mirror of
https://github.com/bitnami/charts.git
synced 2026-04-06 09:17:08 +08:00
[bitnami/fluentd] Add configurable resources for initContainers (#25423)
This commit is contained in:
JustinWang
@@ -30,4 +30,4 @@ maintainers:
|
||||
name: fluentd
|
||||
sources:
|
||||
- https://github.com/bitnami/charts/tree/main/bitnami/fluentd
|
||||
version: 6.1.1
|
||||
version: 6.2.0
|
||||
|
||||
@@ -224,282 +224,286 @@ As an alternative, you can use of the preset configurations for pod affinity, po
|
||||
|
||||
### Fluentd parameters
|
||||
|
||||
| Name | Description | Value |
|
||||
| -------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------- |
|
||||
| `image.registry` | Fluentd image registry | `REGISTRY_NAME` |
|
||||
| `image.repository` | Fluentd image repository | `REPOSITORY_NAME/fluentd` |
|
||||
| `image.pullPolicy` | Fluentd image pull policy | `IfNotPresent` |
|
||||
| `image.pullSecrets` | Fluentd image pull secrets | `[]` |
|
||||
| `image.debug` | Enable image debug mode | `false` |
|
||||
| `forwarder.enabled` | Enable forwarder daemonset | `true` |
|
||||
| `forwarder.image.registry` | Fluentd forwarder image registry override | `""` |
|
||||
| `forwarder.image.repository` | Fluentd forwarder image repository override | `""` |
|
||||
| `forwarder.daemonUser` | Forwarder daemon user and group (set to root by default because it reads from host paths) | `root` |
|
||||
| `forwarder.daemonGroup` | Fluentd forwarder daemon system group | `root` |
|
||||
| `forwarder.automountServiceAccountToken` | Mount Service Account token in pod | `true` |
|
||||
| `forwarder.hostAliases` | Add deployment host aliases | `[]` |
|
||||
| `forwarder.podSecurityContext.enabled` | Enable security context for forwarder pods | `true` |
|
||||
| `forwarder.podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` |
|
||||
| `forwarder.podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` |
|
||||
| `forwarder.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` |
|
||||
| `forwarder.podSecurityContext.fsGroup` | Group ID for forwarder's containers filesystem | `0` |
|
||||
| `forwarder.containerSecurityContext.enabled` | Enable security context for the forwarder container | `true` |
|
||||
| `forwarder.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` |
|
||||
| `forwarder.containerSecurityContext.runAsUser` | User ID for forwarder's containers | `0` |
|
||||
| `forwarder.containerSecurityContext.runAsGroup` | Group ID for forwarder's containers | `0` |
|
||||
| `forwarder.containerSecurityContext.privileged` | Run as privileged | `false` |
|
||||
| `forwarder.containerSecurityContext.allowPrivilegeEscalation` | Allow Privilege Escalation | `false` |
|
||||
| `forwarder.containerSecurityContext.readOnlyRootFilesystem` | Require the use of a read only root file system | `true` |
|
||||
| `forwarder.containerSecurityContext.capabilities.drop` | Drop capabilities for the securityContext | `[]` |
|
||||
| `forwarder.containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` |
|
||||
| `forwarder.hostNetwork` | Enable use of host network | `false` |
|
||||
| `forwarder.dnsPolicy` | Pod-specific DNS policy | `""` |
|
||||
| `forwarder.terminationGracePeriodSeconds` | Duration in seconds the pod needs to terminate gracefully | `30` |
|
||||
| `forwarder.extraGems` | List of extra gems to be installed. Can be used to install additional fluentd plugins. | `[]` |
|
||||
| `forwarder.configFile` | Name of the config file that will be used by Fluentd at launch under the `/opt/bitnami/fluentd/conf` directory | `fluentd.conf` |
|
||||
| `forwarder.configMap` | Name of the config map that contains the Fluentd configuration files | `""` |
|
||||
| `forwarder.configMapFiles` | Files to be added to be config map. Ignored if `forwarder.configMap` is set | `{}` |
|
||||
| `forwarder.extraArgs` | Extra arguments for the Fluentd command line | `""` |
|
||||
| `forwarder.extraEnvVars` | Extra environment variables to pass to the container | `[]` |
|
||||
| `forwarder.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Fluentd Forwarder nodes | `""` |
|
||||
| `forwarder.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Fluentd Forwarder nodes | `""` |
|
||||
| `forwarder.containerPorts` | Ports the forwarder containers will listen on | `[]` |
|
||||
| `forwarder.service.type` | Kubernetes service type (`ClusterIP`, `NodePort`, or `LoadBalancer`) for the forwarders | `ClusterIP` |
|
||||
| `forwarder.service.ports` | Array containing the forwarder service ports | `{}` |
|
||||
| `forwarder.service.loadBalancerIP` | loadBalancerIP if service type is `LoadBalancer` (optional, cloud specific) | `""` |
|
||||
| `forwarder.service.loadBalancerSourceRanges` | Addresses that are allowed when service is LoadBalancer | `[]` |
|
||||
| `forwarder.service.externalTrafficPolicy` | Fluentd Forwarder service external traffic policy | `Cluster` |
|
||||
| `forwarder.service.clusterIP` | Static clusterIP or None for headless services | `""` |
|
||||
| `forwarder.service.annotations` | Provide any additional annotations which may be required | `{}` |
|
||||
| `forwarder.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` |
|
||||
| `forwarder.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` |
|
||||
| `forwarder.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` |
|
||||
| `forwarder.networkPolicy.allowExternal` | Don't require server label for connections | `true` |
|
||||
| `forwarder.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` |
|
||||
| `forwarder.networkPolicy.kubeAPIServerPorts` | List of possible endpoints to kube-apiserver (limit to your cluster settings to increase security) | `[]` |
|
||||
| `forwarder.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` |
|
||||
| `forwarder.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` |
|
||||
| `forwarder.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` |
|
||||
| `forwarder.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` |
|
||||
| `forwarder.startupProbe.enabled` | Enable startupProbe | `false` |
|
||||
| `forwarder.startupProbe.httpGet.path` | Request path for startupProbe | `/fluentd.healthcheck?json=%7B%22ping%22%3A+%22pong%22%7D` |
|
||||
| `forwarder.startupProbe.httpGet.port` | Port for startupProbe | `http` |
|
||||
| `forwarder.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `60` |
|
||||
| `forwarder.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` |
|
||||
| `forwarder.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` |
|
||||
| `forwarder.startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` |
|
||||
| `forwarder.startupProbe.successThreshold` | Success threshold for startupProbe | `1` |
|
||||
| `forwarder.livenessProbe.enabled` | Enable livenessProbe | `true` |
|
||||
| `forwarder.livenessProbe.httpGet.path` | Request path for livenessProbe | `/fluentd.healthcheck?json=%7B%22ping%22%3A+%22pong%22%7D` |
|
||||
| `forwarder.livenessProbe.httpGet.port` | Port for livenessProbe | `http` |
|
||||
| `forwarder.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `60` |
|
||||
| `forwarder.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` |
|
||||
| `forwarder.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` |
|
||||
| `forwarder.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` |
|
||||
| `forwarder.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` |
|
||||
| `forwarder.readinessProbe.enabled` | Enable readinessProbe | `true` |
|
||||
| `forwarder.readinessProbe.httpGet.path` | Request path for readinessProbe | `/fluentd.healthcheck?json=%7B%22ping%22%3A+%22pong%22%7D` |
