infra/kubernetes
1
0
Fork 0
Code Pull Requests 3 Activity
Files
707481c6fafe1daa8dc551c7b7943482600f99ea
kubernetes/fluent-bit/fluent-bit.yaml
Dustin C. Hatch 707481c6fa fluent-bit: deploy DaemonSet 
This DaemonSet runs Fluent Bit on all nodes in the cluster.  The
ConfigMap that contains the pipeline configuration is actually managed
by Ansible, so that it can remain in sync with the configuration used by
Fluent Bit on non-Kubernetes nodes.
2025-12-04 21:28:32 -06:00

88 lines
2.2 KiB
YAML
Raw Blame History

apiVersion: apps/v1
kind: DaemonSet
metadata:
name: fluent-bit
labels: &labels
app.kubernetes.io/name: fluent-bit
app.kubernetes.io/component: fluent-bit
spec:
selector:
matchLabels: *labels
template:
metadata:
labels: *labels
spec:
containers:
- name: fluent-bit
image: cr.fluentbit.io/fluent/fluent-bit
imagePullPolicy: IfNotPresent
args:
- -c
- /etc/fluent-bit/fluent-bit.yml
env:
- name: HOSTNAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
securityContext:
readOnlyRootFilesystem: true
capabilities:
drop:
- ALL
add:
- CAP_DAC_READ_SEARCH
volumeMounts:
- mountPath: /etc/fluent-bit
name: fluent-bit-config
readOnly: true
- mountPath: /etc/machine-id
name: machine-id
readOnly: true
- mountPath: /etc/pki/ca-trust/source/anchors
name: dch-ca
readOnly: true
- mountPath: /run/log
name: run-log
readOnly: true
- mountPath: /var/lib/fluent-bit
name: fluent-bit-data
- mountPath: /var/log
name: var-log
readOnly: true
dnsPolicy: ClusterFirstWithHostNet
securityContext:
seLinuxOptions:
type: spc_t
serviceAccountName: fluent-bit
tolerations:
- effect: NoExecute
operator: Exists
- effect: NoSchedule
operator: Exists
volumes:
- name: dch-ca
configMap:
name: dch-root-ca
items:
- key: dch-root-ca.crt
path: dch-root-ca-r2.crt
- name: fluent-bit-config
configMap:
name: fluent-bit
- name: fluent-bit-data
hostPath:
path: /var/lib/fluent-bit
type: DirectoryOrCreate
- name: machine-id
hostPath:
path: /etc/machine-id
type: File
- name: run-log
hostPath:
path: /run/log
type: Directory
- name: var-log
hostPath:
path: /var/log
type: Directory
View Git Blame Copy Permalink