From a469e0a8da6393c151b386be425289638535c200 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Cl=C3=A9ment=20Nussbaumer?=
 <clement.nussbaumer@postfinance.ch>
Date: Tue, 29 Oct 2024 14:40:18 +0100
Subject: [PATCH] feat: add log utils daemonset
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Clément Nussbaumer <clement.nussbaumer@postfinance.ch>
---
 log-utils/configmap.yaml | 34 ++++++++++++++++++++++
 log-utils/daemonset.yaml | 63 ++++++++++++++++++++++++++++++++++++++++
 2 files changed, 97 insertions(+)
 create mode 100644 log-utils/configmap.yaml
 create mode 100644 log-utils/daemonset.yaml

diff --git a/log-utils/configmap.yaml b/log-utils/configmap.yaml
new file mode 100644
index 0000000..5490e12
--- /dev/null
+++ b/log-utils/configmap.yaml
@@ -0,0 +1,34 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: syslog-ng-config
+data:
+  syslog-ng.conf: |
+    @version: 4.2
+    @include "scl.conf"
+
+    # Source definition for JSON logs on port 514
+    source s_json {
+        network(
+            port(514)
+            transport("udp")
+            flags(no-parse)  # Don't try to parse as syslog
+        );
+    };
+
+    # Parser for JSON format
+    parser p_json {
+        json-parser();
+    };
+
+    # Define the destination as stdout
+    destination d_stdout {
+        pipe("/dev/stdout");
+    };
+
+    # Define the log path
+    log {
+        source(s_json);
+        parser(p_json);
+        destination(d_stdout);
+    };
diff --git a/log-utils/daemonset.yaml b/log-utils/daemonset.yaml
new file mode 100644
index 0000000..4ae2236
--- /dev/null
+++ b/log-utils/daemonset.yaml
@@ -0,0 +1,63 @@
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  labels:
+    k8s-app: logs-utils
+  name: logs-utils
+  namespace: kube-system
+spec:
+  selector:
+    matchLabels:
+      k8s-app: logs-utils
+  template:
+    metadata:
+      labels:
+        k8s-app: logs-utils
+    spec:
+      containers:
+        - image: balabit/syslog-ng
+          imagePullPolicy: Always
+          # readinessProbe: TODO ?
+          name: rpcbind
+          volumeMounts:
+            - mountPath: /etc/syslog-ng
+              name: syslog-ng-config
+          ports:
+            - protocol: UDP
+              containerPort: 514
+              hostPort: 514
+
+          resources:
+            {}
+            # add:
+            # - CHOWN
+            # - KILL
+            # - NET_ADMIN
+            # - NET_RAW
+            # - IPC_LOCK
+            # - SYS_ADMIN
+            # - SYS_RESOURCE
+            # - DAC_OVERRIDE
+            # - FOWNER
+            # - SETGID
+            # - SETUID
+            # drop:
+            # - ALL
+            # seLinuxOptions:
+            # level: s0
+            # type: spc_t
+          # startupProbe:
+          # failureThreshold: 105
+      priorityClassName: system-node-critical
+      dnsPolicy: ClusterFirst
+      restartPolicy: Always
+      terminationGracePeriodSeconds: 1
+      volumes:
+        - name: syslog-ng-config
+          configMap:
+            name: syslog-ng-config
+            items:
+              - key: syslog-ng.conf
+                path: syslog-ng.conf
+      tolerations:
+        - operator: Exists