|
||||
| `forwarder.readinessProbe.httpGet.port` | Port for readinessProbe | `http` |
|
||||
| `forwarder.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` |
|
||||
| `forwarder.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` |
|
||||
| `forwarder.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` |
|
||||
| `forwarder.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` |
|
||||
| `forwarder.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` |
|
||||
| `forwarder.customStartupProbe` | Custom liveness probe for the Fluend Forwarder | `{}` |
|
||||
| `forwarder.customLivenessProbe` | Custom liveness probe for the Fluend Forwarder | `{}` |
|
||||
| `forwarder.customReadinessProbe` | Custom rediness probe for the Fluend Forwarder | `{}` |
|
||||
| `forwarder.updateStrategy.type` | Set up update strategy. | `RollingUpdate` |
|
||||
| `forwarder.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if forwarder.resources is set (forwarder.resources is recommended for production). | `nano` |
|
||||
| `forwarder.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` |
|
||||
| `forwarder.priorityClassName` | Set Priority Class Name to allow priority control over other pods | `""` |
|
||||
| `forwarder.schedulerName` | Name of the k8s scheduler (other than default) | `""` |
|
||||
| `forwarder.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` |
|
||||
| `forwarder.podAffinityPreset` | Forwarder Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` |
|
||||
| `forwarder.podAntiAffinityPreset` | Forwarder Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` |
|
||||
| `forwarder.nodeAffinityPreset.type` | Forwarder Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` |
|
||||
| `forwarder.nodeAffinityPreset.key` | Forwarder Node label key to match Ignored if `affinity` is set. | `""` |
|
||||
| `forwarder.nodeAffinityPreset.values` | Forwarder Node label values to match. Ignored if `affinity` is set. | `[]` |
|
||||
| `forwarder.affinity` | Forwarder Affinity for pod assignment | `{}` |
|
||||
| `forwarder.nodeSelector` | Forwarder Node labels for pod assignment | `{}` |
|
||||
| `forwarder.tolerations` | Forwarder Tolerations for pod assignment | `[]` |
|
||||
| `forwarder.podAnnotations` | Pod annotations | `{}` |
|
||||
| `forwarder.podLabels` | Extra labels to add to Pod | `{}` |
|
||||
| `forwarder.serviceAccount.create` | Specify whether a ServiceAccount should be created. | `true` |
|
||||
| `forwarder.serviceAccount.name` | The name of the ServiceAccount to create | `""` |
|
||||
| `forwarder.serviceAccount.annotations` | Additional Service Account annotations (evaluated as a template) | `{}` |
|
||||
| `forwarder.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `false` |
|
||||
| `forwarder.rbac.create` | Specify whether RBAC resources should be created and used, allowing the get, watch and list of pods/namespaces | `true` |
|
||||
| `forwarder.rbac.pspEnabled` | Whether to create a PodSecurityPolicy and bound it with RBAC. WARNING: PodSecurityPolicy is deprecated in Kubernetes v1.21 or later, unavailable in v1.25 or later | `false` |
|
||||
| `forwarder.persistence.enabled` | Enable persistence volume for the forwarder | `false` |
|
||||
| `forwarder.persistence.hostPath.path` | Directory from the host node's filesystem to mount as hostPath volume for persistence. | `/opt/bitnami/fluentd/logs/buffers` |
|
||||
| `forwarder.command` | Override default container command (useful when using custom images) | `[]` |
|
||||
| `forwarder.args` | Override default container args (useful when using custom images) | `[]` |
|
||||
| `forwarder.lifecycleHooks` | Additional lifecycles to add to the pods | `{}` |
|
||||
| `forwarder.initContainers` | Additional init containers to add to the pods | `[]` |
|
||||
| `forwarder.sidecars` | Add sidecars to forwarder pods | `[]` |
|
||||
| `forwarder.extraVolumes` | Extra volumes | `[]` |
|
||||
| `forwarder.extraVolumeMounts` | Mount extra volume(s) | `[]` |
|
||||
| `forwarder.initScripts` | Dictionary of init scripts. Evaluated as a template. | `{}` |
|
||||
| `forwarder.initScriptsCM` | ConfigMap with the init scripts. Evaluated as a template. | `""` |
|
||||
| `forwarder.initScriptsSecret` | Secret containing `/docker-entrypoint-initdb.d` scripts to be executed at initialization time that contain sensitive data. Evaluated as a template. | `""` |
|
||||
| `aggregator.enabled` | Enable Fluentd aggregator statefulset | `true` |
|
||||
| `aggregator.image.registry` | Fluentd aggregator image registry override | `""` |
|
||||
| `aggregator.image.repository` | Fluentd aggregator image repository override | `""` |
|
||||
| `aggregator.replicaCount` | Number of aggregator pods to deploy in the Stateful Set | `1` |
|
||||
| `aggregator.podSecurityContext.enabled` | Enable security context for aggregator pods | `true` |
|
||||
| `aggregator.podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` |
|
||||
| `aggregator.podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` |
|
||||
| `aggregator.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` |
|
||||
| `aggregator.podSecurityContext.fsGroup` | Group ID for aggregator's containers filesystem | `1001` |
|
||||
| `aggregator.automountServiceAccountToken` | Mount Service Account token in pod | `false` |
|
||||
| `aggregator.hostAliases` | Add deployment host aliases | `[]` |
|
||||
| `aggregator.containerSecurityContext.enabled` | Enable security context for the aggregator container | `true` |
|
||||
| `aggregator.containerSecurityContext.privileged` | Run as privileged | `false` |
|
||||
| `aggregator.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` |
|
||||
| `aggregator.containerSecurityContext.runAsUser` | User ID for aggregator's containers | `1001` |
|
||||
| `aggregator.containerSecurityContext.runAsGroup` | Group ID for aggregator's containers | `1001` |
|
||||
| `aggregator.containerSecurityContext.allowPrivilegeEscalation` | Allow Privilege Escalation | `false` |
|
||||
| `aggregator.containerSecurityContext.readOnlyRootFilesystem` | Require the use of a read only root file system | `true` |
|
||||
| `aggregator.containerSecurityContext.capabilities.drop` | Drop capabilities for the securityContext | `[]` |
|
||||
| `aggregator.containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` |
|
||||
| `aggregator.terminationGracePeriodSeconds` | Duration in seconds the pod needs to terminate gracefully | `30` |
|
||||
| `aggregator.extraGems` | List of extra gems to be installed. Can be used to install additional fluentd plugins. | `[]` |
|
||||
| `aggregator.configFile` | Name of the config file that will be used by Fluentd at launch under the `/opt/bitnami/fluentd/conf` directory | `fluentd.conf` |
|
||||
| `aggregator.configMap` | Name of the config map that contains the Fluentd configuration files | `""` |
|
||||
| `aggregator.configMapFiles` | Files to be added to be config map. Ignored if `aggregator.configMap` is set | `{}` |
|
||||
| `aggregator.port` | Port the Aggregator container will listen for logs. Leave it blank to ignore. | `24224` |
|
||||
| `aggregator.extraArgs` | Extra arguments for the Fluentd command line | `""` |
|
||||
| `aggregator.extraEnvVars` | Extra environment variables to pass to the container | `[]` |
|
||||
| `aggregator.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Fluentd Aggregator nodes | `""` |
|
||||
| `aggregator.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Fluentd Aggregator nodes | `""` |
|
||||
| `aggregator.containerPorts` | Ports the aggregator containers will listen on | `[]` |
|
||||
| `aggregator.service.type` | Kubernetes service type (`ClusterIP`, `NodePort`, or `LoadBalancer`) for the aggregators | `ClusterIP` |
|
||||
| `aggregator.service.ports` | Array containing the aggregator service ports | `{}` |
|
||||
| `aggregator.service.loadBalancerIP` | loadBalancerIP if service type is `LoadBalancer` (optional, cloud specific) | `""` |
|
||||
| `aggregator.service.loadBalancerSourceRanges` | Addresses that are allowed when service is LoadBalancer | `[]` |
|
||||
| `aggregator.service.clusterIP` | Static clusterIP or None for headless services | `""` |
|
||||
| `aggregator.service.annotations` | Provide any additional annotations which may be required | `{}` |
|
||||
| `aggregator.service.externalTrafficPolicy` | Fluentd Aggregator service external traffic policy | `Cluster` |
|
||||
| `aggregator.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` |
|
||||
| `aggregator.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` |
|
||||
| `aggregator.service.annotationsHeadless` | Provide any additional annotations which may be required on headless service | `{}` |
|
||||
| `aggregator.service.headless.annotations` | Annotations for the headless service. | `{}` |
|
||||
| `aggregator.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` |
|
||||
| `aggregator.networkPolicy.allowExternal` | Don't require server label for connections | `true` |
|
||||
| `aggregator.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` |
|
||||
| `aggregator.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` |
|
||||
| `aggregator.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` |
|
||||
| `aggregator.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` |
|
||||
| `aggregator.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` |
|
||||
| `aggregator.ingress.enabled` | Set to true to enable ingress record generation | `false` |
|
||||
| `aggregator.ingress.pathType` | Ingress Path type. How the path matching is interpreted | `ImplementationSpecific` |
|
||||
| `aggregator.ingress.apiVersion` | Override API Version (automatically detected if not set) | `""` |
|
||||
| `aggregator.ingress.hostname` | Default host for the ingress resource | `fluentd.local` |
|
||||
| `aggregator.ingress.path` | Default path for the ingress resource | `/` |
|
||||
| `aggregator.ingress.annotations` | Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. | `{}` |
|
||||
| `aggregator.ingress.tls` | Enable TLS configuration for the hostname defined at ingress.hostname parameter | `false` |
|
||||
| `aggregator.ingress.extraHosts` | The list of additional hostnames to be covered with this ingress record. | `[]` |
|
||||
| `aggregator.ingress.extraPaths` | Any additional arbitrary paths that may need to be added to the ingress under the main host. | `[]` |
|
||||
| `aggregator.ingress.extraTls` | The tls configuration for additional hostnames to be covered with this ingress record. | `[]` |
|
||||
| `aggregator.ingress.secrets` | If you're providing your own certificates, please use this to add the certificates as secrets | `[]` |
|
||||
| `aggregator.ingress.ingressClassName` | IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) | `""` |
|
||||
| `aggregator.ingress.extraRules` | Additional rules to be covered with this ingress record | `[]` |
|
||||
| `aggregator.startupProbe.enabled` | Enable startupProbe | `true` |
|
||||
| `aggregator.startupProbe.httpGet.path` | Request path for startupProbe | `/fluentd.healthcheck?json=%7B%22ping%22%3A+%22pong%22%7D` |
|
||||
| `aggregator.startupProbe.httpGet.port` | Port for startupProbe | `http` |
|
||||
| `aggregator.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `60` |
|
||||
| `aggregator.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` |
|
||||
| `aggregator.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` |
|
||||
| `aggregator.startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` |
|
||||
| `aggregator.startupProbe.successThreshold` | Success threshold for startupProbe | `1` |
|
||||
| `aggregator.livenessProbe.enabled` | Enable livenessProbe | `true` |
|
||||
| `aggregator.livenessProbe.httpGet.path` | Request path for livenessProbe | `/fluentd.healthcheck?json=%7B%22ping%22%3A+%22pong%22%7D` |
|
||||
| `aggregator.livenessProbe.httpGet.port` | Port for livenessProbe | `http` |
|
||||
| `aggregator.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `60` |
|
||||
| `aggregator.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` |
|
||||
| `aggregator.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` |
|
||||
| `aggregator.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` |
|
||||
| `aggregator.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` |
|
||||
| `aggregator.readinessProbe.enabled` | Enable readinessProbe | `true` |
|
||||
| `aggregator.readinessProbe.httpGet.path` | Request path for readinessProbe | `/fluentd.healthcheck?json=%7B%22ping%22%3A+%22pong%22%7D` |
|
||||
| `aggregator.readinessProbe.httpGet.port` | Port for readinessProbe | `http` |
|
||||
| `aggregator.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` |
|
||||
| `aggregator.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` |
|
||||
| `aggregator.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` |
|
||||
| `aggregator.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` |
|
||||
| `aggregator.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` |
|
||||
| `aggregator.customStartupProbe` | Custom liveness probe for the Fluentd Aggregator | `{}` |
|
||||
| `aggregator.customLivenessProbe` | Custom liveness probe for the Fluentd Aggregator | `{}` |
|
||||
| `aggregator.customReadinessProbe` | Custom rediness probe for the Fluentd Aggregator | `{}` |
|
||||
| `aggregator.updateStrategy.type` | Set up update strategy. | `RollingUpdate` |
|
||||
| `aggregator.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if aggregator.resources is set (aggregator.resources is recommended for production). | `nano` |
|
||||
| `aggregator.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` |
|
||||
| `aggregator.priorityClassName` | Fluentd Aggregator pods' priorityClassName | `""` |
|
||||
| `aggregator.schedulerName` | Name of the k8s scheduler (other than default) | `""` |
|
||||
| `aggregator.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` |
|
||||
| `aggregator.podManagementPolicy` | podManagementPolicy to manage scaling operation of Fluentd Aggregator pods | `""` |
|
||||
| `aggregator.podAffinityPreset` | Aggregator Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` |
|
||||
| `aggregator.podAntiAffinityPreset` | Aggregator Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` |
|
||||
| `aggregator.nodeAffinityPreset.type` | Aggregator Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` |
|
||||
| `aggregator.nodeAffinityPreset.key` | Aggregator Node label key to match Ignored if `affinity` is set. | `""` |
|
||||
| `aggregator.nodeAffinityPreset.values` | Aggregator Node label values to match. Ignored if `affinity` is set. | `[]` |
|
||||
| `aggregator.affinity` | Aggregator Affinity for pod assignment | `{}` |
|
||||
| `aggregator.nodeSelector` | Aggregator Node labels for pod assignment | `{}` |
|
||||
| `aggregator.tolerations` | Aggregator Tolerations for pod assignment | `[]` |
|
||||
| `aggregator.podAnnotations` | Pod annotations | `{}` |
|
||||
| `aggregator.podLabels` | Extra labels to add to Pod | `{}` |
|
||||
| `aggregator.serviceAccount.create` | Specify whether a ServiceAccount should be created | `true` |
