Version upgrade ES/Kibana and Fluentbit, various tunings
This commit is contained in:
parent
532710b77b
commit
50ffcf28eb
@ -2,8 +2,8 @@ apiVersion: v2
|
|||||||
name: kubezero-logging
|
name: kubezero-logging
|
||||||
description: KubeZero Umbrella Chart for complete EFK stack
|
description: KubeZero Umbrella Chart for complete EFK stack
|
||||||
type: application
|
type: application
|
||||||
version: 0.5.3
|
version: 0.6.0
|
||||||
appVersion: 1.3.1
|
appVersion: 1.4.0
|
||||||
home: https://kubezero.com
|
home: https://kubezero.com
|
||||||
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
|
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
|
||||||
keywords:
|
keywords:
|
||||||
@ -19,13 +19,13 @@ dependencies:
|
|||||||
version: ">= 0.1.3"
|
version: ">= 0.1.3"
|
||||||
repository: https://zero-down-time.github.io/kubezero/
|
repository: https://zero-down-time.github.io/kubezero/
|
||||||
- name: eck-operator
|
- name: eck-operator
|
||||||
version: 1.3.1
|
version: 1.4.0
|
||||||
repository: https://helm.elastic.co
|
repository: https://helm.elastic.co
|
||||||
condition: eck-operator.enabled
|
condition: eck-operator.enabled
|
||||||
- name: fluentd
|
- name: fluentd
|
||||||
version: 2.5.3
|
version: 2.5.3
|
||||||
condition: fluentd.enabled
|
condition: fluentd.enabled
|
||||||
- name: fluent-bit
|
- name: fluent-bit
|
||||||
version: 0.7.14
|
version: 0.12.3
|
||||||
condition: fluent-bit.enabled
|
condition: fluent-bit.enabled
|
||||||
kubeVersion: ">= 1.16.0"
|
kubeVersion: ">= 1.16.0"
|
||||||
|
@ -1,20 +1,23 @@
|
|||||||
|
annotations:
|
||||||
|
artifacthub.io/changes: |
|
||||||
|
- add custom annotations on dashboards configmap
|
||||||
apiVersion: v2
|
apiVersion: v2
|
||||||
name: fluent-bit
|
appVersion: 1.7.1
|
||||||
description: Fast and lightweight log processor and forwarder or Linux, OSX and BSD family operating systems.
|
description: Fast and lightweight log processor and forwarder or Linux, OSX and BSD family operating systems.
|
||||||
|
home: https://fluentbit.io/
|
||||||
|
icon: https://fluentbit.io/assets/img/logo1-default.png
|
||||||
keywords:
|
keywords:
|
||||||
- logging
|
- logging
|
||||||
- fluent-bit
|
- fluent-bit
|
||||||
- fluentd
|
- fluentd
|
||||||
version: 0.7.14
|
maintainers:
|
||||||
appVersion: 1.6.8
|
- email: eduardo@treasure-data.com
|
||||||
icon: https://fluentbit.io/assets/img/logo1-default.png
|
name: edsiper
|
||||||
home: https://fluentbit.io/
|
- email: naseem@transit.app
|
||||||
|
name: naseemkullah
|
||||||
|
- email: towmeykaw@gmail.com
|
||||||
|
name: Towmeykaw
|
||||||
|
name: fluent-bit
|
||||||
sources:
|
sources:
|
||||||
- https://github.com/fluent/fluent-bit/
|
- https://github.com/fluent/fluent-bit/
|
||||||
maintainers:
|
version: 0.12.3
|
||||||
- name: edsiper
|
|
||||||
email: eduardo@treasure-data.com
|
|
||||||
- name: naseemkullah
|
|
||||||
email: naseem@transit.app
|
|
||||||
- name: Towmeykaw
|
|
||||||
email: towmeykaw@gmail.com
|
|
||||||
|
@ -1,6 +0,0 @@
|
|||||||
[PARSER]
|
|
||||||
Name cri-log
|
|
||||||
Format regex
|
|
||||||
Regex ^(?<time>[^ ]+) (?<stream>stdout|stderr) (?<logtag>[^ ]*) (?<log>.*)$
|
|
||||||
Time_Key time
|
|
||||||
Time_Format %Y-%m-%dT%H:%M:%S.%L%z
|
|
@ -1,76 +0,0 @@
|
|||||||
[SERVICE]
|
|
||||||
Flush {{ .Values.config.flushInterval }}
|
|
||||||
Daemon Off
|
|
||||||
Log_Level {{ .Values.config.logLevel }}
|
|
||||||
Parsers_File parsers.conf
|
|
||||||
Parsers_File custom_parsers.conf
|
|
||||||
HTTP_Server On
|
|
||||||
HTTP_Listen 0.0.0.0
|
|
||||||
HTTP_Port 2020
|
|
||||||
|
|
||||||
[INPUT]
|
|
||||||
Name tail
|
|
||||||
Path /var/log/containers/*.log
|
|
||||||
Parser cri-log
|
|
||||||
Tag cri.*
|
|
||||||
Skip_Long_Lines On
|
|
||||||
DB /var/log/flb_kube.db
|
|
||||||
DB.Sync Normal
|
|
||||||
{{- with .Values.config.input }}
|
|
||||||
Mem_Buf_Limit {{ default "16MB" .memBufLimit }}
|
|
||||||
Refresh_Interval {{ default 10 .refreshInterval }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
[FILTER]
|
|
||||||
Name lua
|
|
||||||
Match cri.*
|
|
||||||
script /fluent-bit/etc/functions.lua
|
|
||||||
call reassemble_cri_logs
|
|
||||||
|
|
||||||
[FILTER]
|
|
||||||
Name kubernetes
|
|
||||||
Match cri.*
|
|
||||||
Merge_Log On
|
|
||||||
Merge_Log_Key kube
|
|
||||||
Kube_Tag_Prefix cri.var.log.containers.
