From 358f131809627963b90405d85ba0dd2484ab7fcf Mon Sep 17 00:00:00 2001 From: zhenyus Date: Wed, 16 Apr 2025 00:18:16 +0800 Subject: [PATCH] Add Fluent Bit configuration for log collection - Introduced Fluent Bit resources including FluentBit, Parser, Output, FluentBitConfig, and ClusterInput. - Configured default resource requests and limits for Fluent Bit. - Set up JSON parser with customizable time key and format. - Established output forwarding to Fluentd service in the logging system. - Enabled conditional deployment based on the `fluentbit.enabled` value in Helm chart. Signed-off-by: zhenyus --- .../fluent-operator/3.3/setup.yaml | 40081 ++++++++++++++++ .../fluent-operator/values/fluentd.yaml | 126 + .../freeleaps-logging-system/loki/values.yaml | 3811 ++ cluster/manifests/helm-repos/REPO.list | 1 + .../templates/authentication/fluentbit.yaml | 72 + .../helm-pkg/authentication/values.alpha.yaml | 14 + freeleaps/helm-pkg/authentication/values.yaml | 14 + 7 files changed, 44119 insertions(+) create mode 100644 cluster/manifests/freeleaps-logging-system/fluent-operator/3.3/setup.yaml create mode 100644 cluster/manifests/freeleaps-logging-system/fluent-operator/values/fluentd.yaml create mode 100644 cluster/manifests/freeleaps-logging-system/loki/values.yaml create mode 100644 freeleaps/helm-pkg/authentication/templates/authentication/fluentbit.yaml diff --git a/cluster/manifests/freeleaps-logging-system/fluent-operator/3.3/setup.yaml b/cluster/manifests/freeleaps-logging-system/fluent-operator/3.3/setup.yaml new file mode 100644 index 00000000..c8769b00 --- /dev/null +++ b/cluster/manifests/freeleaps-logging-system/fluent-operator/3.3/setup.yaml @@ -0,0 +1,40081 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + name: clusterfilters.fluentbit.fluent.io +spec: + group: fluentbit.fluent.io + names: + kind: ClusterFilter + listKind: ClusterFilterList + plural: clusterfilters + shortNames: + - cfbf + singular: clusterfilter + scope: Cluster + versions: + - name: v1alpha2 + schema: + openAPIV3Schema: + description: ClusterFilter defines a cluster-level Filter configuration. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: Specification of desired Filter configuration. + properties: + filters: + description: A set of filter plugins in order. + items: + properties: + aws: + description: Aws defines a Aws configuration. + properties: + accountID: + description: The account ID for current EC2 instance.Default + is false. + type: boolean + alias: + description: Alias for the plugin + type: string + amiID: + description: The EC2 instance image id.Default is false. + type: boolean + az: + description: The availability zone; for example, "us-east-1a". + Default is true. + type: boolean + ec2InstanceID: + description: The EC2 instance ID.Default is true. + type: boolean + ec2InstanceType: + description: The EC2 instance type.Default is false. + type: boolean + hostName: + description: The hostname for current EC2 instance.Default + is false. + type: boolean + imdsVersion: + description: Specify which version of the instance metadata + service to use. Valid values are 'v1' or 'v2'. + enum: + - v1 + - v2 + type: string + privateIP: + description: The EC2 instance private ip.Default is false. + type: boolean + retryLimit: + description: 'RetryLimit describes how many times fluent-bit + should retry to send data to a specific output. If set + to false fluent-bit will try indefinetly. If set to any + integer N>0 it will try at most N+1 times. Leading zeros + are not allowed (values such as 007, 0150, 01 do not work). + If this property is not defined fluent-bit will use the + default value: 1.' + pattern: ^(((f|F)alse)|(no_limits)|(no_retries)|([1-9]+[0-9]*))$ + type: string + vpcID: + description: The VPC ID for current EC2 instance.Default + is false. + type: boolean + type: object + customPlugin: + description: CustomPlugin defines a Custom plugin configuration. + properties: + config: + description: |- + Config holds any unsupported plugins classic configurations, + if ConfigFileFormat is set to yaml, this filed will be ignored + type: string + yamlConfig: + description: YamlConfig holds the unsupported plugins yaml + configurations, it only works when the ConfigFileFormat + is yaml + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + grep: + description: Grep defines Grep Filter configuration. + properties: + alias: + description: Alias for the plugin + type: string + exclude: + description: |- + Exclude records which field matches the regular expression. + Value Format: FIELD REGEX + type: string + regex: + description: |- + Keep records which field matches the regular expression. + Value Format: FIELD REGEX + type: string + retryLimit: + description: 'RetryLimit describes how many times fluent-bit + should retry to send data to a specific output. If set + to false fluent-bit will try indefinetly. If set to any + integer N>0 it will try at most N+1 times. Leading zeros + are not allowed (values such as 007, 0150, 01 do not work). + If this property is not defined fluent-bit will use the + default value: 1.' + pattern: ^(((f|F)alse)|(no_limits)|(no_retries)|([1-9]+[0-9]*))$ + type: string + type: object + kubernetes: + description: Kubernetes defines Kubernetes Filter configuration. + properties: + alias: + description: Alias for the plugin + type: string + annotations: + description: Include Kubernetes resource annotations in + the extra metadata. + type: boolean + bufferSize: + description: Set the buffer size for HTTP client when reading + responses from Kubernetes API server. + pattern: ^\d+(k|K|KB|kb|m|M|MB|mb|g|G|GB|gb)?$ + type: string + cacheUseDockerId: + description: When enabled, metadata will be fetched from + K8s when docker_id is changed. + type: boolean + dnsRetries: + description: DNS lookup retries N times until the network + start working + format: int32 + type: integer + dnsWaitTime: + description: DNS lookup interval between network status + checks + format: int32 + type: integer + dummyMeta: + description: If set, use dummy-meta data (for test/dev purposes) + type: boolean + k8sLoggingExclude: + description: |- + Allow Kubernetes Pods to exclude their logs from the log processor + (read more about it in Kubernetes Annotations section). + type: boolean + k8sLoggingParser: + description: |- + Allow Kubernetes Pods to suggest a pre-defined Parser + (read more about it in Kubernetes Annotations section) + type: boolean + keepLog: + description: |- + When Keep_Log is disabled, the log field is removed + from the incoming message once it has been successfully merged + (Merge_Log must be enabled as well). + type: boolean + kubeCAFile: + description: CA certificate file + type: string + kubeCAPath: + description: Absolute path to scan for certificate files + type: string + kubeMetaCacheTTL: + description: |- + configurable TTL for K8s cached metadata. By default, it is set to 0 + which means TTL for cache entries is disabled and cache entries are evicted at random + when capacity is reached. In order to enable this option, you should set the number to a time interval. + For example, set this value to 60 or 60s and cache entries which have been created more than 60s will be evicted. + type: string + kubeMetaNamespaceCacheTTL: + description: |- + Configurable TTL for K8s cached namespace metadata. + By default, it is set to 900 which means a 15min TTL for namespace cache entries. + Setting this to 0 will mean entries are evicted at random once the cache is full. + format: int32 + type: integer + kubeMetaPreloadCacheDir: + description: |- + If set, Kubernetes meta-data can be cached/pre-loaded from files in JSON format in this directory, + named as namespace-pod.meta + type: string + kubeTagPrefix: + description: |- + When the source records comes from Tail input plugin, + this option allows to specify what's the prefix used in Tail configuration. + type: string + kubeTokenCommand: + description: |- + Command to get Kubernetes authorization token. + By default, it will be NULL and we will use token file to get token. + type: string + kubeTokenFile: + description: Token file + type: string + kubeTokenTTL: + description: |- + configurable 'time to live' for the K8s token. By default, it is set to 600 seconds. + After this time, the token is reloaded from Kube_Token_File or the Kube_Token_Command. + type: string + kubeURL: + description: API Server end-point + type: string + kubeletHost: + description: kubelet host using for HTTP request, this only + works when Use_Kubelet set to On. + type: string + kubeletPort: + description: kubelet port using for HTTP request, this only + works when useKubelet is set to On. + format: int32 + type: integer + labels: + description: Include Kubernetes resource labels in the extra + metadata. + type: boolean + mergeLog: + description: |- + When enabled, it checks if the log field content is a JSON string map, + if so, it append the map fields as part of the log structure. + type: boolean + mergeLogKey: + description: |- + When Merge_Log is enabled, the filter tries to assume the log field from the incoming message is a JSON string message + and make a structured representation of it at the same level of the log field in the map. + Now if Merge_Log_Key is set (a string name), all the new structured fields taken from the original log content are inserted under the new key. + type: string + mergeLogTrim: + description: When Merge_Log is enabled, trim (remove possible + \n or \r) field values. + type: boolean + mergeParser: + description: Optional parser name to specify how to parse + the data contained in the log key. Recommended use is + for developers or testing only. + type: string + namespaceAnnotations: + description: Include Kubernetes namespace resource annotations + in the extra metadata. + type: boolean + namespaceLabels: + description: Include Kubernetes namespace resource labels + in the extra metadata. + type: boolean + namespaceMetadataOnly: + description: |- + Include Kubernetes namespace metadata only and no pod metadata. + If this is set, the values of Labels and Annotations are ignored. + type: boolean + regexParser: + description: |- + Set an alternative Parser to process record Tag and extract pod_name, namespace_name, container_name and docker_id. + The parser must be registered in a parsers file (refer to parser filter-kube-test as an example). + type: string + retryLimit: + description: 'RetryLimit describes how many times fluent-bit + should retry to send data to a specific output. If set + to false fluent-bit will try indefinetly. If set to any + integer N>0 it will try at most N+1 times. Leading zeros + are not allowed (values such as 007, 0150, 01 do not work). + If this property is not defined fluent-bit will use the + default value: 1.' + pattern: ^(((f|F)alse)|(no_limits)|(no_retries)|([1-9]+[0-9]*))$ + type: string + tlsDebug: + description: Debug level between 0 (nothing) and 4 (every + detail). + format: int32 + type: integer + tlsVerify: + description: When enabled, turns on certificate validation + when connecting to the Kubernetes API server. + type: boolean + useJournal: + description: When enabled, the filter reads logs coming + in Journald format. + type: boolean + useKubelet: + description: |- + This is an optional feature flag to get metadata information from kubelet + instead of calling Kube Server API to enhance the log. + This could mitigate the Kube API heavy traffic issue for large cluster. + type: boolean + type: object + logToMetrics: + description: LogToMetrics defines a Log to Metrics Filter configuration. + properties: + addLabel: + description: Add a custom label NAME and set the value to + the value of KEY + items: + type: string + type: array + alias: + description: Alias for the plugin + type: string + bucket: + description: Defines a bucket for histogram + items: + type: string + type: array + discardLogs: + description: |- + Flag that defines if logs should be discarded after processing. This applies + for all logs, no matter if they have emitted metrics or not. + type: boolean + emitterMemBufLimit: + description: set a buffer limit to restrict memory usage + of metrics emitter + type: string + emitterName: + description: Name of the emitter (advanced users) + type: string + exclude: + description: |- + Optional filter for records in which the content of KEY does not matches the regular expression. + Value Format: FIELD REGEX + items: + type: string + type: array + kubernetesMode: + description: |- + If enabled, it will automatically put pod_id, pod_name, namespace_name, docker_id and container_name + into the metric as labels. This option is intended to be used in combination with the kubernetes filter plugin. + type: boolean + labelField: + description: Includes a record field as label dimension + in the metric. + items: + type: string + type: array + metricDescription: + description: Sets a help text for the metric. + type: string + metricMode: + description: Defines the mode for the metric. Valid values + are [counter, gauge or histogram] + type: string + metricName: + description: Sets the name of the metric. + type: string + metricNamespace: + description: Namespace of the metric + type: string + metricSubsystem: + description: Sets a sub-system for the metric. + type: string + regex: + description: |- + Optional filter for records in which the content of KEY matches the regular expression. + Value Format: FIELD REGEX + items: + type: string + type: array + retryLimit: + description: 'RetryLimit describes how many times fluent-bit + should retry to send data to a specific output. If set + to false fluent-bit will try indefinetly. If set to any + integer N>0 it will try at most N+1 times. Leading zeros + are not allowed (values such as 007, 0150, 01 do not work). + If this property is not defined fluent-bit will use the + default value: 1.' + pattern: ^(((f|F)alse)|(no_limits)|(no_retries)|([1-9]+[0-9]*))$ + type: string + tag: + description: Defines the tag for the generated metrics record + type: string + valueField: + description: Specify the record field that holds a numerical + value + type: string + type: object + lua: + description: Lua defines Lua Filter configuration. + properties: + alias: + description: Alias for the plugin + type: string + call: + description: |- + Lua function name that will be triggered to do filtering. + It's assumed that the function is declared inside the Script defined above. + type: string + code: + description: Inline LUA code instead of loading from a path + via script. + type: string + protectedMode: + description: |- + If enabled, Lua script will be executed in protected mode. + It prevents to crash when invalid Lua script is executed. Default is true. + type: boolean + retryLimit: + description: 'RetryLimit describes how many times fluent-bit + should retry to send data to a specific output. If set + to false fluent-bit will try indefinetly. If set to any + integer N>0 it will try at most N+1 times. Leading zeros + are not allowed (values such as 007, 0150, 01 do not work). + If this property is not defined fluent-bit will use the + default value: 1.' + pattern: ^(((f|F)alse)|(no_limits)|(no_retries)|([1-9]+[0-9]*))$ + type: string + script: + description: Path to the Lua script that will be used. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + timeAsTable: + description: |- + By default when the Lua script is invoked, the record timestamp is passed as a + Floating number which might lead to loss precision when the data is converted back. + If you desire timestamp precision enabling this option will pass the timestamp as + a Lua table with keys sec for seconds since epoch and nsec for nanoseconds. + type: boolean + typeArrayKey: + description: |- + If these keys are matched, the fields are handled as array. If more than + one key, delimit by space. It is useful the array can be empty. + items: + type: string + type: array + typeIntKey: + description: |- + If these keys are matched, the fields are converted to integer. + If more than one key, delimit by space. + Note that starting from Fluent Bit v1.6 integer data types are preserved + and not converted to double as in previous versions. + items: + type: string + type: array + required: + - call + type: object + modify: + description: Modify defines Modify Filter configuration. + properties: + alias: + description: Alias for the plugin + type: string + conditions: + description: All conditions have to be true for the rules + to be applied. + items: + description: The plugin supports the following conditions + properties: + aKeyMatches: + description: Is true if a key matches regex KEY + type: string + keyDoesNotExist: + additionalProperties: + type: string + description: Is true if KEY does not exist + type: object + keyExists: + description: Is true if KEY exists + type: string + keyValueDoesNotEqual: + additionalProperties: + type: string + description: Is true if KEY exists and its value is + not VALUE + type: object + keyValueDoesNotMatch: + additionalProperties: + type: string + description: Is true if key KEY exists and its value + does not match VALUE + type: object + keyValueEquals: + additionalProperties: + type: string + description: Is true if KEY exists and its value is + VALUE + type: object + keyValueMatches: + additionalProperties: + type: string + description: Is true if key KEY exists and its value + matches VALUE + type: object + matchingKeysDoNotHaveMatchingValues: + additionalProperties: + type: string + description: Is true if all keys matching KEY have + values that do not match VALUE + type: object + matchingKeysHaveMatchingValues: + additionalProperties: + type: string + description: Is true if all keys matching KEY have + values that match VALUE + type: object + noKeyMatches: + description: Is true if no key matches regex KEY + type: string + type: object + type: array + retryLimit: + description: 'RetryLimit describes how many times fluent-bit + should retry to send data to a specific output. If set + to false fluent-bit will try indefinetly. If set to any + integer N>0 it will try at most N+1 times. Leading zeros + are not allowed (values such as 007, 0150, 01 do not work). + If this property is not defined fluent-bit will use the + default value: 1.' + pattern: ^(((f|F)alse)|(no_limits)|(no_retries)|([1-9]+[0-9]*))$ + type: string + rules: + description: |- + Rules are applied in the order they appear, + with each rule operating on the result of the previous rule. + items: + description: The plugin supports the following rules + properties: + add: + additionalProperties: + type: string + description: Add a key/value pair with key KEY and + value VALUE if KEY does not exist + type: object + copy: + additionalProperties: + type: string + description: Copy a key/value pair with key KEY to + COPIED_KEY if KEY exists AND COPIED_KEY does not + exist + type: object + hardCopy: + additionalProperties: + type: string + description: |- + Copy a key/value pair with key KEY to COPIED_KEY if KEY exists. + If COPIED_KEY already exists, this field is overwritten + type: object + hardRename: + additionalProperties: + type: string + description: |- + Rename a key/value pair with key KEY to RENAMED_KEY if KEY exists. + If RENAMED_KEY already exists, this field is overwritten + type: object + remove: + description: Remove a key/value pair with key KEY + if it exists + type: string + removeRegex: + description: Remove all key/value pairs with key matching + regexp KEY + type: string + removeWildcard: + description: Remove all key/value pairs with key matching + wildcard KEY + type: string + rename: + additionalProperties: + type: string + description: Rename a key/value pair with key KEY + to RENAMED_KEY if KEY exists AND RENAMED_KEY does + not exist + type: object + set: + additionalProperties: + type: string + description: Add a key/value pair with key KEY and + value VALUE. If KEY already exists, this field is + overwritten + type: object + type: object + type: array + type: object + multiline: + description: Multiline defines a Multiline configuration. + properties: + alias: + description: Alias for the plugin + type: string + buffer: + default: false + type: boolean + emitterMemBufLimit: + default: 10 + description: Set a limit on the amount of memory in MB the + emitter can consume if the outputs provide backpressure. + The default for this limit is 10M. The pipeline will pause + once the buffer exceeds the value of this setting. For + example, if the value is set to 10MB then the pipeline + will pause if the buffer exceeds 10M. The pipeline will + remain paused until the output drains the buffer below + the 10M limit. + type: integer + emitterName: + description: Name for the emitter input instance which re-emits + the completed records at the beginning of the pipeline. + type: string + emitterType: + default: memory + description: The storage type for the emitter input instance. + This option supports the values memory (default) and filesystem. + enum: + - memory + - filesystem + type: string + flushMs: + default: 2000 + type: integer + keyContent: + description: |- + Key name that holds the content to process. + Note that a Multiline Parser definition can already specify the key_content to use, but this option allows to overwrite that value for the purpose of the filter. + type: string + mode: + enum: + - parser + - partial_message + type: string + parser: + description: |- + Specify one or multiple Multiline Parsing definitions to apply to the content. + You can specify multiple multiline parsers to detect different formats by separating them with a comma. + type: string + retryLimit: + description: 'RetryLimit describes how many times fluent-bit + should retry to send data to a specific output. If set + to false fluent-bit will try indefinetly. If set to any + integer N>0 it will try at most N+1 times. Leading zeros + are not allowed (values such as 007, 0150, 01 do not work). + If this property is not defined fluent-bit will use the + default value: 1.' + pattern: ^(((f|F)alse)|(no_limits)|(no_retries)|([1-9]+[0-9]*))$ + type: string + required: + - parser + type: object + nest: + description: Nest defines Nest Filter configuration. + properties: + addPrefix: + description: Prefix affected keys with this string + type: string + alias: + description: Alias for the plugin + type: string + nestUnder: + description: Nest records matching the Wildcard under this + key + type: string + nestedUnder: + description: Lift records nested under the Nested_under + key + type: string + operation: + description: Select the operation nest or lift + enum: + - nest + - lift + type: string + removePrefix: + description: Remove prefix from affected keys if it matches + this string + type: string + retryLimit: + description: 'RetryLimit describes how many times fluent-bit + should retry to send data to a specific output. If set + to false fluent-bit will try indefinetly. If set to any + integer N>0 it will try at most N+1 times. Leading zeros + are not allowed (values such as 007, 0150, 01 do not work). + If this property is not defined fluent-bit will use the + default value: 1.' + pattern: ^(((f|F)alse)|(no_limits)|(no_retries)|([1-9]+[0-9]*))$ + type: string + wildcard: + description: Nest records which field matches the wildcard + items: + type: string + type: array + type: object + parser: + description: Parser defines Parser Filter configuration. + properties: + alias: + description: Alias for the plugin + type: string + keyName: + description: Specify field name in record to parse. + type: string + parser: + description: |- + Specify the parser name to interpret the field. + Multiple Parser entries are allowed (split by comma). + type: string + preserveKey: + description: |- + Keep original Key_Name field in the parsed result. + If false, the field will be removed. + type: boolean + reserveData: + description: |- + Keep all other original fields in the parsed result. + If false, all other original fields will be removed. + type: boolean + retryLimit: + description: 'RetryLimit describes how many times fluent-bit + should retry to send data to a specific output. If set + to false fluent-bit will try indefinetly. If set to any + integer N>0 it will try at most N+1 times. Leading zeros + are not allowed (values such as 007, 0150, 01 do not work). + If this property is not defined fluent-bit will use the + default value: 1.' + pattern: ^(((f|F)alse)|(no_limits)|(no_retries)|([1-9]+[0-9]*))$ + type: string + unescapeKey: + description: 'If the key is a escaped string (e.g: stringify + JSON), unescape the string before to apply the parser.' + type: boolean + type: object + recordModifier: + description: RecordModifier defines Record Modifier Filter configuration. + properties: + alias: + description: Alias for the plugin + type: string + allowlistKeys: + description: If the key is not matched, that field is removed. + items: + type: string + type: array + records: + description: Append fields. This parameter needs key and + value pair. + items: + type: string + type: array + removeKeys: + description: If the key is matched, that field is removed. + items: + type: string + type: array + retryLimit: + description: 'RetryLimit describes how many times fluent-bit + should retry to send data to a specific output. If set + to false fluent-bit will try indefinetly. If set to any + integer N>0 it will try at most N+1 times. Leading zeros + are not allowed (values such as 007, 0150, 01 do not work). + If this property is not defined fluent-bit will use the + default value: 1.' + pattern: ^(((f|F)alse)|(no_limits)|(no_retries)|([1-9]+[0-9]*))$ + type: string + uuidKeys: + description: If set, the plugin appends uuid to each record. + The value assigned becomes the key in the map. + items: + type: string + type: array + whitelistKeys: + description: An alias of allowlistKeys for backwards compatibility. + items: + type: string + type: array + type: object + rewriteTag: + description: RewriteTag defines a RewriteTag configuration. + properties: + alias: + description: Alias for the plugin + type: string + emitterMemBufLimit: + type: string + emitterName: + description: |- + When the filter emits a record under the new Tag, there is an internal emitter + plugin that takes care of the job. Since this emitter expose metrics as any other + component of the pipeline, you can use this property to configure an optional name for it. + type: string + emitterStorageType: + type: string + retryLimit: + description: 'RetryLimit describes how many times fluent-bit + should retry to send data to a specific output. If set + to false fluent-bit will try indefinetly. If set to any + integer N>0 it will try at most N+1 times. Leading zeros + are not allowed (values such as 007, 0150, 01 do not work). + If this property is not defined fluent-bit will use the + default value: 1.' + pattern: ^(((f|F)alse)|(no_limits)|(no_retries)|([1-9]+[0-9]*))$ + type: string + rules: + description: |- + Defines the matching criteria and the format of the Tag for the matching record. + The Rule format have four components: KEY REGEX NEW_TAG KEEP. + items: + type: string + type: array + type: object + throttle: + description: Throttle defines a Throttle configuration. + properties: + alias: + description: Alias for the plugin + type: string + interval: + description: Interval is the time interval expressed in + "sleep" format. e.g. 3s, 1.5m, 0.5h, etc. + pattern: ^\d+(\.[0-9]{0,2})?(s|m|h|d)?$ + type: string + printStatus: + description: PrintStatus represents whether to print status + messages with current rate and the limits to information + logs. + type: boolean + rate: + description: Rate is the amount of messages for the time. + format: int64 + type: integer + retryLimit: + description: 'RetryLimit describes how many times fluent-bit + should retry to send data to a specific output. If set + to false fluent-bit will try indefinetly. If set to any + integer N>0 it will try at most N+1 times. Leading zeros + are not allowed (values such as 007, 0150, 01 do not work). + If this property is not defined fluent-bit will use the + default value: 1.' + pattern: ^(((f|F)alse)|(no_limits)|(no_retries)|([1-9]+[0-9]*))$ + type: string + window: + description: Window is the amount of intervals to calculate + average over. + format: int64 + type: integer + type: object + wasm: + description: Wasm defines a Wasm configuration. + properties: + accessiblePaths: + description: Specify the whitelist of paths to be able to + access paths from WASM programs. + items: + type: string + type: array + alias: + description: Alias for the plugin + type: string + eventFormat: + description: 'Define event format to interact with Wasm + programs: msgpack or json. Default: json' + type: string + functionName: + description: Wasm function name that will be triggered to + do filtering. It's assumed that the function is built + inside the Wasm program specified above. + type: string + retryLimit: + description: 'RetryLimit describes how many times fluent-bit + should retry to send data to a specific output. If set + to false fluent-bit will try indefinetly. If set to any + integer N>0 it will try at most N+1 times. Leading zeros + are not allowed (values such as 007, 0150, 01 do not work). + If this property is not defined fluent-bit will use the + default value: 1.' + pattern: ^(((f|F)alse)|(no_limits)|(no_retries)|([1-9]+[0-9]*))$ + type: string + wasmHeapSize: + description: Size of the heap size of Wasm execution. Review + unit sizes for allowed values. + pattern: ^\d+(k|K|KB|kb|m|M|MB|mb|g|G|GB|gb)?$ + type: string + wasmPath: + description: Path to the built Wasm program that will be + used. This can be a relative path against the main configuration + file. + type: string + wasmStackSize: + description: Size of the stack size of Wasm execution. Review + unit sizes for allowed values. + pattern: ^\d+(k|K|KB|kb|m|M|MB|mb|g|G|GB|gb)?$ + type: string + type: object + type: object + type: array + logLevel: + enum: + - "off" + - error + - warning + - info + - debug + - trace + type: string + match: + description: |- + A pattern to match against the tags of incoming records. + It's case-sensitive and support the star (*) character as a wildcard. + type: string + matchRegex: + description: |- + A regular expression to match against the tags of incoming records. + Use this option if you want to use the full regex syntax. + type: string + ordinal: + description: An ordinal to influence filter ordering + format: int32 + type: integer + type: object + type: object + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + name: clusterfilters.fluentd.fluent.io +spec: + group: fluentd.fluent.io + names: + kind: ClusterFilter + listKind: ClusterFilterList + plural: clusterfilters + shortNames: + - cfdf + singular: clusterfilter + scope: Cluster + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: ClusterFilter is the Schema for the clusterfilters API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: ClusterFilterSpec defines the desired state of ClusterFilter + properties: + filters: + items: + description: Filter defines all available filter plugins and their + parameters. + properties: + customPlugin: + description: Custom plugin type + properties: + config: + type: string + required: + - config + type: object + grep: + description: The filter_grep filter plugin + properties: + and: + items: + description: And defines the parameters for the "and" + plugin + properties: + exclude: + description: Exclude defines the parameters for the + exclude plugin + properties: + key: + type: string + pattern: + type: string + type: object + regexp: + description: Regexp defines the parameters for the + regexp plugin + properties: + key: + type: string + pattern: + type: string + type: object + type: object + type: array + exclude: + items: + description: Exclude defines the parameters for the exclude + plugin + properties: + key: + type: string + pattern: + type: string + type: object + type: array + or: + items: + description: Or defines the parameters for the "or" plugin + properties: + exclude: + description: Exclude defines the parameters for the + exclude plugin + properties: + key: + type: string + pattern: + type: string + type: object + regexp: + description: Regexp defines the parameters for the + regexp plugin + properties: + key: + type: string + pattern: + type: string + type: object + type: object + type: array + regexp: + items: + description: Regexp defines the parameters for the regexp + plugin + properties: + key: + type: string + pattern: + type: string + type: object + type: array + type: object + logLevel: + description: The @log_level parameter specifies the plugin-specific + logging level + type: string + parser: + description: The filter_parser filter plugin + properties: + emitInvalidRecordToError: + description: |- + Emits invalid record to @ERROR label. Invalid cases are: key does not exist;the format is not matched;an unexpected error. + If you want to ignore these errors, set false. + type: boolean + hashValueField: + description: Stores the parsed values as a hash value in + a field. + type: string + injectKeyPrefix: + description: Stores the parsed values with the specified + key name prefix. + type: string + keyName: + description: |- + Specifies the field name in the record to parse. Required parameter. + i.e: If set keyName to log, {"key":"value","log":"{\"time\":1622473200,\"user\":1}"} => {"user":1} + type: string + parse: + description: Parse defines various parameters for the parse + plugin + properties: + customPatternPath: + description: Path to the file that includes custom grok + patterns. + type: string + estimateCurrentEvent: + description: If true, use Fluent::Eventnow(current time) + as a timestamp when time_key is specified. + type: boolean + expression: + description: Specifies the regular expression for matching + logs. Regular expression also supports i and m suffix. + type: string + grok: + description: Grok Sections + items: + properties: + keepTimeKey: + description: If true, keep time field in the record. + type: boolean + name: + description: The name of this grok section. + type: string + pattern: + description: The pattern of grok. Required parameter. + type: string + timeFormat: + description: Process value using specified format. + This is available only when time_type is string + type: string + timeKey: + description: Specify time field for event time. + If the event doesn't have this field, current + time is used. + type: string + timeZone: + description: Use specified timezone. one can parse/format + the time value in the specified timezone. + type: string + type: object + type: array + grokFailureKey: + description: The key has grok failure reason. + type: string + grokPattern: + description: The pattern of grok. + type: string + grokPatternSeries: + description: Specify grok pattern series set. + type: string + id: + description: The @id parameter specifies a unique name + for the configuration. + type: string + keepTimeKey: + description: If true, keep time field in th record. + type: boolean + localtime: + description: If true, uses local time. + type: boolean + logLevel: + description: The @log_level parameter specifies the + plugin-specific logging level + type: string + multiLineStartRegexp: + description: The regexp to match beginning of multiline. + This is only for "multiline_grok". + type: string + timeFormat: + description: Process value according to the specified + format. This is available only when time_type is string + type: string + timeFormatFallbacks: + description: Uses the specified time format as a fallback + in the specified order. You can parse undetermined + time format by using time_format_fallbacks. This options + is enabled when time_type is mixed. + type: string + timeKey: + description: Specify time field for event time. If the + event doesn't have this field, current time is used. + type: string + timeType: + description: parses/formats value according to this + type, default is string + enum: + - float + - unixtime + - string + - mixed + type: string + timeout: + description: Specify timeout for parse processing. + pattern: ^\d+(\.[0-9]{0,2})?(s|m|h|d)?$ + type: string + timezone: + description: Uses the specified timezone. + type: string + type: + description: The @type parameter specifies the type + of the plugin. + enum: + - regexp + - apache2 + - apache_error + - nginx + - syslog + - csv + - tsv + - ltsv + - json + - multiline + - none + - grok + - multiline_grok + type: string + types: + description: 'Specify types for converting field into + another, i.e: types user_id:integer,paid:bool,paid_usd_amount:float' + type: string + utc: + description: If true, uses UTC. + type: boolean + required: + - type + type: object + removeKeyNameField: + description: Removes key_name field when parsing is succeeded. + type: boolean + replaceInvalidSequence: + description: If true, invalid string is replaced with safe + characters and re-parse it. + type: boolean + reserveData: + description: |- + Keeps the original key-value pair in the parsed result. Default is false. + i.e: If set keyName to log, reverseData to true, + {"key":"value","log":"{\"user\":1,\"num\":2}"} => {"key":"value","log":"{\"user\":1,\"num\":2}","user":1,"num":2} + type: boolean + reserveTime: + description: Keeps the original event time in the parsed + result. Default is false. + type: boolean + required: + - keyName + - parse + type: object + recordTransformer: + description: The filter_record_transformer filter plugin + properties: + autoTypecast: + description: |- + Automatically casts the field types. Default is false. + This option is effective only for field values comprised of a single placeholder. + type: boolean + enableRuby: + description: |- + When set to true, the full Ruby syntax is enabled in the ${...} expression. The default value is false. + i.e: jsonized_record ${record.to_json} + type: boolean + keepKeys: + description: A list of keys to keep. Only relevant if renew_record + is set to true. + type: string + records: + items: + description: The parameters inside directives + are considered to be new key-value pairs + properties: + key: + description: New field can be defined as key + type: string + value: + description: |- + The value must from Record properties. + See https://docs.fluentd.org/filter/record_transformer#less-than-record-greater-than-directive + type: string + required: + - key + - value + type: object + type: array + removeKeys: + description: A list of keys to delete. Supports nested field + via record_accessor syntax since v1.1.0. + type: string + renewRecord: + description: By default, the record transformer filter mutates + the incoming data. However, if this parameter is set to + true, it modifies a new empty hash instead. + type: boolean + renewTimeKey: + description: renew_time_key foo overwrites the time of events + with a value of the record field foo if exists. The value + of foo must be a Unix timestamp. + type: string + type: object + stdout: + description: The filter_stdout filter plugin + properties: + format: + description: The format section + properties: + delimiter: + description: Delimiter for each field. + type: string + id: + description: The @id parameter specifies a unique name + for the configuration. + type: string + localtime: + description: If true, uses local time. + type: boolean + logLevel: + description: The @log_level parameter specifies the + plugin-specific logging level + type: string + newline: + description: Specify newline characters. + enum: + - lf + - crlf + type: string + outputTag: + description: Output tag field if true. + type: boolean + outputTime: + description: Output time field if true. + type: boolean + timeFormat: + description: Process value according to the specified + format. This is available only when time_type is string + type: string + timeFormatFallbacks: + description: Uses the specified time format as a fallback + in the specified order. You can parse undetermined + time format by using time_format_fallbacks. This options + is enabled when time_type is mixed. + type: string + timeType: + description: parses/formats value according to this + type, default is string + enum: + - float + - unixtime + - string + - mixed + type: string + timezone: + description: Uses the specified timezone. + type: string + type: + description: The @type parameter specifies the type + of the plugin. + enum: + - out_file + - json + - ltsv + - csv + - msgpack + - hash + - single_value + type: string + utc: + description: If true, uses UTC. + type: boolean + type: object + inject: + description: The inject section + properties: + hostname: + description: Hostname value + type: string + hostnameKey: + description: The field name to inject hostname + type: string + inline: + description: Time section + properties: + localtime: + description: If true, uses local time. + type: boolean + timeFormat: + description: Process value according to the specified + format. This is available only when time_type + is string + type: string + timeFormatFallbacks: + description: Uses the specified time format as a + fallback in the specified order. You can parse + undetermined time format by using time_format_fallbacks. + This options is enabled when time_type is mixed. + type: string + timeType: + description: parses/formats value according to this + type, default is string + enum: + - float + - unixtime + - string + - mixed + type: string + timezone: + description: Uses the specified timezone. + type: string + utc: + description: If true, uses UTC. + type: boolean + type: object + tagKey: + description: The field name to inject tag + type: string + timeKey: + description: The field name to inject time + type: string + workerIdKey: + description: The field name to inject worker_id + type: string + type: object + type: object + tag: + description: Which tag to be matched. + type: string + type: object + type: array + type: object + status: + description: ClusterFilterStatus defines the observed state of ClusterFilter + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + name: clusterfluentbitconfigs.fluentbit.fluent.io +spec: + group: fluentbit.fluent.io + names: + kind: ClusterFluentBitConfig + listKind: ClusterFluentBitConfigList + plural: clusterfluentbitconfigs + shortNames: + - cfbc + singular: clusterfluentbitconfig + scope: Cluster + versions: + - name: v1alpha2 + schema: + openAPIV3Schema: + description: ClusterFluentBitConfig is the Schema for the cluster-level fluentbitconfigs + API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: FluentBitConfigSpec defines the desired state of ClusterFluentBitConfig + properties: + configFileFormat: + description: |- + ConfigFileFormat defines the format of the config file, default is "classic", + available options are "classic" and "yaml" + enum: + - classic + - yaml + type: string + filterSelector: + description: Select filter plugins + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + inputSelector: + description: Select input plugins + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + multilineParserSelector: + description: Select multiline parser plugins + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespace: + description: |- + If namespace is defined, then the configmap and secret for fluent-bit is in this namespace. + If it is not defined, it is in the namespace of the fluentd-operator + type: string + outputSelector: + description: Select output plugins + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + parserSelector: + description: Select parser plugins + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + service: + description: Service defines the global behaviour of the Fluent Bit + engine. + properties: + daemon: + description: If true go to background on start + type: boolean + emitterMemBufLimit: + type: string + emitterName: + description: Per-namespace re-emitter configuration + type: string + emitterStorageType: + type: string + flushSeconds: + description: Interval to flush output + type: number + graceSeconds: + description: Wait time on exit + format: int64 + type: integer + hcErrorsCount: + description: 'the error count to meet the unhealthy requirement, + this is a sum for all output plugins in a defined HC_Period, + example for output error: [2022/02/16 10:44:10] [ warn] [engine] + failed to flush chunk ''1-1645008245.491540684.flb'', retry + in 7 seconds: task_id=0, input=forward.1 > output=cloudwatch_logs.3 + (out_id=3)' + format: int64 + minimum: 1 + type: integer + hcPeriod: + description: The time period by second to count the error and + retry failure data point + format: int64 + minimum: 1 + type: integer + hcRetryFailureCount: + description: 'the retry failure count to meet the unhealthy requirement, + this is a sum for all output plugins in a defined HC_Period, + example for retry failure: [2022/02/16 20:11:36] [ warn] [engine] + chunk ''1-1645042288.260516436.flb'' cannot be retried: task_id=0, + input=tcp.3 > output=cloudwatch_logs.1' + format: int64 + minimum: 1 + type: integer + healthCheck: + description: 'enable Health check feature at http://127.0.0.1:2020/api/v1/health + Note: Enabling this will not automatically configure kubernetes + to use fluentbit''s healthcheck endpoint' + type: boolean + hotReload: + description: If true enable reloading via HTTP + type: boolean + httpListen: + description: Address to listen + pattern: ^\d{1,3}.