From 762aafb21d769e2373dd7fc5302c62848a1244cb Mon Sep 17 00:00:00 2001 From: Fidel Ruiz Date: Wed, 5 Mar 2025 10:55:30 -0500 Subject: [PATCH 1/3] feat: support logs-agent resources configuration --- README.md | 11 ++++++----- examples/obs-agent-ocp/main.tf | 12 ++++++++++++ main.tf | 1 + modules/logs-agent/README.md | 5 +++-- modules/logs-agent/main.tf | 1 + modules/logs-agent/variables.tf | 28 ++++++++++++++++++++++++++++ variables.tf | 28 ++++++++++++++++++++++++++++ 7 files changed, 79 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 59df10c9..612e59ac 100644 --- a/README.md +++ b/README.md @@ -124,19 +124,19 @@ You need the following permissions to run this module. | [cloud\_monitoring\_agent\_name](#input\_cloud\_monitoring\_agent\_name) | Cloud Monitoring agent name. Used for naming all kubernetes and helm resources on the cluster. | `string` | `"sysdig-agent"` | no | | [cloud\_monitoring\_agent\_namespace](#input\_cloud\_monitoring\_agent\_namespace) | Namespace where to deploy the Cloud Monitoring agent. Default value is 'ibm-observe' | `string` | `"ibm-observe"` | no | | [cloud\_monitoring\_agent\_tags](#input\_cloud\_monitoring\_agent\_tags) | List of tags to associate to all matrics that the agent collects. NOTE: Use the 'cloud\_monitoring\_add\_cluster\_name' variable to add the cluster name as a tag. | `list(string)` | `[]` | no | -| [cloud\_monitoring\_agent\_tolerations](#input\_cloud\_monitoring\_agent\_tolerations) | List of tolerations to apply to Cloud Monitoring agent. | 
list(object({
    key               = optional(string)
    operator          = optional(string)
    value             = optional(string)
    effect            = optional(string)
    tolerationSeconds = optional(number)
  }))
| 
[
  {
    "operator": "Exists"
  },
  {
    "effect": "NoSchedule",
    "key": "node-role.kubernetes.io/master",
    "operator": "Exists"
  }
]
| no | -| [cloud\_monitoring\_container\_filter](#input\_cloud\_monitoring\_container\_filter) | To filter custom containers, specify which containers to include or exclude from metrics collection for the cloud monitoring agent. See https://cloud.ibm.com/docs/monitoring?topic=monitoring-change_kube_agent#change_kube_agent_filter_data. | 
list(object({
    type      = string
    parameter = string
    name      = string
  }))
| `[]` | no | +| [cloud\_monitoring\_agent\_tolerations](#input\_cloud\_monitoring\_agent\_tolerations) | List of tolerations to apply to Cloud Monitoring agent. | 
list(object({
    key               = optional(string)
    operator          = optional(string)
    value             = optional(string)
    effect            = optional(string)
    tolerationSeconds = optional(number)
  }))
| 
[
  {
    "operator": "Exists"
  },
  {
    "effect": "NoSchedule",
    "key": "node-role.kubernetes.io/master",
    "operator": "Exists"
  }
]
| no | +| [cloud\_monitoring\_container\_filter](#input\_cloud\_monitoring\_container\_filter) | To filter custom containers, specify which containers to include or exclude from metrics collection for the cloud monitoring agent. See https://cloud.ibm.com/docs/monitoring?topic=monitoring-change_kube_agent#change_kube_agent_filter_data. | 
list(object({
    type      = string
    parameter = string
    name      = string
  }))
| `[]` | no | | [cloud\_monitoring\_enabled](#input\_cloud\_monitoring\_enabled) | Deploy IBM Cloud Monitoring agent | `bool` | `true` | no | | [cloud\_monitoring\_endpoint\_type](#input\_cloud\_monitoring\_endpoint\_type) | Specify the IBM Cloud Monitoring instance endpoint type (public or private) to use. Used to construct the ingestion endpoint. | `string` | `"private"` | no | | [cloud\_monitoring\_instance\_region](#input\_cloud\_monitoring\_instance\_region) | The IBM Cloud Monitoring instance region. Used to construct the ingestion endpoint. | `string` | `null` | no | -| [cloud\_monitoring\_metrics\_filter](#input\_cloud\_monitoring\_metrics\_filter) | To filter custom metrics, specify the Cloud Monitoring metrics to include or to exclude. See https://cloud.ibm.com/docs/monitoring?topic=monitoring-change_kube_agent#change_kube_agent_inc_exc_metrics. | 
list(object({
    type = string
    name = string
  }))
| `[]` | no | +| [cloud\_monitoring\_metrics\_filter](#input\_cloud\_monitoring\_metrics\_filter) | To filter custom metrics, specify the Cloud Monitoring metrics to include or to exclude. See https://cloud.ibm.com/docs/monitoring?topic=monitoring-change_kube_agent#change_kube_agent_inc_exc_metrics. | 
list(object({
    type = string
    name = string
  }))
| `[]` | no | | [cloud\_monitoring\_secret\_name](#input\_cloud\_monitoring\_secret\_name) | The name of the secret which will store the access key. | `string` | `"sysdig-agent"` | no | | [cluster\_config\_endpoint\_type](#input\_cluster\_config\_endpoint\_type) | Specify which type of endpoint to use for for cluster config access: 'default', 'private', 'vpe', 'link'. 'default' value will use the default endpoint of the cluster. | `string` | `"default"` | no | | [cluster\_id](#input\_cluster\_id) | The ID of the cluster you wish to deploy the agents in | `string` | n/a | yes | | [cluster\_resource\_group\_id](#input\_cluster\_resource\_group\_id) | The Resource Group ID of the cluster | `string` | n/a | yes | | [is\_vpc\_cluster](#input\_is\_vpc\_cluster) | Specify true if the target cluster for the observability agents is a VPC cluster, false if it is a classic cluster. | `bool` | `true` | no | | [logs\_agent\_additional\_log\_source\_paths](#input\_logs\_agent\_additional\_log\_source\_paths) | The list of additional log sources. By default, the Logs agent collects logs from a single source at `/var/log/containers/*.log`. | `list(string)` | `[]` | no | -| [logs\_agent\_additional\_metadata](#input\_logs\_agent\_additional\_metadata) | The list of additional metadata fields to add to the routed logs. | 
list(object({
    key   = optional(string)
    value = optional(string)
  }))
| `[]` | no | +| [logs\_agent\_additional\_metadata](#input\_logs\_agent\_additional\_metadata) | The list of additional metadata fields to add to the routed logs. | 
list(object({
    key   = optional(string)
    value = optional(string)
  }))
| `[]` | no | | [logs\_agent\_enable\_scc](#input\_logs\_agent\_enable\_scc) | Whether to enable creation of Security Context Constraints in Openshift. When installing on an OpenShift cluster, this setting is mandatory to configure permissions for pods within your cluster. | `bool` | `true` | no | | [logs\_agent\_enabled](#input\_logs\_agent\_enabled) | Whether to deploy the Logs agent. | `bool` | `true` | no | | [logs\_agent\_exclude\_log\_source\_paths](#input\_logs\_agent\_exclude\_log\_source\_paths) | The list of log sources to exclude. Specify the paths that the Logs agent ignores. | `list(string)` | `[]` | no | @@ -146,8 +146,9 @@ You need the following permissions to run this module. | [logs\_agent\_log\_source\_namespaces](#input\_logs\_agent\_log\_source\_namespaces) | The list of namespaces from which logs should be forwarded by agent. If namespaces are not listed, logs from all namespaces will be sent. | `list(string)` | `[]` | no | | [logs\_agent\_name](#input\_logs\_agent\_name) | The name of the Logs agent. The name is used in all Kubernetes and Helm resources in the cluster. | `string` | `"logs-agent"` | no | | [logs\_agent\_namespace](#input\_logs\_agent\_namespace) | The namespace where the Logs agent is deployed. The default value is `ibm-observe`. | `string` | `"ibm-observe"` | no | +| [logs\_agent\_resources](#input\_logs\_agent\_resources) | The resources configuration for cpu/memory/storage | 
object({
    limits = object({
      cpu               = string
      memory            = string
      ephemeral_storage = string
    })
    requests = object({
      cpu               = string
      memory            = string
      ephemeral_storage = string
    })
  })
| 
