feat: logging module version bumps

charts/kubezero-logging/README.md

@@ -1,6 +1,6 @@
 # kubezero-logging
 
-![Version: 0.8.9](https://img.shields.io/badge/Version-0.8.9-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.6.0](https://img.shields.io/badge/AppVersion-1.6.0-informational?style=flat-square)
+![Version: 0.8.11](https://img.shields.io/badge/Version-0.8.11-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.6.0](https://img.shields.io/badge/AppVersion-1.6.0-informational?style=flat-square)
 
 KubeZero Umbrella Chart for complete EFK stack
 
@@ -19,8 +19,8 @@ Kubernetes: `>= 1.26.0`
 | Repository | Name | Version |
 |------------|------|---------|
 | https://cdn.zero-downtime.net/charts/ | kubezero-lib | >= 0.1.6 |
-| https://fluent.github.io/helm-charts | fluent-bit | 0.40.0 |
-| https://fluent.github.io/helm-charts | fluentd | 0.5.0 |
+| https://fluent.github.io/helm-charts | fluent-bit | 0.46.0 |
+| https://fluent.github.io/helm-charts | fluentd | 0.5.2 |
 
 ## Changes from upstream
 ### ECK
@@ -56,11 +56,6 @@ Kubernetes: `>= 1.26.0`
 
 | Key | Type | Default | Description |
 |-----|------|---------|-------------|
-| eck-operator.enabled | bool | `false` |  |
-| eck-operator.installCRDs | bool | `false` |  |
-| eck-operator.nodeSelector."node-role.kubernetes.io/control-plane" | string | `""` |  |
-| eck-operator.tolerations[0].effect | string | `"NoSchedule"` |  |
-| eck-operator.tolerations[0].key | string | `"node-role.kubernetes.io/control-plane"` |  |
 | elastic_password | string | `""` |  |
 | es.nodeSets | list | `[]` |  |
 | es.prometheus | bool | `false` |  |
@@ -87,11 +82,10 @@ Kubernetes: `>= 1.26.0`
 | fluent-bit.daemonSetVolumes[1].hostPath.path | string | `"/var/lib/containers/logs"` |  |
 | fluent-bit.daemonSetVolumes[1].name | string | `"newlog"` |  |
 | fluent-bit.enabled | bool | `false` |  |
-| fluent-bit.image | string | `nil` |  |
 | fluent-bit.luaScripts."kubezero.lua" | string | `"function nest_k8s_ns(tag, timestamp, record)\n    if not record['kubernetes']['namespace_name'] then\n        return 0, 0, 0\n    end\n    new_record = {}\n    for key, val in pairs(record) do\n        if key == 'kube' then\n            new_record[key] = {}\n            new_record[key][record['kubernetes']['namespace_name']] = record[key]\n        else\n            new_record[key] = record[key]\n        end\n    end\n    return 1, timestamp, new_record\nend\n"` |  |
 | fluent-bit.resources.limits.memory | string | `"128Mi"` |  |
 | fluent-bit.resources.requests.cpu | string | `"20m"` |  |
-| fluent-bit.resources.requests.memory | string | `"32Mi"` |  |
+| fluent-bit.resources.requests.memory | string | `"48Mi"` |  |
 | fluent-bit.serviceMonitor.enabled | bool | `false` |  |
 | fluent-bit.serviceMonitor.selector.release | string | `"metrics"` |  |
 | fluent-bit.testFramework.enabled | bool | `false` |  |
@@ -100,17 +94,15 @@ Kubernetes: `>= 1.26.0`
 | fluentd.configMapConfigs[0] | string | `"fluentd-prometheus-conf"` |  |
 | fluentd.dashboards.enabled | bool | `false` |  |
 | fluentd.enabled | bool | `false` |  |
-| fluentd.env[0].name | string | `"FLUENTD_CONF"` |  |
-| fluentd.env[0].value | string | `"../../etc/fluent/fluent.conf"` |  |
-| fluentd.env[1].name | string | `"OUTPUT_PASSWORD"` |  |
-| fluentd.env[1].valueFrom.secretKeyRef.key | string | `"elastic"` |  |
-| fluentd.env[1].valueFrom.secretKeyRef.name | string | `"logging-es-elastic-user"` |  |
+| fluentd.env[0].name | string | `"OUTPUT_PASSWORD"` |  |
+| fluentd.env[0].valueFrom.secretKeyRef.key | string | `"elastic"` |  |
+| fluentd.env[0].valueFrom.secretKeyRef.name | string | `"logging-es-elastic-user"` |  |
 | fluentd.fileConfigs."00_system.conf" | string | `"<system>\n  root_dir /fluentd/log\n  log_level info\n  ignore_repeated_log_interval 60s\n  ignore_same_log_interval 60s\n  workers 1\n</system>"` |  |
 | fluentd.fileConfigs."01_sources.conf" | string | `"<source>\n  @type http\n  @label @KUBERNETES\n  port 9880\n  bind 0.0.0.0\n  keepalive_timeout 30\n</source>\n\n<source>\n  @type forward\n  @label @KUBERNETES\n  port 24224\n  bind 0.0.0.0\n  # skip_invalid_event true\n  send_keepalive_packet true\n  <security>\n    self_hostname \"#{ENV['HOSTNAME']}\"\n    shared_key {{ .Values.shared_key }}\n  </security>\n</source>"` |  |
 | fluentd.fileConfigs."02_filters.conf" | string | `"<label @KUBERNETES>\n  # prevent log feedback loops eg. ES has issues etc.\n  # discard logs from our own pods\n  <match kube.logging.fluentd>\n    @type relabel\n    @label @FLUENT_LOG\n  </match>\n\n  # Exclude current fluent-bit multiline noise\n  <filter kube.logging.fluent-bit>\n    @type grep\n    <exclude>\n      key log\n      pattern /could not append content to multiline context/\n    </exclude>\n  </filter>\n\n  # Generate Hash ID to break endless loop for already ingested events during retries\n  <filter **>\n    @type elasticsearch_genid\n    use_entire_record true\n  </filter>\n\n  # Route through DISPATCH for Prometheus metrics\n  <match **>\n    @type relabel\n    @label @DISPATCH\n  </match>\n</label>"` |  |
 | fluentd.fileConfigs."04_outputs.conf" | string | `"<label @OUTPUT>\n  <match **>\n    @id out_es\n    @type elasticsearch\n    # @log_level debug\n    include_tag_key true\n\n    id_key _hash\n    remove_keys _hash\n    write_operation create\n\n    # KubeZero pipeline incl. GeoIP etc.\n    pipeline fluentd\n\n    hosts \"{{ .Values.output.host }}\"\n    port 9200\n    scheme http\n    user elastic\n    password \"#{ENV['OUTPUT_PASSWORD']}\"\n\n    log_es_400_reason\n    logstash_format true\n    reconnect_on_error true\n    reload_on_failure true\n    request_timeout 300s\n    slow_flush_log_threshold 55.0\n\n    #with_transporter_log true\n\n    verify_es_version_at_startup false\n    default_elasticsearch_version 7\n    suppress_type_name true\n\n    # Retry failed bulk requests\n    # https://github.com/uken/fluent-plugin-elasticsearch#unrecoverable-error-types\n    unrecoverable_error_types [\"out_of_memory_error\"]\n    bulk_message_request_threshold 1048576\n\n    <buffer>\n      @type file\n\n      flush_mode interval\n      flush_thread_count 2\n      flush_interval 10s\n\n      chunk_limit_size 2MB\n      total_limit_size 1GB\n\n      flush_at_shutdown true\n      retry_type exponential_backoff\n      retry_timeout 6h\n      overflow_action drop_oldest_chunk\n      disable_chunk_backup true\n    </buffer>\n  </match>\n</label>"` |  |
 | fluentd.image.repository | string | `"public.ecr.aws/zero-downtime/fluentd-concenter"` |  |
-| fluentd.image.tag | string | `"v1.16.0"` |  |
+| fluentd.image.tag | string | `"v1.16.3"` |  |
 | fluentd.istio.enabled | bool | `false` |  |
 | fluentd.kind | string | `"Deployment"` |  |
 | fluentd.metrics.serviceMonitor.additionalLabels.release | string | `"metrics"` |  |

charts/kubezero-logging/charts/fluent-bit/Chart.yaml

@@ -1,9 +1,9 @@
 annotations:
   artifacthub.io/changes: |
     - kind: changed
-      description: "Updated Fluent Bit OCI image to v2.2.0."
+      description: "Updated _Fluent Bit_ OCI image to [v3.0.0](https://github.com/fluent/fluent-bit/releases/tag/v3.0.0)."
 apiVersion: v1
-appVersion: 2.2.0
+appVersion: 3.0.1
 description: Fast and lightweight log processor and forwarder or Linux, OSX and BSD
   family operating systems.
 home: https://fluentbit.io/
@@ -24,4 +24,4 @@ maintainers:
 name: fluent-bit
 sources:
 - https://github.com/fluent/fluent-bit/
-version: 0.40.0
+version: 0.46.0

charts/kubezero-logging/charts/fluent-bit/ci/ci-values.yaml

@@ -1,3 +1,6 @@
+testFramework:
+  enabled: true
+
 logLevel: debug
 
 dashboards:

charts/kubezero-logging/charts/fluent-bit/templates/ingress.yaml

@@ -14,7 +14,9 @@ metadata:
     {{- include "fluent-bit.labels" . | nindent 4 }}
   {{- with .Values.ingress.annotations }}
   annotations:
-    {{- toYaml . | nindent 4 }}
+  {{- range $key, $value := . }}
+    {{ printf "%s: %s" $key ((tpl $value $) | quote) }}
+  {{- end }}
   {{- end }}
 spec:
   {{- if and $ingressSupportsIngressClassName .Values.ingress.ingressClassName }}

charts/kubezero-logging/charts/fluent-bit/templates/service.yaml

@@ -17,6 +17,11 @@ spec:
   {{- if and (eq .Values.service.type "ClusterIP") (.Values.service.clusterIP) }}
   clusterIP: {{ .Values.service.clusterIP }}
   {{- end }}
+  {{- if (eq .Values.kind "DaemonSet") }}
+  {{- with .Values.service.internalTrafficPolicy }}
+  internalTrafficPolicy: {{ . }}
+  {{- end }}
+  {{- end }}
   {{- if (eq .Values.service.type "LoadBalancer")}}
   {{- with .Values.service.loadBalancerClass}}
   loadBalancerClass: {{ . }}

charts/kubezero-logging/charts/fluent-bit/templates/servicemonitor.yaml

@@ -13,7 +13,7 @@ spec:
   jobLabel: app.kubernetes.io/instance
   endpoints:
     - port: http
-      path: /api/v1/metrics/prometheus
+      path: {{ default "/api/v2/metrics/prometheus" .Values.serviceMonitor.path }}
       {{- with .Values.serviceMonitor.interval }}
       interval: {{ . }}
       {{- end }}

charts/kubezero-logging/charts/fluent-bit/templates/tests/test-connection.yaml

@@ -5,16 +5,19 @@ metadata:
   name: "{{ include "fluent-bit.fullname" . }}-test-connection"
   namespace: {{ default .Release.Namespace .Values.testFramework.namespace }}
   labels:
-    {{- include "fluent-bit.labels" . | nindent 4 }}
+    helm.sh/chart: {{ include "fluent-bit.chart" . }}
+    app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
   annotations:
-    "helm.sh/hook": test-success
+    helm.sh/hook: test
+    helm.sh/hook-delete-policy: hook-succeeded
 spec:
   containers:
     - name: wget
       image: {{ include "fluent-bit.image" .Values.testFramework.image | quote }}
       imagePullPolicy: {{ .Values.testFramework.image.pullPolicy }}
-      command: ['wget']
-      args: ['{{ include "fluent-bit.fullname" . }}:{{ .Values.service.port }}']
+      command: ["sh"]
+      args: ["-c", "wget -O- {{ include "fluent-bit.fullname" . }}:{{ .Values.service.port }}"]
   {{- with .Values.imagePullSecrets }}
   imagePullSecrets:
     {{- toYaml . | nindent 4 }}

charts/kubezero-logging/charts/fluent-bit/values.yaml

@@ -12,7 +12,7 @@ image:
   # Set to "-" to not use the default value
   tag:
   digest:
-  pullPolicy: Always
+  pullPolicy: IfNotPresent
 
 testFramework:
   enabled: true
@@ -91,6 +91,7 @@ securityContext: {}
 service:
   type: ClusterIP
   port: 2020
+  internalTrafficPolicy:
   loadBalancerClass:
   loadBalancerSourceRanges: []
   labels: {}
@@ -128,7 +129,7 @@ serviceMonitor:
   #  scheme: ""
   #  tlsConfig: {}
 
