Fluentd log aggregation (#259)

vishalbollu · web-flow · commit 573eed8cd0e6 · 2019-07-25T21:28:31.000-04:00
diff --git a/examples/pipelines/iris/cortex.yaml b/examples/pipelines/iris/cortex.yaml
@@ -24,3 +24,6 @@
 - kind: api
   name: iris-type
   model: @dnn
+  compute:
+    max_replicas: 4
+    min_replicas: 4
diff --git a/images/fluentd/Dockerfile b/images/fluentd/Dockerfile
@@ -1 +1,3 @@
 FROM fluent/fluentd-kubernetes-daemonset:v1.2.2-debian-cloudwatch
+RUN fluent-gem install fluent-plugin-grep
+RUN fluent-gem install fluent-plugin-route
diff --git a/manager/manifests/fluentd.yaml b/manager/manifests/fluentd.yaml
@@ -20,20 +20,21 @@ metadata:
   labels:
     app: fluentd
 ---
-
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRole
 metadata:
   name: fluentd
   namespace: $CORTEX_NAMESPACE
 rules:
 - apiGroups: [""]
-  resources: [pods]
+  resources:
+    - namespaces
+    - pods
+    - pods/logs
   verbs: [get, list, watch]
 ---
-
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRoleBinding
 metadata:
   name: fluentd
   namespace: $CORTEX_NAMESPACE
@@ -42,7 +43,7 @@ subjects:
   name: fluentd
   namespace: $CORTEX_NAMESPACE
 roleRef:
-  kind: Role
+  kind: ClusterRole
   name: fluentd
   apiGroup: rbac.authorization.k8s.io
 ---
@@ -54,25 +55,111 @@ metadata:
   namespace: $CORTEX_NAMESPACE
 data:
   fluent.conf: |
+    @include containers.conf
+
     <match fluent.**>
       @type null
     </match>
+  containers.conf: |
     <source>
       @type tail
-      enable_stat_watcher false
+      @id in_tail_container_logs
+      @label @containers
       path /var/log/containers/**_${CORTEX_NAMESPACE}_**.log
       pos_file /var/log/fluentd-containers.log.pos
-      time_format %Y-%m-%dT%H:%M:%S.%NZ
       tag *
-      format json
       read_from_head true
+      <parse>
+        @type json
+        time_format %Y-%m-%dT%H:%M:%S.%NZ
+      </parse>
     </source>
-    <match **>
-      @type cloudwatch_logs
-      log_group_name "#{ENV['LOG_GROUP_NAME']}"
-      auto_create_stream true
-      use_tag_as_stream true
-    </match>
+
+    <label @containers>
+      <filter **>
+        @type kubernetes_metadata
+        @id filter_kube_metadata
+      </filter>
+
+      <match **>
+        @type route
+        <route **>
+          copy
+          @label @by_pod
+        </route>
+        <route **>
+          copy
+          @label @by_endpoint
+        </route>
+      </match>
+    </label>
+
+    <label @by_pod>
+      <filter **>
+        @type record_transformer
+        @id filter_containers_stream_transformer
+        <record>
+          stream_name ${tag_parts[3]}
+        </record>
+        remove_keys kubernetes,docker,stream
+      </filter>
+      <match **>
+        @type cloudwatch_logs
+        region "#{ENV['CORTEX_REGION']}"
+        log_group_name "#{ENV['LOG_GROUP_NAME']}"
+        log_stream_name_key stream_name
+        remove_log_stream_name_key true
+        auto_create_stream true
+        <buffer>
+          flush_interval 5
+          chunk_limit_size 2m
+          queued_chunks_limit_size 32
+          retry_forever true
+        </buffer>
+      </match>
+    </label>
+
+    <label @by_endpoint>
+      <filter **>
+        @type record_transformer
+        enable_ruby
+        <record>
+          workload_type ${record.dig("kubernetes", "labels", "workloadType") || "unknown"}
+        </record>
+        remove_keys docker,stream
+      </filter>
+
+      <filter **>
+        @type grep
+        regexp1 workload_type api
+      </filter>
+      <filter **>
+        @type record_transformer
+        enable_ruby
+        <record>
+          pod_name ${record.dig("kubernetes", "pod_name")}
+          container_name ${record.dig("kubernetes", "container_name")}
+          workload_id ${record.dig("kubernetes", "labels", "workloadID")}
+          stream_name ${record.dig("kubernetes", "labels", "appName")}.${record.dig("kubernetes", "labels", "apiName")}
+        </record>
+        remove_keys kubernetes,api_name,app_name,workload_type
+      </filter>
+      <match **>
+        @type cloudwatch_logs
+        @id out_cloudwatch_logs_endpoints
+        region "#{ENV['CORTEX_REGION']}"
+        log_group_name "#{ENV['LOG_GROUP_NAME']}"
+        log_stream_name_key stream_name
+        remove_log_stream_name_key true
+        auto_create_stream true
+        <buffer>
+          flush_interval 5
+          chunk_limit_size 2m
+          queued_chunks_limit_size 32
+          retry_forever true
+        </buffer>
+      </match>
+    </label>
 ---
 
 apiVersion: extensions/v1beta1
diff --git a/pkg/lib/aws/logs.go b/pkg/lib/aws/logs.go
@@ -44,8 +44,6 @@ type FluentdLog struct {
 }
 
 func (c *Client) GetLogs(prefix string, logGroup string) (string, error) {
-	logGroupNamePrefix := "var.log.containers."
-
 	ignoreLogStreamNameRegexes := []*regexp.Regexp{
 		regexp.MustCompile(`-exec-[0-9]+`),
 		regexp.MustCompile(`_spark-init-`),
@@ -55,7 +53,7 @@ func (c *Client) GetLogs(prefix string, logGroup string) (string, error) {
 	logStreamsOut, err := c.cloudWatchLogsClient.DescribeLogStreams(&cloudwatchlogs.DescribeLogStreamsInput{
 		Limit:               aws.Int64(50),
 		LogGroupName:        aws.String(logGroup),
-		LogStreamNamePrefix: aws.String(logGroupNamePrefix + prefix),
+		LogStreamNamePrefix: aws.String(prefix),
 	})
 	if err != nil {
 		return "", errors.Wrap(err, "cloudwatch logs", prefix)
diff --git a/pkg/operator/endpoints/logs.go b/pkg/operator/endpoints/logs.go
@@ -23,6 +23,7 @@ import (
 
 	"github.com/cortexlabs/cortex/pkg/lib/errors"
 	"github.com/cortexlabs/cortex/pkg/lib/slices"
+	reslib "github.com/cortexlabs/cortex/pkg/operator/api/resource"
 	"github.com/cortexlabs/cortex/pkg/operator/workloads"
 )
 
@@ -46,8 +47,14 @@ func ReadLogs(w http.ResponseWriter, r *http.Request) {
 	resourceName := getOptionalQParam("resourceName", r)
 	resourceType := getOptionalQParam("resourceType", r)
 
+	podLabels := map[string]string{
+		"appName":    appName,
+		"userFacing": "true",
+	}
+
 	if workloadID != "" {
-		readLogs(w, r, workloadID, appName, verbose)
+		podLabels["workloadID"] = workloadID
+		readLogs(w, r, podLabels, appName, verbose)
 		return
 	}
 
@@ -61,7 +68,9 @@ func ReadLogs(w http.ResponseWriter, r *http.Request) {
 			RespondError(w, errors.Wrap(workloads.ErrorNotFound(), appName, "latest workload ID", resourceID))
 			return
 		}
-		readLogs(w, r, workloadID, appName, verbose)
+
+		podLabels["workloadID"] = workloadID
+		readLogs(w, r, podLabels, appName, verbose)
 		return
 	}
 
@@ -76,16 +85,25 @@ func ReadLogs(w http.ResponseWriter, r *http.Request) {
 			RespondError(w, err)
 			return
 		}
-		workloadID = resource.GetWorkloadID()
-		readLogs(w, r, workloadID, appName, verbose)
+		if resource.GetResourceType() == reslib.APIType {
+			podLabels["apiName"] = resource.GetName()
+		} else {
+			podLabels["workloadID"] = resource.GetWorkloadID()
+		}
+		readLogs(w, r, podLabels, appName, verbose)
 		return
 	}
 
 	resource, err := ctx.VisibleResourceByName(resourceName)
 
 	if err == nil {
 		workloadID = resource.GetWorkloadID()
-		readLogs(w, r, workloadID, appName, verbose)
+		if resource.GetResourceType() == reslib.APIType {
+			podLabels["apiName"] = resource.GetName()
+		} else {
+			podLabels["workloadID"] = resource.GetWorkloadID()
+		}
+		readLogs(w, r, podLabels, appName, verbose)
 		return
 	}
 
@@ -96,16 +114,16 @@ func ReadLogs(w http.ResponseWriter, r *http.Request) {
 	}
 	workloadIDs = slices.UniqueStrings(workloadIDs)
 	if len(workloadIDs) == 1 {
-		workloadID = workloadIDs[0]
-		readLogs(w, r, workloadID, appName, verbose)
+		podLabels["workloadID"] = workloadIDs[0]
+		readLogs(w, r, podLabels, appName, verbose)
 		return
 	}
 
 	RespondError(w, err)
 	return
 }
 
-func readLogs(w http.ResponseWriter, r *http.Request, workloadID string, appName string, verbose bool) {
+func readLogs(w http.ResponseWriter, r *http.Request, podLabels map[string]string, appName string, verbose bool) {
 	upgrader := websocket.Upgrader{}
 	socket, err := upgrader.Upgrade(w, r, nil)
 	if err != nil {
@@ -114,5 +132,5 @@ func readLogs(w http.ResponseWriter, r *http.Request, workloadID string, appName
 	}
 	defer socket.Close()
 
-	workloads.ReadLogs(appName, workloadID, verbose, socket)
+	workloads.ReadLogs(appName, podLabels, verbose, socket)
 }
diff --git a/pkg/operator/workloads/cron.go b/pkg/operator/workloads/cron.go
@@ -70,11 +70,6 @@ func runCron() {
 		errors.PrintError(err)
 	}
 
-	if err := uploadLogPrefixesFromAPIPods(apiPods); err != nil {
-		config.Telemetry.ReportError(err)
-		errors.PrintError(err)
-	}
-
 	failedPods, err := config.Kubernetes.ListPods(&kmeta.ListOptions{
 		FieldSelector: "status.phase=Failed",
 	})
diff --git a/pkg/operator/workloads/log_prefix.go b/pkg/operator/workloads/log_prefix.go
diff --git a/pkg/operator/workloads/log_prefix_cache.go b/pkg/operator/workloads/log_prefix_cache.go
diff --git a/pkg/operator/workloads/logs.go b/pkg/operator/workloads/logs.go

Original file line number	Diff line number	Diff line change
`@@ -1 +1,3 @@`
`1`	`1`	`FROM fluent/fluentd-kubernetes-daemonset:v1.2.2-debian-cloudwatch`
	`2`	`+RUN fluent-gem install fluent-plugin-grep`
	`3`	`+RUN fluent-gem install fluent-plugin-route`