apiVersion: apps/v1 kind: DaemonSet metadata: name: promtail namespace: loki labels: app.kubernetes.io/name: promtail spec: selector: matchLabels: app.kubernetes.io/name: promtail updateStrategy: type: RollingUpdate rollingUpdate: maxUnavailable: 1 template: metadata: labels: app.kubernetes.io/name: promtail annotations: prometheus.io/scrape: "true" prometheus.io/port: "3101" prometheus.io/path: "/metrics" spec: serviceAccountName: promtail tolerations: - effect: NoSchedule key: node-role.kubernetes.io/master operator: Exists - effect: NoSchedule key: node-role.kubernetes.io/control-plane operator: Exists containers: - name: promtail image: grafana/promtail:3.3.2 imagePullPolicy: IfNotPresent args: - -config.file=/etc/promtail/promtail.yaml ports: - name: http-metrics containerPort: 3101 protocol: TCP env: - name: HOSTNAME valueFrom: fieldRef: fieldPath: spec.nodeName readinessProbe: httpGet: path: /ready port: http-metrics initialDelaySeconds: 10 periodSeconds: 10 timeoutSeconds: 5 failureThreshold: 5 resources: requests: cpu: 50m memory: 64Mi limits: cpu: 200m memory: 128Mi securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL readOnlyRootFilesystem: true volumeMounts: - name: config mountPath: /etc/promtail - name: run mountPath: /run/promtail - name: containers mountPath: /var/lib/docker/containers readOnly: true - name: pods mountPath: /var/log/pods readOnly: true - name: journal mountPath: /var/log/journal readOnly: true - name: machine-id mountPath: /etc/machine-id readOnly: true volumes: - name: config configMap: name: promtail-config - name: run emptyDir: {} - name: containers hostPath: path: /var/lib/docker/containers - name: pods hostPath: path: /var/log/pods - name: journal hostPath: path: /var/log/journal - name: machine-id hostPath: path: /etc/machine-id