# Template job config for running the log exporter on the cluster as a daemonset. # Creates everything within 'logexporter' namespace. # # Note: Since daemonsets have "AlwaysRestart" policy for pods, we provide a long # sleep-duration (24 hr) to the logexporter pods so they don't finish the work and # get restarted while some pods are still running. So it is your duty to detect # the work has been done (or use some timeout) and delete the daemonset yourself. apiVersion: v1 kind: Namespace metadata: name: {{.LogexporterNamespace}} --- apiVersion: v1 kind: Secret metadata: name: google-service-account namespace: {{.LogexporterNamespace}} type: Opaque data: service-account.json: {{.ServiceAccountCredentials}} --- apiVersion: apps/v1 kind: DaemonSet metadata: name: logexporter namespace: {{.LogexporterNamespace}} spec: selector: matchLabels: app: logexporter template: metadata: labels: app: logexporter spec: containers: - name: logexporter-test image: gcr.io/k8s-testimages/logexporter:v20200401-c3269f485 env: - name: NODE_NAME valueFrom: fieldRef: fieldPath: spec.nodeName command: - logexporter - --node-name=$(NODE_NAME) - --cloud-provider={{.CloudProvider}} - --gcs-path={{.GCSPath}} - --gcloud-auth-file-path=/etc/service-account/service-account.json - --enable-hollow-node-logs={{.EnableHollowNodeLogs}} - --dump-systemd-journal={{.DumpSystemdJournal}} - --extra-log-files={{.ExtraLogFiles}} - --extra-systemd-services={{.ExtraSystemdServices}} - --sleep-duration=24h volumeMounts: - mountPath: /etc/service-account name: service readOnly: true - mountPath: /var/log name: varlog readOnly: true - mountPath: /workspace/etc name: hostetc readOnly: true resources: requests: cpu: 10m memory: 10Mi nodeSelector: {{.NodeSelector}} volumes: - name: service secret: secretName: google-service-account - name: varlog hostPath: path: /var/log - name: hostetc hostPath: path: /etc