Heartbeat autodiscover kubernetes pod

Hi

I want heartbeat to find every single kubernetes pod and send it to Elasticsearch uptime, however all I am able to currently get is the kubernetes nodes. Below is the config.

apiVersion: v1
kind: ConfigMap
metadata:
  name: heartbeat-deployment-config
  namespace: elk
  labels:
    k8s-app: heartbeat
data:
  heartbeat.yml: |-
    heartbeat.autodiscover:
       # Autodiscover pods
      providers:
        - type: kubernetes
          resource: pod
          scope: cluster
          node: ${NODE_NAME}
          hints.enabled: true
          templates:
            - condition: ~
                #contains:
                 # kubernetes.container.image: nginx
        #        #kubernetes.labels.heartbeat_type: http
              config:
                - type: http
                  hosts: ["${data.host}:${data.port}"]
                  name: ${data.kubernetes.pod.name}
                  schedule: '@every 1s'
                  timeout: 2s
      # Autodiscover services
      providers:
        - type: kubernetes
          resource: service
          scope: cluster
          node: ${NODE_NAME}
          hints.enabled: true

    #  # Autodiscover nodes
      providers:
        - type: kubernetes
          resource: node
          node: ${NODE_NAME}
          scope: cluster
          templates:
            # Example, check SSH port of all cluster nodes:
            - condition: ~
              config:
                - hosts:
                    - ${data.host}:22
                  name: ${data.kubernetes.node.name}
                  schedule: '@every 10s'
                  timeout: 5s
                  type: tcp

    processors:
      - add_cloud_metadata:

    cloud.id: ${ELASTIC_CLOUD_ID}
    cloud.auth: ${ELASTIC_CLOUD_AUTH}

    output.elasticsearch:
      hosts: ['https://x.x.x.x:9200']
      username: elastic
      password: itss@123
      ssl.certificate_authorities:
        - /etc/certs/ssl/ca.crt
---
# Deploy singleton instance in the whole cluster for some unique data sources, like kube-state-metrics
apiVersion: apps/v1
kind: Deployment
metadata:
  name: heartbeat
  namespace: elk
  labels:
    k8s-app: heartbeat
spec:
  selector:
    matchLabels:
      k8s-app: heartbeat
  template:
    metadata:
      labels:
        k8s-app: heartbeat
    spec:
      serviceAccountName: heartbeat
      hostNetwork: true
      dnsPolicy: ClusterFirstWithHostNet
      containers:
      - name: heartbeat
        image: docker.elastic.co/beats/heartbeat:7.15.2
        args: [
          "-c", "/etc/heartbeat.yml",
          "-e",
        ]
        env:
        - name: ELASTICSEARCH_HOST
          value: elasticsearch
        - name: ELASTICSEARCH_PORT
          value: "9200"
        - name: ELASTICSEARCH_USERNAME
          value: elastic
        - name: ELASTICSEARCH_PASSWORD
          value: itss@123
        - name: ELASTIC_CLOUD_ID
          value:
        - name: ELASTIC_CLOUD_AUTH
          value:
        #- name: cert
          #mountPath: /etc/certs/ssl/ca.crt
          #readOnly: true
        - name: NODE_NAME
          valueFrom:
            fieldRef:
              fieldPath: spec.nodeName
        securityContext:
          runAsUser: 0
        resources:
          limits:
            memory: 200Mi
          requests:
            cpu: 100m
            memory: 100Mi
        volumeMounts:
        - name: config
          mountPath: /etc/heartbeat.yml
          readOnly: true
          subPath: heartbeat.yml
        - name: data
          mountPath: /usr/share/heartbeat/data
        - name: cert
          mountPath: /etc/certs/ssl/ca.crt
          readOnly: true
          subPath: ca.crt
      volumes:
      - name: config
        configMap:
          defaultMode: 0600
          name: heartbeat-deployment-config
      - name: data
        hostPath:
          path: /var/lib/heartbeat-data
          type: DirectoryOrCreate
      - name: cert
        secret:
         secretName: my-tls-secret
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: heartbeat
  namespace: elk
roleRef:
  kind: ClusterRole
  name: heartbeat
  apiGroup: rbac.authorization.k8s.io
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: heartbeat
  namespace: elk
subjects:
  - kind: ServiceAccount
    name: heartbeat
    namespace: elk
roleRef:
  kind: Role
  name: heartbeat
  apiGroup: rbac.authorization.k8s.io
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: heartbeat-kubeadm-config
  namespace: elk
subjects:
  - kind: ServiceAccount
    name: heartbeat
    namespace: elk
roleRef:
  kind: Role
  name: heartbeat-kubeadm-config
  apiGroup: rbac.authorization.k8s.io
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: heartbeat
  labels:
    k8s-app: heartbeat
rules:
- apiGroups: [""]
  resources:
  - nodes
  - namespaces
  - pods
  - services
  verbs: ["get", "list", "watch"]
- apiGroups: ["apps"]
  resources:
    - replicasets
  verbs: ["get", "list", "watch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  name: heartbeat
  # should be the namespace where heartbeat is running
  namespace: elk
  labels:
    k8s-app: heartbeat
rules:
  - apiGroups:
      - coordination.k8s.io
    resources:
      - leases
    verbs: ["get", "create", "update"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  name: heartbeat-kubeadm-config
  namespace: elk
  labels:
    k8s-app: heartbeat
rules:
  - apiGroups: [""]
    resources:
      - configmaps
    resourceNames:
      - kubeadm-config
    verbs: ["get"]
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: heartbeat
  namespace: elk
  labels:
    k8s-app: heartbeat
---

