Update openshift documentation, manifests for metricbeat and elastic-agent standalone #30054
Conversation
botelastic
bot
added
the
needs_team
|
This pull request does not have a backport label. Could you fix it @tetianakravchenko? 🙏
NOTE: |
mergify
bot
added
the
backport-skip
💔 Build Failed
Expand to view the summary
Build stats
Test stats 🧪
Steps errors
Expand to view the steps failures
|
botelastic
bot
removed
the
needs_team
💚 Build Succeeded
Expand to view the summary
Build stats
Test stats 🧪
💚 Flaky test reportTests succeeded. 🤖 GitHub commentsTo re-run your PR in the CI, just comment with:
|
tetianakravchenko
changed the title
|
Pinging @elastic/integrations (Team:Integrations) |
| @@ -88,16 +88,7 @@ spec: | |||
| ===== Red Hat OpenShift configuration | |||
|
|
|||
| If you are using Red Hat OpenShift, you need to specify additional settings in | |||
| the manifest file and enable the container to run as privileged. | |||
There was a problem hiding this comment.
I've checked it on Openshiftv4 (GCP setup) and with privileged: true and without privileged: true getting the same result:
from the container:
mount | grep /usr/share/metricbeat/data
/dev/sda4 on /usr/share/metricbeat/data type xfs (rw,relatime,seclabel,attr2,inode64,logbufs=8,logbsize=32k,prjquota)
no errors descibed here: #17516 (comment)
additionally to that, I wanted to keep metricbeat and elastic-agent manifests (beside the actual configuration of modules/datasets) the same - elastic/observability-docs#1498
There was a problem hiding this comment.
That's good! However maybe we need to be more explicit here and mention in which versions it is not required to avoid confusion?
There was a problem hiding this comment.
Should we rely on openshift version here instead of kubernetes version? according to this doc the last available openshift version 3.11 uses Kubernetes 1.11, which is not supported by us I think
There was a problem hiding this comment.
Strictly speaking yes we can claim that older versions are not supported however a small comment like NOTE: for older versions of v4 users need to run the container as privileged so as to provide a good hint to possible users that are still with older versions.
There was a problem hiding this comment.
I will add it.
I didn't check the metricbeat on openshift v3, but somehow I think it even might not work (at least some functionality) - issue described in this comment elastic/integrations#2065 (comment)
There was a problem hiding this comment.
done - 8d1e5d2
| - proxy | ||
| period: 10s | ||
| host: ${NODE_NAME} | ||
| hosts: ["localhost:29101"] |
There was a problem hiding this comment.
Is the only thing needed? Any notes or links to how the proxy should be tuned on k8s' side?
There was a problem hiding this comment.
yes, there is no need to change sdn-config configMap, this is the default configuration:
kube-proxy-config.yaml: |-
apiVersion: kubeproxy.config.k8s.io/v1alpha1
bindAddress: 0.0.0.0
bindAddressHardFail: false
clientConnection:
acceptContentTypes: ""
burst: 0
contentType: ""
kubeconfig: ""
qps: 0
clusterCIDR: 10.128.0.0/14
configSyncPeriod: 0s
conntrack:
maxPerCore: null
min: null
tcpCloseWaitTimeout: null
tcpEstablishedTimeout: null
detectLocalMode: ""
enableProfiling: true
healthzBindAddress: 0.0.0.0:10256
hostnameOverride: ""
iptables:
masqueradeAll: false
masqueradeBit: 0
minSyncPeriod: 0s
syncPeriod: 0s
ipvs:
excludeCIDRs: null
minSyncPeriod: 0s
scheduler: ""
strictARP: false
syncPeriod: 0s
tcpFinTimeout: 0s
tcpTimeout: 0s
udpTimeout: 0s
kind: KubeProxyConfiguration
metricsBindAddress: 0.0.0.0:29101
mode: unidling+iptables
nodePortAddresses: null
oomScoreAdj: null
portRange: ""
showHiddenMetricsForVersion: ""
udpIdleTimeout: 0s
winkernel:
enableDSR: false
networkName: ""
sourceVip: ""
note here: metricsBindAddress: 0.0.0.0:29101
metricbeat/metricbeat.yml
Outdated
| # In case you specify and additional path, the scheme is required: http://localhost:5601/path | ||
| # IPv6 addresses should always be defined as: https://[2001:db8::1]:5601 | ||
| #host: "localhost:5601" | ||
| # Kibana Host |
There was a problem hiding this comment.
no, it is a result of make update, in other case tests (linting) were failing 🤷♀️
There was a problem hiding this comment.
I did a rebase - this change already was present in main
Signed-off-by: Tetiana Kravchenko <[email protected]>
…crease mem requests & limits Signed-off-by: Tetiana Kravchenko <[email protected]>
Signed-off-by: Tetiana Kravchenko <[email protected]>
…cs#1498 Signed-off-by: Tetiana Kravchenko <[email protected]>
Signed-off-by: Tetiana Kravchenko <[email protected]>
Signed-off-by: Tetiana Kravchenko <[email protected]>
Signed-off-by: Tetiana Kravchenko <[email protected]>
Signed-off-by: Tetiana Kravchenko <[email protected]>
tetianakravchenko
force-pushed
the
openshift-documentation
branch
from
8d1e5d2 to
5a76f20
Compare
Signed-off-by: Tetiana Kravchenko [email protected]
What does this PR do?
Why is it important?
Checklist
CHANGELOG.next.asciidocorCHANGELOG-developer.next.asciidoc.Author's Checklist
How to test this PR locally
Related issues
Use cases
Screenshots
Logs