SlideShare a Scribd company logo

Fluentd Project Intro at Kubecon 2019 EU

N Masahiro
N Masahiro

https://events.linuxfoundation.org/events/kubecon-cloudnativecon-europe-2019/schedule/

Technology
1 of 36
Download to read offline
Fluentd Project Intro Masahiro Nakagawa
 Senior Software Engineer    CNCon / KubeCon EU Barcelona 2019
Fluentd Overview
• Streaming data collector for unified logging • Core + Plugins • RubyGems based various plugins • Follow Ruby’s standard way • Several setup ways • https://docs.fluentd.org/installation • Latest version: v1.5.0 • Logging part in CNCF and Graduated at 2019 What’s Fluentd
Streaming way with Fluentd Log Server Application Server A File FileFile Application Server C File FileFile Application Server B File FileFile Low latency! Seconds or minutes Easy to analyze!! Parsed and formatted
LOG Unified logging layer M + N
Fluentd Architecture
• Buffering & Retrying • Error handling • Event routing • Parallelism
 • Helper for plugins Design Core Plugins • Read / receive data • Parse data • Filter / enrich data • Buffer data • Format data • Write / send data
• Nano-second unit • from logs Event structure Time Record • JSON object,
 not raw string Tag • for event routing • Identify data source { “str_field”:”hey”, “num_field”: 100, “bool_field”: true, “array_field”: [“elem1”, “elem2”]
 }
Data pipeline (simplified) Plugin Input Filter Buffer Output Plugin Plugin Plugin 2018-05-01 15:15:15 myapp.buy Time Tag Record { “user”:”me”, “path”: “/buyItem”, “price”: 150, “referer”: “/landing”
 }
Architecture: Input Plugins HTTP+JSON (in_http) Local files (in_tail) Syslog (in_syslog) … Receive or pull logs from data sources Emit logs to data pipeline
 Parse incoming logs for
 structured logging Plugin Input
Filter Architecture: Filter Plugins Transform logs Filter out unnecessary logs Enrich logs Plugin Modify logs (record_transformer) Filter out logs (grep) Parse field (parser) …
Buffer Architecture: Buffer Plugins Plugin Improve performance Provide reliability Provide thread-safety Memory (buf_memory) File (buf_file)
Buffer Architecture: Buffer Plugins Chunk Plugin Input Output Chunk Chunk Improve performance Provide reliability Provide thread-safety
Architecture: Output Plugins Output Write or send event logs Plugin Local File (out_file) Amazon S3 (out_s3) Forward to other fluentd (out_forward) … Sync or Async
Retry Error Retry Batch Stream Error Retry Retry Divide & Conquer for retry Secondary
3rd party input plugins dstat df AMQL munin SQL
3rd party output plugins Graphite
Use-cases with Configuration Example
Simple forwarding
# logs from a file <source> @type tail path /var/log/httpd.log pos_file /tmp/pos_file <parse> @type apache2 </parse> tag app.apache </source> # logs from client libraries <source> @type forward port 24224 </source> # store logs to MongoDB <match app.**> @type mongo database fluent collection logs <buffer tag> @type file path /tmp/fluentd/buffer flush_interval 30s </buffer> </match>
All data Multiple destinations Hot data
# logs from a file <source> @type tail path /var/log/httpd.log pos_file /tmp/pos_file <parse> @type apache2 </parse> tag app.access </source> # logs from client libraries <source> @type forward port 24224 </source> # store logs to ES and HDFS <match app.**> @type copy <store> @type elasticsearch logstash_format true </store> <store> @type webhdfs host namenode port 50070 path /path/on/hdfs/ </store> </match>
Multi-tier Forwarding - At-most-once / At-least-once
 - HA (failover) - Load-balancing - keepalive forwarders aggregators https://www.slideshare.net/repeatedly/fluentd-and-distributed-logging-at-kubecon
Container and Kubernetes
Container Logging
• Docker : fluentd-docker-image • Alpine / Debian images • x86, Arm, PowerPC, etc support by Docker official • Kubernetes : fluentd-kubernetes-daemonset • Debian images • Some built-in destinations, ES, kafka, graylog, etc… • Helm chart • https://github.com/helm/charts/tree/master/stable/fluentd Resources
Docker logging with --log-driver=fluentd Server Container App FluentdSTDOUT / STDERR docker run --log-driver=fluentd 
 --log-opt fluentd-address=localhost:24224 { “container_id”: “ad6d5d32576a”, “container_name”: “myapp”, “source”: stdout } <source> @type forward </source>
Data collection with fluent-logger Server Container App Fluentd from fluent import sender from fluent import event sender.setup('app.events', host='localhost') event.Event('purchase', { 'user_id': 21, 'item_id': 321, 'value': '1' }) tag = app.events.purchase { “user_id”: 21, “item_id”: 321 “value”: 1, } fluent-logger library <source> @type forward </source>
Shared data volume and tailing Server Container App Fluentd <source> @type tail path /mnt/*/access.log pos_file /var/log/fluentd/access.log.pos <parse> @type nginx </parse> tag nginx.access </source> /mnt/nginx/logs
Kubernetes Daemonset Node Pod App Fluentd <source> @type tail path /var/log/containers/*.log pos_file /var/log/fluentd/access.log.pos <parse> @type json </parse> tag kubernetes.* </source> /var/log/containers
Kubernetes Daemonset & metadata Node Pod App Fluentd /var/log/containers <filter kubernetes.*> @type kubernetes_metadata_filter </filter> API { "log": "hellon", "stream": "stdout", "time": "2018-12-11T12:00:00.601357200Z" } { "log": "hellon", "kubernetes": { "namespace_name": "default", "container_name": "test-app-container", "namespace_labels": {
 "product_version": "v1.0.0" } … }
Container Logging approach summary • Collect log messages with docker • --log-driver=fluentd • Application data/metrics • fluent-logger • Access logs, logs from middleware • Shared data volume with in_tail • Kubernetes Daemonset • Collect container logs from /var/log/containers/* • Add kubernetes metadata to logs
Fluent-bit
Fluentd and Fluent-bit Fluentd Fluent-bit Implementation Ruby + C C Focus Flexibility and Robustness Performance and footprint Design Pluggable Pluggable Target Forwarder / Aggregator Forwarder / Edge Forward logs from fluent-bit to fluentd is popular pattern
Container Logging with fluent-bit
Enjoy logging

Recommended

Fluentd and Distributed Logging at Kubecon
Fluentd and Distributed Logging at KubeconFluentd and Distributed Logging at Kubecon
Fluentd and Distributed Logging at Kubecon
N Masahiro
 
Fluentd 101
Fluentd 101Fluentd 101
Fluentd 101
SATOSHI TAGOMORI
 
The Patterns of Distributed Logging and Containers
The Patterns of Distributed Logging and ContainersThe Patterns of Distributed Logging and Containers
The Patterns of Distributed Logging and Containers
SATOSHI TAGOMORI
 
FluentD for end to end monitoring
FluentD for end to end monitoringFluentD for end to end monitoring
FluentD for end to end monitoring
Phil Wilkins
 
Fluentd v1.0 in a nutshell
Fluentd v1.0 in a nutshellFluentd v1.0 in a nutshell
Fluentd v1.0 in a nutshell
N Masahiro
 
Docker and Fluentd (revised)
Docker and Fluentd (revised)Docker and Fluentd (revised)
Docker and Fluentd (revised)
SATOSHI TAGOMORI
 
Fluentd v1 and future at techtalk
Fluentd v1 and future at techtalkFluentd v1 and future at techtalk
Fluentd v1 and future at techtalk
N Masahiro
 
The basics of fluentd
The basics of fluentdThe basics of fluentd
The basics of fluentd
Treasure Data, Inc.
 

Recommended

Fluentd and Distributed Logging at Kubecon
Fluentd and Distributed Logging at KubeconFluentd and Distributed Logging at Kubecon
Fluentd and Distributed Logging at Kubecon
N Masahiro
 
Fluentd 101
Fluentd 101Fluentd 101
Fluentd 101
SATOSHI TAGOMORI
 
The Patterns of Distributed Logging and Containers
The Patterns of Distributed Logging and ContainersThe Patterns of Distributed Logging and Containers
The Patterns of Distributed Logging and Containers
SATOSHI TAGOMORI
 
FluentD for end to end monitoring
FluentD for end to end monitoringFluentD for end to end monitoring
FluentD for end to end monitoring
Phil Wilkins
 
Fluentd v1.0 in a nutshell
Fluentd v1.0 in a nutshellFluentd v1.0 in a nutshell
Fluentd v1.0 in a nutshell
N Masahiro
 
Docker and Fluentd (revised)
Docker and Fluentd (revised)Docker and Fluentd (revised)
Docker and Fluentd (revised)
SATOSHI TAGOMORI
 
Fluentd v1 and future at techtalk
Fluentd v1 and future at techtalkFluentd v1 and future at techtalk
Fluentd v1 and future at techtalk
N Masahiro
 
The basics of fluentd
The basics of fluentdThe basics of fluentd
The basics of fluentd
Treasure Data, Inc.
 
Fluent-bit
Fluent-bitFluent-bit
Fluent-bit
eventdotsjp
 
Docker and Fluentd
Docker and FluentdDocker and Fluentd
Docker and Fluentd
N Masahiro
 
Life of an Fluentd event
Life of an Fluentd eventLife of an Fluentd event
Life of an Fluentd event
Kiyoto Tamura
 
Collect distributed application logging using fluentd (EFK stack)
Collect distributed application logging using fluentd (EFK stack)Collect distributed application logging using fluentd (EFK stack)
Collect distributed application logging using fluentd (EFK stack)
Marco Pas
 
How to create Treasure Data #dotsbigdata
How to create Treasure Data #dotsbigdataHow to create Treasure Data #dotsbigdata
How to create Treasure Data #dotsbigdata
N Masahiro
 
Fluent Bit: Log Forwarding at Scale
Fluent Bit: Log Forwarding at ScaleFluent Bit: Log Forwarding at Scale
Fluent Bit: Log Forwarding at Scale
Eduardo Silva Pereira
 
fluent-plugin-beats at Elasticsearch meetup #14
fluent-plugin-beats at Elasticsearch meetup #14fluent-plugin-beats at Elasticsearch meetup #14
fluent-plugin-beats at Elasticsearch meetup #14
N Masahiro
 
Fluentd and AWS at classmethod
Fluentd and AWS at classmethodFluentd and AWS at classmethod
Fluentd and AWS at classmethod
Treasure Data, Inc.
 
Containers and Logging
Containers and LoggingContainers and Logging
Containers and Logging
Eduardo Silva Pereira
 
Fluentd v1 and Roadmap
Fluentd v1 and RoadmapFluentd v1 and Roadmap
Fluentd v1 and Roadmap
Treasure Data, Inc.
 
Logging for Containers
Logging for ContainersLogging for Containers
Logging for Containers
Eduardo Silva Pereira
 
'Scalable Logging and Analytics with LogStash'
'Scalable Logging and Analytics with LogStash''Scalable Logging and Analytics with LogStash'
'Scalable Logging and Analytics with LogStash'
Cloud Elements
 
Fluentd and Docker - running fluentd within a docker container
Fluentd and Docker - running fluentd within a docker containerFluentd and Docker - running fluentd within a docker container
Fluentd and Docker - running fluentd within a docker container
Treasure Data, Inc.
 
Fluent Bit
Fluent BitFluent Bit
Fluent Bit
Eduardo Silva Pereira
 
Cloud Native Logging / Fluentd Summit Tokyo
Cloud Native Logging / Fluentd Summit TokyoCloud Native Logging / Fluentd Summit Tokyo
Cloud Native Logging / Fluentd Summit Tokyo
Eduardo Silva Pereira
 
Fluentd - Flexible, Stable, Scalable
Fluentd - Flexible, Stable, ScalableFluentd - Flexible, Stable, Scalable
Fluentd - Flexible, Stable, Scalable
Shu Ting Tseng
 
Fluentd: Unified Logging Layer at CWT2014
Fluentd: Unified Logging Layer at CWT2014Fluentd: Unified Logging Layer at CWT2014
Fluentd: Unified Logging Layer at CWT2014
N Masahiro
 
Fluentd Intro for OpenShift Commons Briefing
Fluentd Intro for OpenShift Commons BriefingFluentd Intro for OpenShift Commons Briefing
Fluentd Intro for OpenShift Commons Briefing
Eduardo Silva Pereira
 
Log forwarding at Scale
Log forwarding at ScaleLog forwarding at Scale
Log forwarding at Scale
Eduardo Silva Pereira
 
Elk devops
Elk devopsElk devops
Elk devops
Ideato
 
Fluentd and Embulk Game Server 4
Fluentd and Embulk Game Server 4Fluentd and Embulk Game Server 4
Fluentd and Embulk Game Server 4
N Masahiro
 
Big Data Day LA 2016/ Big Data Track - Fluentd and Embulk: Collect More Data,...
Big Data Day LA 2016/ Big Data Track - Fluentd and Embulk: Collect More Data,...Big Data Day LA 2016/ Big Data Track - Fluentd and Embulk: Collect More Data,...
Big Data Day LA 2016/ Big Data Track - Fluentd and Embulk: Collect More Data,...
Data Con LA
 

More Related Content

What's hot

Life of an Fluentd event
Life of an Fluentd eventLife of an Fluentd event
Life of an Fluentd event
Kiyoto Tamura
 
Elk devops
Elk devopsElk devops
Elk devops
Ideato
 

What's hot (20)

Fluent-bit
Fluent-bitFluent-bit
Fluent-bit
 
Docker and Fluentd
Docker and FluentdDocker and Fluentd
Docker and Fluentd
 
Life of an Fluentd event
Life of an Fluentd eventLife of an Fluentd event
Life of an Fluentd event
 
Collect distributed application logging using fluentd (EFK stack)
Collect distributed application logging using fluentd (EFK stack)Collect distributed application logging using fluentd (EFK stack)
Collect distributed application logging using fluentd (EFK stack)
 
How to create Treasure Data #dotsbigdata
How to create Treasure Data #dotsbigdataHow to create Treasure Data #dotsbigdata
How to create Treasure Data #dotsbigdata
 
Fluent Bit: Log Forwarding at Scale
Fluent Bit: Log Forwarding at ScaleFluent Bit: Log Forwarding at Scale
Fluent Bit: Log Forwarding at Scale
 
fluent-plugin-beats at Elasticsearch meetup #14
fluent-plugin-beats at Elasticsearch meetup #14fluent-plugin-beats at Elasticsearch meetup #14
fluent-plugin-beats at Elasticsearch meetup #14
 
Fluentd and AWS at classmethod
Fluentd and AWS at classmethodFluentd and AWS at classmethod
Fluentd and AWS at classmethod
 
Containers and Logging
Containers and LoggingContainers and Logging
Containers and Logging
 
Fluentd v1 and Roadmap
Fluentd v1 and RoadmapFluentd v1 and Roadmap
Fluentd v1 and Roadmap
 
Logging for Containers
Logging for ContainersLogging for Containers
Logging for Containers
 
