"
+ - "Only OCI Resources"
required: true
+ default: "Full"
+ visible:
+ and:
+ - ${show_advanced_options}
- # Option to create Dynamic Group and Policies
- opt_import_dashboards:
+ helm_chart_version:
+ type: string
+ maxLength: 15
+ # minLength: 5 # Don't add minLength to for optional field
+ # default: "null" # related to local.user_entered_subnet_ocid
+ title: oci-onm helm chart version
+ description: |-
+ Example, 3.3.0. For the list of releases, see oci-kubernetes-monitoring/releases.
+ If not provided, then the latest oci-onm helm chart version is deployed.
+ However, if you need to upgrade to a newer version, then you must provide a version number here.
+ required: false
+ # ref - https://semver.org/#is-there-a-suggested-regular-expression-regex-to-check-a-semver-string
+ pattern: '(^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$|^$)'
+ visible:
+ and:
+ - ${show_advanced_options}
+
+ # Option to enable/disable metric server installation during helm deployment
+ opt_deploy_metric_server:
type: boolean
- title: Select this check box to import dashboards
- description: "Note: You may need to manually clean up the dashboards when you destory the stack as dashboards will not be deleted automatically."
+ title: Enable metric server installation
+ description: Clear this check box if the metric server is already installed in your cluster.
default: true
+ visible:
+ and:
+ - ${show_advanced_options}
+
+ # Fluentd Base Directory
+ fluentd_base_dir_path:
+ type: string
+ maxLength: 255
+ minLength: 1
+ title: Fluentd working directory
+ description: A directory on the node (with read and write permission) to use for storing data related to Fluentd
+ default: /var/log
required: true
+ pattern: '^/[\w- /]*$'
+ visible:
+ and:
+ - ${show_advanced_options}
+
+ # OCI tags
+ tags:
+ description: |-
+ The tag values will take effect only if the updates are made before the first run of the stack.
+ The changes made to the tags after the first run will not take effect.
+ type: oci:identity:tag:value
+ title: "Tags"
+ required: false
+ dependsOn:
+ compartmentId: ${tenancy_ocid}
+ visible:
+ and:
+ - ${show_advanced_options}
+
+ # Template ID
+ # It's automatically set by version.auto.tfvars file and hence grayed out for users
+ # It's a no-op variable and used to identify the version of template from stack UI
+ template_id:
+ type: string
+ title: Template id
+ description: |-
+ OCI Kubernetes Monitoring Solution stack template version in Resource Manager service
+ visible:
+ and:
+ - ${show_advanced_options}
\ No newline at end of file
diff --git a/terraform/oke/stack-debug.tf b/terraform/oke/stack-debug.tf
new file mode 100644
index 00000000..b6f09a55
--- /dev/null
+++ b/terraform/oke/stack-debug.tf
@@ -0,0 +1,26 @@
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
+
+resource "local_file" "tenant_details" {
+ count = var.debug ? 1 : 0
+ content = jsonencode(data.oci_identity_tenancy.tenant_details)
+ filename = "${path.module}/tf-debug/tenant_details.json"
+}
+
+resource "local_file" "region_map" {
+ count = var.debug ? 1 : 0
+ content = jsonencode(data.oci_identity_regions.region_map)
+ filename = "${path.module}/tf-debug/region_map.json"
+}
+
+resource "local_file" "kube_config" {
+ count = var.debug ? 1 : 0
+ content = yamlencode(yamldecode(data.oci_containerengine_cluster_kube_config.oke.content))
+ filename = "${path.module}/tf-debug/kube_config.yaml"
+}
+
+resource "local_file" "oci_containerengine_clusters" {
+ count = var.debug ? 1 : 0
+ content = jsonencode(data.oci_containerengine_clusters.oke_clusters)
+ filename = "${path.module}/tf-debug/oci_containerengine_clusters.json"
+}
\ No newline at end of file
diff --git a/terraform/oke/stack-input-validations.tf b/terraform/oke/stack-input-validations.tf
new file mode 100644
index 00000000..ca6c3a4e
--- /dev/null
+++ b/terraform/oke/stack-input-validations.tf
@@ -0,0 +1,33 @@
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
+
+locals {
+ oke_cluster_is_public = local.cluster_data.endpoint_config[0].is_public_ip_enabled
+ oke_cluster_is_private = !local.oke_cluster_is_public
+}
+
+# Case: User Opt to use private endpoint and deployment option is Full i.e to install helm chart
+resource "null_resource" "private_oke_check" {
+ count = var.connect_via_private_endpoint && local.deploy_helm ? 1 : 0
+ lifecycle {
+ # Check: Target OKE cluster should be private
+ # User Facing Error
+ precondition {
+ condition = local.oke_cluster_is_private
+ error_message = "Invalid input. Using Private Endpoint with public OKE cluster is not allowed."
+ }
+ }
+}
+
+# Case: User Opt to NOT use private endpoint OR deployment option is "OCI Resource Only" i.e to not install helm chart
+resource "null_resource" "public_oke_check" {
+ count = !var.connect_via_private_endpoint && local.deploy_helm ? 1 : 0
+ lifecycle {
+ # Check: Target OKE cluster is public
+ # User Facing Error
+ precondition {
+ condition = local.oke_cluster_is_public
+ error_message = "Missing Input. \"OKE cluster is private\" checkbox must be selected to monitor a private OKE cluster."
+ }
+ }
+}
\ No newline at end of file
diff --git a/terraform/oke/stack-inputs.tf b/terraform/oke/stack-inputs.tf
new file mode 100644
index 00000000..acb6eef6
--- /dev/null
+++ b/terraform/oke/stack-inputs.tf
@@ -0,0 +1,248 @@
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
+
+# When defined in the Terraform configuration, the following variables automatically prepopulate with values on the Console pages used to create and edit the stack.
+# The stack's values are used when you select the Terraform actions Plan, Apply, and Destroy.
+# - tenancy_ocid (tenancy OCID)
+# - region (region)
+#
+# Ref - https://docs.oracle.com/en-us/iaas/Content/ResourceManager/Concepts/terraformconfigresourcemanager_topic-schema.htm#console-howto__prepop
+
+####
+## Provider Variables
+####
+
+variable "tenancy_ocid" {
+ type = string
+}
+
+variable "region" {
+ type = string
+}
+
+variable "user_ocid" {
+ type = string
+ default = ""
+}
+
+variable "private_key_path" {
+ type = string
+ default = ""
+}
+
+variable "fingerprint" {
+ type = string
+ default = ""
+}
+
+####
+## Boat configuration - Used for internal development purpose only.
+####
+
+# Option to enable BOAT authentication.
+variable "boat_auth" {
+ type = bool
+ default = false
+}
+
+# OCID of BOAT tenancy.
+variable "boat_tenancy_ocid" {
+ type = string
+ default = ""
+}
+
+####
+## Stack Variable - Auto-populated while running RM Stack
+####
+
+# Stack compartment - where marketplace app / Resource Manager stack is executed
+variable "compartment_ocid" {
+ type = string
+ default = ""
+}
+
+# OCID of user running the marketplace app / Resource Manager stack
+variable "current_user_ocid" {
+ type = string
+ default = ""
+}
+
+####
+## Hidden Inputs
+####
+
+# [Hidden input]
+# OKE Cluster Name
+variable "oke_cluster_name" {
+ type = string
+ default = null
+ # User Facing Error
+ validation {
+ condition = var.oke_cluster_name == null ? true : length(regexall("(^\\S.*$|^$)", var.oke_cluster_name)) > 0
+ error_message = "Invalid oke_cluster_name"
+ }
+}
+
+#### [Section]
+## Select an OKE cluster deployed in this region to start monitoring
+####
+
+# OKE Cluster Compartment
+variable "oke_compartment_ocid" {
+ type = string
+}
+
+# OKE Cluster OCID
+variable "oke_cluster_ocid" {
+ type = string
+}
+
+# OKE Cluster OCID
+variable "connect_via_private_endpoint" {
+ type = bool
+ default = false
+}
+
+# OKE Cluster OCID
+variable "oke_subnet_or_pe_ocid" {
+ type = string
+ default = null
+
+ # User Facing Error
+ validation {
+ condition = var.oke_subnet_or_pe_ocid == null ? true : length(regexall("^ocid1\\.(subnet|ormprivateendpoint)\\.[a-z,0-9]+\\.[-a-z0-9]+\\.[.a-z0-9]+$", var.oke_subnet_or_pe_ocid)) > 0
+ error_message = "Invalid subnet ocid or private endpoint ocid."
