Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Logs] Add logs values in config #1427

Merged
merged 8 commits into from
Feb 28, 2025
Merged

[Logs] Add logs values in config #1427

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
e9b4c83
[Logs] Add logs values in config
Feb 28, 2025
3227e65
config.schema.json
Feb 28, 2025
2bbee89
config.schema.json
Feb 28, 2025
0fd1ea5
restructure logs config for loganalytics and mdsd
geoberle Feb 28, 2025
110bba5
reusable aks logs config type
geoberle Feb 28, 2025
bc326f1
add bicepparam to schema changes
geoberle Feb 28, 2025
2104fc6
docs
geoberle Feb 28, 2025
22bb81f
adapt log account schema
geoberle Feb 28, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
36 changes: 29 additions & 7 deletions config/config.msft.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,18 @@ defaults:
repository: aks/msi-acrpull
digest: sha256:51dd1a7c217b554d7925e67008caf747c8bec17b641830160e08b6836a8aa589 #v0.1.12

# Logs
logs:
mdsd:
namespace: logs
msiName: logs-mdsd
serviceAccountName: genevabit-aggregator
cert:
name: logs-mdsd
type: x-pem-file # GCS certificate file in PEM format
issuer: OneCertV2-PrivateCA
loganalytics:
enable: false

# Hypershift
hypershift:
Expand Down Expand Up @@ -49,6 +61,8 @@ defaults:
versions: "asm-1-23"
ingressGatewayIPAddressName: "aro-hcp-istio-ingress"
ingressGatewayIPAddressIPTags: "FirstPartyUsage:arohcpprodinboundsvc"
logs:
namespace: HCPServiceLogs

# MGMT cluster specifics
mgmt:
Expand All @@ -64,6 +78,8 @@ defaults:
kvName: arohcp-etcd-{{ .ctx.regionShort }}-{{ .ctx.stamp }}
kvSoftDelete: true
clusterOutboundIPAddressIPTags: "FirstPartyUsage:arohcpprodoutboundcx"
logs:
namespace: HCPManagementLogs

# Frontend
frontend:
Expand Down Expand Up @@ -201,13 +217,6 @@ defaults:
grafanaZoneRedundantMode: Enabled
workspaceName: 'arohcp-{{ .ctx.regionShort }}'

# Logs
logs:
enableLogAnalytics: false
namespace: logs
msiName: logs-mdsd
serviceAccountName: genevabit-aggregator

clouds:
public:
# this configuration serves as a template for for all RH DEV subscription deployments
Expand Down Expand Up @@ -273,6 +282,10 @@ clouds:
clusterOutboundIPAddressIPTags: "FirstPartyUsage:/NonProd"
istio:
ingressGatewayIPAddressIPTags: "FirstPartyUsage:/NonProd"
logs:
san: SVC.GENEVA.KEYVAULT.ARO-HCP-INT.AZURE.COM
configVersion: "1.0"

# MC
mgmt:
aks:
Expand All @@ -289,6 +302,9 @@ clouds:
osDiskSizeGB: 128
azCount: 3
clusterOutboundIPAddressIPTags: "FirstPartyUsage:/NonProd"
logs:
san: MGMT.GENEVA.KEYVAULT.ARO-HCP-INT.AZURE.COM
configVersion: "1.0"

# DNS
dns:
Expand Down Expand Up @@ -343,3 +359,9 @@ clouds:
aroDevopsMsiId: '/subscriptions/5299e6b7-b23b-46c8-8277-dc1147807117/resourcegroups/global-shared-resources/providers/Microsoft.ManagedIdentity/userAssignedIdentities/global-ev2-identity'
# Cert Officer used for KV signer registration
kvCertOfficerPrincipalId: '32af88de-a61c-4f71-b709-50538598c4f2' # aro-ev2-admin-int-sp

