# use this for backwards compatability
# fullnameOverride: ""
eck-operator:
enabled: false
installCRDs: false
tolerations:
- key: node-role.kubernetes.io/master
effect: NoSchedule
nodeSelector:
node-role.kubernetes.io/master: ""
# Version for ElasticSearch and Kibana have to match so we define it at top-level
version: 7.11.1
elastic_password: "" # super_secret_elastic_password
es:
nodeSets: []
#- count: 2
# storage:
# size: 16Gi
# class: local-sc-xfs
# zone: us-west-2a
s3Snapshot:
enabled: false
iamrole: "" # INSERT_CLOUDFORMATION_OUTPUT_ElasticSearchSnapshots
prometheus: false
kibana:
count: 1
#servicename: kibana.example.com
istio:
enabled: false
gateway: "istio-system/ingressgateway"
url: "" # kibana.example.com
fluentd:
enabled: false
image:
repository: quay.io/fluentd_elasticsearch/fluentd
tag: v2.9.0
istio:
enabled: false
# broken as of 2.5.1 ;-(
# useStatefulSet: true
replicaCount: 2
plugins:
enabled: false
pluginsList:
#- fluent-plugin-detect-exceptions
#- fluent-plugin-s3
#- fluent-plugin-grok-parser
#persistence:
# enabled: true
# storageClass: "ebs-sc-gp2-xfs"
# accessMode: ReadWriteOnce
# size: 4Gi
service:
ports:
- name: tcp-forward
protocol: TCP
containerPort: 24224
- name: http-fluentd
protocol: TCP
containerPort: 9880
metrics:
enabled: false
serviceMonitor:
enabled: true
additionalLabels:
release: metrics
output:
# Default should be "logging-kubezero-logging-es-http" if fullnameOverride is NOT used
host: logging-es-http
shared_key: "cloudbender"
env:
OUTPUT_USER: elastic
OUTPUT_SSL_VERIFY: "false"
# Same here the secret names change if fullnameOverride is not used !!
extraEnvVars:
- name: OUTPUT_PASSWORD
valueFrom:
secretKeyRef:
name: logging-es-elastic-user
key: elastic
- name: FLUENTD_SHARED_KEY
valueFrom:
secretKeyRef:
name: logging-fluentd-secret
key: shared_key
configMaps:
general.conf: |
@type http
port 9880
bind 0.0.0.0
keepalive_timeout 30
@type monitor_agent
bind 0.0.0.0
port 24220
tag fluentd.monitor.metrics
forward-input.conf: |
@type forward
port 24224
bind 0.0.0.0
skip_invalid_event true
send_keepalive_packet true
self_hostname "#{ENV['HOSTNAME']}"
shared_key "#{ENV['FLUENTD_SHARED_KEY']}"
output.conf: |
@id elasticsearch
@type elasticsearch
@log_level info
include_tag_key true
id_key id
remove_keys id
# KubeZero pipeline incl. GeoIP etc.
pipeline fluentd
hosts "#{ENV['OUTPUT_HOST']}"
port "#{ENV['OUTPUT_PORT']}"
scheme "#{ENV['OUTPUT_SCHEME']}"
ssl_version "#{ENV['OUTPUT_SSL_VERSION']}"
ssl_verify "#{ENV['OUTPUT_SSL_VERIFY']}"
user "#{ENV['OUTPUT_USER']}"
password "#{ENV['OUTPUT_PASSWORD']}"
log_es_400_reason
logstash_format true
reconnect_on_error true
reload_on_failure true
request_timeout 60s
suppress_type_name true
@type file_single
path /var/log/fluentd-buffers/kubernetes.system.buffer
chunk_limit_size 16MB
total_limit_size 4GB
flush_mode interval
flush_thread_count 4
flush_interval 5s
flush_at_shutdown true
retry_type exponential_backoff
retry_timeout 60m
overflow_action drop_oldest_chunk
disable_chunk_backup true
filter.conf: |
@type parser
key_name message
remove_key_name_field true
reserve_data true
reserve_time true
# inject_key_prefix message_json.
emit_invalid_record_to_error false
@type json
fluent-bit:
enabled: false
serviceMonitor:
enabled: true
selector:
release: metrics
tolerations:
- key: node-role.kubernetes.io/master
effect: NoSchedule
config:
output:
host: logging-fluentd
sharedKey: cloudbender
tls: false
input:
memBufLimit: 16MB
refreshInterval: 10
logLevel: warn
flushInterval: 1
#extraRecords:
# source.clustername: MyKubeCluster
service: |
[SERVICE]
Flush {{ .Values.config.flushInterval }}
Daemon Off
Log_Level {{ .Values.config.logLevel }}
Parsers_File parsers.conf
Parsers_File custom_parsers.conf
HTTP_Server On
HTTP_Listen 0.0.0.0
HTTP_Port {{ .Values.service.port }}
inputs: |
[INPUT]
Name tail
Path /var/log/containers/*.log
Parser cri-log
Tag cri.*
Skip_Long_Lines On
DB /var/log/flb_kube.db
DB.Sync Normal
{{- with .Values.config.input }}
Mem_Buf_Limit {{ default "16MB" .memBufLimit }}
Refresh_Interval {{ default 10 .refreshInterval }}
{{- end }}
filters: |
[FILTER]
Name lua
Match cri.*
script /fluent-bit/scripts/kubezero.lua
call reassemble_cri_logs
[FILTER]
Name kubernetes
Match cri.*
Merge_Log On
Merge_Log_Key kube
Kube_Tag_Prefix cri.var.log.containers.
Keep_Log Off
K8S-Logging.Parser Off
K8S-Logging.Exclude Off
{{- if index .Values "config" "extraRecords" }}
[FILTER]
Name record_modifier
Match cri.*
{{- range $k,$v := index .Values "config" "extraRecords" }}
Record {{ $k }} {{ $v }}
{{- end }}
{{- end }}
[FILTER]
Name rewrite_tag
Match cri.*
Emitter_Name kube_tag_rewriter
Rule logtag F kube.$kubernetes['namespace_name'].$kubernetes['container_name'] false
[FILTER]
Name lua
Match kube.*
script /fluent-bit/scripts/kubezero.lua
call nest_k8s_ns
outputs: |
[OUTPUT]
Match *
Name forward
Host {{ .Values.config.output.host }}
Port 24224
Shared_Key {{ .Values.config.output.sharedKey }}
tls {{ ternary "on" "off" .Values.config.output.tls }}
Send_options true
Require_ack_response true
customParsers: |
[PARSER]
Name cri-log
Format regex
Regex ^(?