feat: added a new Logs Routing variation (#260)

terraform-ibm-modules · Feb 12, 2025 · 21b87a9 · 21b87a9
1 parent 5ef62df
commit 21b87a9
Show file tree

Hide file tree

Showing 13 changed files with 292 additions and 7 deletions.
diff --git a/.catalog-onboard-pipeline.yaml b/.catalog-onboard-pipeline.yaml
@@ -17,3 +17,6 @@ offerings:
         install_type: extension
         pre_validation: "tests/scripts/pre-validation-deploy-slz-roks-and-obs-instances.sh"
         post_validation: "tests/scripts/post-validation-destroy-slz-roks-and-obs-instances.sh"
+      - name: logs-routing
+        mark_ready: true
+        install_type: fullstack
diff --git a/common-dev-assets b/common-dev-assets
diff --git a/ibm_catalog.json b/ibm_catalog.json
@@ -149,6 +149,9 @@
             {
               "key": "cloud_logs_provision"
             },
+            {
+              "key": "cloud_logs_policies"
+            },
             {
               "key": "cloud_logs_instance_name"
             },
@@ -158,6 +161,9 @@
             {
               "key": "cloud_logs_access_tags"
             },
+            {
+              "key": "manage_log_archive_cos_bucket"
+            },
             {
               "key": "cloud_logs_retention_period",
               "options": [
@@ -235,6 +241,12 @@
             {
               "key": "cloud_monitoring_tags"
             },
+            {
+              "key": "cos_resource_group_name"
+            },
+            {
+              "key": "cos_region"
+            },
             {
               "key": "cos_instance_name"
             },
@@ -397,12 +409,6 @@
             {
               "key": "existing_cos_instance_crn"
             },
-            {
-              "key": "existing_log_archive_cos_bucket_name"
-            },
-            {
-              "key": "existing_log_archive_cos_bucket_endpoint"
-            },
             {
               "key": "existing_at_cos_target_bucket_name"
             },
@@ -443,6 +449,12 @@
             {
               "key": "cos_key_ring_name"
             },
+            {
+              "key": "ibmcloud_cos_api_key"
+            },
+            {
+              "key": "ibmcloud_kms_api_key"
+            },
             {
               "key": "kms_endpoint_type",
               "options": [
@@ -456,6 +468,9 @@
                 }
               ]
             },
+            {
+              "key": "enable_platform_metrics"
+            },
             {
               "key": "enable_metrics_routing_to_cloud_monitoring"
             },
@@ -620,6 +635,9 @@
             {
               "key": "cloud_monitoring_metrics_filter"
             },
+            {
+              "key": "cloud_monitoring_container_filter"
+            },
             {
               "key": "cloud_monitoring_agent_tags"
             },
@@ -714,6 +732,76 @@
               }
             ]
           }
+        },
+        {
+          "label": "Logs Routing",
+          "name": "logs-routing",
+          "install_type": "fullstack",
+          "working_directory": "solutions/logs-routing",
+          "iam_permissions": [
+            {
+              "service_name": "logs-router",
+              "role_crns": [
+                "crn:v1:bluemix:public:iam::::serviceRole:Manager"
+              ]
+            }
+          ],
+          "dependencies": [
+            {
+              "flavors": [
+                "instances"
+              ],
+              "catalog_id": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3",
+              "id": "a3137d28-79e0-479d-8a24-758ebd5a0eab-global",
+              "name": "deploy-arch-ibm-observability",
+              "version": ">=v1.3.1",
+              "optional": true
+            }
+          ],
+          "configuration": [
+            {
+              "key": "ibmcloud_api_key"
+            },
+            {
+              "key": "provider_visibility",
+              "options": [
+                {
+                  "displayname": "private",
+                  "value": "private"
+                },
+                {
+                  "displayname": "public",
+                  "value": "public"
+                },
+                {
+                  "displayname": "public-and-private",
+                  "value": "public-and-private"
+                }
+              ]
+            },
+            {
+              "key": "tenant_configuration"
+            }
+          ],
+          "architecture": {
+            "descriptions": "This architecture supports the deployment of Log Router Tenant for routing logs to cloud logs instance",
+            "features": [
+              {
+                "title": "Creates Log Router Tenant for routing logs to cloud logs instance",
+                "description": "Creates Log Router Tenant for routing logs to cloud logs instance"
+              }
+            ],
+            "diagrams": [
+              {
+                "diagram": {
+                  "caption": "logs-router",
+                  "url": "https://github.com/terraform-ibm-modules/terraform-ibm-observability-da/blob/main/reference-architecture/deployable-architecture-logs-routing.svg",
+                  "type": "image/svg+xml"
+                },
+                "description": "Log Router Tenant for routing logs to cloud logs instance"
+              }
+            ]
+          }
         }
       ]
     }

diff --git a/reference-architecture/deployable-architecture-logs-routing.svg b/reference-architecture/deployable-architecture-logs-routing.svg
diff --git a/solutions/logs-routing/DA-types.md b/solutions/logs-routing/DA-types.md
@@ -0,0 +1,30 @@
+# Configuring Tenants for Log Routing to Cloud Logs Instances
+
+When you create a log router tenant from the IBM cloud catalog you can configure in which region you want to create the router tenant
+
+and which cloud logs instance you want to target  and give names to the tenant and the target
+
+### Options for tenant configuration
+- `tenant_region` (required): The region in which the tenant will be created
+- `tenant_name` (required): The name of the tenant which has to be created
+- `target_name` (required): The name to be given to the target inside the tenant
+- `log_sink_crn` (required): The Cloud Resource Name (CRN) of the cloud logs instance where logs will be routed.
+
+### Example log router tenant configuration
+
+```hcl
+tenant_configuration = [
+    {
+      tenant_region = "eu-de"
+      tenant_name   = "test-tenant-1"
+      target_name   = "test-target-1"
+      log_sink_crn  = "crn:v1:bluemix:public:logs:us-south::2fde707d-7cb6-4aed-80df-ab038599872c::"
+    },
+    {
+      tenant_region = "br-sao"
+      tenant_name   = "test-tenant-2"
+      target_name   = "test-target-2"
+      log_sink_crn  = "crn:v1:bluemix:public:logs:us-south::2fde707d-7cb6-4aed-80df-ab038599872c::"
+    }
+]
+```
diff --git a/solutions/logs-routing/README.md b/solutions/logs-routing/README.md
@@ -0,0 +1,7 @@
+# Creating Tenants for Log Routing to Cloud Logs Intances
+
+This architecture supports creating Cloud Logs tenants
+
+## Before you begin
+
+* Make sure that the observability instances (Cloud Logs) for which specific tenants are required are deployed.
diff --git a/solutions/logs-routing/catalogValidationValues.json.template b/solutions/logs-routing/catalogValidationValues.json.template
@@ -0,0 +1,4 @@
+{
+  "ibmcloud_api_key": $VALIDATION_APIKEY,
+  "tenant_configuration": "[{\"tenant_region\": \"eu-de\", \"tenant_name\": \"test-tenant\", \"target_name\": \"test-target\", \"log_sink_crn\": \"crn:v1:bluemix:public:logs:us-east:a/abac0df06b644a9cabc6e44f55b3880e:6e931667-0f47-4c59-be2e-fa9b9f13f1a4::\"}]"
+}
diff --git a/solutions/logs-routing/main.tf b/solutions/logs-routing/main.tf
@@ -0,0 +1,25 @@
+module "icl_crn_parser" {
+  for_each = { for idx, tenant in var.tenant_configuration : idx => tenant }
+  source   = "terraform-ibm-modules/common-utilities/ibm//modules/crn-parser"
+  version  = "1.1.0"
+  crn      = each.value.log_sink_crn
+}
+
+data "ibm_resource_instance" "icl_instance" {
+  for_each   = { for idx, tenant in var.tenant_configuration : idx => tenant }
+  identifier = module.icl_crn_parser[each.key].service_instance
+}
+
+resource "ibm_logs_router_tenant" "logs_router_tenant_instances" {
+  for_each = { for idx, tenant in var.tenant_configuration : idx => tenant }
+  name     = each.value.tenant_name
+  region   = each.value.tenant_region
+  targets {
+    log_sink_crn = each.value.log_sink_crn
+    name         = each.value.target_name
+    parameters {
+      host = data.ibm_resource_instance.icl_instance[each.key].extensions.external_ingress_private
+      port = 443
+    }
+  }
+}
diff --git a/solutions/logs-routing/outputs.tf b/solutions/logs-routing/outputs.tf
@@ -0,0 +1,18 @@
+##############################################################################
+# Outputs
+##############################################################################
+
+
+##############################################################################
+
+output "tenants_details" {
+
+  value = {
+    for idx, tenant in var.tenant_configuration : idx => {
+      "name" : var.tenant_configuration[idx].tenant_name,
+      "id" : ibm_logs_router_tenant.logs_router_tenant_instances[idx].id,
+      "crn" : ibm_logs_router_tenant.logs_router_tenant_instances[idx].crn
+    }
+  }
+  description = "Details of tenant created through this configuration"
+}
diff --git a/solutions/logs-routing/provider.tf b/solutions/logs-routing/provider.tf
@@ -0,0 +1,8 @@
+########################################################################################################################
+# Provider config
+########################################################################################################################
+
+provider "ibm" {
+  ibmcloud_api_key = var.ibmcloud_api_key
+  visibility       = var.provider_visibility
+}
diff --git a/solutions/logs-routing/variables.tf b/solutions/logs-routing/variables.tf
@@ -0,0 +1,29 @@
+variable "ibmcloud_api_key" {
+  type        = string
+  description = "The API key to use for IBM Cloud."
+  sensitive   = true
+}
+
+variable "provider_visibility" {
+  description = "Set the visibility value for the IBM terraform provider. Supported values are `public`, `private`, `public-and-private`. [Learn more](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/guides/custom-service-endpoints)."
+  type        = string
+  default     = "public"
+  # NOTE. Provider visibility is set to public because of provider issue. (https://github.com/IBM-Cloud/terraform-provider-ibm/issues/5977)
+
+  validation {
+    condition     = contains(["public", "private", "public-and-private"], var.provider_visibility)
+    error_message = "Invalid visibility option. Allowed values are 'public', 'private', or 'public-and-private'."
+  }
+}
+
+variable "tenant_configuration" {
+
+  description = "List of tenants to be created for log routing.[Learn more](https://github.com/terraform-ibm-modules/terraform-ibm-observability-da/tree/main/solutions/tenants/DA-types.md)."
+  type = list(object({
+    tenant_region = string
+    tenant_name   = string
+    target_name   = string
+    log_sink_crn  = string
+  }))
+
+}
diff --git a/solutions/logs-routing/version.tf b/solutions/logs-routing/version.tf
@@ -0,0 +1,10 @@
+terraform {
+  required_version = ">= 1.9.0"
+
+  required_providers {
+    ibm = {
+      source  = "IBM-Cloud/ibm"
+      version = "1.75.1"
+    }
+  }
+}
diff --git a/tests/pr_test.go b/tests/pr_test.go
@@ -26,6 +26,7 @@ const resourceGroup = "geretain-test-observability-instances"
 
 const solutionInstanceDADir = "solutions/instances"
 const solutionAgentsDADir = "solutions/agents"
+const solutionTenantsDADir = "solutions/logs-routing"
 const agentsKubeconfigDir = "solutions/agents/kubeconfig"
 
 // Currently only including regions that Event Notification support
@@ -358,3 +359,61 @@ func TestRunExistingResourcesInstancesSchematics(t *testing.T) {
 		logger.Log(t, "END: Destroy (existing resources)")
 	}
 }
+
+func TestTenantsInSchematics(t *testing.T) {
+	t.Parallel()
+
+	tenant_configuration := []map[string]interface{}{
+		{
+			"tenant_region": "jp-osa",
+			"tenant_name":   "test-tenant",
+			"target_name":   "test-target",
+			"log_sink_crn":  permanentResources["cloud_logs_instance_crn"],
+		},
+	}
+
+	options := testschematic.TestSchematicOptionsDefault(&testschematic.TestSchematicOptions{
+		Testing: t,
+		TarIncludePatterns: []string{
+			"*.tf",
+			solutionTenantsDADir + "/*.tf",
+		},
+		TemplateFolder:         solutionTenantsDADir,
+		Tags:                   []string{"test-schematic"},
+		DeleteWorkspaceOnFail:  false,
+		WaitJobCompleteMinutes: 60,
+	})
+
+	options.TerraformVars = []testschematic.TestSchematicTerraformVar{
+		{Name: "ibmcloud_api_key", Value: options.RequiredEnvironmentVars["TF_VAR_ibmcloud_api_key"], DataType: "string", Secure: true},
+		{Name: "tenant_configuration", Value: tenant_configuration, DataType: "list(object)"},
+	}
+
+	err := options.RunSchematicTest()
+	assert.Nil(t, err, "This should not have errored")
+}
+
+func TestTenantsUpgradeTest(t *testing.T) {
+	t.Parallel()
+
+	tenant_configuration := []map[string]interface{}{
+		{
+			"tenant_region": "br-sao",
+			"tenant_name":   "test-tenant",
+			"target_name":   "test-target",
+			"log_sink_crn":  permanentResources["cloud_logs_instance_crn"],
+		},
+	}
+
+	options := testhelper.TestOptionsDefault(&testhelper.TestOptions{
+		Testing:      t,
+		TerraformDir: solutionTenantsDADir,
+	})
+
+	options.TerraformVars = map[string]interface{}{
+		"tenant_configuration": tenant_configuration,
+	}
+
+	_, err := options.RunTestUpgrade()
+	assert.Nil(t, err, "This should not have errored")
+}
+20 −1		common-go-assets/common-permanent-resources.yaml
+1 −1		examples/Dockerfile
+11 −8		module-assets/.pre-commit-config.yaml
+0 −4		module-assets/Makefile
+6 −6		module-assets/ci/install-deps.sh
+172 −0		module-assets/ci/validateIbmCatalogJson.py
+18 −5		module-assets/ci/validateJsonTemplate.py
+0 −6		module-assets/docker.env
+0 −13		renovate.json
+1 −4		stack-assets/.pre-commit-config.yaml
+3 −3		stack-assets/stack-updater/requirements.txt