Congratulations @lalchand_rajak for your first post and welcome to the community. We really appreciate that you took the time to mention all the details.

I will go through your query and will get back.

anything you find.

Can you share any logs? Turning on debug logging may be useful here

kubectl  logs pod/heartbeat-578fbdf9d5-j9clm -n elk
2021-12-02T08:53:55.344Z	INFO	instance/beat.go:665	Home path: [/usr/share/heartbeat] Config path: [/usr/share/heartbeat] Data path: [/usr/share/heartbeat/data] Logs path: [/usr/share/heartbeat/logs]
2021-12-02T08:53:55.344Z	INFO	instance/beat.go:673	Beat ID: 056b8ab3-1cd6-4e06-a8e4-e03b6c8bacf7
2021-12-02T08:53:55.345Z	WARN	[seccomp]	seccomp/seccomp.go:119	Syscall filter could not be installederrorfailed to assemble policy: found unknown syscalls for arch x86_64: exited,si_code,SIGINT,SIGURG,SI_KERNEL,si_pid,si_signo,SI_TKILL,si_uid,withseccomp_filter{true tsync {errno [{[accept accept4 access arch_prctl bind brk chmod chown clock_gettime clone close connect dup dup2 epoll_create epoll_create1 epoll_ctl epoll_pwait epoll_wait exit exit_group fchdir fchmod fchmodat fchown fchownat fcntl fdatasync flock fstat fstatfs fsync ftruncate futex getcwd getdents getdents64 geteuid getgid getpeername getpid getppid getrandom getrlimit getrusage getsockname getsockopt gettid gettimeofday getuid inotify_add_watch inotify_init1 inotify_rm_watch ioctl kill listen lseek lstat madvise mincore mkdirat mmap mprotect munmap nanosleep newfstatat open openat pipe pipe2 poll ppoll pread64 pselect6 pwrite64 read readlink readlinkat recvfrom recvmmsg recvmsg rename renameat rt_sigaction rt_sigprocmask rt_sigreturn sched_getaffinity sched_yield sendfile sendmmsg sendmsg sendto set_robust_list setitimer setsockopt shutdown sigaltstack socket splice stat statfs sysinfo tgkill time tkill uname unlink unlinkat wait4 waitid write writev execve exited mlock prctl prlimit64 set_tid_address si_code SIGINT SIGURG SI_KERNEL si_pid si_signo SI_TKILL si_uid umask with] allow <nil>}] <nil>}}
2021-12-02T08:53:55.345Z	INFO	[beat]	instance/beat.go:1014	Beat info	{"system_info": {"beat": {"path": {"config": "/usr/share/heartbeat", "data": "/usr/share/heartbeat/data", "home": "/usr/share/heartbeat", "logs": "/usr/share/heartbeat/logs"}, "type": "heartbeat", "uuid": "056b8ab3-1cd6-4e06-a8e4-e03b6c8bacf7"}}}
2021-12-02T08:53:55.345Z	INFO	[beat]	instance/beat.go:1023	Build info	{"system_info": {"build": {"commit": "fd322dad6ceafec40c84df4d2a0694ea357d16cc", "libbeat": "7.15.2", "time": "2021-11-04T14:29:06.000Z", "version": "7.15.2"}}}
2021-12-02T08:53:55.345Z	INFO	[beat]	instance/beat.go:1026	Go runtime info	{"system_info": {"go": {"os":"linux","arch":"amd64","max_procs":2,"version":"go1.16.6"}}}
2021-12-02T08:53:55.347Z	INFO	[beat]	instance/beat.go:1030	Host info	{"system_info": {"host": {"architecture":"x86_64","boot_time":"2021-10-27T09:40:42Z","containerized":true,"name":"elk-worker1","ip":["127.0.0.1/8","::1/128","10.210.0.162/24","fe80::20c:29ff:fe41:b9a5/64","172.17.0.1/16","fe80::ecee:eeff:feee:eeee/64","fe80::ecee:eeff:feee:eeee/64","192.168.85.128/32","fe80::ecee:eeff:feee:eeee/64"],"kernel_version":"3.10.0-957.el7.x86_64","mac":["00:0c:29:41:b9:a5","02:42:5a:dd:66:64","ee:ee:ee:ee:ee:ee","ee:ee:ee:ee:ee:ee","ee:ee:ee:ee:ee:ee"],"os":{"type":"linux","family":"redhat","platform":"centos","name":"CentOS Linux","version":"7 (Core)","major":7,"minor":9,"patch":2009,"codename":"Core"},"timezone":"UTC","timezone_offset_sec":0,"id":"1820c6c61258c329e88764d3dc4484f3"}}}
2021-12-02T08:53:55.347Z	INFO	[beat]	instance/beat.go:1059	Process info	{"system_info": {"process": {"capabilities": {"inheritable":["chown","dac_override","fowner","fsetid","kill","setgid","setuid","setpcap","net_bind_service","net_raw","sys_chroot","mknod","audit_write","setfcap"],"permitted":["chown","dac_override","fowner","fsetid","kill","setgid","setuid","setpcap","net_bind_service","net_raw","sys_chroot","mknod","audit_write","setfcap"],"effective":["chown","dac_override","fowner","fsetid","kill","setgid","setuid","setpcap","net_bind_service","net_raw","sys_chroot","mknod","audit_write","setfcap"],"bounding":["chown","dac_override","fowner","fsetid","kill","setgid","setuid","setpcap","net_bind_service","net_raw","sys_chroot","mknod","audit_write","setfcap"],"ambient":null}, "cwd": "/usr/share/heartbeat", "exe": "/usr/share/heartbeat/heartbeat", "name": "heartbeat", "pid": 6, "ppid": 1, "seccomp": {"mode":"disabled"}, "start_time": "2021-12-02T08:53:55.120Z"}}}
2021-12-02T08:53:55.347Z	INFO	instance/beat.go:309	Setup Beat: heartbeat; Version: 7.15.2
2021-12-02T08:53:55.347Z	INFO	[index-management]	idxmgmt/std.go:184	Set output.elasticsearch.index to 'heartbeat-7.15.2' as ILM is enabled.
2021-12-02T08:53:55.347Z	WARN	[cfgwarn]	tlscommon/config.go:100	DEPRECATED: Treating the CommonName field on X.509 certificates as a host name when no Subject Alternative Names are present is going to be removed. Please update your certificates if needed. Will be removed in version: 8.0.0
2021-12-02T08:53:55.348Z	INFO	[esclientleg]	eslegclient/connection.go:100	elasticsearch url: https://x.x.x.x:9200
2021-12-02T08:53:55.348Z	INFO	[publisher]	pipeline/module.go:113	Beat name: elk-worker1
2021-12-02T08:53:55.348Z	INFO	[monitoring]	log/log.go:142	Starting metrics logging every 30s
2021-12-02T08:53:55.349Z	INFO	instance/beat.go:473	heartbeat start running.
2021-12-02T08:53:55.349Z	INFO	beater/heartbeat.go:82	heartbeat is running! Hit CTRL-C to stop it.
2021-12-02T08:53:55.368Z	INFO	[autodiscover]	autodiscover/autodiscover.go:113	Starting autodiscover manager
2021-12-02T08:53:58.346Z	INFO	[add_cloud_metadata]	add_cloud_metadata/add_cloud_metadata.go:101	add_cloud_metadata: hosting provider type not detected.
2021-12-02T08:53:59.346Z	INFO	[publisher_pipeline_output]	pipeline/output.go:143	Connecting to backoff(elasticsearch(https://x.x.x.x:9200))
2021-12-02T08:53:59.346Z	INFO	[publisher]	pipeline/retry.go:219	retryer: send unwait signal to consumer
2021-12-02T08:53:59.346Z	INFO	[publisher]	pipeline/retry.go:223	  done
2021-12-02T08:53:59.367Z	INFO	[esclientleg]	eslegclient/connection.go:273	Attempting to connect to Elasticsearch version 7.15.0
2021-12-02T08:53:59.410Z	INFO	[esclientleg]	eslegclient/connection.go:273	Attempting to connect to Elasticsearch version 7.15.0
2021-12-02T08:53:59.430Z	INFO	[index-management]	idxmgmt/std.go:261	Auto ILM enable success.
2021-12-02T08:53:59.432Z	INFO	[index-management.ilm]	ilm/std.go:170	ILM policy heartbeat exists already.
2021-12-02T08:53:59.432Z	INFO	[index-management]	idxmgmt/std.go:401	Set setup.template.name to '{heartbeat-7.15.2 {now/d}-000001}' as ILM is enabled.
2021-12-02T08:53:59.432Z	INFO	[index-management]	idxmgmt/std.go:406	Set setup.template.pattern to 'heartbeat-7.15.2-*' as ILM is enabled.
2021-12-02T08:53:59.432Z	INFO	[index-management]	idxmgmt/std.go:440	Set settings.index.lifecycle.rollover_alias in template to {heartbeat-7.15.2 {now/d}-000001} as ILM is enabled.
2021-12-02T08:53:59.432Z	INFO	[index-management]	idxmgmt/std.go:444	Set settings.index.lifecycle.name in template to {heartbeat {"policy":{"phases":{"hot":{"actions":{"rollover":{"max_age":"30d","max_size":"50gb"}}}}}}} as ILM is enabled.
2021-12-02T08:53:59.434Z	INFO	template/load.go:111	Template "heartbeat-7.15.2" already exists and will not be overwritten.
2021-12-02T08:53:59.434Z	INFO	[index-management]	idxmgmt/std.go:297	Loaded index template.
2021-12-02T08:53:59.435Z	INFO	[index-management.ilm]	ilm/std.go:126	Index Alias heartbeat-7.15.2 exists already.
2021-12-02T08:53:59.436Z	INFO	[publisher_pipeline_output]	pipeline/output.go:151	Connection to backoff(elasticsearch(https://10.210.12.56:9200)) established
2021-12-02T08:54:25.355Z	INFO	[monitoring]	log/log.go:184	Non-zero metrics in the last 30s	{"monitoring": {"metrics": {"beat":{"cgroup":{"cpu":{"cfs":{"period":{"us":100000}},"id":"/"},"cpuacct":{"id":"/","total":{"ns":139495041}},"memory":{"id":"/","mem":{"limit":{"bytes":209715200},"usage":{"bytes":29806592}}}},"cpu":{"system":{"ticks":40,"time":{"ms":49}},"total":{"ticks":110,"time":{"ms":120},"value":110},"user":{"ticks":70,"time":{"ms":71}}},"handles":{"limit":{"hard":1048576,"soft":1048576},"open":10},"info":{"ephemeral_id":"6cf9e50d-9597-4c8e-8ff0-0e316c5d95b7","uptime":{"ms":30029},"version":"7.15.2"},"memstats":{"gc_next":9960656,"memory_alloc":8592688,"memory_sys":74793992,"memory_total":15400456,"rss":72355840},"runtime":{"goroutines":26}},"heartbeat":{"tcp":{"endpoint_starts":3,"endpoint_stops":3,"monitor_starts":3,"monitor_stops":3}},"libbeat":{"config":{"module":{"running":3,"starts":3}},"output":{"events":{"acked":9,"active":0,"batches":3,"total":9},"read":{"bytes":7711},"type":"elasticsearch","write":{"bytes":12259}},"pipeline":{"clients":3,"events":{"active":0,"published":9,"retry":3,"total":9},"queue":{"acked":9,"max_events":4096}}},"system":{"cpu":{"cores":2},"load":{"1":0,"15":0.11,"5":0.09,"norm":{"1":0,"15":0.055,"5":0.045}}}}}}
2021-12-02T08:54:55.354Z	INFO	[monitoring]	log/log.go:184	Non-zero metrics in the last 30s	{"monitoring": {"metrics": {"beat":{"cgroup":{"cpuacct":{"total":{"ns":23517272}},"memory":{"mem":{"usage":{"bytes":1114112}}}},"cpu":{"system":{"ticks":50,"time":{"ms":7}},"total":{"ticks":130,"time":{"ms":22},"value":130},"user":{"ticks":80,"time":{"ms":15}}},"handles":{"limit":{"hard":1048576,"soft":1048576},"open":10},"info":{"ephemeral_id":"6cf9e50d-9597-4c8e-8ff0-0e316c5d95b7","uptime":{"ms":60028},"version":"7.15.2"},"memstats":{"gc_next":10192736,"memory_alloc":6352288,"memory_total":17542688,"rss":73715712},"runtime":{"goroutines":26}},"heartbeat":{"tcp":{"endpoint_starts":1,"endpoint_stops":2,"monitor_starts":1,"monitor_stops":2}},"libbeat":{"config":{"module":{"running":3,"starts":1,"stops":1}},"output":{"events":{"acked":10,"active":0,"batches":3,"total":10},"read":{"bytes":2768},"write":{"bytes":11716}},"pipeline":{"clients":3,"events":{"active":0,"published":10,"total":10},"queue":{"acked":10}}},"system":{"load":{"1":0,"15":0.1,"5":0.08,"norm":{"1":0,"15":0.05,"5":0.04}}}}}}

image785×458 35 KB

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.