andata
/
rancher-charts
mirror of https://git.rancher.io/charts
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[dev-v2.9] Forward ports rancher-logging 103.0.1+up3.17.10 (#3747)

pull/3744/head
Lucas Machado 2024-04-05 10:12:48 -03:00 committed by GitHub
parent 0bb1c5173c
commit cd512b6079
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
45 changed files with 44020 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
assets/rancher-logging-crd/rancher-logging-crd-103.0.1+up3.17.10.tgz Normal file
View File

Binary file not shown.

BIN
assets/rancher-logging/rancher-logging-103.0.1+up3.17.10.tgz Normal file
View File

Binary file not shown.

10
charts/rancher-logging-crd/103.0.1+up3.17.10/Chart.yaml Normal file
View File

@ -0,0 +1,10 @@
annotations:
catalog.cattle.io/certified: rancher
catalog.cattle.io/hidden: "true"
catalog.cattle.io/namespace: cattle-logging-system
catalog.cattle.io/release-name: rancher-logging-crd
apiVersion: v1
description: Installs the CRDs for rancher-logging.
name: rancher-logging-crd
type: application
version: 103.0.1+up3.17.10

2
charts/rancher-logging-crd/103.0.1+up3.17.10/README.md Normal file
View File

@ -0,0 +1,2 @@
# rancher-logging-crd
A Rancher chart that installs the CRDs used by rancher-logging.

2123
charts/rancher-logging-crd/103.0.1+up3.17.10/templates/logging-extensions.banzaicloud.io_eventtailers.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

2305
charts/rancher-logging-crd/103.0.1+up3.17.10/templates/logging-extensions.banzaicloud.io_hosttailers.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

2056
charts/rancher-logging-crd/103.0.1+up3.17.10/templates/logging.banzaicloud.io_clusterflows.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

11820
charts/rancher-logging-crd/103.0.1+up3.17.10/templates/logging.banzaicloud.io_clusteroutputs.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

2048
charts/rancher-logging-crd/103.0.1+up3.17.10/templates/logging.banzaicloud.io_flows.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

9771
charts/rancher-logging-crd/103.0.1+up3.17.10/templates/logging.banzaicloud.io_loggings.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

11808
charts/rancher-logging-crd/103.0.1+up3.17.10/templates/logging.banzaicloud.io_outputs.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

22
charts/rancher-logging/103.0.1+up3.17.10/.helmignore Normal file
View File

@ -0,0 +1,22 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/

25
charts/rancher-logging/103.0.1+up3.17.10/Chart.yaml Normal file
View File

@ -0,0 +1,25 @@
annotations:
catalog.cattle.io/auto-install: rancher-logging-crd=match
catalog.cattle.io/certified: rancher
catalog.cattle.io/deploys-on-os: windows
catalog.cattle.io/display-name: Logging
catalog.cattle.io/kube-version: '>= 1.23.0-0 < 1.29.0-0'
catalog.cattle.io/namespace: cattle-logging-system
catalog.cattle.io/permits-os: linux,windows
catalog.cattle.io/provides-gvr: logging.banzaicloud.io.clusterflow/v1beta1
catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0'
catalog.cattle.io/release-name: rancher-logging
catalog.cattle.io/type: cluster-tool
catalog.cattle.io/ui-component: logging
catalog.cattle.io/upstream-version: 3.17.10
apiVersion: v1
appVersion: 3.17.10
description: Collects and filter logs using highly configurable CRDs. Powered by Banzai
Cloud Logging Operator.
icon: https://charts.rancher.io/assets/logos/logging.svg
keywords:
- logging
- monitoring
- security
name: rancher-logging
version: 103.0.1+up3.17.10

132
charts/rancher-logging/103.0.1+up3.17.10/README.md Normal file
View File

@ -0,0 +1,132 @@
# Logging operator Chart
[Logging operator](https://github.com/banzaicloud/logging-operator) Managed centralized logging component fluentd and fluent-bit instance on cluster.
## tl;dr:
```bash
$ helm repo add banzaicloud-stable https://kubernetes-charts.banzaicloud.com
$ helm repo update
$ helm install banzaicloud-stable/logging-operator
```
## Introduction
This chart bootstraps a [Logging Operator](https://github.com/banzaicloud/logging-operator) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
## Prerequisites
- Kubernetes 1.8+ with Beta APIs enabled
## Installing the Chart
To install the chart with the release name `my-release`:
```bash
$ helm install --name my-release banzaicloud-stable/logging-operator
```
### CRDs
Use `createCustomResource=false` with Helm v3 to avoid trying to create CRDs from the `crds` folder and from templates at the same time.
The command deploys **Logging operator** on the Kubernetes cluster with the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation.
## Uninstalling the Chart
To uninstall/delete the `my-release` deployment:
```bash
$ helm delete my-release
```
The command removes all Kubernetes components associated with the chart and deletes the release.
## Configuration
The following tables lists the configurable parameters of the logging-operator chart and their default values.
| Parameter | Description | Default |
| --------------------------------------------------- | ------------------------------------------------------ |-----------------------------------------------------------------------|
| `image.repository` | Container image repository | `ghcr.io/banzaicloud/logging-operator` |
| `image.tag` | Container image tag | `3.17.10` |
| `image.pullPolicy` | Container pull policy | `IfNotPresent` |
| `nameOverride` | Override name of app | `` |
| `fullnameOverride` | Override full name of app | `` |
| `namespaceOverride` | Override namespace of app | `` |
| `watchNamespace` | Namespace to watch for LoggingOperator CRD | `` |
| `rbac.enabled` | Create rbac service account and roles | `true` |
| `rbac.psp.enabled` | Must be used with `rbac.enabled` true. If true, creates & uses RBAC resources required in the cluster with [Pod Security Policies](https://kubernetes.io/docs/concepts/policy/pod-security-policy/) enabled. | `false` |
| `priorityClassName` | Operator priorityClassName | `{}` |
| `affinity` | Node Affinity | `{}` |
| `resources` | CPU/Memory resource requests/limits | `{}` |
| `tolerations` | Node Tolerations | `[]` |
| `nodeSelector` | Define which Nodes the Pods are scheduled on. | `{}` |
| `podLabels` | Define custom labels for logging-operator pods | `{}` |
| `annotations` | Define annotations for logging-operator pods | `{}` |
| `podSecurityContext` | Pod SecurityContext for Logging operator. [More info](https://kubernetes.io/docs/concepts/policy/security-context/) | `{"runAsNonRoot": true, "runAsUser": 1000, "fsGroup": 2000}` |
| `securityContext` | Container SecurityContext for Logging operator. [More info](https://kubernetes.io/docs/concepts/policy/security-context/) | `{"allowPrivilegeEscalation": false, "readOnlyRootFilesystem": true}` |
| `createCustomResource` | Create CRDs. | `true` |
| `monitoring.serviceMonitor.enabled` | Create Prometheus Operator servicemonitor. | `false` |
| `serviceAccount.annotations` | Define annotations for logging-operator ServiceAccount | `{}` |
| `global.seLinux.enabled` | Add seLinuxOptions to Logging resources, requires the [rke2-selinux RPM](https://github.com/rancher/rke2-selinux/releases) | `false` |
Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example:
```bash
$ helm install --name my-release -f values.yaml banzaicloud-stable/logging-operator
```
> **Tip**: You can use the default [values.yaml](values.yaml)
## Installing Fluentd and Fluent-bit via logging
The previous chart does **not** install `logging` resource to deploy Fluentd and Fluent-bit on cluster. To install them please use the [Logging Operator Logging](https://github.com/banzaicloud/logging-operator/tree/master/charts/logging-operator-logging) chart.
## tl;dr:
```bash
$ helm repo add banzaicloud-stable https://kubernetes-charts.banzaicloud.com
$ helm repo update
$ helm install banzaicloud-stable/logging-operator-logging
```
## Configuration
The following tables lists the configurable parameters of the logging-operator-logging chart and their default values.
## tl;dr:
```bash
$ helm repo add banzaicloud-stable https://kubernetes-charts.banzaicloud.com
$ helm repo update
$ helm install banzaicloud-stable/logging-operator-logging
```
## Configuration
The following tables lists the configurable parameters of the logging-operator-logging chart and their default values.
| Parameter | Description | Default |
| --------------------------------------------------- | ------------------------------------------------------ |------------------------------------------------------------|
| `tls.enabled` | Enabled TLS communication between components | true |
| `tls.fluentdSecretName` | Specified secret name, which contain tls certs | This will overwrite automatic Helm certificate generation. |
| `tls.fluentbitSecretName` | Specified secret name, which contain tls certs | This will overwrite automatic Helm certificate generation. |
| `tls.sharedKey` | Shared key between nodes (fluentd-fluentbit) | [autogenerated] |
| `fluentbit.enabled` | Install fluent-bit | true |
| `fluentbit.namespace` | Specified fluentbit installation namespace | same as operator namespace |
| `fluentbit.image.tag` | Fluentbit container image tag | `1.9.5` |
| `fluentbit.image.repository` | Fluentbit container image repository | `fluent/fluent-bit` |
| `fluentbit.image.pullPolicy` | Fluentbit container pull policy | `IfNotPresent` |
| `fluentd.enabled` | Install fluentd | true |
| `fluentd.image.tag` | Fluentd container image tag | `v1.14.6-alpine-5` |
| `fluentd.image.repository` | Fluentd container image repository | `ghcr.io/banzaicloud/fluentd` |
| `fluentd.image.pullPolicy` | Fluentd container pull policy | `IfNotPresent` |
| `fluentd.volumeModImage.tag` | Fluentd volumeModImage container image tag | `latest` |
| `fluentd.volumeModImage.repository` | Fluentd volumeModImage container image repository | `busybox` |
| `fluentd.volumeModImage.pullPolicy` | Fluentd volumeModImage container pull policy | `IfNotPresent` |
| `fluentd.configReloaderImage.tag` | Fluentd configReloaderImage container image tag | `v0.2.2` |
| `fluentd.configReloaderImage.repository` | Fluentd configReloaderImage container image repository | `jimmidyson/configmap-reload` |
| `fluentd.configReloaderImage.pullPolicy` | Fluentd configReloaderImage container pull policy | `IfNotPresent` |
| `fluentd.fluentdPvcSpec.accessModes` | Fluentd persistence volume access modes | `[ReadWriteOnce]` |
| `fluentd.fluentdPvcSpec.resources.requests.storage` | Fluentd persistence volume size | `21Gi` |
| `fluentd.fluentdPvcSpec.storageClassName` | Fluentd persistence volume storageclass | `"""` |

45
charts/rancher-logging/103.0.1+up3.17.10/app-readme.md Normal file
View File

@ -0,0 +1,45 @@
# Rancher Logging
This chart is based off of the upstream [Banzai Logging Operator](https://banzaicloud.com/docs/one-eye/logging-operator/) chart. The chart deploys a logging operator and CRDs, which allows users to configure complex logging pipelines with a few simple custom resources. There are two levels of logging, which allow you to collect all logs in a cluster or from a single namespace.
For more information on how to use the feature, refer to our [docs](https://rancher.com/docs/rancher/v2.x/en/logging/v2.7/).
## Upgrading to Kubernetes v1.25+
Starting in Kubernetes v1.25, [Pod Security Policies](https://kubernetes.io/docs/concepts/security/pod-security-policy/) have been removed from the Kubernetes API.
As a result, **before upgrading to Kubernetes v1.25** (or on a fresh install in a Kubernetes v1.25+ cluster), users are expected to perform an in-place upgrade of this chart with `global.cattle.psp.enabled` set to `false` if it has been previously set to `true`.
> **Note:**
> In this chart release, any previous field that was associated with any PSP resources have been removed in favor of a single global field: `global.cattle.psp.enabled`.
> **Note:**
> If you upgrade your cluster to Kubernetes v1.25+ before removing PSPs via a `helm upgrade` (even if you manually clean up resources), **it will leave the Helm release in a broken state within the cluster such that further Helm operations will not work (`helm uninstall`, `helm upgrade`, etc.).**
>
> If your charts get stuck in this state, please consult the Rancher docs on how to clean up your Helm release secrets.
Upon setting `global.cattle.psp.enabled` to false, the chart will remove any PSP resources deployed on its behalf from the cluster. This is the default setting for this chart.
As a replacement for PSPs, [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) should be used. Please consult the Rancher docs for more details on how to configure your chart release namespaces to work with the new Pod Security Admission and apply Pod Security Standards.
## Namespace-level logging
To collect logs from a single namespace, users create flows and these flows are connected to outputs or cluster outputs.
## Cluster-level logging
To collect logs from an entire cluster, users create cluster flows and cluster outputs.
## CRDs
- [Cluster Flow](https://banzaicloud.com/docs/one-eye/logging-operator/crds/v1beta1/clusterflow_types/) - A cluster flow is a CRD (`ClusterFlow`) that defines what logs to collect from the entire cluster. The cluster flow must be deployed in the same namespace as the logging operator.
- [Cluster Output](https://banzaicloud.com/docs/one-eye/logging-operator/crds/v1beta1/clusteroutput_types/) - A cluster output is a CRD (`ClusterOutput`) that defines how to connect to logging providers so they can start collecting logs. The cluster output must be deployed in the same namespace as the logging operator. The convenience of using a cluster output is that either a cluster flow or flow can send logs to those providers without needing to define specific outputs in each namespace for each flow.
- [Flow](https://banzaicloud.com/docs/one-eye/logging-operator/crds/v1beta1/flow_types/) - A flow is a CRD (`Flow`) that defines what logs to collect from the namespace that it is deployed in.
- [Output](https://banzaicloud.com/docs/one-eye/logging-operator/crds/v1beta1/output_types/) - An output is a CRD (`Output`) that defines how to connect to logging providers so logs can be sent to the provider.
For more information on how to configure the Helm chart, refer to the Helm README.
## Systemd Configuration
Some Kubernetes distributions log to journald. In order to collect these logs the `systemdLogPath` needs to be defined. While the `/run/log/journal` directory is used by default, some Linux distributions do not default to this path. For example Ubuntu defaults to `/var/log/journal`. To determine your `systemdLogPath` run `cat /etc/systemd/journald.conf | grep -E ^\#?Storage | cut -d"=" -f2` on one of your nodes. If `persistent` is returned your `systemdLogPath` should be `/var/log/journal`. If `volatile` is returned `systemdLogPath` should be `/run/log/journal`. If `auto` is returned check if `/var/log/journal` exists, and if it does then use `/var/log/journal`, otherwise use `/run/log/journal`.
If any value not described here is returned, Rancher Logging will not be able to collect control plane logs. To address this issue set `Storage=volatile` in journald.conf, reboot your machine, and set `systemdLogPath` to `/run/log/journal`.

0
charts/rancher-logging/103.0.1+up3.17.10/templates/NOTES.txt Normal file
View File

121
charts/rancher-logging/103.0.1+up3.17.10/templates/_generic_logging.yaml Normal file
View File