{
  "limits": {
    "cpu": "500m",
    "ephemeral_storage": "10Gi",
    "memory": "3Gi"
  },
  "requests": {
    "cpu": "100m",
    "ephemeral_storage": "2Gi",
    "memory": "1Gi"
  }
}
| no | | [logs\_agent\_selected\_log\_source\_paths](#input\_logs\_agent\_selected\_log\_source\_paths) | The list of specific log sources paths. Logs will only be collected from the specified log source paths. If no paths are specified, it will send logs from `/var/log/containers`. | `list(string)` | `[]` | no | -| [logs\_agent\_tolerations](#input\_logs\_agent\_tolerations) | List of tolerations to apply to Logs agent. The default value means a pod will run on every node. | 
list(object({
    key               = optional(string)
    operator          = optional(string)
    value             = optional(string)
    effect            = optional(string)
    tolerationSeconds = optional(number)
  }))
| 
[
  {
    "operator": "Exists"
  }
]
| no | +| [logs\_agent\_tolerations](#input\_logs\_agent\_tolerations) | List of tolerations to apply to Logs agent. The default value means a pod will run on every node. | 
list(object({
    key               = optional(string)
    operator          = optional(string)
    value             = optional(string)
    effect            = optional(string)
    tolerationSeconds = optional(number)
  }))
| 
[
  {
    "operator": "Exists"
  }
]
| no | | [logs\_agent\_trusted\_profile](#input\_logs\_agent\_trusted\_profile) | The IBM Cloud trusted profile ID. Used only when `logs_agent_iam_mode` is set to `TrustedProfile`. The trusted profile must have an IBM Cloud Logs `Sender` role. | `string` | `null` | no | | [wait\_till](#input\_wait\_till) | To avoid long wait times when you run your Terraform code, you can specify the stage when you want Terraform to mark the cluster resource creation as completed. Depending on what stage you choose, the cluster creation might not be fully completed and continues to run in the background. However, your Terraform code can continue to run without waiting for the cluster to be fully created. Supported args are `MasterNodeReady`, `OneWorkerNodeReady`, `IngressReady` and `Normal` | `string` | `"Normal"` | no | | [wait\_till\_timeout](#input\_wait\_till\_timeout) | Timeout for wait\_till in minutes. | `number` | `90` | no | diff --git a/examples/obs-agent-ocp/main.tf b/examples/obs-agent-ocp/main.tf index ae8931f0..a17957db 100644 --- a/examples/obs-agent-ocp/main.tf +++ b/examples/obs-agent-ocp/main.tf @@ -194,6 +194,18 @@ module "observability_agents" { }] # example of how to add additional log source path logs_agent_additional_log_source_paths = ["/logs/*.log"] + logs_agent_resources = { + limits = { + cpu = "500m" + ephemeral_storage = "10Gi" + memory = "3Gi" + } + requests = { + cpu = "100m" + ephemeral_storage = "2Gi" + memory = "1Gi" + } + } # Monitoring agent cloud_monitoring_access_key = module.observability_instances.cloud_monitoring_access_key # example of how to include / exclude metrics - more info https://cloud.ibm.com/docs/monitoring?topic=monitoring-change_kube_agent#change_kube_agent_log_metrics diff --git a/main.tf b/main.tf index 69d538bd..d21d4a4b 100644 --- a/main.tf +++ b/main.tf @@ -145,6 +145,7 @@ module "logs_agent" { logs_agent_iam_environment = var.logs_agent_iam_environment logs_agent_additional_metadata = var.logs_agent_additional_metadata logs_agent_enable_scc = var.logs_agent_enable_scc + logs_agent_resources = var.logs_agent_resources cloud_logs_ingress_endpoint = var.cloud_logs_ingress_endpoint cloud_logs_ingress_port = var.cloud_logs_ingress_port is_vpc_cluster = var.is_vpc_cluster diff --git a/modules/logs-agent/README.md b/modules/logs-agent/README.md index ee8849c1..433e03af 100644 --- a/modules/logs-agent/README.md +++ b/modules/logs-agent/README.md @@ -87,7 +87,7 @@ No modules. | [cluster\_resource\_group\_id](#input\_cluster\_resource\_group\_id) | The resource group ID of the cluster. | `string` | n/a | yes | | [is\_vpc\_cluster](#input\_is\_vpc\_cluster) | Specify true if the target cluster for the agents is a VPC cluster, false if it is a classic cluster. | `bool` | `true` | no | | [logs\_agent\_additional\_log\_source\_paths](#input\_logs\_agent\_additional\_log\_source\_paths) | The list of additional log sources. By default, the Logs agent collects logs from a single source at `/var/log/containers/*.log`. | `list(string)` | `[]` | no | -| [logs\_agent\_additional\_metadata](#input\_logs\_agent\_additional\_metadata) | The list of additional metadata fields to add to the routed logs. | 
