diff --git a/deploy/helm/elastic-agent/README.md b/deploy/helm/elastic-agent/README.md index 3d84305c80d..3aba76178b7 100644 --- a/deploy/helm/elastic-agent/README.md +++ b/deploy/helm/elastic-agent/README.md @@ -22,28 +22,30 @@ The outputs section specifies where to send data. You can specify multiple outpu ### 1.1 - Output Object The supported types of outputs are: -- `ESPlainAuth`: `elasticsearch` output with the connection details specified inline the yaml +- `ESPlainAuthBasic`: `elasticsearch` output with the connection details (url, username, password) specified inline the yaml +- `ESPlainAuthAPI`: `elasticsearch` output with the connection details (url, api_key) specified inline the yaml - `ESSecretAuthBasic`: `elasticsearch` output with the connection details specified in a k8s secret - `ESSecretAuthAPI`: `elasticsearch` output with the connection details specified in a k8s secret - `ESECKRef`: `elasticsearch` output that references by name an Elasticsearch cluster managed by ECK operator | Key | Type | Default | Description | |-----|------|---------|-------------| -| outputs.{name}.type | string | `"ESPlainAuth"` | type of the output [one of `ESPlainAuth`, `ESSecretAuthBasic`, `ESSecretAuthAPI`, `ESECKRef`] | -| outputs.{name}.url | string | `""` | url of the output [required for type `ESPlainAuth`] | -| outputs.{name}.username | string | `""` | the username to use to authenticate with the output [required for type `ESPlainAuth` if `api_key` is not set] | -| outputs.{name}.password | string | `""` | the password to use to authenticate with the output [required for type `ESPlainAuth` if `api_key` is not set] | -| outputs.{name}.api_key | string | `""` | the API key use to authenticate with the output [required for type `ESPlainAuth` if `username` and `password` are not set] | +| outputs.{name}.type | string | `"ESPlainAuthBasic"` | type of the output [one of `ESPlainAuthBasic`, `ESPlainAuthAPI`, `ESSecretAuthBasic`, `ESSecretAuthAPI`, `ESECKRef`] | +| outputs.{name}.url | string | `""` | url of the output [required for types `ESPlainAuthBasic` and `ESPlainAuthAPI`] | +| outputs.{name}.username | string | `""` | the username to use to authenticate with the output [required for type `ESPlainAuthBasic`] | +| outputs.{name}.password | string | `""` | the password to use to authenticate with the output [required for type `ESPlainAuthBasic`] | +| outputs.{name}.api_key | string | `""` | the API key use to authenticate with the output [required for type `ESPlainAuthAPI`] | | outputs.{name}.secretName | string | `""` | the k8s secret to mount output connection details [required for types `ESSecretAuthBasic` and `ESSecretAuthAPI`] | | outputs.{name}.name | string | `""` | name to reference an Elasticsearch cluster managed by ECK [required for type `ESECKRef`] | | outputs.{name}.namespace | string | `""` | namespace to reference an Elasticsearch cluster managed by ECK [optional for type `ESECKRef`] | Examples of Helm chart arguments to define an output with name `myOutput`: -- `ESPlainAuth`: `--set outputs.myOutput.url=https://elasticsearch:9200 --set outputs.myOutput.api_key=token` +- `ESPlainAuthBasic`: `--set outputs.myOutput.url=https://elasticsearch:9200 --set outputs.myOutput.username=changeme --set outputs.myOutput.password=changeme` +- `ESPlainAuthAPI`: `--set outputs.myOutput.url=https://elasticsearch:9200 --set outputs.myOutput.api_key=token` - `ESSecretAuthBasic`: `--set outputs.myOutput.type=ESSecretAuthBasic --set outputs.myOutput.secretName=k8s_secret_name` (required keys in the k8s secret are `url`, `username`, `password`) - `ESSecretAuthAPI`: `--set outputs.myOutput.type=ESSecretAuthAPI --set outputs.myOutput.secretName=k8s_secret_name` (required keys in the k8s secret are `url`, `api_key`) - `ESECKRef`: `--set outputs.myOutput.type=ESECKRef --set outputs.myOutput.name=eck_es_cluster_name` -For `ESPlainAuth`, `ESSecretAuthBasic`, `ESSecretAuthAPI` extra fields can be specified inline the yaml following these guidelines (`ESECKRef` doesn't support them): +For `ESPlainAuthBasic`, `ESPlainAuthAPI` `ESSecretAuthBasic`, `ESSecretAuthAPI` extra fields can be specified inline the yaml following these guidelines (`ESECKRef` doesn't support them): - ["Data parsing, filtering, and manipulation settings"](`https://www.elastic.co/guide/en/fleet/current/elasticsearch-output.html#output-elasticsearch-data-parsing-settings`) - ["Performance tuning settings"](https://www.elastic.co/guide/en/fleet/current/elasticsearch-output.html#output-elasticsearch-performance-tuning-settings) - ["Memory queue settings"](https://www.elastic.co/guide/en/fleet/current/elasticsearch-output.html#output-elasticsearch-memory-queue-settings) @@ -129,8 +131,8 @@ The chart built-in [kubernetes integration](https://docs.elastic.co/integrations ### 3 - Elastic-Agent Configuration | Key | Type | Default | Description | |-----|------|---------|-------------| -| agent.version | string | `"8.15.0"` | elastic-agent version | -| agent.image | object | `{"pullPolicy":"IfNotPresent","repository":"docker.elastic.co/beats/elastic-agent-complete","tag":""}` | image configuration | +| agent.version | string | `"9.0.0"` | elastic-agent version | +| agent.image | object | `{"pullPolicy":"IfNotPresent","repository":"docker.elastic.co/beats/elastic-agent","tag":"9.0.0-SNAPSHOT"}` | image configuration | | agent.engine | string | `"k8s"` | generate kubernetes manifests or [ECK](https://github.com/elastic/cloud-on-k8s) CRDs | | agent.unprivileged | bool | `false` | enable unprivileged mode | | agent.presets | map[string]{} | `{ "perNode" : {...}, "clusterWider": {...}, "ksmShared": {...