apiVersion: apps/v1 kind: DaemonSet metadata: name: promtail namespace: veza-production labels: app: promtail component: logging spec: selector: matchLabels: app: promtail template: metadata: labels: app: promtail spec: serviceAccountName: promtail containers: - name: promtail image: grafana/promtail:latest args: - -config.file=/etc/promtail/promtail-config.yaml ports: - name: http containerPort: 9080 volumeMounts: - name: promtail-config mountPath: /etc/promtail - name: varlog mountPath: /var/log readOnly: true - name: varlibdockercontainers mountPath: /var/lib/docker/containers readOnly: true resources: requests: cpu: "100m" memory: "128Mi" limits: cpu: "500m" memory: "512Mi" readinessProbe: httpGet: path: /ready port: 9080 initialDelaySeconds: 10 periodSeconds: 5 livenessProbe: httpGet: path: /metrics port: 9080 initialDelaySeconds: 30 periodSeconds: 10 volumes: - name: promtail-config configMap: name: promtail-config - name: varlog hostPath: path: /var/log - name: varlibdockercontainers hostPath: path: /var/lib/docker/containers --- apiVersion: v1 kind: Service metadata: name: promtail namespace: veza-production labels: app: promtail spec: type: ClusterIP ports: - name: http port: 9080 targetPort: 9080 selector: app: promtail --- apiVersion: v1 kind: ConfigMap metadata: name: promtail-config namespace: veza-production data: promtail-config.yaml: | server: http_listen_port: 9080 grpc_listen_port: 0 positions: filename: /tmp/positions.yaml clients: - url: http://loki:3100/loki/api/v1/push scrape_configs: - job_name: kubernetes-pods kubernetes_sd_configs: - role: pod namespaces: names: - veza-production relabel_configs: - source_labels: [__meta_kubernetes_pod_controller_name] regex: ([0-9a-z-.]+?)(-[0-9a-f]{8,10})? action: replace target_label: __tmp_controller_name - source_labels: [__meta_kubernetes_pod_label_app_kubernetes_io_name] action: replace target_label: app_kubernetes_io_name - source_labels: [__meta_kubernetes_pod_label_app_kubernetes_io_instance] action: replace target_label: app_kubernetes_io_instance - source_labels: [__meta_kubernetes_pod_label_app_kubernetes_io_component] action: replace target_label: app_kubernetes_io_component - action: replace source_labels: [__meta_kubernetes_pod_node_name] target_label: node_name - action: replace source_labels: [__meta_kubernetes_namespace] target_label: namespace - action: replace replacement: $1 separator: / source_labels: [namespace, app_kubernetes_io_name] target_label: job - action: replace source_labels: [__meta_kubernetes_pod_name] target_label: pod - action: replace source_labels: [__meta_kubernetes_pod_container_name] target_label: container - action: replace replacement: /var/log/pods/*$1/*.log separator: / source_labels: [__meta_kubernetes_pod_uid, __meta_kubernetes_pod_container_name] target_label: __path__ - action: replace regex: true/(.*) replacement: /var/log/pods/*$1/*.log separator: / source_labels: [__meta_kubernetes_pod_uid, __meta_kubernetes_pod_container_name] target_label: __path__ --- apiVersion: v1 kind: ServiceAccount metadata: name: promtail namespace: veza-production --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: promtail rules: - apiGroups: [""] resources: - nodes - nodes/proxy - services - endpoints - pods verbs: ["get", "list", "watch"] --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: promtail roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: promtail subjects: - kind: ServiceAccount name: promtail namespace: veza-production