Download
Link
collectorforopenshift-syslog.yaml
CURL
1curl -O https://www.outcoldsolutions.com/docs/syslog-kubernetes/collectorforopenshift-syslog.yamlWGET
1wget https://www.outcoldsolutions.com/docs/syslog-kubernetes/collectorforopenshift-syslog.yamlcollectorforopenshift-syslog.yaml
1apiVersion: v1
2kind: Project
3metadata:
4 labels:
5 app: collectorforopenshift-syslog
6 name: collectorforopenshift-syslog
7 annotations:
8 openshift.io/node-selector: ''
9 openshift.io/description: 'Forwarding logs to Syslog, built by Outcold Solutions'
10 openshift.io/display-name: 'Collectord for OpenShift (Syslog)'
11---
12apiVersion: apiextensions.k8s.io/v1beta1
13kind: CustomResourceDefinition
14metadata:
15 name: configurations.collectord.io
16spec:
17 group: collectord.io
18 versions:
19 - name: v1
20 served: true
21 storage: true
22 scope: Cluster
23 names:
24 plural: configurations
25 singular: configuration
26 kind: Configuration
27---
28apiVersion: scheduling.k8s.io/v1beta1
29kind: PriorityClass
30metadata:
31 name: collectorforopenshift-syslog-critical
32value: 1000000000
33---
34apiVersion: v1
35kind: ServiceAccount
36metadata:
37 labels:
38 app: collectorforopenshift-syslog
39 name: collectorforopenshift-syslog
40 namespace: collectorforopenshift-syslog
41---
42apiVersion: v1
43kind: ClusterRole
44metadata:
45 labels:
46 app: collectorforopenshift-syslog
47 name: collectorforopenshift-syslog
48rules:
49- apiGroups:
50 - '*'
51 resources:
52 - '*'
53 verbs:
54 - get
55 - list
56 - watch
57---
58apiVersion: v1
59kind: ClusterRoleBinding
60metadata:
61 labels:
62 app: collectorforopenshift-syslog
63 name: collectorforopenshift-syslog
64 namespace: collectorforopenshift-syslog
65roleRef:
66 kind: ClusterRole
67 name: collectorforopenshift-syslog
68subjects:
69 - kind: ServiceAccount
70 name: collectorforopenshift-syslog
71 namespace: collectorforopenshift-syslog
72---
73apiVersion: v1
74kind: ConfigMap
75metadata:
76 name: collectorforopenshift-syslog
77 namespace: collectorforopenshift-syslog
78 labels:
79 app: collectorforopenshift-syslog
80data:
81 001-general.conf: |
82 # The general configuration is used for all deployments
83 #
84 # Run collectord with the flag `-conf` and specify location of the configuration files.
85 #
86 # You can override all the values using environment variables with the format like
87 # COLLECTOR__<ANYNAME>=<section>__<key>=<value>
88 # As an example you can set `dataPath` in the `[general]` section as
89 # COLLECTOR__DATAPATH=general__dataPath=C:\\some\\path\\data.db
90 # This parameter can be configured using -env-override, set it to empty string to disable this feature
91
92 [general]
93
94 # Review License https://www.outcoldsolutions.com/docs/license-agreement/
95 # and accept License by changing the value to *true*
96 acceptLicense = false
97
98 # Location for the database
99 # Collectord stores positions of the files and internal state
100 dataPath = ./data/
101
102 # log level (accepted values are trace, debug, info, warn, error, fatal)
103 logLevel = info
104
105 # http server gives access to two endpoints
106 # /healthz
107 # /metrics
108 httpServerBinding =
109
110 # telemetry report endpoint, set it to empty string to disable telemetry
111 telemetryEndpoint = https://license.outcold.solutions/telemetry/
112
113 # license check endpoint
114 licenseEndpoint = https://license.outcold.solutions/license/
115
116 # license server through proxy
117 licenseServerProxyUrl =
118
119 # authentication with basic authorization (user:password)
120 licenseServerProxyBasicAuth =
121
122 # license key
123 license =
124
125 # Environment variable $KUBERNETES_NODENAME is used by default to setup hostname
126 # Use value below to override specific name
127 hostname =
128
129 # Default output for events, logs and metrics
130 # valid values: syslog and devnull
131 # Use devnull by default if you don't want to redirect data
132 defaultOutput = syslog
133
134 # Default buffer size for file input
135 fileInputBufferSize = 256b
136
137 # Maximum size of one line the file reader can read
138 fileInputLineMaxSize = 1mb
139
140 # Include custom fields to attach to every event, in example below every event sent to Syslog will have
141 # indexed field my_environment=dev. Fields names should match to ^[a-z][_a-z0-9]*$
142 # Better way to configure that is to specify labels for OpenShift Nodes.
