Last active
June 9, 2020 11:58
-
-
Save papanito/71d6fa0847836c64c46ed78336a39549 to your computer and use it in GitHub Desktop.
An example `values.yaml` for installing `helm install k8s-metricbeat stable/metricbeat --namespace kube-system -f k8s-metricbeat.values.yaml`. It does not yet include shipping secret
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # The instances created by daemonset retrieve most metrics from the host | |
| daemonset: | |
| enabled: true | |
| podAnnotations: [] | |
| priorityClassName: "" | |
| tolerations: | |
| - key: node-role.kubernetes.io/master | |
| operator: Exists | |
| effect: NoSchedule | |
| nodeSelector: {} | |
| resources: {} | |
| hostNetwork: true | |
| dnsPolicy: ClusterFirstWithHostNet | |
| config: | |
| metricbeat.config: | |
| modules: | |
| path: ${path.config}/modules.d/*.yml | |
| reload.enabled: false | |
| processors: | |
| - add_cloud_metadata: | |
| output.file: | |
| path: "/usr/share/metricbeat/data" | |
| filename: metricbeat | |
| rotate_every_kb: 10000 | |
| number_of_files: 5 | |
| # If overrideConfig is not empty, metricbeat chart's default config won't be used at all. | |
| overrideConfig: | |
| metricbeat.config.modules: | |
| # Mounted `metricbeat-daemonset-modules` configmap: | |
| path: ${path.config}/modules.d/*.yml | |
| # Reload module configs as they change: | |
| reload.enabled: false | |
| processors: | |
| - add_cloud_metadata: | |
| fields: | |
| logzio_codec: json | |
| token: ${LOGZIO_METRICS_SHIPPING_TOKEN} | |
| cluster: ${CLUSTER_NAME} | |
| type: metricbeat | |
| fields_under_root: true | |
| ignore_older: 3hr | |
| output: | |
| logstash: | |
| hosts: ["${LOGZIO_METRICS_LISTENER_HOST}:5015"] | |
| ssl: | |
| certificate_authorities: ['/etc/pki/tls/certs/SectigoRSADomainValidationSecureServerCA.crt', '/etc/pki/tls/certs/COMODORSADomainValidationSecureServerCA.crt'] | |
| modules: | |
| system: | |
| enabled: true | |
| config: | |
| - module: system | |
| period: 10s | |
| metricsets: | |
| - cpu | |
| - load | |
| - memory | |
| - network | |
| - process | |
| - process_summary | |
| - core | |
| - diskio | |
| - socket | |
| processes: ['.*'] | |
| process.include_top_n: | |
| by_cpu: 5 # include top 5 processes by CPU | |
| by_memory: 5 # include top 5 processes by memory | |
| - module: system | |
| period: 1m | |
| metricsets: | |
| - filesystem | |
| - fsstat | |
| processors: | |
| - drop_event.when.regexp: | |
| system.filesystem.mount_point: '^/(sys|cgroup|proc|dev|etc|host|lib)($|/)' | |
| kubernetes: | |
| enabled: true | |
| config: | |
| - module: kubernetes | |
| metricsets: | |
| - node | |
| - system | |
| - pod | |
| - container | |
| - volume | |
| - state_node | |
| - state_pod | |
| - state_container | |
| period: 10s | |
| host: ${NODE_NAME} | |
| hosts: ["localhost:10255"] | |
| # If using Red Hat OpenShift remove the previous hosts entry and | |
| # uncomment these settings: | |
| # hosts: ["https://${HOSTNAME}:10250"] | |
| # bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token | |
| # ssl.certificate_authorities: | |
| # - /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt | |
| # If overrideModules is not empty, metricbeat chart's default modules won't be used at all. | |
| overrideModules: {} | |
| # The instance created by deployment retrieves metrics that are unique for the whole cluster, like Kubernetes events or kube-state-metrics | |
| deployment: | |
| enabled: true | |
| podAnnotations: [] | |
| priorityClassName: "" | |
| tolerations: [] | |
| nodeSelector: {} | |
| resources: {} | |
| config: | |
| metricbeat.config: | |
| modules: | |
| path: ${path.config}/modules.d/*.yml | |
| reload.enabled: false | |
| processors: | |
| - add_cloud_metadata: | |
| output.file: | |
| path: "/usr/share/metricbeat/data" | |
| filename: metricbeat | |
| rotate_every_kb: 10000 | |
| number_of_files: 5 | |
| # If overrideConfig is not empty, metricbeat chart's default config won't be used at all. | |
| overrideConfig: | |
| metricbeat.config.modules: | |
| # Mounted `metricbeat-daemonset-modules` configmap: | |
| path: ${path.config}/modules.d/*.yml | |
| # Reload module configs as they change: | |
| reload.enabled: false | |
| processors: | |
| - add_cloud_metadata: | |
| fields: | |
| logzio_codec: json | |
| token: ${LOGZIO_METRICS_SHIPPING_TOKEN} | |
| cluster: ${CLUSTER_NAME} | |
| type: metricbeat | |
| fields_under_root: true | |
| ignore_older: 3hr | |
| output: | |
| logstash: | |
| hosts: ["${LOGZIO_METRICS_LISTENER_HOST}:5015"] | |
| ssl: | |
| certificate_authorities: ['/etc/pki/tls/certs/SectigoRSADomainValidationSecureServerCA.crt', '/etc/pki/tls/certs/COMODORSADomainValidationSecureServerCA.crt'] | |
| modules: | |
| kubernetes: | |
| enabled: true | |
| config: | |
| - module: kubernetes | |
| metricsets: | |
| - state_node | |
| - state_deployment | |
| - state_replicaset | |
| - state_pod | |
| - state_container | |
| - event | |
| period: 10s | |
| hosts: ["kube-state-metrics:8080"] | |
| # If overrideModules is not empty, metricbeat chart's default modules won't be used at all. | |
| overrideModules: {} | |
| # List of beat plugins | |
| plugins: [] | |
| # - kinesis.sok8s-metricbeat-5d4c76ffcc-gh5zg | |
| # additional environment | |
| extraEnv: | |
| - name: LOGZIO_METRICS_SHIPPING_TOKEN | |
| valueFrom: | |
| secretKeyRef: | |
| name: logzio-metrics-secret | |
| key: logzio-metrics-shipping-token | |
| - name: LOGZIO_METRICS_LISTENER_HOST | |
| valueFrom: | |
| secretKeyRef: | |
| name: logzio-metrics-secret | |
| key: logzio-metrics-listener-host | |
| - name: KUBE_STATE_METRICS_NAMESPACE | |
| valueFrom: | |
| secretKeyRef: | |
| name: cluster-details | |
| key: kube-state-metrics-namespace | |
| - name: KUBE_STATE_METRICS_PORT | |
| valueFrom: | |
| secretKeyRef: | |
| name: cluster-details | |
| key: kube-state-metrics-port | |
| - name: CLUSTER_NAME | |
| valueFrom: | |
| secretKeyRef: | |
| name: cluster-details | |
| key: cluster-name | |
| # Add additional volumes and mounts, for example to read other log files on the host | |
| extraVolumes: | |
| - name: cert | |
| configMap: | |
| defaultMode: 0600 | |
| name: logzio-cert | |
| - name: old-cert | |
| configMap: | |
| defaultMode: 0600 | |
| name: old-logzio-cert | |
| extraVolumeMounts: | |
| - name: old-cert | |
| mountPath: "/etc/pki/tls/certs/COMODORSADomainValidationSecureServerCA.crt" | |
| readOnly: true | |
| subPath: COMODORSADomainValidationSecureServerCA.crt | |
| - name: cert | |
| mountPath: "/etc/pki/tls/certs/SectigoRSADomainValidationSecureServerCA.crt" | |
| readOnly: true | |
| subPath: SectigoRSADomainValidationSecureServerCA.crt | |
| extraSecrets: | |
| - name: logzio-cert | |
| data: | |
| SectigoRSADomainValidationSecureServerCA.crt: |- | |
| -----BEGIN CERTIFICATE----- | |
| MIIGEzCCA/ugAwIBAgIQfVtRJrR2uhHbdBYLvFMNpzANBgkqhkiG9w0BAQwFADCB | |
| iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl | |
| cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV | |
| BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTgx | |
| MTAyMDAwMDAwWhcNMzAxMjMxMjM1OTU5WjCBjzELMAkGA1UEBhMCR0IxGzAZBgNV | |
| BAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEYMBYGA1UE | |
| ChMPU2VjdGlnbyBMaW1pdGVkMTcwNQYDVQQDEy5TZWN0aWdvIFJTQSBEb21haW4g | |
| VmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENBMIIBIjANBgkqhkiG9w0BAQEFAAOC | |
| AQ8AMIIBCgKCAQEA1nMz1tc8INAA0hdFuNY+B6I/x0HuMjDJsGz99J/LEpgPLT+N | |
| TQEMgg8Xf2Iu6bhIefsWg06t1zIlk7cHv7lQP6lMw0Aq6Tn/2YHKHxYyQdqAJrkj | |
| eocgHuP/IJo8lURvh3UGkEC0MpMWCRAIIz7S3YcPb11RFGoKacVPAXJpz9OTTG0E | |
| oKMbgn6xmrntxZ7FN3ifmgg0+1YuWMQJDgZkW7w33PGfKGioVrCSo1yfu4iYCBsk | |
| Haswha6vsC6eep3BwEIc4gLw6uBK0u+QDrTBQBbwb4VCSmT3pDCg/r8uoydajotY | |
| uK3DGReEY+1vVv2Dy2A0xHS+5p3b4eTlygxfFQIDAQABo4IBbjCCAWowHwYDVR0j | |
| BBgwFoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFI2MXsRUrYrhd+mb | |
| +ZsF4bgBjWHhMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0G | |
| A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAbBgNVHSAEFDASMAYGBFUdIAAw | |
| CAYGZ4EMAQIBMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0 | |
| LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2Bggr | |
| BgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0LmNv | |
| bS9VU0VSVHJ1c3RSU0FBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZaHR0cDov | |
| L29jc3AudXNlcnRydXN0LmNvbTANBgkqhkiG9w0BAQwFAAOCAgEAMr9hvQ5Iw0/H | |
| ukdN+Jx4GQHcEx2Ab/zDcLRSmjEzmldS+zGea6TvVKqJjUAXaPgREHzSyrHxVYbH | |
| 7rM2kYb2OVG/Rr8PoLq0935JxCo2F57kaDl6r5ROVm+yezu/Coa9zcV3HAO4OLGi | |
| H19+24rcRki2aArPsrW04jTkZ6k4Zgle0rj8nSg6F0AnwnJOKf0hPHzPE/uWLMUx | |
| RP0T7dWbqWlod3zu4f+k+TY4CFM5ooQ0nBnzvg6s1SQ36yOoeNDT5++SR2RiOSLv | |
| xvcRviKFxmZEJCaOEDKNyJOuB56DPi/Z+fVGjmO+wea03KbNIaiGCpXZLoUmGv38 | |
| sbZXQm2V0TP2ORQGgkE49Y9Y3IBbpNV9lXj9p5v//cWoaasm56ekBYdbqbe4oyAL | |
| l6lFhd2zi+WJN44pDfwGF/Y4QA5C5BIG+3vzxhFoYt/jmPQT2BVPi7Fp2RBgvGQq | |
| 6jG35LWjOhSbJuMLe/0CjraZwTiXWTb2qHSihrZe68Zk6s+go/lunrotEbaGmAhY | |
| LcmsJWTyXnW0OMGuf1pGg+pRyrbxmRE1a6Vqe8YAsOf4vmSyrcjC8azjUeqkk+B5 | |
| yOGBQMkKW+ESPMFgKuOXwIlCypTPRpgSabuY0MLTDXJLR27lk8QyKGOHQ+SwMj4K | |
| 00u/I5sUKUErmgQfky3xxzlIPK1aEn8= | |
| -----END CERTIFICATE----- | |
| - name: old-logzio-cert | |
| data: | |
| COMODORSADomainValidationSecureServerCA.crt: |- | |
| -----BEGIN CERTIFICATE-k8s-metricbeat-5d4c76ffcc-gh5zgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNV | |
| BAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTQwMjEy | |
| MDAwMDAwWhcNMjkwMjExMjM1OTU5WjCBkDELMAkGA1UEBhMCR0IxGzAZBgNVBAgT | |
| EkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR | |
| Q09NT0RPIENBIExpbWl0ZWQxNjA0BgNVBAMTLUNPTU9ETyBSU0EgRG9tYWluIFZh | |
| bGlkYXRpb24gU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEP | |
| ADCCAQoCggEBAI7CAhnhoFmk6zg1jSz9AdDTScBkxwtiBUUWOqigwAwCfx3M28Sh | |
| bXcDow+G+eMGnD4LgYqbSRutA776S9uMIO3Vzl5ljj4Nr0zCsLdFXlIvNN5IJGS0 | |
| Qa4Al/e+Z96e0HqnU4A7fK31llVvl0cKfIWLIpeNs4TgllfQcBhglo/uLQeTnaG6 | |
| ytHNe+nEKpooIZFNb5JPJaXyejXdJtxGpdCsWTWM/06RQ1A/WZMebFEh7lgUq/51 | |
| UHg+TLAchhP6a5i84DuUHoVS3AOTJBhuyydRReZw3iVDpA3hSqXttn7IzW3uLh0n | |
| c13cRTCAquOyQQuvvUSH2rnlG51/ruWFgqUCAwEAAaOCAWUwggFhMB8GA1UdIwQY | |
| MBaAFLuvfgI9+qbxPISOre44mOzZMjLUMB0GA1UdDgQWBBSQr2o6lFoL2JDqElZz | |
| 30O0Oija5zAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNV | |
| HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwGwYDVR0gBBQwEjAGBgRVHSAAMAgG | |
| BmeBDAECATBMBgNVHR8ERTBDMEGgP6A9hjtodHRwOi8vY3JsLmNvbW9kb2NhLmNv | |
| bS9DT01PRE9SU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDBxBggrBgEFBQcB | |
| AQRlMGMwOwYIKwYBBQUHMAKGL2h0dHA6Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9E | |
| T1JTQUFkZFRydXN0Q0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21v | |
| ZG9jYS5jb20wDQYJKoZIhvcNAQEMBQADggIBAE4rdk+SHGI2ibp3wScF9BzWRJ2p | |
| mj6q1WZmAT7qSeaiNbz69t2Vjpk1mA42GHWx3d1Qcnyu3HeIzg/3kCDKo2cuH1Z/ | |
| e+FE6kKVxF0NAVBGFfKBiVlsit2M8RKhjTpCipj4SzR7JzsItG8kO3KdY3RYPBps | |
| P0/HEZrIqPW1N+8QRcZs2eBelSaz662jue5/DJpmNXMyYE7l3YphLG5SEXdoltMY | |
| dVEVABt0iN3hxzgEQyjpFv3ZBdRdRydg1vs4O2xyopT4Qhrf7W8GjEXCBgCq5Ojc | |
| 2bXhc3js9iPc0d1sjhqPpepUfJa3w/5Vjo1JXvxku88+vZbrac2/4EjxYoIQ5QxG | |
| V/Iz2tDIY+3GH5QFlkoakdH368+PUq4NCNk+qKBR6cGHdNXJ93SrLlP7u3r7l+L4 | |
| HyaPs9Kg4DdbKDsx5Q5XLVq4rXmsXiBmGqW5prU5wfWYQ//u+aen/e7KJD2AFsQX | |
| j4rBYKEMrltDR5FL1ZoXX/nUh8HCjLfn4g8wGTeGrODcQgPmlKidrv0PJFGUzpII | |
| 0fxQ8ANAe4hZ7Q7drNJ3gjTcBpUC2JD5Leo31Rpg0Gcg19hCC0Wvgmje3WYkN5Ap | |
| lBlGGSW4gNfL1IYoakRwJiNiqZ+Gb7+6kHDSVneFeO/qJakXzlByjAA6quPbYzSf | |
| +AZxAeKCINT+b72x | |
| -----END CERTIFICATE----- | |
| # - name: userdata | |
| # data: | |
| # id: userid | |
| # pw: userpassword | |
| resources: | |
| # We usually recommend not to specify default resources and to leave this as a conscious | |
| # choice for the user. This also increases chances charts run on environments with little | |
| # resources, such as Minikube. If you do want to specify resources, uncomment the following | |
| # lines, adjust them as necessary, and remove the curly braces after 'resources:'. | |
| limits: | |
| cpu: 100m | |
| memory: 200Mi | |
| requests: | |
| cpu: 100m | |
| memory: 100Mi | |
| rbac: | |
| # Specifies whether RBAC resources should be created | |
| create: true | |
| pspEnabled: false | |
| # serviceAccount: | |
| # # Specifies whether a ServiceAccount should be created | |
| # create: true | |
| # # The name of the ServiceAccount to use. | |
| # # If not set and create is true, a name is generated using the fullname template | |
| # name: |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment