diff options
Diffstat (limited to 'deployments/helm/v2/emco/fluentd/templates')
15 files changed, 829 insertions, 0 deletions
diff --git a/deployments/helm/v2/emco/fluentd/templates/NOTES.txt b/deployments/helm/v2/emco/fluentd/templates/NOTES.txt new file mode 100644 index 00000000..eea7a2aa --- /dev/null +++ b/deployments/helm/v2/emco/fluentd/templates/NOTES.txt @@ -0,0 +1,30 @@ +** Please be patient while the chart is being deployed ** + + To verify that Fluentd has started, run: + + kubectl get all -l "app.kubernetes.io/name={{ include "fluentd.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" +{{ if and .Values.aggregator.enabled .Values.forwarder.enabled (not .Values.aggregator.configMap) }} + Logs are captured on each node by the forwarder pods and then sent to the aggregator pods. By default, the aggregator pods send the logs to the standard output. + You can see all the logs by running this command: + + kubectl logs -l "app.kubernetes.io/component=aggregator" + + You can mount your own configuration files to the aggregators and the forwarders. For example, this is useful if you want to forward the aggregated logs to Elasticsearch or another service. +{{- else if and .Values.aggregator.enabled (not .Values.forwarder.enabled) }} + You have deployed Fluentd in aggregator-only mode. Logs received by the aggregator will be thrown to the standard output by default. + You can see all the logs by running this command: + + kubectl logs -l "app.kubernetes.io/component=aggregator" + + You can mount your own configuration files to the aggregators. For example, this is useful if you want to forward the logs to Elasticsearch or another service. +{{- else if and (not .Values.aggregator.enabled) (not .Values.forwarder.configMap) }} + Logs are captured on each node by the forwarder pods and sent to the standard output by default. + You can see all the logs by running this command: + + kubectl logs -l "app.kubernetes.io/component=forwarder" + + You can mount your own configuration files to the forwarders. For example, this is useful if you want to forward the logs to Elasticsearch or another service. +{{- end }} + +{{- include "fluentd.validateValues" . }} +{{- include "fluentd.checkRollingTags" . -}} diff --git a/deployments/helm/v2/emco/fluentd/templates/_helpers.tpl b/deployments/helm/v2/emco/fluentd/templates/_helpers.tpl new file mode 100644 index 00000000..f72f6e33 --- /dev/null +++ b/deployments/helm/v2/emco/fluentd/templates/_helpers.tpl @@ -0,0 +1,188 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "fluentd.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "fluentd.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "fluentd.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Common labels +*/}} +{{- define "fluentd.labels" -}} +app.kubernetes.io/name: {{ include "fluentd.name" . }} +helm.sh/chart: {{ include "fluentd.chart" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end -}} + +{{/* +Labels to use on daemonset.spec.selector.matchLabels, statefulset.spec.selector.matchLabels and svc.spec.selector +*/}} +{{- define "fluentd.matchLabels" -}} +app.kubernetes.io/name: {{ include "fluentd.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end -}} + +{{/* +Return the proper Fluentd image name +*/}} +{{- define "fluentd.image" -}} +{{- $registryName := .Values.image.registry -}} +{{- $repositoryName := .Values.image.repository -}} +{{- $tag := .Values.image.tag | toString -}} +{{/* +Helm 2.11 supports the assignment of a value to a variable defined in a different scope, +but Helm 2.9 and 2.10 doesn't support it, so we need to implement this if-else logic. +Also, we can't use a single if because lazy evaluation is not an option +*/}} +{{- if .Values.global.imageRegistry }} + {{- printf "%s/%s:%s" .Values.global.imageRegistry $repositoryName $tag -}} +{{- else -}} + {{- printf "%s/%s:%s" $registryName $repositoryName $tag -}} +{{- end -}} +{{- end -}} + +{{/* +Return the proper Docker Image Registry Secret Names +*/}} +{{- define "fluentd.imagePullSecrets" -}} +{{/* +Helm 2.11 supports the assignment of a value to a variable defined in a different scope, +but Helm 2.9 and 2.10 does not support it, so we need to implement this if-else logic. +Also, we can not use a single if because lazy evaluation is not an option +*/}} +{{- if .Values.global.imagePullSecrets }} +imagePullSecrets: +{{- range .Values.global.imagePullSecrets }} + - name: {{ . }} +{{- end }} +{{- else if .Values.image.pullSecrets }} +imagePullSecrets: +{{- range .Values.image.pullSecrets }} + - name: {{ . }} +{{- end }} +{{- end -}} +{{- end -}} + +{{/* +Create the name of the service account to use +*/}} +{{- define "fluentd.serviceAccountName" -}} +{{- if .Values.serviceAccount.create -}} + {{ default (include "fluentd.fullname" .) .Values.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.serviceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* Check if there are rolling tags in the images */}} +{{- define "fluentd.checkRollingTags" -}} +{{- if and (contains "bitnami/" .Values.image.repository) (not (.Values.image.tag | toString | regexFind "-r\\d+$|sha256:")) }} +WARNING: Rolling tag detected ({{ .Values.image.repository }}:{{ .Values.image.tag }}), please note that it is strongly recommended to avoid using rolling tags in a production environment. ++info https://docs.bitnami.com/containers/how-to/understand-rolling-tags-containers/ +{{- end }} +{{- end -}} + +{{/* +Validate data +*/}} +{{- define "fluentd.validateValues" -}} +{{- $messages := list -}} +{{- $messages := append $messages (include "fluentd.validateValues.deployment" .) -}} +{{- $messages := append $messages (include "fluentd.validateValues.rbac" .) -}} +{{- $messages := without $messages "" -}} +{{- $message := join "\n" $messages -}} + {{- if $message -}} +{{- printf "\nVALUES VALIDATION:\n%s" $message | fail -}} +{{- end -}} +{{- end -}} + +{{/* Validate values of Fluentd - forwarders and aggregators can't be disabled at the same time */}} +{{- define "fluentd.validateValues.deployment" -}} +{{- if and (not .Values.forwarder.enabled) (not .Values.aggregator.enabled) -}} +fluentd: + You have disabled both the forwarders and the aggregators. + Please enable at least one of them (--set forwarder.enabled=true) (--set aggregator.enabled=true) +{{- end -}} +{{- end -}} + +{{/* Validate values of Fluentd - must create serviceAccount to create enable RBAC */}} +{{- define "fluentd.validateValues.rbac" -}} +{{- if and .Values.rbac.create (not .Values.serviceAccount.create) -}} +fluentd: rbac.create + A ServiceAccount is required ("rbac.create=true" is set) + Please create a ServiceAccount (--set serviceAccount.create=true) +{{- end -}} +{{- end -}} + +{{/* +Get the forwarder configmap name. +*/}} +{{- define "fluentd.forwarder.configMap" -}} +{{- if .Values.forwarder.configMap -}} + {{- printf "%s" (tpl .Values.forwarder.configMap $) -}} +{{- else -}} + {{- printf "%s-forwarder-cm" (include "fluentd.fullname" . ) -}} +{{- end -}} +{{- end -}} + +{{/* +Get the aggregator configmap name. +*/}} +{{- define "fluentd.aggregator.configMap" -}} +{{- if .Values.aggregator.configMap -}} + {{- printf "%s" (tpl .Values.aggregator.configMap $) -}} +{{- else -}} + {{- printf "%s-aggregator-cm" (include "fluentd.fullname" . ) -}} +{{- end -}} +{{- end -}} + +{{/* +Get the certificates secret name. +*/}} +{{- define "fluentd.tls.secretName" -}} +{{- if .Values.tls.existingSecret -}} + {{- printf "%s" (tpl .Values.tls.existingSecret $) -}} +{{- else -}} + {{- printf "%s-tls" (include "fluentd.fullname" . ) -}} +{{- end -}} +{{- end -}} + +{{/* +Renders a value that contains template. +Usage: +{{ include "fluentd.tplValue" (dict "value" .Values.path.to.the.Value "context" $) }} +*/}} +{{- define "fluentd.tplValue" -}} + {{- if typeIs "string" .value }} + {{- tpl .value .context }} + {{- else }} + {{- tpl (.value | toYaml) .context }} + {{- end }} +{{- end -}} diff --git a/deployments/helm/v2/emco/fluentd/templates/aggregator-configmap.yaml b/deployments/helm/v2/emco/fluentd/templates/aggregator-configmap.yaml new file mode 100644 index 00000000..885e3b99 --- /dev/null +++ b/deployments/helm/v2/emco/fluentd/templates/aggregator-configmap.yaml @@ -0,0 +1,65 @@ +{{- if and .Values.aggregator.enabled (not .Values.aggregator.configMap) -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "fluentd.fullname" . }}-aggregator-cm + labels: {{- include "fluentd.labels" . | nindent 4 }} + app.kubernetes.io/component: aggregator +data: + fluentd.conf: | + {{- if .Values.metrics.enabled -}} + # Prometheus Exporter Plugin + # input plugin that exports metrics + <source> + @type prometheus + port {{ .Values.metrics.service.port }} + </source> + + # input plugin that collects metrics from MonitorAgent + <source> + @type prometheus_monitor + <labels> + host ${hostname} + </labels> + </source> + + # input plugin that collects metrics for output plugin + <source> + @type prometheus_output_monitor + <labels> + host ${hostname} + </labels> + </source> + {{- end }} + + # Ignore fluentd own events + <match fluent.**> + @type null + </match> + + # TCP input to receive logs from + {{- if and .Values.aggregator.port }} + <source> + @type forward + bind 0.0.0.0 + port {{ .Values.aggregator.port }} + </source> + {{- end }} + + # HTTP input for the liveness and readiness probes + <source> + @type http + bind 0.0.0.0 + port 9880 + </source> + + # Throw the healthcheck to the standard output instead of forwarding it + <match fluentd.healthcheck> + @type stdout + </match> + + # Send the logs to the standard output + <match **> + @type stdout + </match> +{{- end -}} diff --git a/deployments/helm/v2/emco/fluentd/templates/aggregator-statefulset.yaml b/deployments/helm/v2/emco/fluentd/templates/aggregator-statefulset.yaml new file mode 100644 index 00000000..40957cf2 --- /dev/null +++ b/deployments/helm/v2/emco/fluentd/templates/aggregator-statefulset.yaml @@ -0,0 +1,135 @@ +{{- if .Values.aggregator.enabled -}} +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: {{ include "fluentd.fullname" . }} + labels: {{- include "fluentd.labels" . | nindent 4 }} + app.kubernetes.io/component: aggregator +spec: + selector: + matchLabels: {{- include "fluentd.matchLabels" . | nindent 6 }} + app.kubernetes.io/component: aggregator + serviceName: {{ include "fluentd.fullname" . }}-headless + replicas: {{ .Values.aggregator.replicaCount }} + updateStrategy: {{- toYaml .Values.aggregator.updateStrategy | nindent 4 }} + template: + metadata: + labels: {{- include "fluentd.labels" . | nindent 8 }} + app.kubernetes.io/component: aggregator + annotations: + checksum/config: {{ include (print $.Template.BasePath "/aggregator-configmap.yaml") . | sha256sum }} + {{- if .Values.aggregator.podAnnotations }} + {{- include "fluentd.tplValue" (dict "value" .Values.aggregator.podAnnotations "context" $) | nindent 8 }} + {{- end }} + spec: + {{- include "fluentd.imagePullSecrets" . | nindent 6 }} + {{- if .Values.aggregator.securityContext.enabled }} + securityContext: + runAsUser: {{ .Values.aggregator.securityContext.runAsUser }} + fsGroup: {{ .Values.aggregator.securityContext.fsGroup }} + {{- end }} + {{- if .Values.aggregator.affinity }} + affinity: {{- include "fluentd.tplValue" (dict "value" .Values.aggregator.affinity "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.aggregator.nodeSelector }} + nodeSelector: {{- include "fluentd.tplValue" (dict "value" .Values.aggregator.nodeSelector "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.aggregator.tolerations }} + tolerations: {{- include "fluentd.tplValue" (dict "value" .Values.aggregator.tolerations "context" $) | nindent 8 }} + {{- end }} + containers: + - name: fluentd + image: {{ include "fluentd.image" . }} + imagePullPolicy: {{ .Values.image.pullPolicy | quote }} + env: + - name: FLUENTD_CONF + value: {{ .Values.aggregator.configFile }} + - name: FLUENTD_OPT + value: {{ .Values.aggregator.extraArgs | quote }} + {{- if .Values.aggregator.extraEnv }} + {{- toYaml .Values.aggregator.extraEnv | nindent 12 }} + {{- end }} + ports: + {{- if .Values.aggregator.port }} + - name: tcp + containerPort: {{ .Values.aggregator.port }} + protocol: TCP + {{- end }} + {{- if .Values.aggregator.containerPorts }} + {{- toYaml .Values.aggregator.containerPorts | nindent 12 }} + {{- end }} + {{- if .Values.metrics.enabled }} + - name: metrics + containerPort: {{ .Values.metrics.service.port }} + protocol: TCP + {{- end }} + {{- if .Values.aggregator.livenessProbe.enabled }} + livenessProbe: + httpGet: + path: /fluentd.healthcheck?json=%7B%22ping%22%3A+%22pong%22%7D + port: http + initialDelaySeconds: {{ .Values.aggregator.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.aggregator.livenessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.aggregator.livenessProbe.timeoutSeconds }} + successThreshold: {{ .Values.aggregator.livenessProbe.successThreshold }} + failureThreshold: {{ .Values.aggregator.livenessProbe.failureThreshold }} + {{- end }} + {{- if .Values.aggregator.readinessProbe.enabled }} + readinessProbe: + httpGet: + path: /fluentd.healthcheck?json=%7B%22ping%22%3A+%22pong%22%7D + port: http + initialDelaySeconds: {{ .Values.aggregator.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.aggregator.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.aggregator.readinessProbe.timeoutSeconds }} + successThreshold: {{ .Values.aggregator.readinessProbe.successThreshold }} + failureThreshold: {{ .Values.aggregator.readinessProbe.failureThreshold }} + {{- end }} + {{- if .Values.aggregator.resources }} + resources: {{- toYaml .Values.aggregator.resources | nindent 12 }} + {{- end }} + volumeMounts: + - name: fluentd-config + mountPath: /opt/bitnami/fluentd/conf + {{- if .Values.aggregator.persistence.enabled }} + - name: {{ include "fluentd.fullname" . }}-buffer + mountPath: /opt/bitnami/fluentd/logs/buffers + {{- else }} + - name: buffer + mountPath: /opt/bitnami/fluentd/logs/buffers + {{- end }} + {{- if .Values.tls.enabled }} + - name: certs + mountPath: /opt/bitnami/fluentd/certs + {{- end }} + volumes: + {{- if .Values.tls.enabled }} + - name: certs + secret: + secretName: {{ template "fluentd.tls.secretName" . }} + items: + - key: tls.crt + path: tls.crt + - key: tls.key + path: tls.key + {{- end }} + - name: fluentd-config + configMap: + name: {{ template "fluentd.aggregator.configMap" . }} + {{- if not .Values.aggregator.persistence.enabled }} + - name: buffer + emptyDir: {} + {{- end }} + + {{- if .Values.aggregator.persistence.enabled }} + volumeClaimTemplates: + - metadata: + name: {{ include "fluentd.fullname" . }}-buffer + spec: + accessModes: [{{ .Values.aggregator.persistence.accessMode }}] + storageClassName: {{ .Values.aggregator.persistence.storageClass }} + resources: + requests: + storage: {{ .Values.aggregator.persistence.size }} + {{- end }} +{{- end -}} diff --git a/deployments/helm/v2/emco/fluentd/templates/aggregator-svc.yaml b/deployments/helm/v2/emco/fluentd/templates/aggregator-svc.yaml new file mode 100644 index 00000000..4ae43793 --- /dev/null +++ b/deployments/helm/v2/emco/fluentd/templates/aggregator-svc.yaml @@ -0,0 +1,32 @@ +{{- if and .Values.aggregator.enabled .Values.aggregator.service.ports }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "fluentd.fullname" . }}-aggregator + labels: {{- include "fluentd.labels" . | nindent 4 }} + app.kubernetes.io/component: aggregator + {{- if .Values.aggregator.service.annotations }} + annotations: {{- include "fluentd.tplValue" (dict "value" .Values.aggregator.service.annotations "context" $) | nindent 4 }} + {{- end }} +spec: + type: {{ .Values.aggregator.service.type }} + {{- if and .Values.aggregator.service.loadBalancerIP (eq .Values.aggregator.service.type "LoadBalancer") }} + loadBalancerIP: {{ .Values.aggregator.service.loadBalancerIP }} + {{- end }} + {{- if and .Values.aggregator.service.loadBalancerSourceRanges (eq .Values.aggregator.service.type "LoadBalancer") }} + loadBalancerSourceRanges: + {{- with .Values.aggregator.service.loadBalancerSourceRanges }} + {{ toYaml . | nindent 4 }} + {{- end }} + {{- end }} + {{- if and (eq .Values.aggregator.service.type "ClusterIP") .Values.aggregator.service.clusterIP }} + clusterIP: {{ .Values.aggregator.service.clusterIP }} + {{- end }} + ports: + {{- range $key, $value := .Values.aggregator.service.ports }} + - name: {{ $key }} + {{ toYaml $value | nindent 6 }} + {{- end }} + selector: {{ include "fluentd.matchLabels" . | nindent 4 }} + app.kubernetes.io/component: aggregator +{{- end }}
\ No newline at end of file diff --git a/deployments/helm/v2/emco/fluentd/templates/clusterrole.yaml b/deployments/helm/v2/emco/fluentd/templates/clusterrole.yaml new file mode 100644 index 00000000..e4c9f50e --- /dev/null +++ b/deployments/helm/v2/emco/fluentd/templates/clusterrole.yaml @@ -0,0 +1,17 @@ +{{- if and .Values.serviceAccount.create .Values.rbac.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "fluentd.fullname" . }} + labels: {{- include "fluentd.labels" . | nindent 4 }} +rules: + - apiGroups: + - "" + resources: + - "namespaces" + - "pods" + verbs: + - "get" + - "watch" + - "list" +{{- end }} diff --git a/deployments/helm/v2/emco/fluentd/templates/clusterrolebinding.yaml b/deployments/helm/v2/emco/fluentd/templates/clusterrolebinding.yaml new file mode 100644 index 00000000..79c36e4e --- /dev/null +++ b/deployments/helm/v2/emco/fluentd/templates/clusterrolebinding.yaml @@ -0,0 +1,15 @@ +{{- if and .Values.serviceAccount.create .Values.rbac.create }} +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ include "fluentd.fullname" . }} + labels: {{- include "fluentd.labels" . | nindent 4 }} +roleRef: + kind: ClusterRole + apiGroup: rbac.authorization.k8s.io + name: {{ template "fluentd.fullname" . }} +subjects: + - kind: ServiceAccount + name: {{ template "fluentd.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/deployments/helm/v2/emco/fluentd/templates/forwarder-configmap.yaml b/deployments/helm/v2/emco/fluentd/templates/forwarder-configmap.yaml new file mode 100644 index 00000000..4fe7a762 --- /dev/null +++ b/deployments/helm/v2/emco/fluentd/templates/forwarder-configmap.yaml @@ -0,0 +1,108 @@ +{{- if and .Values.forwarder.enabled (not .Values.forwarder.configMap) -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "fluentd.fullname" . }}-forwarder-cm + labels: {{- include "fluentd.labels" . | nindent 4 }} + app.kubernetes.io/component: forwarder +data: + fluentd.conf: | + {{- if .Values.metrics.enabled -}} + # Prometheus Exporter Plugin + # input plugin that exports metrics + <source> + @type prometheus + port {{ .Values.metrics.service.port }} + </source> + + # input plugin that collects metrics from MonitorAgent + <source> + @type prometheus_monitor + <labels> + host ${hostname} + </labels> + </source> + + # input plugin that collects metrics for output plugin + <source> + @type prometheus_output_monitor + <labels> + host ${hostname} + </labels> + </source> + + # input plugin that collects metrics for in_tail plugin + <source> + @type prometheus_tail_monitor + <labels> + host ${hostname} + </labels> + </source> + {{- end }} + + # Ignore fluentd own events + <match fluent.**> + @type null + </match> + + # HTTP input for the liveness and readiness probes + <source> + @type http + port 9880 + </source> + + # Throw the healthcheck to the standard output instead of forwarding it + <match fluentd.healthcheck> + @type stdout + </match> + + # Get the logs from the containers running in the node + <source> + @type tail + path /var/log/containers/*mco*.log + # exclude Fluentd logs + exclude_path /var/log/containers/*fluentd*.log + pos_file /opt/bitnami/fluentd/logs/buffers/fluentd-docker.pos + tag kubernetes.* + read_from_head true + <parse> + @type json + </parse> + </source> + + # enrich with kubernetes metadata + <filter kubernetes.**> + @type kubernetes_metadata + </filter> + {{ if .Values.aggregator.enabled }} + # Forward all logs to the aggregators + <match **> + @type forward + {{- $fullName := (include "fluentd.fullname" .) }} + {{- $global := . }} + {{- $domain := default "cluster.local" .Values.clusterDomain }} + {{- $port := .Values.aggregator.port | int }} + {{- range $i, $e := until (.Values.aggregator.replicaCount | int) }} + <server> + {{ printf "host %s-%d.%s-headless.%s.svc.%s" $fullName $i $fullName $global.Release.Namespace $domain }} + {{ printf "port %d" $port }} + {{- if ne $i 0 }} + standby + {{- end }} + </server> + {{- end}} + + <buffer> + @type file + path /opt/bitnami/fluentd/logs/buffers/logs.buffer + flush_thread_count 2 + flush_interval 5s + </buffer> + </match> + {{- else }} + # Send the logs to the standard output + <match **> + @type stdout + </match> + {{- end -}} +{{- end -}} diff --git a/deployments/helm/v2/emco/fluentd/templates/forwarder-daemonset.yaml b/deployments/helm/v2/emco/fluentd/templates/forwarder-daemonset.yaml new file mode 100644 index 00000000..7c6e44df --- /dev/null +++ b/deployments/helm/v2/emco/fluentd/templates/forwarder-daemonset.yaml @@ -0,0 +1,125 @@ +{{- if .Values.forwarder.enabled }} +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: {{ include "fluentd.fullname" . }} + labels: {{- include "fluentd.labels" . | nindent 4 }} + app.kubernetes.io/component: forwarder +spec: + selector: + matchLabels: {{- include "fluentd.matchLabels" . | nindent 6 }} + app.kubernetes.io/component: forwarder + updateStrategy: {{- toYaml .Values.forwarder.updateStrategy | nindent 4 }} + template: + metadata: + labels: {{- include "fluentd.labels" . | nindent 8 }} + app.kubernetes.io/component: forwarder + annotations: + checksum/config: {{ include (print $.Template.BasePath "/forwarder-configmap.yaml") . | sha256sum }} + {{- if .Values.forwarder.podAnnotations }} + {{- include "fluentd.tplValue" (dict "value" .Values.forwarder.podAnnotations "context" $) | nindent 8 }} + {{- end }} + spec: +{{- include "fluentd.imagePullSecrets" . | nindent 6 }} + serviceAccountName: {{ template "fluentd.serviceAccountName" . }} + {{- if .Values.forwarder.affinity }} + affinity: {{- include "fluentd.tplValue" (dict "value" .Values.forwarder.affinity "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.forwarder.nodeSelector }} + nodeSelector: {{- include "fluentd.tplValue" (dict "value" .Values.forwarder.nodeSelector "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.forwarder.tolerations }} + tolerations: {{- include "fluentd.tplValue" (dict "value" .Values.forwarder.tolerations "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.forwarder.securityContext.enabled }} + securityContext: + runAsUser: {{ .Values.forwarder.securityContext.runAsUser }} + fsGroup: {{ .Values.forwarder.securityContext.fsGroup }} + {{- end }} + containers: + - name: fluentd + image: {{ include "fluentd.image" . }} + imagePullPolicy: {{ .Values.image.pullPolicy }} + env: + - name: FLUENTD_CONF + value: {{ .Values.forwarder.configFile }} + - name: FLUENTD_OPT + value: {{ .Values.forwarder.extraArgs | quote }} + - name: FLUENTD_DAEMON_USER + value: {{ .Values.forwarder.daemonUser | quote }} + - name: FLUEND_DAEMON_GROUP + value: {{ .Values.forwarder.daemonGroup | quote }} + {{- if .Values.forwarder.extraEnv }} + {{- toYaml .Values.forwarder.extraEnv | nindent 12 }} + {{- end }} + ports: + {{- if .Values.forwarder.containerPorts }} + {{- toYaml .Values.forwarder.containerPorts | nindent 12 }} + {{- end }} + {{- if .Values.metrics.enabled }} + - name: metrics + containerPort: {{ .Values.metrics.service.port }} + protocol: TCP + {{- end }} + {{- if .Values.forwarder.livenessProbe.enabled }} + livenessProbe: + httpGet: + path: /fluentd.healthcheck?json=%7B%22ping%22%3A+%22pong%22%7D + port: http + initialDelaySeconds: {{ .Values.forwarder.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.forwarder.livenessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.forwarder.livenessProbe.timeoutSeconds }} + successThreshold: {{ .Values.forwarder.livenessProbe.successThreshold }} + failureThreshold: {{ .Values.forwarder.livenessProbe.failureThreshold }} + {{- end }} + {{- if .Values.forwarder.readinessProbe.enabled }} + readinessProbe: + httpGet: + path: /fluentd.healthcheck?json=%7B%22ping%22%3A+%22pong%22%7D + port: http + initialDelaySeconds: {{ .Values.forwarder.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.forwarder.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.forwarder.readinessProbe.timeoutSeconds }} + successThreshold: {{ .Values.forwarder.readinessProbe.successThreshold }} + failureThreshold: {{ .Values.forwarder.readinessProbe.failureThreshold }} + {{- end }} + {{- if .Values.forwarder.resources }} + resources: {{- toYaml .Values.forwarder.resources | nindent 12 }} + {{- end }} + volumeMounts: + - name: fluentd-config + mountPath: /opt/bitnami/fluentd/conf + - name: buffer + mountPath: /opt/bitnami/fluentd/logs/buffers + {{- if .Values.tls.enabled }} + - name: certs + mountPath: /opt/bitnami/fluentd/certs + {{- end }} + - name: varlog + mountPath: /var/log + - name: varlibdockercontainers + mountPath: /var/lib/docker/containers + readOnly: true + volumes: + {{- if .Values.tls.enabled }} + - name: certs + secret: + secretName: {{ template "fluentd.tls.secretName" . }} + items: + - key: tls.crt + path: tls.crt + - key: tls.key + path: tls.key + {{- end }} + - name: fluentd-config + configMap: + name: {{ template "fluentd.forwarder.configMap" . }} + - name: buffer + emptyDir: {} + - name: varlog + hostPath: + path: /var/log + - name: varlibdockercontainers + hostPath: + path: /var/lib/docker/containers +{{- end }} diff --git a/deployments/helm/v2/emco/fluentd/templates/forwarder-svc.yaml b/deployments/helm/v2/emco/fluentd/templates/forwarder-svc.yaml new file mode 100644 index 00000000..a47d37b8 --- /dev/null +++ b/deployments/helm/v2/emco/fluentd/templates/forwarder-svc.yaml @@ -0,0 +1,32 @@ +{{- if and .Values.forwarder.enabled .Values.forwarder.service.ports }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "fluentd.fullname" . }}-forwarder + labels: {{- include "fluentd.labels" . | nindent 4 }} + app.kubernetes.io/component: forwarder + {{- if .Values.forwarder.service.annotations }} + annotations: {{- include "fluentd.tplValue" (dict "value" .Values.forwarder.service.annotations "context" $) | nindent 4 }} + {{- end }} +spec: + type: {{ .Values.forwarder.service.type }} + {{- if and .Values.forwarder.service.loadBalancerIP (eq .Values.forwarder.service.type "LoadBalancer") }} + loadBalancerIP: {{ .Values.forwarder.service.loadBalancerIP }} + {{- end }} + {{- if and .Values.forwarder.service.loadBalancerSourceRanges (eq .Values.forwarder.service.type "LoadBalancer") }} + loadBalancerSourceRanges: + {{- with .Values.forwarder.service.loadBalancerSourceRanges }} + {{ toYaml . | nindent 4 }} + {{- end }} + {{- end }} + {{- if and (eq .Values.forwarder.service.type "ClusterIP") .Values.forwarder.service.clusterIP }} + clusterIP: {{ .Values.forwarder.service.clusterIP }} + {{- end }} + ports: + {{- range $key, $value := .Values.forwarder.service.ports }} + - name: {{ $key }} + {{ toYaml $value | nindent 6 }} + {{- end }} + selector: {{ include "fluentd.matchLabels" . | nindent 4 }} + app.kubernetes.io/component: forwarder +{{- end }}
\ No newline at end of file diff --git a/deployments/helm/v2/emco/fluentd/templates/metrics-svc.yaml b/deployments/helm/v2/emco/fluentd/templates/metrics-svc.yaml new file mode 100644 index 00000000..2b0c92f1 --- /dev/null +++ b/deployments/helm/v2/emco/fluentd/templates/metrics-svc.yaml @@ -0,0 +1,18 @@ +{{- if .Values.metrics.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "fluentd.fullname" . }}-metrics + labels: {{- include "fluentd.labels" . | nindent 4 }} + annotations: {{- include "fluentd.tplValue" (dict "value" .Values.metrics.service.annotations "context" $) | nindent 4 }} +spec: + type: {{ .Values.metrics.service.type }} + {{- if and (eq .Values.metrics.service.type "LoadBalancer") .Values.metrics.service.loadBalancerIP }} + loadBalancerIP: {{ .Values.metrics.service.loadBalancerIP }} + {{- end }} + ports: + - name: metrics + port: {{ .Values.metrics.service.port }} + targetPort: metrics + selector: {{- include "fluentd.matchLabels" . | nindent 4 }} +{{- end }} diff --git a/deployments/helm/v2/emco/fluentd/templates/serviceaccount.yaml b/deployments/helm/v2/emco/fluentd/templates/serviceaccount.yaml new file mode 100644 index 00000000..1e584759 --- /dev/null +++ b/deployments/helm/v2/emco/fluentd/templates/serviceaccount.yaml @@ -0,0 +1,7 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "fluentd.serviceAccountName" . }} + labels: {{- include "fluentd.labels" . | nindent 4 }} +{{- end -}}
\ No newline at end of file diff --git a/deployments/helm/v2/emco/fluentd/templates/servicemonitor.yaml b/deployments/helm/v2/emco/fluentd/templates/servicemonitor.yaml new file mode 100644 index 00000000..e884ac56 --- /dev/null +++ b/deployments/helm/v2/emco/fluentd/templates/servicemonitor.yaml @@ -0,0 +1,28 @@ +{{- if and .Values.metrics.enabled .Values.metrics.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ include "fluentd.fullname" . }} + {{- if .Values.metrics.serviceMonitor.namespace }} + namespace: {{ .Values.metrics.serviceMonitor.namespace }} + {{- end }} + labels: {{- include "fluentd.labels" . | nindent 4 }} + {{- range $key, $value := .Values.metrics.serviceMonitor.selector }} + {{ $key }}: {{ $value | quote }} + {{- end }} +spec: + selector: + matchLabels: {{- include "fluentd.matchLabels" . | nindent 6 }} + endpoints: + - port: metrics + path: "/metrics" + {{- if .Values.metrics.serviceMonitor.interval }} + interval: {{ .Values.metrics.serviceMonitor.interval }} + {{- end }} + {{- if .Values.metrics.serviceMonitor.scrapeTimeout }} + scrapeTimeout: {{ .Values.metrics.serviceMonitor.scrapeTimeout }} + {{- end }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} +{{- end }} diff --git a/deployments/helm/v2/emco/fluentd/templates/svc-headless.yaml b/deployments/helm/v2/emco/fluentd/templates/svc-headless.yaml new file mode 100644 index 00000000..a64899a4 --- /dev/null +++ b/deployments/helm/v2/emco/fluentd/templates/svc-headless.yaml @@ -0,0 +1,18 @@ +{{- if and .Values.aggregator.enabled .Values.aggregator.service.ports -}} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "fluentd.fullname" . }}-headless + labels: {{- include "fluentd.labels" . | nindent 4 }} + app.kubernetes.io/component: aggregator +spec: + type: ClusterIP + clusterIP: None + ports: + {{- range $key, $value := .Values.aggregator.service.ports }} + - name: {{ $key }} + {{ toYaml $value | nindent 6 }} + {{- end }} + selector: {{- include "fluentd.matchLabels" . | nindent 4 }} + app.kubernetes.io/component: aggregator +{{- end -}} diff --git a/deployments/helm/v2/emco/fluentd/templates/tls-certs.yaml b/deployments/helm/v2/emco/fluentd/templates/tls-certs.yaml new file mode 100644 index 00000000..c37eb849 --- /dev/null +++ b/deployments/helm/v2/emco/fluentd/templates/tls-certs.yaml @@ -0,0 +1,11 @@ +{{- if and (not .Values.tls.existingSecret) ( .Values.tls.enabled) }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "fluentd.fullname" . }}-tls + labels: {{- include "fluentd.labels" . | nindent 4 }} +type: kubernetes.io/tls +data: + tls.crt: {{ required "A valid .Values.tls.certificate entry required!" .Values.tls.certificate | b64enc }} + tls.key: {{ required "A valid .Values.tls.key entry required!" .Values.tls.key | b64enc }} +{{- end }} |