+ }
+}
+
+#### [Section]
+## Create Dynamic Group and Policy (tenancy level admin access required)
+####
+
+# New Dropdown option for Dynamic Group and Policies
+variable "dropdown_create_dynamic_group_and_policies" {
+ type = string
+}
+
+#### [Section]
+## OCI Observability and Management Services Configuration
+####
+
+# Compartment for creating OCI Observability and Management resources
+variable "oci_onm_compartment_ocid" {
+ type = string
+}
+
+# Option to create Logging Analytics
+variable "opt_create_new_la_log_group" {
+ type = bool
+ default = false
+}
+
+# OCI Logging Analytics LogGroup OCID
+variable "oci_la_log_group_ocid" {
+ type = string
+ default = null
+}
+
+# New Log Group to collect Kubernetes data
+variable "oci_la_log_group_name" {
+ type = string
+ default = null
+
+ # User Facing Error
+ validation {
+ condition = var.oci_la_log_group_name == null ? true : var.oci_la_log_group_name == "" || (
+ length(regexall("^\\S.*\\S$", var.oci_la_log_group_name)) > 0)
+ error_message = "Invalid log group name."
+ }
+}
+
+# Option to create Logging Analytics
+variable "opt_create_oci_la_entity" {
+ type = bool
+ default = true
+}
+
+# OKE Cluster Entity OCID
+variable "oke_cluster_entity_ocid" {
+ type = string
+ default = null
+
+ # User Facing Error
+ validation {
+ condition = var.oke_cluster_entity_ocid == null ? true : length(regexall("^(ocid1\\.loganalyticsentity\\.\\S+)$", var.oke_cluster_entity_ocid)) > 0 ? true : false
+ error_message = "Invalid OCI Logging Analytics entity OCID"
+ }
+}
+
+# Option to import dashboards
+variable "opt_import_dashboards" {
+ type = bool
+ default = true
+}
+
+#### [Section]
+## Advanced Configuration
+####
+
+# Option to hidden stack configuration
+variable "show_advanced_options" {
+ type = bool
+ default = false
+}
+
+# Stack Deployment Options
+variable "stack_deployment_option" {
+ type = string
+ default = "Full"
+}
+
+# Helm Chart version to deploy
+variable "helm_chart_version" {
+ type = string
+ default = null
+}
+
+# Option to deploy metric server
+variable "opt_deploy_metric_server" {
+ type = bool
+ default = true
+}
+
+# Fluentd Base Directory
+variable "fluentd_base_dir_path" {
+ type = string
+ default = "/var/log"
+}
+
+# tags
+variable "tags" {
+ type = object({ freeformTags = map(string), definedTags = map(string) })
+ default = { "freeformTags" = {}, "definedTags" = {} }
+}
+
+# This var is not used in stack
+# Purpose: to display stack version on UI without being able to execute it
+variable "template_id" {
+ type = string
+ default = null
+}
+
+#### [Section]
+## Development Options
+####
+
+# Ref - https://confluence.oci.oraclecorp.com/display/TERSI/FAQs#FAQs-Q.HowdoItestonPre-ProdenvironmentORHowdoImakeTerraformproviderpointtocustomControlPlane(CP)endpoint
+
+variable "CLIENT_HOST_OVERRIDES" {
+ description = "The client host overrides for the terraform provider with Object Storage endpoint overridden."
+ type = string
+ default = null
+}
+
+variable "debug" {
+ description = "Generate Debug Resources."
+ type = bool
+ default = false
+}
\ No newline at end of file
diff --git a/terraform/oke/stack-outputs.tf b/terraform/oke/stack-outputs.tf
new file mode 100644
index 00000000..22b8eaaa
--- /dev/null
+++ b/terraform/oke/stack-outputs.tf
@@ -0,0 +1,42 @@
+# # Copyright (c) 2023, 2024, Oracle and/or its affiliates.
+# # Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
+
+####
+## Stack outputs
+####
+
+output "cmd_1_helm_repo_add" {
+ value = module.main.cmd_1_helm_repo_add
+}
+
+output "cmd_2_helm_repo_update" {
+ value = module.main.cmd_2_helm_repo_update
+}
+
+output "cmd_3_helm_install" {
+ value = module.main.cmd_3_helm_install
+}
+
+output "oke_cluster_entity_ocid" {
+ value = module.main.oke_cluster_entity_ocid
+}
+
+output "oke_dynamic_group_ocid" {
+ value = module.main.oke_dynamic_group_ocid
+}
+
+output "oke_monitoring_policy_ocid" {
+ value = module.main.oke_monitoring_policy_ocid
+}
+
+output "oci_la_namespace" {
+ value = module.main.oci_la_namespace
+}
+
+output "oci_la_log_group_ocid" {
+ value = module.main.oci_la_log_group_ocid
+}
+
+output "mgmt_agent_install_key" {
+ value = module.main.mgmt_agent_install_key
+}
\ No newline at end of file
diff --git a/terraform/oke/stack-required-providers.tf b/terraform/oke/stack-required-providers.tf
new file mode 100644
index 00000000..cd71552b
--- /dev/null
+++ b/terraform/oke/stack-required-providers.tf
@@ -0,0 +1,20 @@
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
+
+terraform {
+ required_version = ">= 1.2.0, < 1.3.0"
+ required_providers {
+ oci = {
+ source = "oracle/oci"
+ version = "~> 5.46"
+ }
+ helm = {
+ source = "hashicorp/helm"
+ version = "~> 2.7"
+ }
+ local = {
+ source = "hashicorp/local"
+ version = "~> 2.5.1"
+ }
+ }
+}
\ No newline at end of file
diff --git a/terraform/oke/stack.tf b/terraform/oke/stack.tf
new file mode 100644
index 00000000..3be58477
--- /dev/null
+++ b/terraform/oke/stack.tf
@@ -0,0 +1,103 @@
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
+
+locals {
+ # Resolve Null string --> "" inputs
+ oke_cluster_entity_ocid = var.oke_cluster_entity_ocid == "" ? null : var.oke_cluster_entity_ocid
+ helm_chart_version = var.helm_chart_version == "" ? null : var.helm_chart_version
+ oci_la_log_group_name = var.oci_la_log_group_name == "" ? null : var.oci_la_log_group_name
+ oke_cluster_name = var.oke_cluster_name == "" ? null : var.oke_cluster_name
+
+ # Following regex checks identifies the type of resource ocid entered by stack user
+ user_entered_subnet_ocid = var.oke_subnet_or_pe_ocid == null ? false : length(
+ regexall("^ocid1\\.subnet\\.\\S+$", var.oke_subnet_or_pe_ocid)) > 0
+
+ user_entered_pe_ocid = var.oke_subnet_or_pe_ocid == null ? false : length(
+ regexall("^ocid1\\.ormprivateendpoint\\.\\S+$", var.oke_subnet_or_pe_ocid)) > 0
+
+ # One of the following locals is expected to be null because of different regex checks
+ oke_subnet_ocid = local.user_entered_subnet_ocid ? var.oke_subnet_or_pe_ocid : null
+ oke_pe_ocid = local.user_entered_pe_ocid ? var.oke_subnet_or_pe_ocid : null
+
+ # IAM Controls
+ create_dg_and_policy = var.dropdown_create_dynamic_group_and_policies == "Create required IAM resources as part of the stack"
+
+ # Helm controls
+ deploy_helm = var.stack_deployment_option == "Full" ? true : false
+
+ # RMS Private Endpoint
+ use_rms_private_endpoint = var.connect_via_private_endpoint && local.deploy_helm
+
+ all_clusters_in_compartment = data.oci_containerengine_clusters.oke_clusters.clusters
+ cluster_data = [for c in local.all_clusters_in_compartment : c if c.id == var.oke_cluster_ocid][0]
+}
+
+data "oci_containerengine_clusters" "oke_clusters" {
+ compartment_id = var.oke_compartment_ocid
+}
+
+# Create a new private endpoint or uses an existing one
+# Returns a reachable ip address to access private OKE cluster
+module "rms_private_endpoint" {
+ count = local.use_rms_private_endpoint ? 1 : 0
+ source = "./modules/rms_pe"
+
+ oke_subnet_ocid = local.oke_subnet_ocid
+ private_endpoint_ocid = local.oke_pe_ocid
+ private_ip_address = local.cluster_private_ip
+ pe_compartment_ocid = var.oci_onm_compartment_ocid
+ oke_vcn_ocid = local.cluster_data.vcn_id
+
+ tags = var.tags
+ debug = false
+}
+
+# Create OCI resources for the helm chart
+# Deploys oci-onm helm chart in target cluster
+module "main" {
+ source = "./modules/main"
+
+ tenancy_ocid = var.tenancy_ocid
+ region = var.region
+
+ # shared inputs
+ debug = var.debug
+ oci_onm_compartment_ocid = var.oci_onm_compartment_ocid
+ oke_compartment_ocid = var.oke_compartment_ocid
+ oke_cluster_ocid = var.oke_cluster_ocid
+
+ # tags
+ tags = var.tags
+
+ # IAM
+ opt_create_dynamicGroup_and_policies = local.create_dg_and_policy
+
+ # Dashboards
+ opt_import_dashboards = var.opt_import_dashboards
+
+ # Logan
+ opt_create_new_la_log_group = var.opt_create_new_la_log_group
+ log_group_name = local.oci_la_log_group_name
+ log_group_ocid = var.oci_la_log_group_ocid
+
+ oke_cluster_entity_ocid = var.opt_create_oci_la_entity ? null : local.oke_cluster_entity_ocid
+
+ # Helm
+ # kubernetes_namespace = "oci-onm"
+ install_helm_chart = local.deploy_helm
+ helm_chart_version = local.helm_chart_version
+ opt_deploy_metric_server = var.opt_deploy_metric_server
+ fluentd_base_dir_path = var.fluentd_base_dir_path
+ kubernetes_cluster_id = var.oke_cluster_ocid
+ kubernetes_cluster_name = local.oke_cluster_name
+ path_to_local_onm_helm_chart = "../../../charts/oci-onm/"
+
+ # As two sets of OCI providers are required in child module (main), we must pass all providers explicitly
+ # Ref - https://developer.hashicorp.com/terraform/language/modules/develop/providers#passing-providers-explicitly
+ providers = {
+ oci.home_region = oci.home_region
+ oci = oci
+ local = local
+ helm = helm
+ }
+}
diff --git a/terraform/oke/terraform-sample.tfvars b/terraform/oke/terraform-sample.tfvars
index 79858109..e5e9bcd2 100644
--- a/terraform/oke/terraform-sample.tfvars
+++ b/terraform/oke/terraform-sample.tfvars
@@ -1,67 +1,71 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
-####
-## Configure BOAT Authentication for OCI; Leave unchaged, if BOAT authentication is not used
-####
-boat_auth = false
-boat_tenancy_ocid = ""
+################################################################################
+# About Comments:
+# Comments that starts with "//" are instruction
+# Comments that start with "#" are alternate input options
+#
+################################################################################
-####
-## OCI Provider inputs
-####
-tenancy_ocid = ""
-region = ""
+// Mandatory OCI provider inputs
+tenancy_ocid = ""
+region = ""
-# Note - Leave following empty when running terraform from OCI cloud-shell
+// Set following inputs when not using instance principal authentication
+# user_ocid =
+# private_key_path =
+# fingerprint =
-# OCI user OCID
-user_ocid = ""
-# Path to OCI user's API key
-private_key_path = ""
-# Fingerprint of the API key
-fingerprint = ""
+oke_compartment_ocid = ""
+oke_cluster_ocid = ""
-####
-## Mandatory Stack inputs
-####
+dropdown_create_dynamic_group_and_policies = "Create required IAM resources as part of the stack"
+# dropdown_create_dynamic_group_and_policies = "I have already created the required IAM resources"
-# OKE Cluster Compartment OCID
-oke_compartment_ocid = "" # Mandatory
+// This is the compartment in which dashboards, log group, entity, Management Agent key, metric namespace, and other related OCI resources are created.
+// For the full list of resources, see https://github.com/oracle-quickstart/oci-kubernetes-monitoring
+oci_onm_compartment_ocid = ""
-# OKE Cluster OCID
-oke_cluster_ocid = ""
+opt_create_new_la_log_group = true
+oci_la_log_group_name = "" # Optional: A LogGroup with ClusterName_ClusterCreationTimeStamp is auto created when empty sting is passed
+// Alternative option for LogGroup:
+# opt_create_new_la_log_group = false
+# oci_la_log_group_ocid = ""
-# Change this, if you want to deploy in a custom namespace
-kubernetes_namespace = "oci-onm"
+opt_create_oci_la_entity = true
+// Alternative option for Entity:
+# opt_create_oci_la_entity = false
+# oke_cluster_entity_ocid = ""
-# Option to control metric server installation as part of helm release
-opt_deploy_metric_server = true
-
-# Compartment for creating dashboards and saved-searches and logGroup
-oci_onm_compartment_ocid = ""
-
-# if ture, oci_la_logGroup_name must be set
-opt_create_new_la_logGroup = false
+// If you opt to import dashboards:
+// Ensure to manually delete the dashboards when you destroy the resources since the dashboards are not deleted automatically.
-# OCI Logging Analytics LogGroup
-# Add OCID of logGroup if opt_create_new_la_logGroup=false, leave it empty otherwise
-oci_la_logGroup_id = ""
+opt_import_dashboards = false
+# opt_import_dashboards = true
-# leave it unchanged, if opt_create_new_la_logGroup=true
-oci_la_logGroup_name = "NewLogGroupName"
+// Select "Only OCI Resources" to skip helm chart installation on to your OKE cluster.
+// Manually install the helm chart using the helm commands provided in the stack output.
-####
-## Optional Stack inputs
-####
+stack_deployment_option = "Full"
+# stack_deployment_option = "Only OCI Resources"
-# "Full" or "Only OCI Resources"
-stack_deployment_option = "Only OCI Resources"
-
-# Option to create Dynamic Group and Policies
-opt_create_dynamicGroup_and_policies = true
-
-# Fluentd installation path
-fluentd_baseDir_path = "/var/log"
+// Example, 3.3.0. For the list of releases, see https://github.com/oracle-quickstart/oci-kubernetes-monitoring/releases
+// If not provided, then the latest oci-onm helm chart version is deployed.
+// However, if you need to upgrade to a newer version, then you must provide a version number here.
+helm_chart_version = ""
+opt_deploy_metric_server = true
+# opt_deploy_metric_server = false
+
+fluentd_base_dir_path = "/var/log"
+
+// Optional tags input example
+# tags = {
+# "freeformTags" = { "service" = "logan" },
+# "definedTags" = {
+# "Oracle-Recommended-Tags.ResourceOwner" = "John Doe",
+# "Oracle-Recommended-Tags.ResourceType" = "O&M"
+# }
+# }
\ No newline at end of file
diff --git a/terraform/oke/version.auto.tfvars b/terraform/oke/version.auto.tfvars
new file mode 100644
index 00000000..cc365b8a
--- /dev/null
+++ b/terraform/oke/version.auto.tfvars
@@ -0,0 +1,7 @@
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
+
+# The "template_id" is only to identity the version of template in a particular production region.
+# This version does not control the version of the template to be used by the stack.
+# TODO: This must be incremented with every release of stack to OCI RMS template.
+template_id = "0007"
\ No newline at end of file
diff --git a/util/build_stack.sh b/util/build_stack.sh
index f97a3430..11673883 100755
--- a/util/build_stack.sh
+++ b/util/build_stack.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
# Bash script to build OCI Resource Manager Stack or Marketplace app for OKE monitoring
@@ -7,20 +7,30 @@
# Fail at first error
set -e
+SILENT_MODE=false
+
+function log {
+ if [ "$SILENT_MODE" = false ]; then
+ echo -e "$1"
+ fi
+}
+
# Helper Functions
function error_and_exit {
- echo -e "ERROR: $1"
- exit
+ log "$1"
+ exit 1
}
function abspath {
relative_path=$1
- cd $relative_path
+ cd "$relative_path" || error_and_exit "Absolute path conversion failed: $relative_path"
pwd
}
-ROOT_DIR=".."
-ROOT_DIR=$(abspath $ROOT_DIR) # Convert to absolute path
+# define directoriews
+UTIL_DIR=$(cd -- "$(dirname -- "${BASH_SOURCE[0]}")" &>/dev/null && pwd)
+ROOT_DIR="$UTIL_DIR/.."
+ROOT_DIR=$(abspath "$ROOT_DIR") # Convert to absolute path
RELEASE_PATH="$ROOT_DIR/releases"
UTIL_PATH="$ROOT_DIR/util"
@@ -34,23 +44,22 @@ STACK_BUILD_PATH="$BUILD_DIR/terraform/oke"
HELM_SYMLINK="$STACK_BUILD_PATH/charts"
MODULES_SYMLINK="$STACK_BUILD_PATH/modules"
-
# Usage Instructions
usage="
-$(basename "$0") [-h] [-n name] -- program to build marketplace app from oracle-quickstart/oci-kubernetes-monitoring repo.
+$(basename "$0") [-h][-n name][-l][-d][-s] -- program to build OCI RMS stack zip file using oracle-quickstart/oci-kubernetes-monitoring repo.
where:
-h show this help text
-n name of output zip file without extention (Optional)
-l flag to generate livelab build; otherwise oke build is generated
-d flag to generate dev build; contains local helm chart
+ -s flag to turn-off output; only final build file path is printed to stdout
The zip artifacts shall be stored at -
$RELEASE_PATH"
-
# Parse inputs
-while getopts "hn:ld" option; do
+while getopts "hn:lds" option; do
case $option in
h) # display Help
echo "$usage"
@@ -65,6 +74,9 @@ while getopts "hn:ld" option; do
d)
INCLUDE_LOCAL_HELM=true
;;
+ s) # Run SILENT_MODE
+ SILENT_MODE=true
+ ;;
:) printf "missing argument for -%s\n" "$OPTARG" >&2
echo "$usage" >&2
exit 1
@@ -100,18 +112,18 @@ fi
RELEASE_ZIP="${RELEASE_PATH}/${release_name}.zip"
# Disclaimer
-echo -e "\nDisclaimers - \n"
+log "\nDisclaimers - \n"
if [ -n "$INCLUDE_LOCAL_HELM" ]; then
- echo -e "\t-d option passed - local helm-chart files will be part of stack zip"
+ log "\t-d option passed - local helm-chart files will be part of stack zip"
else
- echo -e "\t-d option NOT passed - local helm-chart files will NOT be part of stack zip"
+ log "\t-d option NOT passed - local helm-chart files will NOT be part of stack zip"
fi
if [ -n "$LIVE_LAB_BUILD" ]; then
- echo -e "\t-l option passed - livelab specific zip will be created"
+ log "\t-l option passed - livelab specific zip will be created"
fi
# Start
-echo -e "\nBuilding -\n"
+log "\nBuilding -\n"
# Clean up stale temp build dirs and zip file
rm "$BUILD_ZIP" 2>/dev/null || :
@@ -120,40 +132,40 @@ rm -rf "$BUILD_DIR" 2>/dev/null || :
# Create a release DIR if it does not exist already.
if test ! -d "$RELEASE_PATH"; then
mkdir "${RELEASE_PATH}" || error_and_exit "ERROR: mkdir ${RELEASE_PATH}"
- echo -e "Created release direcotory - \$PROJECT_HOME/releases"
+ log "Created release direcotory - \$PROJECT_HOME/releases"
fi
# Clean up old zip
-rm "${RELEASE_ZIP}" 2>/dev/null && echo -e "Removed old stack - ${RELEASE_ZIP}"
+rm "${RELEASE_ZIP}" 2>/dev/null && log "Removed old stack - ${RELEASE_ZIP}"
# Switch to project's root for git archive
-cd $ROOT_DIR || error_and_exit "ERROR: cd $ROOT_DIR"
+cd "$ROOT_DIR" || error_and_exit "ERROR: cd $ROOT_DIR"
# Create git archive as temp.zip
git archive HEAD -o "$BUILD_ZIP" --format=zip >/dev/null || error_and_exit "ERROR: git archive HEAD -o $BUILD_ZIP --format=zip"
-echo -e "Created git archive - $BUILD_ZIP"
+log "Created git archive - $BUILD_ZIP"
# Unzip the temp.zip file
unzip -d "$BUILD_DIR" "$BUILD_ZIP" >/dev/null || error_and_exit "ERROR: unzip -d $BUILD_DIR $BUILD_ZIP"
-echo -e "Unzipped git archive - $BUILD_DIR"
+log "Unzipped git archive - $BUILD_DIR"
# Remove the helm-chart symlink
rm "$HELM_SYMLINK" || error_and_exit "ERROR: rm $HELM_SYMLINK"
-echo -e "Removed helm-chart symlink - $HELM_SYMLINK"
+log "Removed helm-chart symlink - $HELM_SYMLINK"
if [ -n "$INCLUDE_LOCAL_HELM" ]; then
# copy the helm-chart
cp -R "$HELM_SOURCE" "$STACK_BUILD_PATH" || error_and_exit "ERROR: cp -R $HELM_SOURCE $STACK_BUILD_PATH"
- echo -e "Copied helm-chart at - $STACK_BUILD_PATH"
+ log "Copied helm-chart at - $STACK_BUILD_PATH"
fi
# Remove the terraform modules symlink
rm "$MODULES_SYMLINK" || error_and_exit "ERROR: rm $MODULES_SYMLINK"
-echo -e "Removed terraform modules symlink - $MODULES_SYMLINK"
+log "Removed terraform modules symlink - $MODULES_SYMLINK"
# Copy the modules
cp -R "$MODULES_SOURCE" "$STACK_BUILD_PATH" || error_and_exit "ERROR: cp -R $MODULES_SOURCE $STACK_BUILD_PATH"
-echo -e "Copied terraform modules at - $STACK_BUILD_PATH"
+log "Copied terraform modules at - $STACK_BUILD_PATH"
# Switch back to stack dir
cd "$STACK_BUILD_PATH" || error_and_exit "ERROR: cd $STACK_BUILD_PATH"
@@ -161,19 +173,25 @@ cd "$STACK_BUILD_PATH" || error_and_exit "ERROR: cd $STACK_BUILD_PATH"
# Update livelab switch input to true
if [ -n "$LIVE_LAB_BUILD" ]; then
sed "s/false/true/g" -i livelab_switch.tf || error_and_exit "ERROR: sed \"s/false/true/g\" -i livelab_switch.tf"
- echo -e "Enabled livelab switch in $STACK_BUILD_PATH/livelab_switch.tf"
+ log "Enabled livelab switch in $STACK_BUILD_PATH/livelab_switch.tf"
fi
# Create final stack zip
zip -r "${RELEASE_ZIP}" . >/dev/null || error_and_exit "ERROR: zip -r ${RELEASE_ZIP} ."
# Display Output
-echo -e "\nOutput -\n"
-echo -e "Stack Created - ${RELEASE_ZIP}"
+log "\nOutput -\n"
+log "Stack Created - ${RELEASE_ZIP}"
# Switch back to util dir
cd "$RELEASE_PATH" || error_and_exit "ERROR: cd $RELEASE_PATH"
# Clean up stale dirs and files
rm "$BUILD_ZIP" 2>/dev/null || error_and_exit "ERROR: rm $BUILD_ZIP"
-rm -rf "$BUILD_DIR" 2>/dev/null || error_and_exit "ERROR: rm -rf $BUILD_DIR"
\ No newline at end of file
+rm -rf "$BUILD_DIR" 2>/dev/null || error_and_exit "ERROR: rm -rf $BUILD_DIR"
+
+if [[ $SILENT_MODE = true ]]; then
+ echo "$RELEASE_ZIP" # stdout
+fi
+
+exit 0
\ No newline at end of file