fluent / helm-charts

Helm Charts for Fluentd and Fluent Bit
Apache License 2.0
380 stars 456 forks source link

Add a service.externalTrafficPolicy to the values and service.yaml #214

Open andrevcf opened 2 years ago

andrevcf commented 2 years ago

I'm running the fluentd charts on AKS (Azure) and the configuration with transport tls dont work because of the Health check done by the Azure Load Balancer that is a TCP LoadBalancer and don't recognize the TLS/SSL.

I installed the helm with values.yaml:

service:
  type: "LoadBalancer"
  annotations: 
    service.beta.kubernetes.io/azure-load-balancer-internal: "true"
  ports: 
  - name: "forwarder"
    protocol: TCP
    containerPort: 24224
...

fileConfigs.01_sources.conf:

<source>
      @type forward
      <transport tls>
        cert_path /fluentd/certs/fluentd.crt
        private_key_path /fluentd/certs/fluentd.key
      </transport>
      <security>
        user_auth true
        self_hostname fluentd-legacy
        shared_key "#{ENV['FLUENTD_SHAREDKEY']}"
        <user>
          username "#{ENV['CLIENT1_USERNAME']}"
          password "#{ENV['CLIENT1_PASSWORD']}"
        </user>
      </security>
    </source>
...

If I change the externalTrafficPolicy: Local on the service, then everything works like a charm.

Please, add the option service.externalTrafficPolicy and add the default value to be "Cluster".

mkilchhofer commented 1 month ago

I think this is fixed via:

, right?