Opster Metricbeat Helm Chart

Requirements

• Kubernetes >= 1.14
• Helm >= 2.17.0

Configuring

This helm charts create a deployment with Opster’s MetricBeat service and also create the needed secrets from your configuration setted in .Values.secrets. . We recommend this option. To run the chart please isert to the ‘charts’ directory.

values

Edit values.yaml file.

For the minimal setup set values for the following keys in Values.secrets.conf section:

• ES_URL , put here address of your ElasticSearch instance, for example http://es:9200
• OPSTER_TOKEN , for example asd55as, the value of this token should be provided to you by Opster team

If your ElasticSearch has basic authentication enabled, please set values for the following keys in the Values.secrets.basicauth section:

• ES_USER , put here username, for example elastic
• ES_PASSWORD , place here user’s password, for example mysecretpassword

By default metricbeat uses as output endpoint receiver.opster.io:5044. Sometimes because of the firewall issues, etc. you can’t use port 5044 for outbound connections. If this is not a problem for you just skip this part and if it’s actually the problem we have prepared another endpoint that uses port 443, to use it please also edit following keys in the Values.secrets.conf section:

• OPSTER_HOST, change the value to rcvs.opster.io
• OPSTER_PORT, change the value to 443

For arm64 architecture please change imageTag value to latest-arm64.

For simple installation use the values.yaml file that include all needed parameters. for more details and configurations (like ‘annotations’, ‘nodeSelector’ and more) please use with extended-values.yaml values file.

Running

Execute this command in the unpacked chart directory:

helm install metricbeat ./

OR

helm install metricbeat -f extended-values.yaml ./

If you have your own secret deployed in your k8s cluster and don’t want to create a new one follow the instructions :

• Search for the value selfSecrets.created and change it to true.
• Provide the name of the secret under selfSecrets.name.

selfSecrets:
  created: true
  name: “external-secret”
  ...

• Choose your authentication method under selfSecrets .

selfSecrets:
  type: “awsIamAuth”
  ...

Use:

• “basicAuth”: If you use basic authentication
• “awsIamAuth”: If you use AWS IAM authentication for deployment
• or leave “” if you don’t use an authentication method for your deployment (not recommended - only for develop purposes).

If you have a custom keys in your secret for the same values, you can uncomment the value and specify the new secret key name for every key that required.

  keys:
    env:
      es_url: “ES_URL”
      opster_token: “OPSTER_TOKEN”
      opster_host: “OPSTER_HOST”

    basicAuth:
      es_password: “”
      es_user: “”

    awsIamAuth:
      access_key_id: “”
      aws_region: “”
      secret_access_key: “”

If you leave “”, helm’ll search the key name in uppercase inside the secret configured.

If the secrets doesn’t exist or key name is not found inside the secret, helm deploy will failed with a message like this:

Error: UPGRADE FAILED: execution error at (opster-metricbeat/templates/deployment.yaml:121:14): Secret key ‘ES_URL’ given for ‘es_url’ does not exist in ‘external-secret’ secret

This will help you to fix the deploy configuration.