diff --git a/charts/common/templates/role.yaml b/charts/common/templates/role.yaml index 92b09b4..01dda2d 100644 --- a/charts/common/templates/role.yaml +++ b/charts/common/templates/role.yaml @@ -15,5 +15,5 @@ rules: - apiGroups: [""] resources: ["configmaps"] verbs: ["get", "patch"] - resourceNames: ["{{ include "common.resourceNamePrefix" . }}-discovery-state-tracker"] + resourceNames: ["{{ include "common.resourceNamePrefix" . }}-discovery-state-tracker","{{ include "common.resourceNamePrefix" . }}-pod-mapping-tracker"] {{- end }} \ No newline at end of file diff --git a/charts/logan/templates/discovery-cronjob.yaml b/charts/logan/templates/discovery-cronjob.yaml index 85969fc..de1188f 100644 --- a/charts/logan/templates/discovery-cronjob.yaml +++ b/charts/logan/templates/discovery-cronjob.yaml @@ -4,150 +4,148 @@ {{- $kubernetesClusterId := (include "logan.kubernetesClusterId" .) }} {{- $kubernetesNamespace := (include "logan.namespace" .) }} {{- $serviceAccount := (include "logan.serviceAccount" .) }} -apiVersion: batch/v1 -kind: CronJob +apiVersion: apps/v1 +kind: Deployment metadata: name: {{ .Values.global.resourceNamePrefix }}-discovery namespace: {{ $kubernetesNamespace }} spec: - schedule: {{ .Values.k8sDiscovery.objects.cronSchedule | quote }} - startingDeadlineSeconds: 120 - concurrencyPolicy: Replace - successfulJobsHistoryLimit: {{ .Values.k8sDiscovery.objects.successfulJobsHistoryLimit }} - failedJobsHistoryLimit: {{ .Values.k8sDiscovery.objects.failedJobsHistoryLimit }} - jobTemplate: + replicas: 1 + selector: + matchLabels: + app: {{ .Values.global.resourceNamePrefix }}-discovery + template: + metadata: + labels: + app: {{ .Values.global.resourceNamePrefix }}-discovery spec: - backoffLimit: {{ .Values.k8sDiscovery.objects.backoffLimit }} - template: - spec: - restartPolicy: {{ .Values.k8sDiscovery.objects.restartPolicy }} - serviceAccountName: {{ $serviceAccount }} - {{- if .Values.image.imagePullSecrets }} - imagePullSecrets: - - name: {{ .Values.image.imagePullSecrets }} + serviceAccountName: {{ $serviceAccount }} + {{- if .Values.image.imagePullSecrets }} + imagePullSecrets: + - name: {{ .Values.image.imagePullSecrets }} + {{- end }} + containers: + - name: k8-discovery-job + image: {{ .Values.image.url }} + {{- if eq $authtype "config" }} + volumeMounts: + - name: ociconfigdir + mountPath: {{ .Values.oci.path }} + readOnly: true + {{- end }} + command: + {{- /* object discovery script */}} + - bundle + - exec + - oci-loganalytics-kubernetes-discovery + {{- /* mandatory inputs */}} + - --kubernetes_cluster_id + - {{ $kubernetesClusterId }} + - --kubernetes_cluster_name + - {{ $kubernetesClusterName }} + - --kubernetes_cluster_namespace + - {{ $kubernetesNamespace }} + - --oci_la_namespace + {{- if .Values.ociLANamespace }} + - {{ .Values.ociLANamespace }} + {{- else }} + {{- required "ociLANamespace is required" .Values.ociLANamespace }} {{- end }} - containers: - - name: k8-discovery-job - image: {{ .Values.image.url }} - {{- if eq $authtype "config" }} - volumeMounts: - - name: ociconfigdir - mountPath: {{ .Values.oci.path }} - readOnly: true - {{- end }} - command: - {{- /* object discovery script */}} - - bundle - - exec - - oci-loganalytics-kubernetes-discovery - {{- /* mandatory inputs */}} - - --kubernetes_cluster_id - - {{ $kubernetesClusterId }} - - --kubernetes_cluster_name - - {{ $kubernetesClusterName }} - - --kubernetes_cluster_namespace - - {{ $kubernetesNamespace }} - - --oci_la_namespace - {{- if .Values.ociLANamespace }} - - {{ .Values.ociLANamespace }} - {{- else }} - {{- required "ociLANamespace is required" .Values.ociLANamespace }} - {{- end }} - - --oci_la_log_group_id - {{- if .Values.k8sDiscovery.objects.ociLALogGroupID }} - - {{ .Values.k8sDiscovery.objects.ociLALogGroupID }} - {{- else if .Values.ociLALogGroupID }} - - {{ .Values.ociLALogGroupID }} - {{- else }} - {{- required "ociLALogGroupID is required" .Values.ociLALogGroupID }} - {{- end }} - {{- /* mandatory inputs when authtype is set as config */}} - {{- if eq .Values.authtype "config" }} - {{- if and .Values.oci.path .Values.oci.file }} - - --config_file_location - - {{ .Values.oci.path -}}/{{ .Values.oci.file }} - {{- else }} - {{- required "{{ .Values.oci.path -}}/{{ .Values.oci.file }} is required" .Values.oci.path }} - {{- end }} - {{- end }} - {{- /* optional discovery job configuration */}} - {{- if .Values.ociLAClusterEntityID }} - - --oci_la_cluster_entity_id - - {{ .Values.ociLAClusterEntityID }} - {{- end }} - {{- if $resourceNamePrefix }} - - --kubernetes_resourcename_prefix - - {{ $resourceNamePrefix }} - {{- end }} - {{- if .Values.ociDomain }} - - --oci_domain - - {{ .Values.ociDomain }} - {{- end }} - {{- if .Values.k8sDiscovery.objects.discoveryMode }} - - --discovery - - {{ .Values.k8sDiscovery.objects.discoveryMode }} - {{- end }} - {{- if .Values.k8sDiscovery.objects.log_format }} - - --log_format - - {{ .Values.k8sDiscovery.objects.log_format }} - {{- end }} - {{- if .Values.k8sDiscovery.objects.log_level }} - - --log_level - - {{ .Values.k8sDiscovery.objects.log_level }} - {{- end }} - {{- if and .Values.k8sDiscovery.objects.enable_threading .Values.k8sDiscovery.objects.thread_count }} - - --enable_threading - - --thread_count - - {{ .Values.k8sDiscovery.objects.thread_count | quote }} - {{- end }} - {{- if .Values.k8sDiscovery.objects.chunk_limit }} - - --chunk_limit - - {{ .Values.k8sDiscovery.objects.chunk_limit | quote }} - {{- end }} - {{- if .Values.k8sDiscovery.objects.collect_warning_events_only }} - - --collect_warning_events_only - {{- end }} - {{- /* optional kubernetes cluster configuration */}} - {{- if .Values.k8sDiscovery.kubeClientOptions.kubernetes_url }} - - --kubernetes_url - - {{ .Values.k8sDiscovery.kubeClientOptions.kubernetes_url }} - {{- end }} - {{- if .Values.k8sDiscovery.kubeClientOptions.client_cert }} - - --client_cert - - {{ .Values.k8sDiscovery.kubeClientOptions.client_cert }} - {{- end }} - {{- if .Values.k8sDiscovery.kubeClientOptions.client_key }} - - --client_key - - {{ .Values.k8sDiscovery.kubeClientOptions.client_key }} - {{- end }} - {{- if .Values.k8sDiscovery.kubeClientOptions.ca_file }} - - --ca_file - - {{ .Values.k8sDiscovery.kubeClientOptions.ca_file }} - {{- end }} - {{- if eq .Values.k8sDiscovery.kubeClientOptions.verify_ssl true }} - - --verify_ssl - {{- end }} - {{- if .Values.k8sDiscovery.kubeClientOptions.bearer_token_file }} - - --bearer_token_file - - {{ .Values.k8sDiscovery.kubeClientOptions.bearer_token_file }} - {{- end }} - {{- if .Values.k8sDiscovery.kubeClientOptions.secret_dir }} - - --secret_dir - - {{ .Values.k8sDiscovery.kubeClientOptions.secret_dir }} - {{- end }} - {{- /* developer options - optional */}} - {{- if .Values.k8sDiscovery.oci_la_endpoint }} - - --endpoint - - {{ .Values.k8sDiscovery.oci_la_endpoint }} - {{- else if .Values.ociLAEndpoint }} - - --endpoint - - {{ .Values.ociLAEndpoint }} - {{- end }} - {{- if eq $authtype "config" }} - volumes: - - name: ociconfigdir - projected: - sources: - - secret: - name: {{ $resourceNamePrefix }}-oci-config + - --oci_la_log_group_id + {{- if .Values.k8sDiscovery.objects.ociLALogGroupID }} + - {{ .Values.k8sDiscovery.objects.ociLALogGroupID }} + {{- else if .Values.ociLALogGroupID }} + - {{ .Values.ociLALogGroupID }} + {{- else }} + {{- required "ociLALogGroupID is required" .Values.ociLALogGroupID }} {{- end }} + {{- /* mandatory inputs when authtype is set as config */}} + {{- if eq .Values.authtype "config" }} + {{- if and .Values.oci.path .Values.oci.file }} + - --config_file_location + - {{ .Values.oci.path -}}/{{ .Values.oci.file }} + {{- else }} + {{- required "{{ .Values.oci.path -}}/{{ .Values.oci.file }} is required" .Values.oci.path }} + {{- end }} + {{- end }} + {{- /* optional discovery job configuration */}} + {{- if .Values.ociLAClusterEntityID }} + - --oci_la_cluster_entity_id + - {{ .Values.ociLAClusterEntityID }} + {{- end }} + {{- if $resourceNamePrefix }} + - --kubernetes_resourcename_prefix + - {{ $resourceNamePrefix }} + {{- end }} + {{- if .Values.ociDomain }} + - --oci_domain + - {{ .Values.ociDomain }} + {{- end }} + {{- if .Values.k8sDiscovery.objects.discoveryMode }} + - --discovery + - {{ .Values.k8sDiscovery.objects.discoveryMode }} + {{- end }} + {{- if .Values.k8sDiscovery.objects.log_format }} + - --log_format + - {{ .Values.k8sDiscovery.objects.log_format }} + {{- end }} + {{- if .Values.k8sDiscovery.objects.log_level }} + - --log_level + - {{ .Values.k8sDiscovery.objects.log_level }} + {{- end }} + {{- if and .Values.k8sDiscovery.objects.enable_threading .Values.k8sDiscovery.objects.thread_count }} + - --enable_threading + - --thread_count + - {{ .Values.k8sDiscovery.objects.thread_count | quote }} + {{- end }} + {{- if .Values.k8sDiscovery.objects.chunk_limit }} + - --chunk_limit + - {{ .Values.k8sDiscovery.objects.chunk_limit | quote }} + {{- end }} + {{- if .Values.k8sDiscovery.objects.collect_warning_events_only }} + - --collect_warning_events_only + {{- end }} + {{- /* optional kubernetes cluster configuration */}} + {{- if .Values.k8sDiscovery.kubeClientOptions.kubernetes_url }} + - --kubernetes_url + - {{ .Values.k8sDiscovery.kubeClientOptions.kubernetes_url }} + {{- end }} + {{- if .Values.k8sDiscovery.kubeClientOptions.client_cert }} + - --client_cert + - {{ .Values.k8sDiscovery.kubeClientOptions.client_cert }} + {{- end }} + {{- if .Values.k8sDiscovery.kubeClientOptions.client_key }} + - --client_key + - {{ .Values.k8sDiscovery.kubeClientOptions.client_key }} + {{- end }} + {{- if .Values.k8sDiscovery.kubeClientOptions.ca_file }} + - --ca_file + - {{ .Values.k8sDiscovery.kubeClientOptions.ca_file }} + {{- end }} + {{- if eq .Values.k8sDiscovery.kubeClientOptions.verify_ssl true }} + - --verify_ssl + {{- end }} + {{- if .Values.k8sDiscovery.kubeClientOptions.bearer_token_file }} + - --bearer_token_file + - {{ .Values.k8sDiscovery.kubeClientOptions.bearer_token_file }} + {{- end }} + {{- if .Values.k8sDiscovery.kubeClientOptions.secret_dir }} + - --secret_dir + - {{ .Values.k8sDiscovery.kubeClientOptions.secret_dir }} + {{- end }} + {{- /* developer options - optional */}} + {{- if .Values.k8sDiscovery.oci_la_endpoint }} + - --endpoint + - {{ .Values.k8sDiscovery.oci_la_endpoint }} + {{- else if .Values.ociLAEndpoint }} + - --endpoint + - {{ .Values.ociLAEndpoint }} + {{- end }} + {{- if eq $authtype "config" }} + volumes: + - name: ociconfigdir + projected: + sources: + - secret: + name: {{ $resourceNamePrefix }}-oci-config + {{- end }} \ No newline at end of file diff --git a/logan/docker-images/v1.0/oraclelinux/8-slim/Gemfile b/logan/docker-images/v1.0/oraclelinux/8-slim/Gemfile index 68a33e4..fdacdf2 100644 --- a/logan/docker-images/v1.0/oraclelinux/8-slim/Gemfile +++ b/logan/docker-images/v1.0/oraclelinux/8-slim/Gemfile @@ -11,7 +11,7 @@ gem "fluent-plugin-concat", "~> 2.5.0" gem "fluent-plugin-rewrite-tag-filter", "~> 2.4.0" gem "fluent-plugin-parser-cri", "~> 0.1.1" gem "fluent-plugin-kubernetes_metadata_filter", "3.5.0" -gem "oci-logging-analytics-kubernetes-discovery", "1.0.2" +gem "oci-logging-analytics-kubernetes-discovery", "1.2.0.2", source: "https://artifactory.oci.oraclecorp.com:443/logan-dev-gems-local/" gem "fluent-plugin-record-modifier", "2.2.0" gem "fluent-plugin-cloudwatch-logs", "0.14.3" gem "fluent-plugin-s3", "1.7.2" diff --git a/logan/docker-images/v1.0/oraclelinux/8-slim/Gemfile.lock b/logan/docker-images/v1.0/oraclelinux/8-slim/Gemfile.lock index 5c424d8..318f55a 100644 --- a/logan/docker-images/v1.0/oraclelinux/8-slim/Gemfile.lock +++ b/logan/docker-images/v1.0/oraclelinux/8-slim/Gemfile.lock @@ -1,3 +1,14 @@ +GEM + remote: https://artifactory.oci.oraclecorp.com/logan-dev-gems-local/ + specs: + oci-logging-analytics-kubernetes-discovery (1.2.0.2) + concurrent-ruby (~> 1.2, >= 1.2.2) + kubeclient (~> 4.9, >= 4.9.3) + oci (~> 2.21) + rubyzip (~> 2.3.2) + rufus-scheduler (~> 3.7, >= 3.9.2) + yajl-ruby (~> 1.0) + GEM remote: https://rubygems.org/ specs: @@ -32,6 +43,8 @@ GEM csv (3.3.0) domain_name (0.6.20240107) drb (2.2.1) + et-orbi (1.2.11) + tzinfo event_stream_parser (1.0.0) ffi (1.15.5) ffi-compiler (1.0.1) @@ -81,6 +94,9 @@ GEM tzinfo-data (~> 1.0) webrick (~> 1.4) yajl-ruby (~> 1.0) + fugit (1.11.1) + et-orbi (~> 1, >= 1.2.11) + raabro (~> 1.4) http (5.2.0) addressable (~> 2.8) base64 (~> 0.1) @@ -121,12 +137,6 @@ GEM json (>= 1.4.6, < 3.0.0) jwt (~> 2.1) psych (~> 5.0, >= 5.0.1) - oci-logging-analytics-kubernetes-discovery (1.0.2) - concurrent-ruby (~> 1.2, >= 1.2.2) - kubeclient (~> 4.9, >= 4.9.3) - oci (~> 2.20) - rubyzip (~> 2.3.2) - yajl-ruby (~> 1.0) oj (3.16.4) bigdecimal (>= 3.0) prometheus-client (4.2.3) @@ -134,6 +144,7 @@ GEM psych (5.1.2) stringio public_suffix (6.0.1) + raabro (1.4.0) rake (13.2.1) recursive-open-struct (1.2.2) rest-client (2.1.0) @@ -143,6 +154,8 @@ GEM netrc (~> 0.8) rexml (3.3.7) rubyzip (2.3.2) + rufus-scheduler (3.9.2) + fugit (~> 1.1, >= 1.11.1) serverengine (2.3.2) sigdump (~> 0.2.2) sigdump (0.2.5) @@ -156,6 +169,7 @@ GEM yajl-ruby (1.4.3) PLATFORMS + arm64-darwin-24 x86_64-linux DEPENDENCIES @@ -169,7 +183,7 @@ DEPENDENCIES fluent-plugin-s3 (= 1.7.2) fluentd (= 1.17.1) json (= 2.7.2) - oci-logging-analytics-kubernetes-discovery (= 1.0.2) + oci-logging-analytics-kubernetes-discovery (= 1.2.0.2)! oj (= 3.16.4) rexml (= 3.3.7)