Kubernetes Provider
editKubernetes Provider
editProvides inventory information from Kubernetes.
Provider configuration
editproviders.kubernetes: node: ${NODE_NAME} scope: node #kube_config: /Users/elastic-agent/.kube/config #sync_period: 600s #cleanup_timeout: 60s resources: pod: enabled: true
-
node
-
(Optional) Specify the node to scope Elastic Agent to in case it cannot be accurately detected by the default discovery approach:
- If Elastic Agent is deployed in Kubernetes cluster as Pod, use hostname of pod as the pod name to query pod metadata for node name.
- If step 1 fails or Elastic Agent is deployed outside of the Kubernetes cluster, use machine-id to match against Kubernetes nodes for node name.
-
If node cannot be discovered with step 1 or 2 fall back to
NODE_NAME
environment variable as default value. In case it is not set return error.
-
cleanup_timeout
-
(Optional) Specify the time of inactivity before stopping the
running configuration for a container. This is
60s
by default. -
sync_period
- (Optional) Specify the timeout for listing historical resources.
-
kube_config
-
(Optional) Use the given config file as configuration for Kubernetes client. If
kube_config
is not set, theKUBECONFIG
environment variable will be checked and will fall back to InCluster if not present. InCluster mode means that if Elastic Agent runs as a Pod it will try to initialize the client using the token and certificate that are mounted in the Pod by default:-
/var/run/secrets/kubernetes.io/serviceaccount/token
-
/var/run/secrets/kubernetes.io/serviceaccount/ca.crt
-
as well as using the environment variables KUBERNETES_SERVICE_HOST
and KUBERNETES_SERVICE_PORT
to reach the API Server.
kube_client_options
:: (Optional) Additional options can be configured for Kubernetes
client. Currently client QPS and burst are supported, if not set Kubernetes client’s
default QPS and burst will be used.
Example:
kube_client_options: qps: 5 burst: 10
-
scope
-
(Optional) Specify the level for autodiscover.
scope
can either takenode
orcluster
as values.node
scope allows discovery of resources in the specified node.cluster
scope allows cluster wide discovery. Onlypod
andnode
resources can be discovered at node scope. -
resources
-
(Optional) Specify the resources that want to start the autodiscovery for. One
of
pod
,node
,service
. By defaultnode
andpod
are being enabled.service
resource requires thescope
to be set atcluster
. -
namespace
- (Optional) Select the namespace from which to collect the metadata. If it is not set, the processor collects metadata from all namespaces. It is unset by default.
-
include_annotations
- (Optional) If added to the provider config, then the list of annotations present in the config are added to the event.
-
include_labels
- (Optional) If added to the provider config, then the list of labels present in the config will be added to the event.
-
exclude_labels
- (Optional) If added to the provider config, then the list of labels present in the config will be excluded from the event.
-
labels.dedot
-
(Optional) If set to be
true
in the provider config, then.
in labels will be replaced with_
. By default it istrue
. -
annotations.dedot
-
(Optional) If set to be
true
in the provider config, then.
in annotations will be replaced with_
. By default it istrue
. -
add_resource_metadata
-
(Optional) Specify labels and annotations filters for the extra metadata coming from node and namespace.
add_resource_metadata
can be done fornode
ornamespace
. By default all labels are included while annotations are not. These settings are useful when storing labels and annotations that require special handling to avoid overloading the storage output. The enrichment ofnode
ornamespace
metadata can be individually disabled by settingenabled: false
. Example:
add_resource_metadata: namespace: include_labels: ["namespacelabel1"] node: include_labels: ["nodelabel2"] include_annotations: ["nodeannotation1"]
Provider for Pod resources
editThe available keys are:
Key | Type | Description |
---|---|---|
|
|
Namespace of the Pod |
|
|
UUID of the Namespace of the Pod |
|
|
Labels of the Namespace of the Pod |
|
|
Annotations of the Namespace of the Pod |
|
|
Name of the Pod |
|
|
UUID of the Pod |
|
|
IP of the Pod |
|
|
Object of labels of the Pod |
|
|
Object of labels of the Pod |
|
|
Name of the container |
|
|
Runtime of the container |
|
|
ID of the container |
|
|
Image of the container |
|
|
Port of the container (if defined) |
|
|
Port’s name for the container (if defined) |
|
|
Name of the Node |
|
|
UID of the Node |
|
|
Hostname of the Node |
|
|
Labels of the Node |
|
|
Annotations of the Node |
|
|
Deployment name of the Pod (if exists) |
|
|
StatefulSet name of the Pod (if exists) |
|
|
ReplicaSet name of the Pod (if exists) |
These are the fields available within config templating. The kubernetes.*
fields will be available on each emitted event.
Note that not all of these fields are available by default and special configuration options
are needed in order to include them.
For example, if the Kubernetes provider provides the following inventory:
[ { "id": "1", "mapping:": {"namespace": "kube-system", "pod": {"name": "kube-controllermanger"}}, "processors": {"add_fields": {"kuberentes.namespace": "kube-system", "kubernetes.pod": {"name": "kube-controllermanger"}} { "id": "2", "mapping:": {"namespace": "kube-system", "pod": {"name": "kube-scheduler"}}, "processors": {"add_fields": {"kubernetes.namespace": "kube-system", "kubernetes.pod": {"name": "kube-scheduler"}} } ]
Elastic Agent automatically prefixes the result with kubernetes
:
[ {"kubernetes": {"id": "1", "namespace": {"name": "kube-system"}, "pod": {"name": "kube-controllermanger"}}, {"kubernetes": {"id": "2", "namespace": {"name": "kube-system"}, "pod": {"name": "kube-scheduler"}}, ]
In addition, the Kubernetes metadata are being added to each event by default.
Provider for Node resources
editproviders.kubernetes: node: ${NODE_NAME} scope: node #kube_config: /Users/elastic-agent/.kube/config #sync_period: 600s #cleanup_timeout: 60s resources: node: enabled: true
This resource is enabled by default but in this example we define it explicitly for clarity.
The available keys are:
Key | Type | Description |
---|---|---|
|
|
Object of labels of the Node |
|
|
Object of labels of the Node |
|
|
Name of the Node |
|
|
UID of the Node |
|
|
Hostname of the Node |
Provider for Service resources
editproviders.kubernetes: node: ${NODE_NAME} scope: cluster #kube_config: /Users/elastic-agent/.kube/config #sync_period: 600s #cleanup_timeout: 60s resources: service: enabled: true
Note that this resource is only available with scope: cluster
setting and node
cannot be used as scope.
The available keys are:
Key | Type | Description |
---|---|---|
|
|
Namespace of the Service |
|
|
UUID of the Namespace of the Service |
|
|
Labels of the Namespace of the Service |
|
|
Annotations of the Namespace of the Service |
|
|
Object of labels of the Service |
|
|
Object of labels of the Service |
|
|
Name of the Service |
|
|
UID of the Service |
|
|
Kubernetes selectors |
Refer to kubernetes autodiscovery with Elastic Agent for more information about shaping dynamic inputs for autodiscovery.