Skip to content
This repository has been archived by the owner on May 16, 2023. It is now read-only.

Commit

Permalink
[filebeat] disable host networking by default
Browse files Browse the repository at this point in the history
  • Loading branch information
@jmlrt
jmlrt committed Dec 6, 2019
1 parent cbd672a commit 538af31
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 4 deletions.
7 changes: 4 additions & 3 deletions filebeat/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ This helm chart is a lightweight way to configure and run our official [Filebeat
## Usage notes and getting started
* The default Filebeat configuration file for this chart is configured to use an Elasticsearch endpoint. Without any additional changes, Filebeat will send documents to the service URL that the Elasticsearch helm chart sets up by default. You may either set the `ELASTICSEARCH_HOSTS` environment variable in `extraEnvs` to override this endpoint or modify the default `filebeatConfig` to change this behavior.
* The default Filebeat configuration file is also configured to capture container logs and enrich them with Kubernetes metadata by default. This will capture all container logs in the cluster.
* This chart disables the [HostNetwork](https://kubernetes.io/docs/concepts/policy/pod-security-policy/#host-namespaces) setting by default for compatibility reasons with the majority of kubernetes providers and scenarios. Some kubernetes providers may not allow enabling `hostNetwork` and deploying multiple Filebeat pods on the same node isn't possible with `hostNetwork`. However Filebeat does recommend activating it. If your kubernetes provider is compatible with `hostNetwork` and you don't need to run multiple Filebeat daemonsets, you can activate it [here](./values.yaml#L36).

## Installing

Expand Down Expand Up @@ -59,10 +60,10 @@ helm install --name filebeat elastic/filebeat --set imageTag=7.5.0
| ------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------- |
| `filebeatConfig` | Allows you to add any config files in `/usr/share/filebeat` such as `filebeat.yml`. See [values.yaml](./values.yaml) for an example of the formatting with the default configuration. | see [values.yaml](./values.yaml) |
| `extraEnvs` | Extra [environment variables](https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config) which will be appended to the `env:` definition for the container | `[]` |
| `extraVolumeMounts` | List of additional volumeMounts to be mounted on the Daemonset | `""` |
| `extraVolumes` | List of additional volumes to be mounted on the Daemonset | `""` |
| `extraVolumeMounts` | List of additional volumeMounts to be mounted on the Daemonset | `""` |
| `extraVolumes` | List of additional volumes to be mounted on the Daemonset | `""` |
| `hostPathRoot` | Fully-qualified [hostPath](https://kubernetes.io/docs/concepts/storage/volumes/#hostpath) that will be used to persist Filebeat registry data | `/var/lib` |
| `hostNetworking` | Use host networking in the daemonset so that hostname is reported correctly
| `hostNetworking` | Use host networking in the daemonset so that hostname is reported correctly | `false` |
| `image` | The Filebeat docker image | `docker.elastic.co/beats/filebeat` |
| `imageTag` | The Filebeat docker image tag | `7.5.0` |
| `imagePullPolicy` | The Kubernetes [imagePullPolicy](https://kubernetes.io/docs/concepts/containers/images/#updating-images) value | `IfNotPresent` |
Expand Down
2 changes: 1 addition & 1 deletion filebeat/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ extraVolumes: []

# Root directory where Filebeat will write data to in order to persist registry data across pod restarts (file position and other metadata).
hostPathRoot: /var/lib
hostNetworking: true
hostNetworking: false
image: "docker.elastic.co/beats/filebeat"
imageTag: "7.5.0"
imagePullPolicy: "IfNotPresent"
Expand Down

0 comments on commit 538af31

Please sign in to comment.