papanito/k8s-metricbeat.values.yaml

## k8s-metricbeat.values.yaml
# The instances created by daemonset retrieve most metrics from the host
daemonset:
  enabled: true
  podAnnotations: []
  priorityClassName: ""
  tolerations:
  - key: node-role.kubernetes.io/master
    operator: Exists
    effect: NoSchedule
  nodeSelector: {}
  resources: {}
  hostNetwork: true
  dnsPolicy: ClusterFirstWithHostNet
  config:
    metricbeat.config:
      modules:
        path: ${path.config}/modules.d/*.yml
        reload.enabled: false
    processors:
    - add_cloud_metadata:
    output.file:
      path: "/usr/share/metricbeat/data"
      filename: metricbeat
      rotate_every_kb: 10000
      number_of_files: 5
  # If overrideConfig is not empty, metricbeat chart's default config won't be used at all.
  overrideConfig:
    metricbeat.config.modules:
      # Mounted `metricbeat-daemonset-modules` configmap:
      path: ${path.config}/modules.d/*.yml
      # Reload module configs as they change:
      reload.enabled: false
    processors:
      - add_cloud_metadata:
    fields:
      logzio_codec: json
      token: ${LOGZIO_METRICS_SHIPPING_TOKEN}
      cluster: ${CLUSTER_NAME}
      type: metricbeat
    fields_under_root: true
    ignore_older: 3hr
    output:
      logstash:
        hosts: ["${LOGZIO_METRICS_LISTENER_HOST}:5015"]
        ssl:
          certificate_authorities: ['/etc/pki/tls/certs/SectigoRSADomainValidationSecureServerCA.crt', '/etc/pki/tls/certs/COMODORSADomainValidationSecureServerCA.crt']
  modules:
    system:
      enabled: true
      config:
        - module: system
          period: 10s
          metricsets:
            - cpu
            - load
            - memory
            - network
            - process
            - process_summary
            - core
            - diskio
            - socket
          processes: ['.*']
          process.include_top_n:
            by_cpu: 5      # include top 5 processes by CPU
            by_memory: 5   # include top 5 processes by memory
        - module: system
          period: 1m
          metricsets:
            - filesystem
            - fsstat
          processors:
          - drop_event.when.regexp:
              system.filesystem.mount_point: '^/(sys|cgroup|proc|dev|etc|host|lib)($|/)'
    kubernetes:
      enabled: true
      config:
        - module: kubernetes
          metricsets:
            - node
            - system
            - pod
            - container
            - volume
            - state_node
            - state_pod
            - state_container
          period: 10s
          host: ${NODE_NAME}
          hosts: ["localhost:10255"]
          # If using Red Hat OpenShift remove the previous hosts entry and
          # uncomment these settings:
          # hosts: ["https://${HOSTNAME}:10250"]
          # bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
          # ssl.certificate_authorities:
            # - /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
  # If overrideModules is not empty, metricbeat chart's default modules won't be used at all.
  overrideModules: {}
# The instance created by deployment retrieves metrics that are unique for the whole cluster, like Kubernetes events or kube-state-metrics
deployment:
  enabled: true
  podAnnotations: []
  priorityClassName: ""
  tolerations: []
  nodeSelector: {}
  resources: {}
  config:
    metricbeat.config:
      modules:
        path: ${path.config}/modules.d/*.yml
        reload.enabled: false
    processors:
    - add_cloud_metadata:
    output.file:
      path: "/usr/share/metricbeat/data"
      filename: metricbeat
      rotate_every_kb: 10000
      number_of_files: 5
  # If overrideConfig is not empty, metricbeat chart's default config won't be used at all.
  overrideConfig:
    metricbeat.config.modules:
      # Mounted `metricbeat-daemonset-modules` configmap:
      path: ${path.config}/modules.d/*.yml
      # Reload module configs as they change:
      reload.enabled: false
    processors:
      - add_cloud_metadata:
    fields:
      logzio_codec: json
      token: ${LOGZIO_METRICS_SHIPPING_TOKEN}
      cluster: ${CLUSTER_NAME}
      type: metricbeat
    fields_under_root: true
    ignore_older: 3hr
    output:
      logstash:
        hosts: ["${LOGZIO_METRICS_LISTENER_HOST}:5015"]
        ssl:
          certificate_authorities: ['/etc/pki/tls/certs/SectigoRSADomainValidationSecureServerCA.crt', '/etc/pki/tls/certs/COMODORSADomainValidationSecureServerCA.crt']
  modules:
    kubernetes:
      enabled: true
      config:
        - module: kubernetes
          metricsets:
            - state_node
            - state_deployment
            - state_replicaset
            - state_pod
            - state_container
            - event
          period: 10s
          hosts: ["kube-state-metrics:8080"]
  # If overrideModules is not empty, metricbeat chart's default modules won't be used at all.
  overrideModules: {}

# List of beat plugins
plugins: []
  # - kinesis.sok8s-metricbeat-5d4c76ffcc-gh5zg

# additional environment
extraEnv:
  - name: LOGZIO_METRICS_SHIPPING_TOKEN
    valueFrom:
      secretKeyRef:
        name: logzio-metrics-secret
        key: logzio-metrics-shipping-token
  - name: LOGZIO_METRICS_LISTENER_HOST
    valueFrom:
      secretKeyRef:
        name: logzio-metrics-secret
        key: logzio-metrics-listener-host
  - name: KUBE_STATE_METRICS_NAMESPACE
    valueFrom:
      secretKeyRef:
        name: cluster-details
        key: kube-state-metrics-namespace
  - name: KUBE_STATE_METRICS_PORT
    valueFrom:
      secretKeyRef:
        name: cluster-details
        key: kube-state-metrics-port
  - name: CLUSTER_NAME
    valueFrom:
      secretKeyRef:
        name: cluster-details
        key: cluster-name

# Add additional volumes and mounts, for example to read other log files on the host
extraVolumes:
  - name: cert
    configMap:
      defaultMode: 0600
      name: logzio-cert
  - name: old-cert
    configMap:
      defaultMode: 0600
      name: old-logzio-cert

extraVolumeMounts:
  - name: old-cert
    mountPath: "/etc/pki/tls/certs/COMODORSADomainValidationSecureServerCA.crt"
    readOnly: true
    subPath: COMODORSADomainValidationSecureServerCA.crt
  - name: cert
    mountPath: "/etc/pki/tls/certs/SectigoRSADomainValidationSecureServerCA.crt"
    readOnly: true
    subPath: SectigoRSADomainValidationSecureServerCA.crt
extraSecrets:
  - name: logzio-cert
    data:
      SectigoRSADomainValidationSecureServerCA.crt: |-
        -----BEGIN CERTIFICATE-----
        MIIGEzCCA/ugAwIBAgIQfVtRJrR2uhHbdBYLvFMNpzANBgkqhkiG9w0BAQwFADCB
        iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
        cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
        BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTgx
        MTAyMDAwMDAwWhcNMzAxMjMxMjM1OTU5WjCBjzELMAkGA1UEBhMCR0IxGzAZBgNV
        BAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEYMBYGA1UE
        ChMPU2VjdGlnbyBMaW1pdGVkMTcwNQYDVQQDEy5TZWN0aWdvIFJTQSBEb21haW4g
        VmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENBMIIBIjANBgkqhkiG9w0BAQEFAAOC
        AQ8AMIIBCgKCAQEA1nMz1tc8INAA0hdFuNY+B6I/x0HuMjDJsGz99J/LEpgPLT+N
        TQEMgg8Xf2Iu6bhIefsWg06t1zIlk7cHv7lQP6lMw0Aq6Tn/2YHKHxYyQdqAJrkj
        eocgHuP/IJo8lURvh3UGkEC0MpMWCRAIIz7S3YcPb11RFGoKacVPAXJpz9OTTG0E
        oKMbgn6xmrntxZ7FN3ifmgg0+1YuWMQJDgZkW7w33PGfKGioVrCSo1yfu4iYCBsk
        Haswha6vsC6eep3BwEIc4gLw6uBK0u+QDrTBQBbwb4VCSmT3pDCg/r8uoydajotY
        uK3DGReEY+1vVv2Dy2A0xHS+5p3b4eTlygxfFQIDAQABo4IBbjCCAWowHwYDVR0j
        BBgwFoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFI2MXsRUrYrhd+mb
        +ZsF4bgBjWHhMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0G
        A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAbBgNVHSAEFDASMAYGBFUdIAAw
        CAYGZ4EMAQIBMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0
        LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2Bggr
        BgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0LmNv
        bS9VU0VSVHJ1c3RSU0FBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZaHR0cDov
        L29jc3AudXNlcnRydXN0LmNvbTANBgkqhkiG9w0BAQwFAAOCAgEAMr9hvQ5Iw0/H
        ukdN+Jx4GQHcEx2Ab/zDcLRSmjEzmldS+zGea6TvVKqJjUAXaPgREHzSyrHxVYbH
        7rM2kYb2OVG/Rr8PoLq0935JxCo2F57kaDl6r5ROVm+yezu/Coa9zcV3HAO4OLGi
        H19+24rcRki2aArPsrW04jTkZ6k4Zgle0rj8nSg6F0AnwnJOKf0hPHzPE/uWLMUx
        RP0T7dWbqWlod3zu4f+k+TY4CFM5ooQ0nBnzvg6s1SQ36yOoeNDT5++SR2RiOSLv
        xvcRviKFxmZEJCaOEDKNyJOuB56DPi/Z+fVGjmO+wea03KbNIaiGCpXZLoUmGv38
        sbZXQm2V0TP2ORQGgkE49Y9Y3IBbpNV9lXj9p5v//cWoaasm56ekBYdbqbe4oyAL
        l6lFhd2zi+WJN44pDfwGF/Y4QA5C5BIG+3vzxhFoYt/jmPQT2BVPi7Fp2RBgvGQq
        6jG35LWjOhSbJuMLe/0CjraZwTiXWTb2qHSihrZe68Zk6s+go/lunrotEbaGmAhY
        LcmsJWTyXnW0OMGuf1pGg+pRyrbxmRE1a6Vqe8YAsOf4vmSyrcjC8azjUeqkk+B5
        yOGBQMkKW+ESPMFgKuOXwIlCypTPRpgSabuY0MLTDXJLR27lk8QyKGOHQ+SwMj4K
        00u/I5sUKUErmgQfky3xxzlIPK1aEn8=
        -----END CERTIFICATE-----
  - name: old-logzio-cert
    data:
      COMODORSADomainValidationSecureServerCA.crt: |-
        -----BEGIN CERTIFICATE-k8s-metricbeat-5d4c76ffcc-gh5zgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNV
        BAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTQwMjEy
        MDAwMDAwWhcNMjkwMjExMjM1OTU5WjCBkDELMAkGA1UEBhMCR0IxGzAZBgNVBAgT
        EkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR
        Q09NT0RPIENBIExpbWl0ZWQxNjA0BgNVBAMTLUNPTU9ETyBSU0EgRG9tYWluIFZh
        bGlkYXRpb24gU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEP
        ADCCAQoCggEBAI7CAhnhoFmk6zg1jSz9AdDTScBkxwtiBUUWOqigwAwCfx3M28Sh
        bXcDow+G+eMGnD4LgYqbSRutA776S9uMIO3Vzl5ljj4Nr0zCsLdFXlIvNN5IJGS0
        Qa4Al/e+Z96e0HqnU4A7fK31llVvl0cKfIWLIpeNs4TgllfQcBhglo/uLQeTnaG6
        ytHNe+nEKpooIZFNb5JPJaXyejXdJtxGpdCsWTWM/06RQ1A/WZMebFEh7lgUq/51
        UHg+TLAchhP6a5i84DuUHoVS3AOTJBhuyydRReZw3iVDpA3hSqXttn7IzW3uLh0n
        c13cRTCAquOyQQuvvUSH2rnlG51/ruWFgqUCAwEAAaOCAWUwggFhMB8GA1UdIwQY
        MBaAFLuvfgI9+qbxPISOre44mOzZMjLUMB0GA1UdDgQWBBSQr2o6lFoL2JDqElZz
        30O0Oija5zAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNV
        HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwGwYDVR0gBBQwEjAGBgRVHSAAMAgG
        BmeBDAECATBMBgNVHR8ERTBDMEGgP6A9hjtodHRwOi8vY3JsLmNvbW9kb2NhLmNv
        bS9DT01PRE9SU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDBxBggrBgEFBQcB
        AQRlMGMwOwYIKwYBBQUHMAKGL2h0dHA6Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9E
        T1JTQUFkZFRydXN0Q0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21v
        ZG9jYS5jb20wDQYJKoZIhvcNAQEMBQADggIBAE4rdk+SHGI2ibp3wScF9BzWRJ2p
        mj6q1WZmAT7qSeaiNbz69t2Vjpk1mA42GHWx3d1Qcnyu3HeIzg/3kCDKo2cuH1Z/
        e+FE6kKVxF0NAVBGFfKBiVlsit2M8RKhjTpCipj4SzR7JzsItG8kO3KdY3RYPBps
        P0/HEZrIqPW1N+8QRcZs2eBelSaz662jue5/DJpmNXMyYE7l3YphLG5SEXdoltMY
        dVEVABt0iN3hxzgEQyjpFv3ZBdRdRydg1vs4O2xyopT4Qhrf7W8GjEXCBgCq5Ojc
        2bXhc3js9iPc0d1sjhqPpepUfJa3w/5Vjo1JXvxku88+vZbrac2/4EjxYoIQ5QxG
        V/Iz2tDIY+3GH5QFlkoakdH368+PUq4NCNk+qKBR6cGHdNXJ93SrLlP7u3r7l+L4
        HyaPs9Kg4DdbKDsx5Q5XLVq4rXmsXiBmGqW5prU5wfWYQ//u+aen/e7KJD2AFsQX
        j4rBYKEMrltDR5FL1ZoXX/nUh8HCjLfn4g8wGTeGrODcQgPmlKidrv0PJFGUzpII
        0fxQ8ANAe4hZ7Q7drNJ3gjTcBpUC2JD5Leo31Rpg0Gcg19hCC0Wvgmje3WYkN5Ap
        lBlGGSW4gNfL1IYoakRwJiNiqZ+Gb7+6kHDSVneFeO/qJakXzlByjAA6quPbYzSf
        +AZxAeKCINT+b72x
        -----END CERTIFICATE-----
  # - name: userdata
  #   data:
  #     id: userid
  #     pw: userpassword

resources:
  # We usually recommend not to specify default resources and to leave this as a conscious
  # choice for the user. This also increases chances charts run on environments with little
  # resources, such as Minikube. If you do want to specify resources, uncomment the following
  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
  limits:
    cpu: 100m
    memory: 200Mi
  requests:
    cpu: 100m
    memory: 100Mi

rbac:
  # Specifies whether RBAC resources should be created
  create: true
  pspEnabled: false
# serviceAccount:
#   # Specifies whether a ServiceAccount should be created
#   create: true
#   # The name of the ServiceAccount to use.
#   # If not set and create is true, a name is generated using the fullname template
#   name:
	# The instances created by daemonset retrieve most metrics from the host
	daemonset:
	enabled: true
	podAnnotations: []
	priorityClassName: ""
	tolerations:
	- key: node-role.kubernetes.io/master
	operator: Exists
	effect: NoSchedule
	nodeSelector: {}
	resources: {}
	hostNetwork: true
	dnsPolicy: ClusterFirstWithHostNet
	config:
	metricbeat.config:
	modules:
	path: ${path.config}/modules.d/*.yml
	reload.enabled: false
	processors:
	- add_cloud_metadata:
	output.file:
	path: "/usr/share/metricbeat/data"
	filename: metricbeat
	rotate_every_kb: 10000
	number_of_files: 5
	# If overrideConfig is not empty, metricbeat chart's default config won't be used at all.
	overrideConfig:
	metricbeat.config.modules:
	# Mounted `metricbeat-daemonset-modules` configmap:
	path: ${path.config}/modules.d/*.yml
	# Reload module configs as they change:
	reload.enabled: false
	processors:
	- add_cloud_metadata:
	fields:
	logzio_codec: json
	token: ${LOGZIO_METRICS_SHIPPING_TOKEN}
	cluster: ${CLUSTER_NAME}
	type: metricbeat
	fields_under_root: true
	ignore_older: 3hr
	output:
	logstash:
	hosts: ["${LOGZIO_METRICS_LISTENER_HOST}:5015"]
	ssl:
	certificate_authorities: ['/etc/pki/tls/certs/SectigoRSADomainValidationSecureServerCA.crt', '/etc/pki/tls/certs/COMODORSADomainValidationSecureServerCA.crt']
	modules:
	system:
	enabled: true
	config:
	- module: system
	period: 10s
	metricsets:
	- cpu
	- load
	- memory
	- network
	- process
	- process_summary
	- core
	- diskio
	- socket
	processes: ['.*']
	process.include_top_n:
	by_cpu: 5 # include top 5 processes by CPU
	by_memory: 5 # include top 5 processes by memory
	- module: system
	period: 1m
	metricsets:
	- filesystem
	- fsstat
	processors:
	- drop_event.when.regexp:
	system.filesystem.mount_point: '^/(sys\|cgroup\|proc\|dev\|etc\|host\|lib)($\|/)'
	kubernetes:
	enabled: true
	config:
	- module: kubernetes
	metricsets:
	- node
	- system
	- pod
	- container
	- volume
	- state_node
	- state_pod
	- state_container
	period: 10s
	host: ${NODE_NAME}
	hosts: ["localhost:10255"]
	# If using Red Hat OpenShift remove the previous hosts entry and
	# uncomment these settings:
	# hosts: ["https://${HOSTNAME}:10250"]
	# bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
	# ssl.certificate_authorities:
	# - /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
	# If overrideModules is not empty, metricbeat chart's default modules won't be used at all.
	overrideModules: {}
	# The instance created by deployment retrieves metrics that are unique for the whole cluster, like Kubernetes events or kube-state-metrics
	deployment:
	enabled: true
	podAnnotations: []
	priorityClassName: ""
	tolerations: []
	nodeSelector: {}
	resources: {}
	config:
	metricbeat.config:
	modules:
	path: ${path.config}/modules.d/*.yml
	reload.enabled: false
	processors:
	- add_cloud_metadata:
	output.file:
	path: "/usr/share/metricbeat/data"
	filename: metricbeat
	rotate_every_kb: 10000
	number_of_files: 5
	# If overrideConfig is not empty, metricbeat chart's default config won't be used at all.
	overrideConfig:
	metricbeat.config.modules:
	# Mounted `metricbeat-daemonset-modules` configmap:
	path: ${path.config}/modules.d/*.yml
	# Reload module configs as they change:
	reload.enabled: false
	processors:
	- add_cloud_metadata:
	fields:
	logzio_codec: json
	token: ${LOGZIO_METRICS_SHIPPING_TOKEN}
	cluster: ${CLUSTER_NAME}
	type: metricbeat
	fields_under_root: true
	ignore_older: 3hr
	output:
	logstash:
	hosts: ["${LOGZIO_METRICS_LISTENER_HOST}:5015"]
	ssl:
	certificate_authorities: ['/etc/pki/tls/certs/SectigoRSADomainValidationSecureServerCA.crt', '/etc/pki/tls/certs/COMODORSADomainValidationSecureServerCA.crt']
	modules:
	kubernetes:
	enabled: true
	config:
	- module: kubernetes
	metricsets:
	- state_node
	- state_deployment
	- state_replicaset
	- state_pod
	- state_container
	- event
	period: 10s
	hosts: ["kube-state-metrics:8080"]
	# If overrideModules is not empty, metricbeat chart's default modules won't be used at all.
	overrideModules: {}

	# List of beat plugins
	plugins: []
	# - kinesis.sok8s-metricbeat-5d4c76ffcc-gh5zg

	# additional environment
	extraEnv:
	- name: LOGZIO_METRICS_SHIPPING_TOKEN
	valueFrom:
	secretKeyRef:
	name: logzio-metrics-secret
	key: logzio-metrics-shipping-token
	- name: LOGZIO_METRICS_LISTENER_HOST
	valueFrom:
	secretKeyRef:
	name: logzio-metrics-secret
	key: logzio-metrics-listener-host
	- name: KUBE_STATE_METRICS_NAMESPACE
	valueFrom:
	secretKeyRef:
	name: cluster-details
	key: kube-state-metrics-namespace
	- name: KUBE_STATE_METRICS_PORT
	valueFrom:
	secretKeyRef:
	name: cluster-details
	key: kube-state-metrics-port
	- name: CLUSTER_NAME
	valueFrom:
	secretKeyRef:
	name: cluster-details
	key: cluster-name

	# Add additional volumes and mounts, for example to read other log files on the host
	extraVolumes:
	- name: cert
	configMap:
	defaultMode: 0600
	name: logzio-cert
	- name: old-cert
	configMap:
	defaultMode: 0600
	name: old-logzio-cert

	extraVolumeMounts:
	- name: old-cert
	mountPath: "/etc/pki/tls/certs/COMODORSADomainValidationSecureServerCA.crt"
	readOnly: true
	subPath: COMODORSADomainValidationSecureServerCA.crt
	- name: cert
	mountPath: "/etc/pki/tls/certs/SectigoRSADomainValidationSecureServerCA.crt"
	readOnly: true
	subPath: SectigoRSADomainValidationSecureServerCA.crt
	extraSecrets:
	- name: logzio-cert
	data:
	SectigoRSADomainValidationSecureServerCA.crt: \|-
	-----BEGIN CERTIFICATE-----
	MIIGEzCCA/ugAwIBAgIQfVtRJrR2uhHbdBYLvFMNpzANBgkqhkiG9w0BAQwFADCB
	iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
	cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
	BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTgx
	MTAyMDAwMDAwWhcNMzAxMjMxMjM1OTU5WjCBjzELMAkGA1UEBhMCR0IxGzAZBgNV
	BAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEYMBYGA1UE
	ChMPU2VjdGlnbyBMaW1pdGVkMTcwNQYDVQQDEy5TZWN0aWdvIFJTQSBEb21haW4g
	VmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENBMIIBIjANBgkqhkiG9w0BAQEFAAOC
	AQ8AMIIBCgKCAQEA1nMz1tc8INAA0hdFuNY+B6I/x0HuMjDJsGz99J/LEpgPLT+N
	TQEMgg8Xf2Iu6bhIefsWg06t1zIlk7cHv7lQP6lMw0Aq6Tn/2YHKHxYyQdqAJrkj
	eocgHuP/IJo8lURvh3UGkEC0MpMWCRAIIz7S3YcPb11RFGoKacVPAXJpz9OTTG0E
	oKMbgn6xmrntxZ7FN3ifmgg0+1YuWMQJDgZkW7w33PGfKGioVrCSo1yfu4iYCBsk
	Haswha6vsC6eep3BwEIc4gLw6uBK0u+QDrTBQBbwb4VCSmT3pDCg/r8uoydajotY
	uK3DGReEY+1vVv2Dy2A0xHS+5p3b4eTlygxfFQIDAQABo4IBbjCCAWowHwYDVR0j
	BBgwFoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFI2MXsRUrYrhd+mb
	+ZsF4bgBjWHhMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0G
	A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAbBgNVHSAEFDASMAYGBFUdIAAw
	CAYGZ4EMAQIBMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0
	LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2Bggr
	BgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0LmNv
	bS9VU0VSVHJ1c3RSU0FBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZaHR0cDov
	L29jc3AudXNlcnRydXN0LmNvbTANBgkqhkiG9w0BAQwFAAOCAgEAMr9hvQ5Iw0/H
	ukdN+Jx4GQHcEx2Ab/zDcLRSmjEzmldS+zGea6TvVKqJjUAXaPgREHzSyrHxVYbH
	7rM2kYb2OVG/Rr8PoLq0935JxCo2F57kaDl6r5ROVm+yezu/Coa9zcV3HAO4OLGi
	H19+24rcRki2aArPsrW04jTkZ6k4Zgle0rj8nSg6F0AnwnJOKf0hPHzPE/uWLMUx
	RP0T7dWbqWlod3zu4f+k+TY4CFM5ooQ0nBnzvg6s1SQ36yOoeNDT5++SR2RiOSLv
	xvcRviKFxmZEJCaOEDKNyJOuB56DPi/Z+fVGjmO+wea03KbNIaiGCpXZLoUmGv38
	sbZXQm2V0TP2ORQGgkE49Y9Y3IBbpNV9lXj9p5v//cWoaasm56ekBYdbqbe4oyAL
	l6lFhd2zi+WJN44pDfwGF/Y4QA5C5BIG+3vzxhFoYt/jmPQT2BVPi7Fp2RBgvGQq
	6jG35LWjOhSbJuMLe/0CjraZwTiXWTb2qHSihrZe68Zk6s+go/lunrotEbaGmAhY
	LcmsJWTyXnW0OMGuf1pGg+pRyrbxmRE1a6Vqe8YAsOf4vmSyrcjC8azjUeqkk+B5
	yOGBQMkKW+ESPMFgKuOXwIlCypTPRpgSabuY0MLTDXJLR27lk8QyKGOHQ+SwMj4K
	00u/I5sUKUErmgQfky3xxzlIPK1aEn8=
	-----END CERTIFICATE-----
	- name: old-logzio-cert
	data:
	COMODORSADomainValidationSecureServerCA.crt: \|-
	-----BEGIN CERTIFICATE-k8s-metricbeat-5d4c76ffcc-gh5zgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNV
	BAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTQwMjEy
	MDAwMDAwWhcNMjkwMjExMjM1OTU5WjCBkDELMAkGA1UEBhMCR0IxGzAZBgNVBAgT
	EkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR
	Q09NT0RPIENBIExpbWl0ZWQxNjA0BgNVBAMTLUNPTU9ETyBSU0EgRG9tYWluIFZh
	bGlkYXRpb24gU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEP
	ADCCAQoCggEBAI7CAhnhoFmk6zg1jSz9AdDTScBkxwtiBUUWOqigwAwCfx3M28Sh
	bXcDow+G+eMGnD4LgYqbSRutA776S9uMIO3Vzl5ljj4Nr0zCsLdFXlIvNN5IJGS0
	Qa4Al/e+Z96e0HqnU4A7fK31llVvl0cKfIWLIpeNs4TgllfQcBhglo/uLQeTnaG6
	ytHNe+nEKpooIZFNb5JPJaXyejXdJtxGpdCsWTWM/06RQ1A/WZMebFEh7lgUq/51
	UHg+TLAchhP6a5i84DuUHoVS3AOTJBhuyydRReZw3iVDpA3hSqXttn7IzW3uLh0n
	c13cRTCAquOyQQuvvUSH2rnlG51/ruWFgqUCAwEAAaOCAWUwggFhMB8GA1UdIwQY
	MBaAFLuvfgI9+qbxPISOre44mOzZMjLUMB0GA1UdDgQWBBSQr2o6lFoL2JDqElZz
	30O0Oija5zAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNV
	HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwGwYDVR0gBBQwEjAGBgRVHSAAMAgG
	BmeBDAECATBMBgNVHR8ERTBDMEGgP6A9hjtodHRwOi8vY3JsLmNvbW9kb2NhLmNv
	bS9DT01PRE9SU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDBxBggrBgEFBQcB
	AQRlMGMwOwYIKwYBBQUHMAKGL2h0dHA6Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9E
	T1JTQUFkZFRydXN0Q0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21v
	ZG9jYS5jb20wDQYJKoZIhvcNAQEMBQADggIBAE4rdk+SHGI2ibp3wScF9BzWRJ2p
	mj6q1WZmAT7qSeaiNbz69t2Vjpk1mA42GHWx3d1Qcnyu3HeIzg/3kCDKo2cuH1Z/
	e+FE6kKVxF0NAVBGFfKBiVlsit2M8RKhjTpCipj4SzR7JzsItG8kO3KdY3RYPBps
	P0/HEZrIqPW1N+8QRcZs2eBelSaz662jue5/DJpmNXMyYE7l3YphLG5SEXdoltMY
	dVEVABt0iN3hxzgEQyjpFv3ZBdRdRydg1vs4O2xyopT4Qhrf7W8GjEXCBgCq5Ojc
	2bXhc3js9iPc0d1sjhqPpepUfJa3w/5Vjo1JXvxku88+vZbrac2/4EjxYoIQ5QxG
	V/Iz2tDIY+3GH5QFlkoakdH368+PUq4NCNk+qKBR6cGHdNXJ93SrLlP7u3r7l+L4
	HyaPs9Kg4DdbKDsx5Q5XLVq4rXmsXiBmGqW5prU5wfWYQ//u+aen/e7KJD2AFsQX
	j4rBYKEMrltDR5FL1ZoXX/nUh8HCjLfn4g8wGTeGrODcQgPmlKidrv0PJFGUzpII
	0fxQ8ANAe4hZ7Q7drNJ3gjTcBpUC2JD5Leo31Rpg0Gcg19hCC0Wvgmje3WYkN5Ap
	lBlGGSW4gNfL1IYoakRwJiNiqZ+Gb7+6kHDSVneFeO/qJakXzlByjAA6quPbYzSf
	+AZxAeKCINT+b72x
	-----END CERTIFICATE-----
	# - name: userdata
	# data:
	# id: userid
	# pw: userpassword

	resources:
	# We usually recommend not to specify default resources and to leave this as a conscious
	# choice for the user. This also increases chances charts run on environments with little
	# resources, such as Minikube. If you do want to specify resources, uncomment the following
	# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
	limits:
	cpu: 100m
	memory: 200Mi
	requests:
	cpu: 100m
	memory: 100Mi

	rbac:
	# Specifies whether RBAC resources should be created
	create: true
	pspEnabled: false
	# serviceAccount:
	# # Specifies whether a ServiceAccount should be created
	# create: true
	# # The name of the ServiceAccount to use.
	# # If not set and create is true, a name is generated using the fullname template
	# name: