pieter/eveAI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
5501061dd12e69b23855c19076457e08c0b4f8df
eveAI/scaleway/easy_deploy/promtail.yaml
Josako b812aedb81 - Filtering healtz from logs in scaleway cockpit 
- Removing startup-functionality from eveai_app (race conditions possible!)
- adapting blueprints to be pointing to admin (removed from Ingress)
2025-09-05 16:13:48 +02:00

416 lines
11 KiB
YAML
Raw Blame History

_NOTES: |
↓ Please scroll down if needed to see the pre-defined values ↓
Full values are available at: https://github.com/grafana/helm-charts/tree/main/charts/promtail
# Billing warning
After installing this Chart, a Cockpit custom Data source will be created.
This feature does incur costs based on the volume of logs ingested.
# Template functions documentation
cockpit_bearer_token
Generates a Cockpit token named "k8s-logs-CLUSTER_ID" with "Push logs"
permission and returns it. Any existing token with this name will be
deleted.
cockpit_loki_push_url
Creates a Cockpit Logs Data source named "kubernetes-logs" (if needed)
and returns its push URL.
cockpit_promtail_scrape_config_pods
Returns a Promtail scrape config for pushing Pod logs to Cockpit.
ALL logs are scraped if no argument is provided. To only scrape logs
from specific namespaces, you can provide the namespaces as arguments.
Here are some examples:
- cockpit_promtail_scrape_config_pods
- cockpit_promtail_scrape_config_pods "kube-system"
- cockpit_promtail_scrape_config_pods "kube-system" "default" "my-app"
cockpit_promtail_scrape_config_journal
Returns a Promtail scrape config for pushing Node system logs to
Cockpit. ALL logs are scraped if no argument is provided. To only scrape
logs from specific namespaces you can provide the syslog identifiers
as arguments. Here are some examples:
- cockpit_promtail_scrape_config_journal
- cockpit_promtail_scrape_config_journal "kubelet"
- cockpit_promtail_scrape_config_journal "kubelet" "sshd" "systemd"
affinity: {}
annotations: {}
automountServiceAccountToken: true
config:
clients:
- bearer_token: 6gx1HemmAehGC9q0EHBfCRrQDyjfCttvypMSkEXXR43qseiKfTSBIdVUhKrH_Lfb
url: https://f191356f-5685-4ed9-a1e6-46541ecb560a.logs.cockpit.fr-par.scw.cloud/loki/api/v1/push
enableTracing: false
enabled: true
file: |
server:
log_level: {{ .Values.config.logLevel }}
log_format: {{ .Values.config.logFormat }}
http_listen_port: {{ .Values.config.serverPort }}
{{- with .Values.httpPathPrefix }}
http_path_prefix: {{ . }}
{{- end }}
{{- tpl .Values.config.snippets.extraServerConfigs . | nindent 2 }}
clients:
{{- tpl (toYaml .Values.config.clients) . | nindent 2 }}
positions:
{{- tpl (toYaml .Values.config.positions) . | nindent 2 }}
scrape_configs:
{{- tpl .Values.config.snippets.scrapeConfigs . | nindent 2 }}
{{- tpl .Values.config.snippets.extraScrapeConfigs . | nindent 2 }}
limits_config:
{{- tpl .Values.config.snippets.extraLimitsConfig . | nindent 2 }}
tracing:
enabled: {{ .Values.config.enableTracing }}
logFormat: logfmt
logLevel: info
positions:
filename: /run/promtail/positions.yaml
serverPort: 3101
snippets:
addScrapeJobLabel: false
common:
- action: replace
source_labels:
- __meta_kubernetes_pod_node_name
target_label: node_name
- action: replace
source_labels:
- __meta_kubernetes_namespace
target_label: namespace
- action: replace
replacement: $1
separator: /
source_labels:
- namespace
- app
target_label: job
- action: replace
source_labels:
- __meta_kubernetes_pod_name
target_label: pod
- action: replace
source_labels:
- __meta_kubernetes_pod_container_name
target_label: container
- action: replace
replacement: /var/log/pods/*$1/*.log
separator: /
source_labels:
- __meta_kubernetes_pod_uid
- __meta_kubernetes_pod_container_name
target_label: __path__
- action: replace
regex: true/(.*)
replacement: /var/log/pods/*$1/*.log
separator: /
source_labels:
- __meta_kubernetes_pod_annotationpresent_kubernetes_io_config_hash
- __meta_kubernetes_pod_annotation_kubernetes_io_config_hash
- __meta_kubernetes_pod_container_name
target_label: __path__
extraLimitsConfig: |
# When true, enforces rate limiting on this instance of Promtail.
readline_rate_enabled: true
# The rate limit in log lines per second that this instance of Promtail may push to Cockpit.
readline_rate: 10000
# The cap in the quantity of burst lines that this instance of Promtail may push to Cockpit.
readline_burst: 10000
# When true, exceeding the rate limit causes this instance of Promtail to discard
# log lines, rather than sending them to Cockpit. When false, exceeding the rate limit
# causes this instance of Promtail to temporarily hold off on sending the log lines and retry later.
readline_rate_drop: true
extraRelabelConfigs: []
extraScrapeConfigs: ""
extraServerConfigs: ""
pipelineStages:
- cri: {}
scrapeConfigs: |
- job_name: kubernetes-pods
pipeline_stages:
- cri: {}
- labeldrop:
- filename
- stream
# -- BEGIN: filters om health/probe ruis te droppen --
# 1) Drop alle requests met kube-probe user-agent
- drop:
expression: 'kube-probe'
# 2) Drop alle health endpoints (met of zonder underscore en met/zonder suffix)
# Matcht: /healthz, /healthz/ready, /healthz/live, /_healthz, /_healthz/ready, /_healthz/live
- drop:
expression: '(/_?healthz(?:/ready|/live)?\b)'
# -- END: filters --
kubernetes_sd_configs:
- role: pod
relabel_configs:
# filter
- action: keep
source_labels:
- __meta_kubernetes_namespace
regex: .*
# static labels
- action: replace
replacement: eveai-staging
target_label: cluster
- action: replace
replacement: pod
target_label: type
- action: replace
replacement: easydeploy-promtail
target_label: from
# dynamic labels
- action: replace
source_labels:
- __meta_kubernetes_namespace
target_label: namespace
- action: replace
source_labels:
- __meta_kubernetes_pod_name
target_label: pod
- action: replace
source_labels:
- __meta_kubernetes_pod_container_name
target_label: container
- action: replace
replacement: /var/log/pods/*$1/*.log
separator: /
source_labels:
- __meta_kubernetes_pod_uid
- __meta_kubernetes_pod_container_name
target_label: __path__
- action: replace
replacement: /var/log/pods/*$1/*.log
regex: true/(.*)
separator: /
source_labels:
- __meta_kubernetes_pod_annotationpresent_kubernetes_io_config_hash
- __meta_kubernetes_pod_annotation_kubernetes_io_config_hash
- __meta_kubernetes_pod_container_name
target_label: __path__
- job_name: journal
journal:
json: false
max_age: 12h
path: /var/log/journal
relabel_configs:
# filter
- source_labels: ["__journal_syslog_identifier"]
regex: .*
action: keep
# static labels
- action: replace
replacement: eveai-staging
target_label: cluster
- action: replace
replacement: journal
target_label: type
- action: replace
replacement: easydeploy-promtail
target_label: from
# dynamic labels
- source_labels: ["__journal__hostname"]
target_label: host
- source_labels: ["__journal_syslog_identifier"]
target_label: syslog_identifier
configmap:
enabled: false
containerSecurityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
daemonset:
autoscaling:
controlledResources: []
enabled: false
maxAllowed: {}
minAllowed: {}
enabled: true
defaultVolumeMounts:
- mountPath: /run/promtail
name: run
- mountPath: /var/lib/docker/containers
name: containers
readOnly: true
- mountPath: /var/log/pods
name: pods
readOnly: true
defaultVolumes:
- hostPath:
path: /run/promtail
name: run
- hostPath:
path: /var/lib/docker/containers
name: containers
- hostPath:
path: /var/log/pods
name: pods
deployment:
autoscaling:
enabled: false
maxReplicas: 10
minReplicas: 1
targetCPUUtilizationPercentage: 80
targetMemoryUtilizationPercentage: null
enabled: false
replicaCount: 1
strategy:
type: RollingUpdate
enableServiceLinks: true
extraArgs: []
extraContainers: {}
extraEnv: []
extraEnvFrom: []
extraObjects: []
extraPorts: {}
extraVolumeMounts:
- mountPath: /var/log/journal
name: journal
readOnly: true
extraVolumes:
- hostPath:
path: /var/log/journal
name: journal
fullnameOverride: null
global:
imagePullSecrets: []
imageRegistry: ""
hostAliases: []
hostNetwork: null
httpPathPrefix: ""
image:
pullPolicy: IfNotPresent
registry: docker.io
repository: grafana/promtail
tag: ""
imagePullSecrets: []
initContainer: []
livenessProbe: {}
nameOverride: null
namespace: null
networkPolicy:
enabled: false
k8sApi:
cidrs: []
port: 8443
metrics:
cidrs: []
namespaceSelector: {}
podSelector: {}
nodeSelector: {}
podAnnotations: {}
podLabels: {}
podSecurityContext:
runAsGroup: 0
runAsUser: 0
podSecurityPolicy:
allowPrivilegeEscalation: true
fsGroup:
rule: RunAsAny
hostIPC: false
hostNetwork: false
hostPID: false
privileged: true
readOnlyRootFilesystem: true
requiredDropCapabilities:
- ALL
runAsUser:
rule: RunAsAny
seLinux:
rule: RunAsAny
supplementalGroups:
rule: RunAsAny
volumes:
- secret
- hostPath
- downwardAPI
priorityClassName: null
rbac:
create: true
pspEnabled: false
readinessProbe:
failureThreshold: 5
httpGet:
path: '{{ printf `%s/ready` .Values.httpPathPrefix }}'
port: http-metrics
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
resources: {}
secret:
annotations: {}
labels: {}
service:
annotations: {}
enabled: false
labels: {}
serviceAccount:
annotations: {}
automountServiceAccountToken: true
create: true
imagePullSecrets: []
name: null
serviceMonitor:
annotations: {}
enabled: false
interval: null
labels: {}
metricRelabelings: []
namespace: null
namespaceSelector: {}
prometheusRule:
additionalLabels: {}
enabled: false
rules: []
relabelings: []
scheme: http
scrapeTimeout: null
targetLabels: []
tlsConfig: null
sidecar:
configReloader:
config:
serverPort: 9533
containerSecurityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
enabled: false
extraArgs: []
extraEnv: []
extraEnvFrom: []
image:
pullPolicy: IfNotPresent
registry: ghcr.io
repository: jimmidyson/configmap-reload
tag: v0.12.0
livenessProbe: {}
readinessProbe: {}
resources: {}
serviceMonitor:
enabled: true
tolerations:
- effect: NoSchedule
key: node-role.kubernetes.io/master
operator: Exists
- effect: NoSchedule
key: node-role.kubernetes.io/control-plane
operator: Exists
updateStrategy: {}
Reference in New Issue View Git Blame Copy Permalink