global: ## Override the deployment namespace # namespaceOverride: image: repository: public.ecr.aws/aws-observability/aws-for-fluent-bit tag: 2.31.11 pullPolicy: IfNotPresent imagePullSecrets: [] nameOverride: "" fullnameOverride: "" podSecurityContext: {} # runAsUser: 1000 # runAsGroup: 1000 # runAsNonRoot: true # seccompProfile: # type: RuntimeDefault containerSecurityContext: {} # allowPrivilegeEscalation: false # capabilities: # drop: # - ALL rbac: # rbac.pspEnabled, if `true` a restricted pod security policy is created and used pspEnabled: false service: ## Allow the service to be exposed for monitoring ## For liveness check to work, Health_Check must be set to On ## https://docs.fluentbit.io/manual/administration/monitoring extraService: | HTTP_Server On HTTP_Listen 0.0.0.0 HTTP_PORT 2020 Health_Check On HC_Errors_Count 5 HC_Retry_Failure_Count 5 HC_Period 5 parsersFiles: - /fluent-bit/parsers/parsers.conf # extraParsers: | # [PARSER] # Name logfmt # Format logfmt input: enabled: true tag: "kube.*" path: "/var/log/containers/*.log" db: "/var/log/flb_kube.db" parser: docker dockerMode: "On" memBufLimit: 5MB skipLongLines: "On" refreshInterval: 10 # extraInputs: | # ... # additionalInputs: | # [INPUT] # Name winlog # Channels Setup,Windows PowerShell # Interval_Sec 1 # DB winlog.sqlite filter: enabled: true match: "kube.*" kubeURL: "https://kubernetes.default.svc.cluster.local:443" mergeLog: "On" mergeLogKey: "data" keepLog: "On" k8sLoggingParser: "On" k8sLoggingExclude: "On" bufferSize: "32k" # Uncomment the extraFilters to use Kubelet to get the Metadata instead of talking to API server for large clusters # Check this link for more details https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/ContainerInsights-use-kubelet.html # extraFilters: | # Kube_Tag_Prefix application.var.log.containers. # Labels Off # Annotations Off # Use_Kubelet true # Kubelet_Port 10250 # Kube_CA_File /var/run/secrets/kubernetes.io/serviceaccount/ca.crt # Kube_Token_File /var/run/secrets/kubernetes.io/serviceaccount/token # additionalFilters: | # [FILTER] # Name grep # Match * # Exclude log lvl=debug* cloudWatch: enabled: false match: "*" region: "us-east-1" logGroupName: "/aws/eks/fluentbit-cloudwatch/logs" logStreamName: logStreamPrefix: "fluentbit-" logKey: logFormat: logRetentionDays: roleArn: autoCreateGroup: true endpoint: credentialsEndpoint: {} # extraOutputs: | # ... cloudWatchLogs: enabled: true match: "*" region: "us-east-1" logGroupName: "/aws/eks/fluentbit-cloudwatch/logs" logGroupTemplate: /aws/eks/fluentbit-cloudwatch/workload/$kubernetes['namespace_name'] logStreamName: logStreamPrefix: "fluentbit-" logStreamTemplate: $kubernetes['pod_name'].$kubernetes['container_name'] logKey: logFormat: roleArn: autoCreateGroup: true logRetentionDays: endpoint: metricNamespace: metricDimensions: stsEndpoint: autoRetryRequests: externalId: # extraOutputs: | # log_format json/emf # worker 1 firehose: enabled: false match: "*" region: "us-east-1" deliveryStream: "my-stream" dataKeys: roleArn: endpoint: timeKey: # extraOutputs: | # ... kinesis: enabled: false match: "*" region: "us-east-1" stream: "my-kinesis-stream-name" partitionKey: "container_id" appendNewline: replaceDots: dataKeys: roleArn: endpoint: stsEndpoint: timeKey: timeKeyFormat: compression: aggregation: experimental: concurrency: concurrencyRetries: # extraOutputs: | # ... kinesis_streams: enabled: false match: "*" region: "us-east-1" stream: "my-kinesis-stream-name" role_arn: endpoint: sts_endpoint: time_key: time_key_format: external_id: auto_retry_requests: log_key: elasticsearch: enabled: false match: "*" host: awsRegion: "us-east-1" awsAuth: "On" tls: "On" port: "443" retryLimit: 6 replaceDots: "On" suppressTypeName: # extraOutputs: | # Index = my-index s3: enabled: false match: "*" bucket: region: "us-east-1" jsonDateKey: "date" jsonDateFormat: "iso8601" totalFileSize: "100M" uploadChunkSize: "6M" uploadTimeout: "10m" storeDir: "/tmp/fluent-bit/s3" storeDirLimitSize: 0 s3KeyFormat: /pod-logs/$TAG/%Y-%m-%d/%H-%M-%S s3KeyFormatTagDelimiters: staticFilePath: false usePutObject: false roleArn: endpoint: stsEndpoint: cannedAcl: compression: contentType: sendContentMd5: false autoRetryRequests: true logKey: preserveDataOrdering: true storageClass: retryLimit: 1 externalId: # extraOutputs: | opensearch: enabled: false match: "*" host: port: "443" tls: "on" path: "" bufferSize: "5m" pipeline: awsRegion: "us-east-1" awsAuth: "On" awsStsEndpoint: awsRoleArn: awsExternalId: awsServiceName: httpUser: httpPasswd: index: "aws-fluent-bit" type: "_doc" logstashFormat: "off" logstashPrefix: "logstash" logstashDateFormat: "%Y.%m.%d" timeKey: "@timestamp" timeKeyFormat: "%Y-%m-%dT%H:%M:%S" timeKeyNanos: "Off" includeTagKey: "Off" tagKey: "_flb-key" generateId: "Off" idKey: writeOperation: "create" replaceDots: "Off" traceOutput: "Off" traceError: "Off" currentTimeIndex: "Off" logstashPrefixKey: suppressTypeName: "On" # extraOutputs: | # additionalOutputs: | # [OUTPUT] # Name file # Format template # Template {time} used={Mem.used} free={Mem.free} total={Mem.total} serviceAccount: create: true annotations: {} name: resources: limits: memory: 250Mi requests: cpu: 50m memory: 50Mi ## Assign a PriorityClassName to pods if set # priorityClassName: system-node-critical updateStrategy: type: RollingUpdate nodeSelector: {} tolerations: [] affinity: {} annotations: {} # iam.amazonaws.com/role: arn:aws:iam::123456789012:role/role-for-fluent-bit # Specifies if aws-for-fluent-bit should be started in hostNetwork mode. # # This is required if using a custom CNI where the managed control plane nodes are unable to initiate # network connections to the pods, for example using Calico CNI plugin on EKS. This is not required or # recommended if using the Amazon VPC CNI plugin. # Set hostNetwork to true and dnsPolicy to ClusterFirstWithHostNet to use Kubelet to get the Metadata for large clusters # Check this link for more details https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/ContainerInsights-use-kubelet.html hostNetwork: false dnsPolicy: ClusterFirst env: [] ## To add extra environment variables to the pods, add as below # env: # - name: AWS_REGION # valueFrom: # configMapKeyRef: # name: fluent-bit-cluster-info # key: logs.region # - name: CLUSTER_NAME # valueFrom: # configMapKeyRef: # name: fluent-bit-cluster-info # key: cluster.name # - name: HOST_NAME # valueFrom: # fieldRef: # fieldPath: spec.nodeName volumes: - name: varlog hostPath: path: /var/log - name: varlibdockercontainers hostPath: path: /var/lib/docker/containers volumeMounts: - name: varlog mountPath: /var/log - name: varlibdockercontainers mountPath: /var/lib/docker/containers readOnly: true # For livenessProbe to work - service.extraService must also enable Health_Check On livenessProbe: httpGet: path: /api/v1/health port: 2020 scheme: HTTP failureThreshold: 2 initialDelaySeconds: 30 timeoutSeconds: 10 readinessProbe: {} # httpGet: # path: /api/v1/health # port: 2020 # scheme: HTTP # failureThreshold: 2 # initialDelaySeconds: 30 # timeoutSeconds: 10 serviceMonitor: service: type: ClusterIP port: 2020 targetPort: 2020 ## When set true then use a ServiceMonitor to configure scraping enabled: false interval: 30s telemetryPath: /api/v1/metrics/prometheus labels: # app: example-application # teamname: example timeout: 10s relabelings: [] targetLabels: [] metricRelabelings: []