ZeroDownTime/KubeZero
3
0
Fork 0
Code Issues 1 Pull Requests 25 Packages Projects Releases Wiki Activity

Calico version bump to 3.16.1

Browse Source
This commit is contained in:
Stefan Reimer 2020-09-09 14:17:02 +01:00
parent 777fe64f01
commit 862fb4be9d
8 changed files with 131 additions and 244 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
charts/kubezero-calico/Chart.yaml
View File

@ -2,8 +2,8 @@ apiVersion: v2
name: kubezero-calico
description: KubeZero Umbrella Chart for Calico
type: application
version: 0.1.9
appVersion: 3.15.1
version: 0.2.0
appVersion: v3.16.1
home: https://kubezero.com
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
keywords:

5
charts/kubezero-calico/README.md
View File

@ -2,7 +2,7 @@ kubezero-calico
===============
KubeZero Umbrella Chart for Calico
Current chart version is `0.1.9`
Current chart version is `0.2.0`
Source code can be found [here](https://kubezero.com)
@ -38,10 +38,9 @@ The setup is based on the upstream calico-vxlan config from
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| customIPPool | object | `{}` | |
| image.tag | string | `""` | |
| installCRDs | bool | `false` | |
| loglevel | string | `"Warning"` | |
| migration | bool | `false` | |
| mtu | int | `8941` | |
| network | string | `"vxlan"` | |
| prometheus | bool | `false` | |

97
charts/kubezero-calico/crds/crds.yaml
View File

@ -1,4 +1,3 @@
---
# Source: calico/templates/kdd-crds.yaml
@ -44,6 +43,32 @@ spec:
64512]'
format: int32
type: integer
communities:
description: Communities is a list of BGP community values and their
arbitrary names for tagging routes.
items:
description: Community contains standard or large community value
and its name.
properties:
name:
description: Name given to community value.
type: string
value:
description: Value must be of format `aa:nn` or `aa:nn:mm`.
For standard community use `aa:nn` format, where `aa` and
`nn` are 16 bit number. For large community use `aa:nn:mm`
format, where `aa`, `nn` and `mm` are 32 bit number. Where,
`aa` is an AS Number, `nn` and `mm` are per-AS identifier.
pattern: ^(\d+):(\d+)$|^(\d+):(\d+):(\d+)$
type: string
type: object
type: array
listenPort:
description: ListenPort is the port where BGP protocol should listen.
Defaults to 179
maximum: 65535
minimum: 1
type: integer
logSeverityScreen:
description: 'LogSeverityScreen is the log severity above which logs
are sent to the stdout. [Default: INFO]'
@ -52,13 +77,36 @@ spec:
description: 'NodeToNodeMeshEnabled sets whether full node to node
BGP mesh is enabled. [Default: true]'
type: boolean
prefixAdvertisements:
description: PrefixAdvertisements contains per-prefix advertisement
configuration.
items:
description: PrefixAdvertisement configures advertisement properties
for the specified CIDR.
properties:
cidr:
description: CIDR for which properties should be advertised.
type: string
communities:
description: Communities can be list of either community names
already defined in `Specs.Communities` or community value
of format `aa:nn` or `aa:nn:mm`. For standard community use
`aa:nn` format, where `aa` and `nn` are 16 bit number. For
large community use `aa:nn:mm` format, where `aa`, `nn` and
`mm` are 32 bit number. Where,`aa` is an AS Number, `nn` and
`mm` are per-AS identifier.
items:
type: string
type: array
type: object
type: array
serviceClusterIPs:
description: ServiceClusterIPs are the CIDR blocks from which service
cluster IPs are allocated. If specified, Calico will advertise these
blocks, as well as any cluster IPs within them.
items:
description: ServiceClusterIPBlock represents a single whitelisted
CIDR block for ClusterIPs.
description: ServiceClusterIPBlock represents a single allowed ClusterIP
CIDR block.
properties:
cidr:
type: string
@ -69,8 +117,8 @@ spec:
Service External IPs. Kubernetes Service ExternalIPs will only be
advertised if they are within one of these blocks.
items:
description: ServiceExternalIPBlock represents a single whitelisted
CIDR External IP block.
description: ServiceExternalIPBlock represents a single allowed
External IP CIDR block.
properties:
cidr:
type: string
@ -129,6 +177,12 @@ spec:
description: The AS Number of the peer.
format: int32
type: integer
keepOriginalNextHop:
description: Option to keep the original nexthop field when routes
are sent to a BGP Peer. Setting "true" configures the selected BGP
Peers node to use the "next hop keep;" instead of "next hop self;"(default)
in the specific branch of the Node on "bird.cfg".
type: boolean
node:
description: The node name identifying the Calico node instance that
is peering with this peer. If this is not set, this represents a
@ -139,7 +193,11 @@ spec:
this is set, the Node field must be empty.
type: string
peerIP:
description: The IP address of the peer.
description: The IP address of the peer followed by an optional port
number to peer with. If port number is given, format should be `[<IPv6>]:port`
or `<IPv4>:<port>` for IPv4. If optional port number is not set,
and this peer IP and ASNumber belongs to a calico/node with ListenPort
set in BGPConfiguration, then we use that port to peer.
type: string
peerSelector:
description: Selector for the remote nodes to peer with. When this
@ -338,6 +396,15 @@ spec:
spec:
description: FelixConfigurationSpec contains the values of the Felix configuration.
properties:
awsSrcDstCheck:
description: 'Set source-destination-check on AWS EC2 instances. Accepted
value must be one of "DoNothing", "Enabled" or "Disabled". [Default:
DoNothing]'
enum:
- DoNothing
- Enable
- Disable
type: string
bpfConnectTimeLoadBalancingEnabled:
description: 'BPFConnectTimeLoadBalancingEnabled when in BPF mode,
controls whether Felix installs the connection-time load balancer. The
@ -500,6 +567,13 @@ spec:
- protocol
type: object
type: array
featureDetectOverride:
description: FeatureDetectOverride is used to override the feature
detection. Values are specified in a comma separated list with no
spaces, example; "SNATFullyRandom=true,MASQFullyRandom=false,RestoreSupportsLock=".
"true" or "false" will force the feature, empty or omitted values
are auto-detected.
type: string
genericXDPEnabled:
description: 'GenericXDPEnabled enables Generic XDP so network cards
that don''t support XDP offload or driver modes can use XDP. This
@ -531,6 +605,11 @@ spec:
integrations set the cali value, and our OpenStack integration
sets the tap value. [Default: cali]'
type: string
interfaceRefreshInterval:
description: InterfaceRefreshInterval is the period at which Felix
rescans local interfaces to verify their state. The rescan can be
disabled by setting the interval to 0.
type: string
ipipEnabled:
type: boolean
ipipMTU:
@ -802,8 +881,6 @@ spec:
Calico''s BPF maps or attached programs. Set to 0 to disable XDP
refresh. [Default: 90s]'
type: string
required:
- bpfLogLevel
type: object
type: object
served: true
@ -2034,7 +2111,7 @@ spec:
type: object
ipipMode:
description: Contains configuration for IPIP tunneling for this pool.
If not specified, then this is defaulted to "Never" (i.e. IPIP tunelling
If not specified, then this is defaulted to "Never" (i.e. IPIP tunneling
is disabled).
type: string
nat-outgoing:
@ -2054,7 +2131,7 @@ spec:
vxlanMode:
description: Contains configuration for VXLAN tunneling for this pool.
If not specified, then this is defaulted to "Never" (i.e. VXLAN
tunelling is disabled).
tunneling is disabled).
type: string
required:
- cidr

