Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

[Kubernetes] Expandcondition support to remaining inputs#7395

Merged
MichaelKatsoulis merged 12 commits intoelastic:mainfrom
BenB196:kubernetes-condition
Nov 10, 2023
Merged

[Kubernetes] Expandcondition support to remaining inputs#7395
MichaelKatsoulis merged 12 commits intoelastic:mainfrom
BenB196:kubernetes-condition

Conversation

@BenB196
Copy link
Contributor

@BenB196BenB196 commentedAug 16, 2023
edited
Loading

What does this PR do?

Enhancement - This change expands the ability to setcondition to the remaining inputs within the Kubernetes integration.

The main driving factor behind this change is to allow for creating moredynamic Elastic Agent policies which can be used to monitor multiple different Kubernetes setups (ex: different distro's - RKE2, EKS, AKS, etc...; different IP schemas - IPv4 vs IPv6) from a single Elastic Agent policy that contains conditionally defined Kubernetes integration inputs.

Checklist

  • I have reviewedtips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package'schangelog.yml file.
  • I have verified that Kibana version constraints are current according toguidelines.

Author's Checklist

  • Allcondition fields added are hidden/advanced, they're targeted at more edge-case needs I believe, so I don't think it makes sense to show them
  • For the Kubelet API metrics I opted to do a top-levelcondition field
    • I don't realistically see a need to be able to seecondition on each metric input individually
  • For the kube-state-metrics I opted to do a top-levelcondition field
    • I don't realistically see a need to be able to seecondition on each metric input individually
  • For Kubernetes API Server, Proxy, Scheduler and controller-manager the main goal behind thecondition field here is to be able to support host values that need to target either IPv4 or IPv6 (host values in IPv6 need to be wrapped in[] when also specifying a port)
  • For Kubernetes audit logs the main goal behind thecondition field is to be able to support different Kubernetes distro's where their audit log location is different

How to test this PR locally

  1. Upgrade to the latest version
  2. Addcondition values as needed
  3. Confirm that thecondition values are added appropriately

Below are configs which demonstrate that thecondition functionality has been tested at a configuration level. I've broken the evidence down by input (group) as this is a somewhat large change.

