summaryrefslogtreecommitdiffstats
path: root/roles/openshift_logging/tasks/install_fluentd.yaml
blob: 6f93081d7959429f048dd46068f8aa7196cf4c96 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49

---
- command: >
    echo "{{ (openshift_logging_use_ops) | ternary(openshift_logging_es_ops_host, openshift_logging_es_host) }}"
  register: fluentd_ops_host
  check_mode: no

- command: >
    echo "{{ (openshift_logging_use_ops) | ternary(openshift_logging_es_ops_port, openshift_logging_es_port) }}"
  register: fluentd_ops_port
  check_mode: no

- command: >
    echo "{{openshift_logging_fluentd_nodeselector.keys()[0]}}"
  register: openshift_logging_fluentd_nodeselector_key
  check_mode: no

- command: >
    echo "{{openshift_logging_fluentd_nodeselector.values()[0]}}"
  register: openshift_logging_fluentd_nodeselector_value
  check_mode: no

- name: Generating Fluentd daemonset
  template: src=fluentd.j2 dest={{mktemp.stdout}}/templates/logging-fluentd.yaml
  vars:
    daemonset_name: logging-fluentd
    daemonset_component: fluentd
    daemonset_container_name: fluentd-elasticsearch
    daemonset_serviceAccount: aggregated-logging-fluentd
    ops_host: "{{ fluentd_ops_host.stdout }}"
    ops_port: "{{ fluentd_ops_port.stdout }}"
    fluentd_nodeselector_key: "{{openshift_logging_fluentd_nodeselector_key.stdout}}"
    fluentd_nodeselector_value: "{{openshift_logging_fluentd_nodeselector_value.stdout}}"
  check_mode: no

- name: "Set permissions for fluentd"
  command: >
    {{ openshift.common.admin_binary}} --config={{ mktemp.stdout }}/admin.kubeconfig policy
    add-scc-to-user privileged system:serviceaccount:{{openshift_logging_namespace}}:aggregated-logging-fluentd
  register: fluentd_output
  failed_when: "fluentd_output.rc == 1 and 'exists' not in fluentd_output.stderr"
  check_mode: no

- name: "Set additional permissions for fluentd"
  command: >
    {{ openshift.common.admin_binary}} --config={{ mktemp.stdout }}/admin.kubeconfig policy
    add-cluster-role-to-user cluster-reader system:serviceaccount:{{openshift_logging_namespace}}:aggregated-logging-fluentd
  register: fluentd2_output
  failed_when: "fluentd2_output.rc == 1 and 'exists' not in fluentd2_output.stderr"
  check_mode: no
generated by cgit v1.2.1 (git 2.18.0) at 2024-04-30 10:43:29 +0000