47
charts/kubezero-calico/templates/calico.yaml
View File

@ -28,6 +28,7 @@ data:
{
"type": "calico",
"log_level": "info",
"log_file_path": "/var/log/calico/cni/cni.log",
"datastore_type": "kubernetes",
"nodename": "__KUBERNETES_NODE_NAME__",
"mtu": __CNI_MTU__,
@ -341,8 +342,13 @@ spec:
# This container installs the CNI binaries
# and CNI network config file on each node.
- name: install-cni
image: calico/cni:v3.15.1
command: ["/install-cni.sh"]
image: calico/cni:{{ default .Chart.AppVersion .Values.image.tag }}
command: ["/opt/cni/bin/install"]
envFrom:
- configMapRef:
# Allow KUBERNETES_SERVICE_HOST and KUBERNETES_SERVICE_PORT to be overridden for eBPF mode.
name: kubernetes-services-endpoint
optional: true
env:
# Name of the CNI config file to create.
- name: CNI_CONF_NAME
@ -377,7 +383,7 @@ spec:
# Adds a Flex Volume Driver that creates a per-pod Unix Domain Socket to allow Dikastes
# to communicate with Felix over the Policy Sync API.
- name: flexvol-driver
image: calico/pod2daemon-flexvol:v3.15.1
image: calico/pod2daemon-flexvol:{{ default .Chart.AppVersion .Values.image.tag }}
volumeMounts:
- name: flexvol-driver-host
mountPath: /host/driver
@ -388,7 +394,12 @@ spec:
# container programs network policy and routes on each
# host.
- name: calico-node
image: calico/node:v3.15.1
image: calico/node:{{ default .Chart.AppVersion .Values.image.tag }}
envFrom:
- configMapRef:
# Allow KUBERNETES_SERVICE_HOST and KUBERNETES_SERVICE_PORT to be overridden for eBPF mode.
name: kubernetes-services-endpoint
optional: true
env:
# Use Kubernetes API as the backing datastore.
- name: DATASTORE_TYPE
@ -437,17 +448,14 @@ spec:
configMapKeyRef:
name: calico-config
key: veth_mtu
# Disable AWS source-destination check on nodes.
- name: FELIX_AWSSRCDSTCHECK
value: DoNothing
# The default IPv4 pool to create on startup if none exists. Pod IPs will be
# chosen from this range. Changing this value after installation will have
# no effect. This should fall within `--cluster-cidr`.
# - name: CALICO_IPV4POOL_CIDR
# value: "192.168.0.0/16"
# Set MTU for the Wireguard tunnel device.
- name: FELIX_WIREGUARDMTU
valueFrom:
configMapKeyRef:
name: calico-config
key: veth_mtu
# Disable file logging so `kubectl logs` works.
- name: CALICO_DISABLE_FILE_LOGGING
value: "true"
@ -464,12 +472,12 @@ spec:
value: "{{ .Values.loglevel }}"
- name: FELIX_LOGSEVERITYSYS
value: ""
- name: FELIX_HEALTHENABLED
value: "true"
- name: FELIX_PROMETHEUSGOMETRICSENABLED
value: "{{ .Values.prometheus }}"
- name: FELIX_PROMETHEUSMETRICSENABLED
value: "{{ .Values.prometheus }}"
- name: FELIX_HEALTHENABLED
value: "true"
securityContext:
privileged: true
resources:
@ -483,14 +491,12 @@ spec:
periodSeconds: 10
initialDelaySeconds: 10
failureThreshold: 6
timeoutSeconds: 3
readinessProbe:
exec:
command:
- /bin/calico-node
- -felix-ready
periodSeconds: 10
timeoutSeconds: 3
volumeMounts:
- mountPath: /lib/modules
name: lib-modules
@ -506,6 +512,13 @@ spec:
readOnly: false
- name: policysync
mountPath: /var/run/nodeagent
# For eBPF mode, we need to be able to mount the BPF filesystem at /sys/fs/bpf so we mount in the
# parent directory.
- name: sysfs
mountPath: /sys/fs/
# Bidirectional means that, if we mount the BPF filesystem at /sys/fs/bpf it will propagate to the host.
# If the host is known to mount that filesystem already then Bidirectional can be omitted.
mountPropagation: Bidirectional
volumes:
# Used by calico-node.
- name: lib-modules
@ -521,6 +534,10 @@ spec:
hostPath:
path: /run/xtables.lock
type: FileOrCreate
- name: sysfs
hostPath:
path: /sys/fs/
type: DirectoryOrCreate
# Used to install CNI.
- name: cni-bin-dir
hostPath:
@ -590,7 +607,7 @@ spec:
priorityClassName: system-cluster-critical
containers:
- name: calico-kube-controllers
image: calico/kube-controllers:v3.15.1
image: calico/kube-controllers:{{ default .Chart.AppVersion .Values.image.tag }}
env:
# Choose which controllers to run.
- name: ENABLED_CONTROLLERS

13
charts/kubezero-calico/templates/ippool.yaml
View File

@ -1,13 +0,0 @@
{{- if .Values.customIPPool }}
apiVersion: crd.projectcalico.org/v1
kind: IPPool
metadata:
name: default-ipv4-ippool
spec:
cidr: 10.244.0.0/16
blockSize: 26
ipipMode: Never
natOutgoing: true
nodeSelector: all()
vxlanMode: Always
{{- end }}

192
charts/kubezero-calico/templates/migration-job.yaml
View File

@ -1,192 +0,0 @@
{{- if .Values.migration }}
---
# This ConfigMap is used to store Flannel subnet.env content.
kind: ConfigMap
apiVersion: v1
metadata:
name: flannel-migration-config
namespace: kube-system
data:
# Do not edit! This field is updated by migration controller.
flannel_subnet_env: ""
---
# Include a clusterrole for the kube-controllers component,
# and bind it to the flannel-migration-controller serviceaccount.
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: flannel-migration-controller
rules:
# Nodes are watched to monitor for deletions.
- apiGroups: [""]
resources:
- nodes
verbs:
- watch
- list
- get
- patch
- update
# Nodes are watched to monitor for deletions.
- apiGroups: [""]
resources:
- nodes/status
verbs:
- get
- update
# Pods are created/deleted.
- apiGroups: [""]
resources:
- pods
verbs:
- get
- list
- create
- delete
# Pods/exec are created.
- apiGroups: [""]
resources:
- pods/exec
verbs:
- create
# Configmaps are updated.
- apiGroups: [""]
resources:
- configmaps
verbs:
- get
- update
- apiGroups: [""]
resources:
- pods/eviction
verbs:
- create
# Daemonset are watched to monitor for deletions.
- apiGroups: ["apps", "extensions"]
resources:
- daemonsets
verbs:
- get
- delete
- update
# IPAM resources are manipulated when nodes are deleted.
- apiGroups: ["crd.projectcalico.org"]
resources:
- ippools
verbs:
- get
- list
- create
- update
- delete
- apiGroups: ["crd.projectcalico.org"]
resources:
- ipamconfigs
- blockaffinities
- ipamblocks
- ipamhandles
verbs:
- get
- list
- create
- update
- delete
# Needs access to update clusterinformations.
- apiGroups: ["crd.projectcalico.org"]
resources:
- clusterinformations
verbs:
- get
- create
- update
# Needs access to update felixconfigurations.
- apiGroups: ["crd.projectcalico.org"]
resources:
- felixconfigurations
verbs:
- get
- create
- update
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: flannel-migration-controller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: flannel-migration-controller
subjects:
- kind: ServiceAccount
name: flannel-migration-controller
namespace: kube-system
---
# See https://github.com/projectcalico/kube-controllers
apiVersion: batch/v1
kind: Job
metadata:
name: flannel-migration
namespace: kube-system
labels:
k8s-app: flannel-migration-controller
spec:
backoffLimit: 10
template:
metadata:
name: flannel-migration-controller
namespace: kube-system
labels:
k8s-app: flannel-migration-controller
spec:
nodeSelector:
kubernetes.io/os: linux
tolerations:
# Mark the pod as a critical add-on for rescheduling.
- key: CriticalAddonsOnly
operator: Exists
serviceAccountName: flannel-migration-controller
priorityClassName: system-cluster-critical
restartPolicy: OnFailure
containers:
- name: flannel-migration-controller
image: calico/flannel-migration-controller:v3.15.0
env:
# Choose which controllers to run.
- name: ENABLED_CONTROLLERS
value: flannelmigration
- name: DATASTORE_TYPE
value: kubernetes
- name: FLANNEL_DAEMONSET_NAME
value: canal
- name: FLANNEL_SUBNET_ENV
valueFrom:
configMapKeyRef:
name: flannel-migration-config
key: flannel_subnet_env
- name: POD_NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
volumeMounts:
- mountPath: /host/run/flannel/subnet.env
name: flannel-env-file
readinessProbe:
exec:
command:
- /usr/bin/check-status
- -r
volumes:
- name: flannel-env-file
hostPath:
path: /run/flannel/subnet.env
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: flannel-migration-controller
namespace: kube-system
{{- end }}

9
charts/kubezero-calico/values.yaml
View File

@ -1,5 +1,8 @@
installCRDs: false
image:
tag: ""
network: vxlan
mtu: 8941
@ -7,9 +10,3 @@ mtu: 8941
loglevel: Warning
prometheus: false
customIPPool: {}
# Soon to be removed
migration: false

8
charts/kubezero-logging/README.md
View File

@ -55,9 +55,9 @@ Source code can be found [here](https://kubezero.com)
| es.prometheus | bool | `false` | |
| es.s3Snapshot.enabled | bool | `false` | |
| es.s3Snapshot.iamrole | string | `""` | |
| fluent-bit.config.filters | string | `"[FILTER]\n Name kubernetes\n Match kube.*\n Merge_Log On\n Keep_Log Off\n K8S-Logging.Parser On\n K8S-Logging.Exclude On\n\n[FILTER]\n Name lua\n Match kube.*\n script /fluent-bit/etc/functions.lua\n call dedot\n"` | |
| fluent-bit.config.filters | string | `"[FILTER]\n Name lua\n Match kube.*\n script /fluent-bit/etc/functions.lua\n call reassemble_cri_logs\n\n[FILTER]\n Name kubernetes\n Match kube.*\n Merge_Log On\n Keep_Log Off\n K8S-Logging.Parser On\n K8S-Logging.Exclude On\n\n[FILTER]\n Name lua\n Match kube.*\n script /fluent-bit/etc/functions.lua\n call dedot\n"` | |
| fluent-bit.config.inputs | string | `"[INPUT]\n Name tail\n Path /var/log/containers/*.log\n Parser cri\n Tag kube.*\n Mem_Buf_Limit 5MB\n Skip_Long_Lines On\n Refresh_Interval 10\n DB /var/log/flb_kube.db\n DB.Sync Normal\n[INPUT]\n Name tail\n Path /var/log/kubernetes/audit.log\n Parser json\n Tag kube.api.audit\n Mem_Buf_Limit 5MB\n Skip_Long_Lines On\n Refresh_Interval 60\n DB /var/log/flb_kube_audit.db\n DB.Sync Normal\n"` | |
| fluent-bit.config.lua | string | `"function dedot(tag, timestamp, record)\n if record[\"kubernetes\"] == nil then\n return 0, 0, 0\n end\n dedot_keys(record[\"kubernetes\"][\"annotations\"])\n dedot_keys(record[\"kubernetes\"][\"labels\"])\n return 1, timestamp, record\nend\n\nfunction dedot_keys(map)\n if map == nil then\n return\n end\n local new_map = {}\n local changed_keys = {}\n for k, v in pairs(map) do\n local dedotted = string.gsub(k, \"%.\", \"_\")\n if dedotted ~= k then\n new_map[dedotted] = v\n changed_keys[k] = true\n end\n end\n for k in pairs(changed_keys) do\n map[k] = nil\n end\n for k, v in pairs(new_map) do\n map[k] = v\n end\nend\n"` | |
| fluent-bit.config.lua | string | `"function dedot(tag, timestamp, record)\n if record[\"kubernetes\"] == nil then\n return 0, 0, 0\n end\n dedot_keys(record[\"kubernetes\"][\"annotations\"])\n dedot_keys(record[\"kubernetes\"][\"labels\"])\n return 1, timestamp, record\nend\n\nfunction dedot_keys(map)\n if map == nil then\n return\n end\n local new_map = {}\n local changed_keys = {}\n for k, v in pairs(map) do\n local dedotted = string.gsub(k, \"%.\", \"_\")\n if dedotted ~= k then\n new_map[dedotted] = v\n changed_keys[k] = true\n end\n end\n for k in pairs(changed_keys) do\n map[k] = nil\n end\n for k, v in pairs(new_map) do\n map[k] = v\n end\nend\n\nlocal reassemble_state = {}\n\nfunction reassemble_cri_logs(tag, timestamp, record)\n -- IMPORTANT: reassemble_key must be unique for each parser stream\n -- otherwise entries from different sources will get mixed up.\n -- Either make sure that your parser tags satisfy this or construct\n -- reassemble_key some other way\n local reassemble_key = tag\n -- if partial line, accumulate\n if record.logtag == 'P' then\n reassemble_state[reassemble_key] = reassemble_state[reassemble_key] or \"\" .. record.message\n return -1, 0, 0\n end\n -- otherwise it's a full line, concatenate with accumulated partial lines if any\n record.message = reassemble_state[reassemble_key] or \"\" .. (record.message or \"\")\n reassemble_state[reassemble_key] = nil\n return 1, timestamp, record\nend\n"` | |
| fluent-bit.config.outputs | string | `"[OUTPUT]\n Match *\n Name forward\n Host logging-fluentd\n Port 24224\n tls on\n tls.verify off\n Shared_Key cloudbender\n"` | |
| fluent-bit.config.service | string | `"[SERVICE]\n Flush 5\n Daemon Off\n Log_Level warn\n Parsers_File parsers.conf\n Parsers_File custom_parsers.conf\n HTTP_Server On\n HTTP_Listen 0.0.0.0\n HTTP_Port 2020\n"` | |
| fluent-bit.enabled | bool | `false` | |
@ -67,6 +67,7 @@ Source code can be found [here](https://kubezero.com)
| fluent-bit.test.enabled | bool | `false` | |
| fluent-bit.tolerations[0].effect | string | `"NoSchedule"` | |
| fluent-bit.tolerations[0].key | string | `"node-role.kubernetes.io/master"` | |
| fluentd.configMaps."filter.conf" | string | `"<filter kube.**>\n @type parser\n key_name message\n remove_key_name_field true\n reserve_data true\n emit_invalid_record_to_error false\n <parse>\n @type json\n </parse>\n</filter>\n"` | |
| fluentd.configMaps."forward-input.conf" | string | `"<source>\n @type forward\n port 24224\n bind 0.0.0.0\n skip_invalid_event true\n <transport tls>\n cert_path /mnt/fluentd-certs/tls.crt\n private_key_path /mnt/fluentd-certs/tls.key\n </transport>\n <security>\n self_hostname \"#{ENV['HOSTNAME']}\"\n shared_key \"#{ENV['FLUENTD_SHARED_KEY']}\"\n </security>\n</source>\n"` | |
| fluentd.configMaps."output.conf" | string | `"<match **>\n @id elasticsearch\n @type elasticsearch\n @log_level info\n include_tag_key true\n id_key id\n remove_keys id\n\n # KubeZero pipeline incl. GeoIP etc.\n # Freaking ES jams under load and all is lost ...\n # pipeline fluentd\n\n host \"#{ENV['OUTPUT_HOST']}\"\n port \"#{ENV['OUTPUT_PORT']}\"\n scheme \"#{ENV['OUTPUT_SCHEME']}\"\n ssl_version \"#{ENV['OUTPUT_SSL_VERSION']}\"\n ssl_verify \"#{ENV['OUTPUT_SSL_VERIFY']}\"\n user \"#{ENV['OUTPUT_USER']}\"\n password \"#{ENV['OUTPUT_PASSWORD']}\"\n\n log_es_400_reason\n logstash_format true\n reconnect_on_error true\n # reload_on_failure true\n request_timeout 15s\n suppress_type_name true\n\n <buffer>\n @type file\n path /var/log/fluentd-buffers/kubernetes.system.buffer\n flush_mode interval\n flush_thread_count 2\n flush_interval 30s\n flush_at_shutdown true\n retry_type exponential_backoff\n retry_timeout 60m\n chunk_limit_size 16M\n overflow_action drop_oldest_chunk\n </buffer>\n</match>\n"` | |
| fluentd.enabled | bool | `false` | |
@ -84,7 +85,7 @@ Source code can be found [here](https://kubezero.com)
| fluentd.extraVolumes[0].name | string | `"fluentd-certs"` | |
| fluentd.extraVolumes[0].secret.secretName | string | `"fluentd-certificate"` | |
| fluentd.image.repository | string | `"quay.io/fluentd_elasticsearch/fluentd"` | |
| fluentd.image.tag | string | `"v2.9.0"` | |
| fluentd.image.tag | string | `"v3.0.4"` | |
| fluentd.istio.enabled | bool | `false` | |
| fluentd.metrics.enabled | bool | `false` | |
| fluentd.metrics.serviceMonitor.additionalLabels.release | string | `"metrics"` | |
@ -111,3 +112,4 @@ Source code can be found [here](https://kubezero.com)
- https://www.elastic.co/downloads/elastic-cloud-kubernetes
- https://github.com/elastic/cloud-on-k8s
- https://grafana.com/grafana/dashboards/7752