# Logs
logs:
mdsd:
subscriptions:
- 5299e6b7-b23b-46c8-8277-dc1147807117
111 changes: 96 additions & 15 deletions config/config.schema.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,29 @@
"vmSize"
]
},
"aksLogConfig": {
"type": "object",
"properties": {
"namespace": {
"description": "Geneva logs account namespace",
"type": "string"
},
"san": {
"description": "Geneva logs account certificate SAN",
"type": "string"
},
"configVersion": {
"description": "Geneva logs account namespace configuration version",
"type": "string"
}
},
"additionalProperties": false,
"required": [
"namespace",
"san",
"configVersion"
]
},
"aksConfig": {
"type": "object",
"properties": {
Expand Down Expand Up @@ -764,6 +787,10 @@
},
"subscription": {
"type": "string"
},
"logs": {
"description": "MDSD / Genevabits log aggregation and shipping configuration",
"$ref": "#/definitions/aksLogConfig"
}
},
"additionalProperties": false,
Expand Down Expand Up @@ -819,26 +846,76 @@
},
"logs": {
"type": "object",
"additionalProperties": false,
"description": "Log infrastructure configuration",
"properties": {
"enableLogAnalytics": {
"type": "boolean"
},
"namespace": {
"type": "string"
},
"msiName": {
"type": "string"
"loganalytics": {
"type": "object",
"description": "Log Analytics configuration",
"properties": {
"enable": {
"type": "boolean"
}

},
"additionalProperties": false,
"required": [
"enable"
]
},
"serviceAccountName": {
"type": "string"
"mdsd": {
"type": "object",
"properties": {
"namespace": {
"type": "string"
},
"msiName": {
"type": "string"
},
"serviceAccountName": {
"type": "string"
},
"cert": {
"type": "object",
"properties": {
"name": {
"description": "Logs certificate name",
"type": "string"
},
"type": {
"description": "Logs certificate type",
"type": "string"
},
"issuer": {
"description": "Logs certificate issuer",
"type": "string"
}
},
"additionalProperties": false,
"required": [
"name",
"type",
"issuer"
]
},
"subscriptions": {
"description": "Geneva logs resources subscriptions",
"type": "array"
}
},
"additionalProperties": false,
"required": [
"namespace",
"msiName",
"serviceAccountName",
"cert",
"subscriptions"
]
}
},
"additionalProperties": false,
"required": [
"enableLogAnalytics",
"namespace",
"msiName",
"serviceAccountName"
"mdsd",
"loganalytics"
]
},
"msiKeyVault": {
Expand Down Expand Up @@ -951,6 +1028,10 @@
"required": [
"ingressGatewayIPAddressName"
]
},
"logs": {
"description": "MDSD / Genevabits log aggregation and shipping configuration",
"$ref": "#/definitions/aksLogConfig"
}
},
"additionalProperties": false,
Expand Down
24 changes: 16 additions & 8 deletions config/config.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,8 +22,19 @@ defaults:
namespace: hypershift
additionalInstallArg: '--tech-preview-no-upgrade'

# Log settings
logs:
enableLogAnalytics: false
mdsd:
namespace: logs
msiName: logs-mdsd
serviceAccountName: genevabit-aggregator
cert:
name: ""
type: ""
issuer: ""
subscriptions: []
loganalytics:
enable: false

