-
Notifications
You must be signed in to change notification settings - Fork 2.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Hubble: add possibility to export flows to container logs #31422
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm 🚀
- could you squash these 2 commits into 1 commit?
- curious how it shows up in kubectl logs. could you post a sample output?
/test |
df09705
to
1adcd5f
Compare
Thanks! This is how one flow shows up in the log now:
|
/test |
looks like https://github.com/cilium/cilium/actions/runs/8302891162/job/22726503509?pr=31422 is complaining about commit message format. there should an extra blank line between the title and body:
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Seems reasonable to me. Overall, the code changes look good. Just a few doc updates needed:
- Can you update the flag help text. Make sure to re-run
make -C Documentation update-cmdref
after updating. - Can you update the usage documentation as well?
1adcd5f
to
57502e4
Compare
/test |
Head branch was pushed to by a user without write access
57502e4
to
ea45f6c
Compare
/test |
ea45f6c
to
89cc553
Compare
Sorry, I didn't see that message before... |
3cc39a6
to
1104849
Compare
1104849
to
0b47f4e
Compare
/test |
0b47f4e
to
ec70f46
Compare
/test |
Please run |
ec70f46
to
07fad00
Compare
/test |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Requesting changes to halt the PR for a little bit so it's not merged accidentally.
07fad00
to
6b07ef8
Compare
According to @glibsm 's change request, the Hubble flows are now directly written to stdout instead of using logrus, because of performance concerns. In addition, there are no more escaped characters in the output string, which makes it easier to use. Now flows are written to
This is the most efficient solution possible. If additional fields are necessary, the data can be manipulated outside of cilium (fluent-bit, otel ...). Hopefully, this PR can be merged soon. |
@glibsm |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry about the long delay, this PR slipped through my review queue somehow
Check patch is failing: https://github.com/cilium/cilium/actions/runs/8388580874/job/23305658705?pr=31422
Looks like something is off about your commit/sign-off. |
This is a modification of the static exporter for flow logs, which allows setting the hubble-export-file-path to stdout. This triggers not the creation of rotating files but the direct output to logs. The benefit is the possibility to ship flow logs to a SIEM for continuous analysis without the deployment of a separate daemonset. Signed-off-by: Alois Petutschnig <alois@petutschnig.net>
6b07ef8
to
6639135
Compare
/test |
This is a modification of the static exporter for flow logs which allows setting the
hubble-export-file-path
tostdout
. This triggers not the creation of rotating files but the direct output to logs.The benefit is the possibility to ship flow logs to a SIEM for continuous analysis without the deployment of a separate daemonset like used here: https://github.com/cilium/hubble-otel
I am happy for any suggestions.