• Stars
    star
    349
  • Rank 121,528 (Top 3 %)
  • Language
    Ruby
  • License
    Apache License 2.0
  • Created over 9 years ago
  • Updated about 1 year ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Enrich your fluentd events with Kubernetes metadata

fluent-plugin-kubernetes_metadata_filter, a plugin for Fluentd

Circle CI Code Climate Test Coverage Ruby Style Guide Ruby Style Guide

The Kubernetes metadata plugin filter enriches container log records with pod and namespace metadata.

This plugin derives basic metadata about the container that emitted a given log record using the source of the log record. Records from kubernetes containers encode metadata about the container in the file name. The initial metadata derived from the source is used to lookup additional metadata about the container's associated pod and namespace (e.g. UUIDs, labels, annotations) when the kubernetes_url is configured. If the plugin cannot authoritatively determine the namespace of the container emitting a log record, it will use an 'orphan' namespace ID in the metadata. This behaviors supports multi-tenant systems that rely on the authenticity of the namespace for proper log isolation.

Requirements

fluent-plugin-kubernetes_metadata_filter fluentd ruby
>= 2.10.0 >= v1.10.0 >= 2.6
>= 2.5.0 >= v1.10.0 >= 2.5
>= 2.0.0 >= v0.14.20 >= 2.1
< 2.0.0 >= v0.12.0 >= 1.9

NOTE: For v0.12 version, you should use 1.x.y version. Please send patch into v0.12 branch if you encountered 1.x version's bug.

NOTE: This documentation is for fluent-plugin-kubernetes_metadata_filter-plugin-elasticsearch 2.x or later. For 1.x documentation, please see v0.12 branch.

Installation

gem install fluent-plugin-kubernetes_metadata_filter

Configuration

Configuration options for fluent.conf are:

  • kubernetes_url - URL to the API server. Set this to retrieve further kubernetes metadata for logs from kubernetes API server. If not specified, environment variables KUBERNETES_SERVICE_HOST and KUBERNETES_SERVICE_PORT will be used if both are present which is typically true when running fluentd in a pod.
  • apiVersion - API version to use (default: v1)
  • ca_file - path to CA file for Kubernetes server certificate validation
  • verify_ssl - validate SSL certificates (default: true)
  • client_cert - path to a client cert file to authenticate to the API server
  • client_key - path to a client key file to authenticate to the API server
  • bearer_token_file - path to a file containing the bearer token to use for authentication
  • tag_to_kubernetes_name_regexp - the regular expression used to extract kubernetes metadata (pod name, container name, namespace) from the current fluentd tag. This must use named capture groups for container_name, pod_name, namespace, and either pod_uuid (/var/log/pods) or docker_id (/var/log/containers)
  • cache_size - size of the cache of Kubernetes metadata to reduce requests to the API server (default: 1000)
  • cache_ttl - TTL in seconds of each cached element. Set to negative value to disable TTL eviction (default: 3600 - 1 hour)
  • watch - set up a watch on pods on the API server for updates to metadata (default: true)
  • annotation_match - Array of regular expressions matching annotation field names. Matched annotations are added to a log record.
  • allow_orphans - Modify the namespace and namespace id to the values of orphaned_namespace_name and orphaned_namespace_id when true (default: true)
  • orphaned_namespace_name - The namespace to associate with records where the namespace can not be determined (default: .orphaned)
  • orphaned_namespace_id - The namespace id to associate with records where the namespace can not be determined (default: orphaned)
  • lookup_from_k8s_field - If the field kubernetes is present, lookup the metadata from the given subfields such as kubernetes.namespace_name, kubernetes.pod_name, etc. This allows you to avoid having to pass in metadata to lookup in an explicitly formatted tag name or in an explicitly formatted CONTAINER_NAME value. For example, set kubernetes.namespace_name, kubernetes.pod_name, kubernetes.container_name, and docker.id in the record, and the filter will fill in the rest. (default: true)
  • ssl_partial_chain - if ca_file is for an intermediate CA, or otherwise we do not have the root CA and want to trust the intermediate CA certs we do have, set this to true - this corresponds to the openssl s_client -partial_chain flag and X509_V_FLAG_PARTIAL_CHAIN (default: false)
  • skip_labels - Skip all label fields from the metadata.
  • skip_container_metadata - Skip some of the container data of the metadata. The metadata will not contain the container_image and container_image_id fields.
  • skip_master_url - Skip the master_url field from the metadata.
  • skip_namespace_metadata - Skip the namespace_id field from the metadata. The fetch_namespace_metadata function will be skipped. The plugin will be faster and cpu consumption will be less.
  • stats_interval - The interval to display cache stats (default: 30s). Set to 0 to disable stats collection and logging
  • watch_retry_interval - The time interval in seconds for retry backoffs when watch connections fail. (default: 10)
  • open_timeout - The time in seconds to wait for a connection to kubernetes service. (default: 3)
  • read_timeout - The time in seconds to wait for a read from kubernetes service. (default: 10)

Reading from a JSON formatted log files with in_tail and wildcard filenames while respecting the CRI-o log format with the same config you need the fluent-plugin "multi-format-parser":

fluent-gem install fluent-plugin-multi-format-parser

The config block could look like this:

<source>
  @type tail
  path /var/log/containers/*.log
  pos_file fluentd-docker.pos
  read_from_head true
  tag kubernetes.*
  <parse>
    @type multi_format
    <pattern>
      format json
      time_key time
      time_type string
      time_format "%Y-%m-%dT%H:%M:%S.%NZ"
      keep_time_key false
    </pattern>
    <pattern>
      format regexp
      expression /^(?<time>.+) (?<stream>stdout|stderr)( (?<logtag>.))? (?<log>.*)$/
      time_format '%Y-%m-%dT%H:%M:%S.%N%:z'
      keep_time_key false
    </pattern>
  </parse>
</source>

<filter kubernetes.var.log.containers.**.log>
  @type kubernetes_metadata
</filter>

<match **>
  @type stdout
</match>

Environment variables for Kubernetes

If the name of the Kubernetes node the plugin is running on is set as an environment variable with the name K8S_NODE_NAME, it will reduce cache misses and needless calls to the Kubernetes API.

In the Kubernetes container definition, this is easily accomplished by:

env:
- name: K8S_NODE_NAME
  valueFrom:
    fieldRef:
      fieldPath: spec.nodeName

Example input/output

Kubernetes creates symlinks to Docker log files in /var/log/containers/*.log. Docker logs in JSON format.

Assuming following inputs are coming from a log file named /var/log/containers/fabric8-console-controller-98rqc_default_fabric8-console-container-df14e0d5ae4c07284fa636d739c8fc2e6b52bc344658de7d3f08c36a2e804115.log:

{
  "log": "2015/05/05 19:54:41 \n",
  "stream": "stderr",
  "time": "2015-05-05T19:54:41.240447294Z"
}

Then output becomes as belows

{
  "log": "2015/05/05 19:54:41 \n",
  "stream": "stderr",
  "docker": {
    "id": "df14e0d5ae4c07284fa636d739c8fc2e6b52bc344658de7d3f08c36a2e804115",
  }
  "kubernetes": {
    "host": "jimmi-redhat.localnet",
    "pod_name":"fabric8-console-controller-98rqc",
    "pod_id": "c76927af-f563-11e4-b32d-54ee7527188d",
    "pod_ip": "172.17.0.8",
    "container_name": "fabric8-console-container",
    "namespace_name": "default",
    "namespace_id": "23437884-8e08-4d95-850b-e94378c9b2fd",
    "namespace_annotations": {
      "fabric8.io/git-commit": "5e1116f63df0bac2a80bdae2ebdc563577bbdf3c"
    },
    "namespace_labels": {
      "product_version": "v1.0.0"
    },
    "labels": {
      "component": "fabric8Console"
    }
  }
}

Contributing

  1. Fork it
  2. Create your feature branch (git checkout -b my-new-feature)
  3. Commit your changes (git commit -am 'Add some feature')
  4. Test it (GEM_HOME=vendor bundle install; GEM_HOME=vendor bundle exec rake test)
  5. Push to the branch (git push origin my-new-feature)
  6. Create new Pull Request

Copyright

Copyright (c) 2015 jimmidyson

More Repositories

1

kubernetes-client

Java client for Kubernetes & OpenShift
Java
3,378
star
2

docker-maven-plugin

Maven plugin for running and creating Docker images
Java
1,863
star
3

fabric8

fabric8 is an open source microservices platform based on Docker, Kubernetes and Jenkins
1,773
star
4

spring-cloud-kubernetes

Kubernetes integration with Spring Cloud
Java
703
star
5

fabric8-pipeline-library

Fabric8 Pipeline for Jenkins
Groovy
431
star
6

fabric8-maven-plugin

πŸ“’ This project is migrated to πŸ‘‰ https://github.com/eclipse/jkube
Java
334
star
7

jenkins-pipeline-library

a collection of reusable jenkins pipelines and pipeline functions
Groovy
274
star
8

kubeflix

Kubernetes integration with Netflix OSS
267
star
9

kansible

Kansible lets you orchestrate operating system processes on Windows or any Unix in the same way as you orchestrate your Docker containers with Kubernetes by using Ansible to provision the software onto hosts and Kubernetes to orchestate the processes
Go
263
star
10

configmapcontroller

Go
206
star
11

fabric8-jenkinsfile-library

This repository contains a library of reusable Jenkinsfiles that you can use on your projects. Its reused by the fabric8 console to associate Jenkinsfiles to projects
Groovy
187
star
12

elasticsearch-cloud-kubernetes

Java
169
star
13

gofabric8

CLI used when working with fabric8 running on Kubernetes or OpenShift
Go
147
star
14

mockwebserver

An extension of okhttp's mockwebserver, that provides a DSL and is easier to use
Java
112
star
15

fabric8-platform

Generates the distribution of the fabric8 microservices platform
Shell
104
star
16

shootout-docker-maven

A comparison between the four major docker-maven-plugins
Java
84
star
17

jenkins-docker

docker file for a jenkins docker image
Groovy
82
star
18

kubernetes-zipkin

Kubernetes integration with OpenZipkin
Java
69
star
19

ipaas-quickstarts

quickstarts for the fabric8 project
Java
66
star
20

fabric8-devops

Contains the pluggable apps that can be run as part of the fabric8 DevOps platform on any OpenShift v3 or Kubernetes environment
63
star
21

agent-bond

A Super Java Agent
Java
46
star
22

gitcontroller

A simple microservice which watches Kubernetes Deployments which are using gitRepo volumes and if git has changed, updates the Deployment
Go
44
star
23

docker-fluentd-kubernetes

Shell
43
star
24

kubernetes-model

JSON schema generator for OpenShift Origin API objects
36
star
25

fabric8-docker

Dockerfiles to create Fuse containers in docker.io
Shell
33
star
26

fabric8-console

Angular 1.x console for fabric8
28
star
27

openshift-elasticsearch-plugin

Java
27
star
28

jube

jube is a deprecated pure java implementation of kubernetes. Please look at kansible now instead!
Java
27
star
29

vertx-maven-plugin

Vert.x Maven Plugin - moved to https://github.com/reactiverse/vertx-maven-plugin
Java
25
star
30

fabric8-zookeeper-docker

Shell
18
star
31

openshift-auth-proxy

A reverse proxy that authenticates the request against OpenShift, retrieving user information & setting the configured header with the appropriate details.
JavaScript
18
star
32

fluent-plugin-kubernetes

Ruby
16
star
33

fabric8-ipaas

This repository contains the iPaaS related apps that can be run as part of the fabric8 platform on any OpenShift v3 and Kubernetes environment
14
star
34

osio-pipeline

DSL and utility functions in groovy for running Jenkins OSIO Pipeline
Groovy
13
star
35

fabric8-installer

To install fabric8 into a Kubernetes, OpenShift or Atomic environment
Ruby
12
star
36

kubernetes-alexa

A skill that allows Alexa to interact with a Kubernetes / Openshift cluster
Java
12
star
37

docker-gerrit

a docker image for gerrit
Shell
12
star
38

sandbox-fabric8-devops

A repository of devops examples for automatically provisioning and testing fabrics on different infrastructure
Ruby
12
star
39

fabric8-jenkins-workflow-steps

fabric8 based jenkins workflow steps
11
star
40

docker-client

11
star
41

kubernetes-assertions

This library provides a bunch of helpful assertj assertions for working with the kubernetes-api
Java
10
star
42

fabric8-forge

Supports JBoss Forge plugins for the Fabric8 iPaaS along with using Forge as a REST service inside Fabric8 DevOps
Java
10
star
43

docker-gogs

Go
9
star
44

fabric8-ansible-spring-boot

an Ansible playbook for provisioning Spring Boot apps
9
star
45

docker-dirsrv-389ds

Docker Image repo for 389ds Fedora Directory Server
Shell
9
star
46

fabric8-kit

Building blocks for the fabric8 Developer Toolbox (i.e. the Maven plugins)
Java
9
star
47

templates

the default templates to use inside the fabric8 console
Shell
9
star
48

data-mapper

data mapper tooling
7
star
49

jenkins-pipeline-dsl

Groovy
7
star
50

fabric8-online-docs

Shell
7
star
51

docker-cfssl

Shell
7
star
52

docker-grafana

Shell
7
star
53

fluent-plugin-docker_metadata_filter

Ruby
6
star
54

default-jenkins-dsl

The default jenkins job DSL build for automatically performing CI and CD on local gogs repositories inside fabric8
Groovy
6
star
55

hawtio-docker

NOTE: now replaced by fabric8/fabric8-console image. This project creates the fabric8/hawtio docker image
Shell
6
star
56

fabric8-keycloak-theme

CSS
4
star
57

jenkins_exporter

Prometheus exporter for Jenkins
Go
4
star
58

fabric8-test

Python
4
star
59

docker-kibana4

Shell
4
star
60

fabric8-ansible-hawtapp

a sample Ansible playbook that provisions a fabric8 hawtapp onto boxes
Shell
4
star
61

jadvisor

Go
4
star
62

fabric8-envoy

a distribution of Envoy for running on kubernetes or openshift
Shell
4
star
63

grafana-kubernetes-app

JavaScript
4
star
64

jenkinshift

A simple REST Facade that makes Jenkins Jobs and Build Runs appear as if they are OpenShift BuildConfig / Build objects so that the fabric8-console can still view apps/builds when using Jenkins on vanilla kubernetes
Go
3
star
65

fabric8-eclipse-orion

docker packaging of eclipse orion web based IDE
3
star
66

traefik

a kubernetes app for running traefik.io
3
star
67

envsubst

docker image to replace placeholders in a file with env var values
Shell
3
star
68

docker-iptables-redirector

A simple Docker image that redirects traffic via DNAT to a different address/port
Shell
3
star
69

hubot-mattermost

2
star
70

docker-prometheus

2
star
71

hubot-slack

2
star
72

fabric8-release-pipelines

fabric8 release pipeline project that contains the Jenkinsfiles for multi project release
Groovy
2
star
73

fabric8-hubot-scripts

scripts for running hubot on fabric8
CoffeeScript
2
star
74

hubot-base

2
star
75

jenkins-jnlp-client

Jenkins JNLP Client Docker Image
Shell
2
star
76

fabric8-ci-seed

a Jenkins Job DSL script to auto generate pull request CI jobs for projects such as the quickstarts
Groovy
2
star
77

fabric8-online

Groovy
2
star
78

dirsrv-389ds

389ds application for OpenShift/Kubernetes
Groovy
2
star
79

jenkernetes-docker

Shell
2
star
80

fabric8-gogs-find-projects

creates a docker container to find repos in gogs for use in jenkins workflow scripts
Java
2
star
81

jenkins-slave-docker

Jenkins Slave Docker Image
Shell
2
star
82

fabric8-spring

A project to help folks use Spring Boot with Kubernetes or OpenShift
2
star
83

go-builder

Builder image used by Kubernetes Workflow and Jenkinsfile to build golang images
1
star
84

docker-logstash

Shell
1
star
85

hubot-irc

1
star
86

fabric8-brackets

a docker package for the http://brackets.io/ editor
1
star
87

django-examples

Camel iPaaS functionality examples
1
star
88

insight

1
star
89

maven-nexus-docker

a nexus aware docker image for maven
1
star
90

jenkins-slave-dind-maven

a jenkins slave with dind and a pre-installed maven docker image
Shell
1
star
91

ianaservicehelper

Java
1
star
92

jenkins-slave-dind

A Docker in Docker Jenkins Slave
Shell
1
star
93

gitcollector

collects git and github related events from projects inside OpenShift
Go
1
star
94

docker-fluentd

1
star
95

ipaas-platform

Generates the distribution of the ipaas platform
Groovy
1
star
96

docker-influxdb

Go
1
star
97

caddy-server

1
star
98

fabric8-generator

a jboss forge add on for the fabric8 upstream and SaaS generator wizards
Java
1
star
99

fabric8-jbpm-designer

Shell
1
star
100

fabric8-profiles

fabric8-profiles provides an abstraction for sharing configuration across apps in a convention over configuration way
1
star