@ -0,0 +1,121 @@
{{- define "logging-operator.logging.tpl" -}}
apiVersion: logging.banzaicloud.io/v1beta1
kind: Logging
metadata:
namespace: {{ .Release.Namespace }}
labels:
{{ include "logging-operator.labels" . | indent 4 }}
spec:
controlNamespace: {{ .Release.Namespace }}
fluentbit:
image:
repository: {{ template "logging-operator.fluentbitImageRepository" . }}
tag: {{ template "logging-operator.fluentbitImageTag" . }}
{{- if not .Values.disablePvc }}
{{- with .Values.fluentbit.bufferStorage }}
bufferStorage: {{- toYaml . | nindent 6 }}
{{- end }}
{{- with .Values.fluentbit.bufferStorageVolume }}
bufferStorageVolume: {{- toYaml . | nindent 6 }}
{{- end }}
{{- end }}
{{- if or .Values.global.cattle.psp.enabled .Values.global.seLinux.enabled }}
security:
{{- end }}
{{- if .Values.global.cattle.psp.enabled }}
podSecurityPolicyCreate: true
roleBasedAccessControlCreate: true
{{- end }}
{{- if .Values.global.seLinux.enabled }}
securityContext:
seLinuxOptions:
type: rke_logreader_t
{{- end }}
{{- if or .Values.fluentbit.inputTail.Buffer_Chunk_Size .Values.fluentbit.inputTail.Buffer_Max_Size .Values.fluentbit.inputTail.Mem_Buf_Limit .Values.fluentbit.inputTail.Multiline_Flush .Values.fluentbit.inputTail.Skip_Long_Lines }}
inputTail:
{{- if .Values.fluentbit.inputTail.Buffer_Chunk_Size }}
Buffer_Chunk_Size: {{ .Values.fluentbit.inputTail.Buffer_Chunk_Size | toString }}
{{- end }}
{{- if .Values.fluentbit.inputTail.Buffer_Max_Size }}
Buffer_Max_Size: {{ .Values.fluentbit.inputTail.Buffer_Max_Size | toString }}
{{- end }}
{{- if .Values.fluentbit.inputTail.Mem_Buf_Limit }}
Mem_Buf_Limit: {{ .Values.fluentbit.inputTail.Mem_Buf_Limit | toString }}
{{- end }}
{{- if .Values.fluentbit.inputTail.Multiline_Flush }}
Multiline_Flush: {{ .Values.fluentbit.inputTail.Multiline_Flush | toString | quote }}
{{- end }}
{{- if .Values.fluentbit.inputTail.Skip_Long_Lines }}
Skip_Long_Lines: {{ .Values.fluentbit.inputTail.Skip_Long_Lines | toString | quote }}
{{- end }}
{{- end }}
{{- with (concat (.Values.tolerations) (.Values.fluentbit.tolerations)) }}
tolerations: {{- toYaml . | nindent 6 }}
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector: {{- toYaml . | nindent 6 }}
{{- end }}
{{- with .Values.fluentbit.resources }}
resources: {{- toYaml . | nindent 6 }}
{{- end }}
fluentd:
image:
repository: {{ template "system_default_registry" . }}{{ .Values.images.fluentd.repository }}
tag: {{ .Values.images.fluentd.tag }}
configReloaderImage:
repository: {{ template "system_default_registry" . }}{{ .Values.images.config_reloader.repository }}
tag: {{ .Values.images.config_reloader.tag }}
{{- with .Values.fluentd.bufferStorageVolume }}
bufferStorageVolume: {{- toYaml . | nindent 6 }}
{{- end }}
disablePvc: {{ .Values.disablePvc }}
{{- if .Values.fluentd.replicas }}
scaling:
replicas: {{ .Values.fluentd.replicas }}
{{- end }}
security:
podSecurityContext:
runAsUser: 100
{{- if .Values.global.cattle.psp.enabled }}
podSecurityPolicyCreate: true
roleBasedAccessControlCreate: true
{{- end }}
{{- with .Values.fluentd.env }}
envVars: {{- toYaml . | nindent 6 }}
{{- end }}
{{- with (default .Values.tolerations .Values.fluentd.tolerations) }}
tolerations: {{- toYaml . | nindent 6 }}
{{- end }}
{{- with (default .Values.nodeSelector .Values.fluentd.nodeSelector) }}
nodeSelector: {{- toYaml . | nindent 6 }}
{{- end }}
{{- with .Values.fluentd.resources }}
resources: {{- toYaml . | nindent 6 }}
{{- end }}
{{- with .Values.fluentd.livenessProbe }}
livenessProbe: {{- toYaml . | nindent 6 }}
{{- end }}
{{- end -}}
{{- define "logging-operator.util.merge.logging" -}}
{{/* Top context to expose fields like `.Release` and `.Values` */}}
{{- $top := first . -}}
{{/* tpl is the template specific to the logging implementation */}}
{{- $tpl := fromYaml (include (index . 1) $top) | default (dict ) -}}
{{/* Generic is the shared rancher logging setttings from `_generic_logging.yaml` */}}
{{- $generic := fromYaml (include (index . 2) $top) | default (dict ) -}}
{{/* values are from the values.yaml */}}
{{- $values := $top.Values.loggingOverlay | default (dict ) -}}
####### {{$generic}}
{{/* the sources are merge right to left meaning tpl is the highest prcedence and values is the lowest */}}
{{- toYaml (merge $tpl $values $generic) -}}
{{- end -}}
{{- define "logging-operator.logging" -}}
{{- include "logging-operator.util.merge.logging" (append . "logging-operator.logging.tpl") -}}
{{- end -}}

179
charts/rancher-logging/103.0.1+up3.17.10/templates/_helpers.tpl Normal file
View File

@ -0,0 +1,179 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "logging-operator.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "logging-operator.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Provides the namespace the chart will be installed in using the builtin .Release.Namespace,
or, if provided, a manually overwritten namespace value.
*/}}
{{- define "logging-operator.namespace" -}}
{{- if .Values.namespaceOverride -}}
{{ .Values.namespaceOverride -}}
{{- else -}}
{{ .Release.Namespace }}
{{- end -}}
{{- end -}}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "logging-operator.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Common labels
*/}}
{{- define "logging-operator.labels" -}}
app.kubernetes.io/name: {{ include "logging-operator.name" . }}
helm.sh/chart: {{ include "logging-operator.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end -}}
{{- define "system_default_registry" -}}
{{- if .Values.global.cattle.systemDefaultRegistry -}}
{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
{{- else -}}
{{- "" -}}
{{- end -}}
{{- end -}}
{{- define "windowsEnabled" }}
{{- if not (kindIs "invalid" .Values.global.cattle.windows) }}
{{- if not (kindIs "invalid" .Values.global.cattle.windows.enabled) }}
{{- if .Values.global.cattle.windows.enabled }}
true
{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{- define "windowsPathPrefix" -}}
{{- trimSuffix "/" (default "c:\\" .Values.global.cattle.rkeWindowsPathPrefix | replace "\\" "/" | replace "//" "/" | replace "c:" "C:") -}}
{{- end -}}
{{- define "windowsKubernetesFilter" -}}
{{- printf "kubernetes.%s" ((include "windowsPathPrefix" .) | replace ":" "" | replace "/" ".") -}}
{{- end -}}
{{- define "windowsInputTailMount" -}}
{{- (include "windowsPathPrefix" .) | replace "C:" "" -}}
{{- end -}}
{{/*
Set the controlplane selector based on kubernetes distribution
*/}}
{{- define "controlplaneSelector" -}}
{{- $master := or .Values.additionalLoggingSources.rke2.enabled .Values.additionalLoggingSources.k3s.enabled -}}
{{- $defaultSelector := $master | ternary (dict "node-role.kubernetes.io/master" "true") (dict "node-role.kubernetes.io/controlplane" "true") -}}
{{ default $defaultSelector .Values.additionalLoggingSources.kubeAudit.nodeSelector | toYaml }}
{{- end -}}
{{/*
Set kube-audit file path prefix based on distribution
*/}}
{{- define "kubeAuditPathPrefix" -}}
{{- if .Values.additionalLoggingSources.rke.enabled -}}
{{ default "/var/log/kube-audit" .Values.additionalLoggingSources.kubeAudit.pathPrefix }}
{{- else if .Values.additionalLoggingSources.rke2.enabled -}}
{{ default "/var/lib/rancher/rke2/server/logs" .Values.additionalLoggingSources.kubeAudit.pathPrefix }}
{{- else -}}
{{ required "Directory PathPrefix of the kube-audit location is required" .Values.additionalLoggingSources.kubeAudit.pathPrefix }}
{{- end -}}
{{- end -}}
{{/*
Set kube-audit file name based on distribution
*/}}
{{- define "kubeAuditFilename" -}}
{{- if .Values.additionalLoggingSources.rke.enabled -}}
{{ default "audit-log.json" .Values.additionalLoggingSources.kubeAudit.auditFilename }}
{{- else if .Values.additionalLoggingSources.rke2.enabled -}}
{{ default "audit.log" .Values.additionalLoggingSources.kubeAudit.auditFilename }}
{{- else -}}
{{ required "Filename of the kube-audit log is required" .Values.additionalLoggingSources.kubeAudit.auditFilename }}
{{- end -}}
{{- end -}}
{{/*
A shared list of custom parsers for the vairous fluentbit pods rancher creates
*/}}
{{- define "logging-operator.parsers" -}}
[PARSER]
Name klog
Format regex
Regex ^(?<level>[IWEF])(?<timestamp>\d{4} \d{2}:\d{2}:\d{2}).\d{6} +?(?<thread_id>\d+) (?<filename>.+):(?<linenumber>\d+)] (?<message>.+)
Time_Key timestamp
Time_Format %m%d %T
[PARSER]
Name rancher
Format regex
Regex ^time="(?<timestamp>.+)" level=(?<level>.+) msg="(?<msg>.+)"$
Time_Key timestamp
Time_Format %FT%H:%M:%S
[PARSER]
Name etcd
Format json
Time_Key timestamp
Time_Format %FT%H:%M:%S.%L
{{- end -}}
{{/*
Set kubernetes log options if they are configured
*/}}
{{- define "requireFilterKubernetes" -}}
{{- if or .Values.fluentbit.filterKubernetes.Merge_Log .Values.fluentbit.filterKubernetes.Merge_Log_Key .Values.fluentbit.filterKubernetes.Merge_Trim .Values.fluentbit.filterKubernetes.Merge_Parser -}}
true
{{- end -}}
{{- end -}}
{{/*Fluent Bit Image Repository */}}
{{- define "logging-operator.fluentbitImageRepository" -}}
{{- if .Values.debug -}}
{{ template "system_default_registry" . }}{{ .Values.images.fluentbit_debug.repository }}
{{- else -}}
{{ template "system_default_registry" . }}{{ .Values.images.fluentbit.repository }}
{{- end -}}
{{- end -}}
{{/*Fluent Bit Image Tag */}}
{{- define "logging-operator.fluentbitImageTag" -}}
{{- if .Values.debug -}}
{{ .Values.images.fluentbit_debug.tag }}
{{- else -}}
{{ .Values.images.fluentbit.tag }}
{{- end -}}
{{- end -}}
{{/*Fluent Bit Image */}}
{{- define "logging-operator.fluentbitImage" -}}
{{ template "logging-operator.fluentbitImageRepository" . }}:{{ template "logging-operator.fluentbitImageTag" . }}
{{- end -}}

318
charts/rancher-logging/103.0.1+up3.17.10/templates/clusterrole.yaml Normal file
View File

@ -0,0 +1,318 @@
{{- if .Values.rbac.enabled }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
name: {{ template "logging-operator.fullname" . }}
rules:
- apiGroups:
- ""
resources:
- configmaps
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- configmaps
- secrets
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- endpoints
- namespaces
- nodes
- nodes/proxy
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- events
verbs:
- create
- get
- list
- watch
- apiGroups:
- ""
resources:
- persistentvolumeclaims
- pods
- serviceaccounts
- services
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- serviceaccounts
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
- events.k8s.io
resources:
- events
verbs:
- create
- get
- list
- watch
- apiGroups:
- apps
resources:
- daemonsets
- replicasets
- statefulsets
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- apps
- extensions
resources:
- daemonsets
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- apps
- extensions
resources:
- deployments
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- apps
- extensions
resources:
- statefulsets
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- batch
resources:
- jobs
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- '*'
- apiGroups:
- events.k8s.io
resources:
- events
verbs:
- get
- list
- watch
- apiGroups:
- extensions
- networking.k8s.io
resources:
- ingresses
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- extensions
- policy
resources:
- podsecuritypolicies
verbs:
- create
- delete
- get
- list
- patch
- update
- use
- watch
- apiGroups:
- logging-extensions.banzaicloud.io
resources:
- eventtailers
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- logging-extensions.banzaicloud.io
resources:
- eventtailers/status
verbs:
- get
- patch
- update
- apiGroups:
- logging-extensions.banzaicloud.io
resources:
- hosttailers
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- logging-extensions.banzaicloud.io
resources:
- hosttailers/status
verbs:
- get
- patch
- update
- apiGroups:
- logging.banzaicloud.io
resources:
- clusterflows
- clusteroutputs
- flows
- loggings
- outputs
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- logging.banzaicloud.io
resources:
- clusterflows/status
- clusteroutputs/status
- flows/status
- loggings/status
- outputs/status
verbs:
- get
- patch
- update
- apiGroups:
- monitoring.coreos.com
resources:
- prometheusrules
- servicemonitors
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- rbac.authorization.k8s.io
resources:
- clusterrolebindings
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- rbac.authorization.k8s.io
resources:
- clusterrolebindings
- clusterroles
- rolebindings
- roles
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- rbac.authorization.k8s.io
resources:
- clusterroles
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
{{- end }}

18
charts/rancher-logging/103.0.1+up3.17.10/templates/clusterrolebinding.yaml Normal file
View File

@ -0,0 +1,18 @@
{{- if .Values.rbac.enabled }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ template "logging-operator.fullname" . }}
labels:
{{ include "logging-operator.labels" . | indent 4 }}
subjects:
- kind: ServiceAccount
name: {{ template "logging-operator.fullname" . }}
namespace: {{ include "logging-operator.namespace" . }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ template "logging-operator.fullname" . }}
{{- end }}

6
charts/rancher-logging/103.0.1+up3.17.10/templates/crds.yaml Normal file
View File

@ -0,0 +1,6 @@
{{- if .Values.createCustomResource -}}
{{- range $path, $bytes := .Files.Glob "crds/*.yaml" }}
{{ $.Files.Get $path }}
---
{{- end }}
{{- end }}

77
charts/rancher-logging/103.0.1+up3.17.10/templates/deployment.yaml Normal file
View File

@ -0,0 +1,77 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "logging-operator.fullname" . }}
namespace: {{ include "logging-operator.namespace" . }}
labels:
{{ include "logging-operator.labels" . | indent 4 }}
spec:
replicas: {{ .Values.replicaCount }}
selector:
matchLabels:
app.kubernetes.io/name: {{ include "logging-operator.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
template:
metadata:
labels:
app.kubernetes.io/name: {{ include "logging-operator.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- with .Values.podLabels }}
{{ toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.annotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- if .Values.priorityClassName }}
priorityClassName: {{ .Values.priorityClassName }}
{{- end }}
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
containers:
- name: {{ .Chart.Name }}
image: "{{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag }}"
args:
{{- range .Values.extraArgs }}
- {{ . }}
{{- end }}
imagePullPolicy: {{ .Values.image.pullPolicy }}
resources:
{{- toYaml .Values.resources | nindent 12 }}
ports:
- name: http
containerPort: {{ .Values.http.port }}
{{- with .Values.env }}
env: {{ toYaml . | nindent 12 }}
{{- end }}
{{- if .Values.securityContext }}
securityContext: {{ toYaml .Values.securityContext | nindent 12 }}
{{- end }}
{{- with .Values.volumeMounts }}
volumeMounts: {{ toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.volumes }}
volumes: {{ toYaml . | nindent 8 }}
{{- end }}
{{- if .Values.podSecurityContext }}
securityContext: {{ toYaml .Values.podSecurityContext | nindent 8 }}
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if .Values.rbac.enabled }}
serviceAccountName: {{ include "logging-operator.fullname" . }}
{{- end }}

18
charts/rancher-logging/103.0.1+up3.17.10/templates/loggings/aks/logging.yaml Normal file
View File

@ -0,0 +1,18 @@
{{- define "logging-operator.logging.aks" -}}
{{- $logPath := "/var/log/azure/kubelet-status.log" -}}
metadata:
name: {{ .Release.Name }}-aks
spec:
fluentbit:
disableKubernetesFilter: true
extraVolumeMounts:
- source: {{ $logPath }}
destination: {{ $logPath }}
readOnly: true
inputTail:
Tag: "aks"
Path: {{ $logPath }}
{{- end -}}
{{- if .Values.additionalLoggingSources.aks.enabled }}
{{- include "logging-operator.logging" (list . "logging-operator.logging.aks") -}}
{{- end }}

19
charts/rancher-logging/103.0.1+up3.17.10/templates/loggings/eks/logging.yaml Normal file
View File

@ -0,0 +1,19 @@
{{- define "logging-operator.logging.eks" -}}
{{- $logPath := "/var/log/messages" -}}
metadata:
name: {{ .Release.Name }}-eks
spec:
fluentbit:
disableKubernetesFilter: true
extraVolumeMounts:
- source: {{ $logPath }}
destination: {{ $logPath }}
readOnly: true
inputTail:
Tag: "eks"
Path: {{ $logPath }}
Parser: "syslog"
{{- end -}}
{{- if .Values.additionalLoggingSources.eks.enabled }}
{{- include "logging-operator.logging" (list . "logging-operator.logging.eks") -}}
{{- end }}

18
charts/rancher-logging/103.0.1+up3.17.10/templates/loggings/gke/logging.yaml Normal file
View File

@ -0,0 +1,18 @@
{{- define "logging-operator.logging.gke" -}}
{{- $logPath := "/var/log/kube-proxy.log" -}}
metadata:
name: {{ .Release.Name }}-gke
spec:
fluentbit:
disableKubernetesFilter: true
extraVolumeMounts:
- source: {{ $logPath }}
destination: {{ $logPath }}
readOnly: true
inputTail:
Tag: "gke"
Path: {{ $logPath }}
{{- end -}}
{{- if .Values.additionalLoggingSources.gke.enabled }}
{{- include "logging-operator.logging" (list . "logging-operator.logging.gke") -}}
{{- end }}

57
charts/rancher-logging/103.0.1+up3.17.10/templates/loggings/k3s/configmap.yaml Normal file
View File

