From 7b5d4cbc511876c723af4aebf1ac06d508e33169 Mon Sep 17 00:00:00 2001 From: Fraser Davidson Date: Tue, 9 Jan 2024 13:24:36 +0000 Subject: [PATCH 1/2] Update Diagnostic Setting defaults for Kubernetes Cluster --- modules/kubernetes-cluster/CHANGELOG.md | 3 ++ modules/kubernetes-cluster/VERSION | 2 +- modules/kubernetes-cluster/src/main.tf | 36 ++++++--------------- modules/kubernetes-cluster/src/variables.tf | 15 +++++++++ 4 files changed, 29 insertions(+), 27 deletions(-) diff --git a/modules/kubernetes-cluster/CHANGELOG.md b/modules/kubernetes-cluster/CHANGELOG.md index 4f9064a..a68a1cd 100644 --- a/modules/kubernetes-cluster/CHANGELOG.md +++ b/modules/kubernetes-cluster/CHANGELOG.md @@ -1,5 +1,8 @@ # Changelog +## 1.3 +* Added `log_categories` and `metric_categories` variables to enable configuration of Diagnostic Settings. + ## 1.2 * Added support for using an internal load balancer by granting the cluster managed identity the `Reader` and `Network Contributor` roles on the virtual network. diff --git a/modules/kubernetes-cluster/VERSION b/modules/kubernetes-cluster/VERSION index 5625e59..7e32cd5 100644 --- a/modules/kubernetes-cluster/VERSION +++ b/modules/kubernetes-cluster/VERSION @@ -1 +1 @@ -1.2 +1.3 diff --git a/modules/kubernetes-cluster/src/main.tf b/modules/kubernetes-cluster/src/main.tf index 1cb6743..f60eb40 100644 --- a/modules/kubernetes-cluster/src/main.tf +++ b/modules/kubernetes-cluster/src/main.tf @@ -70,36 +70,20 @@ resource "azurerm_monitor_diagnostic_setting" "main" { target_resource_id = azurerm_kubernetes_cluster.main.id log_analytics_workspace_id = var.log_analytics_workspace_id - enabled_log { - category = "kube-apiserver" - } - - enabled_log { - category = "kube-audit" - } - - enabled_log { - category = "kube-audit-admin" - } - - enabled_log { - category = "kube-controller-manager" - } - - enabled_log { - category = "kube-scheduler" - } + dynamic "enabled_log" { + for_each = var.log_categories - enabled_log { - category = "cluster-autoscaler" + content { + category = enabled_log.value + } } - enabled_log { - category = "cloud-controller-manager" - } + dynamic "metric" { + for_each = var.metric_categories - metric { - category = "AllMetrics" + content { + category = metric.value + } } } diff --git a/modules/kubernetes-cluster/src/variables.tf b/modules/kubernetes-cluster/src/variables.tf index 5017614..3002db1 100644 --- a/modules/kubernetes-cluster/src/variables.tf +++ b/modules/kubernetes-cluster/src/variables.tf @@ -33,6 +33,21 @@ variable "log_analytics_workspace_id" { type = string } +# https://learn.microsoft.com/en-us/azure/azure-monitor/reference/supported-logs/microsoft-containerservice-managedclusters-logs +variable "log_categories" { + type = list(string) + default = [ + "kube-scheduler" + ] +} + +variable "metric_categories" { + type = list(string) + default = [ + "AllMetrics" + ] +} + variable "network_plugin" { type = string default = "kubenet" From 8a8af7c789313b563d339e67e537c978e30e54bc Mon Sep 17 00:00:00 2001 From: Fraser Davidson Date: Tue, 9 Jan 2024 13:34:29 +0000 Subject: [PATCH 2/2] Update Diagnostic Setting defaults for Kubernetes Cluster --- modules/kubernetes-cluster/CHANGELOG.md | 3 ++- modules/kubernetes-cluster/VERSION | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/modules/kubernetes-cluster/CHANGELOG.md b/modules/kubernetes-cluster/CHANGELOG.md index a68a1cd..e178e9a 100644 --- a/modules/kubernetes-cluster/CHANGELOG.md +++ b/modules/kubernetes-cluster/CHANGELOG.md @@ -1,7 +1,8 @@ # Changelog -## 1.3 +## 2.0 * Added `log_categories` and `metric_categories` variables to enable configuration of Diagnostic Settings. +* Changed default log categories. ## 1.2 * Added support for using an internal load balancer by granting the cluster managed identity the `Reader` and `Network Contributor` roles on the virtual network. diff --git a/modules/kubernetes-cluster/VERSION b/modules/kubernetes-cluster/VERSION index 7e32cd5..cd5ac03 100644 --- a/modules/kubernetes-cluster/VERSION +++ b/modules/kubernetes-cluster/VERSION @@ -1 +1 @@ -1.3 +2.0