mirror of
https://github.com/bitnami/charts.git
synced 2026-02-10 03:17:20 +08:00
129caa5399
* [bitnami/fluentd] Release 7.1.1 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update CHANGELOG.md Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com>
1571 lines
65 KiB
YAML
1571 lines
65 KiB
YAML
# Copyright Broadcom, Inc. All Rights Reserved.
|
|
# SPDX-License-Identifier: APACHE-2.0
|
|
|
|
## @section Global parameters
|
|
## Global Docker image parameters
|
|
## Please, note that this will override the image parameters, including dependencies, configured to use the global value
|
|
## Current available global Docker image parameters: imageRegistry, imagePullSecrets and storageClass
|
|
|
|
## @param global.imageRegistry Global Docker image registry
|
|
## @param global.imagePullSecrets Global Docker registry secret names as an array
|
|
## @param global.defaultStorageClass Global default StorageClass for Persistent Volume(s)
|
|
## @param global.storageClass DEPRECATED: use global.defaultStorageClass instead
|
|
##
|
|
global:
|
|
imageRegistry: ""
|
|
## E.g.
|
|
## imagePullSecrets:
|
|
## - myRegistryKeySecretName
|
|
##
|
|
imagePullSecrets: []
|
|
defaultStorageClass: ""
|
|
storageClass: ""
|
|
## Security parameters
|
|
##
|
|
security:
|
|
## @param global.security.allowInsecureImages Allows skipping image verification
|
|
allowInsecureImages: false
|
|
## Compatibility adaptations for Kubernetes platforms
|
|
##
|
|
compatibility:
|
|
## Compatibility adaptations for Openshift
|
|
##
|
|
openshift:
|
|
## @param global.compatibility.openshift.adaptSecurityContext Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation)
|
|
##
|
|
adaptSecurityContext: auto
|
|
## @section Common parameters
|
|
|
|
## @param kubeVersion Force target Kubernetes version (using Helm capabilities if not set)
|
|
##
|
|
kubeVersion: ""
|
|
## @param nameOverride String to partially override common.names.fullname template (will maintain the release name)
|
|
##
|
|
nameOverride: ""
|
|
## @param fullnameOverride String to fully override common.names.fullname template
|
|
##
|
|
fullnameOverride: ""
|
|
## @param commonAnnotations Annotations to add to all deployed objects
|
|
##
|
|
commonAnnotations: {}
|
|
## @param commonLabels Labels to add to all deployed objects
|
|
##
|
|
commonLabels: {}
|
|
## @param clusterDomain Cluster Domain
|
|
##
|
|
clusterDomain: cluster.local
|
|
## @param extraDeploy Array of extra objects to deploy with the release
|
|
##
|
|
extraDeploy: []
|
|
## Enable diagnostic mode in the deployment
|
|
##
|
|
diagnosticMode:
|
|
## @param diagnosticMode.enabled Enable diagnostic mode (all probes will be disabled and the command will be overridden)
|
|
##
|
|
enabled: false
|
|
## @param diagnosticMode.command Command to override all containers in the deployment
|
|
##
|
|
command:
|
|
- sleep
|
|
## @param diagnosticMode.args Args to override all containers in the deployment
|
|
##
|
|
args:
|
|
- infinity
|
|
## @section Fluentd parameters
|
|
|
|
## Bitnami Fluentd image version
|
|
## ref: https://hub.docker.com/r/bitnami/fluentd/tags/
|
|
## @param image.registry [default: REGISTRY_NAME] Fluentd image registry
|
|
## @param image.repository [default: REPOSITORY_NAME/fluentd] Fluentd image repository
|
|
## @skip image.tag Fluentd image tag (immutable tags are recommended)
|
|
## @param image.pullPolicy Fluentd image pull policy
|
|
## @param image.pullSecrets Fluentd image pull secrets
|
|
## @param image.debug Enable image debug mode
|
|
##
|
|
image:
|
|
registry: docker.io
|
|
repository: bitnami/fluentd
|
|
tag: 1.18.0-debian-12-r1
|
|
## Specify a imagePullPolicy
|
|
## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images
|
|
##
|
|
pullPolicy: IfNotPresent
|
|
## Optionally specify an array of imagePullSecrets.
|
|
## Secrets must be manually created in the namespace.
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
|
|
##
|
|
## pullSecrets:
|
|
## - myRegistryKeySecretName
|
|
pullSecrets: []
|
|
## Enable debug mode
|
|
##
|
|
debug: false
|
|
## Forwarder parameters
|
|
##
|
|
forwarder:
|
|
## @param forwarder.enabled Enable forwarder daemonset
|
|
##
|
|
enabled: true
|
|
## @param forwarder.daemonUser Forwarder daemon user and group (set to root by default because it reads from host paths)
|
|
##
|
|
daemonUser: root
|
|
## @param forwarder.daemonGroup Fluentd forwarder daemon system group
|
|
##
|
|
daemonGroup: root
|
|
## @param forwarder.automountServiceAccountToken Mount Service Account token in pod
|
|
##
|
|
automountServiceAccountToken: true
|
|
## @param forwarder.hostAliases Add deployment host aliases
|
|
## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
|
|
##
|
|
hostAliases: []
|
|
## K8s Security Context for forwarder pods
|
|
## https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
|
|
## @param forwarder.podSecurityContext.enabled Enable security context for forwarder pods
|
|
## @param forwarder.podSecurityContext.fsGroupChangePolicy Set filesystem group change policy
|
|
## @param forwarder.podSecurityContext.sysctls Set kernel settings using the sysctl interface
|
|
## @param forwarder.podSecurityContext.supplementalGroups Set filesystem extra groups
|
|
## @param forwarder.podSecurityContext.fsGroup Group ID for forwarder's containers filesystem
|
|
##
|
|
podSecurityContext:
|
|
enabled: true
|
|
fsGroupChangePolicy: Always
|
|
sysctls: []
|
|
supplementalGroups: []
|
|
fsGroup: 0
|
|
## K8s Security Context for forwarder container
|
|
## https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
|
|
## @param forwarder.containerSecurityContext.enabled Enable security context for the forwarder container
|
|
## @param forwarder.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
|
|
## @param forwarder.containerSecurityContext.runAsUser User ID for forwarder's containers
|
|
## @param forwarder.containerSecurityContext.runAsGroup Group ID for forwarder's containers
|
|
## @param forwarder.containerSecurityContext.privileged Run as privileged
|
|
## @param forwarder.containerSecurityContext.allowPrivilegeEscalation Allow Privilege Escalation
|
|
## @param forwarder.containerSecurityContext.readOnlyRootFilesystem Require the use of a read only root file system
|
|
## @param forwarder.containerSecurityContext.capabilities.drop [array] Drop capabilities for the securityContext
|
|
## @param forwarder.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
|
|
##
|
|
containerSecurityContext:
|
|
enabled: true
|
|
seLinuxOptions: {}
|
|
runAsUser: 0
|
|
runAsGroup: 0
|
|
privileged: false
|
|
allowPrivilegeEscalation: false
|
|
readOnlyRootFilesystem: true
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
seccompProfile:
|
|
type: "RuntimeDefault"
|
|
## @param forwarder.hostNetwork Enable use of host network
|
|
##
|
|
hostNetwork: false
|
|
## @param forwarder.dnsPolicy Pod-specific DNS policy
|
|
##
|
|
dnsPolicy: ""
|
|
## @param forwarder.terminationGracePeriodSeconds Duration in seconds the pod needs to terminate gracefully
|
|
## https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/
|
|
##
|
|
terminationGracePeriodSeconds: 30
|
|
## @param forwarder.extraGems List of extra gems to be installed. Can be used to install additional fluentd plugins.
|
|
##
|
|
extraGems: []
|
|
## @param forwarder.configFile Name of the config file that will be used by Fluentd at launch under the `/opt/bitnami/fluentd/conf` directory
|
|
##
|
|
configFile: fluentd.conf
|
|
## @param forwarder.configMap Name of the config map that contains the Fluentd configuration files
|
|
## If not specified, one will be created by default
|
|
##
|
|
configMap: ""
|
|
## @param forwarder.configMapFiles [object] Files to be added to be config map. Ignored if `forwarder.configMap` is set
|
|
##
|
|
configMapFiles:
|
|
fluentd.conf: |
|
|
# Ignore fluentd own events
|
|
<match fluent.**>
|
|
@type null
|
|
</match>
|
|
|
|
@include fluentd-inputs.conf
|
|
@include fluentd-output.conf
|
|
{{- if .Values.metrics.enabled }}
|
|
@include metrics.conf
|
|
{{- end }}
|
|
fluentd-inputs.conf: |
|
|
# HTTP input for the liveness and readiness probes
|
|
<source>
|
|
@type http
|
|
port 9880
|
|
</source>
|
|
# Get the logs from the containers running in the node
|
|
<source>
|
|
@type tail
|
|
path /var/log/containers/*.log
|
|
# exclude Fluentd logs
|
|
exclude_path /var/log/containers/*fluentd*.log
|
|
pos_file /opt/bitnami/fluentd/logs/buffers/fluentd-docker.pos
|
|
tag kubernetes.*
|
|
read_from_head true
|
|
<parse>
|
|
@type json
|
|
time_key time
|
|
time_format %Y-%m-%dT%H:%M:%S.%NZ
|
|
</parse>
|
|
</source>
|
|
# enrich with kubernetes metadata
|
|
{{- if or .Values.forwarder.serviceAccount.create .Values.forwarder.serviceAccount.name }}
|
|
<filter kubernetes.**>
|
|
@type kubernetes_metadata
|
|
</filter>
|
|
{{- end }}
|
|
fluentd-output.conf: |
|
|
# Throw the healthcheck to the standard output instead of forwarding it
|
|
<match fluentd.healthcheck>
|
|
@type stdout
|
|
</match>
|
|
{{- if .Values.aggregator.enabled }}
|
|
# Forward all logs to the aggregators
|
|
<match **>
|
|
@type forward
|
|
{{- if .Values.tls.enabled }}
|
|
transport tls
|
|
tls_cert_path /opt/bitnami/fluentd/certs/out_forward/ca.crt
|
|
tls_client_cert_path /opt/bitnami/fluentd/certs/out_forward/tls.crt
|
|
tls_client_private_key_path /opt/bitnami/fluentd/certs/out_forward/tls.key
|
|
{{- end }}
|
|
|
|
{{- $fullName := (include "common.names.fullname" .) }}
|
|
{{- $global := . }}
|
|
{{- $domain := default "cluster.local" .Values.clusterDomain }}
|
|
{{- $port := .Values.aggregator.port | int }}
|
|
{{- range $i, $e := until (.Values.aggregator.replicaCount | int) }}
|
|
<server>
|
|
{{ printf "host %s-%d.%s-headless.%s.svc.%s" $fullName $i $fullName $global.Release.Namespace $domain }}
|
|
{{ printf "port %d" $port }}
|
|
{{- if ne $i 0 }}
|
|
standby
|
|
{{- end }}
|
|
</server>
|
|
{{- end }}
|
|
<buffer>
|
|
@type file
|
|
path /opt/bitnami/fluentd/logs/buffers/logs.buffer
|
|
flush_thread_count 2
|
|
flush_interval 5s
|
|
</buffer>
|
|
</match>
|
|
{{- else }}
|
|
# Send the logs to the standard output
|
|
<match **>
|
|
@type stdout
|
|
</match>
|
|
{{- end }}
|
|
metrics.conf: |
|
|
# Prometheus Exporter Plugin
|
|
# input plugin that exports metrics
|
|
<source>
|
|
@type prometheus
|
|
port {{ .Values.metrics.service.port }}
|
|
</source>
|
|
# input plugin that collects metrics from MonitorAgent
|
|
<source>
|
|
@type prometheus_monitor
|
|
<labels>
|
|
host ${hostname}
|
|
</labels>
|
|
</source>
|
|
# input plugin that collects metrics for output plugin
|
|
<source>
|
|
@type prometheus_output_monitor
|
|
<labels>
|
|
host ${hostname}
|
|
</labels>
|
|
</source>
|
|
# input plugin that collects metrics for in_tail plugin
|
|
<source>
|
|
@type prometheus_tail_monitor
|
|
<labels>
|
|
host ${hostname}
|
|
</labels>
|
|
</source>
|
|
## @param forwarder.extraArgs Extra arguments for the Fluentd command line
|
|
## ref: https://docs.fluentd.org/deployment/command-line-option
|
|
##
|
|
extraArgs: ""
|
|
## @param forwarder.extraEnvVars Extra environment variables to pass to the container
|
|
## extraEnvVars:
|
|
## - name: MY_ENV_VAR
|
|
## value: my_value
|
|
##
|
|
extraEnvVars: []
|
|
## @param forwarder.extraEnvVarsCM Name of existing ConfigMap containing extra env vars for Fluentd Forwarder nodes
|
|
##
|
|
extraEnvVarsCM: ""
|
|
## @param forwarder.extraEnvVarsSecret Name of existing Secret containing extra env vars for Fluentd Forwarder nodes
|
|
##
|
|
extraEnvVarsSecret: ""
|
|
## @param forwarder.containerPorts [array] Ports the forwarder containers will listen on
|
|
##
|
|
containerPorts:
|
|
## - name: syslog-tcp
|
|
## containerPort: 5140
|
|
## protocol: TCP
|
|
## - name: syslog-udp
|
|
## containerPort: 5140
|
|
## protocol: UDP
|
|
## - name: tcp
|
|
## containerPort: 24224
|
|
## protocol: TCP
|
|
- name: http
|
|
containerPort: 9880
|
|
protocol: TCP
|
|
## Service parameters
|
|
##
|
|
service:
|
|
## @param forwarder.service.type Kubernetes service type (`ClusterIP`, `NodePort`, or `LoadBalancer`) for the forwarders
|
|
##
|
|
type: ClusterIP
|
|
## @param forwarder.service.ports [object] Array containing the forwarder service ports
|
|
##
|
|
ports:
|
|
## syslog-udp:
|
|
## port: 5140
|
|
## targetPort: syslog-udp
|
|
## protocol: UDP
|
|
## nodePort: 31514
|
|
## syslog-tcp:
|
|
## port: 5140
|
|
## targetPort: syslog-tcp
|
|
## protocol: TCP
|
|
## nodePort: 31514
|
|
## tcp:
|
|
## port: 24224
|
|
## targetPort: tcp
|
|
## protocol: TCP
|
|
http:
|
|
port: 9880
|
|
targetPort: http
|
|
protocol: TCP
|
|
## @param forwarder.service.loadBalancerIP loadBalancerIP if service type is `LoadBalancer` (optional, cloud specific)
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer
|
|
##
|
|
loadBalancerIP: ""
|
|
## @param forwarder.service.loadBalancerSourceRanges Addresses that are allowed when service is LoadBalancer
|
|
## https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
|
|
##
|
|
## loadBalancerSourceRanges:
|
|
## - 10.10.10.0/24
|
|
##
|
|
loadBalancerSourceRanges: []
|
|
## @param forwarder.service.externalTrafficPolicy Fluentd Forwarder service external traffic policy
|
|
## ref http://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip
|
|
##
|
|
externalTrafficPolicy: Cluster
|
|
## @param forwarder.service.clusterIP Static clusterIP or None for headless services
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#choosing-your-own-ip-address
|
|
## e.g:
|
|
## clusterIP: None
|
|
##
|
|
clusterIP: ""
|
|
## @param forwarder.service.annotations Provide any additional annotations which may be required
|
|
##
|
|
annotations: {}
|
|
## @param forwarder.service.sessionAffinity Session Affinity for Kubernetes service, can be "None" or "ClientIP"
|
|
## If "ClientIP", consecutive client requests will be directed to the same Pod
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies
|
|
##
|
|
sessionAffinity: None
|
|
## @param forwarder.service.sessionAffinityConfig Additional settings for the sessionAffinity
|
|
## sessionAffinityConfig:
|
|
## clientIP:
|
|
## timeoutSeconds: 300
|
|
##
|
|
sessionAffinityConfig: {}
|
|
## Network Policies
|
|
## Ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/
|
|
##
|
|
networkPolicy:
|
|
## @param forwarder.networkPolicy.enabled Specifies whether a NetworkPolicy should be created
|
|
##
|
|
enabled: true
|
|
## @param forwarder.networkPolicy.allowExternal Don't require server label for connections
|
|
## The Policy model to apply. When set to false, only pods with the correct
|
|
## server label will have network access to the ports server is listening
|
|
## on. When true, server will accept connections from any source
|
|
## (with the correct destination port).
|
|
##
|
|
allowExternal: true
|
|
## @param forwarder.networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations.
|
|
##
|
|
allowExternalEgress: true
|
|
## @param forwarder.networkPolicy.kubeAPIServerPorts [array] List of possible endpoints to kube-apiserver (limit to your cluster settings to increase security)
|
|
##
|
|
kubeAPIServerPorts: [443, 6443, 8443]
|
|
## @param forwarder.networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy
|
|
## e.g:
|
|
## extraIngress:
|
|
## - ports:
|
|
## - port: 1234
|
|
## from:
|
|
## - podSelector:
|
|
## - matchLabels:
|
|
## - role: frontend
|
|
## - podSelector:
|
|
## - matchExpressions:
|
|
## - key: role
|
|
## operator: In
|
|
## values:
|
|
## - frontend
|
|
extraIngress: []
|
|
## @param forwarder.networkPolicy.extraEgress [array] Add extra ingress rules to the NetworkPolicy
|
|
## e.g:
|
|
## extraEgress:
|
|
## - ports:
|
|
## - port: 1234
|
|
## to:
|
|
## - podSelector:
|
|
## - matchLabels:
|
|
## - role: frontend
|
|
## - podSelector:
|
|
## - matchExpressions:
|
|
## - key: role
|
|
## operator: In
|
|
## values:
|
|
## - frontend
|
|
##
|
|
extraEgress: []
|
|
## @param forwarder.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces
|
|
## @param forwarder.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces
|
|
##
|
|
ingressNSMatchLabels: {}
|
|
ingressNSPodMatchLabels: {}
|
|
## Configure extra options for startup probe
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes
|
|
## @param forwarder.startupProbe.enabled Enable startupProbe
|
|
## @param forwarder.startupProbe.httpGet.path Request path for startupProbe
|
|
## @param forwarder.startupProbe.httpGet.port Port for startupProbe
|
|
## @param forwarder.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe
|
|
## @param forwarder.startupProbe.periodSeconds Period seconds for startupProbe
|
|
## @param forwarder.startupProbe.timeoutSeconds Timeout seconds for startupProbe
|
|
## @param forwarder.startupProbe.failureThreshold Failure threshold for startupProbe
|
|
## @param forwarder.startupProbe.successThreshold Success threshold for startupProbe
|
|
##
|
|
startupProbe:
|
|
enabled: false
|
|
httpGet:
|
|
path: /fluentd.healthcheck?json=%7B%22ping%22%3A+%22pong%22%7D
|
|
port: http
|
|
initialDelaySeconds: 60
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 6
|
|
successThreshold: 1
|
|
## Configure extra options for liveness probe
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes
|
|
## @param forwarder.livenessProbe.enabled Enable livenessProbe
|
|
## @param forwarder.livenessProbe.tcpSocket.port Port for livenessProbe
|
|
## @param forwarder.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe
|
|
## @param forwarder.livenessProbe.periodSeconds Period seconds for livenessProbe
|
|
## @param forwarder.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe
|
|
## @param forwarder.livenessProbe.failureThreshold Failure threshold for livenessProbe
|
|
## @param forwarder.livenessProbe.successThreshold Success threshold for livenessProbe
|
|
##
|
|
livenessProbe:
|
|
enabled: true
|
|
tcpSocket:
|
|
port: http
|
|
initialDelaySeconds: 60
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 6
|
|
successThreshold: 1
|
|
## Configure extra options for readiness probe
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes
|
|
## @param forwarder.readinessProbe.enabled Enable readinessProbe
|
|
## @param forwarder.readinessProbe.httpGet.path Request path for readinessProbe
|
|
## @param forwarder.readinessProbe.httpGet.port Port for readinessProbe
|
|
## @param forwarder.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe
|
|
## @param forwarder.readinessProbe.periodSeconds Period seconds for readinessProbe
|
|
## @param forwarder.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe
|
|
## @param forwarder.readinessProbe.failureThreshold Failure threshold for readinessProbe
|
|
## @param forwarder.readinessProbe.successThreshold Success threshold for readinessProbe
|
|
##
|
|
readinessProbe:
|
|
enabled: true
|
|
httpGet:
|
|
path: /fluentd.healthcheck?json=%7B%22ping%22%3A+%22pong%22%7D
|
|
port: http
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 6
|
|
successThreshold: 1
|
|
## @param forwarder.customStartupProbe Custom liveness probe for the Fluend Forwarder
|
|
##
|
|
customStartupProbe: {}
|
|
## @param forwarder.customLivenessProbe Custom liveness probe for the Fluend Forwarder
|
|
##
|
|
customLivenessProbe: {}
|
|
## @param forwarder.customReadinessProbe Custom rediness probe for the Fluend Forwarder
|
|
##
|
|
customReadinessProbe: {}
|
|
## @param forwarder.updateStrategy.type Set up update strategy.
|
|
## ref: https://kubernetes.io/docs/tasks/manage-daemon/update-daemon-set/#daemonset-update-strategy
|
|
## Example:
|
|
## updateStrategy:
|
|
## type: RollingUpdate
|
|
## rollingUpdate:
|
|
## maxSurge: 25%
|
|
## maxUnavailable: 25%
|
|
##
|
|
updateStrategy:
|
|
type: RollingUpdate
|
|
## Forwarder containers' resource requests and limits
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
|
|
## We usually recommend not to specify default resources and to leave this as a conscious
|
|
## choice for the user. This also increases chances charts run on environments with little
|
|
## resources, such as Minikube. If you do want to specify resources, uncomment the following
|
|
## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
|
## @param forwarder.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if forwarder.resources is set (forwarder.resources is recommended for production).
|
|
## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
|
|
##
|
|
resourcesPreset: "nano"
|
|
## @param forwarder.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
|
|
## Example:
|
|
## resources:
|
|
## requests:
|
|
## cpu: 2
|
|
## memory: 512Mi
|
|
## limits:
|
|
## cpu: 3
|
|
## memory: 1024Mi
|
|
##
|
|
resources: {}
|
|
## @param forwarder.priorityClassName Set Priority Class Name to allow priority control over other pods
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
|
|
##
|
|
priorityClassName: ""
|
|
## @param forwarder.schedulerName Name of the k8s scheduler (other than default)
|
|
## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
|
|
##
|
|
schedulerName: ""
|
|
## @param forwarder.topologySpreadConstraints Topology Spread Constraints for pod assignment
|
|
## https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
|
|
## The value is evaluated as a template
|
|
##
|
|
topologySpreadConstraints: []
|
|
## @param forwarder.podAffinityPreset Forwarder Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
|
|
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
|
|
##
|
|
podAffinityPreset: ""
|
|
## @param forwarder.podAntiAffinityPreset Forwarder Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
|
|
## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
|
|
##
|
|
podAntiAffinityPreset: ""
|
|
## Node affinity preset
|
|
## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
|
|
##
|
|
nodeAffinityPreset:
|
|
## @param forwarder.nodeAffinityPreset.type Forwarder Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
|
|
##
|
|
type: ""
|
|
## @param forwarder.nodeAffinityPreset.key Forwarder Node label key to match Ignored if `affinity` is set.
|
|
## E.g.
|
|
## key: "kubernetes.io/e2e-az-name"
|
|
##
|
|
key: ""
|
|
## @param forwarder.nodeAffinityPreset.values Forwarder Node label values to match. Ignored if `affinity` is set.
|
|
## E.g.
|
|
## values:
|
|
## - e2e-az1
|
|
## - e2e-az2
|
|
##
|
|
values: []
|
|
## @param forwarder.affinity Forwarder Affinity for pod assignment
|
|
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
|
|
## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set
|
|
##
|
|
affinity: {}
|
|
## @param forwarder.nodeSelector Forwarder Node labels for pod assignment
|
|
## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/
|
|
##
|
|
nodeSelector: {}
|
|
## @param forwarder.tolerations Forwarder Tolerations for pod assignment
|
|
## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
|
|
##
|
|
tolerations: []
|
|
## @param forwarder.podAnnotations Pod annotations
|
|
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
|
|
##
|
|
podAnnotations: {}
|
|
## @param forwarder.podLabels Extra labels to add to Pod
|
|
##
|
|
podLabels: {}
|
|
## Pods Service Account
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
|
|
##
|
|
serviceAccount:
|
|
## @param forwarder.serviceAccount.create Specify whether a ServiceAccount should be created.
|
|
##
|
|
create: true
|
|
## @param forwarder.serviceAccount.name The name of the ServiceAccount to create
|
|
## If not set and create is true, a name is generated using the common.names.fullname template
|
|
name: ""
|
|
## @param forwarder.serviceAccount.annotations Additional Service Account annotations (evaluated as a template)
|
|
##
|
|
annotations: {}
|
|
## @param forwarder.serviceAccount.automountServiceAccountToken Automount service account token for the server service account
|
|
##
|
|
automountServiceAccountToken: false
|
|
## Role Based Access
|
|
## ref: https://kubernetes.io/docs/admin/authorization/rbac/
|
|
## @param forwarder.rbac.create Specify whether RBAC resources should be created and used, allowing the get, watch and list of pods/namespaces
|
|
## @param forwarder.rbac.pspEnabled Whether to create a PodSecurityPolicy and bound it with RBAC. WARNING: PodSecurityPolicy is deprecated in Kubernetes v1.21 or later, unavailable in v1.25 or later
|
|
##
|
|
rbac:
|
|
create: true
|
|
pspEnabled: false
|
|
## Persist data to a persistent volume
|
|
##
|
|
persistence:
|
|
## @param forwarder.persistence.enabled Enable persistence volume for the forwarder
|
|
##
|
|
enabled: false
|
|
## @param forwarder.persistence.hostPath.path Directory from the host node's filesystem to mount as hostPath volume for persistence.
|
|
## The host directory you chose is mounted into /opt/bitnami/fluentd/logs/buffers in your Pod
|
|
## Example use case: mount host directory /tmp/buffer (if the directory doesn't exist, it creates it) into forwarder pod.
|
|
## persistence:
|
|
## enabled: true
|
|
## hostPath:
|
|
## path: /tmp/buffer
|
|
##
|
|
hostPath:
|
|
path: /opt/bitnami/fluentd/logs/buffers
|
|
## @param forwarder.command Override default container command (useful when using custom images)
|
|
##
|
|
command: []
|
|
## @param forwarder.args Override default container args (useful when using custom images)
|
|
##
|
|
args: []
|
|
## @param forwarder.lifecycleHooks Additional lifecycles to add to the pods
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/attach-handler-lifecycle-event/
|
|
## e.g:
|
|
## postStart:
|
|
## exec:
|
|
## command: ["/bin/sh", "-c", "echo Hello from the postStart handler > /usr/share/message"]
|
|
## preStop:
|
|
## exec:
|
|
## command: ["/bin/sh","-c","nginx -s quit; while killall -0 nginx; do sleep 1; done"]
|
|
##
|
|
lifecycleHooks: {}
|
|
## install-extra-gems and tmp-dir-permissions containers resource requests and limits
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
|
|
## We usually recommend not to specify default resources and to leave this as a conscious
|
|
## choice for the user. This also increases chances charts run on environments with little
|
|
## resources, such as Minikube. If you do want to specify resources, uncomment the following
|
|
## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
|
## @param forwarder.initResourcePresets Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if aggregator.resources is set (aggregator.resources is recommended for production).
|
|
## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
|
|
##
|
|
initResourcePresets: "nano"
|
|
## @param forwarder.initResources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
|
|
## Example:
|
|
## initResources:
|
|
## requests:
|
|
## cpu: 2
|
|
## memory: 512Mi
|
|
## limits:
|
|
## cpu: 3
|
|
## memory: 1024Mi
|
|
##
|
|
initResources: {}
|
|
## @param forwarder.initContainers Additional init containers to add to the pods
|
|
## For example:
|
|
## initContainers:
|
|
## - name: your-image-name
|
|
## image: your-image
|
|
## imagePullPolicy: Always
|
|
##
|
|
initContainers: []
|
|
## @param forwarder.sidecars Add sidecars to forwarder pods
|
|
##
|
|
## For example:
|
|
## sidecars:
|
|
## - name: your-image-name
|
|
## image: your-image
|
|
## imagePullPolicy: Always
|
|
## ports:
|
|
## - name: portname
|
|
## containerPort: 1234
|
|
##
|
|
sidecars: []
|
|
## @param forwarder.extraVolumes Extra volumes
|
|
## Example Use Case: mount systemd journal volume
|
|
## - name: systemd
|
|
## hostPath:
|
|
## path: /run/log/journal/
|
|
##
|
|
extraVolumes: []
|
|
## @param forwarder.extraVolumeMounts Mount extra volume(s)
|
|
## - name: systemd
|
|
## mountPath: /run/log/journal/
|
|
##
|
|
extraVolumeMounts: []
|
|
## @param forwarder.initScripts Dictionary of init scripts. Evaluated as a template.
|
|
## Specify dictionary of scripts to be run at first boot
|
|
## Alternatively, you can put your scripts under the files/docker-entrypoint-initdb.d directory
|
|
## For example:
|
|
## initScripts:
|
|
## my_init_script.sh: |
|
|
## #!/bin/sh
|
|
## echo "Do something."
|
|
##
|
|
initScripts: {}
|
|
## @param forwarder.initScriptsCM ConfigMap with the init scripts. Evaluated as a template.
|
|
## Note: This will override initScripts
|
|
##
|
|
initScriptsCM: ""
|
|
## @param forwarder.initScriptsSecret Secret containing `/docker-entrypoint-initdb.d` scripts to be executed at initialization time that contain sensitive data. Evaluated as a template.
|
|
##
|
|
initScriptsSecret: ""
|
|
##
|
|
## Aggregator parameters
|
|
##
|
|
aggregator:
|
|
## @param aggregator.enabled Enable Fluentd aggregator statefulset
|
|
##
|
|
enabled: true
|
|
## @param aggregator.replicaCount Number of aggregator pods to deploy in the Stateful Set
|
|
##
|
|
replicaCount: 1
|
|
## K8s Security Context for Aggregator pods
|
|
## https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
|
|
## @param aggregator.podSecurityContext.enabled Enable security context for aggregator pods
|
|
## @param aggregator.podSecurityContext.fsGroupChangePolicy Set filesystem group change policy
|
|
## @param aggregator.podSecurityContext.sysctls Set kernel settings using the sysctl interface
|
|
## @param aggregator.podSecurityContext.supplementalGroups Set filesystem extra groups
|
|
## @param aggregator.podSecurityContext.fsGroup Group ID for aggregator's containers filesystem
|
|
##
|
|
podSecurityContext:
|
|
enabled: true
|
|
fsGroupChangePolicy: Always
|
|
sysctls: []
|
|
supplementalGroups: []
|
|
fsGroup: 1001
|
|
## @param aggregator.automountServiceAccountToken Mount Service Account token in pod
|
|
##
|
|
automountServiceAccountToken: false
|
|
## @param aggregator.hostAliases Add deployment host aliases
|
|
## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
|
|
##
|
|
hostAliases: []
|
|
## K8s Security Context for Aggregator containers
|
|
## https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
|
|
## @param aggregator.containerSecurityContext.enabled Enable security context for the aggregator container
|
|
## @param aggregator.containerSecurityContext.privileged Run as privileged
|
|
## @param aggregator.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
|
|
## @param aggregator.containerSecurityContext.runAsUser User ID for aggregator's containers
|
|
## @param aggregator.containerSecurityContext.runAsGroup Group ID for aggregator's containers
|
|
## @param aggregator.containerSecurityContext.allowPrivilegeEscalation Allow Privilege Escalation
|
|
## @param aggregator.containerSecurityContext.readOnlyRootFilesystem Require the use of a read only root file system
|
|
## @param aggregator.containerSecurityContext.capabilities.drop [array] Drop capabilities for the securityContext
|
|
## @param aggregator.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
|
|
##
|
|
containerSecurityContext:
|
|
enabled: true
|
|
privileged: false
|
|
seLinuxOptions: {}
|
|
runAsUser: 1001
|
|
runAsGroup: 1001
|
|
allowPrivilegeEscalation: false
|
|
readOnlyRootFilesystem: true
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
seccompProfile:
|
|
type: "RuntimeDefault"
|
|
## @param aggregator.terminationGracePeriodSeconds Duration in seconds the pod needs to terminate gracefully
|
|
## https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/
|
|
##
|
|
terminationGracePeriodSeconds: 30
|
|
## @param aggregator.extraGems List of extra gems to be installed. Can be used to install additional fluentd plugins.
|
|
##
|
|
extraGems: []
|
|
## @param aggregator.configFile Name of the config file that will be used by Fluentd at launch under the `/opt/bitnami/fluentd/conf` directory
|
|
##
|
|
configFile: fluentd.conf
|
|
## @param aggregator.configMap Name of the config map that contains the Fluentd configuration files
|
|
##
|
|
configMap: ""
|
|
## @param aggregator.configMapFiles [object] Files to be added to be config map. Ignored if `aggregator.configMap` is set
|
|
##
|
|
configMapFiles:
|
|
fluentd.conf: |
|
|
# Ignore fluentd own events
|
|
<match fluent.**>
|
|
@type null
|
|
</match>
|
|
|
|
@include fluentd-inputs.conf
|
|
@include fluentd-output.conf
|
|
{{- if .Values.metrics.enabled }}
|
|
@include metrics.conf
|
|
{{- end }}
|
|
fluentd-inputs.conf: |
|
|
# TCP input to receive logs from
|
|
{{- if .Values.aggregator.port }}
|
|
<source>
|
|
@type forward
|
|
bind 0.0.0.0
|
|
port {{ .Values.aggregator.port }}
|
|
{{- if .Values.tls.enabled }}
|
|
<transport tls>
|
|
ca_path /opt/bitnami/fluentd/certs/in_forward/ca.crt
|
|
cert_path /opt/bitnami/fluentd/certs/in_forward/tls.crt
|
|
private_key_path /opt/bitnami/fluentd/certs/in_forward/tls.key
|
|
client_cert_auth true
|
|
</transport>
|
|
{{- end }}
|
|
</source>
|
|
{{- end }}
|
|
|
|
# HTTP input for the liveness and readiness probes
|
|
<source>
|
|
@type http
|
|
bind 0.0.0.0
|
|
port 9880
|
|
</source>
|
|
fluentd-output.conf: |
|
|
# Throw the healthcheck to the standard output
|
|
<match fluentd.healthcheck>
|
|
@type stdout
|
|
</match>
|
|
|
|
# Send the logs to the standard output
|
|
<match **>
|
|
@type stdout
|
|
</match>
|
|
metrics.conf: |
|
|
# Prometheus Exporter Plugin
|
|
# input plugin that exports metrics
|
|
<source>
|
|
@type prometheus
|
|
port {{ .Values.metrics.service.port }}
|
|
</source>
|
|
|
|
# input plugin that collects metrics from MonitorAgent
|
|
<source>
|
|
@type prometheus_monitor
|
|
<labels>
|
|
host ${hostname}
|
|
</labels>
|
|
</source>
|
|
|
|
# input plugin that collects metrics for output plugin
|
|
<source>
|
|
@type prometheus_output_monitor
|
|
<labels>
|
|
host ${hostname}
|
|
</labels>
|
|
</source>
|
|
## @param aggregator.port Port the Aggregator container will listen for logs. Leave it blank to ignore.
|
|
## You can specify other ports in the aggregator.containerPorts parameter
|
|
##
|
|
port: 24224
|
|
## @param aggregator.extraArgs Extra arguments for the Fluentd command line
|
|
## ref: https://docs.fluentd.org/deployment/command-line-option
|
|
##
|
|
extraArgs: ""
|
|
## @param aggregator.extraEnvVars Extra environment variables to pass to the container
|
|
## extraEnvVars:
|
|
## - name: MY_ENV_VAR
|
|
## value: my_value
|
|
##
|
|
extraEnvVars: []
|
|
## @param aggregator.extraEnvVarsCM Name of existing ConfigMap containing extra env vars for Fluentd Aggregator nodes
|
|
##
|
|
extraEnvVarsCM: ""
|
|
## @param aggregator.extraEnvVarsSecret Name of existing Secret containing extra env vars for Fluentd Aggregator nodes
|
|
##
|
|
extraEnvVarsSecret: ""
|
|
## @param aggregator.containerPorts [array] Ports the aggregator containers will listen on
|
|
##
|
|
containerPorts:
|
|
# - name: my-port
|
|
# containerPort: 24222
|
|
# protocol: TCP
|
|
- name: http
|
|
containerPort: 9880
|
|
protocol: TCP
|
|
## Service parameters
|
|
##
|
|
service:
|
|
## @param aggregator.service.type Kubernetes service type (`ClusterIP`, `NodePort`, or `LoadBalancer`) for the aggregators
|
|
##
|
|
type: ClusterIP
|
|
## @param aggregator.service.ports [object] Array containing the aggregator service ports
|
|
##
|
|
ports:
|
|
http:
|
|
port: 9880
|
|
targetPort: http
|
|
protocol: TCP
|
|
tcp:
|
|
port: 24224
|
|
targetPort: tcp
|
|
protocol: TCP
|
|
## @param aggregator.service.loadBalancerIP loadBalancerIP if service type is `LoadBalancer` (optional, cloud specific)
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer
|
|
##
|
|
loadBalancerIP: ""
|
|
## @param aggregator.service.loadBalancerSourceRanges Addresses that are allowed when service is LoadBalancer
|
|
## https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
|
|
##
|
|
## loadBalancerSourceRanges:
|
|
## - 10.10.10.0/24
|
|
loadBalancerSourceRanges: []
|
|
## @param aggregator.service.clusterIP Static clusterIP or None for headless services
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#choosing-your-own-ip-address
|
|
## e.g:
|
|
## clusterIP: None
|
|
##
|
|
clusterIP: ""
|
|
## @param aggregator.service.annotations Provide any additional annotations which may be required
|
|
##
|
|
annotations: {}
|
|
## @param aggregator.service.externalTrafficPolicy Fluentd Aggregator service external traffic policy
|
|
## ref http://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip
|
|
##
|
|
externalTrafficPolicy: Cluster
|
|
## @param aggregator.service.sessionAffinity Session Affinity for Kubernetes service, can be "None" or "ClientIP"
|
|
## If "ClientIP", consecutive client requests will be directed to the same Pod
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies
|
|
##
|
|
sessionAffinity: None
|
|
## @param aggregator.service.sessionAffinityConfig Additional settings for the sessionAffinity
|
|
## sessionAffinityConfig:
|
|
## clientIP:
|
|
## timeoutSeconds: 300
|
|
##
|
|
sessionAffinityConfig: {}
|
|
## @param aggregator.service.annotationsHeadless Provide any additional annotations which may be required on headless service
|
|
##
|
|
annotationsHeadless: {}
|
|
## Headless service properties
|
|
##
|
|
headless:
|
|
## @param aggregator.service.headless.annotations Annotations for the headless service.
|
|
##
|
|
annotations: {}
|
|
## Network Policies
|
|
## Ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/
|
|
##
|
|
networkPolicy:
|
|
## @param aggregator.networkPolicy.enabled Specifies whether a NetworkPolicy should be created
|
|
##
|
|
enabled: true
|
|
## @param aggregator.networkPolicy.allowExternal Don't require server label for connections
|
|
## The Policy model to apply. When set to false, only pods with the correct
|
|
## server label will have network access to the ports server is listening
|
|
## on. When true, server will accept connections from any source
|
|
## (with the correct destination port).
|
|
##
|
|
allowExternal: true
|
|
## @param aggregator.networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations.
|
|
##
|
|
allowExternalEgress: true
|
|
## @param aggregator.networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy
|
|
## e.g:
|
|
## extraIngress:
|
|
## - ports:
|
|
## - port: 1234
|
|
## from:
|
|
## - podSelector:
|
|
## - matchLabels:
|
|
## - role: frontend
|
|
## - podSelector:
|
|
## - matchExpressions:
|
|
## - key: role
|
|
## operator: In
|
|
## values:
|
|
## - frontend
|
|
extraIngress: []
|
|
## @param aggregator.networkPolicy.extraEgress [array] Add extra ingress rules to the NetworkPolicy
|
|
## e.g:
|
|
## extraEgress:
|
|
## - ports:
|
|
## - port: 1234
|
|
## to:
|
|
## - podSelector:
|
|
## - matchLabels:
|
|
## - role: frontend
|
|
## - podSelector:
|
|
## - matchExpressions:
|
|
## - key: role
|
|
## operator: In
|
|
## values:
|
|
## - frontend
|
|
##
|
|
extraEgress: []
|
|
## @param aggregator.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces
|
|
## @param aggregator.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces
|
|
##
|
|
ingressNSMatchLabels: {}
|
|
ingressNSPodMatchLabels: {}
|
|
## Configure the ingress resource that allows you to access the
|
|
## Fluentd aggregator. Set up the URL
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/
|
|
##
|
|
ingress:
|
|
## @param aggregator.ingress.enabled Set to true to enable ingress record generation
|
|
##
|
|
enabled: false
|
|
## DEPRECATED: Use ingress.annotations instead of ingress.certManager
|
|
## certManager: false
|
|
##
|
|
|
|
## @param aggregator.ingress.pathType Ingress Path type. How the path matching is interpreted
|
|
##
|
|
pathType: ImplementationSpecific
|
|
## @param aggregator.ingress.apiVersion Override API Version (automatically detected if not set)
|
|
##
|
|
apiVersion: ""
|
|
## @param aggregator.ingress.hostname Default host for the ingress resource
|
|
##
|
|
hostname: fluentd.local
|
|
## @param aggregator.ingress.path Default path for the ingress resource
|
|
## You may need to set this to '/*' in order to use this with ALB ingress controllers.
|
|
##
|
|
path: /
|
|
## @param aggregator.ingress.annotations Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations.
|
|
## For a full list of possible ingress annotations, please see
|
|
## ref: https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md
|
|
## Use this parameter to set the required annotations for cert-manager, see
|
|
## ref: https://cert-manager.io/docs/usage/ingress/#supported-annotations
|
|
##
|
|
## e.g:
|
|
## annotations:
|
|
## kubernetes.io/ingress.class: nginx
|
|
## cert-manager.io/cluster-issuer: cluster-issuer-name
|
|
##
|
|
annotations: {}
|
|
## @param aggregator.ingress.tls Enable TLS configuration for the hostname defined at ingress.hostname parameter
|
|
## TLS certificates will be retrieved from a TLS secret with name: {{- printf "%s-tls" .Values.aggregator.ingress.hostname | trunc 63 | trimSuffix "-" }}
|
|
## You can use the ingress.secrets parameter to create this TLS secret or rely on cert-manager to create it
|
|
##
|
|
tls: false
|
|
## @param aggregator.ingress.extraHosts The list of additional hostnames to be covered with this ingress record.
|
|
## Most likely the hostname above will be enough, but in the event more hosts are needed, this is an array
|
|
## extraHosts:
|
|
## - name: fluentd.local
|
|
## path: /
|
|
##
|
|
extraHosts: []
|
|
## @param aggregator.ingress.extraPaths Any additional arbitrary paths that may need to be added to the ingress under the main host.
|
|
## For example: The ALB ingress controller requires a special rule for handling SSL redirection.
|
|
## extraPaths:
|
|
## - path: /*
|
|
## backend:
|
|
## serviceName: ssl-redirect
|
|
## servicePort: use-annotation
|
|
##
|
|
extraPaths: []
|
|
## @param aggregator.ingress.extraTls The tls configuration for additional hostnames to be covered with this ingress record.
|
|
## see: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
|
|
## extraTls:
|
|
## - hosts:
|
|
## - fluentd.local
|
|
## secretName: fluentd.local-tls
|
|
##
|
|
extraTls: []
|
|
## @param aggregator.ingress.secrets If you're providing your own certificates, please use this to add the certificates as secrets
|
|
## key and certificate should start with -----BEGIN CERTIFICATE----- or
|
|
## -----BEGIN RSA PRIVATE KEY-----
|
|
##
|
|
## name should line up with a tlsSecret set further up
|
|
## If you're using cert-manager, this is unneeded, as it will create the secret for you if it is not set
|
|
##
|
|
## It is also possible to create and manage the certificates outside of this helm chart
|
|
## Please see README.md for more information
|
|
## e.g:
|
|
## - name: fluentd.local-tls
|
|
## key:
|
|
## certificate:
|
|
##
|
|
secrets: []
|
|
## @param aggregator.ingress.ingressClassName IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+)
|
|
## This is supported in Kubernetes 1.18+ and required if you have more than one IngressClass marked as the default for your cluster .
|
|
## ref: https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/
|
|
##
|
|
ingressClassName: ""
|
|
## @param aggregator.ingress.extraRules Additional rules to be covered with this ingress record
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-rules
|
|
## e.g:
|
|
## extraRules:
|
|
## - host: example.local
|
|
## http:
|
|
## path: /
|
|
## backend:
|
|
## service:
|
|
## name: example-svc
|
|
## port:
|
|
## name: http
|
|
##
|
|
extraRules: []
|
|
## Configure extra options for startup probe
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes
|
|
## @param aggregator.startupProbe.enabled Enable startupProbe
|
|
## @param aggregator.startupProbe.httpGet.path Request path for startupProbe
|
|
## @param aggregator.startupProbe.httpGet.port Port for startupProbe
|
|
## @param aggregator.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe
|
|
## @param aggregator.startupProbe.periodSeconds Period seconds for startupProbe
|
|
## @param aggregator.startupProbe.timeoutSeconds Timeout seconds for startupProbe
|
|
## @param aggregator.startupProbe.failureThreshold Failure threshold for startupProbe
|
|
## @param aggregator.startupProbe.successThreshold Success threshold for startupProbe
|
|
##
|
|
startupProbe:
|
|
enabled: true
|
|
httpGet:
|
|
path: /fluentd.healthcheck?json=%7B%22ping%22%3A+%22pong%22%7D
|
|
port: http
|
|
initialDelaySeconds: 60
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 6
|
|
successThreshold: 1
|
|
## Configure extra options for liveness probe
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes
|
|
## @param aggregator.livenessProbe.enabled Enable livenessProbe
|
|
## @param aggregator.livenessProbe.tcpSocket.port Port for livenessProbe
|
|
## @param aggregator.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe
|
|
## @param aggregator.livenessProbe.periodSeconds Period seconds for livenessProbe
|
|
## @param aggregator.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe
|
|
## @param aggregator.livenessProbe.failureThreshold Failure threshold for livenessProbe
|
|
## @param aggregator.livenessProbe.successThreshold Success threshold for livenessProbe
|
|
##
|
|
livenessProbe:
|
|
enabled: true
|
|
tcpSocket:
|
|
port: http
|
|
initialDelaySeconds: 60
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 6
|
|
successThreshold: 1
|
|
## Configure extra options for readiness probe
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes
|
|
## @param aggregator.readinessProbe.enabled Enable readinessProbe
|
|
## @param aggregator.readinessProbe.httpGet.path Request path for readinessProbe
|
|
## @param aggregator.readinessProbe.httpGet.port Port for readinessProbe
|
|
## @param aggregator.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe
|
|
## @param aggregator.readinessProbe.periodSeconds Period seconds for readinessProbe
|
|
## @param aggregator.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe
|
|
## @param aggregator.readinessProbe.failureThreshold Failure threshold for readinessProbe
|
|
## @param aggregator.readinessProbe.successThreshold Success threshold for readinessProbe
|
|
##
|
|
readinessProbe:
|
|
enabled: true
|
|
httpGet:
|
|
path: /fluentd.healthcheck?json=%7B%22ping%22%3A+%22pong%22%7D
|
|
port: http
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 6
|
|
successThreshold: 1
|
|
## @param aggregator.customStartupProbe Custom liveness probe for the Fluentd Aggregator
|
|
##
|
|
customStartupProbe: {}
|
|
## @param aggregator.customLivenessProbe Custom liveness probe for the Fluentd Aggregator
|
|
##
|
|
customLivenessProbe: {}
|
|
## @param aggregator.customReadinessProbe Custom rediness probe for the Fluentd Aggregator
|
|
##
|
|
customReadinessProbe: {}
|
|
## @param aggregator.updateStrategy.type Set up update strategy.
|
|
## ref: https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#updating-statefulsets
|
|
## Example:
|
|
## updateStrategy:
|
|
## type: RollingUpdate
|
|
## rollingUpdate:
|
|
## maxSurge: 25%
|
|
## maxUnavailable: 25%
|
|
##
|
|
updateStrategy:
|
|
type: RollingUpdate
|
|
## Aggregator containers' resource requests and limits
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
|
|
## We usually recommend not to specify default resources and to leave this as a conscious
|
|
## choice for the user. This also increases chances charts run on environments with little
|
|
## resources, such as Minikube. If you do want to specify resources, uncomment the following
|
|
## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
|
## @param aggregator.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if aggregator.resources is set (aggregator.resources is recommended for production).
|
|
## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
|
|
##
|
|
resourcesPreset: "nano"
|
|
## @param aggregator.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
|
|
## Example:
|
|
## resources:
|
|
## requests:
|
|
## cpu: 2
|
|
## memory: 512Mi
|
|
## limits:
|
|
## cpu: 3
|
|
## memory: 1024Mi
|
|
##
|
|
resources: {}
|
|
## @param aggregator.priorityClassName Fluentd Aggregator pods' priorityClassName
|
|
##
|
|
priorityClassName: ""
|
|
## @param aggregator.schedulerName Name of the k8s scheduler (other than default)
|
|
## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
|
|
##
|
|
schedulerName: ""
|
|
## @param aggregator.topologySpreadConstraints Topology Spread Constraints for pod assignment
|
|
## https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
|
|
## The value is evaluated as a template
|
|
##
|
|
topologySpreadConstraints: []
|
|
## @param aggregator.podManagementPolicy podManagementPolicy to manage scaling operation of Fluentd Aggregator pods
|
|
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-management-policies
|
|
##
|
|
podManagementPolicy: ""
|
|
## @param aggregator.podAffinityPreset Aggregator Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
|
|
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
|
|
##
|
|
podAffinityPreset: ""
|
|
## @param aggregator.podAntiAffinityPreset Aggregator Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
|
|
## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
|
|
##
|
|
podAntiAffinityPreset: soft
|
|
## Node affinity preset
|
|
## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
|
|
##
|
|
nodeAffinityPreset:
|
|
## @param aggregator.nodeAffinityPreset.type Aggregator Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
|
|
##
|
|
type: ""
|
|
## @param aggregator.nodeAffinityPreset.key Aggregator Node label key to match Ignored if `affinity` is set.
|
|
##
|
|
key: ""
|
|
## @param aggregator.nodeAffinityPreset.values Aggregator Node label values to match. Ignored if `affinity` is set.
|
|
## E.g.
|
|
## values:
|
|
## - e2e-az1
|
|
## - e2e-az2
|
|
##
|
|
values: []
|
|
## @param aggregator.affinity Aggregator Affinity for pod assignment
|
|
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
|
|
## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set
|
|
##
|
|
affinity: {}
|
|
## @param aggregator.nodeSelector Aggregator Node labels for pod assignment
|
|
## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/
|
|
##
|
|
nodeSelector: {}
|
|
## @param aggregator.tolerations Aggregator Tolerations for pod assignment
|
|
## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
|
|
##
|
|
tolerations: []
|
|
## @param aggregator.podAnnotations Pod annotations
|
|
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
|
|
##
|
|
podAnnotations: {}
|
|
## @param aggregator.podLabels Extra labels to add to Pod
|
|
##
|
|
podLabels: {}
|
|
## Pods Service Account
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
|
|
##
|
|
serviceAccount:
|
|
## @param aggregator.serviceAccount.create Specify whether a ServiceAccount should be created
|
|
##
|
|
create: true
|
|
## @param aggregator.serviceAccount.name The name of the ServiceAccount to create
|
|
## If not set and create is true, a name is generated using the common.names.fullname template
|
|
name: ""
|
|
## @param aggregator.serviceAccount.annotations Additional Service Account annotations (evaluated as a template)
|
|
##
|
|
annotations: {}
|
|
## @param aggregator.serviceAccount.automountServiceAccountToken Automount service account token for the server service account
|
|
##
|
|
automountServiceAccountToken: false
|
|
## Autoscaling parameters
|
|
## This is not recommended in a forwarder+aggregator architecture
|
|
## @param aggregator.autoscaling.enabled Create an Horizontal Pod Autoscaler
|
|
## @param aggregator.autoscaling.minReplicas Minimum number of replicas for the HPA
|
|
## @param aggregator.autoscaling.maxReplicas Maximum number of replicas for the HPA
|
|
## @param aggregator.autoscaling.metrics [array] Metrics for the HPA to manage the scaling
|
|
## @param aggregator.autoscaling.behavior HPA Behavior
|
|
##
|
|
autoscaling:
|
|
enabled: false
|
|
minReplicas: 2
|
|
maxReplicas: 5
|
|
metrics:
|
|
- type: Resource
|
|
resource:
|
|
name: cpu
|
|
target:
|
|
type: Utilization
|
|
averageUtilization: 60
|
|
- type: Resource
|
|
resource:
|
|
name: memory
|
|
target:
|
|
type: Utilization
|
|
averageUtilization: 60
|
|
behavior: {}
|
|
## Persist data to a persistent volume
|
|
##
|
|
persistence:
|
|
## @param aggregator.persistence.enabled Enable persistence volume for the aggregator
|
|
##
|
|
enabled: false
|
|
## @param aggregator.persistence.storageClass Persistent Volume storage class
|
|
## If defined, storageClassName: <storageClass>
|
|
## If set to "-", storageClassName: "", which disables dynamic provisioning
|
|
## If undefined (the default) or set to null, no storageClassName spec is
|
|
## set, choosing the default provisioner. (gp2 on AWS, standard on
|
|
## GKE, AWS & OpenStack)
|
|
##
|
|
storageClass: ""
|
|
## @param aggregator.persistence.accessModes Persistent Volume access modes
|
|
##
|
|
accessModes:
|
|
- ReadWriteOnce
|
|
## @param aggregator.persistence.size Persistent Volume size
|
|
##
|
|
size: 10Gi
|
|
## @param aggregator.persistence.selector Selector to match an existing Persistent Volume (this value is evaluated as a template)
|
|
## selector:
|
|
## matchLabels:
|
|
## app: my-app
|
|
selector: {}
|
|
## @param aggregator.persistence.annotations Persistent Volume Claim annotations
|
|
##
|
|
annotations: {}
|
|
## @param aggregator.command Override default container command (useful when using custom images)
|
|
##
|
|
command: []
|
|
## @param aggregator.args Override default container args (useful when using custom images)
|
|
##
|
|
args: []
|
|
## @param aggregator.lifecycleHooks Additional lifecycles to add to the pods
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/attach-handler-lifecycle-event/
|
|
## e.g:
|
|
## postStart:
|
|
## exec:
|
|
## command: ["/bin/sh", "-c", "echo Hello from the postStart handler > /usr/share/message"]
|
|
## preStop:
|
|
## exec:
|
|
## command: ["/bin/sh","-c","nginx -s quit; while killall -0 nginx; do sleep 1; done"]
|
|
##
|
|
lifecycleHooks: {}
|
|
## install-extra-gems and tmp-dir-permissions containers resource requests and limits
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
|
|
## We usually recommend not to specify default resources and to leave this as a conscious
|
|
## choice for the user. This also increases chances charts run on environments with little
|
|
## resources, such as Minikube. If you do want to specify resources, uncomment the following
|
|
## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
|
## @param aggregator.initResourcePresets Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if aggregator.resources is set (aggregator.resources is recommended for production).