@ -0,0 +1,57 @@
{{- if and .Values.additionalLoggingSources.k3s.enabled (eq .Values.additionalLoggingSources.k3s.container_engine "systemd") }}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ .Release.Name }}-k3s
labels:
{{ include "logging-operator.labels" . | indent 4 }}
data:
fluent-bit.conf: |
[SERVICE]
Flush 1
Grace 5
Daemon Off
Log_Level info
Coro_Stack_Size 24576
Parsers_File parsers.conf
[INPUT]
Name systemd
Tag k3s
Path {{ .Values.systemdLogPath }}
Systemd_Filter _SYSTEMD_UNIT=k3s.service
{{- if .Values.additionalLoggingSources.k3s.stripUnderscores }}
Strip_Underscores On
{{- end }}
Systemd_Filter _SYSTEMD_UNIT=k3s-agent.service
[FILTER]
Name parser
Match *
Key_Name MESSAGE
Parser klog
Reserve_Data On
[FILTER]
Name parser
Match *
Key_Name MESSAGE
Parser rancher
Reserve_Data On
[FILTER]
Name parser
Match *
Key_Name MESSAGE
Parser etcd
Reserve_Data On
[OUTPUT]
Name forward
Match *
Host {{ .Release.Name }}-root-fluentd.{{ .Release.Namespace }}.svc
Port 24240
Retry_Limit False
parsers.conf: |
{{ include "logging-operator.parsers" . | indent 4 }}
{{- end }}

110
charts/rancher-logging/103.0.1+up3.17.10/templates/loggings/k3s/daemonset.yaml Normal file
View File

@ -0,0 +1,110 @@
{{- if and .Values.additionalLoggingSources.k3s.enabled (eq .Values.additionalLoggingSources.k3s.container_engine "systemd") }}
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: "{{ .Release.Name }}-k3s-journald-aggregator"
namespace: "{{ .Release.Namespace }}"
spec:
selector:
matchLabels:
name: {{ .Release.Name }}-k3s-journald-aggregator
template:
metadata:
annotations:
checksum/config: {{ include (print $.Template.BasePath "/loggings/k3s/configmap.yaml") . | sha256sum }}
name: "{{ .Release.Name }}-k3s-journald-aggregator"
namespace: "{{ .Release.Namespace }}"
labels:
name: {{ .Release.Name }}-k3s-journald-aggregator
spec:
containers:
- name: fluentbit
image: "{{ template "logging-operator.fluentbitImage" . }}"
{{- if .Values.global.seLinux.enabled }}
securityContext:
seLinuxOptions:
type: rke_logreader_t
{{- end }}
volumeMounts:
- mountPath: /fluent-bit/etc/
name: config
- mountPath: {{ .Values.systemdLogPath | default "/var/log/journal" }}
name: journal
readOnly: true
- mountPath: /etc/machine-id
name: machine-id
readOnly: true
{{- with .Values.tolerations }}
tolerations: {{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector: {{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: "{{ .Release.Name }}-k3s-journald-aggregator"
volumes:
- name: config
configMap:
name: "{{ .Release.Name }}-k3s"
- name: journal
hostPath:
path: {{ .Values.systemdLogPath | default "/var/log/journal" }}
- name: machine-id
hostPath:
path: /etc/machine-id
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: "{{ .Release.Name }}-k3s-journald-aggregator"
namespace: "{{ .Release.Namespace }}"
{{- if .Values.global.cattle.psp.enabled }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: "{{ .Release.Name }}-k3s-journald-aggregator"
rules:
- apiGroups:
- policy
resourceNames:
- "{{ .Release.Name }}-k3s-journald-aggregator"
resources:
- podsecuritypolicies
verbs:
- use
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: "{{ .Release.Name }}-k3s-journald-aggregator"
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: "{{ .Release.Name }}-k3s-journald-aggregator"
subjects:
- kind: ServiceAccount
name: "{{ .Release.Name }}-k3s-journald-aggregator"
---
apiVersion: policy/v1beta1
kind: PodSecurityPolicy
metadata:
name: "{{ .Release.Name }}-k3s-journald-aggregator"
namespace: "{{ .Release.Namespace }}"
spec:
allowPrivilegeEscalation: false
fsGroup:
rule: RunAsAny
readOnlyRootFilesystem: true
runAsUser:
rule: RunAsAny
seLinux:
rule: RunAsAny
supplementalGroups:
rule: RunAsAny
volumes:
- configMap
- emptyDir
- secret
- hostPath
{{- end }}
{{- end }}

19
charts/rancher-logging/103.0.1+up3.17.10/templates/loggings/k3s/logging-k3s-openrc.yaml Normal file
View File

@ -0,0 +1,19 @@
{{- define "logging-operator.logging.k3s-openrc" -}}
{{- $logPath := "/var/log/k3s.log" -}}
metadata:
name: {{ .Release.Name }}-k3s
spec:
fluentbit:
disableKubernetesFilter: true
extraVolumeMounts:
- source: {{ $logPath }}
destination: {{ $logPath }}
readOnly: true
inputTail:
Tag: "k3s"
Path: {{ $logPath }}
Path_Key: filename
{{- end -}}
{{- if and .Values.additionalLoggingSources.k3s.enabled (eq .Values.additionalLoggingSources.k3s.container_engine "openrc")}}
{{- include "logging-operator.logging" (list . "logging-operator.logging.k3s-openrc") -}}
{{- end }}

25
charts/rancher-logging/103.0.1+up3.17.10/templates/loggings/kube-audit/logging.yaml Normal file
View File

@ -0,0 +1,25 @@
{{- define "logging-operator.logging.kube-audit" -}}
metadata:
name: {{ .Release.Name }}-kube-audit
spec:
{{- if .Values.additionalLoggingSources.kubeAudit.loggingRef }}
loggingRef: {{ .Values.additionalLoggingSources.kubeAudit.loggingRef }}
{{- end }}
fluentbit:
disableKubernetesFilter: true
extraVolumeMounts:
- source: {{ template "kubeAuditPathPrefix" . }}
destination: "/kube-audit-logs"
readOnly: true
inputTail:
Tag: {{ .Values.additionalLoggingSources.kubeAudit.fluentbit.logTag }}
Path: /kube-audit-logs/{{ template "kubeAuditFilename" . }}
Parser: json
{{- with (concat (.Values.tolerations) (.Values.fluentbit.tolerations) (.Values.additionalLoggingSources.kubeAudit.fluentbit.tolerations)) }}
tolerations: {{- toYaml . | nindent 6 }}
{{- end }}
nodeSelector: {{ include "controlplaneSelector" . | nindent 6 }}
{{- end -}}
{{- if .Values.additionalLoggingSources.kubeAudit.enabled }}
{{- include "logging-operator.logging" (list . "logging-operator.logging.kube-audit") -}}
{{- end }}

29
charts/rancher-logging/103.0.1+up3.17.10/templates/loggings/rke/configmap.yaml Normal file
View File

@ -0,0 +1,29 @@
{{- if .Values.additionalLoggingSources.rke.enabled }}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ .Release.Name }}-rke
labels:
{{ include "logging-operator.labels" . | indent 4 }}
data:
fluent-bit.conf: |
[SERVICE]
Log_Level {{ .Values.additionalLoggingSources.rke.fluentbit.log_level }}
Parsers_File parsers.conf
[INPUT]
Tag rke
Name tail
Path_Key filename
Parser docker
DB /tail-db/tail-containers-state.db
Mem_Buf_Limit {{ .Values.additionalLoggingSources.rke.fluentbit.mem_buffer_limit }}
Path /var/lib/rancher/rke/log/*.log
[OUTPUT]
Name forward
Match *
Host {{ .Release.Name }}-root-fluentd.{{ .Release.Namespace }}.svc
Port 24240
Retry_Limit False
{{- end }}

122
charts/rancher-logging/103.0.1+up3.17.10/templates/loggings/rke/daemonset.yaml Normal file
View File

