apiVersion: v1 kind: ServiceAccount metadata: name: promtail namespace: monitoring --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: promtail rules: - apiGroups: [""] resources: - pods - namespaces verbs: ["get", "list", "watch"] --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: promtail roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: promtail subjects: - kind: ServiceAccount name: promtail namespace: monitoring --- apiVersion: v1 kind: ConfigMap metadata: name: promtail-config namespace: monitoring data: promtail.yaml: | server: http_listen_port: 9080 grpc_listen_port: 0 positions: filename: /run/promtail/positions.yaml clients: - url: http://loki:3100/loki/api/v1/push scrape_configs: - job_name: kubernetes-pods kubernetes_sd_configs: - role: pod relabel_configs: - action: replace source_labels: [__meta_kubernetes_pod_node_name] target_label: node - action: replace source_labels: [__meta_kubernetes_namespace] target_label: namespace - action: replace source_labels: [__meta_kubernetes_pod_name] target_label: pod - action: replace source_labels: [__meta_kubernetes_pod_container_name] target_label: container - action: replace source_labels: [__meta_kubernetes_pod_uid] target_label: __path__ replacement: /var/log/pods/*$1/*/*.log --- apiVersion: apps/v1 kind: DaemonSet metadata: name: promtail namespace: monitoring spec: selector: matchLabels: app: promtail template: metadata: labels: app: promtail spec: serviceAccountName: promtail tolerations: - operator: "Exists" containers: - name: promtail image: grafana/promtail:2.9.6 args: - "-config.file=/etc/promtail/promtail.yaml" volumeMounts: - name: config mountPath: /etc/promtail - name: positions mountPath: /run/promtail - name: varlog mountPath: /var/log readOnly: true volumes: - name: config configMap: name: promtail-config - name: positions emptyDir: {} - name: varlog hostPath: path: /var/log