Terraform+Helm release+fluentd in kubernetes

calendar Dec 2, 2020 ·  · Terraform K8s Fluentd  ·
: linkedin copy

step1 the main.tf include following contents:

 1resource "helm_release" "fluentd_server" {
 2  name = "fluentd-server"
 3  repository = "https://charts.bitnami.com/bitnami"
 4  # chart     = "${path.module}/../../../../../charts/fluentd"
 5  version   = "3.1.0"
 6  namespace = "kube-system"
 7
 8  values = [
 9    <<-EOF
10    forwarder:
11      configMap: "fluentd-forwarder-config"
12      rbac:
13        pspEnabled: true
14      resources:
15        limits:
16          memory: 1Gi
17        requests:
18          memory: 512Mi
19    aggregator:
20      replicaCount: 1
21      configMap: "fluentd-elasticsearch-config"
22      resources:
23        limits:
24          memory: 1Gi
25        requests:
26          memory: 512Mi
27      extraEnv:
28        - name: ELASTICSEARCH_HOST
29          value: "${var.es_url}"
30        - name: ELASTICSEARCH_PORT
31          value: "80"
32        - name: ELASTICSEARCH_SCHEME
33          value: "http"        
34      persistence:
35        enabled: true
36        storageClass: gp2
37    EOF
38  ]
39
40  depends_on = [
41    kubernetes_config_map.fluentd_elasticsearch_output,
42    kubernetes_config_map.fluentd_forwarder_config
43  ]
44
45}

step2 the fluentd aggegator configmap config aggregator_configmap.tf

 1resource "kubernetes_config_map" "fluentd_elasticsearch_output" {
 2  metadata {
 3    name = "fluentd-elasticsearch-config"
 4    namespace = "kube-system"
 5  }
 6  data = {
 7    "fluentd.conf" =<<-EOF
 8    # Prometheus Exporter Plugin
 9    # input plugin that exports metrics
10    <source>
11      @type prometheus
12      port 24231
13    </source>
14
15    # input plugin that collects metrics from MonitorAgent
16    <source>
17      @type prometheus_monitor
18      <labels>
19        host $${hostname}
20      </labels>
21    </source>
22
23    # input plugin that collects metrics for output plugin
24    <source>
25      @type prometheus_output_monitor
26      <labels>
27        host $${hostname}
28      </labels>
29    </source>
30
31    # Ignore fluentd own events
32    <match fluent.**>
33      @type null
34    </match>
35
36    # TCP input to receive logs from the forwarders
37    <source>
38      @type forward
39      bind 0.0.0.0
40      port 24224
41    </source>
42
43    # HTTP input for the liveness and readiness probes
44    <source>
45      @type http
46      bind 0.0.0.0
47      port 9880
48    </source>
49
50    # Throw the healthcheck to the standard output instead of forwarding it
51    <match fluentd.healthcheck>
52      @type stdout
53    </match>
54
55    <filter **>
56      @type record_transformer
57      enable_ruby
58      <record>
59        env "${var.environment}"
60      </record>
61    </filter>
62
63    # Send the logs to the standard output
64    <match **>
65      @type elasticsearch_dynamic
66      include_tag_key true
67      host "#{ENV['ELASTICSEARCH_HOST']}"
68      port "#{ENV['ELASTICSEARCH_PORT']}"
69      scheme "#{ENV['ELASTICSEARCH_SCHEME']}"
70      reconnect_on_error true
71      reload_on_failure true
72      reload_connections false
73      logstash_format true
74      include_timestamp true
75      logstash_prefix eks-$${record['kubernetes']['namespace_name']}
76      logstash_dateformat %Y-%m
77
78      <buffer>
79        @type file
80        path /opt/bitnami/fluentd/logs/buffers/logs.buffer
81        flush_thread_count 2
82        flush_interval 5s
83        retry_forever true
84        retry_max_interval 30
85        chunk_limit_size 2M
86        queue_limit_length 32
87        overflow_action block
88      </buffer>
89    </match>
90    <label @ERROR>
91      <match **>
92        @type stdout
93      </match>
94    </label>
95    EOF
96  }
97}

step3 the fluentd forwarder configmap config file forwarder_configmap.tf

 1resource "kubernetes_config_map" "fluentd_forwarder_config" {
 2  metadata {
 3    name = "fluentd-forwarder-config"
 4    namespace = "kube-system"
 5  }
 6  data = {
 7    "fluentd.conf" =<<-EOF
 8    # Ignore fluentd own events
 9    <match fluent.**>
10      @type null
11    </match>
12
13    # HTTP input for the liveness and readiness probes
14    <source>
15      @type http
16      port 9880
17    </source>
18
19    # Throw the healthcheck to the standard output instead of forwarding it
20    <match fluentd.healthcheck>
21      @type stdout
22    </match>
23
24    # Get the logs from the containers running in the node
25    <source>
26      @type tail
27      path /var/log/containers/*.log
28      # exclude Fluentd logs
29      exclude_path /var/log/containers/*fluentd*.log      
30      pos_file /opt/bitnami/fluentd/logs/buffers/fluentd-docker.pos
31      tag eks.*
32      read_from_head true
33      <parse>
34        @type json
35        # @type regexp
36        # expression /^(?<time>.+) (?<stream>stdout|stderr) [^ ]* (?<log>.*)$/
37        time_format %Y-%m-%dT%H:%M:%S.%NZ
38      </parse>
39    </source>
40
41    # enrich with kubernetes metadata
42    <filter eks.**>
43      @type kubernetes_metadata
44    </filter>
45
46    # Forward all logs to the aggregators
47    <match eks.**>
48      @type forward
49      <server>
50        host fluentd-server-headless.kube-system.svc.cluster.local
51        port 24224
52      </server>
53
54      <buffer>
55        @type file
56        path /opt/bitnami/fluentd/logs/buffers/logs.buffer
57        flush_thread_count 2
58        flush_interval 5s
59      </buffer>
60    </match>
61    EOF
62  }
63}