-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[filter_kubernetes] enhancement: provide mechanism to exclude containers from fluent bit via annotations #737
Comments
looks like I misunderstood the original requirement, you can try the following annotation:
|
Hi @edsiper thanks for replying, but I think I've poorly worded this enhancement sorry. I want to have fluent-bit by default exclude, and annotate a select few deployments we can include. |
I'm searching for a similar thing. I want to e.g. say that all pods with
|
Hi. is there any solution to this so far? I'm also looking for this. Will be really helpful. Thx! |
Hey, Has anyone made any progress here? I'm also trying to figure out a solution to this :) |
this will be very useful feature and end users will have control on sending logs by adding annotations |
+1 |
sad that this issue is open since Sep 2018 and still no solution yet |
https://github.com/dmytroleonenko/fluent-bit/tree/v1.4.2-include
annotations are sent |
how to enable include mode and do you have docker image already built? |
You can enable it the same way like exclude mode, just use "include" instead of "exclude" word in both config and annotation. Include should work with "exclude" in combo equally well if you want to exclude particular container from the pod or specific stream (think of stdout) off of a pod log. |
let me confirm the expectation from for the default behavior: One of
comments ? |
@edsiper I think your approach makes the most sense. We've taken another path but it sounds like there are others who would like this enhancement. |
If the "false" annotation is a default behavior (no annotation == false annotation). Like if K8S-Logging.Include On then if I don't have any annotations on any pods what would happen? |
@dmytroleonenko the proposal above says: if |
Any progress? Thanks |
Any news? |
I had no luck so I investigated my container input. FluentBit mounts all your container log files into Standard config wildcard (NOTE the Path field): application-log.conf: |
[INPUT]
Name tail
Tag application.*
Exclude_Path /var/log/containers/cloudwatch-agent*, /var/log/containers/fluent-bit*, /var/log/containers/aws-node*, /var/log/containers/kube-proxy*
Path /var/log/containers/*
Docker_Mode On
Docker_Mode_Flush 5
Docker_Mode_Parser container_firstline
Parser docker
DB /var/fluent-bit/state/flb_container.db
Mem_Buf_Limit 50MB
Skip_Long_Lines On
Refresh_Interval 10
Rotate_Wait 30
storage.type filesystem
Read_from_Head ${READ_FROM_HEAD} Change the Path field to match the containers you wish. This can be comma separated list of patterns: application-log.conf: |
[INPUT]
Name tail
Tag application.*
Exclude_Path /var/log/containers/cloudwatch-agent*, /var/log/containers/fluent-bit*, /var/log/containers/aws-node*, /var/log/containers/kube-proxy*
Path /var/log/containers/my-container.log, /var/log/containers/my-other-container.log
Docker_Mode On
Docker_Mode_Flush 5
Docker_Mode_Parser container_firstline
Parser docker
DB /var/fluent-bit/state/flb_container.db
Mem_Buf_Limit 50MB
Skip_Long_Lines On
Refresh_Interval 10
Rotate_Wait 30
storage.type filesystem
Read_from_Head ${READ_FROM_HEAD} You could also use the exclude part of the config. I wrote a blog post with more info. |
One solution is to use lua filter to drop records based on labels/annotations. An example that drops all records unless pods have
|
I think exclude all container log collection by default and only include it for containers with annotation is important use case. side note side note for example
this would allow maximum customization and could even be enhanced by not requiring all this info because the log files path would always be like this
|
I change some code making this solution works well. ^^|||
|
as long as this feature cannot be implemented yet
so,
which will result the log to OUTPUT |
Problem Statement
In the current implementation the most common way to get container logs parsed by fluentbit in a kubernetes cluster is to have a filter applied to containers using a log message like the one detailed here:
This represents a bit of a problem with dev containers sometimes polluting our log platform with unwanted logs. We have a select few services we want to include, but the default rule is to exclude.
Describe the solution you'd like
A simple way to include logs in the opposite of how #555 was implemented where you can annotate containers with a
fluentbit.io/include: "true"
and the fluentbit daemonset will only pick up these logs.Describe alternatives you've considered
I've updated my Path in the above config to
/var/log/containers/*deployment*.log
and ensured all my deployments I want to aggregate logs for havedeployment
in the name.Additional context
I have a Kubernetes cluster set up with kops 1.10 and used https://github.com/fluent/fluent-bit-kubernetes-logging to set up fluentbit which then forwards to a fluentd service running the logz.io plugin.
The text was updated successfully, but these errors were encountered: