2024-02-14 21:21:38 +00:00
# Default values for logging-operator.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
replicaCount : 1
image :
repository : rancher/mirrored-kube-logging-logging-operator
tag : 4.4 .0
pullPolicy : IfNotPresent
env : [ ]
volumes : [ ]
volumeMounts : [ ]
extraArgs :
- -enable-leader-election=true
imagePullSecrets : [ ]
# -- A name in place of the chart name for `app:` labels.
nameOverride : ""
# -- A name to substitute for the full names of resources.
fullnameOverride : ""
# -- A namespace override for the app.
namespaceOverride : ""
# -- Define annotations for logging-operator pods.
annotations : {}
# -- Deploy CRDs used by Logging Operator.
createCustomResource : false
http :
# -- HTTP listen port number.
port : 8080
# -- Service definition for query http service.
service :
type : ClusterIP
clusterIP : None
# Annotations to query http service
annotations : {}
# Labels to query http service
labels : {}
rbac :
# -- Create rbac service account and roles.
enabled : true
psp :
# -- Must be used with `rbac.enabled` true. If true, creates & uses RBAC resources required in the cluster with [Pod Security Policies](https://kubernetes.io/docs/concepts/policy/pod-security-policy/) enabled.
# enabled: false
# -- PSP annotations
annotations :
seccomp.security.alpha.kubernetes.io/allowedProfileNames : 'docker/default,runtime/default'
seccomp.security.alpha.kubernetes.io/defaultProfileName : 'runtime/default'
## Specify pod annotations
## Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#apparmor
## Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#seccomp
## Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#sysctl
# specify service account manually
# serviceAccountName: custom
2024-04-04 01:47:56 +00:00
monitoring :
2024-02-14 21:21:38 +00:00
serviceMonitor :
# -- Create a Prometheus Operator ServiceMonitor object.
enabled : false
additionalLabels : {}
metricRelabelings : [ ]
relabelings : [ ]
# -- Pod SecurityContext for Logging operator. [More info](https://kubernetes.io/docs/concepts/policy/security-context/)
## SecurityContext holds pod-level security attributes and common container settings.
## This defaults to non root user with uid 1000 and gid 2000. *v1.PodSecurityContext false
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
podSecurityContext : {}
# runAsNonRoot: true
# runAsUser: 1000
# fsGroup: 2000
# -- Container SecurityContext for Logging operator. [More info](https://kubernetes.io/docs/concepts/policy/security-context/)
securityContext : {}
# allowPrivilegeEscalation: false
# readOnlyRootFilesystem: true
# capabilities:
# drop: ["ALL"]
# -- Operator priorityClassName.
priorityClassName : {}
serviceAccount :
# -- Define annotations for logging-operator ServiceAccount.
annotations : {}
# -- CPU/Memory resource requests/limits
resources : {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
nodeSelector :
kubernetes.io/os : linux
tolerations :
- key : cattle.io/os
operator : "Equal"
value : "linux"
effect : NoSchedule
# -- Node Affinity
affinity : {}
# -- Define which Nodes the Pods are scheduled on.
podLabels : {}
# -- Logging resources configuration.
logging :
# -- Logging resources are disabled by default
enabled : false
# -- Reference to the logging system. Each of the loggingRefs can manage a fluentbit daemonset and a fluentd statefulset.
loggingRef : ""
# -- Disable configuration check before applying new fluentd configuration.
flowConfigCheckDisabled : false
# -- Whether to skip invalid Flow and ClusterFlow resources
skipInvalidResources : false
# -- Override generated config. This is a raw configuration string for troubleshooting purposes.
flowConfigOverride : ""
