From f477c9297c53bef0196ba91ec963d7740fa8a4aa Mon Sep 17 00:00:00 2001 From: Michael Katsoulis Date: Tue, 2 Nov 2021 15:44:18 +0000 Subject: [PATCH] Update standalone agent manifest conditions and scheduler and controllermanager default hosts (#28675) * Update standalone agent manifest conditions and scheduler and controllermanager default hosts (cherry picked from commit 223f07061870e92c23c381da525065f49aacd2ac) --- CHANGELOG.next.asciidoc | 2 ++ .../elastic-agent-standalone-kubernetes.yaml | 12 ++++++++---- ...elastic-agent-standalone-daemonset-configmap.yaml | 12 ++++++++---- 3 files changed, 18 insertions(+), 8 deletions(-) diff --git a/CHANGELOG.next.asciidoc b/CHANGELOG.next.asciidoc index 72d6b1250f9..aeb2a47346f 100644 --- a/CHANGELOG.next.asciidoc +++ b/CHANGELOG.next.asciidoc @@ -226,6 +226,8 @@ https://github.com/elastic/beats/compare/v7.0.0-alpha2...master[Check the HEAD d - Update ECS to 1.12.0. {pull}27770[27770] - Fields mapped as `match_only_text` will automatically fallback to a `text` mapping when using Elasticsearch versions that do not support `match_only_text`. {pull}27770[27770] - Do not load ML jobs to Elasticsearch 8.x from new Beats 7.x releases. {pull}27771[27771] +- Update kubernetes scheduler and controllermanager endpoints in elastic-agent-standalone-kubernetes.yaml with secure ports {pull}28675[28675] +- Add options to configure k8s client qps/burst. {pull}28151[28151] *Auditbeat* diff --git a/deploy/kubernetes/elastic-agent-standalone-kubernetes.yaml b/deploy/kubernetes/elastic-agent-standalone-kubernetes.yaml index 819ab0accee..7af94fa0f3d 100644 --- a/deploy/kubernetes/elastic-agent-standalone-kubernetes.yaml +++ b/deploy/kubernetes/elastic-agent-standalone-kubernetes.yaml @@ -341,19 +341,23 @@ data: type: metrics metricsets: - controllermanager + bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token hosts: - - '${kubernetes.pod.ip}:10252' + - 'https://${kubernetes.pod.ip}:10257' period: 10s - condition: ${kubernetes.pod.labels.component} == 'kube-controller-manager' + ssl.verification_mode: none + condition: ${kubernetes.labels.component} == 'kube-controller-manager' - data_stream: dataset: kubernetes.scheduler type: metrics metricsets: - scheduler + bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token hosts: - - '${kubernetes.pod.ip}:10251' + - 'https://${kubernetes.pod.ip}:10259' period: 10s - condition: ${kubernetes.pod.labels.component} == 'kube-scheduler' + ssl.verification_mode: none + condition: ${kubernetes.labels.component} == 'kube-scheduler' - data_stream: dataset: kubernetes.proxy type: metrics diff --git a/deploy/kubernetes/elastic-agent-standalone/elastic-agent-standalone-daemonset-configmap.yaml b/deploy/kubernetes/elastic-agent-standalone/elastic-agent-standalone-daemonset-configmap.yaml index 2688bbfc61c..d3f290b2aab 100644 --- a/deploy/kubernetes/elastic-agent-standalone/elastic-agent-standalone-daemonset-configmap.yaml +++ b/deploy/kubernetes/elastic-agent-standalone/elastic-agent-standalone-daemonset-configmap.yaml @@ -341,19 +341,23 @@ data: type: metrics metricsets: - controllermanager + bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token hosts: - - '${kubernetes.pod.ip}:10252' + - 'https://${kubernetes.pod.ip}:10257' period: 10s - condition: ${kubernetes.pod.labels.component} == 'kube-controller-manager' + ssl.verification_mode: none + condition: ${kubernetes.labels.component} == 'kube-controller-manager' - data_stream: dataset: kubernetes.scheduler type: metrics metricsets: - scheduler + bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token hosts: - - '${kubernetes.pod.ip}:10251' + - 'https://${kubernetes.pod.ip}:10259' period: 10s - condition: ${kubernetes.pod.labels.component} == 'kube-scheduler' + ssl.verification_mode: none + condition: ${kubernetes.labels.component} == 'kube-scheduler' - data_stream: dataset: kubernetes.proxy type: metrics