diff --git a/base-image/Makefile b/base-image/Makefile
index 8a85ccb..2184b19 100644
--- a/base-image/Makefile
+++ b/base-image/Makefile
@@ -20,7 +20,6 @@ run: build-image
-v `pwd`/failsafe.conf:/fluentd/etc/fluent.conf \
-v /var/log:/var/log \
-v /var/run:/var/run \
- -e FLUENTD_OPT="--no-supervisor" \
$(IMAGE):$(TAG)
test: build-image
@@ -29,9 +28,9 @@ test: build-image
-v `pwd`:/workspace \
-v `pwd/plugins`:/fluentd/plugins \
-v `pwd`/test/local.conf:/fluentd/etc/fluent.conf \
- -e FLUENTD_OPT="--no-supervisor" \
- -e PAPERTRAIL_PORT=$$PAPERTRAIL_PORT \
- -e PAPERTRAIL_HOST=$$PAPERTRAIL_HOST \
+ -p 0.0.0.0:24231:24231 \
+ -e PAPERTRAIL_PORT=$$PAPERTRAIL_PORT \
+ -e PAPERTRAIL_HOST=$$PAPERTRAIL_HOST \
$(IMAGE):$(TAG)
list-gems:
diff --git a/config-reloader/templates/fluent.conf b/config-reloader/templates/fluent.conf
index 89af363..d329b2e 100644
--- a/config-reloader/templates/fluent.conf
+++ b/config-reloader/templates/fluent.conf
@@ -5,6 +5,7 @@
# needed to enable /api/config.reload
rpc_endpoint 127.0.0.1:24444
+ workers 2
# you can turn this on for debug
diff --git a/config-reloader/templates/kubernetes.conf b/config-reloader/templates/kubernetes.conf
index 60013b5..1435b2a 100644
--- a/config-reloader/templates/kubernetes.conf
+++ b/config-reloader/templates/kubernetes.conf
@@ -1,27 +1,29 @@
# Sync with:
# https://raw.githubusercontent.com/fluent/fluentd-kubernetes-daemonset/master/docker-image/v1.11/debian-elasticsearch7/conf/kubernetes.conf
-
- @type tail
- @id in_tail_container_logs
- path /var/log/containers/*.log
- pos_file /var/log/{{.ID}}-fluentd-containers.log.pos
- pos_file_compaction_interval 3m
- skip_refresh_on_startup true
- tag kubernetes.*
- read_from_head true
- read_bytes_limit_per_second 8192
- multiline_flush_interval 5s
-
- @type multiline
- # cri-o
- format1 /^(?([^\n]+ (stdout|stderr) P [^\n]+\n)*)/
- format2 /(?
-
+
+
+ @type tail
+ @id in_tail_container_logs
+ path /var/log/containers/*.log
+ pos_file /var/log/{{.ID}}-fluentd-containers.log.pos
+ pos_file_compaction_interval 3m
+ skip_refresh_on_startup true
+ tag kubernetes.*
+ read_from_head true
+ read_bytes_limit_per_second 8192
+ multiline_flush_interval 5s
+
+ @type multiline
+ # cri-o
+ format1 /^(?([^\n]+ (stdout|stderr) P [^\n]+\n)*)/
+ format2 /(?
+
+
# Merge cri-o partial lines
@@ -48,183 +50,209 @@
-
- @type tail
- @id in_tail_minion
- path /var/log/salt/minion
- pos_file /var/log/{{.ID}}-fluentd-salt.pos
- pos_file_compaction_interval 3m
- skip_refresh_on_startup true
- tag salt
-
- @type regexp
- expression /^(?
-
-
-
- @type tail
- @id in_tail_startupscript
- path /var/log/startupscript.log
- pos_file /var/log/{{.ID}}-fluentd-startupscript.log.pos
- tag startupscript
- pos_file_compaction_interval 3m
- skip_refresh_on_startup true
-
- @type syslog
-
-
-
-
- @type tail
- @id in_tail_docker
- path /var/log/docker.log
- pos_file /var/log/{{.ID}}-fluentd-docker.log.pos
- pos_file_compaction_interval 3m
- skip_refresh_on_startup true
- tag docker
-
- @type regexp
- expression /^time="(?
