## Sumo Logic Kubernetes Collection configuration file ## All the comments start with two or more # characters nameOverride: "" fullnameOverride: "" ## Use the same namespace as namespaceOverride in 'kube-prometheus-stack.namespaceOverride' if Prometheus setup is also enabled namespaceOverride: "" sumologic: ### Setup ## If enabled, a pre-install hook will create Collector and Sources in Sumo Logic setupEnabled: true ## If enabled, a pre-delete hook will destroy Collector in Sumo Logic cleanupEnabled: false ## If enabled, accessId and accessKey will be sourced from Secret Name given ## Be sure to include at least the following env variables in your secret ## (1) SUMOLOGIC_ACCESSID, (2) SUMOLOGIC_ACCESSKEY # envFromSecret: sumo-api-secret ## Sumo access ID # accessId: "" ## Sumo access key # accessKey: "" ## Sumo API endpoint; Leave blank for automatic endpoint discovery and redirection ## ref: https://help.sumologic.com/docs/api/getting-started#sumo-logic-endpoints-by-deployment-and-firewall-security endpoint: "" ## proxy urls httpProxy: "" httpsProxy: "" ## Exclude Kubernetes internal traffic from proxy noProxy: kubernetes.default.svc ## Collector name # collectorName: "" ## Cluster name: Note spaces are not allowed and will be replaced with dashes. clusterName: "kubernetes" ## Cluster DNS Domain ## We use the DNS domain in internal urls to speed up DNS resolution, see https://github.com/kubernetes/kubernetes/issues/56903 ## Change this if you have set a non-default DNS domain in your cluster clusterDNSDomain: "cluster.local" ## Configuration of Kubernetes for Terraform client ## https://www.terraform.io/docs/providers/kubernetes/index.html#argument-reference ## All double quotes should be escaped here regarding Terraform syntax cluster: host: "https://kubernetes.default.svc" # username: # password: # insecure: # client_certificate: # client_key: cluster_ca_certificate: '${file("/var/run/secrets/kubernetes.io/serviceaccount/ca.crt")}' # config_path: # config_context: # config_context_auth_info: # config_context_cluster: token: '${file("/var/run/secrets/kubernetes.io/serviceaccount/token")}' # exec: # api_version: # command: # args: [] # env: {} ## Enable autoscaling for components that support it: logs metadata, metrics metadata, metrics collector, otelcol instrumentation, and traces gateway autoscaling: enabled: true ## If you set it to false, it would set EXCLUDE_NAMESPACE= ## and not add the Otelcol logs and Prometheus remotestorage metrics. collectionMonitoring: true ## Optionally specify an array of pullSecrets. ## They will be added to serviceaccount that is used for Sumo Logic's ## deployments and statefulsets. ## Secrets must be manually created in the namespace. ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ ## # pullSecrets: # - name: myRegistryKeySecretName ## Add custom labels to the following sumologic resources(otelcol sts, setup job, otelcol deployment) podLabels: {} ## Add custom annotations to the following sumologic resources(otelcol sts, setup job, otelcol deployment) podAnnotations: {} ## Global configuration of node selectors nodeSelector: {} ## Global configuration of tolerations tolerations: [] ## Global configuration of affinity affinity: {} ## Add custom annotations to sumologic serviceAccounts serviceAccount: annotations: {} ## creation of Security Context Constraints in Openshift scc: create: false setup: ## uncomment to force collection installation (disables k8s version verification) # force: true job: image: repository: public.ecr.aws/sumologic/kubernetes-setup tag: 3.13.0 pullPolicy: IfNotPresent initContainerImage: repository: public.ecr.aws/sumologic/busybox tag: latest ## Optionally specify an array of pullSecrets. ## They will be added to serviceaccount that is used for Sumo Logic's ## setup job. ## Secrets must be manually created in the namespace. ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ ## # pullSecrets: # - name: myRegistryKeySecretName resources: limits: memory: 256Mi cpu: 2000m requests: memory: 64Mi cpu: 200m nodeSelector: {} ## Add custom labels only to setup job pod ## Node tolerations for server scheduling to nodes with taints ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ ## tolerations: [] # - key: null # operator: Exists # effect: "NoSchedule" ## Affinity and anti-affinity ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity ## affinity: {} podLabels: {} ## Add custom annotations only to setup job pod podAnnotations: {} ## Time in seconds after which the job result will be removed from the Kubernetes cluster ttlSecondsAfterFinished: 120 ## uncomment for the debug mode (disables the automatic run of the setup.sh script) # debug: true monitors: ## If enabled, a pre-install hook will create k8s monitors in Sumo Logic enabled: true ## The installed monitors default status: enabled/disabled monitorStatus: enabled ## A list of emails to send notifications from monitors notificationEmails: [] dashboards: ## If enabled, a pre-install hook will install k8s dashboards in Sumo Logic enabled: true collector: ## Configuration of additional collector fields ## https://help.sumologic.com/docs/manage/fields/#http-source-fields fields: {} ## Configuration of http sources ## See docs/Terraform.md for more information ## name: source name visible in sumologic platform ## config-name: This is mostly for backward compatibility sources: metrics: default: name: (default-metrics) config-name: endpoint-metrics default-otlp: name: metrics-otlp config-name: endpoint-metrics-otlp properties: content_type: Otlp apiserver: name: apiserver-metrics config-name: endpoint-metrics-apiserver controller: name: kube-controller-manager-metrics config-name: endpoint-metrics-kube-controller-manager scheduler: name: kube-scheduler-metrics config-name: endpoint-metrics-kube-scheduler state: name: kube-state-metrics config-name: endpoint-metrics-kube-state kubelet: name: kubelet-metrics config-name: endpoint-metrics-kubelet node: name: node-exporter-metrics config-name: endpoint-metrics-node-exporter control-plane: name: control-plane-metrics logs: default: name: logs config-name: endpoint-logs ## Properties can be used to extend default settings, such as processing rules, fields etc properties: default_date_formats: ## Ensures that timestamp key has precedence over timestamp auto discovery - format: epoch locator: '\"timestamp\":(\\d+)' # filters: # - name: "Test Exclude Debug" # filter_type: "Exclude" # regexp: ".*DEBUG.*" default-otlp: name: logs-otlp config-name: endpoint-logs-otlp properties: content_type: Otlp events: default: name: events config-name: endpoint-events properties: default_date_formats: ## Ensures that timestamp key has precedence over timestamp auto discovery - format: epoch locator: '\"timestamp\":(\\d+)' default-otlp: name: events-otlp config-name: endpoint-events-otlp properties: content_type: Otlp traces: default: name: traces config-name: endpoint-traces properties: content_type: Zipkin default-otlp: name: traces-otlp config-name: endpoint-traces-otlp properties: content_type: Otlp ### Global configuration for OpenTelemetry Collector otelcolImage: repository: "public.ecr.aws/sumologic/sumologic-otel-collector" tag: "0.92.0-sumo-0" ## Add a -fips suffix to all image tags. With default tags, this results in FIPS-compliant otel images. ## See https://github.com/SumoLogic/sumologic-otel-collector/blob/main/docs/fips.md for more information. addFipsSuffix: false ### Configuration for collection of Kubernetes events events: enabled: true ## Source name for the Events source. Default: "events" sourceName: "events" ## Source category for the Events source. Default: "" which is resolved to "{clusterName}/events" # sourceCategory: "kubernetes/events" ## Used to replace '-' with another character. sourceCategoryReplaceDash: "/" persistence: enabled: true size: 10Gi ## Configuration for the Persistent Volume and Persistent Volume Claim ## where the storage is kept persistentVolume: path: /var/lib/storage/events accessMode: ReadWriteOnce ## Add custom labels to otelcol event statefulset PVC pvcLabels: {} # storageClass: sourceType: otlp ### Logs configuration ## Set the enabled flag to false for disabling logs ingestion altogether. logs: enabled: true collector: otelcol: enabled: true ## Experimental otellogswindows: enabled: false otelcloudwatch: enabled: false roleArn: "" ## Configure persistence for the cloudwatch collector persistence: enabled: true region: "" pollInterval: 1m ## A map of log group and stream prefixes ## This is a map of log group and stream prefix, for example: ## logGroups: ## fluent-bit: ## names: [fluent-bit] logGroups: {} multiline: enabled: true first_line_regex: "^\\[?\\d{4}-\\d{1,2}-\\d{1,2}.\\d{2}:\\d{2}:\\d{2}" ## Additional configuration takes precedence over first_line_regex and are executed only for first matching condition ## ## Example: ## - first_line_regex: "^@@@@ First Line" ## condition: 'attributes["k8s.namespace.name"] == "foo"' ## - first_line_regex: "^--- First Line" ## condition: 'attributes["k8s.container.name"] matches "^bar-.*' ## ## NOTE: See below link for full reference: ## https://help.sumologic.com/docs/send-data/kubernetes/collecting-logs/#conditional-multiline-log-parsing additional: [] container: enabled: true ## Format to post logs into Sumo: fields, json, json_merge, or text. ## NOTE: json is an alias for fields ## NOTE: Multiline log detection works differently for `text` format. See below link for full reference: ## https://help.sumologic.com/docs/send-data/kubernetes/collecting-logs/#text-log-format format: fields ## When set to `true`, preserves the `time` attribute, which is a string representation of the `timestamp` attribute. keep_time_attribute: false otelcol: ## Extra processors for container logs. See https://help.sumologic.com/docs/send-data/kubernetes/collecting-logs/ for details. extraProcessors: [] ## Set the _sourceHost metadata field in Sumo Logic. sourceHost: "" ## Set the _sourceName metadata field in Sumo Logic. sourceName: "%{namespace}.