FluentBit | Notion

cat <<EOF> cw-log-policy.json
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "logs:CreateLogGroup",
                "logs:CreateLogStream",
                "logs:PutLogEvents",
                "logs:DescribeLogStreams"
            ],
            "Resource": [
                "arn:aws:logs:*:*:*"
            ]
        }
    ]
}
EOF

aws iam create-policy --policy-name fluent-bit-policy --policy-document file://cw-log-policy.json > /dev/null

kubectl create ns fluent-bit

POLICY_ARN=$(aws iam list-policies --query "Policies[?PolicyName=='fluent-bit-policy'].Arn" --output text)

eksctl utils associate-iam-oidc-provider --cluster wsi-eks-cluster --approve

eksctl create iamserviceaccount \\
  --cluster=wsi-eks-cluster \\
  --namespace=wsi-ns \\
  --name=aws-for-fluent-bit \\
  --role-name FluentBitIAMRole \\
  --attach-policy-arn=$POLICY_ARN \\
  --approve

cat <<EOF> values.yaml
serviceAccount:
  create: false
  name: fluent-bit

cloudWatchLogs:
  enabled: true
  region: "ap-northeast-2"
  logGroupName: "/wsi/eks/log/"
  logStreamPrefix: "log-"
  autoCreateGroup: true
EOF

helm repo add eks <https://aws.github.io/eks-charts>
helm upgrade --install aws-for-fluent-bit --namespace fluent-bit eks/aws-for-fluent-bit -f values.yaml

apiVersion: v1
kind: ConfigMap
metadata:
  name: fluent-bit-sidecar
  namespace: wsi-ns
  labels:
    app.kubernetes.io/name: fluent-bit-sidecar
    helm.sh/chart: default-0.1.0
    app.kubernetes.io/instance: flb-sidecar
    app.kubernetes.io/version: "1.0"
    app.kubernetes.io/managed-by: Tiller
data:
  fluent-bit.conf: |
    [SERVICE]
        Flush         1
        Log_Level     info
        Daemon        off
        Parsers_File  parsers.conf

    [INPUT]
        Name          tail
        Path          /logs/app.log
        Parser        custom_log
        Tag           app.log
  
    [OUTPUT]
        Name          stdout
        Match         *

    [OUTPUT]
        Name          cloudwatch
        Match         *
        endpoint      <https://logs.ap-northeast-2.amazonaws.com>
        region        ap-northeast-2
        log_group_name /wsi/eks/log/
        log_stream_name log-${HOSTNAME}
        auto_create_group true

  parsers.conf: |
    [PARSER]
        Name           custom_log
        Format         regex
        Regex          ^(?<year>\\d{4})-(?<month>\\d{2})-(?<day>\\d{2})\\s(?<hour>\\d{2}):(?<minute>\\d{2}):(?<second>\\d{2}),\\d+ - - (?<ip>\\d+\\.\\d+\\.\\d+\\.\\d+) (?<port>\\d+) (?<method>\\S+) (?<path>\\S+) (?<statuscode>\\d+)$
        Time_Key       time
        Time_Format    %Y-%m-%d %H:%M:%S
        Time_Keep      On

kubectl apply -f fluent-bit-cm.yaml