@ -0,0 +1,122 @@
{{- if .Values.additionalLoggingSources.rke.enabled }}
{{- $containers := printf "%s/containers/" (default "/var/lib/docker" .Values.global.dockerRootDirectory) }}
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: "{{ .Release.Name }}-rke-aggregator"
namespace: "{{ .Release.Namespace }}"
spec:
selector:
matchLabels:
name: {{ .Release.Name }}-rke-aggregator
template:
metadata:
name: "{{ .Release.Name }}-rke-aggregator"
namespace: "{{ .Release.Namespace }}"
labels:
name: {{ .Release.Name }}-rke-aggregator
spec:
containers:
- name: fluentbit
image: "{{ template "logging-operator.fluentbitImage" . }}"
volumeMounts:
- mountPath: /var/lib/rancher/rke/log/
name: indir
- mountPath: {{ $containers }}
name: containers
- mountPath: /tail-db
name: positiondb
- mountPath: /fluent-bit/etc/fluent-bit.conf
name: config
subPath: fluent-bit.conf
{{- if .Values.global.seLinux.enabled }}
securityContext:
seLinuxOptions:
type: rke_logreader_t
{{- end }}
volumes:
- name: indir
hostPath:
path: /var/lib/rancher/rke/log/
type: DirectoryOrCreate
- name: containers
hostPath:
path: {{ $containers }}
type: DirectoryOrCreate
- name: positiondb
emptyDir: {}
- name: config
configMap:
name: "{{ .Release.Name }}-rke"
serviceAccountName: "{{ .Release.Name }}-rke-aggregator"
{{- $total_tolerations := concat (.Values.tolerations) (.Values.fluentbit.tolerations) }}
{{- with $total_tolerations }}
tolerations: {{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector: {{- toYaml . | nindent 8 }}
{{- end }}
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: "{{ .Release.Name }}-rke-aggregator"
namespace: "{{ .Release.Namespace }}"
{{- if .Values.global.cattle.psp.enabled }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: "{{ .Release.Name }}-rke-aggregator"
rules:
- apiGroups:
- policy
resourceNames:
- "{{ .Release.Name }}-rke-aggregator"
resources:
- podsecuritypolicies
verbs:
- use
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: "{{ .Release.Name }}-rke-aggregator"
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: "{{ .Release.Name }}-rke-aggregator"
subjects:
- kind: ServiceAccount
name: "{{ .Release.Name }}-rke-aggregator"
---
apiVersion: policy/v1beta1
kind: PodSecurityPolicy
metadata:
name: "{{ .Release.Name }}-rke-aggregator"
namespace: "{{ .Release.Namespace }}"
spec:
allowPrivilegeEscalation: false
allowedHostPaths:
- pathPrefix: {{ $containers }}
readOnly: false
- pathPrefix: /var/lib/rancher/rke/log/
readOnly: false
- pathPrefix: /var/lib/rancher/logging/
readOnly: false
fsGroup:
rule: RunAsAny
readOnlyRootFilesystem: true
runAsUser:
rule: RunAsAny
seLinux:
rule: RunAsAny
supplementalGroups:
rule: RunAsAny
volumes:
- configMap
- emptyDir
- secret
- hostPath
{{- end }}
{{- end }}

69
charts/rancher-logging/103.0.1+up3.17.10/templates/loggings/rke2/configmap.yaml Normal file
View File

@ -0,0 +1,69 @@
{{- if .Values.additionalLoggingSources.rke2.enabled }}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ .Release.Name }}-rke2
labels:
{{ include "logging-operator.labels" . | indent 4 }}
data:
fluent-bit.conf: |
[SERVICE]
Flush 1
Grace 5
Daemon Off
Log_Level info
Coro_Stack_Size 24576
Parsers_File parsers.conf
[INPUT]
Name systemd
Tag rke2
Path {{ .Values.systemdLogPath }}
Systemd_Filter _SYSTEMD_UNIT=rke2-server.service
Systemd_Filter _SYSTEMD_UNIT=rke2-agent.service
{{- if .Values.additionalLoggingSources.rke2.stripUnderscores }}
Strip_Underscores On
{{- end }}
[INPUT]
Name tail
Tag rke2
Path /var/lib/rancher/rke2/agent/logs/kubelet.log
[FILTER]
Name parser
Match *
Key_Name log
Parser klog
Reserve_Data On
[FILTER]
Name parser
Match *
Key_Name MESSAGE
Parser klog
Reserve_Data On
[FILTER]
Name parser
Match *
Key_Name MESSAGE
Parser rancher
Reserve_Data On
[FILTER]
Name parser
Match *
Key_Name MESSAGE
Parser etcd
Reserve_Data On
[OUTPUT]
Name forward
Match *
Host {{ .Release.Name }}-root-fluentd.{{ .Release.Namespace }}.svc
Port 24240
Retry_Limit False
parsers.conf: |
{{ include "logging-operator.parsers" . | indent 4 }}
{{- end }}

116
charts/rancher-logging/103.0.1+up3.17.10/templates/loggings/rke2/daemonset.yaml Normal file
View File

@ -0,0 +1,116 @@
{{- if .Values.additionalLoggingSources.rke2.enabled }}
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: "{{ .Release.Name }}-rke2-journald-aggregator"
namespace: "{{ .Release.Namespace }}"
spec:
selector:
matchLabels:
name: {{ .Release.Name }}-rke2-journald-aggregator
template:
metadata:
annotations:
checksum/config: {{ include (print $.Template.BasePath "/loggings/rke2/configmap.yaml") . | sha256sum }}
name: "{{ .Release.Name }}-rke2-journald-aggregator"
namespace: "{{ .Release.Namespace }}"
labels:
name: {{ .Release.Name }}-rke2-journald-aggregator
spec:
containers:
- name: fluentbit
image: "{{ template "logging-operator.fluentbitImage" . }}"
{{- if .Values.global.seLinux.enabled }}
securityContext:
seLinuxOptions:
type: rke_logreader_t
{{- end }}
volumeMounts:
- mountPath: /fluent-bit/etc/
name: config
- mountPath: {{ .Values.systemdLogPath | default "/var/log/journal" }}
name: journal
readOnly: true
- mountPath: "/var/lib/rancher/rke2/agent/logs"
name: kubelet
readOnly: true
- mountPath: /etc/machine-id
name: machine-id
readOnly: true
{{- with .Values.tolerations }}
tolerations: {{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector: {{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: "{{ .Release.Name }}-rke2-journald-aggregator"
volumes:
- name: config
configMap:
name: "{{ .Release.Name }}-rke2"
- name: journal
hostPath:
path: {{ .Values.systemdLogPath | default "/var/log/journal" }}
- name: kubelet
hostPath:
path: "/var/lib/rancher/rke2/agent/logs"
- name: machine-id
hostPath:
path: /etc/machine-id
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: "{{ .Release.Name }}-rke2-journald-aggregator"
namespace: "{{ .Release.Namespace }}"
{{- if .Values.global.cattle.psp.enabled }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: "{{ .Release.Name }}-rke2-journald-aggregator"
rules:
- apiGroups:
- policy
resourceNames:
- "{{ .Release.Name }}-rke2-journald-aggregator"
resources:
- podsecuritypolicies
verbs:
- use
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: "{{ .Release.Name }}-rke2-journald-aggregator"
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: "{{ .Release.Name }}-rke2-journald-aggregator"
subjects:
- kind: ServiceAccount
name: "{{ .Release.Name }}-rke2-journald-aggregator"
---
apiVersion: policy/v1beta1
kind: PodSecurityPolicy
metadata:
name: "{{ .Release.Name }}-rke2-journald-aggregator"
namespace: "{{ .Release.Namespace }}"
spec:
allowPrivilegeEscalation: false
fsGroup:
rule: RunAsAny
readOnlyRootFilesystem: true
runAsUser:
rule: RunAsAny
seLinux:
rule: RunAsAny
supplementalGroups:
rule: RunAsAny
volumes:
- configMap
- emptyDir
- secret
- hostPath
{{- end }}
{{- end }}

82
charts/rancher-logging/103.0.1+up3.17.10/templates/loggings/root/logging.yaml Normal file
View File

