New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(otellogs/systemd): add support for systemd logs to otellogs #2364

Merged

sumo-drosiek merged 19 commits into main from drosiek-journald

Jul 12, 2022

Contributor

sumo-drosiek commented Jun 7, 2022 •

edited

Loading

Description

Add support for journald receiver. This behaves like fluent-bit with one small exception. Units for filtering are taken from different place.

        ## This is not a full equivalent of fluent-bit filtering as fluent-bit filters by `_SYSTEMD_UNIT`
        ## Here is filtering by `UNIT`

Checklist

Changelog updated

Testing performed

Redeploy fluentd and fluentd-events pods
Confirm events, logs, and metrics are coming in

sumo-drosiek added the do-not-merge/hold label

sumo-drosiek added this to the v3.0 milestone

github-actions bot requested changes

View reviewed changes

github-actions bot left a comment

This pull request contains invalid labels. Please remove all of the following labels: ['do-not-merge/hold']

sumo-drosiek force-pushed the drosiek-fix-systemd branch 3 times, most recently from 107102f to 4067575 Compare

June 8, 2022 05:59

Base automatically changed from drosiek-fix-systemd to main

June 8, 2022 07:30

sumo-drosiek force-pushed the drosiek-journald branch from 3069532 to eefe68b Compare

June 29, 2022 09:23

github-actions bot added documentation integration-tests labels

sumo-drosiek force-pushed the drosiek-journald branch from 3c37999 to 3ae7fea Compare

June 29, 2022 10:50

sumo-drosiek commented

View reviewed changes

deploy/helm/sumologic/values.yaml Show resolved Hide resolved

sumo-drosiek marked this pull request as ready for review

June 29, 2022 12:47

sumo-drosiek requested a review from a team as a code owner

June 29, 2022 12:47

sumo-drosiek commented

View reviewed changes

tests/helm/logs_otc_daemonset/static/complex.output.yaml Outdated Show resolved Hide resolved

sumo-drosiek removed the do-not-merge/hold label

sumo-drosiek modified the milestones: v3.0, v2.11

github-actions bot approved these changes

View reviewed changes

sumo-drosiek commented

View reviewed changes

deploy/helm/sumologic/values.yaml Outdated Show resolved Hide resolved

sumo-drosiek commented

View reviewed changes

deploy/helm/sumologic/values.yaml

@@ @@ -4136,6 +4136,7 @@ metadata: @@
                         json_logs:
                           add_timestamp: true
                           timestamp_key: timestamp
+                          flatten_body: true

Contributor Author

sumo-drosiek Jun 29, 2022

systemd is key value pair, so this option is safe for fluentd. It's necessary for otel, as it sends body as key-value pair. This body would be put inside log key without this option

kasia-kujawa reviewed

View reviewed changes

deploy/helm/sumologic/values.yaml Outdated

@@ @@ -4716,7 +4719,7 @@ otellogs: @@
                 ## Configure image for Opentelemetry Collector
                 image:
                   repository: public.ecr.aws/sumologic/sumologic-otel-collector
-                  tag: 0.52.0-sumo-0
+                  tag: 0.53.0-sumo-0

Contributor

kasia-kujawa Jul 6, 2022

You can now update tag to newer version ;)

kasia-kujawa approved these changes

View reviewed changes

sumo-drosiek mentioned this pull request

feat(otellogs): add additional volumes and env configs #2410

Merged

3 tasks

sumo-drosiek force-pushed the drosiek-journald branch from 4cfc6e9 to 9ee6f65 Compare

July 7, 2022 12:41

sumo-drosiek modified the milestones: v2.11, v2.12

sumo-drosiek commented

View reviewed changes

deploy/helm/sumologic/values.yaml Outdated Show resolved Hide resolved

sumo-drosiek commented

View reviewed changes

deploy/helm/sumologic/values.yaml Outdated Show resolved Hide resolved

Contributor

andrzej-stencel commented Jul 11, 2022

"I have a dream"... that we have a piece of high-level documentation describing collecting systemd logs, a bit like what we now have for collecting Kubernetes events: https://github.com/SumoLogic/sumologic-kubernetes-collection/blob/main/deploy/docs/collecting-kubernetes-events.md.

andrzej-stencel reviewed

View reviewed changes

deploy/helm/sumologic/values.yaml

+                      directory: /var/log/journal
+                      ## This is not a full equivalent of fluent-bit filtering as fluent-bit filters by `_SYSTEMD_UNIT`
+                      ## Here is filtering by `UNIT`
+                      units:

Contributor

andrzej-stencel Jul 11, 2022 •

edited

Loading

Does this list mean that if the user wants to customize this list, they just need to overwrite this property in their values.yaml file? 😱 For example, if they want to exclude a specific unit, they need to replicate this whole list with the one unit excluded.
I don't know what the common use cases are (if there are any). Maybe there are no good reasons to customize this list. In that case, do we need to expose it? This question applies to this whole config.

Contributor Author

sumo-drosiek Jul 11, 2022

Yes, this PR is fluent-bit replacement. There is a lot of improvements we can take, but maybe there should be separate issues, so it will be more organised way to track them?

Contributor Author

sumo-drosiek Jul 11, 2022

I don't know what the common use cases are (if there are any).

I don't think there are any, but we need to have some plan in case they'll appear

Contributor Author

sumo-drosiek commented Jul 11, 2022

"I have a dream"... that we have a piece of high-level documentation describing collecting systemd logs, a bit like what we now have for collecting Kubernetes events: https://github.com/SumoLogic/sumologic-kubernetes-collection/blob/main/deploy/docs/collecting-kubernetes-events.md.

I would love to have this simple option:

sumologic:
  logs:
    systemd:
      enabled: false

but it is not possible now. We need to take it in v3. I think the documentation should be a part of that change too. (For now we do not document any otellogs configuration)

If you think differently I can make some documentation draft as part of this PR :)

Contributor Author

sumo-drosiek commented Jul 11, 2022

but it is not possible now

TBH, maybe it is, but we need to have some final consensus about which approach to configuration we take

sumo-drosiek force-pushed the drosiek-journald branch from 34d766b to a7fd444 Compare

July 12, 2022 06:58

sumo-drosiek mentioned this pull request

feat(metadata): upgrade otelcol to v0.54.0-sumo-0 #2422

Merged

3 tasks

andrzej-stencel approved these changes

View reviewed changes

sumo-drosiek force-pushed the drosiek-journald branch from fc2e42d to 0d897d4 Compare

July 12, 2022 09:23

Dominik Rosiek and others added 18 commits

July 12, 2022 11:35


          fix(logs/metadata): fix logs metadata for systemd

c6f5fc3

Signed-off-by: Dominik Rosiek <drosiek@sumologic.com>


          feat(otellogs/systemd): add support for systemd logs to otellogs

Signed-off-by: Dominik Rosiek <drosiek@sumologic.com>


          chore(changelog): update

d309b9b

Signed-off-by: Dominik Rosiek <drosiek@sumologic.com>


          fix(logs/systemd): adjust otellogs output to fluent output

695edcb

Signed-off-by: Dominik Rosiek <drosiek@sumologic.com>


          test(logs/systemd): add tests for otellogs

ba00d99

Signed-off-by: Dominik Rosiek <drosiek@sumologic.com>


          test: update template tests

6243eb4

Signed-off-by: Dominik Rosiek <drosiek@sumologic.com>


          test: update template tests

3e0d9f6

Signed-off-by: Dominik Rosiek <drosiek@sumologic.com>


          refactor: rename exporter

7db2919

Signed-off-by: Dominik Rosiek <drosiek@sumologic.com>


          test: update template tests

8243c4a

Signed-off-by: Dominik Rosiek <drosiek@sumologic.com>


          test: fix test by mounting journal logs

9aa9050

Signed-off-by: Dominik Rosiek <drosiek@sumologic.com>


          test: update template tests

Signed-off-by: Dominik Rosiek <drosiek@sumologic.com>


          Update tests/helm/logs_otc_daemonset/static/complex.output.yaml

c8fbad2


          feat: use common pipeline for fluent and otelcol systemd

eb7c51e

Signed-off-by: Dominik Rosiek <drosiek@sumologic.com>


          Update deploy/helm/sumologic/values.yaml

74c5aee


          test: update template tests

7bc7b22

Signed-off-by: Dominik Rosiek <drosiek@sumologic.com>


          feat: add separate pipelines for otlp systemd logs

a7eb24c

Signed-off-by: Dominik Rosiek <drosiek@sumologic.com>


          Apply suggestions from code review

203b42d


          feat(vagrant): update

3c2b95d

Signed-off-by: Dominik Rosiek <drosiek@sumologic.com>

sumo-drosiek force-pushed the drosiek-journald branch from 0d897d4 to 3c2b95d Compare

July 12, 2022 09:35


          fix: dix integration tests

a71a378

Signed-off-by: Dominik Rosiek <drosiek@sumologic.com>

sumo-drosiek merged commit c9f76d3 into main

sumo-drosiek deleted the drosiek-journald branch

July 12, 2022 12:47

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

documentation integration-tests