Implement kubernetes agent cluster scope leader election

[exekias]

Right now, when deploying Metricbeat on Kubernetes we deploy two different resources:

• A Daemonset, used to deploy an agent per node in the cluster, each agent will monitor the host and all it's running workloads.
• A Deployment, to deploy an additional agent to monitor at the cluster scope, currently used for kube-state-metrics and Kubernetes events.

We could simplify this by removing the need for a Deployment in favour of some type of leader election within the DaemonSet. In a nutshell, we need a way to flag one of the agents in the Daemonset as leader, making it in charge of both host and cluster scopes.

While leader election is challenging, API Server provides a great locking mechanism that is present in K8S, and we can leverage in many ways. So we don't really need things like agents talking to each other.

We should discuss our options here, one possibility is doing something like this:

• Use a secret/configmap to claim leadership, agents should try to create it. If it exists and it's not expired (through some defined TTL), there is an active leader.
• Make the Kubernetes autodiscover provider handle this, and pass a leader field as part of autodiscover events. This way cluster scope metricsets can be configured based on that.

[elasticmachine]

Pinging @elastic/integrations-platforms (Team:Platforms)

[jsoriano]

go-client includes a leader election implementation https://godoc.org/k8s.io/client-go/tools/leaderelection

[mostlyjason]

@ph @ruflin FYI

[ChrsMark]

+1 for using leader election package @jsoriano proposed.
Something similar Kubernetes core implements for autoscaler: https://github.com/kubernetes/autoscaler/blob/a63c7abbe47773be4eec49b13210a3cd9c4a719f/cluster-autoscaler/main.go#L421

I drafted an experimental code snippet and seemed to work, so the implementation should be quite straight forward on leader election level. However we need to figure out at which point we will integrate this change.

One possible solution could be to add this on Module level. In this, we will give the option to the users to define an extra flag to define that this module configuration should be applied only on leader elected nodes. For instance:

- module: kubernetes
      metricsets:
        - state_node
        - state_deployment
        - state_replicaset
        - state_pod
        - state_container
        - state_cronjob
        - state_resourcequota
        # Uncomment this to get k8s events:
        - event
      period: 10s
      on_leader_election: true
      host: ${NODE_NAME}

@exekias @jsoriano any thoughts on this?

[exekias]

Love to see this is viable! Thank you for digging in.

I was thinking this could make more sense in autodiscover? This may go beyond the scope of the kubernetes module, as I may have some other inputs I want to launch as a singleton for the whole cluster. (ie, running certain uptime monitors, a global gateway for logs, etc)

If we add a leader field to autodiscover events, we could leverage it to decide when to launch certain configs, including these.

I'm not fully onboard with this either, would like to hear other opinions and use cases

[jsoriano]

I was also thinking that it could make sense in autodiscover, it could be a new provider with a config like this:

metricbeat.autodiscover:
  providers:
    - type: kubernetes_leader
      lock_id: somename
      configmap: someconfigmap

Or this:

metricbeat.autodiscover:
  providers:
    - type: kubernetes_leader
      lock_id: somename
      config:
      - module: kubernetes
        metricsets: ...

The configuration could be in a configmap, so all the leader candidates would have the same configuration, though maybe this is not so important if they are deployed with a Deployment.

If a provider gets the lock, it generates an event to start the configuration, if it loses it, it stops it.

And this could be used with other modules with cluster scope.

[exekias]

Do you foresee any situation where you may want to use Pods/Nodes/Service autodiscover in combination with leader election? If that's the case, perhaps the leader flag should be just present in the kubernetes provider (too)

[jsoriano]

Do you foresee any situation where you may want to use Pods/Nodes/Service autodiscover in combination with leader election?

Umm, yeah, we might want to enable it only if some pods or services exist, and using their metadata.

If that's the case, perhaps the leader flag should be just present in the kubernetes provider (too)

Where would you put this flag? at the template level so we can have different leaders?

metricbeat.autodiscover:
  providers:
    - type: kubernetes
      scope: cluster
      templates:
        - leader: mb-kubernetes
          config:
            - module: kubernetes
              ...
        - leader: mb-kafka
          condition:
            contains:
              kubernetes.labels.app: "kafka"
          config:
            - module: kafka
              hosts: "${data.host}:${data.port}"
        - condition:
            contains:
              kubernetes.labels.app: "redis"
          config:
            - module: redis
              hosts: "${data.host}:${data.port}"

Or at the provider level? and multiple providers are needed if multiple leaderships are wanted?

metricbeat.autodiscover:
  providers:
    - type: kubernetes
      scope: cluster
      leader: mb-kubernetes
      resource: service
      templates:
        - leader: mb-kubernetes
          config:
            - module: kubernetes
              ...
    - type: kubernetes
      scope: cluster
      resource: service
      leader: mb-kafka
      templates:
        - leader: mb-kafka
          condition:
            contains:
              kubernetes.labels.app: "kafka"
          config:
            - module: kafka
              hosts: "${data.host}:${data.port}"
    - type: kubernetes
      templates:
        - condition:
            contains:
              kubernetes.labels.app: "redis"
          config:
            - module: redis
              hosts: "${data.host}:${data.port}"

At the provider level it looks better as the provider keeps state, and we probably don't need multiple leaderships on the same instance.