Merge "Updated aggregator configs to recent changes"
diff --git a/kubernetes/files/kube-addons/fluentd/fluentd-aggregator-deploy.yaml b/kubernetes/files/kube-addons/fluentd/fluentd-aggregator-deploy.yaml
index 32d1bb0..6234b85 100644
--- a/kubernetes/files/kube-addons/fluentd/fluentd-aggregator-deploy.yaml
+++ b/kubernetes/files/kube-addons/fluentd/fluentd-aggregator-deploy.yaml
@@ -25,11 +25,20 @@
spec:
serviceAccountName: fluentd
tolerations:
- - key: node-role.kubernetes.io/master
- effect: NoSchedule
+ - key: "node-role.kubernetes.io/master"
+ effect: "NoSchedule"
+ operator: "Exists"
+ affinity:
+ nodeAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ nodeSelectorTerms:
+ - matchExpressions:
+ - key: node-role.kubernetes.io/master
+ operator: In
+ values: ["true"]
containers:
- name: fluentd-aggregator
- image: {{ common.addons.fluentd.aggregator.get('image', 'fluent/fluentd-kubernetes-daemonset:v1.2-debian-elasticsearch') }}
+ image: {{ common.addons.fluentd.aggregator.get('image', 'docker-prod-local.docker.mirantis.net/mirantis/external/fluentd-kubernetes-daemonset:stable') }}
env:
- name: FLUENTD_ELASTICSEARCH_HOST
value: "{{ common.addons.fluentd.aggregator.config.output.es.get('host', '127.0.0.1') }}"
@@ -38,7 +47,7 @@
- name: FLUENTD_ELASTICSEARCH_SCHEME
value: "{{ common.addons.fluentd.aggregator.config.output.es.get('scheme', 'http') }}"
- name: FLUENTD_AGGREGATOR_BIND_PORT
- value: "{{ common.addons.fluentd.aggregator.config.forward_input.bind.get('port', '24224') }}"
+ value: "{{ common.addons.fluentd.aggregator.bind.get('port', '24224') }}"
- name: ENVIRONMENT_LABEL
value: "{{ grains.domain }}"
# TODO: a hack to pass the broken entrypoint in upstream docker image for k8s fluent when configmap is used
@@ -52,17 +61,14 @@
requests:
memory: {{ common.addons.fluentd.aggregator.resources.requests.get('memory', '500Mi') }}
ports:
- - containerPort: {{ common.addons.fluentd.aggregator.config.forward_input.bind.get('port', '24224') }}
+ - containerPort: {{ common.addons.fluentd.aggregator.bind.get('port', '24224') }}
name: main-input
protocol: TCP
- - containerPort: 9880
- name: health-check
- protocol: TCP
volumeMounts:
- - name: fluentd-aggregator-config
- mountPath: /fluentd/etc
+ - name: fluentd-aggregator-cfg
+ mountPath: {{ common.addons.fluentd.aggregator.config.get('config_dir', '/fluentd/etc') }}
readOnly: false
volumes:
- - name: fluentd-aggregator-config
+ - name: fluentd-aggregator-cfg
configMap:
name: fluentd-aggregator-cfg
diff --git a/kubernetes/files/kube-addons/fluentd/fluentd-aggregator-fluent-conf.yaml b/kubernetes/files/kube-addons/fluentd/fluentd-aggregator-fluent-conf.yaml
index d76f290..bfcbd3e 100644
--- a/kubernetes/files/kube-addons/fluentd/fluentd-aggregator-fluent-conf.yaml
+++ b/kubernetes/files/kube-addons/fluentd/fluentd-aggregator-fluent-conf.yaml
@@ -11,8 +11,6 @@
fluent.conf: |
@include forward-input.conf
@include general.conf
- @include kubernetes-filter.conf
- @include systemd-filter.conf
@include output.conf
forward-input.conf: |
@@ -26,105 +24,8 @@
<match fluent.**>
@type null
</match>
- <source>
- @type http
- port 9880
- bind 0.0.0.0
- </source>
- <filter **>
- @type record_transformer
- enable_ruby
- <record>
- Type log
- environment_label "#{ENV['ENVIRONMENT_LABEL']}"
- Hostname ${ hostname }
- Timestamp ${ time.strftime("{{ common.addons.fluentd.aggregator.config.general.get('time_format', '%Y-%m-%dT%H:%M:%S.%N%z') }}") }
- </record>
- </filter>
-
- kubernetes-filter.conf: |
- <filter temp.kubernetes.**>
- @type kubernetes_metadata
- merge_json_log true
- preserve_json_log true
- </filter>
- <match temp.kubernetes.container>
- @type rewrite_tag_filter
- <rule>
- key
- pattern ^(.*)$
- tag __TAG__.$1
- </rule>
- </match>
- <match temp.kubernetes.service>
- @type rewrite_tag_filter
- <rule>
