titan-iac/services/logging/fluent-bit-helmrelease.yaml

# services/logging/fluent-bit-helmrelease.yaml
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
  name: fluent-bit
  namespace: logging
spec:
  interval: 15m
  chart:
    spec:
      chart: fluent-bit
      version: "~0.46.0"
      sourceRef:
        kind: HelmRepository
        name: fluent
        namespace: flux-system
  values:
    serviceAccount:
      create: true
    rbac:
      create: true
    tolerations:
      - key: node-role.kubernetes.io/control-plane
        operator: Exists
        effect: NoSchedule
      - key: node-role.kubernetes.io/master
        operator: Exists
        effect: NoSchedule
    extraVolumes:
      - name: runlogjournal
        hostPath:
          path: /run/log/journal
      - name: varlogjournal
        hostPath:
          path: /var/log/journal
    extraVolumeMounts:
      - name: runlogjournal
        mountPath: /run/log/journal
        readOnly: true
      - name: varlogjournal
        mountPath: /var/log/journal
        readOnly: true
    config:
      service: |
        [SERVICE]
            Flush 1
            Log_Level info
            Daemon Off
            Parsers_File parsers.conf
            Parsers_File custom_parsers.conf
            HTTP_Server On
            HTTP_Listen 0.0.0.0
            HTTP_Port 2020
      inputs: |
        [INPUT]
            Name tail
            Tag kube.*
            Path /var/log/containers/*.log
            Exclude_Path /var/log/containers/*_POD_*.log
            Parser cri
            Mem_Buf_Limit 50MB
            Skip_Long_Lines On
            Refresh_Interval 10
            Rotate_Wait 30
            Inotify_Watcher false
            storage.type memory

        [INPUT]
            Name systemd
            Tag journald.*
            Read_From_Tail On
            storage.type memory
      filters: |
        [FILTER]
            Name kubernetes
            Match kube.*
            Kube_URL https://kubernetes.default.svc:443
            Kube_CA_File /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
            Kube_Token_File /var/run/secrets/kubernetes.io/serviceaccount/token
            Merge_Log On
            Keep_Log Off
            K8S-Logging.Parser On
            K8S-Logging.Exclude On
      outputs: |
        [OUTPUT]
            Name loki
            Match kube.*
            Host loki.logging.svc.cluster.local
            Port 3100
            labels {job="fluent-bit", namespace="$kubernetes['namespace_name']", pod="$kubernetes['pod_name']", container="$kubernetes['container_name']"}
            line_format json

        [OUTPUT]
            Name loki
            Match journald.*
            Host loki.logging.svc.cluster.local
            Port 3100
            labels {job="systemd"}
            line_format json