@ -0,0 +1,82 @@
{{- define "logging-operator.logging.root" -}}
{{- $containerLogPath := printf "%s/containers/" (default "/var/lib/docker" .Values.global.dockerRootDirectory) }}
metadata:
name: "{{ .Release.Name }}-root"
spec:
{{- if (include "windowsEnabled" .) }}
nodeAgents:
- name: win-agent
profile: windows
nodeAgentFluentbit:
daemonSet:
spec:
template:
spec:
containers:
- image: {{ template "system_default_registry" . }}{{ .Values.images.nodeagent_fluentbit.repository }}:{{ .Values.images.nodeagent_fluentbit.tag }}
name: fluent-bit
tls:
enabled: {{ .Values.nodeAgents.tls.enabled | default false }}
{{- if .Values.additionalLoggingSources.rke.enabled }}
- name: win-agent-rke
profile: windows
nodeAgentFluentbit:
filterKubernetes:
Kube_Tag_Prefix: "{{ template "windowsKubernetesFilter" . }}.var.lib.rancher.rke.log."
inputTail:
Path: "{{ template "windowsPathPrefix" . }}/var/lib/rancher/rke/log"
{{- if .Values.fluentbit.inputTail.Buffer_Chunk_Size }}
Buffer_Chunk_Size: {{ .Values.fluentbit.inputTail.Buffer_Chunk_Size | toString }}
{{- end }}
{{- if .Values.fluentbit.inputTail.Buffer_Max_Size }}
Buffer_Max_Size: {{ .Values.fluentbit.inputTail.Buffer_Max_Size | toString }}
{{- end }}
{{- if .Values.fluentbit.inputTail.Mem_Buf_Limit }}
Mem_Buf_Limit: {{ .Values.fluentbit.inputTail.Mem_Buf_Limit | toString }}
{{- end }}
{{- if .Values.fluentbit.inputTail.Multiline_Flush }}
Multiline_Flush: {{ .Values.fluentbit.inputTail.Multiline_Flush | toString | quote }}
{{- end }}
{{- if .Values.fluentbit.inputTail.Skip_Long_Lines }}
Skip_Long_Lines: {{ .Values.fluentbit.inputTail.Skip_Long_Lines | toString | quote }}
{{- end }}
extraVolumeMounts:
- source: "{{ template "windowsInputTailMount" . }}/var/lib/rancher/rke/log"
destination: "{{ template "windowsInputTailMount" . }}/var/lib/rancher/rke/log"
readOnly: true
daemonSet:
spec:
template:
spec:
containers:
- image: "{{ template "system_default_registry" . }}{{ .Values.images.nodeagent_fluentbit.repository }}:{{ .Values.images.nodeagent_fluentbit.tag }}"
name: fluent-bit
tls:
enabled: {{ .Values.nodeAgents.tls.enabled | default false }}
{{- end }}
{{- end }}
fluentbit:
{{- if .Values.global.dockerRootDirectory }}
mountPath: {{ $containerLogPath }}
extraVolumeMounts:
- source: {{ $containerLogPath }}
destination: {{ $containerLogPath }}
readOnly: true
{{- end }}
{{- if (include "requireFilterKubernetes" .) }}
filterKubernetes:
{{- if .Values.fluentbit.filterKubernetes.Merge_Log }}
Merge_Log: "{{ .Values.fluentbit.filterKubernetes.Merge_Log }}"
{{- end }}
{{- if .Values.fluentbit.filterKubernetes.Merge_Log_Key }}
Merge_Log_Key: "{{ .Values.fluentbit.filterKubernetes.Merge_Log_Key }}"
{{- end }}
{{- if .Values.fluentbit.filterKubernetes.Merge_Log_Trim }}
Merge_Log_Trim: "{{ .Values.fluentbit.filterKubernetes.Merge_Log_Trim }}"
{{- end }}
{{- if .Values.fluentbit.filterKubernetes.Merge_Parser }}
Merge_Parser: "{{ .Values.fluentbit.filterKubernetes.Merge_Parser }}"
{{- end }}
{{- end }}
{{- end -}}
{{- include "logging-operator.logging" (list . "logging-operator.logging.root") -}}

34
charts/rancher-logging/103.0.1+up3.17.10/templates/psp.yaml Normal file
View File

@ -0,0 +1,34 @@
{{ if and .Values.global.cattle.psp.enabled }}
apiVersion: policy/v1beta1
kind: PodSecurityPolicy
metadata:
name: psp.logging-operator
namespace: {{ include "logging-operator.namespace" . }}
annotations:
{{- if .Values.rbac.psp.annotations }}
{{ toYaml .Values.rbac.psp.annotations | indent 4 }}
{{- end }}
labels:
{{ include "logging-operator.labels" . | indent 4 }}
spec:
readOnlyRootFilesystem: true
privileged: false
allowPrivilegeEscalation: false
runAsUser:
rule: MustRunAsNonRoot
fsGroup:
rule: MustRunAs
ranges:
- min: 1
max: 65535
supplementalGroups:
rule: MustRunAs
ranges:
- min: 1
max: 65535
seLinux:
rule: RunAsAny
volumes:
- secret
- configMap
{{ end }}

20
charts/rancher-logging/103.0.1+up3.17.10/templates/service.yaml Normal file
View File

@ -0,0 +1,20 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "logging-operator.fullname" . }}
namespace: {{ include "logging-operator.namespace" . }}
labels:
{{ include "logging-operator.labels" . | indent 4 }}
spec:
type: ClusterIP
{{- with .Values.http.service.clusterIP }}
clusterIP: {{ . }}
{{- end }}
ports:
- port: {{ .Values.http.port }}
targetPort: http
protocol: TCP
name: http
selector:
app.kubernetes.io/name: {{ include "logging-operator.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}

30
charts/rancher-logging/103.0.1+up3.17.10/templates/serviceMonitor.yaml Normal file
View File

@ -0,0 +1,30 @@
{{ if .Values.monitoring.serviceMonitor.enabled }}
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: {{ include "logging-operator.fullname" . }}
namespace: {{ include "logging-operator.namespace" . }}
labels:
{{ include "logging-operator.labels" . | indent 4 }}
{{- with .Values.monitoring.serviceMonitor.additionalLabels }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
selector:
matchLabels:
{{ include "logging-operator.labels" . | indent 6 }}
endpoints:
- port: http
path: /metrics
{{- with .Values.monitoring.serviceMonitor.metricsRelabelings }}
metricRelabelings:
{{- toYaml . | nindent 6 }}
{{- end }}
{{- with .Values.monitoring.serviceMonitor.relabelings }}
relabelings:
{{- toYaml . | nindent 4 }}
{{- end }}
namespaceSelector:
matchNames:
- {{ include "logging-operator.namespace" . }}
{{- end }}

14
charts/rancher-logging/103.0.1+up3.17.10/templates/serviceaccount.yaml Normal file
View File

@ -0,0 +1,14 @@
{{- if .Values.rbac.enabled }}
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ template "logging-operator.fullname" . }}
namespace: {{ include "logging-operator.namespace" . }}
labels:
{{ include "logging-operator.labels" . | indent 4 }}
{{- with .Values.serviceAccount.annotations }}
annotations:
{{ toYaml . | indent 4 }}
{{- end }}
{{- end }}

35
charts/rancher-logging/103.0.1+up3.17.10/templates/userroles.yaml Normal file
View File

@ -0,0 +1,35 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: "logging-admin"
labels:
rbac.authorization.k8s.io/aggregate-to-admin: "true"
rules:
- apiGroups:
- "logging.banzaicloud.io"
resources:
- flows
- outputs
verbs:
- "*"
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: "logging-view"
labels:
rbac.authorization.k8s.io/aggregate-to-admin: "true"
rbac.authorization.k8s.io/aggregate-to-view: "true"
rbac.authorization.k8s.io/aggregate-to-edit: "true"
rules:
- apiGroups:
- "logging.banzaicloud.io"
resources:
- flows
- outputs
- clusterflows
- clusteroutputs
verbs:
- get
- list
- watch

20
charts/rancher-logging/103.0.1+up3.17.10/templates/validate-install-crd.yaml Normal file
View File

@ -0,0 +1,20 @@
#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
# {{- $found := dict -}}
# {{- set $found "logging-extensions.banzaicloud.io/v1alpha1/EventTailer" false -}}
# {{- set $found "logging-extensions.banzaicloud.io/v1alpha1/HostTailer" false -}}
# {{- set $found "logging.banzaicloud.io/v1alpha1/ClusterFlow" false -}}
# {{- set $found "logging.banzaicloud.io/v1alpha1/ClusterOutput" false -}}
# {{- set $found "logging.banzaicloud.io/v1alpha1/Flow" false -}}
# {{- set $found "logging.banzaicloud.io/v1alpha1/Logging" false -}}
# {{- set $found "logging.banzaicloud.io/v1alpha1/Output" false -}}
# {{- range .Capabilities.APIVersions -}}
# {{- if hasKey $found (toString .) -}}
# {{- set $found (toString .) true -}}
# {{- end -}}
# {{- end -}}
# {{- range $_, $exists := $found -}}
# {{- if (eq $exists false) -}}
# {{- required "Required CRDs are missing. Please install the corresponding CRD chart before installing this chart." "" -}}
# {{- end -}}
# {{- end -}}
#{{- end -}}

5
charts/rancher-logging/103.0.1+up3.17.10/templates/validate-install.yaml Normal file
View File

@ -0,0 +1,5 @@
#{{- if .Values.global.dockerRootDirectory }}
#{{- if or (hasSuffix "/containers" .Values.global.dockerRootDirectory) (hasSuffix "/" .Values.global.dockerRootDirectory) }}
#{{- required "global.dockerRootDirectory must not end with suffix: '/' or '/containers'" "" -}}
#{{- end }}
#{{- end }}

7
charts/rancher-logging/103.0.1+up3.17.10/templates/validate-psp-install.yaml Normal file
View File

@ -0,0 +1,7 @@
#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
#{{- if .Values.global.cattle.psp.enabled }}
#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
#{{- end }}
#{{- end }}
#{{- end }}

