particle-os/debian-forge-composer
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

templates/composer: add fluentd sidecar

Browse source 
The sidecar receives logs from the service and forwards them to Splunk
HEC
This commit is contained in:
Diaa Sami 2022-05-05 13:40:48 +02:00 committed by Sanne Raymaekers
parent 069d08fa64
commit ca83eccc47
1 changed files with 51 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

51
templates/composer.yml
View file

@ -94,6 +94,8 @@ objects:
value: "${PGSSLMODE}"
- name: PGMAXCONNS
value: "${PGMAXCONNS}"
- name: SYSLOG_SERVER
value: "localhost:5140"
ports:
- name: composer-api
protocol: TCP
@ -109,6 +111,32 @@ objects:
mountPath: "/var/lib/osbuild-composer"
- name: cache-directory
mountPath: "/var/cache/osbuild-composer"
- image: "fluentd-hec:1.2.13"
name: fluentd-sidecar
resources:
requests:
cpu: "${CPU_REQUEST}"
memory: "${MEMORY_REQUEST}"
limits:
cpu: "${CPU_REQUEST}"
memory: "${MEMORY_LIMIT}"
env:
- name: SPLUNK_HEC_TOKEN
valueFrom:
secretKeyRef:
name: splunk
key: token
optional: false
- name: SPLUNK_HEC_URL
valueFrom:
secretKeyRef:
name: splunk
key: url
optional: false
volumeMounts:
- name: fluentd-config
mountPath: /fluentd/etc
readOnly: true
volumes:
- name: composer-config
configMap:
@ -224,7 +252,30 @@ objects:
jwt_keys_urls = ["${RH_SSO_BASE_URL}/protocol/openid-connect/certs", "${MAS_SSO_BASE_URL}/protocol/openid-connect/certs"]
jwt_acl_file = "${COMPOSER_CONFIG_DIR}/acl.yml"
jwt_tenant_provider_fields = ["rh-org-id", "account_id"]
- apiVersion: v1
kind: ConfigMap
metadata:
name: fluentd-config
data:
fluent.conf: |
<source>
@type syslog
port 5140
bind 127.0.0.1
<transport tcp>
</transport>
tag osbuild-composer
<parse>
time_format %Y-%m-%dT%H:%M:%SZ
</parse>
</source>
<match **>
@type splunk_hec
hec_host "#{ENV['SPLUNK_HEC_URL']}"
hec_port 8088
hec_token "#{ENV['SPLUNK_HEC_TOKEN']}"
</match>
- apiVersion: batch/v1
kind: CronJob
metadata: