From d68139641213b15b2e4bfc6afb35349a37ae29e6 Mon Sep 17 00:00:00 2001 From: Steve Wilkerson Date: Tue, 6 Mar 2018 13:29:44 -0600 Subject: [PATCH] Address errors with Elasticsearch and Kibana This moves Elasticsearch and Kibana to use the latest version (6.2.2), as the images we were using are no longer supported with the 6.x release. There was a change in the doc reference in the log entries that prevented the previous ES version from indexing those entries, resulting in a busted gate. Moving Kibana to 6.2.2 was required to match major/minor versions with Elasticsearch The Elasticsearch version change also required changing config file locations, changing the entrypoint used for launching the service, changing the running user for the elasticsearch service, and updated the ES tests as some of the API responses changed between versions This also required updating the elasticsearch template job as the mapping definition entries changed between versions Change-Id: Ia4cd9a66851754a1bb8f225c7e24513c43568e93 --- .../templates/bin/_elasticsearch.sh.tpl | 2 +- .../templates/bin/_helm-tests.sh.tpl | 4 ++-- .../templates/deployment-client.yaml | 4 ---- .../templates/deployment-master.yaml | 8 ++----- elasticsearch/templates/statefulset-data.yaml | 8 ++----- elasticsearch/values.yaml | 5 ++++- .../templates/bin/_create_template.sh.tpl | 3 ++- .../templates/bin/_helm-tests.sh.tpl | 4 ++-- fluent-logging/values.yaml | 22 +++++++++---------- kibana/templates/deployment.yaml | 2 ++ kibana/values.yaml | 4 +--- 11 files changed, 29 insertions(+), 37 deletions(-) diff --git a/elasticsearch/templates/bin/_elasticsearch.sh.tpl b/elasticsearch/templates/bin/_elasticsearch.sh.tpl index 780ec6e76..f51059ce7 100644 --- a/elasticsearch/templates/bin/_elasticsearch.sh.tpl +++ b/elasticsearch/templates/bin/_elasticsearch.sh.tpl @@ -20,7 +20,7 @@ COMMAND="${@:-start}" function start () { ulimit -l unlimited - exec /docker-entrypoint.sh elasticsearch + exec /usr/local/bin/docker-entrypoint.sh } function stop () { diff --git a/elasticsearch/templates/bin/_helm-tests.sh.tpl b/elasticsearch/templates/bin/_helm-tests.sh.tpl index 918c8fd1a..20e16eca2 100644 --- a/elasticsearch/templates/bin/_helm-tests.sh.tpl +++ b/elasticsearch/templates/bin/_helm-tests.sh.tpl @@ -46,8 +46,8 @@ function insert_test_data () { "name" : "Elasticsearch", "message" : "Test data text entry" } - ' | python -c "import sys, json; print json.load(sys.stdin)['created']") - if [ "$insert_result" == "True" ]; then + ' | python -c "import sys, json; print json.load(sys.stdin)['result']") + if [ "$insert_result" == "created" ]; then sleep 20 echo "PASS: Test data inserted into test index!"; else diff --git a/elasticsearch/templates/deployment-client.yaml b/elasticsearch/templates/deployment-client.yaml index d4c92769c..15f3a3d18 100644 --- a/elasticsearch/templates/deployment-client.yaml +++ b/elasticsearch/templates/deployment-client.yaml @@ -207,8 +207,6 @@ spec: mountPath: /tmp/elasticsearch.sh subPath: elasticsearch.sh readOnly: true - - name: elasticsearch-config - mountPath: /usr/share/elasticsearch/config - name: elasticsearch-etc mountPath: /usr/share/elasticsearch/config/elasticsearch.yml subPath: elasticsearch.yml @@ -233,8 +231,6 @@ spec: configMap: name: elasticsearch-bin defaultMode: 0555 - - name: elasticsearch-config - emptyDir: {} - name: elasticsearch-etc configMap: name: elasticsearch-etc diff --git a/elasticsearch/templates/deployment-master.yaml b/elasticsearch/templates/deployment-master.yaml index 10968139d..41d5e581b 100644 --- a/elasticsearch/templates/deployment-master.yaml +++ b/elasticsearch/templates/deployment-master.yaml @@ -121,8 +121,8 @@ spec: {{ tuple $envAll "elasticsearch" | include "helm-toolkit.snippets.image" | indent 10 }} {{ tuple $envAll $envAll.Values.pod.resources.master | include "helm-toolkit.snippets.kubernetes_resources" | indent 8 }} command: - - /tmp/elasticsearch.sh - - start + - /tmp/elasticsearch.sh + - start lifecycle: preStop: exec: @@ -163,8 +163,6 @@ spec: mountPath: /tmp/elasticsearch.sh subPath: elasticsearch.sh readOnly: true - - name: elasticsearch-config - mountPath: /usr/share/elasticsearch/config - name: elasticsearch-etc mountPath: /usr/share/elasticsearch/config/elasticsearch.yml subPath: elasticsearch.yml @@ -187,8 +185,6 @@ spec: configMap: name: elasticsearch-bin defaultMode: 0555 - - name: elasticsearch-config - emptyDir: {} - name: elasticsearch-etc configMap: name: elasticsearch-etc diff --git a/elasticsearch/templates/statefulset-data.yaml b/elasticsearch/templates/statefulset-data.yaml index d4429647b..353f6da40 100644 --- a/elasticsearch/templates/statefulset-data.yaml +++ b/elasticsearch/templates/statefulset-data.yaml @@ -118,8 +118,8 @@ spec: {{ tuple $envAll "elasticsearch" | include "helm-toolkit.snippets.image" | indent 10 }} {{ tuple $envAll $envAll.Values.pod.resources.data | include "helm-toolkit.snippets.kubernetes_resources" | indent 8 }} command: - - /tmp/elasticsearch.sh - - start + - /tmp/elasticsearch.sh + - start lifecycle: preStop: exec: @@ -160,8 +160,6 @@ spec: mountPath: /tmp/elasticsearch.sh subPath: elasticsearch.sh readOnly: true - - name: elasticsearch-config - mountPath: /usr/share/elasticsearch/config - name: elasticsearch-etc mountPath: /usr/share/elasticsearch/config/elasticsearch.yml subPath: elasticsearch.yml @@ -184,8 +182,6 @@ spec: configMap: name: elasticsearch-bin defaultMode: 0555 - - name: elasticsearch-config - emptyDir: {} - name: elasticsearch-etc configMap: name: elasticsearch-etc diff --git a/elasticsearch/values.yaml b/elasticsearch/values.yaml index c22037ee0..cae448f7c 100644 --- a/elasticsearch/values.yaml +++ b/elasticsearch/values.yaml @@ -21,7 +21,7 @@ images: apache_proxy: docker.io/httpd:2.4 memory_init: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 curator: docker.io/bobrik/curator:5.2.0 - elasticsearch: docker.io/elasticsearch:5.6.4 + elasticsearch: docker.elastic.co/elasticsearch/elasticsearch:6.2.2 helm_tests: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 prometheus_elasticsearch_exporter: docker.io/justwatch/elasticsearch_exporter:1.0.1 dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.2.1 @@ -248,6 +248,9 @@ conf: blacklist: ['elasticsearch', 'urllib3'] elasticsearch: config: + xpack: + security: + enabled: false bootstrap: memory_lock: true cluster: diff --git a/fluent-logging/templates/bin/_create_template.sh.tpl b/fluent-logging/templates/bin/_create_template.sh.tpl index ec9cf348e..6e9fd39fc 100644 --- a/fluent-logging/templates/bin/_create_template.sh.tpl +++ b/fluent-logging/templates/bin/_create_template.sh.tpl @@ -5,7 +5,8 @@ set -ex sed 's/ ,//' /tmp/template.xml.raw > /tmp/template.xml result=$(curl -K- <<< "--user ${ELASTICSEARCH_USERNAME}:${ELASTICSEARCH_PASSWORD}" \ -XPUT "${ELASTICSEARCH_HOST}:${ELASTICSEARCH_PORT}/_template/template_fluent_logging" \ --H 'Content-Type: application/json' -d @/tmp/template.xml) +-H 'Content-Type: application/json' -d @/tmp/template.xml \ +| python -c "import sys, json; print json.load(sys.stdin)['acknowledged']") if [ "$result" == "True" ]; then echo "template created!" else diff --git a/fluent-logging/templates/bin/_helm-tests.sh.tpl b/fluent-logging/templates/bin/_helm-tests.sh.tpl index 48ccb5419..af34ce524 100644 --- a/fluent-logging/templates/bin/_helm-tests.sh.tpl +++ b/fluent-logging/templates/bin/_helm-tests.sh.tpl @@ -22,7 +22,7 @@ set -ex # the logstash-* index via the fluent-elasticsearch plugin function check_logstash_index () { total_hits=$(curl -K- <<< "--user ${ELASTICSEARCH_USERNAME}:${ELASTICSEARCH_PASSWORD}" \ - -XGET "${ELASTICSEARCH_ENDPOINT}/logstash-*/fluentd/_search?pretty" -H 'Content-Type: application/json' \ + -XGET "${ELASTICSEARCH_ENDPOINT}/logstash-*/_search?pretty" -H 'Content-Type: application/json' \ | python -c "import sys, json; print json.load(sys.stdin)['hits']['total']") if [ "$total_hits" -gt 0 ]; then echo "PASS: Successful hits on logstash-* index, provided by fluentd!" @@ -36,7 +36,7 @@ function check_logstash_index () { # prefix via the fluent-kubernetes plugin function check_kubernetes_tag () { total_hits=$(curl -K- <<< "--user ${ELASTICSEARCH_USERNAME}:${ELASTICSEARCH_PASSWORD}" \ - -XGET "${ELASTICSEARCH_ENDPOINT}/logstash-*/fluentd/_search?q=tag:kube.*" -H 'Content-Type: application/json' \ + -XGET "${ELASTICSEARCH_ENDPOINT}/logstash-*/_search?q=tag:kube.*" -H 'Content-Type: application/json' \ | python -c "import sys, json; print json.load(sys.stdin)['hits']['total']") if [ "$total_hits" -gt 0 ]; then echo "PASS: Successful hits on logstash-* index, provided by fluentd!" diff --git a/fluent-logging/values.yaml b/fluent-logging/values.yaml index 4e7ec1bbc..0f616ab0b 100644 --- a/fluent-logging/values.yaml +++ b/fluent-logging/values.yaml @@ -169,42 +169,42 @@ conf: number_of_shards: 5 number_of_replicas: 1 mappings: - flb_type: + _doc: properties: kubernetes: properties: container_name: type: keyword - index: not_analyzed + index: false docker_id: type: keyword - index: not_analyzed + index: false host: type: keyword - index: not_analyzed + index: false labels: properties: app: type: keyword - index: not_analyzed + index: false application: type: keyword - index: not_analyzed + index: false component: type: keyword - index: not_analyzed + index: false release_group: type: keyword - index: not_analyzed + index: false namespace_name: type: keyword - index: not_analyzed + index: false pod_id: type: keyword - index: not_analyzed + index: false pod_name: type: keyword - index: not_analyzed + index: false log: type: text diff --git a/kibana/templates/deployment.yaml b/kibana/templates/deployment.yaml index aa566879c..c9eb05191 100644 --- a/kibana/templates/deployment.yaml +++ b/kibana/templates/deployment.yaml @@ -90,6 +90,8 @@ spec: - name: kibana {{ tuple $envAll "kibana" | include "helm-toolkit.snippets.image" | indent 10 }} {{ tuple $envAll $envAll.Values.pod.resources.kibana | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} + securityContext: + runAsUser: 1000 command: - /tmp/kibana.sh - start diff --git a/kibana/values.yaml b/kibana/values.yaml index f63b5a3f4..dd534f4a1 100644 --- a/kibana/values.yaml +++ b/kibana/values.yaml @@ -20,7 +20,7 @@ labels: images: tags: apache_proxy: docker.io/httpd:2.4 - kibana: docker.io/kibana:5.6.4 + kibana: docker.elastic.co/kibana/kibana:6.2.2 dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.2.1 image_repo_sync: docker.io/docker:17.07.0 pull_policy: IfNotPresent @@ -101,8 +101,6 @@ conf: requestTimeout: 30000 shardTimeout: 0 startupTimeout: 5000 - il8n: - defaultLocale: en kibana: defaultAppId: discover index: .kibana