Utility side car for Ping federate #601
Description
Is your feature request related to a problem? Please describe.
Utility side car for Ping federate with volume mount to emptydir tmp and config map
Describe the solution you'd like
We need to create a side car container along with Ping Federate main container to read the logs from /opt/out/instance/log path and data from the logs need to be send to an external monitoring API
Describe alternatives you've considered
We considered creating custom metrics, but the data is not available in the application and is available in logs only.
Additional context
Volume and volume mount is not working as expected as it mounts additonal volumes previous mounted. Also I observed args and commands are not passed to the utilitysidecar container. I These observations are as per output of the render helm chart. Kindly assist with helm formatting for the requirement provided.
pingfederate-engine:
image:
repository: 435576480396.dkr.ecr.eu-north-1.amazonaws.com
name: ciam-pf
tag: latest
enabled: true
container:
replicaCount: 3
resources:
requests:
cpu: 4
memory: 4Gi
limits:
cpu: 4
memory: 4Gi
envFrom:
- secretRef:
name: pingfederate-secrets
optional: false
- secretRef:
name: appdynamics-secrets
optional: false
dnsConfig:
nameservers:
- 172.20.0.11
options:
- name: ndots
value: "5"
searches:
- ciam-test.svc.cluster.local
dnsPolicy: None
initContainers:
- image: 435576480396.dkr.ecr.eu-north-1.amazonaws.com/pingtoolkit:2303-1.0.0
name: wait-for-pingfederate-admin
envs:
PF_CONSOLE_TITLE: test PingFederate
PD_HOST: "directory-pingdirectory:389"
PF_ADMIN_NODE: "federate.test.ciam.non-prod.managed-eks.aws.nuuday.nu"
PF_ENGINE_NODE: "federate-engine.test.ciam.non-prod.managed-eks.aws.nuuday.nu"
PF_ENGINE_NODE_2: "test.ciam.nuuday.dk"
PF_ENGINE_NODE_3: "test.ciampartner.nuuday.dk"
PF_ENGINE_NODE_4: "federate-engine.test.ciampartner.ciam.non-prod.managed-eks.aws.nuuday.nu"
MYSQL_CONNECTION: "jdbc:mysql://youseeid-qa-mysql-master.chniyawurvk8.eu-central-1.rds.amazonaws.com"
MAX_HEAP_SIZE: "768m"
APPDYNAMICS_CONTROLLER_HOST_NAME: "nuuday-test.saas.appdynamics.com"
APPDYNAMICS_AGENT_ACCOUNT_NAME: "nuuday-test"
APPDYNAMICS_AGENT_APPLICATION_NAME: "CIAM_Test"
APPDYNAMICS_AGENT_TIER_NAME: PingFederateEngine
RANDOM: ${RANDOM_PLACEHOLDER}
secretVolumes:
# ping-license-expr-2026-01-13:
# items:
# federate-license.lic: /opt/in/instance/server/default/conf/pingfederate.lic
ping-federate-license:
items:
federate-license-v12.lic: /opt/in/instance/server/default/conf/pingfederate.lic
pingfederate-secrets:
items:
CIAM_PF_JWK: /opt/in/instance/server/default/data/pf.jwk
#Volume and Volume mount
volumes:
- name: temp
emptyDir: {}
- name: pf-forwarder
configMap:
name: pf-log-forwarder
defaultMode: 0755
volumeMounts:
- name: temp
mountPath: /opt/out
# Utility sidecar
utilitySidecar:
enabled: true
image:
repository: 435576480396.dkr.ecr.eu-north-1.amazonaws.com
name: ldap-sdk-tools
tag: python
command: ["/bin/sh", "-c"]
args:
- |
python -m pip install --no-cache-dir requests
python /opt/pf-forwarder/pf_log_to_appd_v3.py
# Sidecar mounts the same per-pod /opt/out and the forwarder script from the ConfigMap
volumes:
- name: pf-forwarder
mountPath: /opt/pf-forwarder/pf_log_to_appd_v3.py
subPath: pf_log_to_appd_v3.py
envFrom:
- secretRef:
name: appdynamics-events-secret
env:
- name: APPD_EVENTS_SCHEMA
value: "ClientID"
- name: LOG_DIR
value: "/opt/out/instance/log"
- name: AUDIT_FILENAME
value: "audit.log"
- name: BATCH_MAX_EVENTS
value: "25"
- name: BATCH_MAX_MS
value: "500"
- name: RATE_LIMIT_RPS
value: "10"
- name: MAX_IN_FLIGHT
value: "2"
- name: DEDUP_ENABLED
value: "1"
- name: DEDUP_TTL_SECONDS
value: "600"
# Optional:
# - name: TAIL_FROM_START
# value: "0"