|
1 | 1 | # Graylog Helm |
2 | | -A helm chart for Graylog |
| 2 | +Official helm chart for Graylog. |
3 | 3 |
|
4 | | -## TLDR |
5 | | -Install |
6 | | -```bash |
7 | | -helm upgrade --install my-graylog graylog -f graylog/values-my-graylog.yaml |
| 4 | +## Not For External Use |
| 5 | +This chart is still in development. We should not distribute this chart or any part of this repository externally until we've cleaned up the git history and recieved approval for external distribution. |
| 6 | +This chart is still under development and does not have locked in api contracts yet. |
| 7 | + |
| 8 | +## Requirements |
| 9 | +- Kubernetes v1.32 |
| 10 | + |
| 11 | +<!-- |
| 12 | +### Install |
| 13 | +```sh |
| 14 | +helm install graylog graylog/graylog -n graylog --create-namespace |
8 | 15 | ``` |
9 | | -Uninstall |
10 | | -```bash |
11 | | -helm uninstall graylog |
| 16 | +
|
| 17 | +### Upgrades |
| 18 | +```sh |
| 19 | +helm upgrade graylog graylog/graylog -n graylog --reuse-values |
| 20 | +``` |
| 21 | +--> |
| 22 | + |
| 23 | +## Installation |
| 24 | + |
| 25 | +### Clone this repo |
| 26 | +```sh |
| 27 | +# clone repo |
| 28 | +git clone [email protected]:Graylog2/graylog-helm.git |
| 29 | + |
| 30 | +# cd into the newly created graylog-helm directory |
| 31 | +cd graylog-helm |
| 32 | +``` |
| 33 | + |
| 34 | +### Install local chart |
| 35 | +```sh |
| 36 | +helm install graylog ./graylog --namespace graylog --create-namespace |
| 37 | +``` |
| 38 | + |
| 39 | +### Change your password |
| 40 | +```sh |
| 41 | +read -sp "Enter your new password and press return: " pass |
| 42 | +helm upgrade graylog ./graylog --namespace graylog --set "graylog.config.rootPassword=$pass" --reuse-values |
12 | 43 | ``` |
13 | 44 |
|
14 | | -## Development |
15 | | -### Mongo |
16 | | -All files in mongo are currently for development purposes only. Use with caution! |
| 45 | +🏁 That's it! |
| 46 | + |
| 47 | +## Usage |
| 48 | + |
| 49 | +### Scale Graylog |
| 50 | +```sh |
| 51 | +# scaling out: add more Graylog nodes to your cluster |
| 52 | +helm upgrade graylog ./graylog -n graylog --set graylog.replicas=3 --reuse-values |
| 53 | + |
| 54 | +# scaling in: remove Graylog nodes from your cluster |
| 55 | +helm upgrade graylog ./graylog -n graylog --set graylog.replicas=1 --reuse-values |
| 56 | +``` |
| 57 | + |
| 58 | +### Scale Datanode |
| 59 | +```sh |
| 60 | +# scaling out: add more Graylog Datanodes to your cluster |
| 61 | +helm upgrade graylog ./graylog -n graylog --set datanode.replicas=5 --reuse-values |
| 62 | +``` |
| 63 | + |
| 64 | +### Scale MongoDB |
| 65 | +```sh |
| 66 | +# scaling out: add more MongoDB nodes to your replicaset |
| 67 | +helm upgrade graylog ./graylog -n graylog --set mongodb.replicaCount=4 --reuse-values |
| 68 | +``` |
| 69 | + |
| 70 | +### Modify Graylog `server.conf` parameters |
| 71 | + |
| 72 | +```sh |
| 73 | +# A few examples: |
| 74 | + |
| 75 | +# change server tz |
| 76 | +helm upgrade graylog ./graylog -n graylog --set graylog.config.timezone="America/Denver" --reuse-values |
| 77 | + |
| 78 | +# set JVM options |
| 79 | +helm upgrade graylog ./graylog -n graylog --set graylog.config.serverJavaOpts="-Xms2g -Xmx1g" --reuse-values |
| 80 | + |
| 81 | +# redefine message journal maxAge |
| 82 | +helm upgrade graylog ./graylog -n graylog --set graylog.config.messageJournal.maxAge="24h" --reuse-values |