143 # ; fields.my_environment = dev
144 # Identify the cluster if you are planning to monitor multiple clusters
145 fields.cluster = -
146
147 # Include EC2 Metadata (see list of possible fields https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html)
148 # Should be in format ec2Metadata.{desired_field_name} = {url path to read the value}
149 # ec2Metadata.ec2_instance_id = /latest/meta-data/instance-id
150 # ec2Metadata.ec2_instance_type = /latest/meta-data/instance-type
151
152 # subdomain for the annotations added to the pods, workloads, namespaces or containers, like syslog.collectord.io/..
153 annotationsSubdomain = syslog
154
155 # Configure acknowledgement database.
156 # - force fsync on every write to Write-Ahead-Log
157 db.fsync = false
158 # - maximum size of the Write-Ahead-Log
159 db.compactAt = 1M
160
161 # configure global thruput per second for forwarded logs (metrics are not included)
162 # for example if you set `thruputPerSecond = 512Kb`, that will limit amount of logs forwarded
163 # from the single Collectord instance to 512Kb per second.
164 # You can configure thruput individually for the logs (including specific for container logs) below
165 thruputPerSecond =
166
167 # Configure events that are too old to be forwarded, for example 168h (7 days) - that will drop all events
168 # older than 7 days
169 tooOldEvents =
170
171 # Configure events that are too new to be forwarded, for example 1h - that will drop all events that are 1h in future
172 tooNewEvents =
173
174 # Multi-output async publishing. When enabled (default), events routed to
175 # non-default outputs are published asynchronously so that a slow or down
176 # output does not block events destined for other outputs.
177 ; multioutput.async = true
178 # Buffer size for the async proxy (default 100). Absorbs transient bursts.
179 # When this buffer and the output's own queue are both full, events are
180 # dropped immediately without blocking the pipeline.
181 ; multioutput.asyncBufferSize = 100
182
183 # connection to kubernetes api
184 [general.kubernetes]
185
186 # Environment variable $KUBERNETES_NODENAME is used by default to setup nodeName
187 # Use it only when you need to override it
188 nodeName =
189
190 # Configuration to access the API server,
191 # see https://kubernetes.io/docs/tasks/access-application-cluster/access-cluster/#accessing-the-api-from-a-pod
192 # for details
193 tokenPath = /var/run/secrets/kubernetes.io/serviceaccount/token
194 certPath = /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
195
196 # Default timeout for http responses. The streaming/watch requests depend on this timeout.
197 timeout = 30m
198
199 # (obsolete) In case if pod metadata was not retrievied. how often collectord should retry to reload the pod metadata
200 # metadataFetchRetry = 5s
201
202 # (obsolete) In case if event is recent, how long pipeline should wait for the metadata to be available in Kubernetes API
203 # metadataFetchWait = 30s
204
205 # How long to keep the cache for the recent calls to API server (to limit number of calls when collectord discovers new pods)
206 metadataTTL = 30s
207
208 # regex to find pods
209 podsCgroupFilter = ^/([^/\s]+/)*kubepods(\.slice)?/((kubepods-)?(burstable|besteffort)(\.slice)?/)?([^/]*)pod([0-9a-f]{32}|[0-9a-f\-_]{36})(\.slice)?$
210
211 # regex to find containers in the pods
212 containersCgroupFilter = ^/([^/\s]+/)*kubepods(\.slice)?/((kubepods-)?(burstable|besteffort)(\.slice)?/)?([^/]*)pod([0-9a-f]{32}|[0-9a-f\-_]{36})(\.slice)?/(docker-|crio-)?[0-9a-f]{64}(\.scope)?(\/.+)?$
213
214 # path to the kubelet root location (use it to discover application logs for emptyDir)
215 # the expected format is `pods/{pod-id}/volumes/kubernetes.io~empty-dir/{volume-name}/_data/`
216 volumesRootDir = /rootfs/var/lib/kubelet/
217 # You can attach annotations as a metadata, using the format
218 # includeAnnotations.{key} = {regexp}
219 # For example if you want to include all annotations that starts with `prometheus.io` or `example.com` you can include
220 # the following format:
221 # includeAnnotations.1 = ^prometheus\.io.*
222 # includeAnnotations.2 = ^example\.com.*
223
224 # watch for changes (annotations) in the objects
225 watch.namespaces = v1/namespace
226 watch.deploymentconfigs = apis/v1/apps.openshift.io/deploymentconfig
227 watch.configurations = apis/v1/collectord.io/configuration
228
229 # Syslog output
230 [output.syslog]
231
232 # tcp or udp
233 network = tcp
234 # syslog destination
235 address =
236
237 002-daemonset.conf: |
238 # DaemonSet configuration is used for Nodes and Masters.
239
240 # Connection to the docker host
241 [general.docker]
242
243 # url for docker API, only unix socket is supported
244 url = unix:///rootfs/var/run/docker.sock
245
246 # path to docker root folder (can fallback to use folder structure to read docker metadata)
247 dockerRootFolder = /rootfs/var/lib/docker/
248
249 # (obsolete) In case if pod metadata was not retrievied. how often collectord should retry to reload the pod metadata
250 # metadataFetchRetry = 5s
251
252 # (obsolete) In case if event is recent, how long pipeline should wait for the metadata to be available in Kubernetes API
253 # metadataFetchWait = 30s
254
255 # (obsolete) In case if collectord does not see new events for specific container and with the last metadata refresh
256 # We have not found this container - fow how long we should keep this metadata in cache.
257 # metadataTTL = 5s
258
259 # Timeout for http responses to docker client. The streaming requests depend on this timeout.
260 timeout = 1m
261
262 # in case of Kubernetes/OpenShift if you schedule some containers with Docker, but not with the Kubernetes
263 # that allows us to find them (by default finding all containers with name not starting with k8s_)
264 containersNameFilter = ^(([^k])|(k[^8])|(k8[^s])|(k8s[^_])).*$
265
266 # regex to find docker container cgroups (helps excluding other cgroups with matched ID)
267 containersCgroupFilter = ^(/([^/\s]+/)*(docker-|docker/)[0-9a-f]{64}(\.scope)?)$
268
269
270 // connection to CRIO
271 [general.cri-o]
272
273 # url for CRIO API, only unix socket is supported
274 url = unix:///rootfs/var/run/crio/crio.sock
275
276 # Timeout for http responses to docker client. The streaming requests depend on this timeout.
277 timeout = 1m
278
279
280 # Container Log files
281 [input.files]
282
283 # disable container logs monitoring
284 disabled = false
285
286 # root location of docker log files
287 # logs are expected in standard docker format like {containerID}/{containerID}-json.log
288 # rotated files
289 path = /rootfs/var/lib/docker/containers/
290 # root location of CRI-O files
291 # logs are expected in Kubernetes format, like {podID}/{containerName}/0.log
292 crioPath = /rootfs/var/log/pods/
293
294 # (obsolete) glob matching pattern for log files
295 # glob = */*-json.log*
296
297 # files are read using polling schema, when reach the EOF how often to check if files got updated
298 pollingInterval = 250ms
299
300 # how often to look for the new files under logs path
301 walkingInterval = 5s
302
303 # include verbose fields in events (file offset)
304 verboseFields = false
305
306 # docker splits events when they are larger than 10-100k (depends on the docker version)
307 # we join them together by default and forward to syslog as one event
308 joinPartialEvents = true
309
310 # In case if your containers report messages with terminal colors or other escape sequences
311 # you can enable strip for all the containers in one place.