\d{1,3}.\d{1,3}.\d{1,3}$ + type: string + httpPort: + description: Port to listen + format: int32 + maximum: 65535 + minimum: 1 + type: integer + httpServer: + description: If true enable statistics HTTP server + type: boolean + logFile: + description: File to log diagnostic output + type: string + logLevel: + description: Diagnostic level (error/warning/info/debug/trace) + enum: + - "off" + - error + - warning + - info + - debug + - trace + type: string + parsersFile: + description: Optional 'parsers' config file (can be multiple) + type: string + parsersFiles: + description: backward compatible + items: + type: string + type: array + storage: + description: Configure a global environment for the storage layer + in Service. It is recommended to configure the volume and volumeMount + separately for this storage. The hostPath type should be used + for that Volume in Fluentbit daemon set. + properties: + backlogMemLimit: + description: This option configure a hint of maximum value + of memory to use when processing these records + type: string + checksum: + description: Enable the data integrity check when writing + and reading data from the filesystem + enum: + - "on" + - "off" + type: string + deleteIrrecoverableChunks: + description: When enabled, irrecoverable chunks will be deleted + during runtime, and any other irrecoverable chunk located + in the configured storage path directory will be deleted + when Fluent-Bit starts. + enum: + - "on" + - "off" + type: string + maxChunksUp: + description: If the input plugin has enabled filesystem storage + type, this property sets the maximum number of Chunks that + can be up in memory + format: int64 + type: integer + metrics: + description: If http_server option has been enabled in the + Service section, this option registers a new endpoint where + internal metrics of the storage layer can be consumed + enum: + - "on" + - "off" + type: string + path: + description: Select an optional location in the file system + to store streams and chunks of data/ + type: string + sync: + description: Configure the synchronization mode used to store + the data into the file system + enum: + - normal + - full + type: string + type: object + type: object + type: object + type: object + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + name: clusterfluentdconfigs.fluentd.fluent.io +spec: + group: fluentd.fluent.io + names: + kind: ClusterFluentdConfig + listKind: ClusterFluentdConfigList + plural: clusterfluentdconfigs + shortNames: + - cfdc + singular: clusterfluentdconfig + scope: Cluster + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: ClusterFluentdConfig is the Schema for the clusterfluentdconfigs + API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: ClusterFluentdConfigSpec defines the desired state of ClusterFluentdConfig + properties: + clusterFilterSelector: + description: Select cluster filter plugins + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + clusterInputSelector: + description: Select cluster input plugins + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + clusterOutputSelector: + description: Select cluster output plugins + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + emit_mode: + description: |- + Emit mode. If batch, the plugin will emit events per labels matched. Enum: record, batch. + will make no effect if EnableFilterKubernetes is set false. + enum: + - record + - batch + type: string + stickyTags: + description: |- + Sticky tags will match only one record from an event stream. The same tag will be treated the same way. + will make no effect if EnableFilterKubernetes is set false. + type: string + watchedConstainers: + description: A set of container names. Ignored if left empty. + items: + type: string + type: array + watchedHosts: + description: A set of hosts. Ignored if left empty. + items: + type: string + type: array + watchedLabels: + additionalProperties: + type: string + description: Use this field to filter the logs, will make no effect + if EnableFilterKubernetes is set false. + type: object + watchedNamespaces: + description: A set of namespaces. The whole namespaces would be watched + if left empty. + items: + type: string + type: array + type: object + status: + description: ClusterFluentdConfigStatus defines the observed state of + ClusterFluentdConfig + properties: + messages: + description: Messages defines the plugin errors which is selected + by this fluentdconfig + type: string + state: + description: The state of this fluentd config + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + name: clusterinputs.fluentbit.fluent.io +spec: + group: fluentbit.fluent.io + names: + kind: ClusterInput + listKind: ClusterInputList + plural: clusterinputs + shortNames: + - cfbi + singular: clusterinput + scope: Cluster + versions: + - name: v1alpha2 + schema: + openAPIV3Schema: + description: ClusterInput is the Schema for the inputs API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: InputSpec defines the desired state of ClusterInput + properties: + alias: + description: |- + A user friendly alias name for this input plugin. + Used in metrics for distinction of each configured input. + type: string + collectd: + description: Collectd defines the Collectd input plugin configuration + properties: + listen: + description: 'Set the address to listen to, default: 0.0.0.0' + type: string + port: + description: 'Set the port to listen to, default: 25826' + format: int32 + maximum: 65535 + minimum: 1 + type: integer + typesDB: + description: 'Set the data specification file,default: /usr/share/collectd/types.db' + type: string + type: object + customPlugin: + description: CustomPlugin defines Custom Input configuration. + properties: + config: + description: |- + Config holds any unsupported plugins classic configurations, + if ConfigFileFormat is set to yaml, this filed will be ignored + type: string + yamlConfig: + description: YamlConfig holds the unsupported plugins yaml configurations, + it only works when the ConfigFileFormat is yaml + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + dummy: + description: Dummy defines Dummy Input configuration. + properties: + dummy: + description: Dummy JSON record. + type: string + rate: + description: Events number generated per second. + format: int32 + type: integer + samples: + description: Sample events to generate. + format: int32 + type: integer + tag: + description: Tag name associated to all records comming from this + plugin. + type: string + type: object + execWasi: + description: ExecWasi defines the exec wasi input plugin configuration + properties: + accessiblePaths: + description: Specify the whitelist of paths to be able to access + paths from WASM programs. + items: + type: string + type: array + bufSize: + description: Size of the buffer (check unit sizes for allowed + values) + pattern: ^\d+(k|K|KB|kb|m|M|MB|mb|g|G|GB|gb)?$ + type: string + intervalNSec: + description: Polling interval (nanoseconds). + format: int64 + type: integer + intervalSec: + description: Polling interval (seconds). + format: int32 + type: integer + parser: + description: Specify the name of a parser to interpret the entry + as a structured message. + type: string + threaded: + description: 'Indicates whether to run this input in its own thread. + Default: false.' + type: boolean + wasiPath: + description: The place of a WASM program file. + type: string + wasmHeapSize: + pattern: ^\d+(k|K|KB|kb|m|M|MB|mb|g|G|GB|gb)?$ + type: string + wasmStackSize: + description: Size of the stack size of Wasm execution. Review + unit sizes for allowed values. + pattern: ^\d+(k|K|KB|kb|m|M|MB|mb|g|G|GB|gb)?$ + type: string + type: object + fluentBitMetrics: + description: FluentBitMetrics defines Fluent Bit Metrics Input configuration. + properties: + scrapeInterval: + description: The rate at which metrics are collected from the + host operating system. default is 2 seconds. + type: string + scrapeOnStart: + description: Scrape metrics upon start, useful to avoid waiting + for 'scrape_interval' for the first round of metrics. + type: boolean + tag: + type: string + type: object + forward: + description: Forward defines forward input plugin configuration + properties: + bufferMaxSize: + description: |- + Specify maximum buffer memory size used to recieve a forward message. + The value must be according to the Unit Size specification. + pattern: ^\d+(k|K|KB|kb|m|M|MB|mb|g|G|GB|gb)?$ + type: string + bufferchunkSize: + description: |- + Set the initial buffer size to store incoming data. + This value is used too to increase buffer size as required. + The value must be according to the Unit Size specification. + pattern: ^\d+(k|K|KB|kb|m|M|MB|mb|g|G|GB|gb)?$ + type: string + listen: + description: Listener network interface. + type: string + port: + description: Port for forward plugin instance. + format: int32 + maximum: 65535 + minimum: 1 + type: integer + tag: + description: in_forward uses the tag value for incoming logs. + If not set it uses tag from incoming log. + type: string + tagPrefix: + description: Adds the prefix to incoming event's tag + type: string + threaded: + description: Threaded mechanism allows input plugin to run in + a separate thread which helps to desaturate the main pipeline. + type: string + unixPath: + description: Specify the path to unix socket to recieve a forward + message. If set, Listen and port are ignnored. + type: string + unixPerm: + description: Set the permission of unix socket file. + type: string + type: object + http: + description: HTTP defines the HTTP input plugin configuration + properties: + bufferChunkSize: + description: |- + This sets the chunk size for incoming incoming JSON messages. + These chunks are then stored/managed in the space available by buffer_max_size,default 512K. + pattern: ^\d+(k|K|KB|kb|m|M|MB|mb|g|G|GB|gb)?$ + type: string + bufferMaxSize: + description: Specify the maximum buffer size in KB to receive + a JSON message,default 4M. + pattern: ^\d+(k|K|KB|kb|m|M|MB|mb|g|G|GB|gb)?$ + type: string + listen: + description: The address to listen on,default 0.0.0.0 + type: string + port: + description: The port for Fluent Bit to listen on,default 9880 + format: int32 + maximum: 65535 + minimum: 1 + type: integer + successfulHeader: + description: 'Add an HTTP header key/value pair on success. Multiple + headers can be set. Example: X-Custom custom-answer.' + type: string + successfulResponseCode: + description: It allows to set successful response code. 200, 201 + and 204 are supported,default 201. + format: int32 + type: integer + tagKey: + description: Specify the key name to overwrite a tag. If set, + the tag will be overwritten by a value of the key. + type: string + tls: + description: Fluent Bit provides integrated support for Transport + Layer Security (TLS) and it predecessor Secure Sockets Layer + (SSL) respectively. + properties: + caFile: + description: Absolute path to CA certificate file + type: string + caPath: + description: Absolute path to scan for certificate files + type: string + crtFile: + description: Absolute path to Certificate file + type: string + debug: + description: |- + Set TLS debug verbosity level. + It accept the following values: 0 (No debug), 1 (Error), 2 (State change), 3 (Informational) and 4 Verbose + enum: + - 0 + - 1 + - 2 + - 3 + - 4 + format: int32 + type: integer + keyFile: + description: Absolute path to private Key file + type: string + keyPassword: + description: Optional password for tls.key_file file + properties: + valueFrom: + description: ValueSource defines how to find a value's + key. + properties: + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: object + verify: + description: Force certificate validation + type: boolean + vhost: + description: Hostname to be used for TLS SNI extension + type: string + type: object + type: object + kubernetesEvents: + description: KubernetesEvents defines the KubernetesEvents input plugin + configuration + properties: + db: + description: Set a database file to keep track of recorded Kubernetes + events + type: string + dbSync: + description: 'Set a database sync method. values: extra, full, + normal and off' + type: string + intervalNsec: + description: 'Set the polling interval for each channel (sub seconds: + nanoseconds).' + format: int64 + type: integer + intervalSec: + description: Set the polling interval for each channel. + format: int32 + type: integer + kubeCAFile: + description: CA certificate file + type: string + kubeCAPath: + description: Absolute path to scan for certificate files + type: string + kubeNamespace: + description: Kubernetes namespace to query events from. Gets events + from all namespaces by default + type: string + kubeRequestLimit: + description: kubernetes limit parameter for events query, no limit + applied when set to 0. + format: int32 + type: integer + kubeRetentionTime: + description: Kubernetes retention time for events. + type: string + kubeTokenFile: + description: Token file + type: string + kubeTokenTTL: + description: |- + configurable 'time to live' for the K8s token. By default, it is set to 600 seconds. + After this time, the token is reloaded from Kube_Token_File or the Kube_Token_Command. + type: string + kubeURL: + description: API Server end-point + type: string + tag: + description: Tag name associated to all records comming from this + plugin. + type: string + tlsDebug: + description: Debug level between 0 (nothing) and 4 (every detail). + format: int32 + type: integer + tlsVerify: + description: When enabled, turns on certificate validation when + connecting to the Kubernetes API server. + type: boolean + tlsVhost: + description: Set optional TLS virtual host. + type: string + type: object + logLevel: + enum: + - "off" + - error + - warning + - info + - debug + - trace + type: string + mqtt: + description: MQTT defines the MQTT input plugin configuration + properties: + listen: + description: 'Listener network interface, default: 0.0.0.0' + type: string + port: + description: 'TCP port where listening for connections, default: + 1883' + format: int32 + maximum: 65535 + minimum: 1 + type: integer + type: object + nginx: + description: Nginx defines the Nginx input plugin configuration + properties: + host: + description: 'Name of the target host or IP address to check, + default: localhost' + type: string + nginxPlus: + description: 'Turn on NGINX plus mode,default: true' + type: boolean + port: + description: 'Port of the target nginx service to connect to, + default: 80' + format: int32 + maximum: 65535 + minimum: 1 + type: integer + statusURL: + description: 'The URL of the Stub Status Handler,default: /status' + type: string + type: object + nodeExporterMetrics: + description: NodeExporterMetrics defines Node Exporter Metrics Input + configuration. + properties: + path: + properties: + procfs: + description: The mount point used to collect process information + and metrics. + type: string + sysfs: + description: The path in the filesystem used to collect system + metrics. + type: string + type: object + scrapeInterval: + description: The rate at which metrics are collected from the + host operating system, default is 5 seconds. + type: string + tag: + description: Tag name associated to all records comming from this + plugin. + type: string + type: object + openTelemetry: + description: OpenTelemetry defines the OpenTelemetry input plugin + configuration + properties: + bufferChunkSize: + description: This sets the chunk size for incoming incoming JSON + messages. These chunks are then stored/managed in the space + available by buffer_max_size(default 512K). + pattern: ^\d+(k|K|KB|kb|m|M|MB|mb|g|G|GB|gb)?$ + type: string + bufferMaxSize: + description: Specify the maximum buffer size in KB to receive + a JSON message(default 4M). + pattern: ^\d+(k|K|KB|kb|m|M|MB|mb|g|G|GB|gb)?$ + type: string + listen: + description: The address to listen on,default 0.0.0.0 + type: string + port: + description: The port for Fluent Bit to listen on.default 4318. + format: int32 + maximum: 65535 + minimum: 1 + type: integer + rawTraces: + description: Route trace data as a log message(default false). + type: boolean + successfulResponseCode: + description: It allows to set successful response code. 200, 201 + and 204 are supported(default 201). + format: int32 + type: integer + tag: + description: opentelemetry uses the tag value for incoming metrics. + type: string + tagFromURI: + description: If true, tag will be created from uri. e.g. v1_metrics + from /v1/metrics + type: boolean + tagKey: + description: Specify the key name to overwrite a tag. If set, + the tag will be overwritten by a value of the key. + type: string + type: object + processors: + description: Processors defines the processors configuration + type: object + x-kubernetes-preserve-unknown-fields: true + prometheusScrapeMetrics: + description: PrometheusScrapeMetrics defines Prometheus Scrape Metrics + Input configuration. + properties: + host: + description: The host of the prometheus metric endpoint that you + want to scrape + type: string + metricsPath: + description: 'The metrics URI endpoint, that must start with a + forward slash, deflaut: /metrics' + type: string + port: + description: The port of the promethes metric endpoint that you + want to scrape + format: int32 + maximum: 65535 + minimum: 1 + type: integer + scrapeInterval: + description: 'The interval to scrape metrics, default: 10s' + type: string + tag: + description: Tag name associated to all records comming from this + plugin + type: string + type: object + statsd: + description: StatsD defines the StatsD input plugin configuration + properties: + listen: + description: 'Listener network interface, default: 0.0.0.0' + type: string + port: + description: 'UDP port where listening for connections, default: + 8125' + format: int32 + maximum: 65535 + minimum: 1 + type: integer + type: object + syslog: + description: Syslog defines the Syslog input plugin configuration + properties: + bufferChunkSize: + description: |- + By default the buffer to store the incoming Syslog messages, do not allocate the maximum memory allowed, instead it allocate memory when is required. + The rounds of allocations are set by Buffer_Chunk_Size. If not set, Buffer_Chunk_Size is equal to 32000 bytes (32KB). + pattern: ^\d+(k|K|KB|kb|m|M|MB|mb|g|G|GB|gb)?$ + type: string + bufferMaxSize: + description: Specify the maximum buffer size to receive a Syslog + message. If not set, the default size will be the value of Buffer_Chunk_Size. + pattern: ^\d+(k|K|KB|kb|m|M|MB|mb|g|G|GB|gb)?$ + type: string + listen: + description: 'If Mode is set to tcp or udp, specify the network + interface to bind, default: 0.0.0.0' + type: string + mode: + description: 'Defines transport protocol mode: unix_udp (UDP over + Unix socket), unix_tcp (TCP over Unix socket), tcp or udp' + enum: + - unix_udp + - unix_tcp + - tcp + - udp + type: string + parser: + description: |- + Specify an alternative parser for the message. If Mode is set to tcp or udp then the default parser is syslog-rfc5424 otherwise syslog-rfc3164-local is used. + If your syslog messages have fractional seconds set this Parser value to syslog-rfc5424 instead. + type: string + path: + description: If Mode is set to unix_tcp or unix_udp, set the absolute + path to the Unix socket file. + type: string + port: + description: If Mode is set to tcp or udp, specify the TCP port + to listen for incoming connections. + format: int32 + maximum: 65535 + minimum: 1 + type: integer + receiveBufferSize: + description: |- + Specify the maximum socket receive buffer size. If not set, the default value is OS-dependant, + but generally too low to accept thousands of syslog messages per second without loss on udp or unix_udp sockets. Note that on Linux the value is capped by sysctl net.core.rmem_max. + pattern: ^\d+(k|K|KB|kb|m|M|MB|mb|g|G|GB|gb)?$ + type: string + sourceAddressKey: + description: Specify the key where the source address will be + injected. + type: string + unixPerm: + description: 'If Mode is set to unix_tcp or unix_udp, set the + permission of the Unix socket file, default: 0644' + format: int32 + type: integer + type: object + systemd: + description: Systemd defines Systemd Input configuration. + properties: + db: + description: Specify the database file to keep track of monitored + files and offsets. + type: string + dbSync: + description: |- + Set a default synchronization (I/O) method. values: Extra, Full, Normal, Off. + This flag affects how the internal SQLite engine do synchronization to disk, + for more details about each option please refer to this section. + note: this option was introduced on Fluent Bit v1.4.6. + enum: + - Extra + - Full + - Normal + - "Off" + type: string + maxEntries: + description: |- + When Fluent Bit starts, the Journal might have a high number of logs in the queue. + In order to avoid delays and reduce memory usage, this option allows to specify the maximum number of log entries that can be processed per round. + Once the limit is reached, Fluent Bit will continue processing the remaining log entries once Journald performs the notification. + type: integer + maxFields: + description: Set a maximum number of fields (keys) allowed per + record. + type: integer + path: + description: |- + Optional path to the Systemd journal directory, + if not set, the plugin will use default paths to read local-only logs. + type: string + pauseOnChunksOverlimit: + description: Specifies if the input plugin should be paused (stop + ingesting new data) when the storage.max_chunks_up value is + reached. + enum: + - "on" + - "off" + type: string + readFromTail: + description: Start reading new entries. Skip entries already stored + in Journald. + enum: + - "on" + - "off" + type: string + storageType: + description: Specify the buffering mechanism to use. It can be + memory or filesystem + enum: + - filesystem + - memory + type: string + stripUnderscores: + description: Remove the leading underscore of the Journald field + (key). For example the Journald field _PID becomes the key PID. + enum: + - "on" + - "off" + type: string + systemdFilter: + description: |- + Allows to perform a query over logs that contains a specific Journald key/value pairs, e.g: _SYSTEMD_UNIT=UNIT. + The Systemd_Filter option can be specified multiple times in the input section to apply multiple filters as required. + items: + type: string + type: array + systemdFilterType: + description: |- + Define the filter type when Systemd_Filter is specified multiple times. Allowed values are And and Or. + With And a record is matched only when all of the Systemd_Filter have a match. + With Or a record is matched when any of the Systemd_Filter has a match. + enum: + - And + - Or + type: string + tag: + description: |- + The tag is used to route messages but on Systemd plugin there is an extra functionality: + if the tag includes a star/wildcard, it will be expanded with the Systemd Unit file (e.g: host.* => host.UNIT_NAME). + type: string + type: object + tail: + description: Tail defines Tail Input configuration. + properties: + bufferChunkSize: + description: |- + Set the initial buffer size to read files data. + This value is used too to increase buffer size. + The value must be according to the Unit Size specification. + pattern: ^\d+(k|K|KB|kb|m|M|MB|mb|g|G|GB|gb)?$ + type: string + bufferMaxSize: + description: |- + Set the limit of the buffer size per monitored file. + When a buffer needs to be increased (e.g: very long lines), + this value is used to restrict how much the memory buffer can grow. + If reading a file exceed this limit, the file is removed from the monitored file list + The value must be according to the Unit Size specification. + pattern: ^\d+(k|K|KB|kb|m|M|MB|mb|g|G|GB|gb)?$ + type: string + db: + description: Specify the database file to keep track of monitored + files and offsets. + type: string + dbSync: + description: 'Set a default synchronization (I/O) method. Values: + Extra, Full, Normal, Off.' + enum: + - Extra + - Full + - Normal + - "Off" + type: string + disableInotifyWatcher: + description: DisableInotifyWatcher will disable inotify and use + the file stat watcher instead. + type: boolean + dockerMode: + description: |- + If enabled, the plugin will recombine split Docker log lines before passing them to any parser as configured above. + This mode cannot be used at the same time as Multiline. + type: boolean + dockerModeFlushSeconds: + description: Wait period time in seconds to flush queued unfinished + split lines. + format: int64 + type: integer + dockerModeParser: + description: Specify an optional parser for the first line of + the docker multiline mode. The parser name to be specified must + be registered in the parsers.conf file. + type: string + excludePath: + description: |- + Set one or multiple shell patterns separated by commas to exclude files matching a certain criteria, + e.g: exclude_path=*.gz,*.zip + type: string + ignoredOlder: + description: |- + Ignores records which are older than this time in seconds. + Supports m,h,d (minutes, hours, days) syntax. + Default behavior is to read all records from specified files. + Only available when a Parser is specificied and it can parse the time of a record. + pattern: ^\d+(m|h|d)?$ + type: string + key: + description: |- + When a message is unstructured (no parser applied), it's appended as a string under the key name log. + This option allows to define an alternative name for that key. + type: string + memBufLimit: + description: |- + Set a limit of memory that Tail plugin can use when appending data to the Engine. + If the limit is reach, it will be paused; when the data is flushed it resumes. + type: string + multiline: + description: |- + If enabled, the plugin will try to discover multiline messages + and use the proper parsers to compose the outgoing messages. + Note that when this option is enabled the Parser option is not used. + type: boolean + multilineFlushSeconds: + description: Wait period time in seconds to process queued multiline + messages + format: int64 + type: integer + multilineParser: + description: |- + This will help to reassembly multiline messages originally split by Docker or CRI + Specify one or Multiline Parser definition to apply to the content. + type: string + offsetKey: + description: |- + If enabled, Fluent Bit appends the offset of the current monitored file as part of the record. + The value assigned becomes the key in the map + type: string + parser: + description: Specify the name of a parser to interpret the entry + as a structured message. + type: string + parserFirstline: + description: |- + Name of the parser that matchs the beginning of a multiline message. + Note that the regular expression defined in the parser must include a group name (named capture) + type: string + parserN: + description: |- + Optional-extra parser to interpret and structure multiline entries. + This option can be used to define multiple parsers. + items: + type: string + type: array + path: + description: Pattern specifying a specific log files or multiple + ones through the use of common wildcards. + type: string + pathKey: + description: |- + If enabled, it appends the name of the monitored file as part of the record. + The value assigned becomes the key in the map. + type: string + pauseOnChunksOverlimit: + description: Specifies if the input plugin should be paused (stop + ingesting new data) when the storage.max_chunks_up value is + reached. + enum: + - "on" + - "off" + type: string + readFromHead: + description: |- + For new discovered files on start (without a database offset/position), + read the content from the head of the file, not tail. + type: boolean + refreshIntervalSeconds: + description: The interval of refreshing the list of watched files + in seconds. + format: int64 + type: integer + rotateWaitSeconds: + description: Specify the number of extra time in seconds to monitor + a file once is rotated in case some pending data is flushed. + format: int64 + type: integer + skipEmptyLines: + description: Skips empty lines in the log file from any further + processing or output. + type: boolean + skipLongLines: + description: |- + When a monitored file reach it buffer capacity due to a very long line (Buffer_Max_Size), + the default behavior is to stop monitoring that file. + Skip_Long_Lines alter that behavior and instruct Fluent Bit to skip long lines + and continue processing other lines that fits into the buffer size. + type: boolean + storageType: + description: Specify the buffering mechanism to use. It can be + memory or filesystem + enum: + - filesystem + - memory + type: string + tag: + description: |- + Set a tag (with regex-extract fields) that will be placed on lines read. + E.g. kube... + type: string + tagRegex: + description: Set a regex to exctract fields from the file + type: string + threaded: + description: Threaded mechanism allows input plugin to run in + a separate thread which helps to desaturate the main pipeline. + type: string + type: object + tcp: + description: TCP defines the TCP input plugin configuration + properties: + bufferSize: + description: Specify the maximum buffer size in KB to receive + a JSON message. If not set, the default size will be the value + of Chunk_Size. + pattern: ^\d+(k|K|KB|kb|m|M|MB|mb|g|G|GB|gb)?$ + type: string + chunkSize: + description: |- + By default the buffer to store the incoming JSON messages, do not allocate the maximum memory allowed, instead it allocate memory when is required. + The rounds of allocations are set by Chunk_Size in KB. If not set, Chunk_Size is equal to 32 (32KB). + pattern: ^\d+(k|K|KB|kb|m|M|MB|mb|g|G|GB|gb)?$ + type: string + format: + description: |- + Specify the expected payload format. It support the options json and none. + When using json, it expects JSON maps, when is set to none, it will split every record using the defined Separator (option below). + type: string + listen: + description: Listener network interface,default 0.0.0.0 + type: string + port: + description: TCP port where listening for connections,default + 5170 + format: int32 + maximum: 65535 + minimum: 1 + type: integer + separator: + description: When the expected Format is set to none, Fluent Bit + needs a separator string to split the records. By default it + uses the breakline character (LF or 0x10). + type: string + type: object + udp: + description: UDP defines the UDP input plugin configuration + properties: + bufferSize: + description: |- + BufferSize Specify the maximum buffer size in KB to receive a JSON message. + If not set, the default size will be the value of Chunk_Size. + pattern: ^\d+(k|K|KB|kb|m|M|MB|mb|g|G|GB|gb)?$ + type: string + chunkSize: + description: |- + By default the buffer to store the incoming JSON messages, do not allocate the maximum memory allowed, + instead it allocate memory when is required. + The rounds of allocations are set by Chunk_Size in KB. If not set, Chunk_Size is equal to 32 (32KB). + pattern: ^\d+(k|K|KB|kb|m|M|MB|mb|g|G|GB|gb)?$ + type: string + format: + description: |- + Format Specify the expected payload format. It support the options json and none. + When using json, it expects JSON maps, when is set to none, + it will split every record using the defined Separator (option below). + type: string + listen: + description: 'Listen Listener network interface, default: 0.0.0.0' + type: string + port: + description: 'Port Specify the UDP port where listening for connections, + default: 5170' + format: int32 + maximum: 65535 + minimum: 1 + type: integer + separator: + description: Separator When the expected Format is set to none, + Fluent Bit needs a separator string to split the records. By + default it uses the breakline character (LF or 0x10). + type: string + sourceAddressKey: + description: SourceAddressKey Specify the key where the source + address will be injected. + type: string + threaded: + description: Threaded mechanism allows input plugin to run in + a separate thread which helps to desaturate the main pipeline. + type: string + type: object + type: object + type: object + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + name: clusterinputs.fluentd.fluent.io +spec: + group: fluentd.fluent.io + names: + kind: ClusterInput + listKind: ClusterInputList + plural: clusterinputs + shortNames: + - cfdi + singular: clusterinput + scope: Cluster + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: ClusterInput is the Schema for the clusterinputs API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: ClusterInputSpec defines the desired state of ClusterInput + properties: + inputs: + items: + description: Input defines all available input plugins and their + parameters + properties: + customPlugin: + description: Custom plugin type + properties: + config: + type: string + required: + - config + type: object + forward: + description: in_forward plugin + properties: + addTagPrefix: + description: Adds the prefix to the incoming event's tag. + type: string + bind: + description: The port to listen to, default is "0.0.0.0" + type: string + chunkSizeLimit: + description: The size limit of the received chunk. If the + chunk size is larger than this value, the received chunk + is dropped. + pattern: ^\d+(KB|MB|GB|TB)$ + type: string + chunkSizeWarnLimit: + description: The warning size limit of the received chunk. + If the chunk size is larger than this value, a warning + message will be sent. + pattern: ^\d+(KB|MB|GB|TB)$ + type: string + client: + description: The security section of client plugin + properties: + host: + description: The IP address or hostname of the client. + This is exclusive with Network. + type: string + network: + description: The network address specification. This + is exclusive with Host. + type: string + sharedKey: + description: The shared key per client. + type: string + users: + description: The array of usernames. + type: string + type: object + denyKeepalive: + description: The connections will be disconnected right + after receiving a message, if true. + type: boolean + lingerTimeout: + description: The timeout used to set the linger option. + type: integer + port: + description: The port to listen to, default is 24224. + format: int32 + maximum: 65535 + minimum: 1 + type: integer + resolveHostname: + description: Tries to resolve hostname from IP addresses + or not. + type: boolean + security: + description: The security section of forward plugin + properties: + allowAnonymousSource: + description: Allows the anonymous source. sections + are required, if disabled. + type: string + selfHostname: + description: The hostname. + type: string + sharedKey: + description: The shared key for authentication. + type: string + user: + description: Defines user section directly. + properties: + password: + description: Secret defines the key of a value. + properties: + valueFrom: + description: ValueSource defines how to find + a value's key. + properties: + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: object + username: + description: Secret defines the key of a value. + properties: + valueFrom: + description: ValueSource defines how to find + a value's key. + properties: + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: object + type: object + userAuth: + description: If true, user-based authentication is used. + type: string + type: object + sendKeepalivePacket: + description: Enables the TCP keepalive for sockets. + type: boolean + skipInvalidEvent: + description: Skips the invalid incoming event. + type: boolean + sourceAddressKey: + description: The field name of the client's source address. + If set, the client's address will be set to its key. + type: string + sourceHostnameKey: + description: The field name of the client's hostname. If + set, the client's hostname will be set to its key. + type: string + tag: + description: |- + in_forward uses incoming event's tag by default (See Protocol Section). + If the tag parameter is set, its value is used instead. + type: string + transport: + description: The transport section of forward plugin + properties: + caCertPath: + description: for Cert generated + type: string + caPath: + description: for Cert signed by public CA + type: string + caPrivateKeyPassphrase: + type: string + caPrivateKeyPath: + type: string + certPath: + type: string + certVerifier: + description: other parameters + type: string + ciphers: + type: string + clientCertAuth: + type: boolean + insecure: + type: boolean + privateKeyPassphrase: + type: string + privateKeyPath: + type: string + protocol: + description: 'The protocal name of this plugin, i.e: + tls' + type: string + version: + type: string + type: object + user: + description: The security section of user plugin + properties: + password: + description: Secret defines the key of a value. + properties: + valueFrom: + description: ValueSource defines how to find a value's + key. + properties: + secretKeyRef: + description: Selects a key of a secret in the + pod's namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: object + username: + description: Secret defines the key of a value. + properties: + valueFrom: + description: ValueSource defines how to find a value's + key. + properties: + secretKeyRef: + description: Selects a key of a secret in the + pod's namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: object + type: object + type: object + http: + description: in_http plugin + properties: + addHttpHeaders: + description: Adds HTTP_ prefix headers to the record. + type: boolean + addRemoteAddr: + description: |- + Adds REMOTE_ADDR field to the record. The value of REMOTE_ADDR is the client's address. + i.e: X-Forwarded-For: host1, host2 + type: string + bind: + description: The port to listen to, default is "0.0.0.0" + type: string + bodySizeLimit: + description: The size limit of the POSTed element. + pattern: ^\d+(KB|MB|GB|TB)$ + type: string + corsAllOrigins: + description: Whitelist domains for CORS. + type: string + corsAllowCredentials: + description: Add Access-Control-Allow-Credentials header. + It's needed when a request's credentials mode is include + type: string + keepaliveTimeout: + description: The timeout limit for keeping the connection + alive. + pattern: ^\d+(\.[0-9]{0,2})?(s|m|h|d)?$ + type: string + parse: + description: The parse section of http plugin + properties: + customPatternPath: + description: Path to the file that includes custom grok + patterns. + type: string + estimateCurrentEvent: + description: If true, use Fluent::Eventnow(current time) + as a timestamp when time_key is specified. + type: boolean + expression: + description: Specifies the regular expression for matching + logs. Regular expression also supports i and m suffix. + type: string + grok: + description: Grok Sections + items: + properties: + keepTimeKey: + description: If true, keep time field in the record. + type: boolean + name: + description: The name of this grok section. + type: string + pattern: + description: The pattern of grok. Required parameter. + type: string + timeFormat: + description: Process value using specified format. + This is available only when time_type is string + type: string + timeKey: + description: Specify time field for event time. + If the event doesn't have this field, current + time is used. + type: string + timeZone: + description: Use specified timezone. one can parse/format + the time value in the specified timezone. + type: string + type: object + type: array + grokFailureKey: + description: The key has grok failure reason. + type: string + grokPattern: + description: The pattern of grok. + type: string + grokPatternSeries: + description: Specify grok pattern series set. + type: string + id: + description: The @id parameter specifies a unique name + for the configuration. + type: string + keepTimeKey: + description: If true, keep time field in th record. + type: boolean + localtime: + description: If true, uses local time. + type: boolean + logLevel: + description: The @log_level parameter specifies the + plugin-specific logging level + type: string + multiLineStartRegexp: + description: The regexp to match beginning of multiline. + This is only for "multiline_grok". + type: string + timeFormat: + description: Process value according to the specified + format. This is available only when time_type is string + type: string + timeFormatFallbacks: + description: Uses the specified time format as a fallback + in the specified order. You can parse undetermined + time format by using time_format_fallbacks. This options + is enabled when time_type is mixed. + type: string + timeKey: + description: Specify time field for event time. If the + event doesn't have this field, current time is used. + type: string + timeType: + description: parses/formats value according to this + type, default is string + enum: + - float + - unixtime + - string + - mixed + type: string + timeout: + description: Specify timeout for parse processing. + pattern: ^\d+(\.[0-9]{0,2})?(s|m|h|d)?$ + type: string + timezone: + description: Uses the specified timezone. + type: string + type: + description: The @type parameter specifies the type + of the plugin. + enum: + - regexp + - apache2 + - apache_error + - nginx + - syslog + - csv + - tsv + - ltsv + - json + - multiline + - none + - grok + - multiline_grok + type: string + types: + description: 'Specify types for converting field into + another, i.e: types user_id:integer,paid:bool,paid_usd_amount:float' + type: string + utc: + description: If true, uses UTC. + type: boolean + required: + - type + type: object + port: + description: The port to listen to, default is 9880. + format: int32 + maximum: 65535 + minimum: 1 + type: integer + respondsWithEmptyImg: + description: Responds with an empty GIF image of 1x1 pixel + (rather than an empty string). + type: boolean + transport: + description: The transport section of http plugin + properties: + caCertPath: + description: for Cert generated + type: string + caPath: + description: for Cert signed by public CA + type: string + caPrivateKeyPassphrase: + type: string + caPrivateKeyPath: + type: string + certPath: + type: string + certVerifier: + description: other parameters + type: string + ciphers: + type: string + clientCertAuth: + type: boolean + insecure: + type: boolean + privateKeyPassphrase: + type: string + privateKeyPath: + type: string + protocol: + description: 'The protocal name of this plugin, i.e: + tls' + type: string + version: + type: string + type: object + type: object + id: + description: The @id parameter specifies a unique name for the + configuration. + type: string + label: + description: The @label parameter is to route the input events + to