| 83 | + |
| 84 | +# enable CORS headers for HTTP interface |
| 85 | +helm upgrade graylog ./graylog -n graylog --set graylog.config.network.enableCors=true --reuse-values |
| 86 | + |
| 87 | +# enable email transport and set sender address |
| 88 | +helm upgrade graylog ./graylog -n graylog --set graylog.config.email.enabled=true --set graylog.config.email.senderAddress= "[email protected]" --reuse-values |
| 89 | +``` |
| 90 | + |
| 91 | +### Customize deployed Kubernetes resources |
| 92 | +```sh |
| 93 | +# A few examples: |
| 94 | + |
| 95 | +# expose the Graylog application with a LoadBalancer service |
| 96 | +helm upgrade graylog ./graylog -n graylog --set graylog.custom.service.type="LoadBalancer" --reuse-values |
17 | 97 |
|
| 98 | +# modify readiness probe initial delay |
| 99 | +helm upgrade graylog ./graylog -n graylog --set graylog.custom.readinessProbe.initialDelaySeconds=5 --reuse-values |
18 | 100 |
|
19 | | -## Debugging |
20 | | -Get a yaml output of the values being submitted. |
| 101 | +# use a custom Storage Class for all resources (e.g. for AWS EKS) |
| 102 | +helm upgrade graylog ./graylog -n graylog --set global.defaultStorageClass="gp2" --reuse-values |
| 103 | +``` |
| 104 | + |
| 105 | +### Add inputs |
| 106 | + |
| 107 | +First, define your inputs in a small YAML file like this one: |
| 108 | + |
| 109 | +```yaml |
| 110 | +graylog: |
| 111 | + inputs: |
| 112 | + - name: my-gelf-input |
| 113 | + port: 12201 |
| 114 | + targetPort: 12201 |
| 115 | + protocol: TCP |
| 116 | + - name: http1 |
| 117 | + port: 8080 |
| 118 | + targetPort: 8080 |
| 119 | + protocol: TCP |
| 120 | +``` |
| 121 | +
|
| 122 | +Then, save it as `inputs.yaml` |
| 123 | + |
| 124 | +Finally, upgrade your installation like so: |
| 125 | +```sh |
| 126 | +helm upgrade graylog ./graylog -n graylog -f inputs.yaml --reuse-values |
| 127 | +``` |
| 128 | + |
| 129 | +The inputs should now be exposed. Make sure to complete their configuration through the Graylog UI. |
| 130 | + |
| 131 | +### Uninstall |
| 132 | +```sh |
| 133 | +# optional: scale Graylog down to zero |
| 134 | +kubectl scale sts graylog -n graylog --replicas 0 && kubectl wait --for=delete pod graylog-0 -n graylog |
| 135 | +l |
| 136 | +# remove chart |
| 137 | +helm uninstall graylog -n graylog |
| 138 | +``` |
| 139 | + |
| 140 | +#### Removing Everything |
| 141 | +```sh |
| 142 | +# CAUTION: this will delete ALL your data! |
| 143 | +kubectl delete $(kubectl get pvc -o name -n graylog; kubectl get secret -o name -n graylog) -n graylog |
| 144 | +``` |
| 145 | + |
| 146 | +### Debugging |
| 147 | +Get a YAML output of the values being submitted. |
21 | 148 | ```bash |
22 | 149 | helm template graylog graylog -f graylog/values-glc.yaml | yq |
23 | 150 | ``` |
| 151 | + |
| 152 | +### Logging |
| 153 | +``` |
| 154 | +# Graylog app logs |
| 155 | +stern statefulset/graylog-app -n graylog-helm-dev-1 |
| 156 | +# Datanode logs |
| 157 | +stern statefulset/graylog-datanode -n graylog-helm-dev-1 |
| 158 | +``` |
| 159 | +
|
| 160 | +--- |
| 161 | +
|
| 162 | +## Graylog Helm Chart Values Reference |
| 163 | +| Key Path | Description | Default | |
| 164 | +| ------------------ |-------------------------------------------------------| --------- | |
| 165 | +| `nameOverride` | Override the `app.kubernetes.io/name` label value. | `""` | |
| 166 | +| `fullnameOverride` | Override the fully qualified name of the application. | `""` | |
| 167 | +
|
| 168 | +### Global |
| 169 | +These values affect Graylog, Datanode, and MongoDB |
| 170 | +
|
| 171 | +| Key Path | Description | Default | |
| 172 | +|------------------------------| ------------------------------------------- |---------| |
| 173 | +| `global.existingSecretName` | Reference to an existing Kubernetes secret. | `""` | |
| 174 | +| `global.imagePullSecrets` | Image pull secrets for private registries. | `[]` | |
| 175 | +| `global.defaultStorageClass` | Default storage class for PVCs. | `""` | |
| 176 | +
|
| 177 | +
|
| 178 | +### Graylog application |
| 179 | +| Key Path | Description | Default | |
| 180 | +|-------------------------------------------------------|-------------------------------------------------|-------------------| |
| 181 | +| `graylog.enabled` | Enable the Graylog server. | `true` | |
| 182 | +| `graylog.enterprise` | Enable enterprise features. | `true` | |
| 183 | +| `graylog.replicas` | Number of Graylog server replicas. | `2` | |
| 184 | +| `graylog.inputs` | List of input configurations. | See below | |
| 185 | +| `graylog.inputs[0].name` | Name of input for GELF messages. | `input-gelf` | |
| 186 | +| `graylog.inputs[0].port` | Port exposed for input. | `12201` | |
| 187 | +| `graylog.inputs[0].targetPort` | Target container port. | `12201` | |
| 188 | +| `graylog.inputs[0].protocol` | Protocol used for input. | `TCP` | |
| 189 | +| `graylog.inputs[0].ingress` | Enable ingress for this input. | `true` | |
| 190 | +| `graylog.config.rootUsername` | Root admin username. | `"admin"` | |
| 191 | +| `graylog.config.rootPassword` | Root admin password. | `""` | |
| 192 | +| `graylog.config.timezone` | Timezone for the Graylog server. | `"UTC"` | |
| 193 | +| `graylog.config.selfSignedStartup` | Use self-signed certs on startup. | `"true"` | |
| 194 | +| `graylog.config.serverJavaOpts` | Java options for server. | `"-Xms1g -Xmx1g"` | |
| 195 | +| `graylog.custom.podAnnotations` | Additional pod annotations. | `{}` | |
| 196 | +| `graylog.custom.nodeSelector` | Node selector for scheduling. | `{}` | |
| 197 | +| `graylog.custom.inputs.enabled` | Enable Graylog inputs. | `true` | |
| 198 | +| `graylog.custom.metrics.enabled` | Enable metrics collection. | `true` | |
| 199 | +| `graylog.custom.image.repository` | Image repository for Graylog. | `""` | |
| 200 | +| `graylog.custom.image.tag` | Image tag for Graylog. | `""` | |
| 201 | +| `graylog.custom.image.imagePullPolicy` | Pull policy for Graylog image. | `IfNotPresent` | |
| 202 | +| `graylog.custom.image.imagePullSecrets` | Pull secrets for image. | `[]` | |
| 203 | +| `graylog.updateStrategy.type` | Pod update strategy for StatefulSet. | `"RollingUpdate"` | |
| 204 | +| `graylog.updateStrategy.rollingUpdate.maxUnavailable` | Max unavailable pods during an update. | `1` | |
| 205 | +| `graylog.updateStrategy.rollingUpdate.partition` | Pods that will remain unaffected by the update. | `""` | |
| 206 | +| `graylog.custom.service.nameOverride` | Override for service name. | `""` | |
| 207 | +| `graylog.custom.service.type` | Kubernetes service type. | `ClusterIP` | |
| 208 | +| `graylog.custom.service.ports.app` | Graylog web UI port. | `9000` | |
| 209 | +| `graylog.custom.service.ports.metrics` | Metrics endpoint port. | `9833` | |
