Merge "Update Calico to v3.1.3"
diff --git a/kubernetes/files/kube-addons/fluentd/fluentd-aggregator-deploy.yaml b/kubernetes/files/kube-addons/fluentd/fluentd-aggregator-deploy.yaml
index 7cb8a38..03bd870 100644
--- a/kubernetes/files/kube-addons/fluentd/fluentd-aggregator-deploy.yaml
+++ b/kubernetes/files/kube-addons/fluentd/fluentd-aggregator-deploy.yaml
@@ -4,7 +4,7 @@
kind: Deployment
metadata:
name: fluentd-aggregator
- namespace: stacklight
+ namespace: {{ common.addons.fluentd.get('namespace', 'stacklight') }}
labels:
k8s-app: fluentd-aggregator
version: v1
@@ -30,20 +30,18 @@
effect: NoSchedule
containers:
- name: fluentd-aggregator
- image: fluent/fluentd-kubernetes-daemonset:v1.2-debian-elasticsearch
+ image: {{ common.addons.fluentd.aggregator.get('image', 'fluent/fluentd-kubernetes-daemonset:v1.2-debian-elasticsearch') }}
env:
- name: FLUENTD_ELASTICSEARCH_HOST
- value: "{{ common.addons.fluentd.aggregator.es.get('host', '127.0.0.1') }}"
+ value: "{{ common.addons.fluentd.aggregator.config.output.es.get('host', '127.0.0.1') }}"
- name: FLUENTD_ELASTICSEARCH_PORT
- value: "{{ common.addons.fluentd.aggregator.es.get('port', '9200') }}"
+ value: "{{ common.addons.fluentd.aggregator.config.output.es.get('port', '9200') }}"
- name: FLUENTD_ELASTICSEARCH_SCHEME
- value: "{{ common.addons.fluentd.aggregator.es.get('scheme', 'http') }}"
+ value: "{{ common.addons.fluentd.aggregator.config.output.es.get('scheme', 'http') }}"
- name: FLUENTD_AGGREGATOR_BIND_PORT
- value: "{{ common.addons.fluentd.aggregator.bind.get('port', '24224') }}"
+ value: "{{ common.addons.fluentd.aggregator.config.forward_input.bind.get('port', '24224') }}"
- name: ENVIRONMENT_LABEL
value: "{{ grains.domain }}"
- # - name: FLUENTD_OPT
- # value: "--use-v1-config"
# TODO: a hack to pass the broken entrypoint in upstream docker image for k8s fluent when configmap is used
- name: FLUENT_ELASTICSEARCH_USER
value: "null"
@@ -51,11 +49,11 @@
value: "null"
resources:
limits:
- memory: 500Mi
+ memory: {{ common.addons.fluentd.aggregator.resources.limits.get('memory', '500Mi') }}
requests:
- memory: 500Mi
+ memory: {{ common.addons.fluentd.aggregator.resources.requests.get('memory', '500Mi') }}
ports:
- - containerPort: {{ common.addons.fluentd.aggregator.bind.get('port', '24224') }}
+ - containerPort: {{ common.addons.fluentd.aggregator.config.forward_input.bind.get('port', '24224') }}
name: main-input
protocol: TCP
- containerPort: 9880
diff --git a/kubernetes/files/kube-addons/fluentd/fluentd-aggregator-fluent-conf.yaml b/kubernetes/files/kube-addons/fluentd/fluentd-aggregator-fluent-conf.yaml
index 34fb625..70b65c9 100644
--- a/kubernetes/files/kube-addons/fluentd/fluentd-aggregator-fluent-conf.yaml
+++ b/kubernetes/files/kube-addons/fluentd/fluentd-aggregator-fluent-conf.yaml
@@ -1,9 +1,10 @@
+{%- from "kubernetes/map.jinja" import common with context -%}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: fluentd-aggregator-cfg
- namespace: stacklight
+ namespace: {{ common.addons.fluentd.get('namespace', 'stacklight') }}
labels:
addonmanager.kubernetes.io/mode: Reconcile
data:
@@ -37,7 +38,7 @@
Type log
environment_label "#{ENV['ENVIRONMENT_LABEL']}"
Hostname ${ hostname }
- Timestamp ${ time.strftime('%Y-%m-%dT%H:%M:%S.%N%z') }
+ Timestamp ${ time.strftime("{{ common.addons.fluentd.aggregator.config.general.get('time_format', '%Y-%m-%dT%H:%M:%S.%N%z') }}") }
</record>
</filter>
@@ -50,30 +51,36 @@
<filter temp.kubernetes.**>
@type record_transformer
enable_ruby true
- remove_keys log
<record>
kubernetes_namespace_container_name ${record["kubernetes"]["namespace_name"]}.${record["kubernetes"]["container_name"]}
- Payload ${record['log']}
</record>
</filter>
- <filter temp.kubernetes.kube-system.**>
- @type parser
- format kubernetes
- reserve_data true
- key_name log
- suppress_parse_error_log true
- </filter>
+ <match temp.kubernetes.container>
+ @type rewrite_tag_filter
+ <rule>
+ key
+ pattern ^(.*)$
+ tag __TAG__.$1
+ </rule>
+ </match>
<filter temp.kubernetes.container.**>
@type record_transformer
enable_ruby
<record>
- severity_label INFO
- Severity 6
+ severity_label ${ {"ERROR"=>"stderr","INFO"=>"stdout"}.key(record["stream"]) }
+ Severity ${ {3=>"stderr",6=>"stdout"}.key(record["stream"]) }
programname ${ record['kubernetes']['container_name'] }
</record>
</filter>
systemd-filter.conf: |
+ <filter systemd.source>
+ @type record_transformer
+ enable_ruby
+ <record>
+ severity_label ${ {"TRACE"=>8,"DEBUG"=>7,"INFO"=>6,"NOTICE"=>5,"WARNING"=>4,"ERROR"=>3,"CRITICAL"=>2,"ALERT"=>1,"EMERGENCY"=>0}.key(record["Severity"].to_i) }
+ </record>
+ </filter>
<match systemd.source>
@type rewrite_tag_filter
<rule>
@@ -83,18 +90,20 @@
</rule>
</match>
<filter systemd.source.kubelet>
- type parser
+ @type parser
format kubernetes
reserve_data true
- key_name MESSAGE
- suppress_parse_error_log true
+ key_name Payload
</filter>
- <filter systemd.source.docker>
- type parser
- format /^time="(?<time>[^)]*)" level=(?<severity>[^ ]*) msg="(?<message>[^"]*)"( err="(?<error>[^"]*)")?( statusCode=($<status_code>\d+))?/
+ <filter systemd.source.kube-apiserver>
+ @type parser
+ format kubernetes
reserve_data true
- key_name MESSAGE
- suppress_parse_error_log true
+ key_name Payload
+ </filter>
+ <filter systemd.source.**>
+ @type record_transformer
+ remove_keys message, severity
</filter>
output.conf: |
@@ -109,24 +118,25 @@
<match **>
@type elasticsearch
- log_level debug
+ @log_level {{ common.addons.fluentd.aggregator.config.output.get('log_level', 'info') }}
host "#{ENV['FLUENTD_ELASTICSEARCH_HOST']}"
port "#{ENV['FLUENTD_ELASTICSEARCH_PORT']}"
scheme "#{ENV['FLUENTD_ELASTICSEARCH_SCHEME'] || 'http'}"
ssl_verify "#{ENV['FLUENTD_ELASTICSEARCH_SSL_VERIFY'] || 'true'}"
reload_connections "#{ENV['FLUENTD_ELASTICSEARCH_RELOAD_CONNECTIONS'] || 'true'}"
type_name message
+ tag_key Logger
include_tag_key true
time_key Timestamp
time_key_exclude_timestamp true
- logstash_format true
- logstash_prefix k8s
- logstash_dateformat %Y.%m.%d
- request_timeout 10s
- buffer_chunk_limit 2M
- buffer_queue_limit 32
- flush_interval 10s
- max_retry_wait 30
+ logstash_format {{ common.addons.fluentd.aggregator.config.output.get('logstash_format', 'true') | lower }}
+ logstash_prefix {{ common.addons.fluentd.aggregator.config.output.get('logstash_prefix', 'log') }}
+ logstash_dateformat {{ common.addons.fluentd.aggregator.config.output.get('logstash_dateformat', '%Y.%m.%d') }}
+ request_timeout {{ common.addons.fluentd.aggregator.config.output.get('request_timeout', '10s') }}
+ buffer_chunk_limit {{ common.addons.fluentd.aggregator.config.output.get('buffer_chunk_limit', '2m') }}
+ buffer_queue_limit {{ common.addons.fluentd.aggregator.config.output.get('buffer_queue_limit', '32') }}
+ flush_interval {{ common.addons.fluentd.aggregator.config.output.get('flush_interval', '10s') }}
+ max_retry_wait {{ common.addons.fluentd.aggregator.config.output.get('max_retry_wait', '30') }}
disable_retry_limit
- num_threads 8
+ num_threads {{ common.addons.fluentd.aggregator.config.output.get('num_threads', '8') }}
</match>
diff --git a/kubernetes/files/kube-addons/fluentd/fluentd-aggregator-svc.yaml b/kubernetes/files/kube-addons/fluentd/fluentd-aggregator-svc.yaml
index 7c58fd5..f6569b5 100644
--- a/kubernetes/files/kube-addons/fluentd/fluentd-aggregator-svc.yaml
+++ b/kubernetes/files/kube-addons/fluentd/fluentd-aggregator-svc.yaml
@@ -4,7 +4,7 @@
kind: Service
metadata:
name: fluentd-aggregator
- namespace: stacklight
+ namespace: {{ common.addons.fluentd.get('namespace', 'stacklight') }}
labels:
k8s-app: fluentd-aggregator
kubernetes.io/cluster-service: "true"
@@ -15,5 +15,5 @@
k8s-app: fluentd-aggregator
ports:
- name: fluentd-aggregator
- port: {{ common.addons.fluentd.aggregator.bind.get('port', '24224') }}
+ port: {{ common.addons.fluentd.aggregator.config.forward_input.bind.get('port', '24224') }}
protocol: TCP
diff --git a/kubernetes/files/kube-addons/fluentd/fluentd-logger-ds.yaml b/kubernetes/files/kube-addons/fluentd/fluentd-logger-ds.yaml
index a5c5764..685ade4 100644
--- a/kubernetes/files/kube-addons/fluentd/fluentd-logger-ds.yaml
+++ b/kubernetes/files/kube-addons/fluentd/fluentd-logger-ds.yaml
@@ -4,7 +4,7 @@
kind: DaemonSet
metadata:
name: fluentd-logger
- namespace: stacklight
+ namespace: {{ common.addons.fluentd.get('namespace', 'stacklight') }}
labels:
k8s-app: fluentd-logger
version: v1
@@ -30,17 +30,17 @@
- key: node-role.kubernetes.io/master
containers:
- name: fluentd-logger
- image: fluent/fluentd-kubernetes-daemonset:v1.2-debian-stackdriver
+ image: {{ common.addons.fluentd.logger.get('image', 'fluent/fluentd-kubernetes-daemonset:v1.2-debian-stackdriver') }}
env:
- name: FLUENTD_AGGREGATOR_HOST
value: "fluentd-aggregator"
- name: FLUENTD_AGGREGATOR_PORT
- value: "{{ common.addons.fluentd.aggregator.bind.get('port', '24224') }}"
+ value: "{{ common.addons.fluentd.aggregator.config.forward_input.bind.get('port', '24224') }}"
resources:
limits:
- memory: 500Mi
+ memory: {{ common.addons.fluentd.logger.resources.limits.get('memory', '500Mi') }}
requests:
- memory: 500Mi
+ memory: {{ common.addons.fluentd.logger.resources.requests.get('memory', '500Mi') }}
volumeMounts:
- name: varlog
mountPath: /var/log
diff --git a/kubernetes/files/kube-addons/fluentd/fluentd-logger-fluent-conf.yaml b/kubernetes/files/kube-addons/fluentd/fluentd-logger-fluent-conf.yaml
index 3003504..d7f7c15 100644
--- a/kubernetes/files/kube-addons/fluentd/fluentd-logger-fluent-conf.yaml
+++ b/kubernetes/files/kube-addons/fluentd/fluentd-logger-fluent-conf.yaml
@@ -1,9 +1,10 @@
+{%- from "kubernetes/map.jinja" import common with context -%}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: fluentd-logger-cfg
- namespace: stacklight
+ namespace: {{ common.addons.fluentd.get('namespace', 'stacklight') }}
labels:
addonmanager.kubernetes.io/mode: Reconcile
data:
@@ -28,7 +29,7 @@
@type tail
path /var/log/containers/*.log
pos_file /var/log/fluentd-containers.log.pos
- time_format %Y-%m-%dT%H:%M:%S.%NZ
+ time_format {{ common.addons.fluentd.logger.config.kubernetes_input.get('time_format') }}
tag temp.kubernetes.container.*
format json
read_from_head true
@@ -38,6 +39,7 @@
systemd-input.conf: |
<source>
@type systemd
+ matches [{"_SYSTEMD_UNIT": "kubelet.service"}, {"_SYSTEMD_UNIT": "docker.service"}, {"_SYSTEMD_UNIT": "kube-apiserver.service"} ]
path /run/log/journal
pos_file /var/log/fluentd-journald-systemd.pos
tag systemd.source
@@ -52,21 +54,21 @@
forward-output.conf: |
<match **>
@type forward
- require_ack_response true
- ack_response_timeout 30
- recover_wait 10s
- heartbeat_interval 1s
- phi_threshold 16
- send_timeout 10s
- hard_timeout 10s
- expire_dns_cache 15
- heartbeat_type tcp
- buffer_chunk_limit 2M
- buffer_queue_limit 32
- flush_interval 5s
- max_retry_wait 15
+ require_ack_response {{ common.addons.fluentd.logger.config.forward_output.get('require_ack_response', 'true') | lower }}
+ ack_response_timeout {{ common.addons.fluentd.logger.config.forward_output.get('ack_response_timeout', '30') }}
+ recover_wait {{ common.addons.fluentd.logger.config.forward_output.get('recover_wait', '10s') }}
+ heartbeat_interval {{ common.addons.fluentd.logger.config.forward_output.get('heartbeat_interval', '1s') }}
+ phi_threshold {{ common.addons.fluentd.logger.config.forward_output.get('phi_threshold', '16') }}
+ send_timeout {{ common.addons.fluentd.logger.config.forward_output.get('send_timeout', '10s') }}
+ hard_timeout {{ common.addons.fluentd.logger.config.forward_output.get('hard_timeout', '10s') }}
+ expire_dns_cache {{ common.addons.fluentd.logger.config.forward_output.get('expire_dns_cache', '15') }}
+ heartbeat_type {{ common.addons.fluentd.logger.config.forward_output.get('heartbeat_type', 'tcp') }}
+ buffer_chunk_limit {{ common.addons.fluentd.logger.config.forward_output.get('buffer_chunk_limit', '2M') }}
+ buffer_queue_limit {{ common.addons.fluentd.logger.config.forward_output.get('buffer_queue_limit', '32') }}
+ flush_interval {{ common.addons.fluentd.logger.config.forward_output.get('flush_interval', '5s') }}
+ max_retry_wait {{ common.addons.fluentd.logger.config.forward_output.get('max_retry_wait', '15') }}
disable_retry_limit
- num_threads 8
+ num_threads {{ common.addons.fluentd.logger.config.forward_output.get('num_threads', '8') }}
<server>
name fluentd-aggregator
host fluentd-aggregator
diff --git a/kubernetes/files/kube-addons/fluentd/fluentd-ns.yaml b/kubernetes/files/kube-addons/fluentd/fluentd-ns.yaml
index 1d454eb..5c6a50d 100644
--- a/kubernetes/files/kube-addons/fluentd/fluentd-ns.yaml
+++ b/kubernetes/files/kube-addons/fluentd/fluentd-ns.yaml
@@ -1,8 +1,9 @@
+{%- from "kubernetes/map.jinja" import common with context -%}
---
kind: Namespace
apiVersion: v1
metadata:
- name: stacklight
+ name: {{ common.addons.fluentd.get('namespace', 'stacklight') }}
labels:
k8s-app: fluentd
addonmanager.kubernetes.io/mode: Reconcile
diff --git a/kubernetes/files/kube-addons/fluentd/fluentd-sa.yaml b/kubernetes/files/kube-addons/fluentd/fluentd-sa.yaml
index 5d0b262..d3ce2ef 100644
--- a/kubernetes/files/kube-addons/fluentd/fluentd-sa.yaml
+++ b/kubernetes/files/kube-addons/fluentd/fluentd-sa.yaml
@@ -1,3 +1,4 @@
+{%- from "kubernetes/map.jinja" import common with context -%}
---
apiVersion: v1
kind: ServiceAccount
@@ -5,7 +6,7 @@
labels:
addonmanager.kubernetes.io/mode: Reconcile
name: fluentd
- namespace: stacklight
+ namespace: {{ common.addons.fluentd.get('namespace', 'stacklight') }}
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
@@ -39,4 +40,4 @@
subjects:
- kind: ServiceAccount
name: fluentd
- namespace: stacklight
+ namespace: {{ common.addons.fluentd.get('namespace', 'stacklight') }}
diff --git a/kubernetes/files/kube-addons/telegraf/telegraf-conf.yaml b/kubernetes/files/kube-addons/telegraf/telegraf-conf.yaml
new file mode 100644
index 0000000..4e33a7e
--- /dev/null
+++ b/kubernetes/files/kube-addons/telegraf/telegraf-conf.yaml
@@ -0,0 +1,82 @@
+{%- from "kubernetes/map.jinja" import common with context -%}
+---
+kind: ConfigMap
+apiVersion: v1
+metadata:
+ name: telegraf-cfg
+ namespace: {{ common.addons.telegraf.get('namespace', 'stacklight') }}
+ labels:
+ addonmanager.kubernetes.io/mode: Reconcile
+data:
+ telegraf.conf: |+
+ [global_tags]
+
+ {%- if common.addons.telegraf.global_tags is defined %}
+ {%- for tag_name, tag_value in common.addons.telegraf.global_tags.iteritems() %}
+ {{ tag_name }} = "{{ tag_value }}"
+ {%- endfor %}
+ {%- endif %}
+
+ [agent]
+ {%- if common.addons.telegraf.agent.interval is defined %}
+ interval = "{{ common.addons.telegraf.agent.interval }}s"
+ {%- endif %}
+
+ {%- if common.addons.telegraf.agent.round_interval is defined %}
+ round_interval = {{ common.addons.telegraf.agent.round_interval | lower }}
+ {%- endif %}
+
+ {%- if common.addons.telegraf.agent.metric_batch_size is defined %}
+ metric_batch_size = {{ common.addons.telegraf.agent.metric_batch_size }}
+ {%- endif %}
+
+ {%- if common.addons.telegraf.agent.metric_buffer_limit is defined %}
+ metric_buffer_limit = {{ common.addons.telegraf.agent.metric_buffer_limit }}
+ {%- endif %}
+
+ {%- if common.addons.telegraf.agent.collection_jitter is defined %}
+ collection_jitter = "{{ common.addons.telegraf.agent.collection_jitter }}s"
+ {%- endif %}
+
+ {%- if common.addons.telegraf.agent.flush_interval is defined %}
+ flush_interval = "{{ common.addons.telegraf.agent.flush_interval }}s"
+ {%- endif %}
+
+ {%- if common.addons.telegraf.agent.flush_jitter is defined %}
+ flush_jitter = "{{ common.addons.telegraf.agent.flush_jitter }}s"
+ {%- endif %}
+
+ {%- if common.addons.telegraf.agent.precision is defined %}
+ precision = "{{ common.addons.telegraf.agent.precision }}"
+ {%- endif %}
+
+ {%- if common.addons.telegraf.agent.logfile is defined %}
+ logfile = "{{ common.addons.telegraf.agent.logfile }}"
+ {%- endif %}
+
+ {%- if common.addons.telegraf.agent.debug is defined %}
+ debug = {{ common.addons.telegraf.agent.debug | lower }}
+ {%- endif %}
+
+ {%- if common.addons.telegraf.agent.quiet is defined %}
+ quiet = {{ common.addons.telegraf.agent.quiet | lower }}
+ {%- endif %}
+
+ {%- if common.addons.telegraf.agent.hostname is defined %}
+ hostname = "{{ common.addons.telegraf.agent.hostname }}"
+ {%- endif %}
+
+ {%- if common.addons.telegraf.agent.omit_hostname is defined %}
+ omit_hostname = {{ common.addons.telegraf.agent.omit_hostname | lower }}
+ {%- endif %}
+
+ [[inputs.disk]]
+ ignore_fs = ["tmpfs", "devtmpfs"]
+ [[inputs.diskio]]
+ [[inputs.kernel]]
+ [[inputs.mem]]
+ [[inputs.processes]]
+ [[inputs.swap]]
+ [[inputs.system]]
+ [[outputs.prometheus_client]]
+ listen = "0.0.0.0:9126"
diff --git a/kubernetes/files/kube-addons/telegraf/telegraf-ds.yaml b/kubernetes/files/kube-addons/telegraf/telegraf-ds.yaml
new file mode 100644
index 0000000..3614124
--- /dev/null
+++ b/kubernetes/files/kube-addons/telegraf/telegraf-ds.yaml
@@ -0,0 +1,76 @@
+{%- from "kubernetes/map.jinja" import common with context -%}
+---
+apiVersion: extensions/v1beta1
+kind: DaemonSet
+metadata:
+ name: telegraf
+ namespace: {{ common.addons.telegraf.get('namespace', 'stacklight') }}
+ labels:
+ k8s-app: telegraf
+ version: v1
+ kubernetes.io/cluster-service: "true"
+ beta.kubernetes.io/telegraf-ds-ready: "true"
+spec:
+ template:
+ metadata:
+ labels:
+ k8s-app: telegraf
+ version: v1
+ kubernetes.io/cluster-service: "true"
+ annotations:
+ scheduler.alpha.kubernetes.io/critical-pod: ''
+ seccomp.security.alpha.kubernetes.io/pod: 'docker/default'
+ spec:
+ priorityClassName: system-node-critical
+ serviceAccountName: telegraf
+ tolerations:
+ - key: node-role.kubernetes.io/master
+ containers:
+ - name: telegraf
+ image: {{ common.addons.telegraf.image }}
+ env:
+ - name: HOSTNAME
+ valueFrom:
+ fieldRef:
+ fieldPath: spec.nodeName
+ - name: "HOST_PROC"
+ value: "/rootfs/proc"
+ - name: "HOST_SYS"
+ value: "/rootfs/sys"
+ resources:
+ limits:
+ memory: {{ common.addons.telegraf.resources.limits.memory }}
+ requests:
+ memory: {{ common.addons.telegraf.resources.requests.memory }}
+ volumeMounts:
+ - name: sys
+ mountPath: /rootfs/sys
+ readOnly: true
+ - name: docker-socket
+ mountPath: /var/run/docker.sock
+ readOnly: true
+ - name: proc
+ mountPath: /rootfs/proc
+ readOnly: true
+ - name: utmp
+ mountPath: /var/run/utmp
+ readOnly: true
+ - name: telegraf-cfg
+ mountPath: /etc/telegraf
+ terminationGracePeriodSeconds: 30
+ volumes:
+ - name: sys
+ hostPath:
+ path: /sys
+ - name: docker-socket
+ hostPath:
+ path: /var/run/docker.sock
+ - name: proc
+ hostPath:
+ path: /proc
+ - name: utmp
+ hostPath:
+ path: /var/run/utmp
+ - name: telegraf-cfg
+ configMap:
+ name: telegraf-cfg
diff --git a/kubernetes/files/kube-addons/telegraf/telegraf-ns.yaml b/kubernetes/files/kube-addons/telegraf/telegraf-ns.yaml
new file mode 100644
index 0000000..473feab
--- /dev/null
+++ b/kubernetes/files/kube-addons/telegraf/telegraf-ns.yaml
@@ -0,0 +1,9 @@
+{%- from "kubernetes/map.jinja" import common with context -%}
+---
+kind: Namespace
+apiVersion: v1
+metadata:
+ name: {{ common.addons.telegraf.get('namespace', 'stacklight') }}
+ labels:
+ k8s-app: telegraf
+ addonmanager.kubernetes.io/mode: Reconcile
diff --git a/kubernetes/files/kube-addons/telegraf/telegraf-sa.yaml b/kubernetes/files/kube-addons/telegraf/telegraf-sa.yaml
new file mode 100644
index 0000000..e342827
--- /dev/null
+++ b/kubernetes/files/kube-addons/telegraf/telegraf-sa.yaml
@@ -0,0 +1,43 @@
+{%- from "kubernetes/map.jinja" import common with context -%}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ labels:
+ addonmanager.kubernetes.io/mode: Reconcile
+ name: telegraf
+ namespace: {{ common.addons.telegraf.get('namespace', 'stacklight') }}
+---
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRole
+metadata:
+ name: telegraf
+ labels:
+ addonmanager.kubernetes.io/mode: Reconcile
+rules:
+- apiGroups:
+ - ""
+ resources:
+ - pods
+ - namespaces
+ verbs:
+ - "get"
+ - "watch"
+ - "list"
+---
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1beta1
+metadata:
+ name: telegraf
+ labels:
+ k8s-app: telegraf
+ kubernetes.io/cluster-service: "true"
+ addonmanager.kubernetes.io/mode: Reconcile
+roleRef:
+ kind: ClusterRole
+ name: telegraf
+ apiGroup: rbac.authorization.k8s.io
+subjects:
+- kind: ServiceAccount
+ name: telegraf
+ namespace: {{ common.addons.telegraf.get('namespace', 'stacklight') }}
diff --git a/kubernetes/master/kube-addons.sls b/kubernetes/master/kube-addons.sls
index 4916a3f..049e6c4 100644
--- a/kubernetes/master/kube-addons.sls
+++ b/kubernetes/master/kube-addons.sls
@@ -375,6 +375,21 @@
{% endif %}
+{%- if common.addons.get('telegraf', {}).get('enabled') %}
+{%- set telegraf_resources = ['conf', 'ns', 'sa', 'ds'] %}
+
+{%- for resource in telegraf_resources %}
+/etc/kubernetes/addons/telegraf/telegraf-{{ resource }}.yaml:
+ file.managed:
+ - source: salt://kubernetes/files/kube-addons/telegraf/telegraf-{{ resource }}.yaml
+ - template: jinja
+ - group: root
+ - dir_mode: 755
+ - makedirs: True
+{%- endfor %}
+
+{% endif %}
+
{%- if common.addons.get('dashboard', {'enabled': False}).enabled %}
{%- set dashboard_resources = ['deployment', 'secret', 'service', 'serviceaccount'] %}