} }` | Map of deployment presets for the Elastic Agent. The key of the map is the name of the preset. See more for the presets required by the built-in Kubernetes integration [here](./values.yaml) | diff --git a/deploy/helm/elastic-agent/README.md.gotmpl b/deploy/helm/elastic-agent/README.md.gotmpl index 3dbb6877fd6..628be20678c 100644 --- a/deploy/helm/elastic-agent/README.md.gotmpl +++ b/deploy/helm/elastic-agent/README.md.gotmpl @@ -26,7 +26,8 @@ The outputs section specifies where to send data. You can specify multiple outpu {{ define "section.description.OutputObject.PreTable" }} The supported types of outputs are: -- `ESPlainAuth`: `elasticsearch` output with the connection details specified inline the yaml +- `ESPlainAuthBasic`: `elasticsearch` output with the connection details (url, username, password) specified inline the yaml +- `ESPlainAuthAPI`: `elasticsearch` output with the connection details (url, api_key) specified inline the yaml - `ESSecretAuthBasic`: `elasticsearch` output with the connection details specified in a k8s secret - `ESSecretAuthAPI`: `elasticsearch` output with the connection details specified in a k8s secret - `ESECKRef`: `elasticsearch` output that references by name an Elasticsearch cluster managed by ECK operator @@ -34,12 +35,13 @@ The supported types of outputs are: {{ define "section.description.OutputObject.PostTable" }} Examples of Helm chart arguments to define an output with name `myOutput`: -- `ESPlainAuth`: `--set outputs.myOutput.url=https://elasticsearch:9200 --set outputs.myOutput.api_key=token` +- `ESPlainAuthBasic`: `--set outputs.myOutput.url=https://elasticsearch:9200 --set outputs.myOutput.username=changeme --set outputs.myOutput.password=changeme` +- `ESPlainAuthAPI`: `--set outputs.myOutput.url=https://elasticsearch:9200 --set outputs.myOutput.api_key=token` - `ESSecretAuthBasic`: `--set outputs.myOutput.type=ESSecretAuthBasic --set outputs.myOutput.secretName=k8s_secret_name` (required keys in the k8s secret are `url`, `username`, `password`) - `ESSecretAuthAPI`: `--set outputs.myOutput.type=ESSecretAuthAPI --set outputs.myOutput.secretName=k8s_secret_name` (required keys in the k8s secret are `url`, `api_key`) - `ESECKRef`: `--set outputs.myOutput.type=ESECKRef --set outputs.myOutput.name=eck_es_cluster_name` -For `ESPlainAuth`, `ESSecretAuthBasic`, `ESSecretAuthAPI` extra fields can be specified inline the yaml following these guidelines (`ESECKRef` doesn't support them): +For `ESPlainAuthBasic`, `ESPlainAuthAPI` `ESSecretAuthBasic`, `ESSecretAuthAPI` extra fields can be specified inline the yaml following these guidelines (`ESECKRef` doesn't support them): - ["Data parsing, filtering, and manipulation settings"](`https://www.elastic.co/guide/en/fleet/current/elasticsearch-output.html#output-elasticsearch-data-parsing-settings`) - ["Performance tuning settings"](https://www.elastic.co/guide/en/fleet/current/elasticsearch-output.html#output-elasticsearch-performance-tuning-settings) - ["Memory queue settings"](https://www.elastic.co/guide/en/fleet/current/elasticsearch-output.html#output-elasticsearch-memory-queue-settings) diff --git a/deploy/helm/elastic-agent/examples/kubernetes-default/rendered/manifest.yaml b/deploy/helm/elastic-agent/examples/kubernetes-default/rendered/manifest.yaml index be036253be2..b5254f495bb 100644 --- a/deploy/helm/elastic-agent/examples/kubernetes-default/rendered/manifest.yaml +++ b/deploy/helm/elastic-agent/examples/kubernetes-default/rendered/manifest.yaml @@ -56,13 +56,9 @@ stringData: id: agent-clusterwide-example outputs: default: - api_key: "" hosts: - http://elasticsearch:9200 - name: "" - namespace: "" password: changeme - secretName: "" type: elasticsearch username: elastic secret_references: [] @@ -117,13 +113,9 @@ stringData: id: agent-ksmsharded-example outputs: default: - api_key: "" hosts: - http://elasticsearch:9200 - name: "" - namespace: "" password: changeme - secretName: "" type: elasticsearch username: elastic secret_references: [] @@ -415,13 +407,9 @@ stringData: id: agent-pernode-example outputs: default: - api_key: "" hosts: - http://elasticsearch:9200 - name: "" - namespace: "" password: changeme - secretName: "" type: elasticsearch username: elastic secret_references: [] @@ -1100,7 +1088,7 @@ spec: labels: name: agent-pernode-example annotations: - checksum/config: 445f37bb37be6c09d10658d6172b60937ad2eabb8b2caa491c02e319e32c3e2f + checksum/config: 1880bff2efcb86e1b6cc442b0804132a46df0bb93ceae4af8cd42b44964e53c6 spec: dnsPolicy: ClusterFirstWithHostNet @@ -1220,7 +1208,7 @@ spec: labels: name: agent-clusterwide-example annotations: - checksum/config: 07ad466a99831af1ca298d124df038347a662dbd2bb3e9e9f34d459e59b5ac22 + checksum/config: 73527b0aad319ef33239ef3c862820c5ee5cafb42e2ce164049646791b69ec68 spec: dnsPolicy: ClusterFirstWithHostNet @@ -1301,7 +1289,7 @@ spec: labels: name: agent-ksmsharded-example annotations: - checksum/config: 25c0797d499503c38495e5319cafa8b6f233bc3777c06465748f79c47a826a52 + checksum/config: 4ec2b2ef4d3c5c103e79e47a45d4b3b4f9f774e85293f9a5b2d56556025f1d2d spec: dnsPolicy: ClusterFirstWithHostNet diff --git a/deploy/helm/elastic-agent/examples/kubernetes-hints-autodiscover/rendered/manifest.yaml b/deploy/helm/elastic-agent/examples/kubernetes-hints-autodiscover/rendered/manifest.yaml index 5654799e737..faf1dc7ab2a 100644 --- a/deploy/helm/elastic-agent/examples/kubernetes-hints-autodiscover/rendered/manifest.yaml +++ b/deploy/helm/elastic-agent/examples/kubernetes-hints-autodiscover/rendered/manifest.yaml @@ -56,13 +56,9 @@ stringData: id: agent-clusterwide-example outputs: default: - api_key: "" hosts: - http://elasticsearch:9200 - name: "" - namespace: "" password: changeme - secretName: "" type: elasticsearch username: elastic secret_references: [] @@ -117,13 +113,9 @@ stringData: id: agent-ksmsharded-example outputs: default: - api_key: "" hosts: - http://elasticsearch:9200 - name: "" - namespace: "" password: changeme - secretName: "" type: elasticsearch username: elastic secret_references: [] @@ -415,13 +407,9 @@ stringData: id: agent-pernode-example outputs: default: - api_key: "" hosts: - http://elasticsearch:9200 - name: "" - namespace: "" password: changeme - secretName: "" type: elasticsearch username: elastic secret_references: [] @@ -1102,7 +1090,7 @@ spec: labels: name: agent-pernode-example annotations: - checksum/config: f7d9ba588a1d1f957b809397f07b93e2c1bbcc812d9067887d4e009085c26873 + checksum/config: f81171bdf0eed2d3bc8492050be0e6763188e3731e5cfc2b675f6ad8810c6fb7 spec: dnsPolicy: ClusterFirstWithHostNet @@ -1247,7 +1235,7 @@ spec: labels: name: agent-clusterwide-example annotations: - checksum/config: 07ad466a99831af1ca298d124df038347a662dbd2bb3e9e9f34d459e59b5ac22 + checksum/config: 73527b0aad319ef33239ef3c862820c5ee5cafb42e2ce164049646791b69ec68 spec: dnsPolicy: ClusterFirstWithHostNet @@ -1328,7 +1316,7 @@ spec: labels: name: agent-ksmsharded-example annotations: - checksum/config: 25c0797d499503c38495e5319cafa8b6f233bc3777c06465748f79c47a826a52 + checksum/config: 4ec2b2ef4d3c5c103e79e47a45d4b3b4f9f774e85293f9a5b2d56556025f1d2d spec: dnsPolicy: ClusterFirstWithHostNet diff --git