Skip to content

Refactor: Use tpl conditionals for fluent-bit region-specific config#271

Open
treyrichbourg wants to merge 1 commit intoaws-observability:mainfrom
treyrichbourg:main
Open

Refactor: Use tpl conditionals for fluent-bit region-specific config#271
treyrichbourg wants to merge 1 commit intoaws-observability:mainfrom
treyrichbourg:main

Conversation

@treyrichbourg
Copy link

@treyrichbourg treyrichbourg commented Feb 4, 2026
edited
Loading

Issue #, if available:
N/A (follow-up to #257)

Description of changes:
This change aims to simplify isolated region configuration using single extraFiles with tpl functions provided by Helm.

Currently, the chart maintains separate configuration for adcRegionExtraFiles resulting in:

  • Duplication
  • Confusing user experience (User defined extraFiles will be overridden in isolated regions by the template which can be painful to debug)
  • Difficult maintenance when there are configuration changes
  • Risk of configuration drift between regions

This change uses Helm's tpl function with inline conditionals in values.yaml to dynamically render the correct default fluent-bit configuration for all regions from a single source. Currently values set to On or true I simply set to Off or false for isolated regions but conditional can easily be used to simply remove this inline during rendering if needed. I think this is also a good chance to evaluate the parity in these configurations and if they can simply be enabled for these regions.

Configuration differences were identified via diff between commercial and isolated region configs:

comet@pop-os:~/Projects/observability% diff commercial.txt adc.txt 
39,45d38
<             Name                aws
<             Match               application.*
<             az                  false
<             ec2_instance_id     false
<             Enable_Entity       true
< 
<           [FILTER]
59d51
<             Use_Pod_Association On
67a60
>             endpoint            logs.${AWS_REGION}.${ADC_REGION_ENDPOINT}
69d61
<             add_entity          true
113a106
>             endpoint            logs.${AWS_REGION}.${ADC_REGION_ENDPOINT}
171a165
>             endpoint            logs.${AWS_REGION}.${ADC_REGION_ENDPOINT}

This change has a lot of benefits including:

  • Single configuration source eliminates configuration drift between regions
  • Consistent user experience when using advanced configuration (extraFiles) where intent is preserved for all regions
  • Self-documenting configuration using inline conditionals

Testing

wtr@dev:/local/home/wtr/Projects/helm-charts% helm lint charts/amazon-cloudwatch-observability --set region='us-east-1' --set clusterName="test"
==> Linting charts/amazon-cloudwatch-observability
[INFO] Chart.yaml: icon is recommended

1 chart(s) linted, 0 chart(s) failed
wtr@dev:/local/home/wtr/Projects/helm-charts% helm lint charts/amazon-cloudwatch-observability --set region='us-isob-east-1' --set clusterName="test"
==> Linting charts/amazon-cloudwatch-observability
[INFO] Chart.yaml: icon is recommended

1 chart(s) linted, 0 chart(s) failed

comet@pop-os:~/Projects/helm-charts% helm template test charts/amazon-cloudwatch-observability -f charts/amazon-cloudwatch-observability/values.yaml --set region=us-east-1 --set clusterName='testCluster' > rendered.yaml
comet@pop-os:~/Projects/helm-charts% helm template test charts/amazon-cloudwatch-observability -f charts/amazon-cloudwatch-observability/values.yaml --set region=us-isob-east-1 --set clusterName='testCluster' > renderedIso.yaml
comet@pop-os:~/Projects/helm-charts% diff rendered.yaml renderedIso.yaml 
---
---
omit for brevity
---
---
<     [FILTER]
<       Name                aws
<       Match               application.*
<       az                  false
<       ec2_instance_id     false
<       Enable_Entity       true
205,206c199
<       Use_Pod_Association On
<     
---
>       
215,216c208,209
<       add_entity          true
<     
---
>       endpoint            logs.${AWS_REGION}.sc2s.sgov.gov
>       
261a255
>       endpoint            logs.${AWS_REGION}.sc2s.sgov.gov
320a315
>       endpoint            logs.${AWS_REGION}.sc2s.sgov.gov
764c759
<         checksum/config: 3dc2029a374dd405bfc5878e0f77ee3eb00a016001cd384ac7c90d6d7a1e4a8d
---
>         checksum/config: 24ed911cefb206caeabd8a17f238ec4f70087470e628477aa4d40d31e8efe572
776c771
<           value: us-east-1
---
>           value: us-isob-east-1
793a789,790
>         - name: ADC_REGION_ENDPOINT
>           value: "sc2s.sgov.gov"
916c913
<           value: us-east-1
---
>           value: us-isob-east-1

This chart was also successfully deployed in us-west-2 and us-isob-east-1.
Validated addon activated, configmap was accurate, and logs emitting as expected. Screenshots from us-west-2 below.

image cwa2_pdx

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

@treyrichbourg treyrichbourg changed the title Refactor fluent-bit-configmap extraFiles template in isolated regions Refactor: Use marker-based templating for fluent-bit configs Feb 4, 2026
@treyrichbourg treyrichbourg force-pushed the main branch 2 times, most recently from 564a98b to 7df3ad3 Compare February 4, 2026 20:11
@treyrichbourg treyrichbourg changed the title Refactor: Use marker-based templating for fluent-bit configs Refactor: Use tpl conditionals for fluent-bit region-specific config Feb 4, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@treyrichbourg