list(object({
    key   = optional(string)
    value = optional(string)
  }))
| `[]` | no | +| [logs\_agent\_additional\_metadata](#input\_logs\_agent\_additional\_metadata) | The list of additional metadata fields to add to the routed logs. | 
list(object({
    key   = optional(string)
    value = optional(string)
  }))
| `[]` | no | | [logs\_agent\_enable\_scc](#input\_logs\_agent\_enable\_scc) | Whether to enable creation of Security Context Constraints in Openshift. When installing on an OpenShift cluster, this setting is mandatory to configure permissions for pods within your cluster. | `bool` | `true` | no | | [logs\_agent\_exclude\_log\_source\_paths](#input\_logs\_agent\_exclude\_log\_source\_paths) | The list of log sources to exclude. Specify the paths that the Logs agent ignores. | `list(string)` | `[]` | no | | [logs\_agent\_iam\_api\_key](#input\_logs\_agent\_iam\_api\_key) | The IBM Cloud API key for the Logs agent to authenticate and communicate with the IBM Cloud Logs. It is required if `logs_agent_iam_mode` is set to `IAMAPIKey`. | `string` | `null` | no | @@ -96,8 +96,9 @@ No modules. | [logs\_agent\_log\_source\_namespaces](#input\_logs\_agent\_log\_source\_namespaces) | The list of namespaces from which logs should be forwarded by agent. If namespaces are not listed, logs from all namespaces will be sent. | `list(string)` | `[]` | no | | [logs\_agent\_name](#input\_logs\_agent\_name) | The name of the Logs agent. The name is used in all Kubernetes and Helm resources in the cluster. | `string` | `"logs-agent"` | no | | [logs\_agent\_namespace](#input\_logs\_agent\_namespace) | The namespace where the Logs agent is deployed. The default value is `ibm-observe`. | `string` | `"ibm-observe"` | no | +| [logs\_agent\_resources](#input\_logs\_agent\_resources) | The resources configuration for cpu/memory/storage | 
object({
    limits = object({
      cpu               = string
      memory            = string
      ephemeral_storage = string
    })
    requests = object({
      cpu               = string
      memory            = string
      ephemeral_storage = string
    })
  })
| 
{
  "limits": {
    "cpu": "500m",
    "ephemeral_storage": "10Gi",
    "memory": "3Gi"
  },
  "requests": {
    "cpu": "100m",
    "ephemeral_storage": "2Gi",
    "memory": "1Gi"
  }
}
| no | | [logs\_agent\_selected\_log\_source\_paths](#input\_logs\_agent\_selected\_log\_source\_paths) | The list of specific log sources paths. Logs will only be collected from the specified log source paths. If no paths are specified, it will send logs from `/var/log/containers`. | `list(string)` | `[]` | no | -| [logs\_agent\_tolerations](#input\_logs\_agent\_tolerations) | List of tolerations to apply to Logs agent. The default value means a pod will run on every node. | 
list(object({
    key               = optional(string)
    operator          = optional(string)
    value             = optional(string)
    effect            = optional(string)
    tolerationSeconds = optional(number)
  }))
| 
[
  {
    "operator": "Exists"
  }
]
| no | +| [logs\_agent\_tolerations](#input\_logs\_agent\_tolerations) | List of tolerations to apply to Logs agent. The default value means a pod will run on every node. | 
list(object({
    key               = optional(string)
    operator          = optional(string)
    value             = optional(string)