%{pod}.%{container}" ## Set the _sourceCategory metadata field in Sumo Logic. sourceCategory: "%{namespace}/%{pod_name}" ## Set the prefix, for _sourceCategory metadata. sourceCategoryPrefix: "kubernetes/" ## Used to replace - with another character. sourceCategoryReplaceDash: "/" ## A regular expression for containers. ## Matching containers will be excluded from Sumo. The logs will still be sent to logs metadata provider (otelcol). excludeContainerRegex: "" ## A regular expression for hosts. ## Matching hosts will be excluded from Sumo. The logs will still be sent to logs metadata provider (otelcol). excludeHostRegex: "" ## A regular expression for namespaces. ## Matching namespaces will be excluded from Sumo. The logs will still be sent to logs metadata provider (otelcol). excludeNamespaceRegex: "" ## A regular expression for pods. ## Matching pods will be excluded from Sumo. The logs will still be sent to logs metadata provider (otelcol). excludePodRegex: "" ## Defines whether container-level pod annotations are enabled. perContainerAnnotationsEnabled: false ## Defines the list of prefixes of container-level pod annotations. perContainerAnnotationPrefixes: [] systemd: enabled: true ## systemd units to collect logs from # units: # - docker.service otelcol: ## Extra processors for systemd logs. See https://help.sumologic.com/docs/send-data/kubernetes/collecting-logs/ for details. extraProcessors: [] ## Set the _sourceName metadata field in Sumo Logic. sourceName: "%{_sourceName}" ## Set the _sourceCategory metadata field in Sumo Logic. sourceCategory: "system" ## Set the prefix, for _sourceCategory metadata. sourceCategoryPrefix: "kubernetes/" ## Used to replace - with another character. sourceCategoryReplaceDash: "/" ## A regular expression for facility. ## Matching facility will be excluded from Sumo. The logs will still be sent to logs metadata provider (otelcol). excludeFacilityRegex: "" ## A regular expression for hosts. ## Matching hosts will be excluded from Sumo. The logs will still be sent to logs metadata provider (otelcol). excludeHostRegex: "" ## A regular expression for priority. ## Matching priority will be excluded from Sumo. The logs will still be sent to logs metadata provider (otelcol). excludePriorityRegex: "" ## A regular expression for unit. ## Matching unit will be excluded from Sumo. The logs will still be sent to logs metadata provider (otelcol). excludeUnitRegex: "" kubelet: otelcol: ## Extra processors for kubelet logs. See https://help.sumologic.com/docs/send-data/kubernetes/collecting-logs/ for details. extraProcessors: [] ## Set the _sourceName metadata field in Sumo Logic. sourceName: "k8s_kubelet" ## Set the _sourceCategory metadata field in Sumo Logic. sourceCategory: "kubelet" ## Set the prefix, for _sourceCategory metadata. sourceCategoryPrefix: "kubernetes/" ## Used to replace - with another character. sourceCategoryReplaceDash: "/" ## A regular expression for facility. ## Matching facility will be excluded from Sumo. The logs will still be sent to logs metadata provider (otelcol). excludeFacilityRegex: "" ## A regular expression for hosts. ## Matching hosts will be excluded from Sumo. The logs will still be sent to logs metadata provider (otelcol). excludeHostRegex: "" ## A regular expression for priority. ## Matching priority will be excluded from Sumo. The logs will still be sent to logs metadata provider (otelcol). excludePriorityRegex: "" ## A regular expression for unit. ## Matching unit will be excluded from Sumo. The logs will still be sent to logs metadata provider (otelcol). excludeUnitRegex: "" ## Fields to be created at Sumo Logic to ensure logs are tagged with ## relevant metadata. ## https://help.sumologic.com/docs/manage/fields/#manage-fields fields: - cluster - container - daemonset - deployment - host - namespace - node - pod - service - statefulset ## Additional fields to be created in Sumo Logic. ## https://help.sumologic.com/docs/manage/fields/#manage-fields additionalFields: [] sourceType: otlp ### Metrics configuration ## Set the enabled flag to false for disabling metrics ingestion altogether. metrics: enabled: true collector: ### Otel metrics collector. Replaces Prometheus. ## To enable, you need opentelemetry-operator enabled as well. otelcol: enabled: true ## Configure image for Opentelemetry Collector image: # repository: "" # tag: "" pullPolicy: IfNotPresent ## Default scrape interval scrapeInterval: 30s ## Option to turn autoscaling on for otelcol and specify params for HPA. ## Autoscaling needs metrics-server to access cpu metrics. autoscaling: # enabled: false minReplicas: 1 maxReplicas: 10 targetCPUUtilizationPercentage: 70 targetMemoryUtilizationPercentage: 70 nodeSelector: {} ## Add custom annotations only to merics otelcol sts pods podAnnotations: {} ## Add custom labels only to metrics otelcol sts pods podLabels: {} ## Option to define priorityClassName to assign a priority class to pods. priorityClassName: replicaCount: 1 resources: limits: memory: 2Gi cpu: 1000m requests: memory: 768Mi cpu: 100m ## Selector for ServiceMonitors used for target discovery. By default, this selects resources created by this Chart. ## See https://github.com/open-telemetry/opentelemetry-operator/blob/main/docs/api.md#opentelemetrycollectorspectargetallocatorprometheuscr # serviceMonitorSelector: ## Selector for PodMonitors used for target discovery. By default, this selects resources created by this Chart. ## See https://github.com/open-telemetry/opentelemetry-operator/blob/main/docs/api.md#opentelemetrycollectorspectargetallocatorprometheuscr # podMonitorSelector: securityContext: ## The group ID of all processes in the statefulset containers. This can be anything, but it does need to be set. ## The default is 0 (root), and containers don't have write permissions for volumes in that case. fsGroup: 999 tolerations: [] affinity: {} ## Configuration for kubelet metrics kubelet: enabled: true metricRegex: (?:kubelet_docker_operations_errors(?:|_total)|kubelet_(?:docker|runtime)_operations_duration_seconds_(?:count|sum)|kubelet_running_(?:container|pod)(?:_count|s)|kubelet_(:?docker|runtime)_operations_latency_microseconds(?:|_count|_sum)) ## Configuration for cAdvisor metrics cAdvisor: enabled: true metricRegex: (?:container_cpu_usage_seconds_total|container_memory_working_set_bytes|container_fs_usage_bytes|container_fs_limit_bytes|container_cpu_cfs_throttled_seconds_total|container_network_receive_bytes_total|container_network_transmit_bytes_total) ## Enable collection of metrics from Pods annotated with prometheus.io/* keys. ## See https://help.sumologic.com/docs/send-data/kubernetes/collecting-metrics#application-metrics-are-exposed-one-endpoint-scenario for more information. annotatedPods: enabled: true ## Allocation strategy for the scrape target allocator. Valid values are: least-weighted and consistent-hashing. ## See: https://github.com/open-telemetry/opentelemetry-operator/blob/main/docs/api.md#opentelemetrycollectorspectargetallocator # allocationStrategy: least-weighted config: ## Directly alter the OT configuration. The value of this key should be a dictionary, that will ## be directly merged with the generated configuration, overriding existing values. ## For example: # override: # processors: # batch: # send_batch_size: 512 ## will change the batch size of the pipeline. ## ## WARNING: This field is not subject to backwards-compatibility guarantees offered by the rest ## of this chart. It involves implementation details that may change even in minor versions. ## Use with caution, and consider opening an issue, so your customization can be added in a safer way. merge: {} ## Completely override existing config and replace it with the contents of this value. ## The value of this key should be a dictionary, that will replace the normal configuration. ## This is an advanced feature, use with caution, and review the generated configuration first. override: {} ## Configuraton specific for target allocator targetAllocator: resources: {} ## Default metric filters for Sumo Apps enableDefaultFilters: false ## By default, the Helm Chart collects some high-cardinality histogram metrics, as Sumo Apps make use of the sum and count components. ## This setting causes the metrics collector to drop the actual histogram buckets, keeping only the sum and the count. ## This affects the following metrics: ## - apiserver_request_duration_seconds ## - coredns_dns_request_duration_seconds ## - kubelet_runtime_operations_duration_seconds dropHistogramBuckets: true ## A regular expression for namespaces. ## Metrics that match these namespaces will be excluded from Sumo. excludeNamespaceRegex: "" otelcol: ## Includes additional processors into pipelines. ## It can be used for filtering metrics, renaming, changing metadata and so on. ## This is list of objects, for example: ## extraProcessors: ## - filterprocessor: ## exclude: ## match_type: strict ## metric_names: ## - hello_world ## - hello/world extraProcessors: [] ### Enable a load balancing proxy for Prometheus remote writes. ## Prometheus remote write uses a single persistent HTTP connection per target, ## which interacts poorly with TCP load balancing with iptables that K8s Services do. ## Use a real HTTP load balancer for this instead. ## This is an advanced feature, enable only if you're experiencing performance ## issues with metrics metadata enrichment. remoteWriteProxy: enabled: false config: ## Increase this if you've increased samples_per_send in Prometheus to prevent nginx ## from spilling proxied request bodies to disk clientBodyBufferSize: "64k" ## This feature autodetects how much CPU is assigned to the nginx instance and sets ## the right amount of workers based on that. Disable to use the default of 8 workers. workerCountAutotune: true ## Nginx listen port port: 8080 ## Nginx access logs enableAccessLogs: false replicaCount: 3 image: repository: public.ecr.aws/sumologic/nginx-unprivileged ## This is simply 1.25.2-alpine with a newer version of Alpine ## In the nginx repo, this a moving tag, so I've chosen to add a -sumo-1 suffix to indicate the change tag: 1.25.2-alpine-sumo-1 pullPolicy: IfNotPresent resources: limits: cpu: 1000m memory: 256Mi requests: cpu: 100m memory: 128Mi livenessProbe: initialDelaySeconds: 30 periodSeconds: 10 timeoutSeconds: 5 successThreshold: 1 failureThreshold: 6 readinessProbe: initialDelaySeconds: 5 periodSeconds: 5 timeoutSeconds: 3 successThreshold: 1 failureThreshold: 3 securityContext: {} nodeSelector: {} tolerations: [] affinity: {} ## Option to define priorityClassName to assign a priority class to pods. priorityClassName: ## Add custom labels only to metrics sts pods podLabels: {} ## Add custom annotations only to metrics sts pods podAnnotations: {} ## Prometheus serviceMonitors related to Sumo Logic services ## They are applied only if kube-prometheus-stack is enabled serviceMonitors: - name: collection-sumologic-otelcol-logs additionalLabels: sumologic.com/app: otelcol-logs endpoints: - port: otelcol-metrics selector: matchLabels: sumologic.com/app: otelcol-logs sumologic.com/scrape: "true" - name: collection-sumologic-otelcol-metrics additionalLabels: sumologic.com/app: otelcol-metrics endpoints: - port: otelcol-metrics selector: matchLabels: sumologic.com/app: otelcol-metrics sumologic.com/scrape: "true" - name: collection-sumologic-metrics-collector additionalLabels: sumologic.com/app: otelcol-metrics endpoints: - port: monitoring selector: matchLabels: sumologic.com/app: otelcol sumologic.com/component: metrics sumologic.com/scrape: "true" - name: collection-sumologic-otelcol-logs-collector additionalLabels: sumologic.com/app: otelcol-logs-collector endpoints: - port: metrics selector: matchLabels: sumologic.com/app: otelcol-logs-collector sumologic.com/scrape: "true" - name: collection-sumologic-otelcol-events additionalLabels: sumologic.com/app: otelcol-events endpoints: - port: otelcol-metrics selector: matchLabels: sumologic.com/app: otelcol-events sumologic.com/scrape: "true" - name: collection-sumologic-otelcol-traces additionalLabels: sumologic.com/app: otelcol endpoints: - port: metrics selector: matchLabels: sumologic.com/component: instrumentation sumologic.com/scrape: "true" - name: collection-sumologic-prometheus endpoints: - port: http-web path: /metrics metricRelabelings: - action: keep regex: prometheus_remote_storage_.* sourceLabels: [__name__] selector: matchLabels: app: kube-prometheus-stack-prometheus ## User-defined ServiceMonitors go here additionalServiceMonitors: [] ## The type of source we send to in Sumo. The possible values are http and otlp. ## Consult the documentation for more information. sourceType: otlp ### Traces configuration ## Set the enabled flag to false to disable traces from instrumentation ingestion. traces: enabled: true ## How many spans per request should be send to receiver spans_per_request: 100 sourceType: otlp ## Configure metrics-server ## ref: https://github.com/bitnami/charts/blob/master/bitnami/metrics-server/values.yaml metrics-server: image: registry: public.ecr.aws repository: sumologic/metrics-server ## Set the enabled flag to true for enabling metrics-server. ## This is required before enabling autoscaling unless you have an existing metrics-server in the cluster. enabled: false ## Put here the new name if you want to override the full name used for metrics-server components. # fullnameOverride: "" apiService: create: true extraArgs: - --kubelet-insecure-tls=true - --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname ## Optionally specify image options for metrics-server # image: ## Optionally specify an array of imagePullSecrets. ## Secrets must be manually created in the namespace. ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ ## # pullSecrets: # - imagepullsecret ## Configure kube-prometheus-stack ## ref: https://github.com/prometheus-community/helm-charts/blob/main/charts/kube-prometheus-stack/values.yaml kube-prometheus-stack: ## Uncomment the flag below to not install kube-prometheus-stack helm chart ## as a dependency along with this helm chart. ## This is needed e.g. if you want to use a different version of kube-prometheus-stack - ## see https://help.sumologic.com/docs/send-data/kubernetes/best-practices/#using-newer-kube-prometheus-stack. ## To disable metrics collection, set `sumologic.metrics.enabled: false` and leave this flag commented out or set it to `false`. ## Do not set this flag explicitly to `true` while at the same time setting `sumologic.metrics.enabled: false`, ## as this will make Prometheus try to write to an non-existent metrics enrichment service. # enabled: false # global: ## Reference to one or more secrets to be used when pulling images ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ ## # imagePullSecrets: # - name: "image-pull-secret" ## Put here the new name if you want to override the full name used for Kube Prometheus Stack components. # fullnameOverride: "" ## Put here the new namespace if you want to override the namespace used for Kube Prometheus Stack components. # namespaceOverride: "" ## Provide a target gitVersion of K8S, in case .Capabilites.KubeVersion is not available (e.g. helm template). ## Changing this may break Sumo Logic apps. # kubeTargetVersionOverride: "" ## Labels to apply to all kube-prometheus-stack resources commonLabels: {} defaultRules: rules: alertmanager: false etcd: false configReloaders: false general: false k8s: false kubeApiserverAvailability: false kubeApiserverBurnrate: false kubeApiserverHistogram: false kubeApiserverSlos: false kubeControllerManager: false kubelet: false kubeProxy: false kubePrometheusGeneral: false kubePrometheusNodeRecording: false kubernetesApps: false kubernetesResources: false kubernetesStorage: false kubernetesSystem: false kubeSchedulerAlerting: false kubeSchedulerRecording: false kubeStateMetrics: false network: false node: false nodeExporterAlerting: false nodeExporterRecording: false prometheus: false prometheusOperator: false windows: false ## NOTE changing the serviceMonitor scrape interval to be >1m can result in metrics from recording ## rules to be missing and empty panels in Sumo Logic Kubernetes apps. kubeApiServer: serviceMonitor: ## Scrape interval. If not set, the Prometheus default scrape interval is used. interval: ## see docs/scraped_metrics.md ## apiserver_request_count ## apiserver_request_total ## apiserver_request_duration_seconds_count ## apiserver_request_duration_seconds_sum metricRelabelings: - action: keep regex: (?:apiserver_request_(?:count|total)|apiserver_request_(?:duration_seconds)_(?:count|sum)) sourceLabels: [__name__] kubelet: serviceMonitor: ## Scrape interval. If not set, the Prometheus default scrape interval is used. interval: ## Enable scraping /metrics/probes from kubelet's service probes: false ## Enable scraping /metrics/resource/v1alpha1 from kubelet's service resource: false ## see docs/scraped_metrics.md ## kubelet metrics: ## kubelet_docker_operations_errors ## kubelet_docker_operations_errors_total ## kubelet_docker_operations_duration_seconds_count ## kubelet_docker_operations_duration_seconds_sum ## kubelet_runtime_operations_duration_seconds_count ## kubelet_runtime_operations_duration_seconds_sum ## kubelet_running_container_count ## kubelet_running_containers ## kubelet_running_pod_count ## kubelet_running_pods ## kubelet_docker_operations_latency_microseconds ## kubelet_docker_operations_latency_microseconds_count ## kubelet_docker_operations_latency_microseconds_sum ## kubelet_runtime_operations_latency_microseconds ## kubelet_runtime_operations_latency_microseconds_count ## kubelet_runtime_operations_latency_microseconds_sum metricRelabelings: - action: keep regex: (?:kubelet_docker_operations_errors(?:|_total)|kubelet_(?:docker|runtime)_operations_duration_seconds_(?:count|sum)|kubelet_running_(?:container|pod)(?:_count|s)|kubelet_(:?docker|runtime)_operations_latency_microseconds(?:|_count|_sum)) sourceLabels: [__name__] - action: labeldrop regex: id ## see docs/scraped_metrics.md ## cadvisor container metrics ## container_cpu_usage_seconds_total ## container_fs_limit_bytes ## container_fs_usage_bytes ## container_memory_working_set_bytes ## container_cpu_cfs_throttled_seconds_total ## ## cadvisor aggregate container metrics ## container_network_receive_bytes_total ## container_network_transmit_bytes_total cAdvisorMetricRelabelings: - action: keep regex: (?:container_cpu_usage_seconds_total|container_memory_working_set_bytes|container_fs_usage_bytes|container_fs_limit_bytes|container_cpu_cfs_throttled_seconds_total|container_network_receive_bytes_total|container_network_transmit_bytes_total) sourceLabels: [__name__] ## Drop container metrics with container tag set to an empty string: ## these are the pod aggregated container metrics which can be aggregated ## in Sumo anyway. There's also some cgroup-specific time series we also ## do not need. - action: drop sourceLabels: [__name__, container] regex: (?:container_cpu_usage_seconds_total|container_memory_working_set_bytes|container_fs_usage_bytes|container_fs_limit_bytes);$ - action: labelmap regex: container_name replacement: container - action: drop sourceLabels: [container] regex: POD - action: labeldrop regex: (id|name) kubeControllerManager: serviceMonitor: ## Scrape interval. If not set, the Prometheus default scrape interval is used. interval: ## see docs/scraped_metrics.md ## controller manager metrics ## https://kubernetes.io/docs/concepts/cluster-administration/monitoring/#kube-controller-manager-metrics ## e.g. ## cloudprovider_aws_api_request_duration_seconds_bucket ## cloudprovider_aws_api_request_duration_seconds_count ## cloudprovider_aws_api_request_duration_seconds_sum metricRelabelings: - action: keep regex: (?:cloudprovider_.*_api_request_duration_seconds.