Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add capture spec: outputConfiguration.s3Upload #201

Closed
parkjeongryul opened this issue Apr 1, 2024 · 3 comments · Fixed by #295
Closed

Add capture spec: outputConfiguration.s3Upload #201

parkjeongryul opened this issue Apr 1, 2024 · 3 comments · Fixed by #295
Assignees
@parkjeongryul @spencermckee
Labels
area/captures priority/1 P1 type/enhancement New feature or request

Comments

@parkjeongryul
Copy link
Contributor

Is your feature request related to a problem? Please describe.

In some environments, blob storage can be difficult to use. It would be nice to support s3 upload for capture.

Describe the solution you'd like

Add an s3Upload spec to the following existing outputconfiguration.

spec.outputConfiguration: Indicates where the captured data will be stored. It includes the following properties:

blobUpload: Specifies a secret containing the blob SAS URL for storing the capture data.
hostPath: Stores the capture files into the specified host filesystem.
persistentVolumeClaim: Mounts a PersistentVolumeClaim into the Pod to store capture files.

s3Upload: Specifies a s3 upload url for storing the capture data.

The s3Upload spec might require the following additional fields

spec:
  outputConfiguration:
    s3Upload:
      endpoint: {{ s3-url }}
      bucket: {{ bucket_name }}
      accessKey: {{ access_key }}
      secretKey: {{ secret_key }}

Describe alternatives you've considered

Additional context

If this feature makes sense and I can be assigned to it, I'd like to work on implementing it.
@rbtr rbtr added type/enhancement New feature or request priority/1 P1 labels Apr 1, 2024
@rbtr rbtr mentioned this issue Apr 1, 2024
Open
@rbtr
Copy link
Collaborator

rbtr commented Apr 1, 2024

Thanks @parkjeongryul, we are definitely interested in the feature!
I've assigned this issue to you and @spencermckee from our team.

I think that there's a bit of rework we need to do for #203 that could be common with your needs for this feature. Let's make sure we are aligned on the design here before we duplicate any work. How would you implement this for S3?

@parkjeongryul
Copy link
Contributor Author

parkjeongryul commented Apr 2, 2024
edited

CRD

Are you considering managing a single integrated ConfigMap or Secret for multiple output locations(azblob, s3), or do you plan to create a separate ConfigMap for each configuration?

If you decide on the latter, how about this spec for s3Upload?

apiVersion: retina.sh/v1alpha1
kind: Capture
metadata:
  name: example-capture
spec:
  captureConfiguration:
    captureOption:
      duration: "30s"
      maxCaptureSize: 100
      packetSize: 1500
    captureTarget:
      namespaceSelector:
        matchLabels:
          app: target-app
  outputConfiguration:
    s3Upload:
      endpoint: ""
      bucket: ""
      credentialsSecret:
        name: s3-credentials
        key: credentials

---

apiVersion: v1
kind: Secret
metadata:
  name: s3-credentials
type: Opaque
stringData:
  credentials: |-
    [default]
    aws_access_key_id = your_access_key_id
    aws_secret_access_key = your_secret_access_key

There are a lot of options for s3upload that will become more sophisticated like thanos, but for an initial implementation, it would be fine if only bucket, endpoint, access_key, and secret_key are specified.

Implementation

When it comes to the S3 upload sdk (golang), i think we have two choices.

I think they're both great libraries, good enough for uploading capture.

@spencermckee
Copy link
Contributor

@parkjeongryul, appreciate the help here!

Your proposal for a separate ConfigMap per output location and the S3 config example look reasonable. As for the S3 upload SDK, we would prefer aws-sdk-go v2 .

Feel free to get started with the implementation and let us know if you have any questions!

@parkjeongryul parkjeongryul mentioned this issue Apr 18, 2024
Merged
7 tasks
@nddq nddq linked a pull request May 1, 2024 that will close this issue
feat: Add s3 upload output for capture #295
Merged
7 tasks
github-merge-queue bot pushed a commit that referenced this issue May 1, 2024
@parkjeongryul @dependabot @timraymond
feat: Add s3 upload output for capture (#295)
0ed933e 
# Description

This PR implement outputConfiguration.s3Upload feature.

## Related Issue

#201

## Checklist

- [x] I have read the [contributing
documentation](https://retina.sh/docs/contributing).
- [x] I signed and signed-off the commits (`git commit -S -s ...`). See
[this
documentation](https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification)
on signing commits.
- [x] I have correctly attributed the author(s) of the code.
- [x] I have tested the changes locally.
- [x] I have followed the project's style guidelines.
- [x] I have updated the documentation, if necessary.
- [x] I have added tests, if applicable.

## Screenshots (if applicable) or Testing Completed

I've tested it working well in the two environments below.

### AWS s3
```
./bin/kubectl-retina  capture create --s3-region ap-northeast-2 --s3-bucket retina-test-bucket --s3-access-key-id my-access-key --s3-secret-access-key my-secret-key  --node-selectors "kubernetes.io/os=linux"  --debug
```

<img width="1138" alt="image"
src="https://github.com/microsoft/retina/assets/25222969/b7afebfc-c161-423e-8b80-10e96c83a75e">


### minio
```
./bin/kubectl-retina  capture create --s3-endpoint https://play.min.io:9000  --s3-bucket test-jrpark-bucket --s3-access-key-id Q3AM3UQ867SPQQA43P2F --s3-secret-access-key zuf+tfteSlswRu7BJ86wekitnifILbZam1KYY3TG --node-selectors "kubernetes.io/os=linux"  --debug
```

<img width="1194" alt="image"
src="https://github.com/microsoft/retina/assets/25222969/71b15d39-30f7-48ec-8366-8afebbf4d1fb">


## Additional Notes

Add any additional notes or context about the pull request here.

---

Please refer to the [CONTRIBUTING.md](../CONTRIBUTING.md) file for more
information on how to contribute to this project.

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Park Jeong Ryul <vita400@kakao.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Timothy J. Raymond <timraymond@users.noreply.github.com>
@rbtr rbtr closed this as completed in #295 May 1, 2024
nddq pushed a commit that referenced this issue May 6, 2024
@parkjeongryul @dependabot
@timraymond @nddq
feat: Add s3 upload output for capture (#295)
86c060a 
# Description

This PR implement outputConfiguration.s3Upload feature.

## Related Issue

#201

## Checklist

- [x] I have read the [contributing
documentation](https://retina.sh/docs/contributing).
- [x] I signed and signed-off the commits (`git commit -S -s ...`). See
[this
documentation](https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification)
on signing commits.
- [x] I have correctly attributed the author(s) of the code.
- [x] I have tested the changes locally.
- [x] I have followed the project's style guidelines.
- [x] I have updated the documentation, if necessary.
- [x] I have added tests, if applicable.

## Screenshots (if applicable) or Testing Completed

I've tested it working well in the two environments below.

### AWS s3
```
./bin/kubectl-retina  capture create --s3-region ap-northeast-2 --s3-bucket retina-test-bucket --s3-access-key-id my-access-key --s3-secret-access-key my-secret-key  --node-selectors "kubernetes.io/os=linux"  --debug
```

<img width="1138" alt="image"
src="https://github.com/microsoft/retina/assets/25222969/b7afebfc-c161-423e-8b80-10e96c83a75e">


### minio
```
./bin/kubectl-retina  capture create --s3-endpoint https://play.min.io:9000  --s3-bucket test-jrpark-bucket --s3-access-key-id Q3AM3UQ867SPQQA43P2F --s3-secret-access-key zuf+tfteSlswRu7BJ86wekitnifILbZam1KYY3TG --node-selectors "kubernetes.io/os=linux"  --debug
```

<img width="1194" alt="image"
src="https://github.com/microsoft/retina/assets/25222969/71b15d39-30f7-48ec-8366-8afebbf4d1fb">


## Additional Notes

Add any additional notes or context about the pull request here.

---

Please refer to the [CONTRIBUTING.md](../CONTRIBUTING.md) file for more
information on how to contribute to this project.

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Park Jeong Ryul <vita400@kakao.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Timothy J. Raymond <timraymond@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@parkjeongryul parkjeongryul

@spencermckee spencermckee

Labels
area/captures priority/1 P1 type/enhancement New feature or request
Projects
Retina Triage Board
Archived in project
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat: Add s3 upload output for capture parkjeongryul/retina
3 participants
@rbtr @parkjeongryul @spencermckee