diff --git a/fluentd/.helmignore b/fluentd/.helmignore
new file mode 100644
index 0000000000000000000000000000000000000000..50af0317254197a5a019f4ac2f8ecc223f93f5a7
--- /dev/null
+++ b/fluentd/.helmignore
@@ -0,0 +1,22 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/fluentd/Chart.yaml b/fluentd/Chart.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..d4a73c8b30694ed59e56f823f22037854e9198a2
--- /dev/null
+++ b/fluentd/Chart.yaml
@@ -0,0 +1,5 @@
+apiVersion: v1
+appVersion: "1.0"
+description: A Helm chart for Kubernetes
+name: fluentd
+version: 1.0.0
diff --git a/fluentd/templates/_helpers.tpl b/fluentd/templates/_helpers.tpl
new file mode 100644
index 0000000000000000000000000000000000000000..863036c230daf5e3cf00c5ae3ed5fd8df5127f7f
--- /dev/null
+++ b/fluentd/templates/_helpers.tpl
@@ -0,0 +1,32 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "fluentd.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "fluentd.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "fluentd.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
diff --git a/fluentd/templates/configmap.yaml b/fluentd/templates/configmap.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..bc72ee6e2deb1330379b78e785932505f9a19267
--- /dev/null
+++ b/fluentd/templates/configmap.yaml
@@ -0,0 +1,21 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ .Release.Name }}-config
+ namespace: logging
+data:
+ filter_tags.conf: |-
+
+ @type record_transformer
+ enable_ruby true
+ remove_keys kubernetes_namespace_container_name,CONTAINER_ID,CONTAINER_ID_FULL,CONTAINER_NAME,CONTAINER_TAG,$["system.argv"],$["system.exe"],$["system.process-name"],$["kubernetes"]["container_image_id"],$["kubernetes"]["master_url"],$["kubernetes"]["namespace_id"],$["kubernetes"]["pod_id"],$["kubernetes"]["namespace_labels"]["name"],$["kubernetes"]["namespace_labels"]["istio-injection"],$["kubernetes"]["labels"]["pod-template-hash"],$["kubernetes"]["labels"]["pod-template-generation"],$["kubernetes"]["labels"]["controller-revision-hash"],$["kubernetes"]["labels"]["statefulset_kubernetes_io/pod-name"],$["docker"]["container_id"]
+
+
+
+ @type record_modifier
+
+ type k8s
+ message ${record["MESSAGE"]}
+
+ remove_keys MESSAGE
+
diff --git a/fluentd/templates/daemonset.yaml b/fluentd/templates/daemonset.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..cd925cf1953dad9e0ed63e0cb575c1a0c8b6f85e
--- /dev/null
+++ b/fluentd/templates/daemonset.yaml
@@ -0,0 +1,53 @@
+apiVersion: extensions/v1beta1
+kind: DaemonSet
+metadata:
+ name: {{ template "fluentd.fullname" . }}
+ namespace: logging
+ labels:
+ k8s-app: {{ template "fluentd.name" . }}
+ kubernetes.io/cluster-service: "true"
+spec:
+ template:
+ metadata:
+ labels:
+ k8s-app: {{ template "fluentd.name" . }}
+ kubernetes.io/cluster-service: "true"
+ spec:
+ serviceAccount: {{ template "fluentd.name" . }}
+ serviceAccountName: {{ template "fluentd.name" . }}
+ tolerations:
+ - key: node-role.kubernetes.io/master
+ effect: NoSchedule
+ containers:
+ - name: fluentd
+ image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+ env:
+ - name: LOGZIO_TOKEN
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "fluentd.fullname" . }}-logzio
+ key: token
+ - name: LOGZIO_URL
+ value: {{ .Values.logzio.url }}
+ resources:
+{{ toYaml .Values.initResources | indent 10 }}
+ volumeMounts:
+ - name: varlog
+ mountPath: /var/log
+ - name: varlibdockercontainers
+ mountPath: /var/lib/docker/containers
+ readOnly: true
+ - mountPath: /fluentd/etc/conf.d/filter_tags.conf
+ name: config-volume
+ subPath: filter_tags.conf
+ terminationGracePeriodSeconds: 30
+ volumes:
+ - name: config-volume
+ configMap:
+ name: {{ .Release.Name }}-config
+ - name: varlog
+ hostPath:
+ path: /var/log
+ - name: varlibdockercontainers
+ hostPath:
+ path: /var/lib/docker/containers
diff --git a/fluentd/templates/fluentd-logzio-sealedsecret.yaml b/fluentd/templates/fluentd-logzio-sealedsecret.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..e6c3cbef12e05d6b1edc72834caff737dd426604
--- /dev/null
+++ b/fluentd/templates/fluentd-logzio-sealedsecret.yaml
@@ -0,0 +1,12 @@
+apiVersion: bitnami.com/v1alpha1
+kind: SealedSecret
+metadata:
+ name: {{ template "fluentd.fullname" . }}-logzio
+ labels:
+ app: {{ template "fluentd.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version }}
+ component: "{{ template "fluentd.name" . }}-logzio"
+ release: {{ .Release.Name }}
+spec:
+ encryptedData:
+ token: {{ .Values.logzio.token }}
diff --git a/fluentd/templates/rbac.yaml b/fluentd/templates/rbac.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..c5b6c062b375505200e484f3ee3e68eef80d8c7a
--- /dev/null
+++ b/fluentd/templates/rbac.yaml
@@ -0,0 +1,37 @@
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: {{ template "fluentd.name" . }}
+ namespace: logging
+
+---
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRole
+metadata:
+ name: {{ template "fluentd.name" . }}
+ namespace: logging
+rules:
+- apiGroups:
+ - ""
+ resources:
+ - pods
+ - namespaces
+ verbs:
+ - get
+ - list
+ - watch
+
+---
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1beta1
+metadata:
+ name: {{ template "fluentd.name" . }}
+roleRef:
+ kind: ClusterRole
+ name: {{ template "fluentd.name" . }}
+ apiGroup: rbac.authorization.k8s.io
+subjects:
+- kind: ServiceAccount
+ name: {{ template "fluentd.name" . }}
+ namespace: logging
diff --git a/fluentd/values.yaml b/fluentd/values.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..aa62d4d03eb366f76083b6b018703231fc28a229
--- /dev/null
+++ b/fluentd/values.yaml
@@ -0,0 +1,47 @@
+image:
+ repository: logzio/logzio-k8s
+ tag: latest
+ pullPolicy: IfNotPresent
+
+nameOverride: "fluentd"
+fullnameOverride: ""
+
+logzio:
+ url: "https://listener.logz.io:8071"
+ token: "AgBVcFYvguioMm3uKupibxvr1uwWQJxjxfknvkHQA5Z2sZ1HO6V8qm3wAM3UdjBAuwfP/jAD7NeP9b/41AdsYYxOLWMBM6iSBeupdHYldzvgblC7KGZUQNubFufGLNR/sa80MyOk+MBNEpxdALI3Np9s0HxifAzTIL6AKBcWUmSGsUu6Ppysvj7OGloOZ8X95wIrs2pV4VTHMDKB59tmZ4GrH7iW9+HSbivKpK4AhibAAu+BgDw6J0ISfImFSm6B6cg9tWCSOl49SpWPcxpsY0eZO+pj62pcJ2yTysZJiNbAU4+IagHMMPkKX1jT9pPKqITAxO1C6SmXqmJf9omFkXyKMAquOBEeg2cVYyJDsXRPf6KoZ1itz+qQeGZ6zkk0ltU/cYBC0flm2ZridJl1Ac0dFAagdgi13gnj561vOCysudjpNBs5dX7aP5gmcf0t7xnEnjZk2x3rV+hzVFaWttfc1RZCnhV+QGRapGjBAK4OKMaFDaaqdMbk8omkmavm9Lnl8QMwSxiPy8VYCj5EUM/I/wW1CaOUiS4q7MoJYwCDI9+W2SOVD/QOI2SBHu46qwnLs4Wev/oiTA/adghBlveSakwxqF62E5sym0nXzd7Jis02EvjDMpkbjINQ1/Lz5WzF85Ouc66gGPnddNy4aIRppRsP3RQfZSsUA9G4UR4xlUymMGLw2/ztCGT7PKVGiRKTYBZ+76Jd3iq5CEemyj/hxLhE0Y9zzUcGCStiefKMig=="
+
+ingress:
+ enabled: false
+ annotations: {}
+ # kubernetes.io/ingress.class: nginx
+ # kubernetes.io/tls-acme: "true"
+ hosts:
+ - host: chart-example.local
+ paths: []
+
+ tls: []
+ # - secretName: chart-example-tls
+ # hosts:
+ # - chart-example.local
+
+initResources:
+ limits:
+ memory: 200Mi
+ requests:
+ cpu: 100m
+ memory: 200Mi
+
+# filters:
+ # kubernetes:
+ # type: "record_transformer"
+ # removeKeys: "kubernetes_namespace_container_name,CONTAINER_ID,CONTAINER_ID_FULL,CONTAINER_NAME,CONTAINER_TAG,$["system.argv"],$["system.exe"],$["system.process-name"],$["kubernetes"]["container_image_id"],$["kubernetes"]["master_url"],$["kubernetes"]["namespace_id"],$["kubernetes"]["pod_id"],$["kubernetes"]["namespace_labels"]["name"],$["kubernetes"]["namespace_labels"]["istio-injection"],$["kubernetes"]["labels"]["pod-template-hash"],$["kubernetes"]["labels"]["pod-template-generation"],$["kubernetes"]["labels"]["controller-revision-hash"],$["kubernetes"]["labels"]["statefulset_kubernetes_io/pod-name"],$["docker"]["container_id"]"
+
+ # kubelet:
+ # type: "record_modifier"
+
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}