|
|
||||||
Keep_Log Off
|
|
||||||
K8S-Logging.Parser Off
|
|
||||||
K8S-Logging.Exclude Off
|
|
||||||
|
|
||||||
{{- if index .Values "config" "extraRecords" }}
|
|
||||||
|
|
||||||
[FILTER]
|
|
||||||
Name record_modifier
|
|
||||||
Match cri.*
|
|
||||||
{{- range $k,$v := index .Values "config" "extraRecords" }}
|
|
||||||
Record {{ $k }} {{ $v }}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
[FILTER]
|
|
||||||
Name rewrite_tag
|
|
||||||
Match cri.*
|
|
||||||
Emitter_Name kube_tag_rewriter
|
|
||||||
Rule logtag F kube.$kubernetes['namespace_name'].$kubernetes['container_name'] false
|
|
||||||
|
|
||||||
[FILTER]
|
|
||||||
Name lua
|
|
||||||
Match kube.*
|
|
||||||
script /fluent-bit/etc/functions.lua
|
|
||||||
call nest_k8s_ns
|
|
||||||
|
|
||||||
{{- if .Values.config.outputs }}
|
|
||||||
{{ .Values.config.outputs }}
|
|
||||||
{{- else }}
|
|
||||||
{{- with .Values.config.output }}
|
|
||||||
[OUTPUT]
|
|
||||||
Match *
|
|
||||||
Name forward
|
|
||||||
Host {{ .host }}
|
|
||||||
Port 24224
|
|
||||||
Shared_Key {{ .sharedKey }}
|
|
||||||
tls {{ ternary "on" "off" .tls }}
|
|
||||||
Send_options true
|
|
||||||
Require_ack_response true
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
@ -1,28 +0,0 @@
|
|||||||
local reassemble_state = {}
|
|
||||||
|
|
||||||
function reassemble_cri_logs(tag, timestamp, record)
|
|
||||||
local reassemble_key = tag
|
|
||||||
if record.logtag == 'P' then
|
|
||||||
reassemble_state[reassemble_key] = reassemble_state[reassemble_key] or "" .. record.log
|
|
||||||
return -1, 0, 0
|
|
||||||
end
|
|
||||||
record.log = reassemble_state[reassemble_key] or "" .. (record.log or "")
|
|
||||||
reassemble_state[reassemble_key] = nil
|
|
||||||
return 1, timestamp, record
|
|
||||||
end
|
|
||||||
|
|
||||||
function nest_k8s_ns(tag, timestamp, record)
|
|
||||||
if not record['kubernetes']['namespace_name'] then
|
|
||||||
return 0, 0, 0
|
|
||||||
end
|
|
||||||
new_record = {}
|
|
||||||
for key, val in pairs(record) do
|
|
||||||
if key == 'kube' then
|
|
||||||
new_record[key] = {}
|
|
||||||
new_record[key][record['kubernetes']['namespace_name']] = record[key]
|
|
||||||
else
|
|
||||||
new_record[key] = record[key]
|
|
||||||
end
|
|
||||||
end
|
|
||||||
return 1, timestamp, new_record
|
|
||||||
end
|
|
1305
charts/kubezero-logging/charts/fluent-bit/dashboards/fluent-bit.json
Normal file
1305
charts/kubezero-logging/charts/fluent-bit/dashboards/fluent-bit.json
Normal file
File diff suppressed because it is too large
Load Diff
@ -9,6 +9,10 @@ priorityClassName: {{ .Values.priorityClassName }}
|
|||||||
serviceAccountName: {{ include "fluent-bit.serviceAccountName" . }}
|
serviceAccountName: {{ include "fluent-bit.serviceAccountName" . }}
|
||||||
securityContext:
|
securityContext:
|
||||||
{{- toYaml .Values.podSecurityContext | nindent 2 }}
|
{{- toYaml .Values.podSecurityContext | nindent 2 }}
|
||||||
|
{{- with .Values.dnsConfig }}
|
||||||
|
dnsConfig:
|
||||||
|
{{- toYaml . | nindent 2 }}
|
||||||
|
{{- end }}
|
||||||
containers:
|
containers:
|
||||||
- name: {{ .Chart.Name }}
|
- name: {{ .Chart.Name }}
|
||||||
securityContext:
|
securityContext:
|
||||||
@ -34,14 +38,14 @@ containers:
|
|||||||
protocol: {{ .protocol }}
|
protocol: {{ .protocol }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
{{- if .Values.livenessProbe }}
|
||||||
livenessProbe:
|
livenessProbe:
|
||||||
httpGet:
|
{{- toYaml .Values.livenessProbe | nindent 6 }}
|
||||||
path: /
|
{{- end }}
|
||||||
port: http
|
{{- if .Values.readinessProbe }}
|
||||||
readinessProbe:
|
readinessProbe:
|
||||||
httpGet:
|
{{- toYaml .Values.readinessProbe | nindent 6 }}
|
||||||
path: /
|
{{- end }}
|
||||||
port: http
|
|
||||||
resources:
|
resources:
|
||||||
{{- toYaml .Values.resources | nindent 6 }}
|
{{- toYaml .Values.resources | nindent 6 }}
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
@ -51,9 +55,11 @@ containers:
|
|||||||
- name: config
|
- name: config
|
||||||
mountPath: /fluent-bit/etc/custom_parsers.conf
|
mountPath: /fluent-bit/etc/custom_parsers.conf
|
||||||
subPath: custom_parsers.conf
|
subPath: custom_parsers.conf
|
||||||
- name: config
|
{{- range $key, $value := .Values.luaScripts }}
|
||||||
mountPath: /fluent-bit/etc/functions.lua
|
- name: luascripts
|
||||||
subPath: functions.lua
|
mountPath: /fluent-bit/scripts/{{ $key }}
|
||||||
|
subPath: {{ $key }}
|
||||||
|
{{- end }}
|
||||||
{{- if eq .Values.kind "DaemonSet" }}
|
{{- if eq .Values.kind "DaemonSet" }}
|
||||||
- name: varlog
|
- name: varlog
|
||||||
mountPath: /var/log
|
mountPath: /var/log
|
||||||
@ -71,6 +77,11 @@ volumes:
|
|||||||
- name: config
|
- name: config
|
||||||
configMap:
|
configMap:
|
||||||
name: {{ if .Values.existingConfigMap }}{{ .Values.existingConfigMap }}{{- else }}{{ include "fluent-bit.fullname" . }}{{- end }}
|
name: {{ if .Values.existingConfigMap }}{{ .Values.existingConfigMap }}{{- else }}{{ include "fluent-bit.fullname" . }}{{- end }}
|
||||||
|
{{- if gt (len .Values.luaScripts) 0 }}
|
||||||
|
- name: luascripts
|
||||||
|
configMap:
|
||||||
|
name: {{ include "fluent-bit.fullname" . }}-luascripts
|
||||||
|
{{- end }}
|
||||||
{{- if eq .Values.kind "DaemonSet" }}
|
{{- if eq .Values.kind "DaemonSet" }}
|
||||||
- name: varlog
|
- name: varlog
|
||||||
hostPath:
|
hostPath:
|
||||||
|
@ -0,0 +1,20 @@
|
|||||||
|
|
||||||
|
{{- if .Values.dashboards.enabled -}}
|
||||||
|
{{- range $path, $_ := .Files.Glob "dashboards/*.json" }}
|
||||||
|
apiVersion: v1
|
||||||
|
kind: ConfigMap
|
||||||
|
metadata:
|
||||||
|
name: dashboard-{{ trimSuffix ".json" (base $path) }}
|
||||||
|
{{- with $.Values.dashboards.annotations }}
|
||||||
|
annotations:
|
||||||
|
{{- toYaml . | nindent 4 -}}
|
||||||
|
{{- end }}
|
||||||
|
labels:
|
||||||
|
{{- include "fluent-bit.labels" $ | nindent 4 }}
|
||||||
|
{{ $.Values.dashboards.labelKey }}: "1"
|
||||||
|
data:
|
||||||
|
{{ base $path }}: |
|
||||||
|
{{- $.Files.Get $path | nindent 4 }}
|
||||||
|
---
|
||||||
|
{{- end }}
|
||||||
|
{{- end -}}
|
@ -0,0 +1,12 @@
|
|||||||
|
{{- if gt (len .Values.luaScripts) 0 -}}
|
||||||
|
apiVersion: v1
|
||||||
|
kind: ConfigMap
|
||||||
|
metadata:
|
||||||
|
name: {{ include "fluent-bit.fullname" . }}-luascripts
|
||||||
|
labels:
|
||||||
|
{{- include "fluent-bit.labels" . | nindent 4 }}
|
||||||
|
data:
|
||||||
|
{{ range $key, $value := .Values.luaScripts }}
|
||||||
|
{{ $key }}: {{ $value | quote }}
|
||||||
|
{{ end }}
|
||||||
|
{{- end -}}
|
@ -7,9 +7,10 @@ metadata:
|
|||||||
{{- include "fluent-bit.labels" . | nindent 4 }}
|
{{- include "fluent-bit.labels" . | nindent 4 }}
|
||||||
data:
|
data:
|
||||||
custom_parsers.conf: |
|
custom_parsers.conf: |
|
||||||
{{ tpl (.Files.Get "conf/custom_parsers.conf") . | nindent 4 }}
|
{{- (tpl .Values.config.customParsers $) | nindent 4 }}
|
||||||
fluent-bit.conf: |
|
fluent-bit.conf: |
|
||||||
{{ tpl (.Files.Get "conf/fluent-bit.conf") . | nindent 4 }}
|
{{- (tpl .Values.config.service $) | nindent 4 }}
|
||||||
functions.lua: |
|
{{- (tpl .Values.config.inputs $) | nindent 4 }}
|
||||||
{{ tpl (.Files.Get "conf/functions.lua") . | nindent 4 }}
|
{{- (tpl .Values.config.filters $) | nindent 4 }}
|
||||||
|
{{- (tpl .Values.config.outputs $) | nindent 4 }}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
|
@ -17,6 +17,7 @@ spec:
|
|||||||
metadata:
|
metadata:
|
||||||
annotations:
|
annotations:
|
||||||
checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
|
checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
|
||||||
|
checksum/luascripts: {{ include (print $.Template.BasePath "/configmap-luascripts.yaml") . | sha256sum }}
|
||||||
{{- with .Values.podAnnotations }}
|
{{- with .Values.podAnnotations }}
|
||||||
{{- toYaml . | nindent 8 }}
|
{{- toYaml . | nindent 8 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
@ -18,6 +18,7 @@ spec:
|
|||||||
metadata:
|
metadata:
|
||||||
annotations:
|
annotations:
|
||||||
checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
|
checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
|
||||||
|
checksum/luascripts: {{ include (print $.Template.BasePath "/configmap-luascripts.yaml") . | sha256sum }}
|
||||||
{{- with .Values.podAnnotations }}
|
{{- with .Values.podAnnotations }}
|
||||||
{{- toYaml . | nindent 8 }}
|
{{- toYaml . | nindent 8 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
@ -0,0 +1,22 @@
|
|||||||
|
{{- if .Values.networkPolicy.enabled }}
|
||||||
|
apiVersion: "networking.k8s.io/v1"
|
||||||
|
kind: "NetworkPolicy"
|
||||||
|
metadata:
|
||||||
|
name: {{ include "fluent-bit.fullname" . | quote }}
|
||||||
|
labels:
|
||||||
|
{{- include "fluent-bit.labels" . | nindent 4 }}
|
||||||
|
spec:
|
||||||
|
policyTypes:
|
||||||
|
- "Ingress"
|
||||||
|
podSelector:
|
||||||
|
matchLabels:
|
||||||
|
{{- include "fluent-bit.selectorLabels" . | nindent 6 }}
|
||||||
|
ingress:
|
||||||
|
{{- with .Values.networkPolicy.ingress }}
|
||||||
|
- from:
|
||||||
|
{{- with .from }}{{- . | toYaml | nindent 8 }}{{- else }} []{{- end }}
|
||||||
|
ports:
|
||||||
|
- protocol: "TCP"
|
||||||
|
port: {{ $.Values.service.port }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
@ -0,0 +1,20 @@
|
|||||||
|
{{- if and ( .Capabilities.APIVersions.Has "monitoring.coreos.com/v1" ) .Values.prometheusRule.enabled }}
|
||||||
|
apiVersion: monitoring.coreos.com/v1
|
||||||
|
kind: PrometheusRule
|
||||||
|
metadata:
|
||||||
|
name: {{ include "fluent-bit.fullname" . }}
|
||||||
|
{{- with .Values.prometheusRule.namespace }}
|
||||||
|
namespace: {{ . }}
|
||||||
|
{{- end }}
|
||||||
|
labels:
|
||||||
|
{{- include "fluent-bit.labels" . | nindent 4 }}
|
||||||
|
{{- if .Values.prometheusRule.additionalLabels }}
|
||||||
|
{{- toYaml .Values.prometheusRule.additionalLabels | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
spec:
|
||||||
|
{{- if .Values.prometheusRule.rules }}
|
||||||
|
groups:
|
||||||
|
- name: {{ template "fluent-bit.name" . }}
|
||||||
|
rules: {{- toYaml .Values.prometheusRule.rules | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
@ -1,4 +1,4 @@
|
|||||||
{{- if .Values.test.enabled }}
|
{{- if .Values.testFramework.enabled }}
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Pod
|
kind: Pod
|
||||||
metadata:
|
metadata:
|
||||||
@ -10,8 +10,13 @@ metadata:
|
|||||||
spec:
|
spec:
|
||||||
containers:
|
containers:
|
||||||
- name: wget
|
- name: wget
|
||||||
image: busybox
|
image: "{{ .Values.testFramework.image.repository }}:{{ .Values.testFramework.image.tag }}"
|
||||||
|
imagePullPolicy: {{ .Values.testFramework.image.pullPolicy }}
|
||||||
command: ['wget']
|
command: ['wget']
|
||||||
args: ['{{ include "fluent-bit.fullname" . }}:{{ .Values.service.port }}']
|
args: ['{{ include "fluent-bit.fullname" . }}:{{ .Values.service.port }}']
|
||||||
|
{{- with .Values.imagePullSecrets }}
|
||||||
|
imagePullSecrets:
|
||||||
|
{{- toYaml . | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
restartPolicy: Never
|
restartPolicy: Never
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
@ -6,14 +6,18 @@ kind: DaemonSet
|
|||||||
# replicaCount -- Only applicable if kind=Deployment
|
# replicaCount -- Only applicable if kind=Deployment
|
||||||
replicaCount: 1
|
replicaCount: 1
|
||||||
|
|
||||||
test:
|
|
||||||
enabled: true
|
|
||||||
|
|
||||||
image:
|
image:
|
||||||
repository: fluent/fluent-bit
|
repository: fluent/fluent-bit
|
||||||
pullPolicy: Always
|
pullPolicy: Always
|
||||||
# tag:
|
# tag:
|
||||||
|
|
||||||
|
testFramework:
|
||||||
|
enabled: false
|
||||||
|
image:
|
||||||
|
repository: busybox
|
||||||
|
pullPolicy: Always
|
||||||
|
tag: latest
|
||||||
|
|
||||||
imagePullSecrets: []
|
imagePullSecrets: []
|
||||||
nameOverride: ""
|
nameOverride: ""
|
||||||
fullnameOverride: ""
|
fullnameOverride: ""
|
||||||
@ -32,7 +36,16 @@ podSecurityPolicy:
|
|||||||
podSecurityContext:
|
podSecurityContext:
|
||||||
{}
|
{}
|
||||||
# fsGroup: 2000
|
# fsGroup: 2000
|
||||||
|
dnsConfig: {}
|
||||||
|
# nameservers:
|
||||||
|
# - 1.2.3.4
|
||||||
|
# searches:
|
||||||
|
# - ns1.svc.cluster-domain.example
|
||||||
|
# - my.dns.search.suffix
|
||||||
|
# options:
|
||||||
|
# - name: ndots
|
||||||
|
# value: "2"
|
||||||
|
# - name: edns0
|
||||||
securityContext:
|
securityContext:
|
||||||
{}
|
{}
|
||||||
# capabilities:
|
# capabilities:
|
||||||
@ -61,6 +74,38 @@ serviceMonitor:
|
|||||||
# selector:
|
# selector:
|
||||||
# prometheus: my-prometheus
|
# prometheus: my-prometheus
|
||||||
|
|
||||||
|
prometheusRule:
|
||||||
|
enabled: false
|
||||||
|
# namespace: ""
|
||||||
|
# additionnalLabels: {}
|
||||||
|
# rules:
|
||||||
|
# - alert: NoOutputBytesProcessed
|
||||||
|
# expr: rate(fluentbit_output_proc_bytes_total[5m]) == 0
|
||||||
|
# annotations:
|
||||||
|
# message: |
|
||||||
|
# Fluent Bit instance {{ $labels.instance }}'s output plugin {{ $labels.name }} has not processed any
|
||||||
|
# bytes for at least 15 minutes.
|
||||||
|
# summary: No Output Bytes Processed
|
||||||
|
# for: 15m
|
||||||
|
# labels:
|
||||||
|
# severity: critical
|
||||||
|
|
||||||
|
dashboards:
|
||||||
|
enabled: false
|
||||||
|
labelKey: grafana_dashboard
|
||||||
|
annotations: {}
|
||||||
|
|
||||||
|
|
||||||
|
livenessProbe:
|
||||||
|
httpGet:
|
||||||
|
path: /
|
||||||
|
port: http
|
||||||
|
|
||||||
|
readinessProbe:
|
||||||
|
httpGet:
|
||||||
|
path: /
|
||||||
|
port: http
|
||||||
|
|
||||||
resources:
|
resources:
|
||||||
{}
|
{}
|
||||||
# limits:
|
# limits:
|
||||||
@ -104,5 +149,74 @@ updateStrategy: {}
|
|||||||
# Make use of a pre-defined configmap instead of the one templated here
|
# Make use of a pre-defined configmap instead of the one templated here
|
||||||
existingConfigMap: ""
|
existingConfigMap: ""
|
||||||
|
|
||||||
## https://docs.fluentbit.io/manual/administration/configuring-fluent-bit
|
networkPolicy:
|
||||||
config: {}
|
enabled: false
|
||||||
|
# ingress:
|
||||||
|
# from: []
|
||||||
|
|
||||||
|
luaScripts: {}
|
||||||
|
|
||||||
|
## https://docs.fluentbit.io/manual/administration/configuring-fluent-bit/configuration-file
|
||||||
|
config:
|
||||||
|
service: |
|
||||||
|
[SERVICE]
|
||||||
|
Flush 1
|
||||||
|
Daemon Off
|
||||||
|
Log_Level info
|
||||||
|
Parsers_File parsers.conf
|
||||||
|
Parsers_File custom_parsers.conf
|
||||||
|
HTTP_Server On
|
||||||
|
HTTP_Listen 0.0.0.0
|
||||||
|
HTTP_Port {{ .Values.service.port }}
|
||||||
|
|
||||||
|
## https://docs.fluentbit.io/manual/pipeline/inputs
|
||||||
|
inputs: |
|
||||||
|
[INPUT]
|
||||||
|
Name tail
|
||||||
|
Path /var/log/containers/*.log
|
||||||
|
Parser docker
|
||||||
|
Tag kube.*
|
||||||
|
Mem_Buf_Limit 5MB
|
||||||
|
Skip_Long_Lines On
|
||||||
|
|
||||||
|
[INPUT]
|
||||||
|
Name systemd
|
||||||
|
Tag host.*
|
||||||
|
Systemd_Filter _SYSTEMD_UNIT=kubelet.service
|
||||||
|
Read_From_Tail On
|
||||||
|
|
||||||
|
## https://docs.fluentbit.io/manual/pipeline/filters
|
||||||
|
filters: |
|
||||||
|
[FILTER]
|
||||||
|
Name kubernetes
|
||||||
|
Match kube.*
|
||||||
|
Merge_Log On
|
||||||
|
Keep_Log Off
|
||||||
|
K8S-Logging.Parser On
|
||||||
|
K8S-Logging.Exclude On
|
||||||
|
|
||||||
|
## https://docs.fluentbit.io/manual/pipeline/outputs
|
||||||
|
outputs: |
|
||||||
|
[OUTPUT]
|
||||||
|
Name es
|
||||||
|
Match kube.*
|
||||||
|
Host elasticsearch-master
|
||||||
|
Logstash_Format On
|
||||||
|
Retry_Limit False
|
||||||
|
|
||||||
|
[OUTPUT]
|
||||||
|
Name es
|
||||||
|
Match host.*
|
||||||
|
Host elasticsearch-master
|
||||||
|
Logstash_Format On
|
||||||
|
Logstash_Prefix node
|
||||||
|
Retry_Limit False
|
||||||
|
|
||||||
|
## https://docs.fluentbit.io/manual/pipeline/parsers
|
||||||
|
customParsers: |
|
||||||
|
[PARSER]
|
||||||
|
Name docker_no_time
|
||||||
|
Format json
|
||||||
|
Time_Keep Off
|
||||||
|
Time_Key time
|
||||||
|
Time_Format %Y-%m-%dT%H:%M:%S.%L
|
||||||
|
37
charts/kubezero-logging/fluent-bit.patch
Normal file
37
charts/kubezero-logging/fluent-bit.patch
Normal file
@ -0,0 +1,37 @@
|
|||||||
|
Binary files charts/fluent-bit/.values.yaml.swp and charts/fluent-bit.zdt/.values.yaml.swp differ
|
||||||
|
diff -rtubN charts/fluent-bit/Chart.yaml charts/fluent-bit.zdt/Chart.yaml
|
||||||
|
--- charts/fluent-bit/Chart.yaml 2021-02-23 14:58:39.000000000 +0100
|
||||||
|
+++ charts/fluent-bit.zdt/Chart.yaml 2021-03-05 14:48:07.082648075 +0100
|
||||||
|
@@ -1,7 +1,7 @@
|
||||||
|
annotations:
|
||||||
|
artifacthub.io/changes: |
|
||||||
|
- add custom annotations on dashboards configmap
|
||||||
|
-apiVersion: v1
|
||||||
|
+apiVersion: v2
|
||||||
|
appVersion: 1.7.1
|
||||||
|
description: Fast and lightweight log processor and forwarder or Linux, OSX and BSD family operating systems.
|
||||||
|
home: https://fluentbit.io/
|
||||||
|
diff -rtubN charts/fluent-bit/templates/tests/test-connection.yaml charts/fluent-bit.zdt/templates/tests/test-connection.yaml
|
||||||
|
--- charts/fluent-bit/templates/tests/test-connection.yaml 2021-02-23 14:58:39.000000000 +0100
|
||||||
|
+++ charts/fluent-bit.zdt/templates/tests/test-connection.yaml 2021-03-05 14:51:34.749324131 +0100
|
||||||
|
@@ -1,3 +1,4 @@
|
||||||
|
+{{- if .Values.testFramework.enabled }}
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Pod
|
||||||
|
metadata:
|
||||||
|
@@ -18,3 +19,4 @@
|
||||||
|
{{- toYaml . | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
restartPolicy: Never
|
||||||
|
+{{- end }}
|
||||||
|
diff -rtubN charts/fluent-bit/values.yaml charts/fluent-bit.zdt/values.yaml
|
||||||
|
--- charts/fluent-bit/values.yaml 2021-02-23 14:58:39.000000000 +0100
|
||||||
|
+++ charts/fluent-bit.zdt/values.yaml 2021-03-05 14:50:40.652655018 +0100
|
||||||
|
@@ -12,6 +12,7 @@
|
||||||
|
# tag:
|
||||||
|
|
||||||
|
testFramework:
|
||||||
|
+ enabled: false
|
||||||
|
image:
|
||||||
|
repository: busybox
|
||||||
|
pullPolicy: Always
|
@ -12,10 +12,7 @@ spec:
|
|||||||
{{- range .Values.es.nodeSets }}
|
{{- range .Values.es.nodeSets }}
|
||||||
- name: {{ .name }}
|
- name: {{ .name }}
|
||||||
config:
|
config:
|
||||||
node.master: true
|
node.roles: [ master, data, ingest ]
|
||||||
node.data: true
|
|
||||||
node.ingest: true
|
|
||||||
node.ml: false
|
|
||||||
{{- if $.Values.es.prometheus }}
|
{{- if $.Values.es.prometheus }}
|
||||||
prometheus.indices: false
|
prometheus.indices: false
|
||||||
{{- end }}
|
{{- end }}
|
||||||
@ -24,7 +21,10 @@ spec:
|
|||||||
cluster.routing.allocation.awareness.attributes: zone
|
cluster.routing.allocation.awareness.attributes: zone
|
||||||
{{- end }}
|
{{- end }}
|
||||||
transport.compress: true
|
transport.compress: true
|
||||||
node.processors: {{ default 1 .processors }}
|
{{- if .processors }}
|
||||||
|
node.processors: {{ .processors }}
|
||||||
|
{{- end }}
|
||||||
|
indices.memory.index_buffer_size: "30%"
|
||||||
podTemplate:
|
podTemplate:
|
||||||
{{- if $.Values.es.s3Snapshot.iamrole }}
|
{{- if $.Values.es.s3Snapshot.iamrole }}
|
||||||
metadata:
|
metadata:
|
||||||
@ -51,18 +51,14 @@ spec:
|
|||||||
securityContext:
|
securityContext:
|
||||||
capabilities:
|
capabilities:
|
||||||
add: ["SYS_CHROOT"]
|
add: ["SYS_CHROOT"]
|
||||||
resources:
|
{{- with .resources }}
|
||||||
requests:
|
resources: {{ toYaml . | nindent 12 }}
|
||||||
cpu: {{ default "200m" .cpu_request }}
|
|
||||||
memory: {{ default ( mul 2 ( default "2" .jvm_heap ) ) .memory_request }}Gi
|
|
||||||
limits:
|
|
||||||
{{- if .cpu_limit }}
|
|
||||||
cpu: {{ .cpu_limit }}
|
|
||||||
{{- end }}
|
{{- end }}
|
||||||
memory: {{ default ( mul 2 ( default "2" .jvm_heap ) ) .memory_limit }}Gi
|
{{- if .jvm_heap }}
|
||||||
env:
|
env:
|
||||||
- name: ES_JAVA_OPTS
|
- name: ES_JAVA_OPTS
|
||||||
value: -Xms{{ default "2" .jvm_heap }}g -Xmx{{ default "2" .jvm_heap }}g
|
value: -Xms{{ .jvm_heap }}g -Xmx{{ .jvm_heap }}g
|
||||||
|
{{- end }}
|
||||||
affinity:
|
affinity:
|
||||||
podAntiAffinity:
|
podAntiAffinity:
|
||||||
requiredDuringSchedulingIgnoredDuringExecution:
|
requiredDuringSchedulingIgnoredDuringExecution:
|
||||||
|
@ -26,7 +26,7 @@ spec:
|
|||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
memory: 1Gi
|
memory: 1Gi
|
||||||
cpu: 100m
|
cpu: 200m
|
||||||
limits:
|
limits:
|
||||||
memory: 2Gi
|
memory: 2Gi
|
||||||
http:
|
http:
|
||||||
|
8
charts/kubezero-logging/update.sh
Executable file
8
charts/kubezero-logging/update.sh
Executable file
@ -0,0 +1,8 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
FLUENT_BIT_VERSION=0.12.3
|
||||||
|
|
||||||
|
rm -rf charts/fluent-bit
|
||||||
|
curl -L -s -o - https://github.com/fluent/helm-charts/releases/download/fluent-bit-${FLUENT_BIT_VERSION}/fluent-bit-${FLUENT_BIT_VERSION}.tgz | tar xfz - -C charts
|
||||||
|
|
||||||
|
patch -i fluent-bit.patch -p0 --no-backup-if-mismatch
|
@ -11,7 +11,7 @@ eck-operator:
|
|||||||
node-role.kubernetes.io/master: ""
|
node-role.kubernetes.io/master: ""
|
||||||
|
|
||||||
# Version for ElasticSearch and Kibana have to match so we define it at top-level
|
# Version for ElasticSearch and Kibana have to match so we define it at top-level
|
||||||
version: 7.10.1
|
version: 7.11.1
|
||||||
|
|
||||||
elastic_password: "" # super_secret_elastic_password
|
elastic_password: "" # super_secret_elastic_password
|
||||||
|
|
||||||
@ -192,8 +192,15 @@ fluentd:
|
|||||||
|
|
||||||
fluent-bit:
|
fluent-bit:
|
||||||
enabled: false
|
enabled: false
|
||||||
test:
|
|
||||||
enabled: false
|
serviceMonitor:
|
||||||
|
enabled: true
|
||||||
|
selector:
|
||||||
|
release: metrics
|
||||||
|
|
||||||
|
tolerations:
|
||||||
|
- key: node-role.kubernetes.io/master
|
||||||
|
effect: NoSchedule
|
||||||
|
|
||||||
config:
|
config:
|
||||||
output:
|
output:
|
||||||
@ -211,11 +218,115 @@ fluent-bit:
|
|||||||
#extraRecords:
|
#extraRecords:
|
||||||
# source.clustername: MyKubeCluster
|
# source.clustername: MyKubeCluster
|
||||||
|
|
||||||
serviceMonitor:
|
service: |
|
||||||
enabled: true
|
[SERVICE]
|
||||||
selector:
|
Flush {{ .Values.config.flushInterval }}
|
||||||
release: metrics
|
Daemon Off
|
||||||
|
Log_Level {{ .Values.config.logLevel }}
|
||||||
|
Parsers_File parsers.conf
|
||||||
|
Parsers_File custom_parsers.conf
|
||||||
|
HTTP_Server On
|
||||||
|
HTTP_Listen 0.0.0.0
|
||||||
|
HTTP_Port {{ .Values.service.port }}
|
||||||
|
inputs: |
|
||||||
|
[INPUT]
|
||||||
|
Name tail
|
||||||
|
Path /var/log/containers/*.log
|
||||||
|
Parser cri-log
|
||||||
|
Tag cri.*
|
||||||
|
Skip_Long_Lines On
|
||||||
|
DB /var/log/flb_kube.db
|
||||||
|
DB.Sync Normal
|
||||||
|
{{- with .Values.config.input }}
|
||||||
|
Mem_Buf_Limit {{ default "16MB" .memBufLimit }}
|
||||||
|
Refresh_Interval {{ default 10 .refreshInterval }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
tolerations:
|
filters: |
|
||||||
- key: node-role.kubernetes.io/master
|
[FILTER]
|
||||||
effect: NoSchedule
|
Name lua
|
||||||
|
Match cri.*
|
||||||
|
script /fluent-bit/scripts/kubezero.lua
|
||||||
|
call reassemble_cri_logs
|
||||||
|
|
||||||
|
[FILTER]
|
||||||
|
Name kubernetes
|
||||||
|
Match cri.*
|
||||||
|
Merge_Log On
|
||||||
|
Merge_Log_Key kube
|
||||||
|
Kube_Tag_Prefix cri.var.log.containers.
|
||||||
|
Keep_Log Off
|
||||||
|
K8S-Logging.Parser Off
|
||||||
|
K8S-Logging.Exclude Off
|
||||||
|
|
||||||
|
{{- if index .Values "config" "extraRecords" }}
|
||||||
|
|
||||||
|
[FILTER]
|
||||||
|
Name record_modifier
|
||||||
|
Match cri.*
|
||||||
|
{{- range $k,$v := index .Values "config" "extraRecords" }}
|
||||||
|
Record {{ $k }} {{ $v }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
[FILTER]
|
||||||
|
Name rewrite_tag
|
||||||
|
Match cri.*
|
||||||
|
Emitter_Name kube_tag_rewriter
|
||||||
|
Rule logtag F kube.$kubernetes['namespace_name'].$kubernetes['container_name'] false
|
||||||
|
|
||||||
|
[FILTER]
|
||||||
|
Name lua
|
||||||
|
Match kube.*
|
||||||
|
script /fluent-bit/scripts/kubezero.lua
|
||||||
|
call nest_k8s_ns
|
||||||
|
|
||||||
|
outputs: |
|
||||||
|
[OUTPUT]
|
||||||
|
Match *
|
||||||
|
Name forward
|
||||||
|
Host {{ .Values.config.output.host }}
|
||||||
|
Port 24224
|
||||||
|
Shared_Key {{ .Values.config.output.sharedKey }}
|
||||||
|
tls {{ ternary "on" "off" .Values.config.output.tls }}
|
||||||
|
Send_options true
|
||||||
|
Require_ack_response true
|
||||||
|
|
||||||
|
customParsers: |
|
||||||
|
[PARSER]
|
||||||
|
Name cri-log
|
||||||
|
Format regex
|
||||||
|
Regex ^(?<time>[^ ]+) (?<stream>stdout|stderr) (?<logtag>[^ ]*) (?<log>.*)$
|
||||||
|
Time_Key time
|
||||||
|
Time_Format %Y-%m-%dT%H:%M:%S.%L%z
|
||||||
|
|
||||||
|
luaScripts:
|
||||||
|
kubezero.lua: |
|
||||||
|
local reassemble_state = {}
|
||||||
|
|
||||||
|
function reassemble_cri_logs(tag, timestamp, record)
|
||||||
|
local reassemble_key = tag
|
||||||
|
if record.logtag == 'P' then
|
||||||
|
reassemble_state[reassemble_key] = reassemble_state[reassemble_key] or "" .. record.log
|
||||||
|
return -1, 0, 0
|
||||||
|
end
|
||||||
|
record.log = reassemble_state[reassemble_key] or "" .. (record.log or "")
|
||||||
|
reassemble_state[reassemble_key] = nil
|
||||||
|
return 1, timestamp, record
|
||||||
|
end
|
||||||
|
|
||||||
|
function nest_k8s_ns(tag, timestamp, record)
|
||||||
|
if not record['kubernetes']['namespace_name'] then
|
||||||
|
return 0, 0, 0
|
||||||
|
end
|
||||||
|
new_record = {}
|
||||||
|
for key, val in pairs(record) do
|
||||||
|
if key == 'kube' then
|
||||||
|
new_record[key] = {}
|
||||||
|
new_record[key][record['kubernetes']['namespace_name']] = record[key]
|
||||||
|
else
|
||||||
|
new_record[key] = record[key]
|
||||||
|
end
|
||||||
|
end
|
||||||
|
return 1, timestamp, new_record
|
||||||
|
end
|
||||||
|
Loading…
Reference in New Issue
Block a user