Skip to content

Commit 9f99091

Browse files
ChrsMarkChrsMark
authored
Elastic agent on k8s (elastic#19727)
1 parent 401b4ea commit 9f99091

7 files changed

+397
-0
lines changed

deploy/kubernetes/elastic-agent-kubernetes.yaml

+147
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,147 @@
1+
---
2+
apiVersion: apps/v1
3+
kind: DaemonSet
4+
metadata:
5+
name: agent-ingest-management-nodescope
6+
namespace: kube-system
7+
labels:
8+
app: agent-ingest-management-nodescope
9+
group: ingest-management
10+
spec:
11+
selector:
12+
matchLabels:
13+
app: agent-ingest-management-nodescope
14+
template:
15+
metadata:
16+
labels:
17+
app: agent-ingest-management-nodescope
18+
group: ingest-management
19+
spec:
20+
serviceAccountName: agent-ingest-management
21+
hostNetwork: true
22+
dnsPolicy: ClusterFirstWithHostNet
23+
containers:
24+
- name: agent-ingest-management-nodescope
25+
image: docker.elastic.co/beats/elastic-agent:8.0.0-SNAPSHOT
26+
env:
27+
- name: FLEET_ENROLL
28+
value: "1"
29+
# Use enrollment key of node scope configuration to distinguish node scope datasets
30+
- name: FLEET_ENROLLMENT_TOKEN
31+
value:
32+
- name: KIBANA_HOST
33+
value: "http://kibana:5601"
34+
- name: NODE_NAME
35+
valueFrom:
36+
fieldRef:
37+
fieldPath: spec.nodeName
38+
securityContext:
39+
runAsUser: 0
40+
resources:
41+
limits:
42+
memory: 200Mi
43+
requests:
44+
cpu: 100m
45+
memory: 100Mi
46+
---
47+
apiVersion: apps/v1
48+
kind: Deployment
49+
metadata:
50+
name: agent-ingest-management-clusterscope
51+
namespace: kube-system
52+
labels:
53+
app: agent-ingest-management-clusterscope
54+
group: ingest-management
55+
spec:
56+
selector:
57+
matchLabels:
58+
app: agent-ingest-management-clusterscope
59+
template:
60+
metadata:
61+
labels:
62+
app: agent-ingest-management-clusterscope
63+
group: ingest-management
64+
spec:
65+
serviceAccountName: agent-ingest-management
66+
containers:
67+
- name: agent-ingest-management-clusterscope
68+
image: docker.elastic.co/beats/elastic-agent:8.0.0-SNAPSHOT
69+
env:
70+
- name: FLEET_ENROLL
71+
value: "1"
72+
# Use enrollment key of cluster scope configuration to distinguish node scope datasets
73+
- name: FLEET_ENROLLMENT_TOKEN
74+
value:
75+
- name: KIBANA_HOST
76+
value: "http://kibana:5601"
77+
- name: NODE_NAME
78+
valueFrom:
79+
fieldRef:
80+
fieldPath: spec.nodeName
81+
securityContext:
82+
runAsUser: 0
83+
resources:
84+
limits:
85+
memory: 200Mi
86+
requests:
87+
cpu: 100m
88+
memory: 100Mi
89+
---
90+
apiVersion: rbac.authorization.k8s.io/v1
91+
kind: ClusterRoleBinding
92+
metadata:
93+
name: agent-ingest-management
94+
subjects:
95+
- kind: ServiceAccount
96+
name: agent-ingest-management
97+
namespace: kube-system
98+
roleRef:
99+
kind: ClusterRole
100+
name: agent-ingest-management
101+
apiGroup: rbac.authorization.k8s.io
102+
---
103+
apiVersion: rbac.authorization.k8s.io/v1
104+
kind: ClusterRole
105+
metadata:
106+
name: agent-ingest-management
107+
labels:
108+
k8s-app: agent-ingest-management
109+
rules:
110+
- apiGroups: [""]
111+
resources:
112+
- nodes
113+
- namespaces
114+
- events
115+
- pods
116+
- secrets
117+
verbs: ["get", "list", "watch"]
118+
- apiGroups: ["extensions"]
119+
resources:
120+
- replicasets
121+
verbs: ["get", "list", "watch"]
122+
- apiGroups: ["apps"]
123+
resources:
124+
- statefulsets
125+
- deployments
126+
- replicasets
127+
verbs: ["get", "list", "watch"]
128+
- apiGroups:
129+
- ""
130+
resources:
131+
- nodes/stats
132+
verbs:
133+
- get
134+
# required for apiserver
135+
- nonResourceURLs:
136+
- "/metrics"
137+
verbs:
138+
- get
139+
---
140+
apiVersion: v1
141+
kind: ServiceAccount
142+
metadata:
143+
name: agent-ingest-management
144+
namespace: kube-system
145+
labels:
146+
k8s-app: agent-ingest-management
147+
---

