fluentbit: support multi-elasticsearch

openinfradev · Jul 26, 2022 · 3f6a350 · 3f6a350
1 parent 3b7b81d
commit 3f6a350
Show file tree

Hide file tree

Showing 7 changed files with 259 additions and 246 deletions.
diff --git a/fluentbit-operator/Chart.yaml b/fluentbit-operator/Chart.yaml
@@ -13,4 +13,5 @@ maintainers:
 name: fluentbit-operator
 sources:
 - https://github.com/intelliguy/fluentbit-operator
-version: 1.2.2
+version: 1.3.0
+# Support Multi-ElasticSeach clusters (1.3)
diff --git a/fluentbit-operator/templates/_helpers.tpl b/fluentbit-operator/templates/_helpers.tpl
@@ -12,38 +12,23 @@ The components in this chart create additional resources that expand the longest
 The longest name that gets created adds and extra 37 characters, so truncation should be 63-35=26.
 */}}
 {{- define "fluentbit-operator.fullname" -}}
-{{- if .Values.fullnameOverride -}}
-{{- .Values.fullnameOverride | trunc 26 | trimSuffix "-" -}}
-{{- else -}}
-{{- $name := default .Chart.Name .Values.nameOverride -}}
-{{- if contains $name .Release.Name -}}
-{{- .Release.Name | trunc 26 | trimSuffix "-" -}}
-{{- else -}}
-{{- printf "%s-%s" .Release.Name $name | trunc 26 | trimSuffix "-" -}}
-{{- end -}}
-{{- end -}}
+  {{- if .Values.fullnameOverride -}}
+    {{- .Values.fullnameOverride | trunc 26 | trimSuffix "-" -}}
+  {{- else -}}
+    {{- $name := default .Chart.Name .Values.nameOverride -}}
+    {{- if contains $name .Release.Name -}}
+      {{- .Release.Name | trunc 26 | trimSuffix "-" -}}
+    {{- else -}}
+      {{- printf "%s-%s" .Release.Name $name | trunc 26 | trimSuffix "-" -}}
+    {{- end -}}
+  {{- end -}}
 {{- end -}}
 
-{{/* Fullname suffixed with operator */}}
-{{- define "fluentbit-operator.operator.fullname" -}}
-{{- printf "%s-operator" (include "fluentbit-operator.fullname" .) -}}
-{{- end }}
-
-{{/* Fullname suffixed with fluentbit */}}
-{{- define "fluentbit-operator.fluentbit.fullname" -}}
-{{- printf "%s-fluentbit" (include "fluentbit-operator.fullname" .) -}}
-{{- end }}
-
 {{/* Fullname suffixed with operator */}}
 {{- define "fluentbit-operator.exporter.fullname" -}}
 {{- printf "alerted-log-exporter" -}}
 {{- end }}
 
-{{/* Fullname suffixed with alertmanager */}}
-{{- define "fluentbit-operator.alertmanager.fullname" -}}
-{{- printf "%s-alertmanager" (include "fluentbit-operator.fullname" .) -}}
-{{- end }}
-
 {{/* Create chart name and version as used by the chart label. */}}
 {{- define "fluentbit-operator.chartref" -}}
 {{- replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name -}}
@@ -86,43 +71,49 @@ heritage: {{ $.Release.Service | quote }}
 {{- end -}}
 {{- end -}}
 
+{{/* secret name suffixed with operator */}}
+{{- define "fluentbit-operator.operator.es-secret" -}}
+{{- printf "fluentbit-es-user-%s" . -}}
+{{- end }}
+
 {{/* Generate output for elasticsearch */}}
 {{- define "fluentbit-operator.fluentbit.output.es" -}}
 {{- $envAll := index . 0 -}}
-{{- $input := index . 1 -}}
-{{- $index := index . 2 -}}
-{{- $tag := index . 3 -}}
+{{- $es := index . 1 -}}
+{{- $type := index . 2 -}}
+{{- $index_name := index . 3 -}}
+{{- $tag := index . 4 -}}
 ---
 # Elasticsearch index 
 apiVersion: logging.kubesphere.io/v1alpha2
 kind: Output
 metadata:
-  name: {{ template "fluentbit-operator.fullname" $envAll  }}-es-{{ $index }}
+  name: {{ template "fluentbit-operator.fullname" $envAll  }}-{{ $es.name }}-{{ $index_name }}
   namespace: {{ $envAll.Release.Namespace }}
   labels:
     logging.kubesphere.io/enabled: "true"
     app.kubernetes.io/version: v0.0.1
 spec:
   match: {{ $tag | quote }}
   es:
-{{- if $input.logstashFormat}}
-    logstashPrefix: {{ $index }}
+{{- if $es.logstashFormat}}
+    logstashPrefix: {{ $es.index }}
     logstashFormat: true
-{{- else if $index }}
-    index: {{ $index }}
+{{- else if $index_name }}
+    index: {{ $index_name }}
 {{- end}}
-    host: {{ $envAll.Values.fluentbit.outputs.es.host }}
-    port: {{ $envAll.Values.fluentbit.outputs.es.port }}
-    type: {{ $input.type }}
+    host: {{ $es.host }}
+    port: {{ $es.port }}
+    type: {{ index . 2  }}
     httpUser:
       valueFrom:
         secretKeyRef:
-          name: {{ $envAll.Values.fluentbit.outputs.es.username }}-es-secret
+          name: {{ include "fluentbit-operator.operator.es-secret" $es.name }}
           key: username
     httpPassword:
       valueFrom:
         secretKeyRef:
-          name: {{ $envAll.Values.fluentbit.outputs.es.username }}-es-secret
+          name: {{ include "fluentbit-operator.operator.es-secret" $es.name }}
           key: password
     tls:
       verify: false

diff --git a/fluentbit-operator/templates/fluentbit/cm-cr.yaml b/fluentbit-operator/templates/fluentbit/cm-cr.yaml
@@ -1,4 +1,4 @@
-{{- if or .Values.fluentbit.outputs.es.template.enabled .Values.fluentbit.outputs.es.enabled }}
+{{- if or .Values.fluentbit.outputs.es }}
 {{- $envAll := . }}
 ---
 apiVersion: v1
@@ -13,84 +13,82 @@ metadata:
     app: {{ template "fluentbit-operator.name" . }}-operator
 {{ include "fluentbit-operator.labels" . | indent 4 }}
 data:
-  create_template.sh: |-
+{{- range .Values.fluentbit.outputs.es }}
+  {{- $es := . }}
+  {{- if .createuser }}
+  create_user_{{$es.name}}.sh: |-
     #!/bin/sh
     set -ex
-
-{{ range .Values.fluentbit.outputs.es.template.ilms }}
+    curl -k -u elastic:${ELASTIC_PW} -X POST ${ES_URL}/_security/user/$1 -H 'Content-Type: application/json' -d'
+    {
+      "password" : {{ .password | quote }},
+      "roles" : [ "superuser" ],
+      "full_name" : "LMA user by TACO",
+      "email" : "taco@taco.com",
+      "metadata" : {
+        "intelligence" : 7
+      }
+    }
+    '
+  {{- end}}
+  {{- if .template }}
+  create_template_{{$es.name}}.sh: |-
+    #!/bin/sh
+    set -ex
+    
+    ### Index Lifecycle Management
+    {{- range .template.ilms }}
     echo "trying to setting policy {{.name}}..."
     curl -k -u elastic:${ELASTIC_PW} -X PUT "${ES_URL}/_ilm/policy/{{.name}}" \
-      -H 'Content-Type:application/json' -H 'kbn-xsrf:true' -d @/tmp/ilm-{{.name}}.json
-{{- end}}
-
-{{ range .Values.fluentbit.outputs.es.template.templates }}
+      -H 'Content-Type:application/json' -H 'kbn-xsrf:true' -d @/tmp/ilm-{{.name}}_{{$es.name}}.json
+    {{- end}}
+    ### Templates
+    {{- range .template.templates }}
     echo "trying to setting Template {{.name}}..."
     curl -k -u elastic:${ELASTIC_PW} -X PUT "${ES_URL}/_template/{{.name}}" \
-      -H 'Content-Type:application/json' -H 'kbn-xsrf:true' -d @/tmp/template-{{.name}}.json
-{{- end}}
-
-{{ range .Values.fluentbit.targetLogs }}
-  {{ if .index}}
+      -H 'Content-Type:application/json' -H 'kbn-xsrf:true' -d @/tmp/template-{{.name}}_{{$es.name}}.json
+    {{- end }}
+    ### generate first index 
+    {{- range $envAll.Values.fluentbit.targetLogs }}
+      {{- if and .index ( eq .es_name $es.name ) }}
     echo "trying to create initial index {{.index}}-000001..."
     curl -k -u elastic:${ELASTIC_PW} -X PUT "${ES_URL}/{{.index}}-000001" \
-      -H 'Content-Type:application/json' -H 'kbn-xsrf:true' -d @/tmp/index-{{.index}}.json
-  {{- end }}
-  {{ range .multi_index}}
+      -H 'Content-Type:application/json' -H 'kbn-xsrf:true' -d @/tmp/index-{{.index}}_{{$es.name}}.json
+      {{- end }}
+
+      {{- range .multi_index}}
+        {{- if and .index ( eq .es_name $es.name ) }}
     echo "trying to create initial index {{.index}}-000001..."
     curl -k -u elastic:${ELASTIC_PW} -X PUT "${ES_URL}/{{.index}}-000001" \
-      -H 'Content-Type:application/json' -H 'kbn-xsrf:true' -d @/tmp/index-{{.index}}.json
+      -H 'Content-Type:application/json' -H 'kbn-xsrf:true' -d @/tmp/index-{{.index}}_{{$es.name}}.json
+      {{- end }}
+    {{- end }}
   {{- end }}
-{{- end }}
 
-{{ range .Values.fluentbit.outputs.es.template.ilms }}
-  ilm-{{ .name }}.json: |- 
+  {{- range .template.ilms }}
+  ilm-{{.name}}_{{$es.name}}.json: |- 
     {{ toJson .json }}
-{{- end }}
+  {{- end }}
 
-{{ range .Values.fluentbit.outputs.es.template.templates }}
-  template-{{ .name }}.json: |-
+  {{- range .template.templates }}
+  template-{{.name}}_{{$es.name}}.json: |-
     {{ toJson .json }}
-{{- end }}
-
-{{ range .Values.fluentbit.targetLogs }}
-  {{ if .index}}
-  index-{{ .index }}.json: |-
-    {
-      "aliases": {
-        "{{.index}}":{
-          "is_write_index": true
-        }
-      }
-    }
   {{- end }}
 
-  {{ range .multi_index}}
-  index-{{ .index }}.json: |-
-    {
-      "aliases": {
-        "{{.index}}":{
-          "is_write_index": true
-        }
-      }
-    }
+  {{- range $envAll.Values.fluentbit.targetLogs }}
+    {{- if .index}}
+  index-{{.index}}_{{$es.name}}.json: |-
+    { "aliases": { "{{.index}}":{ "is_write_index": true } } }
+    {{- end }}
+
+    {{- range .multi_index}}
+      {{- if and .index ( eq .es_name $es.name ) }}
+  index-{{.index}}_{{$es.name}}.json: |-
+    { "aliases": { "{{.index}}":{ "is_write_index": true } } }
+      {{- end }}
+    {{- end }}
   {{- end }}
-{{- end }}
 
-{{- if .Values.fluentbit.outputs.es.enabled }}
-  create_user.sh: |-
-    #!/bin/sh
-    set -ex
-    curl -k -u elastic:${ELASTIC_PW} -X POST ${ES_URL}/_security/user/$1 -H 'Content-Type: application/json' -d'
-    {
-      "password" : {{ .Values.fluentbit.outputs.es.password | quote }},
-      "roles" : [ "superuser" ],
-      "full_name" : "LMA user by TACO",
-      "email" : "taco@taco.com",
-      "metadata" : {
-        "intelligence" : 7
-      }
-    }
-    '
 {{- end}}
-
+{{- end}}
 {{- end}}
diff --git a/fluentbit-operator/templates/fluentbit/job-create-user.yaml b/fluentbit-operator/templates/fluentbit/job-create-user.yaml
@@ -1,4 +1,5 @@
-{{- if and .Values.fluentbit.enabled .Values.fluentbit.outputs.es.enabled .Values.fluentbit.outputs.es.createuser }}
+{{- if and .Values.fluentbit.enabled .Values.fluentbit.outputs.es }}
+{{- $envAll := . }}
 ---
 apiVersion: batch/v1
 kind: Job
@@ -19,37 +20,42 @@ spec:
         app: {{ template "fluentbit-operator.name" . }}
 {{ include "fluentbit-operator.labels" . | indent 8 }}
     spec:
-{{- if .Values.fluentbit.nodeSelector }}
+  {{- if .Values.fluentbit.nodeSelector }}
       nodeSelector:
 {{ toYaml .Values.fluentbit.nodeSelector | indent 8 }}
-{{- end}}
+  {{- end}}
       containers:
-      - name: esuser
-        image: "{{ .Values.image.elasticsearchTemplates.repository }}:{{ .Values.image.elasticsearchTemplates.tag }}"
-        imagePullPolicy: "{{ .Values.image.elasticsearchTemplates.pullPolicy }}"
+  {{- range .Values.fluentbit.outputs.es }}
+    {{- if .createuser }}
+      {{- $esname := .name }}
+      - name: esuser-{{$esname}}
+        image: "{{ $envAll.Values.image.elasticsearchTemplates.repository }}:{{ $envAll.Values.image.elasticsearchTemplates.tag }}"
+        imagePullPolicy: "{{ $envAll.Values.image.elasticsearchTemplates.pullPolicy }}"
         env:
         - name: ES_URL
-          value: https://{{.Values.fluentbit.outputs.es.host}}:{{.Values.fluentbit.outputs.es.port}}
+          value: https://{{.host}}:{{.port}}
         - name: ELASTIC_PW
           valueFrom:
             secretKeyRef:
-              name: {{ .Values.fluentbit.outputs.es.elasticPasswordSecret  }}
+              name: {{ .elasticPasswordSecret  }}
               key: elastic
         command:
         - timeout
         - 5m
-        - /tmp/create_user.sh
-        - {{ .Values.fluentbit.outputs.es.username }}
-        - {{ .Values.fluentbit.outputs.es.password }}
+        - /tmp/create_user_{{$esname}}.sh
+        - {{ .username }}
+        - {{ .password }}
         volumeMounts:
         - name: {{ $.Release.Name }}-cr-cm
-          mountPath: /tmp/create_user.sh
-          subPath: create_user.sh
+          mountPath: /tmp/create_user_{{$esname}}.sh
+          subPath: create_user_{{$esname}}.sh
           readOnly: true
+    {{- end }}
+  {{- end }}
+      restartPolicy: OnFailure
       volumes:
       - name: {{ $.Release.Name }}-cr-cm
         configMap:
           name: {{ $.Release.Name }}-cr-cm
           defaultMode: 0777
-      restartPolicy: OnFailure
-{{- end}}
+{{- end }}