|
||||
| `aggregator.serviceAccount.name` | The name of the ServiceAccount to create | `""` |
|
||||
| `aggregator.serviceAccount.annotations` | Additional Service Account annotations (evaluated as a template) | `{}` |
|
||||
| `aggregator.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `false` |
|
||||
| `aggregator.autoscaling.enabled` | Create an Horizontal Pod Autoscaler | `false` |
|
||||
| `aggregator.autoscaling.minReplicas` | Minimum number of replicas for the HPA | `2` |
|
||||
| `aggregator.autoscaling.maxReplicas` | Maximum number of replicas for the HPA | `5` |
|
||||
| `aggregator.autoscaling.metrics` | Metrics for the HPA to manage the scaling | `[]` |
|
||||
| `aggregator.autoscaling.behavior` | HPA Behavior | `{}` |
|
||||
| `aggregator.persistence.enabled` | Enable persistence volume for the aggregator | `false` |
|
||||
| `aggregator.persistence.storageClass` | Persistent Volume storage class | `""` |
|
||||
| `aggregator.persistence.accessModes` | Persistent Volume access modes | `["ReadWriteOnce"]` |
|
||||
| `aggregator.persistence.size` | Persistent Volume size | `10Gi` |
|
||||
| `aggregator.persistence.selector` | Selector to match an existing Persistent Volume (this value is evaluated as a template) | `{}` |
|
||||
| `aggregator.persistence.annotations` | Persistent Volume Claim annotations | `{}` |
|
||||
| `aggregator.command` | Override default container command (useful when using custom images) | `[]` |
|
||||
| `aggregator.args` | Override default container args (useful when using custom images) | `[]` |
|
||||
| `aggregator.lifecycleHooks` | Additional lifecycles to add to the pods | `{}` |
|
||||
| `aggregator.initContainers` | Add init containers to aggregator pods | `[]` |
|
||||
| `aggregator.sidecars` | Add sidecars to aggregator pods | `[]` |
|
||||
| `aggregator.extraVolumes` | Extra volumes | `[]` |
|
||||
| `aggregator.extraVolumeMounts` | Mount extra volume(s) | `[]` |
|
||||
| `aggregator.extraVolumeClaimTemplates` | Optionally specify extra list of additional volume claim templates for the Fluentd Aggregator pods in StatefulSet | `[]` |
|
||||
| `aggregator.initScripts` | Dictionary of init scripts. Evaluated as a template. | `{}` |
|
||||
| `aggregator.initScriptsCM` | ConfigMap with the init scripts. Evaluated as a template. | `""` |
|
||||
| `aggregator.initScriptsSecret` | Secret containing `/docker-entrypoint-initdb.d` scripts to be executed at initialization time that contain sensitive data. Evaluated as a template. | `""` |
|
||||
| `metrics.enabled` | Enable the export of Prometheus metrics | `false` |
|
||||
| `metrics.service.type` | Prometheus metrics service type | `ClusterIP` |
|
||||
| `metrics.service.port` | Prometheus metrics service port | `24231` |
|
||||
| `metrics.service.loadBalancerIP` | Load Balancer IP if the Prometheus metrics server type is `LoadBalancer` | `""` |
|
||||
| `metrics.service.clusterIP` | Prometheus metrics service Cluster IP | `""` |
|
||||
| `metrics.service.loadBalancerSourceRanges` | Prometheus metrics service Load Balancer sources | `[]` |
|
||||
| `metrics.service.externalTrafficPolicy` | Prometheus metrics service external traffic policy | `Cluster` |
|
||||
| `metrics.service.annotations` | Annotations for the Prometheus Exporter service service | `{}` |
|
||||
| `metrics.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` |
|
||||
| `metrics.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` |
|
||||
| `metrics.serviceMonitor.enabled` | if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) | `false` |
|
||||
| `metrics.serviceMonitor.namespace` | Namespace in which Prometheus is running | `""` |
|
||||
| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. | `""` |
|
||||
| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` |
|
||||
| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` |
|
||||
| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` |
|
||||
| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` |
|
||||
| `metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` |
|
||||
| `metrics.serviceMonitor.labels` | ServiceMonitor extra labels | `{}` |
|
||||
| `metrics.serviceMonitor.annotations` | ServiceMonitor annotations | `{}` |
|
||||
| `metrics.serviceMonitor.honorLabels` | honorLabels chooses the metric's labels on collisions with target labels | `false` |
|
||||
| `metrics.serviceMonitor.path` | path defines the path that promethues will use to pull metrics from the container | `/metrics` |
|
||||
| `tls.enabled` | Enable TLS/SSL encrytion for internal communications | `false` |
|
||||
| `tls.autoGenerated` | Generate automatically self-signed TLS certificates. | `false` |
|
||||
| `tls.forwarder.existingSecret` | Name of the existing secret containing the TLS certificates for the Fluentd forwarder | `""` |
|
||||
| `tls.aggregator.existingSecret` | Name of the existing secret containing the TLS certificates for the Fluentd aggregator | `""` |
|
||||
| Name | Description | Value |
|
||||
| -------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------- |
|
||||
| `image.registry` | Fluentd image registry | `REGISTRY_NAME` |
|
||||
| `image.repository` | Fluentd image repository | `REPOSITORY_NAME/fluentd` |
|
||||
| `image.pullPolicy` | Fluentd image pull policy | `IfNotPresent` |
|
||||
| `image.pullSecrets` | Fluentd image pull secrets | `[]` |
|
||||
| `image.debug` | Enable image debug mode | `false` |
|
||||
| `forwarder.enabled` | Enable forwarder daemonset | `true` |
|
||||
| `forwarder.image.registry` | Fluentd forwarder image registry override | `""` |
|
||||
| `forwarder.image.repository` | Fluentd forwarder image repository override | `""` |
|
||||
| `forwarder.daemonUser` | Forwarder daemon user and group (set to root by default because it reads from host paths) | `root` |
|
||||
| `forwarder.daemonGroup` | Fluentd forwarder daemon system group | `root` |
|
||||
| `forwarder.automountServiceAccountToken` | Mount Service Account token in pod | `true` |
|
||||
| `forwarder.hostAliases` | Add deployment host aliases | `[]` |
|
||||
| `forwarder.podSecurityContext.enabled` | Enable security context for forwarder pods | `true` |
|
||||
| `forwarder.podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` |
|
||||
| `forwarder.podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` |
|
||||
| `forwarder.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` |
|
||||
| `forwarder.podSecurityContext.fsGroup` | Group ID for forwarder's containers filesystem | `0` |
|
||||
| `forwarder.containerSecurityContext.enabled` | Enable security context for the forwarder container | `true` |
|
||||
| `forwarder.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` |
|
||||
| `forwarder.containerSecurityContext.runAsUser` | User ID for forwarder's containers | `0` |
|
||||
| `forwarder.containerSecurityContext.runAsGroup` | Group ID for forwarder's containers | `0` |
|
||||
| `forwarder.containerSecurityContext.privileged` | Run as privileged | `false` |
|
||||
| `forwarder.containerSecurityContext.allowPrivilegeEscalation` | Allow Privilege Escalation | `false` |
|
||||
| `forwarder.containerSecurityContext.readOnlyRootFilesystem` | Require the use of a read only root file system | `true` |
|
||||
| `forwarder.containerSecurityContext.capabilities.drop` | Drop capabilities for the securityContext | `[]` |
|
||||
| `forwarder.containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` |
|
||||
| `forwarder.hostNetwork` | Enable use of host network | `false` |
|
||||
