The log-shipper module: Custom Resources

ClusterLogDestination

Scope: Cluster
Version: v1alpha1

CustomResource for storage in log-pipeline.

Each CR ClusterLogDestination descride one log storage, which you can use in many log sources.

metadata.name — is an upstream name, whick you should use in CR ClusterLoggingConfig.

spec (object)
Required value.
- elasticsearch (object)
  - auth (object)
    - awsAccessKey (string)
      Base64 encoded AWS ACCESS_KEY.
    - awsAssumeRole (string)
      The ARN of an IAM role to assume at startup.
    - awsRegion (string)
      AWS region for aws authentication.
    - awsSecretKey (string)
      Base64 encoded AWS SECRET_KEY.
    - password (string)
      Base64 encoded basic authentication password.
    - strategy (string)
      The authentication strategy to use.
      
      Default: "Basic"
      
      Allowed values: Basic, AWS
    - user (string)
      The basic authentication user name.
  - endpoint (string)
    The base URL of the Elasticsearch instance.
    
    Required value.
  - index (string)
    Index name to write events to.
  - pipeline (string)
    Name of the pipeline to apply.
  - tls (object)
    Configures the TLS options for outgoing connections.
    - caFile (string)
      Base64 encoded CA certificate in PEM format.
    - clientCrt (object)
      Configures client certificate for outgoing connections.
      - crtFile (string)
        Base64 encoded certificate in PEM format. keyFile Must also be set.
        
        Required value.
      - keyFile (string)
        Base64 encoded private key in PEM format (PKCS#8). If this is set, crtFile must also be set.
        
        Required value.
      - keyPass (string)
        Base64 encoded pass phrase used to unlock the encrypted key file.
    - verifyHostname (boolean)
      Vector will validate the TLS certificate of the remote host.
      
      Default: true
- extraLabels (object)
  A set of labels that will be attached to each batch of events. You can use simple templating here: {{ app }}. There are some reserved keys:
  - parsed_data
  - pod
  - pod_labels
  - pod_ip
  - namespace
  - image
  - container
  - node
  - pod_owner More about field path notation
  Example:
```
extraLabels:
  forwarder: vector
  key: value
  app_info: "{{ app }}"
  array_member: "{{ array[0] }}"
  symbol_escating_value: "{{ pay\.day }}"
```
- logstash (object)
  - endpoint (string)
    The base URL of the Loki instance.
    
    Required value.
  - tls (object)
    Configures the TLS options for outgoing connections.
    - caFile (string)
      Base64 encoded CA certificate in PEM format.
    - clientCrt (object)
      Configures client certificate for outgoing connections.
      - crtFile (string)
        Base64 encoded certificate in PEM format. keyFile Must also be set.
        
        Required value.
      - keyFile (string)
        Base64 encoded private key in PEM format (PKCS#8). If this is set, crtFile must also be set.
        
        Required value.
      - keyPass (string)
        Base64 encoded pass phrase used to unlock the encrypted key file.
    - verifyCertificate (boolean)
      Vector will validate the configured remote host name against the remote host’s TLS certificate.
      
      Default: true
    - verifyHostname (boolean)
      Vector will validate the TLS certificate of the remote host.
      
      Default: true
- loki (object)
  - auth (object)
    - password (string)
      Base64 encoded basic authentication password.
    - strategy (string)
      The authentication strategy to use.
      
      Default: "Basic"
      
      Allowed values: Basic, Bearer
    - token (string)
      The token to use for bearer authentication.
    - user (string)
      The basic authentication user name.
  - endpoint (string)
    The base URL of the Loki instance.
    
    Required value.
  - tls (object)
    Configures the TLS options for outgoing connections.
    - caFile (string)
      Base64 encoded CA certificate in PEM format.
    - clientCrt (object)
      Configures client certificate for outgoing connections.
      - crtFile (string)
        Base64 encoded certificate in PEM format. keyFile Must also be set.
        
        Required value.
      - keyFile (string)
        Base64 encoded private key in PEM format (PKCS#8). If this is set, crtFile must also be set.
        
        Required value.
      - keyPass (string)
        Base64 encoded pass phrase used to unlock the encrypted key file.
    - verifyHostname (boolean)
      Vector will validate the TLS certificate of the remote host.
      
      Default: true
- type (string)
  Set on of possible output destinations.
  
  Allowed values: Loki, Elasticsearch, Logstash
  
  Required value.

ClusterLoggingConfig

Scope: Cluster
Version: v1alpha1

CustomResource for source in log-pipeline.

Each CustomResource ClusterLoggingConfig describes rules for log fetching from cluster.

spec (object)
Required value.
- destinationRefs (array of strings)
  Array of ClusterLogDestination CustomResource names which this source will output with. Fields with float or boolean values will be converted to string.
  
  Required value.
- file (object)
  - exclude (array of strings)
    Array of file patterns to exclude.
    
    Example: "/var/log/nginx/error.log", "/var/log/audit.log"
  - include (array of strings)
    Array of file patterns to include.
    
    Example: "/var/log/*.log", "/var/log/nginx/*.log"
  - lineDelimiter (string)
    String sequence used to separate one file line from another.
    
    Example: "\r\n"
- kubernetesPods (object)
  Default: {}
  - labelSelector (object)
    Specifies the label selector to filter Pods with.
    
    You can get more into here.
    - matchExpressions (array of objects)
      List of label expressions for Pods.
      
      Example:
      matchExpressions: - key: tier operator": In values: - production - staging
      - key (string)
        Required value.
      - operator (string)
        Allowed values: In, NotIn, Exists, DoesNotExist
        
        Required value.
      - values (array of strings)
    - matchLabels (object)
      List of labels which Pod should have.
      
      Example: ["foo","bar"], ["baz","whooo"]
  - namespaceSelector (object)
    Specifies the Namespace selector to filter Pods with.
    - matchNames (array of strings)
- logFilter (array of objects)
  List of filter for logs. Only matched lines would be stored to log destination.
  
  Example:
```
logFilter:
- field: tier
  operator: Exists
- field: tier
  operator: In
  values:
  - production
  - staging
- field: foo
  operator: NotIn
  values: 
  - dev
  - 42
  - "true"
  - "3.14"
- field: bar
  operator: Regex
  values:
  - ^abc
  - ^\d.+$
```
  - field (string)
    Field name for filtering.
    
    Required value.
  - operator (string)
    Operator for log field comparations:
    - In operator find substring in string
    - NotIn operator is negative version of In operator
    - Regex operator is trying to match regexp over field, only log events with matching fields will pass
    - NotRegex operator is negative version of Regex operator, log events without fields or with not matched fields will pass
    - Exists operator drop log event if it contains some fields
    - DoesNotExist operator drop log event if it does not contain some fields
    Allowed values: In, NotIn, Regex, NotRegex, Exists, DoesNotExist
    
    Required value.
  - values (array)
    Array of ClusterLogDestination CustomResource names which this source will output with. Fields with float or boolean values will be converted to strings during comparation.
- type (string)
  Set on of possible input sources.
  
  KubernetesPods source reads logs from Kubernetes Pods.
  
  File source reads local file from node filesystem.
  
  Allowed values: KubernetesPods, File
  
  Required value.

PodLoggingConfig

Scope: Namespaced
Version: v1alpha1

CustomResource for namespaced Kubernetes source in log-pipeline.

Each CustomResource PodLoggingConfig describes rules for log fetching from specified Namespace.

spec (object)
Required value.
- clusterDestinationRefs (array of strings)
  Array of ClusterLogDestination CustomResource names which this source will output with.
  
  Required value.
- labelSelector (object)
  Specifies the label selector to filter Pods with.
  
  You can get more into here.
  - matchExpressions (array of objects)
    List of label expressions for Pods.
    
    Example:
    matchExpressions: - key: tier operator": In values: - production - staging
    - key (string)
      Required value.
    - operator (string)
      Allowed values: In, NotIn, Exists, DoesNotExist
      
      Required value.
    - values (array of strings)
  - matchLabels (object)
    List of labels which Pod should have.
    
    Example: ["foo","bar"], ["baz","whooo"]
- logFilter (array of objects)
  List of filter for logs. Only matched lines would be stored to log destination.
  
  Example:
```
logFilter:
- field: tier
  operator: Exists
- field: tier
  operator: In
  values:
  - production
  - staging
- field: foo
  operator: NotIn
  values: 
  - dev
  - 42
  - "true"
  - "3.14"
- field: bar
  operator: Regex
  values:
  - ^abc
  - ^\d.+$
```
  - field (string)
    Field name for filtering.
    
    Required value.
  - operator (string)
    Operator for log field comparations:
    - In operator find substring in string
    - NotIn operator is negative version of In operator
    - Regex operator is trying to match regexp over field, only log events with matching fields will pass
    - NotRegex operator is negative version of Regex operator, log events without fields or with not matched fields will pass
    - Exists operator drop log event if it contains some fields
    - DoesNotExist operator drop log event if it does not contain some fields
    Allowed values: In, NotIn, Regex, NotRegex, Exists, DoesNotExist
    
    Required value.
  - values (array)
    Array of ClusterLogDestination CustomResource names which this source will output with. Fields with float or boolean values will be converted to strings during comparation.