# Licensed under the Apache License, Version 2.0 (the 'License');
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an 'AS IS' BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Default values for filebeat
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
---
release_group: null
labels:
filebeat:
node_selector_key: openstack-control-plane
node_selector_value: enabled
job:
node_selector_key: openstack-control-plane
node_selector_value: enabled
images:
tags:
filebeat: docker.elastic.co/beats/filebeat-oss:7.1.0
dep_check: quay.io/airshipit/kubernetes-entrypoint:latest-ubuntu_focal
image_repo_sync: docker.io/library/docker:17.07.0
pull_policy: IfNotPresent
local_registry:
active: false
exclude:
- dep_check
- image_repo_sync
secrets:
elasticsearch:
user: filebeat-elasticsearch-user
oci_image_registry:
elastic-filebeat: elastic-filebeat-oci-image-registry-key
dependencies:
dynamic:
common:
local_image_registry:
jobs:
- filebeat-image-repo-sync
services:
- endpoint: node
service: local_image_registry
static:
filebeat:
services:
- endpoint: internal
service: kibana
image_repo_sync:
services:
- endpoint: internal
service: local_image_registry
conf:
filebeat:
setup:
dashboards:
enabled: true
index: "filebeat-*"
retry:
enabled: true
interval: 5
kibana:
host: "${KIBANA_HOST}:${KIBANA_PORT}"
username: "${ELASTICSEARCH_USERNAME}"
password: "${ELASTICSEARCH_PASSWORD}"
path:
logs: /var/log/
output:
elasticsearch:
hosts: ["${ELASTICSEARCH_HOST}:${ELASTICSEARCH_PORT}/"]
username: "${ELASTICSEARCH_USERNAME}"
password: "${ELASTICSEARCH_PASSWORD}"
filebeat:
config:
modules:
path: ${path.config}/modules.d/*.yml
reload:
enabled: true
autodiscover:
providers:
- type: kubernetes
templates:
- condition:
equals:
kubernetes.namespace: kube-system
config:
- type: docker
containers.ids:
- "${data.kubernetes.container.id}"
exclude_lines: ["^\\s+[\\-`('.|_]"]
- type: kubernetes
templates:
- condition:
equals:
kubernetes.namespace: ceph
config:
- type: docker
containers.ids:
- "${data.kubernetes.container.id}"
exclude_lines: ["^\\s+[\\-`('.|_]"]
- type: kubernetes
templates:
- condition:
equals:
kubernetes.namespace: openstack
config:
- type: docker
containers.ids:
- "${data.kubernetes.container.id}"
exclude_lines: ["^\\s+[\\-`('.|_]"]
- type: kubernetes
templates:
- condition:
equals:
kubernetes.namespace: osh-infra
config:
- type: docker
containers.ids:
- "${data.kubernetes.container.id}"
exclude_lines: ["^\\s+[\\-`('.|_]"]
processors:
- add_kubernetes_metadata:
in_cluster: true
- drop_event:
when:
equals:
kubernetes:
container:
name: "filebeat"
modules:
system:
- module: system
syslog:
enabled: true
var.paths: ["/var/log/syslog*"]
fields:
host:
name: "${NODE_NAME}"
auth:
enabled: true
var.paths: ["/var/log/auth.log"]
fields:
host:
name: "${NODE_NAME}"
endpoints:
cluster_domain_suffix: cluster.local
local_image_registry:
name: docker-registry
namespace: docker-registry
hosts:
default: localhost
internal: docker-registry
node: localhost
host_fqdn_override:
default: null
port:
registry:
node: 5000
oci_image_registry:
name: oci-image-registry
namespace: oci-image-registry
auth:
enabled: false
elastic-filebeat:
username: elastic-filebeat
password: password
hosts:
default: localhost
host_fqdn_override:
default: null
port:
registry:
default: null
elasticsearch:
namespace: null
name: elasticsearch
auth:
admin:
username: admin
password: changeme
hosts:
data: elasticsearch-data
default: elasticsearch-logging
discovery: elasticsearch-discovery
public: elasticsearch
host_fqdn_override:
default: null
path:
default: null
scheme:
default: http
port:
http:
default: 80
kibana:
name: kibana
namespace: null
hosts:
default: kibana-dash
public: kibana
host_fqdn_override:
default: null
path:
default: null
scheme:
default: http
port:
kibana:
default: 5601
http:
default: 80
filebeat:
namespace: null
name: filebeat
hosts:
default: filebeat
host_fqdn_override:
default: null
path:
default: null
scheme:
default: http
port:
service:
default: 5066
pod:
affinity:
anti:
type:
default: preferredDuringSchedulingIgnoredDuringExecution
topologyKey:
default: kubernetes.io/hostname
weight:
default: 10
lifecycle:
upgrades:
daemonsets:
pod_replacement_strategy: RollingUpdate
filebeat:
enabled: true
min_ready_seconds: 0
max_unavailable: 1
resources:
filebeat:
enabled: false
limits:
memory: '400Mi'
cpu: '400m'
requests:
memory: '100Mi'
cpu: '100m'
tolerations:
filebeat:
enabled: false
tolerations:
- key: node-role.kubernetes.io/master
operator: Exists
- key: node-role.kubernetes.io/control-plane
operator: Exists
- key: node-role.kubernetes.io/node
operator: Exists
mounts:
filebeat:
filebeat:
manifests:
configmap_bin: true
configmap_etc: true
daemonset: true
job_image_repo_sync: true
secret_elasticsearch: true
secret_registry: true
...