312 # Better is to enable it only for required container with the label collectord.io/strip-terminal-escape-sequences=true
313 stripTerminalEscapeSequences = false
314 # Regexp used for stripping terminal colors, it does not stip all the escape sequences
315 # Read https://man7.org/linux/man-pages/man4/console_codes.4.html for more information
316 stripTerminalEscapeSequencesRegex = (\x1b\[\d{1,3}(;\d{1,3})*m)|(\x07)|(\x1b]\d+(\s\d)?;[^\x07]+\x07)|(.*\x1b\[K)
317
318 # set output (syslog or devnull, default is [general]defaultOutput)
319 output =
320
321 # configure default thruput per second for for each container log
322 # for example if you set `thruputPerSecond = 128Kb`, that will limit amount of logs forwarded
323 # from the single container to 128Kb per second.
324 thruputPerSecond =
325
326 # Configure events that are too old to be forwarded, for example 168h (7 days) - that will drop all events
327 # older than 7 days
328 tooOldEvents =
329
330 # Configure events that are too new to be forwarded, for example 1h - that will drop all events that are 1h in future
331 tooNewEvents =
332
333 # Syslog format
334 type = k8s_logs
335 syslog.format = {type}|{timestamp::format(2006-01-02T15:04:05.999999999Z07:00)}|{cluster}|{host}|{namespace}|{pod_id}|{pod_name}|{container_name}|{stream}|{message}
336
337
338 # Application Logs
339 [input.app_logs]
340
341 # disable container application logs monitoring
342 disabled = false
343
344 # root location of mounts (applies to hostPath mounts only), if the hostPath differs inside container from the path on host
345 root = /rootfs/
346
347 # how often to review list of available volumes
348 syncInterval = 5s
349
350 # glob matching pattern for log files
351 glob = *.log*
352
353 # files are read using polling schema, when reach the EOF how often to check if files got updated
354 pollingInterval = 250ms
355
356 # how often to look for the new files under logs path
357 walkingInterval = 5s
358
359 # include verbose fields in events (file offset)
360 verboseFields = false
361
362 # we split files using new line character, with this configuration you can specify what defines the new event
363 # after new line
364 eventPatternRegex = ^[^\s]
365 # Maximum interval of messages in pipeline
366 eventPatternMaxInterval = 100ms
367 # Maximum time to wait for the messages in pipeline
368 eventPatternMaxWait = 1s
369 # Maximum message size
370 eventPatternMaxSize = 1MB
371
372 # set output (syslog or devnull, default is [general]defaultOutput)
373 output =
374
375 # configure default thruput per second for for each container log
376 # for example if you set `thruputPerSecond = 128Kb`, that will limit amount of logs forwarded
377 # from the single container to 128Kb per second.
