Documentation
¶
Overview ¶
Package v1 contains API Schema definitions for the observability.openshift.io group to support logging
+k8s:deepcopy-gen=package,register +groupName=observability.openshift.io +k8s:openapi-gen=true +kubebuilder:object:generate=true
Package v1 contains API Schema definitions for the observability v1 API group ¶
+kubebuilder:object:generate=true +k8s:deepcopy-gen=package,register +groupName=observability.openshift.io
Index ¶
- Constants
- Variables
- type Application
- type ApplicationSource
- type Audit
- type AuditSource
- type AzureMonitor
- type AzureMonitorAuthentication
- type BaseOutputTuningSpec
- type BearerToken
- type BearerTokenFrom
- type BearerTokenSecretKey
- type Cloudwatch
- type CloudwatchAWSAccessKey
- type CloudwatchAuthType
- type CloudwatchAuthentication
- type CloudwatchIAMRole
- type CloudwatchTuningSpec
- type ClusterLogForwarder
- type ClusterLogForwarderList
- type ClusterLogForwarderSpec
- type ClusterLogForwarderStatus
- type CollectorSpec
- type ContainerInputTuningSpec
- type DeliveryMode
- type DropCondition
- type DropTest
- type Elasticsearch
- type ElasticsearchTuningSpec
- type EnrichmentType
- type FieldPath
- type FilterSpec
- type FilterType
- type GoogleCloudLogging
- type GoogleCloudLoggingAuthentication
- type GoogleCloudLoggingId
- type GoogleCloudLoggingIdType
- type GoogleCloudLoggingTuningSpec
- type HTTP
- type HTTPAuthentication
- type HTTPReceiver
- type HTTPReceiverFormat
- type HTTPTuningSpec
- type Infrastructure
- type InfrastructureSource
- type InputSpec
- type InputTLSSpec
- type InputType
- type Kafka
- type KafkaAuthentication
- type KafkaTuningSpec
- type KubeAPIAudit
- type LimitSpec
- type Loki
- type LokiStack
- type LokiStackAuthentication
- type LokiStackDataModel
- type LokiStackLabelKeys
- type LokiStackTarget
- type LokiStackTenantLabelKeys
- type LokiTuningSpec
- type ManagementState
- type NamespaceContainerSpec
- type OTLP
- type OTLPTuningSpec
- type OutputSpec
- type OutputTLSSpec
- type OutputType
- type PipelineSpec
- type PruneFilterSpec
- type ReceiverSpec
- type ReceiverType
- type SASLAuthentication
- type SecretReference
- type ServiceAccount
- type Splunk
- type SplunkAuthentication
- type SplunkTuningSpec
- type Syslog
- type SyslogRFCType
- type SyslogTuningSpec
- type TLSSpec
- type URL
- type URLSpec
- type ValueReference
Constants ¶
const ( // ConditionTrue means the condition is met ConditionTrue = metav1.ConditionTrue // ConditionFalse means the condition is not met ConditionFalse = metav1.ConditionFalse // ConditionUnknown means unable to determine the condition ConditionUnknown = metav1.ConditionUnknown // ConditionTypeAuthorized identifies the state of authorization for the service ConditionTypeAuthorized = GroupName + "/Authorized" ConditionTypeLogLevel = GroupName + "/LogLevel" // ConditionTypeReady indicates the service is ready. // // Ready=True means the operands are running and providing some service. // Ready=False means the operands cannot provide any service, and // the operator cannot recover without some external change. Either // the spec is invalid, or there is some environmental problem that is // outside the operator's control. ConditionTypeReady string = "Ready" // ConditionTypeValid identifies the state of validation for the service ConditionTypeValid = GroupName + "/Valid" // ConditionTypeValidInputPrefix prefixes a named input to identify its validation state ConditionTypeValidInputPrefix = GroupName + "/ValidInput" // ConditionTypeValidOutputPrefix prefixes a named output to identify its validation state ConditionTypeValidOutputPrefix = GroupName + "/ValidOutput" // ConditionTypeValidPipelinePrefix prefixes a named pipeline to identify its validation state ConditionTypeValidPipelinePrefix = GroupName + "/ValidPipeline" // ConditionTypeValidFilterPrefix prefixes a named filter to identify its validation state ConditionTypeValidFilterPrefix = GroupName + "/ValidFilter" // ReasonClusterRolesExist means the collector serviceAccount is bound to all the cluster roles needed to collect a log_type ReasonClusterRolesExist = "ClusterRolesExist" // ReasonClusterRoleMissing means the collector serviceAccount is missing one or more clusterRoles needed to collect a log_type ReasonClusterRoleMissing = "ClusterRoleMissing" // ReasonDeploymentError means an error occurred trying to deploy the collector or some related component ReasonDeploymentError = "DeploymentError" // ReasonInitializationFailed indicates a failure initializing the reconciliation context ReasonInitializationFailed = "InitializationFailed" // ReasonFailureToRemoveStaleWorkload indicates a failure removing a stale workload after the deployment type changes ReasonFailureToRemoveStaleWorkload = "FailureToRemoveStaleWorkload" // ReasonManagementStateUnmanaged is used when the workload is in an Unmanaged state ReasonManagementStateUnmanaged = "ManagementStateUnmanaged" // ReasonMissingSpec applies when a type is specified without a defined spec (e.g. type application without obs.Application) ReasonMissingSpec = "MissingSpec" // ReasonLogLevelSupported indicates the support for the log level annotation value ReasonLogLevelSupported = "LogLevelSupported" // ReasonReconciliationComplete when the operator has initialized, validated, and deployed the resources for the workload ReasonReconciliationComplete = "ReconciliationComplete" // ReasonServiceAccountDoesNotExist when the ServiceAccount is not found ReasonServiceAccountDoesNotExist = "ServiceAccountDoesNotExist" // ReasonServiceAccountCheckFailure when there is a failure retrieving the ServiceAccount ReasonServiceAccountCheckFailure = "ServiceAccountCheckFailure" // ReasonValidationSuccess is used when validation succeeds. ReasonValidationSuccess = "ValidationSuccess" // ReasonValidationFailure is used when validation fails. ReasonValidationFailure = "ValidationFailure" // ReasonUnknownState is used when the operator can not determine the state of the deployment ReasonUnknownState = "UnknownState" )
const (
GroupName = "observability.openshift.io"
)
Variables ¶
var ( // GroupVersion is group version used to register these objects GroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1"} // SchemeBuilder is used to add go types to the GroupVersionKind scheme SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} // AddToScheme adds the types in this group-version to the given scheme. AddToScheme = SchemeBuilder.AddToScheme )
var ( AuditSources = []AuditSource{ AuditSourceKube, AuditSourceOpenShift, AuditSourceAuditd, AuditSourceOVN, } )
var ( FilterTypes = []FilterType{ FilterTypeOpenshiftLabels, FilterTypeDetectMultiline, FilterTypeDrop, FilterTypeKubeAPIAudit, FilterTypeParse, FilterTypePrune, } )
var ( InfrastructureSources = []InfrastructureSource{ InfrastructureSourceNode, InfrastructureSourceContainer, } )
var ( InputTypes = []InputType{ InputTypeApplication, InputTypeInfrastructure, InputTypeAudit, InputTypeReceiver, } )
var ( // OutputTypes contains all supported output types. OutputTypes = []OutputType{ OutputTypeAzureMonitor, OutputTypeCloudwatch, OutputTypeElasticsearch, OutputTypeGoogleCloudLogging, OutputTypeHTTP, OutputTypeKafka, OutputTypeLoki, OutputTypeLokiStack, OutputTypeSplunk, OutputTypeSyslog, OutputTypeOTLP, } )
var ( ReceiverTypes = []ReceiverType{ ReceiverTypeHTTP, ReceiverTypeSyslog, } )
Functions ¶
This section is empty.
Types ¶
type Application ¶
type Application struct {
// Selector for logs from pods with matching labels.
//
// Only messages from pods with these labels are collected.
//
// If absent or empty, logs are collected regardless of labels.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Pod Selector",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:selector:core:v1:Pod"}
Selector *metav1.LabelSelector `json:"selector,omitempty"`
// Tuning is the container input tuning spec for this container sources
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Input Tuning"
Tuning *ContainerInputTuningSpec `json:"tuning,omitempty"`
// Includes is the set of namespaces and containers to include when collecting logs.
//
// Note: infrastructure namespaces are still excluded for "*" values unless a qualifying glob pattern is specified.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Include"
Includes []NamespaceContainerSpec `json:"includes,omitempty"`
// Excludes is the set of namespaces and containers to ignore when collecting logs.
//
// Takes precedence over Includes option.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Exclude"
Excludes []NamespaceContainerSpec `json:"excludes,omitempty"`
}
Application workload log selector. All conditions in the selector must be satisfied (logical AND) to select logs.
func (*Application) DeepCopy ¶
func (in *Application) DeepCopy() *Application
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Application.
func (*Application) DeepCopyInto ¶
func (in *Application) DeepCopyInto(out *Application)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ApplicationSource ¶
type ApplicationSource string
ApplicationSource defines the type of ApplicationSource log source to use.
+kubebuilder:validation:Enum:=container
const ( // ApplicationSourceContainer are container logs from deployed workloads // in any of the following namespaces: default, kube*, openshift* ApplicationSourceContainer ApplicationSource = "container" )
type Audit ¶
type Audit struct {
// Sources defines the list of audit sources to collect.
// This field is optional and its exclusion results in the collection of all audit sources.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Log Sources"
Sources []AuditSource `json:"sources,omitempty"`
}
Audit enables audit logs.
func (*Audit) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Audit.
func (*Audit) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type AuditSource ¶
type AuditSource string
AuditSource defines which type of audit log source is used.
+kubebuilder:validation:Enum:=auditd;kubeAPI;openshiftAPI;ovn
const ( // AuditSourceKube are audit logs from kubernetes API servers AuditSourceKube AuditSource = "kubeAPI" // AuditSourceOpenShift are audit logs from OpenShift API servers AuditSourceOpenShift AuditSource = "openshiftAPI" // AuditSourceAuditd are audit logs from a node auditd service AuditSourceAuditd AuditSource = "auditd" // AuditSourceOVN are audit logs from an Open Virtual Network service AuditSourceOVN AuditSource = "ovn" )
type AzureMonitor ¶
type AzureMonitor struct {
// Authentication sets credentials for authenticating the requests.
//
// +kubebuilder:validation:Required
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Authentication Options"
Authentication *AzureMonitorAuthentication `json:"authentication"`
// CustomerId che unique identifier for the Log Analytics workspace.
// https://learn.microsoft.com/en-us/azure/azure-monitor/logs/data-collector-api?tabs=powershell#request-uri-parameters
//
// +kubebuilder:validation:Required
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Customer ID",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
CustomerId string `json:"customerId"`
// LogType the record type of the data that is being submitted.
// Can only contain letters, numbers, and underscores (_), and may not exceed 100 characters.
// https://learn.microsoft.com/en-us/azure/azure-monitor/logs/data-collector-api?tabs=powershell#request-headers
//
// +kubebuilder:validation:Pattern:="^[a-zA-Z0-9][a-zA-Z0-9_]{0,99}$"
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Log Type",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
LogType string `json:"logType,omitempty"`
// AzureResourceId the Resource ID of the Azure resource the data should be associated with.
// https://learn.microsoft.com/en-us/azure/azure-monitor/logs/data-collector-api?tabs=powershell#request-headers
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Azure Resource ID",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
AzureResourceId string `json:"azureResourceId,omitempty"`
// Host alternative host for dedicated Azure regions. (for example for China region)
// https://docs.azure.cn/en-us/articles/guidance/developerdifferences#check-endpoints-in-azure
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Azure Host",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
Host string `json:"host,omitempty"`
// Tuning specs tuning for the output
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Tuning Options"
Tuning *BaseOutputTuningSpec `json:"tuning,omitempty"`
}
func (*AzureMonitor) DeepCopy ¶
func (in *AzureMonitor) DeepCopy() *AzureMonitor
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureMonitor.
func (*AzureMonitor) DeepCopyInto ¶
func (in *AzureMonitor) DeepCopyInto(out *AzureMonitor)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type AzureMonitorAuthentication ¶
type AzureMonitorAuthentication struct {
//
// +nullable
// +kubebuilder:validation:Required
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Shared Key"
SharedKey *SecretReference `json:"sharedKey"`
}
AzureMonitorAuthentication contains configuration for authenticating requests to a AzureMonitor output.
func (*AzureMonitorAuthentication) DeepCopy ¶
func (in *AzureMonitorAuthentication) DeepCopy() *AzureMonitorAuthentication
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureMonitorAuthentication.
func (*AzureMonitorAuthentication) DeepCopyInto ¶
func (in *AzureMonitorAuthentication) DeepCopyInto(out *AzureMonitorAuthentication)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type BaseOutputTuningSpec ¶
type BaseOutputTuningSpec struct {
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Delivery Mode"
DeliveryMode DeliveryMode `json:"deliveryMode,omitempty"`
// MaxWrite limits the maximum payload in terms of bytes of a single "send" to the output.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Batch Size"
MaxWrite *resource.Quantity `json:"maxWrite,omitempty"`
// MinRetryDuration is the minimum time to wait between attempts to retry after delivery a failure.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Minimum Retry Duration"
MinRetryDuration *time.Duration `json:"minRetryDuration,omitempty"`
// MaxRetryDuration is the maximum time to wait between retry attempts after a delivery failure.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Maximum Retry Duration"
MaxRetryDuration *time.Duration `json:"maxRetryDuration,omitempty"`
}
BaseOutputTuningSpec tuning parameters for an output
func (*BaseOutputTuningSpec) DeepCopy ¶
func (in *BaseOutputTuningSpec) DeepCopy() *BaseOutputTuningSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BaseOutputTuningSpec.
func (*BaseOutputTuningSpec) DeepCopyInto ¶
func (in *BaseOutputTuningSpec) DeepCopyInto(out *BaseOutputTuningSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type BearerToken ¶
type BearerToken struct {
// From is the source from where to find the token
//
// +kubebuilder:validation:Required
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Token Source"
From BearerTokenFrom `json:"from"`
// Use Secret if the value should be sourced from a Secret in the same namespace.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Token Secret"
Secret *BearerTokenSecretKey `json:"secret,omitempty"`
}
BearerToken allows configuring the source of a bearer token used for authentication. The token can either be read from a secret or from a Kubernetes ServiceAccount. +kubebuilder:validation:XValidation:rule="self.from != 'secret' || has(self.secret)", message="Additional secret spec is required when bearer token is sourced from a secret"
func (*BearerToken) DeepCopy ¶
func (in *BearerToken) DeepCopy() *BearerToken
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BearerToken.
func (*BearerToken) DeepCopyInto ¶
func (in *BearerToken) DeepCopyInto(out *BearerToken)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type BearerTokenFrom ¶
type BearerTokenFrom string
BearerTokenFrom specifies the source used for the bearer token.
+kubebuilder:validation:Enum:=secret;serviceAccount
const ( // BearerTokenFromSecret specifies to use the token from the spec'd secret BearerTokenFromSecret BearerTokenFrom = "secret" // BearerTokenFromServiceAccount specifies to use the token associated with the forwarder service account BearerTokenFromServiceAccount BearerTokenFrom = "serviceAccount" )
type BearerTokenSecretKey ¶
type BearerTokenSecretKey struct {
// Name of the key used to get the value from the referenced Secret.
//
// +kubebuilder:validation:Required
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Key Name",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
Key string `json:"key"`
// Name of secret
//
// +kubebuilder:validation:Required
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Secret Name",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
Name string `json:"name"`
}
func (*BearerTokenSecretKey) DeepCopy ¶
func (in *BearerTokenSecretKey) DeepCopy() *BearerTokenSecretKey
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BearerTokenSecretKey.
func (*BearerTokenSecretKey) DeepCopyInto ¶
func (in *BearerTokenSecretKey) DeepCopyInto(out *BearerTokenSecretKey)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Cloudwatch ¶
type Cloudwatch struct {
// URL to send log records to.
//
// The 'username@password' part of `url` is ignored.
//
// +kubebuilder:validation:Optional
// +kubebuilder:validation:XValidation:rule="self == ” || isURL(self)", message="invalid URL"
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Destination URL",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
URL string `json:"url,omitempty"`
// Authentication sets credentials for authenticating the requests.
//
// +kubebuilder:validation:Required
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Authentication Options"
Authentication *CloudwatchAuthentication `json:"authentication"`
// Tuning specs tuning for the output
//
// +kubebuilder:validation:Optional
// +nullable
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Tuning Options"
Tuning *CloudwatchTuningSpec `json:"tuning,omitempty"`
// +kubebuilder:validation:Required
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Amazon Region",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
Region string `json:"region"`
// GroupName defines the strategy for grouping logstreams
//
// The GroupName can be a combination of static and dynamic values consisting of field paths followed by `||` followed by another field path or a static value.
//
// A dynamic value is encased in single curly brackets `{}` and MUST end with a static fallback value separated with `||`.
//
// Static values can only contain alphanumeric characters along with dashes, underscores, dots and forward slashes.
//
// Example:
//
// 1. foo-{.bar||"none"}
//
// 2. {.foo||.bar||"missing"}
//
// 3. foo.{.bar.baz||.qux.quux.corge||.grault||"nil"}-waldo.fred{.plugh||"none"}
//
// +kubebuilder:validation:Pattern:=`^(([a-zA-Z0-9-_.\/])*(\{(\.[a-zA-Z0-9_]+|\."[^"]+")+((\|\|)(\.[a-zA-Z0-9_]+|\.?"[^"]+")+)*\|\|"[^"]*"\})*)*$`
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Group Name",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
GroupName string `json:"groupName"`
}
Cloudwatch provides configuration for the output type `cloudwatch`
func (*Cloudwatch) DeepCopy ¶
func (in *Cloudwatch) DeepCopy() *Cloudwatch
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Cloudwatch.
func (*Cloudwatch) DeepCopyInto ¶
func (in *Cloudwatch) DeepCopyInto(out *Cloudwatch)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type CloudwatchAWSAccessKey ¶
type CloudwatchAWSAccessKey struct {
// KeyId points to the AWS access key id to be used for authentication.
//
// +kubebuilder:validation:Required
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Secret with Access Key ID"
KeyId SecretReference `json:"keyId"`
// KeySecret points to the AWS access key secret to be used for authentication.
//
// +kubebuilder:validation:Required
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Secret with Access Key Secret"
KeySecret SecretReference `json:"keySecret"`
}
func (*CloudwatchAWSAccessKey) DeepCopy ¶
func (in *CloudwatchAWSAccessKey) DeepCopy() *CloudwatchAWSAccessKey
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CloudwatchAWSAccessKey.
func (*CloudwatchAWSAccessKey) DeepCopyInto ¶
func (in *CloudwatchAWSAccessKey) DeepCopyInto(out *CloudwatchAWSAccessKey)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type CloudwatchAuthType ¶
type CloudwatchAuthType string
CloudwatchAuthType sets the authentication type used for CloudWatch.
+kubebuilder:validation:Enum:=awsAccessKey;iamRole
const ( // CloudwatchAuthTypeAccessKey requires auth to use static keys CloudwatchAuthTypeAccessKey CloudwatchAuthType = "awsAccessKey" // CloudwatchAuthTypeIAMRole requires auth to use IAM Role and optional token CloudwatchAuthTypeIAMRole CloudwatchAuthType = "iamRole" )
type CloudwatchAuthentication ¶
type CloudwatchAuthentication struct {
// Type is the type of cloudwatch authentication to configure
//
// +kubebuilder:validation:Required
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Authentication Type"
Type CloudwatchAuthType `json:"type"`
// AWSAccessKey points to the AWS access key id and secret to be used for authentication.
//
// +kubebuilder:validation:Optional
// +nullable
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Access Key"
AWSAccessKey *CloudwatchAWSAccessKey `json:"awsAccessKey,omitempty"`
// IAMRole points to the secret containing the role ARN to be used for authentication.
// This can be used for authentication in STS-enabled clusters when additionally specifying
// a web identity token
//
// +kubebuilder:validation:Optional
// +nullable
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Amazon IAM Role"
IAMRole *CloudwatchIAMRole `json:"iamRole,omitempty"`
}
CloudwatchAuthentication contains configuration for authenticating requests to a Cloudwatch output. +kubebuilder:validation:XValidation:rule="self.type != 'awsAccessKey' || has(self.awsAccessKey)", message="Additional type specific spec is required for authentication" +kubebuilder:validation:XValidation:rule="self.type != 'iamRole' || has(self.iamRole)", message="Additional type specific spec is required for authentication"
func (*CloudwatchAuthentication) DeepCopy ¶
func (in *CloudwatchAuthentication) DeepCopy() *CloudwatchAuthentication
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CloudwatchAuthentication.
func (*CloudwatchAuthentication) DeepCopyInto ¶
func (in *CloudwatchAuthentication) DeepCopyInto(out *CloudwatchAuthentication)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type CloudwatchIAMRole ¶
type CloudwatchIAMRole struct {
// RoleARN points to the secret containing the role ARN to be used for authentication.
// This is used for authentication in STS-enabled clusters.
//
// +kubebuilder:validation:Required
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="RoleARN Secret"
RoleARN SecretReference `json:"roleARN"`
// Token specifies a bearer token to be used for authenticating requests.
//
// +kubebuilder:validation:Required
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Token"
Token BearerToken `json:"token"`
}
func (*CloudwatchIAMRole) DeepCopy ¶
func (in *CloudwatchIAMRole) DeepCopy() *CloudwatchIAMRole
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CloudwatchIAMRole.
func (*CloudwatchIAMRole) DeepCopyInto ¶
func (in *CloudwatchIAMRole) DeepCopyInto(out *CloudwatchIAMRole)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type CloudwatchTuningSpec ¶
type CloudwatchTuningSpec struct {
BaseOutputTuningSpec `json:",inline"`
// Compression causes data to be compressed before sending over the network.
// It is an error if the compression type is not supported by the output.
//
// +kubebuilder:validation:Enum:=gzip;none;snappy;zlib;zstd
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Compression"
Compression string `json:"compression,omitempty"`
}
func (*CloudwatchTuningSpec) DeepCopy ¶
func (in *CloudwatchTuningSpec) DeepCopy() *CloudwatchTuningSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CloudwatchTuningSpec.
func (*CloudwatchTuningSpec) DeepCopyInto ¶
func (in *CloudwatchTuningSpec) DeepCopyInto(out *CloudwatchTuningSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ClusterLogForwarder ¶
type ClusterLogForwarder struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec ClusterLogForwarderSpec `json:"spec,omitempty"`
Status ClusterLogForwarderStatus `json:"status,omitempty"`
}
ClusterLogForwarder is an API to configure forwarding logs.
You configure forwarding by specifying a list of `pipelines`, which forward from a set of named inputs to a set of named outputs.
+kubebuilder:object:root=true +kubebuilder:subresource:status +kubebuilder:resource:categories=observability,shortName=obsclf;clf +kubebuilder:validation:XValidation:rule="self.metadata.name.matches('^[a-z][a-z0-9-]{1,61}[a-z0-9]$')",message="Name must be a valid DNS1035 label"
func (*ClusterLogForwarder) DeepCopy ¶
func (in *ClusterLogForwarder) DeepCopy() *ClusterLogForwarder
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterLogForwarder.
func (*ClusterLogForwarder) DeepCopyInto ¶
func (in *ClusterLogForwarder) DeepCopyInto(out *ClusterLogForwarder)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ClusterLogForwarder) DeepCopyObject ¶
func (in *ClusterLogForwarder) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type ClusterLogForwarderList ¶
type ClusterLogForwarderList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []ClusterLogForwarder `json:"items"`
}
ClusterLogForwarderList contains a list of ClusterLogForwarder
+kubebuilder:object:root=true
func (*ClusterLogForwarderList) DeepCopy ¶
func (in *ClusterLogForwarderList) DeepCopy() *ClusterLogForwarderList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterLogForwarderList.
func (*ClusterLogForwarderList) DeepCopyInto ¶
func (in *ClusterLogForwarderList) DeepCopyInto(out *ClusterLogForwarderList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ClusterLogForwarderList) DeepCopyObject ¶
func (in *ClusterLogForwarderList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type ClusterLogForwarderSpec ¶
type ClusterLogForwarderSpec struct {
// Indicator if the resource is 'Managed' or 'Unmanaged' by the operator.