| `forwarder.dnsPolicy` | Pod-specific DNS policy | `""` |
|
||||
| `forwarder.terminationGracePeriodSeconds` | Duration in seconds the pod needs to terminate gracefully | `30` |
|
||||
| `forwarder.extraGems` | List of extra gems to be installed. Can be used to install additional fluentd plugins. | `[]` |
|
||||
| `forwarder.configFile` | Name of the config file that will be used by Fluentd at launch under the `/opt/bitnami/fluentd/conf` directory | `fluentd.conf` |
|
||||
| `forwarder.configMap` | Name of the config map that contains the Fluentd configuration files | `""` |
|
||||
| `forwarder.configMapFiles` | Files to be added to be config map. Ignored if `forwarder.configMap` is set | `{}` |
|
||||
| `forwarder.extraArgs` | Extra arguments for the Fluentd command line | `""` |
|
||||
| `forwarder.extraEnvVars` | Extra environment variables to pass to the container | `[]` |
|
||||
| `forwarder.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Fluentd Forwarder nodes | `""` |
|
||||
| `forwarder.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Fluentd Forwarder nodes | `""` |
|
||||
| `forwarder.containerPorts` | Ports the forwarder containers will listen on | `[]` |
|
||||
| `forwarder.service.type` | Kubernetes service type (`ClusterIP`, `NodePort`, or `LoadBalancer`) for the forwarders | `ClusterIP` |
|
||||
| `forwarder.service.ports` | Array containing the forwarder service ports | `{}` |
|
||||
| `forwarder.service.loadBalancerIP` | loadBalancerIP if service type is `LoadBalancer` (optional, cloud specific) | `""` |
|
||||
| `forwarder.service.loadBalancerSourceRanges` | Addresses that are allowed when service is LoadBalancer | `[]` |
|
||||
| `forwarder.service.externalTrafficPolicy` | Fluentd Forwarder service external traffic policy | `Cluster` |
|
||||
| `forwarder.service.clusterIP` | Static clusterIP or None for headless services | `""` |
|
||||
| `forwarder.service.annotations` | Provide any additional annotations which may be required | `{}` |
|
||||
| `forwarder.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` |
|
||||
| `forwarder.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` |
|
||||
| `forwarder.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` |
|
||||
| `forwarder.networkPolicy.allowExternal` | Don't require server label for connections | `true` |
|
||||
| `forwarder.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` |
|
||||
| `forwarder.networkPolicy.kubeAPIServerPorts` | List of possible endpoints to kube-apiserver (limit to your cluster settings to increase security) | `[]` |
|
||||
| `forwarder.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` |
|
||||
| `forwarder.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` |
|
||||
| `forwarder.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` |
|
||||
| `forwarder.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` |
|
||||
| `forwarder.startupProbe.enabled` | Enable startupProbe | `false` |
|
||||
| `forwarder.startupProbe.httpGet.path` | Request path for startupProbe | `/fluentd.healthcheck?json=%7B%22ping%22%3A+%22pong%22%7D` |
|
||||
| `forwarder.startupProbe.httpGet.port` | Port for startupProbe | `http` |
|
||||
| `forwarder.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `60` |
|
||||
| `forwarder.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` |
|
||||
| `forwarder.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` |
|
||||
| `forwarder.startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` |
|
||||
| `forwarder.startupProbe.successThreshold` | Success threshold for startupProbe | `1` |
|
||||
| `forwarder.livenessProbe.enabled` | Enable livenessProbe | `true` |
|
||||
| `forwarder.livenessProbe.httpGet.path` | Request path for livenessProbe | `/fluentd.healthcheck?json=%7B%22ping%22%3A+%22pong%22%7D` |
|
||||
| `forwarder.livenessProbe.httpGet.port` | Port for livenessProbe | `http` |
|
||||
| `forwarder.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `60` |
|
||||
| `forwarder.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` |
|
||||
| `forwarder.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` |
|
||||
| `forwarder.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` |
|
||||
| `forwarder.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` |
|
||||
| `forwarder.readinessProbe.enabled` | Enable readinessProbe | `true` |
|
||||
| `forwarder.readinessProbe.httpGet.path` | Request path for readinessProbe | `/fluentd.healthcheck?json=%7B%22ping%22%3A+%22pong%22%7D` |
|
||||
| `forwarder.readinessProbe.httpGet.port` | Port for readinessProbe | `http` |
|
||||
| `forwarder.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` |
|
||||
| `forwarder.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` |
|
||||
| `forwarder.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` |
|
||||
| `forwarder.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` |
|
||||
| `forwarder.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` |
|
||||
| `forwarder.customStartupProbe` | Custom liveness probe for the Fluend Forwarder | `{}` |
|
||||
| `forwarder.customLivenessProbe` | Custom liveness probe for the Fluend Forwarder | `{}` |
|
||||
| `forwarder.customReadinessProbe` | Custom rediness probe for the Fluend Forwarder | `{}` |
|
||||
| `forwarder.updateStrategy.type` | Set up update strategy. | `RollingUpdate` |
|
||||
| `forwarder.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if forwarder.resources is set (forwarder.resources is recommended for production). | `nano` |
|
||||
| `forwarder.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` |
|
||||
| `forwarder.priorityClassName` | Set Priority Class Name to allow priority control over other pods | `""` |
|
||||
| `forwarder.schedulerName` | Name of the k8s scheduler (other than default) | `""` |
|
||||
| `forwarder.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` |
|
||||
| `forwarder.podAffinityPreset` | Forwarder Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` |
|
||||
| `forwarder.podAntiAffinityPreset` | Forwarder Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` |
|
||||
| `forwarder.nodeAffinityPreset.type` | Forwarder Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` |
|
||||
| `forwarder.nodeAffinityPreset.key` | Forwarder Node label key to match Ignored if `affinity` is set. | `""` |
|
||||
| `forwarder.nodeAffinityPreset.values` | Forwarder Node label values to match. Ignored if `affinity` is set. | `[]` |
|
||||
| `forwarder.affinity` | Forwarder Affinity for pod assignment | `{}` |
|
||||
| `forwarder.nodeSelector` | Forwarder Node labels for pod assignment | `{}` |
|
||||
| `forwarder.tolerations` | Forwarder Tolerations for pod assignment | `[]` |
|
||||
| `forwarder.podAnnotations` | Pod annotations | `{}` |
|
||||
| `forwarder.podLabels` | Extra labels to add to Pod | `{}` |
|
||||
| `forwarder.serviceAccount.create` | Specify whether a ServiceAccount should be created. | `true` |
|
||||
| `forwarder.serviceAccount.name` | The name of the ServiceAccount to create | `""` |
|
||||
| `forwarder.serviceAccount.annotations` | Additional Service Account annotations (evaluated as a template) | `{}` |
|
||||
| `forwarder.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `false` |
|
||||
| `forwarder.rbac.create` | Specify whether RBAC resources should be created and used, allowing the get, watch and list of pods/namespaces | `true` |
|
||||
| `forwarder.rbac.pspEnabled` | Whether to create a PodSecurityPolicy and bound it with RBAC. WARNING: PodSecurityPolicy is deprecated in Kubernetes v1.21 or later, unavailable in v1.25 or later | `false` |
|
||||
| `forwarder.persistence.enabled` | Enable persistence volume for the forwarder | `false` |
|
||||
| `forwarder.persistence.hostPath.path` | Directory from the host node's filesystem to mount as hostPath volume for persistence. | `/opt/bitnami/fluentd/logs/buffers` |
|
||||
| `forwarder.command` | Override default container command (useful when using custom images) | `[]` |
|
||||
| `forwarder.args` | Override default container args (useful when using custom images) | `[]` |
|
||||
| `forwarder.lifecycleHooks` | Additional lifecycles to add to the pods | `{}` |
|
||||
| `forwarder.initResourcePresets` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if aggregator.resources is set (aggregator.resources is recommended for production). | `nano` |
|
||||
| `forwarder.initResources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` |
|
||||
| `forwarder.initContainers` | Additional init containers to add to the pods | `[]` |
|
||||
| `forwarder.sidecars` | Add sidecars to forwarder pods | `[]` |
|
||||
| `forwarder.extraVolumes` | Extra volumes | `[]` |
|
||||
| `forwarder.extraVolumeMounts` | Mount extra volume(s) | `[]` |
|
||||
| `forwarder.initScripts` | Dictionary of init scripts. Evaluated as a template. | `{}` |
|
||||
| `forwarder.initScriptsCM` | ConfigMap with the init scripts. Evaluated as a template. | `""` |
|
||||
| `forwarder.initScriptsSecret` | Secret containing `/docker-entrypoint-initdb.d` scripts to be executed at initialization time that contain sensitive data. Evaluated as a template. | `""` |
|
||||
| `aggregator.enabled` | Enable Fluentd aggregator statefulset | `true` |
|
||||
| `aggregator.image.registry` | Fluentd aggregator image registry override | `""` |
|
||||
| `aggregator.image.repository` | Fluentd aggregator image repository override | `""` |
|
||||
| `aggregator.replicaCount` | Number of aggregator pods to deploy in the Stateful Set | `1` |
|
||||
| `aggregator.podSecurityContext.enabled` | Enable security context for aggregator pods | `true` |
|
||||
| `aggregator.podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` |
|
||||
| `aggregator.podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` |
|
||||
| `aggregator.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` |
|
||||
| `aggregator.podSecurityContext.fsGroup` | Group ID for aggregator's containers filesystem | `1001` |
|
||||
| `aggregator.automountServiceAccountToken` | Mount Service Account token in pod | `false` |
|
||||
| `aggregator.hostAliases` | Add deployment host aliases | `[]` |
|
||||
| `aggregator.containerSecurityContext.enabled` | Enable security context for the aggregator container | `true` |
|
||||
| `aggregator.containerSecurityContext.privileged` | Run as privileged | `false` |
|
||||
| `aggregator.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` |
|
||||
| `aggregator.containerSecurityContext.runAsUser` | User ID for aggregator's containers | `1001` |
|
||||
| `aggregator.containerSecurityContext.runAsGroup` | Group ID for aggregator's containers | `1001` |
|
||||
| `aggregator.containerSecurityContext.allowPrivilegeEscalation` | Allow Privilege Escalation | `false` |
|
||||
| `aggregator.containerSecurityContext.readOnlyRootFilesystem` | Require the use of a read only root file system | `true` |
|
||||
| `aggregator.containerSecurityContext.capabilities.drop` | Drop capabilities for the securityContext | `[]` |
|
||||
| `aggregator.containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` |
|
||||
| `aggregator.terminationGracePeriodSeconds` | Duration in seconds the pod needs to terminate gracefully | `30` |
|
||||
| `aggregator.extraGems` | List of extra gems to be installed. Can be used to install additional fluentd plugins. | `[]` |
|
||||
| `aggregator.configFile` | Name of the config file that will be used by Fluentd at launch under the `/opt/bitnami/fluentd/conf` directory | `fluentd.conf` |
|
||||
| `aggregator.configMap` | Name of the config map that contains the Fluentd configuration files | `""` |
|
||||
| `aggregator.configMapFiles` | Files to be added to be config map. Ignored if `aggregator.configMap` is set | `{}` |
|
||||
| `aggregator.port` | Port the Aggregator container will listen for logs. Leave it blank to ignore. | `24224` |
|
||||
| `aggregator.extraArgs` | Extra arguments for the Fluentd command line | `""` |
|
||||
| `aggregator.extraEnvVars` | Extra environment variables to pass to the container | `[]` |
|
||||
| `aggregator.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Fluentd Aggregator nodes | `""` |
|
||||
| `aggregator.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Fluentd Aggregator nodes | `""` |
|
||||
| `aggregator.containerPorts` | Ports the aggregator containers will listen on | `[]` |
|
||||
| `aggregator.service.type` | Kubernetes service type (`ClusterIP`, `NodePort`, or `LoadBalancer`) for the aggregators | `ClusterIP` |
|
||||
| `aggregator.service.ports` | Array containing the aggregator service ports | `{}` |
|
||||
| `aggregator.service.loadBalancerIP` | loadBalancerIP if service type is `LoadBalancer` (optional, cloud specific) | `""` |
|
||||
| `aggregator.service.loadBalancerSourceRanges` | Addresses that are allowed when service is LoadBalancer | `[]` |
|
||||
| `aggregator.service.clusterIP` | Static clusterIP or None for headless services | `""` |
|
||||
| `aggregator.service.annotations` | Provide any additional annotations which may be required | `{}` |
|
||||
| `aggregator.service.externalTrafficPolicy` | Fluentd Aggregator service external traffic policy | `Cluster` |
|
||||
| `aggregator.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` |
|
||||
| `aggregator.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` |
|
||||
| `aggregator.service.annotationsHeadless` | Provide any additional annotations which may be required on headless service | `{}` |
|
||||
| `aggregator.service.headless.annotations` | Annotations for the headless service. | `{}` |
|
||||
| `aggregator.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` |
|
||||
| `aggregator.networkPolicy.allowExternal` | Don't require server label for connections | `true` |
|
||||
| `aggregator.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` |
|
||||
| `aggregator.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` |
|
||||
| `aggregator.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` |
|
||||
| `aggregator.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` |
|
||||
| `aggregator.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` |
|
||||
| `aggregator.ingress.enabled` | Set to true to enable ingress record generation | `false` |
|
||||
| `aggregator.ingress.pathType` | Ingress Path type. How the path matching is interpreted | `ImplementationSpecific` |
|
||||
| `aggregator.ingress.apiVersion` | Override API Version (automatically detected if not set) | `""` |
|
||||
| `aggregator.ingress.hostname` | Default host for the ingress resource | `fluentd.local` |
|
||||
| `aggregator.ingress.path` | Default path for the ingress resource | `/` |
|
||||
| `aggregator.ingress.annotations` | Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. | `{}` |
|
||||
| `aggregator.ingress.tls` | Enable TLS configuration for the hostname defined at ingress.hostname parameter | `false` |
|
||||
| `aggregator.ingress.extraHosts` | The list of additional hostnames to be covered with this ingress record. | `[]` |
|
||||
| `aggregator.ingress.extraPaths` | Any additional arbitrary paths that may need to be added to the ingress under the main host. | `[]` |