240
charts/rancher-logging/103.0.1+up3.17.10/values.yaml Normal file
View File

@ -0,0 +1,240 @@
# Default values for logging-operator.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
replicaCount: 1
image:
repository: rancher/mirrored-banzaicloud-logging-operator
tag: 3.17.10
pullPolicy: IfNotPresent
env: []
volumes: []
volumeMounts: []
extraArgs:
- -enable-leader-election=true
imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""
namespaceOverride: ""
## Pod custom labels
##
podLabels: {}
annotations: {}
## Deploy CRDs used by Logging Operator.
##
createCustomResource: false
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
nodeSelector:
kubernetes.io/os: linux
tolerations:
- key: cattle.io/os
operator: "Equal"
value: "linux"
effect: NoSchedule
affinity: {}
http:
# http listen port number
port: 8080
# Service definition for query http service
service:
type: ClusterIP
clusterIP: None
# Annotations to query http service
annotations: {}
# Labels to query http service
labels: {}
rbac:
enabled: true
psp:
annotations:
seccomp.security.alpha.kubernetes.io/allowedProfileNames: 'docker/default,runtime/default'
seccomp.security.alpha.kubernetes.io/defaultProfileName: 'runtime/default'
## Specify pod annotations
## Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#apparmor
## Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#seccomp
## Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#sysctl
## SecurityContext holds pod-level security attributes and common container settings.
## This defaults to non-root user with uid 1000 and gid 2000. *v1.PodSecurityContext false
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
##
podSecurityContext: {}
# runAsNonRoot: true
# runAsUser: 1000
# fsGroup: 2000
securityContext: {}
# allowPrivilegeEscalation: false
# readOnlyRootFilesystem: true
# capabilities:
# drop: ["ALL"]
## Operator priorityClassName
##
priorityClassName: {}
monitoring:
# Create a Prometheus Operator ServiceMonitor object
serviceMonitor:
enabled: false
additionalLabels: {}
metricRelabelings: []
relabelings: []
serviceAccount:
annotations: {}
###################################
# Rancher Logging Operator Values #
###################################
# Enable debug to use fluent-bit images that allow exec
debug: false
# Disable persistent volumes for buffers
disablePvc: true
# If your additional logging sources collect logs from systemd configure the systemd log path here
systemdLogPath: "/run/log/journal"
global:
cattle:
systemDefaultRegistry: ""
# Uncomment the below two lines to either enable or disable Windows logging. If this chart is
# installed via the Rancher UI, it will set this value to "true" if the cluster is a Windows
# cluster. In that scenario, if you would like to disable Windows logging on Windows clusters,
# set the value below to "false".
# windows:
# enabled: true
psp:
enabled: false
# Change the "dockerRootDirectory" if the default Docker directory has changed.
dockerRootDirectory: ""
rkeWindowsPathPrefix: "c:\\"
seLinux:
enabled: false
images:
config_reloader:
repository: rancher/mirrored-jimmidyson-configmap-reload
tag: v0.4.0
fluentbit:
repository: rancher/mirrored-fluent-fluent-bit
tag: 2.2.0
nodeagent_fluentbit:
os: "windows"
repository: rancher/fluent-bit
tag: 1.8.9
fluentbit_debug:
repository: rancher/mirrored-fluent-fluent-bit
tag: 2.2.0-debug
fluentd:
repository: rancher/mirrored-banzaicloud-fluentd
tag: v1.14.6-alpine-5
additionalLoggingSources:
rke:
enabled: false
fluentbit:
log_level: "info"
mem_buffer_limit: "5MB"
rke2:
enabled: false
stripUnderscores: false
k3s:
enabled: false
container_engine: "systemd"
stripUnderscores: false
aks:
enabled: false
eks:
enabled: false
gke:
enabled: false
kubeAudit:
auditFilename: ""
enabled: false
pathPrefix: ""
fluentbit:
logTag: kube-audit
tolerations:
- key: node-role.kubernetes.io/controlplane
value: "true"
effect: NoSchedule
- key: node-role.kubernetes.io/etcd
value: "true"
effect: NoExecute
# configures node agent options for windows node agents
nodeAgents:
tls:
enabled: false
# These settings apply to every Logging CR, including vendor Logging CRs enabled in "additionalLoggingSources".
# Changing these affects every Logging CR installed.
fluentd:
bufferStorageVolume: {}
livenessProbe:
tcpSocket:
port: 24240
initialDelaySeconds: 30
periodSeconds: 15
nodeSelector: {}
resources: {}
tolerations: {}
env: []
fluentbit:
inputTail:
Buffer_Chunk_Size: ""
Buffer_Max_Size: ""
Mem_Buf_Limit: ""
Multiline_Flush: ""
Skip_Long_Lines: ""
resources: {}
tolerations:
- key: node-role.kubernetes.io/controlplane
value: "true"
effect: NoSchedule
- key: node-role.kubernetes.io/etcd
value: "true"
effect: NoExecute
filterKubernetes:
Merge_Log: ""
Merge_Log_Key: ""
Merge_Log_Trim: ""
Merge_Parser: ""
# DO NOT SET THIS UNLESS YOU KNOW WHAT YOU ARE DOING.
# Setting fields on this object can break rancher logging or cause unexpected behavior. It is intended to be used if you
# need to configure functionality not exposed by rancher logging. It is highly recommended you check the `app-readme.md`
# for the functionality you need before modifying this object.
# this object will be merged with every logging CR created by this chart. Any fields that collide with fields from the
# settings above will be overridden. Any fields that collide with fields set in the files in `templates/loggings` will
# be ignored.

43
index.yaml
View File

@ -13396,6 +13396,35 @@ entries:
urls:
- assets/rancher-logging/rancher-logging-104.0.0-rc1+up4.4.0.tgz
version: 104.0.0-rc1+up4.4.0
- annotations:
catalog.cattle.io/auto-install: rancher-logging-crd=match
catalog.cattle.io/certified: rancher
catalog.cattle.io/deploys-on-os: windows
catalog.cattle.io/display-name: Logging
catalog.cattle.io/kube-version: '>= 1.23.0-0 < 1.29.0-0'
catalog.cattle.io/namespace: cattle-logging-system
catalog.cattle.io/permits-os: linux,windows
catalog.cattle.io/provides-gvr: logging.banzaicloud.io.clusterflow/v1beta1
catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0'
catalog.cattle.io/release-name: rancher-logging
catalog.cattle.io/type: cluster-tool
catalog.cattle.io/ui-component: logging
catalog.cattle.io/upstream-version: 3.17.10
apiVersion: v1
appVersion: 3.17.10
created: "2024-04-04T14:38:14.021277-03:00"
description: Collects and filter logs using highly configurable CRDs. Powered
by Banzai Cloud Logging Operator.
digest: 2610917a2115fd167ace9eeb6cfe8528e8256e037a48c38036331f2acafc1ab5
icon: https://charts.rancher.io/assets/logos/logging.svg
keywords:
- logging
- monitoring
- security
name: rancher-logging
urls:
- assets/rancher-logging/rancher-logging-103.0.1+up3.17.10.tgz
version: 103.0.1+up3.17.10
- annotations:
catalog.cattle.io/auto-install: rancher-logging-crd=match
catalog.cattle.io/certified: rancher
@ -13944,6 +13973,20 @@ entries:
urls:
- assets/rancher-logging-crd/rancher-logging-crd-104.0.0-rc1+up4.4.0.tgz
version: 104.0.0-rc1+up4.4.0
- annotations:
catalog.cattle.io/certified: rancher
catalog.cattle.io/hidden: "true"
catalog.cattle.io/namespace: cattle-logging-system
catalog.cattle.io/release-name: rancher-logging-crd
apiVersion: v1
created: "2024-04-04T14:38:47.569801-03:00"
description: Installs the CRDs for rancher-logging.
digest: 229770eda868a2ab08095dd4cdf9a2c547dc70359c0fb569a08d113428cc151b
name: rancher-logging-crd
type: application
urls:
- assets/rancher-logging-crd/rancher-logging-crd-103.0.1+up3.17.10.tgz
version: 103.0.1+up3.17.10
- annotations:
catalog.cattle.io/certified: rancher
catalog.cattle.io/hidden: "true"

2
release.yaml
View File

@ -110,10 +110,12 @@ rancher-logging:
- 104.0.0-rc1+up4.4.0
- 104.0.0+up3.17.10
- 102.0.2+up3.17.10
- 103.0.1+up3.17.10
rancher-logging-crd:
- 104.0.0-rc1+up4.4.0
- 104.0.0+up3.17.10
- 102.0.2+up3.17.10
- 103.0.1+up3.17.10
rancher-monitoring:
- 104.0.0-rc1+up45.31.1
- 103.0.3+up45.31.1