//
// +kubebuilder:default:=Managed
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Management State"
ManagementState ManagementState `json:"managementState,omitempty"`
// Specification of the Collector deployment to define
// resource limits and workload placement
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Collector Resources and Placement",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:advanced"}
Collector *CollectorSpec `json:"collector,omitempty"`
// Inputs are named filters for log messages to be forwarded.
//
// There are three built-in inputs named `application`, `infrastructure` and
// `audit`. You don't need to define inputs here if those are sufficient for
// your needs. See `inputRefs` for more.
//
// +kubebuilder:validation:Optional
// +listType:=map
// +listMapKey:=name
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Log Forwarder Inputs"
Inputs []InputSpec `json:"inputs,omitempty"`
// Outputs are named destinations for log messages.
//
// +kubebuilder:validation:Required
// +listType:=map
// +listMapKey:=name
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Log Forwarder Outputs"
Outputs []OutputSpec `json:"outputs"`
// Filters are applied to log records passing through a pipeline.
// There are different types of filter that can select and modify log records in different ways.
// See [FilterTypeSpec] for a list of filter types.
//
// +kubebuilder:validation:Optional
// +listType:=map
// +listMapKey:=name
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Log Forwarder Pipeline Filters"
Filters []FilterSpec `json:"filters,omitempty"`
// Pipelines forward the messages selected by a set of inputs to a set of outputs.
//
// +kubebuilder:validation:Required
// +listType:=map
// +listMapKey:=name
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Log Forwarder Pipelines"
Pipelines []PipelineSpec `json:"pipelines"`
// ServiceAccount points to the ServiceAccount resource used by the collector pods.
//
// +kubebuilder:validation:Required
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Service Account"
ServiceAccount ServiceAccount `json:"serviceAccount"`
}
ClusterLogForwarderSpec defines the desired state of ClusterLogForwarder
func (*ClusterLogForwarderSpec) DeepCopy ¶
func (in *ClusterLogForwarderSpec) DeepCopy() *ClusterLogForwarderSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterLogForwarderSpec.
func (*ClusterLogForwarderSpec) DeepCopyInto ¶
func (in *ClusterLogForwarderSpec) DeepCopyInto(out *ClusterLogForwarderSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ClusterLogForwarderStatus ¶
type ClusterLogForwarderStatus struct {
// Conditions of the log forwarder.
//
// +operator-sdk:csv:customresourcedefinitions:type=status,displayName="Forwarder Conditions",xDescriptors={"urn:alm:descriptor:io.kubernetes.conditions"}
Conditions []metav1.Condition `json:"conditions,omitempty"`
// InputConditions maps input name to condition of the input.
//
// +operator-sdk:csv:customresourcedefinitions:type=status,displayName="Input Conditions",xDescriptors={"urn:alm:descriptor:io.kubernetes.conditions"}
InputConditions []metav1.Condition `json:"inputConditions,omitempty"`
// OutputConditions maps output name to condition of the output.
//
// +operator-sdk:csv:customresourcedefinitions:type=status,displayName="Output Conditions",xDescriptors={"urn:alm:descriptor:io.kubernetes.conditions"}
OutputConditions []metav1.Condition `json:"outputConditions,omitempty"`
// FilterConditions maps filter name to condition of the filter.
//
// +operator-sdk:csv:customresourcedefinitions:type=status,displayName="Filter Conditions",xDescriptors={"urn:alm:descriptor:io.kubernetes.conditions"}
FilterConditions []metav1.Condition `json:"filterConditions,omitempty"`
// PipelineConditions maps pipeline name to condition of the pipeline.
//
// +operator-sdk:csv:customresourcedefinitions:type=status,displayName="Pipeline Conditions",xDescriptors={"urn:alm:descriptor:io.kubernetes.conditions"}
PipelineConditions []metav1.Condition `json:"pipelineConditions,omitempty"`
}
ClusterLogForwarderStatus defines the observed state of ClusterLogForwarder
func (*ClusterLogForwarderStatus) DeepCopy ¶
func (in *ClusterLogForwarderStatus) DeepCopy() *ClusterLogForwarderStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterLogForwarderStatus.
func (*ClusterLogForwarderStatus) DeepCopyInto ¶
func (in *ClusterLogForwarderStatus) DeepCopyInto(out *ClusterLogForwarderStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type CollectorSpec ¶
type CollectorSpec struct {
// The resource requirements for the collector
//
// +nullable
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Collector Resource Requirements",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:resourceRequirements"}
Resources *corev1.ResourceRequirements `json:"resources,omitempty"`
// Define nodes for scheduling the pods.
//
// +nullable
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Node Selector"
NodeSelector map[string]string `json:"nodeSelector,omitempty"`
// Define the tolerations the collector pods will accept
//
// +nullable
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Tolerations"
Tolerations []corev1.Toleration `json:"tolerations,omitempty"`
}
CollectorSpec is spec to define scheduling and resources for a collector
func (*CollectorSpec) DeepCopy ¶
func (in *CollectorSpec) DeepCopy() *CollectorSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CollectorSpec.
func (*CollectorSpec) DeepCopyInto ¶
func (in *CollectorSpec) DeepCopyInto(out *CollectorSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ContainerInputTuningSpec ¶
type ContainerInputTuningSpec struct {
// RateLimitPerContainer is the limit applied to each container
// by this input. This limit is applied per collector deployment.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Per-Container Rate Limit"
RateLimitPerContainer *LimitSpec `json:"rateLimitPerContainer,omitempty"`
}
func (*ContainerInputTuningSpec) DeepCopy ¶
func (in *ContainerInputTuningSpec) DeepCopy() *ContainerInputTuningSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContainerInputTuningSpec.
func (*ContainerInputTuningSpec) DeepCopyInto ¶
func (in *ContainerInputTuningSpec) DeepCopyInto(out *ContainerInputTuningSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type DeliveryMode ¶
type DeliveryMode string
DeliveryMode sets the delivery mode for log forwarding.
+kubebuilder:validation:Enum:=AtLeastOnce;AtMostOnce
const ( // DeliveryModeAtLeastOnce: if the forwarder crashes or is re-started, any logs that were read before // the crash but not sent to their destination will be re-read and re-sent. Note it is possible // that some logs are duplicated in the event of a crash - log records are delivered at-least-once. DeliveryModeAtLeastOnce DeliveryMode = "AtLeastOnce" // DeliveryModeAtMostOnce: The forwarder makes no effort to recover logs lost during a crash. This mode may give // better throughput, but could result in more log loss. DeliveryModeAtMostOnce DeliveryMode = "AtMostOnce" )
type DropCondition ¶
type DropCondition struct {
// A dot delimited path to a field in the log record. It must start with a `.`.
// The path can contain alpha-numeric characters and underscores (a-zA-Z0-9_).
// If segments contain characters outside of this range, the segment must be quoted.
// Examples: `.kubernetes.namespace_name`, `.log_type`, '.kubernetes.labels.foobar', `.kubernetes.labels."foo-bar/baz"`
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Field Path"
Field FieldPath `json:"field,omitempty"`
// A regular expression that the field will match.
// If the value of the field defined in the DropTest matches the regular expression, the log record will be dropped.
// Must define only one of matches OR notMatches
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Drop Match Expression"
Matches string `json:"matches,omitempty"`
// A regular expression that the field does not match.
// If the value of the field defined in the DropTest does not match the regular expression, the log record will be dropped.
// Must define only one of matches or notMatches
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Keep Match Expression"
NotMatches string `json:"notMatches,omitempty"`
}
+kubebuilder:validation:XValidation:rule="!(has(self.matches) && has(self.notMatches))", message="only one of matches or notMatches can be defined per field"
func (*DropCondition) DeepCopy ¶
func (in *DropCondition) DeepCopy() *DropCondition
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DropCondition.
func (*DropCondition) DeepCopyInto ¶
func (in *DropCondition) DeepCopyInto(out *DropCondition)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type DropTest ¶
type DropTest struct {
// DropConditions is an array of DropCondition which are conditions that are ANDed together
//
// +kubebuilder:validation:Required
// +kubebuilder:validation:MinItems:=1
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Drop Filter Conditions"
DropConditions []DropCondition `json:"test,omitempty"`
}
func (*DropTest) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DropTest.
func (*DropTest) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Elasticsearch ¶
type Elasticsearch struct {
URLSpec `json:",inline"`
// Authentication sets credentials for authenticating the requests.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Authentication Options"
Authentication *HTTPAuthentication `json:"authentication,omitempty"`
// Tuning specs tuning for the output
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Tuning Options"
Tuning *ElasticsearchTuningSpec `json:"tuning,omitempty"`
// Index is the index for the logs. This supports template syntax to allow dynamic per-event values.
//
// The Index can be a combination of static and dynamic values consisting of field paths followed by `||` followed by another field path or a static value.
//
// A dynamic value is encased in single curly brackets `{}` and MUST end with a static fallback value separated with `||`.
//
// Static values can only contain alphanumeric characters along with dashes, underscores, dots and forward slashes.
//
// Example:
//
// 1. foo-{.bar||"none"}
//
// 2. {.foo||.bar||"missing"}
//
// 3. foo.{.bar.baz||.qux.quux.corge||.grault||"nil"}-waldo.fred{.plugh||"none"}
//
// +kubebuilder:validation:Pattern:=`^(([a-zA-Z0-9-_.\/])*(\{(\.[a-zA-Z0-9_]+|\."[^"]+")+((\|\|)(\.[a-zA-Z0-9_]+|\.?"[^"]+")+)*\|\|"[^"]*"\})*)*$`
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Log Index",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
Index string `json:"index"`
// Version specifies the version of Elasticsearch to be used.
// Must be one of: 6-8
//
// +kubebuilder:validation:Minimum:=6
// +kubebuilder:validation:Maximum:=8
// +kubebuilder:validation:Required
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="ElasticSearch Version",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:number"}
Version int `json:"version"`
}
func (*Elasticsearch) DeepCopy ¶
func (in *Elasticsearch) DeepCopy() *Elasticsearch
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Elasticsearch.
func (*Elasticsearch) DeepCopyInto ¶
func (in *Elasticsearch) DeepCopyInto(out *Elasticsearch)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ElasticsearchTuningSpec ¶
type ElasticsearchTuningSpec struct {
BaseOutputTuningSpec `json:",inline"`
// Compression causes data to be compressed before sending over the network.
//
// +kubebuilder:validation:Enum:=none;gzip;zlib
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Compression"
Compression string `json:"compression,omitempty"`
}
func (*ElasticsearchTuningSpec) DeepCopy ¶
func (in *ElasticsearchTuningSpec) DeepCopy() *ElasticsearchTuningSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ElasticsearchTuningSpec.
func (*ElasticsearchTuningSpec) DeepCopyInto ¶
func (in *ElasticsearchTuningSpec) DeepCopyInto(out *ElasticsearchTuningSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type EnrichmentType ¶
type EnrichmentType string
+kubebuilder:validation:Enum:=None;KubernetesMinimal
const ( // EnrichmentTypeNone add no additional enrichment to the record EnrichmentTypeNone EnrichmentType = "None" // EnrichmentTypeKubernetesMinimal adds namespace_name, pod_name, and collector_name to the beginning of the message // body (e.g. namespace_name=myproject, container_name=server, pod_name=pod-123, message={"foo":"bar"}). This may // result in the message body being an invalid JSON structure EnrichmentTypeKubernetesMinimal EnrichmentType = "KubernetesMinimal" )
type FieldPath ¶
type FieldPath string
FieldPath represents a path to find a value for a given field. The format must a value that can be converted to a valid collector configuration. It is a dot delimited path to a field in the log record. It must start with a `.`. The path can contain alphanumeric characters and underscores (a-zA-Z0-9_). If segments contain characters outside of this range, the segment must be quoted. Examples: `.kubernetes.namespace_name`, `.log_type`, '.kubernetes.labels.foobar', `.kubernetes.labels."foo-bar/baz"`
+kubebuilder:validation:Pattern:=`^(\.[a-zA-Z0-9_]+|\."[^"]+")(\.[a-zA-Z0-9_]+|\."[^"]+")*$`
type FilterSpec ¶
type FilterSpec struct {
// Name used to refer to the filter from a "pipeline".
//
// +kubebuilder:validation:Pattern:="^[a-z][a-z0-9-]*[a-z0-9]$"
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Filter Name"
Name string `json:"name"`
// Type of filter.
//
// +kubebuilder:validation:Required
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Filter Type"
Type FilterType `json:"type"`
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Kubernetes API Audit Filter"
KubeAPIAudit *KubeAPIAudit `json:"kubeAPIAudit,omitempty"`
// A drop filter applies a sequence of tests to a log record and drops the record if any test passes.
// Each test contains a sequence of conditions, all conditions must be true for the test to pass.
// A DropTestsSpec contains an array of tests which contains an array of conditions
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Drop Filters"
DropTestsSpec []DropTest `json:"drop,omitempty"`
// The PruneFilterSpec consists of two arrays, namely in and notIn, which dictate the fields to be pruned.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Prune Filters"
PruneFilterSpec *PruneFilterSpec `json:"prune,omitempty"`
// Labels applied to log records passing through a pipeline.
// These labels appear in the `openshift.labels` map in the log record.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Labels"
OpenshiftLabels map[string]string `json:"openshiftLabels,omitempty"`
}
FilterSpec defines a filter for log messages.
+kubebuilder:validation:XValidation:rule="self.type != 'kubeAPIAudit' || has(self.kubeAPIAudit)", message="Additional type specific spec is required for the filter type" +kubebuilder:validation:XValidation:rule="self.type != 'drop' || has(self.drop)", message="Additional type specific spec is required for the filter type" +kubebuilder:validation:XValidation:rule="self.type != 'prune' || has(self.prune)", message="Additional type specific spec is required for the filter type" +kubebuilder:validation:XValidation:rule="self.type != 'openshiftLabels' || has(self.openshiftLabels)", message="Additional type specific spec is required for the filter type"
func (*FilterSpec) DeepCopy ¶
func (in *FilterSpec) DeepCopy() *FilterSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FilterSpec.
func (*FilterSpec) DeepCopyInto ¶
func (in *FilterSpec) DeepCopyInto(out *FilterSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type FilterType ¶
type FilterType string
FilterType specifies the type of filter used in a pipeline
+kubebuilder:validation:Enum:=openshiftLabels;detectMultilineException;drop;kubeAPIAudit;parse;prune
const ( FilterTypeDetectMultiline FilterType = "detectMultilineException" FilterTypeDrop FilterType = "drop" FilterTypeKubeAPIAudit FilterType = "kubeAPIAudit" FilterTypeOpenshiftLabels FilterType = "openshiftLabels" FilterTypeParse FilterType = "parse" FilterTypePrune FilterType = "prune" )
Filter type constants, must match JSON tags of FilterTypeSpec fields.
type GoogleCloudLogging ¶
type GoogleCloudLogging struct {
// Authentication sets credentials for authenticating the requests.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Authentication Options"
Authentication *GoogleCloudLoggingAuthentication `json:"authentication,omitempty"`
// ID must be one of the required ID fields for the output
//
// +kubebuilder:validation:Required
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Logging ID"
ID GoogleCloudLoggingId `json:"id"`
// LogId is the log ID to which to publish logs. This identifies log stream.
//
// The LogId can be a combination of static and dynamic values consisting of field paths followed by `||` followed by another field path or a static value.
//
// A dynamic value is encased in single curly brackets `{}` and MUST end with a static fallback value separated with `||`.
//
// Static values can only contain alphanumeric characters along with dashes, underscores, dots and forward slashes.
//
// Example:
//
// 1. foo-{.bar||"none"}
//
// 2. {.foo||.bar||"missing"}
//
// 3. foo.{.bar.baz||.qux.quux.corge||.grault||"nil"}-waldo.fred{.plugh||"none"}
//
// +kubebuilder:validation:Pattern:=`^(([a-zA-Z0-9-_.\/])*(\{(\.[a-zA-Z0-9_]+|\."[^"]+")+((\|\|)(\.[a-zA-Z0-9_]+|\.?"[^"]+")+)*\|\|"[^"]*"\})*)*$`
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Log Stream ID",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
LogId string `json:"logId"`
// Tuning specs tuning for the output
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Tuning Options"
Tuning *GoogleCloudLoggingTuningSpec `json:"tuning,omitempty"`
}
GoogleCloudLogging provides configuration for sending logs to Google Cloud Logging.
func (*GoogleCloudLogging) DeepCopy ¶
func (in *GoogleCloudLogging) DeepCopy() *GoogleCloudLogging
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GoogleCloudLogging.
func (*GoogleCloudLogging) DeepCopyInto ¶
func (in *GoogleCloudLogging) DeepCopyInto(out *GoogleCloudLogging)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type GoogleCloudLoggingAuthentication ¶
type GoogleCloudLoggingAuthentication struct {
// Credentials points to the secret containing the `google-application-credentials.json`.
//
// +kubebuilder:validation:Required
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Secret with Credentials File"
Credentials *SecretReference `json:"credentials"`
}
GoogleCloudLoggingAuthentication contains configuration for authenticating requests to a GoogleCloudLogging output.
func (*GoogleCloudLoggingAuthentication) DeepCopy ¶
func (in *GoogleCloudLoggingAuthentication) DeepCopy() *GoogleCloudLoggingAuthentication
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GoogleCloudLoggingAuthentication.
func (*GoogleCloudLoggingAuthentication) DeepCopyInto ¶
func (in *GoogleCloudLoggingAuthentication) DeepCopyInto(out *GoogleCloudLoggingAuthentication)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type GoogleCloudLoggingId ¶
type GoogleCloudLoggingId struct {
// Type is the ID type provided
// +kubebuilder:validation:Required
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Logging ID Type"
Type GoogleCloudLoggingIdType `json:"type"`
// Value is the value of the ID
//
// +kubebuilder:validation:Required
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Logging ID Value",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
Value string `json:"value"`
}
func (*GoogleCloudLoggingId) DeepCopy ¶
func (in *GoogleCloudLoggingId) DeepCopy() *GoogleCloudLoggingId
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GoogleCloudLoggingId.
func (*GoogleCloudLoggingId) DeepCopyInto ¶
func (in *GoogleCloudLoggingId) DeepCopyInto(out *GoogleCloudLoggingId)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type GoogleCloudLoggingIdType ¶
type GoogleCloudLoggingIdType string
GoogleCloudLoggingIdType specifies the type of the provided ID value.
+kubebuilder:validation:Enum:=billingAccount;folder;project;organization
const ( GoogleCloudLoggingIdTypeBillingAccount GoogleCloudLoggingIdType = "billingAccount" GoogleCloudLoggingIdTypeFolder GoogleCloudLoggingIdType = "folder" GoogleCloudLoggingIdTypeProject GoogleCloudLoggingIdType = "project" GoogleCloudLoggingIdTypeOrganization GoogleCloudLoggingIdType = "organization" )
type GoogleCloudLoggingTuningSpec ¶
type GoogleCloudLoggingTuningSpec struct {
BaseOutputTuningSpec `json:",inline"`
}
func (*GoogleCloudLoggingTuningSpec) DeepCopy ¶
func (in *GoogleCloudLoggingTuningSpec) DeepCopy() *GoogleCloudLoggingTuningSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GoogleCloudLoggingTuningSpec.
func (*GoogleCloudLoggingTuningSpec) DeepCopyInto ¶
func (in *GoogleCloudLoggingTuningSpec) DeepCopyInto(out *GoogleCloudLoggingTuningSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type HTTP ¶
type HTTP struct {
URLSpec `json:",inline"`
// Authentication sets credentials for authenticating the requests.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Authentication Options"
Authentication *HTTPAuthentication `json:"authentication,omitempty"`
// Tuning specs tuning for the output
//
// +nullable
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Tuning Options"
Tuning *HTTPTuningSpec `json:"tuning,omitempty"`
// Headers specify optional headers to be sent with the request
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Headers"
Headers map[string]string `json:"headers,omitempty"`
// Timeout specifies the Http request timeout in seconds. If not set, 10secs is used.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Timeout",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:number"}
Timeout int `json:"timeout,omitempty"`
// Method specifies the HTTP method to be used for sending logs. If not set, 'POST' is used.
//
// +kubebuilder:validation:Enum:=GET;HEAD;POST;PUT;DELETE;OPTIONS;TRACE;PATCH
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="HTTP Method"
Method string `json:"method,omitempty"`
// ProxyURL URL of a HTTP or HTTPS proxy to be used instead of direct connection.
//
// +kubebuilder:validation:Optional
// +kubebuilder:validation:XValidation:rule="self == ” || isURL(self)", message="invalid URL"
ProxyURL string `json:"proxyURL,omitempty"`
}
HTTP provided configuration for sending json encoded logs to a generic HTTP endpoint.
func (*HTTP) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTP.
func (*HTTP) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type HTTPAuthentication ¶
type HTTPAuthentication struct {
// Token specifies a bearer token to be used for authenticating requests.
//
// +nullable
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Bearer Token"
Token *BearerToken `json:"token,omitempty"`
// Username to use for authenticating requests.
//
// +nullable
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Username"
Username *SecretReference `json:"username,omitempty"`
// Password to use for authenticating requests.
//
// +nullable
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Password"
Password *SecretReference `json:"password,omitempty"`
}
HTTPAuthentication provides options for setting common authentication credentials. This is mostly used with outputs using HTTP or a derivative as transport.
func (*HTTPAuthentication) DeepCopy ¶
func (in *HTTPAuthentication) DeepCopy() *HTTPAuthentication
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPAuthentication.
func (*HTTPAuthentication) DeepCopyInto ¶
func (in *HTTPAuthentication) DeepCopyInto(out *HTTPAuthentication)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type HTTPReceiver ¶
type HTTPReceiver struct {
// Format is the format of incoming log data.
//
// +kubebuilder:validation:Required
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Data Format"
Format HTTPReceiverFormat `json:"format"`
}
HTTPReceiver receives encoded logs as a HTTP endpoint.
func (*HTTPReceiver) DeepCopy ¶
func (in *HTTPReceiver) DeepCopy() *HTTPReceiver
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPReceiver.
func (*HTTPReceiver) DeepCopyInto ¶
func (in *HTTPReceiver) DeepCopyInto(out *HTTPReceiver)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type HTTPReceiverFormat ¶
type HTTPReceiverFormat string
HTTPReceiverFormat defines the type of log data incoming through the HTTP receiver.
+kubebuilder:validation:Enum:=kubeAPIAudit
const (
HTTPReceiverFormatKubeAPIAudit HTTPReceiverFormat = "kubeAPIAudit"
)
type HTTPTuningSpec ¶
type HTTPTuningSpec struct {
BaseOutputTuningSpec `json:",inline"`
// Compression causes data to be compressed before sending over the network.
//
// +kubebuilder:validation:Enum:=none;gzip;snappy;zlib
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Compression"
Compression string `json:"compression,omitempty"`
}
func (*HTTPTuningSpec) DeepCopy ¶
func (in *HTTPTuningSpec) DeepCopy() *HTTPTuningSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPTuningSpec.
func (*HTTPTuningSpec) DeepCopyInto ¶
func (in *HTTPTuningSpec) DeepCopyInto(out *HTTPTuningSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Infrastructure ¶
type Infrastructure struct {
// Sources defines the list of infrastructure sources to collect.
// This field is optional and omission results in the collection of all infrastructure sources.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Log Sources"
Sources []InfrastructureSource `json:"sources,omitempty"`
}
Infrastructure enables infrastructure logs. Sources of these logs: * container workloads deployed to namespaces: default, kube*, openshift* * journald logs from cluster nodes
func (*Infrastructure) DeepCopy ¶
func (in *Infrastructure) DeepCopy() *Infrastructure
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Infrastructure.
func (*Infrastructure) DeepCopyInto ¶
func (in *Infrastructure) DeepCopyInto(out *Infrastructure)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type InfrastructureSource ¶
type InfrastructureSource string
InfrastructureSource defines the type of infrastructure log source to use.
+kubebuilder:validation:Enum:=container;node
const ( // InfrastructureSourceNode are journald logs from the node InfrastructureSourceNode InfrastructureSource = "node" // InfrastructureSourceContainer are container logs from workloads deployed // in any of the following namespaces: default, kube*, openshift* InfrastructureSourceContainer InfrastructureSource = "container" )
type InputSpec ¶
type InputSpec struct {
// Name used to refer to the input of a `pipeline`.
//
// +kubebuilder:validation:Pattern:="^[a-z][a-z0-9-]*[a-z0-9]$"
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Input Name"
Name string `json:"name"`
// Type of output sink.
//
// +kubebuilder:validation:Required
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Input Type"
Type InputType `json:"type"`
// Application, named set of `application` logs that
// can specify a set of match criteria
//
// +nullable
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Application Logs Input"
Application *Application `json:"application,omitempty"`
// Infrastructure, Enables `infrastructure` logs.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Infrastructure Logs Input"
Infrastructure *Infrastructure `json:"infrastructure,omitempty"`
// Audit, enables `audit` logs.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Audit Logs Input"
Audit *Audit `json:"audit,omitempty"`
// Receiver to receive logs from non-cluster sources.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Log Receiver"
Receiver *ReceiverSpec `json:"receiver,omitempty"`
}
InputSpec defines a selector of log messages for a given log type. +kubebuilder:validation:XValidation:rule="self.type != 'application' || has(self.application)", message="Additional type specific spec is required for the input type" +kubebuilder:validation:XValidation:rule="self.type != 'infrastructure' || has(self.infrastructure)", message="Additional type specific spec is required for the input type" +kubebuilder:validation:XValidation:rule="self.type != 'audit' || has(self.audit)", message="Additional type specific spec is required for the input type" +kubebuilder:validation:XValidation:rule="self.type != 'receiver' || has(self.receiver)", message="Additional type specific spec is required for the input type"
func (*InputSpec) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InputSpec.
func (*InputSpec) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type InputTLSSpec ¶
type InputTLSSpec TLSSpec
func (*InputTLSSpec) DeepCopy ¶
func (in *InputTLSSpec) DeepCopy() *InputTLSSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InputTLSSpec.
func (*InputTLSSpec) DeepCopyInto ¶
func (in *InputTLSSpec) DeepCopyInto(out *InputTLSSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type InputType ¶
type InputType string
InputType specifies the type of log input to create.
+kubebuilder:validation:Enum:=audit;application;infrastructure;receiver
const ( // InputTypeApplication contains all the non-infrastructure container logs. InputTypeApplication InputType = "application" // InputTypeInfrastructure contains infrastructure containers and system logs. InputTypeInfrastructure InputType = "infrastructure" // InputTypeAudit contains system audit logs. InputTypeAudit InputType = "audit" // InputTypeReceiver defines a network receiver for receiving logs from non-cluster sources. InputTypeReceiver InputType = "receiver" )
type Kafka ¶
type Kafka struct {
// URL to send log records to.
//
// The 'username@password' part of `url` is ignored.
// +kubebuilder:validation:Optional
// +kubebuilder:validation:XValidation:rule="self == ” || isURL(self)", message="invalid URL"
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Destination URL",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
URL string `json:"url,omitempty"`
// Authentication sets credentials for authenticating the requests.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Authentication Options"
Authentication *KafkaAuthentication `json:"authentication,omitempty"`
// Tuning specs tuning for the output
//
// +nullable
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Tuning Options"
Tuning *KafkaTuningSpec `json:"tuning,omitempty"`
// Topic specifies the target topic to send logs to. The value when not specified is 'topic'
//
// The Topic can be a combination of static and dynamic values consisting of field paths followed by `||` followed by another field path or a static value.
//
// A dynamic value is encased in single curly brackets `{}` and MUST end with a static fallback value separated with `||`.
//
// Static values can only contain alphanumeric characters along with dashes, underscores, dots and forward slashes.
//
// Example:
//
// 1. foo-{.bar||"none"}
//
// 2. {.foo||.bar||"missing"}
//
// 3. foo.{.bar.baz||.qux.quux.corge||.grault||"nil"}-waldo.fred{.plugh||"none"}
//
// +kubebuilder:validation:Optional
// +kubebuilder:validation:Pattern:=`^(([a-zA-Z0-9-_.\/])*(\{(\.[a-zA-Z0-9_]+|\."[^"]+")+((\|\|)(\.[a-zA-Z0-9_]+|\.?"[^"]+")+)*\|\|"[^"]*"\})*)*$`
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Kafka Topic",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
Topic string `json:"topic,omitempty"`
// Brokers specifies the list of broker endpoints of a Kafka cluster.
//
// The list represents only the initial set used by the collector's Kafka client for the
// first connection only. The collector's Kafka client fetches constantly an updated list
// from Kafka. These updates are not reconciled back to the collector configuration.
//
// If none provided the target URL from the OutputSpec is used as fallback.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Kafka Brokers"
Brokers []URL `json:"brokers,omitempty"`
}
Kafka provides optional extra properties for `type: kafka` +kubebuilder:validation:XValidation:rule="has(self.url) || self.brokers.size() > 0", message="URL or brokers required"
func (*Kafka) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Kafka.
func (*Kafka) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type KafkaAuthentication ¶
type KafkaAuthentication struct {
// SASL contains options configuring SASL authentication.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="SASL Options"
SASL *SASLAuthentication `json:"sasl,omitempty"`
}
KafkaAuthentication contains configuration for authenticating requests to a Kafka output.
func (*KafkaAuthentication) DeepCopy ¶
func (in *KafkaAuthentication) DeepCopy() *KafkaAuthentication
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KafkaAuthentication.
func (*KafkaAuthentication) DeepCopyInto ¶
func (in *KafkaAuthentication) DeepCopyInto(out *KafkaAuthentication)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type KafkaTuningSpec ¶
type KafkaTuningSpec struct {
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Delivery Mode"
DeliveryMode DeliveryMode `json:"deliveryMode,omitempty"`
// MaxWrite limits the maximum payload in terms of bytes of a single "send" to the output.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Batch Size"
MaxWrite *resource.Quantity `json:"maxWrite,omitempty"`
// Compression causes data to be compressed before sending over the network.
//
// +kubebuilder:validation:Enum:=none;snappy;zstd;lz4
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Compression"
Compression string `json:"compression,omitempty"`
}
func (*KafkaTuningSpec) DeepCopy ¶
func (in *KafkaTuningSpec) DeepCopy() *KafkaTuningSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KafkaTuningSpec.
func (*KafkaTuningSpec) DeepCopyInto ¶
func (in *KafkaTuningSpec) DeepCopyInto(out *KafkaTuningSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type KubeAPIAudit ¶
type KubeAPIAudit struct {
// Rules specify the audit Level a request should be recorded at.
// A request may match multiple rules, in which case the FIRST matching rule is used.
// PolicyRules are strictly ordered.
//
// If Rules is empty or missing default rules apply, see [KubeAPIAudit]
Rules []auditv1.PolicyRule `json:"rules,omitempty"`
// OmitStages is a list of stages for which no events are created.
// Note that this can also be specified per rule in which case the union of both are omitted.
//
// +kubebuilder:validation:Optional
OmitStages []auditv1.Stage `json:"omitStages,omitempty"`
// OmitResponseCodes is a list of HTTP status code for which no events are created.
// If this field is missing or null, the default value used is [404, 409, 422, 429]
// (NotFound, Conflict, UnprocessableEntity, TooManyRequests)
// If it is the empty list [], then no status codes are omitted.
// Otherwise, this field should be a list of integer status codes to omit.
//
// +kubebuilder:validation:Optional
OmitResponseCodes *[]int `json:"omitResponseCodes,omitempty"`
}
KubeAPIAudit filter Kube API server audit logs, as described in Kubernetes Auditing.
Policy Filtering ¶
Policy event rules are the same format as the Kube Audit Policy with some minor extensions. The extensions are described here, see the Kube Audit Policy for the standard rule behavior. Rules are checked in order, checking stops at the first matching rule.
An audit policy event contains meta-data describing who made the request. It can also include the full body of the API request, and the response that was sent. The `level` of an audit rule determines how much data is included in the event:
- None: the event is dropped.
- Metadata: Only the audit metadata is included, request and response bodies are removed.
- Request: Audit metadata and the request body are included, the response body is removed.
- RequestResponse: All data is included: metadata, request body and response body. Note the response body can be very large. For example the a command like `oc get -A pods` generates a response body containing the YAML description of every pod in the cluster.
Extensions ¶
The following features are extensions to the standard Kube Audit Policy
## Wildcards
Names of users, groups, namespaces, and resources can have a leading or trailing '*' character. For example namespace 'openshift-*' matches 'openshift-apiserver' or 'openshift-authentication. Resource '*/status' matches 'Pod/status' or 'Deployment/status'
## Default Rules
Events that do not match any rule in the policy are filtered as follows: - User events (ie. non-system and non-serviceaccount) are forwarded - Read-only system events (get/list/watch etc) are dropped - Service account write events that occur within the same namespace as the service account are dropped - All other events are forwarded, subject to any configured [rate limits][#rate-lmiting]
If you want to disable these defaults, end your rules list with rule that has only a `level` field. An empty rule matches any event, and prevents the defaults from taking effect.
## Omit Response Codes
You can drop events based on the HTTP status code in the response. See the OmitResponseCodes field.
func (*KubeAPIAudit) DeepCopy ¶
func (in *KubeAPIAudit) DeepCopy() *KubeAPIAudit
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeAPIAudit.
func (*KubeAPIAudit) DeepCopyInto ¶
func (in *KubeAPIAudit) DeepCopyInto(out *KubeAPIAudit)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type LimitSpec ¶
type LimitSpec struct {
// MaxRecordsPerSecond is the maximum number of log records
// allowed per input/output in a pipeline
//
// +kubebuilder:validation:Required
// +kubebuilder:validation:Minimum:=0
// +kubebuilder:validation:ExclusiveMinimum:=true
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Max Records Per Second",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:number"}
MaxRecordsPerSecond int64 `json:"maxRecordsPerSecond"`
}
func (*LimitSpec) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LimitSpec.
func (*LimitSpec) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Loki ¶
type Loki struct {
// Authentication sets credentials for authenticating the requests.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Authentication Options"
Authentication *HTTPAuthentication `json:"authentication,omitempty"`
// Tuning specs tuning for the output
//
// +nullable
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Tuning Options"
Tuning *LokiTuningSpec `json:"tuning,omitempty"`
URLSpec `json:",inline"`
// LabelKeys can be used to customize which log record keys are mapped to Loki stream labels.
//
// If LabelKeys is not set, the default keys are:
//
// - log_type
//
// - kubernetes.container_name
//
// - kubernetes.namespace_name
//
// - kubernetes.pod_name
//
// One additional label "kubernetes_host" is not part of the label keys configuration. It contains the hostname
// where the collector is running and is always present.
//
// Note: Loki label names must match the regular expression "[a-zA-Z_:][a-zA-Z0-9_:]*"
// Log record keys may contain characters like "." and "/" that are not allowed in Loki labels.
// Log record keys are translated to Loki labels by replacing any illegal characters with '_'.
//
// For example the default log record keys translate to these Loki labels:
//
// - log_type
//
// - kubernetes_container_name
//
// - kubernetes_namespace_name
//
// - kubernetes_pod_name
//
// Note: the set of labels should be small, Loki imposes limits on the size and number of labels allowed.
// See https://grafana.com/docs/loki/latest/configuration/#limits_config for more.
// Loki queries can also query based on any log record field (not just labels) using query filters.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Stream Label Configuration"
LabelKeys []string `json:"labelKeys,omitempty"`
// TenantKey is the tenant for the logs. This supports vector's template syntax to allow dynamic per-event values.
//
// The TenantKey can be a combination of static and dynamic values consisting of field paths followed by `||` followed by another field path or a static value.
//
// A dynamic value is encased in single curly brackets `{}` and MUST end with a static fallback value separated with `||`.
//
// Static values can only contain alphanumeric characters along with dashes, underscores, dots and forward slashes.
//
// Example:
//
// 1. foo-{.bar||"none"}
//
// 2. {.foo||.bar||"missing"}
//
// 3. foo.{.bar.baz||.qux.quux.corge||.grault||"nil"}-waldo.fred{.plugh||"none"}
//
// +kubebuilder:validation:Optional
// +kubebuilder:validation:Pattern:=`^(([a-zA-Z0-9-_.\/])*(\{(\.[a-zA-Z0-9_]+|\."[^"]+")+((\|\|)(\.[a-zA-Z0-9_]+|\.?"[^"]+")+)*\|\|"[^"]*"\})*)*$`
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Tenant Key",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
TenantKey string `json:"tenantKey,omitempty"`
}
Loki provides optional extra properties for `type: loki`
func (*Loki) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Loki.
func (*Loki) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type LokiStack ¶
type LokiStack struct {
// Authentication sets credentials for authenticating the requests.
//
// +kubebuilder:validation:Required
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Authentication Options"
Authentication *LokiStackAuthentication `json:"authentication"`
// Target points to the LokiStack resources that should be used as a target for the output.
//
// +kubebuilder:validation:Required
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Target LokiStack Reference"
Target LokiStackTarget `json:"target"`
// Tuning specs tuning for the output
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Tuning Options"
Tuning *LokiTuningSpec `json:"tuning,omitempty"`
// LabelKeys can be used to customize which log record keys are mapped to Loki stream labels.
//
// Note: Loki label names must match the regular expression "[a-zA-Z_:][a-zA-Z0-9_:]*"
// Log record keys may contain characters like "." and "/" that are not allowed in Loki labels.
// Log record keys are translated to Loki labels by replacing any illegal characters with '_'.
//
// For example the default log record keys translate to these Loki labels:
//
// - log_type
//
// - kubernetes_container_name
//
// - kubernetes_namespace_name
//
// - kubernetes_pod_name
//
// Note: the set of labels should be small, Loki imposes limits on the size and number of labels allowed.
// See https://grafana.com/docs/loki/latest/configuration/#limits_config for more.
// Loki queries can also query based on any log record field (not just labels) using query filters.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Stream Label Configuration"
LabelKeys *LokiStackLabelKeys `json:"labelKeys,omitempty"`
// DataModel can be used to customize how log data is stored in LokiStack.
//
// There are two different models to choose from:
//
// - Viaq
// - Otel
//
// When the data model is not set, it currently defaults to the "Viaq" data model.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Data Model"
DataModel LokiStackDataModel `json:"dataModel,omitempty"`
}
LokiStack provides optional extra properties for `type: lokistack` +kubebuilder:validation:XValidation:rule="!has(self.labelKeys) || !has(self.dataModel) || self.dataModel == 'Viaq'", message="'labelKeys' cannot be set when data model is 'Otel'" +kubebuilder:validation:XValidation:rule="!has(self.tuning) || self.tuning.compression != 'snappy' || !has(self.dataModel) || self.dataModel == 'Viaq'", message="'snappy' compression cannot be used when data model is 'Otel'"
func (*LokiStack) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LokiStack.
func (*LokiStack) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type LokiStackAuthentication ¶
type LokiStackAuthentication struct {
// Token specifies a bearer token to be used for authenticating requests.
//
// +nullable
// +kubebuilder:validation:Required
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Bearer Token"
Token *BearerToken `json:"token"`
}
LokiStackAuthentication is the authentication for LokiStack
func (*LokiStackAuthentication) DeepCopy ¶
func (in *LokiStackAuthentication) DeepCopy() *LokiStackAuthentication
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LokiStackAuthentication.
func (*LokiStackAuthentication) DeepCopyInto ¶
func (in *LokiStackAuthentication) DeepCopyInto(out *LokiStackAuthentication)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type LokiStackDataModel ¶
type LokiStackDataModel string
LokiStackDataModel selects which data model is used to send and store the log data.
+kubebuilder:validation:Enum:=Viaq;Otel
const ( // LokiStackDataModelViaq selects the ViaQ data model for the LokiStack output. LokiStackDataModelViaq LokiStackDataModel = "Viaq" // LokiStackDataModelOpenTelemetry selects a data model based on the OpenTelemetry semantic conventions // and uses OTLP as transport. LokiStackDataModelOpenTelemetry LokiStackDataModel = "Otel" )
type LokiStackLabelKeys ¶
type LokiStackLabelKeys struct {
// Global contains a list of record keys which are used for all tenants.
//
// If LabelKeys is not set, the default keys are:
//
// - log_type
//
// - kubernetes.container_name
//
// - kubernetes.namespace_name
//
// - kubernetes.pod_name
//
// One additional label "kubernetes_host" is not part of the label keys configuration. It contains the hostname
// where the collector is running and is always present.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Global Configuration"
Global []string `json:"global,omitempty"`
// Application contains the label keys configuration for the "application" tenant.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Application Tenant Configuration"
Application *LokiStackTenantLabelKeys `json:"application,omitempty"`
// Infrastructure contains the label keys configuration for the "infrastructure" tenant.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Infrastructure Tenant Configuration"
Infrastructure *LokiStackTenantLabelKeys `json:"infrastructure,omitempty"`
// Audit contains the label keys configuration for the "audit" tenant.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Audit Tenant Configuration"
Audit *LokiStackTenantLabelKeys `json:"audit,omitempty"`
}
LokiStackLabelKeys contains the configuration that maps log record's keys to Loki labels used to identify streams.
func (*LokiStackLabelKeys) DeepCopy ¶
func (in *LokiStackLabelKeys) DeepCopy() *LokiStackLabelKeys
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LokiStackLabelKeys.
func (*LokiStackLabelKeys) DeepCopyInto ¶
func (in *LokiStackLabelKeys) DeepCopyInto(out *LokiStackLabelKeys)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type LokiStackTarget ¶
type LokiStackTarget struct {
// Namespace of the in-cluster LokiStack resource.
//
// If unset, this defaults to "openshift-logging".
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="LokiStack Namespace",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
Namespace string `json:"namespace,omitempty"`
// Name of the in-cluster LokiStack resource.
//
// +kubebuilder:validation:Required
// +kubebuilder:validation:Pattern:="^[a-z][a-z0-9-]{2,62}[a-z0-9]$"
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="LokiStack Name",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
Name string `json:"name"`
}
LokiStackTarget contains information about how to reach the LokiStack used as an output.
func (*LokiStackTarget) DeepCopy ¶
func (in *LokiStackTarget) DeepCopy() *LokiStackTarget
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LokiStackTarget.
func (*LokiStackTarget) DeepCopyInto ¶
func (in *LokiStackTarget) DeepCopyInto(out *LokiStackTarget)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type LokiStackTenantLabelKeys ¶
type LokiStackTenantLabelKeys struct {
// If IgnoreGlobal is true, then the tenant will not use the labels configured in the Global section of the label
// keys configuration.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Ignore Global Settings",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:booleanSwitch"}
IgnoreGlobal bool `json:"ignoreGlobal,omitempty"`
// LabelKeys contains a list of log record keys that are mapped to Loki stream labels.
//
// By default, this list is combined with the labels specified in the Global configuration.
// This behavior can be changed by setting IgnoreGlobal to true.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Label Keys"
LabelKeys []string `json:"labelKeys,omitempty"`
}
LokiStackTenantLabelKeys contains options for customizing the mapping of log record keys to Loki stream labels for a single tenant.
func (*LokiStackTenantLabelKeys) DeepCopy ¶
func (in *LokiStackTenantLabelKeys) DeepCopy() *LokiStackTenantLabelKeys
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LokiStackTenantLabelKeys.
func (*LokiStackTenantLabelKeys) DeepCopyInto ¶
func (in *LokiStackTenantLabelKeys) DeepCopyInto(out *LokiStackTenantLabelKeys)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type LokiTuningSpec ¶
type LokiTuningSpec struct {
BaseOutputTuningSpec `json:",inline"`
// Compression causes data to be compressed before sending over the network.
//
// +kubebuilder:validation:Enum:=none;gzip;snappy
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Compression"
Compression string `json:"compression,omitempty"`
}
func (*LokiTuningSpec) DeepCopy ¶
func (in *LokiTuningSpec) DeepCopy() *LokiTuningSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LokiTuningSpec.
func (*LokiTuningSpec) DeepCopyInto ¶
func (in *LokiTuningSpec) DeepCopyInto(out *LokiTuningSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ManagementState ¶
type ManagementState string
ManagementState controls whether the operator's reconciliation is active for the given resource.
+kubebuilder:validation:Enum:=Managed;Unmanaged
const ( // ManagementStateManaged means that the operator is actively managing its operands and resources and driving them to meet the desired spec. ManagementStateManaged ManagementState = "Managed" // ManagementStateUnmanaged means that the operator will not take any action related to the component ManagementStateUnmanaged ManagementState = "Unmanaged" )
type NamespaceContainerSpec ¶
type NamespaceContainerSpec struct {
// Namespace specs the namespace from which to collect logs
// Supports glob patterns and presumes "*" if omitted.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Namespace Glob",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
Namespace string `json:"namespace,omitempty"`
// Container spec the containers from which to collect logs
// Supports glob patterns and presumes "*" if omitted.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Container Glob",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
Container string `json:"container,omitempty"`
}
func (*NamespaceContainerSpec) DeepCopy ¶
func (in *NamespaceContainerSpec) DeepCopy() *NamespaceContainerSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NamespaceContainerSpec.
func (*NamespaceContainerSpec) DeepCopyInto ¶
func (in *NamespaceContainerSpec) DeepCopyInto(out *NamespaceContainerSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type OTLP ¶
type OTLP struct {
// URL to send log records to.
//
// An absolute URL, with a valid http scheme. Must terminate with `/v1/logs`
//
// Basic TLS is enabled if the URL scheme requires it (for example 'https').
// The 'username@password' part of `url` is ignored.
//
// +kubebuilder:validation:Pattern:=`^(https?):\/\/\S+\/v1\/logs$`
// +kubebuilder:validation:XValidation:rule="isURL(self)", message="invalid URL"
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Destination URL",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
URL string `json:"url"`
// Authentication sets credentials for authenticating the requests.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Authentication Options"
Authentication *HTTPAuthentication `json:"authentication,omitempty"`
// Tuning specs tuning for the output
//
// +nullable
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Tuning Options"
Tuning *OTLPTuningSpec `json:"tuning,omitempty"`
}
OTLP defines configuration for sending logs via OTLP using OTEL semantic conventions https://opentelemetry.io/docs/specs/otlp/#otlphttp
func (*OTLP) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OTLP.
func (*OTLP) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type OTLPTuningSpec ¶
type OTLPTuningSpec struct {
BaseOutputTuningSpec `json:",inline"`
// Compression causes data to be compressed before sending over the network.
// It is an error if the compression type is not supported by the output.
//
// +kubebuilder:validation:Enum:=gzip;none
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Compression",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
Compression string `json:"compression,omitempty"`
}
func (*OTLPTuningSpec) DeepCopy ¶
func (in *OTLPTuningSpec) DeepCopy() *OTLPTuningSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OTLPTuningSpec.
func (*OTLPTuningSpec) DeepCopyInto ¶
func (in *OTLPTuningSpec) DeepCopyInto(out *OTLPTuningSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type OutputSpec ¶
type OutputSpec struct {
// Name used to refer to the output from a `pipeline`.
//
// +kubebuilder:validation:Pattern:="^[a-z][a-z0-9-]*[a-z0-9]$"
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Output Name"
Name string `json:"name"`
// Type of output sink.
//
// +kubebuilder:validation:Required
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Output Type"
Type OutputType `json:"type"`
// TLS contains settings for controlling options on TLS client connections.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="TLS Options"
TLS *OutputTLSSpec `json:"tls,omitempty"`
// Limit imposes a limit in records-per-second on the total aggregate rate of logs forwarded
// to this output from any given collector container. The total log flow from an individual collector
// container to this output cannot exceed the limit. Generally, one collector is deployed per cluster node
// Logs may be dropped to enforce the limit. Missing or 0 means no rate limit.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Rate Limiting"
Limit *LimitSpec `json:"rateLimit,omitempty"`
// AzureMonitor configures forwarding log events to the Azure Monitor Logs service
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Azure Monitor"
AzureMonitor *AzureMonitor `json:"azureMonitor,omitempty"`
// Cloudwatch configures forwarding log events to AWS Cloudwatch logs
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Amazon CloudWatch"
Cloudwatch *Cloudwatch `json:"cloudwatch,omitempty"`
// Elasticsearch configures forwarding log events to an Elasticsearch cluster
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="ElasticSearch"
Elasticsearch *Elasticsearch `json:"elasticsearch,omitempty"`
// GoogleCloudLogging configures forwarding log events to GCP (formally Stackdriver) Operations
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Google Cloud Logging"
GoogleCloudLogging *GoogleCloudLogging `json:"googleCloudLogging,omitempty"`
// HTTP configures forwarding log events to an HTTP server
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="HTTP Output"
HTTP *HTTP `json:"http,omitempty"`
// Kafka configures forwarding log events to Apache Kafka topics
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Apache Kafka"
Kafka *Kafka `json:"kafka,omitempty"`
// Loki configures forwarding log events to a Loki aggregation system
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Grafana Loki"
Loki *Loki `json:"loki,omitempty"`
// LokiStack configures forwarding log events to a Red Hat managed Loki deployment
// using the Red Hat tenancy model
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="LokiStack"
LokiStack *LokiStack `json:"lokiStack,omitempty"`
// Splunk configures forwarding log events to Splunk's HTTP event collector
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Splunk"
Splunk *Splunk `json:"splunk,omitempty"`
// Syslog configures forwarding log events to a receiver using the syslog protocol
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Syslog Output"
Syslog *Syslog `json:"syslog,omitempty"`
// OTLP configures forwarding log events to a receiver using the OpenTelemetry Protocol
// with Red Openshift logging semantic conventions (ref: https://github.com/rhobs/observability-data-model/blob/main/cluster-logging.md)
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="OpenTelemetry Output"
OTLP *OTLP `json:"otlp,omitempty"`
}
OutputSpec defines a destination for log messages.
