--- apiVersion: helm.toolkit.fluxcd.io/v2 kind: HelmRelease metadata: name: logging-operator spec: chart: spec: sourceRef: kind: HelmRepository name: kube-logging chart: logging-operator install: {{- toYaml .Values.commons.helm.release.install | nindent 4 }} test: {{- toYaml .Values.commons.helm.release.test | nindent 4 }} upgrade: {{- toYaml .Values.commons.helm.release.upgrade | nindent 4 }} driftDetection: {{- toYaml .Values.commons.helm.release.driftDetection | nindent 4 }} interval: 10m values: monitoring: serviceMonitor: enabled: {{ (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1/ServiceMonitor") }} additionalLabels: {{- toYaml .Values.commons.prometheus.monitor.labels | nindent 10 }} # resources for logging-operator resources: limits: memory: 3Gi requests: cpu: 100m memory: 128Mi logging: enabled: true # fluentbit is used to collect data on nodes (so it is usefull to use hostPath) fluentbit: bufferStorageVolume: hostPath: path: "/var/lib/kube-logging/fluentbit/buffer" positiondb: hostPath: path: "/var/lib/kube-logging/fluentbit/positiondb" metrics: prometheusRules: {{ (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1/PrometheusRule") }} serviceMonitor: {{ (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1/ServiceMonitor") }} serviceMonitorConfig: additionalLabels: {{- toYaml .Values.commons.prometheus.monitor.labels | nindent 14 }} # fluentd is used to recieve data from fluentbit, filter (e.g. parse, grep) and forward output (e.g. loki) fluentd: scaling: replicas: {{ .Values.fluentd.replicas }} # resources for fluentd resources: limits: memory: "2400M" requests: cpu: "500m" memory: "200M" metrics: prometheusRules: {{ (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1/PrometheusRule") }} serviceMonitor: {{ (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1/ServiceMonitor") }} serviceMonitorConfig: additionalLabels: {{- toYaml .Values.commons.prometheus.monitor.labels | nindent 14 }} bufferVolumeMetrics: prometheusRules: {{ (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1/PrometheusRule") }} serviceMonitor: {{ (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1/ServiceMonitor") }} serviceMonitorConfig: additionalLabels: {{- toYaml .Values.commons.prometheus.monitor.labels | nindent 14 }} tls: # make problems on reinstall (maybe try it sometime again) enabled: false # allow clusteroutput from flow in other namespace allowClusterResourcesFromAllNamespaces: true enableRecreateWorkloadOnImmutableFieldChange: true # log kubernetes events eventTailer: name: "default" # forward errors to output errorOutputRef: "default" # if no (cluster)flow exits for pods: # filter: drop log messages if they contains "debug" # send logs: clusterOutput "default" defaultFlow: filters: - grep: exclude: - key: "message" pattern: /.*[Dd]ebug.*/ - prometheus: metrics: - name: "logs_defaultflow_count" desc: "The total number of message in namespace" type: "counter" labels: exported_namespace: "$.kubernetes.namespace_name" exported_pod: "$.kubernetes.pod_name" exported_container: "$.kubernetes.container_name" image: "$.kubernetes.container_image" app_kubernetes_io_name: "$['kubernetes']['labels']['app.kubernetes.io/name']" app_kubernetes_io_instance: "$['kubernetes']['labels']['app.kubernetes.io/instance']" globalOutputRefs: - "default" # usefull on elastic e.g. with dedot globalFilters: - prometheus: metrics: - name: "logs_all_count" desc: "The total number of messages in namespace" type: "counter" labels: exported_namespace: "$.kubernetes.namespace_name" exported_pod: "$.kubernetes.pod_name" exported_container: "$.kubernetes.container_name" image: "$.kubernetes.container_image" app_kubernetes_io_name: "$['kubernetes']['labels']['app.kubernetes.io/name']" app_kubernetes_io_instance: "$['kubernetes']['labels']['app.kubernetes.io/instance']" # deploy a clusteroutput (which all flows can use) clusterOutputs: - name: "default" spec: {{- if .Values.loki.enabled }} # for loki: # https://kube-logging.dev/docs/configuration/plugins/outputs/loki/ loki: url: http://loki:3100 buffer: timekey: 1m timekey_wait: 30s timekey_use_utc: true # do not use configure_kubernetes_labels strip other kubernetes labels extract_kubernetes_labels: true labels: # from configure_kubernetes_labels reimplement host: $.kubernetes.host namespace: $.kubernetes.namespace_name pod: $.kubernetes.pod_name pod_id: $.kubernetes.pod_id container: $.kubernetes.container_name container_id: $.kubernetes.docker_id {{- else }} nullout: {} {{- end }} # add some usefull default clusterFlows clusterFlows: # parse all data with logfmt of pod which contain label: kube_logging_parser=logfmt (and send to ClusterOutput default) - name: logfmt spec: filters: - parser: reserve_data: true remove_key_name_field: true hash_value_field: "logfmt" parse: type: "multi_format" patterns: - format: "logfmt" # fallback, just keep data unparsed - format: "none" match: - select: labels: "kube_logging_parser": "logfmt" globalOutputRefs: - "default" # parse all data with json of pod which contain label: kube_logging_parser=json (and send to ClusterOutput default) - name: json spec: filters: - parser: reserve_data: true remove_key_name_field: true hash_value_field: "json" parse: type: "multi_format" patterns: - format: "json" # fallback, just keep data unparsed - format: "none" match: - select: labels: "kube_logging_parser": "json" globalOutputRefs: - "default"