fluent-bit
Helm chart
Request a free trial
Contact our team to test out this Helm chart and related images for free. Please also indicate any other images you would like to evaluate.
Tag:
1
# Default values for fluent-bit.
2
3
# kind -- DaemonSet or Deployment
4
kind: DaemonSet
5
# replicaCount -- Only applicable if kind=Deployment
6
replicaCount: 1
7
image:
8
repository: chainreg.biz/chainguard-private/fluent-bit
9
# Overrides the image tag whose default is {{ .Chart.AppVersion }}
10
# Set to "-" to not use the default value
11
tag: latest
12
digest: sha256:f743e0fb791c386f81597268379265cfe2554a90a669a12c94c0c805e40a1b78
13
pullPolicy: IfNotPresent
14
testFramework:
15
enabled: true
16
namespace:
17
image:
18
repository: chainreg.biz/chainguard-private/busybox
19
pullPolicy: Always
20
tag: latest
21
digest: sha256:1ea938c057099f3db4bf2a6cfc9e2f33b8c7248d33cb528d91cc32a52f03212e
22
imagePullSecrets: []
23
nameOverride: ""
24
fullnameOverride: ""
25
serviceAccount:
26
create: true
27
annotations: {}
28
name:
29
automountServiceAccountToken:
30
rbac:
31
create: true
32
nodeAccess: false
33
eventsAccess: false
34
# Configure podsecuritypolicy
35
# Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/
36
# from Kubernetes 1.25, PSP is deprecated
37
# See: https://kubernetes.io/blog/2022/08/23/kubernetes-v1-25-release/#pod-security-changes
38
# We automatically disable PSP if Kubernetes version is 1.25 or higher
39
podSecurityPolicy:
40
create: false
41
annotations: {}
42
runAsUser:
43
rule: RunAsAny
44
seLinux:
45
# This policy assumes the nodes are using AppArmor rather than SELinux.
46
rule: RunAsAny
47
# OpenShift-specific configuration
48
openShift:
49
enabled: false
50
securityContextConstraints:
51
# Create SCC for Fluent-bit and allow use it
52
create: true
53
name: ""
54
annotations: {}
55
runAsUser:
56
type: RunAsAny
57
seLinuxContext:
58
type: MustRunAs
59
# Use existing SCC in cluster, rather then create new one
60
existingName: ""
61
podSecurityContext: {}
62
# fsGroup: 2000
63
64
hostNetwork: false
65
dnsPolicy: ClusterFirst
66
dnsConfig: {}
67
# nameservers:
68
# - 1.2.3.4
69
# searches:
70
# - ns1.svc.cluster-domain.example
71
# - my.dns.search.suffix
72
# options:
73
# - name: ndots
74
# value: "2"
75
# - name: edns0
76
77
hostAliases: []
78
# - ip: "1.2.3.4"
79
# hostnames:
80
# - "foo.local"
81
# - "bar.local"
82
83
securityContext: {}
84
# capabilities:
85
# drop:
86
# - ALL
87
# readOnlyRootFilesystem: true
88
# runAsNonRoot: true
89
# runAsUser: 1000
90
91
service:
92
type: ClusterIP
93
port: 2020
94
internalTrafficPolicy:
95
loadBalancerClass:
96
loadBalancerSourceRanges: []
97
loadBalancerIP:
98
labels: {}
99
# nodePort: 30020
100
# clusterIP: 172.16.10.1
101
annotations: {}
102
# prometheus.io/path: "/api/v1/metrics/prometheus"
103
# prometheus.io/port: "2020"
104
# prometheus.io/scrape: "true"
105
externalIPs: []
106
# externalIPs:
107
# - 2.2.2.2
108
serviceMonitor:
