feat: support logs-agent resources configuration

README.md

@@ -146,6 +146,7 @@ You need the following permissions to run this module.
 | <a name="input_logs_agent_log_source_namespaces"></a> [logs\_agent\_log\_source\_namespaces](#input\_logs\_agent\_log\_source\_namespaces) | The list of namespaces from which logs should be forwarded by agent. If namespaces are not listed, logs from all namespaces will be sent. | `list(string)` | `[]` | no |
 | <a name="input_logs_agent_name"></a> [logs\_agent\_name](#input\_logs\_agent\_name) | The name of the Logs agent. The name is used in all Kubernetes and Helm resources in the cluster. | `string` | `"logs-agent"` | no |
 | <a name="input_logs_agent_namespace"></a> [logs\_agent\_namespace](#input\_logs\_agent\_namespace) | The namespace where the Logs agent is deployed. The default value is `ibm-observe`. | `string` | `"ibm-observe"` | no |
+| <a name="input_logs_agent_resources"></a> [logs\_agent\_resources](#input\_logs\_agent\_resources) | The resources configuration for cpu/memory/storage. [Learn More](https://cloud.ibm.com/docs/cloud-logs?topic=cloud-logs-agent-helm-template-clusters#agent-helm-template-clusters-chart-options-resources) | <pre>object({<br/>    limits = object({<br/>      cpu               = string<br/>      memory            = string<br/>      ephemeral_storage = string<br/>    })<br/>    requests = object({<br/>      cpu               = string<br/>      memory            = string<br/>      ephemeral_storage = string<br/>    })<br/>  })</pre> | <pre>{<br/>  "limits": {<br/>    "cpu": "500m",<br/>    "ephemeral_storage": "10Gi",<br/>    "memory": "3Gi"<br/>  },<br/>  "requests": {<br/>    "cpu": "100m",<br/>    "ephemeral_storage": "2Gi",<br/>    "memory": "1Gi"<br/>  }<br/>}</pre> | no |
 | <a name="input_logs_agent_selected_log_source_paths"></a> [logs\_agent\_selected\_log\_source\_paths](#input\_logs\_agent\_selected\_log\_source\_paths) | The list of specific log sources paths. Logs will only be collected from the specified log source paths. If no paths are specified, it will send logs from `/var/log/containers`. | `list(string)` | `[]` | no |
 | <a name="input_logs_agent_tolerations"></a> [logs\_agent\_tolerations](#input\_logs\_agent\_tolerations) | List of tolerations to apply to Logs agent. The default value means a pod will run on every node. | <pre>list(object({<br/>    key               = optional(string)<br/>    operator          = optional(string)<br/>    value             = optional(string)<br/>    effect            = optional(string)<br/>    tolerationSeconds = optional(number)<br/>  }))</pre> | <pre>[<br/>  {<br/>    "operator": "Exists"<br/>  }<br/>]</pre> | no |
 | <a name="input_logs_agent_trusted_profile"></a> [logs\_agent\_trusted\_profile](#input\_logs\_agent\_trusted\_profile) | The IBM Cloud trusted profile ID. Used only when `logs_agent_iam_mode` is set to `TrustedProfile`. The trusted profile must have an IBM Cloud Logs `Sender` role. | `string` | `null` | no |

examples/obs-agent-ocp/main.tf

@@ -192,6 +192,18 @@ module "observability_agents" {
   }]
   # example of how to add additional log source path
   logs_agent_additional_log_source_paths = ["/logs/*.log"]
+  logs_agent_resources = {
+    limits = {
+      cpu               = "500m"
+      ephemeral_storage = "10Gi"
+      memory            = "3Gi"
+    }
+    requests = {
+      cpu               = "100m"
+      ephemeral_storage = "2Gi"
+      memory            = "1Gi"
+    }
+  }
   # Monitoring agent
   cloud_monitoring_access_key = module.observability_instances.cloud_monitoring_access_key
   # example of how to include / exclude metrics - more info https://cloud.ibm.com/docs/monitoring?topic=monitoring-change_kube_agent#change_kube_agent_log_metrics

main.tf

@@ -145,6 +145,7 @@ module "logs_agent" {
   logs_agent_iam_environment             = var.logs_agent_iam_environment
   logs_agent_additional_metadata         = var.logs_agent_additional_metadata
   logs_agent_enable_scc                  = var.logs_agent_enable_scc
+  logs_agent_resources                   = var.logs_agent_resources
   cloud_logs_ingress_endpoint            = var.cloud_logs_ingress_endpoint
   cloud_logs_ingress_port                = var.cloud_logs_ingress_port
   is_vpc_cluster                         = var.is_vpc_cluster

