diff --git a/monitor-helm/centos/build_srpm.data b/monitor-helm/centos/build_srpm.data index c97758d..748b47f 100644 --- a/monitor-helm/centos/build_srpm.data +++ b/monitor-helm/centos/build_srpm.data @@ -5,4 +5,4 @@ TAR="$TAR_NAME-$SHA.tar.gz" COPY_LIST="${CGCS_BASE}/downloads/$TAR $PKG_BASE/files/* " -TIS_PATCH_VER=3 +TIS_PATCH_VER=4 diff --git a/monitor-helm/centos/monitor-helm.spec b/monitor-helm/centos/monitor-helm.spec index d3d3119..b7f3a4d 100644 --- a/monitor-helm/centos/monitor-helm.spec +++ b/monitor-helm/centos/monitor-helm.spec @@ -29,6 +29,7 @@ Patch08: 0008-Update-stx-monitor-for-kubernetes-API-1.16.patch Patch09: 0009-add-curator-as-of-2019-10-10.patch Patch10: 0010-Update-kube-state-metrics-1.8.0-to-commit-09daf19.patch Patch11: 0011-update-init-container-env-to-include-node-name.patch +Patch12: 0012-Add-imagePullSecrets.patch BuildRequires: helm @@ -48,6 +49,7 @@ Monitor Helm charts %patch09 -p1 %patch10 -p1 %patch11 -p1 +%patch12 -p1 %build # initialize helm and build the toolkit diff --git a/monitor-helm/files/0012-Add-imagePullSecrets.patch b/monitor-helm/files/0012-Add-imagePullSecrets.patch new file mode 100644 index 0000000..bc98d18 --- /dev/null +++ b/monitor-helm/files/0012-Add-imagePullSecrets.patch @@ -0,0 +1,74 @@ +From 440cae178989bf161276be0099691e9b7e5d211f Mon Sep 17 00:00:00 2001 +From: John Kung +Date: Tue, 5 Nov 2019 07:42:36 -0500 +Subject: [PATCH 1/1] Add imagePullSecrets + +--- + stable/elasticsearch-curator/templates/serviceaccount.yaml | 2 ++ + stable/filebeat/templates/serviceaccount.yaml | 2 ++ + stable/kibana/templates/serviceaccount.yaml | 2 ++ + stable/kube-state-metrics/values.yaml | 2 +- + stable/metricbeat/templates/serviceaccount.yaml | 2 ++ + 5 files changed, 9 insertions(+), 1 deletion(-) + +diff --git a/stable/elasticsearch-curator/templates/serviceaccount.yaml b/stable/elasticsearch-curator/templates/serviceaccount.yaml +index ad9c5c9..a64b426 100644 +--- a/stable/elasticsearch-curator/templates/serviceaccount.yaml ++++ b/stable/elasticsearch-curator/templates/serviceaccount.yaml +@@ -8,5 +8,7 @@ metadata: + chart: {{ template "elasticsearch-curator.chart" . }} + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" ++imagePullSecrets: ++ - name: default-registry-key + {{- end }} + +diff --git a/stable/filebeat/templates/serviceaccount.yaml b/stable/filebeat/templates/serviceaccount.yaml +index 7de907b..19a4d34 100644 +--- a/stable/filebeat/templates/serviceaccount.yaml ++++ b/stable/filebeat/templates/serviceaccount.yaml +@@ -8,4 +8,6 @@ metadata: + chart: {{ template "filebeat.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} ++imagePullSecrets: ++ - name: default-registry-key + {{- end -}} +diff --git a/stable/kibana/templates/serviceaccount.yaml b/stable/kibana/templates/serviceaccount.yaml +index 948390a..edc0122 100644 +--- a/stable/kibana/templates/serviceaccount.yaml ++++ b/stable/kibana/templates/serviceaccount.yaml +@@ -8,4 +8,6 @@ metadata: + chart: {{ .Chart.Name }}-{{ .Chart.Version }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} ++imagePullSecrets: ++ - name: default-registry-key + {{- end -}} +diff --git a/stable/kube-state-metrics/values.yaml b/stable/kube-state-metrics/values.yaml +index 2bf5b30..bab7a30 100644 +--- a/stable/kube-state-metrics/values.yaml ++++ b/stable/kube-state-metrics/values.yaml +@@ -31,7 +31,7 @@ serviceAccount: + name: + # Reference to one or more secrets to be used when pulling images + # ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ +- imagePullSecrets: [] ++ imagePullSecrets: [{"name": "default-registry-key"}] + + prometheus: + monitor: +diff --git a/stable/metricbeat/templates/serviceaccount.yaml b/stable/metricbeat/templates/serviceaccount.yaml +index c53fc5a..a4c7659 100644 +--- a/stable/metricbeat/templates/serviceaccount.yaml ++++ b/stable/metricbeat/templates/serviceaccount.yaml +@@ -8,4 +8,6 @@ metadata: + chart: {{ template "metricbeat.