378 thruputPerSecond =
379
380 # Configure events that are too old to be forwarded, for example 168h (7 days) - that will drop all events
381 # older than 7 days
382 tooOldEvents =
383
384 # Configure events that are too new to be forwarded, for example 1h - that will drop all events that are 1h in future
385 tooNewEvents =
386
387 # Syslog format
388 type = k8s_logs
389 syslog.format = {type}|{timestamp::format(2006-01-02T15:04:05.999999999Z07:00)}|{cluster}|{host}|{namespace}|{pod_id}|{pod_name}|{container_name}|{file_name}|{message}
390
391
392 [input.journald]
393
394 # disable host level logs
395 disabled = false
396
397 # root location of log files
398 path.persistent = /rootfs/var/log/journal/
399 path.volatile = /rootfs/run/log/journal/
400
401 # when reach end of journald, how often to pull
402 pollingInterval = 250ms
403
404 # sample output (-1 does not sample, 20 - only 20% of the logs should be forwarded)
405 samplingPercent = -1
406
407 # sampling key (should be regexp with the named match pattern `key`)
408 samplingKey =
409
410 # how often to reopen the journald to free old files
411 reopenInterval = 1h
412
413 # set output (syslog or devnull, default is [general]defaultOutput)
414 output =
415
416 # configure default thruput per second for this files group
417 # for example if you set `thruputPerSecond = 128Kb`, that will limit amount of logs forwarded
418 # from the files in this group to 128Kb per second.
419 thruputPerSecond =
420
421 # Configure events that are too old to be forwarded, for example 168h (7 days) - that will drop all events
422 # older than 7 days
423 tooOldEvents =
424
425 # Configure events that are too new to be forwarded, for example 1h - that will drop all events that are 1h in future
426 tooNewEvents =
427
428 # syslog format
429 type = k8s_host_logs
430 syslog.format = {type}|{timestamp::format(2006-01-02T15:04:05.999999999Z07:00)}|{cluster}|{host}|journald|{message}
431
432
433 # Pipe to join events (container logs only)
434 [pipe.join]
435
436 # disable joining event
437 disabled = false
438
439 # Maximum interval of messages in pipeline
440 maxInterval = 100ms
441
442 # Maximum time to wait for the messages in pipeline
443 maxWait = 1s
444
445 # Maximum message size
446 maxSize = 1MB
447
448 # Default pattern to indicate new message (should start not from space)
449 patternRegex = ^[^\s]
450
451 003-daemonset-master.conf: |
452
453 # Audit logs
454 [input.files::audit-logs]
455
456 # disable host level logs
457 disabled = false
458
459 # root location of for audit logs
460 path = /rootfs/var/log/kube-apiserver/
461
462 # glob matching files
463 glob = audit*.log
464
465 # files are read using polling schema, when reach the EOF how often to check if files got updated
466 pollingInterval = 250ms
467
468 # how often o look for the new files under logs path
469 walkingInterval = 5s
470
471 # include verbose fields in events (file offset)
472 verboseFields = false
473
474 # field extraction
475 extraction =
476 # extractionMessageField =
477
478 # timestamp field
479 timestampField =
480
481 # format for timestamp
482 # the layout defines the format by showing how the reference time, defined to be `Mon Jan 2 15:04:05 -0700 MST 2006`
483 timestampFormat =
484
485 # timestamp location (if not defined by format)
486 timestampLocation =
487
488 # set output (syslog or devnull, default is [general]defaultOutput)
489 output =
490
491 # configure default thruput per second for this files group
492 # for example if you set `thruputPerSecond = 128Kb`, that will limit amount of logs forwarded
493 # from the files in this group to 128Kb per second.
494 thruputPerSecond =
495
496 # Configure events that are too old to be forwarded, for example 168h (7 days) - that will drop all events
497 # older than 7 days
498 tooOldEvents =
499
500 # Configure events that are too new to be forwarded, for example 1h - that will drop all events that are 1h in future
501 tooNewEvents =
502
503 type = k8s_audit_logs
504 syslog.format = {type}|{timestamp::format(2006-01-02T15:04:05.999999999Z07:00)}|{cluster}|{message}
505
506
507 004-addon.conf: |
508 [general]
509 # addons can be run in parallel with agents
510 addon = true
511
512
513 [input.kubernetes_events]
514
515 # disable collecting kubernetes events
516 disabled = false
517
518 # (obsolete, depends on kubernetes timeout)
519 # Set the timeout for how long request to watch events going to hang reading.
520 # eventsWatchTimeout = 30m
521
522 # (obsolete, depends on kubernetes timeout)
523 # Ignore events last seen later that this duration.