modules/logs-agent/README.md

@@ -96,6 +96,7 @@ No modules.
 | <a name="input_logs_agent_log_source_namespaces"></a> [logs\_agent\_log\_source\_namespaces](#input\_logs\_agent\_log\_source\_namespaces) | The list of namespaces from which logs should be forwarded by agent. If namespaces are not listed, logs from all namespaces will be sent. | `list(string)` | `[]` | no |
 | <a name="input_logs_agent_name"></a> [logs\_agent\_name](#input\_logs\_agent\_name) | The name of the Logs agent. The name is used in all Kubernetes and Helm resources in the cluster. | `string` | `"logs-agent"` | no |
 | <a name="input_logs_agent_namespace"></a> [logs\_agent\_namespace](#input\_logs\_agent\_namespace) | The namespace where the Logs agent is deployed. The default value is `ibm-observe`. | `string` | `"ibm-observe"` | no |
+| <a name="input_logs_agent_resources"></a> [logs\_agent\_resources](#input\_logs\_agent\_resources) | The resources configuration for cpu/memory/storage. [Learn More](https://cloud.ibm.com/docs/cloud-logs?topic=cloud-logs-agent-helm-template-clusters#agent-helm-template-clusters-chart-options-resources) | <pre>object({<br/>    limits = object({<br/>      cpu               = string<br/>      memory            = string<br/>      ephemeral_storage = string<br/>    })<br/>    requests = object({<br/>      cpu               = string<br/>      memory            = string<br/>      ephemeral_storage = string<br/>    })<br/>  })</pre> | <pre>{<br/>  "limits": {<br/>    "cpu": "500m",<br/>    "ephemeral_storage": "10Gi",<br/>    "memory": "3Gi"<br/>  },<br/>  "requests": {<br/>    "cpu": "100m",<br/>    "ephemeral_storage": "2Gi",<br/>    "memory": "1Gi"<br/>  }<br/>}</pre> | no |
 | <a name="input_logs_agent_selected_log_source_paths"></a> [logs\_agent\_selected\_log\_source\_paths](#input\_logs\_agent\_selected\_log\_source\_paths) | The list of specific log sources paths. Logs will only be collected from the specified log source paths. If no paths are specified, it will send logs from `/var/log/containers`. | `list(string)` | `[]` | no |
 | <a name="input_logs_agent_tolerations"></a> [logs\_agent\_tolerations](#input\_logs\_agent\_tolerations) | List of tolerations to apply to Logs agent. The default value means a pod will run on every node. | <pre>list(object({<br/>    key               = optional(string)<br/>    operator          = optional(string)<br/>    value             = optional(string)<br/>    effect            = optional(string)<br/>    tolerationSeconds = optional(number)<br/>  }))</pre> | <pre>[<br/>  {<br/>    "operator": "Exists"<br/>  }<br/>]</pre> | no |
 | <a name="input_logs_agent_trusted_profile"></a> [logs\_agent\_trusted\_profile](#input\_logs\_agent\_trusted\_profile) | The IBM Cloud trusted profile ID. Used only when `logs_agent_iam_mode` is set to `TrustedProfile`. The trusted profile must have an IBM Cloud Logs `Sender` role. | `string` | `null` | no |

modules/logs-agent/main.tf

@@ -112,10 +112,16 @@ resource "helm_release" "logs_agent" {
     value = var.logs_agent_enable_scc
   }
 
+  # set {
+  #   name  = "resources"
+  #   value = jsonencode(var.logs_agent_resources)
+  # }
+
   # dummy value hack to force update https://github.com/hashicorp/terraform-provider-helm/issues/515#issuecomment-813088122
   values = [
     yamlencode({
       tolerations        = var.logs_agent_tolerations
+      resources          = var.logs_agent_resources
       additionalMetadata = local.logs_agent_additional_metadata
       dummy              = uuid()
     })

modules/logs-agent/variables.tf

@@ -154,6 +154,34 @@ variable "logs_agent_additional_metadata" {
   default = []
 }
 
+variable "logs_agent_resources" {
+  description = "The resources configuration for cpu/memory/storage. [Learn More](https://cloud.ibm.com/docs/cloud-logs?topic=cloud-logs-agent-helm-template-clusters#agent-helm-template-clusters-chart-options-resources)"
+  type = object({
+    limits = object({
+      cpu               = string
+      memory            = string
+      ephemeral_storage = string
+    })
+    requests = object({
+      cpu               = string
+      memory            = string
+      ephemeral_storage = string
+    })
+  })
+  default = {
+    limits = {
+      cpu               = "500m"
+      ephemeral_storage = "10Gi"
+      memory            = "3Gi"
+    }
+    requests = {
+      cpu               = "100m"
+      ephemeral_storage = "2Gi"
+      memory            = "1Gi"
+    }
+  }
+}
+
 variable "logs_agent_enable_scc" {
   description = "Whether to enable creation of Security Context Constraints in Openshift. When installing on an OpenShift cluster, this setting is mandatory to configure permissions for pods within your cluster."
   type        = bool

variables.tf

@@ -268,6 +268,34 @@ variable "logs_agent_additional_metadata" {
   default = []
 }
 
+variable "logs_agent_resources" {
+  description = "The resources configuration for cpu/memory/storage. [Learn More](https://cloud.ibm.com/docs/cloud-logs?topic=cloud-logs-agent-helm-template-clusters#agent-helm-template-clusters-chart-options-resources)"
+  type = object({
+    limits = object({
+      cpu               = string
+      memory            = string
+      ephemeral_storage = string
+    })
+    requests = object({
+      cpu               = string
+      memory            = string
+      ephemeral_storage = string
+    })
+  })
+  default = {
+    limits = {
+      cpu               = "500m"
+      ephemeral_storage = "10Gi"
+      memory            = "3Gi"
+    }
+    requests = {
+      cpu               = "100m"
+      ephemeral_storage = "2Gi"
+      memory            = "1Gi"
+    }
+  }
+}
+
 variable "logs_agent_enable_scc" {
   description = "Whether to enable creation of Security Context Constraints in Openshift. When installing on an OpenShift cluster, this setting is mandatory to configure permissions for pods within your cluster."
   type        = bool