diff --git a/apis/fluentbit/v1alpha2/clusterinput_types.go b/apis/fluentbit/v1alpha2/clusterinput_types.go index bef1ed954..223da2c95 100644 --- a/apis/fluentbit/v1alpha2/clusterinput_types.go +++ b/apis/fluentbit/v1alpha2/clusterinput_types.go @@ -71,6 +71,8 @@ type InputSpec struct { Syslog *input.Syslog `json:"syslog,omitempty"` // TCP defines the TCP input plugin configuration TCP *input.TCP `json:"tcp,omitempty"` + // KubernetesEvents defines the KubernetesEvents input plugin configuration + KubernetesEvents *input.KubernetesEvents `json:"kubernetesEvents,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/fluentbit/v1alpha2/plugins/input/kubernetes_events_types.go b/apis/fluentbit/v1alpha2/plugins/input/kubernetes_events_types.go new file mode 100644 index 000000000..d1a55c0c9 --- /dev/null +++ b/apis/fluentbit/v1alpha2/plugins/input/kubernetes_events_types.go @@ -0,0 +1,106 @@ +package input + +import ( + "fmt" + + "github.com/fluent/fluent-operator/v2/apis/fluentbit/v1alpha2/plugins" + "github.com/fluent/fluent-operator/v2/apis/fluentbit/v1alpha2/plugins/params" +) + +// +kubebuilder:object:generate:=true + +// The KubernetesEvents input plugin allows you to collect kubernetes cluster events from kube-api server +// **For full documentation, refer to https://docs.fluentbit.io/manual/pipeline/inputs/kubernetes-events* +type KubernetesEvents struct { + // Tag name associated to all records comming from this plugin. + Tag string `json:"tag,omitempty"` + // Set a database file to keep track of recorded Kubernetes events + DB string `json:"db,omitempty"` + // Set a database sync method. values: extra, full, normal and off + DBSync string `json:"dbSync,omitempty"` + // Set the polling interval for each channel. + IntervalSec *int32 `json:"intervalSec,omitempty"` + // Set the polling interval for each channel (sub seconds: nanoseconds). + IntervalNsec *int64 `json:"intervalNsec,omitempty"` + // API Server end-point + KubeURL string `json:"kubeURL,omitempty"` + // CA certificate file + KubeCAFile string `json:"kubeCAFile,omitempty"` + // Absolute path to scan for certificate files + KubeCAPath string `json:"kubeCAPath,omitempty"` + // Token file + KubeTokenFile string `json:"kubeTokenFile,omitempty"` + // configurable 'time to live' for the K8s token. By default, it is set to 600 seconds. + // After this time, the token is reloaded from Kube_Token_File or the Kube_Token_Command. + KubeTokenTTL string `json:"kubeTokenTTL,omitempty"` + // kubernetes limit parameter for events query, no limit applied when set to 0. + KubeRequestLimit *int32 `json:"kubeRequestLimit,omitempty"` + // Kubernetes retention time for events. + KubeRetentionTime string `json:"kubeRetentionTime,omitempty"` + // Kubernetes namespace to query events from. Gets events from all namespaces by default + KubeNamespace string `json:"kubeNamespace,omitempty"` + // Debug level between 0 (nothing) and 4 (every detail). + TLSDebug *int32 `json:"tlsDebug,omitempty"` + // When enabled, turns on certificate validation when connecting to the Kubernetes API server. + TLSVerify *bool `json:"tlsVerify,omitempty"` + // Set optional TLS virtual host. + TLSVhost string `json:"tlsVhost,omitempty"` +} + +func (_ *KubernetesEvents) Name() string { + return "kubernetes_events" +} + +// implement Section() method +func (k *KubernetesEvents) Params(_ plugins.SecretLoader) (*params.KVs, error) { + kvs := params.NewKVs() + if k.Tag != "" { + kvs.Insert("Tag", k.Tag) + } + if k.DB != "" { + kvs.Insert("DB", k.DB) + } + if k.DBSync != "" { + kvs.Insert("DB_Sync", k.DBSync) + } + if k.IntervalSec != nil { + kvs.Insert("Interval_Sec", fmt.Sprint(*k.IntervalSec)) + } + if k.IntervalNsec != nil { + kvs.Insert("Interval_Nsec", fmt.Sprint(*k.IntervalNsec)) + } + if k.KubeURL != "" { + kvs.Insert("Kube_URL", k.KubeURL) + } + if k.KubeCAFile != "" { + kvs.Insert("Kube_CA_File", k.KubeCAFile) + } + if k.KubeCAPath != "" { + kvs.Insert("Kube_CA_Path", k.KubeCAPath) + } + if k.KubeTokenFile != "" { + kvs.Insert("Kube_Token_File", k.KubeTokenFile) + } + if k.KubeTokenTTL != "" { + kvs.Insert("Kube_Token_TTL", k.KubeTokenTTL) + } + if k.KubeRequestLimit != nil { + kvs.Insert("Kube_Request_Limit", fmt.Sprint(*k.KubeRequestLimit)) + } + if k.KubeRetentionTime != "" { + kvs.Insert("Kube_Retention_Time", k.KubeRetentionTime) + } + if k.KubeNamespace != "" { + kvs.Insert("Kube_Namespace", k.KubeNamespace) + } + if k.TLSDebug != nil { + kvs.Insert("tls.Debug", fmt.Sprint(*k.TLSDebug)) + } + if k.TLSVerify != nil { + kvs.Insert("tls.Verify", fmt.Sprint(*k.TLSVerify)) + } + if k.TLSVhost != "" { + kvs.Insert("tls.Vhost", k.TLSVhost) + } + return kvs, nil +} diff --git a/apis/fluentbit/v1alpha2/plugins/input/zz_generated.deepcopy.go b/apis/fluentbit/v1alpha2/plugins/input/zz_generated.deepcopy.go index 0f134424b..07b96e2a4 100644 --- a/apis/fluentbit/v1alpha2/plugins/input/zz_generated.deepcopy.go +++ b/apis/fluentbit/v1alpha2/plugins/input/zz_generated.deepcopy.go @@ -140,6 +140,46 @@ func (in *HTTP) DeepCopy() *HTTP { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KubernetesEvents) DeepCopyInto(out *KubernetesEvents) { + *out = *in + if in.IntervalSec != nil { + in, out := &in.IntervalSec, &out.IntervalSec + *out = new(int32) + **out = **in + } + if in.IntervalNsec != nil { + in, out := &in.IntervalNsec, &out.IntervalNsec + *out = new(int64) + **out = **in + } + if in.KubeRequestLimit != nil { + in, out := &in.KubeRequestLimit, &out.KubeRequestLimit + *out = new(int32) + **out = **in + } + if in.TLSDebug != nil { + in, out := &in.TLSDebug, &out.TLSDebug + *out = new(int32) + **out = **in + } + if in.TLSVerify != nil { + in, out := &in.TLSVerify, &out.TLSVerify + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubernetesEvents. +func (in *KubernetesEvents) DeepCopy() *KubernetesEvents { + if in == nil { + return nil + } + out := new(KubernetesEvents) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *MQTT) DeepCopyInto(out *MQTT) { *out = *in diff --git a/apis/fluentbit/v1alpha2/zz_generated.deepcopy.go b/apis/fluentbit/v1alpha2/zz_generated.deepcopy.go index 31496a719..03d89de61 100644 --- a/apis/fluentbit/v1alpha2/zz_generated.deepcopy.go +++ b/apis/fluentbit/v1alpha2/zz_generated.deepcopy.go @@ -1183,6 +1183,11 @@ func (in *InputSpec) DeepCopyInto(out *InputSpec) { *out = new(input.TCP) (*in).DeepCopyInto(*out) } + if in.KubernetesEvents != nil { + in, out := &in.KubernetesEvents, &out.KubernetesEvents + *out = new(input.KubernetesEvents) + (*in).DeepCopyInto(*out) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InputSpec. diff --git a/charts/fluent-operator/charts/fluent-bit-crds/crds/fluentbit.fluent.io_clusterinputs.yaml b/charts/fluent-operator/charts/fluent-bit-crds/crds/fluentbit.fluent.io_clusterinputs.yaml index a552a3ef0..77a538cd6 100644 --- a/charts/fluent-operator/charts/fluent-bit-crds/crds/fluentbit.fluent.io_clusterinputs.yaml +++ b/charts/fluent-operator/charts/fluent-bit-crds/crds/fluentbit.fluent.io_clusterinputs.yaml @@ -243,6 +243,72 @@ spec: type: string type: object type: object + kubernetesEvents: + description: KubernetesEvents defines the KubernetesEvents input plugin + configuration + properties: + db: + description: Set a database file to keep track of recorded Kubernetes + events + type: string + dbSync: + description: 'Set a database sync method. values: extra, full, + normal and off' + type: string + intervalNsec: + description: 'Set the polling interval for each channel (sub seconds: + nanoseconds).' + format: int64 + type: integer + intervalSec: + description: Set the polling interval for each channel. + format: int32 + type: integer + kubeCAFile: + description: CA certificate file + type: string + kubeCAPath: + description: Absolute path to scan for certificate files + type: string + kubeNamespace: + description: Kubernetes namespace to query events from. Gets events + from all namespaces by default + type: string + kubeRequestLimit: + description: kubernetes limit parameter for events query, no limit + applied when set to 0. + format: int32 + type: integer + kubeRetentionTime: + description: Kubernetes retention time for events. + type: string + kubeTokenFile: + description: Token file + type: string + kubeTokenTTL: + description: configurable 'time to live' for the K8s token. By + default, it is set to 600 seconds. After this time, the token + is reloaded from Kube_Token_File or the Kube_Token_Command. + type: string + kubeURL: + description: API Server end-point + type: string + tag: + description: Tag name associated to all records comming from this + plugin. + type: string + tlsDebug: + description: Debug level between 0 (nothing) and 4 (every detail). + format: int32 + type: integer + tlsVerify: + description: When enabled, turns on certificate validation when + connecting to the Kubernetes API server. + type: boolean + tlsVhost: + description: Set optional TLS virtual host. + type: string + type: object logLevel: enum: - "off" diff --git a/charts/fluent-operator/templates/fluent-operator-clusterRole.yaml b/charts/fluent-operator/templates/fluent-operator-clusterRole.yaml index 7418404a3..bbb1ebe3b 100644 --- a/charts/fluent-operator/templates/fluent-operator-clusterRole.yaml +++ b/charts/fluent-operator/templates/fluent-operator-clusterRole.yaml @@ -25,6 +25,12 @@ rules: - pods verbs: - get + - apiGroups: + - "" + resources: + - events + verbs: + - list - apiGroups: - "" resources: diff --git a/config/crd/bases/fluentbit.fluent.io_clusterinputs.yaml b/config/crd/bases/fluentbit.fluent.io_clusterinputs.yaml index a552a3ef0..77a538cd6 100644 --- a/config/crd/bases/fluentbit.fluent.io_clusterinputs.yaml +++ b/config/crd/bases/fluentbit.fluent.io_clusterinputs.yaml @@ -243,6 +243,72 @@ spec: type: string type: object type: object + kubernetesEvents: + description: KubernetesEvents defines the KubernetesEvents input plugin + configuration + properties: + db: + description: Set a database file to keep track of recorded Kubernetes + events + type: string + dbSync: + description: 'Set a database sync method. values: extra, full, + normal and off' + type: string + intervalNsec: + description: 'Set the polling interval for each channel (sub seconds: + nanoseconds).' + format: int64 + type: integer + intervalSec: + description: Set the polling interval for each channel. + format: int32 + type: integer + kubeCAFile: + description: CA certificate file + type: string + kubeCAPath: + description: Absolute path to scan for certificate files + type: string + kubeNamespace: + description: Kubernetes namespace to query events from. Gets events + from all namespaces by default + type: string + kubeRequestLimit: + description: kubernetes limit parameter for events query, no limit + applied when set to 0. + format: int32 + type: integer + kubeRetentionTime: + description: Kubernetes retention time for events. + type: string + kubeTokenFile: + description: Token file + type: string + kubeTokenTTL: + description: configurable 'time to live' for the K8s token. By + default, it is set to 600 seconds. After this time, the token + is reloaded from Kube_Token_File or the Kube_Token_Command. + type: string + kubeURL: + description: API Server end-point + type: string + tag: + description: Tag name associated to all records comming from this + plugin. + type: string + tlsDebug: + description: Debug level between 0 (nothing) and 4 (every detail). + format: int32 + type: integer + tlsVerify: + description: When enabled, turns on certificate validation when + connecting to the Kubernetes API server. + type: boolean + tlsVhost: + description: Set optional TLS virtual host. + type: string + type: object logLevel: enum: - "off" diff --git a/docs/fluentbit.md b/docs/fluentbit.md index 271056cd5..01a239973 100644 --- a/docs/fluentbit.md +++ b/docs/fluentbit.md @@ -456,6 +456,7 @@ InputSpec defines the desired state of ClusterInput | nginx | Nginx defines the Nginx input plugin configuration | *[input.Nginx](plugins/input/nginx.md) | | syslog | Syslog defines the Syslog input plugin configuration | *[input.Syslog](plugins/input/syslog.md) | | tcp | TCP defines the TCP input plugin configuration | *[input.TCP](plugins/input/tcp.md) | +| kubernetesEvents | KubernetesEvents defines the KubernetesEvents input plugin configuration | *[input.KubernetesEvents](plugins/input/kubernetesevents.md) | [Back to TOC](#table-of-contents) # MultilineParser diff --git a/docs/plugins/fluentbit/input/kubernetes_events.md b/docs/plugins/fluentbit/input/kubernetes_events.md new file mode 100644 index 000000000..9ae2c9f14 --- /dev/null +++ b/docs/plugins/fluentbit/input/kubernetes_events.md @@ -0,0 +1,23 @@ +# KubernetesEvents + +The KubernetesEvents input plugin allows you to collect kubernetes cluster events from kube-api server **For full documentation, refer to https://docs.fluentbit.io/manual/pipeline/inputs/kubernetes-events* + + +| Field | Description | Scheme | +| ----- | ----------- | ------ | +| tag | Tag name associated to all records comming from this plugin. | string | +| db | Set a database file to keep track of recorded Kubernetes events | string | +| dbSync | Set a database sync method. values: extra, full, normal and off | string | +| intervalSec | Set the polling interval for each channel. | *int32 | +| intervalNsec | Set the polling interval for each channel (sub seconds: nanoseconds). | *int64 | +| kubeURL | API Server end-point | string | +| kubeCAFile | CA certificate file | string | +| kubeCAPath | Absolute path to scan for certificate files | string | +| kubeTokenFile | Token file | string | +| kubeTokenTTL | configurable 'time to live' for the K8s token. By default, it is set to 600 seconds. After this time, the token is reloaded from Kube_Token_File or the Kube_Token_Command. | string | +| kubeRequestLimit | kubernetes limit parameter for events query, no limit applied when set to 0. | *int32 | +| kubeRetentionTime | Kubernetes retention time for events. | string | +| kubeNamespace | Kubernetes namespace to query events from. Gets events from all namespaces by default | string | +| tlsDebug | Debug level between 0 (nothing) and 4 (every detail). | *int32 | +| tlsVerify | When enabled, turns on certificate validation when connecting to the Kubernetes API server. | *bool | +| tlsVhost | Set optional TLS virtual host. | string | diff --git a/manifests/setup/fluent-operator-clusterRole.yaml b/manifests/setup/fluent-operator-clusterRole.yaml index 7418404a3..948414a81 100644 --- a/manifests/setup/fluent-operator-clusterRole.yaml +++ b/manifests/setup/fluent-operator-clusterRole.yaml @@ -25,6 +25,12 @@ rules: - pods verbs: - get + - apiGroups: + - "" + resources: + - events + verbs: + - list - apiGroups: - "" resources: diff --git a/manifests/setup/fluent-operator-crd.yaml b/manifests/setup/fluent-operator-crd.yaml index 65891784b..e82115c4e 100644 --- a/manifests/setup/fluent-operator-crd.yaml +++ b/manifests/setup/fluent-operator-crd.yaml @@ -2135,6 +2135,72 @@ spec: type: string type: object type: object + kubernetesEvents: + description: KubernetesEvents defines the KubernetesEvents input plugin + configuration + properties: + db: + description: Set a database file to keep track of recorded Kubernetes + events + type: string + dbSync: + description: 'Set a database sync method. values: extra, full, + normal and off' + type: string + intervalNsec: + description: 'Set the polling interval for each channel (sub seconds: + nanoseconds).' + format: int64 + type: integer + intervalSec: + description: Set the polling interval for each channel. + format: int32 + type: integer + kubeCAFile: + description: CA certificate file + type: string + kubeCAPath: + description: Absolute path to scan for certificate files + type: string + kubeNamespace: + description: Kubernetes namespace to query events from. Gets events + from all namespaces by default + type: string + kubeRequestLimit: + description: kubernetes limit parameter for events query, no limit + applied when set to 0. + format: int32 + type: integer + kubeRetentionTime: + description: Kubernetes retention time for events. + type: string + kubeTokenFile: + description: Token file + type: string + kubeTokenTTL: + description: configurable 'time to live' for the K8s token. By + default, it is set to 600 seconds. After this time, the token + is reloaded from Kube_Token_File or the Kube_Token_Command. + type: string + kubeURL: + description: API Server end-point + type: string + tag: + description: Tag name associated to all records comming from this + plugin. + type: string + tlsDebug: + description: Debug level between 0 (nothing) and 4 (every detail). + format: int32 + type: integer + tlsVerify: + description: When enabled, turns on certificate validation when + connecting to the Kubernetes API server. + type: boolean + tlsVhost: + description: Set optional TLS virtual host. + type: string + type: object logLevel: enum: - "off" diff --git a/manifests/setup/setup.yaml b/manifests/setup/setup.yaml index 05a53dd87..fa8401cf6 100644 --- a/manifests/setup/setup.yaml +++ b/manifests/setup/setup.yaml @@ -2135,6 +2135,72 @@ spec: type: string type: object type: object + kubernetesEvents: + description: KubernetesEvents defines the KubernetesEvents input plugin + configuration + properties: + db: + description: Set a database file to keep track of recorded Kubernetes + events + type: string + dbSync: + description: 'Set a database sync method. values: extra, full, + normal and off' + type: string + intervalNsec: + description: 'Set the polling interval for each channel (sub seconds: + nanoseconds).' + format: int64 + type: integer + intervalSec: + description: Set the polling interval for each channel. + format: int32 + type: integer + kubeCAFile: + description: CA certificate file + type: string + kubeCAPath: + description: Absolute path to scan for certificate files + type: string + kubeNamespace: + description: Kubernetes namespace to query events from. Gets events + from all namespaces by default + type: string + kubeRequestLimit: + description: kubernetes limit parameter for events query, no limit + applied when set to 0. + format: int32 + type: integer + kubeRetentionTime: + description: Kubernetes retention time for events. + type: string + kubeTokenFile: + description: Token file + type: string + kubeTokenTTL: + description: configurable 'time to live' for the K8s token. By + default, it is set to 600 seconds. After this time, the token + is reloaded from Kube_Token_File or the Kube_Token_Command. + type: string + kubeURL: + description: API Server end-point + type: string + tag: + description: Tag name associated to all records comming from this + plugin. + type: string + tlsDebug: + description: Debug level between 0 (nothing) and 4 (every detail). + format: int32 + type: integer + tlsVerify: + description: When enabled, turns on certificate validation when + connecting to the Kubernetes API server. + type: boolean + tlsVhost: + description: Set optional TLS virtual host. + type: string + type: object logLevel: enum: - "off"