Skip to content

ip_col_sol_1 #107

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

ip_col_sol_1 #107

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
58985af
ip_col_sol_1
sakshamkapoor-oracle Feb 3, 2025
ff5d901
Merge branch 'main' into ip_coll_solution
sk99sk Feb 4, 2025
f8cfd5a
ip_collission_sol_client_side_approach
sk99sk Feb 26, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion charts/common/templates/role.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,5 +15,5 @@ rules:
- apiGroups: [""]
resources: ["configmaps"]
verbs: ["get", "patch"]
resourceNames: ["{{ include "common.resourceNamePrefix" . }}-discovery-state-tracker"]
resourceNames: ["{{ include "common.resourceNamePrefix" . }}-discovery-state-tracker","{{ include "common.resourceNamePrefix" . }}-pod-mapping-tracker"]
{{- end }}
278 changes: 138 additions & 140 deletions charts/logan/templates/discovery-cronjob.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,150 +4,148 @@
{{- $kubernetesClusterId := (include "logan.kubernetesClusterId" .) }}
{{- $kubernetesNamespace := (include "logan.namespace" .) }}
{{- $serviceAccount := (include "logan.serviceAccount" .) }}
apiVersion: batch/v1
kind: CronJob
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Values.global.resourceNamePrefix }}-discovery
namespace: {{ $kubernetesNamespace }}
spec:
schedule: {{ .Values.k8sDiscovery.objects.cronSchedule | quote }}
startingDeadlineSeconds: 120
concurrencyPolicy: Replace
successfulJobsHistoryLimit: {{ .Values.k8sDiscovery.objects.successfulJobsHistoryLimit }}
failedJobsHistoryLimit: {{ .Values.k8sDiscovery.objects.failedJobsHistoryLimit }}
jobTemplate:
replicas: 1
selector:
matchLabels:
app: {{ .Values.global.resourceNamePrefix }}-discovery
template:
metadata:
labels:
app: {{ .Values.global.resourceNamePrefix }}-discovery
spec:
backoffLimit: {{ .Values.k8sDiscovery.objects.backoffLimit }}
template:
spec:
restartPolicy: {{ .Values.k8sDiscovery.objects.restartPolicy }}
serviceAccountName: {{ $serviceAccount }}
{{- if .Values.image.imagePullSecrets }}
imagePullSecrets:
- name: {{ .Values.image.imagePullSecrets }}
serviceAccountName: {{ $serviceAccount }}
{{- if .Values.image.imagePullSecrets }}
imagePullSecrets:
- name: {{ .Values.image.imagePullSecrets }}
{{- end }}
containers:
- name: k8-discovery-job
image: {{ .Values.image.url }}
{{- if eq $authtype "config" }}
volumeMounts:
- name: ociconfigdir
mountPath: {{ .Values.oci.path }}
readOnly: true
{{- end }}
command:
{{- /* object discovery script */}}
- bundle
- exec
- oci-loganalytics-kubernetes-discovery
{{- /* mandatory inputs */}}
- --kubernetes_cluster_id
- {{ $kubernetesClusterId }}
- --kubernetes_cluster_name
- {{ $kubernetesClusterName }}
- --kubernetes_cluster_namespace
- {{ $kubernetesNamespace }}
- --oci_la_namespace
{{- if .Values.ociLANamespace }}
- {{ .Values.ociLANamespace }}
{{- else }}
{{- required "ociLANamespace is required" .Values.ociLANamespace }}
{{- end }}
containers:
- name: k8-discovery-job
image: {{ .Values.image.url }}
{{- if eq $authtype "config" }}
volumeMounts:
- name: ociconfigdir
mountPath: {{ .Values.oci.path }}
readOnly: true
{{- end }}
command:
{{- /* object discovery script */}}
- bundle
- exec
- oci-loganalytics-kubernetes-discovery
{{- /* mandatory inputs */}}
- --kubernetes_cluster_id
- {{ $kubernetesClusterId }}
- --kubernetes_cluster_name
- {{ $kubernetesClusterName }}
- --kubernetes_cluster_namespace
- {{ $kubernetesNamespace }}
- --oci_la_namespace
{{- if .Values.ociLANamespace }}
- {{ .Values.ociLANamespace }}
{{- else }}
{{- required "ociLANamespace is required" .Values.ociLANamespace }}
{{- end }}
- --oci_la_log_group_id
{{- if .Values.k8sDiscovery.objects.ociLALogGroupID }}
- {{ .Values.k8sDiscovery.objects.ociLALogGroupID }}
{{- else if .Values.ociLALogGroupID }}
- {{ .Values.ociLALogGroupID }}
{{- else }}
{{- required "ociLALogGroupID is required" .Values.ociLALogGroupID }}
{{- end }}
{{- /* mandatory inputs when authtype is set as config */}}
{{- if eq .Values.authtype "config" }}
{{- if and .Values.oci.path .Values.oci.file }}
- --config_file_location
- {{ .Values.oci.path -}}/{{ .Values.oci.file }}
{{- else }}
{{- required "{{ .Values.oci.path -}}/{{ .Values.oci.file }} is required" .Values.oci.path }}
{{- end }}
{{- end }}
{{- /* optional discovery job configuration */}}
{{- if .Values.ociLAClusterEntityID }}
- --oci_la_cluster_entity_id
- {{ .Values.ociLAClusterEntityID }}
{{- end }}
{{- if $resourceNamePrefix }}
- --kubernetes_resourcename_prefix
- {{ $resourceNamePrefix }}
{{- end }}
{{- if .Values.ociDomain }}
- --oci_domain
- {{ .Values.ociDomain }}
{{- end }}
{{- if .Values.k8sDiscovery.objects.discoveryMode }}
- --discovery
- {{ .Values.k8sDiscovery.objects.discoveryMode }}
{{- end }}
{{- if .Values.k8sDiscovery.objects.log_format }}
- --log_format
- {{ .Values.k8sDiscovery.objects.log_format }}
{{- end }}
{{- if .Values.k8sDiscovery.objects.log_level }}
- --log_level
- {{ .Values.k8sDiscovery.objects.log_level }}
{{- end }}
{{- if and .Values.k8sDiscovery.objects.enable_threading .Values.k8sDiscovery.objects.thread_count }}
- --enable_threading
- --thread_count
- {{ .Values.k8sDiscovery.objects.thread_count | quote }}
{{- end }}
{{- if .Values.k8sDiscovery.objects.chunk_limit }}
- --chunk_limit
- {{ .Values.k8sDiscovery.objects.chunk_limit | quote }}
{{- end }}
{{- if .Values.k8sDiscovery.objects.collect_warning_events_only }}
- --collect_warning_events_only
{{- end }}
{{- /* optional kubernetes cluster configuration */}}
{{- if .Values.k8sDiscovery.kubeClientOptions.kubernetes_url }}
- --kubernetes_url
- {{ .Values.k8sDiscovery.kubeClientOptions.kubernetes_url }}
{{- end }}
{{- if .Values.k8sDiscovery.kubeClientOptions.client_cert }}
- --client_cert
- {{ .Values.k8sDiscovery.kubeClientOptions.client_cert }}
{{- end }}
{{- if .Values.k8sDiscovery.kubeClientOptions.client_key }}
- --client_key
- {{ .Values.k8sDiscovery.kubeClientOptions.client_key }}
{{- end }}
{{- if .Values.k8sDiscovery.kubeClientOptions.ca_file }}
- --ca_file
- {{ .Values.k8sDiscovery.kubeClientOptions.ca_file }}
{{- end }}
{{- if eq .Values.k8sDiscovery.kubeClientOptions.verify_ssl true }}
- --verify_ssl
{{- end }}
{{- if .Values.k8sDiscovery.kubeClientOptions.bearer_token_file }}
- --bearer_token_file
- {{ .Values.k8sDiscovery.kubeClientOptions.bearer_token_file }}
{{- end }}
{{- if .Values.k8sDiscovery.kubeClientOptions.secret_dir }}
- --secret_dir
- {{ .Values.k8sDiscovery.kubeClientOptions.secret_dir }}
{{- end }}
{{- /* developer options - optional */}}
{{- if .Values.k8sDiscovery.oci_la_endpoint }}
- --endpoint
- {{ .Values.k8sDiscovery.oci_la_endpoint }}
{{- else if .Values.ociLAEndpoint }}
- --endpoint
- {{ .Values.ociLAEndpoint }}
{{- end }}
{{- if eq $authtype "config" }}
volumes:
- name: ociconfigdir
projected:
sources:
- secret:
name: {{ $resourceNamePrefix }}-oci-config
- --oci_la_log_group_id
{{- if .Values.k8sDiscovery.objects.ociLALogGroupID }}
- {{ .Values.k8sDiscovery.objects.ociLALogGroupID }}
{{- else if .Values.ociLALogGroupID }}
- {{ .Values.ociLALogGroupID }}
{{- else }}
{{- required "ociLALogGroupID is required" .Values.ociLALogGroupID }}
{{- end }}
{{- /* mandatory inputs when authtype is set as config */}}
{{- if eq .Values.authtype "config" }}
{{- if and .Values.oci.path .Values.oci.file }}
- --config_file_location
- {{ .Values.oci.path -}}/{{ .Values.oci.file }}
{{- else }}
{{- required "{{ .Values.oci.path -}}/{{ .Values.oci.file }} is required" .Values.oci.path }}
{{- end }}
{{- end }}
{{- /* optional discovery job configuration */}}
{{- if .Values.ociLAClusterEntityID }}
- --oci_la_cluster_entity_id
- {{ .Values.ociLAClusterEntityID }}
{{- end }}
{{- if $resourceNamePrefix }}
- --kubernetes_resourcename_prefix
- {{ $resourceNamePrefix }}
{{- end }}
{{- if .Values.ociDomain }}
- --oci_domain
- {{ .Values.ociDomain }}
{{- end }}
{{- if .Values.k8sDiscovery.objects.discoveryMode }}
- --discovery
- {{ .Values.k8sDiscovery.objects.discoveryMode }}
{{- end }}
{{- if .Values.k8sDiscovery.objects.log_format }}
- --log_format
- {{ .Values.k8sDiscovery.objects.log_format }}
{{- end }}
{{- if .Values.k8sDiscovery.objects.log_level }}
- --log_level
- {{ .Values.k8sDiscovery.objects.log_level }}
{{- end }}
{{- if and .Values.k8sDiscovery.objects.enable_threading .Values.k8sDiscovery.objects.thread_count }}
- --enable_threading
- --thread_count
- {{ .Values.k8sDiscovery.objects.thread_count | quote }}
{{- end }}
{{- if .Values.k8sDiscovery.objects.chunk_limit }}
- --chunk_limit
- {{ .Values.k8sDiscovery.objects.chunk_limit | quote }}
{{- end }}
{{- if .Values.k8sDiscovery.objects.collect_warning_events_only }}
- --collect_warning_events_only
{{- end }}
{{- /* optional kubernetes cluster configuration */}}
{{- if .Values.k8sDiscovery.kubeClientOptions.kubernetes_url }}
- --kubernetes_url
- {{ .Values.k8sDiscovery.kubeClientOptions.kubernetes_url }}
{{- end }}
{{- if .Values.k8sDiscovery.kubeClientOptions.client_cert }}
- --client_cert
- {{ .Values.k8sDiscovery.kubeClientOptions.client_cert }}
{{- end }}
{{- if .Values.k8sDiscovery.kubeClientOptions.client_key }}
- --client_key
- {{ .Values.k8sDiscovery.kubeClientOptions.client_key }}
{{- end }}
{{- if .Values.k8sDiscovery.kubeClientOptions.ca_file }}
- --ca_file
- {{ .Values.k8sDiscovery.kubeClientOptions.ca_file }}
{{- end }}
{{- if eq .Values.k8sDiscovery.kubeClientOptions.verify_ssl true }}
- --verify_ssl
{{- end }}
{{- if .Values.k8sDiscovery.kubeClientOptions.bearer_token_file }}
- --bearer_token_file
- {{ .Values.k8sDiscovery.kubeClientOptions.bearer_token_file }}
{{- end }}
{{- if .Values.k8sDiscovery.kubeClientOptions.secret_dir }}
- --secret_dir
- {{ .Values.k8sDiscovery.kubeClientOptions.secret_dir }}
{{- end }}
{{- /* developer options - optional */}}
{{- if .Values.k8sDiscovery.oci_la_endpoint }}
- --endpoint
- {{ .Values.k8sDiscovery.oci_la_endpoint }}
{{- else if .Values.ociLAEndpoint }}
- --endpoint
- {{ .Values.ociLAEndpoint }}
{{- end }}
{{- if eq $authtype "config" }}
volumes:
- name: ociconfigdir
projected:
sources:
- secret:
name: {{ $resourceNamePrefix }}-oci-config
{{- end }}
22 changes: 18 additions & 4 deletions logan/docker-images/v1.0/oraclelinux/8-slim/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,8 @@ ENV GEM_HOME /fluentd/vendor/bundle/ruby/3.3
ENV FLUENTD_DISABLE_BUNDLER_INJECTION 1

