343 lines
8.3 KiB
YAML
343 lines
8.3 KiB
YAML
---
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: metricbeat-daemonset-config
|
|
namespace: kube-system
|
|
labels:
|
|
k8s-app: metricbeat
|
|
data:
|
|
metricbeat.yml: |-
|
|
metricbeat.config.modules:
|
|
# Mounted `metricbeat-daemonset-modules` configmap:
|
|
path: ${path.config}/modules.d/*.yml
|
|
# Reload module configs as they change:
|
|
reload.enabled: false
|
|
|
|
# To enable hints based autodiscover uncomment this:
|
|
#metricbeat.autodiscover:
|
|
# providers:
|
|
# - type: kubernetes
|
|
# host: ${NODE_NAME}
|
|
# hints.enabled: true
|
|
|
|
processors:
|
|
- add_cloud_metadata:
|
|
|
|
cloud.id: ${ELASTIC_CLOUD_ID}
|
|
cloud.auth: ${ELASTIC_CLOUD_AUTH}
|
|
|
|
output.elasticsearch:
|
|
hosts: ['${ELASTICSEARCH_HOST:elasticsearch}:${ELASTICSEARCH_PORT:9200}']
|
|
username: ${ELASTICSEARCH_USERNAME}
|
|
password: ${ELASTICSEARCH_PASSWORD}
|
|
---
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: metricbeat-daemonset-modules
|
|
namespace: kube-system
|
|
labels:
|
|
k8s-app: metricbeat
|
|
data:
|
|
system.yml: |-
|
|
- module: system
|
|
period: 10s
|
|
metricsets:
|
|
- cpu
|
|
- load
|
|
- memory
|
|
- network
|
|
- process
|
|
- process_summary
|
|
#- core
|
|
#- diskio
|
|
#- socket
|
|
processes: ['.*']
|
|
process.include_top_n:
|
|
by_cpu: 5 # include top 5 processes by CPU
|
|
by_memory: 5 # include top 5 processes by memory
|
|
|
|
- module: system
|
|
period: 1m
|
|
metricsets:
|
|
- filesystem
|
|
- fsstat
|
|
processors:
|
|
- drop_event.when.regexp:
|
|
system.filesystem.mount_point: '^/(sys|cgroup|proc|dev|etc|host|lib)($|/)'
|
|
kubernetes.yml: |-
|
|
- module: kubernetes
|
|
metricsets:
|
|
- node
|
|
- system
|
|
- pod
|
|
- container
|
|
- volume
|
|
period: 10s
|
|
host: ${NODE_NAME}
|
|
hosts: ["localhost:10255"]
|
|
# If using Red Hat OpenShift remove the previous hosts entry and
|
|
# uncomment these settings:
|
|
#hosts: ["https://${HOSTNAME}:10250"]
|
|
#bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
|
|
#ssl.certificate_authorities:
|
|
#- /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
|
|
---
|
|
# Deploy a Metricbeat instance per node for node metrics retrieval
|
|
apiVersion: extensions/v1beta1
|
|
kind: DaemonSet
|
|
metadata:
|
|
name: metricbeat
|
|
namespace: kube-system
|
|
labels:
|
|
k8s-app: metricbeat
|
|
spec:
|
|
template:
|
|
metadata:
|
|
labels:
|
|
k8s-app: metricbeat
|
|
spec:
|
|
serviceAccountName: metricbeat
|
|
terminationGracePeriodSeconds: 30
|
|
hostNetwork: true
|
|
dnsPolicy: ClusterFirstWithHostNet
|
|
containers:
|
|
- name: metricbeat
|
|
image: docker.elastic.co/beats/metricbeat:6.5.0
|
|
args: [
|
|
"-c", "/etc/metricbeat.yml",
|
|
"-e",
|
|
"-system.hostfs=/hostfs",
|
|
]
|
|
env:
|
|
- name: ELASTICSEARCH_HOST
|
|
value: elasticsearch
|
|
- name: ELASTICSEARCH_PORT
|
|
value: "9200"
|
|
- name: ELASTICSEARCH_USERNAME
|
|
value: elastic
|
|
- name: ELASTICSEARCH_PASSWORD
|
|
value: changeme
|
|
- name: ELASTIC_CLOUD_ID
|
|
value:
|
|
- name: ELASTIC_CLOUD_AUTH
|
|
value:
|
|
- name: NODE_NAME
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: spec.nodeName
|
|
securityContext:
|
|
runAsUser: 0
|
|
resources:
|
|
limits:
|
|
memory: 200Mi
|
|
requests:
|
|
cpu: 100m
|
|
memory: 100Mi
|
|
volumeMounts:
|
|
- name: config
|
|
mountPath: /etc/metricbeat.yml
|
|
readOnly: true
|
|
subPath: metricbeat.yml
|
|
- name: modules
|
|
mountPath: /usr/share/metricbeat/modules.d
|
|
readOnly: true
|
|
- name: dockersock
|
|
mountPath: /var/run/docker.sock
|
|
- name: proc
|
|
mountPath: /hostfs/proc
|
|
readOnly: true
|
|
- name: cgroup
|
|
mountPath: /hostfs/sys/fs/cgroup
|
|
readOnly: true
|
|
volumes:
|
|
- name: proc
|
|
hostPath:
|
|
path: /proc
|
|
- name: cgroup
|
|
hostPath:
|
|
path: /sys/fs/cgroup
|
|
- name: dockersock
|
|
hostPath:
|
|
path: /var/run/docker.sock
|
|
- name: config
|
|
configMap:
|
|
defaultMode: 0600
|
|
name: metricbeat-daemonset-config
|
|
- name: modules
|
|