|
||||
| `aggregator.ingress.extraTls` | The tls configuration for additional hostnames to be covered with this ingress record. | `[]` |
|
||||
| `aggregator.ingress.secrets` | If you're providing your own certificates, please use this to add the certificates as secrets | `[]` |
|
||||
| `aggregator.ingress.ingressClassName` | IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) | `""` |
|
||||
| `aggregator.ingress.extraRules` | Additional rules to be covered with this ingress record | `[]` |
|
||||
| `aggregator.startupProbe.enabled` | Enable startupProbe | `true` |
|
||||
| `aggregator.startupProbe.httpGet.path` | Request path for startupProbe | `/fluentd.healthcheck?json=%7B%22ping%22%3A+%22pong%22%7D` |
|
||||
| `aggregator.startupProbe.httpGet.port` | Port for startupProbe | `http` |
|
||||
| `aggregator.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `60` |
|
||||
| `aggregator.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` |
|
||||
| `aggregator.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` |
|
||||
| `aggregator.startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` |
|
||||
| `aggregator.startupProbe.successThreshold` | Success threshold for startupProbe | `1` |
|
||||
| `aggregator.livenessProbe.enabled` | Enable livenessProbe | `true` |
|
||||
| `aggregator.livenessProbe.httpGet.path` | Request path for livenessProbe | `/fluentd.healthcheck?json=%7B%22ping%22%3A+%22pong%22%7D` |
|
||||
| `aggregator.livenessProbe.httpGet.port` | Port for livenessProbe | `http` |
|
||||
| `aggregator.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `60` |
|
||||
| `aggregator.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` |
|
||||
| `aggregator.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` |
|
||||
| `aggregator.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` |
|
||||
| `aggregator.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` |
|
||||
| `aggregator.readinessProbe.enabled` | Enable readinessProbe | `true` |
|
||||
| `aggregator.readinessProbe.httpGet.path` | Request path for readinessProbe | `/fluentd.healthcheck?json=%7B%22ping%22%3A+%22pong%22%7D` |
|
||||
| `aggregator.readinessProbe.httpGet.port` | Port for readinessProbe | `http` |
|
||||
| `aggregator.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` |
|
||||
| `aggregator.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` |
|
||||
| `aggregator.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` |
|
||||
| `aggregator.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` |
|
||||
| `aggregator.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` |
|
||||
| `aggregator.customStartupProbe` | Custom liveness probe for the Fluentd Aggregator | `{}` |
|
||||
| `aggregator.customLivenessProbe` | Custom liveness probe for the Fluentd Aggregator | `{}` |
|
||||
| `aggregator.customReadinessProbe` | Custom rediness probe for the Fluentd Aggregator | `{}` |
|
||||
| `aggregator.updateStrategy.type` | Set up update strategy. | `RollingUpdate` |
|
||||
| `aggregator.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if aggregator.resources is set (aggregator.resources is recommended for production). | `nano` |
|
||||
| `aggregator.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` |
|
||||
| `aggregator.priorityClassName` | Fluentd Aggregator pods' priorityClassName | `""` |
|
||||
| `aggregator.schedulerName` | Name of the k8s scheduler (other than default) | `""` |
|
||||
| `aggregator.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` |
|
||||
| `aggregator.podManagementPolicy` | podManagementPolicy to manage scaling operation of Fluentd Aggregator pods | `""` |
|
||||
| `aggregator.podAffinityPreset` | Aggregator Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` |
|
||||
| `aggregator.podAntiAffinityPreset` | Aggregator Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` |
|
||||
| `aggregator.nodeAffinityPreset.type` | Aggregator Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` |
|
||||
| `aggregator.nodeAffinityPreset.key` | Aggregator Node label key to match Ignored if `affinity` is set. | `""` |
|
||||
| `aggregator.nodeAffinityPreset.values` | Aggregator Node label values to match. Ignored if `affinity` is set. | `[]` |
|
||||
| `aggregator.affinity` | Aggregator Affinity for pod assignment | `{}` |
|
||||
| `aggregator.nodeSelector` | Aggregator Node labels for pod assignment | `{}` |
|
||||
| `aggregator.tolerations` | Aggregator Tolerations for pod assignment | `[]` |
|
||||
| `aggregator.podAnnotations` | Pod annotations | `{}` |
|
||||
| `aggregator.podLabels` | Extra labels to add to Pod | `{}` |
|
||||
| `aggregator.serviceAccount.create` | Specify whether a ServiceAccount should be created | `true` |
|
||||
| `aggregator.serviceAccount.name` | The name of the ServiceAccount to create | `""` |
|
||||
| `aggregator.serviceAccount.annotations` | Additional Service Account annotations (evaluated as a template) | `{}` |
|
||||
| `aggregator.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `false` |
|
||||
| `aggregator.autoscaling.enabled` | Create an Horizontal Pod Autoscaler | `false` |
|
||||
| `aggregator.autoscaling.minReplicas` | Minimum number of replicas for the HPA | `2` |
|
||||
| `aggregator.autoscaling.maxReplicas` | Maximum number of replicas for the HPA | `5` |
|
||||
| `aggregator.autoscaling.metrics` | Metrics for the HPA to manage the scaling | `[]` |
|
||||
| `aggregator.autoscaling.behavior` | HPA Behavior | `{}` |
|
||||
| `aggregator.persistence.enabled` | Enable persistence volume for the aggregator | `false` |
|
||||
| `aggregator.persistence.storageClass` | Persistent Volume storage class | `""` |
|
||||
| `aggregator.persistence.accessModes` | Persistent Volume access modes | `["ReadWriteOnce"]` |
|
||||
| `aggregator.persistence.size` | Persistent Volume size | `10Gi` |
|
||||
| `aggregator.persistence.selector` | Selector to match an existing Persistent Volume (this value is evaluated as a template) | `{}` |
|
||||
| `aggregator.persistence.annotations` | Persistent Volume Claim annotations | `{}` |
|
||||
| `aggregator.command` | Override default container command (useful when using custom images) | `[]` |
|
||||
| `aggregator.args` | Override default container args (useful when using custom images) | `[]` |
|
||||
| `aggregator.lifecycleHooks` | Additional lifecycles to add to the pods | `{}` |
|
||||
| `aggregator.initResourcePresets` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if aggregator.resources is set (aggregator.resources is recommended for production). | `nano` |
|
||||
| `aggregator.initResources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` |
|
||||
| `aggregator.initContainers` | Add init containers to aggregator pods | `[]` |
|
||||
| `aggregator.sidecars` | Add sidecars to aggregator pods | `[]` |
|
||||
| `aggregator.extraVolumes` | Extra volumes | `[]` |
|
||||
| `aggregator.extraVolumeMounts` | Mount extra volume(s) | `[]` |
|
||||
| `aggregator.extraVolumeClaimTemplates` | Optionally specify extra list of additional volume claim templates for the Fluentd Aggregator pods in StatefulSet | `[]` |
|
||||
| `aggregator.initScripts` | Dictionary of init scripts. Evaluated as a template. | `{}` |
|
||||
| `aggregator.initScriptsCM` | ConfigMap with the init scripts. Evaluated as a template. | `""` |
|
||||
| `aggregator.initScriptsSecret` | Secret containing `/docker-entrypoint-initdb.d` scripts to be executed at initialization time that contain sensitive data. Evaluated as a template. | `""` |
|
||||
| `metrics.enabled` | Enable the export of Prometheus metrics | `false` |
|
||||
| `metrics.service.type` | Prometheus metrics service type | `ClusterIP` |
|
||||
| `metrics.service.port` | Prometheus metrics service port | `24231` |
|
||||
| `metrics.service.loadBalancerIP` | Load Balancer IP if the Prometheus metrics server type is `LoadBalancer` | `""` |
|
||||
| `metrics.service.clusterIP` | Prometheus metrics service Cluster IP | `""` |
|
||||
| `metrics.service.loadBalancerSourceRanges` | Prometheus metrics service Load Balancer sources | `[]` |
|
||||
| `metrics.service.externalTrafficPolicy` | Prometheus metrics service external traffic policy | `Cluster` |
|
||||
| `metrics.service.annotations` | Annotations for the Prometheus Exporter service service | `{}` |
|
||||
| `metrics.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` |
|
||||
| `metrics.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` |
|
||||
| `metrics.serviceMonitor.enabled` | if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) | `false` |
|
||||
| `metrics.serviceMonitor.namespace` | Namespace in which Prometheus is running | `""` |
|
||||
| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. | `""` |
|
||||
| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` |
|
||||
| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` |
|
||||
| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` |
|
||||
| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` |
|
||||
| `metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` |
|
||||
| `metrics.serviceMonitor.labels` | ServiceMonitor extra labels | `{}` |
|
||||
| `metrics.serviceMonitor.annotations` | ServiceMonitor annotations | `{}` |
|
||||
| `metrics.serviceMonitor.honorLabels` | honorLabels chooses the metric's labels on collisions with target labels | `false` |
|
||||
| `metrics.serviceMonitor.path` | path defines the path that promethues will use to pull metrics from the container | `/metrics` |
|
||||
| `tls.enabled` | Enable TLS/SSL encrytion for internal communications | `false` |
|
||||
| `tls.autoGenerated` | Generate automatically self-signed TLS certificates. | `false` |
|
||||
| `tls.forwarder.existingSecret` | Name of the existing secret containing the TLS certificates for the Fluentd forwarder | `""` |
|
||||
| `tls.aggregator.existingSecret` | Name of the existing secret containing the TLS certificates for the Fluentd aggregator | `""` |
|
||||
|
||||
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
|
||||
|
||||
|
||||
@@ -96,6 +96,11 @@ spec:
|
||||
cp -r /opt/bitnami/fluentd/extensions/* /extensions/
|
||||
cp -r /opt/bitnami/fluentd/gems/* /gems/
|
||||
cp -r /opt/bitnami/fluentd/specifications/* /specifications/
|
||||
{{- if .Values.aggregator.initResources }}
|
||||
resources: {{- toYaml .Values.aggregator.initResources | nindent 12 }}
|
||||
{{- else if ne .Values.aggregator.initResourcePresets "none" }}
|
||||
resources: {{- include "common.resources.preset" (dict "type" .Values.aggregator.initResourcePresets) | nindent 12 }}
|
||||
{{- end }}
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
runAsUser: 0
|
||||
@@ -124,6 +129,11 @@ spec:
|
||||
- |-
|
||||
#!/bin/sh
|
||||
chmod o-rwx /tmp
|
||||
{{- if .Values.aggregator.initResources }}
|
||||
resources: {{- toYaml .Values.aggregator.initResources | nindent 12 }}
|
||||
{{- else if ne .Values.aggregator.initResourcePresets "none" }}
|
||||
resources: {{- include "common.resources.preset" (dict "type" .Values.aggregator.initResourcePresets) | nindent 12 }}
|
||||
{{- end }}
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
runAsUser: 0
|
||||
|
||||
@@ -88,6 +88,11 @@ spec:
|
||||
# copy installed gems to shared dir
|
||||
cp -r /opt/bitnami/fluentd/gems/* /gems/
|
||||
cp -r /opt/bitnami/fluentd/specifications/* /specifications/
|
||||
{{- if .Values.forwarder.initResources }}
|
||||
resources: {{- toYaml .Values.forwarder.initResources | nindent 12 }}
|
||||
{{- else if ne .Values.forwarder.initResourcePresets "none" }}
|
||||
resources: {{- include "common.resources.preset" (dict "type" .Values.forwarder.initResourcePresets) | nindent 12 }}
|
||||
{{- end }}
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
runAsUser: 0
|
||||
@@ -113,6 +118,11 @@ spec:
|
||||
- |-
|
||||
#!/bin/sh
|
||||
chmod o-rwx /tmp
|
||||
{{- if .Values.forwarder.initResources }}
|
||||
resources: {{- toYaml .Values.forwarder.initResources | nindent 12 }}
|
||||
{{- else if ne .Values.forwarder.initResourcePresets "none" }}
|
||||
resources: {{- include "common.resources.preset" (dict "type" .Values.forwarder.initResourcePresets) | nindent 12 }}
|
||||
{{- end }}
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
runAsUser: 0
|
||||
|
||||
@@ -662,6 +662,27 @@ forwarder:
|
||||
## command: ["/bin/sh","-c","nginx -s quit; while killall -0 nginx; do sleep 1; done"]
|
||||
##
|
||||
lifecycleHooks: {}
|
||||
## install-extra-gems and tmp-dir-permissions containers resource requests and limits
|
||||
## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
|
||||
## We usually recommend not to specify default resources and to leave this as a conscious
|
||||
## choice for the user. This also increases chances charts run on environments with little
|
||||
## resources, such as Minikube. If you do want to specify resources, uncomment the following
|
||||
## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
||||
## @param forwarder.initResourcePresets Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if aggregator.resources is set (aggregator.resources is recommended for production).
|
||||
## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
|
||||
##
|
||||
initResourcePresets: "nano"
|
||||
## @param forwarder.initResources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
|
||||
## Example:
|
||||
## initResources:
|
||||
## requests:
|
||||
## cpu: 2
|
||||
## memory: 512Mi
|
||||
## limits:
|
||||
## cpu: 3
|
||||
## memory: 1024Mi
|
||||
##
|
||||
initResources: {}
|
||||
## @param forwarder.initContainers Additional init containers to add to the pods
|
||||
## For example:
|
||||
## initContainers:
|
||||
@@ -1355,6 +1376,27 @@ aggregator:
|
||||
## command: ["/bin/sh","-c","nginx -s quit; while killall -0 nginx; do sleep 1; done"]
|
||||
##
|
||||
lifecycleHooks: {}
|
||||
## install-extra-gems and tmp-dir-permissions containers resource requests and limits
|
||||
## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
|
||||
## We usually recommend not to specify default resources and to leave this as a conscious
|
||||
## choice for the user. This also increases chances charts run on environments with little
|
||||
## resources, such as Minikube. If you do want to specify resources, uncomment the following
|
||||
## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
||||
## @param aggregator.initResourcePresets Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if aggregator.resources is set (aggregator.resources is recommended for production).
|
||||
## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
|
||||
##
|
||||
initResourcePresets: "nano"
|
||||
## @param aggregator.initResources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
|
||||
## Example:
|
||||
## initResources:
|
||||
## requests:
|
||||
## cpu: 2
|
||||
## memory: 512Mi
|
||||
## limits:
|
||||
## cpu: 3
|
||||
## memory: 1024Mi
|
||||
##
|
||||
initResources: {}
|
||||
## @param aggregator.initContainers Add init containers to aggregator pods
|
||||
## Example
|
||||
##
|
||||
|
||||
Reference in New Issue
Block a user