github.com/verrazzano/verrazzano@v1.7.0/platform-operator/helm_config/overrides/fluent-operator-values.yaml

github.com/verrazzano/verrazzano@v1.7.0/platform-operator/helm_config/overrides/fluent-operator-values.yaml (about)

     1  # Copyright (c) 2023, Oracle and/or its affiliates.
     2  # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
     3  
     4  fluentbit:
     5    additionalVolumes:
     6      - configMap:
     7          name: fluent-bit-os-config
     8        name: fluent-bit-os-config
     9      - hostPath:
    10          path: /run/log/journal
    11          type: ""
    12        name: run-log-journal
    13      {{- if .isManagedCluster }}
    14      - name: secret-volume
    15        secret:
    16          items:
    17            - key: es-ca-bundle
    18              path: ca-cert.crt
    19          secretName: {{ .secretName }}
    20      {{- end }}
    21    additionalVolumesMounts:
    22      - mountPath: /fluent-bit/etc/opensearch-config
    23        name: fluent-bit-os-config
    24        readOnly: true
    25      - mountPath: /run/log/journal
    26        name: run-log-journal
    27        readOnly: true
    28      {{- if .isManagedCluster }}
    29      - mountPath: /fluent-bit/etc/secret
    30        name: secret-volume
    31        readOnly: true
    32      {{- end }}
    33    namespaceFluentBitCfgSelector:
    34      matchLabels:
    35        fluentbit.verrazzano.io/namespace-config: verrazzano
    36    input:
    37      tail:
    38        readFromHead: true
    39        storageType: filesystem
    40        pauseOnChunksOverlimit: "on"
    41      systemd:
    42        path: "/run/log/journal"
    43        stripUnderscores: "on"
    44        systemdFilter:
    45          enable: false
    46        storageType: filesystem
    47        pauseOnChunksOverlimit: "on"
    48      fluentBitMetrics:
    49        scrapeInterval: "2"
    50        scrapeOnStart: true
    51        tag: "fb.metrics"
    52    output:
    53      prometheusMetricsExporter:
    54        match: "fb.metrics"
    55        metricsExporter:
    56          host: "0.0.0.0"
    57          port: 2020
    58          addLabels:
    59            app: "fluentbit"
    60    filter:
    61      systemd:
    62        enable: false
    63      kubernetes:
    64        labels: true
    65        annotations: true
    66    envVars:
    67      - name: CLUSTER_NAME
    68        value: {{ .clusterName }}
    69    # Pod security context for Fluentbit Pod. Ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
    70    podSecurityContext:
    71      seccompProfile:
    72        type: RuntimeDefault
    73    securityContext:
    74      allowPrivilegeEscalation: false
    75      privileged: false
    76      capabilities:
    77        drop:
    78        - ALL
    79    service:
    80      storage:
    81        path: "/fluent-bit/tail/"
    82        backlogMemLimit: "5M"
    83        checksum: "off"
    84        metrics: "off"
    85        sync: normal
    86  
    87  operator:
    88    # Pod security context for Fluent Operator pod. Ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
    89    podSecurityContext:
    90      runAsGroup: 1025
    91      runAsNonRoot: true
    92      runAsUser: 1025
    93      seccompProfile:
    94        type: RuntimeDefault
    95    securityContext:
    96      allowPrivilegeEscalation: false
    97      privileged: false
    98      capabilities:
    99        drop:
   100          - ALL