beats
beats copied to clipboard
elastic
[Kubernetes] Providing config option to disable Kubeadm config api requests
- Enhancement
NOTE: Dont merge until https://github.com/elastic/elastic-agent-autodiscover/pull/98 is also merged
Proposed commit message
WHAT: Provide a configuration option to disable /api/v1/namespaces/kube-system/configmaps/kubeadm-config . In more details user will disable the api requests to the modules he configures by using configuration disable_kubeadm: true
WHY: https://github.com/elastic/enhancements/issues/21172
Checklist
- [x] My code follows the style guidelines of this project
- [x] I have commented my code, particularly in hard-to-understand areas
- [ ] I have made corresponding changes to the documentation
- [x] I have made corresponding change to the default configuration files
- [x] I have added tests that prove my fix is effective or that my feature works
- [x] I have added an entry in
CHANGELOG.next.asciidocorCHANGELOG-developer.next.asciidoc.
How to test this PR locally
- Install a kubernetes cluster with audit-logs enabled
- Create a local elastic stack with
elastic-package stack up -d -v --version=8.15.0-SNAPSHOT - Update the go.mod file of this repo and point to the elastic-agent-autodiscovery folder, where related changes should also exist. Your go.mod file should have the following entry:
replace github.com/elastic/elastic-agent-autodiscover => /Users/andreasgkizas/elastic/elastic-agent-autodiscover
- Run
go mod tidy - Install Filebeat and collect audit logs
- Follow instructions of this page to build the metricbeat binary
GOOS=linux GOARCH=arm64 go build
kubectl apply -f module/kubernetes/_meta/test/docs/01_playground/metricbeat.yaml
kubectl cp metricbeat `kubectl get pod -n kube-system -l k8s-app=metricbeat -o jsonpath='{.items[].metadata.name}'`:/usr/share/metricbeat/ -n kube-system\n
kubectl exec `kubectl get pod -n kube-system -l k8s-app=metricbeat -o jsonpath='{.items[].metadata.name}'` -n kube-system -- bash -c "metricbeat -e -c /etc/metricbeat.yml"
- Use
disable_kubeadm: trueflag in your enabled modules - Open your local kibana cluster, navigate to Discovery and search inside kibana audit-logs for relevant api requests
Related issues
- Relates #https://github.com/elastic/enhancements/issues/21172
- Relates #https://github.com/elastic/elastic-agent-autodiscover/pull/98
Screenshots
With 8.15.0 Image no changes:
We enable all metricsets (included events) and we have 85 API requests
With This repo code but the flag is disable_kubeadm: false
We enable all metricsets (included events) and we still have 85 API requests
With This repo code but the flag is disable_kubeadm: true`
We have no API requests after 10:04 that metrics collection established
{"log.level":"info","@timestamp":"2024-07-03T10:04:20.520Z","log.logger":"publisher_pipeline_output","log.origin":{"function":"github.com/elastic/beats/v7/libbeat/publisher/pipeline.(*netClientWorker).run","file.name":"pipeline/client_worker.go","file.line":145},"message":"Connection to backoff(elasticsearch(https://elasticsearch:9200)) established","service.name":"metricbeat","ecs.version":"1.6.0"}
This pull request does not have a backport label. If this is a bug or security fix, could you label this PR @gizas? 🙏. For such, you'll need to label your PR with:
- The upcoming major version of the Elastic Stack
- The upcoming minor version of the Elastic Stack (if you're not pushing a breaking change)
To fixup this pull request, you need to add the backport labels for the needed branches, such as:
backport-v8./d.0is the label to automatically backport to the8./dbranch./dis the digit
![mergify[bot] avatar](https://avatars.githubusercontent.com/in/10562?v=4 "Published by a pub.dev verified publisher"){kind=small}
This pull request is now in conflicts. Could you fix it? 🙏 To fixup this pull request, you can check out it locally. See documentation: https://help.github.com/articles/checking-out-pull-requests-locally/
git fetch upstream
git checkout -b kubeadm upstream/kubeadm
git merge upstream/main
git push upstream kubeadm
I have updated description and autodiscovery library to make use of use_kubeadm variable
See comment https://github.com/elastic/elastic-agent-autodiscover/pull/98#discussion_r1684158494
This pull request is now in conflicts. Could you fix it? 🙏 To fixup this pull request, you can check out it locally. See documentation: https://help.github.com/articles/checking-out-pull-requests-locally/
git fetch upstream
git checkout -b kubeadm upstream/kubeadm
git merge upstream/main
git push upstream kubeadm
This pull request is now in conflicts. Could you fix it? 🙏 To fixup this pull request, you can check out it locally. See documentation: https://help.github.com/articles/checking-out-pull-requests-locally/
git fetch upstream
git checkout -b kubeadm upstream/kubeadm
git merge upstream/main
git push upstream kubeadm
This pull request is now in conflicts. Could you fix it? 🙏 To fixup this pull request, you can check out it locally. See documentation: https://help.github.com/articles/checking-out-pull-requests-locally/
git fetch upstream
git checkout -b kubeadm upstream/kubeadm
git merge upstream/main
git push upstream kubeadm
@MichaelKatsoulis I added again the use_kubeadm option here
Reason is that kubelet metricsets, proxy and scheduler make use of AddClusterECSMeta (like here) which is using finally the kubernetes config struct.
I have repeated the tests and now works ok!
@elastic/beats-tech-leads can I have a review here? The pr looks good and tested