From 63e6b85da57198d8c8323b91493ff8cd84384d6e Mon Sep 17 00:00:00 2001 From: Peter Wilcsinszky Date: Fri, 15 Nov 2024 15:21:42 +0100 Subject: [PATCH 1/5] samples: introduce telemetry controller config to replace a logging tenant Signed-off-by: Peter Wilcsinszky --- .../samples/multitenant-routing-tc/README.md | 8 ++ .../logging/tenant-a-logging.yaml | 57 +++++++++++++ .../logging/tenant-b-logging.yaml | 51 ++++++++++++ .../logging/tenant-infra-logging.yaml | 79 +++++++++++++++++++ .../logging/tenant-infra-receiver.yaml | 38 +++++++++ 5 files changed, 233 insertions(+) create mode 100644 config/samples/multitenant-routing-tc/README.md create mode 100644 config/samples/multitenant-routing-tc/logging/tenant-a-logging.yaml create mode 100644 config/samples/multitenant-routing-tc/logging/tenant-b-logging.yaml create mode 100644 config/samples/multitenant-routing-tc/logging/tenant-infra-logging.yaml create mode 100644 config/samples/multitenant-routing-tc/logging/tenant-infra-receiver.yaml diff --git a/config/samples/multitenant-routing-tc/README.md b/config/samples/multitenant-routing-tc/README.md new file mode 100644 index 000000000..b9024bc93 --- /dev/null +++ b/config/samples/multitenant-routing-tc/README.md @@ -0,0 +1,8 @@ +``` +make generate install +kubectl apply -f config/samples/multitenant-routing-tc/logging +helm upgrade --install --namespace customer-a log-generator oci://ghcr.io/kube-logging/helm-charts/log-generator +helm upgrade --install --namespace customer-b log-generator oci://ghcr.io/kube-logging/helm-charts/log-generator +# in a separate shell +make run +``` diff --git a/config/samples/multitenant-routing-tc/logging/tenant-a-logging.yaml b/config/samples/multitenant-routing-tc/logging/tenant-a-logging.yaml new file mode 100644 index 000000000..34420cf21 --- /dev/null +++ b/config/samples/multitenant-routing-tc/logging/tenant-a-logging.yaml @@ -0,0 +1,57 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: customer-a + labels: + tenant: customer-a +--- +apiVersion: v1 +kind: Namespace +metadata: + name: customer-a-infra +--- +apiVersion: logging.banzaicloud.io/v1beta1 +kind: Logging +metadata: + name: customer-a + labels: + tenant: customer-a +spec: + controlNamespace: customer-a-infra + watchNamespaceSelector: + matchLabels: + tenant: customer-a +--- +kind: FluentdConfig +apiVersion: logging.banzaicloud.io/v1beta1 +metadata: + name: customer-a + namespace: customer-a-infra +spec: {} +--- +apiVersion: logging.banzaicloud.io/v1beta1 +kind: Output +metadata: + name: http + namespace: customer-a +spec: + http: + endpoint: http://test-receiver.infra:8080/customer-a + content_type: application/json + buffer: + type: memory + timekey: 1s + timekey_wait: 0s +--- +apiVersion: logging.banzaicloud.io/v1beta1 +kind: Flow +metadata: + name: log-generator + namespace: customer-a +spec: + match: + - select: + labels: + app.kubernetes.io/name: log-generator + localOutputRefs: + - http diff --git a/config/samples/multitenant-routing-tc/logging/tenant-b-logging.yaml b/config/samples/multitenant-routing-tc/logging/tenant-b-logging.yaml new file mode 100644 index 000000000..c7b6697fe --- /dev/null +++ b/config/samples/multitenant-routing-tc/logging/tenant-b-logging.yaml @@ -0,0 +1,51 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: customer-b + labels: + tenant: customer-b +--- +apiVersion: v1 +kind: Namespace +metadata: + name: customer-b-infra +--- +apiVersion: logging.banzaicloud.io/v1beta1 +kind: Logging +metadata: + name: customer-b + labels: + tenant: customer-b +spec: + fluentd: {} + controlNamespace: customer-b-infra + watchNamespaceSelector: + matchLabels: + tenant: customer-b +--- +apiVersion: logging.banzaicloud.io/v1beta1 +kind: Output +metadata: + name: http + namespace: customer-b +spec: + http: + endpoint: http://test-receiver.infra:8080/customer-b + content_type: application/json + buffer: + type: memory + timekey: 1s + timekey_wait: 0s +--- +apiVersion: logging.banzaicloud.io/v1beta1 +kind: Flow +metadata: + name: log-generator + namespace: customer-b +spec: + match: + - select: + labels: + app.kubernetes.io/name: log-generator + localOutputRefs: + - http diff --git a/config/samples/multitenant-routing-tc/logging/tenant-infra-logging.yaml b/config/samples/multitenant-routing-tc/logging/tenant-infra-logging.yaml new file mode 100644 index 000000000..ad1dfc191 --- /dev/null +++ b/config/samples/multitenant-routing-tc/logging/tenant-infra-logging.yaml @@ -0,0 +1,79 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: infra +--- +apiVersion: logging.banzaicloud.io/v1beta1 +kind: Logging +metadata: + name: infra + labels: + tenant: infra +spec: + loggingRef: infra + fluentd: {} + controlNamespace: infra +--- +apiVersion: logging.banzaicloud.io/v1beta1 +kind: ClusterFlow +metadata: + name: all + namespace: infra +spec: + loggingRef: infra + match: + - select: + labels: + app.kubernetes.io/name: log-generator + globalOutputRefs: + - http +--- +apiVersion: logging.banzaicloud.io/v1beta1 +kind: ClusterOutput +metadata: + name: http + namespace: infra +spec: + loggingRef: infra + http: + endpoint: http://test-receiver.infra:8080/infra + content_type: application/json + buffer: + type: memory + timekey: 1s + timekey_wait: 0s +--- +apiVersion: logging.banzaicloud.io/v1beta1 +kind: FluentbitAgent +metadata: + name: infra +spec: + loggingRef: infra + inputTail: + storage.type: filesystem + positiondb: + hostPath: + path: "" + bufferStorageVolume: + hostPath: + path: "" + network: + connectTimeout: 2 + metrics: {} + image: + tag: 3.1.8-debug +--- +apiVersion: logging.banzaicloud.io/v1beta1 +kind: LoggingRoute +metadata: + name: tenants +spec: + source: infra + targets: + matchExpressions: + - key: tenant + operator: Exists + - key: tenant + operator: NotIn + values: + - customer-a diff --git a/config/samples/multitenant-routing-tc/logging/tenant-infra-receiver.yaml b/config/samples/multitenant-routing-tc/logging/tenant-infra-receiver.yaml new file mode 100644 index 000000000..3fbf7bedc --- /dev/null +++ b/config/samples/multitenant-routing-tc/logging/tenant-infra-receiver.yaml @@ -0,0 +1,38 @@ +apiVersion: v1 +kind: Service +metadata: + name: test-receiver + namespace: infra +spec: + type: ClusterIP + ports: + - port: 8080 + targetPort: receiver + protocol: TCP + name: receiver + selector: + app.kubernetes.io/name: test-receiver +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: test-receiver + namespace: infra +spec: + selector: + matchLabels: + app.kubernetes.io/name: test-receiver + template: + metadata: + labels: + app.kubernetes.io/name: test-receiver + annotations: + fluentbit.io/exclude: "true" + spec: + containers: + - name: fluentbit + image: fluent/fluent-bit + args: ["-i", "http", "-p", "port=8080", "-o", "stdout"] + ports: + - name: receiver + containerPort: 8080 From 6c35d325a426e216217c6f470a0e31ed2cd1025d Mon Sep 17 00:00:00 2001 From: Bence Csati Date: Mon, 18 Nov 2024 15:10:12 +0100 Subject: [PATCH 2/5] samples: add mirror TC tenant routing Signed-off-by: Bence Csati --- .../{ => logging}/README.md | 4 +- .../tc-bridge/README.md | 426 ++++++++++++++++ .../tc-bridge/collector.yaml | 14 + .../tc-bridge/tenant-a.yaml | 66 +++ .../tc-bridge/tenant-b.yaml | 66 +++ .../tc-bridge/tenant-infra.yaml | 81 +++ .../tc-simple/README.md | 473 ++++++++++++++++++ .../tc-simple/collector.yaml | 14 + .../tc-simple/tenant-a.yaml | 66 +++ .../tc-simple/tenant-b.yaml | 66 +++ .../tc-simple/tenant-infra.yaml | 68 +++ 11 files changed, 1343 insertions(+), 1 deletion(-) rename config/samples/multitenant-routing-tc/{ => logging}/README.md (87%) create mode 100644 config/samples/multitenant-routing-tc/tc-bridge/README.md create mode 100644 config/samples/multitenant-routing-tc/tc-bridge/collector.yaml create mode 100644 config/samples/multitenant-routing-tc/tc-bridge/tenant-a.yaml create mode 100644 config/samples/multitenant-routing-tc/tc-bridge/tenant-b.yaml create mode 100644 config/samples/multitenant-routing-tc/tc-bridge/tenant-infra.yaml create mode 100644 config/samples/multitenant-routing-tc/tc-simple/README.md create mode 100644 config/samples/multitenant-routing-tc/tc-simple/collector.yaml create mode 100644 config/samples/multitenant-routing-tc/tc-simple/tenant-a.yaml create mode 100644 config/samples/multitenant-routing-tc/tc-simple/tenant-b.yaml create mode 100644 config/samples/multitenant-routing-tc/tc-simple/tenant-infra.yaml diff --git a/config/samples/multitenant-routing-tc/README.md b/config/samples/multitenant-routing-tc/logging/README.md similarity index 87% rename from config/samples/multitenant-routing-tc/README.md rename to config/samples/multitenant-routing-tc/logging/README.md index b9024bc93..76931bb39 100644 --- a/config/samples/multitenant-routing-tc/README.md +++ b/config/samples/multitenant-routing-tc/logging/README.md @@ -1,4 +1,6 @@ -``` +# Logging Operator multi-tenant routing + +```bash make generate install kubectl apply -f config/samples/multitenant-routing-tc/logging helm upgrade --install --namespace customer-a log-generator oci://ghcr.io/kube-logging/helm-charts/log-generator diff --git a/config/samples/multitenant-routing-tc/tc-bridge/README.md b/config/samples/multitenant-routing-tc/tc-bridge/README.md new file mode 100644 index 000000000..b3fda57ac --- /dev/null +++ b/config/samples/multitenant-routing-tc/tc-bridge/README.md @@ -0,0 +1,426 @@ +# Telemtry Controller multi-tenant routing + +```bash +git clone https://github.com/kube-logging/telemetry-controller +cd telemetry-controller +make kind-cluster +make docker-build +kind load docker-image controller:local +helm upgrade --install --wait --create-namespace --namespace telemetry-controller-system telemetry-controller ./charts/telemetry-controller/ --set image.repository=controller --set image.tag=local +kubectl apply -f ../logging-operator/config/samples/multitenant-routing-tc/tc-bridge +helm upgrade --install --namespace customer-a log-generator oci://ghcr.io/kube-logging/helm-charts/log-generator +helm upgrade --install --namespace customer-b log-generator oci://ghcr.io/kube-logging/helm-charts/log-generator +``` + +## Expected generated config + +```yaml +connectors: + count/output_metrics: + logs: + telemetry_controller_output_log_count: + attributes: + - key: tenant + - key: subscription + - key: exporter + description: The number of logs sent out from each exporter. + resource_attributes: + - key: k8s.namespace.name + - key: k8s.node.name + - key: k8s.container.name + - key: k8s.pod.name + - key: k8s.pod.labels.app.kubernetes.io/name + - key: k8s.pod.labels.app + count/tenant_metrics: + logs: + telemetry_controller_tenant_log_count: + attributes: + - key: tenant + description: The number of logs from each tenant pipeline. + resource_attributes: + - key: k8s.namespace.name + - key: k8s.node.name + - key: k8s.container.name + - key: k8s.pod.name + - key: k8s.pod.labels.app.kubernetes.io/name + - key: k8s.pod.labels.app + routing/bridge_customer-a-infra: + table: + - condition: "true" + pipelines: + - logs/tenant_infra + routing/bridge_customer-b-infra: + table: + - condition: "true" + pipelines: + - logs/tenant_infra + routing/subscription_customer-a_customer-a_outputs: + table: + - condition: "true" + pipelines: + - logs/output_customer-a_customer-a_customer-a_customer-a-receiver + routing/subscription_customer-b_customer-b_outputs: + table: + - condition: "true" + pipelines: + - logs/output_customer-b_customer-b_customer-b_customer-b-receiver + routing/subscription_infra_infra_outputs: + table: + - condition: "true" + pipelines: + - logs/output_infra_infra_infra_infra-all + routing/tenant_customer-a_subscriptions: + table: + - condition: "true" + pipelines: + - logs/tenant_customer-a_subscription_customer-a_customer-a + routing/tenant_customer-b_subscriptions: + table: + - condition: "true" + pipelines: + - logs/tenant_customer-b_subscription_customer-b_customer-b + routing/tenant_infra_subscriptions: + table: + - condition: "true" + pipelines: + - logs/tenant_infra_subscription_infra_infra +exporters: + debug: + verbosity: detailed + otlp/customer-a_customer-a-receiver: + endpoint: receiver-a-collector.customer-a.svc.cluster.local:4317 + tls: + insecure: true + otlp/customer-b_customer-b-receiver: + endpoint: receiver-b-collector.customer-b.svc.cluster.local:4317 + tls: + insecure: true + otlp/infra_infra-all: + endpoint: receiver-infra-collector.infra.svc.cluster.local:4317 + tls: + insecure: true + prometheus/message_metrics_exporter: + endpoint: :9999 +extensions: {} +processors: + attributes/exporter_name_customer-a-receiver: + actions: + - action: insert + key: exporter + value: otlp/customer-a_customer-a-receiver + attributes/exporter_name_customer-b-receiver: + actions: + - action: insert + key: exporter + value: otlp/customer-b_customer-b-receiver + attributes/exporter_name_infra-all: + actions: + - action: insert + key: exporter + value: otlp/infra_infra-all + attributes/metricattributes: + actions: + - action: insert + from_attribute: k8s.pod.labels.app + key: app + - action: insert + from_attribute: k8s.node.name + key: host + - action: insert + from_attribute: k8s.namespace.name + key: namespace + - action: insert + from_attribute: k8s.container.name + key: container + - action: insert + from_attribute: k8s.pod.name + key: pod + attributes/subscription_customer-a: + actions: + - action: insert + key: subscription + value: customer-a + attributes/subscription_customer-b: + actions: + - action: insert + key: subscription + value: customer-b + attributes/subscription_infra: + actions: + - action: insert + key: subscription + value: infra + attributes/tenant_customer-a: + actions: + - action: insert + key: tenant + value: customer-a + attributes/tenant_customer-b: + actions: + - action: insert + key: tenant + value: customer-b + attributes/tenant_infra: + actions: + - action: insert + key: tenant + value: infra + deltatocumulative: {} + k8sattributes: + auth_type: serviceAccount + extract: + labels: + - from: pod + key_regex: .* + tag_name: all_labels + metadata: + - k8s.pod.name + - k8s.pod.uid + - k8s.deployment.name + - k8s.namespace.name + - k8s.node.name + - k8s.pod.start_time + passthrough: false + pod_association: + - sources: + - from: resource_attribute + name: k8s.namespace.name + - from: resource_attribute + name: k8s.pod.name + memory_limiter: + check_interval: 1s + limit_percentage: 75 + spike_limit_mib: 25 +receivers: + filelog/customer-a: + exclude: + - /var/log/pods/*/otc-container/*.log + include: + - /var/log/pods/customer-a_*/*/*.log + include_file_name: false + include_file_path: true + operators: + - id: get-format + routes: + - expr: body matches "^\\{" + output: parser-docker + - expr: body matches "^[^ Z]+Z" + output: parser-containerd + type: router + - id: parser-containerd + output: extract_metadata_from_filepath + regex: ^(?P