Add k8s metadata autodetection

[ChrsMark]

This PR is a proposal for enabling autodetection mode for add_kubernetes_metadata.

Currently we configure add_cloud_metadata and add_host_metadata by default in all Beats.

add_cloud_metadata does autodetection, and it will only enrich events if the beat is running on a known public cloud.

It would be useful to have the same for Kubernetes, so if Beats is started in a scenario where Kubernetes is reachable with a default config, it automatically enables metadata for it. If Kubernetes is not reachable with a default config nothing will happen.

Part of: #13068
Depends on #13374

How to test it

1. With k8s available
   a. Run metricbeat or filebeat inside a k8s cluster and without setting kube_config.
   b. Verify that processor is being automatically enabled. (Note that it will create a client in an in_cluster mode.)
2. With k8s unavailable
   a. Run metricbeat or filebeat outside of a k8s cluster and without setting kube_config.
   b. Verify that processor is not being automatically enabled.

docs: https://www.elastic.co/guide/en/beats/filebeat/master/add-kubernetes-metadata.html#add-kubernetes-metadata

[odacremolbap]

Hey @ChrsMark I haven't executed it (for now), so consider my comments code only.

It would be nice to an update on docs to explain how the autodetection works, maybe in this PR or at a follow up.

[ChrsMark]

Hey @ChrsMark I haven't executed it (for now), so consider my comments code only.

It would be nice to an update on docs to explain how the autodetection works, maybe in this PR or at a follow up.

Hey @odacremolbap thank you for reviewing. I think all your comments have been addressed. I would love to hear back if you notice anything else.

As far as the docs' update is concerned, if it is needed I would go with a follow up PR. @jsoriano WDYT about his?

[odacremolbap]

LGTM
Let's wait for CI outcome

@jsoriano do you want to take a look?

[jsoriano]

I see that you have added some code to handle in-cluster configuration vs. explicitly specified kubeconfig, I am worried that this can cause some behavioural inconsistencies with other kubernetes features in Beats.
I think this code shouldn't be needed here. If it is needed then this is probably also required in other places and it should be added to some common place so all kubernetes clients are initialized consistently.

[jsoriano]

We should be consistent with the logic to configure kubernetes clients along all our kubernetes features.

I think we shouldn't need to add special handling here to get the config path from the environment variables, or to get in-cluster configuration. If we need to add this logic for some reason, we should consider adding it in a common places, so logic is kept consistent along all kubernetes features.

Why did you need to add this logic?

We may need to revisit this conversation.

[ChrsMark]

Actually, the field InCluster can be removed.

Regarding the searching of environmental variables or kubeconfig in $HOME directory:
If we are not in an "incluster" mode then the autodetection will just fail if users have not set kube_config in their configuration cause it will not be able to create a client etc. So auto-detection will be actually available only in "Incluster" deployments or we should require from the user to set the kubeconfig.

In addition this code has do only with add_kubernetes_metadata processor, so is it possible to affect other features too (really not sure about that, just asking).

So what we should do? I'm open on any proposal :)

[jsoriano]

Actually, the field InCluster can be removed.

👍

Regarding the searching of environmental variables or kubeconfig in $HOME directory:
If we are not in an "incluster" mode then the autodetection will just fail if users have not set kube_config in their configuration cause it will not be able to create a client etc. So auto-detection will be actually available only in "Incluster" deployments or we should require from the user to set the kubeconfig.

I think that failing if in-cluster configuration is not available and kubeconfig is not set would be perfectly fine, and it would be consistent with the rest of kubernetes features.

Said that, I see that needing to set kubeconfig in all Kubernetes features can be cumbersome, we could try to explore the use of KUBECONFIG env variable as an alternative to set it everywhere. But if something needs to be done for that I would do it in the common helpers, and in a separate PR.

In addition this code has do only with add_kubernetes_metadata processor, so is it possible to affect other features too (really not sure about that, just asking).

So what we should do? I'm open on any proposal :)

I'd say to:

• Keep it failing if in-cluster configuration is not available and kubeconfig is not set. In any case the most common case for Kubernetes is to have in-cluster configuration working.
• Consider leveraging KUBECONFIG for all our Kubernetes features, but as a separate issue/PR.

[ChrsMark]

👍

[jsoriano]

This shouldn't be logged as error, as this is going to happen on any non-kubernetes deployment using the default configuration.

[jsoriano]

I think that in other places we are assuming that if no kubeconfig is specified, then in cluster configuration is wanted. We should keep this behaviour also here.

[ChrsMark]

I think it falls under the same doubts of #13473 (comment)

[jsoriano]

Nit. Set kubernetesAvailable to false already when initializing the processor (or just don't set it as is the zero value), and only set it to true when all checks have been done.

[jsoriano]

Also here it is not needed to set processor.kubernetesAvailable = false.

Suggested change

processor.kubernetesAvailable = false

[jsoriano]

Why initializing the cache if kubernetes is not available?

[ChrsMark]

Maybe it is not required. It is just a left-over from copying the above test. :)

[jsoriano]

Ok, try to remove it then 🙂

[ChrsMark]

👍

[jsoriano]

config.InCluster could be replaced by kubernetes.IsInCluster(config.KubeConfig) as used in other places. Or at least it should be consistent with the result of this call.

[jsoriano]

As far as the docs' update is concerned, if it is needed I would go with a follow up PR. @jsoriano WDYT about his?

Ok to do docs changes in a follow up
We may also need to review docs of in_cluster setting, I think that this is being ignored after #13051

[ChrsMark]

So @jsoriano the big deal is about if we decide to have auto enablement of add_kubernetes_metadata to be able to search on its own for kubeconfig file (in $HOME path or in env) or request from the user to specify that. WDYT?

cc: @odacremolbap

[jsoriano]

LGTM, I have added some extra minor comments, please address them before merging.

[jsoriano]

Nit.

Suggested change

	- Add autodetection mode for add_kubernetes_metadata and enable it by default in included configuration files{pull}13473[13473]
	- Add autodetection mode for add_kubernetes_metadata and enable it by default in included configuration files. {pull}13473[13473]

[jsoriano]

Nit. Remove this added line.

Suggested change

[jsoriano]

Also here it is not needed to set processor.kubernetesAvailable = false.

Suggested change

processor.kubernetesAvailable = false

[jsoriano]

Also these ones should be logged at debug level, because they are going to be logged in all non-kubernetes deployments.

[jsoriano]

This import should be placed before beats imports.

	"fmt"
	"time"

	k8s "k8s.io/client-go/kubernetes"

	"github.com/elastic/beats/libbeat/beat"
	"github.com/elastic/beats/libbeat/common"
	"github.com/elastic/beats/libbeat/common/kubernetes"
	"github.com/elastic/beats/libbeat/logp"
	"github.com/elastic/beats/libbeat/processors"

And I wonder if we should use another alias, k8s is basically the same as kubernetes, maybe k8sclient... Not sure.