Skip to content

Commit

Permalink
Merge pull request #1236 from muhammadimranfarooqi/testbed
Browse files Browse the repository at this point in the history 
Adjustment of configuration for fluentd regarding nginx
  • Loading branch information
@muhammadimranfarooqi
muhammadimranfarooqi authored Oct 24, 2022
2 parents 8b98d51 + d38b01a commit da176c6
Show file tree
Hide file tree
Showing 6 changed files with 132 additions and 15 deletions.
2 changes: 1 addition & 1 deletion helm/fluentd-logs/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.1.1
version: 0.1.2

# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
Expand Down
4 changes: 2 additions & 2 deletions helm/fluentd-logs/templates/clusterrolebindings.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,5 +8,5 @@ roleRef:
apiGroup: rbac.authorization.k8s.io
subjects:
- kind: ServiceAccount
name: fluentd
namespace: default
name: fluentd-sa
namespace: kube-system
6 changes: 3 additions & 3 deletions helm/fluentd-logs/templates/daemonsets.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ apiVersion: apps/v1
kind: DaemonSet
metadata:
name: {{ .Release.Name }}
namespace: default
namespace: kube-system
labels:
k8s-app: fluentd-logging
version: v1
Expand All @@ -27,8 +27,8 @@ spec:
# update on configmap change
checksum/config-map: f9a2d5c985cd5eaabdb7cb08f20a5efff98c13111c29c079076cc25e8794c229
spec:
serviceAccount: fluentd
serviceAccountName: fluentd
serviceAccount: fluentd-sa
serviceAccountName: fluentd-sa
securityContext:
{{- toYaml .Values.securityContext | nindent 8 }}
initContainers:
Expand Down
4 changes: 2 additions & 2 deletions helm/fluentd-logs/templates/serviceaccount.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,6 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: fluentd
namespace: default
name: fluentd-sa
namespace: kube-system
{{- end }}
117 changes: 117 additions & 0 deletions kubernetes/cmsweb/daemonset/nginx-filebeat.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,117 @@
---
apiVersion: v1
kind: ConfigMap
metadata:
name: nginx-filebeat-config
namespace: kube-system
labels:
k8s-app: filebeat
data:
filebeat.yml: |-
filebeat.inputs:
- type: container
enabled: true
paths:
- "/var/log/containers/cern-magnum-ingress-nginx-controller*.log"
ignore_older: 1h
scan_frequency: 10s
backoff: 5s
max_backoff: 10s
output.console:
codec.format:
string: '%{[message]} - Podname=${MY_POD_NAME}'
pretty: false
queue.mem:
events: 65536
logging.metrics.enabled: false
---
kind: DaemonSet
apiVersion: apps/v1
metadata:
labels:
app: nginx-filebeat
name: nginx-filebeat
namespace: kube-system
spec:
selector:
matchLabels:
app: nginx-filebeat
updateStrategy:
rollingUpdate:
maxUnavailable: 1
type: RollingUpdate
template:
metadata:
labels:
app: nginx-filebeat
env: k8s #k8s#
spec:
dnsPolicy: ClusterFirst
securityContext:
seLinuxOptions:
type: spc_t
serviceAccount: fluentd-sa
serviceAccountName: fluentd-sa
terminationGracePeriodSeconds: 60
nodeSelector:
role: ingress
priorityClassName: system-node-critical
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}

containers:
- name: nginx-filebeat
image: docker.elastic.co/beats/filebeat:7.12.0
args: [
"-c", "/etc/filebeat.yml",
"-e",
]
securityContext:
runAsUser: 0
# If using Red Hat OpenShift uncomment this:
privileged: true
env:
- name: MY_POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
resources:
requests:
memory: "50Mi"
cpu: "50m"
volumeMounts:
- name: config
mountPath: /etc/filebeat.yml
readOnly: true
subPath: filebeat.yml
- name: data
mountPath: /usr/share/filebeat/data
- name: varlog
mountPath: /var/log
readOnly: true
- name: varlibdockercontainers
mountPath: /var/lib/docker/containers
readOnly: true

volumes:
- name: varlog
hostPath:
path: /var/log
type: ""
- name: config
configMap:
defaultMode: 0640
name: nginx-filebeat-config
- name: varlibdockercontainers
hostPath:
path: /var/lib/docker/containers
type: ""
- name: data
emptyDir: {}
---
14 changes: 7 additions & 7 deletions kubernetes/cmsweb/s3/fluentd.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,8 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: fluentd
namespace: default
name: fluentd-sa
namespace: kube-system
---
# Source: fluentd/templates/fluentd-rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1
Expand Down Expand Up @@ -33,15 +33,15 @@ roleRef:
apiGroup: rbac.authorization.k8s.io
subjects:
- kind: ServiceAccount
name: fluentd
namespace: default
name: fluentd-sa
namespace: kube-system
---
# Source: fluentd/templates/fluentd-daemon.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: cmsweb-test
namespace: default
namespace: kube-system
labels:
k8s-app: fluentd-logging
version: v1
Expand All @@ -65,8 +65,8 @@ spec:
# update on configmap change
checksum/config-map: f9a2d5c985cd5eaabdb7cb08f20a5efff98c13111c29c079076cc25e8794c229
spec:
serviceAccount: fluentd
serviceAccountName: fluentd
serviceAccount: fluentd-sa
serviceAccountName: fluentd-sa
securityContext:
seLinuxOptions:
type: "spc_t"
Expand Down

0 comments on commit da176c6

Please sign in to comment.