# -- Flag to disable fluentbit completely
fluentbitDisabled : false
# -- Fluent-bit configurations https://kube-logging.github.io/docs/configuration/crds/v1beta1/fluentbit_types/
fluentbit : {}
# -- Flag to disable fluentd completely
fluentdDisabled : false
# -- Fluentd configurations https://kube-logging.github.io/docs/configuration/crds/v1beta1/fluentd_types/
fluentd : {}
# 20Gi persistent storage is configured for fluentd by default.
# Here is an example, on how to override it:
# bufferStorageVolume:
# pvc:
# spec:
# accessModes:
# - ReadWriteOnce
# resources:
# requests:
# storage: 40Gi
# -- Syslog-NG statefulset configuration
syslogNG : {}
# -- Default flow for unmatched logs. This Flow configuration collects all logs that didn’
defaultFlow : {}
# -- GlobalOutput name to flush ERROR events to
errorOutputRef : ""
# -- Global filters to apply on logs before any match or filter mechanism.
globalFilters : [ ]
# -- Limit namespaces to watch Flow and Output custom resources.
watchNamespaces : [ ]
# -- Limit namespaces to watch Flow and Output custom resources.
watchNamespaceSelector : {}
# -- Cluster domain name to be used when templating URLs to services
clusterDomain : "cluster.local."
# -- Namespace for cluster wide configuration resources like ClusterFlow and ClusterOutput. This should be a protected namespace from regular users. Resources like fluentbit and fluentd will run in this namespace as well.
controlNamespace : ""
# -- Allow configuration of cluster resources from any namespace. Mutually exclusive with ControlNamespace restriction of Cluster resources
allowClusterResourcesFromAllNamespaces : false
# -- NodeAgent Configuration
nodeAgents : {}
# - name: win-agent
# profile: windows
# nodeAgentFluentbit:
# daemonSet:
# spec:
# template:
# spec:
# containers:
# - image: banzaicloud/fluentbit:1.9.5
# name: fluent-bit
# tls:
# enabled: false
# - name: linux-agent
# profile: linux
# nodeAgentFluentbit:
# metrics:
# prometheusAnnotations: true
# serviceMonitor: false
# tls:
# enabled: false
# -- EnableRecreateWorkloadOnImmutableFieldChange enables the operator to recreate the fluentbit daemonset and the fluentd statefulset (and possibly other resource in the future) in case there is a change in an immutable field that otherwise couldn’
enableRecreateWorkloadOnImmutableFieldChange : false
# -- ClusterFlows to deploy
clusterFlows : [ ]
# -- ClusterOutputs to deploy
clusterOutputs : [ ]
# Send all pod logs to kafka
# clusterFlows:
# - name: all
# spec:
# match:
# - select: {}
# globalOutputRefs: ["kafka"]
# clusterOutputs:
# - name: kafka
# spec:
# kafka:
# brokers: kafka-headless.kafka.svc.cluster.local:29092
# format:
# type: json
# default_topic: topic
# -- EventTailer config
eventTailer : {}
# name: sample
# pvc:
# accessModes:
# - ReadWriteOnce
# volumeMode: Filesystem
# storage: 1Gi
# storageClassName: standard
# -- HostTailer config
hostTailer : {}
# name: sample
# fileTailers:
# - name: sample-file
# path: /var/log/sample-file
# disabled: false
# systemdTailers:
# - name: system-sample
# disabled: false
# maxEntries: 20
# systemdFilter: kubelet.service
testReceiver :
enabled : false
image : fluent/fluent-bit
pullPolicy : IfNotPresent
port : 8080
# args: ["-i", "http", "-p", "port=8080", "-o", "stdout"]
# resources:
# limits:
# cpu: 100m
# memory: 50Mi
# requests:
# cpu: 20m
# memory: 25Mi
# Service definition for query http service
service :
type : ClusterIP
clusterIP : None
# Annotations to query http service
annotations : {}
# Labels to query http service
labels : {}
2024-03-05 16:30:42 +00:00
# Logging CR specific serviceAccount annotations
loggingServiceAccountAnnotations : {}
## Syntax ##
# <logging-name>:
# <key>: <value>
#
## Example ##
#
# root:
# eks.amazonaws.com/role-arn: <RoleARN>
#
## Result - added to the Logging resource ##
#
# spec:
# fluentd:
# serviceAccount:
# metadata:
# annotations:
# eks.amazonaws.com/role-arn: arn:aws:iam::1234567890:role/my-iam-role
#
2024-02-14 21:21:38 +00:00
###################################
# Rancher Logging Operator Values #
###################################
# Enable debug to use fluent-bit images that allow exec
debug : false
# Disable persistent volumes for buffers
disablePvc : true
# If your additional logging sources collect logs from systemd configure the systemd log path here
systemdLogPath : "/run/log/journal"
global :
cattle :
systemDefaultRegistry : ""
