File tree Expand file tree Collapse file tree 3 files changed +120
-0
lines changed
Expand file tree Collapse file tree 3 files changed +120
-0
lines changed Original file line number Diff line number Diff line change 2626 secretKeyRef :
2727 name : permitio-pdp-secret
2828 key : ApiKey
29+ {{- if .Values.pdp.logs_forwarder.enabled }}
30+ - name : PDP_OPA_DECISION_LOG_CONSOLE
31+ value : " true"
32+ - name : OPAL_LOG_TO_FILE
33+ value : " true"
34+ - name : OPAL_LOG_FILE_PATH
35+ value : " /tmp/pdp.log"
36+ {{- end }}
37+ {{- if .Values.pdp.debug_mode }}
38+ - name : PDP_DEBUG
39+ value : " true"
40+ {{- end }}
2941 livenessProbe :
3042 httpGet :
3143 path : /health
3850 port : 7000
3951 initialDelaySeconds : 10
4052 periodSeconds : 10
53+ {{- if .Values.pdp.logs_forwarder.enabled }}
54+ volumeMounts :
55+ - name : logs
56+ mountPath : /tmp/
57+ {{- end }}
4158 resources : {}
59+ {{- if .Values.pdp.logs_forwarder.enabled }}
60+ - name : fluentbit
61+ image : fluent/fluent-bit:3.1.4
62+ volumeMounts :
63+ - name : fluent-bit-config
64+ mountPath : /fluent-bit/etc
65+ readOnly : true
66+ - name : logs
67+ mountPath : /tmp/
68+ env :
69+ - name : APP_NAME
70+ valueFrom :
71+ fieldRef :
72+ fieldPath : metadata.labels['app']
73+ {{- end }}
74+ {{- if .Values.pdp.logs_forwarder.enabled }}
75+ volumes :
76+ - name : fluent-bit-config
77+ configMap :
78+ name : fluentbit-config
79+ - name : logs
80+ emptyDir : {}
81+ {{- end }}
Original file line number Diff line number Diff line change 1+ {{ if .Values.pdp.logs_forwarder.enabled }}
2+ apiVersion : v1
3+ kind : ConfigMap
4+ metadata :
5+ name : fluentbit-config
6+ data :
7+ fluent-bit.conf : |
8+ [SERVICE]
9+ Flush 1
10+ Log_Level {{ if .Values.pdp.logs_forwarder.debug_mode }}debug{{ else }}info{{ end }}
11+ HTTP_Server On
12+ HTTP_Listen 0.0.0.0
13+ HTTP_Port 2020
14+
15+ [INPUT]
16+ Name tail
17+ Path /tmp/pdp.log
18+ Tag kube.*
19+ DB /var/log/flb_kube.db
20+ Mem_Buf_Limit 5MB
21+ Skip_Long_Lines On
22+
23+ [FILTER]
24+ Name grep
25+ Match kube.*
26+ Regex log "Decision Log.*{.*}"
27+
28+ [FILTER]
29+ Name lua
30+ Match kube.*
31+ script /fluent-bit/etc/filter.lua
32+ call process_log
33+
34+ {{- if eq .Values.pdp.logs_forwarder.type "stdout" }}
35+ [OUTPUT]
36+ Name stdout
37+ Match *
38+ {{- else if eq .Values.pdp.logs_forwarder.type "elasticsearch" }}
39+ [OUTPUT]
40+ Name es
41+ Match *
42+ Host {{ .Values.pdp.logs_forwarder.elasticsearch.host }}
43+ Index {{ .Values.pdp.logs_forwarder.elasticsearch.index }}
44+ Port {{ .Values.pdp.logs_forwarder.elasticsearch.port }}
45+ tls On
46+ tls.verify Off
47+ Cloud_Auth {{ .Values.pdp.logs_forwarder.elasticsearch.cloud_auth }}
48+ Suppress_Type_Name On
49+ Retry_Limit False
50+ {{- end }}
51+
52+ filter.lua : |
53+ function process_log(tag, timestamp, record)
54+ local log_message = record["log"]
55+
56+ if log_message then
57+ log_message = log_message:gsub('\\\\"', '\\"')
58+ log_message = log_message:gsub('\\"', '"')
59+ log_message = log_message:gsub('\\\\', '\\')
60+ end
61+
62+ local json_data = string.match(log_message, '{"decision_id":.*}')
63+
64+ if json_data then
65+ return 1, timestamp, { log = json_data }
66+ else
67+ return -1, timestamp, record
68+ end
69+ end
70+ {{- end }}
Original file line number Diff line number Diff line change 66 repository : permitio/pdp-v2
77 tag : latest
88 pullPolicy : Always
9+ logs_forwarder :
10+ enabled : false
11+ debug_mode : false
12+ type : " stdout" # 'stdout' or 'elasticsearch'
13+ elasticsearch :
14+ host : " <elasticsearch host>"
15+ cloud_auth : " <{user}:{password}>"
16+ port : 443
17+ index : " <elasticsearch index>"
18+ debug_mode : false
You can’t perform that action at this time.
0 commit comments