Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add endpoint into AWS config #16263

Merged
merged 8 commits into from
Feb 18, 2020
Merged

Add endpoint into AWS config #16263

merged 8 commits into from
Feb 18, 2020

Conversation

kaiyan-sheng
Copy link
Contributor

@kaiyan-sheng kaiyan-sheng commented Feb 11, 2020
edited
Loading

What does this PR do?

This PR is to add support for custom endpoint configuration in the AWS modules for Filebeat and Metricbeat.

AWS Service endpoints: https://docs.aws.amazon.com/general/latest/gr/aws-service-information.html

Why is it important?

There are users running in AWS private cloud regions, which require endpoint URL in configuration to access AWS API. The ap-northeast-3 Region in Japan is not returned by Region enumeration APIs, such as EC2.describeRegions API. To define endpoints for this Region, custom endpoint needs to be used:

https://{service}.{region}.amazonaws.com

So the Amazon EC2 endpoint for this Region would be ec2.ap-northeast-3.amazonaws.com.

Checklist

  • My code follows the style guidelines of this project
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • I have made corresponding change to the default configuration files
  • I have added tests that prove my fix is effective or that my feature works

How to test this PR locally

Use endpoint config with regions to collect metrics. For example, the config below is to only collect EC2 cloudwatch metrics from us-west-1 region under amazonaws.com endpoint.

- module: aws
  period: 5m
  credential_profile_name: elastic-beats
  endpoint: amazonaws.com
  regions: 
    - us-west-1
  metricsets:
    - ec2

Similarly, testing endpoint config parameter with Filebeat s3 input can use config like below:

filebeat.inputs:
  - type: s3
    queue_url:   https://sqs.us-east-1.amazonaws.com/428152502467/test-fb-ks
    credential_profile_name: elastic-beats
    endpoint: amazonaws.com

For testing autodiscovery aws_ec2 provider, config below can be used:

logging.level: debug
metricbeat.autodiscover:
  # List of enabled autodiscover providers
  providers:
    - type: aws_ec2
      period: 1m
      credential_profile_name: elastic-beats
      endpoint: amazonaws.com
      templates:
        - condition:
            equals:
              aws.ec2.tags.created-by: "ks"
          config:
            - module: mysql
              metricsets: ["status", "galera_status"]
              period: 10s
              hosts: ["tcp(${data.aws.ec2.public.ip}:3306)/"]
              username: kaiyan
              password: kaiyan
  • Make sure every metricset under aws module is working for Metricbeat
  • Make sure every fileset under aws module is working for Filebeat
  • Make sure autodiscover aws_ec2 provider is working
  • Test for resourcegroupstaggingapi with endpoint: make sure tags for each service are collected with endpoint config provided.
  • Test with/without regions config parameter: make sure if there is no regions specified, then metrics from all regions should be collected.

Related issues

#16245

@kaiyan-sheng kaiyan-sheng self-assigned this Feb 12, 2020
@kaiyan-sheng kaiyan-sheng marked this pull request as ready for review February 13, 2020 20:59
@kaiyan-sheng kaiyan-sheng requested a review from a team as a code owner February 13, 2020 20:59
@kaiyan-sheng kaiyan-sheng added needs_backport PR is waiting to be backported to other branches. review Team:Platforms Label for the Integrations - Platforms team test-plan Add this PR to be manual test plan labels Feb 13, 2020
ChrsMark
ChrsMark reviewed Feb 14, 2020
View reviewed changes
Copy link
Member

@ChrsMark ChrsMark left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overall lgtm, left a minor concern

ChrsMark
ChrsMark approved these changes Feb 17, 2020
View reviewed changes
Copy link
Member

@ChrsMark ChrsMark left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Haven't tested this but it looks good to me!

@kaiyan-sheng kaiyan-sheng merged commit 97501ad into elastic:master Feb 18, 2020
@kaiyan-sheng kaiyan-sheng deleted the add_endpoint_aws branch February 18, 2020 15:25
@kaiyan-sheng kaiyan-sheng mentioned this pull request Feb 18, 2020
Merged
10 tasks
@kaiyan-sheng kaiyan-sheng added v7.7.0 and removed needs_backport PR is waiting to be backported to other branches. labels Feb 18, 2020
kaiyan-sheng added a commit that referenced this pull request Feb 18, 2020
@kaiyan-sheng
Add endpoint into AWS config (#16263) (#16389)
cc78671 
* Add endpoint into AWS config
* Add EnrichAWSConfigWithEndpoint function in libbeat/common for both FB and MB

(cherry picked from commit 97501ad)
@andresrc andresrc mentioned this pull request Feb 19, 2020
Closed
kvch pushed a commit to kvch/beats that referenced this pull request Feb 20, 2020
@kaiyan-sheng @kvch
Add endpoint into AWS config (elastic#16263)
46a0aa7 
* Add endpoint into AWS config

* add EndpointResolver for aws config

* Update endpoints with region name

* replace endpoint_region with regions config option

* Add endpoint to filebeat s3 input and aws module

* Add endpoint to autodiscover aws ec2 and elb providers

* update changelog

* Add EnrichAWSConfigWithEndpoint function in libbeat/common for both FB and MB
@andresrc andresrc added the test-plan-added This PR has been added to the test plan label Mar 21, 2020
henrysher
henrysher reviewed May 26, 2020
View reviewed changes
Copy link

@henrysher henrysher left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I suggest not to using hardcoded region name here.

x-pack/metricbeat/module/aws/aws.go
@@ -86,7 +87,9 @@ func NewMetricSet(base mb.BaseMetricSet) (*MetricSet, error) {
}

// Get IAM account name
svcIam := iam.New(awsConfig)
awsConfig.Region = "us-east-1"
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The hardcoded region here works well in global regions but not for China regions.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for the input! Sorry unfortunately I'm not able to test it with a China region, what would this be for China regions?
With this use case, we probably should add a separate config parameter called init_region or something instead of hardcoded this as us-east-1. Do you mind creating a separate github issue for this? Thanks again!!!

@henrysher henrysher mentioned this pull request May 29, 2020
Closed
@kaiyan-sheng kaiyan-sheng mentioned this pull request Dec 15, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@henrysher henrysher henrysher left review comments

@ChrsMark ChrsMark ChrsMark approved these changes

Assignees

@kaiyan-sheng kaiyan-sheng

Labels
review Team:Platforms Label for the Integrations - Platforms team test-plan Add this PR to be manual test plan test-plan-added This PR has been added to the test plan v7.7.0 [zube]: Done
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@kaiyan-sheng @henrysher @ChrsMark @andresrc