-
Notifications
You must be signed in to change notification settings - Fork 407
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add k8s integration tests #886
Conversation
Signed-off-by: ChrsMark <chrismarkou92@gmail.com>
Signed-off-by: ChrsMark <chrismarkou92@gmail.com>
Signed-off-by: ChrsMark <chrismarkou92@gmail.com>
💚 Build Succeeded
Expand to view the summary
Build stats
Test stats 🧪
Trends 🧪 |
Signed-off-by: ChrsMark <chrismarkou92@gmail.com>
5752d32
to
375177f
Compare
@mtojek @ycombinator I think that this scenario might be a good candidate to put flakiness because we don't wait for custom resources to be ready so we might fail to get metrics from the endpoints since the service is not yet ready. I think this happens here with I wonder if we could add sth like "wait for healthy" on k8s service deployer to ensure that custom resource is ready. |
Sounds good to me. We have a |
I think this one runs on a different level. We need something on the service's |
One more question, @ChrsMark . Do you have any proposal for the |
Hey! Since we have to do with metrics collection and mostly http maybe using liveness checks can work here. In this way when you add a custom resource you are responsible for defining the liveness probe and then the deployer will check the status of the pod and wait until ready. Feel free to ping me when on it to further brainstorm on this. |
What if custom definitions describe multiple pods and some of them hasn't been created yet (we can see that there is one pod in progress)? |
Signed-off-by: ChrsMark <chrismarkou92@gmail.com>
8810952
to
bf7a8e2
Compare
FYI I pushed the update of elastic-package to the master branch. |
Signed-off-by: ChrsMark <chrismarkou92@gmail.com>
Signed-off-by: ChrsMark <chrismarkou92@gmail.com>
Signed-off-by: ChrsMark <chrismarkou92@gmail.com>
Signed-off-by: ChrsMark <chrismarkou92@gmail.com>
Signed-off-by: ChrsMark <chrismarkou92@gmail.com>
Signed-off-by: ChrsMark <chrismarkou92@gmail.com>
Blocked on elastic/elastic-package#332 |
- name: pod.uid | ||
type: keyword | ||
description: > | ||
Kubernetes Pod UID |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: pod vs Pod (casing consistency)
- name: deployment.name | ||
type: keyword | ||
description: > | ||
Kubernetes deployment name |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: not sure if we need the prefix "Kubernetes" in every field description
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this is how we have it in Beats too, I don't think this is a bad pattern.
- http://{{Hostname}}:10251 | ||
- https://0.0.0.0:10257 | ||
bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token | ||
ssl.verification_mode: "none" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: why exactly is the ssl.verification_mode = none? is it because we're lacking some permissions or certs?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We use the token for the auth part but since the server is https
we need a CA
or --insecure
( ssl.verification_mode: "none") flag to access it. We follow this pattern for kubelet's api too and most probably works fine in real world clusters. If users want to use CAs they can too but they need to provide it properly. (we have some similar cases with kubelet's api access in openshift and we had to find the proper CA generated by k8s so as to use it with Beats too). For this testing scenario I think we are safe.
@@ -0,0 +1,108 @@ | |||
apiVersion: rbac.authorization.k8s.io/v1 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Did you consider using a package scoped _dev/deploy
that can be common for all data streams?
@@ -1,7 +1,7 @@ | |||
format_version: 1.0.0 | |||
name: kubernetes | |||
title: Kubernetes | |||
version: 0.4.5 | |||
version: 0.5.0 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Would you mind updating the changelog as you added new field definitions?
Signed-off-by: ChrsMark <chrismarkou92@gmail.com>
ba06b38
to
a91cae2
Compare
Signed-off-by: ChrsMark <chrismarkou92@gmail.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ship it, please!
What does this PR do?
This PR adds tests for k8s package using k8s service deployer.
Related to #822