SlideShare a Scribd company logo

Fluentd at HKOScon

N Masahiro
N Masahiro

https://2016.opensource.hk/topics/fluentd-unified-logging-layer/

Technology
1 of 45
Download to read offline
Fluentd: Unified logging layer June 25, 2016 / HKOScon Masahiro Nakagawa
Who am I • Masahiro Nakagawa • github: @repeatedly • Treasure Data, Inc. • Senior Software Engineer • Fluentd / td-agent developer • Living at OSS :) • D language - Phobos, a.k.a standard library, committer • Fluentd - Main maintainer • MessagePack / RPC • etc…
Background
Before ✓ duplicated code for error handling... ✓ messy code for retrying mechanism...
After
Structured logging Reliable forwarding Pluggable architecture http://fluentd.org/
Concept / Design
What’s Fluentd? • Data collector for unified logging layer • Streaming data transfer based on JSON / MessagePack • Robust core and plugins written in Ruby • Rubygems based various plugins by the community • www.fluentd.org/plugins • Apache License, Version 2.0 • https://github.com/fluent/fluentd
Reliable data transfer error retry error retry retry retry Batch Stream Other stream (micro-batch)
Core Common concerns Use case specific PLUGINSCORE • Read Data • Parse Data • Buffer Data • Write Data • Format Data • Divide & Conquer • Buffering & Retries • Error Handling • Message Routing • Parallelism
> logged time Event structure(log message) ✓ Time > for message routing ✓ Tag > Actual content > JSON / MessagePack ✓ Record 127.0.0.1 - - [11/Dec/2012:07:26:27] "GET / ... 127.0.0.1 - - [11/Dec/2012:07:26:30] "GET / ... 127.0.0.1 - - [11/Dec/2012:07:26:32] "GET / ... 127.0.0.1 - - [11/Dec/2012:07:26:40] "GET / ... ... 2012-12-11 07:26:27 apache.log { "host": "127.0.0.1", "method": "GET", ... } Apache log Fluentd event convert time tag record
Architecture
Data processing pipeline ParserInput Buffer Output FormatterFilter “output-ish”“input-ish”
Input plugins File tail (in_tail) Syslog (in_syslog) HTTP (in_http) RDBMS (in_sql) ... ✓ Receive logs ✓ Or pull logs from data sources ✓ non-blocking InputInput
Parser plugins JSON Regexp Apache/Nginx Syslog CSV/TSV
 etc. ✓ Parse into JSON ✓ Common formats out of the box ✓ Some inputs plugin depends on
 Parser plugin ParseParser
Filter plugins grep record_transformer suppress … ✓ Filter / Mutate record ✓ Record level and Stream level ✓ v0.12 and above Filter
Buffer plugins ✓ Improve performance ✓ Provide reliability ✓ Provide thread-safetyMemory (buf_memory) File (buf_file) Buffer
Buffer internal ✓ Chunk = adjustable unit of data ✓ Buffer = Queue of chunks chunk chunk chunk output Input
Formatter plugins ✓ Format output ✓ Convert json into other format ✓ Some plugins depends on
 Formatter plugins JSON CSV/TSV “single value” msgpack Formatter
Output plugins ✓ Write to external systems ✓ Buffered & Non-buffered ✓ 300+ pluginsFile (out_file) Amazon S3 (out_s3) Kafka (out_kafka) ... Output
Use cases
Simple Forwarding
# logs from a file <source> @type tail path /var/log/httpd.log pos_file /tmp/pos_file format apache2 tag backend.apache </source> # logs from client libraries <source> @type forward port 24224 </source> # store logs to MongoDB <match backend.*> @type mongo database fluent collection test </match>
Less Simple Forwarding - At-most-once / At-least-once
 - HA (failover) - Load-balancing
Container Logging
Treasure Data Frontend Job Queue Worker Hadoop Presto Fluentd Applications push metrics to Fluentd
 (via local Fluentd) Datadog for realtime monitoring / alerting Treasure Data for historical analysis Fluentd sums up data minutes
 (partial aggregation)
Slideshare http://engineering.slideshare.net/2014/04/skynet-project-monitor-scale-and-auto-heal-a-system-in-the-cloud/
Other companies… https://www.fluentd.org/testimonials
Roadmap
History / Roadmap • v0.10.0 (In Oct 2011) • v0.12.0 (In Dec 2014) -> Current stable • v0.14.0 (In May 2016) • v0.14.x (some versions in 2016) • v1 (4Q in 2016 / 1Q in 2017)
v0.10 (old stable) > First stable release > Mainly for log forwarding > Only Input and Output > No complex event handling support > Only At-most-once semantics in forwarding > Treasure Data provides td-agent 1 for v0.10
v0.12 (current stable) > Event handling improvement > Filter, Label, Error Stream > New configuration format > Add at-least-once semantics in forwarding > Use require_ack_response parameter > HTTP RPC based process management > Treasure Data provides td-agent 2 for v0.12
• New Plugin APIs, Plugin Helpers & Plugin Storage • Supervisor using ServerEngine • Time with Nanosecond precision • Windows support v0.14 (Next stable)
Time with nanosecond • Fluent::EventTime • behaves as Integer (used as time in v0.12) • has methods to get sub-second precision • be serialized into msgpack using Ext type • Fluentd core can handle both of Integer and EventTime as time • compatible with older versions and software in eco- system (e.g., fluent-logger, Docker logging driver)
Windows support • Fluentd and core plugin work on Windows • several companies have already used
 v0.14.0.pre version on production • We will send a patch to popular plugins if
 it doesn’t work on Windows • Use HTTP RPC instead of signals • Treasure Data will provide td-agent msi package
v0.14.x - v1 • v0.14.x (some versions in 2016) • Symmetric multi processing model • Counter API • TLS/authentication/authorization support (merging secure-forward into core) • v1 (4Q in 2016 / 1Q in 2017) • Stable version for new APIs/features • fully compatible with v0.12.x and v0.14.x
Symmetric multi processing model • 2 or more workers share a configuration file • and share listening sockets via PluginHelper • under a supervisor process (ServerEngine) • Multi core scalability for huge traffic • one input plugin for a tcp port, some filters and one (or some) output plugin • No more fluent-plugin-multiprocess
Worker Supervisor Worker Worker Worker Supervisor Worker Worker Supervisor Supervisor Using fluent-plugin-multiprocess v0.14
TLS/Authn/Authz support for forward plugin • secure-forward will be merged into built-in forward • TLS w/ at-least-one semantics • Simple authentication/authorization w/ non-SSL forwarding • Authentication and Authorization providers • Who can connect to input plugins?
 What tags are permitted for clients? • New plugin types (3rd party authors can write it) • Mainly for in/out forward, but available from others
Ecosystem
Treasure Agent (td-agent) > Treasure Data distribution of Fluentd > include Ruby runtime, fluentd and popular plugins > deb, rpm, dmg are supported > Treasure Agent 2 is current stable > fluentd v0.12 and Ruby 2.1 > Treasure Agent 3 will be released at fall > fluentd v0.14 and Ruby 2.3 > msi will be supported for Windows
fluentd-ui > Manage Fluentd instance via Web UI > https://github.com/fluent/fluentd-ui
 
 
 
 
 

fluent-bit > http://fluentbit.io/ > Log collector mainly for embedded systems > Written in C > Can communicate with Fluentd > There are several plugins > Treasure Data, Elasticsearch, MQTT, etc…
> Bulk Loader version of Fluentd > Pluggable architecture > JRuby, JVM languages > High throughput by parallel processing > Invented by Treasure Data > Share your script as a plugin > https://github.com/embulk Slide: Fighting Against Chaotically SeparatedValues with Embulk
treasuredata.com Enjoy logging!

Recommended

Fluentd v0.14 Plugin API Details
Fluentd v0.14 Plugin API DetailsFluentd v0.14 Plugin API Details
Fluentd v0.14 Plugin API Details
SATOSHI TAGOMORI
 
Fluentd v1.0 in a nutshell
Fluentd v1.0 in a nutshellFluentd v1.0 in a nutshell
Fluentd v1.0 in a nutshell
N Masahiro
 
Fluentd v1.0 in a nutshell
Fluentd v1.0 in a nutshellFluentd v1.0 in a nutshell
Fluentd v1.0 in a nutshell
N Masahiro
 
Fluentd v1 and future at techtalk
Fluentd v1 and future at techtalkFluentd v1 and future at techtalk
Fluentd v1 and future at techtalk
N Masahiro
 
Docker and Fluentd
Docker and FluentdDocker and Fluentd
Docker and Fluentd
N Masahiro
 
JRuby with Java Code in Data Processing World
JRuby with Java Code in Data Processing WorldJRuby with Java Code in Data Processing World
JRuby with Java Code in Data Processing World
SATOSHI TAGOMORI
 
Fluentd v1 and Roadmap
Fluentd v1 and RoadmapFluentd v1 and Roadmap
Fluentd v1 and Roadmap
Treasure Data, Inc.
 
Fluentd - Set Up Once, Collect More
Fluentd - Set Up Once, Collect MoreFluentd - Set Up Once, Collect More
Fluentd - Set Up Once, Collect More
Sadayuki Furuhashi
 

Recommended

Fluentd v0.14 Plugin API Details
Fluentd v0.14 Plugin API DetailsFluentd v0.14 Plugin API Details
Fluentd v0.14 Plugin API Details
SATOSHI TAGOMORI
 
Fluentd v1.0 in a nutshell
Fluentd v1.0 in a nutshellFluentd v1.0 in a nutshell
Fluentd v1.0 in a nutshell
N Masahiro
 
Fluentd v1.0 in a nutshell
Fluentd v1.0 in a nutshellFluentd v1.0 in a nutshell
Fluentd v1.0 in a nutshell
N Masahiro
 
Fluentd v1 and future at techtalk
Fluentd v1 and future at techtalkFluentd v1 and future at techtalk
Fluentd v1 and future at techtalk
N Masahiro
 
Docker and Fluentd
Docker and FluentdDocker and Fluentd
Docker and Fluentd
N Masahiro
 
JRuby with Java Code in Data Processing World
JRuby with Java Code in Data Processing WorldJRuby with Java Code in Data Processing World
JRuby with Java Code in Data Processing World
SATOSHI TAGOMORI
 
Fluentd v1 and Roadmap
Fluentd v1 and RoadmapFluentd v1 and Roadmap
Fluentd v1 and Roadmap
Treasure Data, Inc.
 
