diff --git a/README.md b/README.md index 2f614381..1e024387 100644 --- a/README.md +++ b/README.md @@ -46,6 +46,7 @@ At present, control plane logs are not covered as part of out of the box collect The out of the box collection for these logs will be available soon for generic Kubernetes clusters and for OKE (when OKE makes these logs accessible to end users). ### Application Pod/Container Logs + All the logs from application pods writing STDOUT/STDERR are typically available under /var/log/containers/. Application which are having custom log handlers (say log4j or similar) may route their logs differently but in general would be available on the node (through a volume). @@ -91,7 +92,7 @@ The following are the list of objects supported at present: We are in the process of building a docker image based off Oracle Linux 8 including Fluentd, OCI Logging Analytics Output Plugin and all the required dependencies. All the dependencies will be build from source and installed into the image. This image soon would be available to use as a pre-built image as is (OR) to create a custom image using this image as a base image. At present, for testing purposes follow the below mentioned steps to build an image using official Fluentd Docker Image as base image (off Debian). -- Download all the files from [this dir](/logan/docker-images/v1.0/debian/) into a local machine having access to internet. +- Download all the files from [this dir](logan/docker-images/v1.0/debian/) into a local machine having access to internet. - Run the following command to build the docker image. - *docker build -t fluentd_oci_la -f Dockerfile .* - The docker image built from the above step, can either be pushed to Docker Hub or OCI Container Registry (OCIR) or to a Local Docker Registry depending on the requirements. @@ -107,7 +108,7 @@ At present, for testing purposes follow the below mentioned steps to build an im #### To enable Logs collection -Download all the yaml files from [this dir](/logan/kubernetes-resources/logs-collection/). +Download all the yaml files from [this dir](logan/kubernetes-resources/logs-collection/). These yaml files needs to be applied using kubectl to create the necessary resources that enables the logs collection into Logging Analytics through a Fluentd based DaemonSet. ##### configmap-docker.yaml | configmap-cri.yaml @@ -163,7 +164,7 @@ kubectl rollout restart daemonset oci-la-fluentd-daemonset -n=kube-system #### To enable Kubernetes Objects collection -Download all the yaml files from [this dir](/logan/kubernetes-resources/objects-collection/). +Download all the yaml files from [this dir](logan/kubernetes-resources/objects-collection/). These yaml files needs to be applied using kubectl to create the necessary resources that enables the Kuberetes Objects collection into Logging Analytics. ##### configMap-objects.yaml @@ -202,15 +203,42 @@ kubectl rollout restart deployment oci-la-fluentd-deployment -n=kube-system ### Deploying Kuberenetes resources using Helm -Coming soon ... +#### Pre-requisites + +- Install helm if not done already. Refer [this](https://helm.sh/docs/intro/install/). +- Download the helm chart from [this dir](logan/helm-chart/). +#### values.yaml +- This file contains all the default values possible to setup the logs and objects collection, but few values needs to be provided either through an external values.yaml file or by modifying this file. It is recommended to use external values.yaml to override any values. +- Inline documentation has the description and possible values for each of the configuration parameters. +- At minimum, the following needs to be set accordingly. image:url, ociLANamespace, ociLALogGroupID. It is recommended to set kubernetesClusterID and kubernetesClusterName too, to tag all the logs processed with corresponding Kubernetes cluster at Logging Analytics. +- Use "docker" as runtime for Kubernetes clusters based off Docker runtime (e.g., OKE < 1.20) and "cri" for Kubernetes clusters based off CRI-O. The default is "cri". +- Use "InstancePrincipal" as authtype for OKE and all clusters which are running on OCI VMs and "config" as authtype for OCI Config file based Auth/AuthZ. config under oci section needs to be updated with relevant info when authtype is chosen as "config". The default is "InstancePrincipal". +#### Commands Reference +It is recommended to validate the values using the following `helm template` command before actually installing. Provide path to exterval values.yaml and path to helm-chart. + +``` +helm template --values +``` +Now, the chart can be installed using the following `helm install` command. Provide a desired release name, path to exterval values.yaml and path to helm-chart. +``` +helm install --values +``` +Use the following `helm upgrade` command if any further changes to values.yaml needs to be applied or a new chart version needs to be deployed. Refer [this](https://helm.sh/docs/helm/helm_upgrade/) for further details on `helm upgrade`. +``` +helm upgrade --values +``` +Use the following `helm uninstall` command to delete the chart. Provide the release name used when creating the chart. - \ No newline at end of file +``` +helm uninstall +``` + diff --git a/logan/helm-chart/Chart.yaml b/logan/helm-chart/Chart.yaml new file mode 100644 index 00000000..c92f52c5 --- /dev/null +++ b/logan/helm-chart/Chart.yaml @@ -0,0 +1,25 @@ +apiVersion: v2 +name: oci-la-fluentd +description: Helm chart for collecting Kubernetes logs and objects using Fluentd into OCI Logging Analytics. + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 1.0.