Skip to content

Commit

Permalink
feat: ELK with azurerm v3 completed (#76)
Browse files Browse the repository at this point in the history
  • Loading branch information
@diegolagospagopa
diegolagospagopa authored Aug 10, 2023
1 parent 95de8cf commit 3fce87e
Show file tree
Hide file tree
Showing 39 changed files with 36 additions and 2,535 deletions.
2 changes: 1 addition & 1 deletion src/core/05_postgres_sql.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -102,7 +102,7 @@ module "postgres_snet" {
}

module "postgres" {
count = var.is_resource_core_enabled.postgresql_server ? 1 : 0
count = var.is_resource_core_enabled.postgresql_server ? 1 : 0
source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//postgresql_server?ref=v4.1.0"

name = "${local.project}-postgres"
Expand Down
1 change: 1 addition & 0 deletions src/core/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -107,6 +107,7 @@ az network dns zone show \
| <a name="input_env"></a> [env](#input\_env) | n/a | `string` | n/a | yes |
| <a name="input_env_short"></a> [env\_short](#input\_env\_short) | n/a | `string` | n/a | yes |
| <a name="input_external_domain"></a> [external\_domain](#input\_external\_domain) | Domain for delegation | `string` | `null` | no |
| <a name="input_is_resource_core_enabled"></a> [is\_resource\_core\_enabled](#input\_is\_resource\_core\_enabled) | Feature flags | <pre>object({<br> postgresql_server = bool,<br> })</pre> | n/a | yes |
| <a name="input_key_vault_name"></a> [key\_vault\_name](#input\_key\_vault\_name) | Key Vault name | `string` | `""` | no |
| <a name="input_key_vault_rg_name"></a> [key\_vault\_rg\_name](#input\_key\_vault\_rg\_name) | Key Vault - rg name | `string` | `""` | no |
| <a name="input_lab_dns_zone_prefix"></a> [lab\_dns\_zone\_prefix](#input\_lab\_dns\_zone\_prefix) | The dns subdomain. | `string` | `null` | no |
Expand Down
2 changes: 1 addition & 1 deletion src/coreplus/07_eventhub.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ module "eventhub_snet" {


module "event_hub" {
count = var.is_resource_coreplus_enabled.eventhub ? 1 : 0
count = var.is_resource_coreplus_enabled.eventhub ? 1 : 0
source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//eventhub?ref=v6.3.1"
name = "${local.project}-evh-ns"
location = var.location
Expand Down
1 change: 1 addition & 0 deletions src/coreplus/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -155,6 +155,7 @@
| <a name="input_function_python_diego_enabled"></a> [function\_python\_diego\_enabled](#input\_function\_python\_diego\_enabled) | Is function python enabled. | `bool` | `false` | no |
| <a name="input_is_cosmosdb_core_enabled"></a> [is\_cosmosdb\_core\_enabled](#input\_is\_cosmosdb\_core\_enabled) | n/a | `bool` | n/a | yes |
| <a name="input_is_cosmosdb_mongo_enabled"></a> [is\_cosmosdb\_mongo\_enabled](#input\_is\_cosmosdb\_mongo\_enabled) | CosmosDB | `bool` | n/a | yes |
| <a name="input_is_resource_coreplus_enabled"></a> [is\_resource\_coreplus\_enabled](#input\_is\_resource\_coreplus\_enabled) | Feature flags | <pre>object({<br> eventhub = bool,<br> })</pre> | n/a | yes |
| <a name="input_is_web_app_service_docker_enabled"></a> [is\_web\_app\_service\_docker\_enabled](#input\_is\_web\_app\_service\_docker\_enabled) | Enable or disable this resources | `bool` | n/a | yes |
| <a name="input_key_vault_name"></a> [key\_vault\_name](#input\_key\_vault\_name) | Key Vault name | `string` | `""` | no |
| <a name="input_key_vault_rg_name"></a> [key\_vault\_rg\_name](#input\_key\_vault\_rg\_name) | Key Vault - rg name | `string` | `""` | no |
Expand Down
6 changes: 0 additions & 6 deletions src/elk-monitoring/02_aks.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,10 +49,4 @@ resource "azurerm_kubernetes_cluster_node_pool" "elastic" {

tags = merge(var.tags, var.elastic_node_pool.node_tags)

#lifecycle {
# ignore_changes = [
# node_count
# ]
#}

}
5 changes: 3 additions & 2 deletions src/elk-monitoring/02_namespace.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@ data "kubernetes_namespace" "namespace" {
module "pod_identity" {
source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//kubernetes_pod_identity?ref=v6.20.2"


resource_group_name = local.aks_resource_group_name
location = var.location
tenant_id = data.azurerm_subscription.current.tenant_id
Expand All @@ -17,7 +16,9 @@ module "pod_identity" {
namespace = data.kubernetes_namespace.namespace.metadata[0].name
key_vault_id = module.key_vault.id

secret_permissions = ["Get"]
secret_permissions = ["Get"]
certificate_permissions = ["Get"]

}

resource "helm_release" "reloader" {
Expand Down
0 ...elk-monitoring/06_aks_middleware_tools.tf → ...elk-monitoring/04_aks_middleware_tools.tf
View file
File renamed without changes.
13 changes: 12 additions & 1 deletion src/elk-monitoring/05_elastic_stack.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,6 @@ module "elastic_stack" {
namespace = local.elk_namespace
nodeset_config = var.nodeset_config

# dedicated_log_instance_name = ["nodo", "nodoreplica", "nodocron", "nodocronreplica", "pagopawebbo", "pagopawfespwfesp", "pagopafdr", "pagopafdrnodo"]
dedicated_log_instance_name = []

eck_license = file("${path.module}/env/eck_license/pagopa-spa-4a1285e5-9c2c-4f9f-948a-9600095edc2f-orchestration.json")
Expand All @@ -69,6 +68,8 @@ module "elastic_stack" {

depends_on = [
azurerm_kubernetes_cluster_node_pool.elastic,
module.nginx_ingress,
module.pod_identity,
kubernetes_secret.snapshot_secret
]
}
Expand All @@ -84,6 +85,16 @@ data "kubernetes_secret" "get_elastic_credential" {
}
}

resource "azurerm_key_vault_secret" "elastic_user_password" {
depends_on = [data.kubernetes_secret.get_elastic_credential]

name = "elastic-user-password"
value = data.kubernetes_secret.get_elastic_credential.data.elastic
content_type = "text/plain"

key_vault_id = module.key_vault.id
}

# orignal
# locals {
# kibana_url = var.env_short == "p" ? "https://elastic:${data.kubernetes_secret.get_elastic_credential.data.elastic}@kibana.platform.pagopa.it/kibana" : "https://elastic:${data.kubernetes_secret.get_elastic_credential.data.elastic}@kibana.${var.env}.platform.pagopa.it/kibana"
Expand Down
44 changes: 0 additions & 44 deletions src/elk-monitoring/05_kibana_dashboard_ndp.tf
View file

This file was deleted.

23 changes: 0 additions & 23 deletions src/elk-monitoring/05_kibana_dashboard_pagopafdr.tf
View file

This file was deleted.

Loading

0 comments on commit 3fce87e

Please sign in to comment.