Kubelet API---
No `condition` set
inputs:  -id:kubernetes/metrics-kubelet-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066name:kubernetes-1revision:1type:kubernetes/metricsuse_output:defaultmeta:package:name:kubernetesversion:1.44.5data_stream:namespace:defaultpackage_policy_id:b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066streams:      -id:>-          kubernetes/metrics-kubernetes.container-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.container          type: metrics        metricsets:          - container        add_metadata:true        hosts:          - 'https://${env.NODE_NAME}:10250'        period: 10s        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token        ssl.verification_mode: none      -id:>-          kubernetes/metrics-kubernetes.node-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.node          type: metrics        metricsets:          - node        add_metadata:true        hosts:          - 'https://${env.NODE_NAME}:10250'        period: 10s        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token        ssl.verification_mode: none      -id:kubernetes/metrics-kubernetes.pod-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066data_stream:dataset:kubernetes.podtype:metricsmetricsets:          -podadd_metadata:truehosts:          -'https://${env.NODE_NAME}:10250'period:10sbearer_token_file:/var/run/secrets/kubernetes.io/serviceaccount/tokenssl.verification_mode:none      -id:>-          kubernetes/metrics-kubernetes.system-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.system          type: metrics        metricsets:          - system        add_metadata:true        hosts:          - 'https://${env.NODE_NAME}:10250'        period: 10s        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token        ssl.verification_mode: none      -id:>-          kubernetes/metrics-kubernetes.volume-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.volume          type: metrics        metricsets:          - volume        add_metadata:true        hosts:          - 'https://${env.NODE_NAME}:10250'        period: 10s        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token        ssl.verification_mode: none
`condition` set
inputs:  -id:kubernetes/metrics-kubelet-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066name:kubernetes-1revision:2type:kubernetes/metricsuse_output:defaultmeta:package:name:kubernetesversion:1.44.5data_stream:namespace:defaultpackage_policy_id:b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066streams:      -id:>-          kubernetes/metrics-kubernetes.container-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.container          type: metrics        period: 10s        condition: '${host.name} == "testing"'        add_metadata:true        hosts:          - 'https://${env.NODE_NAME}:10250'        ssl.verification_mode: none        metricsets:          - container        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.node-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.node          type: metrics        period: 10s        condition: '${host.name} == "testing"'        add_metadata:true        hosts:          - 'https://${env.NODE_NAME}:10250'        ssl.verification_mode: none        metricsets:          - node        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:kubernetes/metrics-kubernetes.pod-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066data_stream:dataset:kubernetes.podtype:metricsperiod:10scondition:'${host.name} == "testing"'add_metadata:truehosts:          -'https://${env.NODE_NAME}:10250'ssl.verification_mode:nonemetricsets:          -podbearer_token_file:/var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.system-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.system          type: metrics        period: 10s        condition: '${host.name} == "testing"'        add_metadata:true        hosts:          - 'https://${env.NODE_NAME}:10250'        ssl.verification_mode: none        metricsets:          - system        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.volume-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.volume          type: metrics        period: 10s        condition: '${host.name} == "testing"'        add_metadata:true        hosts:          - 'https://${env.NODE_NAME}:10250'        ssl.verification_mode: none        metricsets:          - volume        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
---
kube-state-metrics---
No `condition` set, but leader election set
inputs:  -id:kubernetes/metrics-kube-state-metrics-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066name:kubernetes-1revision:3type:kubernetes/metricsuse_output:defaultmeta:package:name:kubernetesversion:1.44.5data_stream:namespace:defaultpackage_policy_id:b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066streams:      -id:>-          kubernetes/metrics-kubernetes.state_container-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_container          type: metrics        period: 10s        condition: '${kubernetes_leaderelection.leader} == true'        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_container        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_cronjob-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_cronjob          type: metrics        period: 10s        condition: '${kubernetes_leaderelection.leader} == true'        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_cronjob        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_daemonset-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_daemonset          type: metrics        period: 10s        condition: '${kubernetes_leaderelection.leader} == true'        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_daemonset        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_deployment-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_deployment          type: metrics        period: 10s        condition: '${kubernetes_leaderelection.leader} == true'        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_deployment        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_job-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_job          type: metrics        period: 10s        condition: '${kubernetes_leaderelection.leader} == true'        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_job        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_node-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_node          type: metrics        period: 10s        condition: '${kubernetes_leaderelection.leader} == true'        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_node        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_persistentvolume-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_persistentvolume          type: metrics        period: 10s        condition: '${kubernetes_leaderelection.leader} == true'        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_persistentvolume        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_persistentvolumeclaim-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_persistentvolumeclaim          type: metrics        period: 10s        condition: '${kubernetes_leaderelection.leader} == true'        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_persistentvolumeclaim        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_pod-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_pod          type: metrics        period: 10s        condition: '${kubernetes_leaderelection.leader} == true'        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_pod        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_replicaset-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_replicaset          type: metrics        period: 10s        condition: '${kubernetes_leaderelection.leader} == true'        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_replicaset        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_resourcequota-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_resourcequota          type: metrics        period: 10s        condition: '${kubernetes_leaderelection.leader} == true'        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_resourcequota        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_service-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_service          type: metrics        period: 10s        condition: '${kubernetes_leaderelection.leader} == true'        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_service        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_statefulset-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_statefulset          type: metrics        period: 10s        condition: '${kubernetes_leaderelection.leader} == true'        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_statefulset        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_storageclass-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_storageclass          type: metrics        period: 10s        condition: '${kubernetes_leaderelection.leader} == true'        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_storageclass        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
`condition` set, and leader election set
inputs:  -id:kubernetes/metrics-kube-state-metrics-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066name:kubernetes-1revision:4type:kubernetes/metricsuse_output:defaultmeta:package:name:kubernetesversion:1.44.5data_stream:namespace:defaultpackage_policy_id:b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066streams:      -id:>-          kubernetes/metrics-kubernetes.state_container-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_container          type: metrics        period: 10s        condition: >-          ${kubernetes_leaderelection.leader} == true and ${host.name} ==          'testing'        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_container        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_cronjob-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_cronjob          type: metrics        period: 10s        condition: >-          ${kubernetes_leaderelection.leader} == true and ${host.name} ==          'testing'        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_cronjob        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_daemonset-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_daemonset          type: metrics        period: 10s        condition: >-          ${kubernetes_leaderelection.leader} == true and ${host.name} ==          'testing'        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_daemonset        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_deployment-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_deployment          type: metrics        period: 10s        condition: >-          ${kubernetes_leaderelection.leader} == true and ${host.name} ==          'testing'        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_deployment        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_job-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_job          type: metrics        period: 10s        condition: >-          ${kubernetes_leaderelection.leader} == true and ${host.name} ==          'testing'        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_job        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_node-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_node          type: metrics        period: 10s        condition: >-          ${kubernetes_leaderelection.leader} == true and ${host.name} ==          'testing'        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_node        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_persistentvolume-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_persistentvolume          type: metrics        period: 10s        condition: >-          ${kubernetes_leaderelection.leader} == true and ${host.name} ==          'testing'        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_persistentvolume        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_persistentvolumeclaim-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_persistentvolumeclaim          type: metrics        period: 10s        condition: >-          ${kubernetes_leaderelection.leader} == true and ${host.name} ==          'testing'        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_persistentvolumeclaim        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_pod-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_pod          type: metrics        period: 10s        condition: >-          ${kubernetes_leaderelection.leader} == true and ${host.name} ==          'testing'        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_pod        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_replicaset-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_replicaset          type: metrics        period: 10s        condition: >-          ${kubernetes_leaderelection.leader} == true and ${host.name} ==          'testing'        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_replicaset        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_resourcequota-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_resourcequota          type: metrics        period: 10s        condition: >-          ${kubernetes_leaderelection.leader} == true and ${host.name} ==          'testing'        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_resourcequota        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_service-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_service          type: metrics        period: 10s        condition: >-          ${kubernetes_leaderelection.leader} == true and ${host.name} ==          'testing'        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_service        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_statefulset-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_statefulset          type: metrics        period: 10s        condition: >-          ${kubernetes_leaderelection.leader} == true and ${host.name} ==          'testing'        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_statefulset        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_storageclass-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_storageclass          type: metrics        period: 10s        condition: >-          ${kubernetes_leaderelection.leader} == true and ${host.name} ==          'testing'        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_storageclass        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
`condition` set, no leader election set
inputs:  -id:kubernetes/metrics-kube-state-metrics-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066name:kubernetes-1revision:5type:kubernetes/metricsuse_output:defaultmeta:package:name:kubernetesversion:1.44.5data_stream:namespace:defaultpackage_policy_id:b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066streams:      -id:>-          kubernetes/metrics-kubernetes.state_container-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_container          type: metrics        period: 10s        condition: '${host.name} == ''testing'''        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_container        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_cronjob-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_cronjob          type: metrics        period: 10s        condition: '${host.name} == ''testing'''        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_cronjob        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_daemonset-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_daemonset          type: metrics        period: 10s        condition: '${host.name} == ''testing'''        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_daemonset        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_deployment-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_deployment          type: metrics        period: 10s        condition: '${host.name} == ''testing'''        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_deployment        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_job-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_job          type: metrics        period: 10s        condition: '${host.name} == ''testing'''        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_job        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_node-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_node          type: metrics        period: 10s        condition: '${host.name} == ''testing'''        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_node        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_persistentvolume-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_persistentvolume          type: metrics        period: 10s        condition: '${host.name} == ''testing'''        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_persistentvolume        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_persistentvolumeclaim-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_persistentvolumeclaim          type: metrics        period: 10s        condition: '${host.name} == ''testing'''        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_persistentvolumeclaim        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_pod-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_pod          type: metrics        period: 10s        condition: '${host.name} == ''testing'''        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_pod        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_replicaset-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_replicaset          type: metrics        period: 10s        condition: '${host.name} == ''testing'''        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_replicaset        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_resourcequota-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_resourcequota          type: metrics        period: 10s        condition: '${host.name} == ''testing'''        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_resourcequota        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_service-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_service          type: metrics        period: 10s        condition: '${host.name} == ''testing'''        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_service        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_statefulset-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_statefulset          type: metrics        period: 10s        condition: '${host.name} == ''testing'''        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_statefulset        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_storageclass-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_storageclass          type: metrics        period: 10s        condition: '${host.name} == ''testing'''        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_storageclass        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
No `condition` set, no leader election set
inputs:  -id:kubernetes/metrics-kube-state-metrics-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066name:kubernetes-1revision:6type:kubernetes/metricsuse_output:defaultmeta:package:name:kubernetesversion:1.44.5data_stream:namespace:defaultpackage_policy_id:b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066streams:      -id:>-          kubernetes/metrics-kubernetes.state_container-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_container          type: metrics        period: 10s        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_container        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_cronjob-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_cronjob          type: metrics        period: 10s        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_cronjob        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_daemonset-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_daemonset          type: metrics        period: 10s        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_daemonset        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_deployment-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_deployment          type: metrics        period: 10s        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_deployment        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_job-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_job          type: metrics        period: 10s        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_job        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_node-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_node          type: metrics        period: 10s        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_node        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_persistentvolume-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_persistentvolume          type: metrics        period: 10s        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_persistentvolume        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_persistentvolumeclaim-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_persistentvolumeclaim          type: metrics        period: 10s        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_persistentvolumeclaim        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_pod-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_pod          type: metrics        period: 10s        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_pod        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_replicaset-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_replicaset          type: metrics        period: 10s        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_replicaset        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_resourcequota-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_resourcequota          type: metrics        period: 10s        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_resourcequota        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_service-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_service          type: metrics        period: 10s        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_service        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_statefulset-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_statefulset          type: metrics        period: 10s        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_statefulset        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.state_storageclass-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.state_storageclass          type: metrics        period: 10s        add_metadata:true        hosts:          - 'kube-state-metrics:8080'        metricsets:          - state_storageclass        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
---
Kubernetes API Server---
No `condition`, but leader election set
inputs:  -id:kubernetes/metrics-kube-apiserver-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066name:kubernetes-1revision:7type:kubernetes/metricsuse_output:defaultmeta:package:name:kubernetesversion:1.44.5data_stream:namespace:defaultpackage_policy_id:b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066streams:      -id:>-          kubernetes/metrics-kubernetes.apiserver-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.apiserver          type: metrics        period: 30s        condition: '${kubernetes_leaderelection.leader} == true'        hosts:          - >-            https://${env.KUBERNETES_SERVICE_HOST}:${env.KUBERNETES_SERVICE_PORT}        metricsets:          - apiserver        ssl.certificate_authorities:          - /var/run/secrets/kubernetes.io/serviceaccount/ca.crt        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
`condition` set, and leader election set
inputs:  -id:kubernetes/metrics-kube-apiserver-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066name:kubernetes-1revision:8type:kubernetes/metricsuse_output:defaultmeta:package:name:kubernetesversion:1.44.5data_stream:namespace:defaultpackage_policy_id:b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066streams:      -id:>-          kubernetes/metrics-kubernetes.apiserver-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.apiserver          type: metrics        period: 30s        condition: >-          ${kubernetes_leaderelection.leader} == true and ${host.name} ==          'testing'        hosts:          - >-            https://${env.KUBERNETES_SERVICE_HOST}:${env.KUBERNETES_SERVICE_PORT}        metricsets:          - apiserver        ssl.certificate_authorities:          - /var/run/secrets/kubernetes.io/serviceaccount/ca.crt        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
`condition` set, but leader election not set
inputs:  -id:kubernetes/metrics-kube-apiserver-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066name:kubernetes-1revision:9type:kubernetes/metricsuse_output:defaultmeta:package:name:kubernetesversion:1.44.5data_stream:namespace:defaultpackage_policy_id:b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066streams:      -id:>-          kubernetes/metrics-kubernetes.apiserver-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.apiserver          type: metrics        period: 30s        condition: '${host.name} == ''testing'''        hosts:          - >-            https://${env.KUBERNETES_SERVICE_HOST}:${env.KUBERNETES_SERVICE_PORT}        metricsets:          - apiserver        ssl.certificate_authorities:          - /var/run/secrets/kubernetes.io/serviceaccount/ca.crt        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
No `condition` set, no leader election set
inputs:  -id:kubernetes/metrics-kube-apiserver-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066name:kubernetes-1revision:10type:kubernetes/metricsuse_output:defaultmeta:package:name:kubernetesversion:1.44.5data_stream:namespace:defaultpackage_policy_id:b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066streams:      -id:>-          kubernetes/metrics-kubernetes.apiserver-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.apiserver          type: metrics        period: 30s        hosts:          - >-            https://${env.KUBERNETES_SERVICE_HOST}:${env.KUBERNETES_SERVICE_PORT}        metricsets:          - apiserver        ssl.certificate_authorities:          - /var/run/secrets/kubernetes.io/serviceaccount/ca.crt        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
---
Kubernetes Proxy---
No `condition` set
inputs:  -id:kubernetes/metrics-kube-proxy-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066name:kubernetes-1revision:11type:kubernetes/metricsuse_output:defaultmeta:package:name:kubernetesversion:1.44.5data_stream:namespace:defaultpackage_policy_id:b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066streams:      -id:>-          kubernetes/metrics-kubernetes.proxy-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.proxy          type: metrics        period: 10s        hosts:          - 'localhost:10249'        metricsets:          - proxy
`condition` set
inputs:  -id:kubernetes/metrics-kube-proxy-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066name:kubernetes-1revision:12type:kubernetes/metricsuse_output:defaultmeta:package:name:kubernetesversion:1.44.5data_stream:namespace:defaultpackage_policy_id:b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066streams:      -id:>-          kubernetes/metrics-kubernetes.proxy-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.proxy          type: metrics        period: 10s        condition: '${host.name} == ''testing'''        hosts:          - 'localhost:10249'        metricsets:          - proxy
---
Kubernetes Scheduler---
No `condition` set
inputs:  -id:kubernetes/metrics-kube-scheduler-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066name:kubernetes-1revision:13type:kubernetes/metricsuse_output:defaultmeta:package:name:kubernetesversion:1.44.5data_stream:namespace:defaultpackage_policy_id:b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066streams:      -id:>-          kubernetes/metrics-kubernetes.scheduler-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.scheduler          type: metrics        period: 10s        condition: '${kubernetes.labels.component} == ''kube-scheduler'''        hosts:          - 'https://0.0.0.0:10259'        ssl.verification_mode: none        metricsets:          - scheduler        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
`condition` set
inputs:  -id:kubernetes/metrics-kube-scheduler-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066name:kubernetes-1revision:14type:kubernetes/metricsuse_output:defaultmeta:package:name:kubernetesversion:1.44.5data_stream:namespace:defaultpackage_policy_id:b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066streams:      -id:>-          kubernetes/metrics-kubernetes.scheduler-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.scheduler          type: metrics        period: 10s        condition: >-          ${kubernetes.labels.component} == 'kube-scheduler' and ${host.name} ==          'testing'        hosts:          - 'https://0.0.0.0:10259'        ssl.verification_mode: none        metricsets:          - scheduler        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
---
Kubernetes controller-manager---
No `condition`
inputs:  -id:>-      kubernetes/metrics-kube-controller-manager-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066    name: kubernetes-1    revision: 15    type: kubernetes/metrics    use_output: default    meta:      package:        name: kubernetes        version: 1.44.5    data_stream:      namespace: default    package_policy_id: b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066    streams:      - id: >-          kubernetes/metrics-kubernetes.controllermanager-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.controllermanager          type: metrics        period: 10s        condition: '${kubernetes.labels.component} == ''kube-controller-manager'''        hosts:          - 'https://0.0.0.0:10257'        ssl.verification_mode: none        metricsets:          - controllermanager        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
`condition` set
inputs:  -id:>-      kubernetes/metrics-kube-controller-manager-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066    name: kubernetes-1    revision: 16    type: kubernetes/metrics    use_output: default    meta:      package:        name: kubernetes        version: 1.44.5    data_stream:      namespace: default    package_policy_id: b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066    streams:      - id: >-          kubernetes/metrics-kubernetes.controllermanager-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.controllermanager          type: metrics        period: 10s        condition: >-          ${kubernetes.labels.component} == 'kube-controller-manager' and          ${host.name} == 'testing'        hosts:          - 'https://0.0.0.0:10257'        ssl.verification_mode: none        metricsets:          - controllermanager        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
---
Kubernetes API Server---
No `condition`, but with leader election
inputs:  -id:kubernetes/metrics-events-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066name:kubernetes-1revision:17type:kubernetes/metricsuse_output:defaultmeta:package:name:kubernetesversion:1.44.5data_stream:namespace:defaultpackage_policy_id:b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066streams:      -id:>-          kubernetes/metrics-kubernetes.event-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.event          type: metrics        period: 10s        condition: '${kubernetes_leaderelection.leader} == true'        add_metadata:true        metricsets:          - event        skip_older:true
`condition` set, and leader election set
inputs:  -id:kubernetes/metrics-events-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066name:kubernetes-1revision:18type:kubernetes/metricsuse_output:defaultmeta:package:name:kubernetesversion:1.44.5data_stream:namespace:defaultpackage_policy_id:b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066streams:      -id:>-          kubernetes/metrics-kubernetes.event-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.event          type: metrics        period: 10s        condition: >-          ${kubernetes_leaderelection.leader} == true and ${host.name} ==          'testing'        add_metadata:true        metricsets:          - event        skip_older:true
`condition` set, but leader election not set
inputs:  -id:kubernetes/metrics-events-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066name:kubernetes-1revision:19type:kubernetes/metricsuse_output:defaultmeta:package:name:kubernetesversion:1.44.5data_stream:namespace:defaultpackage_policy_id:b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066streams:      -id:>-          kubernetes/metrics-kubernetes.event-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.event          type: metrics        period: 10s        condition: '${host.name} == ''testing'''        add_metadata:true        metricsets:          - event        skip_older:true
No `condition` set, and leader election not set
inputs:  -id:kubernetes/metrics-events-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066name:kubernetes-1revision:20type:kubernetes/metricsuse_output:defaultmeta:package:name:kubernetesversion:1.44.5data_stream:namespace:defaultpackage_policy_id:b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066streams:      -id:>-          kubernetes/metrics-kubernetes.event-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066        data_stream:          dataset: kubernetes.event          type: metrics        period: 10s        add_metadata:true        metricsets:          - event        skip_older:true
---
Kubernetes audit logs---
No `condition` set
inputs:  -id:filestream-audit-logs-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066name:kubernetes-1revision:21type:filestreamuse_output:defaultmeta:package:name:kubernetesversion:1.44.5data_stream:namespace:defaultpackage_policy_id:b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066streams:      -id:filestream-kubernetes.audit_logs-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066data_stream:dataset:kubernetes.audit_logstype:logsexclude_files:          -.gz$paths:          -/var/log/kubernetes/kube-apiserver-audit.logparsers:          -ndjson:add_error_key:truetarget:kubernetes_auditprocessors:          -rename:fields:                -from:kubernetes_auditto:kubernetes.audit          -drop_fields:fields:                -kubernetes.audit.responseObject.metadatawhen:has_fields:kubernetes.audit.responseObject          -drop_fields:fields:                -kubernetes.audit.requestObject.metadatawhen:has_fields:kubernetes.audit.requestObject          -script:id:dedot_annotationssource:|                function process(event) {                  var audit = event.Get("kubernetes.audit");                  for (var annotation in audit["annotations"]) {                    var annotation_dedoted = annotation.replace(/\./g,'_')                    event.Rename("kubernetes.audit.annotations."+annotation, "kubernetes.audit.annotations."+annotation_dedoted)                  }                  return event;                } function test() {                  var event = process(new Event({ "kubernetes": { "audit": { "annotations": { "authorization.k8s.io/decision": "allow", "authorization.k8s.io/reason": "RBAC: allowed by ClusterRoleBinding \"system:kube-scheduler\" of ClusterRole \"system:kube-scheduler\" to User \"system:kube-scheduler\"" } } } }));                  if (event.Get("kubernetes.audit.annotations.authorization_k8s_io/decision") !== "allow") {                      throw "expected kubernetes.audit.annotations.authorization_k8s_io/decision === allow";                  }                }lang:javascript
`condition` set
inputs:  -id:filestream-audit-logs-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066name:kubernetes-1revision:22type:filestreamuse_output:defaultmeta:package:name:kubernetesversion:1.44.5data_stream:namespace:defaultpackage_policy_id:b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066streams:      -id:filestream-kubernetes.audit_logs-b6ebc720-3bc7-11ee-a0fc-f5e8b9d3c066data_stream:dataset:kubernetes.audit_logstype:logsexclude_files:          -.gz$condition:'${host.name} ==''testing'''paths:          -/var/log/kubernetes/kube-apiserver-audit.logparsers:          -ndjson:add_error_key:truetarget:kubernetes_auditprocessors:          -rename:fields:                -from:kubernetes_auditto:kubernetes.audit          -drop_fields:fields:                -kubernetes.audit.responseObject.metadatawhen:has_fields:kubernetes.audit.responseObject          -drop_fields:fields:                -kubernetes.audit.requestObject.metadatawhen:has_fields:kubernetes.audit.requestObject          -script:id:dedot_annotationssource:|                function process(event) {                  var audit = event.Get("kubernetes.audit");                  for (var annotation in audit["annotations"]) {                    var annotation_dedoted = annotation.replace(/\./g,'_')                    event.Rename("kubernetes.audit.annotations."+annotation, "kubernetes.audit.annotations."+annotation_dedoted)                  }                  return event;                } function test() {                  var event = process(new Event({ "kubernetes": { "audit": { "annotations": { "authorization.k8s.io/decision": "allow", "authorization.k8s.io/reason": "RBAC: allowed by ClusterRoleBinding \"system:kube-scheduler\" of ClusterRole \"system:kube-scheduler\" to User \"system:kube-scheduler\"" } } } }));                  if (event.Get("kubernetes.audit.annotations.authorization_k8s_io/decision") !== "allow") {                      throw "expected kubernetes.audit.annotations.authorization_k8s_io/decision === allow";                  }                }lang:javascript
---

Related issues

Screenshots

@BenB196BenB196 requested a review froma team as acode ownerAugust 16, 2023 00:24
@elasticmachine
Copy link

elasticmachine commentedAug 16, 2023
edited
Loading

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline ViewTest ViewChangesArtifactspreviewpreview

Expand to view the summary

Build stats

  • Start Time: 2023-11-10T12:13:34.398+0000

  • Duration: 117 min 18 sec

Test stats 🧪

TestResults
Failed0
Passed97
Skipped0
Total97

🤖 GitHub comments

Expand to view the GitHub comments

To re-run your PR in the CI, just comment with:

  • /test : Re-trigger the build.

@MichaelKatsoulisMichaelKatsoulis requested review fromMichaelKatsoulis and removed request forgsantoroAugust 17, 2023 07:48
@ChrsMark
Copy link
Member

ChrsMark commentedAug 21, 2023
edited
Loading

@BenB196 thank's for adding this!

@mlunadia since this adds an advanced "hidden" setting (which makes sense) I wonder how those "features" are/should be reflected in the docs (mostly a heads'up).

@gizas
Copy link
Contributor

gizas commentedAug 22, 2023
edited
Loading

@BenB196 thank you for this. I also think we needed this.

I added a small update for kubelet to show the condition to users

Second and most important I believe that kube-state-metrics wont need a global condition, the opposite only specific ones per datastream. Main reason is that I would like to avoid users setting leader off in the global condition and keep leader flag open to all sub datastreams. So I would sugest to remove global condition from kube-state-metrics and introduce one per ksm datastream.

Apart from that, the tests and all checks seem ok! Thank you again

BenB196and others added2 commitsAugust 22, 2023 06:38
Co-authored-by: Andrew Gizas <andreas.gkizas@elastic.co>
Copy link
ContributorAuthor

@BenB196BenB196 left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

I retested the Kubelet section as this was the only part the experienced change.

