apiVersion: {{ template "daemonset_api_version" . }} kind: DaemonSet metadata: name: {{ template "fluentd.fullname" . }}-linux labels: app: {{ template "fluentd.name" . }} chart: {{ template "fluentd.version" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} {{- if .Values.labels }} {{ toYaml .Values.labels | indent 4 }} {{- end }} spec: {{- if .Values.updateStrategy }} updateStrategy: {{ toYaml .Values.updateStrategy | indent 4 }} {{- end }} selector: matchLabels: app: {{ template "fluentd.name" . }} release: {{ .Release.Name }} template: metadata: labels: app: {{ template "fluentd.name" . }} chart: {{ template "fluentd.version" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} {{- if .Values.labels }} {{ toYaml .Values.labels | indent 4 }} {{- end }} {{- if .Values.annotations }} {{ toYaml .Values.annotations | indent 8 }} {{- end }} spec: serviceAccountName: {{ template "fluentd.fullname" . }} containers: - name: {{ template "fluentd.fullname" . }} image: {{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag }} imagePullPolicy: {{ .Values.image.pullPolicy | quote }} {{- if .Values.command }} command: {{ .Values.command }} {{ end }} env: {{- range $key, $value := .Values.env }} - name: {{ $key }} value: {{ $value | quote }} {{- end }} - name: K8S_NODE_NAME valueFrom: fieldRef: fieldPath: spec.nodeName resources: {{ toYaml .Values.resources | indent 10 }} volumeMounts: - mountPath: /fluentd/etc/config/custom name: custom - mountPath: /fluentd/etc/config/precan name: config - mountPath: /fluentd/etc/config/entry name: entry - mountPath: /fluentd/etc/config/ssl name: ssl - mountPath: {{ .Values.cluster.dockerRoot }} name: dockerroot - mountPath: /var/log/containers name: varlogcontainers - mountPath: /var/log/pods name: varlogpods - mountPath: /var/lib/rancher/rke/log name: rkelog - mountPath: /var/lib/rancher/log-volumes name: customlog - mountPath: /fluentd/log name: fluentdlog - name: libsystemddir mountPath: /host/lib readOnly: true {{- if .Values.extraVolumeMounts }} {{ toYaml .Values.extraVolumeMounts | indent 8 }} {{- end }} ports: {{- range $port := .Values.service.ports }} - name: {{ $port.name }} containerPort: {{ $port.port }} {{- if $port.protocol }} protocol: {{ $port.protocol }} {{- end }} {{- end }} {{- if .Values.livenessProbe.enabled }} # Liveness probe is aimed to help in situarions where fluentd # silently hangs for no apparent reasons until manual restart. # The idea of this probe is that if fluentd is not queueing or # flushing chunks for 5 minutes, something is not right. If # you want to change the fluentd configuration, reducing amount of # logs fluentd collects, consider changing the threshold or turning # liveness probe off completely. livenessProbe: initialDelaySeconds: 600 periodSeconds: 60 exec: command: - '/bin/sh' - '-c' - > LIVENESS_THRESHOLD_SECONDS=${LIVENESS_THRESHOLD_SECONDS:-300}; STUCK_THRESHOLD_SECONDS=${LIVENESS_THRESHOLD_SECONDS:-900}; if [ ! -e /fluentd/log/buffer ]; then exit 1; fi; touch -d "${STUCK_THRESHOLD_SECONDS} seconds ago" /tmp/marker-stuck; if [[ -z "$(find /fluentd/log/buffer -type f -newer /tmp/marker-stuck -print -quit)" ]]; then rm -rf /fluentd/log/buffer; exit 1; fi; touch -d "${LIVENESS_THRESHOLD_SECONDS} seconds ago" /tmp/marker-liveness; if [[ -z "$(find /fluentd/log/buffer -type f -newer /tmp/marker-liveness -print -quit)" ]]; then exit 1; fi; {{- end }} - name: {{ template "fluentd.fullname" . }}-{{ .Values.configmapReload.name }} image: {{ template "system_default_registry" . }}{{ .Values.configmapReload.image.repository }}:{{ .Values.configmapReload.image.tag }} imagePullPolicy: "{{ .Values.configmapReload.image.pullPolicy }}" args: - --volume-dir=/fluentd/etc/config/custom - --volume-dir=/fluentd/etc/config/precan - --volume-dir=/fluentd/etc/config/ssl - --volume-dir=/fluentd/etc/config/entry - --webhook-method=GET - --webhook-url=http://127.0.0.1:24444/api/config.reload resources: {{ toYaml .Values.configmapReload.resources | indent 12 }} volumeMounts: - mountPath: /fluentd/etc/config/custom name: custom - mountPath: /fluentd/etc/config/precan name: config - mountPath: /fluentd/etc/config/entry name: entry - mountPath: /fluentd/etc/config/ssl name: ssl terminationGracePeriodSeconds: 30 volumes: - hostPath: path: /var/lib/rancher/fluentd/etc/config/custom name: custom - hostPath: path: {{ .Values.cluster.dockerRoot }} name: dockerroot - hostPath: path: /var/log/containers name: varlogcontainers - hostPath: path: /var/log/pods name: varlogpods - hostPath: path: /var/lib/rancher/rke/log name: rkelog - hostPath: path: /var/lib/rancher/log-volumes name: customlog - hostPath: path: /var/lib/rancher/fluentd/log name: fluentdlog - name: config secret: secretName: {{ template "fluentd.fullname" . }} - name: entry secret: secretName: {{ template "fluentd.fullname" . }}-entry - name: ssl secret: secretName: {{ template "fluentd.fullname" . }}-ssl - name: libsystemddir hostPath: path: /usr/lib64 {{- if .Values.extraVolumes }} {{ toYaml .Values.extraVolumes | indent 6 }} {{- end }} nodeSelector: {{- include "linux-node-selector" . | nindent 8 }} {{- if .Values.nodeSelector }} {{ toYaml .Values.nodeSelector | indent 8 }} {{- end }} {{- if .Values.tolerations }} tolerations: {{ toYaml .Values.tolerations | indent 6 }} {{- end }}