From ffbe88e350bd781512c3839d0b54dfa750b594bd Mon Sep 17 00:00:00 2001 From: Fabian Schlager <149999474+fschlager@users.noreply.github.com> Date: Tue, 28 May 2024 09:32:35 +0200 Subject: [PATCH] add cloudId and cloudAuth parameters to elastic (#1169) Signed-off-by: Fabian Schlager --- apis/fluentd/v1alpha1/plugins/output/es.go | 5 + .../fluentd.fluent.io_clusteroutputs.yaml | 64 +++++++++ .../crds/fluentd.fluent.io_outputs.yaml | 64 +++++++++ .../fluentd.fluent.io_clusteroutputs.yaml | 64 +++++++++ .../crd/bases/fluentd.fluent.io_outputs.yaml | 64 +++++++++ docs/plugins/fluentd/output/es.md | 2 + manifests/setup/fluent-operator-crd.yaml | 128 ++++++++++++++++++ manifests/setup/setup.yaml | 128 ++++++++++++++++++ 8 files changed, 519 insertions(+) diff --git a/apis/fluentd/v1alpha1/plugins/output/es.go b/apis/fluentd/v1alpha1/plugins/output/es.go index 369a8f150..eca1dcadf 100644 --- a/apis/fluentd/v1alpha1/plugins/output/es.go +++ b/apis/fluentd/v1alpha1/plugins/output/es.go @@ -16,6 +16,11 @@ type Elasticsearch struct { Scheme *string `json:"scheme,omitempty"` // Path defines the REST API endpoint of Elasticsearch to post write requests (default: nil). Path *string `json:"path,omitempty"` + // Authenticate towards Elastic Cloud using CloudId. If set, cloudAuth must + // be set as well and host, port, user and password are ignored. + CloudId *plugins.Secret `json:"cloudId,omitempty"` + // Authenticate towards Elastic Cloud using cloudAuth. + CloudAuth *plugins.Secret `json:"cloudAuth,omitempty"` // IndexName defines the placeholder syntax of Fluentd plugin API. See https://docs.fluentd.org/configuration/buffer-section. IndexName *string `json:"indexName,omitempty"` // If true, Fluentd uses the conventional index name format logstash-%Y.%m.%d (default: false). This option supersedes the index_name option. diff --git a/charts/fluent-operator/charts/fluentd-crds/crds/fluentd.fluent.io_clusteroutputs.yaml b/charts/fluent-operator/charts/fluentd-crds/crds/fluentd.fluent.io_clusteroutputs.yaml index cc69e61fa..ce1713fc5 100644 --- a/charts/fluent-operator/charts/fluentd-crds/crds/fluentd.fluent.io_clusteroutputs.yaml +++ b/charts/fluent-operator/charts/fluentd-crds/crds/fluentd.fluent.io_clusteroutputs.yaml @@ -596,6 +596,70 @@ spec: x-kubernetes-map-type: atomic type: object type: object + cloudAuth: + description: Authenticate towards Elastic Cloud using cloudAuth. + properties: + valueFrom: + description: ValueSource defines how to find a value's + key. + properties: + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: object + cloudId: + description: Authenticate towards Elastic Cloud using CloudId. + If set, cloudAuth must be set as well and host, port, + user and password are ignored. + properties: + valueFrom: + description: ValueSource defines how to find a value's + key. + properties: + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: object host: description: 'The hostname of your Elasticsearch node (default: localhost).' diff --git a/charts/fluent-operator/charts/fluentd-crds/crds/fluentd.fluent.io_outputs.yaml b/charts/fluent-operator/charts/fluentd-crds/crds/fluentd.fluent.io_outputs.yaml index bacfb15fa..09dc988e1 100644 --- a/charts/fluent-operator/charts/fluentd-crds/crds/fluentd.fluent.io_outputs.yaml +++ b/charts/fluent-operator/charts/fluentd-crds/crds/fluentd.fluent.io_outputs.yaml @@ -596,6 +596,70 @@ spec: x-kubernetes-map-type: atomic type: object type: object + cloudAuth: + description: Authenticate towards Elastic Cloud using cloudAuth. + properties: + valueFrom: + description: ValueSource defines how to find a value's + key. + properties: + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: object + cloudId: + description: Authenticate towards Elastic Cloud using CloudId. + If set, cloudAuth must be set as well and host, port, + user and password are ignored. + properties: + valueFrom: + description: ValueSource defines how to find a value's + key. + properties: + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: object host: description: 'The hostname of your Elasticsearch node (default: localhost).' diff --git a/config/crd/bases/fluentd.fluent.io_clusteroutputs.yaml b/config/crd/bases/fluentd.fluent.io_clusteroutputs.yaml index cc69e61fa..ce1713fc5 100644 --- a/config/crd/bases/fluentd.fluent.io_clusteroutputs.yaml +++ b/config/crd/bases/fluentd.fluent.io_clusteroutputs.yaml @@ -596,6 +596,70 @@ spec: x-kubernetes-map-type: atomic type: object type: object + cloudAuth: + description: Authenticate towards Elastic Cloud using cloudAuth. + properties: + valueFrom: + description: ValueSource defines how to find a value's + key. + properties: + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: object + cloudId: + description: Authenticate towards Elastic Cloud using CloudId. + If set, cloudAuth must be set as well and host, port, + user and password are ignored. + properties: + valueFrom: + description: ValueSource defines how to find a value's + key. + properties: + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: object host: description: 'The hostname of your Elasticsearch node (default: localhost).' diff --git a/config/crd/bases/fluentd.fluent.io_outputs.yaml b/config/crd/bases/fluentd.fluent.io_outputs.yaml index bacfb15fa..09dc988e1 100644 --- a/config/crd/bases/fluentd.fluent.io_outputs.yaml +++ b/config/crd/bases/fluentd.fluent.io_outputs.yaml @@ -596,6 +596,70 @@ spec: x-kubernetes-map-type: atomic type: object type: object + cloudAuth: + description: Authenticate towards Elastic Cloud using cloudAuth. + properties: + valueFrom: + description: ValueSource defines how to find a value's + key. + properties: + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: object + cloudId: + description: Authenticate towards Elastic Cloud using CloudId. + If set, cloudAuth must be set as well and host, port, + user and password are ignored. + properties: + valueFrom: + description: ValueSource defines how to find a value's + key. + properties: + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: object host: description: 'The hostname of your Elasticsearch node (default: localhost).' diff --git a/docs/plugins/fluentd/output/es.md b/docs/plugins/fluentd/output/es.md index f9736751f..28202f27a 100644 --- a/docs/plugins/fluentd/output/es.md +++ b/docs/plugins/fluentd/output/es.md @@ -10,6 +10,8 @@ Elasticsearch defines the parameters for out_es output plugin | hosts | Hosts defines a list of hosts if you want to connect to more than one Elasticsearch nodes | *string | | scheme | Specify https if your Elasticsearch endpoint supports SSL (default: http). | *string | | path | Path defines the REST API endpoint of Elasticsearch to post write requests (default: nil). | *string | +| cloudId | Authenticate towards Elastic Cloud using CloudId. If set, cloudAuth must be set as well and host, port, user and password are ignored. | *[plugins.Secret](../secret.md) | +| cloudAuth | Authenticate towards Elastic Cloud using cloudAuth. | *[plugins.Secret](../secret.md) | | indexName | IndexName defines the placeholder syntax of Fluentd plugin API. See https://docs.fluentd.org/configuration/buffer-section. | *string | | logstashFormat | If true, Fluentd uses the conventional index name format logstash-%Y.%m.%d (default: false). This option supersedes the index_name option. | *bool | | logstashPrefix | LogstashPrefix defines the logstash prefix index name to write events when logstash_format is true (default: logstash). | *string | diff --git a/manifests/setup/fluent-operator-crd.yaml b/manifests/setup/fluent-operator-crd.yaml index b9073c72f..2976128e3 100644 --- a/manifests/setup/fluent-operator-crd.yaml +++ b/manifests/setup/fluent-operator-crd.yaml @@ -7494,6 +7494,70 @@ spec: x-kubernetes-map-type: atomic type: object type: object + cloudAuth: + description: Authenticate towards Elastic Cloud using cloudAuth. + properties: + valueFrom: + description: ValueSource defines how to find a value's + key. + properties: + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: object + cloudId: + description: Authenticate towards Elastic Cloud using CloudId. + If set, cloudAuth must be set as well and host, port, + user and password are ignored. + properties: + valueFrom: + description: ValueSource defines how to find a value's + key. + properties: + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: object host: description: 'The hostname of your Elasticsearch node (default: localhost).' @@ -32138,6 +32202,70 @@ spec: x-kubernetes-map-type: atomic type: object type: object + cloudAuth: + description: Authenticate towards Elastic Cloud using cloudAuth. + properties: + valueFrom: + description: ValueSource defines how to find a value's + key. + properties: + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: object + cloudId: + description: Authenticate towards Elastic Cloud using CloudId. + If set, cloudAuth must be set as well and host, port, + user and password are ignored. + properties: + valueFrom: + description: ValueSource defines how to find a value's + key. + properties: + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: object host: description: 'The hostname of your Elasticsearch node (default: localhost).' diff --git a/manifests/setup/setup.yaml b/manifests/setup/setup.yaml index 531ca525a..09a6ee9ae 100644 --- a/manifests/setup/setup.yaml +++ b/manifests/setup/setup.yaml @@ -7494,6 +7494,70 @@ spec: x-kubernetes-map-type: atomic type: object type: object + cloudAuth: + description: Authenticate towards Elastic Cloud using cloudAuth. + properties: + valueFrom: + description: ValueSource defines how to find a value's + key. + properties: + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: object + cloudId: + description: Authenticate towards Elastic Cloud using CloudId. + If set, cloudAuth must be set as well and host, port, + user and password are ignored. + properties: + valueFrom: + description: ValueSource defines how to find a value's + key. + properties: + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: object host: description: 'The hostname of your Elasticsearch node (default: localhost).' @@ -32138,6 +32202,70 @@ spec: x-kubernetes-map-type: atomic type: object type: object + cloudAuth: + description: Authenticate towards Elastic Cloud using cloudAuth. + properties: + valueFrom: + description: ValueSource defines how to find a value's + key. + properties: + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: object + cloudId: + description: Authenticate towards Elastic Cloud using CloudId. + If set, cloudAuth must be set as well and host, port, + user and password are ignored. + properties: + valueFrom: + description: ValueSource defines how to find a value's + key. + properties: + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: object host: description: 'The hostname of your Elasticsearch node (default: localhost).'