[kibana] added dashboard import + some fixes #244
Conversation
Signed-off-by: André Bauer <[email protected]>
|
Since this is a community submitted pull request, a Jenkins build has not been kicked off automatically. Can an Elastic organization member please verify the contents of this patch and then kick off a build manually? |
Signed-off-by: André Bauer <[email protected]>
There was a problem hiding this comment.
Sorry for leaving so many comments. There are a lot of different changes all in this pull request which makes the reviews large too. In the future splitting them into separate pull requests would make things a lot easier for both of us.
I reviewed everything in this PR as is. However I have a couple of ideas for alternative approaches that may be more maintainable than what you are proposing.
- Using a
postStarthook. Right now you are starting up an initContainer, that starts Kibana with the full configuration of the main container then run some commands against it. It's more or less just re-implementing exactly what apostStarthook does except with a whole bunch of extra code duplication. - Not implementing this specifically into the chart itself. Making sure these import script can cover all different use cases is quite hard (especially in bash...maybe using only python would make it easier and more testable). An alternative approach would be to just expose the lifecycle block like the Elasticsearch chart does. Then users could add whatever kind of imports they wanted without needing to come up with a generic solution that works for everyone. Things get more complicated if you want to do things like supporting importing dashboards from private GitHub repos.
| name: kibana | ||
| version: 7.3.0 | ||
| version: 7.3.0-1 |
There was a problem hiding this comment.
Can you revert the version bump. The pull request template and the contributing guide both explain why we don't do this.
| appVersion: 7.3.0 | ||
| description: Official Elastic helm chart for Kibana | ||
| home: https://github.com/elastic/helm-charts/kibana |
There was a problem hiding this comment.
This link is broken and gives a 404.
| @@ -33,7 +33,7 @@ Examples of installing older major versions can be found in the [examples](./exa | |||
| While only the latest releases are tested, it is possible to easily install old or new releases by overriding the `imageTag`. To install version `7.3.0` of Kibana it would look like this: | |||
|
|
|||
| ``` | |||
| helm install --name kibana elastic/kibana --set imageTag=7.3.0 | |||
| helm install --name kibana elastic/kibana --set image.tag=7.3.0 | |||
There was a problem hiding this comment.
This would be a breaking change and cause a lot of unexpected breakages for users. It would silently cause users to be upgraded to the latest version since the old imageTag would be ignored. I understand that this is the latest value name used in the current helm template but we only do breaking changes along with the rest of the stack (so 8.0.0 being the next version with breaking changes).
| app.kubernetes.io/name: {{ include "kibana.name" . }} | ||
| helm.sh/chart: {{ include "kibana.chart" . }} | ||
| app.kubernetes.io/instance: {{ .Release.Name }} | ||
| {{- if .Chart.AppVersion }} |
There was a problem hiding this comment.
This is hardcoded into the Chart.yaml so I don't think the if statement is needed.
| helm.sh/chart: {{ include "kibana.chart" . }} | ||
| app.kubernetes.io/instance: {{ .Release.Name }} | ||
| {{- if .Chart.AppVersion }} | ||
| app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} |
There was a problem hiding this comment.
I think setting this might be misleading as the appVersion will always be whatever the latest version is, rather than whatever version the user has installed. I think it would be better to leave it out or have a way for the user to configure this.
| timeout: 60 | ||
| xpackauth: | ||
| enabled: false | ||
| username: myuser |
There was a problem hiding this comment.
Its not a good idea to store secrets directly in the values.yaml. If you take a look at the readinessProbe for the Kibana container there is a function that can be used to properly use http/https and the right authentication without needing to duplicate the password and add it to the values file.
helm-charts/kibana/templates/deployment.yaml
Lines 94 to 106 in a386536
| #!/usr/bin/env bash | ||
| # | ||
| # kibana dashboard import script | ||
| # |
There was a problem hiding this comment.
a set -euo pipefail up here will make sure that the script fails properly if any of the commands fail.
| echo "Waiting up to {{ .Values.dashboardImport.timeout }} seconds for Kibana to get in green overall state..." | ||
|
|
||
| for i in {1..{{ .Values.dashboardImport.timeout }}}; do | ||
| curl -s localhost:5601/api/status | python -c 'import sys, json; print json.load(sys.stdin)["status"]["overall"]["state"]' 2> /dev/null | grep green > /dev/null && break || sleep 1 |
There was a problem hiding this comment.
I already commented on this in the values.yaml, but hard coding the protocol and port is going to break for anyone using https or a different port. The readinessProbe has a function that handles all of the different use cases.
helm-charts/kibana/templates/deployment.yaml
Lines 94 to 106 in a386536
Anyone using a custom webroot will also have issues causing all of the api calls to fail.
| | `dashboardImport.xpackauth.enabled` | Enable Xpack auth | `false` | | ||
| | `dashboardImport.xpackauth.username` | Optional Xpack username | `myuser` | | ||
| | `dashboardImport.xpackauth.password` | Optional Xpack password | `mypass` | | ||
| | `dashboardImport.dashboards` | Dashboards | `{}` | |
There was a problem hiding this comment.
Could you explain what formats are supported? From the import script I can see that you can specify http URLs or files that are mounted within the initContainer.
| fi | ||
|
|
||
| if [ "$?" != "0" ]; then | ||
| echo -e "\nImport of ${DASHBOARD_FILE} dashboard failed... Exiting..." |
There was a problem hiding this comment.
Do you actually want this script to fail if it can't install a dashboard. If GitHub is down it would mean that you would be unable to start up Kibana without modifying the install.
|
This PR has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. To track this PR (even if closed), please open a corresponding issue if one does not already exist. |
|
To be honest i've stopped using kibana as we use stackdriver now so my interest in implementing these changes is very low at the moment. From my perspective we can close this pr and deprecate the stable/kibana chart as soon as you want. |
|
This is actually a useful PR - if someone took over and submitted new PR solving all issues would it be merged? I'm currently managing these manually through Kibana and .kibana index is periodically backed up in s3 snapshots. Codifying them somehow is on my todo list. |
|
@monotek many thanks for this PR and your work on stable/kibana. Despite this is an interesting feature, I'm not sure this is something we should include in Kibana chart. Handling all cases without impacting Kibana reliability can become complicated (handling different sources for dashboard files, not failing deployment/upgrade if the dashboard files are not available or corrupted, handling kibana api url change if protocol or port is changed, as well as if the endpoint change in a future version of kibana...). I would prefer not to implement this feature in the chart and let users implement it outside of the chart to keep it as simple and reliable as possible and focus on providing Kubernetes and Elastic production best practices and flexibility. As mentionned in #244 (review), this is typically something that you could implement while handling only your own case using Helm |
Signed-off-by: André Bauer [email protected]
${CHART}/tests/*.py${CHART}/examples/*/test/goss.yaml