ops/ansible-role-k8s
8
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
main
ansible-role-k8s/templates/shared/fluent-bit.yaml.j2
srw 192c151635 sync role with upstream
2025-06-13 05:08:55 +00:00

162 lines
3.7 KiB
Django/Jinja
Raw Permalink Blame History

---
apiVersion: v1
kind: Namespace
metadata:
name: {{ k8s_fb_namespace }}
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: fluent-bit
namespace: {{ k8s_fb_namespace }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: fluent-bit-read
rules:
- apiGroups: [""]
resources: ["pods"]
verbs: ["get", "list", "watch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: fluent-bit-read
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: fluent-bit-read
subjects:
- kind: ServiceAccount
name: fluent-bit
namespace: {{ k8s_fb_namespace }}
---
apiVersion: v1
kind: Secret
metadata:
name: fluent-bit-auth
namespace: {{ k8s_fb_namespace }}
type: Opaque
data:
username: {{ k8s_fb_log_user }}
password: {{ k8s_fb_log_password }}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: fluent-bit-config
namespace: {{ k8s_fb_namespace }}
data:
fluent-bit.conf: |
[SERVICE]
Flush 1
Log_Level error
Parsers_File parsers.conf
[INPUT]
Name tail
Path {{ k8s_fb_log_path }}
Parser docker
Tag kube.*
Mem_Buf_Limit 5MB
Skip_Long_Lines On
[INPUT]
Name systemd
Tag host.journald
Path {{ k8s_fb_journal_path }}
DB /var/log/flb_journald.db
Read_From_Tail On
[FILTER]
Name kubernetes
Match kube.*
Kube_URL https://kubernetes.default.svc:443
Merge_Log On
K8S-Logging.Exclude Off
Labels On
Annotations On
[FILTER]
Name modify
Match host.journald
Add log_type host
Add environment production
[OUTPUT]
Name http
Match *
Host {{ k8s_fb_log_host }}
Port {{ k8s_fb_log_port }}
URI /insert/jsonline?_stream_fields=stream&_msg_field=log&_time_field=date
Format json_lines
json_date_format iso8601
HTTP_User ${FLUENTBIT_USER}
HTTP_Passwd ${FLUENTBIT_PASSWORD}
tls On
parsers.conf: |
[PARSER]
Name docker
Format json
Time_Key time
Time_Format %Y-%m-%dT%H:%M:%S.%L
Time_Keep On
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: fluent-bit
namespace: {{ k8s_fb_namespace }}
labels:
k8s-app: fluent-bit
spec:
selector:
matchLabels:
k8s-app: fluent-bit
template:
metadata:
labels:
k8s-app: fluent-bit
spec:
serviceAccountName: fluent-bit
containers:
- name: fluent-bit
image: {{ k8s_fb_image }}
volumeMounts:
- name: varlog
mountPath: {{ k8s_fb_log_path }}
- name: journal
mountPath: {{ k8s_fb_journal_path }}
- name: config
mountPath: /fluent-bit/etc/
env:
- name: FLUENTBIT_USER
valueFrom:
secretKeyRef:
name: fluent-bit-auth
key: username
- name: FLUENTBIT_PASSWORD
valueFrom:
secretKeyRef:
name: fluent-bit-auth
key: password
terminationGracePeriodSeconds: 10
volumes:
- name: varlog
hostPath:
path: {{ k8s_fb_log_path }}
- name: journal
hostPath:
path: {{ k8s_fb_journal_path }}
- name: config
configMap:
name: fluent-bit-config
Reference in New Issue View Git Blame Copy Permalink