Helm logging support (#1) #38
Conversation
|
|
|
@rockb1017 please sign the CLA. |
Do I do a individual CLA? |
|
@rockb1017 is this PR still needed? |
|
@tigrannajaryan
|
charts/opentelemetry-collector/templates/clusterRoleBinding.yaml
Outdated
Show resolved
Hide resolved
|
EasyCLA is stuck. Let me try to close and reopen. |
|
@rockb1017 please update PR description / commit message to reflect what you listed here #38 (comment) |
| @@ -110,25 +110,21 @@ ports: | |||
| enabled: true | |||
| containerPort: 4317 | |||
| servicePort: 4317 | |||
| hostPort: 4317 | |||
There was a problem hiding this comment.
Can you please keep the hostPorts enabled conditionally if being run as a daemonset (agent) ?
There was a problem hiding this comment.
@naseemkullah Could you explain why you would want it by default?
without using hostPort, it can be accessed through using k8s service.
in my AWS EKS cluster, it fails to be deployed when trying to use hostPort. it seems that it requires additional cluster configuration to map it to host port. It would make it a bit more complicated to deploy it.
There was a problem hiding this comment.
This how the instrumented workloads communicate with the collector when it runs as a daemon set in agent mode, I agree that in standalone collector mode they should be disabled and the k8s service used, hence enabling them under the condition that agent mode is enabled.
There was a problem hiding this comment.
so pods that are running apps that has been instrumented to send trace information are sending it to its node ip it is running on?
There was a problem hiding this comment.
thats right! with something like this in their env:
- name: OTEL_EXPORTER_JAEGER_AGENT_HOST
valueFrom:
fieldRef:
fieldPath: status.hostIP
There was a problem hiding this comment.
the alternative is running the otel-collector agent as a sidecar container, which is outside the scope of this helm chart
There was a problem hiding this comment.
I agree, let's keep host ports. The only stable pipeline of the otel collector currently is tracing. And running agent with no ports exposed doesn't provide any value for traces collection.
There was a problem hiding this comment.
in my AWS EKS cluster, it fails to be deployed when trying to use hostPort. it seems that it requires additional cluster configuration to map it to host port. It would make it a bit more complicated to deploy it.
@rockb1017 Could you please share the errors you see? I never saw any issues with exposed ports on this deamonset.
remove hostport from default values.yaml Optimize container log parsing by specifying the container runtime make it configurable to collect otel collector log create cluster role and role binding required for k8s metadata enrichment
| includeAgentLogs: false | ||
| enrichK8sMetadata: true | ||
| listOfAnnotations: [] | ||
| listOfLabels: [] |
There was a problem hiding this comment.
K8s metadata applicable not only to logs, but widely used for traces and metrics as well.
All the default configuration can be easily overridden (by merging with defaults) in user's values.yaml. So I don't see a lot of benefit in providing extra configuration ways. Especially listOfAnnotations and listOfLabels can be easily replaced by the existing configuration method.
config:
processors:
k8s_tagger:
annotations: ...
labels: ...
it's just one line more to print than
agentCollector:
containerLogs:
listOfAnnotations:
listOfLabels:
but less configuration options -> less confusion.
Speaking of enrichK8sMetadata, I would recommend to move the option one level up to be able to apply it to any of the pipelines. Like:
agentCollector:
pipelinesWithK8sMetadata: [metrics, traces, logs]
Let's keep agentCollector.k8sMetadataPipelines: [] by default.
@tigrannajaryan @naseemkullah thoughts?
There was a problem hiding this comment.
K8s metadata applicable not only to logs, but widely used for traces and metrics as well.
All the default configuration can be easily overridden (by merging with defaults) in user's values.yaml. So I don't see a lot of benefit in providing extra configuration ways. Especially
listOfAnnotationsandlistOfLabelscan be easily replaced by the existing configuration method.config: processors: k8s_tagger: annotations: ... labels: ...it's just one line more to print than
agentCollector: containerLogs: listOfAnnotations: listOfLabels:but less configuration options -> less confusion.
Good catch 💯
Speaking of
enrichK8sMetadata, I would recommend to move the option one level up to be able to apply it to any of the pipelines. Like:agentCollector: pipelinesWithK8sMetadata: [metrics, traces, logs]Let's keep
agentCollector.k8sMetadataPipelines: []by default.
I just learned about this. so we would have both agentCollector.pipelines and agentCollector.pipelinesWithK8sMetadata?
Seeing that this is a helm chart maybe we just add the k8s_tagger and so on directly in the pipelines out of the box if that makes sense?
There was a problem hiding this comment.
I just learned about this. so we would have both agentCollector.pipelines and agentCollector.pipelinesWithK8sMetadata?
right
Seeing that this is a helm chart maybe we just add the k8s_tagger and so on directly in the pipelines out of the box if that makes sense?
Sounds good, but having k8s_tagger enabled by default requires installing the cluster role. At least we need a way to opt out from that.
There was a problem hiding this comment.
but less configuration options -> less confusion.
I agree.
There was a problem hiding this comment.
I think by having less config, you are making the users to study more on documentation to properly set up configOverride.
For example,
k8s_tagger:
passthrough: false
auth_type: "kubeConfig"
pod_association:
- from: resource_attribute
name: k8s.pod.uid
extract:
metadata:
- deployment
- cluster
- namespace
- node
- startTime
annotations: []
labels: []
filter:
node_from_env_var: KUBE_NODE_NAME
this is required config for enriching it with k8s metadata.
most of it is static. Users doesn't need to know what passthrough value they need to pick, nor search though this plugin documentation to properly choose what pod_association I need to use.
So I think in this case, "less configuration options -> less confusion" doesn't quite fit here. it is more like "more guided helm chart -> less confusion".
We are helping users by presenting the configuration they need to look and hiding what they don't need to waste their minds on.
| expr: '$$record matches "^[^ Z]+ "' | ||
| - output: parser-containerd | ||
| expr: '$$record matches "^[^ Z]+Z"' | ||
| {{- if eq .Values.agentCollector.containerLogs.containerRunTime "cri-o" }} |
There was a problem hiding this comment.
I do not fully understand what this change does. Did this change delete the ability to automatically detect the format used by kubernetes and requires the user to specify the format?
There was a problem hiding this comment.
@rockb1017 please clarify why want to change this. It appears to me automatic detection is valuable since there is one less thing for users to worry about.
There was a problem hiding this comment.
yes, instead of collector detecting the format, we are allowing users to provide their container runtime. this is how it is done in SCK. Though I am not saying this is definitely better way, but at least it will definitely be better for performance. I would say asking users to specify the container runtime once and have more efficient pipeline is better.
There was a problem hiding this comment.
It is a tradeoff between ease of use and performance. Both are valid approach and different users likely will have different preferences. I think what we can do is by default have automatic detection of the format and in addition to that allow the user to specify the format, in which case the detection will be disabled and we will have better performance.
|
Closing this PR since it's too specific for a particular logs collection use case. Feel free to open it again if you want to address the comments |
Improving the helm chart: