Initial commit

max-rocket-internet · max-rocket-internet · commit 7e9cfa3a55cd · 2019-02-07T15:40:33.000+01:00
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,43 @@
+FROM fluent/fluentd:v1.3.3-debian-1.0
+
+USER root
+WORKDIR /home/fluent
+ENV PATH /fluentd/vendor/bundle/ruby/2.3.0/bin:$PATH
+ENV GEM_PATH /fluentd/vendor/bundle/ruby/2.3.0
+ENV GEM_HOME /fluentd/vendor/bundle/ruby/2.3.0
+# skip runtime bundler installation
+ENV FLUENTD_DISABLE_BUNDLER_INJECTION 1
+
+COPY ./conf/Gemfile /fluentd/
+
+RUN buildDeps="sudo make gcc g++ libc-dev ruby-dev libffi-dev" \
+     && apt-get update \
+     && apt-get upgrade -y \
+     && apt-get install \
+     -y --no-install-recommends \
+     $buildDeps net-tools libjemalloc1 \
+    && gem install bundler --version 1.16.2 \
+    && bundle config silence_root_warning true \
+    && bundle install --gemfile=/fluentd/Gemfile --path=/fluentd/vendor/bundle \
+    && SUDO_FORCE_REMOVE=yes \
+    apt-get purge -y --auto-remove \
+                  -o APT::AutoRemove::RecommendsImportant=false \
+                  $buildDeps \
+ && rm -rf /var/lib/apt/lists/* \
+    && gem sources --clear-all \
+    && rm -rf /tmp/* /var/tmp/* /usr/lib/ruby/gems/*/cache/*.gem
+
+# Copy configuration files
+COPY ./conf/fluent.conf /fluentd/etc/
+RUN touch /fluentd/etc/disable.conf
+COPY ./conf/entrypoint.sh /fluentd/entrypoint.sh
+
+# Environment variables
+ENV FLUENTD_OPT=""
+ENV FLUENTD_CONF="fluent.conf"
+
+# See https://packages.debian.org/stretch/amd64/libjemalloc1/filelist
+ENV LD_PRELOAD="/usr/lib/x86_64-linux-gnu/libjemalloc.so.1"
+
+# Overwrite ENTRYPOINT to run fluentd as root for /var/log / /var/lib
+ENTRYPOINT ["tini", "--", "/fluentd/entrypoint.sh"]
diff --git a/README.md b/README.md
@@ -0,0 +1,25 @@
+# Kubernetes event logger
+
+Events in Kubernetes log very important information. If are trying to understand what happened in the past then these events show clearly what your Kubernetes cluster was thinking and doing. Some examples:
+
+- Pod events like failed probes, crashes, scheduling related information like `TriggeredScaleUp` or `FailedScheduling`
+- HorizontalPodAutoscaler events like scaling up and down
+- Deployment events like scaling in and out of ReplicaSets
+- Ingress events like create and update
+
+The problem is that these events are simply API objects in Kubernetes and are only stored for about 1 hour. This can make debugging a problem in the past very tricky.
+
+This simple container and [Helm](https://helm.sh/) chart will run in your cluster, watch for events and print them to stdout in JSON. The assumption is that you already have a daemonset for collecting all pod logs and sending them to a central system, e.g. ELK, Splunk, Graylog etc.
+
+It's based on work in these 2 repositories:
+
+- https://github.com/splunk/fluent-plugin-kubernetes-objects
+- https://github.com/fluent/fluentd-kubernetes-daemonset
+
+### Installation
+
+Use the [Helm](https://helm.sh/) chart:
+
+```
+helm install chart/
+```
diff --git a/chart/.helmignore b/chart/.helmignore
@@ -0,0 +1,22 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/chart/Chart.yaml b/chart/Chart.yaml
@@ -0,0 +1,5 @@
+apiVersion: v1
+appVersion: "1.0"
+version: 0.1.0
+description: Creates deployment that runs a single container to log k8s events to stdout
+name: event-logger
diff --git a/chart/templates/_helpers.tpl b/chart/templates/_helpers.tpl
@@ -0,0 +1,32 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "event-logger.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "event-logger.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "event-logger.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
diff --git a/chart/templates/clusterrole.yaml b/chart/templates/clusterrole.yaml
@@ -0,0 +1,13 @@
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1beta1
+metadata:
+  name: {{ include "event-logger.fullname" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "event-logger.name" . }}
+    helm.sh/chart: {{ include "event-logger.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+rules:
+- apiGroups: [""]
+  resources: ["events"]
+  verbs: ["get", "list", "watch"]
diff --git a/chart/templates/clusterrolebinding.yaml b/chart/templates/clusterrolebinding.yaml
@@ -0,0 +1,17 @@
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: {{ include "event-logger.fullname" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "event-logger.name" . }}
+    helm.sh/chart: {{ include "event-logger.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ include "event-logger.fullname" . }}
+subjects:
+- namespace: {{ .Release.Namespace }}
+  kind: ServiceAccount
+  name: {{ include "event-logger.fullname" . }}
diff --git a/chart/templates/deployment.yaml b/chart/templates/deployment.yaml
@@ -0,0 +1,45 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "event-logger.fullname" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "event-logger.name" . }}
+    helm.sh/chart: {{ include "event-logger.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: {{ include "event-logger.name" . }}
+      app.kubernetes.io/instance: {{ .Release.Name }}
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: {{ include "event-logger.name" . }}
+        app.kubernetes.io/instance: {{ .Release.Name }}
+    spec:
+      serviceAccountName: {{ include "event-logger.fullname" . }}
+      containers:
+        - name: app
+          image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          env:
+{{- range $key, $value := .Values.env }}
+          - name: {{ $key }}
+            value: {{ $value | quote }}
+{{- end }}
+          resources:
+            {{- toYaml .Values.resources | nindent 12 }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+    {{- with .Values.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+    {{- end }}
+    {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+    {{- end }}
diff --git a/chart/templates/serviceaccount.yaml b/chart/templates/serviceaccount.yaml
@@ -0,0 +1,9 @@
+kind: ServiceAccount
+apiVersion: v1
+metadata:
+  name: {{ include "event-logger.fullname" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "event-logger.name" . }}
+    helm.sh/chart: {{ include "event-logger.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
diff --git a/chart/values.yaml b/chart/values.yaml
@@ -0,0 +1,23 @@
+image:
+  repository: deliveryherotech/k8s-event-logger
+  tag: "1.0"
+  pullPolicy: IfNotPresent
+
+resources:
+  requests:
+    cpu: 10m
+    memory: 32Mi
+  limits:
+    cpu: 100m
+    memory: 128Mi
+
+env:
+  KUBERNETES_API_URL: https://172.20.0.1:443
+  CA_FILE: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+
+
+nameOverride: ""
+fullnameOverride: ""
+nodeSelector: {}
+tolerations: []
+affinity: {}
diff --git a/conf/Gemfile b/conf/Gemfile
@@ -0,0 +1,4 @@
+source "https://rubygems.org"
+
+gem "fluentd", "1.3.3"
+gem "fluent-plugin-kubernetes-objects"
diff --git a/conf/entrypoint.sh b/conf/entrypoint.sh
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+exec fluentd -c /fluentd/etc/${FLUENTD_CONF} -p /fluentd/plugins --gemfile /fluentd/Gemfile ${FLUENTD_OPT}
diff --git a/conf/fluent.conf b/conf/fluent.conf
@@ -0,0 +1,25 @@
+<source>
+  @type kubernetes_objects
+  kubernetes_url "#{ENV['KUBERNETES_API_URL']}"
+  ca_file "#{ENV['CA_FILE']}"
+
+  <watch>
+    resource_name events
+    namespace default
+  </watch>
+
+  <watch>
+    resource_name events
+    namespace kube-system
+  </watch>
+</source>
+
+<format>
+  @type stdout
+  output_type json
+</format>
+
+<match **>
+  @type stdout
+  format json
+</match>
