openstack-helm-infra/fluent-logging
Steve Wilkerson ba736d9840 Fluent-logging: Update fluentd configuration
This updates the configuration for fluentd, providing a mechanism
for basic determination of the log level of a logged event via
entries from /var/log/containers. This log level is prepended to
the tag for that event, and also added as a new `level` key in
the resulting event. These two improvements allow for querying
specific log level events via the tag.

This also adds similar functionality to any events captured via
the oslo log fluentd handler/formatter. This allows for
elasticsearch queries akin to `error.openstack.keystone`, which
can be used by nagios or another alerting mechanism to raise
alerts when a particular level event has been captured.

Change-Id: I016ddcfcf7408de7b6511ddf7009e1e6a5f3a1d9
2018-09-19 14:22:27 -05:00
..
templates Merge "Fluent-logging: Update kubernetes plugin test" 2018-09-19 19:20:33 +00:00
Chart.yaml Fluent-logging helm chart 2017-12-15 10:52:16 -06:00
README.rst Remove the duplicated word 2018-06-10 19:04:54 -04:00
requirements.yaml fluent-logging: yaml indentation fixes 2018-05-11 08:48:21 +00:00
values.yaml Fluent-logging: Update fluentd configuration 2018-09-19 14:22:27 -05:00

Fluentd-logging

OpenStack-Helm defines a centralized logging mechanism to provide insight into the state of the OpenStack services and infrastructure components as well as underlying kubernetes platform. Among the requirements for a logging platform, where log data can come from and where log data need to be delivered are very variable. To support various logging scenarios, OpenStack-Helm should provide a flexible mechanism to meet with certain operation needs. This chart proposes fast and lightweight log forwarder and full featured log aggregator complementing each other providing a flexible and reliable solution. Especially, Fluent-bit is proposed as a log forwarder and Fluentd is proposed as a main log aggregator and processor.

Mechanism

Fluent-bit, Fluentd meet OpenStack-Helm's logging requirements for gathering, aggregating, and delivering of logged events. Flunt-bit runs as a daemonset on each node and mounts the /var/lib/docker/containers directory. The Docker container runtime engine directs events posted to stdout and stderr to this directory on the host. Fluent-bit then forward the contents of that directory to Fluentd. Fluentd runs as deployment at the designated nodes and expose service for Fluent-bit to foward logs. Fluentd should then apply the Logstash format to the logs. Fluentd can also write kubernetes and OpenStack metadata to the logs. Fluentd will then forward the results to Elasticsearch and to optionally kafka. Elasticsearch indexes the logs in a logstash-* index by default. kafka stores the logs in a 'logs' topic by default. Any external tool can then consume the 'logs' topic.