# SVC cluster specifics
svc:
Expand Down Expand Up @@ -315,11 +326,6 @@ clouds:
grafanaName: 'arohcp-dev'
grafanaZoneRedundantMode: Disabled
grafanaAdminGroupPrincipalId: 6b6d3adf-8476-4727-9812-20ffdef2b85c
# Logs
logs:
namespace: logs
msiName: logs-mdsd
serviceAccountName: genevabit-aggregator
# DEVOPS MSI
aroDevopsMsiId: '/subscriptions/1d3378d3-5a3f-4712-85a1-2485495dfc4b/resourceGroups/global/providers/Microsoft.ManagedIdentity/userAssignedIdentities/global-rollout-identity'
kvCertOfficerPrincipalId: 'c9b1819d-bb29-4ac2-9abe-39e4fe9b59eb'
Expand All @@ -328,7 +334,8 @@ clouds:
# this is the integrated DEV environment
defaults:
logs:
enableLogAnalytics: true
loganalytics:
enable: true
mgmt:
aks:
systemAgentPool:
Expand Down Expand Up @@ -359,7 +366,8 @@ clouds:
# this is the cluster service PR check and full cycle test environment
defaults:
logs:
enableLogAnalytics: true
loganalytics:
enable: true
svc:
aks:
# MC AKS nodepools
Expand Down
18 changes: 14 additions & 4 deletions config/public-cloud-cs-pr.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -142,10 +142,20 @@
},
"kvCertOfficerPrincipalId": "c9b1819d-bb29-4ac2-9abe-39e4fe9b59eb",
"logs": {
"enableLogAnalytics": true,
"msiName": "logs-mdsd",
"namespace": "logs",
"serviceAccountName": "genevabit-aggregator"
"loganalytics": {
"enable": true
},
"mdsd": {
"cert": {
"issuer": "",
"name": "",
"type": ""
},
"msiName": "logs-mdsd",
"namespace": "logs",
"serviceAccountName": "genevabit-aggregator",
"subscriptions": []
}
},
"maestro": {
"agent": {
Expand Down
18 changes: 14 additions & 4 deletions config/public-cloud-dev.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -142,10 +142,20 @@
},
"kvCertOfficerPrincipalId": "c9b1819d-bb29-4ac2-9abe-39e4fe9b59eb",
"logs": {
"enableLogAnalytics": true,
"msiName": "logs-mdsd",
"namespace": "logs",
"serviceAccountName": "genevabit-aggregator"
"loganalytics": {
"enable": true
},
"mdsd": {
"cert": {
"issuer": "",
"name": "",
"type": ""
},
"msiName": "logs-mdsd",
"namespace": "logs",
"serviceAccountName": "genevabit-aggregator",
"subscriptions": []
}
},
"maestro": {
"agent": {
Expand Down
30 changes: 26 additions & 4 deletions config/public-cloud-msft-int.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -142,10 +142,22 @@
},
"kvCertOfficerPrincipalId": "32af88de-a61c-4f71-b709-50538598c4f2",
"logs": {
"enableLogAnalytics": false,
"msiName": "logs-mdsd",
"namespace": "logs",
"serviceAccountName": "genevabit-aggregator"
"loganalytics": {
"enable": false
},
"mdsd": {
"cert": {
"issuer": "OneCertV2-PrivateCA",
"name": "logs-mdsd",
"type": "x-pem-file"
},
"msiName": "logs-mdsd",
"namespace": "logs",
"serviceAccountName": "genevabit-aggregator",
"subscriptions": [
"5299e6b7-b23b-46c8-8277-dc1147807117"
]
}
},
"maestro": {
"agent": {
Expand Down Expand Up @@ -221,6 +233,11 @@
},
"vnetAddressPrefix": "10.128.0.0/14"
},
"logs": {
"configVersion": "1.0",
"namespace": "HCPManagementLogs",
"san": "MGMT.GENEVA.KEYVAULT.ARO-HCP-INT.AZURE.COM"
},
"rg": "hcp-underlay-westus3-mgmt-1",
"subscription": "hcp-westus3"
},
Expand Down Expand Up @@ -290,6 +307,11 @@
"targetVersion": "asm-1-23",
"versions": "asm-1-23"
},
"logs": {
"configVersion": "1.0",
"namespace": "HCPServiceLogs",
"san": "SVC.GENEVA.KEYVAULT.ARO-HCP-INT.AZURE.COM"
},
"rg": "hcp-underlay-westus3-svc",
"subscription": "hcp-westus3"
},
Expand Down
Loading