From 0cea60d0f289d0d9ef7dc58435f14e7f473b48a4 Mon Sep 17 00:00:00 2001 From: Mohamed Hazem Date: Thu, 27 Feb 2020 16:33:44 +0100 Subject: [PATCH] - Adjust ES and mongodb secret name defaults to avoid potential collision with graylog secret (#21071) - Allow prepending http scheme to the ES uri fetched from a secret Signed-off-by: Mohamed Hazem --- stable/graylog/Chart.yaml | 2 +- stable/graylog/README.md | 5 +++-- stable/graylog/templates/_helpers.tpl | 6 +++++- stable/graylog/templates/statefulset.yaml | 4 ++-- stable/graylog/values.yaml | 5 +++-- 5 files changed, 14 insertions(+), 8 deletions(-) diff --git a/stable/graylog/Chart.yaml b/stable/graylog/Chart.yaml index cab4754b3734..399e75f08a58 100755 --- a/stable/graylog/Chart.yaml +++ b/stable/graylog/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v1 name: graylog home: https://www.graylog.org -version: 1.5.9 +version: 1.6.0 appVersion: 3.1 description: Graylog is the centralized log management solution built to open standards for capturing, storing, and enabling real-time analysis of terabytes of machine data. keywords: diff --git a/stable/graylog/README.md b/stable/graylog/README.md index cffef5d8134a..2399effe9a36 100644 --- a/stable/graylog/README.md +++ b/stable/graylog/README.md @@ -142,10 +142,11 @@ The following table lists the configurable parameters of the Graylog chart and t | `graylog.existingRootSecret` | Graylog existing root secret | `` | | `graylog.rootTimezone` | Graylog root timezone. | `UTC` | | `graylog.elasticsearch.hosts` | Graylog Elasticsearch host name. You need to specific where data will be stored. | `` | -| `graylog.elasticsearch.uriSecretName` | K8s secret name where elasticsearch hosts will be set from. | `{{ graylog.fullname }}` | +| `graylog.elasticsearch.uriSecretName` | K8s secret name where elasticsearch hosts will be set from. | `{{ graylog.fullname }}-es` | | `graylog.elasticsearch.uriSecretKey` | K8s secret key name where elasticsearch hosts will be set from. | `` | +| `graylog.elasticsearch.uriSSL` | Prepends 'https://' to the URL fetched from 'uriSecretKey' if true. Prepends http:// otherwise. | false | | `graylog.mongodb.uri` | Graylog MongoDB connection string. You need to specific where data will be stored. | `` | -| `graylog.mongodb.uriSecretName` | K8s secret name where MongoDB URI will be set from. | `{{ graylog.fullname }}` | +| `graylog.mongodb.uriSecretName` | K8s secret name where MongoDB URI will be set from. | `{{ graylog.fullname }}-mongodb` | | `graylog.mongodb.uriSecretKey` | K8s secret key name where MongoDB URI will be set from. | `` | | `graylog.transportEmail.enabled` | If true, enable transport email settings on Graylog | `false` | | `graylog.transportEmail.hostname` | The hostname of the server used to send the email | `` | diff --git a/stable/graylog/templates/_helpers.tpl b/stable/graylog/templates/_helpers.tpl index fbcf71016460..20f36d8c402e 100644 --- a/stable/graylog/templates/_helpers.tpl +++ b/stable/graylog/templates/_helpers.tpl @@ -78,7 +78,11 @@ Or use chart dependencies with release name */}} {{- define "graylog.elasticsearch.hosts" -}} {{- if .Values.graylog.elasticsearch.uriSecretKey }} - {{- printf "${GRAYLOG_ELASTICSEARCH_HOST}" -}} + {{- if .Values.graylog.elasticsearch.uriSSL }} + {{- printf "https://${GRAYLOG_ELASTICSEARCH_HOST}" -}} + {{- else }} + {{- printf "http://${GRAYLOG_ELASTICSEARCH_HOST}" -}} + {{- end }} {{- else if .Values.graylog.elasticsearch.hosts }} {{- .Values.graylog.elasticsearch.hosts -}} {{- else }} diff --git a/stable/graylog/templates/statefulset.yaml b/stable/graylog/templates/statefulset.yaml index 8806b6f6bf55..41c6e04b8251 100644 --- a/stable/graylog/templates/statefulset.yaml +++ b/stable/graylog/templates/statefulset.yaml @@ -106,14 +106,14 @@ spec: - name: GRAYLOG_ELASTICSEARCH_HOST valueFrom: secretKeyRef: - name: {{ .Values.graylog.elasticsearch.uriSecretName | default (include "graylog.fullname" .) }} + name: {{ .Values.graylog.elasticsearch.uriSecretName | default (printf "%s-es" (include "graylog.fullname" .)) }} key: {{ .Values.graylog.elasticsearch.uriSecretKey }} {{- end }} {{- if .Values.graylog.mongodb.uriSecretKey }} - name: GRAYLOG_MONGODB_URI valueFrom: secretKeyRef: - name: {{ .Values.graylog.mongodb.uriSecretName | default (include "graylog.fullname" .) }} + name: {{ .Values.graylog.mongodb.uriSecretName | default (printf "%s-mongodb" (include "graylog.fullname" .)) }} key: {{ .Values.graylog.mongodb.uriSecretKey }} {{- end }} {{- range $key, $value := .Values.graylog.env }} diff --git a/stable/graylog/values.yaml b/stable/graylog/values.yaml index b80e031774f3..c1b243cb7471 100644 --- a/stable/graylog/values.yaml +++ b/stable/graylog/values.yaml @@ -271,9 +271,10 @@ graylog: # hosts: http://elasticsearch-client.graylog.svc.cluster.local:9200 hosts: "" # Allow elasticsearch hosts to be fetched from a k8s secret - # {{ graylog.fullname }} will be used as uriSecretName if left empty + # {{ graylog.fullname }}-es will be used as uriSecretName if left empty uriSecretName: "" uriSecretKey: "" + uriSSL: false mongodb: ## MongoDB connection string @@ -281,7 +282,7 @@ graylog: # uri: mongodb://user:pass@host1:27017,host2:27017,host3:27017/graylog?replicaSet=rs01 uri: "" # Allow mongodb uri to be fetched from a k8s secret - # {{ graylog.fullname }} will be used as uriSecretName if left empty + # {{ graylog.fullname }}-mongodb will be used as uriSecretName if left empty uriSecretName: "" uriSecretKey: ""