-  ## Beare in mind if youn want to collec metrics from a different port
+  ## Bear in mind if you want to collect metrics from a different port
   ## you will need to configure the new ports on the extraPorts property.
   additionalEndpoints: []
   # - port: metrics
@@ -418,7 +419,7 @@ config:
         Time_Key time
         Time_Format %Y-%m-%dT%H:%M:%S.%L
 
-  # This allows adding more files with arbitary filenames to /fluent-bit/etc/conf by providing key/value pairs.
+  # This allows adding more files with arbitrary filenames to /fluent-bit/etc/conf by providing key/value pairs.
   # The key becomes the filename, the value becomes the file content.
   extraFiles: {}
 #     upstream.conf: |

charts/kubezero-logging/charts/fluentd/Chart.yaml

@@ -12,4 +12,4 @@ name: fluentd
 sources:
 - https://github.com/fluent/fluentd/
 - https://github.com/fluent/fluentd-kubernetes-daemonset
-version: 0.5.0
+version: 0.5.2

charts/kubezero-logging/charts/fluentd/templates/_helpers.tpl

@@ -90,3 +90,15 @@ Name of the configMap used for additional configuration files; allows users to o
     {{ printf "%s-%s" "fluentd-config" ( include "fluentd.shortReleaseName" . ) }}
 {{- end -}}
 {{- end -}}
+
+{{/*
+HPA ApiVersion according k8s version
+Check legacy first so helm template / kustomize will default to latest version
+*/}}
+{{- define "fluentd.hpa.apiVersion" -}}
+{{- if and (.Capabilities.APIVersions.Has "autoscaling/v2beta2") (semverCompare "<1.23-0" .Capabilities.KubeVersion.GitVersion) -}}
+autoscaling/v2beta2
+{{- else -}}
+autoscaling/v2
+{{- end -}}
+{{- end -}}

charts/kubezero-logging/charts/fluentd/templates/hpa.yaml

@@ -1,5 +1,5 @@
 {{- if and  ( eq  .Values.kind "Deployment" )  .Values.autoscaling.enabled  }}
-apiVersion: autoscaling/v2beta2
+apiVersion: {{ include "fluentd.hpa.apiVersion" . }}
 kind: HorizontalPodAutoscaler
 metadata:
   name: {{ include "fluentd.fullname" . }}

charts/kubezero-logging/charts/fluentd/templates/tests/test-connection.yaml

@@ -1,4 +1,11 @@
+{{/*
+Target the very simple case where
+fluentd is deployed with the default values
+If the fluentd config is overriden and the metrics server removed
+this will fail.
+*/}}
 {{- if .Values.testFramework.enabled }}
+{{ if empty .Values.service.ports }}
 apiVersion: v1
 kind: Pod
 metadata:
@@ -11,7 +18,14 @@ spec:
   containers:
     - name: wget
       image: busybox
-      command: ['wget']
-      args: ['{{ include "fluentd.fullname" . }}:{{ .Values.service.port }}']
+      command:
+        - sh
+        - -c
+        - |
+          set -e
+          # Give fluentd some time to start up
+          while :; do nc -vz {{ include "fluentd.fullname" . }}:24231 && break; sleep 1; done
+          wget '{{ include "fluentd.fullname" . }}:24231/metrics'
   restartPolicy: Never
+{{ end }}
 {{- end }}

charts/kubezero-logging/charts/fluentd/values.yaml

@@ -321,6 +321,14 @@ fileConfigs:
       emit_unmatched_lines true
     </source>
 
+    # expose metrics in prometheus format
+    <source>
+      @type prometheus
+      bind 0.0.0.0
+      port 24231
+      metrics_path /metrics
+    </source>
+
   02_filters.conf: |-
     <label @KUBERNETES>
       <match kubernetes.var.log.containers.fluentd**>
@@ -378,6 +386,8 @@ fileConfigs:
         path ""
         user elastic
         password changeme
+        # Don't wait for elastic to start up.
+        verify_es_version_at_startup false
       </match>
     </label>
 

charts/kubezero-logging/fluentd.patch

@@ -1,32 +1,38 @@
-diff -tubrN charts/fluentd/templates/fluentd-configurations-cm.yaml charts/fluentd.zdt/templates/fluentd-configurations-cm.yaml
---- charts/fluentd/templates/fluentd-configurations-cm.yaml	2021-02-12 18:13:04.000000000 +0100
-+++ charts/fluentd.zdt/templates/fluentd-configurations-cm.yaml	2021-03-09 17:54:34.904992401 +0100
-@@ -7,7 +7,7 @@
+diff -rtuN charts/fluentd.orig/templates/fluentd-configurations-cm.yaml charts/fluentd/templates/fluentd-configurations-cm.yaml
+--- charts/fluentd.orig/templates/fluentd-configurations-cm.yaml	2024-04-08 11:00:03.030515998 +0000
++++ charts/fluentd/templates/fluentd-configurations-cm.yaml	2024-04-08 11:00:03.040516045 +0000
+@@ -9,7 +9,7 @@
  data:
  {{- range $key, $value := .Values.fileConfigs }}
    {{$key }}: |-
 -    {{- $value | nindent 4 }}
 +    {{- (tpl $value $) | nindent 4 }}
  {{- end }}
+ {{- end }}
  
- ---
-diff -tubrN charts/fluentd/templates/tests/test-connection.yaml charts/fluentd.zdt/templates/tests/test-connection.yaml
---- charts/fluentd/templates/tests/test-connection.yaml	2021-02-12 18:13:04.000000000 +0100
-+++ charts/fluentd.zdt/templates/tests/test-connection.yaml	2021-03-09 17:54:34.904992401 +0100
-@@ -1,3 +1,4 @@
+diff -rtuN charts/fluentd.orig/templates/tests/test-connection.yaml charts/fluentd/templates/tests/test-connection.yaml
+--- charts/fluentd.orig/templates/tests/test-connection.yaml	2024-04-08 11:00:03.030515998 +0000
++++ charts/fluentd/templates/tests/test-connection.yaml	2024-04-08 11:03:16.254774985 +0000
+@@ -4,6 +4,7 @@
+ If the fluentd config is overriden and the metrics server removed
+ this will fail.
+ */}}
 +{{- if .Values.testFramework.enabled }}
+ {{ if empty .Values.service.ports }}
  apiVersion: v1
  kind: Pod
- metadata:
-@@ -13,3 +14,4 @@
-       command: ['wget']
-       args: ['{{ include "fluentd.fullname" . }}:{{ .Values.service.port }}']
+@@ -26,4 +27,5 @@
+           while :; do nc -vz {{ include "fluentd.fullname" . }}:24231 && break; sleep 1; done
+           wget '{{ include "fluentd.fullname" . }}:24231/metrics'
    restartPolicy: Never
+-{{ end }}
+\ No newline at end of file
++{{ end }}
 +{{- end }}
-diff -tubrN charts/fluentd/values.yaml charts/fluentd.zdt/values.yaml
---- charts/fluentd/values.yaml	2021-02-12 18:13:04.000000000 +0100
-+++ charts/fluentd.zdt/values.yaml	2021-03-09 17:54:34.908325735 +0100
-@@ -12,6 +12,9 @@
+diff -rtuN charts/fluentd.orig/values.yaml charts/fluentd/values.yaml
+--- charts/fluentd.orig/values.yaml	2024-04-08 11:00:03.030515998 +0000
++++ charts/fluentd/values.yaml	2024-04-08 11:00:03.040516045 +0000
+@@ -13,6 +13,9 @@
    pullPolicy: "IfNotPresent"
    tag: ""
  

charts/kubezero/values.yaml

@@ -108,7 +108,7 @@ metrics:
 logging:
   enabled: false
   namespace: logging
-  targetRevision: 0.8.10
+  targetRevision: 0.8.11
 
 argo:
   enabled: false