Add fluentd-cloudwatch log forwarder #211
Conversation
|
Can a kubernetes member verify that this patch is reasonable to test? If so, please reply with "@k8s-bot ok to test" on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands will still work. Regular contributors should join the org to skip this step. If you have questions or suggestions related to this bot's behavior, please file an issue against the kubernetes/test-infra repository. |
| release: "{{ .Release.Name }}" | ||
| kubernetes.io/cluster-service: "true" | ||
| annotations: | ||
| {{- include "toYaml" .Values.annotations | indent 8 }} |
There was a problem hiding this comment.
Helm now comes with a built-in toYaml function, so you can change this to:
annotations:
{{- toYaml .Values.annotations | indent 8 }}
Note though, that it needs to be unindented.
There was a problem hiding this comment.
My approach for this is to use a simple key/value iterator:
annotations:
{{- range $key, $value := .Values.annotations }}
{{ $key }}: {{ $value }}
{{- end }}
Annotations are only ever k:v anyway, so there's no need to feed them through the toYaml filter.
| @@ -0,0 +1,26 @@ | |||
| image: 18fgsa/fluentd-cloudwatch | |||
| imageTag: 0.1.0 | |||
| namespace: kube-system | |||
There was a problem hiding this comment.
Is the kube-system default a hard requirement? Generally we prefer the namespace be managed by helm using the --namespace flag.
|
@k8s-bot ok to test |
|
|
||
| | Parameter | Description | Default | | ||
| | ----------------------- | ---------------------------------- | ---------------------------------------------------------- | | ||
| | `image` | Image | `18fgsa/fluentd-cloudwatch:{VERSION}` | |
There was a problem hiding this comment.
Don't need the :{VERSION} here since it's declared in imageTag
| release: "{{ .Release.Name }}" | ||
| kubernetes.io/cluster-service: "true" | ||
| annotations: | ||
| {{- include "toYaml" .Values.annotations | indent 8 }} |
There was a problem hiding this comment.
My approach for this is to use a simple key/value iterator:
annotations:
{{- range $key, $value := .Values.annotations }}
{{ $key }}: {{ $value }}
{{- end }}
Annotations are only ever k:v anyway, so there's no need to feed them through the toYaml filter.
| chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" | ||
| heritage: "{{ .Release.Service }}" | ||
| release: "{{ .Release.Name }}" | ||
| kubernetes.io/cluster-service: "true" |
There was a problem hiding this comment.
I don't think the cluster-service label is needed/useful. Per the add-on docs, it only has an effect on static manifests.
| - name: varlibdockercontainers | ||
| mountPath: /var/lib/docker/containers | ||
| readOnly: true | ||
| terminationGracePeriodSeconds: 30 |
There was a problem hiding this comment.
Would you consider adding hostNetwork: {{ default false .Values.hostNetwork }} here? We rely on it to create journald log streams using the hostname.
| log_group_name "#{ENV['LOG_GROUP_NAME']}" | ||
| auto_create_stream true | ||
| use_tag_as_stream true | ||
| </match> |
There was a problem hiding this comment.
I recommend/request moving the fluentd config to a values.yaml key, then templating it into a ConfigMap. That would make this more of a generic fluentd chart (though with CloudWatch/ES defaults), allowing others to provide their own, custom image & settings.
|
changes made from review, thanks! found a bug when testing w/ annotations and reported: |
|
Is it possible to make this the |
|
I'll move the current As for a generic chart, it seems possible though it might complicate the deployments and overall maintenance of the chart more than one would like. Some thoughts on a possible implementation:
fluentd:
env:
AWS_REGION: us-east-1
LOG_GROUP_NAME: kubernetes
platform: googleCloud
configurations:
# source: https://github.com/kubernetes/kubernetes/blob/b5b47620f5f13ec2d45dd8879206b99f9a7ecc2f/cluster/addons/fluentd-gcp/fluentd-gcp-image/google-fluentd.conf
googleCloud:
image: kubernetes/fluentd-gcp:latest
tdAgent: |
# This configuration file for Fluentd / td-agent is used
# to watch changes to Docker log files that live in the
...
awsCloudWatch:
image: 18fgsa/fluentd-cloudwatch:0.1.0
tdAgent: |
...
googleCloudJournal: |
...
elasticsearch: |
...Google Cloud $ helm install --name my-release \
--set fluentd.platform=googleCloud \
incubator/fluentdGoogle Cloud Journal $ helm install --name my-release \
--set fluentd.platform=googleCloudJournal \
incubator/fluentdAWS CloudWatch $ helm install --name my-release \
--set fluentd.platform=awsCloudWatch, \
fluentd.env.AWS_REGION=us-east-1, \
fluentd.env.LOG_GROUP_NAME=kubernetes \
incubator/fluentdElasticSearch $ helm install --name my-release \
--set fluentd.platform=elasticseach, \
fluentd.env.ELASTIC_SEARCH_HOST=elasticsearch-logging, \
fluentd.env.ELASTIC_SEARCH_PORT=9200 \
incubator/fluentdThoughts? |
k8s-ci-robot
added
the
cncf-cla: yes
|
Jenkins Charts e2e failed for commit 83dd8cd. Full PR test history. The magic incantation to run this job again is |
|
I really like the idea of allowing configurability of the platform to help guide users to the right set of working plugins and configs. How about something like: fluentd:
env:
AWS_REGION: us-east-1
LOG_GROUP_NAME: kubernetes
platform: googleCloudThen having the logic for which image to use in an if statement of the DaemonSet and a similar block in the ConfigMap. |
|
@k8s-bot ok to test |
|
This change is |
|
Apologies if this is out of line. I came across this PR while looking for a |
|
@aaglenn not out of line at all! Thanks for providing your feedback. |
|
Time is spread to thin and I'm not finding an opportunity to investigate the complexities of making this more agnostic, gonna close for now. |
|
FWIW I'd be okay merging this as-is and perhaps someone else can work on making it more agnostic, given it's in incubator. |
|
@icereval Do you mind if I step in and work on it? Mostly there, IMHO. I have an idea about making it generic while providing some example (yet usable) out-of-the-box configs. |
|
@mgoodness please do, not a problem at all |
|
@mgoodness, as mentioned in fluent/fluentd-kubernetes-daemonset#3 - I'm making the base fluentd configurable so that multiple tags exist based on the plugins available within. I had created a PR for a fluentd-logentries Chart previously, but will look at how to use this work to base on. old PR: #779 |
|
PR for unified fluentd repository @icereval - is it ok if I add your cloudwatch fluentd conf in there? fluent/fluentd-kubernetes-daemonset#4 Edit: Done, added cloudwatch image build to fluentd-kubernetes image |
|
@viglesiasce - I personally prefer config files to be in a separate folder and use the helm
The advantage this gives is that you do not need to worry about the yaml format (and spacing) which you do have to worry about if you work with config files that are embedded in yaml. I find it more user friendly as well (just drop your config that you're used to in there, and run this command, done) Your thoughts? |
|
I believe this is relevant to this PR; https://github.com/krallistic/kubernetes-fluentd |
The container, and the chart is not called 'fluentd-kubernetes-daemonset' The configuration is now inside the container (from PR comment: helm#211 (comment)), so I removed the configMap. The AWS keys are added as secrets from files, using Files.Glob (from PR comment helm#211 (comment))
The container, and the chart is not called 'fluentd-kubernetes-daemonset' The configuration is now inside the container (from PR comment: helm#211 (comment)), so I removed the configMap. The AWS keys are added as secrets from files, using Files.Glob (from PR comment helm#211 (comment))
The configuration is now inside the container (from PR comment: helm#211 (comment)), I then removed the configMap holding the config. The AWS keys are added as secrets from files, using Files.Glob (from PR comment helm#211 (comment))
* fluentd cloudwatch incubator * rename deployment -> daemonset * annotations as value * reorder values * use helm namespace * address code review * move td-agent.conf into values.yaml * Updated fluentd-cloudwatch code from PR 211 The configuration is now inside the container (from PR comment: #211 (comment)), I then removed the configMap holding the config. The AWS keys are added as secrets from files, using Files.Glob (from PR comment #211 (comment)) * Add configMap for fluentd config Copied the config from what's in /fluentd/etc in image: fluent/fluentd-kubernetes-daemonset:v0.12-cloudwatch * Update to use namespaces * Add appVersion * Add fluentd icon * Using github usernames instead of real names * Update label for configmap
* fluentd cloudwatch incubator * rename deployment -> daemonset * annotations as value * reorder values * use helm namespace * address code review * move td-agent.conf into values.yaml * Updated fluentd-cloudwatch code from PR 211 The configuration is now inside the container (from PR comment: helm#211 (comment)), I then removed the configMap holding the config. The AWS keys are added as secrets from files, using Files.Glob (from PR comment helm#211 (comment)) * Add configMap for fluentd config Copied the config from what's in /fluentd/etc in image: fluent/fluentd-kubernetes-daemonset:v0.12-cloudwatch * Update to use namespaces * Add appVersion * Add fluentd icon * Using github usernames instead of real names * Update label for configmap
Adds a Fluentd Cloudwatch chart adapted from fluentd-elasticsearch.
@jmcarp