No top-level condition, not per stream condition
inputs:  -id:kubernetes/metrics-kubelet-dfd54600-4141-11ee-b801-0987c2093460name:kubernetes-1revision:1type:kubernetes/metricsuse_output:defaultmeta:package:name:kubernetesversion:1.44.0data_stream:namespace:defaultpackage_policy_id:dfd54600-4141-11ee-b801-0987c2093460streams:      -id:>-          kubernetes/metrics-kubernetes.container-dfd54600-4141-11ee-b801-0987c2093460        data_stream:          dataset: kubernetes.container          type: metrics        metricsets:          - container        add_metadata:true        hosts:          - 'https://${env.NODE_NAME}:10250'        period: 10s        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token        ssl.verification_mode: none      -id:>-          kubernetes/metrics-kubernetes.node-dfd54600-4141-11ee-b801-0987c2093460        data_stream:          dataset: kubernetes.node          type: metrics        metricsets:          - node        add_metadata:true        hosts:          - 'https://${env.NODE_NAME}:10250'        period: 10s        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token        ssl.verification_mode: none      -id:kubernetes/metrics-kubernetes.pod-dfd54600-4141-11ee-b801-0987c2093460data_stream:dataset:kubernetes.podtype:metricsmetricsets:          -podadd_metadata:truehosts:          -'https://${env.NODE_NAME}:10250'period:10sbearer_token_file:/var/run/secrets/kubernetes.io/serviceaccount/tokenssl.verification_mode:none      -id:>-          kubernetes/metrics-kubernetes.system-dfd54600-4141-11ee-b801-0987c2093460        data_stream:          dataset: kubernetes.system          type: metrics        metricsets:          - system        add_metadata:true        hosts:          - 'https://${env.NODE_NAME}:10250'        period: 10s        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token        ssl.verification_mode: none      -id:>-          kubernetes/metrics-kubernetes.volume-dfd54600-4141-11ee-b801-0987c2093460        data_stream:          dataset: kubernetes.volume          type: metrics        metricsets:          - volume        add_metadata:true        hosts:          - 'https://${env.NODE_NAME}:10250'        period: 10s        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token        ssl.verification_mode: none
Top level condition, and per stream condition
inputs:  -id:kubernetes/metrics-kubelet-dfd54600-4141-11ee-b801-0987c2093460name:kubernetes-1revision:3type:kubernetes/metricsuse_output:defaultmeta:package:name:kubernetesversion:1.44.0data_stream:namespace:defaultpackage_policy_id:dfd54600-4141-11ee-b801-0987c2093460streams:      -id:>-          kubernetes/metrics-kubernetes.container-dfd54600-4141-11ee-b801-0987c2093460        data_stream:          dataset: kubernetes.container          type: metrics        period: 10s        condition: '${host.name} == ''testing'' and ${pod.name} == ''hello-world'''        add_metadata:true        hosts:          - 'https://${env.NODE_NAME}:10250'        ssl.verification_mode: none        metricsets:          - container        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.node-dfd54600-4141-11ee-b801-0987c2093460        data_stream:          dataset: kubernetes.node          type: metrics        period: 10s        condition: '${host.name} == ''testing'' and ${pod.name} == ''hello-world'''        add_metadata:true        hosts:          - 'https://${env.NODE_NAME}:10250'        ssl.verification_mode: none        metricsets:          - node        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:kubernetes/metrics-kubernetes.pod-dfd54600-4141-11ee-b801-0987c2093460data_stream:dataset:kubernetes.podtype:metricsperiod:10scondition:'${host.name} ==''testing'' and ${pod.name} ==''hello-world'''add_metadata:truehosts:          -'https://${env.NODE_NAME}:10250'ssl.verification_mode:nonemetricsets:          -podbearer_token_file:/var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.system-dfd54600-4141-11ee-b801-0987c2093460        data_stream:          dataset: kubernetes.system          type: metrics        period: 10s        condition: '${host.name} == ''testing'' and ${pod.name} == ''hello-world'''        add_metadata:true        hosts:          - 'https://${env.NODE_NAME}:10250'        ssl.verification_mode: none        metricsets:          - system        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.volume-dfd54600-4141-11ee-b801-0987c2093460        data_stream:          dataset: kubernetes.volume          type: metrics        period: 10s        condition: '${host.name} == ''testing'' and ${pod.name} == ''hello-world'''        add_metadata:true        hosts:          - 'https://${env.NODE_NAME}:10250'        ssl.verification_mode: none        metricsets:          - volume        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
No top level condition, per stream condition
inputs:  -id:kubernetes/metrics-kubelet-dfd54600-4141-11ee-b801-0987c2093460name:kubernetes-1revision:4type:kubernetes/metricsuse_output:defaultmeta:package:name:kubernetesversion:1.44.0data_stream:namespace:defaultpackage_policy_id:dfd54600-4141-11ee-b801-0987c2093460streams:      -id:>-          kubernetes/metrics-kubernetes.container-dfd54600-4141-11ee-b801-0987c2093460        data_stream:          dataset: kubernetes.container          type: metrics        period: 10s        condition: '${pod.name} == ''hello-world'''        add_metadata:true        hosts:          - 'https://${env.NODE_NAME}:10250'        ssl.verification_mode: none        metricsets:          - container        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.node-dfd54600-4141-11ee-b801-0987c2093460        data_stream:          dataset: kubernetes.node          type: metrics        period: 10s        condition: '${pod.name} == ''hello-world'''        add_metadata:true        hosts:          - 'https://${env.NODE_NAME}:10250'        ssl.verification_mode: none        metricsets:          - node        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:kubernetes/metrics-kubernetes.pod-dfd54600-4141-11ee-b801-0987c2093460data_stream:dataset:kubernetes.podtype:metricsperiod:10scondition:'${pod.name} ==''hello-world'''add_metadata:truehosts:          -'https://${env.NODE_NAME}:10250'ssl.verification_mode:nonemetricsets:          -podbearer_token_file:/var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.system-dfd54600-4141-11ee-b801-0987c2093460        data_stream:          dataset: kubernetes.system          type: metrics        period: 10s        condition: '${pod.name} == ''hello-world'''        add_metadata:true        hosts:          - 'https://${env.NODE_NAME}:10250'        ssl.verification_mode: none        metricsets:          - system        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.volume-dfd54600-4141-11ee-b801-0987c2093460        data_stream:          dataset: kubernetes.volume          type: metrics        period: 10s        condition: '${pod.name} == ''hello-world'''        add_metadata:true        hosts:          - 'https://${env.NODE_NAME}:10250'        ssl.verification_mode: none        metricsets:          - volume        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
Top level condition, no per stream condition
inputs:  -id:kubernetes/metrics-kubelet-dfd54600-4141-11ee-b801-0987c2093460name:kubernetes-1revision:5type:kubernetes/metricsuse_output:defaultmeta:package:name:kubernetesversion:1.44.0data_stream:namespace:defaultpackage_policy_id:dfd54600-4141-11ee-b801-0987c2093460streams:      -id:>-          kubernetes/metrics-kubernetes.container-dfd54600-4141-11ee-b801-0987c2093460        data_stream:          dataset: kubernetes.container          type: metrics        period: 10s        condition: '${host.name} == ''testing'''        add_metadata:true        hosts:          - 'https://${env.NODE_NAME}:10250'        ssl.verification_mode: none        metricsets:          - container        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.node-dfd54600-4141-11ee-b801-0987c2093460        data_stream:          dataset: kubernetes.node          type: metrics        period: 10s        condition: '${host.name} == ''testing'''        add_metadata:true        hosts:          - 'https://${env.NODE_NAME}:10250'        ssl.verification_mode: none        metricsets:          - node        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:kubernetes/metrics-kubernetes.pod-dfd54600-4141-11ee-b801-0987c2093460data_stream:dataset:kubernetes.podtype:metricsperiod:10scondition:'${host.name} ==''testing'''add_metadata:truehosts:          -'https://${env.NODE_NAME}:10250'ssl.verification_mode:nonemetricsets:          -podbearer_token_file:/var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.system-dfd54600-4141-11ee-b801-0987c2093460        data_stream:          dataset: kubernetes.system          type: metrics        period: 10s        condition: '${host.name} == ''testing'''        add_metadata:true        hosts:          - 'https://${env.NODE_NAME}:10250'        ssl.verification_mode: none        metricsets:          - system        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token      -id:>-          kubernetes/metrics-kubernetes.volume-dfd54600-4141-11ee-b801-0987c2093460        data_stream:          dataset: kubernetes.volume          type: metrics        period: 10s        condition: '${host.name} == ''testing'''        add_metadata:true        hosts:          - 'https://${env.NODE_NAME}:10250'        ssl.verification_mode: none        metricsets:          - volume        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token

Comment on lines +41 to +43
description: |
Condition to filter when to collect this input. See [Dynamic Input Configuration](https://www.elastic.co/guide/en/fleet/current/dynamic-input-configuration.html) for details.
Note: This condition value will be appended to the individual metric condition values by an "and" clause if defined.
Copy link
ContributorAuthor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

I've expanded the description of this field a bit to highlight how this condition interacts with the individual metric conditions so people don't need to go looking/guess.

gizas reacted with thumbs up emoji
@BenB196BenB196 requested a review fromgizasAugust 22, 2023 23:28
@BenB196
Copy link
ContributorAuthor

Hi@gizas, don't mean to pester, but was curious if there is anything blocking this PR from being reviewed/merged?

@BenB196
Copy link
ContributorAuthor

Hi@MichaelKatsoulis@tetianakravchenko I see you're marked as a requested review on this PR. I don't mean to bother, but would it be possible to get the PR reviewed? Also, it looks like the test never was run on this PR.

It would be nice to have this PR merged as it would greatly reduce some operational overhead.

@elasticmachine
Copy link

elasticmachine commentedOct 21, 2023
edited
Loading

🌐 Coverage report

NameMetrics % (covered/total)Diff
Packages100.0% (1/1)💚
Files100.0% (1/1)💚 3.79
Classes100.0% (1/1)💚 3.79
Methods96.386% (80/83)👍 4.0
Lines100.0% (22/22)💚 11.267
Conditionals100.0% (0/0)💚

@pierrehilbertpierrehilbert added the Team:Cloudnative-MonitoringCloud Native Monitoring team [elastic/obs-cloudnative-monitoring] labelNov 10, 2023
@pierrehilbert
Copy link
Contributor

@MichaelKatsoulis@tetianakravchenko could you please have a look?

MichaelKatsoulis reacted with rocket emojiMichaelKatsoulis reacted with eyes emoji

Copy link
Contributor

@MichaelKatsoulisMichaelKatsoulis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

LGTM

BenB196 reacted with hooray emoji
@MichaelKatsoulisMichaelKatsoulis merged commit367dc62 intoelastic:mainNov 10, 2023
@elasticmachine
Copy link

Package kubernetes - 1.54.0 containing this change is available athttps://epr.elastic.co/search?package=kubernetes

@BenB196BenB196 deleted the kubernetes-condition branchNovember 29, 2023 12:36
Sign up for freeto join this conversation on GitHub. Already have an account?Sign in to comment

Reviewers

@gizasgizasgizas approved these changes

@MichaelKatsoulisMichaelKatsoulisMichaelKatsoulis approved these changes

@tetianakravchenkotetianakravchenkoAwaiting requested review from tetianakravchenkotetianakravchenko was automatically assigned from elastic/obs-cloudnative-monitoring

Assignees

No one assigned

Labels

Integration:kubernetesKubernetesTeam:Cloudnative-MonitoringCloud Native Monitoring team [elastic/obs-cloudnative-monitoring]

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

7 participants

@BenB196@elasticmachine@ChrsMark@gizas@pierrehilbert@MichaelKatsoulis@andrewkroh

Comments

[8]ページ先頭
©2009-2026 Movatter.jp