Fluentd - Set Up Once, Collect More
Fluentd - Set Up Once, Collect MoreFluentd - Set Up Once, Collect More
Fluentd - Set Up Once, Collect More
Sadayuki Furuhashi
 
The basics of fluentd
The basics of fluentdThe basics of fluentd
The basics of fluentd
Treasure Data, Inc.
 
Fluentd Overview, Now and Then
Fluentd Overview, Now and ThenFluentd Overview, Now and Then
Fluentd Overview, Now and Then
SATOSHI TAGOMORI
 
Fluentd vs. Logstash for OpenStack Log Management
Fluentd vs. Logstash for OpenStack Log ManagementFluentd vs. Logstash for OpenStack Log Management
Fluentd vs. Logstash for OpenStack Log Management
NTT Communications Technology Development
 
Docker and Fluentd
Docker and FluentdDocker and Fluentd
Docker and Fluentd
SATOSHI TAGOMORI
 
Dive into Fluentd plugin v0.12
Dive into Fluentd plugin v0.12Dive into Fluentd plugin v0.12
Dive into Fluentd plugin v0.12
N Masahiro
 
How to create Treasure Data #dotsbigdata
How to create Treasure Data #dotsbigdataHow to create Treasure Data #dotsbigdata
How to create Treasure Data #dotsbigdata
N Masahiro
 
Fluentd Hacking Guide at RubyKaigi 2014
Fluentd Hacking Guide at RubyKaigi 2014Fluentd Hacking Guide at RubyKaigi 2014
Fluentd Hacking Guide at RubyKaigi 2014
Naotoshi Seo
 
The basics of fluentd
The basics of fluentdThe basics of fluentd
The basics of fluentd
Treasure Data, Inc.
 
Fluentd introduction at ipros
Fluentd introduction at iprosFluentd introduction at ipros
Fluentd introduction at ipros
Treasure Data, Inc.
 
Fluentd 101
Fluentd 101Fluentd 101
Fluentd 101
SATOSHI TAGOMORI
 
Fluentd meetup in japan
Fluentd meetup in japanFluentd meetup in japan
Fluentd meetup in japan
Treasure Data, Inc.
 
Modern Black Mages Fighting in the Real World
Modern Black Mages Fighting in the Real WorldModern Black Mages Fighting in the Real World
Modern Black Mages Fighting in the Real World
SATOSHI TAGOMORI
 
Neutrondev ppt
Neutrondev pptNeutrondev ppt
Neutrondev ppt
marunewby
 
Fluentd and PHP
Fluentd and PHPFluentd and PHP
Fluentd and PHP
chobi e
 
Fluentd meetup #2
Fluentd meetup #2Fluentd meetup #2
Fluentd meetup #2
Treasure Data, Inc.
 
Fluentd meetup dive into fluent plugin (outdated)
Fluentd meetup dive into fluent plugin (outdated)Fluentd meetup dive into fluent plugin (outdated)
Fluentd meetup dive into fluent plugin (outdated)
N Masahiro
 
Fluentd and Kafka
Fluentd and KafkaFluentd and Kafka
Fluentd and Kafka
N Masahiro
 
Fluentd unified logging layer
Fluentd unified logging layerFluentd unified logging layer
Fluentd unified logging layer
Kiyoto Tamura
 
Fluentd meetup
Fluentd meetupFluentd meetup
Fluentd meetup
Sadayuki Furuhashi
 
HTTP::Parser::XS - writing a fast & secure XS module
HTTP::Parser::XS - writing a fast & secure XS moduleHTTP::Parser::XS - writing a fast & secure XS module
HTTP::Parser::XS - writing a fast & secure XS module
Kazuho Oku
 
Finland powerpoint
Finland powerpointFinland powerpoint
Finland powerpoint
nagadez
 
Free - Chris Anderson
Free - Chris AndersonFree - Chris Anderson
Free - Chris Anderson
schooldialoog
 

More Related Content

What's hot

Neutrondev ppt
Neutrondev pptNeutrondev ppt
Neutrondev ppt
marunewby
 
Fluentd and PHP
Fluentd and PHPFluentd and PHP
Fluentd and PHP
chobi e
 
HTTP::Parser::XS - writing a fast & secure XS module
HTTP::Parser::XS - writing a fast & secure XS moduleHTTP::Parser::XS - writing a fast & secure XS module
HTTP::Parser::XS - writing a fast & secure XS module
Kazuho Oku
 

What's hot (20)

The basics of fluentd
The basics of fluentdThe basics of fluentd
The basics of fluentd
 
Fluentd Overview, Now and Then
Fluentd Overview, Now and ThenFluentd Overview, Now and Then
Fluentd Overview, Now and Then
 
Fluentd vs. Logstash for OpenStack Log Management
Fluentd vs. Logstash for OpenStack Log ManagementFluentd vs. Logstash for OpenStack Log Management
Fluentd vs. Logstash for OpenStack Log Management
 
Docker and Fluentd
Docker and FluentdDocker and Fluentd
Docker and Fluentd
 
Dive into Fluentd plugin v0.12
Dive into Fluentd plugin v0.12Dive into Fluentd plugin v0.12
Dive into Fluentd plugin v0.12
 
How to create Treasure Data #dotsbigdata
How to create Treasure Data #dotsbigdataHow to create Treasure Data #dotsbigdata
How to create Treasure Data #dotsbigdata
 
Fluentd Hacking Guide at RubyKaigi 2014
Fluentd Hacking Guide at RubyKaigi 2014Fluentd Hacking Guide at RubyKaigi 2014
Fluentd Hacking Guide at RubyKaigi 2014
 
The basics of fluentd
The basics of fluentdThe basics of fluentd
The basics of fluentd
 
Fluentd introduction at ipros
Fluentd introduction at iprosFluentd introduction at ipros
Fluentd introduction at ipros
 
Fluentd 101
Fluentd 101Fluentd 101
Fluentd 101
 
Fluentd meetup in japan
Fluentd meetup in japanFluentd meetup in japan
Fluentd meetup in japan
 
Modern Black Mages Fighting in the Real World
Modern Black Mages Fighting in the Real WorldModern Black Mages Fighting in the Real World
Modern Black Mages Fighting in the Real World
 
Neutrondev ppt
Neutrondev pptNeutrondev ppt
Neutrondev ppt
 
Fluentd and PHP
Fluentd and PHPFluentd and PHP
Fluentd and PHP
 
Fluentd meetup #2
Fluentd meetup #2Fluentd meetup #2
Fluentd meetup #2
 
Fluentd meetup dive into fluent plugin (outdated)
Fluentd meetup dive into fluent plugin (outdated)Fluentd meetup dive into fluent plugin (outdated)
Fluentd meetup dive into fluent plugin (outdated)
 
Fluentd and Kafka
Fluentd and KafkaFluentd and Kafka
Fluentd and Kafka
 
Fluentd unified logging layer
Fluentd unified logging layerFluentd unified logging layer
Fluentd unified logging layer
 
Fluentd meetup
Fluentd meetupFluentd meetup
Fluentd meetup
 
HTTP::Parser::XS - writing a fast & secure XS module
HTTP::Parser::XS - writing a fast & secure XS moduleHTTP::Parser::XS - writing a fast & secure XS module
HTTP::Parser::XS - writing a fast & secure XS module
 

Viewers also liked

Powerupcloud - Customer Case Studies
Powerupcloud - Customer Case StudiesPowerupcloud - Customer Case Studies
Powerupcloud - Customer Case Studies
Jonathyan Maas ☁
 
Ahg microsoft stream_insight_queries
Ahg microsoft stream_insight_queriesAhg microsoft stream_insight_queries
Ahg microsoft stream_insight_queries
Steve Xu
 
Finding HMAS Sydney Chapter 5 - Kormoran Database & the Mathematics of Reliab...
Finding HMAS Sydney Chapter 5 - Kormoran Database & the Mathematics of Reliab...Finding HMAS Sydney Chapter 5 - Kormoran Database & the Mathematics of Reliab...
Finding HMAS Sydney Chapter 5 - Kormoran Database & the Mathematics of Reliab...
Elk Software Group
 
AppSensor Near Real-Time Event Detection and Response - DevNexus 2016
AppSensor Near Real-Time Event Detection and Response - DevNexus 2016AppSensor Near Real-Time Event Detection and Response - DevNexus 2016
AppSensor Near Real-Time Event Detection and Response - DevNexus 2016
jtmelton
 
Monitoring & Analysis 101 - N00b to Ninja in 60 Minutes at ISSW on April 9, 2016
Monitoring & Analysis 101 - N00b to Ninja in 60 Minutes at ISSW on April 9, 2016Monitoring & Analysis 101 - N00b to Ninja in 60 Minutes at ISSW on April 9, 2016
Monitoring & Analysis 101 - N00b to Ninja in 60 Minutes at ISSW on April 9, 2016
grecsl
 

Viewers also liked (20)

Finland powerpoint
Finland powerpointFinland powerpoint
Finland powerpoint
 
Free - Chris Anderson
Free - Chris AndersonFree - Chris Anderson
Free - Chris Anderson
 
Elegant Ways of Handling PHP Errors and Exceptions
Elegant Ways of Handling PHP Errors and ExceptionsElegant Ways of Handling PHP Errors and Exceptions
Elegant Ways of Handling PHP Errors and Exceptions
 
Powerupcloud - Customer Case Studies
Powerupcloud - Customer Case StudiesPowerupcloud - Customer Case Studies
Powerupcloud - Customer Case Studies
 
Ahg microsoft stream_insight_queries
Ahg microsoft stream_insight_queriesAhg microsoft stream_insight_queries
Ahg microsoft stream_insight_queries
 
Logs Don't Lie Or Do They?
Logs Don't Lie Or Do They?Logs Don't Lie Or Do They?
Logs Don't Lie Or Do They?
 