| 210 | +| `graylog.custom.service.ports.inputGelfHttp` | GELF HTTP input port. | `12201` | |
| 211 | +
|
| 212 | +
|
| 213 | +### Datanode |
| 214 | +| Key Path | Description | Default | |
| 215 | +|--------------------------------------------------------|-------------------------------------------------|-------------------| |
| 216 | +| `datanode.enabled` | Enable Graylog datanode. | `true` | |
| 217 | +| `datanode.replicas` | Number of datanode replicas. | `3` | |
| 218 | +| `datanode.config.nodeIdFile` | Path to datanode ID file. | `""` | |
| 219 | +| `datanode.config.opensearchHeap` | OpenSearch heap size. | `"2g"` | |
| 220 | +| `datanode.config.javaOpts` | Java options for datanode. | `"-Xms1g -Xmx1g"` | |
| 221 | +| `datanode.config.skipPreflightChecks` | Skip startup checks. | `"false"` | |
| 222 | +| `datanode.config.nodeSearchCacheSize` | Size of search cache. | `"10gb"` | |
| 223 | +| `datanode.custom.podAnnotations` | Additional pod annotations. | `{}` | |
| 224 | +| `datanode.custom.nodeSelector` | Node selector for datanode. | `{}` | |
| 225 | +| `datanode.custom.image.repository` | Datanode image repository. | `""` | |
| 226 | +| `datanode.custom.image.tag` | Datanode image tag. | `""` | |
| 227 | +| `datanode.custom.image.imagePullPolicy` | Image pull policy. | `IfNotPresent` | |
| 228 | +| `datanode.custom.image.imagePullSecrets` | Image pull secrets. | `[]` | |
| 229 | +| `datanode.updateStrategy.type` | Pod update strategy for StatefulSet. | `"RollingUpdate"` | |
| 230 | +| `datanode.updateStrategy.rollingUpdate.maxUnavailable` | Max unavailable pods during an update. | `1` | |
| 231 | +| `datanode.updateStrategy.rollingUpdate.partition` | Pods that will remain unaffected by the update. | `""` | |
| 232 | +| `datanode.custom.service.ports.api` | API communication port. | `8999` | |
| 233 | +| `datanode.custom.service.ports.data` | Data communication port. | `9200` | |
| 234 | +| `datanode.custom.service.ports.config` | Configuration communication port. | `9300` | |
| 235 | +
|
| 236 | +
|
| 237 | +### Service Account |
| 238 | +| Key Path | Description | Default | |
| 239 | +| ----------------------------- | --------------------------------- | ------- | |
| 240 | +| `serviceAccount.create` | Create a new service account. | `true` | |
| 241 | +| `serviceAccount.automount` | Automount service account token. | `true` | |
| 242 | +| `serviceAccount.annotations` | Annotations for service account. | `{}` | |
| 243 | +| `serviceAccount.nameOverride` | Override name of service account. | `""` | |
| 244 | +
|
| 245 | +
|
| 246 | +### Ingress |
| 247 | +| Key Path | Description | Default | |
| 248 | +| ------------------------------------ | --------------------------------- | ------------------------ | |
| 249 | +| `ingress.enabled` | Enable ingress for Graylog. | `false` | |
| 250 | +| `ingress.className` | Ingress class name. | `""` | |
| 251 | +| `ingress.annotations` | Annotations for ingress resource. | `{}` | |
| 252 | +| `ingress.hosts[0].host` | Hostname for ingress. | `chart-example.local` | |
| 253 | +| `ingress.hosts[0].paths[0].path` | Path for routing. | `/` | |
| 254 | +| `ingress.hosts[0].paths[0].pathType` | Path matching type. | `ImplementationSpecific` | |
| 255 | +| `ingress.tls` | TLS configuration. | `[]` | |
| 256 | +
|
0 commit comments