Skip to content

Commit

Permalink
[Automated PR] Publish kubernetes templates for elastic-agent
Browse files Browse the repository at this point in the history
  • Loading branch information
elasticmachine committed Oct 16, 2024
1 parent 4339f84 commit c31e6e3
Showing 1 changed file with 28 additions and 40 deletions.
68 changes: 28 additions & 40 deletions x-pack/plugins/fleet/server/services/elastic_agent_manifest.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,15 +13,15 @@ metadata:
name: elastic-agent
namespace: kube-system
labels:
app: elastic-agent
app.kubernetes.io/name: elastic-agent
spec:
selector:
matchLabels:
app: elastic-agent
app.kubernetes.io/name: elastic-agent
template:
metadata:
labels:
app: elastic-agent
app.kubernetes.io/name: elastic-agent
spec:
# Tolerations are needed to run Elastic Agent on Kubernetes control-plane nodes.
# Agents running on control-plane nodes collect metrics from the control plane components (scheduler, controller manager) of Kubernetes
Expand All @@ -41,13 +41,11 @@ spec:
# args:
# - -c
# - >-
# mkdir -p /usr/share/elastic-agent/state/inputs.d &&
# curl -sL https://github.com/elastic/elastic-agent/archive/9.0.tar.gz | tar xz -C /usr/share/elastic-agent/state/inputs.d --strip=5 "elastic-agent-9.0/deploy/kubernetes/elastic-agent-standalone/templates.d"
# securityContext:
# runAsUser: 0
# mkdir -p /etc/elastic-agent/inputs.d &&
# curl -sL https://github.com/elastic/elastic-agent/archive/9.0.tar.gz | tar xz -C /etc/elastic-agent/inputs.d --strip=5 "elastic-agent-9.0/deploy/kubernetes/elastic-agent-standalone/templates.d"
# volumeMounts:
# - name: elastic-agent-state
# mountPath: /usr/share/elastic-agent/state
# - name: external-inputs
# mountPath: /etc/elastic-agent/inputs.d
containers:
- name: elastic-agent
image: docker.elastic.co/beats/elastic-agent:VERSION
Expand Down Expand Up @@ -76,14 +74,6 @@ spec:
value: "false"
securityContext:
runAsUser: 0
# The following capabilities are needed for 'Defend for containers' integration (cloud-defend)
# If you are using this integration, please uncomment these lines before applying.
#capabilities:
# add:
# - BPF # (since Linux 5.8) allows loading of BPF programs, create most map types, load BTF, iterate programs and maps.
# - PERFMON # (since Linux 5.8) allows attaching of BPF programs used for performance metrics and observability operations.
# - SYS_RESOURCE # Allow use of special resources or raising of resource limits. Used by 'Defend for Containers' to modify 'rlimit_memlock'
########################################################################################
# The following capabilities are needed for Universal Profiling.
# More fine graded capabilities are only available for newer Linux kernels.
# If you are using the Universal Profiling integration, please uncomment these lines before applying.
Expand Down Expand Up @@ -125,6 +115,9 @@ spec:
mountPath: /sys/kernel/debug
- name: elastic-agent-state
mountPath: /usr/share/elastic-agent/state
# Uncomment if using hints feature
# - name: external-inputs
# mountPath: /usr/share/elastic-agent/state/inputs.d
volumes:
- name: datastreams
configMap:
Expand All @@ -151,8 +144,8 @@ spec:
- name: var-lib
hostPath:
path: /var/lib
# Needed for 'Defend for containers' integration (cloud-defend) and Universal Profiling
# If you are not using one of these integrations, then these volumes and the corresponding
# Needed for Universal Profiling
# If you are not using this integration, then these volumes and the corresponding
# mounts can be removed.
- name: sys-kernel-debug
hostPath:
Expand All @@ -163,6 +156,9 @@ spec:
hostPath:
path: /var/lib/elastic-agent/kube-system/state
type: DirectoryOrCreate
# Uncomment if using hints feature
# - name: external-inputs
# emptyDir: {}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
Expand Down Expand Up @@ -210,7 +206,7 @@ kind: ClusterRole
metadata:
name: elastic-agent
labels:
k8s-app: elastic-agent
app.kubernetes.io/name: elastic-agent
rules:
- apiGroups: [""]
resources:
Expand Down Expand Up @@ -282,7 +278,7 @@ metadata:
# Should be the namespace where elastic-agent is running
namespace: kube-system
labels:
k8s-app: elastic-agent
app.kubernetes.io/name: elastic-agent
rules:
- apiGroups:
- coordination.k8s.io
Expand All @@ -296,7 +292,7 @@ metadata:
name: elastic-agent-kubeadm-config
namespace: kube-system
labels:
k8s-app: elastic-agent
app.kubernetes.io/name: elastic-agent
rules:
- apiGroups: [""]
resources:
Expand All @@ -311,7 +307,7 @@ metadata:
name: elastic-agent
namespace: kube-system
labels:
k8s-app: elastic-agent
app.kubernetes.io/name: elastic-agent
---
`;

Expand All @@ -323,15 +319,15 @@ metadata:
name: elastic-agent
namespace: kube-system
labels:
app: elastic-agent
app.kubernetes.io/name: elastic-agent
spec:
selector:
matchLabels:
app: elastic-agent
app.kubernetes.io/name: elastic-agent
template:
metadata:
labels:
app: elastic-agent
app.kubernetes.io/name: elastic-agent
spec:
# Tolerations are needed to run Elastic Agent on Kubernetes control-plane nodes.
# Agents running on control-plane nodes collect metrics from the control plane components (scheduler, controller manager) of Kubernetes
Expand Down Expand Up @@ -383,14 +379,6 @@ spec:
value: "false"
securityContext:
runAsUser: 0
# The following capabilities are needed for 'Defend for containers' integration (cloud-defend)
# If you are using this integration, please uncomment these lines before applying.
#capabilities:
# add:
# - BPF # (since Linux 5.8) allows loading of BPF programs, create most map types, load BTF, iterate programs and maps.
# - PERFMON # (since Linux 5.8) allows attaching of BPF programs used for performance metrics and observability operations.
# - SYS_RESOURCE # Allow use of special resources or raising of resource limits. Used by 'Defend for Containers' to modify 'rlimit_memlock'
########################################################################################
# The following capabilities are needed for Universal Profiling.
# More fine graded capabilities are only available for newer Linux kernels.
# If you are using the Universal Profiling integration, please uncomment these lines before applying.
Expand Down Expand Up @@ -459,8 +447,8 @@ spec:
hostPath:
path: /etc/machine-id
type: File
# Needed for 'Defend for containers' integration (cloud-defend) and Universal Profiling
# If you are not using one of these integrations, then these volumes and the corresponding
# Needed for Universal Profiling
# If you are not using this integration, then these volumes and the corresponding
# mounts can be removed.
- name: sys-kernel-debug
hostPath:
Expand Down Expand Up @@ -518,7 +506,7 @@ kind: ClusterRole
metadata:
name: elastic-agent
labels:
k8s-app: elastic-agent
app.kubernetes.io/name: elastic-agent
rules:
- apiGroups: [""]
resources:
Expand Down Expand Up @@ -590,7 +578,7 @@ metadata:
# Should be the namespace where elastic-agent is running
namespace: kube-system
labels:
k8s-app: elastic-agent
app.kubernetes.io/name: elastic-agent
rules:
- apiGroups:
- coordination.k8s.io
Expand All @@ -604,7 +592,7 @@ metadata:
name: elastic-agent-kubeadm-config
namespace: kube-system
labels:
k8s-app: elastic-agent
app.kubernetes.io/name: elastic-agent
rules:
- apiGroups: [""]
resources:
Expand All @@ -619,6 +607,6 @@ metadata:
name: elastic-agent
namespace: kube-system
labels:
k8s-app: elastic-agent
app.kubernetes.io/name: elastic-agent
---
`;

0 comments on commit c31e6e3

Please sign in to comment.