- key service
- pattern (.*)
- tag __TAG__.$1
- </rule>
- </match>
- <filter temp.kubernetes.service.**>
- @type record_transformer
- enable_ruby
- remove_keys severity
- <record>
- severity_label ${ {"ERROR"=>"E","INFO"=>"I","WARNING"=>"W","NOTICE"=>"N"}.key(record["severity"]) }
- Severity ${ {3=>"E",4=>"W",5=>"N",6=>"I",}.key(record["severity"]) }
- programname ${ record['service'] }
- service ${record['service']}.service
- </record>
- </filter>
- <filter temp.kubernetes.container.**>
- @type record_transformer
- enable_ruby
- <record>
- severity_label ${ {"ERROR"=>"stderr","INFO"=>"stdout"}.key(record["stream"]) }
- Severity ${ {3=>"stderr",6=>"stdout"}.key(record["stream"]) }
- programname ${ record['kubernetes']['container_name'] }
- kubernetes_namespace_container_name ${record["kubernetes"]["namespace_name"]}.${record["kubernetes"]["container_name"]}
- </record>
- </filter>
-
- systemd-filter.conf: |
- <filter systemd.source>
- @type record_transformer
- enable_ruby
- <record>
- severity_label ${ {"TRACE"=>8,"DEBUG"=>7,"INFO"=>6,"NOTICE"=>5,"WARNING"=>4,"ERROR"=>3,"CRITICAL"=>2,"ALERT"=>1,"EMERGENCY"=>0}.key(record["Severity"].to_i) }
- </record>
- </filter>
- <match systemd.source>
- @type rewrite_tag_filter
- <rule>
- key ident
- pattern ^(.*)$
- tag __TAG__.$1
- </rule>
- </match>
- <filter systemd.source.**>
- @type record_transformer
- remove_keys message, severity
- </filter>
output.conf: |
- <match temp.kubernetes.container.**>
- @type rewrite_tag_filter
- <rule>
- key log_path
- pattern ^.*\/(.*)\.log$
- tag kubernetes.container.$1
- </rule>
- </match>
- <match temp.kubernetes.service.**>
- @type rewrite_tag_filter
- <rule>
- key programname
- pattern (.*)
- tag kubernetes.service.$1
- </rule>
- </match>
-
<match **>
@type elasticsearch
@log_level {{ common.addons.fluentd.aggregator.config.output.get('log_level', 'info') }}
diff --git a/kubernetes/files/kube-addons/fluentd/fluentd-aggregator-svc.yaml b/kubernetes/files/kube-addons/fluentd/fluentd-aggregator-svc.yaml
index 1595fb4..6c5b3a4 100644
--- a/kubernetes/files/kube-addons/fluentd/fluentd-aggregator-svc.yaml
+++ b/kubernetes/files/kube-addons/fluentd/fluentd-aggregator-svc.yaml
@@ -3,16 +3,20 @@
apiVersion: v1
kind: Service
metadata:
- name: fluentd-aggregator
+ name: fluentd-aggregator-svc
namespace: {{ common.addons.fluentd.get('namespace', 'stacklight') }}
labels:
k8s-app: fluentd-aggregator
- kubernetes.io/name: "fluentd-aggregator"
+ version: v1
addonmanager.kubernetes.io/mode: Reconcile
spec:
selector:
k8s-app: fluentd-aggregator
+ type: NodePort
ports:
- - name: fluentd-aggregator
- port: {{ common.addons.fluentd.aggregator.config.forward_input.bind.get('port', '24224') }}
+ - name: input
+ port: {{ common.addons.fluentd.aggregator.bind.get('port', '24224') }}
+ targetPort: {{ common.addons.fluentd.aggregator.bind.get('port', '24224') }}
protocol: TCP
+ # must be between 30000-32767
+ nodePort: {{ common.addons.fluentd.aggregator.bind.get('host_port', '31950') }}
diff --git a/kubernetes/files/kube-addons/fluentd/fluentd-logger-ds.yaml b/kubernetes/files/kube-addons/fluentd/fluentd-logger-ds.yaml
deleted file mode 100644
index 140c336..0000000
--- a/kubernetes/files/kube-addons/fluentd/fluentd-logger-ds.yaml
+++ /dev/null
@@ -1,66 +0,0 @@
-{%- from "kubernetes/map.jinja" import common with context -%}
----
-apiVersion: extensions/v1beta1
-kind: DaemonSet
-metadata:
- name: fluentd-logger
- namespace: {{ common.addons.fluentd.get('namespace', 'stacklight') }}
- labels:
- k8s-app: fluentd-logger
- version: v1
- beta.kubernetes.io/fluentd-ds-ready: "true"
-spec:
- template:
- metadata:
- labels:
- k8s-app: fluentd-logger
- version: v1
- # This annotation ensures that fluentd does not get evicted if the node
- # supports critical pod annotation based priority scheme.
- # Note that this does not guarantee admission on the nodes (#40573).
- annotations:
- scheduler.alpha.kubernetes.io/critical-pod: ''
- seccomp.security.alpha.kubernetes.io/pod: 'docker/default'
- spec:
- priorityClassName: system-node-critical
- serviceAccountName: fluentd
- tolerations:
- - key: node-role.kubernetes.io/master
- containers:
- - name: fluentd-logger
- image: {{ common.addons.fluentd.logger.get('image', 'fluent/fluentd-kubernetes-daemonset:v1.2-debian-stackdriver') }}
- env:
- - name: FLUENTD_AGGREGATOR_HOST
- value: "fluentd-aggregator"
- - name: FLUENTD_AGGREGATOR_PORT
- value: "{{ common.addons.fluentd.aggregator.config.forward_input.bind.get('port', '24224') }}"
- resources:
- limits:
- memory: {{ common.addons.fluentd.logger.resources.limits.get('memory', '500Mi') }}
- requests:
- memory: {{ common.addons.fluentd.logger.resources.requests.get('memory', '500Mi') }}
- volumeMounts:
- - name: varlog
- mountPath: /var/log
- - name: varlibdockercontainers
- mountPath: /var/lib/docker/containers
- readOnly: true
- - name: fluentd-logger-config
- mountPath: /fluentd/etc
- readOnly: false
- - name: runlog
- mountPath: /run/log
- terminationGracePeriodSeconds: 30
- volumes:
- - name: varlog
- hostPath:
- path: /var/log
- - name: varlibdockercontainers
- hostPath:
- path: /var/lib/docker/containers
- - name: fluentd-logger-config
- configMap:
- name: fluentd-logger-cfg
- - name: runlog
- hostPath:
- path: /run/log
diff --git a/kubernetes/files/kube-addons/fluentd/fluentd-logger-fluent-conf.yaml b/kubernetes/files/kube-addons/fluentd/fluentd-logger-fluent-conf.yaml
deleted file mode 100644
index 621c0f1..0000000
--- a/kubernetes/files/kube-addons/fluentd/fluentd-logger-fluent-conf.yaml
+++ /dev/null
@@ -1,93 +0,0 @@
-{%- from "kubernetes/map.jinja" import common with context -%}
----
-kind: ConfigMap
-apiVersion: v1
-metadata:
- name: fluentd-logger-cfg
- namespace: {{ common.addons.fluentd.get('namespace', 'stacklight') }}
- labels:
- addonmanager.kubernetes.io/mode: Reconcile
-data:
- fluent.conf: |
- @include general.conf
- @include kubernetes-input.conf
- @include systemd-input.conf
- @include forward-output.conf
-
- general.conf: |
- <match fluent.**>
- @type null
- </match>
- <source>
- @type http
- port 9880
- bind 0.0.0.0
- </source>
-
- kubernetes-input.conf: |
- <source>
- @type tail
- path /var/log/containers/*.log
- pos_file /var/log/fluentd-containers.log.pos
- time_format {{ common.addons.fluentd.logger.config.kubernetes_input.get('time_format') }}
- tag temp.kubernetes.container.*
- format json
- read_from_head true
- path_key log_path
- </source>
- <source>
- @type tail
- path /var/log/kubernetes.log
- pos_file /var/log/fluentd-kubernetes.log.pos
- time_format {{ common.addons.fluentd.logger.config.kubernetes_input.get('time_format') }}
- tag temp.kubernetes.service
- format json
- <parse>
- @type regexp
- expression /^(?<service>[^\[]*)\[.*\]:\s(?<severity>\w)(?<time>\d{4} [^\s]*)\s+(?<pid>\d+)\s+(?<source>[^ \]]+)\] (?<log>.*)/
- time_key time
- </parse>
- read_from_head true
- path_key log_path
- </source>
-
- systemd-input.conf: |
- <source>
- @type systemd
- matches [{"_SYSTEMD_UNIT": "docker.service"}]
- path /run/log/journal
- pos_file /var/log/fluentd-journald-systemd.pos
- tag systemd.source
- <entry>
- field_map {"MESSAGE": "Payload", "_CMDLINE": "process", "_COMM": "programname", "_PID": "Pid", "_SYSTEMD_UNIT": "service", "priority": "Severity", "syslog_identifier": "ident" }
- field_map_strict true
- fields_strip_underscores true
- fields_lowercase true
- </entry>
- </source>
-
- forward-output.conf: |
- <match **>
- @type forward
- require_ack_response {{ common.addons.fluentd.logger.config.forward_output.get('require_ack_response', 'true') | lower }}
- ack_response_timeout {{ common.addons.fluentd.logger.config.forward_output.get('ack_response_timeout', '30') }}
- recover_wait {{ common.addons.fluentd.logger.config.forward_output.get('recover_wait', '10s') }}
- heartbeat_interval {{ common.addons.fluentd.logger.config.forward_output.get('heartbeat_interval', '1s') }}
- phi_threshold {{ common.addons.fluentd.logger.config.forward_output.get('phi_threshold', '16') }}
- send_timeout {{ common.addons.fluentd.logger.config.forward_output.get('send_timeout', '10s') }}
- hard_timeout {{ common.addons.fluentd.logger.config.forward_output.get('hard_timeout', '10s') }}
- expire_dns_cache {{ common.addons.fluentd.logger.config.forward_output.get('expire_dns_cache', '15') }}
- heartbeat_type {{ common.addons.fluentd.logger.config.forward_output.get('heartbeat_type', 'tcp') }}
- buffer_chunk_limit {{ common.addons.fluentd.logger.config.forward_output.get('buffer_chunk_limit', '2M') }}
- buffer_queue_limit {{ common.addons.fluentd.logger.config.forward_output.get('buffer_queue_limit', '32') }}
- flush_interval {{ common.addons.fluentd.logger.config.forward_output.get('flush_interval', '5s') }}
- max_retry_wait {{ common.addons.fluentd.logger.config.forward_output.get('max_retry_wait', '15') }}
- disable_retry_limit
- num_threads {{ common.addons.fluentd.logger.config.forward_output.get('num_threads', '8') }}
- <server>
- name fluentd-aggregator
- host fluentd-aggregator
- port "#{ENV['FLUENTD_AGGREGATOR_PORT']}"
- weight 60
- </server>
- </match>
diff --git a/kubernetes/master/kube-addons.sls b/kubernetes/master/kube-addons.sls
index fc3b074..07ecd10 100644
--- a/kubernetes/master/kube-addons.sls
+++ b/kubernetes/master/kube-addons.sls
@@ -388,19 +388,6 @@
{%- endfor %}
-{%- set fluentd_logger_resources = ['fluent-conf', 'ds'] %}
-{%- for resource in fluentd_logger_resources %}
-
-/etc/kubernetes/addons/fluentd/fluentd-logger-{{ resource }}.yaml:
- file.managed:
- - source: salt://kubernetes/files/kube-addons/fluentd/fluentd-logger-{{ resource }}.yaml
- - template: jinja
- - group: root
- - dir_mode: 755
- - makedirs: True
-
-{%- endfor %}
-
{% endif %}
{%- if common.addons.get('telegraf', {}).get('enabled') %}