-
-
-
- @type tail
- @id in_tail_etcd
- path /var/log/etcd.log
- pos_file /var/log/{{.ID}}-fluentd-etcd.log.pos
- pos_file_compaction_interval 3m
- skip_refresh_on_startup true
- tag k8s.etcd
-
- @type none
-
-
-
-
- @type tail
- @id in_tail_kubelet
- path /var/log/kubelet.log
- pos_file /var/log/{{.ID}}-fluentd-kubelet.log.pos
- tag k8s.kubelet
-
- @type kubernetes
-
-
-
-
- @type tail
- @id in_tail_kube_proxy
- path /var/log/kube-proxy.log
- pos_file /var/log/{{.ID}}-fluentd-kube-proxy.log.pos
- pos_file_compaction_interval 3m
- skip_refresh_on_startup true
- tag k8s.kube-proxy
-
- @type kubernetes
-
-
-
-
- @type tail
- @id in_tail_kube_apiserver
- path /var/log/kube-apiserver.log
- pos_file /var/log/{{.ID}}-fluentd-kube-apiserver.log.pos
- pos_file_compaction_interval 3m
- skip_refresh_on_startup true
- tag k8s.kube-apiserver
-
- @type kubernetes
-
-
-
-
- @type tail
- @id in_tail_kube_controller_manager
- path /var/log/kube-controller-manager.log
- pos_file /var/log/{{.ID}}-fluentd-kube-controller-manager.log.pos
- tag k8s.kube-controller-manager
-
- @type kubernetes
-
-
-
-
- @type tail
- @id in_tail_kube_scheduler
- path /var/log/kube-scheduler.log
- pos_file /var/log/{{.ID}}-fluentd-kube-scheduler.log.pos
- pos_file_compaction_interval 3m
- skip_refresh_on_startup true
- tag k8s.kube-scheduler
-
- @type kubernetes
-
-
-
-
- @type tail
- @id in_tail_rescheduler
- path /var/log/rescheduler.log
- pos_file /var/log/{{.ID}}-fluentd-rescheduler.log.pos
- pos_file_compaction_interval 3m
- skip_refresh_on_startup true
- tag k8s.rescheduler
-
- @type kubernetes
-
-
-
-
- @type tail
- @id in_tail_glbc
- path /var/log/glbc.log
- pos_file /var/log/{{.ID}}-fluentd-glbc.log.pos
- pos_file_compaction_interval 3m
- skip_refresh_on_startup true
- tag k8s.glbc
-
- @type kubernetes
-
-
-
-
- @type tail
- @id in_tail_cluster_autoscaler
- path /var/log/cluster-autoscaler.log
- pos_file /var/log/{{.ID}}-fluentd-cluster-autoscaler.log.pos
- pos_file_compaction_interval 3m
- skip_refresh_on_startup true
- tag k8s.cluster-autoscaler
-
- @type kubernetes
-
-
+
+
+ @type tail
+ @id in_tail_minion
+ path /var/log/salt/minion
+ pos_file /var/log/{{.ID}}-fluentd-salt.pos
+ pos_file_compaction_interval 3m
+ skip_refresh_on_startup true
+ tag salt
+
+ @type regexp
+ expression /^(?
+
+
+
+
+
+ @type tail
+ @id in_tail_startupscript
+ path /var/log/startupscript.log
+ pos_file /var/log/{{.ID}}-fluentd-startupscript.log.pos
+ tag startupscript
+ pos_file_compaction_interval 3m
+ skip_refresh_on_startup true
+
+ @type syslog
+
+
+
+
+
+
+ @type tail
+ @id in_tail_docker
+ path /var/log/docker.log
+ pos_file /var/log/{{.ID}}-fluentd-docker.log.pos
+ pos_file_compaction_interval 3m
+ skip_refresh_on_startup true
+ tag docker
+
+ @type regexp
+ expression /^time="(?
+
+
+
+
+
+ @type tail
+ @id in_tail_etcd
+ path /var/log/etcd.log
+ pos_file /var/log/{{.ID}}-fluentd-etcd.log.pos
+ pos_file_compaction_interval 3m
+ skip_refresh_on_startup true
+ tag k8s.etcd
+
+ @type none
+
+
+
+
+
+
+ @type tail
+ @id in_tail_kubelet
+ path /var/log/kubelet.log
+ pos_file /var/log/{{.ID}}-fluentd-kubelet.log.pos
+ tag k8s.kubelet
+
+ @type kubernetes
+
+
+
+
+
+
+ @type tail
+ @id in_tail_kube_proxy
+ path /var/log/kube-proxy.log
+ pos_file /var/log/{{.ID}}-fluentd-kube-proxy.log.pos
+ pos_file_compaction_interval 3m
+ skip_refresh_on_startup true
+ tag k8s.kube-proxy
+
+ @type kubernetes
+
+
+
+
+
+
+ @type tail
+ @id in_tail_kube_apiserver
+ path /var/log/kube-apiserver.log
+ pos_file /var/log/{{.ID}}-fluentd-kube-apiserver.log.pos
+ pos_file_compaction_interval 3m
+ skip_refresh_on_startup true
+ tag k8s.kube-apiserver
+
+ @type kubernetes
+
+
+
+
+
+
+ @type tail
+ @id in_tail_kube_controller_manager
+ path /var/log/kube-controller-manager.log
+ pos_file /var/log/{{.ID}}-fluentd-kube-controller-manager.log.pos
+ tag k8s.kube-controller-manager
+
+ @type kubernetes
+
+
+
+
+
+
+ @type tail
+ @id in_tail_kube_scheduler
+ path /var/log/kube-scheduler.log
+ pos_file /var/log/{{.ID}}-fluentd-kube-scheduler.log.pos
+ pos_file_compaction_interval 3m
+ skip_refresh_on_startup true
+ tag k8s.kube-scheduler
+
+ @type kubernetes
+
+
+
+
+
+
+ @type tail
+ @id in_tail_rescheduler
+ path /var/log/rescheduler.log
+ pos_file /var/log/{{.ID}}-fluentd-rescheduler.log.pos
+ pos_file_compaction_interval 3m
+ skip_refresh_on_startup true
+ tag k8s.rescheduler
+
+ @type kubernetes
+
+
+
+
+
+
+ @type tail
+ @id in_tail_glbc
+ path /var/log/glbc.log
+ pos_file /var/log/{{.ID}}-fluentd-glbc.log.pos
+ pos_file_compaction_interval 3m
+ skip_refresh_on_startup true
+ tag k8s.glbc
+
+ @type kubernetes
+
+
+
+
+
+
+ @type tail
+ @id in_tail_cluster_autoscaler
+ path /var/log/cluster-autoscaler.log
+ pos_file /var/log/{{.ID}}-fluentd-cluster-autoscaler.log.pos
+ pos_file_compaction_interval 3m
+ skip_refresh_on_startup true
+ tag k8s.cluster-autoscaler
+
+ @type kubernetes
+
+
+
# Example:
# 2017-02-09T00:15:57.992775796Z AUDIT: id="90c73c7c-97d6-4b65-9461-f94606ff825f" ip="104.132.1.72" method="GET" user="kubecfg" as="" asgroups="" namespace="default" uri="/api/v1/namespaces/default/pods"
# 2017-02-09T00:15:57.993528822Z AUDIT: id="90c73c7c-97d6-4b65-9461-f94606ff825f" response="200"
-
- @type tail
- @id in_tail_kube_apiserver_audit
- multiline_flush_interval 5s
- path /var/log/kubernetes/kube-apiserver-audit.log
- pos_file /var/log/{{.ID}}-kube-apiserver-audit.log.pos
- pos_file_compaction_interval 3m
- skip_refresh_on_startup true
- tag k8s.kube-apiserver-audit
-
- @type multiline
- format_firstline /^\S+\s+AUDIT:/
- # Fields must be explicitly captured by name to be parsed into the record.
- # Fields may not always be present, and order may change, so this just looks
- # for a list of key="\"quoted\" value" pairs separated by spaces.
- # Unknown fields are ignored.
- # Note: We can't separate query/response lines as format1/format2 because
- # they don't always come one after the other for a given query.
- format1 /^(?
-
+
+
+ @type tail
+ @id in_tail_kube_apiserver_audit
+ multiline_flush_interval 5s
+ path /var/log/kubernetes/kube-apiserver-audit.log
+ pos_file /var/log/{{.ID}}-kube-apiserver-audit.log.pos
+ pos_file_compaction_interval 3m
+ skip_refresh_on_startup true
+ tag k8s.kube-apiserver-audit
+
+ @type multiline
+ format_firstline /^\S+\s+AUDIT:/
+ # Fields must be explicitly captured by name to be parsed into the record.
+ # Fields may not always be present, and order may change, so this just looks
+ # for a list of key="\"quoted\" value" pairs separated by spaces.
+ # Unknown fields are ignored.
+ # Note: We can't separate query/response lines as format1/format2 because
+ # they don't always come one after the other for a given query.
+ format1 /^(?
+
+
diff --git a/config-reloader/templates/systemd.conf b/config-reloader/templates/systemd.conf
index fb8348d..6db30cb 100644
--- a/config-reloader/templates/systemd.conf
+++ b/config-reloader/templates/systemd.conf
@@ -2,52 +2,59 @@
# https://github.com/fluent/fluentd-kubernetes-daemonset/blob/master/docker-image/v1.11/debian-elasticsearch7/conf/systemd.conf
# Logs from systemd-journal for interesting services.
-
- @type systemd
- @id in_systemd_kubelet
- matches [{ "_SYSTEMD_UNIT": "kubelet.service" }]
-
- @type local
- persistent true
- path /var/log/{{.ID}}-fluentd-journald-kubelet-cursor.json
-
-
- fields_strip_underscores true
-
- read_from_head true
- tag kubelet
-
+
+
+
+ @type systemd
+ @id in_systemd_kubelet
+ matches [{ "_SYSTEMD_UNIT": "kubelet.service" }]
+
+ @type local
+ persistent true
+ path /var/log/{{.ID}}-fluentd-journald-kubelet-cursor.json
+
+
+ fields_strip_underscores true
+
+ read_from_head true
+ tag kubelet
+
+
# Logs from docker-systemd
-
- @type systemd
- @id in_systemd_docker
- matches [{ "_SYSTEMD_UNIT": "docker.service" }]
-
- @type local
- persistent true
- path /var/log/{{.ID}}-fluentd-journald-docker-cursor.json
-
-
- fields_strip_underscores true
-
- read_from_head true
- tag docker.systemd
-
+
+
+ @type systemd
+ @id in_systemd_docker
+ matches [{ "_SYSTEMD_UNIT": "docker.service" }]
+
+ @type local
+ persistent true
+ path /var/log/{{.ID}}-fluentd-journald-docker-cursor.json
+
+
+ fields_strip_underscores true
+
+ read_from_head true
+ tag docker.systemd
+
+
# Logs from systemd-journal for interesting services.
-
- @type systemd
- @id in_systemd_bootkube
- matches [{ "_SYSTEMD_UNIT": "bootkube.service" }]
-
- @type local
- persistent true
- path /var/log/{{.ID}}-fluentd-journald-bootkube-cursor.json
-
-
- fields_strip_underscores true
-
- read_from_head true
- tag bootkube
-
+
+
+ @type systemd
+ @id in_systemd_bootkube
+ matches [{ "_SYSTEMD_UNIT": "bootkube.service" }]
+
+ @type local
+ persistent true
+ path /var/log/{{.ID}}-fluentd-journald-bootkube-cursor.json
+
+
+ fields_strip_underscores true
+
+ read_from_head true
+ tag bootkube
+
+