Skip to content

Commit 81cd1a7

Browse files
igonzalezcligonzalezcl
committed
(merken) install sofware base
1 parent 5a19db1 commit 81cd1a7

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

56 files changed

+1181
-0
lines changed

fleet/lib/alloy/fleet.yaml

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -44,3 +44,13 @@ targetCustomizations:
4444
helm:
4545
valuesFiles:
4646
- overlays/antu/values.yaml
47+
- name: merken
48+
clusterSelector:
49+
matchExpressions:
50+
- key: management.cattle.io/cluster-display-name
51+
operator: In
52+
values:
53+
- merken
54+
helm:
55+
valuesFiles:
56+
- overlays/merken/values.yaml

fleet/lib/alloy/overlays/merken/values.yaml

Lines changed: 349 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,349 @@
1+
service:
2+
enabled: true
3+
type: LoadBalancer
4+
annotations:
5+
metallb.universe.tf/loadBalancerIPs: 139.229.161.80
6+
7+
controller:
8+
type: deployment
9+
replicaCount: 2
10+
11+
alloy:
12+
mounts:
13+
varlog: false
14+
extraPorts:
15+
- name: syslog-tcp
16+
port: 1514
17+
targetPort: 1514
18+
protocol: TCP
19+
- name: pfsense-udp
20+
port: 5141
21+
targetPort: 5141
22+
protocol: UDP
23+
- name: network-udp
24+
port: 5142
25+
targetPort: 5142
26+
protocol: UDP
27+
- name: openvpn-udp
28+
port: 5143
29+
targetPort: 5143
30+
protocol: UDP
31+
- name: rsyslog-udp
32+
port: 5514
33+
targetPort: 5514
34+
protocol: UDP
35+
- name: otelhttp
36+
port: 4318
37+
targetPort: 4318
38+
protocol: TCP
39+
configMap:
40+
content: |
41+
logging {
42+
level = "{{ default "info" (get (default (dict) .ClusterLabels) "log_level") }}"
43+
format = "logfmt"
44+
}
45+
46+
local.file_match "node_logs" {
47+
path_targets = [{
48+
__path__ = "/var/log/*.log",
49+
job = "node/syslog",
50+
node_name = sys.env("HOSTNAME"),
51+
cluster = "${ get .ClusterLabels "management.cattle.io/cluster-display-name" }",
52+
}]
53+
}
54+
55+
loki.source.file "node_logs" {
56+
targets = local.file_match.node_logs.targets
57+
forward_to = [loki.write.send.receiver]
58+
}
59+
60+
discovery.kubernetes "pod" {
61+
role = "pod"
62+
}
63+
64+
discovery.relabel "pod_logs" {
65+
targets = discovery.kubernetes.pod.targets
66+
67+
rule {
68+
source_labels = ["__meta_kubernetes_namespace"]
69+
action = "replace"
70+
target_label = "namespace"
71+
}
72+
73+
rule {
74+
source_labels = ["__meta_kubernetes_pod_name"]
75+
action = "replace"
76+
target_label = "pod"
77+
}
78+
79+
rule {
80+
source_labels = ["__meta_kubernetes_pod_container_name"]
81+
action = "replace"
82+
target_label = "container"
83+
}
84+
85+
rule {
86+
source_labels = ["__meta_kubernetes_pod_label_app_kubernetes_io_name"]
87+
action = "replace"
88+
target_label = "app"
89+
}
90+
91+
rule {
92+
source_labels = ["__meta_kubernetes_namespace", "__meta_kubernetes_pod_container_name"]
93+
action = "replace"
94+
target_label = "job"
95+
separator = "/"
96+
replacement = "$1"
97+
}
98+
99+
rule {
100+
source_labels = ["__meta_kubernetes_pod_uid", "__meta_kubernetes_pod_container_name"]
101+
action = "replace"
102+
target_label = "__path__"
103+
separator = "/"
104+
replacement = "/var/log/pods/*$1/*.log"
105+
}
106+
107+
rule {
108+
source_labels = ["__meta_kubernetes_pod_container_id"]
109+
action = "replace"
110+
target_label = "container_runtime"
111+
regex = "^(\\S+):\\/\\/.+$"
112+
replacement = "$1"
113+
}
114+
}
115+
116+
loki.source.kubernetes "pod_logs" {
117+
targets = discovery.relabel.pod_logs.output
118+
forward_to = [loki.process.pod_logs.receiver]
119+
}
120+
121+
loki.process "pod_logs" {
122+
stage.static_labels {
123+
values = {
124+
cluster = "${ get .ClusterLabels "management.cattle.io/cluster-display-name" }",
125+
job = "k8s/logs",
126+
}
127+
}
128+
129+
stage.json {
130+
expressions = { level = "level" }
131+
}
132+
133+
stage.template {
134+
source = "level"
135+
template = "{{`{{ lower .Value }}`}}"
136+
}
137+
138+
stage.labels {
139+
values = {
140+
severity = "level",
141+
}
142+
}
143+
144+
forward_to = [loki.write.send.receiver]
145+
}
146+
147+
loki.source.kubernetes_events "cluster_events" {
148+
job_name = "k8s/events"
149+
log_format = "logfmt"
150+
forward_to = [
151+
loki.process.cluster_events.receiver,
152+
]
153+
}
154+
155+
loki.process "cluster_events" {
156+
forward_to = [loki.write.send.receiver]
157+
stage.static_labels {
158+
values = {
159+
cluster = "${ get .ClusterLabels "management.cattle.io/cluster-display-name" }",
160+
}
161+
}
162+
stage.regex {
163+
expression = ".*name=(?P<name>[^ ]+).*kind=(?P<kind>[^ ]+).*objectAPIversion=(?P<apiVersion>[^ ]+).*type=(?P<type>[^ ]+).*"
164+
}
165+
stage.labels {
166+
values = {
167+
name = "name",
168+
kind = "kind",
169+
apiVersion = "apiVersion",
170+
type = "type",
171+
}
172+
}
173+
}
174+
175+
discovery.relabel "syslog" {
176+
targets = []
177+
rule {
178+
source_labels = ["__syslog_message_hostname"]
179+
target_label = "host"
180+
}
181+
rule {
182+
source_labels = ["__syslog_message_app_name"]
183+
target_label = "app_name"
184+
}
185+
rule {
186+
source_labels = ["__syslog_message_severity"]
187+
target_label = "severity"
188+
}
189+
}
190+
191+
loki.source.syslog "tcp" {
192+
listener {
193+
address = ":1514"
194+
protocol = "tcp"
195+
labels = {
196+
component = "loki.source.syslog",
197+
protocol = "tcp",
198+
}
199+
}
200+
forward_to = [loki.relabel.relabel.receiver]
201+
}
202+
203+
loki.source.syslog "pfsense" {
204+
listener {
205+
address = ":5141"
206+
protocol = "udp"
207+
labels = { job = "pfsense" }
208+
}
209+
relabel_rules = discovery.relabel.syslog.rules
210+
forward_to = [loki.process.pfsense.receiver]
211+
}
212+
213+
loki.source.syslog "network" {
214+
listener {
215+
address = ":5142"
216+
protocol = "udp"
217+
syslog_format = "rfc3164"
218+
use_incoming_timestamp = true
219+
rfc3164_default_to_current_year = true
220+
labels = { job = "network" }
221+
}
222+
relabel_rules = discovery.relabel.syslog.rules
223+
forward_to = [loki.write.send.receiver]
224+
}
225+
226+
loki.process "pfsense" {
227+
stage.regex {
228+
expression = "^(?P<rule>\\d+),(?P<subrule>[^,]*),(?P<anchor>[^,]*),(?P<tracker>[^,]*),(?P<iface>[^,]*),(?P<reason>[^,]*),(?P<action>[^,]*),(?P<direction>[^,]*),(?P<ipver>\\d),(?P<tos>[^,]*),(?P<ecn>[^,]*),(?P<ttl>\\d+),(?P<id>\\d+),(?P<offset>\\d+),(?P<flags>[^,]*),(?P<proto_id>\\d+),(?P<proto>[^,]*),(?P<length>\\d+),(?P<src_ip>[^,]*),(?P<dst_ip>[^,]*)(?:,(?P<src_port>\\d+),(?P<dst_port>\\d+),(?P<data_len>\\d+)(?:,(?P<tcp_flags>[^,]*),(?P<seq>\\d*),(?P<ack>\\d*),(?P<window>\\d*)(?:,(?P<urg>[^,]*)(?:,(?P<options>[^,]*))?)?)?)?$"
