newrelic/newrelic-logging

Chart version: 1.4.2
Api version: v1
App version: 1.4.3
A Helm chart to deploy New Relic Kubernetes Logging as a DaemonSet
application
Chart Type
Active
Status
Unknown
License
1723
Downloads
https://helm-charts.newrelic.com
Set me up:
helm repo add center https://repo.chartcenter.io
Install Chart:
helm install newrelic-logging center/newrelic/newrelic-logging
Versions (0)

newrelic-logging

Chart Details

New Relic offers a Fluent Bit output plugin to easily forward your logs to New Relic Logs. This plugin is also provided in a standalone Docker image that can be installed in a Kubernetes cluster in the form of a DaemonSet, which we refer as the Kubernetes plugin.

This document explains how to install it in your cluster, either using a Helm chart (recommended), or manually by applying Kubernetes manifests.

Installation

Install using the Helm chart (recommended)

  1. Install Helm following the official instructions.

  2. Add the New Relic official Helm chart repository following these instructions

  3. Run the following command to install the New Relic Logging Kubernetes plugin via Helm, replacing the placeholder value YOUR_LICENSE_KEY with your New Relic license key:

    • Helm 3 sh helm install newrelic-logging newrelic/newrelic-logging --set licenseKey=YOUR_LICENSE_KEY * Helm 2 sh helm install newrelic/newrelic-logging --name newrelic-logging --set licenseKey=YOUR_LICENSE_KEY

For EU users, add `–set endpoint=https://log-api.eu.newrelic.com/log/v1 to any of the helm install commands above.

By default, tailing is set to /var/log/containers/*.log. To change this setting, provide your preferred path by adding --set fluentBit.path=DESIRED_PATH to any of the helm install commands above.

Install the Kubernetes manifests manually

  1. Download the following 3 manifest files into your current working directory:

    curl https://raw.githubusercontent.com/newrelic/helm-charts/master/charts/newrelic-logging/k8s/fluent-conf.yml > fluent-conf.yml
    curl https://raw.githubusercontent.com/newrelic/helm-charts/master/charts/newrelic-logging/k8s/new-relic-fluent-plugin.yml > new-relic-fluent-plugin.yml
    curl https://raw.githubusercontent.com/newrelic/helm-charts/master/charts/newrelic-logging/k8s/rbac.yml > rbac.yml
    
    1. In the downloaded new-relic-fluent-plugin.yml file, replace the placeholder value LICENSE_KEY with your New Relic license key. > For EU users, replace the ENDPOINT environment variable to https://log-api.eu.newrelic.com/log/v1.
    2. Once the License key has been added, run the following command in your terminal or command-line interface: sh kubectl apply -f .
  2. [OPTIONAL] You can configure how the plugin parses the data by editing the parsers.conf section in the fluent-conf.yml file. For more information, see Fluent Bit’s documentation on Parsers configuration. > By default, tailing is set to /var/log/containers/*.log. To change this setting, replace the default path with your preferred path in the new-relic-fluent-plugin.yml file.

Proxy support

Since Fluent Bit Kubernetes plugin is using newrelic-fluent-bit-output we can configure the proxy support in order to set up the proxy configuration.

As environment variables
  1. Complete the step 1 in Install the Kubernetes manifests manually

  2. Modify the new-relic-fluent-plugin.yml file. Add HTTP_PROXY or HTTPS_PROXY as environment variables:

        ...
         containers:
           - name: newrelic-logging
             env:
               - name: ENDPOINT
                 value : "https://log-api.newrelic.com/log/v1"
               - name: HTTP_PROXY
                 value : "http://http-proxy-hostname:PORT" # We must always specify the protocol (either http:// or https://)
        ...
    
    1. Continue to the next steps

      Custom proxy

      If you want to set up a custom proxy (eg. using self-signed certificate):

    2. Complete the step 1 in Install the Kubernetes manifests manually

    3. Modify the fluent-conf.yml and define in the ConfigMap a caBundle.pem file with the self-signed certificate:

         ...
          [OUTPUT]
              Name  newrelic
              Match *
              licenseKey ${LICENSE_KEY}
              endpoint ${ENDPOINT}
              proxy https://https-proxy-hostname:PORT
              caBundleFile ${CA_BUNDLE_FILE}
          caBundle.pem: |
              -----BEGIN CERTIFICATE-----
              MIIB+zCCAWSgAwIBAgIQTiHC/d/NhpHFptZCIoCbNzANBgkrhtiG9w0BAQsFADAS
              MBAwDgYDVQQKEwdBY23lIENvMCAXDTcwMDEwMTYwMDBwMFoYDzIwODQwMTI5MTYw
              ...
              ekFR5glcUVWoFru+EMj4WKmbRATUe3cYQRCThzO2hQ==
              -----END CERTIFICATE-----
         ...
      
    1. Modify new-relic-fluent-plugin.yml and define the CA_BUNDLE_FILE environment variable pointing to the created ConfigMap file: yaml ... containers: - name: newrelic-logging env: - name: ENDPOINT value : "https://log-api.newrelic.com/log/v1" - name: CA_BUNDLE_FILE value: /fluent-bit/etc/caBundle.pem ... 4. Continue to the next steps ## Configuration See values.yaml for the default values | Parameter | Description | Default | | ———————————————————- | —————————————————————————————————————————————————————————————————————————————————————————- | ———————————— | | global.licenseKey - licenseKey | The license key for your New Relic Account. This will be the preferred configuration option if both licenseKey and customSecret* values are specified. | | | global.customSecretName - customSecretName | Name of the Secret object where the license key is stored | | | global.customSecretLicenseKey - customSecretLicenseKey | Key in the Secret object where the license key is stored. | | | rbac.create | Enable Role-based authentication | true | | rbac.pspEnabled | Enable pod security policy support | false | | image.repository | The container to pull. | newrelic/newrelic-fluentbit-output | | image.pullPolicy | The pull policy. | IfNotPresent | | image.pullSecrets | Image pull secrets. | nil | | image.tag | The version of the container to pull. | See value in [values.yaml]| |resources| Any resources you wish to assign to the pod. | See Resources below | |priorityClassName| Scheduling priority of the pod |nil| |nodeSelector| Node label to use for scheduling |nil| |tolerations| List of node taints to tolerate (requires Kubernetes >= 1.6) | See Tolerations below | |updateStrategy| Strategy for DaemonSet updates (requires Kubernetes >= 1.6) |RollingUpdate| |serviceAccount.create| If true, a service account would be created and assigned to the deployment |true| |serviceAccount.name| The service account to assign to the deployment. IfserviceAccount.createis true then this name will be used when creating the service account | | |global.nrStaging-nrStaging| Send data to staging (requires a staging license key) |false| |fluentBit.criEnabled| We assume thatkubeletdirectly communicates with the Docker container engine. Set this totrueif your K8s installation uses [CRI](https://kubernetes.io/blog/2016/12/container-runtime-interface-cri-in-kubernetes/) instead, in order to get the logs properly parsed. |false| |fluentBit.k8sLoggingExclude| Set to "On" to allow excluding pods by adding the annotationfluentbit.io/exclude: “true”to pods you wish to exclude. |Off| ## Uninstall the Kubernetes plugin ### Uninstall via Helm (recommended) Run the following command: sh helm uninstall newrelic-logging `

Uninstall the Kubernetes manifests manually

Run the following command in the directory where you downloaded the Kubernetes manifests during the installation procedure:

kubectl delete -f .

Resources

The default set of resources assigned to the pods is shown below:

resources:
  limits:
    cpu: 500m
    memory: 128Mi
  requests:
    cpu: 250m
    memory: 64Mi

Tolerations

The default set of tolerations assigned to our daemonset is shown below:

tolerations:
  - operator: "Exists"
    effect: "NoSchedule"
  - operator: "Exists"
    effect: "NoExecute"

Troubleshooting

I am receiving “Invalid pattern for given tag”

If you are receiving the following error:

[ warn] [filter_kube] invalid pattern for given tag

In the new-relic-fluent-plugin.yml file, replace the default code /var/log/containers/*.log with the following:

/var/log/containers/*.{log}