'Scalable Logging and Analytics with LogStash'
'Scalable Logging and Analytics with LogStash''Scalable Logging and Analytics with LogStash'
'Scalable Logging and Analytics with LogStash'
 
Fluentd and Docker - running fluentd within a docker container
Fluentd and Docker - running fluentd within a docker containerFluentd and Docker - running fluentd within a docker container
Fluentd and Docker - running fluentd within a docker container
 
Fluent Bit
Fluent BitFluent Bit
Fluent Bit
 
Cloud Native Logging / Fluentd Summit Tokyo
Cloud Native Logging / Fluentd Summit TokyoCloud Native Logging / Fluentd Summit Tokyo
Cloud Native Logging / Fluentd Summit Tokyo
 
Fluentd - Flexible, Stable, Scalable
Fluentd - Flexible, Stable, ScalableFluentd - Flexible, Stable, Scalable
Fluentd - Flexible, Stable, Scalable
 
Fluentd: Unified Logging Layer at CWT2014
Fluentd: Unified Logging Layer at CWT2014Fluentd: Unified Logging Layer at CWT2014
Fluentd: Unified Logging Layer at CWT2014
 
Fluentd Intro for OpenShift Commons Briefing
Fluentd Intro for OpenShift Commons BriefingFluentd Intro for OpenShift Commons Briefing
Fluentd Intro for OpenShift Commons Briefing
 
Log forwarding at Scale
Log forwarding at ScaleLog forwarding at Scale
Log forwarding at Scale
 
Elk devops
Elk devopsElk devops
Elk devops
 

Similar to Fluentd Project Intro at Kubecon 2019 EU

Big Data Day LA 2016/ Big Data Track - Fluentd and Embulk: Collect More Data,...
Big Data Day LA 2016/ Big Data Track - Fluentd and Embulk: Collect More Data,...Big Data Day LA 2016/ Big Data Track - Fluentd and Embulk: Collect More Data,...
Big Data Day LA 2016/ Big Data Track - Fluentd and Embulk: Collect More Data,...
Data Con LA
 
Unified Batch & Stream Processing with Apache Samza
Unified Batch & Stream Processing with Apache SamzaUnified Batch & Stream Processing with Apache Samza
Unified Batch & Stream Processing with Apache Samza
DataWorks Summit
 
Self-Service Data Ingestion Using NiFi, StreamSets & Kafka
Self-Service Data Ingestion Using NiFi, StreamSets & KafkaSelf-Service Data Ingestion Using NiFi, StreamSets & Kafka
Self-Service Data Ingestion Using NiFi, StreamSets & Kafka
Guido Schmutz
 
Ingesting hdfs intosolrusingsparktrimmed
Ingesting hdfs intosolrusingsparktrimmedIngesting hdfs intosolrusingsparktrimmed
Ingesting hdfs intosolrusingsparktrimmed
whoschek
 

Similar to Fluentd Project Intro at Kubecon 2019 EU (20)

Fluentd and Embulk Game Server 4
Fluentd and Embulk Game Server 4Fluentd and Embulk Game Server 4
Fluentd and Embulk Game Server 4
 
Big Data Day LA 2016/ Big Data Track - Fluentd and Embulk: Collect More Data,...
Big Data Day LA 2016/ Big Data Track - Fluentd and Embulk: Collect More Data,...Big Data Day LA 2016/ Big Data Track - Fluentd and Embulk: Collect More Data,...
Big Data Day LA 2016/ Big Data Track - Fluentd and Embulk: Collect More Data,...
 
Fluentd at HKOScon
Fluentd at HKOSconFluentd at HKOScon
Fluentd at HKOScon
 
Fluentd Unified Logging Layer At Fossasia
Fluentd Unified Logging Layer At FossasiaFluentd Unified Logging Layer At Fossasia
Fluentd Unified Logging Layer At Fossasia
 
Fluentd Overview, Now and Then
Fluentd Overview, Now and ThenFluentd Overview, Now and Then
Fluentd Overview, Now and Then
 
Cloud Foundry Monitoring How-To: Collecting Metrics and Logs
Cloud Foundry Monitoring How-To: Collecting Metrics and LogsCloud Foundry Monitoring How-To: Collecting Metrics and Logs
Cloud Foundry Monitoring How-To: Collecting Metrics and Logs
 
Fluentd - RubyKansai 65
Fluentd - RubyKansai 65Fluentd - RubyKansai 65
Fluentd - RubyKansai 65
 
Fluentd meetup
Fluentd meetupFluentd meetup
Fluentd meetup
 
Fluentd meetup #2
Fluentd meetup #2Fluentd meetup #2
Fluentd meetup #2
 
Logging for Production Systems in The Container Era
Logging for Production Systems in The Container EraLogging for Production Systems in The Container Era
Logging for Production Systems in The Container Era
 
Unified Batch & Stream Processing with Apache Samza
Unified Batch & Stream Processing with Apache SamzaUnified Batch & Stream Processing with Apache Samza
Unified Batch & Stream Processing with Apache Samza
 
Open Source Logging and Metric Tools
Open Source Logging and Metric ToolsOpen Source Logging and Metric Tools
Open Source Logging and Metric Tools
 
Fluentd unified logging layer
Fluentd unified logging layerFluentd unified logging layer
Fluentd unified logging layer
 
Data Analytics Service Company and Its Ruby Usage
Data Analytics Service Company and Its Ruby UsageData Analytics Service Company and Its Ruby Usage
Data Analytics Service Company and Its Ruby Usage
 
Self-Service Data Ingestion Using NiFi, StreamSets & Kafka
Self-Service Data Ingestion Using NiFi, StreamSets & KafkaSelf-Service Data Ingestion Using NiFi, StreamSets & Kafka
Self-Service Data Ingestion Using NiFi, StreamSets & Kafka
 
Solution for events logging with akka streams and kafka
Solution for events logging with akka streams and kafkaSolution for events logging with akka streams and kafka
Solution for events logging with akka streams and kafka
 
Ingesting hdfs intosolrusingsparktrimmed
Ingesting hdfs intosolrusingsparktrimmedIngesting hdfs intosolrusingsparktrimmed
Ingesting hdfs intosolrusingsparktrimmed
 
Treasure Data and OSS
Treasure Data and OSSTreasure Data and OSS
Treasure Data and OSS
 
Headless approach for offloading heavy tasks in Magento
Headless approach for offloading heavy tasks in MagentoHeadless approach for offloading heavy tasks in Magento
Headless approach for offloading heavy tasks in Magento
 
fluentd -- the missing log collector
fluentd -- the missing log collectorfluentd -- the missing log collector
fluentd -- the missing log collector
 

More from N Masahiro

More from N Masahiro (18)

Fluentd v1.0 in a nutshell
Fluentd v1.0 in a nutshellFluentd v1.0 in a nutshell
Fluentd v1.0 in a nutshell
 
Presto changes
Presto changesPresto changes
Presto changes
 
Fluentd v0.14 Overview
Fluentd v0.14 OverviewFluentd v0.14 Overview
Fluentd v0.14 Overview
 
Fluentd and Kafka
Fluentd and KafkaFluentd and Kafka
Fluentd and Kafka
 
Dive into Fluentd plugin v0.12
Dive into Fluentd plugin v0.12Dive into Fluentd plugin v0.12
Dive into Fluentd plugin v0.12
 
Technologies for Data Analytics Platform
Technologies for Data Analytics PlatformTechnologies for Data Analytics Platform
Technologies for Data Analytics Platform
 
Fluentd v0.12 master guide
Fluentd v0.12 master guideFluentd v0.12 master guide
Fluentd v0.12 master guide
 
Treasure Data and AWS - Developers.io 2015
Treasure Data and AWS - Developers.io 2015Treasure Data and AWS - Developers.io 2015
Treasure Data and AWS - Developers.io 2015
 
Fluentd - road to v1 -
Fluentd - road to v1 -Fluentd - road to v1 -
Fluentd - road to v1 -
 
SQL for Everything at CWT2014
SQL for Everything at CWT2014SQL for Everything at CWT2014
SQL for Everything at CWT2014
 
Can you say the same words even in oss
Can you say the same words even in ossCan you say the same words even in oss
Can you say the same words even in oss
 
I am learing the programming
I am learing the programmingI am learing the programming
I am learing the programming
 
Fluentd meetup dive into fluent plugin (outdated)
Fluentd meetup dive into fluent plugin (outdated)Fluentd meetup dive into fluent plugin (outdated)
Fluentd meetup dive into fluent plugin (outdated)
 
D vs OWKN Language at LLnagoya
D vs OWKN Language at LLnagoyaD vs OWKN Language at LLnagoya
D vs OWKN Language at LLnagoya
 
Goodbye Doost
Goodbye DoostGoodbye Doost
Goodbye Doost
 
Final presentation at pfintern
Final presentation at pfinternFinal presentation at pfintern
Final presentation at pfintern
 
Kernel VM 5 LT
Kernel VM 5 LTKernel VM 5 LT
Kernel VM 5 LT
 
D言語のコミッタになる一つの方法
D言語のコミッタになる一つの方法D言語のコミッタになる一つの方法
D言語のコミッタになる一つの方法
 

Recently uploaded

CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 

Recently uploaded (20)

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 

Fluentd Project Intro at Kubecon 2019 EU

  • 1. Fluentd Project Intro Masahiro Nakagawa
 Senior Software Engineer    CNCon / KubeCon EU Barcelona 2019
  • 3. • Streaming data collector for unified logging • Core + Plugins • RubyGems based various plugins • Follow Ruby’s standard way • Several setup ways • https://docs.fluentd.org/installation • Latest version: v1.5.0 • Logging part in CNCF and Graduated at 2019 What’s Fluentd
  • 4. Streaming way with Fluentd Log Server Application Server A File FileFile Application Server C File FileFile Application Server B File FileFile Low latency! Seconds or minutes Easy to analyze!! Parsed and formatted
  • 7. • Buffering & Retrying • Error handling • Event routing • Parallelism
 • Helper for plugins Design Core Plugins • Read / receive data • Parse data • Filter / enrich data • Buffer data • Format data • Write / send data
  • 8. • Nano-second unit • from logs Event structure Time Record • JSON object,
 not raw string Tag • for event routing • Identify data source { “str_field”:”hey”, “num_field”: 100, “bool_field”: true, “array_field”: [“elem1”, “elem2”]
 }
  • 9. Data pipeline (simplified) Plugin Input Filter Buffer Output Plugin Plugin Plugin 2018-05-01 15:15:15 myapp.buy Time Tag Record { “user”:”me”, “path”: “/buyItem”, “price”: 150, “referer”: “/landing”
 }
  • 10. Architecture: Input Plugins HTTP+JSON (in_http) Local files (in_tail) Syslog (in_syslog) … Receive or pull logs from data sources Emit logs to data pipeline
 Parse incoming logs for
 structured logging Plugin Input
  • 11. Filter Architecture: Filter Plugins Transform logs Filter out unnecessary logs Enrich logs Plugin Modify logs (record_transformer) Filter out logs (grep) Parse field (parser) …
  • 12. Buffer Architecture: Buffer Plugins Plugin Improve performance Provide reliability Provide thread-safety Memory (buf_memory) File (buf_file)
  • 13. Buffer Architecture: Buffer Plugins Chunk Plugin Input Output Chunk Chunk Improve performance Provide reliability Provide thread-safety
  • 14. Architecture: Output Plugins Output Write or send event logs Plugin Local File (out_file) Amazon S3 (out_s3) Forward to other fluentd (out_forward) … Sync or Async
  • 16. 3rd party input plugins dstat df AMQL munin SQL
  • 17. 3rd party output plugins Graphite
  • 20. # logs from a file <source> @type tail path /var/log/httpd.log pos_file /tmp/pos_file <parse> @type apache2 </parse> tag app.apache </source> # logs from client libraries <source> @type forward port 24224 </source> # store logs to MongoDB <match app.**> @type mongo database fluent collection logs <buffer tag> @type file path /tmp/fluentd/buffer flush_interval 30s </buffer> </match>
  • 22. # logs from a file <source> @type tail path /var/log/httpd.log pos_file /tmp/pos_file <parse> @type apache2 </parse> tag app.access </source> # logs from client libraries <source> @type forward port 24224 </source> # store logs to ES and HDFS <match app.**> @type copy <store> @type elasticsearch logstash_format true </store> <store> @type webhdfs host namenode port 50070 path /path/on/hdfs/ </store> </match>
  • 23. Multi-tier Forwarding - At-most-once / At-least-once
 - HA (failover) - Load-balancing - keepalive forwarders aggregators https://www.slideshare.net/repeatedly/fluentd-and-distributed-logging-at-kubecon
  • 26. • Docker : fluentd-docker-image • Alpine / Debian images • x86, Arm, PowerPC, etc support by Docker official • Kubernetes : fluentd-kubernetes-daemonset • Debian images • Some built-in destinations, ES, kafka, graylog, etc… • Helm chart • https://github.com/helm/charts/tree/master/stable/fluentd Resources
  • 27. Docker logging with --log-driver=fluentd Server Container App FluentdSTDOUT / STDERR docker run --log-driver=fluentd 
 --log-opt fluentd-address=localhost:24224 { “container_id”: “ad6d5d32576a”, “container_name”: “myapp”, “source”: stdout } <source> @type forward </source>
  • 28. Data collection with fluent-logger Server Container App Fluentd from fluent import sender from fluent import event sender.setup('app.events', host='localhost') event.Event('purchase', { 'user_id': 21, 'item_id': 321, 'value': '1' }) tag = app.events.purchase { “user_id”: 21, “item_id”: 321 “value”: 1, } fluent-logger library <source> @type forward </source>
  • 29. Shared data volume and tailing Server Container App Fluentd <source> @type tail path /mnt/*/access.log pos_file /var/log/fluentd/access.log.pos <parse> @type nginx </parse> tag nginx.access </source> /mnt/nginx/logs
  • 30. Kubernetes Daemonset Node Pod App Fluentd <source> @type tail path /var/log/containers/*.log pos_file /var/log/fluentd/access.log.pos <parse> @type json </parse> tag kubernetes.* </source> /var/log/containers
  • 31. Kubernetes Daemonset & metadata Node Pod App Fluentd /var/log/containers <filter kubernetes.*> @type kubernetes_metadata_filter </filter> API { "log": "hellon", "stream": "stdout", "time": "2018-12-11T12:00:00.601357200Z" } { "log": "hellon", "kubernetes": { "namespace_name": "default", "container_name": "test-app-container", "namespace_labels": {
 "product_version": "v1.0.0" } … }
  • 32. Container Logging approach summary • Collect log messages with docker • --log-driver=fluentd • Application data/metrics • fluent-logger • Access logs, logs from middleware • Shared data volume with in_tail • Kubernetes Daemonset • Collect container logs from /var/log/containers/* • Add kubernetes metadata to logs
  • 34. Fluentd and Fluent-bit Fluentd Fluent-bit Implementation Ruby + C C Focus Flexibility and Robustness Performance and footprint Design Pluggable Pluggable Target Forwarder / Aggregator Forwarder / Edge Forward logs from fluent-bit to fluentd is popular pattern
  • 35. Container Logging with fluent-bit