229+
}
230+
231+
stage.labels {
232+
values = {
233+
action = "",
234+
direction = "",
235+
proto = "",
236+
iface = "iface",
237+
rule = "",
238+
dst_port = "dst_port",
239+
dst_ip = "",
240+
}
241+
}
242+
243+
stage.structured_metadata {
244+
values = {
245+
src_ip = "",
246+
dst_ip = "",
247+
src_port = "",
248+
tcp_flags = "",
249+
tracker = "",
250+
}
251+
}
252+
253+
forward_to = [loki.write.send.receiver]
254+
}
255+
256+
otelcol.receiver.otlp "ingest" {
257+
http { endpoint = ":4318" }
258+
output { logs = [otelcol.exporter.loki.to_loki.input] }
259+
}
260+
261+
otelcol.exporter.loki "to_loki" {
262+
forward_to = [loki.write.send.receiver]
263+
}
264+
265+
loki.relabel "relabel" {
266+
rule {
267+
source_labels = ["__syslog_message_hostname"]
268+
target_label = "host"
269+
}
270+
forward_to = [loki.write.send.receiver]
271+
}
272+
273+
loki.process "openvpn" {
274+
275+
stage.regex {
276+
expression = "AUTH (?P<auth_status>SUCCESS|FAILURE)"
277+
}
278+
279+
stage.regex {
280+
expression = "\\[stdout#(?P<stdout_level>\\w+)\\]"
281+
}
282+
283+
stage.regex {
284+
expression = "'status':\\s*(?P<status>\\d+)"
285+
}
286+
287+
stage.regex {
288+
expression = "'user':\\s*'(?P<user>[^']+)'"
289+
}
290+
291+
stage.regex {
292+
expression = "'reason':\\s*'(?P<reason>[^']+)'"
293+
}
294+
295+
stage.regex {
296+
expression = "'session_id':\\s*'(?P<session_id>[^']+)'"
297+
}
298+
299+
stage.regex {
300+
expression = "'common_name':\\s*'(?P<common_name>[^']+)'"
301+
}
302+
303+
stage.regex {
304+
expression = "'auth method':\\s*'(?P<auth_method>[^']+)'"
305+
}
306+
307+
stage.labels {
308+
values = {
309+
auth_status = "",
310+
stdout_level = "",
311+
status = "",
312+
user = "",
313+
common_name = "",
314+
auth_method = "",
315+
}
316+
}
317+
318+
forward_to = [loki.write.send.receiver]
319+
}
320+
321+
loki.source.syslog "openvpn" {
322+
listener {
323+
address = ":5143"
324+
protocol = "udp"
325+
syslog_format = "rfc3164"
326+
use_incoming_timestamp = false
327+
labels = { job = "openvpn" }
328+
}
329+
relabel_rules = discovery.relabel.syslog.rules
330+
forward_to = [loki.process.openvpn.receiver]
331+
}
332+
333+
loki.source.syslog "rsyslog" {
334+
listener {
335+
address = ":5514"
336+
syslog_format = "rfc3164"
337+
use_incoming_timestamp = false
338+
protocol = "udp"
339+
labels = { job = "node/rsyslog" }
340+
}
341+
relabel_rules = discovery.relabel.syslog.rules
342+
forward_to = [loki.write.send.receiver]
343+
}
344+
345+
loki.write "send" {
346+
endpoint {
347+
url = "http://loki-gateway.loki.svc.cluster.local/loki/api/v1/push"
348+
}
349+
}

fleet/lib/kube-prometheus-stack/fleet.yaml

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -75,6 +75,18 @@ targetCustomizations:
7575
- pvc/values.yaml
7676
- aggregator/values.yaml
7777
- overlays/antu/values.yaml
78+
- name: merken
79+
clusterSelector:
80+
matchExpressions:
81+
- key: management.cattle.io/cluster-display-name
82+
operator: In
83+
values:
84+
- merken
85+
helm:
86+
valuesFiles:
87+
- pvc/values.yaml
88+
- aggregator/values.yaml
89+
- overlays/merken/values.yaml
7890
- name: cl-nopvc
7991
clusterSelector:
8092
matchExpressions:

0 commit comments

Comments
 (0)