a/deploy/helm/elastic-agent/examples/kubernetes-only-logs/rendered/manifest.yaml b/deploy/helm/elastic-agent/examples/kubernetes-only-logs/rendered/manifest.yaml index adfe7659f10..874e6741ce3 100644 --- a/deploy/helm/elastic-agent/examples/kubernetes-only-logs/rendered/manifest.yaml +++ b/deploy/helm/elastic-agent/examples/kubernetes-only-logs/rendered/manifest.yaml @@ -30,13 +30,9 @@ stringData: id: agent-pernode-example outputs: default: - api_key: "" hosts: - http://elasticsearch:9200 - name: "" - namespace: "" password: changeme - secretName: "" type: elasticsearch username: elastic secret_references: [] @@ -230,7 +226,7 @@ spec: labels: name: agent-pernode-example annotations: - checksum/config: a7c974ba2737eab9abbfb69369c7652546ffbab54b4cb3e4942b083c72323b95 + checksum/config: e4f00459bc975f20e15a69d830b8df6c1998190072d515e0c08cf5b51dd5bbc1 spec: dnsPolicy: ClusterFirstWithHostNet diff --git a/deploy/helm/elastic-agent/examples/multiple-integrations/rendered/manifest.yaml b/deploy/helm/elastic-agent/examples/multiple-integrations/rendered/manifest.yaml index 1ae650fec6e..f16673518f0 100644 --- a/deploy/helm/elastic-agent/examples/multiple-integrations/rendered/manifest.yaml +++ b/deploy/helm/elastic-agent/examples/multiple-integrations/rendered/manifest.yaml @@ -56,13 +56,9 @@ stringData: id: agent-clusterwide-example outputs: default: - api_key: "" hosts: - http://elasticsearch:9200 - name: "" - namespace: "" password: changeme - secretName: "" type: elasticsearch username: elastic secret_references: [] @@ -143,13 +139,9 @@ stringData: id: agent-ksmsharded-example outputs: default: - api_key: "" hosts: - http://elasticsearch:9200 - name: "" - namespace: "" password: changeme - secretName: "" type: elasticsearch username: elastic secret_references: [] @@ -441,13 +433,9 @@ stringData: id: agent-pernode-example outputs: default: - api_key: "" hosts: - http://elasticsearch:9200 - name: "" - namespace: "" password: changeme - secretName: "" type: elasticsearch username: elastic secret_references: [] @@ -1128,7 +1116,7 @@ spec: labels: name: agent-pernode-example annotations: - checksum/config: f7d9ba588a1d1f957b809397f07b93e2c1bbcc812d9067887d4e009085c26873 + checksum/config: f81171bdf0eed2d3bc8492050be0e6763188e3731e5cfc2b675f6ad8810c6fb7 spec: dnsPolicy: ClusterFirstWithHostNet @@ -1263,7 +1251,7 @@ spec: labels: name: agent-clusterwide-example annotations: - checksum/config: 48eef4bd335130eb2b974f2a4f9abbb2221519e8e75a96285c69bb9828d9e768 + checksum/config: b04d7965af8739293cd90e352c59d1240473f56febd9aded16ba766d77f90b5f spec: dnsPolicy: ClusterFirstWithHostNet @@ -1334,7 +1322,7 @@ spec: labels: name: agent-ksmsharded-example annotations: - checksum/config: 25c0797d499503c38495e5319cafa8b6f233bc3777c06465748f79c47a826a52 + checksum/config: 4ec2b2ef4d3c5c103e79e47a45d4b3b4f9f774e85293f9a5b2d56556025f1d2d spec: dnsPolicy: ClusterFirstWithHostNet diff --git a/deploy/helm/elastic-agent/examples/nginx-custom-integration/rendered/manifest.yaml b/deploy/helm/elastic-agent/examples/nginx-custom-integration/rendered/manifest.yaml index b1afc7103a1..efa5422e1ca 100644 --- a/deploy/helm/elastic-agent/examples/nginx-custom-integration/rendered/manifest.yaml +++ b/deploy/helm/elastic-agent/examples/nginx-custom-integration/rendered/manifest.yaml @@ -30,13 +30,9 @@ stringData: id: agent-nginx-example outputs: default: - api_key: "" hosts: - http://elasticsearch:9200 - name: "" - namespace: "" password: changeme - secretName: "" type: elasticsearch username: elastic secret_references: [] @@ -219,7 +215,7 @@ spec: labels: name: agent-nginx-example annotations: - checksum/config: 5b03a8c53bfa79596ff47efff33dd02b851f81b1bdbe1581b5a485eefe26103a + checksum/config: 4b3a03273d11151ee0f8bbdc8e235f8b6d2b344e09dedc632ae6f7f9e8e0ef34 spec: dnsPolicy: ClusterFirstWithHostNet diff --git a/deploy/helm/elastic-agent/templates/agent/_helpers.tpl b/deploy/helm/elastic-agent/templates/agent/_helpers.tpl index c77d268e3b8..0de739754ee 100644 --- a/deploy/helm/elastic-agent/templates/agent/_helpers.tpl +++ b/deploy/helm/elastic-agent/templates/agent/_helpers.tpl @@ -29,64 +29,34 @@ Entrypoint for chart initialisation {{- define "elasticagent.init" -}} {{- if not (hasKey $.Values.agent "initialised") -}} {{/* init order matters */}} -{{- include "elasticagent.init.engine" $ -}} +{{- include (printf "elasticagent.engine.%s.init" $.Values.agent.engine) $ -}} {{- include "elasticagent.init.fleet" $ -}} -{{- include "elasticagent.init.outputs" $ -}} {{- include "elasticagent.init.inputs" $ -}} {{- include "elasticagent.init.presets" $ -}} {{- $_ := set $.Values.agent "initialised" dict -}} {{- end -}} {{- end -}} -{{/* -Check the agent.engine and fallback to "k8s" -*/}} -{{- define "elasticagent.init.engine" -}} -{{- $ := . -}} -{{- if empty (dig "engine" ("") $.Values.agent) -}} -{{- $_ := set $.Values.agent "engine" "k8s" -}} -{{- end -}} -{{- include (printf "elasticagent.engine.%s.init" $.Values.agent.engine) $ -}} -{{- end -}} - {{/* Validate fleet configuration */}} {{- define "elasticagent.init.fleet" -}} {{- $ := . -}} +{{/* check if fleet is enabled */}} {{- if eq $.Values.agent.fleet.enabled true -}} -{{- $_ := required "url must be defined when fleet mode is enabled" $.Values.agent.fleet.url -}} -{{- if empty $.Values.agent.fleet.token -}} -{{- $_ := required "kibana host must be defined when fleet mode is enabled and a token is not supplied" $.Values.agent.fleet.kibanaHost -}} -{{- $_ := required "kibana username must be defined when fleet mode is enabled and a token is not supplied" $.Values.agent.fleet.kibanaUser -}} -{{- $_ := required "kibana password must be defined when fleet mode is enabled and a token is not supplied" $.Values.agent.fleet.kibanaPassword -}} -{{- end -}} -{{- $_ := required "preset must be defined when fleet mode is enabled" $.Values.agent.fleet.preset -}} -{{- if not (hasKey $.Values.agent.presets $.Values.agent.fleet.preset)}} -{{- fail (printf "specified preset \"%s\" under fleet is not found" $.Values.agent.fleet.preset) -}} -{{- end -}} +{{/* check if the preset exists */}} +{{- $fleetPresetName := $.Values.agent.fleet.preset -}} +{{- $fleetPresetVal := get $.Values.agent.presets $fleetPresetName -}} +{{- $_ := required (printf "preset with name \"%s\" of fleet not defined" $fleetPresetName) $fleetPresetVal -}} +{{/* disable all presets except the fleet one */}} {{- range $presetName, $presetVal := $.Values.agent.presets}} -{{- if ne $presetName $.Values.agent.fleet.preset -}} +{{- if ne $presetName $fleetPresetName -}} {{- $_ := unset $.Values.agent.presets $presetName}} {{- end -}} {{- end -}} {{- end -}} {{- end -}} -{{/* -Validate and initialise outputs -*/}} -{{- define "elasticagent.init.outputs" -}} -{{- $ := . -}} -{{- $supportOutputTypes := dict "ESPlainAuth" "" "ESSecretAuthBasic" "" "ESSecretAuthAPI" "" "ESECKRef" ""}} -{{- range $outputName, $outputVal := $.Values.outputs -}} -{{- if empty ($outputVal).type -}} -{{- $_ := set $outputVal "type" "ESPlainAuth" -}} -{{- end -}} -{{- include (printf "elasticagent.output.