524 # eventsTTL = 12h
525
526 # set output (syslog or devnull, default is [general]defaultOutput)
527 output =
528
529 # syslog format
530 type = k8s_events
531 syslog.format = {type}|{timestamp::format(2006-01-02T15:04:05.999999999Z07:00)}|{cluster}|{message}
532
533---
534apiVersion: extensions/v1beta1
535kind: DaemonSet
536metadata:
537 name: collectorforopenshift-syslog
538 namespace: collectorforopenshift-syslog
539 labels:
540 app: collectorforopenshift-syslog
541spec:
542 # Default updateStrategy is OnDelete. For collectord RollingUpdate is suitable
543 # When you update configuration
544 updateStrategy:
545 type: RollingUpdate
546
547 selector:
548 matchLabels:
549 daemon: collectorforopenshift-syslog
550
551 template:
552 metadata:
553 name: collectorforopenshift-syslog
554 labels:
555 daemon: collectorforopenshift-syslog
556 spec:
557 priorityClassName: collectorforopenshift-syslog-critical
558 dnsPolicy: ClusterFirstWithHostNet
559 hostNetwork: true
560 serviceAccountName: collectorforopenshift-syslog
561 # We run this DaemonSet only for Non-Masters
562 affinity:
563 nodeAffinity:
564 requiredDuringSchedulingIgnoredDuringExecution:
565 nodeSelectorTerms:
566 - matchExpressions:
567 - key: node-role.kubernetes.io/master
568 operator: DoesNotExist
569 tolerations:
570 - operator: "Exists"
571 effect: "NoSchedule"
572 - operator: "Exists"
573 effect: "NoExecute"
574 containers:
575 - name: collectorforopenshift-syslog
576 # Stick to specific version
577 image: docker.io/outcoldsolutions/collectorforopenshift:26.04.1
578 securityContext:
579 privileged: true
580 runAsUser: 0
581 # Define your resources if you need. Defaults should be fine for most.
582 resources:
583 limits:
584 cpu: 2
585 memory: 512Mi
586 requests:
587 cpu: 200m
588 memory: 192Mi
589 env:
590 - name: KUBERNETES_NODENAME
591 valueFrom:
592 fieldRef:
593 fieldPath: spec.nodeName
594 - name: POD_NAME
595 valueFrom:
596 fieldRef:
597 fieldPath: metadata.name
598 volumeMounts:
599 # We store state in /data folder (file positions)
600 - name: collectorforopenshift-syslog-state
601 mountPath: /data
602 # Configuration file deployed with ConfigMap
603 - name: collectorforopenshift-syslog-config
604 mountPath: /config/
605 readOnly: true
606 # Cgroup filesystem to get metrics
607 - name: cgroup
608 mountPath: /rootfs/sys/fs/cgroup
609 readOnly: true
610 # Proc filesystem to get metrics
611 - name: proc
612 mountPath: /rootfs/proc
613 readOnly: true
614 # Location of docker root (for container logs and metadata)
615 - name: docker-root
616 mountPath: /rootfs/var/lib/docker/
617 readOnly: true
618 mountPropagation: HostToContainer
619 # Docker socket
620 - name: docker-unix-socket
621 mountPath: /rootfs/var/run/docker.sock
622 readOnly: true
623 # CRI-O socket (if using CRI-O runtime)
624 - name: crio-unix-socket
625 mountPath: /rootfs/var/run/crio/
626 readOnly: true
627 # Host logs location (including CRI-O logs)
628 - name: logs
629 mountPath: /rootfs/var/log/
630 readOnly: true
631 - name: run-logs
632 mountPath: /rootfs/run/log/
633 readOnly: true
634 # Application logs
635 - name: volumes-root
636 mountPath: /rootfs/var/lib/kubelet/
637 readOnly: true
638 mountPropagation: HostToContainer
639 # correct timezone
640 - name: localtime
