summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--clover/logging/install/fluentd-daemonset-elasticsearch-rbac.yaml96
-rw-r--r--docs/development/design/logging.rst18
2 files changed, 107 insertions, 7 deletions
diff --git a/clover/logging/install/fluentd-daemonset-elasticsearch-rbac.yaml b/clover/logging/install/fluentd-daemonset-elasticsearch-rbac.yaml
new file mode 100644
index 0000000..445db26
--- /dev/null
+++ b/clover/logging/install/fluentd-daemonset-elasticsearch-rbac.yaml
@@ -0,0 +1,96 @@
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: fluentd
+ namespace: kube-system
+
+---
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRole
+metadata:
+ name: fluentd
+ namespace: kube-system
+rules:
+- apiGroups:
+ - ""
+ resources:
+ - pods
+ - namespaces
+ verbs:
+ - get
+ - list
+ - watch
+
+---
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1beta1
+metadata:
+ name: fluentd
+roleRef:
+ kind: ClusterRole
+ name: fluentd
+ apiGroup: rbac.authorization.k8s.io
+subjects:
+- kind: ServiceAccount
+ name: fluentd
+ namespace: kube-system
+---
+apiVersion: extensions/v1beta1
+kind: DaemonSet
+metadata:
+ name: fluentd
+ namespace: kube-system
+ labels:
+ k8s-app: fluentd-logging
+ version: v1
+ kubernetes.io/cluster-service: "true"
+spec:
+ template:
+ metadata:
+ labels:
+ k8s-app: fluentd-logging
+ version: v1
+ kubernetes.io/cluster-service: "true"
+ spec:
+ serviceAccount: fluentd
+ serviceAccountName: fluentd
+ tolerations:
+ - key: node-role.kubernetes.io/master
+ effect: NoSchedule
+ containers:
+ - name: fluentd
+ image: fluent/fluentd-kubernetes-daemonset:elasticsearch
+ env:
+ - name: FLUENT_ELASTICSEARCH_HOST
+ value: "elasticsearch.logging"
+ - name: FLUENT_ELASTICSEARCH_PORT
+ value: "9200"
+ - name: FLUENT_ELASTICSEARCH_SCHEME
+ value: "http"
+ # X-Pack Authentication
+ # =====================
+ - name: FLUENT_ELASTICSEARCH_USER
+ value: "elastic"
+ - name: FLUENT_ELASTICSEARCH_PASSWORD
+ value: "changeme"
+ resources:
+ limits:
+ memory: 200Mi
+ requests:
+ cpu: 100m
+ memory: 200Mi
+ volumeMounts:
+ - name: varlog
+ mountPath: /var/log
+ - name: varlibdockercontainers
+ mountPath: /var/lib/docker/containers
+ readOnly: true
+ terminationGracePeriodSeconds: 30
+ volumes:
+ - name: varlog
+ hostPath:
+ path: /var/log
+ - name: varlibdockercontainers
+ hostPath:
+ path: /var/lib/docker/containers
diff --git a/docs/development/design/logging.rst b/docs/development/design/logging.rst
index 5fbaeb9..2c2dfe6 100644
--- a/docs/development/design/logging.rst
+++ b/docs/development/design/logging.rst
@@ -14,19 +14,23 @@ First, install logging stack Elasticsearch, Fluentd and Kibana::
kubectl apply -f install/logging-stack.yaml
-Then configure fluentd for istio::
-
- kubectl apply -f install/fluentd-istio.yaml
-
-Note that, it must be done in two steps. If you run ``kubectl apply -f install``
-instead, the mixer adapter may fail to intialize because the target service can
-not be found. You may find an error message from mixer container::
+Note that, it must be done in separated steps. If you run ``kubectl apply -f
+install`` instead, the mixer adapter may fail to intialize because the target
+service can not be found. You may find an error message from mixer container::
2018-05-09T02:43:14.435156Z error Unable to initialize adapter:
snapshot='6', handler='handler.fluentd.istio-system', adapter='fluentd',
err='adapter instantiation error: dial tcp: lookup fluentd-es.logging on
10.96.0.10:53: no such host'.
+Then configure fluentd for istio::
+
+ kubectl apply -f install/fluentd-istio.yaml
+
+Configure fluentd for node level logging::
+
+ kubectl apply -f install/fluentd-daemonset-elasticsearch-rbac.yaml
+
.. _sample configuration: https://istio.io/docs/tasks/telemetry/fluentd.html
********