search

humio / humio-helm-charts

Helm Charts for Humio Components
Apache License 2.0
9 stars 17 forks source link

Add support for running fluentbit in openshift #112

Closed jswoods closed 3 years ago

jswoods commented 4 years ago

To run fluentbit in openshift, we need to:

  1. Add an appropriate SCC so the pod can start
  2. Allow fluentbit to run in privileged mode so it can read /var/log on the host
  3. Add instructions/docs on how to configure the above
brightzheng100 commented 3 years ago

Yep, currently this is the workaround that I apply:

$ oc adm policy add-scc-to-user privileged -z humio-agent-fluentbit-read
$ oc patch DaemonSet humio-agent-fluentbit -p '{"spec":{"template":{"spec":{"containers":[{"name":"humio-agent","securityContext":{"privileged":true}}]}}}}'
jswoods commented 3 years ago

This has been fixed now in 0.8.25. One can set the following as per https://docs.humio.com/docs/ingesting-data/log-formats/kubernetes/#helm

humio-fluentbit:
  ...
  securityContext:
    privileged: true
  scc:
    enabled: true