*) sourceLabels: [__name__] coreDns: serviceMonitor: ## Scrape interval. If not set, the Prometheus default scrape interval is used. interval: ## see docs/scraped_metrics.md ## coredns: ## coredns_cache_entries ## coredns_cache_hits_total ## coredns_cache_misses_total ## coredns_dns_request_duration_seconds_count ## coredns_dns_request_duration_seconds_sum ## coredns_dns_requests_total ## coredns_dns_responses_total ## coredns_forward_requests_total ## coredns_proxy_request_duration_seconds_count ## coredns_proxy_request_duration_seconds_sum ## coredns_proxy_request_duration_seconds_bucket ## process_cpu_seconds_total ## process_open_fds ## process_resident_memory_bytes ## process_cpu_seconds_total ## process_open_fds ## process_resident_memory_bytes metricRelabelings: - action: keep regex: (?:coredns_cache_(entries|(hits|misses)_total)|coredns_dns_request_duration_seconds_(count|sum)|coredns_(forward_requests|dns_requests|dns_responses)_total|process_(cpu_seconds_total|open_fds|resident_memory_bytes)|coredns_proxy_request_duration_seconds_(sum|count|bucket)) sourceLabels: [__name__] kubeEtcd: serviceMonitor: ## Scrape interval. If not set, the Prometheus default scrape interval is used. interval: ## see docs/scraped_metrics.md ## etcd_request_cache_get_duration_seconds_count ## etcd_request_cache_get_duration_seconds_sum ## etcd_request_cache_add_duration_seconds_count ## etcd_request_cache_add_duration_seconds_sum ## etcd_request_cache_add_latencies_summary_count ## etcd_request_cache_add_latencies_summary_sum ## etcd_request_cache_get_latencies_summary_count ## etcd_request_cache_get_latencies_summary_sum ## etcd_helper_cache_hit_count ## etcd_helper_cache_hit_total ## etcd_helper_cache_miss_count ## etcd_helper_cache_miss_total ## etcd server: ## etcd_mvcc_db_total_size_in_bytes ## etcd_debugging_store_expires_total ## etcd_debugging_store_watchers ## etcd_disk_backend_commit_duration_seconds_bucket ## etcd_disk_wal_fsync_duration_seconds_bucket ## etcd_grpc_proxy_cache_hits_total ## etcd_grpc_proxy_cache_misses_total ## etcd_network_client_grpc_received_bytes_total ## etcd_network_client_grpc_sent_bytes_total ## etcd_server_has_leader ## etcd_server_leader_changes_seen_total ## etcd_server_proposals_applied_total ## etcd_server_proposals_committed_total ## etcd_server_proposals_failed_total ## etcd_server_proposals_pending ## process_cpu_seconds_total ## process_open_fds ## process_resident_memory_bytes metricRelabelings: - action: keep regex: (?:etcd_request_cache_(?:add|get)_(?:duration_seconds|latencies_summary)_(?:count|sum)|etcd_helper_cache_(?:hit|miss)_(?:count|total)|etcd_mvcc_db_total_size_in_bytes|etcd_debugging_(store_(expires_total|watchers))|etcd_disk_(backend_commit|wal_fsync)_duration_seconds_.*|etcd_grpc_proxy_cache_(hits|misses)_total|etcd_network_client_grpc_(received|sent)_bytes_total|etcd_server_(has_leader|leader_changes_seen_total)|etcd_server_proposals_(pending|(applied|committed|failed)_total)|process_(cpu_seconds_total|open_fds|resident_memory_bytes)) sourceLabels: [__name__] kubeScheduler: serviceMonitor: ## Scrape interval. If not set, the Prometheus default scrape interval is used. interval: ## see docs/scraped_metrics.md ## ## scheduler_e2e_* is present for K8s <1.23 ## scheduler_e2e_scheduling_duration_seconds_bucket ## scheduler_e2e_scheduling_duration_seconds_count ## scheduler_e2e_scheduling_duration_seconds_sum ## ## scheduler_scheduling_attempt_duration_seconds is present for K8s >=1.23 ## scheduler_scheduling_attempt_duration_seconds_bucket ## scheduler_scheduling_attempt_duration_seconds_count ## scheduler_scheduling_attempt_duration_seconds_sum ## ## scheduler_framework_extension_point_duration_seconds_bucket ## scheduler_framework_extension_point_duration_seconds_count ## scheduler_framework_extension_point_duration_seconds_sum ## scheduler_scheduling_algorithm_duration_seconds_bucket ## scheduler_scheduling_algorithm_duration_seconds_count ## scheduler_scheduling_algorithm_duration_seconds_sum metricRelabelings: - action: keep regex: (?:scheduler_(?:e2e_scheduling|scheduling_attempt|framework_extension_point|scheduling_algorithm)_duration_seconds.*) sourceLabels: [__name__] alertmanager: enabled: false grafana: enabled: false defaultDashboardsEnabled: false prometheusOperator: enabled: false image: repository: public.ecr.aws/sumologic/prometheus-operator ## Labels to add to the operator pod podLabels: {} ## Annotations to add to the operator pod podAnnotations: {} ## Resource limits for prometheus operator resources: {} # limits: # cpu: 200m # memory: 200Mi # requests: # cpu: 100m # memory: 100Mi ## ServiceMonitor for the Prometheus operator serviceMonitor: selfMonitor: false admissionWebhooks: enabled: false tls: enabled: false ## Resource limits for kube-state-metrics kube-state-metrics: ## Put here the new name if you want to override the full name used for Kube State Metrics components. # fullnameOverride: "" nodeSelector: kubernetes.io/os: linux ## Custom labels to apply to service, deployment and pods customLabels: {} ## Additional annotations for pods in the DaemonSet podAnnotations: {} resources: {} # limits: # cpu: 100m # memory: 64Mi # requests: # cpu: 10m # memory: 32Mi ## latest kube-prometheus-stack version that is supported on OpenShift 4.8-4.10 ## uses version 2.6.0 of kube-state-metrics, but this version has some critical vulnerabilities, ## so we bump the image manually. image: repository: public.ecr.aws/sumologic/kube-state-metrics tag: "v2.7.0" prometheus: monitor: ## Scrape interval. If not set, the Prometheus default scrape interval is used. interval: ## see docs/scraped_metrics.md ## kube_daemonset_status_current_number_scheduled ## kube_daemonset_status_desired_number_scheduled ## kube_daemonset_status_number_misscheduled ## kube_daemonset_status_number_unavailable ## kube_deployment_spec_replicas ## kube_deployment_status_replicas_available ## kube_deployment_status_replicas_unavailable ## kube_node_info ## kube_node_status_allocatable ## kube_node_status_capacity ## kube_node_status_condition ## kube_statefulset_metadata_generation ## kube_statefulset_replicas ## kube_statefulset_status_observed_generation ## kube_statefulset_status_replicas ## kube_hpa_spec_max_replicas ## kube_hpa_spec_min_replicas ## kube_hpa_status_condition ## kube_hpa_status_current_replicas ## kube_hpa_status_desired_replicas ## kube pod state metrics ## kube_pod_container_info ## kube_pod_container_resource_limits ## kube_pod_container_resource_requests ## kube_pod_container_status_ready ## kube_pod_container_status_restarts_total ## kube_pod_container_status_terminated_reason ## kube_pod_container_status_waiting_reason ## kube_pod_status_phase ## kube_pod_info ## kube_service_info ## kube_service_spec_external_ip ## kube_service_spec_type ## kube_service_status_load_balancer_ingress metricRelabelings: - action: keep regex: (?:kube_statefulset_status_observed_generation|kube_statefulset_status_replicas|kube_statefulset_replicas|kube_statefulset_metadata_generation|kube_daemonset_status_current_number_scheduled|kube_daemonset_status_desired_number_scheduled|kube_daemonset_status_number_misscheduled|kube_daemonset_status_number_unavailable|kube_deployment_spec_replicas|kube_deployment_status_replicas_available|kube_deployment_status_replicas_unavailable|kube_node_info|kube_node_status_allocatable|kube_node_status_capacity|kube_node_status_condition|kube_hpa_spec_max_replicas|kube_hpa_spec_min_replicas|kube_hpa_status_(condition|(current|desired)_replicas)|kube_pod_container_info|kube_pod_container_resource_requests|kube_pod_container_resource_limits|kube_pod_container_status_ready|kube_pod_container_status_terminated_reason|kube_pod_container_status_waiting_reason|kube_pod_container_status_restarts_total|kube_pod_status_phase|kube_pod_info|kube_service_info|kube_service_spec_external_ip|kube_service_spec_type|kube_service_status_load_balancer_ingress) sourceLabels: [__name__] ## Drop unnecessary labels Prometheus adds to these metrics ## We don't want container=kube-state-metrics on everything ## But we do want to keep these on pod metrics, which we check for via the `uid` attribute - action: labeldrop regex: service - action: replace sourceLabels: [container, uid] regex: kube-state-metrics; targetLabel: container replacement: "" - action: replace sourceLabels: [pod, uid] regex: ".*kube-state-metrics.*;" targetLabel: pod replacement: "" - action: labelmap regex: (pod|service) replacement: service_discovery_${1} ## Resource limits for prometheus node exporter prometheus-node-exporter: ## Put here the new name if you want to override the full name used for Prometheus Node exporter components. # fullnameOverride: "" image: repository: public.ecr.aws/sumologic/node-exporter nodeSelector: kubernetes.io/os: linux ## Additional labels for pods in the DaemonSet podLabels: {} ## Additional annotations for pods in the DaemonSet podAnnotations: {} resources: {} # limits: # cpu: 200m # memory: 50Mi # requests: # cpu: 100m # memory: 30Mi prometheus: monitor: ## Scrape interval. If not set, the Prometheus default scrape interval is used. interval: ## see docs/scraped_metrics.md ## node exporter metrics ## node_cpu_seconds_total ## node_load1 ## node_load5 ## node_load15 ## node_disk_io_time_weighted_seconds_total ## node_disk_io_time_seconds_total ## node_vmstat_pgpgin ## node_vmstat_pgpgout ## node_memory_MemFree_bytes ## node_memory_MemAvailable_bytes ## node_memory_Cached_bytes ## node_memory_Buffers_bytes ## node_memory_MemTotal_bytes ## node_network_receive_drop_total ## node_network_transmit_drop_total ## node_network_receive_bytes_total ## node_network_transmit_bytes_total ## node_filesystem_avail_bytes ## node_filesystem_size_bytes metricRelabelings: - action: keep regex: (?:node_load1|node_load5|node_load15|node_cpu_seconds_total|node_disk_io_time_weighted_seconds_total|node_disk_io_time_seconds_total|node_vmstat_pgpgin|node_vmstat_pgpgout|node_memory_MemFree_bytes|node_memory_MemAvailable_bytes|node_memory_Cached_bytes|node_memory_Buffers_bytes|node_memory_MemTotal_bytes|node_network_receive_drop_total|node_network_transmit_drop_total|node_network_receive_bytes_total|node_network_transmit_bytes_total|node_filesystem_avail_bytes|node_filesystem_size_bytes) sourceLabels: [__name__] prometheus: enabled: false additionalServiceMonitors: [] prometheusSpec: image: repository: public.ecr.aws/sumologic/prometheus ## Prometheus default scrape interval, default from upstream Kube Prometheus Stack Helm chart ## NOTE changing the scrape interval to be >1m can result in metrics ## from recording rules to be missing and empty panels in Sumo Logic Kubernetes apps. scrapeInterval: "30s" ## Prometheus data retention period retention: "1d" ## Add custom pod annotations and labels to prometheus pods podMetadata: labels: {} annotations: {} nodeSelector: kubernetes.io/os: linux ## Define resources requests and limits for single Pods. resources: limits: cpu: 2000m memory: 8Gi requests: cpu: 500m memory: 1Gi initContainers: - name: "init-config-reloader" env: - name: METADATA_METRICS_SVC valueFrom: configMapKeyRef: name: sumologic-configmap key: metadataMetrics - name: NAMESPACE valueFrom: configMapKeyRef: name: sumologic-configmap key: metadataNamespace containers: - name: "config-reloader" env: - name: METADATA_METRICS_SVC valueFrom: configMapKeyRef: name: sumologic-configmap key: metadataMetrics - name: NAMESPACE valueFrom: configMapKeyRef: name: sumologic-configmap key: metadataNamespace ## Enable WAL compression to reduce Prometheus memory consumption walCompression: true ## prometheus scrape config ## rel: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#scrape_config additionalScrapeConfigs: ## scraping metrics basing on annotations: ## - prometheus.io/scrape: true - to scrape metrics from the pod ## - prometheus.io/path: /metrics - path which the metric should be scrape from ## - prometheus.io/port: 9113 - port which the metric should be scrape from ## rel: https://github.com/prometheus-operator/kube-prometheus/pull/16#issuecomment-424318647 - job_name: "pod-annotations" kubernetes_sd_configs: - role: pod relabel_configs: - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_scrape] action: keep regex: true - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_path] action: replace target_label: __metrics_path__ regex: (.+) - source_labels: [__address__, __meta_kubernetes_pod_annotation_prometheus_io_port] action: replace regex: ([^:]+)(?::\d+)?;(\d+) replacement: $1:$2 target_label: __address__ - source_labels: [__metrics_path__] separator: ; regex: (.*) target_label: endpoint replacement: $1 action: replace - source_labels: [__meta_kubernetes_namespace] action: replace target_label: namespace - action: labelmap regex: __meta_kubernetes_pod_label_(.+) - source_labels: [__meta_kubernetes_pod_name] separator: ; regex: (.*) target_label: pod replacement: $1 action: replace remoteWrite: ## infrastructure metrics - url: http://$(METADATA_METRICS_SVC).$(NAMESPACE):9888/prometheus.metrics remoteTimeout: 5s serviceMonitor: selfMonitor: false ## Configuration for prometheus-windows-exporter ## ref: https://github.com/prometheus-community/helm-charts/tree/main/charts/prometheus-windows-exporter ## This is an experimental feature prometheus-windows-exporter: enabled: false ## Enable ServiceMonitor and set Kubernetes label to use as a job label ## prometheus: monitor: enabled: true jobLabel: jobLabel releaseLabel: true ## Set job label to 'windows-exporter' as required by the default Prometheus rules and Grafana dashboards ## podLabels: jobLabel: windows-exporter ## Enable memory and container metrics as required by the default Prometheus rules and Grafana dashboards ## config: |- collectors: enabled: '[defaults],memory,container' ## Configure otelcol-instrumentation - Sumo OTel Distro Collector ## ref: https://github.com/SumoLogic/sumologic-kubernetes-collection/blob/main/docs/opentelemetry-collector/traces.md otelcolInstrumentation: enabled: true sourceMetadata: ## Set the _sourceName metadata field in Sumo Logic. sourceName: "%{k8s.namespace.name}.%{k8s.pod.pod_name}.%{k8s.container.name}" ## Set the _sourceCategory metadata field in Sumo Logic. sourceCategory: "%{k8s.namespace.name}/%{k8s.pod.pod_name}" ## Set the prefix, for _sourceCategory metadata. sourceCategoryPrefix: "kubernetes/" ## Used to replace - with another character. sourceCategoryReplaceDash: "/" ## A regular expression for containers. ## Matching containers will be excluded from Sumo. The logs will still be sent to otelcol. excludeContainerRegex: "" ## A regular expression for hosts. ## Matching hosts will be excluded from Sumo. The logs will still be sent to otelcol. excludeHostRegex: "" ## A regular expression for namespaces. ## Matching namespaces will be excluded from Sumo. The logs will still be sent to otelcol. excludeNamespaceRegex: "" ## A regular expression for pods. ## Matching pods will be excluded from Sumo. The logs will still be sent to otelcol. excludePodRegex: "" ## Option to turn autoscaling on for otelcol and specify params for HPA. ## Autoscaling needs metrics-server to access cpu metrics. autoscaling: # enabled: false minReplicas: 3 maxReplicas: 10 targetCPUUtilizationPercentage: 100 # targetMemoryUtilizationPercentage: 50 statefulset: nodeSelector: {} tolerations: [] topologySpreadConstraints: [] affinity: {} ## Acceptable values for podAntiAffinity: ## soft: specifies preferences that the scheduler will try to enforce but will not guarantee (Default) ## hard: specifies rules that must be met for a pod to be scheduled onto a node podAntiAffinity: "soft" replicaCount: 3 resources: limits: memory: 4Gi cpu: 2000m requests: memory: 768Mi cpu: 500m ## Option to define priorityClassName to assign a priority class to pods. priorityClassName: ## Add custom labels only to metrics sts pods podLabels: {} ## Add custom annotations only to metrics sts pods podAnnotations: {} image: # repository: "" # tag: "" pullPolicy: IfNotPresent ## Set securityContext for containers running in pods in otelcol-instrumentation statefulset. containers: otelcol: securityContext: {} livenessProbe: initialDelaySeconds: 15 periodSeconds: 15 timeoutSeconds: 10 failureThreshold: 3 readinessProbe: initialDelaySeconds: 5 periodSeconds: 10 timeoutSeconds: 3 failureThreshold: 3 startupProbe: periodSeconds: 3 failureThreshold: 60 ## Extra Environment Values - allows yaml definitions # extraEnvVars: # - name: VALUE_FROM_SECRET # valueFrom: # secretKeyRef: # name: secret_name # key: secret_key # extraVolumes: # - name: es-certs # secret: # defaultMode: 420 # secretName: es-certs # extraVolumeMounts: # - name: es-certs # mountPath: /certs # readOnly: true ## To enable collecting all logs, set to false logLevelFilter: false ## Log Level logLevel: info config: ## Directly alter the OT configuration. The value of this key should be a dictionary, that will ## be directly merged with the generated configuration, overriding existing values. ## For example: # override: # processors: # batch: # send_batch_size: 512 ## will change the batch size of the pipeline. ## ## WARNING: This field is not subject to backwards-compatibility guarantees offered by the rest ## of this chart. It involves implementation details that may change even in minor versions. ## Use with caution, and consider opening an issue, so your customization can be added in a safer way. merge: {} ## Completely override existing config and replace it with the contents of this value. ## The value of this key should be a dictionary, that will replace the normal configuration. ## This is an advanced feature, use with caution, and review the generated configuration first. override: {} ## Configure traces-sampler ## ref: https://github.com/SumoLogic/sumologic-kubernetes-collection/blob/main/docs/opentelemetry-collector/traces.md tracesSampler: deployment: nodeSelector: {} tolerations: [] replicas: 1 resources: limits: memory: 4Gi cpu: 2000m requests: memory: 384Mi cpu: 200m ## Option to define priorityClassName to assign a priority class to pods. priorityClassName: ## Add custom labels only to traces-sampler deployment. podLabels: {} ## Add custom annotations only to traces-sampler deployment. podAnnotations: {} image: # repository: "" # tag: "" pullPolicy: IfNotPresent ## Extra Environment Values - allows yaml definitions # extraEnvVars: # - name: VALUE_FROM_SECRET # valueFrom: # secretKeyRef: # name: secret_name # key: secret_key # extraVolumes: # - name: es-certs # secret: # defaultMode: 420 # secretName: es-certs # extraVolumeMounts: # - name: es-certs # mountPath: /certs # readOnly: true ## To enable collecting all logs, set to false logLevelFilter: false ## Log Level logLevel: info ## Customize the Opentelemetry Collector configuration beyond the exposed options config: ## Directly alter the OT configuration. The value of this key should be a dictionary, that will ## be directly merged with the generated configuration, overriding existing values. ## For example: # override: # processors: # batch: # send_batch_size: 512 ## will change the batch size of the pipeline. ## ## WARNING: This field is not subject to backwards-compatibility guarantees offered by the rest ## of this chart. It involves implementation details that may change even in minor versions. ## Use with caution, and consider opening an issue, so your customization can be added in a safer way. merge: {} ## Completely override existing config and replace it with the contents of this value. ## The value of this key should be a dictionary, that will replace the normal configuration. ## This is an advanced feature, use with caution, and review the generated configuration first. override: {} ## Configure persistence for Opentelemetry Collector persistence: enabled: false # storageClass: "" accessMode: ReadWriteOnce size: 1Gi ## Add custom labels to all traces-sampler deployment PVC pvcLabels: {} ## Configuration for the Persistent Volume and Persistent Volume Claim ## where the storage is kept persistentVolume: path: /var/lib/storage/tracessampler metadata: ## Configure image for Opentelemetry Collector (for logs and metrics) image: # repository: "" # tag: "" pullPolicy: IfNotPresent securityContext: ## The group ID of all processes in the statefulset containers. This can be anything, but it does need to be set. ## The default is 0 (root), and containers don't have write permissions for volumes in that case. fsGroup: 999 ## Add custom labels to all otelcol sts pods(logs and metrics) podLabels: {} ## Add custom annotations to all otelcol sts pods(logs and metrics) podAnnotations: {} ## Add custom labels to all otelcol svc (logs and metrics) serviceLabels: {} ## Configure persistence for Opentelemetry Collector persistence: enabled: true # storageClass: "" accessMode: ReadWriteOnce size: 10Gi ## Add custom labels to all otelcol statefulset PVC (logs and metrics) pvcLabels: {} ## Configure metrics pipeline. ## This section affects only otelcol provider. metrics: enabled: true logLevel: info config: ## Directly alter the OT configuration. The value of this key should be a dictionary, that will ## be directly merged with the generated configuration, overriding existing values. ## For example: # override: # processors: # batch: # send_batch_size: 512 ## will change the batch size of the pipeline. ## ## WARNING: This field is not subject to backwards-compatibility guarantees offered by the rest ## of this chart. It involves implementation details that may change even in minor versions. ## Use with caution, and consider opening an issue, so your customization can be added in a safer way. merge: {} ## Completely override existing config and replace it with the contents of this value. ## The value of this key should be a dictionary, that will replace the normal configuration. ## This is an advanced feature, use with caution, and review the generated configuration first. override: {} ## List of additional endpoints to be handled by Metrics Metadata Pods additionalEndpoints: [] statefulset: nodeSelector: {} tolerations: [] topologySpreadConstraints: [] affinity: {} ## Acceptable values for podAntiAffinity: ## soft: specifies preferences that the scheduler will try to enforce but will not guarantee (Default) ## hard: specifies rules that must be met for a pod to be scheduled onto a node podAntiAffinity: "soft" replicaCount: 3 resources: limits: memory: 1Gi cpu: 1000m requests: memory: 768Mi cpu: 500m ## Option to define priorityClassName to assign a priority class to pods. priorityClassName: ## Add custom labels only to metrics sts pods podLabels: {} ## Add custom annotations only to metrics sts pods podAnnotations: {} ## Set securityContext for containers running in pods in metrics statefulset. containers: otelcol: securityContext: {} livenessProbe: initialDelaySeconds: 15 periodSeconds: 15 timeoutSeconds: 10 failureThreshold: 3 readinessProbe: initialDelaySeconds: 5 periodSeconds: 10 timeoutSeconds: 3 failureThreshold: 3 startupProbe: periodSeconds: 3 failureThreshold: 60 ## Extra Environment Values - allows yaml definitions # extraEnvVars: # - name: VALUE_FROM_SECRET # valueFrom: # secretKeyRef: # name: secret_name # key: secret_key # extraVolumes: # - name: es-certs # secret: # defaultMode: 420 # secretName: es-certs # extraVolumeMounts: # - name: es-certs # mountPath: /certs # readOnly: true ## Option to turn autoscaling on for metrics and specify params for HPA. ## Autoscaling needs metrics-server to access cpu metrics. autoscaling: # enabled: false minReplicas: 3 maxReplicas: 10 targetCPUUtilizationPercentage: 80 # targetMemoryUtilizationPercentage: 50 ## Option to specify PodDisrutionBudgets ## You can specify only one of maxUnavailable and minAvailable in a single PodDisruptionBudget podDisruptionBudget: minAvailable: 2 ## To use maxUnavailable, set minAvailable to null and uncomment the below: # maxUnavailable: 1 ## Configure logs pipeline. ## This section affects only otelcol provider. logs: enabled: true logLevel: info config: ## Directly alter the OT configuration. The value of this key should be a dictionary, that will ## be directly merged with the generated configuration, overriding existing values. ## For example: # override: # processors: # batch: # send_batch_size: 512 ## will change the batch size of the pipeline. ## ## WARNING: This field is not subject to backwards-compatibility guarantees offered by the rest ## of this chart. It involves implementation details that may change even in minor versions. ## Use with caution, and consider opening an issue, so your customization can be added in a safer way. merge: {} ## Completely override existing config and replace it with the contents of this value. ## The value of this key should be a dictionary, that will replace the normal configuration. ## This is an advanced feature, use with caution, and review the generated configuration first. override: {} statefulset: nodeSelector: {} tolerations: [] topologySpreadConstraints: [] affinity: {} ## Acceptable values for podAntiAffinity: ## soft: specifies preferences that the scheduler will try to enforce but will not guarantee (Default) ## hard: specifies rules that must be met for a pod to be scheduled onto a node podAntiAffinity: "soft" replicaCount: 3 resources: limits: memory: 1Gi cpu: 1000m requests: memory: 768Mi cpu: 500m ## Option to define priorityClassName to assign a priority class to pods. priorityClassName: ## Add custom labels only to logs sts pods podLabels: {} ## Add custom annotations only to logs sts pods podAnnotations: {} ## Set securityContext for containers running in pods in logs statefulset. containers: otelcol: securityContext: {} livenessProbe: initialDelaySeconds: 15 periodSeconds: 15 timeoutSeconds: 10 failureThreshold: 3 readinessProbe: initialDelaySeconds: 5 periodSeconds: 10 timeoutSeconds: 3 failureThreshold: 3 startupProbe: periodSeconds: 3 failureThreshold: 60 ## Extra Environment Values - allows yaml definitions # extraEnvVars: # - name: VALUE_FROM_SECRET # valueFrom: # secretKeyRef: # name: secret_name # key: secret_key # extraVolumes: # - name: es-certs # secret: # defaultMode: 420 # secretName: es-certs # extraVolumeMounts: # - name: es-certs # mountPath: /certs # readOnly: true # extraPorts: # - name: otlphttp2 # containerPort: 4319 # protocol: TCP # extraArgs: ## Option to turn autoscaling on for logs and specify params for HPA. ## Autoscaling needs metrics-server to access cpu metrics. autoscaling: # enabled: false minReplicas: 3 maxReplicas: 10 targetCPUUtilizationPercentage: 80 # targetMemoryUtilizationPercentage: 50 ## Option to specify PodDisrutionBudgets ## You can specify only one of maxUnavailable and minAvailable in a single PodDisruptionBudget podDisruptionBudget: minAvailable: 2 ## To use maxUnavailable, set minAvailable to null and uncomment the below: # maxUnavailable: 1 ## Configure traces-gateway ## ref: https://github.com/SumoLogic/sumologic-kubernetes-collection/blob/main/docs/opentelemetry-collector/traces.md tracesGateway: enabled: true ## Option to turn autoscaling on for otelcol and specify params for HPA. ## Autoscaling needs metrics-server to access cpu metrics. autoscaling: # enabled: false minReplicas: 1 maxReplicas: 10 targetCPUUtilizationPercentage: 100 # targetMemoryUtilizationPercentage: 50 deployment: replicas: 1 nodeSelector: {} tolerations: [] resources: limits: memory: 2Gi cpu: 1000m requests: memory: 196Mi cpu: 50m ## Add custom labels only to traces-gateway deployment. podLabels: {} ## Add custom annotations only to traces-gateway deployment. podAnnotations: {} image: # repository: "" # tag: "" pullPolicy: IfNotPresent livenessProbe: periodSeconds: 15 timeoutSeconds: 10 failureThreshold: 3 readinessProbe: periodSeconds: 10 timeoutSeconds: 3 failureThreshold: 3 startupProbe: periodSeconds: 5 timeoutSeconds: 3 failureThreshold: 60 ## Extra Environment Values - allows yaml definitions # extraEnvVars: # - name: VALUE_FROM_SECRET # valueFrom: # secretKeyRef: # name: secret_name # key: secret_key # extraVolumes: # - name: es-certs # secret: # defaultMode: 420 # secretName: es-certs # extraVolumeMounts: # - name: es-certs # mountPath: /certs # readOnly: true ## Option to define priorityClassName to assign a priority class to pods. priorityClassName: ## To enable collecting all logs, set to false logLevelFilter: false ## Log Level logLevel: info ## Customize the Opentelemetry Collector configuration beyond the exposed options config: ## Directly alter the OT configuration. The value of this key should be a dictionary, that will ## be directly merged with the generated configuration, overriding existing values. ## For example: # override: # processors: # batch: # send_batch_size: 512 ## will change the batch size of the pipeline. ## ## WARNING: This field is not subject to backwards-compatibility guarantees offered by the rest ## of this chart. It involves implementation details that may change even in minor versions. ## Use with caution, and consider opening an issue, so your customization can be added in a safer way. merge: {} ## Completely override existing config and replace it with the contents of this value. ## The value of this key should be a dictionary, that will replace the normal configuration. ## This is an advanced feature, use with caution, and review the generated configuration first. override: {} ## Configuration of the OpenTelemetry Collector that collects Kubernetes events. ## See https://help.sumologic.com/docs/send-data/kubernetes/collecting-events/. otelevents: ## Configure image for Opentelemetry Collector image: # repository: "" # tag: "" pullPolicy: IfNotPresent logLevel: info ## Customize the Opentelemetry Collector configuration beyond the exposed options config: ## Directly alter the OT configuration. The value of this key should be a dictionary, that will ## be directly merged with the generated configuration, overriding existing values. ## For example: # override: # processors: # batch: # send_batch_size: 512 ## will change the batch size of the pipeline. ## ## WARNING: This field is not subject to backwards-compatibility guarantees offered by the rest ## of this chart. It involves implementation details that may change even in minor versions. ## Use with caution, and consider opening an issue, so your customization can be added in a safer way. merge: {} ## Completely override existing config and replace it with the contents of this value. ## The value of this key should be a dictionary, that will replace the normal configuration. ## This is an advanced feature, use with caution, and review the generated configuration first. override: {} statefulset: nodeSelector: {} tolerations: [] topologySpreadConstraints: [] affinity: {} ## Acceptable values for podAntiAffinity: ## soft: specifies preferences that the scheduler will try to enforce but will not guarantee (Default) ## hard: specifies rules that must be met for a pod to be scheduled onto a node podAntiAffinity: "soft" resources: limits: memory: 2Gi cpu: 2000m requests: memory: 500Mi cpu: 200m ## Option to define priorityClassName to assign a priority class to pods. priorityClassName: ## Add custom labels only to events sts pods podLabels: {} ## Add custom annotations only to events sts pods podAnnotations: {} securityContext: ## The group ID of all processes in the statefulset containers. This can be anything, but it does need to be set. ## The default is 0 (root), and containers don't have write permissions for volumes in that case. fsGroup: 999 ## Set securityContext for containers running in pods in events statefulset. containers: otelcol: securityContext: {} livenessProbe: initialDelaySeconds: 15 periodSeconds: 15 timeoutSeconds: 10 failureThreshold: 3 readinessProbe: initialDelaySeconds: 5 periodSeconds: 10 timeoutSeconds: 3 failureThreshold: 3 startupProbe: periodSeconds: 3 failureThreshold: 60 ## Extra Environment Values - allows yaml definitions # extraEnvVars: # - name: VALUE_FROM_SECRET # valueFrom: # secretKeyRef: # name: secret_name # key: secret_key # extraVolumes: # - name: es-certs # secret: # defaultMode: 420 # secretName: es-certs # extraVolumeMounts: # - name: es-certs # mountPath: /certs # readOnly: true ## Configure cloudwatch collection with Otelcol otelcloudwatch: statefulset: nodeSelector: {} tolerations: [] topologySpreadConstraints: [] affinity: {} ## Acceptable values for podAntiAffinity: ## soft: specifies preferences that the scheduler will try to enforce but will not guarantee (Default) ## hard: specifies rules that must be met for a pod to be scheduled onto a node podAntiAffinity: "soft" replicaCount: 1 resources: limits: memory: 1Gi cpu: 1000m requests: memory: 768Mi cpu: 500m ## Option to define priorityClassName to assign a priority class to pods. priorityClassName: ## Add custom labels only to logs otel sts pods podLabels: {} ## Add custom annotations only to logs otel sts pods podAnnotations: {} ## Set securityContext for containers running in pods in otelcol-instrumentation statefulset. containers: otelcol: securityContext: {} livenessProbe: initialDelaySeconds: 15 periodSeconds: 15 timeoutSeconds: 10 failureThreshold: 3 readinessProbe: initialDelaySeconds: 5 periodSeconds: 10 timeoutSeconds: 3 failureThreshold: 3 startupProbe: periodSeconds: 3 failureThreshold: 60 ## Configure log collection with Otelcol otellogs: ## Metrics from Collector metrics: enabled: true ## Add custom labels to otelcol svc serviceLabels: {} ## Configure image for Opentelemetry Collector image: # repository: "" # tag: "" pullPolicy: IfNotPresent logLevel: info config: ## Directly alter the OT configuration. The value of this key should be a dictionary, that will ## be directly merged with the generated configuration, overriding existing values. ## For example: # override: # processors: # batch: # send_batch_size: 512 ## will change the batch size of the pipeline. ## ## WARNING: This field is not subject to backwards-compatibility guarantees offered by the rest ## of this chart. It involves implementation details that may change even in minor versions. ## Use with caution, and consider opening an issue, so your customization can be added in a safer way. merge: {} ## Completely override existing config and replace it with the contents of this value. ## The value of this key should be a dictionary, that will replace the normal configuration. ## This is an advanced feature, use with caution, and review the generated configuration first. override: {} daemonset: ## Set securityContext for containers running in pods in log collector daemonset securityContext: ## In order to reliably read logs from mounted node logging paths, we need to run as root fsGroup: 0 runAsUser: 0 runAsGroup: 0 ## Add custom labels to the otelcol daemonset labels: {} ## Add custom annotations to the otelcol daemonset annotations: {} ## Add custom labels to all otelcol daemonset pods podLabels: {} ## Add custom annotations to all otelcol daemonset pods podAnnotations: {} resources: limits: memory: 1Gi cpu: 1000m requests: memory: 32Mi cpu: 100m ## Option to define priorityClassName to assign a priority class to pods. ## If not set then temaplates/priorityclass.yaml is used. priorityClassName: ## Set securityContext for containers running in pods in log collector daemonset containers: otelcol: securityContext: capabilities: drop: - ALL ## Set securityContext and image for initContainers running in pods in log collector daemonset initContainers: changeowner: image: repository: "public.ecr.aws/sumologic/busybox" tag: "1.36.0" pullPolicy: IfNotPresent securityContext: capabilities: drop: - ALL add: - CAP_CHOWN nodeSelector: {} tolerations: - effect: NoSchedule operator: Exists affinity: {} ## Extra Environment Values - allows yaml definitions # extraEnvVars: # - name: VALUE_FROM_SECRET # valueFrom: # secretKeyRef: # name: secret_name # key: secret_key # extraVolumes: # - name: es-certs # secret: # defaultMode: 420 # secretName: es-certs # extraVolumeMounts: # - name: es-certs # mountPath: /certs # readOnly: true ## See https://kubernetes.io/docs/tasks/manage-daemon/update-daemon-set/ # updateStrategy: # rollingUpdate: # maxSurge: 0 # maxUnavailable: 1 # type: RollingUpdate ## additionalDaemonSets allows to set daemonsets with affinity, nodeSelector and resources ## different than the main DaemonSet ## Be careful and set nodeAffinity for the main DaemonSet, ## as we do not support multiple pods of otellogs on the same node ## ## e.g: ## additionalDaemonSets: ## linux: ## nodeSelector: ## kubernetes.io/os: linux ## resources: ## limits: ## memory: 1Gi ## cpu: 6 ## requests: ## memory: 32Mi ## cpu: 2 ## daemonset: ## affinity: ## nodeAffinity: ## requiredDuringSchedulingIgnoredDuringExecution: ## nodeSelectorTerms: ## - matchExpressions: ## - key: kubernetes.io/os ## operator: NotIn ## values: ## - linux additionalDaemonSets: {} ## Experimental ## Configure OpenTelemetry Logs Collector for Windows Nodes otellogswindows: ## Metrics from Collector metrics: enabled: true ## Add custom labels to otelcol svc serviceLabels: {} ## Configure image for Opentelemetry Collector image: # repository: "" # tag: "" pullPolicy: IfNotPresent logLevel: info config: ## Directly alter the OT configuration. The value of this key should be a dictionary, that will ## be directly merged with the generated configuration, overriding existing values. ## For example: # override: # processors: # batch: # send_batch_size: 512 ## will change the batch size of the pipeline. ## ## WARNING: This field is not subject to backwards-compatibility guarantees offered by the rest ## of this chart. It involves implementation details that may change even in minor versions. ## Use with caution, and consider opening an issue, so your customization can be added in a safer way. merge: {} ## Completely override existing config and replace it with the contents of this value. ## The value of this key should be a dictionary, that will replace the normal configuration. ## This is an advanced feature, use with caution, and review the generated configuration first. override: {} daemonset: ## Set securityContext for containers running in pods in log collector daemonset securityContext: windowsOptions: hostProcess: true runAsUserName: NT AUTHORITY\system ## This should be the IPs of your cluster's DNS service (kube-dns or core-dns). ## It will modify your Windows Nodes DNS settings, by setting those DNS servers as first on the list nameservers: - "..." ## Add custom labels to the otelcol daemonset labels: {} ## Add custom annotations to the otelcol daemonset annotations: {} ## Add custom labels to all otelcol daemonset pods podLabels: {} ## Add custom annotations to all otelcol daemonset pods podAnnotations: {} resources: limits: memory: 1Gi cpu: 1000m requests: memory: 32Mi cpu: 100m ## Option to define priorityClassName to assign a priority class to pods. ## If not set then temaplates/priorityclass.yaml is used. priorityClassName: ## Set securityContext for containers running in pods in log collector daemonset containers: otelcol: securityContext: capabilities: drop: - ALL ## Set securityContext and image for initContainers running in pods in log collector daemonset initContainers: prepare: image: repository: "mcr.microsoft.com/windows/nanoserver" tag: "ltsc2019" pullPolicy: IfNotPresent securityContext: capabilities: drop: - ALL nodeSelector: {} tolerations: - effect: NoSchedule operator: Exists affinity: {} ## Extra Environment Values - allows yaml definitions # extraEnvVars: # - name: VALUE_FROM_SECRET # valueFrom: # secretKeyRef: # name: secret_name # key: secret_key # extraVolumes: # - name: es-certs # secret: # defaultMode: 420 # secretName: es-certs # extraVolumeMounts: # - name: es-certs # mountPath: /certs # readOnly: true ## additionalDaemonSets allows to set daemonsets with affinity, nodeSelector and resources ## different than the main DaemonSet ## Be careful and set nodeAffinity for the main