Merge "Add elasticsearch snapshot policy template for SLM"

2021-01-12 18:08:08 +00:00 · 2021-01-12 18:08:08 +00:00 · 6af7303516
commit 6af7303516
parent 4c097b0300 fcb4681cb1
5 changed files with 58 additions and 1 deletions
--- a/elasticsearch/Chart.yaml
+++ b/elasticsearch/Chart.yaml
@ -15,7 +15,7 @@ apiVersion: v1
 appVersion: v7.1.0
 description: OpenStack-Helm ElasticSearch
 name: elasticsearch
-version: 0.1.2
+version: 0.1.3
 home: https://www.elastic.co/
 sources:
  - https://github.com/elastic/elasticsearch
--- a/elasticsearch/templates/bin/_create_template.sh.tpl
+++ b/elasticsearch/templates/bin/_create_template.sh.tpl
@ -15,3 +15,17 @@ else
 fi

 {{ end }}
+
+{{ range $policy_name, $fields := .Values.conf.snapshot_policies }}
+
+result=$(curl -K- <<< "--user ${ELASTICSEARCH_USERNAME}:${ELASTICSEARCH_PASSWORD}" \
+-XPUT "${ELASTICSEARCH_HOST}:${ELASTICSEARCH_PORT}/_slm/policy/{{$policy_name}}" \
+-H 'Content-Type: application/json' -d @/tmp/{{$policy_name}}.json \
+| python -c "import sys, json; print(json.load(sys.stdin)['acknowledged'])")
+if [ "$result" == "True" ]; then
+   echo "Policy {{$policy_name}} created!"
+else
+   echo "Policy {{$policy_name}} not created!"
+fi
+
+{{ end }}
--- a/elasticsearch/templates/configmap-etc-templates.yaml
+++ b/elasticsearch/templates/configmap-etc-templates.yaml
@ -25,4 +25,8 @@ data:
 {{ range $template, $fields := .Values.conf.templates }}
  {{ $template }}.json: {{ toJson $fields | b64enc }}
 {{ end }}
+{{ range $policy_name, $fields := .Values.conf.snapshot_policies }}
+  {{ $policy_name }}.json: {{ toJson $fields | b64enc }}
+{{ end }}
+
 {{- end }}
--- a/elasticsearch/templates/job-elasticsearch-template.yaml
+++ b/elasticsearch/templates/job-elasticsearch-template.yaml
@ -78,6 +78,12 @@ spec:
              subPath: {{$template}}.json
              readOnly: true
            {{ end }}
+            {{ range $policy_name, $fields := .Values.conf.snapshot_policies }}
+            - name: elasticsearch-templates-etc
+              mountPath: /tmp/{{$policy_name}}.json
+              subPath: {{$policy_name}}.json
+              readOnly: true
+            {{ end }}
 {{ if $mounts_elasticsearch_templates.volumeMounts }}{{ toYaml $mounts_elasticsearch_templates.volumeMounts | indent 12 }}{{ end }}
      volumes:
        - name: pod-tmp
--- a/elasticsearch/values.yaml
+++ b/elasticsearch/values.yaml
@ -774,6 +774,39 @@ conf:
              pod_name:
                type: keyword
                index: false
+  snapshot_policies:
+    non-security-snapshots:
+      schedule: "0 30 1 * * ?"
+      name: "<non-security-logs-snapshot-{now/d}>"
+      repository: logstash_snapshots
+      config:
+        indices: ["^(.*calico-|.*ceph-|.*jenkins-|.*journal-|.*kernel_syslog-|.*kubernetes-|.*libvirt-|.*logstash-|.*openvswitch-|.*utility_access-).*$"]
+        ignore_unavailable: true
+        include_global_state: false
+        wait_for_completion: true
+        max_wait: 64800
+        wait_interval: 30
+        ignore_empty_list: true
+        continue_if_exception: true
+        disable_action: false
+      retention:
+        expire_after: 29d
+    security-snapshots:
+      schedule: "0 30 1 * * ?"
+      name: "<security-logs-snapshot-{now/d}>"
+      repository: logstash_snapshots
+      config:
+        indices: ["^(.*airship-|.*audit_tsee-|.*auth-|.*flows-|.*lma-|.*openstack-).*$"]
+        ignore_unavailable: true
+        include_global_state: false
+        wait_for_completion: true
+        max_wait: 18000
+        wait_interval: 30
+        ignore_empty_list: true
+        continue_if_exception: true
+        disable_action: false
+      retention:
+        expire_after: 179d

 endpoints:
  cluster_domain_suffix: cluster.local