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} ++imagePullSecrets: ++ - name: default-registry-key + {{- end -}} +-- +1.8.3.1 + diff --git a/stx-monitor-helm/stx-monitor-helm/manifests/monitor_manifest.yaml b/stx-monitor-helm/stx-monitor-helm/manifests/monitor_manifest.yaml index 08ff0b5..d261172 100644 --- a/stx-monitor-helm/stx-monitor-helm/manifests/monitor_manifest.yaml +++ b/stx-monitor-helm/stx-monitor-helm/manifests/monitor_manifest.yaml @@ -21,10 +21,15 @@ data: labels: release: mon-nginx-ingress values: + imagePullSecrets: [{"name": "default-registry-key"}] controller: kind: DaemonSet daemonset: useHostPort: false + image: + repository: registry.local:9001/quay.io/kubernetes-ingress-controller/nginx-ingress-controller + tag: 0.23.0 + pullPolicy: IfNotPresent nodeSelector: elastic-controller: "enabled" config: @@ -45,6 +50,10 @@ data: readinessProbe: initialDelaySeconds: 30 defaultBackend: + image: + repository: registry.local:9001/k8s.gcr.io/defaultbackend + tag: 1.4 + pullPolicy: IfNotPresent nodeSelector: elastic-controller: "enabled" service: @@ -98,8 +107,9 @@ data: minimumMasterNodes: 1 nodeSelector: elastic-data: enabled - image: docker.elastic.co/elasticsearch/elasticsearch-oss + image: registry.local:9001/docker.elastic.co/elasticsearch/elasticsearch-oss imageTag: 7.4.0 + imagePullSecrets: [{"name": "default-registry-key"}] esMajorVersion: 7 masterService: 'mon-elasticsearch-data-headless, mon-elasticsearch-master' podManagementPolicy: OrderedReady @@ -180,8 +190,9 @@ data: path: /mon-elasticsearch-client(/|$)(.*) nodeSelector: elastic-client: enabled - image: docker.elastic.co/elasticsearch/elasticsearch-oss + image: registry.local:9001/docker.elastic.co/elasticsearch/elasticsearch-oss imageTag: 7.4.0 + imagePullSecrets: [{"name": "default-registry-key"}] esMajorVersion: 7 masterService: 'mon-elasticsearch-data-headless, mon-elasticsearch-master' podManagementPolicy: OrderedReady @@ -235,8 +246,9 @@ data: minimumMasterNodes: 1 nodeSelector: elastic-master: enabled - image: docker.elastic.co/elasticsearch/elasticsearch-oss + image: registry.local:9001/docker.elastic.co/elasticsearch/elasticsearch-oss imageTag: 7.4.0 + imagePullSecrets: [{"name": "default-registry-key"}] esMajorVersion: 7 masterService: 'mon-elasticsearch-data-headless, mon-elasticsearch-master' podManagementPolicy: OrderedReady @@ -281,8 +293,10 @@ data: type: pod values: image: - repository: docker.io/untergeek/curator + repository: registry.local:9001/docker.io/untergeek/curator tag: 5.7.6 + rbac: + enabled: True env: FILEBEAT_INDEX_LIMIT_GB: 48 METRICBEAT_INDEX_LIMIT_GB: 38 @@ -388,8 +402,14 @@ data: component: test values: image: - repository: "docker.elastic.co/beats/filebeat-oss" + repository: registry.local:9001/docker.elastic.co/beats/filebeat-oss tag: 7.4.0 + monitoring: + enabled: true + image: + repository: registry.local:9001/docker.io/trustpilot/beat-exporter + tag: 0.1.1 + pullPolicy: IfNotPresent config: output.file: enabled: false @@ -466,7 +486,7 @@ data: component: test values: image: - repository: "docker.elastic.co/beats/metricbeat-oss" + repository: registry.local:9001/docker.elastic.co/beats/metricbeat-oss # 7.4.0 is required to monitor elastic tag: 7.4.0 daemonset: @@ -576,6 +596,7 @@ data: component: test values: image: + repository: registry.local:9001/quay.io/coreos/kube-state-metrics tag: v1.8.0 nodeSelector: elastic-controller: "enabled" @@ -625,7 +646,7 @@ data: component: test values: image: - repository: "docker.elastic.co/kibana/kibana-oss" + repository: registry.local:9001/docker.elastic.co/kibana/kibana-oss tag: 7.4.0 ingress: enabled: true @@ -682,8 +703,9 @@ data: component: test values: image: - repository: "docker.elastic.co/logstash/logstash-oss" + repository: registry.local:9001/docker.elastic.co/logstash/logstash-oss tag: 7.4.0 + pullSecrets: [{"name": "default-registry-key"}] nodeSelector: elastic-controller: "enabled" elasticsearch: