clusters/core/addons/fluent-bit/values.yaml (138 lines of code) (raw):

# This chart depends on the KubeRocketCI's opensearch chart and the fluent-bit chart. fluent-bit: # we run only one instane of fluentbit which grabs events from k8s and cloud events kind: Deployment testFramework: enabled: false extraPorts: # This port is used to receive CloudEvents from Tekton Pipelines - name: cloudevents port: 8888 containerPort: 8888 protocol: TCP rbac: create: true # Work with kubernetes_events input plugin eventsAccess: true env: - name: ES_SUPERUSER_USER valueFrom: secretKeyRef: name: fluentbit-creds key: username - name: ES_SUPERUSER_PASSWORD valueFrom: secretKeyRef: name: fluentbit-creds key: password serviceMonitor: enabled: true interval: 10s scrapeTimeout: 10s selector: release: kube-prometheus metricRelabelings: - sourceLabels: [__meta_kubernetes_service_label_cluster] targetLabel: cluster regex: (.*) replacement: ${1} action: replace relabelings: - sourceLabels: [__meta_kubernetes_pod_node_name] separator: ; regex: ^(.*)$ targetLabel: nodename replacement: $1 action: replace additionalEndpoints: - port: metrics path: /metrics interval: 10s scrapeTimeout: 10s # metric relabel configs to apply to samples before ingestion. # metricRelabelings: - sourceLabels: [__meta_kubernetes_service_label_cluster] targetLabel: cluster regex: (.*) replacement: ${1} action: replace # relabel configs to apply to samples after ingestion. # relabelings: - sourceLabels: [__meta_kubernetes_pod_node_name] separator: ; regex: ^(.*)$ targetLabel: nodename replacement: $1 action: replace resources: limits: memory: 128Mi requests: cpu: 100m memory: 128Mi config: service: | [SERVICE] Daemon Off Flush {{ .Values.flush }} Log_Level {{ .Values.logLevel }} Parsers_File /fluent-bit/etc/parsers.conf Parsers_File /fluent-bit/etc/conf/custom_parsers.conf HTTP_Server On HTTP_Listen 0.0.0.0 HTTP_Port {{ .Values.metricsPort }} Health_Check On Storage.path /var/log/flb-storage/ Storage.sync normal Storage.checksum off Storage.backlog.mem_limit 5M inputs: | [INPUT] Name kubernetes_events # add the tag "k8s_events" to all events coming from this input tag k8s_events # ask k8s API for updates every 30 seconds interval_sec 15 # fetch at most 250 items per requests (pagination) kube_request_limit 2500 Storage.type filesystem # Use as the synk for the CloudEvents from Tekton Pipelines [INPUT] name http listen 0.0.0.0 port 8888 Storage.type filesystem outputs: | [OUTPUT] Name es Match k8s_events Host opensearch-cluster-master Port 9200 HTTP_User ${ES_SUPERUSER_USER} HTTP_Passwd ${ES_SUPERUSER_PASSWORD} Logstash_Format On Logstash_Prefix logstash-events Time_Key @timestamp Replace_Dots On Retry_Limit False Trace_Error Off Suppress_Type_Name On tls On tls.verify Off Storage.total_limit_size 1G [OUTPUT] Name es Match http.* Host opensearch-cluster-master Port 9200 HTTP_User ${ES_SUPERUSER_USER} HTTP_Passwd ${ES_SUPERUSER_PASSWORD} Logstash_Format On Logstash_Prefix logstash-cloudevents Time_Key @timestamp Replace_Dots On Retry_Limit False Trace_Error Off Suppress_Type_Name On tls On tls.verify Off Storage.total_limit_size 1G # This section enables configuration for using External Secrets Operator (ESO) as the secret manager. # Prerequisite: Ensure that ESO is installed in the cluster. # Refer to the EDP cluster add-on for ESO installation and setup: # https://github.com/epam/edp-cluster-add-ons/tree/main/clusters/core/addons/external-secrets # # Ensure that you have created the necessary roles for ESO integration. # Follow the detailed instructions here: # https://docs.kuberocketci.io/docs/operator-guide/secrets-management/external-secrets-operator-integration#aws-parameter-store-scenario-in-kuberocketci eso: # -- Install components of the ESO. enabled: true # -- Defines provider type. One of `aws` or `generic`. type: "aws" # -- Defines Secret Store name. secretStoreName: "aws-parameterstore" # -- Value name in AWS ParameterStore, AWS SecretsManager or other Secret Store. secretName: "/infra/core/addons/fluent-bit" # -- Role ARN for the ExternalSecretOperator to assume. roleArn: arn:aws:iam::012345678910:role/AWSIRSA_Shared_ExternalSecretOperatorAccess # Defines Secret Store configuration. Used when eso.type is set to "generic". generic: secretStore: # -- Defines SecretStore provider configuration. providerConfig: {} # gcpsm: # projectID: "alphabet-123"