mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-12-15 19:04:23 -05:00
f4b2d02194
* add Metricbeat deployment to debugd Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * set metricbeat debugd image version Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix k8s deployment Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * use 2 separate deployments Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * only deploy via k8s in non-debug-images Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * add missing tilde * remove k8s metrics Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * unify flag Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * add cloud metadata processor to filebeat Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * ci: fix debugd logcollection (#2355) * add missing keyvault access role Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * bump logstash image version Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * bump filebeat / metricbeat image version Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * log used image version Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * use debugging image versions Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * increase wait timeout for image upload * add cloud metadata processor to filebeat Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix template locations in container Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix image version typo Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * add filebeat / metricbeat users Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * remove user additions Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * update workflow step name Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * only mount config files Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * document potential rc Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix IAM permissions in workflow Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix AWS permissions Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * tidy Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * add missing workflow input Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * rename action Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * pin image versions Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * remove unnecessary workflow inputs Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> --------- Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * add refStream input Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * remove inputs.yml dep Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * increase system metric period Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix linkchecker Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> --------- Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
89 lines
2.0 KiB
YAML
89 lines
2.0 KiB
YAML
# Helm Values for the DaemonSet that is deployed on all control plane nodes in the cluster and
|
|
# collects Kubernetes and etcd metrics.
|
|
image: ghcr.io/edgelesssys/beats/metricbeat-oss
|
|
imageTag: 8.11.0@sha256:c2488378e794467f2a7214a56da0de017db1f2c28198721f12d74ad9cc263d08
|
|
|
|
kube_state_metrics:
|
|
enabled: false
|
|
|
|
deployment:
|
|
enabled: false
|
|
|
|
daemonset:
|
|
enabled: true
|
|
metricbeatConfig:
|
|
metricbeat.yml: ""
|
|
hostNetworking: true
|
|
extraEnvs: []
|
|
secretMounts: []
|
|
nodeSelector:
|
|
node-role.kubernetes.io/control-plane: ""
|
|
tolerations:
|
|
- key: node-role.kubernetes.io/control-plane
|
|
operator: Exists
|
|
effect: NoSchedule
|
|
securityContext:
|
|
privileged: true
|
|
runAsUser: 0
|
|
extraVolumeMounts:
|
|
- name: runsystemd
|
|
mountPath: /run/systemd
|
|
readOnly: true
|
|
- name: varrundbus
|
|
mountPath: /var/run/dbus
|
|
readOnly: true
|
|
- name: etcdcerts
|
|
mountPath: /etc/kubernetes/pki/etcd
|
|
readOnly: true
|
|
extraVolumes:
|
|
- name: runsystemd
|
|
hostPath:
|
|
path: /run/systemd
|
|
type: ""
|
|
- name: varrundbus
|
|
hostPath:
|
|
path: /var/run/dbus
|
|
type: ""
|
|
- name: etcdcerts
|
|
hostPath:
|
|
path: /etc/kubernetes/pki/etcd
|
|
type: ""
|
|
|
|
clusterRoleRules:
|
|
- apiGroups: [""]
|
|
resources:
|
|
- nodes
|
|
- namespaces
|
|
- events
|
|
- pods
|
|
- services
|
|
verbs: ["get", "list", "watch"]
|
|
- apiGroups: ["extensions"]
|
|
resources:
|
|
- replicasets
|
|
verbs: ["get", "list", "watch"]
|
|
- apiGroups: ["apps"]
|
|
resources:
|
|
- statefulsets
|
|
- deployments
|
|
- replicasets
|
|
verbs: ["get", "list", "watch"]
|
|
- apiGroups: [""]
|
|
resources:
|
|
- nodes/stats
|
|
verbs: ["get"]
|
|
- apiGroups: ["batch"]
|
|
resources:
|
|
- jobs
|
|
verbs: ["get", "list", "watch"]
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- nodes/stats
|
|
verbs:
|
|
- get
|
|
- nonResourceURLs:
|
|
- "/metrics"
|
|
verbs:
|
|
- get
|