Feature: Promtail, scrape logs from Object store

clients/pkg/promtail/positions/positions.go

@@ -174,7 +174,6 @@ func (p *positions) save() {
 		positions[k] = v
 	}
 	p.mtx.Unlock()
-
 	if err := writePositionFile(p.cfg.PositionsFile, positions); err != nil {
 		level.Error(p.logger).Log("msg", "error writing positions file", "error", err)
 	}

clients/pkg/promtail/scrapeconfig/scrapeconfig.go

@@ -29,6 +29,8 @@ import (
 
 	"github.com/grafana/loki/clients/pkg/logentry/stages"
 	"github.com/grafana/loki/clients/pkg/promtail/discovery/consulagent"
+
+	loki_aws "github.com/grafana/loki/pkg/storage/chunk/aws"
 )
 
 // Config describes a job to scrape.
@@ -43,6 +45,7 @@ type Config struct {
 	KafkaConfig      *KafkaTargetConfig         `yaml:"kafka,omitempty"`
 	GelfConfig       *GelfTargetConfig          `yaml:"gelf,omitempty"`
 	CloudflareConfig *CloudflareConfig          `yaml:"cloudflare,omitempty"`
+	S3Config         *S3TargetConfig            `yaml:"aws_s3,omitempty"`
 	RelabelConfigs   []*relabel.Config          `yaml:"relabel_configs,omitempty"`
 	// List of Docker service discovery configurations.
 	DockerSDConfigs        []*moby.DockerSDConfig `yaml:"docker_sd_configs,omitempty"`
@@ -362,6 +365,45 @@ type PushTargetConfig struct {
 	KeepTimestamp bool `yaml:"use_incoming_timestamp"`
 }
 
+// S3TargetConfig describes s3 targets to scrape
+type S3TargetConfig struct {
+	// Set to true to force the request to use path-style addressing.
+	S3ForcePathStyle bool `yaml:"s3_forcepath_style"`
+
+	// Bucket Name to look for objects.
+	BucketName string `yaml:"bucketname"`
+
+	// AWS S3 Endpoint to connect to.
+	Endpoint string `yaml:"endpoint"`
+
+	// AWS Region to use.
+	Region string `yaml:"region"`
+
+	// AWS Access Key ID.
+	AccessKeyID string `yaml:"access_key_id"`
+
+	// AWS Secret Access Key.
+	SecretAccessKey string `yaml:"secret_access_key"`
+
+	// Disable https on s3 connection.
+	Insecure bool `yaml:"insecure"`
+
+	// HTTP config
+	HTTPConfig loki_aws.HTTPConfig
+
+	// Labels optionally holds labels to associate with each record read from S3 objects.
+	Labels model.LabelSet `yaml:"labels"`
+
+	// SQS queue name to receive s3 events from
+	SQSQueue string `yaml:"sqs_queue"`
+
+	// SQS queue wait timeout value
+	Timeout int64 `yaml:"sqs_queue_timeout"`
+
+	// Whether to read from beginning for already read file
+	ResetCursor bool `yaml:"reset_cursor"`
+}
+
 // DefaultScrapeConfig is the default Config.
 var DefaultScrapeConfig = Config{
 	PipelineStages: stages.PipelineStages{},

clients/pkg/promtail/targets/manager.go

@@ -19,6 +19,7 @@ import (
 	"github.com/grafana/loki/clients/pkg/promtail/targets/journal"
 	"github.com/grafana/loki/clients/pkg/promtail/targets/kafka"
 	"github.com/grafana/loki/clients/pkg/promtail/targets/lokipush"
+	"github.com/grafana/loki/clients/pkg/promtail/targets/objectstore"
 	"github.com/grafana/loki/clients/pkg/promtail/targets/stdin"
 	"github.com/grafana/loki/clients/pkg/promtail/targets/syslog"
 	"github.com/grafana/loki/clients/pkg/promtail/targets/target"
@@ -37,6 +38,7 @@ const (
 	CloudflareConfigs    = "cloudflareConfigs"
 	DockerConfigs        = "dockerConfigs"
 	DockerSDConfigs      = "dockerSDConfigs"
+	S3Configs            = "s3Configs"
 )
 
 type targetManager interface {
@@ -96,6 +98,8 @@ func NewTargetManagers(
 			targetScrapeConfigs[CloudflareConfigs] = append(targetScrapeConfigs[CloudflareConfigs], cfg)
 		case cfg.DockerSDConfigs != nil:
 			targetScrapeConfigs[DockerSDConfigs] = append(targetScrapeConfigs[DockerSDConfigs], cfg)
+		case cfg.S3Config != nil:
+			targetScrapeConfigs[S3Configs] = append(targetScrapeConfigs[S3Configs], cfg)
 		default:
 			return nil, fmt.Errorf("no valid target scrape config defined for %q", cfg.JobName)
 		}
@@ -116,12 +120,13 @@ func NewTargetManagers(
 	}
 
 	var (
-		fileMetrics       *file.Metrics
-		syslogMetrics     *syslog.Metrics
-		gcplogMetrics     *gcplog.Metrics
-		gelfMetrics       *gelf.Metrics
-		cloudflareMetrics *cloudflare.Metrics
-		dockerMetrics     *docker.Metrics
+		fileMetrics        *file.Metrics
+		syslogMetrics      *syslog.Metrics
+		gcplogMetrics      *gcplog.Metrics
+		gelfMetrics        *gelf.Metrics
+		cloudflareMetrics  *cloudflare.Metrics
+		dockerMetrics      *docker.Metrics
+		objectStoreMetrics *objectstore.Metrics
 	)
 	if len(targetScrapeConfigs[FileScrapeConfigs]) > 0 {
 		fileMetrics = file.NewMetrics(reg)
@@ -141,7 +146,9 @@ func NewTargetManagers(
 	if len(targetScrapeConfigs[DockerConfigs]) > 0 || len(targetScrapeConfigs[DockerSDConfigs]) > 0 {
 		dockerMetrics = docker.NewMetrics(reg)
 	}
-
+	if len(targetScrapeConfigs[S3Configs]) > 0 {
+		objectStoreMetrics = objectstore.NewMetrics(reg)
+	}
 	for target, scrapeConfigs := range targetScrapeConfigs {
 		switch target {
 		case FileScrapeConfigs:
@@ -258,6 +265,16 @@ func NewTargetManagers(
 				return nil, errors.Wrap(err, "failed to make Docker service discovery target manager")
 			}
 			targetManagers = append(targetManagers, cfTargetManager)
+		case S3Configs:
+			pos, err := getPositionFile()
+			if err != nil {
+				return nil, err
+			}
+			objectStoreTargetManager, err := objectstore.NewTargetManager(objectStoreMetrics, logger, pos, client, scrapeConfigs)
+			if err != nil {
+				return nil, errors.Wrap(err, "failed to make s3 object store manager")
+			}
+			targetManagers = append(targetManagers, objectStoreTargetManager)
 		default:
 			return nil, errors.New("unknown scrape config")
 		}

clients/pkg/promtail/targets/objectstore/aws.go

@@ -0,0 +1,219 @@
+package objectstore
+
+import (
+	"crypto/tls"
+	"crypto/x509"
+	"encoding/json"
+	"fmt"
+	"net"
+	"net/http"
+	"os"
+	"time"
+
+	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/aws/credentials"
+	"github.com/aws/aws-sdk-go/aws/session"
+	"github.com/aws/aws-sdk-go/service/sqs"
+	"github.com/aws/aws-sdk-go/service/sqs/sqsiface"
+	"github.com/pkg/errors"
+
+	"github.com/grafana/loki/pkg/storage/chunk"
+	loki_aws "github.com/grafana/loki/pkg/storage/chunk/aws"
+)
+
+type s3Client struct {
+	queueURL *string
+	svc      sqsiface.SQSAPI
+}
+
+type s3TestEvent struct {
+	Event string
+}
+
+type s3Results struct {
+	Records []s3Record
+}
+
+type s3Record struct {
+	S3        s3
+	EventTime string
+	EventName string
+}
+
+type s3 struct {
+	Object object
+}
+
+type object struct {
+	Key  string
+	Size int64
+}
+
+var (
+	defaultMaxRetries          = 5
+	defaultMaxNumberOfMessages = int64(10)
+	defaultVisibilityTimeout   = int64(20)
+	s3TestEventName            = "s3:TestEvent"
+)
+
+func newS3Client(cfg loki_aws.S3Config, queue *string) (Client, error) {
+	sess, err := buildSQSClient(cfg)
+	if err != nil {
+		return nil, err
+	}
+	svc := sqs.New(sess)
+	urlResult, err := svc.GetQueueUrl(&sqs.GetQueueUrlInput{
+		QueueName: queue,
+	})
+	if err != nil {
+		return nil, err
+	}
+	queueURL := urlResult.QueueUrl
+	return &s3Client{
+		queueURL: queueURL,
+		svc:      svc,
+	}, nil
+}
+
+func buildSQSClient(cfg loki_aws.S3Config) (*session.Session, error) {
+	sqsConfig := &aws.Config{}
+
+	sqsConfig = sqsConfig.WithMaxRetries(defaultMaxRetries)
+
+	if cfg.Region != "" {
+		sqsConfig = sqsConfig.WithRegion(cfg.Region)
+	}
+
+	if cfg.AccessKeyID != "" && cfg.SecretAccessKey == "" ||
+		cfg.AccessKeyID == "" && cfg.SecretAccessKey != "" {
+		return nil, errors.New("must supply both an Access Key ID and Secret Access Key or neither")
+	}
+
+	if cfg.AccessKeyID != "" && cfg.SecretAccessKey != "" {
+		creds := credentials.NewStaticCredentials(cfg.AccessKeyID, cfg.SecretAccessKey, "")
+		sqsConfig = sqsConfig.WithCredentials(creds)
+	}
+
+	tlsConfig := &tls.Config{
+		InsecureSkipVerify: cfg.HTTPConfig.InsecureSkipVerify,
+	}
+
+	if cfg.HTTPConfig.CAFile != "" {
+		tlsConfig.RootCAs = x509.NewCertPool()
+		data, err := os.ReadFile(cfg.HTTPConfig.CAFile)
+		if err != nil {
+			return nil, err
+		}
+		tlsConfig.RootCAs.AppendCertsFromPEM(data)
+	}
+
+	transport := http.RoundTripper(&http.Transport{
+		Proxy: http.ProxyFromEnvironment,
+		DialContext: (&net.Dialer{
+			Timeout:   30 * time.Second,
+			KeepAlive: 30 * time.Second,
+			DualStack: true,
+		}).DialContext,
+		MaxIdleConns:          100,
+		IdleConnTimeout:       cfg.HTTPConfig.IdleConnTimeout,
+		MaxIdleConnsPerHost:   100,
+		TLSHandshakeTimeout:   3 * time.Second,
+		ExpectContinueTimeout: 1 * time.Second,
+		ResponseHeaderTimeout: cfg.HTTPConfig.ResponseHeaderTimeout,
+		TLSClientConfig:       tlsConfig,
+	})
+
+	httpClient := &http.Client{
+		Transport: transport,
+	}
+
+	sqsConfig = sqsConfig.WithHTTPClient(httpClient)
+
+	sess, err := session.NewSession(sqsConfig)
+	if err != nil {
+		return nil, errors.Wrap(err, "failed to create new s3 session")
+	}
+	return sess, nil
+}
+
+// ReceiveMessage implements Client
+func (s3Client *s3Client) ReceiveMessage(timeout int64) ([]messageObject, error) {
+	msgResult, err := s3Client.svc.ReceiveMessage(&sqs.ReceiveMessageInput{
+		AttributeNames: []*string{
+			aws.String(sqs.MessageSystemAttributeNameSentTimestamp),
+		},
+		MessageAttributeNames: []*string{
+			aws.String(sqs.QueueAttributeNameAll),
+		},
+		QueueUrl:            s3Client.queueURL,
+		MaxNumberOfMessages: aws.Int64(defaultMaxNumberOfMessages), // hard coded. We might take this as user input in future versions.
+		WaitTimeSeconds:     aws.Int64(timeout),
+		VisibilityTimeout:   aws.Int64(defaultVisibilityTimeout), // hard coded. We might take this as user input in future versions.
+	})
+	if err != nil {
+		return nil, err
+	}
+	return s3Client.processMessage(msgResult)
+}
+
+func (s3Client *s3Client) processMessage(messages interface{}) ([]messageObject, error) {
+	var messageObjects []messageObject
+	m := messages.(*sqs.ReceiveMessageOutput)
+	for _, message := range m.Messages {
+		content := *message.Body
+		var sqsResult s3Results
+		err := json.Unmarshal([]byte(content), &sqsResult)
+		if err != nil {
+			return nil, err
+		}
+		fmt.Printf("Message content %s", content)
+		if len(sqsResult.Records) < 1 {
+			var testEvent s3TestEvent
+			err := json.Unmarshal([]byte(content), &testEvent)
+			if err != nil {
+				return nil, err
+			}
+
+			// S3 sends Test event on configuring SQS queue.
+			// Unforutnately, it's not automatically deleted
+			// and we have to handle it.
+			if isTestMessage(testEvent) {
+				if err := s3Client.acknowledgeMessage(message)(); err != nil {
+					return nil, errors.Wrap(err, "error in deleting s3 test event message")
+				}
+			}
+			continue
+		}
+		for _, record := range sqsResult.Records {
+			t, err := time.Parse(time.RFC3339, record.EventTime)
+			if err != nil {
+				return nil, err
+			}
+
+			messageObjects = append(messageObjects, messageObject{
+				Object: chunk.StorageObject{
+					Key:        record.S3.Object.Key,
+					ModifiedAt: t,
+				},
+				Acknowledge: s3Client.acknowledgeMessage(message),
+			})
+		}
+
+	}
+
+	return messageObjects, nil
+}
+
+func (s3Client *s3Client) acknowledgeMessage(message *sqs.Message) ackMessage {
+	return func() error {
+		_, err := s3Client.svc.DeleteMessage(&sqs.DeleteMessageInput{QueueUrl: s3Client.queueURL, ReceiptHandle: message.ReceiptHandle})
+		if err != nil {
+			return err
+		}
+		return nil
+	}
+}
+
+func isTestMessage(testEvent s3TestEvent) bool {
+	return testEvent.Event == s3TestEventName
+}

clients/pkg/promtail/targets/objectstore/client.go

@@ -0,0 +1,16 @@
+package objectstore
+
+import (
+	"github.com/grafana/loki/pkg/storage/chunk"
+)
+
+type Client interface {
+	ReceiveMessage(timeout int64) ([]messageObject, error)
+}
+
+type ackMessage func() error
+
+type messageObject struct {
+	Object      chunk.StorageObject
+	Acknowledge ackMessage
+}