apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
name: fluentd-sumologic
labels:
app: fluentd-sumologic
version: v1
spec:
template:
metadata:
labels:
name: fluentd-sumologic
spec:
volumes:
- name: pos-files
hostPath:
path: /var/run/fluentd-pos
type: ""
# User data 1 mount point for Kubernetes running in OCI Container Engine for Kubernetes (OKE)
- name: "u01"
hostPath:
path: /u01
- name: host-logs
hostPath:
path: /var/log/
- name: docker-logs
hostPath:
path: /var/lib/docker
- name: fluentd-sumologic-config
configMap:
name: fluentd-sumologic-config
containers:
- image: sumologic/fluentd-kubernetes-sumologic:latest
name: fluentd
imagePullPolicy: Always
volumeMounts:
- name: fluentd-sumologic-config
mountPath: /fluentd/etc
- name: host-logs
mountPath: /mnt/log/
readOnly: true
- name: host-logs
mountPath: /var/log/
readOnly: true
- name: docker-logs
mountPath: /var/lib/docker/
readOnly: true
- name: "u01"
mountPath: /u01
readOnly: true
- name: pos-files
mountPath: /mnt/pos/
env:
- name: COLLECTOR_URL
valueFrom:
secretKeyRef:
name: sumologic
key: collector-url
# Improve GC for memory limited envs like docker.
- name: RUBY_GC_HEAP_OLDOBJECT_LIMIT_FACTOR
value: "0.9"
tolerations:
- operator: "Exists"
- effect: "NoSchedule"
key: "node-role.kubernetes.io/master"
---
apiVersion: v1
kind: ConfigMap
metadata:
name: fluentd-sumologic-config
labels:
app: fluentd-sumologic
data:
out.sumo.conf: |-
@type sumologic
log_key log
endpoint "#{ENV['COLLECTOR_URL']}"
verify_ssl "#{ENV['VERIFY_SSL']}"
log_format "#{ENV['LOG_FORMAT']}"
flush_interval "#{ENV['FLUSH_INTERVAL']}"
num_threads "#{ENV['NUM_THREADS']}"
open_timeout 60
add_timestamp "#{ENV['ADD_TIMESTAMP']}"
timestamp_key "#{ENV['TIMESTAMP_KEY']}"
proxy_uri "#{ENV['PROXY_URI']}"
fluent.file.conf: |-
@type null
@type monitor_agent
bind 0.0.0.0
port 24220
@include /fluentd/etc/file.source.*.conf
@include /fluentd/etc/user/*.conf
@include /fluentd/etc/out.sumo.conf
fluent.forward.conf: |-
## built-in TCP input
## $ echo | fluent-cat
@type forward
@id forward_input
port "#{ENV['FORWARD_INPUT_PORT']}"
bind "#{ENV['FORWARD_INPUT_BIND']}"
@type monitor_agent
bind 0.0.0.0
port 24220
@include /fluentd/etc/forward.source.*.conf
@include /fluentd/etc/user/*.conf
@include /fluentd/etc/out.sumo.conf
fluent.systemd.conf: |-
@type null
@type monitor_agent
bind 0.0.0.0
port 24220
@include /fluentd/etc/systemd.source.*.conf
@include /fluentd/etc/user/*.conf
@include /fluentd/etc/out.sumo.conf
file.source.containers.conf: |-
@type tail
format json
time_key "#{ENV['TIME_KEY']}"
path "#{ENV['CONTAINER_LOGS_PATH']}"
exclude_path "#{ENV['EXCLUDE_PATH']}"
pos_file /mnt/pos/ggcp-containers.log.pos
time_format %Y-%m-%dT%H:%M:%S.%NZ
tag containers.*
read_from_head "#{ENV['READ_FROM_HEAD']}"
enable_stat_watcher "#{ENV['ENABLE_STAT_WATCHER']}"
@type concat
key log
multiline_start_regexp "#{ENV['MULTILINE_START_REGEXP']}"
separator "#{ENV['CONCAT_SEPARATOR']}"
timeout_label @NORMAL
@type relabel
@label @NORMAL
file.source.docker.conf: |-
# Examples:
# time="2016-02-04T06:51:03.053580605Z" level=info msg="GET /containers/json"
# time="2016-02-04T07:53:57.505612354Z" level=error msg="HTTP Error" err="No such image: -f" statusCode=404
@type tail
format /^time="(?
@type kubernetes_sumologic
source_category docker
source_name k8s_docker
source_category_prefix "#{ENV['SOURCE_CATEGORY_PREFIX']}"
file.source.kubernetes.conf: |-
# Example:
# 2015-12-21 23:17:22,066 [salt.state ][INFO ] Completed state [net.ipv4.ip_forward] at time 23:17:22.066081
@type tail
format /^(?
@type kubernetes_sumologic
source_category salt
source_name k8s_salt
source_category_prefix "#{ENV['SOURCE_CATEGORY_PREFIX']}"
add_stream "#{ENV['ADD_STREAM']}"
add_time "#{ENV['ADD_TIME']}"
exclude_namespace_regex "#{ENV['EXCLUDE_NAMESPACE_REGEX']}"
# Example:
# Dec 21 23:17:22 gke-foo-1-1-4b5cbd14-node-4eoj startupscript: Finished running startup script /var/run/google.startup.script
@type tail
format syslog
path /mnt/log/startupscript.log
exclude_path "#{ENV['EXCLUDE_PATH']}"
pos_file /mnt/pos/ggcp-startupscript.log.pos
tag startupscript
enable_stat_watcher "#{ENV['ENABLE_STAT_WATCHER']}"
@type kubernetes_sumologic
source_category startupscript
source_name k8s_startupscript
source_category_prefix "#{ENV['SOURCE_CATEGORY_PREFIX']}"
add_stream "#{ENV['ADD_STREAM']}"
add_time "#{ENV['ADD_TIME']}"
exclude_namespace_regex "#{ENV['EXCLUDE_NAMESPACE_REGEX']}"
# Multi-line parsing is required for all the kube logs because very large log
# statements, such as those that include entire object bodies, get split into
# multiple lines by glog.
# Example:
# I0204 07:32:30.020537 3368 server.go:1048] POST /stats/container/: (13.972191ms) 200 [[Go-http-client/1.1] 10.244.1.3:40537]
@type tail
format multiline
multiline_flush_interval 5s
format_firstline /^\w\d{4}/
format1 /^(?\w)(?