IT Infrastructure Monitoring Strategies in Healthcare
IT Infrastructure Monitoring Strategies in HealthcareIT Infrastructure Monitoring Strategies in Healthcare
IT Infrastructure Monitoring Strategies in Healthcare
 
John 15:12 Ministries
John 15:12 MinistriesJohn 15:12 Ministries
John 15:12 Ministries
 
Micropipetten
MicropipettenMicropipetten
Micropipetten
 
Progressive tenses
Progressive tensesProgressive tenses
Progressive tenses
 
Service Orchestrierung mit Apache Mesos
Service Orchestrierung mit Apache MesosService Orchestrierung mit Apache Mesos
Service Orchestrierung mit Apache Mesos
 
Finding HMAS Sydney Chapter 5 - Kormoran Database & the Mathematics of Reliab...
Finding HMAS Sydney Chapter 5 - Kormoran Database & the Mathematics of Reliab...Finding HMAS Sydney Chapter 5 - Kormoran Database & the Mathematics of Reliab...
Finding HMAS Sydney Chapter 5 - Kormoran Database & the Mathematics of Reliab...
 
Whats new in IBM MQ; V9 LTS, V9.0.1 CD and V9.0.2 CD
Whats new in IBM MQ; V9 LTS, V9.0.1 CD and V9.0.2 CDWhats new in IBM MQ; V9 LTS, V9.0.1 CD and V9.0.2 CD
Whats new in IBM MQ; V9 LTS, V9.0.1 CD and V9.0.2 CD
 
Application Development on Metapod
Application Development on MetapodApplication Development on Metapod
Application Development on Metapod
 
ITV& Bashton
ITV& Bashton ITV& Bashton
ITV& Bashton
 
Yellowstone National Park and Grand Teton, USA
Yellowstone National Park and Grand Teton, USAYellowstone National Park and Grand Teton, USA
Yellowstone National Park and Grand Teton, USA
 
Building Awesome APIs with Lumen
Building Awesome APIs with LumenBuilding Awesome APIs with Lumen
Building Awesome APIs with Lumen
 
AppSensor Near Real-Time Event Detection and Response - DevNexus 2016
AppSensor Near Real-Time Event Detection and Response - DevNexus 2016AppSensor Near Real-Time Event Detection and Response - DevNexus 2016
AppSensor Near Real-Time Event Detection and Response - DevNexus 2016
 
Open Source Approach to Design and Deployment of Microservices-based VNF
Open Source Approach to Design and Deployment of Microservices-based VNFOpen Source Approach to Design and Deployment of Microservices-based VNF
Open Source Approach to Design and Deployment of Microservices-based VNF
 
Monitoring & Analysis 101 - N00b to Ninja in 60 Minutes at ISSW on April 9, 2016
Monitoring & Analysis 101 - N00b to Ninja in 60 Minutes at ISSW on April 9, 2016Monitoring & Analysis 101 - N00b to Ninja in 60 Minutes at ISSW on April 9, 2016
Monitoring & Analysis 101 - N00b to Ninja in 60 Minutes at ISSW on April 9, 2016
 

Similar to Fluentd at HKOScon

Self-Service Data Ingestion Using NiFi, StreamSets & Kafka
Self-Service Data Ingestion Using NiFi, StreamSets & KafkaSelf-Service Data Ingestion Using NiFi, StreamSets & Kafka
Self-Service Data Ingestion Using NiFi, StreamSets & Kafka
Guido Schmutz
 
Real time cloud native open source streaming of any data to apache solr
Real time cloud native open source streaming of any data to apache solrReal time cloud native open source streaming of any data to apache solr
Real time cloud native open source streaming of any data to apache solr
Timothy Spann
 
Ingesting hdfs intosolrusingsparktrimmed
Ingesting hdfs intosolrusingsparktrimmedIngesting hdfs intosolrusingsparktrimmed
Ingesting hdfs intosolrusingsparktrimmed
whoschek
 
Big Data Day LA 2016/ Big Data Track - Fluentd and Embulk: Collect More Data,...
Big Data Day LA 2016/ Big Data Track - Fluentd and Embulk: Collect More Data,...Big Data Day LA 2016/ Big Data Track - Fluentd and Embulk: Collect More Data,...
Big Data Day LA 2016/ Big Data Track - Fluentd and Embulk: Collect More Data,...
Data Con LA
 
Experiences with Microservices at Tuenti
Experiences with Microservices at TuentiExperiences with Microservices at Tuenti
Experiences with Microservices at Tuenti
Andrés Viedma Peláez
 
Real-Time Distributed and Reactive Systems with Apache Kafka and Apache Accumulo
Real-Time Distributed and Reactive Systems with Apache Kafka and Apache AccumuloReal-Time Distributed and Reactive Systems with Apache Kafka and Apache Accumulo
Real-Time Distributed and Reactive Systems with Apache Kafka and Apache Accumulo
Joe Stein
 
Accumulo Summit 2015: Real-Time Distributed and Reactive Systems with Apache ...
Accumulo Summit 2015: Real-Time Distributed and Reactive Systems with Apache ...Accumulo Summit 2015: Real-Time Distributed and Reactive Systems with Apache ...
Accumulo Summit 2015: Real-Time Distributed and Reactive Systems with Apache ...
Accumulo Summit
 
Deploying Apache Flume to enable low-latency analytics
Deploying Apache Flume to enable low-latency analyticsDeploying Apache Flume to enable low-latency analytics
Deploying Apache Flume to enable low-latency analytics
DataWorks Summit
 
Spark (Structured) Streaming vs. Kafka Streams - two stream processing platfo...
Spark (Structured) Streaming vs. Kafka Streams - two stream processing platfo...Spark (Structured) Streaming vs. Kafka Streams - two stream processing platfo...
Spark (Structured) Streaming vs. Kafka Streams - two stream processing platfo...
Guido Schmutz
 

Similar to Fluentd at HKOScon (20)

Fluentd Unified Logging Layer At Fossasia
Fluentd Unified Logging Layer At FossasiaFluentd Unified Logging Layer At Fossasia
Fluentd Unified Logging Layer At Fossasia
 
Fluentd and AWS at classmethod
Fluentd and AWS at classmethodFluentd and AWS at classmethod
Fluentd and AWS at classmethod
 
Self-Service Data Ingestion Using NiFi, StreamSets & Kafka
Self-Service Data Ingestion Using NiFi, StreamSets & KafkaSelf-Service Data Ingestion Using NiFi, StreamSets & Kafka
Self-Service Data Ingestion Using NiFi, StreamSets & Kafka
 
Fluentd Project Intro at Kubecon 2019 EU
Fluentd Project Intro at Kubecon 2019 EUFluentd Project Intro at Kubecon 2019 EU
Fluentd Project Intro at Kubecon 2019 EU
 
Fluentd and Embulk Game Server 4
Fluentd and Embulk Game Server 4Fluentd and Embulk Game Server 4
Fluentd and Embulk Game Server 4
 
Cloud lunch and learn real-time streaming in azure
Cloud lunch and learn real-time streaming in azureCloud lunch and learn real-time streaming in azure
Cloud lunch and learn real-time streaming in azure
 
Real time cloud native open source streaming of any data to apache solr
Real time cloud native open source streaming of any data to apache solrReal time cloud native open source streaming of any data to apache solr
Real time cloud native open source streaming of any data to apache solr
 
Logging for Production Systems in The Container Era
Logging for Production Systems in The Container EraLogging for Production Systems in The Container Era
Logging for Production Systems in The Container Era
 
Music city data Hail Hydrate! from stream to lake
Music city data Hail Hydrate! from stream to lakeMusic city data Hail Hydrate! from stream to lake
Music city data Hail Hydrate! from stream to lake
 
Ingesting hdfs intosolrusingsparktrimmed
Ingesting hdfs intosolrusingsparktrimmedIngesting hdfs intosolrusingsparktrimmed
Ingesting hdfs intosolrusingsparktrimmed
 
Fluentd - RubyKansai 65
Fluentd - RubyKansai 65Fluentd - RubyKansai 65
Fluentd - RubyKansai 65
 
Fluentd: Unified Logging Layer at CWT2014
Fluentd: Unified Logging Layer at CWT2014Fluentd: Unified Logging Layer at CWT2014
Fluentd: Unified Logging Layer at CWT2014
 
Big Data Day LA 2016/ Big Data Track - Fluentd and Embulk: Collect More Data,...
Big Data Day LA 2016/ Big Data Track - Fluentd and Embulk: Collect More Data,...Big Data Day LA 2016/ Big Data Track - Fluentd and Embulk: Collect More Data,...
Big Data Day LA 2016/ Big Data Track - Fluentd and Embulk: Collect More Data,...
 
DBCC 2021 - FLiP Stack for Cloud Data Lakes
DBCC 2021 - FLiP Stack for Cloud Data LakesDBCC 2021 - FLiP Stack for Cloud Data Lakes
DBCC 2021 - FLiP Stack for Cloud Data Lakes
 
Trend Micro Big Data Platform and Apache Bigtop
Trend Micro Big Data Platform and Apache BigtopTrend Micro Big Data Platform and Apache Bigtop
Trend Micro Big Data Platform and Apache Bigtop
 
Experiences with Microservices at Tuenti
Experiences with Microservices at TuentiExperiences with Microservices at Tuenti
Experiences with Microservices at Tuenti
 
Real-Time Distributed and Reactive Systems with Apache Kafka and Apache Accumulo
Real-Time Distributed and Reactive Systems with Apache Kafka and Apache AccumuloReal-Time Distributed and Reactive Systems with Apache Kafka and Apache Accumulo
Real-Time Distributed and Reactive Systems with Apache Kafka and Apache Accumulo
 
Accumulo Summit 2015: Real-Time Distributed and Reactive Systems with Apache ...
Accumulo Summit 2015: Real-Time Distributed and Reactive Systems with Apache ...Accumulo Summit 2015: Real-Time Distributed and Reactive Systems with Apache ...
Accumulo Summit 2015: Real-Time Distributed and Reactive Systems with Apache ...
 
Deploying Apache Flume to enable low-latency analytics
Deploying Apache Flume to enable low-latency analyticsDeploying Apache Flume to enable low-latency analytics
Deploying Apache Flume to enable low-latency analytics
 
Spark (Structured) Streaming vs. Kafka Streams - two stream processing platfo...
Spark (Structured) Streaming vs. Kafka Streams - two stream processing platfo...Spark (Structured) Streaming vs. Kafka Streams - two stream processing platfo...
Spark (Structured) Streaming vs. Kafka Streams - two stream processing platfo...
 

More from N Masahiro

More from N Masahiro (17)

Fluentd and Distributed Logging at Kubecon
Fluentd and Distributed Logging at KubeconFluentd and Distributed Logging at Kubecon
Fluentd and Distributed Logging at Kubecon
 
Presto changes
Presto changesPresto changes
Presto changes
 
Fluentd v0.14 Overview
Fluentd v0.14 OverviewFluentd v0.14 Overview
Fluentd v0.14 Overview
 
fluent-plugin-beats at Elasticsearch meetup #14
fluent-plugin-beats at Elasticsearch meetup #14fluent-plugin-beats at Elasticsearch meetup #14
fluent-plugin-beats at Elasticsearch meetup #14
 
Technologies for Data Analytics Platform
Technologies for Data Analytics PlatformTechnologies for Data Analytics Platform
Technologies for Data Analytics Platform
 
Fluentd v0.12 master guide
Fluentd v0.12 master guideFluentd v0.12 master guide
Fluentd v0.12 master guide
 
Treasure Data and AWS - Developers.io 2015
Treasure Data and AWS - Developers.io 2015Treasure Data and AWS - Developers.io 2015
Treasure Data and AWS - Developers.io 2015
 
Treasure Data and OSS
Treasure Data and OSSTreasure Data and OSS
Treasure Data and OSS
 
Fluentd - road to v1 -
Fluentd - road to v1 -Fluentd - road to v1 -
Fluentd - road to v1 -
 
SQL for Everything at CWT2014
SQL for Everything at CWT2014SQL for Everything at CWT2014
SQL for Everything at CWT2014
 
Can you say the same words even in oss
Can you say the same words even in ossCan you say the same words even in oss
Can you say the same words even in oss
 
I am learing the programming
I am learing the programmingI am learing the programming
I am learing the programming
 
D vs OWKN Language at LLnagoya
D vs OWKN Language at LLnagoyaD vs OWKN Language at LLnagoya
D vs OWKN Language at LLnagoya
 
Goodbye Doost
Goodbye DoostGoodbye Doost
Goodbye Doost
 
Final presentation at pfintern
Final presentation at pfinternFinal presentation at pfintern
Final presentation at pfintern
 
Kernel VM 5 LT
Kernel VM 5 LTKernel VM 5 LT
Kernel VM 5 LT
 
D言語のコミッタになる一つの方法
D言語のコミッタになる一つの方法D言語のコミッタになる一つの方法
D言語のコミッタになる一つの方法
 

Recently uploaded

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 

Recently uploaded (20)

Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 

Fluentd at HKOScon

  • 1. Fluentd: Unified logging layer June 25, 2016 / HKOScon Masahiro Nakagawa
  • 2. Who am I • Masahiro Nakagawa • github: @repeatedly • Treasure Data, Inc. • Senior Software Engineer • Fluentd / td-agent developer • Living at OSS :) • D language - Phobos, a.k.a standard library, committer • Fluentd - Main maintainer • MessagePack / RPC • etc…
  • 4. Before ✓ duplicated code for error handling... ✓ messy code for retrying mechanism...
  • 6. Structured logging Reliable forwarding Pluggable architecture http://fluentd.org/
  • 8. What’s Fluentd? • Data collector for unified logging layer • Streaming data transfer based on JSON / MessagePack • Robust core and plugins written in Ruby • Rubygems based various plugins by the community • www.fluentd.org/plugins • Apache License, Version 2.0 • https://github.com/fluent/fluentd
  • 9. Reliable data transfer error retry error retry retry retry Batch Stream Other stream (micro-batch)
  • 10. Core Common concerns Use case specific PLUGINSCORE • Read Data • Parse Data • Buffer Data • Write Data • Format Data • Divide & Conquer • Buffering & Retries • Error Handling • Message Routing • Parallelism
  • 11. > logged time Event structure(log message) ✓ Time > for message routing ✓ Tag > Actual content > JSON / MessagePack ✓ Record 127.0.0.1 - - [11/Dec/2012:07:26:27] "GET / ... 127.0.0.1 - - [11/Dec/2012:07:26:30] "GET / ... 127.0.0.1 - - [11/Dec/2012:07:26:32] "GET / ... 127.0.0.1 - - [11/Dec/2012:07:26:40] "GET / ... ... 2012-12-11 07:26:27 apache.log { "host": "127.0.0.1", "method": "GET", ... } Apache log Fluentd event convert time tag record
  • 13. Data processing pipeline ParserInput Buffer Output FormatterFilter “output-ish”“input-ish”
  • 14. Input plugins File tail (in_tail) Syslog (in_syslog) HTTP (in_http) RDBMS (in_sql) ... ✓ Receive logs ✓ Or pull logs from data sources ✓ non-blocking InputInput
  • 15. Parser plugins JSON Regexp Apache/Nginx Syslog CSV/TSV
 etc. ✓ Parse into JSON ✓ Common formats out of the box ✓ Some inputs plugin depends on
 Parser plugin ParseParser
  • 16. Filter plugins grep record_transformer suppress … ✓ Filter / Mutate record ✓ Record level and Stream level ✓ v0.12 and above Filter
  • 17. Buffer plugins ✓ Improve performance ✓ Provide reliability ✓ Provide thread-safetyMemory (buf_memory) File (buf_file) Buffer
  • 18. Buffer internal ✓ Chunk = adjustable unit of data ✓ Buffer = Queue of chunks chunk chunk chunk output Input
  • 19. Formatter plugins ✓ Format output ✓ Convert json into other format ✓ Some plugins depends on
 Formatter plugins JSON CSV/TSV “single value” msgpack Formatter
  • 20. Output plugins ✓ Write to external systems ✓ Buffered & Non-buffered ✓ 300+ pluginsFile (out_file) Amazon S3 (out_s3) Kafka (out_kafka) ... Output
  • 23. # logs from a file <source> @type tail path /var/log/httpd.log pos_file /tmp/pos_file format apache2 tag backend.apache </source> # logs from client libraries <source> @type forward port 24224 </source> # store logs to MongoDB <match backend.*> @type mongo database fluent collection test </match>
  • 24. Less Simple Forwarding - At-most-once / At-least-once
 - HA (failover) - Load-balancing
  • 26. Treasure Data Frontend Job Queue Worker Hadoop Presto Fluentd Applications push metrics to Fluentd
 (via local Fluentd) Datadog for realtime monitoring / alerting Treasure Data for historical analysis Fluentd sums up data minutes
 (partial aggregation)
  • 30. History / Roadmap • v0.10.0 (In Oct 2011) • v0.12.0 (In Dec 2014) -> Current stable • v0.14.0 (In May 2016) • v0.14.x (some versions in 2016) • v1 (4Q in 2016 / 1Q in 2017)
  • 31. v0.10 (old stable) > First stable release > Mainly for log forwarding > Only Input and Output > No complex event handling support > Only At-most-once semantics in forwarding > Treasure Data provides td-agent 1 for v0.10
  • 32. v0.12 (current stable) > Event handling improvement > Filter, Label, Error Stream > New configuration format > Add at-least-once semantics in forwarding > Use require_ack_response parameter > HTTP RPC based process management > Treasure Data provides td-agent 2 for v0.12
  • 33. • New Plugin APIs, Plugin Helpers & Plugin Storage • Supervisor using ServerEngine • Time with Nanosecond precision • Windows support v0.14 (Next stable)
  • 34. Time with nanosecond • Fluent::EventTime • behaves as Integer (used as time in v0.12) • has methods to get sub-second precision • be serialized into msgpack using Ext type • Fluentd core can handle both of Integer and EventTime as time • compatible with older versions and software in eco- system (e.g., fluent-logger, Docker logging driver)
  • 35. Windows support • Fluentd and core plugin work on Windows • several companies have already used
 v0.14.0.pre version on production • We will send a patch to popular plugins if
 it doesn’t work on Windows • Use HTTP RPC instead of signals • Treasure Data will provide td-agent msi package
  • 36. v0.14.x - v1 • v0.14.x (some versions in 2016) • Symmetric multi processing model • Counter API • TLS/authentication/authorization support (merging secure-forward into core) • v1 (4Q in 2016 / 1Q in 2017) • Stable version for new APIs/features • fully compatible with v0.12.x and v0.14.x
  • 37. Symmetric multi processing model • 2 or more workers share a configuration file • and share listening sockets via PluginHelper • under a supervisor process (ServerEngine) • Multi core scalability for huge traffic • one input plugin for a tcp port, some filters and one (or some) output plugin • No more fluent-plugin-multiprocess
  • 38. Worker Supervisor Worker Worker Worker Supervisor Worker Worker Supervisor Supervisor Using fluent-plugin-multiprocess v0.14
  • 39. TLS/Authn/Authz support for forward plugin • secure-forward will be merged into built-in forward • TLS w/ at-least-one semantics • Simple authentication/authorization w/ non-SSL forwarding • Authentication and Authorization providers • Who can connect to input plugins?
 What tags are permitted for clients? • New plugin types (3rd party authors can write it) • Mainly for in/out forward, but available from others
  • 41. Treasure Agent (td-agent) > Treasure Data distribution of Fluentd > include Ruby runtime, fluentd and popular plugins > deb, rpm, dmg are supported > Treasure Agent 2 is current stable > fluentd v0.12 and Ruby 2.1 > Treasure Agent 3 will be released at fall > fluentd v0.14 and Ruby 2.3 > msi will be supported for Windows
  • 42. fluentd-ui > Manage Fluentd instance via Web UI > https://github.com/fluent/fluentd-ui
 
 
 
 
 

  • 43. fluent-bit > http://fluentbit.io/ > Log collector mainly for embedded systems > Written in C > Can communicate with Fluentd > There are several plugins > Treasure Data, Elasticsearch, MQTT, etc…
  • 44. > Bulk Loader version of Fluentd > Pluggable architecture > JRuby, JVM languages > High throughput by parallel processing > Invented by Treasure Data > Share your script as a plugin > https://github.com/embulk Slide: Fighting Against Chaotically SeparatedValues with Embulk