%s.validate" ($outputVal).type) (list $ $outputName $outputVal)}} -{{- end -}} -{{- end -}} - {{/* Initialise input templates if we are not deploying as managed */}} @@ -97,13 +67,9 @@ Initialise input templates if we are not deploying as managed {{- include "elasticagent.kubernetes.init" $ -}} {{- range $customInputName, $customInputVal := $.Values.extraIntegrations -}} {{- $customInputPresetName := ($customInputVal).preset -}} -{{- $_ := required (printf "customInput \"%s\" is missing required preset field" $customInputName) $customInputPresetName -}} {{- $presetVal := get $.Values.agent.presets $customInputPresetName -}} {{- $_ := required (printf "preset with name \"%s\" of customInput \"%s\" not defined" $customInputPresetName $customInputName) $customInputVal -}} -{{- $customInputOuput := dig "use_output" (list) $customInputVal -}} -{{- if empty $customInputOuput -}} -{{- fail (printf "output not defined in custom integration \"%s\"" $customInputName) -}} -{{- end -}} +{{- $customInputOuput := ($customInputVal).use_output -}} {{- include "elasticagent.preset.mutate.outputs.byname" (list $ $presetVal $customInputOuput) -}} {{- include "elasticagent.preset.mutate.inputs" (list $ $presetVal (list $customInputVal)) -}} {{- end -}} @@ -118,15 +84,7 @@ Validate and initialise the defined agent presets {{- range $presetName, $presetVal := $.Values.agent.presets -}} {{- include "elasticagent.preset.mutate.unprivileged" (list $ $presetVal) -}} {{- include "elasticagent.preset.mutate.fleet" (list $ $presetVal) -}} -{{- $presetMode := dig "mode" ("") $presetVal -}} -{{- if not $presetMode -}} -{{- fail (printf "mode is missing from preset \"%s\"" $presetName) -}} -{{- else if eq $presetMode "deployment" -}} -{{- else if eq $presetMode "statefulset" -}} -{{- else if eq $presetMode "daemonset" -}} -{{- else -}} -{{- fail (printf "invalid mode \"%s\" in preset \"%s\", must be one of deployment, statefulset, daemonset" $presetMode $presetName) -}} -{{- end -}} +{{- $presetMode := ($presetVal).mode -}} {{- if eq $.Values.agent.fleet.enabled false -}} {{- $presetInputs := dig "_inputs" (list) $presetVal -}} {{- if empty $presetInputs -}} @@ -384,13 +342,12 @@ app.kubernetes.io/version: {{ .Values.agent.version}} {{- $ := index . 0 -}} {{- $preset := index . 1 -}} {{- $outputName := index . 2 -}} -{{- if not (hasKey $.Values.outputs $outputName) -}} -{{- fail (printf "output \"%s\" is not defined" $outputName) -}} -{{- end -}} -{{- $outputDict := deepCopy (get $.Values.outputs $outputName) -}} +{{- $ouputVal := get $.Values.outputs $outputName }} +{{- $_ := required (printf "output \"%s\" is not defined" $outputName) $ouputVal -}} +{{- $outputCopy := deepCopy $ouputVal -}} {{- $presetOutputs := dig "outputs" (dict) $preset -}} {{- if not (hasKey $presetOutputs $outputName) -}} -{{- $_ := set $presetOutputs $outputName $outputDict}} +{{- $_ := set $presetOutputs $outputName $outputCopy}} {{- end -}} {{- $_ := set $preset "outputs" $presetOutputs -}} {{- end -}} diff --git a/deploy/helm/elastic-agent/templates/agent/_outputs.tpl b/deploy/helm/elastic-agent/templates/agent/_outputs.tpl index 544898a28ef..19f5de24642 100644 --- a/deploy/helm/elastic-agent/templates/agent/_outputs.tpl +++ b/deploy/helm/elastic-agent/templates/agent/_outputs.tpl @@ -1,48 +1,42 @@ -{{- define "elasticagent.output.ESPlainAuth.validate" -}} +{{- define "elasticagent.output.ESPlainAuthBasic.preset.envvars" -}} +{{/* this is plain text so nothing to be added in the pod env vars */}} +{{- end -}} + +{{- define "elasticagent.output.ESPlainAuthBasic.preset.config" -}} {{- $ := index . 0 -}} {{- $outputName := index . 1 -}} -{{- $outputVal := index . 2 -}} -{{- if empty ($outputVal).url -}} -{{- fail (printf "missing url in %s output" $outputName)}} -{{- end -}} -{{- if empty ($outputVal).api_key -}} -{{- if empty ($outputVal).username -}} -{{- fail (printf "missing user in %s output" $outputName)}} -{{- end -}} -{{- if empty ($outputVal).password -}} -{{- fail (printf "missing pass in %s output" $outputName)}} -{{- end -}} -{{- end -}} +{{- $outputVal := deepCopy (index . 2) -}} +{{- $_ := set $outputVal "type" "elasticsearch" -}} +{{- $_ := set $outputVal "hosts" (list ($outputVal).url) -}} +{{- $_ := unset $outputVal "url" -}} +{{- $_ := unset $outputVal "api_key" -}} +{{- $_ := unset $outputVal "secretName" -}} +{{- $_ := unset $outputVal "name" -}} +{{- $_ := unset $outputVal "namespace" -}} +{{$outputName}}: + {{- $outputVal | toYaml | nindent 2}} {{- end -}} -{{- define "elasticagent.output.ESPlainAuth.preset.envvars" -}} +{{- define "elasticagent.output.ESPlainAuthAPI.preset.envvars" -}} {{/* this is plain text so nothing to be added in the pod env vars */}} {{- end -}} -{{- define "elasticagent.output.ESPlainAuth.preset.config" -}} +{{- define "elasticagent.output.ESPlainAuthAPI.preset.config" -}} {{- $ := index . 0 -}} {{- $outputName := index . 1 -}} {{- $outputVal := deepCopy (index . 2) -}} {{- $_ := set $outputVal "type" "elasticsearch" -}} {{- $_ := set $outputVal "hosts" (list ($outputVal).url) -}} {{- $_ := unset $outputVal "url" -}} -{{- if ($outputVal).api_key -}} {{- $_ := unset $outputVal "username" -}} {{- $_ := unset $outputVal "password" -}} -{{- end -}} +{{- $_ := unset $outputVal "secretName" -}} +{{- $_ := unset $outputVal "name" -}} +{{- $_ := unset $outputVal "namespace" -}} {{$outputName}}: {{- $outputVal | toYaml | nindent 2}} {{- end -}} -{{- define "elasticagent.output.ESSecretAuthBasic.validate" -}} -{{- $ := index . 0 -}} -{{- $outputName := index . 1 -}} -{{- $outputVal := index . 2 -}} -{{- if empty ($outputVal).secretName -}} -{{- fail (printf "secret name missing in %s output" $outputName)}} -{{- end -}} -{{- end -}} - {{- define "elasticagent.output.ESSecretAuthBasic.preset.envvars" -}} {{- $ := index . 0 -}} {{- $outputName := index . 1 -}} @@ -68,7 +62,7 @@ {{- $ := index . 0 -}} {{- $outputName := index . 1 -}} {{- $outputVal := deepCopy (index . 2) -}} -{{- $outputVal = omit $outputVal "secretName" "username" "password" "name" "serviceName" "namespace" -}} +{{- $outputVal = omit $outputVal "secretName" "username" "password" "name" "serviceName" "namespace" "api_key" "url" -}} {{- $_ := set $outputVal "type" "elasticsearch" -}} {{- $_ := set $outputVal "hosts" (list (printf "${OUTPUT_%s_URL}" (upper $outputName))) -}} {{- $_ := set $outputVal "username" (printf "${OUTPUT_%s_USER}" (upper $outputName)) -}} @@ -77,20 +71,11 @@ {{- $outputVal | toYaml | nindent 2}} {{- end -}} -{{- define "elasticagent.output.ESSecretAuthAPI.validate" -}} -{{- $ := index . 0 -}} -{{- $outputName := index . 1 -}} -{{- $outputVal := index . 2 -}} -{{- if empty ($outputVal).secretName -}} -{{- fail (printf "secret name missing in %s output" $outputName)}} -{{- end -}} -{{- end -}} - {{- define "elasticagent.output.ESSecretAuthAPI.preset.config" -}} {{- $ := index . 0 -}} {{- $outputName := index . 1 -}} {{- $outputVal := deepCopy (index . 2) -}} -{{- $outputVal = omit $outputVal "secretName" "username" "password" "name" "serviceName" "namespace" -}} +{{- $outputVal = omit $outputVal "secretName" "username" "password" "name" "serviceName" "namespace" "api_key" "url" -}} {{- $_ := set $outputVal "type" "elasticsearch" -}} {{- $_ := set $outputVal "hosts" (list (printf "${OUTPUT_%s_URL}" (upper $outputName))) -}} {{- $_ := set $outputVal "api_key" (printf "${OUTPUT_%s_API_KEY}" (upper $outputName)) -}} @@ -114,17 +99,6 @@ key: api_key {{- end -}} -{{- define "elasticagent.output.ESECKRef.validate" -}} -{{- $ := index . 0 -}} -{{- $outputName := index . 1 -}} -{{- $outputVal := index . 2 -}} -{{- if empty ($outputVal).name -}} -{{- if empty ($outputVal).secretName -}} -{{- fail (printf "missing secretName in %s output (ESECKRef type)" $outputName)}} -{{- end -}} -{{- end -}} -{{- end -}} - {{- define "elasticagent.output.ESECKRef.preset.config" -}} {{- $ := index . 0 -}} {{- $outputName := index . 1 -}} diff --git a/deploy/helm/elastic-agent/templates/agent/eck/_pod_template.tpl b/deploy/helm/elastic-agent/templates/agent/eck/_pod_template.tpl index ebedb42178e..6843e458ad6 100644 --- a/deploy/helm/elastic-agent/templates/agent/eck/_pod_template.tpl +++ b/deploy/helm/elastic-agent/templates/agent/eck/_pod_template.tpl @@ -4,6 +4,9 @@ {{- $agentName := index . 2 }} spec: dnsPolicy: ClusterFirstWithHostNet + {{- with ($presetVal).hostNetwork }} + hostNetwork: {{ . }} + {{- end }} {{- with ($presetVal).hostPID }} hostPID: {{ . }} {{- end }} diff --git a/deploy/helm/elastic-agent/templates/agent/k8s/_pod_template.tpl b/deploy/helm/elastic-agent/templates/agent/k8s/_pod_template.tpl index 56413c9cea1..5462430a29a 100644 --- a/deploy/helm/elastic-agent/templates/agent/k8s/_pod_template.tpl +++ b/deploy/helm/elastic-agent/templates/agent/k8s/_pod_template.tpl @@ -4,8 +4,8 @@ {{- $agentName := index . 2 }} spec: dnsPolicy: ClusterFirstWithHostNet - {{- if eq $.Values.agent.fleet.enabled true }} - hostNetwork: true + {{- with ($presetVal).hostNetwork }} + hostNetwork: {{ . }} {{- end }} {{- with ($presetVal).hostPID }} hostPID: {{ . }} diff --git a/deploy/helm/elastic-agent/values.schema.json b/deploy/helm/elastic-agent/values.schema.json new file mode 100644 index 00000000000..443c5fc8653 --- /dev/null +++ b/deploy/helm/elastic-agent/values.schema.json @@ -0,0 +1,1182 @@ +{ + "$schema": "http://json-schema.org/draft-07/schema", + "type": "object", + "title": "Elastic Agent Helm chart configuration.", + "description": "Schema for managing the Elastic Agent Helm chart values.", + "properties": { + "outputs": { + "type": "object", + "description": "Object containing multiple output configurations.", + "additionalProperties": { + "$ref": "#/definitions/OutputObject" + }, + "examples": [ + { + "outputNamePlain": { + "type": "ESPlainAuthBasic" + } + } + ] + }, + "kubernetes": { + "type": "object", + "description": "Configuration for Kubernetes integration.", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable Kubernetes integration." + }, + "output": { + "type": "string", + "description": "Name of the output used in Kubernetes integration. Must be defined in outputs." + }, + "namespace": { + "type": "string", + "description": "Kubernetes namespace.", + "default": "default" + }, + "hints": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable elastic-agent autodiscovery feature." + } + } + }, + "state": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable state streams based on kube-state-metrics." + }, + "deployKSM": { + "type": "boolean", + "description": "Deploy kube-state-metrics service as a sidecar container." + }, + "host": { + "type": "string", + "description": "Host of the kube-state-metrics service, used when deployKSM is set to false." + }, + "vars": { + "type": "object", + "description": "State streams variables." + } + }, + "required": [ + "enabled", + "deployKSM" + ], + "if": { + "properties": { + "deployKSM": { + "const": false + } + } + }, + "then": { + "properties": { + "host": { + "type": "string", + "format": "uri" + } + }, + "required": [ + "host" + ] + } + }, + "metrics": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable metric streams based on kubelet." + }, + "vars": { + "type": "object", + "description": "Metric streams variables." + } + }, + "required": [ + "enabled" + ] + }, + "apiserver": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable apiserver input." + }, + "vars": { + "type": "object", + "description": "Apiserver variables." + } + }, + "required": [ + "enabled" + ] + }, + "proxy": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable proxy input." + }, + "vars": { + "type": "object", + "description": "Proxy stream variables." + } + }, + "required": [ + "enabled" + ] + }, + "scheduler": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable scheduler input." + }, + "vars": { + "type": "object", + "description": "Scheduler stream variables." + } + }, + "required": [ + "enabled" + ] + }, + "controller_manager": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable controller_manager input." + }, + "vars": { + "type": "object", + "description": "Controller manager stream variables." + } + }, + "required": [ + "enabled" + ] + }, + "containers": { + "type": "object", + "properties": { + "metrics": { + "$ref": "#/definitions/KubernetesStreamConfig" + }, + "state": { + "$ref": "#/definitions/KubernetesStreamConfig" + }, + "logs": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable containers logs stream." + }, + "additionalParsersConfig": { + "type": "array", + "items": { + "type": "string" + } + } + }, + "required": [ + "enabled" + ] + }, + "audit_logs": { + "$ref": "#/definitions/KubernetesStreamConfig" + } + } + }, + "pods": { + "$ref": "#/definitions/KubernetesMetricsAndStateConfig" + }, + "deployments": { + "$ref": "#/definitions/KubernetesStateConfig" + }, + "statefulsets": { + "$ref": "#/definitions/KubernetesStateConfig" + }, + "daemonsets": { + "$ref": "#/definitions/KubernetesStateConfig" + }, + "replicasets": { + "$ref": "#/definitions/KubernetesStateConfig" + }, + "namespaces": { + "$ref": "#/definitions/KubernetesStateConfig" + }, + "volumes": { + "$ref": "#/definitions/KubernetesMetricsConfig" + }, + "nodes": { + "$ref": "#/definitions/KubernetesMetricsAndStateConfig" + }, + "storageclasses": { + "$ref": "#/definitions/KubernetesStateConfig" + }, + "jobs": { + "$ref": "#/definitions/KubernetesStateConfig" + }, + "cronjobs": { + "$ref": "#/definitions/KubernetesStateConfig" + }, + "persistentvolumes": { + "$ref": "#/definitions/KubernetesStateConfig" + }, + "persistentvolumeclaims": { + "$ref": "#/definitions/KubernetesStateConfig" + }, + "resourcequotas": { + "$ref": "#/definitions/KubernetesStateConfig" + }, + "services": { + "$ref": "#/definitions/KubernetesStateConfig" + }, + "system": { + "$ref": "#/definitions/KubernetesMetricsConfig" + } + } + }, + "extraIntegrations": { + "type": "object", + "description": "Configuration for extra integrations.", + "additionalProperties": { + "$ref": "#/definitions/CustomIntegrationConfig" + } + }, + "agent": { + "type": "object", + "description": "Configuration for the Elastic-Agent.", + "properties": { + "version": { + "type": "string", + "description": "Elastic-Agent version.", + "pattern": "^[0-9]+\\.[0-9]+\\.[0-9]+.*$" + }, + "image": { + "$ref": "#/definitions/AgentImageConfig" + }, + "engine": { + "type": "string", + "enum": [ + "k8s", + "eck" + ], + "description": "Engine to use for Kubernetes manifests or ECK CRDs.", + "examples": [ + "k8s" + ], + "default": "k8s" + }, + "unprivileged": { + "type": "boolean", + "description": "Enable unprivileged mode." + }, + "fleet": { + "type": "object", + "description": "Elastic-Agent managed configuration.", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable Elastic-Agent managed mode.", + "default": false + }, + "url": { + "type": "string", + "description": "Fleet server URL." + }, + "token": { + "type": "string", + "description": "Fleet enrollment token." + }, + "insecure": { + "type": "boolean", + "description": "Fleet insecure URL." + }, + "kibanaHost": { + "type": "string", + "description": "Kibana host to fallback if enrollment token is not supplied." + }, + "kibanaUser": { + "type": "string", + "description": "Kibana username to fallback if enrollment token is not supplied." + }, + "kibanaPassword": { + "type": "string", + "description": "Kibana password to fallback if enrollment token is not supplied." + }, + "preset": { + "type": "string", + "description": "Agent preset to deploy." + } + }, + "required": [ + "enabled" + ], + "if": { + "properties": { + "enabled": { + "const": true + } + } + }, + "then": { + "anyOf": [ + { + "required": [ + "preset", + "url", + "token" + ], + "properties": { + "preset": { + "type": "string", + "minLength": 1 + }, + "url": { + "type": "string", + "format": "uri" + }, + "token": { + "type": "string", + "minLength": 1 + } + } + }, + { + "required": [ + "preset", + "url", + "kibanaHost", + "kibanaUser", + "kibanaPassword" + ], + "properties": { + "preset": { + "type": "string", + "minLength": 1 + }, + "url": { + "type": "string", + "format": "uri" + }, + "kibanaHost": { + "type": "string", + "format": "uri" + }, + "kibanaUser": { + "type": "string", + "minLength": 1 + }, + "kibanaPassword": { + "type": "string", + "minLength": 1 + } + } + } + ] + } + }, + "presets": { + "type": "object", + "description": "Map of deployment presets for the Elastic Agent.", + "additionalProperties": { + "$ref": "#/definitions/AgentPreset" + }, + "default": { + "presetName": { + "mode": "daemonset" + } + }, + "examples": [ + { + "presetName": { + "mode": "daemonset" + } + } + ] + } + }, + "required": [ + "version", + "engine", + "presets" + ] + } + }, + "required": [ + "outputs", + "agent" + ], + "if": { + "properties": { + "agent": { + "properties": { + "engine": { + "const": "k8s" + } + } + } + } + }, + "then": { + "not": { + "properties": { + "outputs": { + "type": "object", + "additionalProperties": { + "properties": { + "type": { + "const": "ESECKRef" + } + } + } + } + } + } + }, + "definitions": { + "OutputObject": { + "type": "object", + "description": "Defines the configuration for an output.", + "properties": { + "type": { + "type": "string", + "enum": [ + "ESPlainAuthBasic", + "ESPlainAuthAPI", + "ESSecretAuthBasic", + "ESSecretAuthAPI", + "ESECKRef" + ], + "description": "Type of the output." + }, + "url": { + "type": "string", + "description": "URL of the output (required for ESPlainAuthBasic and ESPlainAuthAPI type).", + "example": "http://elasticsearch:9200" + }, + "username": { + "type": "string", + "description": "Username to authenticate with the output (required for ESPlainAuthBasic).", + "example": "elastic" + }, + "password": { + "type": "string", + "description": "Password to authenticate with the output (required for ESPlainAuthBasic).", + "example": "fantastic" + }, + "api_key": { + "type": "string", + "description": "API key to authenticate with the output (required for ESPlainAuthAPI type)." + }, + "secretName": { + "type": "string", + "description": "K8s secret to mount output connection details (required for ESSecretAuthBasic and ESSecretAuthAPI types)." + }, + "name": { + "type": "string", + "description": "Name to reference an Elasticsearch cluster managed by ECK (required for ESECKRef type)." + }, + "namespace": { + "type": "string", + "description": "Namespace to reference an Elasticsearch cluster managed by ECK (optional for ESECKRef type)." + } + }, + "required": [ + "type" + ], + "allOf": [ + { + "if": { + "properties": { + "type": { + "const": "ESPlainAuthBasic" + } + } + }, + "then": { + "properties": { + "url": { + "type": "string", + "format": "uri" + }, + "username": { + "type": "string", + "minLength": 1 + }, + "password": { + "type": "string", + "minLength": 1 + } + }, + "required": [ + "url", + "username", + "password" + ] + } + },{ + "if": { + "properties": { + "type": { + "const": "ESPlainAuthAPI" + } + } + }, + "then": { + "properties": { + "url": { + "type": "string", + "format": "uri" + }, + "api_key": { + "type": "string", + "minLength": 1 + } + }, + "required": [ + "url", + "api_key" + ] + } + }, + { + "if": { + "properties": { + "type": { + "const": "ESSecretAuthBasic" + } + } + }, + "then": { + "properties": { + "secretName": { + "type": "string", + "minLength": 1 + } + }, + "required": [ + "secretName" + ] + } + }, + { + "if": { + "properties": { + "type": { + "const": "ESSecretAuthAPI" + } + } + }, + "then": { + "properties": { + "secretName": { + "type": "string", + "minLength": 1 + } + }, + "required": [ + "secretName" + ] + } + }, + { + "if": { + "properties": { + "type": { + "const": "ESECKRef" + } + } + }, + "then": { + "properties": { + "name": { + "type": "string", + "minLength": 1 + }, + "namespace": { + "type": "string" + } + }, + "required": [ + "name" + ] + } + } + ] + }, + "KubernetesStreamConfig": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable stream." + }, + "vars": { + "type": "object", + "description": "Stream variables." + } + }, + "required": [ + "enabled" + ] + }, + "KubernetesMetricsConfig": { + "type": "object", + "properties": { + "metrics": { + "$ref": "#/definitions/KubernetesStreamConfig" + } + } + }, + "KubernetesStateConfig": { + "type": "object", + "properties": { + "state": { + "$ref": "#/definitions/KubernetesStreamConfig" + } + } + }, + "KubernetesMetricsAndStateConfig": { + "type": "object", + "properties": { + "metrics": { + "$ref": "#/definitions/KubernetesStreamConfig" + }, + "state": { + "$ref": "#/definitions/KubernetesStreamConfig" + } + } + }, + "CustomIntegrationConfig": { + "type": "object", + "description": "Configuration for a single integration.", + "properties": { + "id": { + "type": "string", + "description": "Unique identifier for the integration.", + "minLength": 1 + }, + "preset": { + "type": "string", + "description": "Agent preset that this integration runs on.", + "minLength": 1 + }, + "use_output": { + "type": "string", + "description": "Name of the output to use.", + "minLength": 1 + } + }, + "required": [ + "id", + "preset", + "use_output" + ] + }, + "AgentImageConfig": { + "type": "object", + "description": "Image configuration for the Elastic-Agent.", + "properties": { + "repository": { + "type": "string", + "description": "Docker image repository.", + "minLength": 1 + }, + "pullPolicy": { + "type": "string", + "enum": [ + "Always", + "IfNotPresent", + "Never" + ], + "description": "Image pull policy." + }, + "tag": { + "type": "string", + "description": "Image tag." + } + }, + "required": [ + "repository", + "pullPolicy", + "tag" + ] + }, + "AgentFleetConfig": { + "type": "object", + "description": "Elastic-Agent managed configuration.", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable Elastic-Agent managed mode.", + "default": false + }, + "url": { + "type": "string", + "description": "Fleet server URL." + }, + "token": { + "type": "string", + "description": "Fleet enrollment token." + }, + "insecure": { + "type": "boolean", + "description": "Fleet insecure URL." + }, + "kibanaHost": { + "type": "string", + "description": "Kibana host to fallback if enrollment token is not supplied." + }, + "kibanaUser": { + "type": "string", + "description": "Kibana username to fallback if enrollment token is not supplied." + }, + "kibanaPassword": { + "type": "string", + "description": "Kibana password to fallback if enrollment token is not supplied." + }, + "preset": { + "type": "string", + "description": "Agent preset to deploy." + } + }, + "required": [ + "enabled" + ], + "if": { + "properties": { + "enabled": { + "const": true + } + } + }, + "then": { + "anyOf": [ + { + "required": [ + "preset", + "url", + "token" + ], + "properties": { + "preset": { + "type": "string", + "minLength": 1 + }, + "url": { + "type": "string", + "format": "uri" + }, + "token": { + "type": "string", + "minLength": 1 + } + } + }, + { + "required": [ + "preset", + "url", + "kibanaHost", + "kibanaUser", + "kibanaPassword" + ], + "properties": { + "preset": { + "type": "string", + "minLength": 1 + }, + "url": { + "type": "string", + "format": "uri" + }, + "kibanaHost": { + "type": "string", + "format": "uri" + }, + "kibanaUser": { + "type": "string", + "minLength": 1 + }, + "kibanaPassword": { + "type": "string", + "minLength": 1 + } + } + } + ] + } + }, + "AgentPreset": { + "type": "object", + "description": "Configuration for an Agent preset.", + "properties": { + "mode": { + "type": "string", + "enum": [ + "deployment", + "statefulset", + "daemonset" + ], + "description": "Mode of the Agent preset." + }, + "replicaCount": { + "type": "integer", + "description": "Replica count for the preset.", + "examples": [ + 1 + ] + }, + "labels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Labels for the deployment.", + "examples": [ + { + "app": "elastic-agent" + } + ] + }, + "annotations": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Annotations for the deployment.", + "examples": [ + { + "annotationKey": "annotationValue" + } + ] + }, + "affinity": { + "type": "object", + "description": "Affinity rules for the deployment.", + "examples": [ + { + "nodeAffinity": { + "requiredDuringSchedulingIgnoredDuringExecution": { + "nodeSelectorTerms": [ + { + "matchExpressions": [ + { + "key": "kubernetes.io/e2e-az-name", + "operator": "In", + "values": [ + "e2e-az1", + "e2e-az2" + ] + } + ] + } + ] + } + } + } + ] + }, + "initContainers": { + "type": "array", + "items": { + "type": "object" + }, + "description": "Init containers for the deployment.", + "examples": [ + [ + { + "name": "init-container", + "image": "busybox", + "command": [ + "sh", + "-c", + "echo Initializing..." + ] + } + ] + ] + }, + "extraContainers": { + "type": "array", + "items": { + "type": "object" + }, + "description": "Extra containers for the deployment.", + "examples": [ + [ + { + "name": "sidecar-container", + "image": "nginx", + "ports": [ + { + "containerPort": 80 + } + ] + } + ] + ] + }, + "hostNetwork": { + "type": "boolean", + "description": "Enable host networking for the deployment.", + "examples": [ + true + ] + }, + "hostPID": { + "type": "boolean", + "description": "Enable host PID namespace for the deployment.", + "examples": [ + true + ] + }, + "resources": { + "type": "object", + "description": "Resource limits and requests for the deployment.", + "examples": [ + { + "limits": { + "cpu": "500m", + "memory": "128Mi" + }, + "requests": { + "cpu": "250m", + "memory": "64Mi" + } + } + ] + }, + "securityContext": { + "type": "object", + "description": "Security context for the deployment.", + "examples": [ + { + "runAsUser": 1000, + "runAsGroup": 3000, + "fsGroup": 2000 + } + ] + }, + "rules": { + "type": "array", + "items": { + "type": "object" + }, + "description": "Rules for the deployment.", + "examples": [ + [ + { + "apiGroups": [ + "" + ], + "resources": [ + "pods" + ], + "verbs": [ + "get", + "watch", + "list" + ] + } + ] + ] + }, + "nodeSelector": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Node selector for the deployment.", + "examples": [ + { + "disktype": "ssd" + } + ] + }, + "tolerations": { + "type": "array", + "items": { + "type": "object" + }, + "description": "Tolerations for the deployment.", + "examples": [ + [ + { + "key": "key1", + "operator": "Exists", + "effect": "NoSchedule" + } + ] + ] + }, + "topologySpreadConstraints": { + "type": "array", + "items": { + "type": "object" + }, + "description": "Topology spread constraints for the deployment.", + "examples": [ + [ + { + "maxSkew": 1, + "topologyKey": "kubernetes.io/hostname", + "whenUnsatisfiable": "DoNotSchedule", + "labelSelector": { + "matchLabels": { + "app": "elastic-agent" + } + } + } + ] + ] + }, + "extraEnvs": { + "type": "array", + "items": { + "type": "object" + }, + "description": "Extra environment variables for the deployment.", + "examples": [ + [ + { + "name": "ENV_VAR_NAME", + "value": "value" + } + ] + ] + }, + "extraVolumes": { + "type": "array", + "items": { + "type": "object" + }, + "description": "Extra volumes for the deployment.", + "examples": [ + [ + { + "name": "extra-volume", + "emptyDir": {} + } + ] + ] + }, + "extraVolumeMounts": { + "type": "array", + "items": { + "type": "object" + }, + "description": "Extra volume mounts for the deployment.", + "examples": [ + [ + { + "name": "extra-volume", + "mountPath": "/mnt/extra" + } + ] + ] + }, + "agent": { + "type": "object", + "properties": { + "monitoring": { + "type": "object", + "properties": { + "namespace": { + "type": "string" + }, + "use_output": { + "type": "string" + }, + "enabled": { + "type": "boolean" + }, + "logs": { + "type": "boolean" + }, + "metrics": { + "type": "boolean" + } + }, + "required": [ + "namespace", + "use_output", + "enabled", + "logs", + "metrics" + ] + } + }, + "examples": [ + { + "monitoring": { + "namespace": "elastic-agent", + "use_output": "default", + "enabled": true, + "logs": true, + "metrics": true + } + } + ] + }, + "providers": { + "type": "object", + "description": "Providers configuration for the deployment.", + "properties": { + "kubernetes_leaderelection": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean" + } + } + }, + "kubernetes": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean" + }, + "node": { + "type": "string" + }, + "scope": { + "type": "string" + } + } + } + }, + "examples": [ + { + "kubernetes_leaderelection": { + "enabled": false + }, + "kubernetes": { + "enabled": true, + "node": "node-1", + "scope": "cluster" + } + } + ] + } + }, + "required": [ + "mode" + ] + } + } +} diff --git a/deploy/helm/elastic-agent/values.yaml b/deploy/helm/elastic-agent/values.yaml index 62ce49f77cc..1b0cca45652 100644 --- a/deploy/helm/elastic-agent/values.yaml +++ b/deploy/helm/elastic-agent/values.yaml @@ -7,28 +7,27 @@ outputs: # name of the output default: - # -- type of the output [one of `ESPlainAuth`, `ESSecretAuthBasic`, `ESSecretAuthAPI`, `ESECKRef`] + # -- type of the output [one of `ESPlainAuthBasic`, `ESPlainAuthAPI`, `ESSecretAuthBasic`, `ESSecretAuthAPI`, `ESECKRef`] # @section -- 1.1 - Output Object # @sectionDescriptionTemplate -- OutputObject # @key -- outputs.{name}.type - type: ESPlainAuth - # -- url of the output [required for type `ESPlainAuth`] + type: ESPlainAuthBasic + # -- url of the output [required for types `ESPlainAuthBasic` and `ESPlainAuthAPI`] # @section -- 1.1 - Output Object # @default -- `""` # @key -- outputs.{name}.url url: "http://elasticsearch:9200" - # -- the username to use to authenticate with the output [required for type `ESPlainAuth` if `api_key` is not set] + # -- the username to use to authenticate with the output [required for type `ESPlainAuthBasic`] # @section -- 1.1 - Output Object # @default -- `""` # @key -- outputs.{name}.username username: "elastic" - # -- the password to use to authenticate with the output [required for type `ESPlainAuth` if `api_key` is not set] + # -- the password to use to authenticate with the output [required for type `ESPlainAuthBasic`] # @section -- 1.1 - Output Object # @default -- `""` # @key -- outputs.{name}.password password: "changeme" - # -- the API key use to authenticate with the output [required for type `ESPlainAuth` if `username` and `password` - # are not set] + # -- the API key use to authenticate with the output [required for type `ESPlainAuthAPI`] # @section -- 1.1 - Output Object # @key -- outputs.{name}.api_key api_key: "" @@ -343,6 +342,8 @@ agent: # mode: [deployment, statefulset, daemonset] # replicaCount: 1 # labels: {} + # hostPID: boolean + # hostNetwork: boolean # imagePullPolicy: [Always, IfNotPresent, Never] # annotations: {} # affinity: {} diff --git a/testing/integration/kubernetes_agent_standalone_test.go b/testing/integration/kubernetes_agent_standalone_test.go index 818ae8b335b..2e290f2daf1 100644 --- a/testing/integration/kubernetes_agent_standalone_test.go +++ b/testing/integration/kubernetes_agent_standalone_test.go @@ -398,7 +398,7 @@ func TestKubernetesAgentHelm(t *testing.T) { }, "outputs": map[string]any{ "default": map[string]any{ - "type": "ESPlainAuth", + "type": "ESPlainAuthAPI", "url": esHost, "api_key": esAPIKey, }, @@ -426,7 +426,7 @@ func TestKubernetesAgentHelm(t *testing.T) { }, "outputs": map[string]any{ "default": map[string]any{ - "type": "ESPlainAuth", + "type": "ESPlainAuthAPI", "url": esHost, "api_key": esAPIKey, },