+kubebuilder:validation:XValidation:rule="self.type != 'azureMonitor' || has(self.azureMonitor)", message="Additional type specific spec is required for the output type" +kubebuilder:validation:XValidation:rule="self.type != 'cloudwatch' || has(self.cloudwatch)", message="Additional type specific spec is required for the output type" +kubebuilder:validation:XValidation:rule="self.type != 'elasticsearch' || has(self.elasticsearch)", message="Additional type specific spec is required for the output type" +kubebuilder:validation:XValidation:rule="self.type != 'googleCloudLogging' || has(self.googleCloudLogging)", message="Additional type specific spec is required for the output type" +kubebuilder:validation:XValidation:rule="self.type != 'http' || has(self.http)", message="Additional type specific spec is required for the output type" +kubebuilder:validation:XValidation:rule="self.type != 'kafka' || has(self.kafka)", message="Additional type specific spec is required for the output type" +kubebuilder:validation:XValidation:rule="self.type != 'loki' || has(self.loki)", message="Additional type specific spec is required for the output type" +kubebuilder:validation:XValidation:rule="self.type != 'lokiStack' || has(self.lokiStack)", message="Additional type specific spec is required for the output type" +kubebuilder:validation:XValidation:rule="self.type != 'splunk' || has(self.splunk)", message="Additional type specific spec is required the for output type" +kubebuilder:validation:XValidation:rule="self.type != 'syslog' || has(self.syslog)", message="Additional type specific spec is required the for output type" +kubebuilder:validation:XValidation:rule="self.type != 'otlp' || has(self.otlp)", message="Additional type specific spec is required the for output type"
func (*OutputSpec) DeepCopy ¶
func (in *OutputSpec) DeepCopy() *OutputSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OutputSpec.
func (*OutputSpec) DeepCopyInto ¶
func (in *OutputSpec) DeepCopyInto(out *OutputSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type OutputTLSSpec ¶
type OutputTLSSpec struct {
TLSSpec `json:",inline"`
// If InsecureSkipVerify is true, then the TLS client will be configured to skip validating server certificates.
//
// This option is *not* recommended for production configurations.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Skip Certificate Validation",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:booleanSwitch"}
InsecureSkipVerify bool `json:"insecureSkipVerify,omitempty"`
// TLSSecurityProfile is the security profile to apply to the output connection.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="TLS Security Profile"
TLSSecurityProfile *openshiftv1.TLSSecurityProfile `json:"securityProfile,omitempty"`
}
OutputTLSSpec contains options for TLS connections that are agnostic to the output type.
func (*OutputTLSSpec) DeepCopy ¶
func (in *OutputTLSSpec) DeepCopy() *OutputTLSSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OutputTLSSpec.
func (*OutputTLSSpec) DeepCopyInto ¶
func (in *OutputTLSSpec) DeepCopyInto(out *OutputTLSSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type OutputType ¶
type OutputType string
OutputType is used to define the type of output to be created.
+kubebuilder:validation:Enum:=azureMonitor;cloudwatch;elasticsearch;http;kafka;loki;lokiStack;googleCloudLogging;splunk;syslog;otlp
const ( OutputTypeAzureMonitor OutputType = "azureMonitor" OutputTypeCloudwatch OutputType = "cloudwatch" OutputTypeElasticsearch OutputType = "elasticsearch" OutputTypeGoogleCloudLogging OutputType = "googleCloudLogging" OutputTypeHTTP OutputType = "http" OutputTypeKafka OutputType = "kafka" OutputTypeLoki OutputType = "loki" OutputTypeLokiStack OutputType = "lokiStack" OutputTypeOTLP OutputType = "otlp" OutputTypeSplunk OutputType = "splunk" OutputTypeSyslog OutputType = "syslog" )
Output type constants, must match JSON tags of OutputTypeSpec fields.
type PipelineSpec ¶
type PipelineSpec struct {
// Name of the pipeline
//
// +kubebuilder:validation:Pattern:="^[a-z][a-z0-9-]*[a-z0-9]$"
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Name",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
Name string `json:"name"`
// InputRefs lists the names (`input.name`) of inputs to this pipeline.
//
// The following built-in input names are always available:
//
// - `application` selects all logs from application pods.
//
// - `infrastructure` selects logs from openshift and kubernetes pods and some node logs.
//
// - `audit` selects node logs related to security audits.
//
// +kubebuilder:validation:Required
// +kubebuilder:validation:MinItems:=1
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Inputs"
InputRefs []string `json:"inputRefs"`
// OutputRefs lists the names (`output.name`) of outputs from this pipeline.
//
// +kubebuilder:validation:Required
// +kubebuilder:validation:MinItems:=1
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Outputs"
OutputRefs []string `json:"outputRefs"`
// Filters lists the names of filters to be applied to records going through this pipeline.
//
// Each filter is applied in order.
// If a filter drops a records, subsequent filters are not applied.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Filters"
FilterRefs []string `json:"filterRefs,omitempty"`
}
PipelineSpec links a set of inputs and transformations to a set of outputs.
func (*PipelineSpec) DeepCopy ¶
func (in *PipelineSpec) DeepCopy() *PipelineSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PipelineSpec.
func (*PipelineSpec) DeepCopyInto ¶
func (in *PipelineSpec) DeepCopyInto(out *PipelineSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type PruneFilterSpec ¶
type PruneFilterSpec struct {
// `In` is an array of dot-delimited field paths. Fields included here are removed from the log record.
//
// Each field path expression must start with a "."
//
// The path can contain alphanumeric characters and underscores (a-zA-Z0-9_).
//
// If segments contain characters outside of this range, the segment must be quoted otherwise paths do NOT need to be quoted.
//
// Examples:
//
// - `.kubernetes.namespace_name`
//
// - `.log_type`
//
// - '.kubernetes.labels.foobar'
//
// - `.kubernetes.labels."foo-bar/baz"`
//
// NOTE1: `In` CANNOT contain `.log_type` or `.message` as those fields are required and cannot be pruned.
//
// NOTE2: If this filter is used in a pipeline with GoogleCloudLogging, `.hostname` CANNOT be added to this list as it is a required field.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Fields to be dropped"
In []FieldPath `json:"in,omitempty"`
// `NotIn` is an array of dot-delimited field paths. All fields besides the ones listed here are removed from the log record.
//
// Each field path expression must start with a "."
//
// The path can contain alphanumeric characters and underscores (a-zA-Z0-9_).
//
// If segments contain characters outside of this range, the segment must be quoted otherwise paths do NOT need to be quoted.
//
// Examples:
//
// - `.kubernetes.namespace_name`
//
// - `.log_type`
//
// - '.kubernetes.labels.foobar'
//
// - `.kubernetes.labels."foo-bar/baz"`
//
// NOTE1: `NotIn` MUST contain `.log_type` and `.message` as those fields are required and cannot be pruned.
//
// NOTE2: If this filter is used in a pipeline with GoogleCloudLogging, `.hostname` MUST be added to this list as it is a required field.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Fields to be kept"
NotIn []FieldPath `json:"notIn,omitempty"`
}
func (*PruneFilterSpec) DeepCopy ¶
func (in *PruneFilterSpec) DeepCopy() *PruneFilterSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PruneFilterSpec.
func (*PruneFilterSpec) DeepCopyInto ¶
func (in *PruneFilterSpec) DeepCopyInto(out *PruneFilterSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ReceiverSpec ¶
type ReceiverSpec struct {
// Type of Receiver plugin.
//
// +kubebuilder:validation:Required
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Receiver Type"
Type ReceiverType `json:"type"`
// TLS contains settings for controlling options of TLS connections.
//
// The operator will request certificates from the cluster's cert signing service when TLS is not defined.
// The certificates are injected into a secret named "<clusterlogforwarder.name>-<input.name>" which is mounted into
// the collector. The collector is configured to use the public and private key provided by the service
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="TLS Options"
TLS *InputTLSSpec `json:"tls,omitempty"`
// Port the Receiver listens on. It must be a value between 1024 and 65535
//
// +kubebuilder:validation:Minimum:=1024
// +kubebuilder:validation:Maximum:=65535
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Listen Port",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:number"}
Port int32 `json:"port"`
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="HTTP Receiver Configuration"
HTTP *HTTPReceiver `json:"http,omitempty"`
}
ReceiverSpec is a union of input Receiver types.
func (*ReceiverSpec) DeepCopy ¶
func (in *ReceiverSpec) DeepCopy() *ReceiverSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReceiverSpec.
func (*ReceiverSpec) DeepCopyInto ¶
func (in *ReceiverSpec) DeepCopyInto(out *ReceiverSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ReceiverType ¶
type ReceiverType string
ReceiverType specifies the type of receiver that should be created.
+kubebuilder:validation:Enum:=http;syslog
const ( ReceiverTypeHTTP ReceiverType = "http" ReceiverTypeSyslog ReceiverType = "syslog" )
type SASLAuthentication ¶
type SASLAuthentication struct {
// Username points to the secret to be used as SASL username.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Secret with Username"
Username *SecretReference `json:"username,omitempty"`
// Username points to the secret to be used as SASL password.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Secret with Password"
Password *SecretReference `json:"password,omitempty"`
// Mechanism sets the SASL mechanism to use.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="SASL Mechanism",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
Mechanism string `json:"mechanism,omitempty"`
}
func (*SASLAuthentication) DeepCopy ¶
func (in *SASLAuthentication) DeepCopy() *SASLAuthentication
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SASLAuthentication.
func (*SASLAuthentication) DeepCopyInto ¶
func (in *SASLAuthentication) DeepCopyInto(out *SASLAuthentication)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type SecretReference ¶
type SecretReference struct {
// Key contains the name of the key inside the referenced Secret.
//
// +kubebuilder:validation:Required
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Key Name",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
Key string `json:"key"`
// SecretName contains the name of the Secret containing the referenced value.
//
// +kubebuilder:validation:Required
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Secret Name",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
SecretName string `json:"secretName"`
}
SecretReference encodes a reference to a single key in a Secret in the same namespace.
func (*SecretReference) DeepCopy ¶
func (in *SecretReference) DeepCopy() *SecretReference
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretReference.
func (*SecretReference) DeepCopyInto ¶
func (in *SecretReference) DeepCopyInto(out *SecretReference)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ServiceAccount ¶
type ServiceAccount struct {
// Name of the ServiceAccount to use to deploy the Forwarder. The ServiceAccount is created by the administrator
//
// +kubebuilder:validation:Pattern:="^[a-z][a-z0-9-]{2,62}[a-z0-9]$"
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="ServiceAccount Name",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
Name string `json:"name"`
}
func (*ServiceAccount) DeepCopy ¶
func (in *ServiceAccount) DeepCopy() *ServiceAccount
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceAccount.
func (*ServiceAccount) DeepCopyInto ¶
func (in *ServiceAccount) DeepCopyInto(out *ServiceAccount)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Splunk ¶
type Splunk struct {
// Authentication sets credentials for authenticating the requests.
//
// +kubebuilder:validation:Required
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Authentication Options"
Authentication *SplunkAuthentication `json:"authentication"`
// Tuning specs tuning for the output
//
// +nullable
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Tuning Options"
Tuning *SplunkTuningSpec `json:"tuning,omitempty"`
URLSpec `json:",inline"`
// Index is the index for the logs. This supports template syntax to allow dynamic per-event values.
//
// The Index can be a combination of static and dynamic values consisting of field paths followed by `||` followed by another field path or a static value.
//
// A dynamic value is encased in single curly brackets `{}` and MUST end with a static fallback value separated with `||`.
//
// Static values can only contain alphanumeric characters along with dashes, underscores, dots and forward slashes.
//
// Example:
//
// 1. foo-{.bar||"none"}
//
// 2. {.foo||.bar||"missing"}
//
// 3. foo.{.bar.baz||.qux.quux.corge||.grault||"nil"}-waldo.fred{.plugh||"none"}
//
// +kubebuilder:validation:Optional
// +kubebuilder:validation:Pattern:=`^(([a-zA-Z0-9-_.\/])*(\{(\.[a-zA-Z0-9_]+|\."[^"]+")+((\|\|)(\.[a-zA-Z0-9_]+|\.?"[^"]+")+)*\|\|"[^"]*"\})*)*$`
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Index",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
Index string `json:"index,omitempty"`
}
Splunk Deliver log data to Splunk’s HTTP Event Collector Provides optional extra properties for `type: splunk_hec` ('splunk_hec_logs' after Vector 0.23
func (*Splunk) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Splunk.
func (*Splunk) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type SplunkAuthentication ¶
type SplunkAuthentication struct {
// Token points to the secret containing the Splunk HEC token used for authenticating requests.
//
// +kubebuilder:validation:Required
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Splunk HEC Token"
Token *SecretReference `json:"token"`
}
SplunkAuthentication contains configuration for authenticating requests to a Splunk output.
func (*SplunkAuthentication) DeepCopy ¶
func (in *SplunkAuthentication) DeepCopy() *SplunkAuthentication
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SplunkAuthentication.
func (*SplunkAuthentication) DeepCopyInto ¶
func (in *SplunkAuthentication) DeepCopyInto(out *SplunkAuthentication)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type SplunkTuningSpec ¶
type SplunkTuningSpec struct {
BaseOutputTuningSpec `json:",inline"`
// Compression causes data to be compressed before sending over the network.
//
// +kubebuilder:validation:Enum:=none;gzip
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Compression"
Compression string `json:"compression,omitempty"`
}
func (*SplunkTuningSpec) DeepCopy ¶
func (in *SplunkTuningSpec) DeepCopy() *SplunkTuningSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SplunkTuningSpec.
func (*SplunkTuningSpec) DeepCopyInto ¶
func (in *SplunkTuningSpec) DeepCopyInto(out *SplunkTuningSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Syslog ¶
type Syslog struct {
// An absolute URL, with a scheme. Valid schemes are: `tcp`, `tls`, `udp` and `udps`
// For example, to send syslog records using secure UDP:
// url: udps://syslog.example.com:1234
//
// +kubebuilder:validation:Required
// +kubebuilder:validation:XValidation:rule="isURL(self)", message="invalid URL"
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Destination URL",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
URL string `json:"url"`
// +kubebuilder:validation:Required
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Syslog RFC"
RFC SyslogRFCType `json:"rfc"`
// Severity to set on outgoing syslog records.
//
// Severity values are defined in https://tools.ietf.org/html/rfc5424#section-6.2.1
//
// The value can be a decimal integer or one of these case-insensitive keywords:
//
// Emergency Alert Critical Error Warning Notice Informational Debug
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Severity",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
Severity string `json:"severity,omitempty"`
// Facility to set on outgoing syslog records.
//
// Facility values are defined in https://tools.ietf.org/html/rfc5424#section-6.2.1.
//
// The value can be a decimal integer. Facility keywords are not standardized,
// this API recognizes at least the following case-insensitive keywords
// (defined by https://en.wikipedia.org/wiki/Syslog#Facility_Levels):
//
// kernel user mail daemon auth syslog lpr news
// uucp cron authpriv ftp ntp security console solaris-cron
// local0 local1 local2 local3 local4 local5 local6 local7
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Facility",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
Facility string `json:"facility,omitempty"`
// PayloadKey specifies record field to use as payload. This supports template syntax to allow dynamic per-event values.
//
// The PayloadKey must be a single field path encased in single curly brackets `{}`.
//
// Field paths must only contain alphanumeric and underscores. Any field with other characters must be quoted.
//
// If left empty, Syslog will use the whole message as the payload key
//
// Example:
//
// 1. {.bar}
//
// 2. {.foo.bar.baz}
//
// 3. {.foo.bar."baz/with/slashes"}
//
// +kubebuilder:validation:Optional
// +kubebuilder:validation:Pattern:=`^\{(\.[a-zA-Z0-9_]+|\."[^"]+")(\.[a-zA-Z0-9_]+|\."[^"]+")*\}$`
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Payload Key",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
PayloadKey string `json:"payloadKey,omitempty"`
// AppName is APP-NAME part of the syslog-msg header.
//
// AppName needs to be specified if using rfc5424. The maximum length of the final values is truncated to 48
// This supports template syntax to allow dynamic per-event values.
//
// The AppName can be a combination of static and dynamic values consisting of field paths followed by `||` followed by another field path or a static value.
//
// A dynamic value is encased in single curly brackets `{}` and MUST end with a static fallback value separated with `||`.
//
// Static values can only contain alphanumeric characters along with dashes, underscores, dots and forward slashes.
//
// Example:
//
// 1. foo-{.bar||"none"}
//
// 2. {.foo||.bar||"missing"}
//
// 3. foo.{.bar.baz||.qux.quux.corge||.grault||"nil"}-waldo.fred{.plugh||"none"}
//
// +kubebuilder:validation:Optional
// +kubebuilder:validation:Pattern:=`^(([a-zA-Z0-9-_.\/])*(\{(\.[a-zA-Z0-9_]+|\."[^"]+")+((\|\|)(\.[a-zA-Z0-9_]+|\.?"[^"]+")+)*\|\|"[^"]*"\})*)*$`
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="App Name",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
// TODO: DETERMIN HOW to default the app name that isnt based on fluentd assumptions of "tag" when this is empty
AppName string `json:"appName,omitempty"`
// ProcId is PROCID part of the syslog-msg header. This supports template syntax to allow dynamic per-event values.
//
// The ProcId can be a combination of static and dynamic values consisting of field paths followed by `||` followed by another field path or a static value.
//
// A dynamic value is encased in single curly brackets `{}` and MUST end with a static fallback value separated with `||`.
//
// Static values can only contain alphanumeric characters along with dashes, underscores, dots and forward slashes.
//
// Example:
//
// 1. foo-{.bar||"none"}
//
// 2. {.foo||.bar||"missing"}
//
// 3. foo.{.bar.baz||.qux.quux.corge||.grault||"nil"}-waldo.fred{.plugh||"none"}
//
// ProcId needs to be specified if using rfc5424. The maximum length of the final values is truncated to 128
//
// +kubebuilder:validation:Optional
// +kubebuilder:validation:Pattern:=`^(([a-zA-Z0-9-_.\/])*(\{(\.[a-zA-Z0-9_]+|\."[^"]+")+((\|\|)(\.[a-zA-Z0-9_]+|\.?"[^"]+")+)*\|\|"[^"]*"\})*)*$`
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="PROCID",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
ProcId string `json:"procId,omitempty"`
// MsgId is MSGID part of the syslog-msg header. This supports template syntax to allow dynamic per-event values.
//
// The MsgId can be a combination of static and dynamic values consisting of field paths followed by `||` followed by another field path or a static value.
//
// A dynamic value is encased in single curly brackets `{}` and MUST end with a static fallback value separated with `||`.
//
// Static values can only contain alphanumeric characters along with dashes, underscores, dots and forward slashes.
//
// Example:
//
// 1. foo-{.bar||"none"}
//
// 2. {.foo||.bar||"missing"}
//
// 3. foo.{.bar.baz||.qux.quux.corge||.grault||"nil"}-waldo.fred{.plugh||"none"}
//
// MsgId needs to be specified if using rfc5424. The maximum length of the final values is truncated to 32
//
// +kubebuilder:validation:Optional
// +kubebuilder:validation:Pattern:=`^(([a-zA-Z0-9-_.\/])*(\{(\.[a-zA-Z0-9_]+|\."[^"]+")+((\|\|)(\.[a-zA-Z0-9_]+|\.?"[^"]+")+)*\|\|"[^"]*"\})*)*$`
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="MSGID",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
MsgId string `json:"msgId,omitempty"`
// Enrichment is an additional modification the log message before forwarding it to the receiver
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Enrichment Type",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
Enrichment EnrichmentType `json:"enrichment,omitempty"`
// Tuning specs tuning for the output
//
// +nullable
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Tuning Options"
Tuning *SyslogTuningSpec `json:"tuning,omitempty"`
}
Syslog provides optional extra properties for output type `syslog`
func (*Syslog) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Syslog.
func (*Syslog) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type SyslogRFCType ¶
type SyslogRFCType string
SyslogRFCType sets which RFC the generated messages conform to.
+kubebuilder:validation:Enum:=RFC3164;RFC5424
const ( SyslogRFC3164 SyslogRFCType = "RFC3164" SyslogRFC5424 SyslogRFCType = "RFC5424" )
type SyslogTuningSpec ¶
type SyslogTuningSpec struct {
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Delivery Mode"
DeliveryMode DeliveryMode `json:"deliveryMode,omitempty"`
}
func (*SyslogTuningSpec) DeepCopy ¶
func (in *SyslogTuningSpec) DeepCopy() *SyslogTuningSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SyslogTuningSpec.
func (*SyslogTuningSpec) DeepCopyInto ¶
func (in *SyslogTuningSpec) DeepCopyInto(out *SyslogTuningSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type TLSSpec ¶
type TLSSpec struct {
// CA can be used to specify a custom list of trusted certificate authorities.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Certificate Authority Bundle"
CA *ValueReference `json:"ca,omitempty"`
// Certificate points to the server certificate to use.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Certificate"
Certificate *ValueReference `json:"certificate,omitempty"`
// Key points to the private key of the server certificate.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Certificate Key"
Key *SecretReference `json:"key,omitempty"`
// KeyPassphrase points to the passphrase used to unlock the private key.
//
// +kubebuilder:validation:Optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Certificate Key Passphrase"
KeyPassphrase *SecretReference `json:"keyPassphrase,omitempty"`
}
TLSSpec contains options for TLS connections.
func (*TLSSpec) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLSSpec.
func (*TLSSpec) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type URL ¶
type URL string
+kubebuilder:validation:XValidation:rule="isURL(self)", message="invalid URL"
type URLSpec ¶
type URLSpec struct {
// URL to send log records to.
// Basic TLS is enabled if the URL scheme requires it (for example 'https' or 'tls').
// The 'username@password' part of `url` is ignored.
//
// +kubebuilder:validation:Required
// +kubebuilder:validation:XValidation:rule="isURL(self)", message="invalid URL"
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Destination URL",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
URL string `json:"url"`
}
func (*URLSpec) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new URLSpec.
func (*URLSpec) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ValueReference ¶
type ValueReference struct {
// Name of the key used to get the value in either the referenced ConfigMap or Secret.
//
// +kubebuilder:validation:Required
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Key Name",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
Key string `json:"key"`
// ConfigMapName contains the name of the ConfigMap containing the referenced value.
//
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="ConfigMap Name",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
ConfigMapName string `json:"configMapName,omitempty"`
// SecretName contains the name of the Secret containing the referenced value.
//
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Secret Name",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
SecretName string `json:"secretName,omitempty"`
}
ValueReference encodes a reference to a single field in either a ConfigMap or Secret in the same namespace.
+kubebuilder:validation:XValidation:rule="has(self.configMapName) || has(self.secretName)", message="Either configMapName or secretName needs to be set" +kubebuilder:validation:XValidation:rule="!(has(self.configMapName) && has(self.secretName))", message="Only one of configMapName and secretName can be set"
func (*ValueReference) DeepCopy ¶
func (in *ValueReference) DeepCopy() *ValueReference
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ValueReference.
func (*ValueReference) DeepCopyInto ¶
func (in *ValueReference) DeepCopyInto(out *ValueReference)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
Source Files