# Uncomment the below two lines to either enable or disable Windows logging. If this chart is
# installed via the Rancher UI, it will set this value to "true" if the cluster is a Windows
# cluster. In that scenario, if you would like to disable Windows logging on Windows clusters,
# set the value below to "false".
# windows:
# enabled: true
psp :
enabled : false
# Change the "dockerRootDirectory" if the default Docker directory has changed.
dockerRootDirectory : ""
rkeWindowsPathPrefix : "c:\\"
seLinux :
enabled : false
images :
config_reloader :
repository : rancher/mirrored-jimmidyson-configmap-reload
tag : v0.4.0
fluentbit :
repository : rancher/mirrored-fluent-fluent-bit
tag : 2.2 .0
nodeagent_fluentbit :
os : "windows"
repository : rancher/fluent-bit
2024-05-01 16:34:51 +00:00
tag : 2.2 .0
2024-02-14 21:21:38 +00:00
fluentbit_debug :
repository : rancher/mirrored-fluent-fluent-bit
tag : 2.2 .0 -debug
fluentd :
repository : rancher/mirrored-banzaicloud-fluentd
tag : v1.14.6-alpine-5
additionalLoggingSources :
rke :
enabled : false
fluentbit :
log_level : "info"
mem_buffer_limit : "5MB"
rke2 :
enabled : false
stripUnderscores : false
k3s :
enabled : false
container_engine : "systemd"
stripUnderscores : false
aks :
enabled : false
eks :
enabled : false
gke :
enabled : false
kubeAudit :
auditFilename : ""
enabled : false
pathPrefix : ""
fluentbit :
logTag : kube-audit
tolerations :
- key : node-role.kubernetes.io/controlplane
value : "true"
effect : NoSchedule
- key : node-role.kubernetes.io/etcd
value : "true"
effect : NoExecute
# configures node agent options for windows node agents
nodeAgents :
tls :
enabled : false
# These settings apply to every Logging CR, including vendor Logging CRs enabled in "additionalLoggingSources".
# Changing these affects every Logging CR installed.
fluentd :
bufferStorageVolume : {}
livenessProbe :
tcpSocket :
port : 24240
initialDelaySeconds : 30
periodSeconds : 15
nodeSelector : {}
resources : {}
tolerations : {}
env : [ ]
2024-05-21 16:40:33 +00:00
logLevel : {}
2024-02-14 21:21:38 +00:00
fluentbit :
inputTail :
Buffer_Chunk_Size : ""
Buffer_Max_Size : ""
Mem_Buf_Limit : ""
Multiline_Flush : ""
Skip_Long_Lines : ""
resources : {}
tolerations :
- key : node-role.kubernetes.io/controlplane
value : "true"
effect : NoSchedule
- key : node-role.kubernetes.io/etcd
value : "true"
effect : NoExecute
filterKubernetes :
Merge_Log : ""
Merge_Log_Key : ""
Merge_Log_Trim : ""
Merge_Parser : ""
# DO NOT SET THIS UNLESS YOU KNOW WHAT YOU ARE DOING.
# Setting fields on this object can break rancher logging or cause unexpected behavior. It is intended to be used if you
# need to configure functionality not exposed by rancher logging. It is highly recommended you check the `app-readme.md`
# for the functionality you need before modifying this object.
# this object will be merged with every logging CR created by this chart. Any fields that collide with fields from the
# settings above will be overridden. Any fields that collide with fields set in the files in `templates/loggings` will
# be ignored.