configMap:
|
|
defaultMode: 0600
|
|
name: metricbeat-daemonset-modules
|
|
- name: data
|
|
hostPath:
|
|
path: /var/lib/metricbeat-data
|
|
type: DirectoryOrCreate
|
|
---
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: metricbeat-deployment-config
|
|
namespace: kube-system
|
|
labels:
|
|
k8s-app: metricbeat
|
|
data:
|
|
metricbeat.yml: |-
|
|
metricbeat.config.modules:
|
|
# Mounted `metricbeat-daemonset-modules` configmap:
|
|
path: ${path.config}/modules.d/*.yml
|
|
# Reload module configs as they change:
|
|
reload.enabled: false
|
|
|
|
processors:
|
|
- add_cloud_metadata:
|
|
|
|
cloud.id: ${ELASTIC_CLOUD_ID}
|
|
cloud.auth: ${ELASTIC_CLOUD_AUTH}
|
|
|
|
output.elasticsearch:
|
|
hosts: ['${ELASTICSEARCH_HOST:elasticsearch}:${ELASTICSEARCH_PORT:9200}']
|
|
username: ${ELASTICSEARCH_USERNAME}
|
|
password: ${ELASTICSEARCH_PASSWORD}
|
|
---
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: metricbeat-deployment-modules
|
|
namespace: kube-system
|
|
labels:
|
|
k8s-app: metricbeat
|
|
data:
|
|
# This module requires `kube-state-metrics` up and running under `kube-system` namespace
|
|
kubernetes.yml: |-
|
|
- module: kubernetes
|
|
metricsets:
|
|
- state_node
|
|
- state_deployment
|
|
- state_replicaset
|
|
- state_pod
|
|
- state_container
|
|
# Uncomment this to get k8s events:
|
|
#- event
|
|
period: 10s
|
|
host: ${NODE_NAME}
|
|
hosts: ["kube-state-metrics:8080"]
|
|
---
|
|
# Deploy singleton instance in the whole cluster for some unique data sources, like kube-state-metrics
|
|
apiVersion: apps/v1beta1
|
|
kind: Deployment
|
|
metadata:
|
|
name: metricbeat
|
|
namespace: kube-system
|
|
labels:
|
|
k8s-app: metricbeat
|
|
spec:
|
|
template:
|
|
metadata:
|
|
labels:
|
|
k8s-app: metricbeat
|
|
spec:
|
|
serviceAccountName: metricbeat
|
|
hostNetwork: true
|
|
dnsPolicy: ClusterFirstWithHostNet
|
|
containers:
|
|
- name: metricbeat
|
|
image: docker.elastic.co/beats/metricbeat:6.5.0
|
|
args: [
|
|
"-c", "/etc/metricbeat.yml",
|
|
"-e",
|
|
]
|
|
env:
|
|
- name: ELASTICSEARCH_HOST
|
|
value: elasticsearch
|
|
- name: ELASTICSEARCH_PORT
|
|
value: "9200"
|
|
- name: ELASTICSEARCH_USERNAME
|
|
value: elastic
|
|
- name: ELASTICSEARCH_PASSWORD
|
|
value: changeme
|
|
- name: ELASTIC_CLOUD_ID
|
|
value:
|
|
- name: ELASTIC_CLOUD_AUTH
|
|
value:
|
|
- name: NODE_NAME
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: spec.nodeName
|
|
securityContext:
|
|
runAsUser: 0
|
|
resources:
|
|
limits:
|
|
memory: 200Mi
|
|
requests:
|
|
cpu: 100m
|
|
memory: 100Mi
|
|
volumeMounts:
|
|
- name: config
|
|
mountPath: /etc/metricbeat.yml
|
|
readOnly: true
|
|
subPath: metricbeat.yml
|
|
- name: modules
|
|
mountPath: /usr/share/metricbeat/modules.d
|
|
readOnly: true
|
|
volumes:
|
|
- name: config
|
|
configMap:
|
|
defaultMode: 0600
|
|
name: metricbeat-deployment-config
|
|
- name: modules
|
|
configMap:
|
|
defaultMode: 0600
|
|
name: metricbeat-deployment-modules
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1beta1
|
|
kind: ClusterRoleBinding
|
|
metadata:
|
|
name: metricbeat
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: metricbeat
|
|
namespace: kube-system
|
|
roleRef:
|
|
kind: ClusterRole
|
|
name: metricbeat
|
|
apiGroup: rbac.authorization.k8s.io
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1beta1
|
|
kind: ClusterRole
|
|
metadata:
|
|
name: metricbeat
|
|
labels:
|
|
k8s-app: metricbeat
|
|
rules:
|
|
- apiGroups: [""]
|
|
resources:
|
|
- nodes
|
|
- namespaces
|
|
- events
|
|
- pods
|
|
verbs: ["get", "list", "watch"]
|
|
- apiGroups: ["extensions"]
|
|
resources:
|
|
- replicasets
|
|
verbs: ["get", "list", "watch"]
|
|
- apiGroups: ["apps"]
|
|
resources:
|
|
- statefulsets
|
|
- deployments
|
|
verbs: ["get", "list", "watch"]
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- nodes/stats
|
|
verbs:
|
|
- get
|
|
---
|
|
apiVersion: v1
|
|
kind: ServiceAccount
|
|
metadata:
|
|
name: metricbeat
|
|
namespace: kube-system
|
|
labels:
|
|
k8s-app: metricbeat
|
|
---
|