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +# appVersion here reflects OCI Logging Analytics Fluentd Output Plugin version +appVersion: "2.0.0" diff --git a/logan/helm-chart/templates/NOTES.txt b/logan/helm-chart/templates/NOTES.txt new file mode 100644 index 00000000..e69de29b diff --git a/logan/helm-chart/templates/_helpers.tpl b/logan/helm-chart/templates/_helpers.tpl new file mode 100644 index 00000000..5ff69cb2 --- /dev/null +++ b/logan/helm-chart/templates/_helpers.tpl @@ -0,0 +1,14 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "oci-la-fluentd.name" -}} +{{- default .Chart.Name .Values.name | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{- define "common.tplvalues.render" -}} + {{- if typeIs "string" .value }} + {{- tpl .value .context }} + {{- else }} + {{- tpl (.value | toYaml) .context }} + {{- end }} +{{- end -}} diff --git a/logan/helm-chart/templates/clusterrole-logs.yaml b/logan/helm-chart/templates/clusterrole-logs.yaml new file mode 100644 index 00000000..5bd9167c --- /dev/null +++ b/logan/helm-chart/templates/clusterrole-logs.yaml @@ -0,0 +1,15 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "oci-la-fluentd.name" . }}-logs-clusterrole + namespace: {{ default "kube-system" .Values.namespace }} +rules: +- apiGroups: + - "" + resources: + - '*' + verbs: + - get + - list + - watch \ No newline at end of file diff --git a/logan/helm-chart/templates/clusterrole-objects.yaml b/logan/helm-chart/templates/clusterrole-objects.yaml new file mode 100644 index 00000000..ba6beef6 --- /dev/null +++ b/logan/helm-chart/templates/clusterrole-objects.yaml @@ -0,0 +1,23 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "oci-la-fluentd.name" . }}-objects-clusterrole + namespace: {{ default "kube-system" .Values.namespace }} +rules: + - apiGroups: + - "" + resources: + - '*' + verbs: + - get + - list + - watch + - apiGroups: + - apps + resources: + - '*' + verbs: + - get + - list + - watch \ No newline at end of file diff --git a/logan/helm-chart/templates/clusterrolebinding-logs.yaml b/logan/helm-chart/templates/clusterrolebinding-logs.yaml new file mode 100644 index 00000000..ad66ee97 --- /dev/null +++ b/logan/helm-chart/templates/clusterrolebinding-logs.yaml @@ -0,0 +1,13 @@ +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ include "oci-la-fluentd.name" . }}-logs-clusterrolebinding +roleRef: + kind: ClusterRole + name: {{ include "oci-la-fluentd.name" . }}-logs-clusterrole + apiGroup: rbac.authorization.k8s.io +subjects: +- kind: ServiceAccount + name: {{ include "oci-la-fluentd.name" . }}-serviceaccount + namespace: {{ default "kube-system" .Values.namespace }} \ No newline at end of file diff --git a/logan/helm-chart/templates/clusterrolebinding-objects.yaml b/logan/helm-chart/templates/clusterrolebinding-objects.yaml new file mode 100644 index 00000000..cde18b29 --- /dev/null +++ b/logan/helm-chart/templates/clusterrolebinding-objects.yaml @@ -0,0 +1,13 @@ +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ include "oci-la-fluentd.name" . }}-objects-clusterrolebinding +roleRef: + kind: ClusterRole + name: {{ include "oci-la-fluentd.name" . }}-objects-clusterrole + apiGroup: rbac.authorization.k8s.io +subjects: +- kind: ServiceAccount + name: {{ include "oci-la-fluentd.name" . }}-serviceaccount + namespace: {{ default "kube-system" .Values.namespace }} \ No newline at end of file diff --git a/logan/helm-chart/templates/configmap-logs.yaml b/logan/helm-chart/templates/configmap-logs.yaml new file mode 100644 index 00000000..4d28c7c9 --- /dev/null +++ b/logan/helm-chart/templates/configmap-logs.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "oci-la-fluentd.name" . }}-logs-configmap + namespace: {{ default "kube-system" .Values.namespace }} +data: + # file-like keys + {{- range $key, $value := .Values.fluentd.configMapLogsFiles }} + {{ $key }}: | + {{- include "common.tplvalues.render" (dict "value" $value "context" $) | nindent 4 }} + {{- end }} diff --git a/logan/helm-chart/templates/configmap-objects.yaml b/logan/helm-chart/templates/configmap-objects.yaml new file mode 100644 index 00000000..5a8c02f5 --- /dev/null +++ b/logan/helm-chart/templates/configmap-objects.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "oci-la-fluentd.name" . }}-objects-configmap + namespace: {{ default "kube-system" .Values.namespace }} +data: + # file-like keys + {{- range $key, $value := .Values.fluentd.configMapObjectsFiles }} + {{ $key }}: | + {{- include "common.tplvalues.render" (dict "value" $value "context" $) | nindent 4 }} + {{- end }} \ No newline at end of file diff --git a/logan/helm-chart/templates/fluentd-daemonset.yaml b/logan/helm-chart/templates/fluentd-daemonset.yaml new file mode 100644 index 00000000..7519e826 --- /dev/null +++ b/logan/helm-chart/templates/fluentd-daemonset.yaml @@ -0,0 +1,115 @@ +--- +{{- $authtype := .Values.authtype | lower }} +{{- $imagePullSecrets := .Values.image.imagePullSecrets }} +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: {{ include "oci-la-fluentd.name" . }}-daemonset + namespace: {{ default "kube-system" .Values.namespace }} + labels: + app: {{ include "oci-la-fluentd.name" . }}-logs + version: v1 +spec: + selector: + matchLabels: + app: {{ include "oci-la-fluentd.name" . }}-logs + version: v1 + template: + metadata: + annotations: + {{- if eq $authtype "config" }} + checksum/secrets: {{ include (print $.Template.BasePath "/oci-config-secrets.yaml") . | sha256sum }} + {{- end}} + checksum/configmap: {{ include (print $.Template.BasePath "/configmap-logs.yaml") . | sha256sum }} + labels: + app: {{ include "oci-la-fluentd.name" . }}-logs + version: v1 + spec: + serviceAccountName: {{ include "oci-la-fluentd.name" . }}-serviceaccount + tolerations: + - key: node-role.kubernetes.io/master + effect: NoSchedule + {{- if $imagePullSecrets }} + imagePullSecrets: + - name: {{ .Values.image.imagePullSecrets }} + {{- end}} + containers: + - name: {{ include "oci-la-fluentd.name" . }}-logs + image: {{ .Values.image.url }} + imagePullPolicy: {{ default "IfNotPresent" .Values.image.imagePullPolicy }} + env: + - name: FLUENTD_CONF + value: {{ .Values.fluentd.path }}/{{ .Values.fluentd.file }} + - name: K8S_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: FLUENT_OCI_DEFAULT_LOGGROUP_ID + value: {{ .Values.ociLALogGroupID }} + - name: FLUENT_OCI_NAMESPACE + value: {{ .Values.ociLANamespace }} + - name: FLUENT_OCI_KUBERNETES_CLUSTER_ID + value: {{ .Values.kubernetesClusterID }} + - name: FLUENT_OCI_KUBERNETES_CLUSTER_NAME + value: {{ .Values.kubernetesClusterName }} + {{- if eq $authtype "config" }} + - name: FLUENT_OCI_CONFIG_LOCATION + value: {{ .Values.oci.path }}/{{ .Values.oci.file }} + {{- end }} + {{- if .Values.extraEnv }} + {{- toYaml .Values.extraEnv | nindent 10 }} + {{- end }} + {{- if .Values.resources }} + resources: {{- toYaml .Values.resources | nindent 10 }} + {{- end }} + volumeMounts: + - name: varlog + mountPath: /var/log + # Mount all relevant locations depending on where the actual logs presents. + - name: dockercontainerlogdirectory + mountPath: {{ .Values.volumes.podsHostPath }} + readOnly: true + - name: dockercontainerdatadirectory + mountPath: {{ .Values.volumes.containerdataHostPath }} + readOnly: true + {{- if eq $authtype "config" }} + # Mount directory where oci config exists + - name: ociconfigdir + mountPath: {{ .Values.oci.path }} + readOnly: true + {{- end }} + # Mount directory where fluentd config exists + - name: fluentdconfigdir + mountPath: {{ .Values.fluentd.path }} + readOnly: true + {{- if .Values.extraVolumeMounts }} + {{- toYaml .Values.extraVolumeMounts | nindent 8 }} + {{- end }} + terminationGracePeriodSeconds: 30 + volumes: + {{- if .Values.extraVolumes }} + {{- toYaml .Values.extraVolumes | nindent 6 }} + {{- end }} + - name: varlog + hostPath: + path: /var/log + # Mount all relevant locations depending on where the actual logs presents. + - name: dockercontainerlogdirectory + hostPath: + path: {{ .Values.volumes.podsHostPath }} + - name: dockercontainerdatadirectory + hostPath: + path: {{ .Values.volumes.containerdataHostPath }} + {{- if eq $authtype "config" }} + # Mount directory where oci config exists + - name: ociconfigdir + projected: + sources: + - secret: + name: {{ include "oci-la-fluentd.name" . }}-credentials-secret + {{- end }} + # Mount directory where fluentd config exists + - name: fluentdconfigdir + configMap: + # Provide the name of the ConfigMap to mount. + name: {{ include "oci-la-fluentd.name" . }}-logs-configmap diff --git a/logan/helm-chart/templates/fluentd-deployment.yaml b/logan/helm-chart/templates/fluentd-deployment.yaml new file mode 100644 index 00000000..44bc0216 --- /dev/null +++ b/logan/helm-chart/templates/fluentd-deployment.yaml @@ -0,0 +1,98 @@ +--- +{{- $authtype := .Values.authtype | lower }} +{{- $imagePullSecrets := .Values.image.imagePullSecrets }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "oci-la-fluentd.name" . }}-deployment + namespace: {{ default "kube-system" .Values.namespace }} + labels: + app: {{ include "oci-la-fluentd.name" . }}-objects + version: v1 +spec: + selector: + matchLabels: + app: {{ include "oci-la-fluentd.name" . }}-objects + version: v1 + template: + metadata: + annotations: + {{- if eq $authtype "config" }} + checksum/secrets: {{ include (print $.Template.BasePath "/oci-config-secrets.yaml") . | sha256sum }} + {{- end}} + checksum/configmap: {{ include (print $.Template.BasePath "/configmap-objects.yaml") . | sha256sum }} + labels: + app: {{ include "oci-la-fluentd.name" . }}-objects + version: v1 + spec: + serviceAccountName: {{ include "oci-la-fluentd.name" . }}-serviceaccount + {{- if $imagePullSecrets }} + imagePullSecrets: + - name: {{ .Values.image.imagePullSecrets }} + {{- end}} + containers: + - name: {{ include "oci-la-fluentd.name" . }}-objects + image: {{ .Values.image.url }} + imagePullPolicy: {{ default "IfNotPresent" .Values.image.imagePullPolicy }} + env: + - name: FLUENTD_CONF + value: {{ .Values.fluentd.path }}/{{ .Values.fluentd.file }} + - name: K8S_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: FLUENT_OCI_DEFAULT_LOGGROUP_ID + value: {{ .Values.ociLALogGroupID }} + - name: FLUENT_OCI_NAMESPACE + value: {{ .Values.ociLANamespace }} + - name: FLUENT_OCI_KUBERNETES_CLUSTER_ID + value: {{ .Values.kubernetesClusterID }} + - name: FLUENT_OCI_KUBERNETES_CLUSTER_NAME + value: {{ .Values.kubernetesClusterName }} + {{- if eq $authtype "config" }} + - name: FLUENT_OCI_CONFIG_LOCATION + value: {{ .Values.oci.path }}/{{ .Values.oci.file }} + {{- end }} + {{- if .Values.extraEnv }} + {{- toYaml .Values.extraEnv | nindent 10 }} + {{- end }} + {{- if .Values.resources }} + resources: {{- toYaml .Values.resources | nindent 10 }} + {{- end }} + volumeMounts: + - name: varlog + mountPath: /var/log + {{- if eq $authtype "config" }} + # Mount directory where oci config exists + - name: ociconfigdir + mountPath: {{ .Values.oci.path }} + readOnly: true + {{- end }} + # Mount directory where fluentd config exists + - name: fluentdconfigdir + mountPath: {{ .Values.fluentd.path }} + readOnly: true + {{- if .Values.extraVolumeMounts }} + {{- toYaml .Values.extraVolumeMounts | nindent 8 }} + {{- end }} + terminationGracePeriodSeconds: 30 + volumes: + {{- if .Values.extraVolumes }} + {{- toYaml .Values.extraVolumes | nindent 6 }} + {{- end }} + - name: varlog + hostPath: + path: /var/log + {{- if eq $authtype "config" }} + # Mount directory where oci config exists + - name: ociconfigdir + projected: + sources: + - secret: + name: {{ include "oci-la-fluentd.name" . }}-credentials-secret + {{- end }} + # Mount directory where fluentd config exists + - name: fluentdconfigdir + configMap: + # Provide the name of the ConfigMap to mount. + name: {{ include "oci-la-fluentd.name" . }}-objects-configmap diff --git a/logan/helm-chart/templates/oci-config-secrets.yaml b/logan/helm-chart/templates/oci-config-secrets.yaml new file mode 100644 index 00000000..15290203 --- /dev/null +++ b/logan/helm-chart/templates/oci-config-secrets.yaml @@ -0,0 +1,14 @@ +{{- $authtype := .Values.authtype | lower }} +{{- if eq $authtype "config" }} +apiVersion: v1 +kind: Secret +type: Opaque +metadata: + name: {{ include "oci-la-fluentd.name" . }}-credentials-secret + namespace: {{ default "kube-system" .Values.namespace }} +stringData: + {{- range $key, $value := .Values.oci.configFiles }} + {{ $key }}: | + {{- include "common.tplvalues.render" (dict "value" $value "context" $) | nindent 4 }} + {{- end }} +{{- end}} \ No newline at end of file diff --git a/logan/helm-chart/templates/serviceAccount.yaml b/logan/helm-chart/templates/serviceAccount.yaml new file mode 100644 index 00000000..8ccd8b41 --- /dev/null +++ b/logan/helm-chart/templates/serviceAccount.yaml @@ -0,0 +1,6 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "oci-la-fluentd.name" . }}-serviceaccount + namespace: {{ default "kube-system" .Values.namespace }} \ No newline at end of file diff --git a/logan/helm-chart/values.schema.json b/logan/helm-chart/values.schema.json new file mode 100644 index 00000000..2f338c7b --- /dev/null +++ b/logan/helm-chart/values.schema.json @@ -0,0 +1,45 @@ +{ + "$schema": "http://json-schema.org/schema#", + "required": [ + "runtime", + "authtype", + "namespace", + "image", + "ociLANamespace", + "ociLALogGroupID" + ], + "properties": { + "image": { + "type": "object", + "required": [ + "url" + ], + "properties": { + "url": { + "type": "string" + }, + "pullPolicy": { + "type": "string", + "pattern": "^(Always|Never|IfNotPresent)$" + } + } + }, + "runtime": { + "type": "string", + "enum": ["docker", "cri"] + }, + "authtype": { + "type": "string", + "enum": ["InstancePrincipal", "config"] + }, + "namespace": { + "type": "string" + }, + "ociLANamespace": { + "type": "string" + }, + "ociLALogGroupID": { + "type": "string" + } + } +} \ No newline at end of file diff --git a/logan/helm-chart/values.yaml b/logan/helm-chart/values.yaml new file mode 100644 index 00000000..7c815f40 --- /dev/null +++ b/logan/helm-chart/values.yaml @@ -0,0 +1,798 @@ +# This value is to determine the runtime of k8s and change the configuration of fluentd accordingly +# Possible values are docker and cri(for OKE 1.20 and above) +runtime: cri +# Auth type to be used by oci fluentd output plugin to upload logs into logging analytics +# Possible values are InstancePrincipal and config +authtype: InstancePrincipal +# namespace of k8s in which this helm chart needs to be installed +namespace: kube-system +image: + # Replace this value with actual image pull secrets. + # Make sure the secret is in the same namespace as defined above. + imagePullSecrets: + # Replace this value with actual docker image url + url: + # Replace this value with desired value for image pull policy + imagePullPolicy: Always +# Logging Analytics Namespace +ociLANamespace: +# Logging Analytics Default Log Group ID +ociLALogGroupID: +# Kubernetes Cluster ID +kubernetesClusterID: +# Kubernetes Cluster NAME +kubernetesClusterName: +## @param extraEnv extra env variables. Below is an example env variable +## - name: ENV_VARIABLE_NAME +## value: ENV_VARIABLE_VALUE +extraEnv: [] +## parameters to set requests and limits for memory and cpu +resources: + limits: + memory: 750Mi + requests: + cpu: 100m + memory: 500Mi +## @param extraVolumes Extra volumes. Below is an example extra volume +## - name: tmpDir +## hostPath: +## path: /tmp +extraVolumes: [] +## @param extraVolumeMounts Mount extra volume(s). Below is an example extra volume mount +## - name: tmpDir +## mountPath: /tmp +## +extraVolumeMounts: [] +volumes: + # This value is path to the pod logs in the host machine. + # Replace this value with desired path depending on environment. + podsHostPath: /var/log/pods + # This value is path to the container data logs in the host machine. + # Replace this value with desired path depending on environment. + containerdataHostPath: /u01/data/docker/containers +## oci section is only required when config file based auth is used. +oci: + # path to the config file + path: /var/opt/.oci + # config file name + file: config + configFiles: + # config file data + config: |- + # Replace each of the below fields with actual values. + [DEFAULT] + user= + fingerprint= + key_file= + tenancy= + region= + # private key file data + private.pem: |- + # Replace this private key with actual value. + -----BEGIN RSA PRIVATE KEY----- + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + -----END RSA PRIVATE KEY----- +# The collection frequency for Kubernetes Objects +objectsPollingFrequency: 5m +# The following section represent the Fluentd configuration. +fluentd: + # path to the fluentd config file + path: /var/opt/conf + # fluentd config file name + file: fluent.conf + configMapLogsFiles: + # fluentd config file data. + fluent.conf: | + {{- $authtype := .Values.authtype | lower }} + @include kubernetes.conf + + # Filter to add kubernetes metadata + + @type kubernetes_metadata + @id filter_kube_metadata + kubernetes_url "#{ENV['FLUENT_FILTER_KUBERNETES_URL'] || 'https://' + ENV.fetch('KUBERNETES_SERVICE_HOST') + ':' + ENV.fetch('KUBERNETES_SERVICE_PORT') + '/api'}" + verify_ssl "#{ENV['KUBERNETES_VERIFY_SSL'] || true}" + ca_file "#{ENV['KUBERNETES_CA_FILE']}" + skip_labels "#{ENV['FLUENT_KUBERNETES_METADATA_SKIP_LABELS'] || 'false'}" + skip_container_metadata "#{ENV['FLUENT_KUBERNETES_METADATA_SKIP_CONTAINER_METADATA'] || 'false'}" + skip_master_url "#{ENV['FLUENT_KUBERNETES_METADATA_SKIP_MASTER_URL'] || 'false'}" + skip_namespace_metadata "#{ENV['FLUENT_KUBERNETES_METADATA_SKIP_NAMESPACE_METADATA'] || 'false'}" + watch "#{ENV['FLUENT_KUBERNETES_WATCH'] || 'true'}" + + + # Match block to set info required for oci-logging-analytics fluentd output plugin + + @type oci-logging-analytics + enable_ruby true + namespace "#{ENV['FLUENT_OCI_NAMESPACE']}" + endpoint "#{ENV['FLUENT_OCI_ENDPOINT']}" + {{- if eq $authtype "config" }} + config_file_location "#{ENV['FLUENT_OCI_CONFIG_LOCATION'] || '/var/opt/.oci/config'}" + profile_name "#{ENV['FLUENT_OCI_PROFILE'] || 'DEFAULT'}" + {{- end }} + plugin_log_location "#{ENV['FLUENT_OCI_LOG_LOCATION'] || '/var/log/'}" + plugin_log_level "#{ENV['FLUENT_OCI_LOG_LEVEL'] || 'info'}" + plugin_log_file_size "#{ENV['FLUENT_OCI_LOG_FILE_SIZE'] || '10MB'}" + plugin_log_file_count "#{ENV['FLUENT_OCI_LOG_FILE_COUNT'] || 10}" + kubernetes_metadata_keys_mapping {"container_name":"Container","namespace_name":"Namespace","pod_name":"Pod","container_image":"Container Image Name","host":"Node"} + + @type file + path "#{ENV['FLUENT_OCI_BUFFER_PATH'] || '/var/log/oci_la_fluentd_outplugin/logs/buffer/'}" + flush_thread_count "#{ENV['FLUENT_OCI_FLUSH_THREAD_COUNT'] || 1}" + chunk_limit_size "#{ENV['FLUENT_OCI_CHUNK_LIMIT_SIZE'] || '2m'}" # 2MB + total_limit_size "#{ENV['FLUENT_OCI_TOTAL_LIMIT_SIZE'] || 5368709120}" # 5GB + flush_interval "#{ENV['FLUENT_OCI_FLUSH_INTERVAL'] || 30}" # seconds + flush_thread_interval "#{ENV['FLUENT_OCI_FLUSH_THREAD_INTERVAL'] || 0.5}" + flush_thread_burst_interval "#{ENV['FLUENT_OCI_FLUSH_THREAD_BURST_INTERVAL'] || 0.05}" + retry_wait "#{ENV['FLUENT_OCI_RETRY_WAIT'] || 2}" # seconds + retry_max_times "#{ENV['FLUENT_OCI_RETRY_MAX_TIMES'] || 17}" + retry_exponential_backoff_base "#{ENV['FLUENT_OCI_RETRY_EXPONENTIAL_BACKOFF_BASE'] || 2}" + retry_forever "#{ENV['FLUENT_OCI_RETRY_FOREVER'] || true}" + disable_chunk_backup true + + + # kubernetes config file data which is included in main fluentd config file. + kubernetes.conf: | + {{- $runtime := .Values.runtime | lower }} + # To ignore all the fluentd core generated events + + # Config for Kube Proxy Logs Collection + # Source config section to collect Kube Proxy logs from /var/log/containers/kube-proxy-*.log using Fluentd tail plugin. + + @type tail + @id in_tail_kube_proxy + path_key tailed_path + path /var/log/containers/kube-proxy-*.log + pos_file /var/log/oci_la_fluentd_outplugin/pos/kube-proxy.logs.pos + tag oci.oke.kube-proxy.* + read_from_head "#{ENV['FLUENT_OCI_READ_FROM_HEAD'] || true}" + + {{- if eq $runtime "docker" }} + @type json + {{- else}} + @type cri + {{- end }} + + + + # Record transformer filter to apply Logging Analytics configuration to each record. + + @type record_transformer + enable_ruby true + + oci_la_metadata ${{"{{"}}"Kubernetes Cluster Name": "#{ENV['FLUENT_OCI_KUBERNETES_CLUSTER_NAME'] || 'UNDEFINED'}", "Kubernetes Cluster ID": "#{ENV['FLUENT_OCI_KUBERNETES_CLUSTER_ID'] || 'UNDEFINED'}"{{"}}"}} + oci_la_log_group_id "#{ENV['FLUENT_OCI_KUBERNETES_LOGGROUP_ID'] || ENV['FLUENT_OCI_DEFAULT_LOGGROUP_ID']}" + oci_la_log_path "${record['tailed_path']}" + oci_la_log_source_name "Kubernetes Proxy Logs" + {{- if eq $runtime "docker" }} + message "${record['log']}" + {{- end }} + tag ${tag} + + + + # Concat filter to handle multi-line log records. + + @type concat + key message + stream_identity_key stream + multiline_start_regexp /^\S\d{2}\d{2}\s+[^\:]+:[^\:]+:[^\.]+\.\d{0,3}/ + + + # Config for Kube Flannel Logs Collection + # Source config section to collect Kube Flannel logs from /var/log/containers/kube-flannel-*.log using Fluentd tail plugin. + + @type tail + @id in_tail_kube_flannel + path_key tailed_path + path /var/log/containers/kube-flannel-*.log + pos_file /var/log/oci_la_fluentd_outplugin/pos/kube-flannel.logs.pos + tag oci.oke.kube-flannel.* + read_from_head "#{ENV['FLUENT_OCI_READ_FROM_HEAD'] || true}" + + {{- if eq $runtime "docker" }} + @type json + {{- else}} + @type cri + {{- end }} + + + + # Record transformer filter to apply Logging Analytics configuration to each record. + + @type record_transformer + enable_ruby true + + oci_la_metadata ${{"{{"}}"Kubernetes Cluster Name": "#{ENV['FLUENT_OCI_KUBERNETES_CLUSTER_NAME'] || 'UNDEFINED'}", "Kubernetes Cluster ID": "#{ENV['FLUENT_OCI_KUBERNETES_CLUSTER_ID'] || 'UNDEFINED'}"{{"}}"}} + oci_la_log_group_id "#{ENV['FLUENT_OCI_KUBERNETES_LOGGROUP_ID'] || ENV['FLUENT_OCI_DEFAULT_LOGGROUP_ID']}" + oci_la_log_path "${record['tailed_path']}" + oci_la_log_source_name "Kubernetes Flannel Logs" + {{- if eq $runtime "docker" }} + message "${record['log']}" + {{- end }} + tag ${tag} + + + + # Concat filter to handle multi-line log records. + + @type concat + key message + stream_identity_key stream + multiline_start_regexp /^\S\d{2}\d{2}\s+[^\:]+:[^\:]+:[^\.]+\.\d{0,3}/ + + + # Config for Kube DNS Autoscalar Logs Collection + # Source config section to collect Kube DNS Autoscalar logs from /var/log/containers/kube-dns-autoscaler-*.log using Fluentd tail plugin. + + @type tail + @id in_tail_kube_dns_autoscaler + path_key tailed_path + path /var/log/containers/kube-dns-autoscaler-*.log + pos_file /var/log/oci_la_fluentd_outplugin/pos/kube-dns-autoscaler.logs.pos + tag oci.oke.kube-dns-autoscaler.* + read_from_head "#{ENV['FLUENT_OCI_READ_FROM_HEAD'] || true}" + + {{- if eq $runtime "docker" }} + @type json + {{- else}} + @type cri + {{- end }} + + + + # Record transformer filter to apply Logging Analytics configuration to each record. + + @type record_transformer + enable_ruby true + + oci_la_metadata ${{"{{"}}"Kubernetes Cluster Name": "#{ENV['FLUENT_OCI_KUBERNETES_CLUSTER_NAME'] || 'UNDEFINED'}", "Kubernetes Cluster ID": "#{ENV['FLUENT_OCI_KUBERNETES_CLUSTER_ID'] || 'UNDEFINED'}"{{"}}"}} + oci_la_log_group_id "#{ENV['FLUENT_OCI_KUBERNETES_LOGGROUP_ID'] || ENV['FLUENT_OCI_DEFAULT_LOGGROUP_ID']}" + oci_la_log_path "${record['tailed_path']}" + oci_la_log_source_name "Kubernetes DNS Autoscaler Logs" + {{- if eq $runtime "docker" }} + message "${record['log']}" + {{- end }} + tag ${tag} + + + + # Concat filter to handle multi-line log records. + + @type concat + key message + stream_identity_key stream + multiline_start_regexp /^\S\d{2}\d{2}\s+[^\:]+:[^\:]+:[^\.]+\.\d{0,3}/ + + + # Config for Coredns Logs Collection + # Source config section to collect Coredns logs from /var/log/containers/coredns-*.log using Fluentd tail plugin. + + @type tail + @id in_tail_coredns + path_key tailed_path + path /var/log/containers/coredns-*.log + pos_file /var/log/oci_la_fluentd_outplugin/pos/coredns.logs.pos + tag oci.oke.kube.coredns.* + read_from_head "#{ENV['FLUENT_OCI_READ_FROM_HEAD'] || true}" + + {{- if eq $runtime "docker" }} + @type json + {{- else}} + @type cri + {{- end }} + + + + # Record transformer filter to apply Logging Analytics configuration to each record. + + @type record_transformer + enable_ruby true + + oci_la_metadata ${{"{{"}}"Kubernetes Cluster Name": "#{ENV['FLUENT_OCI_KUBERNETES_CLUSTER_NAME'] || 'UNDEFINED'}", "Kubernetes Cluster ID": "#{ENV['FLUENT_OCI_KUBERNETES_CLUSTER_ID'] || 'UNDEFINED'}"{{"}}"}} + oci_la_log_group_id "#{ENV['FLUENT_OCI_KUBERNETES_LOGGROUP_ID'] || ENV['FLUENT_OCI_DEFAULT_LOGGROUP_ID']}" + oci_la_log_path "${record['tailed_path']}" + oci_la_log_source_name "Kubernetes Core DNS Logs" + {{- if eq $runtime "docker" }} + message "${record['log']}" + {{- end }} + tag ${tag} + + + + # Concat filter to handle multi-line log records. + + @type concat + key message + stream_identity_key stream + multiline_start_regexp /^\[[^\]]+\]\s+/ + + + # Config for CSI Node Logs Collection + # Source config section to collect CSI Node logs from /var/log/containers/csi-oci-node-*.log using Fluentd tail plugin. + + @type tail + @id in_tail_csinode + path_key tailed_path + path /var/log/containers/csi-oci-node-*.log + pos_file /var/log/oci_la_fluentd_outplugin/pos/csinode.logs.pos + tag oci.oke.csinode.* + read_from_head "#{ENV['FLUENT_OCI_READ_FROM_HEAD'] || true}" + + {{- if eq $runtime "docker" }} + @type json + {{- else}} + @type cri + {{- end }} + + + + # Record transformer filter to apply Logging Analytics configuration to each record. + + @type record_transformer + enable_ruby true + + oci_la_metadata ${{"{{"}}"Kubernetes Cluster Name": "#{ENV['FLUENT_OCI_KUBERNETES_CLUSTER_NAME'] || 'UNDEFINED'}", "Kubernetes Cluster ID": "#{ENV['FLUENT_OCI_KUBERNETES_CLUSTER_ID'] || 'UNDEFINED'}"{{"}}"}} + oci_la_log_group_id "#{ENV['FLUENT_OCI_KUBERNETES_LOGGROUP_ID'] || ENV['FLUENT_OCI_DEFAULT_LOGGROUP_ID']}" + oci_la_log_path "${record['tailed_path']}" + oci_la_log_source_name "Kubernetes CSI Node Driver Logs" + {{- if eq $runtime "docker" }} + message "${record['log']}" + {{- end }} + tag ${tag} + + + + # Config for Proxymux Logs Collection + # Source config section to collect Proxymux logs from /var/log/containers/proxymux-client-*.log using Fluentd tail plugin. + + @type tail + @id in_tail_proxymux + path_key tailed_path + path /var/log/containers/proxymux-client-*.log + pos_file /var/log/oci_la_fluentd_outplugin/pos/proxymux.logs.pos + tag oci.oke.proxymux-client.* + read_from_head "#{ENV['FLUENT_OCI_READ_FROM_HEAD'] || true}" + + {{- if eq $runtime "docker" }} + @type json + {{- else}} + @type cri + {{- end }} + + + + # Record transformer filter to apply Logging Analytics configuration to each record. + + @type record_transformer + enable_ruby true + + oci_la_metadata ${{"{{"}}"Kubernetes Cluster Name": "#{ENV['FLUENT_OCI_KUBERNETES_CLUSTER_NAME'] || 'UNDEFINED'}", "Kubernetes Cluster ID": "#{ENV['FLUENT_OCI_KUBERNETES_CLUSTER_ID'] || 'UNDEFINED'}"{{"}}"}} + oci_la_log_group_id "#{ENV['FLUENT_OCI_KUBERNETES_LOGGROUP_ID'] || ENV['FLUENT_OCI_DEFAULT_LOGGROUP_ID']}" + oci_la_log_path "${record['tailed_path']}" + oci_la_log_source_name "OKE Proxymux Client Logs" + {{- if eq $runtime "docker" }} + message "${record['log']}" + {{- end }} + tag ${tag} + + + + # Config for Cluster Autoscalar Logs Collection + # Source config section to collect Cluster Autoscalar logs from /var/log/containers/cluster-autoscaler-*.log using Fluentd tail plugin. + + @type tail + @id in_tail_cluster_autoscaler + path_key tailed_path + path /var/log/containers/cluster-autoscaler-*.log + pos_file /var/log/oci_la_fluentd_outplugin/pos/cluster-autoscaler.logs.pos + tag oci.oke.cluster-autoscaler.* + read_from_head "#{ENV['FLUENT_OCI_READ_FROM_HEAD'] || true}" + + {{- if eq $runtime "docker" }} + @type json + {{- else}} + @type cri + {{- end }} + + + + # Record transformer filter to apply Logging Analytics configuration to each record. + + @type record_transformer + enable_ruby true + + oci_la_metadata ${{"{{"}}"Kubernetes Cluster Name": "#{ENV['FLUENT_OCI_KUBERNETES_CLUSTER_NAME'] || 'UNDEFINED'}", "Kubernetes Cluster ID": "#{ENV['FLUENT_OCI_KUBERNETES_CLUSTER_ID'] || 'UNDEFINED'}"{{"}}"}} + oci_la_log_group_id "#{ENV['FLUENT_OCI_KUBERNETES_LOGGROUP_ID'] || ENV['FLUENT_OCI_DEFAULT_LOGGROUP_ID']}" + oci_la_log_path "${record['tailed_path']}" + oci_la_log_source_name "Kubernetes Autoscaler Logs" + {{- if eq $runtime "docker" }} + message "${record['log']}" + {{- end }} + tag ${tag} + + + + # Concat filter to handle multi-line log records. + + @type concat + key message + stream_identity_key stream + multiline_start_regexp /^\S\d{2}\d{2}\s+[^\:]+:[^\:]+:[^\.]+\.\d{0,3}/ + + + # Config for Cronlog Logs Collection + # Source config section to collect Cronlog logs from /var/log/cron* using Fluentd tail plugin. + + @type tail + @id in_tail_cronlog + path_key tailed_path + path /var/log/cron* + pos_file /var/log/oci_la_fluentd_outplugin/pos/cronlog.logs.pos + tag oci.oke.syslog.cronlog.* + read_from_head "#{ENV['FLUENT_OCI_READ_FROM_HEAD'] || true}" + + @type multiline + format_firstline /^(?:(?:\d+\s+)?<([^>]*)>(?:\d+\s+)?)?\S+\s+\d{1,2}\s+\d{1,2}:\d{1,2}:\d{1,2}\s+/ + format1 /^(?.*)/ + + + + # Record transformer filter to apply Logging Analytics configuration to each record. + + @type record_transformer + enable_ruby true + + oci_la_metadata ${{"{{"}}"Kubernetes Cluster Name": "#{ENV['FLUENT_OCI_KUBERNETES_CLUSTER_NAME'] || 'UNDEFINED'}", "Kubernetes Cluster ID": "#{ENV['FLUENT_OCI_KUBERNETES_CLUSTER_ID'] || 'UNDEFINED'}", "Node":"#{ENV['K8S_NODE_NAME'] || 'UNDEFINED'}"{{"}}"}} + oci_la_log_group_id "#{ENV['FLUENT_OCI_SYSTEM_LOG_LOGGROUP_ID'] || ENV['FLUENT_OCI_DEFAULT_LOGGROUP_ID']}" + oci_la_log_path "${record['tailed_path']}" + oci_la_log_source_name "Linux Cron Logs" + tag ${tag} + + + + # Config for Securelog Logs Collection + # Source config section to collect Securelog logs from /var/log/secure* using Fluentd tail plugin. + + @type tail + @id in_tail_securelog + path_key tailed_path + path /var/log/secure* + pos_file /var/log/oci_la_fluentd_outplugin/pos/securelog.logs.pos + tag oci.oke.syslog.securelog.* + read_from_head "#{ENV['FLUENT_OCI_READ_FROM_HEAD'] || true}" + + @type multiline + format_firstline /^(?:(?:\d+\s+)?<([^>]*)>(?:\d+\s+)?)?\S+\s+\d{1,2}\s+\d{1,2}:\d{1,2}:\d{1,2}\s+/ + format1 /^(?.