Added elk files plus other updates
Change-Id: Idb2350c22a1c72324f7599171b94ed12d3d84ce0
diff --git a/rapps/fluentd.yaml b/rapps/fluentd.yaml
new file mode 100644
index 0000000..c402966
--- /dev/null
+++ b/rapps/fluentd.yaml
@@ -0,0 +1,126 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: fluentd
+ namespace: kube-system
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+ name: fluentd
+ namespace: kube-system
+rules:
+- apiGroups:
+ - ""
+ resources:
+ - pods
+ - namespaces
+ verbs:
+ - get
+ - list
+ - watch
+---
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+ name: fluentd
+roleRef:
+ kind: ClusterRole
+ name: fluentd
+ apiGroup: rbac.authorization.k8s.io
+subjects:
+- kind: ServiceAccount
+ name: fluentd
+ namespace: kube-system
+---
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+ name: fluentd
+ namespace: kube-system
+ labels:
+ k8s-app: fluentd-logging
+ version: v1
+spec:
+ selector:
+ matchLabels:
+ k8s-app: fluentd-logging
+ version: v1
+ template:
+ metadata:
+ labels:
+ k8s-app: fluentd-logging
+ version: v1
+ spec:
+ tolerations:
+ - key: node-role.kubernetes.io/master
+ effect: NoSchedule
+ containers:
+ - name: fluentd
+ image: fluent/fluentd-kubernetes-daemonset:v1-debian-elasticsearch
+ env:
+ - name: FLUENT_ELASTICSEARCH_HOST
+ value: "elasticsearch.logging"
+ - name: FLUENT_ELASTICSEARCH_PORT
+ value: "9200"
+ - name: FLUENT_ELASTICSEARCH_SCHEME
+ value: "https"
+ - name: FLUENTD_SYSTEMD_CONF
+ value: 'disable'
+ - name: K8S_NODE_NAME
+ value: 'docker-cluster'
+ #- name: FLUENT_CONTAINER_TAIL_PARSER_TYPE
+ #value: /^(?<time>.+) (?<stream>stdout|stderr) [^ ]* (?<log>.*)$/
+ # Option to configure elasticsearch plugin with self signed certs
+ # ================================================================
+ - name: FLUENT_ELASTICSEARCH_SSL_VERIFY
+ value: "true"
+ # Option to configure elasticsearch plugin with tls
+ # ================================================================
+ - name: FLUENT_ELASTICSEARCH_SSL_VERSION
+ value: "TLSv1_2"
+ # X-Pack Authentication
+ # =====================
+ - name: FLUENT_ELASTICSEARCH_USER
+ value: "elastic"
+ - name: FLUENT_ELASTICSEARCH_PASSWORD
+ value: "secret"
+ # Logz.io Authentication
+ # ======================
+ - name: LOGZIO_TOKEN
+ value: "ThisIsASuperLongToken"
+ - name: LOGZIO_LOGTYPE
+ value: "kubernetes"
+ - name: SSL_CERT_DIR
+ value: /home/fluent/ca
+ - name: SSL_CERT_FILE
+ value: /home/fluent/ca/ca.crt
+ resources:
+ limits:
+ memory: 200Mi
+ requests:
+ cpu: 100m
+ memory: 200Mi
+ volumeMounts:
+ - name: varlog
+ mountPath: /var/log
+ - name: dockercontainerlogdirectory
+ mountPath: /var/lib/docker/containers
+ readOnly: true
+ - name: fluentd-ca-cert
+ mountPath: /home/fluent/ca/ca.crt
+ subPath: ca.crt
+ readOnly: true
+ terminationGracePeriodSeconds: 30
+ volumes:
+ - name: varlog
+ hostPath:
+ path: /var/log
+ - name: dockercontainerlogdirectory
+ hostPath:
+ path: /var/lib/docker/containers
+ - name: fluentd-ca-cert
+ hostPath:
+ # Ensure the file directory is created.
+ path: /var/elasticsearch/config/certs/ca
+ type: DirectoryOrCreate