641 mountPath: /etc/localtime
642 readOnly: true
643 volumes:
644 # We store state directly on host, change this location, if
645 # your persistent volume is somewhere else
646 - name: collectorforopenshift-syslog-state
647 hostPath:
648 path: /var/lib/collectorforopenshift-syslog/data/
649 # Location of docker root (for container logs and metadata)
650 - name: docker-root
651 hostPath:
652 path: /var/lib/docker/
653 # Location of cgroups file system
654 - name: cgroup
655 hostPath:
656 path: /sys/fs/cgroup
657 # Location of proc file system
658 - name: proc
659 hostPath:
660 path: /proc
661 # Host logs location (including CRI-O logs)
662 - name: logs
663 hostPath:
664 path: /var/log
665 - name: run-logs
666 hostPath:
667 path: /run/log
668 # Docker socket
669 - name: docker-unix-socket
670 hostPath:
671 path: /var/run/docker.sock
672 # CRI-O socket (if using CRI-O runtime)
673 - name: crio-unix-socket
674 hostPath:
675 path: /var/run/crio/
676 # Location for origin mounts, to autodiscover application logs
677 - name: volumes-root
678 hostPath:
679 path: /var/lib/kubelet/
680 # correct timezone
681 - name: localtime
682 hostPath:
683 path: /etc/localtime
684 # configuration from ConfigMap
685 - name: collectorforopenshift-syslog-config
686 configMap:
687 name: collectorforopenshift-syslog
688 items:
689 - key: 001-general.conf
690 path: 001-general.conf
691 - key: 002-daemonset.conf
692 path: 002-daemonset.conf
693---
694apiVersion: extensions/v1beta1
695kind: DaemonSet
696metadata:
697 name: collectorforopenshift-syslog-master
698 namespace: collectorforopenshift-syslog
699 labels:
700 app: collectorforopenshift-syslog
701spec:
702 updateStrategy:
703 type: RollingUpdate
704
705 selector:
706 matchLabels:
707 daemon: collectorforopenshift-syslog
708
709 template:
710 metadata:
711 name: collectorforopenshift-syslog-master
712 labels:
713 daemon: collectorforopenshift-syslog
714 spec:
715 priorityClassName: collectorforopenshift-syslog-critical
716 dnsPolicy: ClusterFirstWithHostNet
717 hostNetwork: true
718 serviceAccountName: collectorforopenshift-syslog
719 # Deploy only on master
720 affinity:
721 nodeAffinity:
722 requiredDuringSchedulingIgnoredDuringExecution:
723 nodeSelectorTerms:
724 - matchExpressions:
725 - key: node-role.kubernetes.io/master
726 operator: Exists
727 tolerations:
728 - operator: "Exists"
729 effect: "NoSchedule"
730 - operator: "Exists"
731 effect: "NoExecute"
732 containers:
733 - name: collectorforopenshift-syslog
734 image: docker.io/outcoldsolutions/collectorforopenshift:26.04.1
735 securityContext:
736 privileged: true
737 runAsUser: 0
738 resources:
739 limits:
740 cpu: 1
741 memory: 512Mi
742 requests:
743 cpu: 200m
744 memory: 192Mi
745 env:
746 - name: KUBERNETES_NODENAME
747 valueFrom:
748 fieldRef:
749 fieldPath: spec.nodeName
750 - name: POD_NAME
751 valueFrom:
752 fieldRef:
753 fieldPath: metadata.name
754 volumeMounts:
755 - name: collectorforopenshift-syslog-state
756 mountPath: /data
757 - name: collectorforopenshift-syslog-config
758 mountPath: /config/
759 readOnly: true
760 - name: cgroup
761 mountPath: /rootfs/sys/fs/cgroup
762 readOnly: true
763 - name: proc
764 mountPath: /rootfs/proc
765 readOnly: true
766 - name: docker-logs
767 mountPath: /rootfs/var/lib/docker/
768 readOnly: true
769 mountPropagation: HostToContainer
770 - name: docker-unix-socket
771 mountPath: /rootfs/var/run/docker.sock
772 readOnly: true
773 - name: crio-unix-socket
774 mountPath: /rootfs/var/run/crio/
775 readOnly: true
776 - name: logs
777 mountPath: /rootfs/var/log/
778 readOnly: true
779 - name: run-logs
780 mountPath: /rootfs/run/log/
781 readOnly: true
782 - name: etcd-certs
783 mountPath: /rootfs/etc/kubernetes/static-pod-resources/etcd-member/
784 readOnly: true
785 - name: volumes-root
786 mountPath: /rootfs/var/lib/kubelet/
787 readOnly: true
788 mountPropagation: HostToContainer
789 - name: localtime
790 mountPath: /etc/localtime
791 readOnly: true
792 volumes:
793 - name: collectorforopenshift-syslog-state
794 hostPath:
795 path: /var/lib/collectorforopenshift-syslog/data/
796 - name: docker-logs
797 hostPath:
798 path: /var/lib/docker/
799 - name: cgroup
800 hostPath:
801 path: /sys/fs/cgroup
802 - name: proc
803 hostPath:
804 path: /proc
805 - name: logs
806 hostPath:
807 path: /var/log
808 - name: run-logs
809 hostPath:
810 path: /run/log
811 - name: docker-unix-socket
812 hostPath:
813 path: /var/run/docker.sock
814 - name: crio-unix-socket
815 hostPath:
816 path: /var/run/crio/
817 - name: etcd-certs
818 hostPath:
819 path: /etc/kubernetes/static-pod-resources/etcd-member/
820 - name: volumes-root
821 hostPath:
822 path: /var/lib/kubelet/
823 - name: localtime
824 hostPath:
825 path: /etc/localtime
826 - name: collectorforopenshift-syslog-config
827 configMap:
828 name: collectorforopenshift-syslog
829 items:
830 - key: 001-general.conf
831 path: 001-general.conf
832 - key: 002-daemonset.conf
833 path: 002-daemonset.conf
834 - key: 003-daemonset-master.conf
835 path: 003-daemonset-master.conf
836---
837apiVersion: apps/v1beta1
838kind: Deployment
839metadata:
840 name: collectorforopenshift-syslog-addon
841 namespace: collectorforopenshift-syslog
842 labels:
843 app: collectorforopenshift-syslog
844spec:
845 replicas: 1
846 selector:
847 matchLabels:
848 daemon: collectorforopenshift-syslog
849 template:
850 metadata:
851 name: collectorforopenshift-syslog-addon
852 labels:
853 daemon: collectorforopenshift-syslog
854 spec:
855 priorityClassName: collectorforopenshift-syslog-critical
856 serviceAccountName: collectorforopenshift-syslog
857 containers:
858 - name: collectorforopenshift-syslog
859 image: docker.io/outcoldsolutions/collectorforopenshift:26.04.1
860 securityContext:
861 privileged: true
862 runAsUser: 0
863 resources:
864 limits:
865 cpu: 500m
866 memory: 256Mi
867 requests:
868 cpu: 50m
869 memory: 64Mi
870 env:
871 - name: KUBERNETES_NODENAME
872 valueFrom:
873 fieldRef:
874 fieldPath: spec.nodeName
875 - name: POD_NAME
876 valueFrom:
877 fieldRef:
878 fieldPath: metadata.name
879 volumeMounts:
880 - name: collectorforopenshift-syslog-state
881 mountPath: /data
882 - name: collectorforopenshift-syslog-config
883 mountPath: /config/
884 readOnly: true
885 volumes:
886 - name: collectorforopenshift-syslog-state
887 hostPath:
888 path: /var/lib/collectorforopenshift-syslog/data/
889 - name: collectorforopenshift-syslog-config
890 configMap:
891 name: collectorforopenshift-syslog
892 items:
893 - key: 001-general.conf
894 path: 001-general.conf
895 - key: 004-addon.conf
896 path: 004-addon.conf