COPY Gemfile* /fluentd/
COPY tcpconnect.* /fluentd/
COPY tcp-monitor /usr/local/bin/

# Install ruby, ruby-libs along with rubygems and bundler.
RUN microdnf -y module enable ruby:3.3 \
Expand All @@ -27,7 +29,7 @@ RUN microdnf -y module enable ruby:3.3 \
&& microdnf -y install --setopt=install_weak_deps=0 --nodocs rubygems \
&& gem install bundler -v 2.5.16 \
# Install development dependent packages for gems native installation
&& microdnf --enablerepo ol8_codeready_builder -y install --nodocs gcc make redhat-rpm-config openssl ruby-devel gcc-c++ libtool libffi-devel bzip2 git libyaml-devel \
&& microdnf --enablerepo ol8_codeready_builder -y install --nodocs gcc make redhat-rpm-config openssl ruby-devel gcc-c++ libtool libffi-devel bzip2 git libyaml-devel zlib elfutils-libelf-devel which clang llvm \
# Install Fluentd, it's dependencies along with other run time dependencies for OCI Logging Analytics Solution
&& bundle config silence_root_warning true \
&& bundle config --local path /fluentd/vendor/bundle \
Expand All @@ -38,9 +40,16 @@ RUN microdnf -y module enable ruby:3.3 \
&& microdnf -y install --nodocs tini-0.19.0 \
# Install jemalloc (custom make with no docs)
&& cd /tmp && ls /tmp \
&& git clone -b 5.3.0 https://github.com/jemalloc/jemalloc.git && cd jemalloc/ \
&& git clone --depth 1 -b 5.3.0 https://github.com/jemalloc/jemalloc.git && cd jemalloc/ \
&& ./autogen.sh && make && make install_bin install_include install_lib \
&& mv lib/libjemalloc.so.2 /usr/lib
&& mv lib/libjemalloc.so.2 /usr/lib \
# Install libbpf-tools from bcc
&& cd /tmp && ls /tmp \
&& git clone -b v0.29.1 --depth 1 https://github.com/iovisor/bcc.git && cd bcc/ && git submodule update --init --recursive \
&& cd libbpf-tools/ && cp /fluentd/tcpconnect.* ./ && make \
&& mv ./tcpconnect /usr/bin/ \
&& rm /fluentd/tcpconnect.* \
&& cd /fluentd/

## To build the final docker image

Expand All @@ -62,17 +71,22 @@ RUN microdnf -y module enable ruby:3.3 \
&& microdnf -y install --setopt=install_weak_deps=0 --nodocs ruby ruby-libs \
# Install rubygems (it's dependencies rubygem-openssl rubygem-psych), disabling week dependencies
&& microdnf -y install --setopt=install_weak_deps=0 --nodocs rubygems \
# Install development packages needed for tcp_monitor
# && microdnf --enablerepo ol8_codeready_builder -y install --nodocs gcc make redhat-rpm-config openssl ruby-devel gcc-c++ libtool libffi-devel bzip2 libyaml-devel zlib elfutils-libelf-devel which clang llvm \
&& gem install bundler -v 2.5.16 \
&& bundle config --local path /fluentd/vendor/bundle \
# clear caches
&& microdnf clean all \
&& rm -rf /var/cache/dnf /tmp/* /var/tmp/* /usr/lib/ruby/gems/*/cache/*.gem
&& rm -rf /var/cache/dnf /tmp/* /var/tmp/* /usr/lib/ruby/gems/*/cache/*.gem

# Copy binaries (tini & jemallco) and rubygems bundler environment from build stage
COPY --from=builder /fluentd /fluentd
COPY --from=builder /usr/bin/tini /usr/bin/tini
COPY --from=builder /usr/lib/libjemalloc.so.2 /usr/lib/libjemalloc.so.2
COPY --from=builder /usr/bin/tcpconnect /usr/bin/tcpconnect
COPY --from=builder /usr/local/bin /usr/local/bin

RUN chmod +x /usr/local/bin/tcp-monitor
RUN mkdir -p /fluentd/etc /fluentd/plugins \
&& touch /fluentd/etc/disable.conf

Expand Down
3 changes: 2 additions & 1 deletion logan/docker-images/v1.0/oraclelinux/8-slim/Gemfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,8 +11,9 @@ gem "fluent-plugin-concat", "~> 2.5.0"
gem "fluent-plugin-rewrite-tag-filter", "~> 2.4.0"
gem "fluent-plugin-parser-cri", "~> 0.1.1"
gem "fluent-plugin-kubernetes_metadata_filter", "3.5.0"
gem "oci-logging-analytics-kubernetes-discovery", "1.0.2"
gem "oci-logging-analytics-kubernetes-discovery", "1.2.0.5", source: "https://artifactory.oci.oraclecorp.com:443/logan-dev-gems-local/"
gem "fluent-plugin-record-modifier", "2.2.0"
gem "fluent-plugin-cloudwatch-logs", "0.14.3"
gem "fluent-plugin-s3", "1.7.2"
gem "rexml", "3.4.0"
gem "tcp_monitor", "0.3.5", source: "https://artifactory.oci.oraclecorp.com:443/logan-dev-gems-local/"
Loading