    effect            = optional(string)
    tolerationSeconds = optional(number)
  }))
| 
[
  {
    "operator": "Exists"
  }
]
| no | | [logs\_agent\_trusted\_profile](#input\_logs\_agent\_trusted\_profile) | The IBM Cloud trusted profile ID. Used only when `logs_agent_iam_mode` is set to `TrustedProfile`. The trusted profile must have an IBM Cloud Logs `Sender` role. | `string` | `null` | no | | [wait\_till](#input\_wait\_till) | To avoid long wait times when you run your Terraform code, you can specify the stage when you want Terraform to mark the cluster resource creation as completed. Depending on what stage you choose, the cluster creation might not be fully completed and continues to run in the background. However, your Terraform code can continue to run without waiting for the cluster to be fully created. Supported args are `MasterNodeReady`, `OneWorkerNodeReady`, `IngressReady` and `Normal` | `string` | `"Normal"` | no | | [wait\_till\_timeout](#input\_wait\_till\_timeout) | Timeout for wait\_till in minutes. | `number` | `90` | no | diff --git a/modules/logs-agent/main.tf b/modules/logs-agent/main.tf index 3a0e09a8..5e66c237 100644 --- a/modules/logs-agent/main.tf +++ b/modules/logs-agent/main.tf @@ -116,6 +116,7 @@ resource "helm_release" "logs_agent" { values = [ yamlencode({ tolerations = var.logs_agent_tolerations + resources = var.logs_agent_resources additionalMetadata = local.logs_agent_additional_metadata dummy = uuid() }) diff --git a/modules/logs-agent/variables.tf b/modules/logs-agent/variables.tf index 8e55139f..73ea1ab6 100644 --- a/modules/logs-agent/variables.tf +++ b/modules/logs-agent/variables.tf @@ -154,6 +154,34 @@ variable "logs_agent_additional_metadata" { default = [] } +variable "logs_agent_resources" { + description = "The resources configuration for cpu/memory/storage" + type = object({ + limits = object({ + cpu = string + memory = string + ephemeral_storage = string + }) + requests = object({ + cpu = string + memory = string + ephemeral_storage = string + }) + }) + default = { + limits = { + cpu = "500m" + ephemeral_storage = "10Gi" + memory = "3Gi" + } + requests = { + cpu = "100m" + ephemeral_storage = "2Gi" + memory = "1Gi" + } + } +} + variable "logs_agent_enable_scc" { description = "Whether to enable creation of Security Context Constraints in Openshift. When installing on an OpenShift cluster, this setting is mandatory to configure permissions for pods within your cluster." type = bool diff --git a/variables.tf b/variables.tf index 4392a4c2..777afe94 100644 --- a/variables.tf +++ b/variables.tf @@ -268,6 +268,34 @@ variable "logs_agent_additional_metadata" { default = [] } +variable "logs_agent_resources" { + description = "The resources configuration for cpu/memory/storage" + type = object({ + limits = object({ + cpu = string + memory = string + ephemeral_storage = string + }) + requests = object({ + cpu = string + memory = string + ephemeral_storage = string + }) + }) + default = { + limits = { + cpu = "500m" + ephemeral_storage = "10Gi" + memory = "3Gi" + } + requests = { + cpu = "100m" + ephemeral_storage = "2Gi" + memory = "1Gi" + } + } +} + variable "logs_agent_enable_scc" { description = "Whether to enable creation of Security Context Constraints in Openshift. When installing on an OpenShift cluster, this setting is mandatory to configure permissions for pods within your cluster." type = bool From 43c3b7d93950b9a4f13ff27bb63cf51b37e8ac93 Mon Sep 17 00:00:00 2001 From: Fidel Ruiz Date: Wed, 5 Mar 2025 10:55:30 -0500 Subject: [PATCH 2/3] feat: support logs-agent resources configuration --- modules/logs-agent/main.tf | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/modules/logs-agent/main.tf b/modules/logs-agent/main.tf index 5e66c237..1fb8ceeb 100644 --- a/modules/logs-agent/main.tf +++ b/modules/logs-agent/main.tf @@ -112,6 +112,11 @@ resource "helm_release" "logs_agent" { value = var.logs_agent_enable_scc } + set { + name = "resources" + value = jsonencode(var.logs_agent_resources) + } + # dummy value hack to force update https://github.com/hashicorp/terraform-provider-helm/issues/515#issuecomment-813088122 values = [ yamlencode({ From 7b0c65400828c3c87545fc96e196fa774c144fd2 Mon Sep 17 00:00:00 2001 From: ocofaigh Date: Fri, 7 Mar 2025 14:12:54 +0000 Subject: [PATCH 3/3] address failing pre-commit hook --- README.md | 2 +- modules/logs-agent/README.md | 2 +- modules/logs-agent/variables.tf | 2 +- variables.tf | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 612e59ac..0d85bcfc 100644 --- a/README.md +++ b/README.md @@ -146,7 +146,7 @@ You need the following permissions to run this module. | [logs\_agent\_log\_source\_namespaces](#input\_logs\_agent\_log\_source\_namespaces) | The list of namespaces from which logs should be forwarded by agent. If namespaces are not listed, logs from all namespaces will be sent. | `list(string)` | `[]` | no | | [logs\_agent\_name](#input\_logs\_agent\_name) | The name of the Logs agent. The name is used in all Kubernetes and Helm resources in the cluster. | `string` | `"logs-agent"` | no | | [logs\_agent\_namespace](#input\_logs\_agent\_namespace) | The namespace where the Logs agent is deployed. The default value is `ibm-observe`. | `string` | `"ibm-observe"` | no | -| [logs\_agent\_resources](#input\_logs\_agent\_resources) | The resources configuration for cpu/memory/storage | 
object({
    limits = object({
      cpu               = string
      memory            = string
      ephemeral_storage = string
    })
    requests = object({
      cpu               = string
      memory            = string
      ephemeral_storage = string
    })
  })
| 
{
  "limits": {
    "cpu": "500m",
    "ephemeral_storage": "10Gi",
    "memory": "3Gi"
  },
  "requests": {
    "cpu": "100m",
    "ephemeral_storage": "2Gi",
    "memory": "1Gi"
  }
}
| no | +| [logs\_agent\_resources](#input\_logs\_agent\_resources) | The resources configuration for cpu/memory/storage. [Learn More](https://cloud.ibm.com/docs/cloud-logs?topic=cloud-logs-agent-helm-template-clusters#agent-helm-template-clusters-chart-options-resources) | 
object({
    limits = object({
      cpu               = string
      memory            = string
      ephemeral_storage = string
    })
    requests = object({
      cpu               = string
      memory            = string
      ephemeral_storage = string
    })
  })
| 
{
  "limits": {
    "cpu": "500m",
    "ephemeral_storage": "10Gi",
    "memory": "3Gi"
  },
  "requests": {
    "cpu": "100m",
    "ephemeral_storage": "2Gi",
    "memory": "1Gi"
  }
}
| no | | [logs\_agent\_selected\_log\_source\_paths](#input\_logs\_agent\_selected\_log\_source\_paths) | The list of specific log sources paths. Logs will only be collected from the specified log source paths. If no paths are specified, it will send logs from `/var/log/containers`. | `list(string)` | `[]` | no | | [logs\_agent\_tolerations](#input\_logs\_agent\_tolerations) | List of tolerations to apply to Logs agent. The default value means a pod will run on every node. | 
list(object({
    key               = optional(string)
    operator          = optional(string)
    value             = optional(string)
    effect            = optional(string)
    tolerationSeconds = optional(number)
  }))
| 
[
  {
    "operator": "Exists"
  }
]
| no | | [logs\_agent\_trusted\_profile](#input\_logs\_agent\_trusted\_profile) | The IBM Cloud trusted profile ID. Used only when `logs_agent_iam_mode` is set to `TrustedProfile`. The trusted profile must have an IBM Cloud Logs `Sender` role. | `string` | `null` | no | diff --git a/modules/logs-agent/README.md b/modules/logs-agent/README.md index 433e03af..a6dd0cf8 100644 --- a/modules/logs-agent/README.md +++ b/modules/logs-agent/README.md @@ -96,7 +96,7 @@ No modules. | [logs\_agent\_log\_source\_namespaces](#input\_logs\_agent\_log\_source\_namespaces) | The list of namespaces from which logs should be forwarded by agent. If namespaces are not listed, logs from all namespaces will be sent. | `list(string)` | `[]` | no | | [logs\_agent\_name](#input\_logs\_agent\_name) | The name of the Logs agent. The name is used in all Kubernetes and Helm resources in the cluster. | `string` | `"logs-agent"` | no | | [logs\_agent\_namespace](#input\_logs\_agent\_namespace) | The namespace where the Logs agent is deployed. The default value is `ibm-observe`. | `string` | `"ibm-observe"` | no | -| [logs\_agent\_resources](#input\_logs\_agent\_resources) | The resources configuration for cpu/memory/storage | 
object({
    limits = object({
      cpu               = string
      memory            = string
      ephemeral_storage = string
    })
    requests = object({
      cpu               = string
      memory            = string
      ephemeral_storage = string
    })
  })
| 
{
  "limits": {
    "cpu": "500m",
    "ephemeral_storage": "10Gi",
    "memory": "3Gi"
  },
  "requests": {
    "cpu": "100m",
    "ephemeral_storage": "2Gi",
    "memory": "1Gi"
  }
}
| no | +| [logs\_agent\_resources](#input\_logs\_agent\_resources) | The resources configuration for cpu/memory/storage. [Learn More](https://cloud.ibm.com/docs/cloud-logs?topic=cloud-logs-agent-helm-template-clusters#agent-helm-template-clusters-chart-options-resources) | 
object({
    limits = object({
      cpu               = string
      memory            = string
      ephemeral_storage = string
    })
    requests = object({
      cpu               = string
      memory            = string
      ephemeral_storage = string
    })
  })
| 
{
  "limits": {
    "cpu": "500m",
    "ephemeral_storage": "10Gi",
    "memory": "3Gi"
  },
  "requests": {
    "cpu": "100m",
    "ephemeral_storage": "2Gi",
    "memory": "1Gi"
  }
}
| no | | [logs\_agent\_selected\_log\_source\_paths](#input\_logs\_agent\_selected\_log\_source\_paths) | The list of specific log sources paths. Logs will only be collected from the specified log source paths. If no paths are specified, it will send logs from `/var/log/containers`. | `list(string)` | `[]` | no | | [logs\_agent\_tolerations](#input\_logs\_agent\_tolerations) | List of tolerations to apply to Logs agent. The default value means a pod will run on every node. | 
list(object({
    key               = optional(string)
    operator          = optional(string)
    value             = optional(string)
    effect            = optional(string)
    tolerationSeconds = optional(number)
  }))
| 
[
  {
    "operator": "Exists"
  }
]
| no | | [logs\_agent\_trusted\_profile](#input\_logs\_agent\_trusted\_profile) | The IBM Cloud trusted profile ID. Used only when `logs_agent_iam_mode` is set to `TrustedProfile`. The trusted profile must have an IBM Cloud Logs `Sender` role. | `string` | `null` | no | diff --git a/modules/logs-agent/variables.tf b/modules/logs-agent/variables.tf index 73ea1ab6..f5c9f79c 100644 --- a/modules/logs-agent/variables.tf +++ b/modules/logs-agent/variables.tf @@ -155,7 +155,7 @@ variable "logs_agent_additional_metadata" { } variable "logs_agent_resources" { - description = "The resources configuration for cpu/memory/storage" + description = "The resources configuration for cpu/memory/storage. [Learn More](https://cloud.ibm.com/docs/cloud-logs?topic=cloud-logs-agent-helm-template-clusters#agent-helm-template-clusters-chart-options-resources)" type = object({ limits = object({ cpu = string diff --git a/variables.tf b/variables.tf index 777afe94..6e24ca0f 100644 --- a/variables.tf +++ b/variables.tf @@ -269,7 +269,7 @@ variable "logs_agent_additional_metadata" { } variable "logs_agent_resources" { - description = "The resources configuration for cpu/memory/storage" + description = "The resources configuration for cpu/memory/storage. [Learn More](https://cloud.ibm.com/docs/cloud-logs?topic=cloud-logs-agent-helm-template-clusters#agent-helm-template-clusters-chart-options-resources)" type = object({ limits = object({ cpu = string