configuration added
This commit is contained in:
parent
1f429f079b
commit
f9c880549d
6 changed files with 6 additions and 183 deletions
|
|
@ -1,5 +1,4 @@
|
|||
alloy:
|
||||
|
||||
extraPorts:
|
||||
- name: "tcpsocket"
|
||||
port: 1514
|
||||
|
|
@ -80,6 +79,10 @@ alloy:
|
|||
|
||||
}
|
||||
|
||||
loki.source.kubernetes "all_pod_logs" {
|
||||
targets = discovery.relabel.pod_logs.output
|
||||
forward_to = [loki.write.local_loki.receiver]
|
||||
}
|
||||
|
||||
loki.source.syslog "tcp_socket" {
|
||||
listener {
|
||||
|
|
|
|||
|
|
@ -1,29 +0,0 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: openbao-logging-setup
|
||||
namespace: argocd
|
||||
labels:
|
||||
env: dev
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: default
|
||||
source:
|
||||
repoURL: https://{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder
|
||||
targetRevision: HEAD
|
||||
path: "stacks/ref-implementation/openbao-logging"
|
||||
destination:
|
||||
server: "https://kubernetes.default.svc"
|
||||
namespace: openbao
|
||||
syncPolicy:
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
automated:
|
||||
selfHeal: true
|
||||
retry:
|
||||
limit: -1
|
||||
backoff:
|
||||
duration: 15s
|
||||
factor: 1
|
||||
maxDuration: 15s
|
||||
|
|
@ -1,37 +0,0 @@
|
|||
apiVersion: apps/v1
|
||||
kind: DaemonSet
|
||||
metadata:
|
||||
name: openbao-logging-dir
|
||||
namespace: openbao
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
app: openbao-logging-dir
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: openbao-logging-dir
|
||||
spec:
|
||||
initContainers:
|
||||
- name: creator
|
||||
image: busybox
|
||||
command: ["/bin/sh", "-c"]
|
||||
args:
|
||||
- |
|
||||
set -e
|
||||
mkdir -p /var/log/openbao
|
||||
chown 100:100 /var/log/openbao
|
||||
securityContext:
|
||||
runAsUser: 0
|
||||
volumeMounts:
|
||||
- name: host-log
|
||||
mountPath: /var/log
|
||||
containers:
|
||||
- name: running-container
|
||||
image: busybox
|
||||
command: ["sleep", "infinity"]
|
||||
volumes:
|
||||
- name: host-log
|
||||
hostPath:
|
||||
path: /var/log
|
||||
type: Directory
|
||||
|
|
@ -1,56 +0,0 @@
|
|||
apiVersion: apps/v1
|
||||
kind: DaemonSet
|
||||
metadata:
|
||||
name: openbao-logrotate
|
||||
namespace: openbao
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
app: openbao-logrotate
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: openbao-logrotate
|
||||
spec:
|
||||
containers:
|
||||
- name: logrotate
|
||||
image: alpine
|
||||
command: ["/bin/sh", "-c"]
|
||||
args:
|
||||
- |
|
||||
apk add --no-cache logrotate
|
||||
while true; do logrotate -f /etc/logrotate.d/openbao; sleep 60; done
|
||||
volumeMounts:
|
||||
- name: logrotate-config
|
||||
mountPath: /etc/logrotate.d/openbao
|
||||
subPath: openbao
|
||||
- name: host-log
|
||||
mountPath: /var/log/openbao
|
||||
volumes:
|
||||
- name: logrotate-config
|
||||
configMap:
|
||||
name: openbao-logrotate-config
|
||||
- name: host-log
|
||||
hostPath:
|
||||
path: /var/log
|
||||
type: Directory
|
||||
---
|
||||
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: openbao-logrotate-config
|
||||
namespace: openbao
|
||||
data:
|
||||
openbao: |
|
||||
/var/log/openbao/openbao/*.log {
|
||||
size 5k
|
||||
rotate 7
|
||||
compress
|
||||
missingok
|
||||
notifempty
|
||||
postrotate
|
||||
mkdir pupa
|
||||
kill -SIGHUP $(pidof bao)
|
||||
endscript
|
||||
}
|
||||
|
|
@ -1,26 +0,0 @@
|
|||
# apiVersion: v1
|
||||
# kind: ConfigMap
|
||||
# metadata:
|
||||
# name: sidecar-container-alloy-config
|
||||
# data:
|
||||
# config.alloy: |
|
||||
# logging {
|
||||
# level = "info"
|
||||
# format = "logfmt"
|
||||
# }
|
||||
|
||||
# loki.write "local_loki" {
|
||||
# endpoint {
|
||||
# url = "http://loki-loki-distributed-gateway.monitoring.svc.cluster.local/loki/api/v1/push"
|
||||
# }
|
||||
# }
|
||||
|
||||
# local.file_match "applogs" {
|
||||
# path_targets = [{"__path__" = "/openbao/logs/*"}]
|
||||
# sync_period = "5s"
|
||||
# }
|
||||
|
||||
# loki.source.file "openbao_logs" {
|
||||
# targets = local.file_match.applogs.targets
|
||||
# forward_to = [loki.write.local_loki.receiver]
|
||||
# }
|
||||
|
|
@ -1,35 +1,4 @@
|
|||
server:
|
||||
# extraContainers:
|
||||
# - name: grafana-alloy
|
||||
# image: grafana/alloy:latest
|
||||
# ports:
|
||||
# - containerPort: 12345
|
||||
# securityContext:
|
||||
# runAsUser: 100
|
||||
# volumeMounts:
|
||||
# - name: alloy-data
|
||||
# mountPath: /var/lib/alloy
|
||||
# - name: config-volume
|
||||
# mountPath: /etc/alloy
|
||||
# - name: host-log-storage
|
||||
# mountPath: /openbao/logs
|
||||
|
||||
volumes:
|
||||
# - name: alloy-data
|
||||
# emptyDir: {}
|
||||
# - name: config-volume
|
||||
# configMap:
|
||||
# name: sidecar-container-alloy-config
|
||||
- name: host-log-storage
|
||||
hostPath:
|
||||
path: /var/log
|
||||
type: Directory
|
||||
|
||||
volumeMounts:
|
||||
- mountPath: /openbao/logs
|
||||
name: host-log-storage
|
||||
readOnly: false
|
||||
|
||||
postStart:
|
||||
- sh
|
||||
- -c
|
||||
|
|
@ -46,7 +15,6 @@ server:
|
|||
echo $(grep "Unseal Key 5:" /tmp/init.txt | awk '{print $NF}')| cat > /openbao/data/unseal_key5.txt
|
||||
bao login $(grep "Initial Root Token:" /tmp/init.txt | awk '{print $NF}')
|
||||
rm /tmp/init.txt
|
||||
bao audit enable -path="stdout" file file_path=stdout
|
||||
bao audit enable -path="file" file file_path=/openbao/logs/openbao/openbao.log
|
||||
bao audit enable socket address=alloy.monitoring.svc.cluster.local:1514 socket_type=tcp
|
||||
ui:
|
||||
enabled: true
|
||||
Loading…
Reference in a new issue