--- apiVersion: v1 kind: ConfigMap metadata: namespace: monitoring name: metricbeat-config labels: app: metricbeat data: metricbeat.yml: |- # Configure modules metricbeat.modules: - module: system period: ${PERIOD} metricsets: ["cpu", "load", "memory", "network", "process", "process_summary", "core", "diskio", "socket"] processes: ['.*'] process.include_top_n: by_cpu: 5 # include top 5 processes by CPU by_memory: 5 # include top 5 processes by memory - module: system period: ${PERIOD} metricsets: ["filesystem", "fsstat"] processors: - drop_event.when.regexp: system.filesystem.mount_point: '^/(sys|cgroup|proc|dev|etc|host|lib)($|/)' - module: docker period: ${PERIOD} hosts: ["unix:///var/run/docker.sock"] metricsets: ["container", "cpu", "diskio", "healthcheck", "info", "memory", "network"] - module: kubernetes period: ${PERIOD} host: ${NODE_NAME} hosts: ["localhost:10255"] metricsets: ["node", "system", "pod", "container", "volume"] - module: kubernetes period: ${PERIOD} host: ${NODE_NAME} metricsets: ["state_node", "state_deployment", "state_replicaset", "state_pod", "state_container"] hosts: ["kube-state-metrics.kube-system.svc.cluster.local:8080"] # Configure specific service module based on k8s deployment metricbeat.autodiscover: providers: - type: kubernetes host: ${NODE_NAME} templates: - condition.equals: kubernetes.labels.app: mongo config: - module: mongodb period: ${PERIOD} hosts: ["mongo.default:27017"] metricsets: ["dbstats", "status", "collstats", "metrics", "replstatus"] # Connection to ElasticSearch output.elasticsearch: hosts: ['${ELASTICSEARCH_HOST:elasticsearch}:${ELASTICSEARCH_PORT:9200}'] username: ${ELASTICSEARCH_USERNAME} password: ${ELASTICSEARCH_PASSWORD} # Connection to Kibana to import pre-existing dashboards setup.kibana: host: '${KIBANA_HOST:kibana}:${KIBANA_PORT:5601}' # Import pre-existing dashboards setup.dashboards.enabled: true # Configure indice lifecycle setup.ilm: policy_file: /etc/indice-lifecycle.json --- apiVersion: v1 kind: ConfigMap metadata: namespace: monitoring name: metricbeat-indice-lifecycle labels: app: metricbeat data: indice-lifecycle.json: |- { "policy": { "phases": { "hot": { "actions": { "rollover": { "max_size": "5GB" , "max_age": "1d" } } }, "delete": { "min_age": "7d", "actions": { "delete": {} } } } } } --- apiVersion: extensions/v1beta1 kind: DaemonSet metadata: namespace: monitoring name: metricbeat labels: app: metricbeat spec: template: metadata: labels: app: metricbeat spec: serviceAccountName: metricbeat terminationGracePeriodSeconds: 30 hostNetwork: true dnsPolicy: ClusterFirstWithHostNet containers: - name: metricbeat image: docker.elastic.co/beats/metricbeat:7.3.0 args: [ "-c", "/etc/metricbeat.yml", "-e", "-system.hostfs=/hostfs", ] env: - name: ELASTICSEARCH_HOST value: elasticsearch-client.monitoring.svc.cluster.local - name: ELASTICSEARCH_PORT value: "9200" - name: ELASTICSEARCH_USERNAME value: elastic - name: ELASTICSEARCH_PASSWORD valueFrom: secretKeyRef: name: elasticsearch-pw-elastic key: password - name: KIBANA_HOST value: kibana.monitoring.svc.cluster.local - name: KIBANA_PORT value: "5601" - name: NODE_NAME valueFrom: fieldRef: fieldPath: spec.nodeName - name: PERIOD value: "10s" securityContext: runAsUser: 0 resources: limits: memory: 200Mi requests: cpu: 100m memory: 100Mi volumeMounts: - name: config mountPath: /etc/metricbeat.yml readOnly: true subPath: metricbeat.yml - name: metricbeat-indice-lifecycle mountPath: /etc/indice-lifecycle.json readOnly: true subPath: indice-lifecycle.json - name: dockersock mountPath: /var/run/docker.sock - name: proc mountPath: /hostfs/proc readOnly: true - name: cgroup mountPath: /hostfs/sys/fs/cgroup readOnly: true volumes: - name: proc hostPath: path: /proc - name: cgroup hostPath: path: /sys/fs/cgroup - name: dockersock hostPath: path: /var/run/docker.sock - name: config configMap: defaultMode: 0600 name: metricbeat-config - name: metricbeat-indice-lifecycle configMap: defaultMode: 0600 name: metricbeat-indice-lifecycle - name: data hostPath: path: /var/lib/metricbeat-data type: DirectoryOrCreate --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding metadata: name: metricbeat subjects: - kind: ServiceAccount name: metricbeat namespace: monitoring roleRef: kind: ClusterRole name: metricbeat apiGroup: rbac.authorization.k8s.io --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRole metadata: name: metricbeat labels: app: metricbeat rules: - apiGroups: [""] resources: - nodes - namespaces - events - pods verbs: ["get", "list", "watch"] - apiGroups: ["extensions"] resources: - replicasets verbs: ["get", "list", "watch"] - apiGroups: ["apps"] resources: - statefulsets - deployments verbs: ["get", "list", "watch"] - apiGroups: - "" resources: - nodes/stats verbs: - get --- apiVersion: v1 kind: ServiceAccount metadata: namespace: monitoring name: metricbeat labels: app: metricbeat ---