|
|
## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
|
|
##
|
|
initResourcePresets: "nano"
|
|
## @param aggregator.initResources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
|
|
## Example:
|
|
## initResources:
|
|
## requests:
|
|
## cpu: 2
|
|
## memory: 512Mi
|
|
## limits:
|
|
## cpu: 3
|
|
## memory: 1024Mi
|
|
##
|
|
initResources: {}
|
|
## @param aggregator.initContainers Add init containers to aggregator pods
|
|
## Example
|
|
##
|
|
## initContainers:
|
|
## - name: do-something
|
|
## image: busybox
|
|
## command: ['do', 'something']
|
|
##
|
|
initContainers: []
|
|
## @param aggregator.sidecars Add sidecars to aggregator pods
|
|
##
|
|
## For example:
|
|
## sidecars:
|
|
## - name: your-image-name
|
|
## image: your-image
|
|
## imagePullPolicy: Always
|
|
## ports:
|
|
## - name: portname
|
|
## containerPort: 1234
|
|
##
|
|
sidecars: []
|
|
## @param aggregator.extraVolumes Extra volumes
|
|
## Example Use Case: mount an emptyDir into /tmp to support running with readOnlyRootFileSystem
|
|
## - name: tmpDir
|
|
## emptyDir: {}
|
|
##
|
|
extraVolumes: []
|
|
## @param aggregator.extraVolumeMounts Mount extra volume(s)
|
|
## - name: tmpDir
|
|
## mountPath: /tmp
|
|
##
|
|
extraVolumeMounts: []
|
|
## @param aggregator.extraVolumeClaimTemplates Optionally specify extra list of additional volume claim templates for the Fluentd Aggregator pods in StatefulSet
|
|
##
|
|
extraVolumeClaimTemplates: []
|
|
## @param aggregator.initScripts Dictionary of init scripts. Evaluated as a template.
|
|
## Specify dictionary of scripts to be run at first boot
|
|
## Alternatively, you can put your scripts under the files/docker-entrypoint-initdb.d directory
|
|
## For example:
|
|
## initScripts:
|
|
## my_init_script.sh: |
|
|
## #!/bin/sh
|
|
## echo "Do something."
|
|
##
|
|
initScripts: {}
|
|
## @param aggregator.initScriptsCM ConfigMap with the init scripts. Evaluated as a template.
|
|
## Note: This will override initScripts
|
|
##
|
|
initScriptsCM: ""
|
|
## @param aggregator.initScriptsSecret Secret containing `/docker-entrypoint-initdb.d` scripts to be executed at initialization time that contain sensitive data. Evaluated as a template.
|
|
##
|
|
initScriptsSecret: ""
|
|
## Pod Disruption Budget configuration
|
|
## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb
|
|
## @param aggregator.pdb.create Enable/disable a Pod Disruption Budget creation
|
|
## @param aggregator.pdb.minAvailable Minimum number/percentage of pods that should remain scheduled
|
|
## @param aggregator.pdb.maxUnavailable Maximum number/percentage of pods that may be made unavailable.Defaults to `1` if both `secondary.pdb.minAvailable` and `secondary.pdb.maxUnavailable` are empty.
|
|
##
|
|
pdb:
|
|
create: true
|
|
minAvailable: ""
|
|
maxUnavailable: ""
|
|
## Prometheus Exporter / Metrics
|
|
##
|
|
metrics:
|
|
## @param metrics.enabled Enable the export of Prometheus metrics
|
|
##
|
|
enabled: false
|
|
## Prometheus Exporter service parameters
|
|
##
|
|
service:
|
|
## @param metrics.service.type Prometheus metrics service type
|
|
##
|
|
type: ClusterIP
|
|
## @param metrics.service.port Prometheus metrics service port
|
|
##
|
|
port: 24231
|
|
## @param metrics.service.loadBalancerIP Load Balancer IP if the Prometheus metrics server type is `LoadBalancer`
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer
|
|
##
|
|
loadBalancerIP: ""
|
|
## @param metrics.service.clusterIP Prometheus metrics service Cluster IP
|
|
## e.g.:
|
|
## clusterIP: None
|
|
##
|
|
clusterIP: ""
|
|
## @param metrics.service.loadBalancerSourceRanges Prometheus metrics service Load Balancer sources
|
|
## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
|
|
## e.g:
|
|
## loadBalancerSourceRanges:
|
|
## - 10.10.10.0/24
|
|
##
|
|
loadBalancerSourceRanges: []
|
|
## @param metrics.service.externalTrafficPolicy Prometheus metrics service external traffic policy
|
|
## ref http://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip
|
|
##
|
|
externalTrafficPolicy: Cluster
|
|
## @param metrics.service.annotations [object] Annotations for the Prometheus Exporter service service
|
|
## If port or path annotation is provided the values will be used to in the prometheus ServiceMonitor CRD.
|
|
##
|
|
annotations:
|
|
prometheus.io/scrape: "true"
|
|
prometheus.io/port: "24231"
|
|
prometheus.io/path: "/metrics"
|
|
## @param metrics.service.sessionAffinity Session Affinity for Kubernetes service, can be "None" or "ClientIP"
|
|
## If "ClientIP", consecutive client requests will be directed to the same Pod
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies
|
|
##
|
|
sessionAffinity: None
|
|
## @param metrics.service.sessionAffinityConfig Additional settings for the sessionAffinity
|
|
## sessionAffinityConfig:
|
|
## clientIP:
|
|
## timeoutSeconds: 300
|
|
##
|
|
sessionAffinityConfig: {}
|
|
## Prometheus Operator ServiceMonitor configuration
|
|
##
|
|
serviceMonitor:
|
|
## @param metrics.serviceMonitor.enabled if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`)
|
|
##
|
|
enabled: false
|
|
## @param metrics.serviceMonitor.namespace Namespace in which Prometheus is running
|
|
##
|
|
namespace: ""
|
|
## @param metrics.serviceMonitor.interval Interval at which metrics should be scraped.
|
|
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
|
|
## e.g:
|
|
## interval: 10s
|
|
##
|
|
interval: ""
|
|
## @param metrics.serviceMonitor.scrapeTimeout Timeout after which the scrape is ended
|
|
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
|
|
## e.g:
|
|
## scrapeTimeout: 10s
|
|
##
|
|
scrapeTimeout: ""
|
|
## @param metrics.serviceMonitor.jobLabel The name of the label on the target service to use as the job name in prometheus.
|
|
##
|
|
jobLabel: ""
|
|
## @param metrics.serviceMonitor.relabelings RelabelConfigs to apply to samples before scraping
|
|
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#relabelconfig
|
|
##
|
|
relabelings: []
|
|
## @param metrics.serviceMonitor.metricRelabelings MetricRelabelConfigs to apply to samples before ingestion
|
|
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#relabelconfig
|
|
##
|
|
metricRelabelings: []
|
|
## @param metrics.serviceMonitor.selector Prometheus instance selector labels
|
|
## ref: https://github.com/bitnami/charts/tree/main/bitnami/prometheus-operator#prometheus-configuration
|
|
## e.g:
|
|
## selector:
|
|
## prometheus: my-prometheus
|
|
##
|
|
selector: {}
|
|
## @param metrics.serviceMonitor.labels ServiceMonitor extra labels
|
|
##
|
|
labels: {}
|
|
## @param metrics.serviceMonitor.annotations ServiceMonitor annotations
|
|
##
|
|
annotations: {}
|
|
## @param metrics.serviceMonitor.honorLabels honorLabels chooses the metric's labels on collisions with target labels
|
|
##
|
|
honorLabels: false
|
|
## @param metrics.serviceMonitor.path path defines the path that promethues will use to pull metrics from the container
|
|
##
|
|
path: "/metrics"
|
|
## Enable internal SSL/TLS encryption
|
|
##
|
|
tls:
|
|
## @param tls.enabled Enable TLS/SSL encrytion for internal communications
|
|
##
|
|
enabled: false
|
|
## @param tls.autoGenerated Generate automatically self-signed TLS certificates.
|
|
##
|
|
autoGenerated: false
|
|
## @param tls.forwarder.existingSecret Name of the existing secret containing the TLS certificates for the Fluentd forwarder
|
|
##
|
|
forwarder:
|
|
existingSecret: ""
|
|
## @param tls.aggregator.existingSecret Name of the existing secret containing the TLS certificates for the Fluentd aggregator
|
|
##
|
|
aggregator:
|
|
existingSecret: ""
|