109
enabled: false
110
# namespace: monitoring
111
# interval: 10s
112
# scrapeTimeout: 10s
113
# selector:
114
# prometheus: my-prometheus
115
# ## metric relabel configs to apply to samples before ingestion.
116
# ##
117
# metricRelabelings:
118
# - sourceLabels: [__meta_kubernetes_service_label_cluster]
119
# targetLabel: cluster
120
# regex: (.*)
121
# replacement: ${1}
122
# action: replace
123
# ## relabel configs to apply to samples after ingestion.
124
# ##
125
# relabelings:
126
# - sourceLabels: [__meta_kubernetes_pod_node_name]
127
# separator: ;
128
# regex: ^(.*)$
129
# targetLabel: nodename
130
# replacement: $1
131
# action: replace
132
# scheme: ""
133
# tlsConfig: {}
134
135
## Bear in mind if you want to collect metrics from a different port
136
## you will need to configure the new ports on the extraPorts property.
137
additionalEndpoints: []
138
# - port: metrics
139
# path: /metrics
140
# interval: 10s
141
# scrapeTimeout: 10s
142
# scheme: ""
143
# tlsConfig: {}
144
# # metric relabel configs to apply to samples before ingestion.
145
# #
146
# metricRelabelings:
147
# - sourceLabels: [__meta_kubernetes_service_label_cluster]
148
# targetLabel: cluster
149
# regex: (.*)
150
# replacement: ${1}
151
# action: replace
152
# # relabel configs to apply to samples after ingestion.
153
# #
154
# relabelings:
155
# - sourceLabels: [__meta_kubernetes_pod_node_name]
156
# separator: ;
157
# regex: ^(.*)$
158
# targetLabel: nodename
159
# replacement: $1
160
# action: replace
161
prometheusRule:
162
enabled: false
163
# namespace: ""
164
# additionalLabels: {}
165
# rules:
166
# - alert: NoOutputBytesProcessed
167
# expr: rate(fluentbit_output_proc_bytes_total[5m]) == 0
168
# annotations:
169
# message: |
170
# Fluent Bit instance {{ $labels.instance }}'s output plugin {{ $labels.name }} has not processed any
171
# bytes for at least 15 minutes.
172
# summary: No Output Bytes Processed
173
# for: 15m
174
# labels:
175
# severity: critical
176
177
dashboards:
178
enabled: false
179
labelKey: grafana_dashboard
180
labelValue: 1
181
annotations: {}
182
namespace: ""
183
deterministicUid: false
184
lifecycle: {}
185
# preStop:
186
# exec:
187
# command: ["/bin/sh", "-c", "sleep 20"]
188
189
livenessProbe:
190
httpGet:
191
path: /
192
port: http
193
readinessProbe:
194
httpGet:
195
path: /api/v1/health
196
port: http
197
resources: {}
198
# limits:
199
# cpu: 100m
200
# memory: 128Mi
201
# requests:
202
# cpu: 100m
203
# memory: 128Mi
204
205
## only available if kind is Deployment
206
ingress:
207
enabled: false
208
ingressClassName: ""
209
annotations: {}
210
# kubernetes.io/ingress.class: nginx
211
# kubernetes.io/tls-acme: "true"
212
hosts: []
213
# - host: fluent-bit.example.tld
214
extraHosts: []
215
# - host: fluent-bit-extra.example.tld
216
## specify extraPort number
217
# port: 5170
218
tls: []
219
# - secretName: fluent-bit-example-tld
220
# hosts:
221
# - fluent-bit.example.tld
222
## only available if kind is Deployment
223
autoscaling:
224
vpa:
225
enabled: false
226
annotations: {}
227
# List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory
228
controlledResources: []
229
# Values that the vertical pod autoscaler can control. Allowed values are RequestsAndLimits and RequestsOnly. Default is RequestsAndLimits.
230
controlledValues:
231
# Define the max allowed resources for the pod
232
maxAllowed: {}
233
# cpu: 200m
234
# memory: 100Mi
235
# Define the min allowed resources for the pod
236
minAllowed: {}
237
# cpu: 200m
238
# memory: 100Mi
239
240
updatePolicy:
241
# Specifies whether recommended updates are applied when a Pod is started and whether recommended updates
242
# are applied during the life of a Pod. Possible values are "Off", "Initial", "Recreate", and "Auto".
243
updateMode: Auto
244
enabled: false
245
minReplicas: 1
246
maxReplicas: 3
247
targetCPUUtilizationPercentage: 75
248
# targetMemoryUtilizationPercentage: 75
249
## see https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale-walkthrough/#autoscaling-on-multiple-metrics-and-custom-metrics
250
customRules: []
251
# - type: Pods
252
# pods:
253
# metric:
254
# name: packets-per-second
255
# target:
256
# type: AverageValue
257
# averageValue: 1k
258
## see https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/#support-for-configurable-scaling-behavior
259
behavior: {}
260
# scaleDown:
261
# policies:
262
# - type: Pods
263
# value: 4
264
# periodSeconds: 60
265
# - type: Percent
266
# value: 10
267
# periodSeconds: 60
268
269
## only available if kind is Deployment
270
podDisruptionBudget:
271
enabled: false
272
annotations: {}
273
maxUnavailable: "30%"
274
nodeSelector: {}
275
tolerations: []
276
affinity: {}
277
labels: {}
278
annotations: {}
279
podAnnotations: {}
280
podLabels: {}
281
## How long (in seconds) a pods needs to be stable before progressing the deployment
282
##
283
minReadySeconds:
284
## How long (in seconds) a pod may take to exit (useful with lifecycle hooks to ensure lb deregistration is done)
285
##
286
terminationGracePeriodSeconds:
287
priorityClassName: ""
288
env: []
289
# - name: FOO
290
# value: "bar"
291
292
# The envWithTpl array below has the same usage as "env", but is using the tpl function to support templatable string.
293
# This can be useful when you want to pass dynamic values to the Chart using the helm argument "--set <variable>=<value>"
294
# https://helm.sh/docs/howto/charts_tips_and_tricks/#using-the-tpl-function
295
envWithTpl: []
296
# - name: FOO_2
297
# value: "{{ .Values.foo2 }}"
298
#
299
# foo2: bar2
300
301
envFrom: []
302
# This supports either a structured array or a templatable string
303
extraContainers: []
304
# Array mode
305
# extraContainers:
306
# - name: do-something
307
# image: busybox
308
# command: ['do', 'something']
309
310
# String mode
311
# extraContainers: |-
312
# - name: do-something
313
# image: bitnami/kubectl:{{ .Capabilities.KubeVersion.Major }}.{{ .Capabilities.KubeVersion.Minor }}
314
# command: ['kubectl', 'version']
315
flush: 1
316
metricsPort: 2020
317
extraPorts: []
318
# - port: 5170
319
# containerPort: 5170
320
# protocol: TCP
321
# name: tcp
322
# nodePort: 30517
323
324
extraVolumes: []
325
extraVolumeMounts: []
326
updateStrategy: {}
327
# type: RollingUpdate
328
# rollingUpdate:
329
# maxUnavailable: 1
330
331
# Make use of a pre-defined configmap instead of the one templated here
332
existingConfigMap: ""
333
networkPolicy:
334
enabled: false
335
# ingress:
336
# from: []
337
338
# See Lua script configuration example in README.md
339
luaScripts: {}
340
## https://docs.fluentbit.io/manual/administration/configuring-fluent-bit/classic-mode/configuration-file
341
config:
342
service: |
343
[SERVICE]
344
Daemon Off
345
Flush {{ .Values.flush }}
346
Log_Level {{ .Values.logLevel }}
347
Parsers_File /fluent-bit/etc/parsers.conf
348
Parsers_File /fluent-bit/etc/conf/custom_parsers.conf
349
HTTP_Server On
350
HTTP_Listen 0.0.0.0
351
HTTP_Port {{ .Values.metricsPort }}
352
Health_Check On
353
## https://docs.fluentbit.io/manual/pipeline/inputs
354
inputs: |
355
[INPUT]
356
Name tail
357
Path /var/log/containers/*.log
358
multiline.parser docker, cri
359
Tag kube.*
360
Mem_Buf_Limit 5MB
361
Skip_Long_Lines On
362
363
[INPUT]
364
Name systemd
365
Tag host.*
366
Systemd_Filter _SYSTEMD_UNIT=kubelet.service
367
Read_From_Tail On
368
## https://docs.fluentbit.io/manual/pipeline/filters
369
filters: |
370
[FILTER]
371
Name kubernetes
372
Match kube.*
373
Merge_Log On
374
Keep_Log Off
375
K8S-Logging.Parser On
376
K8S-Logging.Exclude On
377
## https://docs.fluentbit.io/manual/pipeline/outputs
378
outputs: |
379
[OUTPUT]
380
Name es
381
Match kube.*
382
Host elasticsearch-master
383
Logstash_Format On
384
Retry_Limit False
385
386
[OUTPUT]
387
Name es
388
Match host.*
389
Host elasticsearch-master
390
Logstash_Format On
391
Logstash_Prefix node
392
Retry_Limit False
393
## https://docs.fluentbit.io/manual/administration/configuring-fluent-bit/classic-mode/upstream-servers
394
## This configuration is deprecated, please use `extraFiles` instead.
395
upstream: {}
396
## https://docs.fluentbit.io/manual/pipeline/parsers
397
customParsers: |
398
[PARSER]
399
Name docker_no_time
400
Format json
401
Time_Keep Off
402
Time_Key time
403
Time_Format %Y-%m-%dT%H:%M:%S.%L
404
# This allows adding more files with arbitrary filenames to /fluent-bit/etc/conf by providing key/value pairs.
405
# The key becomes the filename, the value becomes the file content.
406
extraFiles: {}
407
# upstream.conf: |
408
# [UPSTREAM]
409
# upstream1
410
#
411
# [NODE]
412
# name node-1
413
# host 127.0.0.1
414
# port 43000
415
# example.conf: |
416
# [OUTPUT]
417
# Name example
418
# Match foo.*
419
# Host bar
420
421
# The config volume is mounted by default, either to the existingConfigMap value, or the default of "fluent-bit.fullname"
422
volumeMounts:
423
- name: config
424
mountPath: /fluent-bit/etc/conf
425
daemonSetVolumes:
426
- name: varlog
427
hostPath:
428
path: /var/log
429
- name: varlibdockercontainers
430
hostPath:
431
path: /var/lib/docker/containers
432
- name: etcmachineid
433
hostPath:
434
path: /etc/machine-id
435
type: File
436
daemonSetVolumeMounts:
437
- name: varlog
438
mountPath: /var/log
439
- name: varlibdockercontainers
440
mountPath: /var/lib/docker/containers
441
readOnly: true
442
- name: etcmachineid
443
mountPath: /etc/machine-id
444
readOnly: true
445
command:
446
- /fluent-bit/bin/fluent-bit
447
args:
448
- --workdir=/fluent-bit/etc
449
- --config=/fluent-bit/etc/conf/fluent-bit.conf
450
# This supports either a structured array or a templatable string
451
initContainers: []
452
# Array mode
453
# initContainers:
454
# - name: do-something
455
# image: bitnami/kubectl:1.22
456
# command: ['kubectl', 'version']
457
458
# String mode
459
# initContainers: |-
460
# - name: do-something
461
# image: bitnami/kubectl:{{ .Capabilities.KubeVersion.Major }}.{{ .Capabilities.KubeVersion.Minor }}
462
# command: ['kubectl', 'version']
463
logLevel: info
464
hotReload:
465
enabled: false
466
image:
467
repository: chainreg.biz/chainguard-private/configmap-reload
468
tag: latest
469
digest: sha256:2cc6bde30af92f402fcd5626e8f042640b55ba745d54f45a2ab8549fe383685e
470
pullPolicy: IfNotPresent
471
resources: {}
472
extraWatchVolumes: []
473
securityContext:
474
privileged: false
475
allowPrivilegeEscalation: false
476
readOnlyRootFilesystem: true
477
runAsNonRoot: true
478
runAsUser: 65532
479
runAsGroup: 65532
480
capabilities:
481
drop:
482
- ALL
483
The trusted source for open source
Talk to an expertProduct
Customers
© 2026 Chainguard, Inc. All Rights Reserved.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.