Commits · ba4a52ae24e56fdc1d7fdc3959167c633a6205da · Joe Mayer / system-charts

25 Dec, 2019 1 commit
- Copied from rancher-logging/0.1.3 · ba4a52ae
  shanewxy authored Dec 25, 2019
  
  ba4a52ae
17 Sep, 2019 1 commit

Adapt logging to PSP restricted clusters · c5aa5fd2

gitlawr authored Sep 09, 2019

Add PSP and related role/rolebinding/SA resources to logging chart.
The PSP contains restricted rules + hostPath volume.
Also, remove unnecessary privileged escalation from log-aggregator.

c5aa5fd2

10 Sep, 2019 1 commit

Update for API group migration · 447b7a37

gitlawr authored Sep 06, 2019

Note:
See https://kubernetes.io/blog/2019/07/18/api-deprecations-in-1-16/
- PSP is introduced in policy apigroup in 1.10, and removed from extensions apigroup in 1.16.
- DaemonSet, Deployment, StatefulSet, and ReplicaSet migrate to apps in 1.9, and no longer be served from extensions in 1.16
- Ingress is migrated to networking.k8s.io in 1.14, and will be removed from extensions in 1.18

447b7a37

29 Aug, 2019 1 commit

Adapt monitoring to restricted PSP clusters · 394986a9

gitlawr authored Aug 28, 2019

Problem:
Fail to enable monitoring on restricted PSP clusters.

Solution:
1. Update grafana to run as grafana user.
2. Update nginx sidecars to run as nginx user, move files to the user
home directory(/var/cache/nginx) and listen on non privileged 8080 port.
With 1 & 2, project monitoring works in restricted clusters out of the
box.
3. Add necessary PSP/role/rb resource to node-exporter, which is used by
cluster monitoring.

394986a9