*)/ + + + + # Record transformer filter to apply Logging Analytics configuration to each record. + + @type record_transformer + enable_ruby true + + oci_la_metadata ${{"{{"}}"Kubernetes Cluster Name": "#{ENV['FLUENT_OCI_KUBERNETES_CLUSTER_NAME'] || 'UNDEFINED'}", "Kubernetes Cluster ID": "#{ENV['FLUENT_OCI_KUBERNETES_CLUSTER_ID'] || 'UNDEFINED'}", "Node":"#{ENV['K8S_NODE_NAME'] || 'UNDEFINED'}"{{"}}"}} + oci_la_log_group_id "#{ENV['FLUENT_OCI_SYSTEM_LOG_LOGGROUP_ID'] || ENV['FLUENT_OCI_DEFAULT_LOGGROUP_ID']}" + oci_la_log_path "${record['tailed_path']}" + oci_la_log_source_name "Linux Secure Logs" + tag ${tag} + + + + # Config for Syslog Logs Collection + # Source config section to collect Syslog logs from /var/log/messages* using Fluentd tail plugin. + + @type tail + @id in_tail_syslog + path_key tailed_path + path /var/log/messages* + pos_file /var/log/oci_la_fluentd_outplugin/pos/syslog.logs.pos + tag oci.oke.syslog.messages.** + read_from_head "#{ENV['FLUENT_OCI_READ_FROM_HEAD'] || true}" + + @type multiline + format_firstline /^(?:(?:\d+\s+)?<([^>]*)>(?:\d+\s+)?)?\S+\s+\d{1,2}\s+\d{1,2}:\d{1,2}:\d{1,2}\s+/ + format1 /^(?.*)/ + + + + # Match block to filter kubelet logs from syslogs + + @type rewrite_tag_filter + + key message + pattern /kubelet:/ + tag oci.oke.syslog.kubelet.* + + + key message + pattern /^((?!kubelet:).)*$/ + tag oci.oke.syslog.syslog.* + + + + # Record transformer filter to apply Logging Analytics configuration to each record. + + @type record_transformer + enable_ruby true + + oci_la_metadata ${{"{{"}}"Kubernetes Cluster Name": "#{ENV['FLUENT_OCI_KUBERNETES_CLUSTER_NAME'] || 'UNDEFINED'}", "Kubernetes Cluster ID": "#{ENV['FLUENT_OCI_KUBERNETES_CLUSTER_ID'] || 'UNDEFINED'}", "Node":"#{ENV['K8S_NODE_NAME'] || 'UNDEFINED'}"{{"}}"}} + oci_la_log_group_id "#{ENV['FLUENT_OCI_KUBERNETES_LOGGROUP_ID'] || ENV['FLUENT_OCI_DEFAULT_LOGGROUP_ID']}" + oci_la_log_path "${record['tailed_path']}" + oci_la_log_source_name "Kubernetes Kubelet Logs" + tag ${tag} + + + + # Record transformer filter to apply Logging Analytics configuration to each record. + + @type record_transformer + enable_ruby true + + oci_la_metadata ${{"{{"}}"Kubernetes Cluster Name": "#{ENV['FLUENT_OCI_KUBERNETES_CLUSTER_NAME'] || 'UNDEFINED'}", "Kubernetes Cluster ID": "#{ENV['FLUENT_OCI_KUBERNETES_CLUSTER_ID'] || 'UNDEFINED'}", "Node":"#{ENV['K8S_NODE_NAME'] || 'UNDEFINED'}"{{"}}"}} + oci_la_log_group_id "#{ENV['FLUENT_OCI_SYSTEM_LOG_LOGGROUP_ID'] || ENV['FLUENT_OCI_DEFAULT_LOGGROUP_ID']}" + oci_la_log_path "${record['tailed_path']}" + oci_la_log_source_name "Linux Syslog Logs" + tag ${tag} + + + + # Config for Mail Delivery Logs Collection + # Source config section to collect Mail Delivery Logs from /var/log/maillog* using Fluentd tail plugin. + + @type tail + @id in_tail_maillog + path_key tailed_path + path /var/log/maillog* + pos_file /var/log/oci_la_fluentd_outplugin/pos/maillog.logs.pos + tag oci.oke.syslog.maillog.* + read_from_head "#{ENV['FLUENT_OCI_READ_FROM_HEAD'] || true}" + + @type multiline + format_firstline /^(?:(?:\d+\s+)?<([^>]*)>(?:\d+\s+)?)?\S+\s+\d{1,2}\s+\d{1,2}:\d{1,2}:\d{1,2}\s+/ + format1 /^(?.*)/ + + + + # Record transformer filter to apply Logging Analytics configuration to each record. + + @type record_transformer + enable_ruby true + + oci_la_metadata ${{"{{"}}"Kubernetes Cluster Name": "#{ENV['FLUENT_OCI_KUBERNETES_CLUSTER_NAME'] || 'UNDEFINED'}", "Kubernetes Cluster ID": "#{ENV['FLUENT_OCI_KUBERNETES_CLUSTER_ID'] || 'UNDEFINED'}", "Node":"#{ENV['K8S_NODE_NAME'] || 'UNDEFINED'}"{{"}}"}} + oci_la_log_group_id "#{ENV['FLUENT_OCI_SYSLOG_LOGGROUP_ID'] || ENV['FLUENT_OCI_DEFAULT_LOGGROUP_ID']}" + oci_la_log_path "${record['tailed_path']}" + oci_la_log_source_name "Linux Mail Delivery Logs" + tag ${tag} + + + + # Config for Linux Audit Logs Collection + # Source config section to collect Linux Audit Logs from /var/log/audit/audit* using Fluentd tail plugin. + + @type tail + @id in_tail_linuxauditlog + path_key tailed_path + path /var/log/audit/audit* + pos_file /var/log/oci_la_fluentd_outplugin/pos/linuxauditlog.logs.pos + tag oci.oke.syslog.linuxauditlog.* + read_from_head "#{ENV['FLUENT_OCI_READ_FROM_HEAD'] || true}" + + @type none + + + + # Record transformer filter to apply Logging Analytics configuration to each record. + + @type record_transformer + enable_ruby true + + oci_la_metadata ${{"{{"}}"Kubernetes Cluster Name": "#{ENV['FLUENT_OCI_KUBERNETES_CLUSTER_NAME'] || 'UNDEFINED'}", "Kubernetes Cluster ID": "#{ENV['FLUENT_OCI_KUBERNETES_CLUSTER_ID'] || 'UNDEFINED'}", "Node":"#{ENV['K8S_NODE_NAME'] || 'UNDEFINED'}"{{"}}"}} + oci_la_log_group_id "#{ENV['FLUENT_OCI_SYSLOG_LOGGROUP_ID'] || ENV['FLUENT_OCI_DEFAULT_LOGGROUP_ID']}" + oci_la_log_path "${record['tailed_path']}" + oci_la_log_source_name "Linux Audit Logs" + tag ${tag} + + + + # Config for Ksplice Logs Collection + # Source config section to collect Ksplice Logs from /var/log/uptrack* using Fluentd tail plugin. + + @type tail + @id in_tail_uptracklog + path_key tailed_path + path /var/log/uptrack* + pos_file /var/log/oci_la_fluentd_outplugin/pos/uptracklog.logs.pos + tag oci.oke.syslog.uptracklog.* + read_from_head "#{ENV['FLUENT_OCI_READ_FROM_HEAD'] || true}" + + @type multiline + format_firstline /^\d{4}-\d{2}-\d{2}\s+\d{2}:\d{2}:\d{2}/ + format1 /^(?.*)/ + + + + # Record transformer filter to apply Logging Analytics configuration to each record. + + @type record_transformer + enable_ruby true + + oci_la_metadata ${{"{{"}}"Kubernetes Cluster Name": "#{ENV['FLUENT_OCI_KUBERNETES_CLUSTER_NAME'] || 'UNDEFINED'}", "Kubernetes Cluster ID": "#{ENV['FLUENT_OCI_KUBERNETES_CLUSTER_ID'] || 'UNDEFINED'}", "Node":"#{ENV['K8S_NODE_NAME'] || 'UNDEFINED'}"{{"}}"}} + oci_la_log_group_id "#{ENV['FLUENT_OCI_SYSLOG_LOGGROUP_ID'] || ENV['FLUENT_OCI_DEFAULT_LOGGROUP_ID']}" + oci_la_log_path "${record['tailed_path']}" + oci_la_log_source_name "Ksplice Logs" + tag ${tag} + + + + # Config for YUM Logs Collection + # Source config section to collect YUM Logs from /var/log/yum.log* using Fluentd tail plugin. + + @type tail + @id in_tail_yumlog + path_key tailed_path + path /var/log/yum.log* + pos_file /var/log/oci_la_fluentd_outplugin/pos/yum.logs.pos + tag oci.oke.syslog.yumlog.* + read_from_head "#{ENV['FLUENT_OCI_READ_FROM_HEAD'] || true}" + + @type none + + + + # Record transformer filter to apply Logging Analytics configuration to each record. + + @type record_transformer + enable_ruby true + + oci_la_metadata ${{"{{"}}"Kubernetes Cluster Name": "#{ENV['FLUENT_OCI_KUBERNETES_CLUSTER_NAME'] || 'UNDEFINED'}", "Kubernetes Cluster ID": "#{ENV['FLUENT_OCI_KUBERNETES_CLUSTER_ID'] || 'UNDEFINED'}", "Node":"#{ENV['K8S_NODE_NAME'] || 'UNDEFINED'}"{{"}}"}} + oci_la_log_group_id "#{ENV['FLUENT_OCI_SYSLOG_LOGGROUP_ID'] || ENV['FLUENT_OCI_DEFAULT_LOGGROUP_ID']}" + oci_la_log_path "${record['tailed_path']}" + oci_la_log_source_name "Linux YUM Logs" + tag ${tag} + + + + # Config for Container Logs Collection (except for the ones which are specifically configured above) + # Source config section to collect Container logs from /var/log/containers/*.log using Fluentd tail plugin. + + @type tail + @id in_tail_containerlogs + path_key tailed_path + path /var/log/containers/*.log + pos_file /var/log/oci_la_fluentd_outplugin/pos/containerlogs.logs.pos + tag oci.oke.containerlogs.* + read_from_head "#{ENV['FLUENT_OCI_READ_FROM_HEAD'] || true}" + # Modify the exclude path once a specific container log config is explictly defined to avoid duplicate collection. + exclude_path ["/var/log/containers/kube-proxy-*.log", "/var/log/containers/kube-flannel-*.log", "/var/log/containers/kube-dns-autoscaler-*.log", "/var/log/containers/coredns-*.log", "/var/log/containers/csi-oci-node-*.log", "/var/log/containers/proxymux-client-*.log", "/var/log/containers/cluster-autoscaler-*.log"] + + {{- if eq $runtime "docker" }} + @type json + {{- else}} + @type cri + {{- end }} + + + + # Record transformer filter to apply Logging Analytics configuration to each record. + + @type record_transformer + enable_ruby true + + oci_la_metadata ${{"{{"}}"Kubernetes Cluster Name": "#{ENV['FLUENT_OCI_KUBERNETES_CLUSTER_NAME'] || 'UNDEFINED'}", "Kubernetes Cluster ID": "#{ENV['FLUENT_OCI_KUBERNETES_CLUSTER_ID'] || 'UNDEFINED'}"{{"}}"}} + oci_la_log_group_id "#{ENV['FLUENT_OCI_KUBERNETES_LOGGROUP_ID'] || ENV['FLUENT_OCI_DEFAULT_LOGGROUP_ID']}" + oci_la_log_path "${record['tailed_path']}" + oci_la_log_source_name "Kubernetes Container Generic Logs" + {{- if eq $runtime "docker" }} + message "${record['log']}" + {{- end }} + tag ${tag} + + + + configMapObjectsFiles: + # fluentd config file data. + fluent.conf: | + @include kubernetes.conf + {{- $authtype := .Values.authtype | lower }} + # Match block to set info required for oci-logging-analytics fluentd output plugin + + @type oci-logging-analytics + enable_ruby true + namespace "#{ENV['FLUENT_OCI_NAMESPACE']}" + endpoint "#{ENV['FLUENT_OCI_ENDPOINT']}" + {{- if eq $authtype "config" }} + config_file_location "#{ENV['FLUENT_OCI_CONFIG_LOCATION'] || '/var/opt/.oci/config'}" + profile_name "#{ENV['FLUENT_OCI_PROFILE'] || 'DEFAULT'}" + {{- end }} + plugin_log_location "#{ENV['FLUENT_OCI_LOG_LOCATION'] || '/var/log/'}" + plugin_log_level "#{ENV['FLUENT_OCI_LOG_LEVEL'] || 'info'}" + plugin_log_file_size "#{ENV['FLUENT_OCI_LOG_FILE_SIZE'] || '10MB'}" + plugin_log_file_count "#{ENV['FLUENT_OCI_LOG_FILE_COUNT'] || 10}" + + @type file + path "#{ENV['FLUENT_OCI_BUFFER_PATH'] || '/var/log/oci_la_fluentd_outplugin/objects/buffer/'}" + flush_thread_count "#{ENV['FLUENT_OCI_FLUSH_THREAD_COUNT'] || 1}" + chunk_limit_size "#{ENV['FLUENT_OCI_CHUNK_LIMIT_SIZE'] || '2m'}" # 2MB + total_limit_size "#{ENV['FLUENT_OCI_TOTAL_LIMIT_SIZE'] || 5368709120}" # 5GB + flush_interval "#{ENV['FLUENT_OCI_FLUSH_INTERVAL'] || 30}" # seconds + flush_thread_interval "#{ENV['FLUENT_OCI_FLUSH_THREAD_INTERVAL'] || 0.5}" + flush_thread_burst_interval "#{ENV['FLUENT_OCI_FLUSH_THREAD_BURST_INTERVAL'] || 0.05}" + retry_wait "#{ENV['FLUENT_OCI_RETRY_WAIT'] || 2}" # seconds + retry_max_times "#{ENV['FLUENT_OCI_RETRY_MAX_TIMES'] || 17}" + retry_exponential_backoff_base "#{ENV['FLUENT_OCI_RETRY_EXPONENTIAL_BACKOFF_BASE'] || 2}" + retry_forever "#{ENV['FLUENT_OCI_RETRY_FOREVER'] || true}" + disable_chunk_backup true + + + # kubernetes config file data which is included in main fluentd config file. + kubernetes.conf: | + {{- $freq := .Values.objectsPollingFrequency }} + # To ignore all the fluentd core generated events + + + @type kubernetes_objects + tag k8s.* + + + resource_name nodes + interval {{ .Values.objectsPollingFrequency }} + + + resource_name pods + interval {{ .Values.objectsPollingFrequency }} + + + resource_name namespaces + interval {{ .Values.objectsPollingFrequency }} + + + + resource_name events + + + + + + @type kubernetes_objects + tag k8s.* + api_version apps/v1 + + + resource_name daemon_sets + interval {{ .Values.objectsPollingFrequency }} + + + resource_name replica_sets + interval {{ .Values.objectsPollingFrequency }} + + + resource_name deployments + interval {{ .Values.objectsPollingFrequency }} + + + + + @type record_transformer + enable_ruby true + + oci_la_metadata ${{"{{"}}"Kubernetes Cluster Name": "#{ENV['FLUENT_OCI_KUBERNETES_CLUSTER_NAME'] || 'UNDEFINED'}", "Kubernetes Cluster ID": "#{ENV['FLUENT_OCI_KUBERNETES_CLUSTER_ID'] || 'UNDEFINED'}"{{"}}"}} + oci_la_log_group_id "#{ENV['FLUENT_OCI_KUBERNETES_OBJECTS_LOGGROUP_ID'] || ENV['FLUENT_OCI_DEFAULT_LOGGROUP_ID']}" + oci_la_log_path ${tag} + oci_la_log_source_name "Kubernetes Object Logs" + message ${record} + tag ${tag} + + diff --git a/logan/kubernetes-resources/logs-collection/configmap-cri.yaml b/logan/kubernetes-resources/logs-collection/configmap-cri.yaml index ec6d3bad..136e319e 100644 --- a/logan/kubernetes-resources/logs-collection/configmap-cri.yaml +++ b/logan/kubernetes-resources/logs-collection/configmap-cri.yaml @@ -555,7 +555,6 @@ data: oci_la_log_group_id "#{ENV['FLUENT_OCI_KUBERNETES_LOGGROUP_ID'] || ENV['FLUENT_OCI_DEFAULT_LOGGROUP_ID']}" oci_la_log_path "${record['tailed_path']}" oci_la_log_source_name "Kubernetes Container Generic Logs" - message "${record['log']}" tag ${tag}