Update fluentd-gcp DaemonSet

- Use a dedicated service account to run the fluentd-gcp DS
- Update prometheus-to-sd from v0.1.3 to v0.2.1
- Use the certificates in the prometheus-to-sd image rather than mounting the host certs
This commit is contained in:
Tim Allclair 2017-10-18 14:58:32 -07:00
parent 76f198399b
commit b18edfec7a
No known key found for this signature in database
GPG Key ID: 434D16BCEF479EAB

View File

@ -1,3 +1,12 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: fluentd-gcp
namespace: kube-system
labels:
kubernetes.io/cluster-service: "true"
addonmanager.kubernetes.io/mode: Reconcile
---
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
@ -23,6 +32,7 @@ spec:
annotations:
scheduler.alpha.kubernetes.io/critical-pod: ''
spec:
serviceAccountName: fluentd-gcp
dnsPolicy: Default
hostNetwork: true
containers:
@ -90,9 +100,6 @@ spec:
- --stackdriver-prefix={{ prometheus_to_sd_prefix }}/addons
- --api-override={{ prometheus_to_sd_endpoint }}
- --whitelisted-metrics=stackdriver_successful_requests_count,stackdriver_failed_requests_count,stackdriver_ingested_entries_count,stackdriver_dropped_entries_count
volumeMounts:
- name: ssl-certs
mountPath: /etc/ssl/certs
# END_PROMETHEUS_TO_SD
nodeSelector:
beta.kubernetes.io/fluentd-ds-ready: "true"
@ -118,6 +125,3 @@ spec:
- name: config-volume
configMap:
name: fluentd-gcp-config-v1.2.2
- name: ssl-certs
hostPath:
path: /etc/ssl/certs