feat(new source): Initial docker source implementation
#787
Conversation
Signed-off-by: Kruno Tomola Fabro <krunotf@gmail.com>
Signed-off-by: Kruno Tomola Fabro <krunotf@gmail.com>
|
Rust is hallucinating a test in the documentation. |
Signed-off-by: Kruno Tomola Fabro <krunotf@gmail.com>
|
Thanks @ktff, this looks great. I'm going to have @LucioFranco review. He is out today and Monday, but will be able to review on Tuesday, but I can provide comments in the interim:
This is fine, we can document it.
I am fine not doing this, for now, we can wait and see if a user presents a use cases where it would be needed.
In my opinion, this should be done as part of the healthcheck. @lukesteensen can you confirm?
This is fine, and let's defer resolving this for now. Perhaps we can open an issue or document the behavior?
I'd use the
Agree. I would like to document this and/or open an issue for an option to enable this. In general, we need a thorough documentation review before merging this. Once code review completes I'll get in here and help write the docs. This looks really good though! Thank you for thinking through all of the little details.
I would prefer that we use |
resolves event_source Signed-off-by: Kruno Tomola Fabro <krunotf@gmail.com>
resolves event_container_id Signed-off-by: Kruno Tomola Fabro <krunotf@gmail.com>
|
I am for this to be a low priority issue, if any. Since it's outshadowed by uncertainty of exact time of starting
I am for documentation and an issue. |
Signed-off-by: Kruno Tomola Fabro <krunotf@gmail.com>
resolves vector_in_docker Signed-off-by: Kruno Tomola Fabro <krunotf@gmail.com>
|
As such, I now think that a separate issue for this is not necessary. |
|
@ktff just curious what is left to make this PR ready for review? I am gonna make a pass at this today. |
|
@LucioFranco I guess it is. I would like to add So I'll undraft this now. |
Signed-off-by: Kruno Tomola Fabro <krunotf@gmail.com>
|
@ktff I took a deeper look at the dependencies, why not use shiplift directly? https://github.com/softprops/shiplift I know the author and I am happy to ask any questions. |
Signed-off-by: Kruno Tomola Fabro <krunotf@gmail.com>
You are right! I surveyed that crate before but stopped when I saw By their documentation, everything that is needed for this code is in there. So I'll replace those two crates with this one. |
Signed-off-by: Kruno Tomola Fabro <krunotf@gmail.com>
|
I managed to decompose What do you think? There are two minor features missing in shiplift, but both are just an optimization. Although one of them is an important one. Could you ask the author if he plans to add |
|
@ktff how hard do you think adding that would be? Would you be open to submitting a PR and I can try to nudge a release? |
| info!(message = "Listening docker events"); | ||
|
|
||
| // Starting with logs from now. | ||
| // TODO: Is this exception acceptable? |
There was a problem hiding this comment.
I think this is acceptable, but we should ensure this is documented.
Cargo.toml
Outdated
| @@ -120,7 +120,7 @@ exitcode = "1.1.2" | |||
| snafu = "0.4.3" | |||
| url = "1.7" | |||
| base64 = "0.10.1" | |||
| shiplift = "0.5" | |||
| shiplift = { git = "https://github.com/LucioFranco/shiplift", branch = "lucio/fix-encrypted-tcp" } | |||
There was a problem hiding this comment.
This uses my fork which is related to this PR softprops/shiplift#193. I know the author so I will but them about getting a release but for now we can work off of my fork.
There was a problem hiding this comment.
In ed82e03 we now use the timber branch of my fork that contains a feature flag fix and rust 2018 idioms cargo fix pass.
There was a problem hiding this comment.
Great!
We should probably make an issue to remember to revert this to proper shiplift version.
This uses a different forked branch that removes openssl vendored feature which was causing CI issues and cargo fixed so that it does not produce warnings on >1.39. Signed-off-by: Lucio Franco <luciofranco14@gmail.com>
|
@LucioFranco we can finally merge this. |
binarylogic
force-pushed
the
master
branch
2 times, most recently
from
d1acf03
to
3450767
Compare
Signed-off-by: Kruno Tomola Fabro <krunotf@gmail.com>
|
@ktff I am working on the docs now. Once that is done let's merge 🚀 |
Signed-off-by: Lucio Franco <luciofranco14@gmail.com>
Signed-off-by: Ben Johnson <bjohnson@binarylogic.com>
Signed-off-by: Lucio Franco <luciofranco14@gmail.com>
Signed-off-by: Lucio Franco <luciofranco14@gmail.com>
Signed-off-by: Lucio Franco <luciofranco14@gmail.com>
scripts/generate/templates/docs/usage/configuration/sources/docker.md.erb
Outdated
Show resolved
Hide resolved
Signed-off-by: Lucio Franco <luciofranco14@gmail.com>
|
@binarylogic Ok, I think these should be good go. |
Closes #613 with exception of
ignore_* configuration, more details on that down in open issues.There are a few details changed or added to the specification. Namely:
docker sourceis used,vectormust havesudoprivileges, ordockergroup membership. This is unfortunately unavoidable (without extra external configuration and performance and security hit), sincevectorprocess needs to communicate withdockerdaemon, and that communication requires before mentioned. OtherwisePermission denied (os error 13)is thrown.docker source. That means, there are no backlogs.include_containersmatches on start of names. Most ofdockerecosystem, that I encountered, has this behavior. So it makes sense to follow this, but this is worth discussing. It also makes code simplier and more performant.include_containersandinclude_labelsare not empty, then they interact asAND. In a sense that container must have one of the names and one of the labels to be logged. This is defaultdockerbehavior.include_containerscan contain both names and ID-s of containers. This is defaultdockerbehavior.delayed_logs.Tests of
docker sourcerequire presence ofdocker, internet connection to downloadbusyboximage, and above mentionedsudoprivileges, as such I have putted them behind a feature flagdocker-integration-tests, since I am not sure that the build system here can provide all of that.Currently emitted
Eventshave explicit fields:TIMESTAMP,MESSAGE. I am not sure ifTIMESTAMPshould be explicit or not, so do check this.There are still some open issues/questions/extensions to be resolved, hence this draft.
Issues:
-
ignore_* configuration(EDIT: delayed)dockerecosystem, I am not sure of it's usefulness or idiomaticity.dockernaturally supports includes but not excludes.dockerdaemon per container start, ifignore_*is used.dockerwill need to be greater, and an extra request todockerdaemon per such new event.-
requirement_detection(EDIT: this is a part of other issues related of error reporting)sudorequirements and requirements from specification are not fullfilled, and to report that to the user.-
async_dockerasync_dockerandbollardwhere one crate should be enough, because there are some features missing in both of them. Namelybollardis missing one feature, if not for thatasync_dockerwould not be needed. And out of them, I considerbollardas of more quality and liveness.bollardto implement this feature, in the meanwhileasync_dockeris used.-
delayed_logs(EDIT: not worth mentioning)docker sourceinitialization, specifically between taking timestamp after which logs are taken, and requesting currently running containers. A container that happens to be running during timestamp, but stops before getting list of currently running containers, will not have it's logs pulled until the container starts running again.dockerdaemon.-
docker_restart(EDIT: should be part of a greater system)dockerrestarts,docker sourcewill finish execution with an error.vectorwhich restarts sources if they fail?-
event_sourceEventcould be enriched with information on if log came fromstderrorstdout.Event?-
event_container_idEventcould be enriched with information of container id from which log came.HOSTcould be used as a name, but I am unsure, hence this.-
vector_in_docker(EDIT)docker sourceshould detect it self running in container and exclude it.-
make_test(EDIT)testcommand so that they run withmake test.- [ ] - fussybeaver/bollard#33(EDIT: not necessary anymore)- A bug which causes for every received log to be printed to console.
- This needs to be resolved before merger.
EDIT:
But even without resolving any of the aboveat leastvector_in_dockershould be resolved, this implementation ofdocker sourceis solid and ready for use. And of course, after a review.