deploy/kubernetes/elastic-agent/elastic-agent-daemonset.yaml

+44
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,44 @@
1+
apiVersion: apps/v1
2+
kind: DaemonSet
3+
metadata:
4+
name: agent-ingest-management-nodescope
5+
namespace: kube-system
6+
labels:
7+
app: agent-ingest-management-nodescope
8+
group: ingest-management
9+
spec:
10+
selector:
11+
matchLabels:
12+
app: agent-ingest-management-nodescope
13+
template:
14+
metadata:
15+
labels:
16+
app: agent-ingest-management-nodescope
17+
group: ingest-management
18+
spec:
19+
serviceAccountName: agent-ingest-management
20+
hostNetwork: true
21+
dnsPolicy: ClusterFirstWithHostNet
22+
containers:
23+
- name: agent-ingest-management-nodescope
24+
image: docker.elastic.co/beats/elastic-agent:8.0.0-SNAPSHOT
25+
env:
26+
- name: FLEET_ENROLL
27+
value: "1"
28+
# Use enrollment key of node scope configuration to distinguish node scope datasets
29+
- name: FLEET_ENROLLMENT_TOKEN
30+
value:
31+
- name: KIBANA_HOST
32+
value: "http://kibana:5601"
33+
- name: NODE_NAME
34+
valueFrom:
35+
fieldRef:
36+
fieldPath: spec.nodeName
37+
securityContext:
38+
runAsUser: 0
39+
resources:
40+
limits:
41+
memory: 200Mi
42+
requests:
43+
cpu: 100m
44+
memory: 100Mi

deploy/kubernetes/elastic-agent/elastic-agent-deployment.yaml

+42
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,42 @@
1+
apiVersion: apps/v1
2+
kind: Deployment
3+
metadata:
4+
name: agent-ingest-management-clusterscope
5+
namespace: kube-system
6+
labels:
7+
app: agent-ingest-management-clusterscope
8+
group: ingest-management
9+
spec:
10+
selector:
11+
matchLabels:
12+
app: agent-ingest-management-clusterscope
13+
template:
14+
metadata:
15+
labels:
16+
app: agent-ingest-management-clusterscope
17+
group: ingest-management
18+
spec:
19+
serviceAccountName: agent-ingest-management
20+
containers:
21+
- name: agent-ingest-management-clusterscope
22+
image: docker.elastic.co/beats/elastic-agent:8.0.0-SNAPSHOT
23+
env:
24+
- name: FLEET_ENROLL
25+
value: "1"
26+
# Use enrollment key of cluster scope configuration to distinguish node scope datasets
27+
- name: FLEET_ENROLLMENT_TOKEN
28+
value:
29+
- name: KIBANA_HOST
30+
value: "http://kibana:5601"
31+
- name: NODE_NAME
32+
valueFrom:
33+
fieldRef:
34+
fieldPath: spec.nodeName
35+
securityContext:
36+
runAsUser: 0
37+
resources:
38+
limits:
39+
memory: 200Mi
40+
requests:
41+
cpu: 100m
42+
memory: 100Mi

deploy/kubernetes/elastic-agent/elastic-agent-role-binding.yaml

+12
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,12 @@
1+
apiVersion: rbac.authorization.k8s.io/v1
2+
kind: ClusterRoleBinding
3+
metadata:
4+
name: agent-ingest-management
5+
subjects:
6+
- kind: ServiceAccount
7+
name: agent-ingest-management
8+
namespace: kube-system
9+
roleRef:
10+
kind: ClusterRole
11+
name: agent-ingest-management
12+
apiGroup: rbac.authorization.k8s.io

deploy/kubernetes/elastic-agent/elastic-agent-role.yaml

+36
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,36 @@
1+
apiVersion: rbac.authorization.k8s.io/v1
2+
kind: ClusterRole
3+
metadata:
4+
name: agent-ingest-management
5+
labels:
6+
k8s-app: agent-ingest-management
7+
rules:
8+
- apiGroups: [""]
9+
resources:
10+
- nodes
11+
- namespaces
12+
- events
13+
- pods
14+
- secrets
15+
verbs: ["get", "list", "watch"]
16+
- apiGroups: ["extensions"]
17+
resources:
18+
- replicasets
19+
verbs: ["get", "list", "watch"]
20+
- apiGroups: ["apps"]
21+
resources:
22+
- statefulsets
23+
- deployments
24+
- replicasets
25+
verbs: ["get", "list", "watch"]
26+
- apiGroups:
27+
- ""
28+
resources:
29+
- nodes/stats
30+
verbs:
31+
- get
32+
# required for apiserver
33+
- nonResourceURLs:
34+
- "/metrics"
35+
verbs:
36+
- get

deploy/kubernetes/elastic-agent/elastic-agent-service-account.yaml

+7
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,7 @@
1+
apiVersion: v1
2+
kind: ServiceAccount
3+
metadata:
4+
name: agent-ingest-management
5+
namespace: kube-system
6+
labels:
7+
k8s-app: agent-ingest-management

0 commit comments

Comments
 (0)