DaemonSet, ## as we do not support multiple pods of otellogs on the same node ## ## e.g: ## additionalDaemonSets: ## linux: ## nodeSelector: ## kubernetes.io/os: linux ## resources: ## limits: ## memory: 1Gi ## cpu: 6 ## requests: ## memory: 32Mi ## cpu: 2 ## daemonset: ## affinity: ## nodeAffinity: ## requiredDuringSchedulingIgnoredDuringExecution: ## nodeSelectorTerms: ## - matchExpressions: ## - key: kubernetes.io/os ## operator: NotIn ## values: ## - linux additionalDaemonSets: {} ## Configure telegraf-operator ## ref: https://github.com/influxdata/helm-charts/blob/master/charts/telegraf-operator/values.yaml telegraf-operator: enabled: false ## Put here the new name if you want to override the full name used for Telegraf Operator components. # fullnameOverride: "" image: sidecarImage: public.ecr.aws/sumologic/telegraf:1.21.2 repository: public.ecr.aws/sumologic/telegraf-operator replicaCount: 1 classes: secretName: "telegraf-operator-classes" default: "sumologic-prometheus" data: sumologic-prometheus: | [[outputs.prometheus_client]] ## Configuration details: ## https://github.com/influxdata/telegraf/tree/master/plugins/outputs/prometheus_client#configuration listen = ":9273" metric_version = 2 ## Disable the default collectors collectors_exclude = ["gocollector", "process"] ## Telegraf operator adds the internal plugin by default, and the Helm Chart doesn't let us disable it ## Instead, drop the metrics at the output namedrop = ["internal*"] # imagePullSecrets: [] ## Configure Falco ## Please note that Falco is embedded in this Helm Chart for user convenience only - Sumo Logic does not provide production support for it ## This is an experimental configuration and shouldn't be used in production environment ## https://github.com/falcosecurity/charts/tree/master/falco falco: enabled: false ## Put here the new name if you want to override the full name used for Falco components. # fullnameOverride: "" # imagePullSecrets: [] image: registry: public.ecr.aws repository: sumologic/falco-no-driver ## Add kernel-devel package through MachineConfig, required to enable building of missing falco modules (only for OpenShift) addKernelDevel: true extra: initContainers: ## Add initContainer to wait until kernel-devel is installed on host - name: init-falco image: public.ecr.aws/sumologic/busybox:1.36.0 command: - "sh" - "-c" - | while [ -f /host/etc/redhat-release ] && [ -z "$(ls /host/usr/src/kernels)" ] ; do echo "waiting for kernel headers to be installed" sleep 3 done volumeMounts: - mountPath: /host/usr name: usr-fs readOnly: true - mountPath: /host/etc name: etc-fs readOnly: true driver: ## Set to epbf to enable eBPF support for Falco instead of falco-probe kernel module. ## https://help.sumologic.com/docs/send-data/kubernetes/troubleshoot-collection#falco-and-google-kubernetes-engine-gke kind: module loader: initContainer: image: registry: public.ecr.aws repository: sumologic/falco-driver-loader falco: load_plugins: - json - k8saudit json_output: true ## The location of the rules file(s). This can contain one or more paths to ## separate rules files. ## Explicitly add missing /etc/falco/rules.available/application_rules.yaml ## before https://github.com/falcosecurity/charts/issues/230 gets resolved. rules_file: - /etc/falco/falco_rules.yaml - /etc/falco/falco_rules.local.yaml - /etc/falco/k8s_audit_rules.yaml - /etc/falco/rules.d - /etc/falco/rules.available/application_rules.yaml falcoctl: artifact: follow: enabled: false install: enabled: false customRules: ## Mark the following as known k8s api callers: ## * prometheus ## * prometheus operator ## * telegraf operator ## * grafana sidecar rules_user_known_k8s_api_callers.yaml: |- - macro: user_known_contact_k8s_api_server_activities condition: > (container.image.repository = "quay.io/prometheus/prometheus") or (container.image.repository = "quay.io/coreos/prometheus-operator") or (container.image.repository = "quay.io/influxdb/telegraf-operator") or (container.image.repository = "kiwigrid/k8s-sidecar") rules_user_sensitive_mount_containers.yaml: |- - macro: user_sensitive_mount_containers condition: > (container.image.repository = "falcosecurity/falco") or (container.image.repository = "quay.io/prometheus/node-exporter") ## NOTE: kube-proxy not exact matching because of regional ecr e.g. ## 602401143452.dkr.ecr.us-west-1.amazonaws.com/eks/kube-proxy rules_user_privileged_containers.yaml: |- - macro: user_privileged_containers condition: > (container.image.repository endswith ".amazonaws.com/eks/kube-proxy") ## Configure Tailing Sidecar Operator ## ref: https://github.com/SumoLogic/tailing-sidecar/blob/main/helm/tailing-sidecar-operator/values.yaml tailing-sidecar-operator: enabled: false ## Put here the new name if you want to override the full name used for tailing-sidecar-operator components. # fullnameOverride: "" ## creation of Security Context Constraints in Openshift scc: create: false kubeRbacProxy: image: repository: public.ecr.aws/sumologic/kube-rbac-proxy ## Configure OpenTelemetry Operator - Instrumentation ## ref: https://github.com/open-telemetry/opentelemetry-helm-charts/tree/main/charts/opentelemetry-operator opentelemetry-operator: enabled: true ## Specific for Sumo Logic chart - Instrumentation resource creation instrumentationJobImage: image: repository: public.ecr.aws/sumologic/kubernetes-tools-kubectl tag: 2.22.0 createDefaultInstrumentation: false instrumentationNamespaces: "" instrumentation: dotnet: repository: public.ecr.aws/sumologic/autoinstrumentation-dotnet tag: 0.7.0 ## image is deprecated, it should be specified in ${repository}:${tag} format image: "" traces: enabled: true metrics: enabled: true ## Extra Environment Values - allows yaml definitions # extraEnvVars: # - name: OTEL_CUSTOM_ENV_VAR # value: my_value java: repository: public.ecr.aws/sumologic/autoinstrumentation-java tag: 1.26.0 ## image is deprecated, it should be specified in ${repository}:${tag} format image: "" traces: enabled: true metrics: enabled: true ## Extra Environment Values - allows yaml definitions # extraEnvVars: # - name: OTEL_CUSTOM_ENV_VAR # value: my_value python: repository: public.ecr.aws/sumologic/autoinstrumentation-python tag: 0.39b0 ## image is deprecated, it should be specified in ${repository}:${tag} format image: "" traces: enabled: true metrics: enabled: true ## Extra Environment Values - allows yaml definitions # extraEnvVars: # - name: OTEL_CUSTOM_ENV_VAR # value: my_value ## Current instrumentation doesn't support customization ## for nodejs. Traces are always enabled. nodejs: repository: public.ecr.aws/sumologic/autoinstrumentation-nodejs tag: 0.40.0 ## image is deprecated, it should be specified in ${repository}:${tag} format image: "" ## Extra Environment Values - allows yaml definitions # extraEnvVars: # - name: OTEL_CUSTOM_ENV_VAR # value: my_value ## Specific for OpenTelemetry Operator chart values admissionWebhooks: failurePolicy: Fail enabled: true ## skip admission webhook on our own OpenTelemetryCollector object to avoid having to wait for operator to start objectSelector: matchExpressions: - key: sumologic.com/component operator: NotIn values: ["metrics"] certManager: enabled: false issuerRef: {} manager: image: repository: public.ecr.aws/sumologic/opentelemetry-operator collectorImage: repository: "public.ecr.aws/sumologic/sumologic-otel-collector" tag: "0.92.0-sumo-0" env: {} # ENABLE_WEBHOOKS: "true" resources: limits: cpu: 250m memory: 512Mi requests: cpu: 150m memory: 256Mi kubeRBACProxy: image: repository: public.ecr.aws/sumologic/kube-rbac-proxy testFramework: image: repository: public.ecr.aws/sumologic/busybox ## pvcCleaner deletes unused PVCs pvcCleaner: metrics: enabled: false logs: enabled: false job: image: repository: public.ecr.aws/sumologic/kubernetes-tools-kubectl tag: 2.22.0 pullPolicy: IfNotPresent resources: limits: memory: 256Mi cpu: 2000m requests: memory: 64Mi cpu: 100m nodeSelector: {} ## Add custom labels ## Node tolerations for server scheduling to nodes with taints ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ ## tolerations: [] ## Affinity and anti-affinity ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity ## affinity: {} podLabels: {} ## Add custom annotations podAnnotations: {} ## Schedule for cronJobs schedule: "*/15 * * * *" ## securityContext for pvcCleaner pods securityContext: runAsUser: 1000 ## The following section is not a subject of standard support scope and should be considered experimental ## All of them are meant for debugging purposed and shouldn't be used on production environments debug: ## Use it along with `debug.sumologicMock.enabled` in order to install collection locally without accessId, accessKey enableLocalMode: false sumologicMock: enabled: false image: repository: public.ecr.aws/sumologic/sumologic-mock tag: 2.22.0-59-g245ae92 pullPolicy: IfNotPresent deployment: nodeSelector: {} tolerations: {} securityContext: {} ## Option to define priorityClassName to assign a priority class to pods. priorityClassName: ## Acceptable values for podAntiAffinity: ## soft: specifies preferences that the scheduler will try to enforce but will not guarantee (Default) ## hard: specifies rules that must be met for a pod to be scheduled onto a node podAntiAffinity: "soft" affinity: {} resources: limits: memory: 2Gi cpu: 1000m requests: memory: 768Mi cpu: 100m extraArgs: [] logs: metadata: print: false forwardToSumologicMock: false stopLogsIngestion: false collector: print: false stopLogsIngestion: false otellogswindows: print: false stopLogsIngestion: false metrics: metadata: print: false forwardToSumologicMock: false stopLogsIngestion: false collector: print: false stopLogsIngestion: false instrumentation: otelcolInstrumentation: print: false stopLogsIngestion: false tracesGateway: print: false stopLogsIngestion: false tracesSampler: print: false stopLogsIngestion: false forwardToSumologicMock: false events: print: false stopLogsIngestion: false forwardToSumologicMock: false