From 80ef6a923646374f59ab4b9d1c464c858e1b7ede Mon Sep 17 00:00:00 2001 From: paliwalparitosh Date: Wed, 16 Aug 2023 14:29:10 +0530 Subject: [PATCH 01/45] adds meta-schema validation --- terraform/oke/meta-schema.yaml | 1394 ++++++++++++++++++++++++++++++++ terraform/oke/schema.yaml | 26 +- 2 files changed, 1410 insertions(+), 10 deletions(-) create mode 100644 terraform/oke/meta-schema.yaml diff --git a/terraform/oke/meta-schema.yaml b/terraform/oke/meta-schema.yaml new file mode 100644 index 00000000..8a88c7b6 --- /dev/null +++ b/terraform/oke/meta-schema.yaml @@ -0,0 +1,1394 @@ +# Meta JSON Schema. +# +# This is used to validate the Schema file when the package is uploaded/loaded into Resource Manager. +# For marketplace, it is also used to validate the package when the package artifact is created in Partner Portal. +# +# NOTE: additionalProperties are set to true explicitly even though this is the default. It must be set to true in +# cases where we use the allOf. This is a quirk of JSON Schema. During validation, allOf means it has to match all of +# the individual definitions separately. It doesn't mean it has to match a Union of the individual definitions. This +# is a known issue with JSON Schema. +title: Schema +type: object +required: + - variables + - schemaVersion +additionalProperties: true +properties: + title: + type: string + description: + type: string + stackDescription: + type: string + packageVersion: + type: string + version: + type: string + schemaVersion: + type: string + enum: + - 1.0.0 + - 1.1.0 + locale: + $ref: "#/definitions/locale" + logoUrl: + $ref: "#/definitions/url" + source: + $ref: "#/definitions/source" + informationalText: + type: string + instructions: + type: string + troubleshooting: + type: string + allowViewState: + type: boolean + variables: + $ref: "#/definitions/variables" + # Deprecated - use variableGroups instead + groupings: + $ref: "#/definitions/variableGroups" + variableGroups: + $ref: "#/definitions/variableGroups" + outputs: + $ref: "#/definitions/outputs" + outputGroups: + $ref: "#/definitions/outputGroups" + primaryOutputButton: + type: string + format: variablereference + +definitions: + source: + type: object + properties: + type: + enum: + - marketplace + - quickstart + - web + reference: + type: + - string + - number + additionalProperties: false + + variableGroups: + type: array + items: + $ref: "#/definitions/variableGroup" + + variableGroup: + type: object + required: + - title + - variables + properties: + title: + type: string + variables: + type: array + items: + type: string + format: variablereference + visible: + $ref: "#/definitions/booleanStatement" + additionalProperties: true + + locale: + enum: + - en + default: en + + url: + type: string + pattern: ^https?:\/\/(www\.)?[-a-zA-Z0-9@:%._\+~#=]{2,256}\.[a-z]{2,4}\b([-a-zA-Z0-9@:%_\+.~#?&//=]*)$ + + ocid: + type: string + pattern: ^ocid1\.([a-z0-9_-]{1,32})\.([a-z0-9_-]{1,15})\.([a-z0-9]{0,24})\.([a-z0-9]{60})$ + + variables: + type: object + additionalProperties: + $ref: "#/definitions/variable" + + variable: + oneOf: + - $ref: "#/definitions/staticVariable" + - $ref: "#/definitions/dynamicVariable" + + baseVariable: + type: object + properties: + title: + type: string + minLength: 1 + description: + type: string + required: + type: boolean + default: false + visible: + $ref: "#/definitions/booleanStatement" + + booleanStatement: + oneOf: + - type: boolean + - type: string + - $ref: "#/definitions/equality" + - $ref: "#/definitions/greaterThanOrEqual" + - $ref: "#/definitions/lessThanOrEqual" + - $ref: "#/definitions/greaterThan" + - $ref: "#/definitions/lessThan" + - $ref: "#/definitions/booleanOr" + - $ref: "#/definitions/booleanAnd" + - $ref: "#/definitions/booleanNot" + + equality: + type: object + properties: + eq: + type: array + items: + - type: [string, number] + - type: [string, number] + additionalItems: false + additionalProperties: false + + greaterThanOrEqual: + type: object + properties: + ge: + type: array + items: + - type: [string, number] + - type: [string, number] + additionalItems: false + additionalProperties: false + + lessThanOrEqual: + type: object + properties: + le: + type: array + items: + - type: [string, number] + - type: [string, number] + additionalItems: false + additionalProperties: false + + greaterThan: + type: object + properties: + gt: + type: array + items: + - type: [string, number] + - type: [string, number] + additionalItems: false + additionalProperties: false + + lessThan: + type: object + properties: + lt: + type: array + items: + - type: [string, number] + - type: [string, number] + additionalItems: false + additionalProperties: false + + booleanOr: + type: object + properties: + or: + type: array + items: + - $ref: "#/definitions/booleanStatement" + - $ref: "#/definitions/booleanStatement" + additionalItems: false + additionalProperties: false + + booleanAnd: + type: object + properties: + and: + type: array + items: + - $ref: "#/definitions/booleanStatement" + - $ref: "#/definitions/booleanStatement" + additionalItems: false + additionalProperties: false + + booleanNot: + type: object + properties: + not: + type: array + items: + - $ref: "#/definitions/booleanStatement" + additionalItems: false + additionalProperties: false + + dependsOnCompartment: + allOf: + - $ref: "#/definitions/baseVariable" + - required: + - dependsOn + properties: + dependsOn: + type: object + required: + - compartmentId + properties: + compartmentId: + type: string + format: variablereference + additionalProperties: false + additionalProperties: true + + staticVariable: + oneOf: + - $ref: "#/definitions/arrayVariable" + - $ref: "#/definitions/booleanVariable" + - $ref: "#/definitions/enumVariable" + - $ref: "#/definitions/integerVariable" + - $ref: "#/definitions/numberVariable" + - $ref: "#/definitions/stringVariable" + - $ref: "#/definitions/multilineVariable" + - $ref: "#/definitions/fileVariable" + + - $ref: "#/definitions/passwordVariable" + - $ref: "#/definitions/datetimeVariable" + + dynamicVariable: + oneOf: + - $ref: "#/definitions/imageVariable" + - $ref: "#/definitions/instanceShapeVariable" + - $ref: "#/definitions/subnetVariable" + - $ref: "#/definitions/vcnVariable" + - $ref: "#/definitions/availabilityDomainVariable" + - $ref: "#/definitions/compartmentVariable" + - $ref: "#/definitions/faultDomainVariable" + - $ref: "#/definitions/regionVariable" + - $ref: "#/definitions/dbSystemVariable" + - $ref: "#/definitions/dbHomeVariable" + - $ref: "#/definitions/dbHomeVersionVariable" + - $ref: "#/definitions/databaseVariable" + - $ref: "#/definitions/autonomousDatabaseVariable" + - $ref: "#/definitions/autonomousDatabaseVersionVariable" + - $ref: "#/definitions/autonomousContainerDBVariable" + - $ref: "#/definitions/kmsVaultVariable" + - $ref: "#/definitions/containerClusterVariable" + - $ref: "#/definitions/volumeBackupPoliciesVariable" + - $ref: "#/definitions/loadBalancerVariable" + - $ref: "#/definitions/serviceGatewayVariable" + - $ref: "#/definitions/kubernetesVersionsVariable" + - $ref: "#/definitions/instanceVariable" + - $ref: "#/definitions/natGatewayVariable" + - $ref: "#/definitions/tagVariable" + - $ref: "#/definitions/nsgVariable" + - $ref: "#/definitions/mountTargetsVariable" + - $ref: "#/definitions/kmsKeyVariable" + - $ref: "#/definitions/kmsSecretVariable" + - $ref: "#/definitions/odsProjectVariable" + - $ref: "#/definitions/instanceShapeVariableWithFlex" + - $ref: "#/definitions/groupsVariable" + - $ref: "#/definitions/dynamicGroupsVariable" + - $ref: "#/definitions/logAnalyticsLogGroup" + - $ref: "#/definitions/logAnalyticsLogEntities" + - $ref: "#/definitions/logAnalyticsScheduledTasks" + - $ref: "#/definitions/logAnalyticsEntityTypes" + - $ref: "#/definitions/managementAgents" + - $ref: "#/definitions/logAnalyticsSources" + - $ref: "#/definitions/privateEndpointVariable" + - $ref: "#/definitions/apmDomainVariable" + + nonNegativeInteger: + type: integer + minimum: 0 + + nonNegativeIntegerDefault0: + allOf: + - $ref: "#/definitions/nonNegativeInteger" + - default: 0 + + arrayVariable: + allOf: + - $ref: "#/definitions/baseVariable" + - required: [type] + properties: + type: + enum: [array] + items: + $ref: "#/definitions/variable" + maxItems: + $ref: "#/definitions/nonNegativeInteger" + minItems: + $ref: "#/definitions/nonNegativeIntegerDefault0" + uniqueItems: + type: boolean + default: false + contains: + $ref: "#/definitions/variable" + additionalProperties: true + + booleanVariable: + allOf: + - $ref: "#/definitions/baseVariable" + - required: [type] + properties: + type: + enum: [boolean] + default: + $ref: "#/definitions/booleanStatement" + default: false + additionalProperties: true + + enumVariable: + allOf: + - $ref: "#/definitions/baseVariable" + - required: [type] + properties: + type: + enum: [enum] + enum: + type: array + items: + type: string + default: + $ref: "#/definitions/booleanStatement" + allowMultiple: + type: boolean + default: false + additionalProperties: true + + integerVariable: + allOf: + - $ref: "#/definitions/baseVariable" + - required: [type] + properties: + type: + enum: [integer] + default: + type: integer + multipleOf: + type: number + exclusiveMinimum: 0 + minimum: + type: number + maximum: + type: number + exclusiveMinimum: + type: number + exclusiveMaximum: + type: number + additionalProperties: true + + numberVariable: + allOf: + - $ref: "#/definitions/baseVariable" + - required: [type] + properties: + type: + enum: [number] + default: + type: number + multipleOf: + type: number + exclusiveMinimum: 0 + minimum: + type: number + maximum: + type: number + exclusiveMinimum: + type: number + exclusiveMaximum: + type: number + additionalProperties: true + + stringVariable: + allOf: + - $ref: "#/definitions/baseVariable" + - required: [type] + properties: + type: + enum: [string] + default: + $ref: "#/definitions/booleanStatement" + pattern: + type: string + maxLength: + $ref: "#/definitions/nonNegativeInteger" + minLength: + $ref: "#/definitions/nonNegativeIntegerDefault0" + additionalProperties: true + + multilineVariable: + allOf: + - $ref: "#/definitions/baseVariable" + - required: [type] + properties: + type: + enum: [text] + default: + $ref: "#/definitions/booleanStatement" + pattern: + type: string + multiline: + type: boolean + maxLength: + $ref: "#/definitions/nonNegativeInteger" + minLength: + $ref: "#/definitions/nonNegativeIntegerDefault0" + additionalProperties: true + + fileVariable: + allOf: + - $ref: "#/definitions/baseVariable" + - required: [type] + properties: + type: + enum: [file] + additionalProperties: true + + passwordVariable: + allOf: + - $ref: "#/definitions/baseVariable" + - required: [type] + properties: + type: + enum: [password] + default: + $ref: "#/definitions/booleanStatement" + confirmation: + $ref: "#/definitions/booleanStatement" + additionalProperties: true + + datetimeVariable: + allOf: + - $ref: "#/definitions/baseVariable" + - required: [type] + properties: + type: + enum: [datetime] + default: + $ref: "#/definitions/booleanStatement" + additionalProperties: true + + imageVariable: + allOf: + - $ref: "#/definitions/baseVariable" + - required: + - type + - dependsOn + properties: + type: + enum: [oci:core:image:id] + pattern: + type: string + dependsOn: + type: object + required: + - compartmentId + properties: + compartmentId: + type: string + format: variablereference + shape: + type: string + format: variablereference + operatingSystem: + type: string + format: variablereference + operatingSystemVersion: + type: string + format: variablereference + additionalProperties: false + additionalProperties: true + + instanceShapeVariableWithFlex: + allOf: + - $ref: "#/definitions/baseVariable" + - required: + - type + - dependsOn + properties: + type: + enum: [oci:core:instanceshapewithflex:name] + pattern: + type: string + dependsOn: + type: object + required: + - compartmentId + properties: + imageId: + type: string + format: variablereference + compartmentId: + type: string + format: variablereference + availabilityDomain: + type: string + format: variablereference + additionalProperties: false + additionalProperties: true + + instanceShapeVariable: + allOf: + - $ref: "#/definitions/baseVariable" + - required: + - type + - dependsOn + properties: + type: + enum: [oci:core:instanceshape:name] + pattern: + type: string + dependsOn: + type: object + required: + - compartmentId + properties: + imageId: + type: string + format: variablereference + compartmentId: + type: string + format: variablereference + availabilityDomain: + type: string + format: variablereference + additionalProperties: false + additionalProperties: true + + natGatewayVariable: + allOf: + - $ref: "#/definitions/baseVariable" + - required: + - type + - dependsOn + properties: + type: + enum: [oci:core:natgateway:id] + dependsOn: + type: object + required: + - compartmentId + properties: + vcnId: + type: string + format: variablereference + compartmentId: + type: string + format: variablereference + additionalProperties: false + additionalProperties: true + + instanceVariable: + allOf: + - $ref: "#/definitions/baseVariable" + - required: + - type + - dependsOn + properties: + type: + enum: [oci:core:instance:id] + dependsOn: + type: object + required: + - compartmentId + properties: + compartmentId: + type: string + format: variablereference + additionalProperties: false + additionalProperties: true + + subnetVariable: + allOf: + - $ref: "#/definitions/baseVariable" + - required: + - type + - dependsOn + properties: + type: + enum: [oci:core:subnet:id] + dependsOn: + type: object + required: + - vcnId + - compartmentId + properties: + vcnId: + type: string + format: variablereference + compartmentId: + type: string + format: variablereference + hidePublicSubnet: + $ref: "#/definitions/booleanStatement" + hidePrivateSubnet: + $ref: "#/definitions/booleanStatement" + hideRegionalSubnet: + $ref: "#/definitions/booleanStatement" + hideAdSubnet: + $ref: "#/definitions/booleanStatement" + additionalProperties: false + additionalProperties: true + + serviceGatewayVariable: + allOf: + - $ref: "#/definitions/baseVariable" + - required: + - type + - dependsOn + properties: + type: + enum: [oci:core:servicegateway:id] + dependsOn: + type: object + required: + - compartmentId + properties: + vcnId: + type: string + format: variablereference + compartmentId: + type: string + format: variablereference + additionalProperties: false + additionalProperties: true + + logAnalyticsLogGroup: + allOf: + - $ref: "#/definitions/baseVariable" + - required: + - type + - dependsOn + properties: + type: + enum: [oci:logan:loggroup:id] + dependsOn: + type: object + required: + - compartmentId + properties: + compartmentId: + type: string + format: variablereference + additionalProperties: false + additionalProperties: true + + logAnalyticsScheduledTasks: + allOf: + - $ref: "#/definitions/baseVariable" + - required: + - type + - dependsOn + properties: + type: + enum: [oci:logan:scheduledtask:id] + dependsOn: + type: object + required: + - compartmentId + - taskType + properties: + compartmentId: + type: string + format: variablereference + taskType: + type: string + additionalProperties: false + additionalProperties: true + + logAnalyticsLogEntities: + allOf: + - $ref: "#/definitions/baseVariable" + - required: + - type + - dependsOn + properties: + type: + enum: [oci:logan:logentity:id] + dependsOn: + type: object + required: + - compartmentId + properties: + compartmentId: + type: string + format: variablereference + additionalProperties: false + additionalProperties: true + + logAnalyticsEntityTypes: + allOf: + - $ref: "#/definitions/baseVariable" + - required: + - type + properties: + type: + enum: [oci:logan:entitytype:id] + additionalProperties: true + + managementAgents: + allOf: + - $ref: "#/definitions/baseVariable" + - required: + - type + - dependsOn + properties: + type: + enum: [oci:mgmt:agent:id] + dependsOn: + type: object + required: + - compartmentId + properties: + compartmentId: + type: string + format: variablereference + additionalProperties: false + additionalProperties: true + + logAnalyticsSources: + allOf: + - $ref: "#/definitions/baseVariable" + - required: + - type + - dependsOn + properties: + type: + enum: [oci:logan:source:id] + dependsOn: + type: object + required: + - compartmentId + properties: + compartmentId: + type: string + format: variablereference + additionalProperties: false + additionalProperties: true + + nsgVariable: + allOf: + - $ref: "#/definitions/baseVariable" + - required: + - type + - dependsOn + properties: + type: + enum: [oci:core:nsg:id] + dependsOn: + type: object + required: + - compartmentId + properties: + vcnId: + type: string + format: variablereference + compartmentId: + type: string + format: variablereference + additionalProperties: false + additionalProperties: true + + vcnVariable: + allOf: + - $ref: "#/definitions/dependsOnCompartment" + - required: [type] + properties: + type: + enum: [oci:core:vcn:id] + additionalProperties: true + + availabilityDomainVariable: + allOf: + - $ref: "#/definitions/dependsOnCompartment" + - required: [type] + properties: + type: + enum: [oci:identity:availabilitydomain:name] + additionalProperties: true + + compartmentVariable: + allOf: + - $ref: "#/definitions/baseVariable" + - required: [type] + properties: + type: + enum: [oci:identity:compartment:id] + default: + $ref: "#/definitions/booleanStatement" + additionalProperties: true + + faultDomainVariable: + allOf: + - $ref: "#/definitions/baseVariable" + - required: + - type + - dependsOn + properties: + type: + enum: [oci:identity:faultdomain:name] + dependsOn: + type: object + required: + - compartmentId + - availabilityDomainName + properties: + compartmentId: + type: string + format: variablereference + availabilityDomainName: + type: string + format: variablereference + additionalProperties: false + additionalProperties: true + + regionVariable: + allOf: + - $ref: "#/definitions/baseVariable" + - required: [type] + properties: + type: + enum: [oci:identity:region:name] + default: + $ref: "#/definitions/booleanStatement" + default: ${session.region} + additionalProperties: true + + dbSystemVariable: + allOf: + - $ref: "#/definitions/dependsOnCompartment" + - required: [type] + properties: + type: + enum: [oci:database:dbsystem:id] + additionalProperties: true + + dbHomeVariable: + allOf: + - $ref: "#/definitions/baseVariable" + - required: + - type + - dependsOn + properties: + type: + enum: [oci:database:dbhome:id] + dependsOn: + type: object + required: + - dbSystemId + - compartmentId + properties: + dbSystemId: + type: string + format: variablereference + compartmentId: + type: string + format: variablereference + additionalProperties: false + additionalProperties: true + + dbHomeVersionVariable: + allOf: + - $ref: "#/definitions/baseVariable" + - required: + - type + - dependsOn + properties: + type: + enum: [oci:database:dbhome:dbversion] + dependsOn: + type: object + required: + - dbHomeId + properties: + dbHomeId: + type: string + format: variablereference + additionalProperties: false + additionalProperties: true + + databaseVariable: + allOf: + - $ref: "#/definitions/baseVariable" + - required: + - type + - dependsOn + properties: + type: + enum: [oci:database:database:id] + dependsOn: + type: object + required: + - dbHomeId + - compartmentId + properties: + dbHomeId: + type: string + format: variablereference + compartmentId: + type: string + format: variablereference + additionalProperties: false + additionalProperties: true + + autonomousDatabaseVariable: + allOf: + - $ref: "#/definitions/baseVariable" + - required: + - type + - dependsOn + properties: + type: + enum: [oci:database:autonomousdatabase:id] + dependsOn: + type: object + required: + - compartmentId + properties: + compartmentId: + type: string + format: variablereference + dbWorkload: + type: string + format: variablereference + additionalProperties: false + additionalProperties: true + + autonomousDatabaseVersionVariable: + allOf: + - $ref: "#/definitions/baseVariable" + - required: + - type + - dependsOn + properties: + type: + enum: [oci:database:autonomousdatabaseversion:id] + dependsOn: + type: object + properties: + compartmentId: + type: string + format: variablereference + dbWorkload: + type: string + format: variablereference + additionalProperties: false + additionalProperties: true + + autonomousContainerDBVariable: + allOf: + - $ref: "#/definitions/dependsOnCompartment" + - required: [type] + properties: + type: + enum: [oci:database:autonomouscontainerdatabase:id] + additionalProperties: true + + kmsVaultVariable: + allOf: + - $ref: "#/definitions/dependsOnCompartment" + - required: [type] + properties: + type: + enum: [oci:kms:vault:id] + additionalProperties: true + + kmsKeyVariable: + allOf: + - $ref: "#/definitions/baseVariable" + - required: + - type + - dependsOn + properties: + type: + enum: [oci:kms:key:id] + dependsOn: + type: object + required: + - compartmentId + - vaultId + properties: + compartmentId: + type: string + format: variablereference + vaultId: + type: string + format: variablereference + protectionMode: + type: string + format: variablereference + algorithm: + type: string + format: variablereference + length: + type: number + format: variablereference + curveId: + type: string + format: variablereference + additionalProperties: false + additionalProperties: true + + kmsSecretVariable: + allOf: + - $ref: "#/definitions/baseVariable" + - required: + - type + - dependsOn + properties: + type: + enum: [oci:kms:secret:id] + dependsOn: + type: object + required: + - compartmentId + properties: + compartmentId: + type: string + format: variablereference + vaultId: + type: string + format: variablereference + name: + type: string + format: variablereference + additionalProperties: false + additionalProperties: true + + containerClusterVariable: + allOf: + - $ref: "#/definitions/dependsOnCompartment" + - required: [type] + properties: + type: + enum: [oci:container:cluster:id] + additionalProperties: true + + sshPublicKeyVariable: + allOf: + - $ref: "#/definitions/baseVariable" + - required: [type] + properties: + type: + enum: [oci:core:ssh:publickey] + additionalProperties: true + + kubernetesVersionsVariable: + allOf: + - $ref: "#/definitions/baseVariable" + - required: + - type + - dependsOn + properties: + type: + enum: [oci:kubernetes:versions:id] + dependsOn: + type: object + required: + - clusterOptionId + - compartmentId + properties: + clusterOptionId: + type: string + format: variablereference + compartmentId: + type: string + format: variablereference + additionalProperties: false + additionalProperties: true + + volumeBackupPoliciesVariable: + allOf: + - $ref: "#/definitions/baseVariable" + - required: [type] + properties: + type: + enum: [oci:blockstorage:policies:id] + dependsOn: + type: object + properties: + compartmentId: + type: string + format: variablereference + additionalProperties: false + additionalProperties: true + + groupsVariable: + allOf: + - $ref: "#/definitions/dependsOnCompartment" + - required: [type] + properties: + type: + enum: [oci:identity:groups:id] + additionalProperties: true + + dynamicGroupsVariable: + allOf: + - $ref: "#/definitions/dependsOnCompartment" + - required: [type] + properties: + type: + enum: [oci:identity:dynamicgroups:id] + additionalProperties: true + + loadBalancerVariable: + allOf: + - $ref: "#/definitions/dependsOnCompartment" + - required: [type] + properties: + type: + enum: [oci:loadbalancer:loadbalancer:id] + pattern: + type: string + additionalProperties: true + + mountTargetsVariable: + allOf: + - $ref: "#/definitions/baseVariable" + - required: + - type + - dependsOn + properties: + type: + enum: [oci:mount:target:id] + dependsOn: + type: object + required: + - compartmentId + - availabilityDomain + properties: + availabilityDomain: + type: string + format: variablereference + compartmentId: + type: string + format: variablereference + additionalProperties: false + additionalProperties: true + + tagVariable: + allOf: + - $ref: "#/definitions/dependsOnCompartment" + - required: [type] + properties: + type: + enum: [oci:identity:tag:value] + additionalProperties: true + + odsProjectVariable: + allOf: + - $ref: "#/definitions/dependsOnCompartment" + - required: [type] + properties: + type: + enum: [oci:ods:project:id] + additionalProperties: true + + privateEndpointVariable: + allOf: + - $ref: "#/definitions/baseVariable" + - required: [type] + properties: + type: + enum: [oci:resourcemanager:privateendpoint:id] + dependsOn: + type: object + required: + - compartmentId + - vcnId + properties: + compartmentId: + type: string + format: variablereference + vcnId: + type: string + format: variablereference + additionalProperties: false + additionalProperties: true + + apmDomainVariable: + allOf: + - $ref: "#/definitions/dependsOnCompartment" + - required: [type] + properties: + type: + enum: [oci:apm:domain:id] + additionalProperties: true + + outputs: + type: object + additionalProperties: + $ref: "#/definitions/output" + + output: + oneOf: + - $ref: "#/definitions/booleanOutput" + - $ref: "#/definitions/numberOutput" + - $ref: "#/definitions/stringOutput" + - $ref: "#/definitions/copyableStringOutput" + - $ref: "#/definitions/linkOutput" + - $ref: "#/definitions/ocidOutput" + - $ref: "#/definitions/mapOutput" + - $ref: "#/definitions/jsonOutput" + - $ref: "#/definitions/listOutput" + - $ref: "#/definitions/csvOutput" + + outputGroups: + type: array + items: + $ref: "#/definitions/outputGroup" + + outputGroup: + type: object + required: + - title + - outputs + properties: + title: + type: string + outputs: + type: array + items: + type: string + additionalProperties: true + + baseOutput: + type: object + properties: + title: + type: string + description: + type: string + sensitive: + type: boolean + default: false + format: + type: string + visible: + type: boolean + default: true + additionalProperties: true + + booleanOutput: + allOf: + - $ref: "#/definitions/baseOutput" + - required: [type] + properties: + type: + enum: [boolean] + value: + type: boolean + additionalProperties: true + + numberOutput: + allOf: + - $ref: "#/definitions/baseOutput" + - required: [type] + properties: + type: + enum: [number] + value: + type: number + additionalProperties: true + + stringOutput: + allOf: + - $ref: "#/definitions/baseOutput" + - required: [type] + properties: + type: + enum: [string] + value: + type: string + additionalProperties: true + + copyableStringOutput: + allOf: + - $ref: "#/definitions/baseOutput" + - required: [type] + properties: + type: + enum: [copyableString] + value: + type: string + additionalProperties: true + + mapOutput: + allOf: + - $ref: "#/definitions/baseOutput" + - required: [type] + properties: + type: + enum: [map] + value: + type: object + additionalProperties: true + + jsonOutput: + allOf: + - $ref: "#/definitions/baseOutput" + - required: [type] + properties: + type: + enum: [json] + value: + type: object + additionalProperties: true + + listOutput: + allOf: + - $ref: "#/definitions/baseOutput" + - required: [type] + properties: + type: + enum: [list] + value: + type: array + additionalProperties: true + + csvOutput: + allOf: + - $ref: "#/definitions/baseOutput" + - required: [type] + properties: + type: + enum: [csv] + value: + type: array + additionalProperties: true + + linkOutput: + allOf: + - $ref: "#/definitions/baseOutput" + - required: [type] + properties: + type: + enum: [link] + displayText: + type: string + minLength: 3 + maxLength: 45 + value: + $ref: "#/definitions/url" + additionalProperties: true + + ocidOutput: + allOf: + - $ref: "#/definitions/baseOutput" + - required: [type] + properties: + type: + enum: [ocid] + value: + $ref: "#/definitions/ocid" + additionalProperties: true \ No newline at end of file diff --git a/terraform/oke/schema.yaml b/terraform/oke/schema.yaml index 3c6c924b..ad1198f5 100644 --- a/terraform/oke/schema.yaml +++ b/terraform/oke/schema.yaml @@ -1,5 +1,6 @@ # Copyright (c) 2023, Oracle and/or its affiliates. # Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl. +# yaml-language-server: $schema=./meta-schema.yaml title: OCI Kubernetes Monitoring Solution description: OCI Kubernetes Monitoring Solution is a turn-key Kubernetes monitoring and management package based on OCI Logging Analytics cloud service, OCI Monitoring, OCI Management Agent. @@ -17,7 +18,7 @@ source: locale: "en" variableGroups: - - title: "configuration inputs" + - title: "hidden inputs" variables: - tenancy_ocid - region @@ -37,6 +38,11 @@ variableGroups: - livelab_switch visible: false + - title: "configuration inputs" + variables: + - stack_deployment_option + visible: true + - title: "Select an OKE Cluster deployed in this region to start monitoring" description: "Use CLI (Helm) if your cluster does not have public API Endpoint or restricted from accessing container-registry.oracle.com. See: https://github.com/oracle-quickstart/oci-kubernetes-monitoring" variables: @@ -67,18 +73,18 @@ variableGroups: - enable_helm_module variables: - #### ## Deployment Options #### - - # Option to install helm chart - # enable_helm_module: - # type: boolean - # title: Deploy Kubernetes Monitoring Solution - # description: "Ref: https://github.com/oracle-quickstart/oci-kubernetes-monitoring" - # default: true - # required: true + stack_deployment_option: + title: "Deployment Options" + description: "Choose to deploy with/without helm" + type: enum + enum: + - "With Helm" + - "Without Helm" + default: "With Helm" + required: true #### ## OKE Cluster Information From d638ac2e96aed86f2e57643befeca614d1f25648 Mon Sep 17 00:00:00 2001 From: paliwalparitosh Date: Wed, 16 Aug 2023 14:42:46 +0530 Subject: [PATCH 02/45] moves mgmt_agent module inside helm module --- terraform/modules/helm/helm.tf | 12 +++++++++++- terraform/modules/helm/inputs.tf | 3 ++- terraform/modules/iam/inputs.tf | 3 +-- terraform/modules/mgmt_agent/inputs.tf | 2 +- terraform/oke/main.tf | 19 +++++-------------- terraform/oke/terraform-sample.tfvars | 6 +++--- 6 files changed, 23 insertions(+), 22 deletions(-) diff --git a/terraform/modules/helm/helm.tf b/terraform/modules/helm/helm.tf index 9d63d28e..d93e65b4 100644 --- a/terraform/modules/helm/helm.tf +++ b/terraform/modules/helm/helm.tf @@ -9,6 +9,8 @@ locals { oke_clusters_list = data.oci_containerengine_clusters.oke_clusters_list.clusters oke_cluster_name = [for c in local.oke_clusters_list : c.name if c.id == var.oke_cluster_ocid][0] + mgmt_agent_install_key_content = module.management_agent.mgmt_agent_install_key_content + helm_inputs = { # global "global.namespace" = var.deploy_mushop_config ? "livelab-test" : var.kubernetes_namespace @@ -22,7 +24,7 @@ locals { "oci-onm-logan.fluentd.baseDir" = var.fluentd_baseDir_path #oci-onm-mgmt-agent - "oci-onm-mgmt-agent.mgmtagent.installKeyFileContent" = var.mgmt_agent_install_key_content + "oci-onm-mgmt-agent.mgmtagent.installKeyFileContent" = local.mgmt_agent_install_key_content "oci-onm-mgmt-agent.mgmtagent.image.url" = var.mgmt_agent_container_image_url "oci-onm-mgmt-agent.deployMetricServer" = var.opt_deploy_metric_server } @@ -32,9 +34,16 @@ locals { "createServiceAccount" = false "serviceAccount" = var.livelab_service_account } +} +# Create a management agent +module "management_agent" { + source = "../mgmt_agent" + uniquifier = md5(var.oke_cluster_ocid) + compartment_ocid = var.mgmt_agent_compartment_ocid } +# Create helm release resource "helm_release" "oci-kubernetes-monitoring" { name = "oci-kubernetes-monitoring" chart = var.helm_abs_path @@ -63,6 +72,7 @@ resource "helm_release" "oci-kubernetes-monitoring" { count = var.generate_helm_template ? 0 : 1 } +# Create helm template data "helm_template" "oci-kubernetes-monitoring" { name = "oci-kubernetes-monitoring" chart = var.helm_abs_path diff --git a/terraform/modules/helm/inputs.tf b/terraform/modules/helm/inputs.tf index 828a960f..186d084a 100644 --- a/terraform/modules/helm/inputs.tf +++ b/terraform/modules/helm/inputs.tf @@ -73,7 +73,8 @@ variable "fluentd_baseDir_path" { ## Management Agent Configuration #### -variable "mgmt_agent_install_key_content" { +# OCID of compartment where management agent installation key is to be created +variable "mgmt_agent_compartment_ocid" { type = string } diff --git a/terraform/modules/iam/inputs.tf b/terraform/modules/iam/inputs.tf index 084439ac..900269a9 100644 --- a/terraform/modules/iam/inputs.tf +++ b/terraform/modules/iam/inputs.tf @@ -19,5 +19,4 @@ variable "oke_compartment_ocid" { # OKE Cluster OCID variable "oke_cluster_ocid" { type = string -} - +} \ No newline at end of file diff --git a/terraform/modules/mgmt_agent/inputs.tf b/terraform/modules/mgmt_agent/inputs.tf index 9b94fdcb..4f389324 100644 --- a/terraform/modules/mgmt_agent/inputs.tf +++ b/terraform/modules/mgmt_agent/inputs.tf @@ -3,7 +3,7 @@ # A unique key to be associated with a single OKE cluster variable "uniquifier" { - type = string + type = string } # OCID of compartment where management agent installation key is to be created diff --git a/terraform/oke/main.tf b/terraform/oke/main.tf index 6e845a99..6c1c38df 100644 --- a/terraform/oke/main.tf +++ b/terraform/oke/main.tf @@ -34,15 +34,6 @@ module "policy_and_dynamic-group" { } } -module "management_agent" { - source = "./modules/mgmt_agent" - uniquifier = md5(var.oke_cluster_ocid) - compartment_ocid = var.oci_onm_compartment_ocid - - # this module is only required in case of helm deployment - count = var.enable_helm_module ? 1 : 0 -} - // Create Logging Analytics Resorces module "loggingAnalytics" { source = "./modules/logan" @@ -53,15 +44,15 @@ module "loggingAnalytics" { existing_logGroup_id = var.oci_la_logGroup_id } - // deploy oke-monitoring solution (helm release) module "helm_release" { source = "./modules/helm" helm_abs_path = abspath("./charts/oci-onm") generate_helm_template = var.generate_helm_template - oke_compartment_ocid = var.oke_compartment_ocid - oke_cluster_ocid = var.oke_cluster_ocid + oke_compartment_ocid = var.oke_compartment_ocid + oke_cluster_ocid = var.oke_cluster_ocid + logan_container_image_url = var.logan_container_image_url kubernetes_namespace = var.kubernetes_namespace @@ -69,9 +60,9 @@ module "helm_release" { oci_la_namespace = module.loggingAnalytics.oci_la_namespace fluentd_baseDir_path = local.fluentd_baseDir_path - mgmt_agent_install_key_content = module.management_agent[0].mgmt_agent_install_key_content + mgmt_agent_compartment_ocid = var.oci_onm_compartment_ocid mgmt_agent_container_image_url = var.mgmt_agent_container_image_url - opt_deploy_metric_server = var.livelab_switch ? true : var.opt_deploy_metric_server + opt_deploy_metric_server = var.livelab_switch ? true : var.opt_deploy_metric_server deploy_mushop_config = var.livelab_switch livelab_service_account = local.livelab_service_account diff --git a/terraform/oke/terraform-sample.tfvars b/terraform/oke/terraform-sample.tfvars index ea195b37..10bcd654 100644 --- a/terraform/oke/terraform-sample.tfvars +++ b/terraform/oke/terraform-sample.tfvars @@ -65,8 +65,8 @@ fluentd_baseDir_path = "/var/log" ## Optional Switches #### -enable_dashboard_module = false -enable_helm_module = false -generate_helm_template = false +enable_dashboard_module = false +enable_helm_module = false +generate_helm_template = false From cfba9d6b69fa9676501ba15bd12cdba86a2849f7 Mon Sep 17 00:00:00 2001 From: paliwalparitosh Date: Wed, 16 Aug 2023 15:21:12 +0530 Subject: [PATCH 03/45] adds helm deployment options --- terraform/oke/inputs.tf | 12 ++++++++++++ terraform/oke/main.tf | 7 ++++++- terraform/oke/schema.yaml | 28 +++++++++------------------- 3 files changed, 27 insertions(+), 20 deletions(-) diff --git a/terraform/oke/inputs.tf b/terraform/oke/inputs.tf index a2c8b1bc..94945855 100644 --- a/terraform/oke/inputs.tf +++ b/terraform/oke/inputs.tf @@ -66,9 +66,21 @@ variable "boat_tenancy_ocid" { default = "" } +#### +## Stack Deployment Options +#### +variable "stack_deployment_option" { + type = string + default = "Full: Create OCI Resources + Deploy solution in k8 cluster." +} + #### ## Dynamic Group and Policies #### +variable "opt_create_dynamicGroup_and_policies" { + type = bool + default = false +} # Option to create Dynamic Group and Policies variable "opt_create_dynamicGroup_and_policies" { diff --git a/terraform/oke/main.tf b/terraform/oke/main.tf index 6c1c38df..473f56d4 100644 --- a/terraform/oke/main.tf +++ b/terraform/oke/main.tf @@ -8,6 +8,11 @@ locals { ## Helm release fluentd_baseDir_path = var.livelab_switch ? "/var/log/${local.oci_username}" : var.fluentd_baseDir_path + + ## Deployment options + deployment_options = { + enable_helm_module = var.enable_helm_module && length(regexall("^Full:", var.stack_deployment_option)) > 0 + } } // Import Kubernetes Dashboards @@ -67,5 +72,5 @@ module "helm_release" { deploy_mushop_config = var.livelab_switch livelab_service_account = local.livelab_service_account - count = var.enable_helm_module ? 1 : 0 + count = local.deployment_options.enable_helm_module ? 1 : 0 } diff --git a/terraform/oke/schema.yaml b/terraform/oke/schema.yaml index ad1198f5..0024d78a 100644 --- a/terraform/oke/schema.yaml +++ b/terraform/oke/schema.yaml @@ -38,19 +38,16 @@ variableGroups: - livelab_switch visible: false - - title: "configuration inputs" - variables: - - stack_deployment_option - visible: true - - title: "Select an OKE Cluster deployed in this region to start monitoring" description: "Use CLI (Helm) if your cluster does not have public API Endpoint or restricted from accessing container-registry.oracle.com. See: https://github.com/oracle-quickstart/oci-kubernetes-monitoring" variables: - oke_compartment_ocid - oke_cluster_ocid - visible: - and: - - enable_helm_module + + - title: "configuration inputs" + variables: + - stack_deployment_option + visible: true - title: "OCI Observability & Management Services Configuration" description: "See: https://github.com/oracle-quickstart/oci-kubernetes-monitoring for list of resources created" @@ -61,16 +58,10 @@ variableGroups: - oci_la_logGroup_id - oci_la_logGroup_name - fluentd_baseDir_path - visible: - and: - - enable_helm_module - title: "OCI IAM Policies and Dynaimic Groups (Optional)" variables: - opt_create_dynamicGroup_and_policies - visible: - and: - - enable_helm_module variables: #### @@ -80,10 +71,10 @@ variables: title: "Deployment Options" description: "Choose to deploy with/without helm" type: enum - enum: - - "With Helm" - - "Without Helm" - default: "With Helm" + enum: # Dev Note - change in following strings requires as change in oke/inputs.tf + - "Full: Create OCI Resources + Deploy solution in k8 cluster." + - "Only create OCI resources required to deploy helm. Does NOT deploy helm." + default: "Full: Create OCI Resources + Deploy solution in k8 cluster." required: true #### @@ -147,7 +138,6 @@ variables: default: false visible: and: - - enable_helm_module - not: - livelab_switch From 65504ac055c3e235b973236b11bf98a1ac5c7a3a Mon Sep 17 00:00:00 2001 From: paliwalparitosh Date: Wed, 16 Aug 2023 16:49:04 +0530 Subject: [PATCH 04/45] converts the helm deloyment option to boolean --- terraform/oke/inputs.tf | 6 ++-- terraform/oke/main.tf | 2 +- terraform/oke/schema.yaml | 63 +++++++++++++++++++-------------------- 3 files changed, 34 insertions(+), 37 deletions(-) diff --git a/terraform/oke/inputs.tf b/terraform/oke/inputs.tf index 94945855..baea8b63 100644 --- a/terraform/oke/inputs.tf +++ b/terraform/oke/inputs.tf @@ -69,9 +69,9 @@ variable "boat_tenancy_ocid" { #### ## Stack Deployment Options #### -variable "stack_deployment_option" { - type = string - default = "Full: Create OCI Resources + Deploy solution in k8 cluster." +variable "opt_deploy_helm" { + type = boolean + default = true } #### diff --git a/terraform/oke/main.tf b/terraform/oke/main.tf index 473f56d4..3c22a90d 100644 --- a/terraform/oke/main.tf +++ b/terraform/oke/main.tf @@ -11,7 +11,7 @@ locals { ## Deployment options deployment_options = { - enable_helm_module = var.enable_helm_module && length(regexall("^Full:", var.stack_deployment_option)) > 0 + enable_helm_module = var.enable_helm_module && var.opt_deploy_helm } } diff --git a/terraform/oke/schema.yaml b/terraform/oke/schema.yaml index 0024d78a..52bb580d 100644 --- a/terraform/oke/schema.yaml +++ b/terraform/oke/schema.yaml @@ -44,20 +44,19 @@ variableGroups: - oke_compartment_ocid - oke_cluster_ocid - - title: "configuration inputs" - variables: - - stack_deployment_option - visible: true - - title: "OCI Observability & Management Services Configuration" description: "See: https://github.com/oracle-quickstart/oci-kubernetes-monitoring for list of resources created" variables: - - opt_deploy_metric_server - oci_onm_compartment_ocid - opt_create_new_la_logGroup - oci_la_logGroup_id - oci_la_logGroup_name - - fluentd_baseDir_path + + - title: "Kubernetes Deployment Configuration" + variables: + - opt_deploy_helm + - opt_deploy_metric_server + - fluentd_baseDir_path - title: "OCI IAM Policies and Dynaimic Groups (Optional)" variables: @@ -65,18 +64,27 @@ variableGroups: variables: #### - ## Deployment Options + ## Kubernetes Deployment Options #### - stack_deployment_option: - title: "Deployment Options" - description: "Choose to deploy with/without helm" - type: enum - enum: # Dev Note - change in following strings requires as change in oke/inputs.tf - - "Full: Create OCI Resources + Deploy solution in k8 cluster." - - "Only create OCI resources required to deploy helm. Does NOT deploy helm." - default: "Full: Create OCI Resources + Deploy solution in k8 cluster." + opt_deploy_helm: + title: "Enable helm release. Creates all resource (OCI + Kubernetes)." + description: "Un-check to create only OCI resources. Will not deploy helm release." + type: boolean + default: true required: true + # Option to enable/disable metric server installation during helm deployment + opt_deploy_metric_server: + type: boolean + title: Enable Metric Server Installation + description: Uncheck this if Metric Server is already installed in your cluster. + default: true + visible: + and: + - opt_deploy_helm + - not: + - livelab_switch + #### ## OKE Cluster Information #### @@ -111,18 +119,6 @@ variables: ## OCI Observability & Management Services Configuration #### - # Option to enable/disable metric server installation during helm deployment - opt_deploy_metric_server: - type: boolean - title: Enable Metric Server Installation - description: Uncheck this if Metric Server is already installed in your cluster. - default: true - visible: - and: - - enable_helm_module - - not: - - livelab_switch - # Compartment for creating OCI Observability and Management resources oci_onm_compartment_ocid: type: oci:identity:compartment:id @@ -137,9 +133,8 @@ variables: title: Check if you want to create a new Log Group default: false visible: - and: - - not: - - livelab_switch + not: + - livelab_switch # OCI Logging Analytics LogGroup OCID of existing LogGroup oci_la_logGroup_id: @@ -147,7 +142,7 @@ variables: dependsOn: compartmentId: ${oci_onm_compartment_ocid} title: OCI Logging Analytics Log Group - description: Log Groups are logical containers for log data, and provide access control for your data using IAM Policies + description: Log Groups are logical containers for log data, and provide access control for your data using IAM Policies. required: true visible: not: @@ -177,7 +172,9 @@ variables: required: true pattern: '^/[\w- /]*$' visible: - not: + and: + - opt_deploy_helm + - not: - livelab_switch #### From 23935a97f593be35175cec44fc77a2bb7af91bb1 Mon Sep 17 00:00:00 2001 From: paliwalparitosh Date: Wed, 16 Aug 2023 17:16:21 +0530 Subject: [PATCH 05/45] change mgmt_agent module parent from helm to oke module --- terraform/modules/helm/helm.tf | 11 +---------- terraform/modules/helm/inputs.tf | 3 +-- terraform/oke/main.tf | 9 ++++++++- terraform/oke/schema.yaml | 7 +++---- 4 files changed, 13 insertions(+), 17 deletions(-) diff --git a/terraform/modules/helm/helm.tf b/terraform/modules/helm/helm.tf index d93e65b4..22473b5c 100644 --- a/terraform/modules/helm/helm.tf +++ b/terraform/modules/helm/helm.tf @@ -9,8 +9,6 @@ locals { oke_clusters_list = data.oci_containerengine_clusters.oke_clusters_list.clusters oke_cluster_name = [for c in local.oke_clusters_list : c.name if c.id == var.oke_cluster_ocid][0] - mgmt_agent_install_key_content = module.management_agent.mgmt_agent_install_key_content - helm_inputs = { # global "global.namespace" = var.deploy_mushop_config ? "livelab-test" : var.kubernetes_namespace @@ -24,7 +22,7 @@ locals { "oci-onm-logan.fluentd.baseDir" = var.fluentd_baseDir_path #oci-onm-mgmt-agent - "oci-onm-mgmt-agent.mgmtagent.installKeyFileContent" = local.mgmt_agent_install_key_content + "oci-onm-mgmt-agent.mgmtagent.installKeyFileContent" = var.mgmt_agent_install_key_content "oci-onm-mgmt-agent.mgmtagent.image.url" = var.mgmt_agent_container_image_url "oci-onm-mgmt-agent.deployMetricServer" = var.opt_deploy_metric_server } @@ -36,13 +34,6 @@ locals { } } -# Create a management agent -module "management_agent" { - source = "../mgmt_agent" - uniquifier = md5(var.oke_cluster_ocid) - compartment_ocid = var.mgmt_agent_compartment_ocid -} - # Create helm release resource "helm_release" "oci-kubernetes-monitoring" { name = "oci-kubernetes-monitoring" diff --git a/terraform/modules/helm/inputs.tf b/terraform/modules/helm/inputs.tf index 186d084a..828a960f 100644 --- a/terraform/modules/helm/inputs.tf +++ b/terraform/modules/helm/inputs.tf @@ -73,8 +73,7 @@ variable "fluentd_baseDir_path" { ## Management Agent Configuration #### -# OCID of compartment where management agent installation key is to be created -variable "mgmt_agent_compartment_ocid" { +variable "mgmt_agent_install_key_content" { type = string } diff --git a/terraform/oke/main.tf b/terraform/oke/main.tf index 3c22a90d..7b680f67 100644 --- a/terraform/oke/main.tf +++ b/terraform/oke/main.tf @@ -49,6 +49,13 @@ module "loggingAnalytics" { existing_logGroup_id = var.oci_la_logGroup_id } +# Create a management agent key +module "management_agent" { + source = "./modules/mgmt_agent" + uniquifier = md5(var.oke_cluster_ocid) + compartment_ocid = var.oci_onm_compartment_ocid +} + // deploy oke-monitoring solution (helm release) module "helm_release" { source = "./modules/helm" @@ -65,7 +72,7 @@ module "helm_release" { oci_la_namespace = module.loggingAnalytics.oci_la_namespace fluentd_baseDir_path = local.fluentd_baseDir_path - mgmt_agent_compartment_ocid = var.oci_onm_compartment_ocid + mgmt_agent_install_key_content = module.management_agent.mgmt_agent_install_key_content mgmt_agent_container_image_url = var.mgmt_agent_container_image_url opt_deploy_metric_server = var.livelab_switch ? true : var.opt_deploy_metric_server diff --git a/terraform/oke/schema.yaml b/terraform/oke/schema.yaml index 52bb580d..2c2d0d25 100644 --- a/terraform/oke/schema.yaml +++ b/terraform/oke/schema.yaml @@ -67,8 +67,8 @@ variables: ## Kubernetes Deployment Options #### opt_deploy_helm: - title: "Enable helm release. Creates all resource (OCI + Kubernetes)." - description: "Un-check to create only OCI resources. Will not deploy helm release." + title: "Enable helm release. Creates all (OCI + K8s) resources." + description: "Uncheck this to create only OCI resources. Does NOT deploy helm release." type: boolean default: true required: true @@ -104,7 +104,6 @@ variables: title: Select OKE Cluster required: true - # Kubernetes Namespace # kubernetes_namespace: # type: string # minLength: 1 @@ -175,7 +174,7 @@ variables: and: - opt_deploy_helm - not: - - livelab_switch + - livelab_switch #### ## Pre-requisites From 6beeb0d581ea3121eb7d4d7f8f3914bdffc4dacb Mon Sep 17 00:00:00 2001 From: paliwalparitosh Date: Wed, 16 Aug 2023 17:21:07 +0530 Subject: [PATCH 06/45] rearrange UI elements --- terraform/oke/schema.yaml | 50 +++++++++++++++++++++------------------ 1 file changed, 27 insertions(+), 23 deletions(-) diff --git a/terraform/oke/schema.yaml b/terraform/oke/schema.yaml index 2c2d0d25..d645e2b2 100644 --- a/terraform/oke/schema.yaml +++ b/terraform/oke/schema.yaml @@ -57,33 +57,15 @@ variableGroups: - opt_deploy_helm - opt_deploy_metric_server - fluentd_baseDir_path + visible: + not: + - livelab_switch - title: "OCI IAM Policies and Dynaimic Groups (Optional)" variables: - opt_create_dynamicGroup_and_policies variables: - #### - ## Kubernetes Deployment Options - #### - opt_deploy_helm: - title: "Enable helm release. Creates all (OCI + K8s) resources." - description: "Uncheck this to create only OCI resources. Does NOT deploy helm release." - type: boolean - default: true - required: true - - # Option to enable/disable metric server installation during helm deployment - opt_deploy_metric_server: - type: boolean - title: Enable Metric Server Installation - description: Uncheck this if Metric Server is already installed in your cluster. - default: true - visible: - and: - - opt_deploy_helm - - not: - - livelab_switch #### ## OKE Cluster Information @@ -158,7 +140,29 @@ variables: visible: and: - opt_create_new_la_logGroup - pattern: '^([a-zA-Z0-9]|[a-zA-Z0-9][\\ a-zA-Z0-9_\-]*[\\a-zA-Z\-0-9_])$' + pattern: '^([a-zA-Z0-9]|[a-zA-Z0-9][\\ a-zA-Z0-9_\-]*[\\a-zA-Z\-0-9_])$' + + #### + ## Kubernetes Deployment Options + #### + opt_deploy_helm: + title: "Enable helm release. Creates all (OCI + K8s) resources." + description: "Uncheck this to create only OCI resources. This will not deploy helm release." + type: boolean + default: true + required: true + + # Option to enable/disable metric server installation during helm deployment + opt_deploy_metric_server: + type: boolean + title: Enable Metric Server Installation + description: Uncheck this if Metric Server is already installed in your cluster. + default: true + visible: + and: + - opt_deploy_helm + - not: + - livelab_switch # Fluentd Base Directory fluentd_baseDir_path: @@ -174,7 +178,7 @@ variables: and: - opt_deploy_helm - not: - - livelab_switch + - livelab_switch #### ## Pre-requisites From da3d6e677bf828f811e90f72f030fc30276d1cb5 Mon Sep 17 00:00:00 2001 From: paliwalparitosh Date: Wed, 16 Aug 2023 17:54:32 +0530 Subject: [PATCH 07/45] update livelab switch file --- terraform/oke/{livelab.tf => livelab_switch.tf} | 0 util/build_stack.sh | 9 +++++---- 2 files changed, 5 insertions(+), 4 deletions(-) rename terraform/oke/{livelab.tf => livelab_switch.tf} (100%) diff --git a/terraform/oke/livelab.tf b/terraform/oke/livelab_switch.tf similarity index 100% rename from terraform/oke/livelab.tf rename to terraform/oke/livelab_switch.tf diff --git a/util/build_stack.sh b/util/build_stack.sh index e7fb20a8..1c04749e 100755 --- a/util/build_stack.sh +++ b/util/build_stack.sh @@ -136,19 +136,20 @@ echo -e "Removed terraform modules symlink" cp -R "$MODULES_SOURCE" "$TEMP_DIR" || error_and_exit "Could not copy modules" echo -e "Copied orignal modules" -# to be fixed from here - - +# switch back to temp dir cd "$TEMP_DIR" || error_and_exit "Could not switch to temp dir" echo -e "Switched to temp dir" # update livelab switch input to true if [ -n "$LIVE_LAB_BUILD" ]; then - sed "s/false/true/g" -i livelab.tf - echo -e "Enabled livelab switch in livelab.tf" + sed "s/false/true/g" -i livelab-switch.tf + echo -e "Enabled livelab switch in livelab-switch.tf" fi +# create zip zip -r "${RELEASE_ZIP}" ./* >/dev/null || error_and_exit "Could not zip temp dir" +# switch back to util dir cd "$RELEASE_PATH" || error_and_exit "Could not switch to Util dir" # clean up temp zip file From ccabccf2e51c7c21609c4f130614c9a9506b0084 Mon Sep 17 00:00:00 2001 From: paliwalparitosh Date: Wed, 16 Aug 2023 18:36:43 +0530 Subject: [PATCH 08/45] move livelab specific code to it's own module --- terraform/modules/livelab/inputs.tf | 7 +++++++ terraform/modules/livelab/livelab.tf | 13 +++++++++++++ terraform/modules/livelab/outputs.tf | 10 ++++++++++ terraform/modules/livelab/provider.tf | 13 +++++++++++++ terraform/oke/datasources.tf | 4 ---- terraform/oke/inputs.tf | 9 +++------ terraform/oke/main.tf | 22 ++++++++++++++++------ terraform/oke/providers.tf | 2 +- terraform/oke/schema.yaml | 3 ++- 9 files changed, 65 insertions(+), 18 deletions(-) create mode 100644 terraform/modules/livelab/inputs.tf create mode 100644 terraform/modules/livelab/livelab.tf create mode 100644 terraform/modules/livelab/outputs.tf create mode 100644 terraform/modules/livelab/provider.tf diff --git a/terraform/modules/livelab/inputs.tf b/terraform/modules/livelab/inputs.tf new file mode 100644 index 00000000..9619d199 --- /dev/null +++ b/terraform/modules/livelab/inputs.tf @@ -0,0 +1,7 @@ +# Copyright (c) 2023, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl. + +# OCID of user running the marketplace app / Resoruce Manager stack +variable "current_user_ocid" { + type = string +} \ No newline at end of file diff --git a/terraform/modules/livelab/livelab.tf b/terraform/modules/livelab/livelab.tf new file mode 100644 index 00000000..549d9db9 --- /dev/null +++ b/terraform/modules/livelab/livelab.tf @@ -0,0 +1,13 @@ +# Copyright (c) 2023, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl. + +locals { + oci_username = data.oci_identity_user.livelab_user.name + livelab_res_num = trimprefix(trimsuffix(lower(local.oci_username), "-user"), "ll") + livelab_reservationId = "resr${local.livelab_res_num}" + livelab_fluentd_baseDir_path = "/var/log/${local.livelab_reservationId}" +} + +data "oci_identity_user" "livelab_user" { + user_id = var.current_user_ocid +} \ No newline at end of file diff --git a/terraform/modules/livelab/outputs.tf b/terraform/modules/livelab/outputs.tf new file mode 100644 index 00000000..71edd61b --- /dev/null +++ b/terraform/modules/livelab/outputs.tf @@ -0,0 +1,10 @@ +# Copyright (c) 2023, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl. + +output "service_account" { + value = local.livelab_reservationId +} + +output "fluentd_baseDir_path" { + value = local.livelab_fluentd_baseDir_path +} \ No newline at end of file diff --git a/terraform/modules/livelab/provider.tf b/terraform/modules/livelab/provider.tf new file mode 100644 index 00000000..a820a625 --- /dev/null +++ b/terraform/modules/livelab/provider.tf @@ -0,0 +1,13 @@ +# Copyright (c) 2023, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl. + +terraform { + required_version = ">= 1.0" + required_providers { + oci = { + source = "oracle/oci" + version = ">= 4.96.0" + # https://registry.terraform.io/providers/hashicorp/oci/4.85.0 + } + } +} \ No newline at end of file diff --git a/terraform/oke/datasources.tf b/terraform/oke/datasources.tf index 98ed84d9..d536e019 100644 --- a/terraform/oke/datasources.tf +++ b/terraform/oke/datasources.tf @@ -1,10 +1,6 @@ # Copyright (c) 2023, Oracle and/or its affiliates. # Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl. -data "oci_identity_user" "livelab_user" { - user_id = var.current_user_ocid -} - data "oci_identity_tenancy" "tenant_details" { tenancy_id = var.tenancy_ocid } diff --git a/terraform/oke/inputs.tf b/terraform/oke/inputs.tf index baea8b63..c8a14417 100644 --- a/terraform/oke/inputs.tf +++ b/terraform/oke/inputs.tf @@ -47,7 +47,8 @@ variable "compartment_ocid" { # OCID of user running the marketplace app / Resoruce Manager stack variable "current_user_ocid" { - type = string + type = string + default = "" } #### @@ -70,17 +71,13 @@ variable "boat_tenancy_ocid" { ## Stack Deployment Options #### variable "opt_deploy_helm" { - type = boolean + type = bool default = true } #### ## Dynamic Group and Policies #### -variable "opt_create_dynamicGroup_and_policies" { - type = bool - default = false -} # Option to create Dynamic Group and Policies variable "opt_create_dynamicGroup_and_policies" { diff --git a/terraform/oke/main.tf b/terraform/oke/main.tf index 7b680f67..400fa437 100644 --- a/terraform/oke/main.tf +++ b/terraform/oke/main.tf @@ -2,12 +2,8 @@ # Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl. locals { - ## livelab - oci_username = data.oci_identity_user.livelab_user.name - livelab_service_account = local.oci_username - - ## Helm release - fluentd_baseDir_path = var.livelab_switch ? "/var/log/${local.oci_username}" : var.fluentd_baseDir_path + livelab_service_account = var.livelab_switch ? module.livelab[0].service_account : "" + fluentd_baseDir_path = var.livelab_switch ? module.livelab[0].fluentd_baseDir_path : var.fluentd_baseDir_path ## Deployment options deployment_options = { @@ -15,6 +11,20 @@ locals { } } +// Only execute for livelab stack +module "livelab" { + source = "./modules/livelab" + + # follwing will only work when livelab user is a local user + current_user_ocid = var.livelab_switch ? var.current_user_ocid : "" + + count = var.livelab_switch ? 1 : 0 + + providers = { + oci = oci.home_region + } +} + // Import Kubernetes Dashboards module "import_kubernetes_dashbords" { source = "./modules/dashboards" diff --git a/terraform/oke/providers.tf b/terraform/oke/providers.tf index 89b07367..33453510 100644 --- a/terraform/oke/providers.tf +++ b/terraform/oke/providers.tf @@ -2,7 +2,7 @@ # Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl. terraform { - required_version = ">= 1.0.0, <= 1.5" + required_version = ">= 1.0.0, <= 1.6" required_providers { oci = { source = "oracle/oci" diff --git a/terraform/oke/schema.yaml b/terraform/oke/schema.yaml index d645e2b2..c325a1ee 100644 --- a/terraform/oke/schema.yaml +++ b/terraform/oke/schema.yaml @@ -145,9 +145,10 @@ variables: #### ## Kubernetes Deployment Options #### + opt_deploy_helm: title: "Enable helm release. Creates all (OCI + K8s) resources." - description: "Uncheck this to create only OCI resources. This will not deploy helm release." + description: "Uncheck this to skip helm release and only create OCI resources." type: boolean default: true required: true From 986f72347d74320afa306ee0de8cc832419165f5 Mon Sep 17 00:00:00 2001 From: paliwalparitosh Date: Fri, 18 Aug 2023 12:43:36 +0530 Subject: [PATCH 09/45] enables module controls; include entity creation for cluster --- terraform/modules/logan/inputs.tf | 5 ++ terraform/modules/logan/logAnalytics.tf | 7 ++ terraform/oke/datasources.tf | 4 + .../{debug-inputs.tf => developer-options.tf} | 30 ++++++- terraform/oke/inputs.tf | 5 +- terraform/oke/main.tf | 82 ++++++++++--------- terraform/oke/schema.yaml | 10 ++- terraform/oke/terraform-sample.tfvars | 11 +-- 8 files changed, 101 insertions(+), 53 deletions(-) rename terraform/oke/{debug-inputs.tf => developer-options.tf} (53%) diff --git a/terraform/modules/logan/inputs.tf b/terraform/modules/logan/inputs.tf index 070d1e36..65249431 100644 --- a/terraform/modules/logan/inputs.tf +++ b/terraform/modules/logan/inputs.tf @@ -28,3 +28,8 @@ variable "new_logGroup_name" { type = string default = "" // This is expected to rasie terraform error if ran with default value } + +# K8s cluster name +variable "kubernetes_cluster_name" { + type = string +} \ No newline at end of file diff --git a/terraform/modules/logan/logAnalytics.tf b/terraform/modules/logan/logAnalytics.tf index 67a96071..56c3a3db 100644 --- a/terraform/modules/logan/logAnalytics.tf +++ b/terraform/modules/logan/logAnalytics.tf @@ -29,3 +29,10 @@ resource "oci_log_analytics_log_analytics_log_group" "new_log_group" { # } # } } + +resource "oci_log_analytics_log_analytics_entity" "oke_cluster" { + compartment_id = var.compartment_ocid + entity_type_name = "Kubernetes Cluster" + name = var.kubernetes_cluster_name + namespace = local.oci_la_namespace +} \ No newline at end of file diff --git a/terraform/oke/datasources.tf b/terraform/oke/datasources.tf index d536e019..cadf5e6c 100644 --- a/terraform/oke/datasources.tf +++ b/terraform/oke/datasources.tf @@ -10,4 +10,8 @@ data "oci_identity_regions" "region_map" { data "oci_containerengine_cluster_kube_config" "oke" { cluster_id = var.oke_cluster_ocid +} + +data "oci_containerengine_clusters" "oke_clusters" { + compartment_id = var.oke_compartment_ocid } \ No newline at end of file diff --git a/terraform/oke/debug-inputs.tf b/terraform/oke/developer-options.tf similarity index 53% rename from terraform/oke/debug-inputs.tf rename to terraform/oke/developer-options.tf index 13d69628..e64a8d86 100644 --- a/terraform/oke/debug-inputs.tf +++ b/terraform/oke/developer-options.tf @@ -6,8 +6,14 @@ ## Leave it to default for production use #### +# Enable/Disable livelab module +variable "dev_switch_livelab_module" { + type = bool + default = true +} + # Enable/Disable helm module -variable "enable_helm_module" { +variable "dev_switch_helm_module" { type = bool default = true } @@ -15,13 +21,31 @@ variable "enable_helm_module" { # Enable/Disable helm template. When set as true, # - helm module will generate template file inside ../modules/helm/local directory # - Setting this to true disables/skips the helm release -variable "generate_helm_template" { +variable "dev_switch_generate_helm_template" { type = bool default = false } # Enable/Disable logan dashboards module -variable "enable_dashboard_module" { +variable "dev_switch_dashboards_module" { + type = bool + default = true +} + +# Enable/Disable management agent module +variable "dev_switch_mgmt_agent_module" { + type = bool + default = true +} + +# Enable/Disable management agent module +variable "dev_switch_logan_module" { + type = bool + default = true +} + +# Enable/Disable IAM module +variable "dev_switch_iam_module" { type = bool default = true } \ No newline at end of file diff --git a/terraform/oke/inputs.tf b/terraform/oke/inputs.tf index c8a14417..cd07c24b 100644 --- a/terraform/oke/inputs.tf +++ b/terraform/oke/inputs.tf @@ -70,6 +70,8 @@ variable "boat_tenancy_ocid" { #### ## Stack Deployment Options #### + +# Option to deploy helm variable "opt_deploy_helm" { type = bool default = true @@ -91,8 +93,7 @@ variable "opt_create_dynamicGroup_and_policies" { # OKE Cluster Compartment variable "oke_compartment_ocid" { - type = string - default = "" + type = string } # OKE Cluster OCID diff --git a/terraform/oke/main.tf b/terraform/oke/main.tf index 400fa437..0de158ff 100644 --- a/terraform/oke/main.tf +++ b/terraform/oke/main.tf @@ -5,24 +5,32 @@ locals { livelab_service_account = var.livelab_switch ? module.livelab[0].service_account : "" fluentd_baseDir_path = var.livelab_switch ? module.livelab[0].fluentd_baseDir_path : var.fluentd_baseDir_path - ## Deployment options - deployment_options = { - enable_helm_module = var.enable_helm_module && var.opt_deploy_helm + oke_cluster_name = [for c in data.oci_containerengine_clusters.oke_clusters.clusters : c.name if c.id == var.oke_cluster_ocid][0] + + ## Module Controls evalues developer options and UI inputs/options (ex - opt_deploy_helm) to determine + ## if a module should be executed + module_controls = { + enable_livelab_module = alltrue([var.dev_switch_livelab_module, var.livelab_switch]) + enable_dashboards_module = alltrue([var.dev_switch_dashboards_module]) + enable_iam_module = alltrue([var.dev_switch_iam_module, var.opt_create_dynamicGroup_and_policies, !var.livelab_switch]) + enable_logan_module = alltrue([var.dev_switch_logan_module]) + enable_mgmt_agent_module = alltrue([var.dev_switch_mgmt_agent_module]) + enable_helm_module = alltrue([var.dev_switch_helm_module, var.opt_deploy_helm]) } } // Only execute for livelab stack +// livelab module only supports local users +// it will error out when an identity domain user is used and livelab_switch is set as true module "livelab" { - source = "./modules/livelab" + source = "./modules/livelab" + current_user_ocid = var.current_user_ocid - # follwing will only work when livelab user is a local user - current_user_ocid = var.livelab_switch ? var.current_user_ocid : "" + count = local.module_controls.enable_livelab_module ? 1 : 0 - count = var.livelab_switch ? 1 : 0 - - providers = { + /* providers = { oci = oci.home_region - } + } */ } // Import Kubernetes Dashboards @@ -30,7 +38,7 @@ module "import_kubernetes_dashbords" { source = "./modules/dashboards" compartment_ocid = var.oci_onm_compartment_ocid - count = var.enable_dashboard_module ? 1 : 0 + count = local.module_controls.enable_dashboards_module ? 1 : 0 } // Create Required Polcies and Dynamic Group @@ -42,7 +50,7 @@ module "policy_and_dynamic-group" { oke_compartment_ocid = var.oke_compartment_ocid oke_cluster_ocid = var.oke_cluster_ocid - count = var.opt_create_dynamicGroup_and_policies && !var.livelab_switch ? 1 : 0 + count = local.module_controls.enable_iam_module ? 1 : 0 providers = { oci = oci.home_region @@ -51,12 +59,15 @@ module "policy_and_dynamic-group" { // Create Logging Analytics Resorces module "loggingAnalytics" { - source = "./modules/logan" - tenancy_ocid = var.tenancy_ocid - create_new_logGroup = var.opt_create_new_la_logGroup - new_logGroup_name = var.oci_la_logGroup_name - compartment_ocid = var.oci_onm_compartment_ocid - existing_logGroup_id = var.oci_la_logGroup_id + source = "./modules/logan" + tenancy_ocid = var.tenancy_ocid + create_new_logGroup = var.opt_create_new_la_logGroup + new_logGroup_name = var.oci_la_logGroup_name + compartment_ocid = var.oci_onm_compartment_ocid + existing_logGroup_id = var.oci_la_logGroup_id + kubernetes_cluster_name = local.oke_cluster_name + + count = local.module_controls.enable_logan_module ? 1 : 0 } # Create a management agent key @@ -64,30 +75,27 @@ module "management_agent" { source = "./modules/mgmt_agent" uniquifier = md5(var.oke_cluster_ocid) compartment_ocid = var.oci_onm_compartment_ocid + + count = local.module_controls.enable_mgmt_agent_module ? 1 : 0 } // deploy oke-monitoring solution (helm release) module "helm_release" { - source = "./modules/helm" - helm_abs_path = abspath("./charts/oci-onm") - generate_helm_template = var.generate_helm_template - - oke_compartment_ocid = var.oke_compartment_ocid - oke_cluster_ocid = var.oke_cluster_ocid - - logan_container_image_url = var.logan_container_image_url - kubernetes_namespace = var.kubernetes_namespace - - oci_la_logGroup_id = module.loggingAnalytics.oci_la_logGroup_ocid - oci_la_namespace = module.loggingAnalytics.oci_la_namespace - fluentd_baseDir_path = local.fluentd_baseDir_path - - mgmt_agent_install_key_content = module.management_agent.mgmt_agent_install_key_content + source = "./modules/helm" + helm_abs_path = abspath("./charts/oci-onm") + generate_helm_template = var.dev_switch_generate_helm_template + oke_compartment_ocid = var.oke_compartment_ocid + oke_cluster_ocid = var.oke_cluster_ocid + logan_container_image_url = var.logan_container_image_url + kubernetes_namespace = var.kubernetes_namespace + oci_la_logGroup_id = module.loggingAnalytics[0].oci_la_logGroup_ocid + oci_la_namespace = module.loggingAnalytics[0].oci_la_namespace + fluentd_baseDir_path = local.fluentd_baseDir_path + mgmt_agent_install_key_content = module.management_agent[0].mgmt_agent_install_key_content mgmt_agent_container_image_url = var.mgmt_agent_container_image_url opt_deploy_metric_server = var.livelab_switch ? true : var.opt_deploy_metric_server + deploy_mushop_config = var.livelab_switch + livelab_service_account = local.livelab_service_account - deploy_mushop_config = var.livelab_switch - livelab_service_account = local.livelab_service_account - - count = local.deployment_options.enable_helm_module ? 1 : 0 + count = local.module_controls.enable_helm_module ? 1 : 0 } diff --git a/terraform/oke/schema.yaml b/terraform/oke/schema.yaml index c325a1ee..45da3a83 100644 --- a/terraform/oke/schema.yaml +++ b/terraform/oke/schema.yaml @@ -25,11 +25,15 @@ variableGroups: - user_ocid - private_key_path - fingerprint - - generate_helm_template - - enable_dashboard_module - - enable_helm_module - boat_auth - boat_tenancy_ocid + - dev_switch_generate_helm_template + - dev_switch_dashboards_module + - dev_switch_helm_module + - dev_switch_mgmt_agent_module + - dev_switch_logan_module + - dev_switch_livelab_module + - dev_switch_iam_module - compartment_ocid - logan_container_image_url - mgmt_agent_container_image_url diff --git a/terraform/oke/terraform-sample.tfvars b/terraform/oke/terraform-sample.tfvars index 10bcd654..609a2b79 100644 --- a/terraform/oke/terraform-sample.tfvars +++ b/terraform/oke/terraform-sample.tfvars @@ -35,6 +35,9 @@ oke_cluster_ocid = "" # Change this, if you want to deploy in a custom namespace kubernetes_namespace = "oci-onm" +# Option to deploy helm +opt_deploy_helm + # Option to control metric server installation as part of helm release opt_deploy_metric_server = true @@ -61,12 +64,4 @@ opt_create_dynamicGroup_and_policies = true # Fluentd installation path fluentd_baseDir_path = "/var/log" -#### -## Optional Switches -#### - -enable_dashboard_module = false -enable_helm_module = false -generate_helm_template = false - From ece683bf706a8dccd552c451d2dfa38859b36081 Mon Sep 17 00:00:00 2001 From: paliwalparitosh Date: Tue, 22 Aug 2023 19:29:18 +0530 Subject: [PATCH 10/45] add missing input --- terraform/oke/terraform-sample.tfvars | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/terraform/oke/terraform-sample.tfvars b/terraform/oke/terraform-sample.tfvars index 609a2b79..67a55d5e 100644 --- a/terraform/oke/terraform-sample.tfvars +++ b/terraform/oke/terraform-sample.tfvars @@ -36,7 +36,7 @@ oke_cluster_ocid = "" kubernetes_namespace = "oci-onm" # Option to deploy helm -opt_deploy_helm +opt_deploy_helm = true # Option to control metric server installation as part of helm release opt_deploy_metric_server = true From 1dc7b74659c0f88c3ee29f0e554fdeda58043651 Mon Sep 17 00:00:00 2001 From: paliwalparitosh Date: Tue, 22 Aug 2023 19:29:51 +0530 Subject: [PATCH 11/45] includes cluster entity properties --- terraform/modules/logan/logAnalytics.tf | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/terraform/modules/logan/logAnalytics.tf b/terraform/modules/logan/logAnalytics.tf index 56c3a3db..2fdefe32 100644 --- a/terraform/modules/logan/logAnalytics.tf +++ b/terraform/modules/logan/logAnalytics.tf @@ -8,6 +8,11 @@ data "oci_log_analytics_namespaces" "logan_namespaces" { locals { oci_la_namespace = data.oci_log_analytics_namespaces.logan_namespaces.namespace_collection[0].items[0].namespace final_oci_la_logGroup_id = var.create_new_logGroup ? oci_log_analytics_log_analytics_log_group.new_log_group[0].id : var.existing_logGroup_id + cluster_entity_properties = { + topology_solution_k8s_onm_compartment_ocid = var.compartment_ocid + topology_solution_k8s_onm_metrics_namespace = "mgmtagent_kubernetes_metrics" + topology_solution_k8s_trigger = "add_data_flow" + } } resource "oci_log_analytics_log_analytics_log_group" "new_log_group" { @@ -35,4 +40,5 @@ resource "oci_log_analytics_log_analytics_entity" "oke_cluster" { entity_type_name = "Kubernetes Cluster" name = var.kubernetes_cluster_name namespace = local.oci_la_namespace + properties = local.cluster_entity_properties } \ No newline at end of file From e4167845ac1d41a2233a07181d26b1e9e38e8454 Mon Sep 17 00:00:00 2001 From: paliwalparitosh Date: Tue, 22 Aug 2023 19:39:00 +0530 Subject: [PATCH 12/45] adds input triggered_by_add_data_flow --- terraform/modules/logan/inputs.tf | 6 ++++++ terraform/modules/logan/logAnalytics.tf | 2 +- terraform/oke/inputs.tf | 6 ++++++ terraform/oke/main.tf | 15 ++++++++------- terraform/oke/schema.yaml | 1 + 5 files changed, 22 insertions(+), 8 deletions(-) diff --git a/terraform/modules/logan/inputs.tf b/terraform/modules/logan/inputs.tf index 65249431..b7f7ec4d 100644 --- a/terraform/modules/logan/inputs.tf +++ b/terraform/modules/logan/inputs.tf @@ -32,4 +32,10 @@ variable "new_logGroup_name" { # K8s cluster name variable "kubernetes_cluster_name" { type = string +} + +# add data flow identifier +variable "triggered_by_add_data_flow" { + type = bool + default = false } \ No newline at end of file diff --git a/terraform/modules/logan/logAnalytics.tf b/terraform/modules/logan/logAnalytics.tf index 2fdefe32..ad402c8b 100644 --- a/terraform/modules/logan/logAnalytics.tf +++ b/terraform/modules/logan/logAnalytics.tf @@ -11,7 +11,7 @@ locals { cluster_entity_properties = { topology_solution_k8s_onm_compartment_ocid = var.compartment_ocid topology_solution_k8s_onm_metrics_namespace = "mgmtagent_kubernetes_metrics" - topology_solution_k8s_trigger = "add_data_flow" + topology_solution_k8s_trigger = var.triggered_by_add_data_flow ? "add_data_flow" : null } } diff --git a/terraform/oke/inputs.tf b/terraform/oke/inputs.tf index cd07c24b..c86d79e4 100644 --- a/terraform/oke/inputs.tf +++ b/terraform/oke/inputs.tf @@ -141,6 +141,12 @@ variable "fluentd_baseDir_path" { default = "/var/log" } +# add data flow identifier +variable "triggered_by_add_data_flow" { + type = bool + default = false +} + #### ## Fluentd Configuration #### diff --git a/terraform/oke/main.tf b/terraform/oke/main.tf index 0de158ff..e23a8064 100644 --- a/terraform/oke/main.tf +++ b/terraform/oke/main.tf @@ -59,13 +59,14 @@ module "policy_and_dynamic-group" { // Create Logging Analytics Resorces module "loggingAnalytics" { - source = "./modules/logan" - tenancy_ocid = var.tenancy_ocid - create_new_logGroup = var.opt_create_new_la_logGroup - new_logGroup_name = var.oci_la_logGroup_name - compartment_ocid = var.oci_onm_compartment_ocid - existing_logGroup_id = var.oci_la_logGroup_id - kubernetes_cluster_name = local.oke_cluster_name + source = "./modules/logan" + tenancy_ocid = var.tenancy_ocid + create_new_logGroup = var.opt_create_new_la_logGroup + new_logGroup_name = var.oci_la_logGroup_name + compartment_ocid = var.oci_onm_compartment_ocid + existing_logGroup_id = var.oci_la_logGroup_id + kubernetes_cluster_name = local.oke_cluster_name + triggered_by_add_data_flow = var.triggered_by_add_data_flow count = local.module_controls.enable_logan_module ? 1 : 0 } diff --git a/terraform/oke/schema.yaml b/terraform/oke/schema.yaml index 45da3a83..809eda3f 100644 --- a/terraform/oke/schema.yaml +++ b/terraform/oke/schema.yaml @@ -40,6 +40,7 @@ variableGroups: - kubernetes_namespace - current_user_ocid - livelab_switch + - triggered_by_add_data_flow visible: false - title: "Select an OKE Cluster deployed in this region to start monitoring" From c3427c4c552be3d2aa56cfce1e2c573c12fb46b8 Mon Sep 17 00:00:00 2001 From: paliwalparitosh Date: Tue, 22 Aug 2023 20:14:29 +0530 Subject: [PATCH 13/45] converts deployment options into a dropdown --- terraform/oke/inputs.tf | 16 +++--- terraform/oke/main.tf | 6 ++- terraform/oke/schema.yaml | 70 +++++++++++++-------------- terraform/oke/terraform-sample.tfvars | 3 -- 4 files changed, 44 insertions(+), 51 deletions(-) diff --git a/terraform/oke/inputs.tf b/terraform/oke/inputs.tf index c86d79e4..b82f79a3 100644 --- a/terraform/oke/inputs.tf +++ b/terraform/oke/inputs.tf @@ -67,16 +67,6 @@ variable "boat_tenancy_ocid" { default = "" } -#### -## Stack Deployment Options -#### - -# Option to deploy helm -variable "opt_deploy_helm" { - type = bool - default = true -} - #### ## Dynamic Group and Policies #### @@ -111,6 +101,12 @@ variable "kubernetes_namespace" { ## OCI Observability and Management Information #### +# Stack Deployment Options +variable "stack_deployment_option" { + type = string + default = "Full" +} + # Compartment for creating OCI Observability and Management resources variable "oci_onm_compartment_ocid" { type = string diff --git a/terraform/oke/main.tf b/terraform/oke/main.tf index e23a8064..d8c95de6 100644 --- a/terraform/oke/main.tf +++ b/terraform/oke/main.tf @@ -7,7 +7,9 @@ locals { oke_cluster_name = [for c in data.oci_containerengine_clusters.oke_clusters.clusters : c.name if c.id == var.oke_cluster_ocid][0] - ## Module Controls evalues developer options and UI inputs/options (ex - opt_deploy_helm) to determine + deploy_helm_ui_option = var.stack_deployment_option == "Full" ? true : false + + ## Module Controls evalues developer options and UI inputs/options (ex - stack_deployment_option) to determine ## if a module should be executed module_controls = { enable_livelab_module = alltrue([var.dev_switch_livelab_module, var.livelab_switch]) @@ -15,7 +17,7 @@ locals { enable_iam_module = alltrue([var.dev_switch_iam_module, var.opt_create_dynamicGroup_and_policies, !var.livelab_switch]) enable_logan_module = alltrue([var.dev_switch_logan_module]) enable_mgmt_agent_module = alltrue([var.dev_switch_mgmt_agent_module]) - enable_helm_module = alltrue([var.dev_switch_helm_module, var.opt_deploy_helm]) + enable_helm_module = alltrue([var.dev_switch_helm_module, local.deploy_helm_ui_option]) } } diff --git a/terraform/oke/schema.yaml b/terraform/oke/schema.yaml index 809eda3f..68217e86 100644 --- a/terraform/oke/schema.yaml +++ b/terraform/oke/schema.yaml @@ -52,19 +52,13 @@ variableGroups: - title: "OCI Observability & Management Services Configuration" description: "See: https://github.com/oracle-quickstart/oci-kubernetes-monitoring for list of resources created" variables: + - stack_deployment_option + - opt_deploy_metric_server - oci_onm_compartment_ocid - opt_create_new_la_logGroup - oci_la_logGroup_id - oci_la_logGroup_name - - - title: "Kubernetes Deployment Configuration" - variables: - - opt_deploy_helm - - opt_deploy_metric_server - - fluentd_baseDir_path - visible: - not: - - livelab_switch + - fluentd_baseDir_path - title: "OCI IAM Policies and Dynaimic Groups (Optional)" variables: @@ -104,7 +98,32 @@ variables: #### ## OCI Observability & Management Services Configuration #### - + + # Stack Deployment Options + stack_deployment_option: + title: "Deployment Options" + description: '"Full" option creates both OCI and K8s resources.' + type: enum + enum: # Dev Note - # Any change in following options must be refactored across schema.yaml + - "Full" + - "Only OCI Resources" + default: "Full" + required: true + + # Option to enable/disable metric server installation during helm deployment + opt_deploy_metric_server: + type: boolean + title: Enable Metric Server Installation + description: Uncheck this if Metric Server is already installed in your cluster. + default: true + visible: + and: + - eq: + - ${stack_deployment_option} + - "Full" + - not: + - livelab_switch + # Compartment for creating OCI Observability and Management resources oci_onm_compartment_ocid: type: oci:identity:compartment:id @@ -147,29 +166,6 @@ variables: - opt_create_new_la_logGroup pattern: '^([a-zA-Z0-9]|[a-zA-Z0-9][\\ a-zA-Z0-9_\-]*[\\a-zA-Z\-0-9_])$' - #### - ## Kubernetes Deployment Options - #### - - opt_deploy_helm: - title: "Enable helm release. Creates all (OCI + K8s) resources." - description: "Uncheck this to skip helm release and only create OCI resources." - type: boolean - default: true - required: true - - # Option to enable/disable metric server installation during helm deployment - opt_deploy_metric_server: - type: boolean - title: Enable Metric Server Installation - description: Uncheck this if Metric Server is already installed in your cluster. - default: true - visible: - and: - - opt_deploy_helm - - not: - - livelab_switch - # Fluentd Base Directory fluentd_baseDir_path: type: string @@ -181,10 +177,12 @@ variables: required: true pattern: '^/[\w- /]*$' visible: - and: - - opt_deploy_helm + and: + - eq: + - ${stack_deployment_option} + - "Full" - not: - - livelab_switch + - livelab_switch #### ## Pre-requisites diff --git a/terraform/oke/terraform-sample.tfvars b/terraform/oke/terraform-sample.tfvars index 67a55d5e..9428e417 100644 --- a/terraform/oke/terraform-sample.tfvars +++ b/terraform/oke/terraform-sample.tfvars @@ -35,9 +35,6 @@ oke_cluster_ocid = "" # Change this, if you want to deploy in a custom namespace kubernetes_namespace = "oci-onm" -# Option to deploy helm -opt_deploy_helm = true - # Option to control metric server installation as part of helm release opt_deploy_metric_server = true From 6ff95cab35916c6b25f4ea7e42eb4b6f45288ee2 Mon Sep 17 00:00:00 2001 From: paliwalparitosh Date: Wed, 23 Aug 2023 16:22:46 +0530 Subject: [PATCH 14/45] adds external values.yaml content as output --- terraform/oke/outputs.tf | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/terraform/oke/outputs.tf b/terraform/oke/outputs.tf index abc612c1..d11f0577 100644 --- a/terraform/oke/outputs.tf +++ b/terraform/oke/outputs.tf @@ -1,2 +1,28 @@ # Copyright (c) 2023, Oracle and/or its affiliates. # Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl. + +locals { + output_external_values_ymal = yamlencode({ + "global" = { + "kubernetesClusterID" = var.oke_cluster_ocid + "kubernetesClusterName" = local.oke_cluster_name + } + "oci-onm-logan" = { + "ociLANamespace" = module.loggingAnalytics[0].oci_la_namespace + "ociLALogGroupID" = module.loggingAnalytics[0].oci_la_logGroup_ocid + } + "oci-onm-mgmt-agent" = { + "mgmtagent" = { + "installKeyFileContent" = module.management_agent[0].mgmt_agent_install_key_content + } + } + }) +} + +output "helm_command_1" { + value = "helm repo add oci-onm https://oracle-quickstart.github.io/oci-kubernetes-monitoring" +} + +output "helm_command_2" { + value = local.deploy_helm_ui_option ? null : local.output_external_values_ymal +} \ No newline at end of file From 4bd32acc66a066895d5ff6fe17ed7453618125dd Mon Sep 17 00:00:00 2001 From: paliwalparitosh Date: Thu, 24 Aug 2023 16:20:47 +0530 Subject: [PATCH 15/45] adds optional option input --- terraform/oke/terraform-sample.tfvars | 3 +++ 1 file changed, 3 insertions(+) diff --git a/terraform/oke/terraform-sample.tfvars b/terraform/oke/terraform-sample.tfvars index 9428e417..1b9393d5 100644 --- a/terraform/oke/terraform-sample.tfvars +++ b/terraform/oke/terraform-sample.tfvars @@ -55,6 +55,9 @@ oci_la_logGroup_name = "NewLogGroupName" ## Optional Stack inputs #### +# "Full" or "Only OCI Resources" +stack_deployment_option = "Only OCI Resources" + # Option to create Dynamic Group and Policies opt_create_dynamicGroup_and_policies = true From b5ecef47dd7cb916e8c4f833b1771354a68f9136 Mon Sep 17 00:00:00 2001 From: paliwalparitosh Date: Thu, 24 Aug 2023 16:21:12 +0530 Subject: [PATCH 16/45] updates output to generate helm install command --- terraform/oke/outputs.tf | 23 ++++++++++++++++++----- 1 file changed, 18 insertions(+), 5 deletions(-) diff --git a/terraform/oke/outputs.tf b/terraform/oke/outputs.tf index d11f0577..2711a552 100644 --- a/terraform/oke/outputs.tf +++ b/terraform/oke/outputs.tf @@ -2,7 +2,7 @@ # Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl. locals { - output_external_values_ymal = yamlencode({ + output_helm_external_values = yamlencode({ "global" = { "kubernetesClusterID" = var.oke_cluster_ocid "kubernetesClusterName" = local.oke_cluster_name @@ -17,12 +17,25 @@ locals { } } }) + + output_helm_command_2 = join("\n" , [ + "helm install oci-kubernetes-monitoring oci-onm/oci-onm \\", + "--set global.kubernetesClusterID=${var.oke_cluster_ocid} \\", + "--set global.kubernetesClusterName=${local.oke_cluster_name} \\", + "--set oci-onm-logan.ociLALogGroupID=${module.loggingAnalytics[0].oci_la_logGroup_ocid} \\", + "--set oci-onm-logan.ociLANamespace=${module.loggingAnalytics[0].oci_la_namespace} \\", + "--set oci-onm-mgmt-agent.mgmtagent.installKeyFileContent=${module.management_agent[0].mgmt_agent_install_key_content}" + ]) } -output "helm_command_1" { +output helm_command_1 { value = "helm repo add oci-onm https://oracle-quickstart.github.io/oci-kubernetes-monitoring" } -output "helm_command_2" { - value = local.deploy_helm_ui_option ? null : local.output_external_values_ymal -} \ No newline at end of file +output helm_command_2 { + value = local.output_helm_command_2 +} + +/* output "helm_external_values" { + value = local.deploy_helm_ui_option ? null : local.output_helm_external_values +} */ \ No newline at end of file From 908b6bad5e0cd181da7d5d567362d66c965077d9 Mon Sep 17 00:00:00 2001 From: paliwalparitosh Date: Thu, 24 Aug 2023 18:23:54 +0530 Subject: [PATCH 17/45] replaces local helm chart wih helm repo --- terraform/modules/helm/helm.tf | 9 +++++++-- terraform/modules/helm/inputs.tf | 9 ++++++++- terraform/oke/developer-options.tf | 6 ++++++ terraform/oke/main.tf | 1 + terraform/oke/outputs.tf | 6 +++--- terraform/oke/schema.yaml | 1 + 6 files changed, 26 insertions(+), 6 deletions(-) diff --git a/terraform/modules/helm/helm.tf b/terraform/modules/helm/helm.tf index 22473b5c..8b4db697 100644 --- a/terraform/modules/helm/helm.tf +++ b/terraform/modules/helm/helm.tf @@ -6,6 +6,9 @@ data "oci_containerengine_clusters" "oke_clusters_list" { } locals { + helm_repo_url = "https://oracle-quickstart.github.io/oci-kubernetes-monitoring" + helm_repo_chart = "oci-onm" + oke_clusters_list = data.oci_containerengine_clusters.oke_clusters_list.clusters oke_cluster_name = [for c in local.oke_clusters_list : c.name if c.id == var.oke_cluster_ocid][0] @@ -37,7 +40,8 @@ locals { # Create helm release resource "helm_release" "oci-kubernetes-monitoring" { name = "oci-kubernetes-monitoring" - chart = var.helm_abs_path + repository = var.use_local_helm_chart ? null : local.helm_repo_url + chart = var.use_local_helm_chart ? var.helm_abs_path : local.helm_repo_chart wait = true dependency_update = true atomic = true @@ -66,7 +70,8 @@ resource "helm_release" "oci-kubernetes-monitoring" { # Create helm template data "helm_template" "oci-kubernetes-monitoring" { name = "oci-kubernetes-monitoring" - chart = var.helm_abs_path + repository = var.use_local_helm_chart ? null : local.helm_repo_url + chart = var.use_local_helm_chart ? var.helm_abs_path : local.helm_repo_chart dependency_update = true values = var.deploy_mushop_config ? ["${file("${path.module}/mushop_values.yaml")}"] : null diff --git a/terraform/modules/helm/inputs.tf b/terraform/modules/helm/inputs.tf index 828a960f..e40eb842 100644 --- a/terraform/modules/helm/inputs.tf +++ b/terraform/modules/helm/inputs.tf @@ -10,13 +10,20 @@ variable "generate_helm_template" { default = false } +variable "use_local_helm_chart" { + type = bool + default = false +} + #### ## Helm chart #### +# Used for local testing # Absoulte path to helm chart directory variable "helm_abs_path" { - type = string + type = string + default = "optional" } #### diff --git a/terraform/oke/developer-options.tf b/terraform/oke/developer-options.tf index e64a8d86..e126b414 100644 --- a/terraform/oke/developer-options.tf +++ b/terraform/oke/developer-options.tf @@ -18,6 +18,12 @@ variable "dev_switch_helm_module" { default = true } +# when false, public helm repo is used for deployment +variable "dev_switch_use_local_helm_chart" { + type = bool + default = false +} + # Enable/Disable helm template. When set as true, # - helm module will generate template file inside ../modules/helm/local directory # - Setting this to true disables/skips the helm release diff --git a/terraform/oke/main.tf b/terraform/oke/main.tf index d8c95de6..2d86ba26 100644 --- a/terraform/oke/main.tf +++ b/terraform/oke/main.tf @@ -86,6 +86,7 @@ module "management_agent" { module "helm_release" { source = "./modules/helm" helm_abs_path = abspath("./charts/oci-onm") + use_local_helm_chart = var.dev_switch_use_local_helm_chart generate_helm_template = var.dev_switch_generate_helm_template oke_compartment_ocid = var.oke_compartment_ocid oke_cluster_ocid = var.oke_cluster_ocid diff --git a/terraform/oke/outputs.tf b/terraform/oke/outputs.tf index 2711a552..a4f9ddfe 100644 --- a/terraform/oke/outputs.tf +++ b/terraform/oke/outputs.tf @@ -18,7 +18,7 @@ locals { } }) - output_helm_command_2 = join("\n" , [ + output_helm_command_2 = join("\n", [ "helm install oci-kubernetes-monitoring oci-onm/oci-onm \\", "--set global.kubernetesClusterID=${var.oke_cluster_ocid} \\", "--set global.kubernetesClusterName=${local.oke_cluster_name} \\", @@ -28,11 +28,11 @@ locals { ]) } -output helm_command_1 { +output "helm_command_1" { value = "helm repo add oci-onm https://oracle-quickstart.github.io/oci-kubernetes-monitoring" } -output helm_command_2 { +output "helm_command_2" { value = local.output_helm_command_2 } diff --git a/terraform/oke/schema.yaml b/terraform/oke/schema.yaml index 68217e86..6bebcf97 100644 --- a/terraform/oke/schema.yaml +++ b/terraform/oke/schema.yaml @@ -28,6 +28,7 @@ variableGroups: - boat_auth - boat_tenancy_ocid - dev_switch_generate_helm_template + - dev_switch_use_local_helm_chart - dev_switch_dashboards_module - dev_switch_helm_module - dev_switch_mgmt_agent_module From c14f20ecdaa8aa0603bef4dbaa631a58da8f398e Mon Sep 17 00:00:00 2001 From: paliwalparitosh Date: Thu, 24 Aug 2023 18:44:53 +0530 Subject: [PATCH 18/45] updates helm install command --- terraform/oke/outputs.tf | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/terraform/oke/outputs.tf b/terraform/oke/outputs.tf index a4f9ddfe..f315cef2 100644 --- a/terraform/oke/outputs.tf +++ b/terraform/oke/outputs.tf @@ -18,12 +18,12 @@ locals { } }) - output_helm_command_2 = join("\n", [ - "helm install oci-kubernetes-monitoring oci-onm/oci-onm \\", - "--set global.kubernetesClusterID=${var.oke_cluster_ocid} \\", - "--set global.kubernetesClusterName=${local.oke_cluster_name} \\", - "--set oci-onm-logan.ociLALogGroupID=${module.loggingAnalytics[0].oci_la_logGroup_ocid} \\", - "--set oci-onm-logan.ociLANamespace=${module.loggingAnalytics[0].oci_la_namespace} \\", + output_helm_command_2 = join(" ", [ + "helm install oci-kubernetes-monitoring oci-onm/oci-onm", + "--set global.kubernetesClusterID=${var.oke_cluster_ocid}", + "--set global.kubernetesClusterName=${local.oke_cluster_name}", + "--set oci-onm-logan.ociLALogGroupID=${module.loggingAnalytics[0].oci_la_logGroup_ocid}", + "--set oci-onm-logan.ociLANamespace=${module.loggingAnalytics[0].oci_la_namespace}", "--set oci-onm-mgmt-agent.mgmtagent.installKeyFileContent=${module.management_agent[0].mgmt_agent_install_key_content}" ]) } From 61ad7dfda5cc926111df120df863872c028ad41b Mon Sep 17 00:00:00 2001 From: paliwalparitosh Date: Thu, 31 Aug 2023 14:21:30 +0530 Subject: [PATCH 19/45] removes cluster entity creation via stack --- terraform/modules/logan/inputs.tf | 11 ----------- terraform/modules/logan/logAnalytics.tf | 13 ------------- terraform/oke/main.tf | 2 -- 3 files changed, 26 deletions(-) diff --git a/terraform/modules/logan/inputs.tf b/terraform/modules/logan/inputs.tf index b7f7ec4d..abcb1336 100644 --- a/terraform/modules/logan/inputs.tf +++ b/terraform/modules/logan/inputs.tf @@ -27,15 +27,4 @@ variable "existing_logGroup_id" { variable "new_logGroup_name" { type = string default = "" // This is expected to rasie terraform error if ran with default value -} - -# K8s cluster name -variable "kubernetes_cluster_name" { - type = string -} - -# add data flow identifier -variable "triggered_by_add_data_flow" { - type = bool - default = false } \ No newline at end of file diff --git a/terraform/modules/logan/logAnalytics.tf b/terraform/modules/logan/logAnalytics.tf index ad402c8b..bc1d2888 100644 --- a/terraform/modules/logan/logAnalytics.tf +++ b/terraform/modules/logan/logAnalytics.tf @@ -8,11 +8,6 @@ data "oci_log_analytics_namespaces" "logan_namespaces" { locals { oci_la_namespace = data.oci_log_analytics_namespaces.logan_namespaces.namespace_collection[0].items[0].namespace final_oci_la_logGroup_id = var.create_new_logGroup ? oci_log_analytics_log_analytics_log_group.new_log_group[0].id : var.existing_logGroup_id - cluster_entity_properties = { - topology_solution_k8s_onm_compartment_ocid = var.compartment_ocid - topology_solution_k8s_onm_metrics_namespace = "mgmtagent_kubernetes_metrics" - topology_solution_k8s_trigger = var.triggered_by_add_data_flow ? "add_data_flow" : null - } } resource "oci_log_analytics_log_analytics_log_group" "new_log_group" { @@ -33,12 +28,4 @@ resource "oci_log_analytics_log_analytics_log_group" "new_log_group" { # error_message = "Tenancy is not on-boarded to OCI Logging Analytics Service in ${var.region} region." # } # } -} - -resource "oci_log_analytics_log_analytics_entity" "oke_cluster" { - compartment_id = var.compartment_ocid - entity_type_name = "Kubernetes Cluster" - name = var.kubernetes_cluster_name - namespace = local.oci_la_namespace - properties = local.cluster_entity_properties } \ No newline at end of file diff --git a/terraform/oke/main.tf b/terraform/oke/main.tf index 2d86ba26..e9dae4e6 100644 --- a/terraform/oke/main.tf +++ b/terraform/oke/main.tf @@ -67,8 +67,6 @@ module "loggingAnalytics" { new_logGroup_name = var.oci_la_logGroup_name compartment_ocid = var.oci_onm_compartment_ocid existing_logGroup_id = var.oci_la_logGroup_id - kubernetes_cluster_name = local.oke_cluster_name - triggered_by_add_data_flow = var.triggered_by_add_data_flow count = local.module_controls.enable_logan_module ? 1 : 0 } From c8b1f7a9dc99d7fcfab2a92267d79eb8682dfc57 Mon Sep 17 00:00:00 2001 From: paliwalparitosh Date: Thu, 31 Aug 2023 19:02:03 +0530 Subject: [PATCH 20/45] adds addtional outputs to contruct helm install command --- terraform/oke/outputs.tf | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/terraform/oke/outputs.tf b/terraform/oke/outputs.tf index f315cef2..bc55b1b0 100644 --- a/terraform/oke/outputs.tf +++ b/terraform/oke/outputs.tf @@ -36,6 +36,22 @@ output "helm_command_2" { value = local.output_helm_command_2 } +output "oke_cluster_name" { + value = local.oke_cluster_name +} + +output "oci_la_namespace" { + value = module.loggingAnalytics[0].oci_la_namespace +} + +output "oci_la_logGroup_ocid" { + value = module.loggingAnalytics[0].oci_la_logGroup_ocid +} + +output "mgmt_agent_install_key_content" { + value = module.management_agent[0].mgmt_agent_install_key_content +} + /* output "helm_external_values" { value = local.deploy_helm_ui_option ? null : local.output_helm_external_values } */ \ No newline at end of file From 18ef185f72a5050b051f7354ce41e047b63efa51 Mon Sep 17 00:00:00 2001 From: paliwalparitosh Date: Mon, 4 Sep 2023 14:27:43 +0530 Subject: [PATCH 21/45] stack output changes and refactor --- terraform/modules/iam/outputs.tf | 10 +++++++ terraform/oke/main.tf | 46 +++++++++++++++--------------- terraform/oke/outputs.tf | 49 +++++++++++++++++++++----------- 3 files changed, 66 insertions(+), 39 deletions(-) create mode 100644 terraform/modules/iam/outputs.tf diff --git a/terraform/modules/iam/outputs.tf b/terraform/modules/iam/outputs.tf new file mode 100644 index 00000000..10537beb --- /dev/null +++ b/terraform/modules/iam/outputs.tf @@ -0,0 +1,10 @@ +# Copyright (c) 2023, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl. + +output "oke_dynamic_group_ocid" { + value = oci_identity_dynamic_group.oke_dynamic_group.id +} + +output "oke_monitoring_policy_ocid" { + value = oci_identity_policy.oke_monitoring_policy.id +} \ No newline at end of file diff --git a/terraform/oke/main.tf b/terraform/oke/main.tf index e9dae4e6..3da3bf84 100644 --- a/terraform/oke/main.tf +++ b/terraform/oke/main.tf @@ -9,16 +9,16 @@ locals { deploy_helm_ui_option = var.stack_deployment_option == "Full" ? true : false - ## Module Controls evalues developer options and UI inputs/options (ex - stack_deployment_option) to determine - ## if a module should be executed - module_controls = { - enable_livelab_module = alltrue([var.dev_switch_livelab_module, var.livelab_switch]) - enable_dashboards_module = alltrue([var.dev_switch_dashboards_module]) - enable_iam_module = alltrue([var.dev_switch_iam_module, var.opt_create_dynamicGroup_and_policies, !var.livelab_switch]) - enable_logan_module = alltrue([var.dev_switch_logan_module]) - enable_mgmt_agent_module = alltrue([var.dev_switch_mgmt_agent_module]) - enable_helm_module = alltrue([var.dev_switch_helm_module, local.deploy_helm_ui_option]) - } + ## Module Controls are are final verdicts on if a module should be executed or not + ## Module dependencies should be included here as well so a module does not run when it's depenedent moudle is disabled + + module_controls_enable_livelab_module = alltrue([var.dev_switch_livelab_module, var.livelab_switch]) + module_controls_enable_dashboards_module = alltrue([var.dev_switch_dashboards_module]) + module_controls_enable_iam_module = alltrue([var.dev_switch_iam_module, var.opt_create_dynamicGroup_and_policies, !var.livelab_switch]) + module_controls_enable_logan_module = alltrue([var.dev_switch_logan_module]) + module_controls_enable_mgmt_agent_module = alltrue([var.dev_switch_mgmt_agent_module]) + module_controls_enable_helm_module = alltrue([var.dev_switch_helm_module, local.deploy_helm_ui_option, + local.module_controls_enable_mgmt_agent_module, local.module_controls_enable_logan_module]) } // Only execute for livelab stack @@ -28,7 +28,7 @@ module "livelab" { source = "./modules/livelab" current_user_ocid = var.current_user_ocid - count = local.module_controls.enable_livelab_module ? 1 : 0 + count = local.module_controls_enable_livelab_module ? 1 : 0 /* providers = { oci = oci.home_region @@ -40,7 +40,7 @@ module "import_kubernetes_dashbords" { source = "./modules/dashboards" compartment_ocid = var.oci_onm_compartment_ocid - count = local.module_controls.enable_dashboards_module ? 1 : 0 + count = local.module_controls_enable_dashboards_module ? 1 : 0 } // Create Required Polcies and Dynamic Group @@ -52,7 +52,7 @@ module "policy_and_dynamic-group" { oke_compartment_ocid = var.oke_compartment_ocid oke_cluster_ocid = var.oke_cluster_ocid - count = local.module_controls.enable_iam_module ? 1 : 0 + count = local.module_controls_enable_iam_module ? 1 : 0 providers = { oci = oci.home_region @@ -61,14 +61,14 @@ module "policy_and_dynamic-group" { // Create Logging Analytics Resorces module "loggingAnalytics" { - source = "./modules/logan" - tenancy_ocid = var.tenancy_ocid - create_new_logGroup = var.opt_create_new_la_logGroup - new_logGroup_name = var.oci_la_logGroup_name - compartment_ocid = var.oci_onm_compartment_ocid - existing_logGroup_id = var.oci_la_logGroup_id - - count = local.module_controls.enable_logan_module ? 1 : 0 + source = "./modules/logan" + tenancy_ocid = var.tenancy_ocid + create_new_logGroup = var.opt_create_new_la_logGroup + new_logGroup_name = var.oci_la_logGroup_name + compartment_ocid = var.oci_onm_compartment_ocid + existing_logGroup_id = var.oci_la_logGroup_id + + count = local.module_controls_enable_logan_module ? 1 : 0 } # Create a management agent key @@ -77,7 +77,7 @@ module "management_agent" { uniquifier = md5(var.oke_cluster_ocid) compartment_ocid = var.oci_onm_compartment_ocid - count = local.module_controls.enable_mgmt_agent_module ? 1 : 0 + count = local.module_controls_enable_mgmt_agent_module ? 1 : 0 } // deploy oke-monitoring solution (helm release) @@ -99,5 +99,5 @@ module "helm_release" { deploy_mushop_config = var.livelab_switch livelab_service_account = local.livelab_service_account - count = local.module_controls.enable_helm_module ? 1 : 0 + count = local.module_controls_enable_helm_module ? 1 : 0 } diff --git a/terraform/oke/outputs.tf b/terraform/oke/outputs.tf index bc55b1b0..20ad2bc6 100644 --- a/terraform/oke/outputs.tf +++ b/terraform/oke/outputs.tf @@ -2,7 +2,9 @@ # Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl. locals { - output_helm_external_values = yamlencode({ + can_generate_helm_output = alltrue([local.module_controls_enable_mgmt_agent_module, local.module_controls_enable_logan_module]) + + output_helm_external_values = local.can_generate_helm_output ? yamlencode({ "global" = { "kubernetesClusterID" = var.oke_cluster_ocid "kubernetesClusterName" = local.oke_cluster_name @@ -16,42 +18,57 @@ locals { "installKeyFileContent" = module.management_agent[0].mgmt_agent_install_key_content } } - }) + }) : null + + + helm_repo_add_cmd = "helm repo add oci-onm https://oracle-quickstart.github.io/oci-kubernetes-monitoring" - output_helm_command_2 = join(" ", [ + helm_install_cmd = local.can_generate_helm_output ? join(" ", [ "helm install oci-kubernetes-monitoring oci-onm/oci-onm", "--set global.kubernetesClusterID=${var.oke_cluster_ocid}", "--set global.kubernetesClusterName=${local.oke_cluster_name}", "--set oci-onm-logan.ociLALogGroupID=${module.loggingAnalytics[0].oci_la_logGroup_ocid}", "--set oci-onm-logan.ociLANamespace=${module.loggingAnalytics[0].oci_la_namespace}", "--set oci-onm-mgmt-agent.mgmtagent.installKeyFileContent=${module.management_agent[0].mgmt_agent_install_key_content}" - ]) + ]) : null } -output "helm_command_1" { - value = "helm repo add oci-onm https://oracle-quickstart.github.io/oci-kubernetes-monitoring" +### +# helm outputs +### + +output "helm_repo_add_cmd" { + value = local.can_generate_helm_output ? local.helm_repo_add_cmd : null } -output "helm_command_2" { - value = local.output_helm_command_2 +output "helm_install_cmd" { + value = local.can_generate_helm_output ? local.helm_install_cmd : null } output "oke_cluster_name" { value = local.oke_cluster_name } +### +# Module outputs +### + +output "oke_dynamic_group_ocid" { + value = local.module_controls_enable_iam_module ? module.policy_and_dynamic-group[0].oke_dynamic_group_ocid : null +} + +output "oke_monitoring_policy_ocid" { + value = local.module_controls_enable_iam_module ? module.policy_and_dynamic-group[0].oke_monitoring_policy_ocid : null +} + output "oci_la_namespace" { - value = module.loggingAnalytics[0].oci_la_namespace + value = local.module_controls_enable_logan_module ? module.loggingAnalytics[0].oci_la_namespace : null } output "oci_la_logGroup_ocid" { - value = module.loggingAnalytics[0].oci_la_logGroup_ocid + value = local.module_controls_enable_logan_module ? module.loggingAnalytics[0].oci_la_logGroup_ocid : null } output "mgmt_agent_install_key_content" { - value = module.management_agent[0].mgmt_agent_install_key_content -} - -/* output "helm_external_values" { - value = local.deploy_helm_ui_option ? null : local.output_helm_external_values -} */ \ No newline at end of file + value = local.module_controls_enable_mgmt_agent_module ? module.management_agent[0].mgmt_agent_install_key_content : null +} \ No newline at end of file From e4a89f95a1630f972f164fa6a188739f06486e4b Mon Sep 17 00:00:00 2001 From: paliwalparitosh Date: Mon, 4 Sep 2023 14:53:45 +0530 Subject: [PATCH 22/45] adds cluster name and cluster entity ocid as optional inputs for the helm --- terraform/modules/helm/helm.tf | 20 +++++++++++++++++++- terraform/modules/helm/inputs.tf | 12 ++++++++++++ terraform/oke/inputs.tf | 28 ++++++++++++++++++++++------ terraform/oke/main.tf | 2 ++ terraform/oke/schema.yaml | 2 ++ 5 files changed, 57 insertions(+), 7 deletions(-) diff --git a/terraform/modules/helm/helm.tf b/terraform/modules/helm/helm.tf index 8b4db697..9dfd601c 100644 --- a/terraform/modules/helm/helm.tf +++ b/terraform/modules/helm/helm.tf @@ -10,7 +10,9 @@ locals { helm_repo_chart = "oci-onm" oke_clusters_list = data.oci_containerengine_clusters.oke_clusters_list.clusters - oke_cluster_name = [for c in local.oke_clusters_list : c.name if c.id == var.oke_cluster_ocid][0] + oke_cluster_name = var.oke_cluster_name == "NoInput" ? [for c in local.oke_clusters_list : + c.name if c.id == var.oke_cluster_ocid][0] : var.oke_cluster_name + oke_cluster_entity_ocid = var.oke_cluster_entity_ocid == "NoInput" ? null : var.oke_cluster_entity_ocid helm_inputs = { # global @@ -56,6 +58,14 @@ resource "helm_release" "oci-kubernetes-monitoring" { } } + dynamic "set" { + for_each = var.oke_cluster_entity_ocid == "NoInput" ? [] : ["run_once"] + content { + name = "oci-onm-logan.ociLAClusterEntityID" + value = var.oke_cluster_entity_ocid + } + } + dynamic "set" { for_each = var.deploy_mushop_config ? local.mushop_helm_inputs : {} content { @@ -84,6 +94,14 @@ data "helm_template" "oci-kubernetes-monitoring" { } } + dynamic "set" { + for_each = var.oke_cluster_entity_ocid == "NoInput" ? [] : ["run_once"] + content { + name = "oci-onm-logan.ociLAClusterEntityID" + value = var.oke_cluster_entity_ocid + } + } + dynamic "set" { for_each = var.deploy_mushop_config ? local.mushop_helm_inputs : {} content { diff --git a/terraform/modules/helm/inputs.tf b/terraform/modules/helm/inputs.tf index e40eb842..908fbb24 100644 --- a/terraform/modules/helm/inputs.tf +++ b/terraform/modules/helm/inputs.tf @@ -40,6 +40,18 @@ variable "oke_cluster_ocid" { type = string } +# OKE Cluster Name +variable "oke_cluster_name" { + type = string + default = "NoInput" # refactor, if need to change default input +} + +# OKE Cluster Entity OCID +variable "oke_cluster_entity_ocid" { + type = string + default = "NoInput" # refactor, if need to change default input +} + # Kubernetes Namespace variable "kubernetes_namespace" { type = string diff --git a/terraform/oke/inputs.tf b/terraform/oke/inputs.tf index b82f79a3..54a1f24d 100644 --- a/terraform/oke/inputs.tf +++ b/terraform/oke/inputs.tf @@ -137,12 +137,6 @@ variable "fluentd_baseDir_path" { default = "/var/log" } -# add data flow identifier -variable "triggered_by_add_data_flow" { - type = bool - default = false -} - #### ## Fluentd Configuration #### @@ -167,4 +161,26 @@ variable "mgmt_agent_container_image_url" { variable "opt_deploy_metric_server" { type = bool default = true +} + +#### +## Input options hidden from stack UI +#### + +# add data flow identifier +variable "triggered_by_add_data_flow" { + type = bool + default = false +} + +# OKE Cluster Name +variable "oke_cluster_name" { + type = string + default = "NoInput" # refactor, if need to change default input +} + +# OKE Cluster Entity OCID +variable "oke_cluster_entity_ocid" { + type = string + default = "NoInput" # refactor, if need to change default input } \ No newline at end of file diff --git a/terraform/oke/main.tf b/terraform/oke/main.tf index 3da3bf84..e280b27e 100644 --- a/terraform/oke/main.tf +++ b/terraform/oke/main.tf @@ -98,6 +98,8 @@ module "helm_release" { opt_deploy_metric_server = var.livelab_switch ? true : var.opt_deploy_metric_server deploy_mushop_config = var.livelab_switch livelab_service_account = local.livelab_service_account + oke_cluster_name = var.oke_cluster_name + oke_cluster_entity_ocid = var.oke_cluster_entity_ocid count = local.module_controls_enable_helm_module ? 1 : 0 } diff --git a/terraform/oke/schema.yaml b/terraform/oke/schema.yaml index 6bebcf97..cd5fc542 100644 --- a/terraform/oke/schema.yaml +++ b/terraform/oke/schema.yaml @@ -42,6 +42,8 @@ variableGroups: - current_user_ocid - livelab_switch - triggered_by_add_data_flow + - oke_cluster_name + - oke_cluster_entity_ocid visible: false - title: "Select an OKE Cluster deployed in this region to start monitoring" From 46531a9c8d541b37ac07d68512bbabf86071ed80 Mon Sep 17 00:00:00 2001 From: paliwalparitosh Date: Mon, 4 Sep 2023 17:58:12 +0530 Subject: [PATCH 23/45] removes references of ociLAEntityID from helm --- charts/logan/README.md | 2 +- charts/logan/templates/logs-configmap.yaml | 22 ------------------- charts/logan/templates/objects-configmap.yaml | 1 - charts/logan/values.yaml | 10 +++------ 4 files changed, 4 insertions(+), 31 deletions(-) diff --git a/charts/logan/README.md b/charts/logan/README.md index 6e1d6f3b..8b94f811 100644 --- a/charts/logan/README.md +++ b/charts/logan/README.md @@ -15,7 +15,7 @@ Charts for sending Kubernetes platform logs, compute logs, and Kubernetes Object | Key | Type | Default | Description | |-----|------|---------|-------------| | authtype | string | `"InstancePrincipal"` | Allowed values: InstancePrincipal, config | -| extraEnv | list | `[]` | Logging Analytics OCID for OKE Cluster ociLAEntityID: Logging Analytics additional metadata. Use this to tag all the collected logs with one or more key:value pairs. Key must be a valid field in Logging Analytics metadata: "Client Host Region": "PCT" "Environment": "Production" "Third key": "Third Value" @param extra environment variables. Example name: ENV_VARIABLE_NAME value: ENV_VARIABLE_VALUE | +| extraEnv | list | `[]` | Use this to tag all the collected logs with one or more key:value pairs. Key must be a valid field in Logging Analytics metadata: "Client Host Region": "PCT" "Environment": "Production" "Third key": "Third Value" @param extra environment variables. Example name: ENV_VARIABLE_NAME value: ENV_VARIABLE_VALUE | | extraVolumeMounts | list | `[]` | @param extraVolumeMounts Mount extra volume(s). Example: - name: tmpDir mountPath: /tmp | | extraVolumes | list | `[]` | @param extraVolumes Extra volumes. Example: - name: tmpDir hostPath: path: /tmp log | | fluentd.baseDir | string | `"/var/log"` | Base directory on the node (with read write permission) for storing fluentd plugins related data. | diff --git a/charts/logan/templates/logs-configmap.yaml b/charts/logan/templates/logs-configmap.yaml index 5933ef75..2511a0e6 100644 --- a/charts/logan/templates/logs-configmap.yaml +++ b/charts/logan/templates/logs-configmap.yaml @@ -100,11 +100,6 @@ data: {{- end }} oci_la_log_path "${record['tailed_path']}" oci_la_log_source_name "{{ $logDefinition.ociLALogSourceName | required (printf "fluentd.kubernetesSystem.logs.%s.ociLALogSourceName is required" $name) }}" - {{- if $logDefinition.ociLAEntityID }} - oci_la_entity_id "{{ $logDefinition.ociLAEntityID }}" - {{- else }} - oci_la_entity_id "{{ $.Values.fluentd.kubernetesSystem.ociLAEntityID | default $.Values.ociLAEntityID }}" - {{- end }} {{- if $logDefinition.ociLALogSet }} oci_la_log_set "{{ $logDefinition.ociLALogSet }}" {{- else }} @@ -205,11 +200,6 @@ data: {{- end }} oci_la_log_path "${record['tailed_path']}" oci_la_log_source_name "{{ $logDefinition.ociLALogSourceName | required (printf "fluentd.linuxSystem.logs.%s.ociLALogSourceName is required" $name) }}" - {{- if $logDefinition.ociLAEntityID }} - oci_la_entity_id "{{ $logDefinition.ociLAEntityID }}" - {{- else }} - oci_la_entity_id "{{ $.Values.fluentd.linuxSystem.ociLAEntityID | default $.Values.ociLAEntityID }}" - {{- end }} {{- if $logDefinition.ociLALogSet }} oci_la_log_set "{{ $logDefinition.ociLALogSet }}" {{- else }} @@ -294,11 +284,6 @@ data: {{- end }} oci_la_log_path "${record['tailed_path']}" oci_la_log_source_name "{{ required "fluentd.linuxSystem.logs.kubeletlog.ociLALogSourceName is required" $.Values.fluentd.linuxSystem.logs.kubeletlog.ociLALogSourceName }}" - {{- if $.Values.fluentd.linuxSystem.logs.kubeletlog.ociLAEntityID }} - oci_la_entity_id "{{ $.Values.fluentd.linuxSystem.logs.kubeletlog.ociLAEntityID }}" - {{- else }} - oci_la_entity_id "{{ $.Values.fluentd.linuxSystem.ociLAEntityID | default $.Values.ociLAEntityID }}" - {{- end }} {{- if $.Values.fluentd.linuxSystem.logs.kubeletlog.ociLALogSet }} oci_la_log_set "{{ $.Values.fluentd.linuxSystem.logs.kubeletlog.ociLALogSet }}" {{- else }} @@ -329,11 +314,6 @@ data: {{- end }} oci_la_log_path "${record['tailed_path']}" oci_la_log_source_name "{{ required "fluentd.linuxSystem.logs.syslog.ociLALogSourceName is required" $.Values.fluentd.linuxSystem.logs.syslog.ociLALogSourceName }}" - {{- if $.Values.fluentd.linuxSystem.logs.syslog.ociLAEntityID }} - oci_la_entity_id "{{ $.Values.fluentd.linuxSystem.logs.syslog.ociLAEntityID }}" - {{- else }} - oci_la_entity_id "{{ $.Values.fluentd.linuxSystem.ociLAEntityID | default $.Values.ociLAEntityID }}" - {{- end }} {{- if $.Values.fluentd.linuxSystem.logs.syslog.ociLALogSet }} oci_la_log_set "{{ $.Values.fluentd.linuxSystem.logs.syslog.ociLALogSet }}" {{- else }} @@ -408,7 +388,6 @@ data: {{- end }} oci_la_log_path "${record['tailed_path']}" oci_la_log_source_name "{{ $logDefinition.ociLALogSourceName | required (printf "fluentd.customLogs.%s.ociLALogSourceName is required" $name) }}" - oci_la_entity_id "{{ $logDefinition.ociLAEntityID | default $.Values.ociLAEntityID }}" oci_la_log_set "{{ $logDefinition.ociLALogSet | default $.Values.ociLALogSet }}" {{- if and (ne "false" ($logDefinition.isContainerLog | toString)) (eq $runtime "docker") }} message "${record['log']}" @@ -515,7 +494,6 @@ data: oci_la_log_group_id ${record.dig("kubernetes", "annotations", "oracle.com/oci_la_log_group_id") ? record.dig("kubernetes", "annotations", "oracle.com/oci_la_log_group_id") : "{{ $.Values.fluentd.genericContainerLogs.ociLALogGroupID | default $.Values.ociLALogGroupID }}"} oci_la_log_path "${record['tailed_path']}" oci_la_log_source_name ${record.dig("kubernetes", "annotations", "oracle.com/oci_la_log_source_name") ? record.dig("kubernetes", "annotations", "oracle.com/oci_la_log_source_name") : "{{ $.Values.fluentd.genericContainerLogs.ociLALogSourceName | default "Kubernetes Container Generic Logs" }}"} - oci_la_entity_id ${record.dig("kubernetes", "annotations", "oracle.com/oci_la_entity_id") ? record.dig("kubernetes", "annotations", "oracle.com/oci_la_entity_id") : "{{ $.Values.fluentd.genericContainerLogs.ociLAEntityID | default $.Values.ociLAEntityID }}"} oci_la_log_set ${record.dig("kubernetes", "annotations", "oracle.com/oci_la_log_set") ? record.dig("kubernetes", "annotations", "oracle.com/oci_la_log_set") : "{{ $.Values.fluentd.genericContainerLogs.ociLALogSet | default $.Values.ociLALogSet }}"} {{- if eq $runtime "docker" }} message "${record['log']}" diff --git a/charts/logan/templates/objects-configmap.yaml b/charts/logan/templates/objects-configmap.yaml index 91687cb7..c4836a0d 100644 --- a/charts/logan/templates/objects-configmap.yaml +++ b/charts/logan/templates/objects-configmap.yaml @@ -100,7 +100,6 @@ data: oci_la_metadata ${{"{{"}}"Kubernetes Cluster Name":"{{ $kubernetesClusterName }}", "Kubernetes Cluster ID": "{{ $kubernetesClusterId }}" {{- range $k, $v := .Values.metadata }},{{ $k | quote }}: {{ $v | quote -}} {{- end }}{{"}}"}} {{- end }} oci_la_log_group_id "{{ .Values.fluentd.kubernetesObjects.ociLALogGroupID | default .Values.ociLALogGroupID }}" - oci_la_entity_id "{{ .Values.fluentd.kubernetesObjects.ociLAEntityID | default .Values.ociLAEntityID }}" oci_la_log_set "{{ .Values.fluentd.kubernetesObjects.ociLALogSet | default .Values.ociLALogSet }}" oci_la_log_path ${tag} oci_la_log_source_name "Kubernetes Object Logs" diff --git a/charts/logan/values.yaml b/charts/logan/values.yaml index 0561df70..32ec6f36 100644 --- a/charts/logan/values.yaml +++ b/charts/logan/values.yaml @@ -67,8 +67,9 @@ kubernetesClusterID: # e.g. production-cluster kubernetesClusterName: -# -- Logging Analytics OCID for OKE Cluster -#ociLAEntityID: +# -- Kubernetes Cluster Entity OCID. +# e.g. ocid1.loganalyticsentity.oc1.phx.amaaaaaabulluiqabqeq4delvhdlmd7aqcjrdla57n2szsxyz7pfdvnhwuua +ociLAClusterEntityID: # Logging Analytics additional metadata. Use this to tag all the collected logs with one or more key:value pairs. # Key must be a valid field in Logging Analytics @@ -231,7 +232,6 @@ fluentd: #"Client Host Region": "America" #"Environment": "Production" #"Third Key": "Third Value" - #ociLAEntityID: #encoding: # Worker number in case of multi process workers enabled. If not set when multi process workers enabled, then it defaults to 0. #worker: @@ -249,7 +249,6 @@ fluentd: #"Client Host Region": "America" #"Environment": "Production" #"Third Key": "Third Value" - #ociLAEntityID: #ociLALogGroupID: #encoding: # Worker number in case of multi process workers enabled. If not set when multi process workers enabled, then it defaults to 0. @@ -311,7 +310,6 @@ fluentd: #"Client Host Region": "America" #"Environment": "Production" #"Third Key": "Third Value" - #ociLAEntityID: #encoding: # Worker number in case of multi process workers enabled. If not set when multi process workers enabled, then it defaults to 0. #worker: @@ -417,7 +415,6 @@ fluentd: #"Client Host Region": "America" #"Environment": "Production" #"Third Key": "Third Value" - #ociLAEntityID: #encoding: # Worker number in case of multi process workers enabled. If not set when multi process workers enabled, then it defaults to 0. #worker: @@ -445,7 +442,6 @@ fluentd: #"Client Host Region": "America" #"Environment": "Production" #"Third Key": "Third Value" - #ociLAEntityID: #ociLALogGroupID: objectsList: nodes: From 56cf530889f4106ae19f70105568330c377309e4 Mon Sep 17 00:00:00 2001 From: paliwalparitosh Date: Mon, 4 Sep 2023 18:10:32 +0530 Subject: [PATCH 24/45] sets mgmt agent key life-span/expiry to 1 year --- terraform/modules/mgmt_agent/agent.tf | 1 + 1 file changed, 1 insertion(+) diff --git a/terraform/modules/mgmt_agent/agent.tf b/terraform/modules/mgmt_agent/agent.tf index 45f50c3e..32e6d066 100644 --- a/terraform/modules/mgmt_agent/agent.tf +++ b/terraform/modules/mgmt_agent/agent.tf @@ -9,4 +9,5 @@ locals { resource "oci_management_agent_management_agent_install_key" "Kubernetes_AgentInstallKey" { compartment_id = var.compartment_ocid display_name = "k8_mgmt_agent_key-${var.uniquifier}" + time_expires = timeadd(timestamp(), "8760h") # 1 year } \ No newline at end of file From 33ada92ca520321ccadee3993185ec65a77493c6 Mon Sep 17 00:00:00 2001 From: paliwalparitosh Date: Mon, 4 Sep 2023 18:15:30 +0530 Subject: [PATCH 25/45] fixes typos and lang updates --- README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index e9776848..5769ce55 100644 --- a/README.md +++ b/README.md @@ -18,7 +18,7 @@ It does extensive enrichment of logs, metrics and object information to enable c ![Kubernetes Cluster Summary Dashboard](logan/images/kubernetes-cluster-summary-dashboard.png)
- Expand for more dasshboard screenshots + Expand for more dashboard screenshots ![Kubernetes Nodes Dashboard](logan/images/kubernetes-nodes-dashboard.png) @@ -67,9 +67,9 @@ It does extensive enrichment of logs, metrics and object information to enable c ```
-### Installation instructions +### Installation instructions -#### Multiple methods of installation are avialble, with following differences: +#### Multiple methods of installation are available, with following differences | Deployment Method | Supported Environments | Collection Automation | Dashboards | Customzations | | ----| :----:| :----:| :---: | ---| @@ -114,7 +114,7 @@ It does extensive enrichment of logs, metrics and object information to enable c # Provide the base64 encoded content of the Management Agent Install Key file installKeyFileContent: ``` -* **Refer to the oci-onm chart and sub-charts values.yaml for customising or modifying any other configuration.** It is recommended to not modify the values.yaml provided with the charts, instead use override_values.yaml to achieve the same. +* **Refer to the values.yaml file in oci-onm chart and sub-charts for customising or modifying any other configuration.** It is recommended to not modify the values.yaml provided with the charts, instead use override_values.yaml to achieve the same. ##### 3.a Install helm release From 678c6f7afa2487056f39b41f475e903dc0384022 Mon Sep 17 00:00:00 2001 From: paliwalparitosh Date: Mon, 4 Sep 2023 18:29:38 +0530 Subject: [PATCH 26/45] fixes for livelab stack --- terraform/oke/schema.yaml | 3 +++ util/build_stack.sh | 4 ++-- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/terraform/oke/schema.yaml b/terraform/oke/schema.yaml index cd5fc542..704a3eb7 100644 --- a/terraform/oke/schema.yaml +++ b/terraform/oke/schema.yaml @@ -112,6 +112,9 @@ variables: - "Only OCI Resources" default: "Full" required: true + visible: + not: + - livelab_switch # Option to enable/disable metric server installation during helm deployment opt_deploy_metric_server: diff --git a/util/build_stack.sh b/util/build_stack.sh index 1c04749e..f8fee895 100755 --- a/util/build_stack.sh +++ b/util/build_stack.sh @@ -142,8 +142,8 @@ echo -e "Switched to temp dir" # update livelab switch input to true if [ -n "$LIVE_LAB_BUILD" ]; then - sed "s/false/true/g" -i livelab-switch.tf - echo -e "Enabled livelab switch in livelab-switch.tf" + sed "s/false/true/g" -i livelab_switch.tf + echo -e "Enabled livelab switch in livelab_switch.tf" fi # create zip From 0d8724e49a843bcdcdf6b6ca3632d5c2549db90f Mon Sep 17 00:00:00 2001 From: paliwalparitosh Date: Wed, 6 Sep 2023 11:54:35 +0530 Subject: [PATCH 27/45] included content changes as per TC review --- terraform/oke/schema.yaml | 46 +++++++++++++++++++-------------------- 1 file changed, 23 insertions(+), 23 deletions(-) diff --git a/terraform/oke/schema.yaml b/terraform/oke/schema.yaml index 704a3eb7..19899d1d 100644 --- a/terraform/oke/schema.yaml +++ b/terraform/oke/schema.yaml @@ -3,8 +3,8 @@ # yaml-language-server: $schema=./meta-schema.yaml title: OCI Kubernetes Monitoring Solution -description: OCI Kubernetes Monitoring Solution is a turn-key Kubernetes monitoring and management package based on OCI Logging Analytics cloud service, OCI Monitoring, OCI Management Agent. -informationalText: OCI Kubernetes Monitoring Solution is a turn-key Kubernetes monitoring and management package based on OCI Logging Analytics cloud service, OCI Monitoring, OCI Management Agent. +description: "OCI Kubernetes Monitoring Solution is a turn-key Kubernetes monitoring and management package based on the following OCI services: Logging Analytics, Monitoring, and Management Agent." +informationalText: "OCI Kubernetes Monitoring Solution is a turn-key Kubernetes monitoring and management package based on the following OCI services: Logging Analytics, Monitoring, and Management Agent." schemaVersion: 1.1.0 version: "20221004" @@ -46,14 +46,14 @@ variableGroups: - oke_cluster_entity_ocid visible: false - - title: "Select an OKE Cluster deployed in this region to start monitoring" - description: "Use CLI (Helm) if your cluster does not have public API Endpoint or restricted from accessing container-registry.oracle.com. See: https://github.com/oracle-quickstart/oci-kubernetes-monitoring" + - title: Select an OKE cluster deployed in this region to start monitoring. + description: "Use CLI (Helm) if your cluster does not have a public API endpoint or if it's restricted from accessing container-registry.oracle.com. See: https://github.com/oracle-quickstart/oci-kubernetes-monitoring" variables: - oke_compartment_ocid - oke_cluster_ocid - title: "OCI Observability & Management Services Configuration" - description: "See: https://github.com/oracle-quickstart/oci-kubernetes-monitoring for list of resources created" + description: "For a list of resources created, see: https://github.com/oracle-quickstart/oci-kubernetes-monitoring" variables: - stack_deployment_option - opt_deploy_metric_server @@ -63,7 +63,7 @@ variableGroups: - oci_la_logGroup_name - fluentd_baseDir_path - - title: "OCI IAM Policies and Dynaimic Groups (Optional)" + - title: OCI IAM Policies and Dynamic Groups (Optional) variables: - opt_create_dynamicGroup_and_policies @@ -77,7 +77,7 @@ variables: oke_compartment_ocid: type: oci:identity:compartment:id required: true - title: "Select OKE Cluster Compartment" + title: "Select OKE cluster compartment" default: compartment_ocid # OKE Cluster OCID @@ -85,7 +85,7 @@ variables: type: oci:container:cluster:id dependsOn: compartmentId: ${oke_compartment_ocid} - title: Select OKE Cluster + title: Select OKE cluster required: true # kubernetes_namespace: @@ -104,8 +104,8 @@ variables: # Stack Deployment Options stack_deployment_option: - title: "Deployment Options" - description: '"Full" option creates both OCI and K8s resources.' + title: Deployment options + description: 'The "Full" option creates both OCI and K8s resources.' type: enum enum: # Dev Note - # Any change in following options must be refactored across schema.yaml - "Full" @@ -119,8 +119,8 @@ variables: # Option to enable/disable metric server installation during helm deployment opt_deploy_metric_server: type: boolean - title: Enable Metric Server Installation - description: Uncheck this if Metric Server is already installed in your cluster. + title: Enable Metric Server installation + description: Clear this check box if Metric Server is already installed in your cluster. default: true visible: and: @@ -134,14 +134,14 @@ variables: oci_onm_compartment_ocid: type: oci:identity:compartment:id required: true - title: Select compartment for Logging Analytics, Management Agent, and Monitoring service resources - description: This compartment will be used for creating Dashboards, Log Groups, Entities, Management Agent Keys, Metrics Namespace etc. See https://github.com/oracle-quickstart/oci-kubernetes-monitoring for full list of resources. + title: Select compartment for Logging Analytics, Management Agent, and Monitoring service resources. + description: "This compartment will be used for creating dashboards, log groups, entities, Management Agent keys, metric namespaces, and related resources. For a full list of resources, see: https://github.com/oracle-quickstart/oci-kubernetes-monitoring" default: compartment_ocid # Option to create Logging Analytics opt_create_new_la_logGroup: # change this to create new log group type: boolean - title: Check if you want to create a new Log Group + title: Select this check box if you want to create a new log group. default: false visible: not: @@ -152,8 +152,8 @@ variables: type: oci:logan:loggroup:id dependsOn: compartmentId: ${oci_onm_compartment_ocid} - title: OCI Logging Analytics Log Group - description: Log Groups are logical containers for log data, and provide access control for your data using IAM Policies. + title: OCI Logging Analytics log group + description: Log groups are logical containers for log data, and they provide access control for your data using IAM policies. required: true visible: not: @@ -165,8 +165,8 @@ variables: maxLength: 255 minLength: 1 required: true - title: "OCI Logging Analytics Log Group Name" - description: "Tip: Give a unique name which can be identified with your cluster name to make it easy to find in Dashboards and Logs Explorer" + title: OCI Logging Analytics log group name + description: "Tip: To make the log group easy to find in Dashboards and Logs Explorer pages, provide a unique name associated with your cluster name." visible: and: - opt_create_new_la_logGroup @@ -177,8 +177,8 @@ variables: type: string maxLength: 255 minLength: 1 - title: FluentD Working Directory - description: A directory on the node (with read & write permission) to use for storing Fluentd related data + title: FluentD working directory + description: A directory on the node (with read & write permission) to use for storing data related to Fluentd. default: /var/log required: true pattern: '^/[\w- /]*$' @@ -197,8 +197,8 @@ variables: # Option to create Dynamic Group and Policies opt_create_dynamicGroup_and_policies: type: boolean - title: Check to create Dynamic Group and Policies required for deploying monitoring solution + title: Select this check box to create dynamic groups and policies that are required for deploying the monitoring solution. #description: "Ref: https://github.com/oracle-quickstart/oci-kubernetes-monitoring#pre-requisites" - description: "Note: The dynamic group definition must be updated, if node pool(s) and OKE Cluster are in different compartments." + description: "Note: If node pools and the OKE cluster are in different compartments, then the dynamic group definition must be updated." default: false required: true \ No newline at end of file From 8f446bc5ecda398123a89ad40cd7ec0f011dfee7 Mon Sep 17 00:00:00 2001 From: paliwalparitosh Date: Tue, 12 Sep 2023 15:04:34 +0530 Subject: [PATCH 28/45] tc review fix --- terraform/oke/schema.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/terraform/oke/schema.yaml b/terraform/oke/schema.yaml index 19899d1d..e8fb40de 100644 --- a/terraform/oke/schema.yaml +++ b/terraform/oke/schema.yaml @@ -52,7 +52,7 @@ variableGroups: - oke_compartment_ocid - oke_cluster_ocid - - title: "OCI Observability & Management Services Configuration" + - title: "OCI Observability and Management Services Configuration" description: "For a list of resources created, see: https://github.com/oracle-quickstart/oci-kubernetes-monitoring" variables: - stack_deployment_option @@ -99,7 +99,7 @@ variables: # required: true #### - ## OCI Observability & Management Services Configuration + ## OCI Observability and Management Services Configuration #### # Stack Deployment Options From 5f03ce56d7bbaa96704dc09fd4466b1915f483fe Mon Sep 17 00:00:00 2001 From: paliwalparitosh Date: Wed, 27 Sep 2023 19:20:32 +0530 Subject: [PATCH 29/45] adds option to render templates independently --- terraform/modules/helm/helm.tf | 233 +++++++++++++------------- terraform/modules/helm/inputs.tf | 253 +++++++++++++++-------------- terraform/modules/helm/outputs.tf | 4 + terraform/oke/developer-options.tf | 118 +++++++------- terraform/oke/outputs.tf | 4 + terraform/oke/schema.yaml | 1 + 6 files changed, 313 insertions(+), 300 deletions(-) create mode 100644 terraform/modules/helm/outputs.tf diff --git a/terraform/modules/helm/helm.tf b/terraform/modules/helm/helm.tf index 9dfd601c..a34017ec 100644 --- a/terraform/modules/helm/helm.tf +++ b/terraform/modules/helm/helm.tf @@ -1,121 +1,114 @@ -# Copyright (c) 2023, Oracle and/or its affiliates. -# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl. - -data "oci_containerengine_clusters" "oke_clusters_list" { - compartment_id = var.oke_compartment_ocid -} - -locals { - helm_repo_url = "https://oracle-quickstart.github.io/oci-kubernetes-monitoring" - helm_repo_chart = "oci-onm" - - oke_clusters_list = data.oci_containerengine_clusters.oke_clusters_list.clusters - oke_cluster_name = var.oke_cluster_name == "NoInput" ? [for c in local.oke_clusters_list : - c.name if c.id == var.oke_cluster_ocid][0] : var.oke_cluster_name - oke_cluster_entity_ocid = var.oke_cluster_entity_ocid == "NoInput" ? null : var.oke_cluster_entity_ocid - - helm_inputs = { - # global - "global.namespace" = var.deploy_mushop_config ? "livelab-test" : var.kubernetes_namespace - "global.kubernetesClusterID" = var.oke_cluster_ocid - "global.kubernetesClusterName" = local.oke_cluster_name - - # oci-onm-logan - "oci-onm-logan.ociLANamespace" = var.oci_la_namespace - "oci-onm-logan.ociLALogGroupID" = var.oci_la_logGroup_id - "oci-onm-logan.image.url" = var.logan_container_image_url - "oci-onm-logan.fluentd.baseDir" = var.fluentd_baseDir_path - - #oci-onm-mgmt-agent - "oci-onm-mgmt-agent.mgmtagent.installKeyFileContent" = var.mgmt_agent_install_key_content - "oci-onm-mgmt-agent.mgmtagent.image.url" = var.mgmt_agent_container_image_url - "oci-onm-mgmt-agent.deployMetricServer" = var.opt_deploy_metric_server - } - - mushop_helm_inputs = { - # oci-onm-logan - "createServiceAccount" = false - "serviceAccount" = var.livelab_service_account - } -} - -# Create helm release -resource "helm_release" "oci-kubernetes-monitoring" { - name = "oci-kubernetes-monitoring" - repository = var.use_local_helm_chart ? null : local.helm_repo_url - chart = var.use_local_helm_chart ? var.helm_abs_path : local.helm_repo_chart - wait = true - dependency_update = true - atomic = true - - values = var.deploy_mushop_config ? ["${file("${path.module}/mushop_values.yaml")}"] : null - - dynamic "set" { - for_each = local.helm_inputs - content { - name = set.key - value = set.value - } - } - - dynamic "set" { - for_each = var.oke_cluster_entity_ocid == "NoInput" ? [] : ["run_once"] - content { - name = "oci-onm-logan.ociLAClusterEntityID" - value = var.oke_cluster_entity_ocid - } - } - - dynamic "set" { - for_each = var.deploy_mushop_config ? local.mushop_helm_inputs : {} - content { - name = set.key - value = set.value - } - } - - count = var.generate_helm_template ? 0 : 1 -} - -# Create helm template -data "helm_template" "oci-kubernetes-monitoring" { - name = "oci-kubernetes-monitoring" - repository = var.use_local_helm_chart ? null : local.helm_repo_url - chart = var.use_local_helm_chart ? var.helm_abs_path : local.helm_repo_chart - dependency_update = true - - values = var.deploy_mushop_config ? ["${file("${path.module}/mushop_values.yaml")}"] : null - - dynamic "set" { - for_each = local.helm_inputs - content { - name = set.key - value = set.value - } - } - - dynamic "set" { - for_each = var.oke_cluster_entity_ocid == "NoInput" ? [] : ["run_once"] - content { - name = "oci-onm-logan.ociLAClusterEntityID" - value = var.oke_cluster_entity_ocid - } - } - - dynamic "set" { - for_each = var.deploy_mushop_config ? local.mushop_helm_inputs : {} - content { - name = set.key - value = set.value - } - } - - count = var.generate_helm_template ? 1 : 0 -} - -# Helm release artifacts for local testing and validation. Not used by helm resource. -resource "local_file" "helm_release" { - content = tostring(data.helm_template.oci-kubernetes-monitoring[0].manifest) - filename = "${path.module}/local/helmrelease.yaml" - count = var.generate_helm_template ? 1 : 0 +# Copyright (c) 2023, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl. + +data "oci_containerengine_clusters" "oke_clusters_list" { + compartment_id = var.oke_compartment_ocid +} + +locals { + helm_repo_url = "https://oracle-quickstart.github.io/oci-kubernetes-monitoring" + helm_repo_chart = "oci-onm" + + oke_clusters_list = data.oci_containerengine_clusters.oke_clusters_list.clusters + oke_cluster_name = var.oke_cluster_name == "NoInput" ? [for c in local.oke_clusters_list : + c.name if c.id == var.oke_cluster_ocid][0] : var.oke_cluster_name + oke_cluster_entity_ocid = var.oke_cluster_entity_ocid == "NoInput" ? null : var.oke_cluster_entity_ocid + + helm_inputs = { + # global + "global.namespace" = var.deploy_mushop_config ? "livelab-test" : var.kubernetes_namespace + "global.kubernetesClusterID" = var.oke_cluster_ocid + "global.kubernetesClusterName" = local.oke_cluster_name + + # oci-onm-logan + "oci-onm-logan.ociLANamespace" = var.oci_la_namespace + "oci-onm-logan.ociLALogGroupID" = var.oci_la_logGroup_id + "oci-onm-logan.image.url" = var.logan_container_image_url + "oci-onm-logan.fluentd.baseDir" = var.fluentd_baseDir_path + + #oci-onm-mgmt-agent + "oci-onm-mgmt-agent.mgmtagent.installKeyFileContent" = var.mgmt_agent_install_key_content + "oci-onm-mgmt-agent.mgmtagent.image.url" = var.mgmt_agent_container_image_url + "oci-onm-mgmt-agent.deployMetricServer" = var.opt_deploy_metric_server + } + + mushop_helm_inputs = { + # oci-onm-logan + "createServiceAccount" = false + "serviceAccount" = var.livelab_service_account + } +} + +# Create helm release +resource "helm_release" "oci-kubernetes-monitoring" { + name = "oci-kubernetes-monitoring" + repository = var.use_local_helm_chart ? null : local.helm_repo_url + chart = var.use_local_helm_chart ? var.helm_abs_path : local.helm_repo_chart + wait = true + dependency_update = true + atomic = true + + values = var.deploy_mushop_config ? ["${file("${path.module}/mushop_values.yaml")}"] : null + + dynamic "set" { + for_each = local.helm_inputs + content { + name = set.key + value = set.value + } + } + + dynamic "set" { + for_each = var.oke_cluster_entity_ocid == "NoInput" ? [] : ["run_once"] + content { + name = "oci-onm-logan.ociLAClusterEntityID" + value = var.oke_cluster_entity_ocid + } + } + + dynamic "set" { + for_each = var.deploy_mushop_config ? local.mushop_helm_inputs : {} + content { + name = set.key + value = set.value + } + } + + count = var.install_helm ? 1 : 0 +} + +# Create helm template +data "helm_template" "oci-kubernetes-monitoring" { + name = "oci-kubernetes-monitoring" + repository = var.use_local_helm_chart ? null : local.helm_repo_url + chart = var.use_local_helm_chart ? var.helm_abs_path : local.helm_repo_chart + dependency_update = true + + values = var.deploy_mushop_config ? ["${file("${path.module}/mushop_values.yaml")}"] : null + + dynamic "set" { + for_each = local.helm_inputs + content { + name = set.key + value = set.value + } + } + + dynamic "set" { + for_each = var.oke_cluster_entity_ocid == "NoInput" ? [] : ["run_once"] + content { + name = "oci-onm-logan.ociLAClusterEntityID" + value = var.oke_cluster_entity_ocid + } + } + + dynamic "set" { + for_each = var.deploy_mushop_config ? local.mushop_helm_inputs : {} + content { + name = set.key + value = set.value + } + } + + count = var.generate_helm_template ? 1 : 0 } \ No newline at end of file diff --git a/terraform/modules/helm/inputs.tf b/terraform/modules/helm/inputs.tf index 908fbb24..d0694bfe 100644 --- a/terraform/modules/helm/inputs.tf +++ b/terraform/modules/helm/inputs.tf @@ -1,125 +1,130 @@ -# Copyright (c) 2023, Oracle and/or its affiliates. -# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl. - -#### -## Switches -#### - -variable "generate_helm_template" { - type = bool - default = false -} - -variable "use_local_helm_chart" { - type = bool - default = false -} - -#### -## Helm chart -#### - -# Used for local testing -# Absoulte path to helm chart directory -variable "helm_abs_path" { - type = string - default = "optional" -} - -#### -## OKE Cluster Information -#### - -# OKE Cluster Compartment -variable "oke_compartment_ocid" { - type = string -} - -# OKE Cluster OCID -variable "oke_cluster_ocid" { - type = string -} - -# OKE Cluster Name -variable "oke_cluster_name" { - type = string - default = "NoInput" # refactor, if need to change default input -} - -# OKE Cluster Entity OCID -variable "oke_cluster_entity_ocid" { - type = string - default = "NoInput" # refactor, if need to change default input -} - -# Kubernetes Namespace -variable "kubernetes_namespace" { - type = string -} - -#### -## OCI Logging Analytics Information -#### - -# OCI Logging Analytics LogGroup OCID -variable "oci_la_logGroup_id" { - type = string - default = "" -} - -# Log Analytics Namespace -variable "oci_la_namespace" { - type = string -} - -#### -## Fluentd Configuration -#### - -# OCI LA Fluentd Container Image -variable "logan_container_image_url" { - type = string - default = "container-registry.oracle.com/oci_observability_management/oci-la-fluentd-collector:1.0.0" -} - -# Fluentd Base Directory -variable "fluentd_baseDir_path" { - type = string - default = "/var/log" -} - -#### -## Management Agent Configuration -#### - -variable "mgmt_agent_install_key_content" { - type = string -} - -# OCI Management Agent Container Image -variable "mgmt_agent_container_image_url" { - type = string - default = "container-registry.oracle.com/oci_observability_management/oci-management-agent:1.0.0" -} - -# Option to control the metric server deployment inside kubernetes cluster -variable "opt_deploy_metric_server" { - type = bool - default = true -} - -#### -## livelab -#### - -# Option to deploy mushop specific values.yaml (inputs) -variable "deploy_mushop_config" { - type = bool - default = false -} - -# Service Account to be used when working on livelab cluster -variable "livelab_service_account" { - type = string - default = "" +# Copyright (c) 2023, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl. + +#### +## Switches +#### + +variable "generate_helm_template" { + type = bool + default = false +} + +variable "install_helm" { + type = bool + default = true +} + +variable "use_local_helm_chart" { + type = bool + default = false +} + +#### +## Helm chart +#### + +# Used for local testing +# Absoulte path to helm chart directory +variable "helm_abs_path" { + type = string + default = "optional" +} + +#### +## OKE Cluster Information +#### + +# OKE Cluster Compartment +variable "oke_compartment_ocid" { + type = string +} + +# OKE Cluster OCID +variable "oke_cluster_ocid" { + type = string +} + +# OKE Cluster Name +variable "oke_cluster_name" { + type = string + default = "NoInput" # refactor, if need to change default input +} + +# OKE Cluster Entity OCID +variable "oke_cluster_entity_ocid" { + type = string + default = "NoInput" # refactor, if need to change default input +} + +# Kubernetes Namespace +variable "kubernetes_namespace" { + type = string +} + +#### +## OCI Logging Analytics Information +#### + +# OCI Logging Analytics LogGroup OCID +variable "oci_la_logGroup_id" { + type = string + default = "" +} + +# Log Analytics Namespace +variable "oci_la_namespace" { + type = string +} + +#### +## Fluentd Configuration +#### + +# OCI LA Fluentd Container Image +variable "logan_container_image_url" { + type = string + default = "container-registry.oracle.com/oci_observability_management/oci-la-fluentd-collector:1.0.0" +} + +# Fluentd Base Directory +variable "fluentd_baseDir_path" { + type = string + default = "/var/log" +} + +#### +## Management Agent Configuration +#### + +variable "mgmt_agent_install_key_content" { + type = string +} + +# OCI Management Agent Container Image +variable "mgmt_agent_container_image_url" { + type = string + default = "container-registry.oracle.com/oci_observability_management/oci-management-agent:1.0.0" +} + +# Option to control the metric server deployment inside kubernetes cluster +variable "opt_deploy_metric_server" { + type = bool + default = true +} + +#### +## livelab +#### + +# Option to deploy mushop specific values.yaml (inputs) +variable "deploy_mushop_config" { + type = bool + default = false +} + +# Service Account to be used when working on livelab cluster +variable "livelab_service_account" { + type = string + default = "" } \ No newline at end of file diff --git a/terraform/modules/helm/outputs.tf b/terraform/modules/helm/outputs.tf new file mode 100644 index 00000000..5e0a5e50 --- /dev/null +++ b/terraform/modules/helm/outputs.tf @@ -0,0 +1,4 @@ +# Helm release artifacts for local testing and validation. +output "helm_template" { + value = var.generate_helm_template ? data.helm_template.oci-kubernetes-monitoring[0].manifest : null +} \ No newline at end of file diff --git a/terraform/oke/developer-options.tf b/terraform/oke/developer-options.tf index e126b414..1c434355 100644 --- a/terraform/oke/developer-options.tf +++ b/terraform/oke/developer-options.tf @@ -1,57 +1,63 @@ -# Copyright (c) 2023, Oracle and/or its affiliates. -# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl. - -#### -## Switches - These inputs are meant to be used for development purpose only -## Leave it to default for production use -#### - -# Enable/Disable livelab module -variable "dev_switch_livelab_module" { - type = bool - default = true -} - -# Enable/Disable helm module -variable "dev_switch_helm_module" { - type = bool - default = true -} - -# when false, public helm repo is used for deployment -variable "dev_switch_use_local_helm_chart" { - type = bool - default = false -} - -# Enable/Disable helm template. When set as true, -# - helm module will generate template file inside ../modules/helm/local directory -# - Setting this to true disables/skips the helm release -variable "dev_switch_generate_helm_template" { - type = bool - default = false -} - -# Enable/Disable logan dashboards module -variable "dev_switch_dashboards_module" { - type = bool - default = true -} - -# Enable/Disable management agent module -variable "dev_switch_mgmt_agent_module" { - type = bool - default = true -} - -# Enable/Disable management agent module -variable "dev_switch_logan_module" { - type = bool - default = true -} - -# Enable/Disable IAM module -variable "dev_switch_iam_module" { - type = bool - default = true +# Copyright (c) 2023, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl. + +#### +## Switches - These inputs are meant to be used for development purpose only +## Leave it to default for production use +#### + +# Enable/Disable livelab module +variable "dev_switch_livelab_module" { + type = bool + default = true +} + +# Enable/Disable helm module +variable "dev_switch_helm_module" { + type = bool + default = true +} + +# when false, public helm repo is used for deployment +variable "dev_switch_use_local_helm_chart" { + type = bool + default = false +} + +# Enable/Disable helm template. When set as true, +# - helm module will generate template file inside ../modules/helm/local directory +# - Setting this to true disables/skips the helm release +variable "dev_switch_generate_helm_template" { + type = bool + default = false +} + +# Enable/Disable helm installation. +variable "dev_switch_install_helm" { + type = bool + default = true +} + +# Enable/Disable logan dashboards module +variable "dev_switch_dashboards_module" { + type = bool + default = true +} + +# Enable/Disable management agent module +variable "dev_switch_mgmt_agent_module" { + type = bool + default = true +} + +# Enable/Disable management agent module +variable "dev_switch_logan_module" { + type = bool + default = true +} + +# Enable/Disable IAM module +variable "dev_switch_iam_module" { + type = bool + default = true } \ No newline at end of file diff --git a/terraform/oke/outputs.tf b/terraform/oke/outputs.tf index 20ad2bc6..57c37c95 100644 --- a/terraform/oke/outputs.tf +++ b/terraform/oke/outputs.tf @@ -71,4 +71,8 @@ output "oci_la_logGroup_ocid" { output "mgmt_agent_install_key_content" { value = local.module_controls_enable_mgmt_agent_module ? module.management_agent[0].mgmt_agent_install_key_content : null +} + +output "helm_template" { + value = local.module_controls_enable_helm_module && var.dev_switch_generate_helm_template ? module.helm_release[0].helm_template : null } \ No newline at end of file diff --git a/terraform/oke/schema.yaml b/terraform/oke/schema.yaml index e8fb40de..a7d376cf 100644 --- a/terraform/oke/schema.yaml +++ b/terraform/oke/schema.yaml @@ -28,6 +28,7 @@ variableGroups: - boat_auth - boat_tenancy_ocid - dev_switch_generate_helm_template + - dev_switch_install_helm - dev_switch_use_local_helm_chart - dev_switch_dashboards_module - dev_switch_helm_module From e77bb09d42df064a6554e753060bb415e5d24276 Mon Sep 17 00:00:00 2001 From: paliwalparitosh Date: Fri, 29 Sep 2023 14:27:28 +0530 Subject: [PATCH 30/45] adds lifecycle policy --- terraform/modules/mgmt_agent/agent.tf | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/terraform/modules/mgmt_agent/agent.tf b/terraform/modules/mgmt_agent/agent.tf index 32e6d066..89698f78 100644 --- a/terraform/modules/mgmt_agent/agent.tf +++ b/terraform/modules/mgmt_agent/agent.tf @@ -10,4 +10,8 @@ resource "oci_management_agent_management_agent_install_key" "Kubernetes_AgentIn compartment_id = var.compartment_ocid display_name = "k8_mgmt_agent_key-${var.uniquifier}" time_expires = timeadd(timestamp(), "8760h") # 1 year + + lifecycle { + ignore_changes = [ time_expires ] + } } \ No newline at end of file From f8035ef8222227ce22ef7d4f5cd9a694be2a1d24 Mon Sep 17 00:00:00 2001 From: paliwalparitosh Date: Fri, 29 Sep 2023 14:32:14 +0530 Subject: [PATCH 31/45] dev_switch_install_helm fix --- terraform/oke/developer-options.tf | 124 ++++++++--------- terraform/oke/main.tf | 211 +++++++++++++++-------------- 2 files changed, 168 insertions(+), 167 deletions(-) diff --git a/terraform/oke/developer-options.tf b/terraform/oke/developer-options.tf index 1c434355..c905ca61 100644 --- a/terraform/oke/developer-options.tf +++ b/terraform/oke/developer-options.tf @@ -1,63 +1,63 @@ -# Copyright (c) 2023, Oracle and/or its affiliates. -# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl. - -#### -## Switches - These inputs are meant to be used for development purpose only -## Leave it to default for production use -#### - -# Enable/Disable livelab module -variable "dev_switch_livelab_module" { - type = bool - default = true -} - -# Enable/Disable helm module -variable "dev_switch_helm_module" { - type = bool - default = true -} - -# when false, public helm repo is used for deployment -variable "dev_switch_use_local_helm_chart" { - type = bool - default = false -} - -# Enable/Disable helm template. When set as true, -# - helm module will generate template file inside ../modules/helm/local directory -# - Setting this to true disables/skips the helm release -variable "dev_switch_generate_helm_template" { - type = bool - default = false -} - -# Enable/Disable helm installation. -variable "dev_switch_install_helm" { - type = bool - default = true -} - -# Enable/Disable logan dashboards module -variable "dev_switch_dashboards_module" { - type = bool - default = true -} - -# Enable/Disable management agent module -variable "dev_switch_mgmt_agent_module" { - type = bool - default = true -} - -# Enable/Disable management agent module -variable "dev_switch_logan_module" { - type = bool - default = true -} - -# Enable/Disable IAM module -variable "dev_switch_iam_module" { - type = bool - default = true +# Copyright (c) 2023, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl. + +#### +## Switches - These inputs are meant to be used for development purpose only +## Leave it to default for production use +#### + +# Enable/Disable livelab module +variable "dev_switch_livelab_module" { + type = bool + default = true +} + +# Enable/Disable helm module +variable "dev_switch_helm_module" { + type = bool + default = true +} + +# when false, public helm repo is used for deployment +variable "dev_switch_use_local_helm_chart" { + type = bool + default = false +} + +# Enable/Disable helm template. When set as true, +# - helm module will generate template file inside ../modules/helm/local directory +# - Setting this to true disables/skips the helm release +variable "dev_switch_generate_helm_template" { + type = bool + default = false +} + +# Enable/Disable helm installation. +variable "dev_switch_install_helm" { + type = bool + default = true +} + +# Enable/Disable logan dashboards module +variable "dev_switch_dashboards_module" { + type = bool + default = true +} + +# Enable/Disable management agent module +variable "dev_switch_mgmt_agent_module" { + type = bool + default = true +} + +# Enable/Disable management agent module +variable "dev_switch_logan_module" { + type = bool + default = true +} + +# Enable/Disable IAM module +variable "dev_switch_iam_module" { + type = bool + default = true } \ No newline at end of file diff --git a/terraform/oke/main.tf b/terraform/oke/main.tf index e280b27e..09c7adfc 100644 --- a/terraform/oke/main.tf +++ b/terraform/oke/main.tf @@ -1,105 +1,106 @@ -# Copyright (c) 2023, Oracle and/or its affiliates. -# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl. - -locals { - livelab_service_account = var.livelab_switch ? module.livelab[0].service_account : "" - fluentd_baseDir_path = var.livelab_switch ? module.livelab[0].fluentd_baseDir_path : var.fluentd_baseDir_path - - oke_cluster_name = [for c in data.oci_containerengine_clusters.oke_clusters.clusters : c.name if c.id == var.oke_cluster_ocid][0] - - deploy_helm_ui_option = var.stack_deployment_option == "Full" ? true : false - - ## Module Controls are are final verdicts on if a module should be executed or not - ## Module dependencies should be included here as well so a module does not run when it's depenedent moudle is disabled - - module_controls_enable_livelab_module = alltrue([var.dev_switch_livelab_module, var.livelab_switch]) - module_controls_enable_dashboards_module = alltrue([var.dev_switch_dashboards_module]) - module_controls_enable_iam_module = alltrue([var.dev_switch_iam_module, var.opt_create_dynamicGroup_and_policies, !var.livelab_switch]) - module_controls_enable_logan_module = alltrue([var.dev_switch_logan_module]) - module_controls_enable_mgmt_agent_module = alltrue([var.dev_switch_mgmt_agent_module]) - module_controls_enable_helm_module = alltrue([var.dev_switch_helm_module, local.deploy_helm_ui_option, - local.module_controls_enable_mgmt_agent_module, local.module_controls_enable_logan_module]) -} - -// Only execute for livelab stack -// livelab module only supports local users -// it will error out when an identity domain user is used and livelab_switch is set as true -module "livelab" { - source = "./modules/livelab" - current_user_ocid = var.current_user_ocid - - count = local.module_controls_enable_livelab_module ? 1 : 0 - - /* providers = { - oci = oci.home_region - } */ -} - -// Import Kubernetes Dashboards -module "import_kubernetes_dashbords" { - source = "./modules/dashboards" - compartment_ocid = var.oci_onm_compartment_ocid - - count = local.module_controls_enable_dashboards_module ? 1 : 0 -} - -// Create Required Polcies and Dynamic Group -// Needs to be called with OCI Home Region Provider -module "policy_and_dynamic-group" { - source = "./modules/iam" - root_compartment_ocid = var.tenancy_ocid - oci_onm_compartment_ocid = var.oci_onm_compartment_ocid - oke_compartment_ocid = var.oke_compartment_ocid - oke_cluster_ocid = var.oke_cluster_ocid - - count = local.module_controls_enable_iam_module ? 1 : 0 - - providers = { - oci = oci.home_region - } -} - -// Create Logging Analytics Resorces -module "loggingAnalytics" { - source = "./modules/logan" - tenancy_ocid = var.tenancy_ocid - create_new_logGroup = var.opt_create_new_la_logGroup - new_logGroup_name = var.oci_la_logGroup_name - compartment_ocid = var.oci_onm_compartment_ocid - existing_logGroup_id = var.oci_la_logGroup_id - - count = local.module_controls_enable_logan_module ? 1 : 0 -} - -# Create a management agent key -module "management_agent" { - source = "./modules/mgmt_agent" - uniquifier = md5(var.oke_cluster_ocid) - compartment_ocid = var.oci_onm_compartment_ocid - - count = local.module_controls_enable_mgmt_agent_module ? 1 : 0 -} - -// deploy oke-monitoring solution (helm release) -module "helm_release" { - source = "./modules/helm" - helm_abs_path = abspath("./charts/oci-onm") - use_local_helm_chart = var.dev_switch_use_local_helm_chart - generate_helm_template = var.dev_switch_generate_helm_template - oke_compartment_ocid = var.oke_compartment_ocid - oke_cluster_ocid = var.oke_cluster_ocid - logan_container_image_url = var.logan_container_image_url - kubernetes_namespace = var.kubernetes_namespace - oci_la_logGroup_id = module.loggingAnalytics[0].oci_la_logGroup_ocid - oci_la_namespace = module.loggingAnalytics[0].oci_la_namespace - fluentd_baseDir_path = local.fluentd_baseDir_path - mgmt_agent_install_key_content = module.management_agent[0].mgmt_agent_install_key_content - mgmt_agent_container_image_url = var.mgmt_agent_container_image_url - opt_deploy_metric_server = var.livelab_switch ? true : var.opt_deploy_metric_server - deploy_mushop_config = var.livelab_switch - livelab_service_account = local.livelab_service_account - oke_cluster_name = var.oke_cluster_name - oke_cluster_entity_ocid = var.oke_cluster_entity_ocid - - count = local.module_controls_enable_helm_module ? 1 : 0 -} +# Copyright (c) 2023, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl. + +locals { + livelab_service_account = var.livelab_switch ? module.livelab[0].service_account : "" + fluentd_baseDir_path = var.livelab_switch ? module.livelab[0].fluentd_baseDir_path : var.fluentd_baseDir_path + + oke_cluster_name = [for c in data.oci_containerengine_clusters.oke_clusters.clusters : c.name if c.id == var.oke_cluster_ocid][0] + + deploy_helm_ui_option = var.stack_deployment_option == "Full" ? true : false + + ## Module Controls are are final verdicts on if a module should be executed or not + ## Module dependencies should be included here as well so a module does not run when it's depenedent moudle is disabled + + module_controls_enable_livelab_module = alltrue([var.dev_switch_livelab_module, var.livelab_switch]) + module_controls_enable_dashboards_module = alltrue([var.dev_switch_dashboards_module]) + module_controls_enable_iam_module = alltrue([var.dev_switch_iam_module, var.opt_create_dynamicGroup_and_policies, !var.livelab_switch]) + module_controls_enable_logan_module = alltrue([var.dev_switch_logan_module]) + module_controls_enable_mgmt_agent_module = alltrue([var.dev_switch_mgmt_agent_module]) + module_controls_enable_helm_module = alltrue([var.dev_switch_helm_module, local.deploy_helm_ui_option, + local.module_controls_enable_mgmt_agent_module, local.module_controls_enable_logan_module]) +} + +// Only execute for livelab stack +// livelab module only supports local users +// it will error out when an identity domain user is used and livelab_switch is set as true +module "livelab" { + source = "./modules/livelab" + current_user_ocid = var.current_user_ocid + + count = local.module_controls_enable_livelab_module ? 1 : 0 + + /* providers = { + oci = oci.home_region + } */ +} + +// Import Kubernetes Dashboards +module "import_kubernetes_dashbords" { + source = "./modules/dashboards" + compartment_ocid = var.oci_onm_compartment_ocid + + count = local.module_controls_enable_dashboards_module ? 1 : 0 +} + +// Create Required Polcies and Dynamic Group +// Needs to be called with OCI Home Region Provider +module "policy_and_dynamic-group" { + source = "./modules/iam" + root_compartment_ocid = var.tenancy_ocid + oci_onm_compartment_ocid = var.oci_onm_compartment_ocid + oke_compartment_ocid = var.oke_compartment_ocid + oke_cluster_ocid = var.oke_cluster_ocid + + count = local.module_controls_enable_iam_module ? 1 : 0 + + providers = { + oci = oci.home_region + } +} + +// Create Logging Analytics Resorces +module "loggingAnalytics" { + source = "./modules/logan" + tenancy_ocid = var.tenancy_ocid + create_new_logGroup = var.opt_create_new_la_logGroup + new_logGroup_name = var.oci_la_logGroup_name + compartment_ocid = var.oci_onm_compartment_ocid + existing_logGroup_id = var.oci_la_logGroup_id + + count = local.module_controls_enable_logan_module ? 1 : 0 +} + +# Create a management agent key +module "management_agent" { + source = "./modules/mgmt_agent" + uniquifier = md5(var.oke_cluster_ocid) + compartment_ocid = var.oci_onm_compartment_ocid + + count = local.module_controls_enable_mgmt_agent_module ? 1 : 0 +} + +// deploy oke-monitoring solution (helm release) +module "helm_release" { + source = "./modules/helm" + helm_abs_path = abspath("./charts/oci-onm") + use_local_helm_chart = var.dev_switch_use_local_helm_chart + install_helm = var.dev_switch_install_helm + generate_helm_template = var.dev_switch_generate_helm_template + oke_compartment_ocid = var.oke_compartment_ocid + oke_cluster_ocid = var.oke_cluster_ocid + logan_container_image_url = var.logan_container_image_url + kubernetes_namespace = var.kubernetes_namespace + oci_la_logGroup_id = module.loggingAnalytics[0].oci_la_logGroup_ocid + oci_la_namespace = module.loggingAnalytics[0].oci_la_namespace + fluentd_baseDir_path = local.fluentd_baseDir_path + mgmt_agent_install_key_content = module.management_agent[0].mgmt_agent_install_key_content + mgmt_agent_container_image_url = var.mgmt_agent_container_image_url + opt_deploy_metric_server = var.livelab_switch ? true : var.opt_deploy_metric_server + deploy_mushop_config = var.livelab_switch + livelab_service_account = local.livelab_service_account + oke_cluster_name = var.oke_cluster_name + oke_cluster_entity_ocid = var.oke_cluster_entity_ocid + + count = local.module_controls_enable_helm_module ? 1 : 0 +} From 9038761f1312f01e91c4a4c9dd64c9e2df282dd6 Mon Sep 17 00:00:00 2001 From: paliwalparitosh Date: Fri, 29 Sep 2023 14:33:43 +0530 Subject: [PATCH 32/45] ignore vscode metadata' --- .gitignore | 133 +++++++++++++++++++++++++++-------------------------- 1 file changed, 68 insertions(+), 65 deletions(-) diff --git a/.gitignore b/.gitignore index 3e6dd831..cdab7954 100644 --- a/.gitignore +++ b/.gitignore @@ -1,65 +1,68 @@ -# Copyright (c) 2023, Oracle and/or its affiliates. -# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl. - -.DS_Store - -#### -## Ignore PEM files -#### - -**.pem - -#### -## gitignore for terraform artifacts -#### - -# Local .terraform directories -**/.terraform/* - -## Terraform Locck files -*.terraform.lock.hcl - -# .tfstate filesdas -*.tfstate -*.tfstate.* - -# Crash log files -crash.log -crash.*.log - -# Exclude all .tfvars files, which are likely to contain sensitive data, such as -# password, private keys, and other secrets. These should not be part of version -# control as they are data points which are potentially sensitive and subject -# to change depending on the environment. -*.tfvars -*.tfvars.json - -# Include sample tfvars -!terraform-sample.tfvars - -# Ignore override files as they are usually used to override resources locally and so -# are not checked in -override.tf -override.tf.json -*_override.tf -*_override.tf.json - -# Include override files you do wish to add to version control using negated pattern -# !example_override.tf - -# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan -# example: *tfplan* - -# Ignore CLI configuration files -.terraformrc -terraform.rc - -# Ignore util dir -logan/util/* - -# helm-chart -charts/oci-onm/Chart.lock -charts/oci-onm/charts/ - -# zip artifacts -releases/ \ No newline at end of file +# Copyright (c) 2023, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl. + +.DS_Store + +#### +## Ignore PEM files +#### + +**.pem + +#### +## gitignore for terraform artifacts +#### + +# Local .terraform directories +**/.terraform/* + +## Terraform Locck files +*.terraform.lock.hcl + +# .tfstate filesdas +*.tfstate +*.tfstate.* + +# Crash log files +crash.log +crash.*.log + +# Exclude all .tfvars files, which are likely to contain sensitive data, such as +# password, private keys, and other secrets. These should not be part of version +# control as they are data points which are potentially sensitive and subject +# to change depending on the environment. +*.tfvars +*.tfvars.json + +# Include sample tfvars +!terraform-sample.tfvars + +# Ignore override files as they are usually used to override resources locally and so +# are not checked in +override.tf +override.tf.json +*_override.tf +*_override.tf.json + +# Include override files you do wish to add to version control using negated pattern +# !example_override.tf + +# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan +# example: *tfplan* + +# Ignore CLI configuration files +.terraformrc +terraform.rc + +# Ignore util dir +logan/util/* + +# helm-chart +charts/oci-onm/Chart.lock +charts/oci-onm/charts/ + +# zip artifacts +releases/ + +# VSCode +.vscode/ \ No newline at end of file From b960bdfcfda57106f041a6004725a8ea7b5c5b9b Mon Sep 17 00:00:00 2001 From: paliwalparitosh Date: Fri, 29 Sep 2023 14:37:04 +0530 Subject: [PATCH 33/45] EOL fix --- terraform/modules/helm/helm.tf | 226 +++++++++++++-------------- terraform/modules/helm/inputs.tf | 258 +++++++++++++++---------------- terraform/oke/main.tf | 212 ++++++++++++------------- 3 files changed, 348 insertions(+), 348 deletions(-) diff --git a/terraform/modules/helm/helm.tf b/terraform/modules/helm/helm.tf index a34017ec..be77f0b2 100644 --- a/terraform/modules/helm/helm.tf +++ b/terraform/modules/helm/helm.tf @@ -1,114 +1,114 @@ -# Copyright (c) 2023, Oracle and/or its affiliates. -# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl. - -data "oci_containerengine_clusters" "oke_clusters_list" { - compartment_id = var.oke_compartment_ocid -} - -locals { - helm_repo_url = "https://oracle-quickstart.github.io/oci-kubernetes-monitoring" - helm_repo_chart = "oci-onm" - - oke_clusters_list = data.oci_containerengine_clusters.oke_clusters_list.clusters - oke_cluster_name = var.oke_cluster_name == "NoInput" ? [for c in local.oke_clusters_list : - c.name if c.id == var.oke_cluster_ocid][0] : var.oke_cluster_name - oke_cluster_entity_ocid = var.oke_cluster_entity_ocid == "NoInput" ? null : var.oke_cluster_entity_ocid - - helm_inputs = { - # global - "global.namespace" = var.deploy_mushop_config ? "livelab-test" : var.kubernetes_namespace - "global.kubernetesClusterID" = var.oke_cluster_ocid - "global.kubernetesClusterName" = local.oke_cluster_name - - # oci-onm-logan - "oci-onm-logan.ociLANamespace" = var.oci_la_namespace - "oci-onm-logan.ociLALogGroupID" = var.oci_la_logGroup_id - "oci-onm-logan.image.url" = var.logan_container_image_url - "oci-onm-logan.fluentd.baseDir" = var.fluentd_baseDir_path - - #oci-onm-mgmt-agent - "oci-onm-mgmt-agent.mgmtagent.installKeyFileContent" = var.mgmt_agent_install_key_content - "oci-onm-mgmt-agent.mgmtagent.image.url" = var.mgmt_agent_container_image_url - "oci-onm-mgmt-agent.deployMetricServer" = var.opt_deploy_metric_server - } - - mushop_helm_inputs = { - # oci-onm-logan - "createServiceAccount" = false - "serviceAccount" = var.livelab_service_account - } -} - -# Create helm release -resource "helm_release" "oci-kubernetes-monitoring" { - name = "oci-kubernetes-monitoring" - repository = var.use_local_helm_chart ? null : local.helm_repo_url - chart = var.use_local_helm_chart ? var.helm_abs_path : local.helm_repo_chart - wait = true - dependency_update = true - atomic = true - - values = var.deploy_mushop_config ? ["${file("${path.module}/mushop_values.yaml")}"] : null - - dynamic "set" { - for_each = local.helm_inputs - content { - name = set.key - value = set.value - } - } - - dynamic "set" { - for_each = var.oke_cluster_entity_ocid == "NoInput" ? [] : ["run_once"] - content { - name = "oci-onm-logan.ociLAClusterEntityID" - value = var.oke_cluster_entity_ocid - } - } - - dynamic "set" { - for_each = var.deploy_mushop_config ? local.mushop_helm_inputs : {} - content { - name = set.key - value = set.value - } - } - - count = var.install_helm ? 1 : 0 -} - -# Create helm template -data "helm_template" "oci-kubernetes-monitoring" { - name = "oci-kubernetes-monitoring" - repository = var.use_local_helm_chart ? null : local.helm_repo_url - chart = var.use_local_helm_chart ? var.helm_abs_path : local.helm_repo_chart - dependency_update = true - - values = var.deploy_mushop_config ? ["${file("${path.module}/mushop_values.yaml")}"] : null - - dynamic "set" { - for_each = local.helm_inputs - content { - name = set.key - value = set.value - } - } - - dynamic "set" { - for_each = var.oke_cluster_entity_ocid == "NoInput" ? [] : ["run_once"] - content { - name = "oci-onm-logan.ociLAClusterEntityID" - value = var.oke_cluster_entity_ocid - } - } - - dynamic "set" { - for_each = var.deploy_mushop_config ? local.mushop_helm_inputs : {} - content { - name = set.key - value = set.value - } - } - - count = var.generate_helm_template ? 1 : 0 +# Copyright (c) 2023, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl. + +data "oci_containerengine_clusters" "oke_clusters_list" { + compartment_id = var.oke_compartment_ocid +} + +locals { + helm_repo_url = "https://oracle-quickstart.github.io/oci-kubernetes-monitoring" + helm_repo_chart = "oci-onm" + + oke_clusters_list = data.oci_containerengine_clusters.oke_clusters_list.clusters + oke_cluster_name = var.oke_cluster_name == "NoInput" ? [for c in local.oke_clusters_list : + c.name if c.id == var.oke_cluster_ocid][0] : var.oke_cluster_name + oke_cluster_entity_ocid = var.oke_cluster_entity_ocid == "NoInput" ? null : var.oke_cluster_entity_ocid + + helm_inputs = { + # global + "global.namespace" = var.deploy_mushop_config ? "livelab-test" : var.kubernetes_namespace + "global.kubernetesClusterID" = var.oke_cluster_ocid + "global.kubernetesClusterName" = local.oke_cluster_name + + # oci-onm-logan + "oci-onm-logan.ociLANamespace" = var.oci_la_namespace + "oci-onm-logan.ociLALogGroupID" = var.oci_la_logGroup_id + "oci-onm-logan.image.url" = var.logan_container_image_url + "oci-onm-logan.fluentd.baseDir" = var.fluentd_baseDir_path + + #oci-onm-mgmt-agent + "oci-onm-mgmt-agent.mgmtagent.installKeyFileContent" = var.mgmt_agent_install_key_content + "oci-onm-mgmt-agent.mgmtagent.image.url" = var.mgmt_agent_container_image_url + "oci-onm-mgmt-agent.deployMetricServer" = var.opt_deploy_metric_server + } + + mushop_helm_inputs = { + # oci-onm-logan + "createServiceAccount" = false + "serviceAccount" = var.livelab_service_account + } +} + +# Create helm release +resource "helm_release" "oci-kubernetes-monitoring" { + name = "oci-kubernetes-monitoring" + repository = var.use_local_helm_chart ? null : local.helm_repo_url + chart = var.use_local_helm_chart ? var.helm_abs_path : local.helm_repo_chart + wait = true + dependency_update = true + atomic = true + + values = var.deploy_mushop_config ? ["${file("${path.module}/mushop_values.yaml")}"] : null + + dynamic "set" { + for_each = local.helm_inputs + content { + name = set.key + value = set.value + } + } + + dynamic "set" { + for_each = var.oke_cluster_entity_ocid == "NoInput" ? [] : ["run_once"] + content { + name = "oci-onm-logan.ociLAClusterEntityID" + value = var.oke_cluster_entity_ocid + } + } + + dynamic "set" { + for_each = var.deploy_mushop_config ? local.mushop_helm_inputs : {} + content { + name = set.key + value = set.value + } + } + + count = var.install_helm ? 1 : 0 +} + +# Create helm template +data "helm_template" "oci-kubernetes-monitoring" { + name = "oci-kubernetes-monitoring" + repository = var.use_local_helm_chart ? null : local.helm_repo_url + chart = var.use_local_helm_chart ? var.helm_abs_path : local.helm_repo_chart + dependency_update = true + + values = var.deploy_mushop_config ? ["${file("${path.module}/mushop_values.yaml")}"] : null + + dynamic "set" { + for_each = local.helm_inputs + content { + name = set.key + value = set.value + } + } + + dynamic "set" { + for_each = var.oke_cluster_entity_ocid == "NoInput" ? [] : ["run_once"] + content { + name = "oci-onm-logan.ociLAClusterEntityID" + value = var.oke_cluster_entity_ocid + } + } + + dynamic "set" { + for_each = var.deploy_mushop_config ? local.mushop_helm_inputs : {} + content { + name = set.key + value = set.value + } + } + + count = var.generate_helm_template ? 1 : 0 } \ No newline at end of file diff --git a/terraform/modules/helm/inputs.tf b/terraform/modules/helm/inputs.tf index d0694bfe..59d06124 100644 --- a/terraform/modules/helm/inputs.tf +++ b/terraform/modules/helm/inputs.tf @@ -1,130 +1,130 @@ -# Copyright (c) 2023, Oracle and/or its affiliates. -# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl. - -#### -## Switches -#### - -variable "generate_helm_template" { - type = bool - default = false -} - -variable "install_helm" { - type = bool - default = true -} - -variable "use_local_helm_chart" { - type = bool - default = false -} - -#### -## Helm chart -#### - -# Used for local testing -# Absoulte path to helm chart directory -variable "helm_abs_path" { - type = string - default = "optional" -} - -#### -## OKE Cluster Information -#### - -# OKE Cluster Compartment -variable "oke_compartment_ocid" { - type = string -} - -# OKE Cluster OCID -variable "oke_cluster_ocid" { - type = string -} - -# OKE Cluster Name -variable "oke_cluster_name" { - type = string - default = "NoInput" # refactor, if need to change default input -} - -# OKE Cluster Entity OCID -variable "oke_cluster_entity_ocid" { - type = string - default = "NoInput" # refactor, if need to change default input -} - -# Kubernetes Namespace -variable "kubernetes_namespace" { - type = string -} - -#### -## OCI Logging Analytics Information -#### - -# OCI Logging Analytics LogGroup OCID -variable "oci_la_logGroup_id" { - type = string - default = "" -} - -# Log Analytics Namespace -variable "oci_la_namespace" { - type = string -} - -#### -## Fluentd Configuration -#### - -# OCI LA Fluentd Container Image -variable "logan_container_image_url" { - type = string - default = "container-registry.oracle.com/oci_observability_management/oci-la-fluentd-collector:1.0.0" -} - -# Fluentd Base Directory -variable "fluentd_baseDir_path" { - type = string - default = "/var/log" -} - -#### -## Management Agent Configuration -#### - -variable "mgmt_agent_install_key_content" { - type = string -} - -# OCI Management Agent Container Image -variable "mgmt_agent_container_image_url" { - type = string - default = "container-registry.oracle.com/oci_observability_management/oci-management-agent:1.0.0" -} - -# Option to control the metric server deployment inside kubernetes cluster -variable "opt_deploy_metric_server" { - type = bool - default = true -} - -#### -## livelab -#### - -# Option to deploy mushop specific values.yaml (inputs) -variable "deploy_mushop_config" { - type = bool - default = false -} - -# Service Account to be used when working on livelab cluster -variable "livelab_service_account" { - type = string - default = "" +# Copyright (c) 2023, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl. + +#### +## Switches +#### + +variable "generate_helm_template" { + type = bool + default = false +} + +variable "install_helm" { + type = bool + default = true +} + +variable "use_local_helm_chart" { + type = bool + default = false +} + +#### +## Helm chart +#### + +# Used for local testing +# Absoulte path to helm chart directory +variable "helm_abs_path" { + type = string + default = "optional" +} + +#### +## OKE Cluster Information +#### + +# OKE Cluster Compartment +variable "oke_compartment_ocid" { + type = string +} + +# OKE Cluster OCID +variable "oke_cluster_ocid" { + type = string +} + +# OKE Cluster Name +variable "oke_cluster_name" { + type = string + default = "NoInput" # refactor, if need to change default input +} + +# OKE Cluster Entity OCID +variable "oke_cluster_entity_ocid" { + type = string + default = "NoInput" # refactor, if need to change default input +} + +# Kubernetes Namespace +variable "kubernetes_namespace" { + type = string +} + +#### +## OCI Logging Analytics Information +#### + +# OCI Logging Analytics LogGroup OCID +variable "oci_la_logGroup_id" { + type = string + default = "" +} + +# Log Analytics Namespace +variable "oci_la_namespace" { + type = string +} + +#### +## Fluentd Configuration +#### + +# OCI LA Fluentd Container Image +variable "logan_container_image_url" { + type = string + default = "container-registry.oracle.com/oci_observability_management/oci-la-fluentd-collector:1.0.0" +} + +# Fluentd Base Directory +variable "fluentd_baseDir_path" { + type = string + default = "/var/log" +} + +#### +## Management Agent Configuration +#### + +variable "mgmt_agent_install_key_content" { + type = string +} + +# OCI Management Agent Container Image +variable "mgmt_agent_container_image_url" { + type = string + default = "container-registry.oracle.com/oci_observability_management/oci-management-agent:1.0.0" +} + +# Option to control the metric server deployment inside kubernetes cluster +variable "opt_deploy_metric_server" { + type = bool + default = true +} + +#### +## livelab +#### + +# Option to deploy mushop specific values.yaml (inputs) +variable "deploy_mushop_config" { + type = bool + default = false +} + +# Service Account to be used when working on livelab cluster +variable "livelab_service_account" { + type = string + default = "" } \ No newline at end of file diff --git a/terraform/oke/main.tf b/terraform/oke/main.tf index 09c7adfc..a3b73727 100644 --- a/terraform/oke/main.tf +++ b/terraform/oke/main.tf @@ -1,106 +1,106 @@ -# Copyright (c) 2023, Oracle and/or its affiliates. -# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl. - -locals { - livelab_service_account = var.livelab_switch ? module.livelab[0].service_account : "" - fluentd_baseDir_path = var.livelab_switch ? module.livelab[0].fluentd_baseDir_path : var.fluentd_baseDir_path - - oke_cluster_name = [for c in data.oci_containerengine_clusters.oke_clusters.clusters : c.name if c.id == var.oke_cluster_ocid][0] - - deploy_helm_ui_option = var.stack_deployment_option == "Full" ? true : false - - ## Module Controls are are final verdicts on if a module should be executed or not - ## Module dependencies should be included here as well so a module does not run when it's depenedent moudle is disabled - - module_controls_enable_livelab_module = alltrue([var.dev_switch_livelab_module, var.livelab_switch]) - module_controls_enable_dashboards_module = alltrue([var.dev_switch_dashboards_module]) - module_controls_enable_iam_module = alltrue([var.dev_switch_iam_module, var.opt_create_dynamicGroup_and_policies, !var.livelab_switch]) - module_controls_enable_logan_module = alltrue([var.dev_switch_logan_module]) - module_controls_enable_mgmt_agent_module = alltrue([var.dev_switch_mgmt_agent_module]) - module_controls_enable_helm_module = alltrue([var.dev_switch_helm_module, local.deploy_helm_ui_option, - local.module_controls_enable_mgmt_agent_module, local.module_controls_enable_logan_module]) -} - -// Only execute for livelab stack -// livelab module only supports local users -// it will error out when an identity domain user is used and livelab_switch is set as true -module "livelab" { - source = "./modules/livelab" - current_user_ocid = var.current_user_ocid - - count = local.module_controls_enable_livelab_module ? 1 : 0 - - /* providers = { - oci = oci.home_region - } */ -} - -// Import Kubernetes Dashboards -module "import_kubernetes_dashbords" { - source = "./modules/dashboards" - compartment_ocid = var.oci_onm_compartment_ocid - - count = local.module_controls_enable_dashboards_module ? 1 : 0 -} - -// Create Required Polcies and Dynamic Group -// Needs to be called with OCI Home Region Provider -module "policy_and_dynamic-group" { - source = "./modules/iam" - root_compartment_ocid = var.tenancy_ocid - oci_onm_compartment_ocid = var.oci_onm_compartment_ocid - oke_compartment_ocid = var.oke_compartment_ocid - oke_cluster_ocid = var.oke_cluster_ocid - - count = local.module_controls_enable_iam_module ? 1 : 0 - - providers = { - oci = oci.home_region - } -} - -// Create Logging Analytics Resorces -module "loggingAnalytics" { - source = "./modules/logan" - tenancy_ocid = var.tenancy_ocid - create_new_logGroup = var.opt_create_new_la_logGroup - new_logGroup_name = var.oci_la_logGroup_name - compartment_ocid = var.oci_onm_compartment_ocid - existing_logGroup_id = var.oci_la_logGroup_id - - count = local.module_controls_enable_logan_module ? 1 : 0 -} - -# Create a management agent key -module "management_agent" { - source = "./modules/mgmt_agent" - uniquifier = md5(var.oke_cluster_ocid) - compartment_ocid = var.oci_onm_compartment_ocid - - count = local.module_controls_enable_mgmt_agent_module ? 1 : 0 -} - -// deploy oke-monitoring solution (helm release) -module "helm_release" { - source = "./modules/helm" - helm_abs_path = abspath("./charts/oci-onm") - use_local_helm_chart = var.dev_switch_use_local_helm_chart - install_helm = var.dev_switch_install_helm - generate_helm_template = var.dev_switch_generate_helm_template - oke_compartment_ocid = var.oke_compartment_ocid - oke_cluster_ocid = var.oke_cluster_ocid - logan_container_image_url = var.logan_container_image_url - kubernetes_namespace = var.kubernetes_namespace - oci_la_logGroup_id = module.loggingAnalytics[0].oci_la_logGroup_ocid - oci_la_namespace = module.loggingAnalytics[0].oci_la_namespace - fluentd_baseDir_path = local.fluentd_baseDir_path - mgmt_agent_install_key_content = module.management_agent[0].mgmt_agent_install_key_content - mgmt_agent_container_image_url = var.mgmt_agent_container_image_url - opt_deploy_metric_server = var.livelab_switch ? true : var.opt_deploy_metric_server - deploy_mushop_config = var.livelab_switch - livelab_service_account = local.livelab_service_account - oke_cluster_name = var.oke_cluster_name - oke_cluster_entity_ocid = var.oke_cluster_entity_ocid - - count = local.module_controls_enable_helm_module ? 1 : 0 -} +# Copyright (c) 2023, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl. + +locals { + livelab_service_account = var.livelab_switch ? module.livelab[0].service_account : "" + fluentd_baseDir_path = var.livelab_switch ? module.livelab[0].fluentd_baseDir_path : var.fluentd_baseDir_path + + oke_cluster_name = [for c in data.oci_containerengine_clusters.oke_clusters.clusters : c.name if c.id == var.oke_cluster_ocid][0] + + deploy_helm_ui_option = var.stack_deployment_option == "Full" ? true : false + + ## Module Controls are are final verdicts on if a module should be executed or not + ## Module dependencies should be included here as well so a module does not run when it's depenedent moudle is disabled + + module_controls_enable_livelab_module = alltrue([var.dev_switch_livelab_module, var.livelab_switch]) + module_controls_enable_dashboards_module = alltrue([var.dev_switch_dashboards_module]) + module_controls_enable_iam_module = alltrue([var.dev_switch_iam_module, var.opt_create_dynamicGroup_and_policies, !var.livelab_switch]) + module_controls_enable_logan_module = alltrue([var.dev_switch_logan_module]) + module_controls_enable_mgmt_agent_module = alltrue([var.dev_switch_mgmt_agent_module]) + module_controls_enable_helm_module = alltrue([var.dev_switch_helm_module, local.deploy_helm_ui_option, + local.module_controls_enable_mgmt_agent_module, local.module_controls_enable_logan_module]) +} + +// Only execute for livelab stack +// livelab module only supports local users +// it will error out when an identity domain user is used and livelab_switch is set as true +module "livelab" { + source = "./modules/livelab" + current_user_ocid = var.current_user_ocid + + count = local.module_controls_enable_livelab_module ? 1 : 0 + + /* providers = { + oci = oci.home_region + } */ +} + +// Import Kubernetes Dashboards +module "import_kubernetes_dashbords" { + source = "./modules/dashboards" + compartment_ocid = var.oci_onm_compartment_ocid + + count = local.module_controls_enable_dashboards_module ? 1 : 0 +} + +// Create Required Polcies and Dynamic Group +// Needs to be called with OCI Home Region Provider +module "policy_and_dynamic-group" { + source = "./modules/iam" + root_compartment_ocid = var.tenancy_ocid + oci_onm_compartment_ocid = var.oci_onm_compartment_ocid + oke_compartment_ocid = var.oke_compartment_ocid + oke_cluster_ocid = var.oke_cluster_ocid + + count = local.module_controls_enable_iam_module ? 1 : 0 + + providers = { + oci = oci.home_region + } +} + +// Create Logging Analytics Resorces +module "loggingAnalytics" { + source = "./modules/logan" + tenancy_ocid = var.tenancy_ocid + create_new_logGroup = var.opt_create_new_la_logGroup + new_logGroup_name = var.oci_la_logGroup_name + compartment_ocid = var.oci_onm_compartment_ocid + existing_logGroup_id = var.oci_la_logGroup_id + + count = local.module_controls_enable_logan_module ? 1 : 0 +} + +# Create a management agent key +module "management_agent" { + source = "./modules/mgmt_agent" + uniquifier = md5(var.oke_cluster_ocid) + compartment_ocid = var.oci_onm_compartment_ocid + + count = local.module_controls_enable_mgmt_agent_module ? 1 : 0 +} + +// deploy oke-monitoring solution (helm release) +module "helm_release" { + source = "./modules/helm" + helm_abs_path = abspath("./charts/oci-onm") + use_local_helm_chart = var.dev_switch_use_local_helm_chart + install_helm = var.dev_switch_install_helm + generate_helm_template = var.dev_switch_generate_helm_template + oke_compartment_ocid = var.oke_compartment_ocid + oke_cluster_ocid = var.oke_cluster_ocid + logan_container_image_url = var.logan_container_image_url + kubernetes_namespace = var.kubernetes_namespace + oci_la_logGroup_id = module.loggingAnalytics[0].oci_la_logGroup_ocid + oci_la_namespace = module.loggingAnalytics[0].oci_la_namespace + fluentd_baseDir_path = local.fluentd_baseDir_path + mgmt_agent_install_key_content = module.management_agent[0].mgmt_agent_install_key_content + mgmt_agent_container_image_url = var.mgmt_agent_container_image_url + opt_deploy_metric_server = var.livelab_switch ? true : var.opt_deploy_metric_server + deploy_mushop_config = var.livelab_switch + livelab_service_account = local.livelab_service_account + oke_cluster_name = var.oke_cluster_name + oke_cluster_entity_ocid = var.oke_cluster_entity_ocid + + count = local.module_controls_enable_helm_module ? 1 : 0 +} From 132e5a3423b1aadac8855aa9b70e0f749bf22fa8 Mon Sep 17 00:00:00 2001 From: paliwalparitosh Date: Fri, 29 Sep 2023 14:39:00 +0530 Subject: [PATCH 34/45] fmt --- terraform/modules/helm/outputs.tf | 2 +- terraform/modules/mgmt_agent/agent.tf | 2 +- terraform/oke/outputs.tf | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/terraform/modules/helm/outputs.tf b/terraform/modules/helm/outputs.tf index 5e0a5e50..de072787 100644 --- a/terraform/modules/helm/outputs.tf +++ b/terraform/modules/helm/outputs.tf @@ -1,4 +1,4 @@ # Helm release artifacts for local testing and validation. output "helm_template" { - value = var.generate_helm_template ? data.helm_template.oci-kubernetes-monitoring[0].manifest : null + value = var.generate_helm_template ? data.helm_template.oci-kubernetes-monitoring[0].manifest : null } \ No newline at end of file diff --git a/terraform/modules/mgmt_agent/agent.tf b/terraform/modules/mgmt_agent/agent.tf index 89698f78..8dfd8481 100644 --- a/terraform/modules/mgmt_agent/agent.tf +++ b/terraform/modules/mgmt_agent/agent.tf @@ -12,6 +12,6 @@ resource "oci_management_agent_management_agent_install_key" "Kubernetes_AgentIn time_expires = timeadd(timestamp(), "8760h") # 1 year lifecycle { - ignore_changes = [ time_expires ] + ignore_changes = [time_expires] } } \ No newline at end of file diff --git a/terraform/oke/outputs.tf b/terraform/oke/outputs.tf index 57c37c95..036040b9 100644 --- a/terraform/oke/outputs.tf +++ b/terraform/oke/outputs.tf @@ -74,5 +74,5 @@ output "mgmt_agent_install_key_content" { } output "helm_template" { - value = local.module_controls_enable_helm_module && var.dev_switch_generate_helm_template ? module.helm_release[0].helm_template : null + value = local.module_controls_enable_helm_module && var.dev_switch_generate_helm_template ? module.helm_release[0].helm_template : null } \ No newline at end of file From be487b1bc584b06bc2e3f31452215f50233e22aa Mon Sep 17 00:00:00 2001 From: paliwalparitosh Date: Fri, 29 Sep 2023 14:52:32 +0530 Subject: [PATCH 35/45] ignore local test files --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index cdab7954..e5fc6462 100644 --- a/.gitignore +++ b/.gitignore @@ -60,6 +60,7 @@ logan/util/* # helm-chart charts/oci-onm/Chart.lock charts/oci-onm/charts/ +charts/.tests/ # zip artifacts releases/ From d9efd68b060ca3f6e4c3c6f3c9852381609d30a8 Mon Sep 17 00:00:00 2001 From: papaliwa Date: Mon, 16 Oct 2023 18:17:37 +0530 Subject: [PATCH 36/45] replace Default values --- terraform/modules/helm/helm.tf | 8 ++++---- terraform/modules/helm/inputs.tf | 4 ++-- terraform/oke/inputs.tf | 4 ++-- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/terraform/modules/helm/helm.tf b/terraform/modules/helm/helm.tf index be77f0b2..18b427ff 100644 --- a/terraform/modules/helm/helm.tf +++ b/terraform/modules/helm/helm.tf @@ -10,9 +10,9 @@ locals { helm_repo_chart = "oci-onm" oke_clusters_list = data.oci_containerengine_clusters.oke_clusters_list.clusters - oke_cluster_name = var.oke_cluster_name == "NoInput" ? [for c in local.oke_clusters_list : + oke_cluster_name = var.oke_cluster_name == "DEFAULT" ? [for c in local.oke_clusters_list : c.name if c.id == var.oke_cluster_ocid][0] : var.oke_cluster_name - oke_cluster_entity_ocid = var.oke_cluster_entity_ocid == "NoInput" ? null : var.oke_cluster_entity_ocid + oke_cluster_entity_ocid = var.oke_cluster_entity_ocid == "DEFAULT" ? null : var.oke_cluster_entity_ocid helm_inputs = { # global @@ -59,7 +59,7 @@ resource "helm_release" "oci-kubernetes-monitoring" { } dynamic "set" { - for_each = var.oke_cluster_entity_ocid == "NoInput" ? [] : ["run_once"] + for_each = var.oke_cluster_entity_ocid == "DEFAULT" ? [] : ["run_once"] content { name = "oci-onm-logan.ociLAClusterEntityID" value = var.oke_cluster_entity_ocid @@ -95,7 +95,7 @@ data "helm_template" "oci-kubernetes-monitoring" { } dynamic "set" { - for_each = var.oke_cluster_entity_ocid == "NoInput" ? [] : ["run_once"] + for_each = var.oke_cluster_entity_ocid == "DEFAULT" ? [] : ["run_once"] content { name = "oci-onm-logan.ociLAClusterEntityID" value = var.oke_cluster_entity_ocid diff --git a/terraform/modules/helm/inputs.tf b/terraform/modules/helm/inputs.tf index 59d06124..ffab24d7 100644 --- a/terraform/modules/helm/inputs.tf +++ b/terraform/modules/helm/inputs.tf @@ -48,13 +48,13 @@ variable "oke_cluster_ocid" { # OKE Cluster Name variable "oke_cluster_name" { type = string - default = "NoInput" # refactor, if need to change default input + default = "DEFAULT" } # OKE Cluster Entity OCID variable "oke_cluster_entity_ocid" { type = string - default = "NoInput" # refactor, if need to change default input + default = "DEFAULT" } # Kubernetes Namespace diff --git a/terraform/oke/inputs.tf b/terraform/oke/inputs.tf index 54a1f24d..19e1a060 100644 --- a/terraform/oke/inputs.tf +++ b/terraform/oke/inputs.tf @@ -176,11 +176,11 @@ variable "triggered_by_add_data_flow" { # OKE Cluster Name variable "oke_cluster_name" { type = string - default = "NoInput" # refactor, if need to change default input + default = "DEFAULT" } # OKE Cluster Entity OCID variable "oke_cluster_entity_ocid" { type = string - default = "NoInput" # refactor, if need to change default input + default = "DEFAULT" } \ No newline at end of file From 183e96e6285a1bb644f9383888bb877e6bfe13da Mon Sep 17 00:00:00 2001 From: papaliwa Date: Mon, 16 Oct 2023 18:20:37 +0530 Subject: [PATCH 37/45] adds comment to explain default helm repo use --- terraform/modules/helm/helm.tf | 2 ++ 1 file changed, 2 insertions(+) diff --git a/terraform/modules/helm/helm.tf b/terraform/modules/helm/helm.tf index 18b427ff..a515683a 100644 --- a/terraform/modules/helm/helm.tf +++ b/terraform/modules/helm/helm.tf @@ -80,6 +80,8 @@ resource "helm_release" "oci-kubernetes-monitoring" { # Create helm template data "helm_template" "oci-kubernetes-monitoring" { name = "oci-kubernetes-monitoring" + # default behaviour is to use remote helm repo | var.use_local_helm_chart = false + # the option to use local helm chart is for development purpose only repository = var.use_local_helm_chart ? null : local.helm_repo_url chart = var.use_local_helm_chart ? var.helm_abs_path : local.helm_repo_chart dependency_update = true From 035fbe610cd9f77eaf416bcb2badf81067332c9e Mon Sep 17 00:00:00 2001 From: papaliwa Date: Mon, 16 Oct 2023 18:22:20 +0530 Subject: [PATCH 38/45] refactor --- terraform/oke/main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/terraform/oke/main.tf b/terraform/oke/main.tf index a3b73727..0b646fbd 100644 --- a/terraform/oke/main.tf +++ b/terraform/oke/main.tf @@ -7,7 +7,7 @@ locals { oke_cluster_name = [for c in data.oci_containerengine_clusters.oke_clusters.clusters : c.name if c.id == var.oke_cluster_ocid][0] - deploy_helm_ui_option = var.stack_deployment_option == "Full" ? true : false + deploy_helm = var.stack_deployment_option == "Full" ? true : false ## Module Controls are are final verdicts on if a module should be executed or not ## Module dependencies should be included here as well so a module does not run when it's depenedent moudle is disabled @@ -17,7 +17,7 @@ locals { module_controls_enable_iam_module = alltrue([var.dev_switch_iam_module, var.opt_create_dynamicGroup_and_policies, !var.livelab_switch]) module_controls_enable_logan_module = alltrue([var.dev_switch_logan_module]) module_controls_enable_mgmt_agent_module = alltrue([var.dev_switch_mgmt_agent_module]) - module_controls_enable_helm_module = alltrue([var.dev_switch_helm_module, local.deploy_helm_ui_option, + module_controls_enable_helm_module = alltrue([var.dev_switch_helm_module, local.deploy_helm, local.module_controls_enable_mgmt_agent_module, local.module_controls_enable_logan_module]) } From 1bb63585a17a2f9159ba84d67c19a6ea45e9e1a8 Mon Sep 17 00:00:00 2001 From: papaliwa Date: Mon, 16 Oct 2023 19:30:15 +0530 Subject: [PATCH 39/45] fix comments --- terraform/oke/terraform-sample.tfvars | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/terraform/oke/terraform-sample.tfvars b/terraform/oke/terraform-sample.tfvars index 1b9393d5..79858109 100644 --- a/terraform/oke/terraform-sample.tfvars +++ b/terraform/oke/terraform-sample.tfvars @@ -45,10 +45,10 @@ oci_onm_compartment_ocid = "" opt_create_new_la_logGroup = false # OCI Logging Analytics LogGroup -# Add OCID of logGroup if opt_use_existing_la_logGroup=true, leave it empty otherwise +# Add OCID of logGroup if opt_create_new_la_logGroup=false, leave it empty otherwise oci_la_logGroup_id = "" -# leave it unchanged, if opt_use_existing_la_logGroup=false +# leave it unchanged, if opt_create_new_la_logGroup=true oci_la_logGroup_name = "NewLogGroupName" #### From abd42f26369f5cb2ed810d8432c4bbb6cb4b95e6 Mon Sep 17 00:00:00 2001 From: papaliwa Date: Mon, 16 Oct 2023 19:30:59 +0530 Subject: [PATCH 40/45] update outputs related to helm installation --- terraform/oke/outputs.tf | 30 +++++++++++++++++++++--------- 1 file changed, 21 insertions(+), 9 deletions(-) diff --git a/terraform/oke/outputs.tf b/terraform/oke/outputs.tf index 036040b9..da625f3c 100644 --- a/terraform/oke/outputs.tf +++ b/terraform/oke/outputs.tf @@ -2,9 +2,9 @@ # Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl. locals { - can_generate_helm_output = alltrue([local.module_controls_enable_mgmt_agent_module, local.module_controls_enable_logan_module]) + generate_helm_output = alltrue([local.module_controls_enable_mgmt_agent_module, local.module_controls_enable_logan_module]) - output_helm_external_values = local.can_generate_helm_output ? yamlencode({ + output_helm_external_values = local.generate_helm_output ? yamlencode({ "global" = { "kubernetesClusterID" = var.oke_cluster_ocid "kubernetesClusterName" = local.oke_cluster_name @@ -12,6 +12,7 @@ locals { "oci-onm-logan" = { "ociLANamespace" = module.loggingAnalytics[0].oci_la_namespace "ociLALogGroupID" = module.loggingAnalytics[0].oci_la_logGroup_ocid + "ociLAClusterEntityID" = var.oke_cluster_entity_ocid == "DEFAULT" ? null : var.oke_cluster_entity_ocid } "oci-onm-mgmt-agent" = { "mgmtagent" = { @@ -21,14 +22,17 @@ locals { }) : null - helm_repo_add_cmd = "helm repo add oci-onm https://oracle-quickstart.github.io/oci-kubernetes-monitoring" + helm_cmd_1_add_repo = "helm repo add oci-onm https://oracle-quickstart.github.io/oci-kubernetes-monitoring" - helm_install_cmd = local.can_generate_helm_output ? join(" ", [ + helm_install_opt_entity_id= var.oke_cluster_entity_ocid == "DEFAULT" ? "" : "--set oci-onm-logan.ociLAClusterEntityID=${var.oke_cluster_entity_ocid}" + + helm_cmd_2_install = local.generate_helm_output ? join(" ", [ "helm install oci-kubernetes-monitoring oci-onm/oci-onm", "--set global.kubernetesClusterID=${var.oke_cluster_ocid}", "--set global.kubernetesClusterName=${local.oke_cluster_name}", "--set oci-onm-logan.ociLALogGroupID=${module.loggingAnalytics[0].oci_la_logGroup_ocid}", "--set oci-onm-logan.ociLANamespace=${module.loggingAnalytics[0].oci_la_namespace}", + local.helm_install_opt_entity_id, "--set oci-onm-mgmt-agent.mgmtagent.installKeyFileContent=${module.management_agent[0].mgmt_agent_install_key_content}" ]) : null } @@ -37,18 +41,26 @@ locals { # helm outputs ### -output "helm_repo_add_cmd" { - value = local.can_generate_helm_output ? local.helm_repo_add_cmd : null +output "helm_cmd_1_add_repo" { + value = local.generate_helm_output ? local.helm_cmd_1_add_repo : null } -output "helm_install_cmd" { - value = local.can_generate_helm_output ? local.helm_install_cmd : null +output "helm_cmd_2_install" { + value = local.generate_helm_output ? local.helm_cmd_2_install : null } output "oke_cluster_name" { value = local.oke_cluster_name } +output "oke_cluster_entity_ocid" { + value = var.oke_cluster_entity_ocid == "DEFAULT" ? null : var.oke_cluster_entity_ocid +} + +/* output "external_values_yaml" { + value = local.output_helm_external_values +} */ + ### # Module outputs ### @@ -69,7 +81,7 @@ output "oci_la_logGroup_ocid" { value = local.module_controls_enable_logan_module ? module.loggingAnalytics[0].oci_la_logGroup_ocid : null } -output "mgmt_agent_install_key_content" { +output "mgmt_agent_install_key" { value = local.module_controls_enable_mgmt_agent_module ? module.management_agent[0].mgmt_agent_install_key_content : null } From 17e2fea462ee8a50e6aabb87f30cbb7dc1883cb8 Mon Sep 17 00:00:00 2001 From: papaliwa Date: Mon, 16 Oct 2023 21:26:43 +0530 Subject: [PATCH 41/45] udpate outputs for helm commands --- terraform/oke/outputs.tf | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/terraform/oke/outputs.tf b/terraform/oke/outputs.tf index da625f3c..92f15a0a 100644 --- a/terraform/oke/outputs.tf +++ b/terraform/oke/outputs.tf @@ -22,11 +22,13 @@ locals { }) : null - helm_cmd_1_add_repo = "helm repo add oci-onm https://oracle-quickstart.github.io/oci-kubernetes-monitoring" + cmd_1_helm_repo_add = "helm repo add oci-onm https://oracle-quickstart.github.io/oci-kubernetes-monitoring" + + cmd_2_helm_repo_update = "helm repo update" helm_install_opt_entity_id= var.oke_cluster_entity_ocid == "DEFAULT" ? "" : "--set oci-onm-logan.ociLAClusterEntityID=${var.oke_cluster_entity_ocid}" - helm_cmd_2_install = local.generate_helm_output ? join(" ", [ + cmd_3_helm_install = local.generate_helm_output ? join(" ", [ "helm install oci-kubernetes-monitoring oci-onm/oci-onm", "--set global.kubernetesClusterID=${var.oke_cluster_ocid}", "--set global.kubernetesClusterName=${local.oke_cluster_name}", @@ -41,12 +43,16 @@ locals { # helm outputs ### -output "helm_cmd_1_add_repo" { - value = local.generate_helm_output ? local.helm_cmd_1_add_repo : null +output "cmd_1_helm_repo_add" { + value = local.generate_helm_output ? local.cmd_1_helm_repo_add : null +} + +output "cmd_2_helm_repo_update" { + value = local.generate_helm_output ? local.cmd_2_helm_repo_update : null } -output "helm_cmd_2_install" { - value = local.generate_helm_output ? local.helm_cmd_2_install : null +output "cmd_3_helm_install" { + value = local.generate_helm_output ? local.cmd_3_helm_install : null } output "oke_cluster_name" { From 82258d3cf929d0ecfc9c3de87551fab0b6e7fdba Mon Sep 17 00:00:00 2001 From: papaliwa Date: Mon, 16 Oct 2023 21:27:20 +0530 Subject: [PATCH 42/45] fmt --- terraform/modules/helm/helm.tf | 2 +- terraform/oke/outputs.tf | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/terraform/modules/helm/helm.tf b/terraform/modules/helm/helm.tf index a515683a..09af2536 100644 --- a/terraform/modules/helm/helm.tf +++ b/terraform/modules/helm/helm.tf @@ -79,7 +79,7 @@ resource "helm_release" "oci-kubernetes-monitoring" { # Create helm template data "helm_template" "oci-kubernetes-monitoring" { - name = "oci-kubernetes-monitoring" + name = "oci-kubernetes-monitoring" # default behaviour is to use remote helm repo | var.use_local_helm_chart = false # the option to use local helm chart is for development purpose only repository = var.use_local_helm_chart ? null : local.helm_repo_url diff --git a/terraform/oke/outputs.tf b/terraform/oke/outputs.tf index 92f15a0a..b26f23b4 100644 --- a/terraform/oke/outputs.tf +++ b/terraform/oke/outputs.tf @@ -10,8 +10,8 @@ locals { "kubernetesClusterName" = local.oke_cluster_name } "oci-onm-logan" = { - "ociLANamespace" = module.loggingAnalytics[0].oci_la_namespace - "ociLALogGroupID" = module.loggingAnalytics[0].oci_la_logGroup_ocid + "ociLANamespace" = module.loggingAnalytics[0].oci_la_namespace + "ociLALogGroupID" = module.loggingAnalytics[0].oci_la_logGroup_ocid "ociLAClusterEntityID" = var.oke_cluster_entity_ocid == "DEFAULT" ? null : var.oke_cluster_entity_ocid } "oci-onm-mgmt-agent" = { @@ -26,7 +26,7 @@ locals { cmd_2_helm_repo_update = "helm repo update" - helm_install_opt_entity_id= var.oke_cluster_entity_ocid == "DEFAULT" ? "" : "--set oci-onm-logan.ociLAClusterEntityID=${var.oke_cluster_entity_ocid}" + helm_install_opt_entity_id = var.oke_cluster_entity_ocid == "DEFAULT" ? "" : "--set oci-onm-logan.ociLAClusterEntityID=${var.oke_cluster_entity_ocid}" cmd_3_helm_install = local.generate_helm_output ? join(" ", [ "helm install oci-kubernetes-monitoring oci-onm/oci-onm", From 991c6095ffb90fdc800f56975dfc39bc696906f5 Mon Sep 17 00:00:00 2001 From: papaliwa Date: Tue, 17 Oct 2023 21:33:00 +0530 Subject: [PATCH 43/45] hides stack deployment options --- terraform/oke/schema.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/terraform/oke/schema.yaml b/terraform/oke/schema.yaml index a7d376cf..068c189e 100644 --- a/terraform/oke/schema.yaml +++ b/terraform/oke/schema.yaml @@ -45,6 +45,7 @@ variableGroups: - triggered_by_add_data_flow - oke_cluster_name - oke_cluster_entity_ocid + - stack_deployment_option visible: false - title: Select an OKE cluster deployed in this region to start monitoring. @@ -56,7 +57,6 @@ variableGroups: - title: "OCI Observability and Management Services Configuration" description: "For a list of resources created, see: https://github.com/oracle-quickstart/oci-kubernetes-monitoring" variables: - - stack_deployment_option - opt_deploy_metric_server - oci_onm_compartment_ocid - opt_create_new_la_logGroup @@ -114,8 +114,8 @@ variables: default: "Full" required: true visible: - not: - - livelab_switch + not: + - livelab_switch # Option to enable/disable metric server installation during helm deployment opt_deploy_metric_server: From 0ffa5ec07df431bbe58037cc4f3aeb48e0cc1e34 Mon Sep 17 00:00:00 2001 From: papaliwa Date: Wed, 18 Oct 2023 18:43:05 +0530 Subject: [PATCH 44/45] OCR Image updates --- charts/logan/README.md | 2 +- charts/logan/values.yaml | 2 +- charts/oci-onm/README.md | 2 +- charts/oci-onm/values.yaml | 4 ++-- terraform/modules/helm/inputs.tf | 4 ++-- terraform/oke/inputs.tf | 4 ++-- 6 files changed, 9 insertions(+), 9 deletions(-) diff --git a/charts/logan/README.md b/charts/logan/README.md index 8b94f811..1f8d00f5 100644 --- a/charts/logan/README.md +++ b/charts/logan/README.md @@ -60,7 +60,7 @@ Charts for sending Kubernetes platform logs, compute logs, and Kubernetes Object | global.resourceNamePrefix | string | `"oci-onm"` | Resource names prefix used, where allowed. | | image.imagePullPolicy | string | `"Always"` | Image pull policy | | image.imagePullSecrets | string | `nil` | | -| image.url | string | `"container-registry.oracle.com/oci_observability_management/oci-la-fluentd-collector:1.0.0"` | Replace this value with actual docker image url | +| image.url | string | `"container-registry.oracle.com/oci_observability_management/oci-la-fluentd-collector:1.0.2"` | Replace this value with actual docker image url | | kubernetesClusterID | string | `nil` | OKE Cluster OCID e.g. ocid1.cluster.oc1.phx.aaaaaaaahhbadf3rxa62faaeixanvr7vftmkg6hupycbf4qszctf2wbmqqxq | | kubernetesClusterName | string | `nil` | Kubernetes Cluster name. Need not be the OKE Cluster display name. e.g. production-cluster | | namespace | string | `"{{ .Values.global.namespace }}"` | Kubernetes Namespace for deploying monitoring resources deployed by this chart. | diff --git a/charts/logan/values.yaml b/charts/logan/values.yaml index 32ec6f36..034e976c 100644 --- a/charts/logan/values.yaml +++ b/charts/logan/values.yaml @@ -48,7 +48,7 @@ image: # Image pull secrets for. Secret must be in the namespace defined by namespace imagePullSecrets: # -- Replace this value with actual docker image url - url: container-registry.oracle.com/oci_observability_management/oci-la-fluentd-collector:1.0.0 + url: container-registry.oracle.com/oci_observability_management/oci-la-fluentd-collector:1.0.2 # -- Image pull policy imagePullPolicy: Always diff --git a/charts/oci-onm/README.md b/charts/oci-onm/README.md index 8184698c..e9af022c 100644 --- a/charts/oci-onm/README.md +++ b/charts/oci-onm/README.md @@ -25,7 +25,7 @@ Helm chart for collecting Kubernetes logs & objects and metrics using Fluentd an | oci-onm-common.namespace | string | `"{{ .Values.global.namespace }}"` | Kubernetes Namespace in which the serviceaccount to be created. | | oci-onm-common.resourceNamePrefix | string | `"{{ .Values.global.resourceNamePrefix }}"` | Prefix to be attached to resources created through this chart. Not all resources may have this prefix. | | oci-onm-common.serviceAccount | string | `"{{ .Values.global.resourceNamePrefix }}"` | Name of the Kubernetes ServiceAccount | -| oci-onm-logan.image.url | string | `"container-registry.oracle.com/oci_observability_management/oci-la-fluentd-collector:1.0.0"` | | +| oci-onm-logan.image.url | string | `"container-registry.oracle.com/oci_observability_management/oci-la-fluentd-collector:1.0.2"` | | | oci-onm-logan.kubernetesClusterID | string | `"{{ .Values.global.kubernetesClusterID }}"` | | | oci-onm-logan.kubernetesClusterName | string | `"{{ .Values.global.kubernetesClusterName }}"` | | | oci-onm-logan.namespace | string | `"{{ .Values.global.namespace }}"` | | diff --git a/charts/oci-onm/values.yaml b/charts/oci-onm/values.yaml index dcd56c10..35b190a8 100644 --- a/charts/oci-onm/values.yaml +++ b/charts/oci-onm/values.yaml @@ -31,7 +31,7 @@ oci-onm-logan: kubernetesClusterID: "{{ .Values.global.kubernetesClusterID }}" kubernetesClusterName: "{{ .Values.global.kubernetesClusterName }}" image: - url: container-registry.oracle.com/oci_observability_management/oci-la-fluentd-collector:1.0.0 + url: container-registry.oracle.com/oci_observability_management/oci-la-fluentd-collector:1.0.2 # Go to OCI Logging Analytics Administration, click Service Details, and note the namespace value. ociLANamespace: # OCI Logging Analytics Default Log Group OCID @@ -50,6 +50,6 @@ oci-onm-mgmt-agent: # Follow steps documented at https://github.com/oracle/docker-images/tree/main/OracleManagementAgent to build docker image. image: # Replace this value with actual docker image URL for Management Agent - url: container-registry.oracle.com/oci_observability_management/oci-management-agent:1.0.0 + url: container-registry.oracle.com/oci_observability_management/oci-management-agent:1.0.2 # Image secrets to use for pulling container image (base64 encoded content of ~/.docker/config.json file) secret: \ No newline at end of file diff --git a/terraform/modules/helm/inputs.tf b/terraform/modules/helm/inputs.tf index ffab24d7..1156f9aa 100644 --- a/terraform/modules/helm/inputs.tf +++ b/terraform/modules/helm/inputs.tf @@ -84,7 +84,7 @@ variable "oci_la_namespace" { # OCI LA Fluentd Container Image variable "logan_container_image_url" { type = string - default = "container-registry.oracle.com/oci_observability_management/oci-la-fluentd-collector:1.0.0" + default = "container-registry.oracle.com/oci_observability_management/oci-la-fluentd-collector:1.0.2" } # Fluentd Base Directory @@ -104,7 +104,7 @@ variable "mgmt_agent_install_key_content" { # OCI Management Agent Container Image variable "mgmt_agent_container_image_url" { type = string - default = "container-registry.oracle.com/oci_observability_management/oci-management-agent:1.0.0" + default = "container-registry.oracle.com/oci_observability_management/oci-management-agent:1.0.2" } # Option to control the metric server deployment inside kubernetes cluster diff --git a/terraform/oke/inputs.tf b/terraform/oke/inputs.tf index 19e1a060..a31b56f1 100644 --- a/terraform/oke/inputs.tf +++ b/terraform/oke/inputs.tf @@ -144,7 +144,7 @@ variable "fluentd_baseDir_path" { # OCI LA Fluentd Container Image variable "logan_container_image_url" { type = string - default = "container-registry.oracle.com/oci_observability_management/oci-la-fluentd-collector:1.0.0" + default = "container-registry.oracle.com/oci_observability_management/oci-la-fluentd-collector:1.0.2" } #### @@ -154,7 +154,7 @@ variable "logan_container_image_url" { # OCI Management Agent Container Image variable "mgmt_agent_container_image_url" { type = string - default = "container-registry.oracle.com/oci_observability_management/oci-management-agent:1.0.0" + default = "container-registry.oracle.com/oci_observability_management/oci-management-agent:1.0.2" } # Option to deploy metric server From 80015232664d8fd05de300ddc922aeede1ed83ed Mon Sep 17 00:00:00 2001 From: papaliwa Date: Wed, 18 Oct 2023 19:05:55 +0530 Subject: [PATCH 45/45] revert back to correct mgmt_agent OCR image --- charts/oci-onm/values.yaml | 2 +- terraform/modules/helm/inputs.tf | 2 +- terraform/oke/inputs.tf | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/oci-onm/values.yaml b/charts/oci-onm/values.yaml index 35b190a8..e54cc39f 100644 --- a/charts/oci-onm/values.yaml +++ b/charts/oci-onm/values.yaml @@ -50,6 +50,6 @@ oci-onm-mgmt-agent: # Follow steps documented at https://github.com/oracle/docker-images/tree/main/OracleManagementAgent to build docker image. image: # Replace this value with actual docker image URL for Management Agent - url: container-registry.oracle.com/oci_observability_management/oci-management-agent:1.0.2 + url: container-registry.oracle.com/oci_observability_management/oci-management-agent:1.0.0 # Image secrets to use for pulling container image (base64 encoded content of ~/.docker/config.json file) secret: \ No newline at end of file diff --git a/terraform/modules/helm/inputs.tf b/terraform/modules/helm/inputs.tf index 1156f9aa..80819af5 100644 --- a/terraform/modules/helm/inputs.tf +++ b/terraform/modules/helm/inputs.tf @@ -104,7 +104,7 @@ variable "mgmt_agent_install_key_content" { # OCI Management Agent Container Image variable "mgmt_agent_container_image_url" { type = string - default = "container-registry.oracle.com/oci_observability_management/oci-management-agent:1.0.2" + default = "container-registry.oracle.com/oci_observability_management/oci-management-agent:1.0.0" } # Option to control the metric server deployment inside kubernetes cluster diff --git a/terraform/oke/inputs.tf b/terraform/oke/inputs.tf index a31b56f1..19ec3a49 100644 --- a/terraform/oke/inputs.tf +++ b/terraform/oke/inputs.tf @@ -154,7 +154,7 @@ variable "logan_container_image_url" { # OCI Management Agent Container Image variable "mgmt_agent_container_image_url" { type = string - default = "container-registry.oracle.com/oci_observability_management/oci-management-agent:1.0.2" + default = "container-registry.oracle.com/oci_observability_management/oci-management-agent:1.0.0" } # Option to deploy metric server