Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Overcoming Logging Challenges for Cloud Native ...

Eduardo Silva
October 23, 2017
Technology
0
190

Overcoming Logging Challenges for Cloud Native Applications at Scale

Logging is not that easy as it looks and when dealing with a Cloud Native environment where applications runs at scale and likely applications generate their own logging format, do log analysis becomes a challenge.

The following presentation was given at Open Source Summit Europe 2017 (Prague) and it have a strong focus on Kubernetes and Docker specifically.

Eduardo Silva

October 23, 2017
Tweet

More Decks by Eduardo Silva

See All by Eduardo Silva
Cloud Native CR 19.03 - Meetup
edsiper
0
30
Getting Started with Logging in Kubernetes
edsiper
2
110

Other Decks in Technology

See All in Technology
ドメイン名の終活について - JPAAWG 7th -
mikit
33
19k
形式手法の 10 メートル手前 #kernelvm / Kernel VM Study Hokuriku Part 7
ytaka23
5
860
透過型SMTPプロキシによる送信メールの可観測性向上: Update Edition / Improved observability of outgoing emails with transparent smtp proxy: Update edition
linyows
2
210
[OCI Technical Deep Dive] Oracle Cloud VMware Solution が開くVMware仮想環境モダナイゼーションへの道(2024年10月29日開催)
oracle4engineer
PRO
0
120
【Pycon mini 東海 2024】Google Colaboratoryで試すVLM
kazuhitotakahashi
2
430
OCI Network Firewall 概要
oracle4engineer
PRO
0
4.1k
Terraform CI/CD パイプラインにおける AWS CodeCommit の代替手段
hiyanger
1
220
Application Development WG Intro at AppDeveloperCon
salaboy
0
150
Why does continuous profiling matter to developers? #appdevelopercon
salaboy
0
150
Lexical Analysis
shigashiyama
1
150
開発生産性を上げながらビジネスも30倍成長させてきたチームの姿
kamina_zzz
1
1.6k
Lambda10周年!Lambdaは何をもたらしたか
smt7174
2
100

Featured

See All Featured
The MySQL Ecosystem @ GitHub 2015
samlambert
250
12k
GraphQLの誤解/rethinking-graphql
sonatard
67
10k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
27
4.2k
Reflections from 52 weeks, 52 projects
jeffersonlam
346
20k
Optimizing for Happiness
mojombo
376
70k
Designing Dashboards & Data Visualisations in Web Apps
destraynor
229
52k
The World Runs on Bad Software
bkeepers
PRO
65
11k
Facilitating Awesome Meetings
lara
50
6.1k
It's Worth the Effort
3n
183
27k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
665
120k
Visualization
eitanlees
145
15k
Producing Creativity
orderedlist
PRO
341
39k

Transcript

  1. Open Source Summit Europe, Prague 2017 Eduardo Silva <[email protected]> @edsiper

    Overcoming Logging Challenges for Cloud Native Apps

  2. /about • SW Engineer at Treasure Data • Maintainer of

    Fluent Bit (a Fluentd ecosystem project) #C #Kubernetes #CloudNative #Linux #Performance #Scalability

  3. Logging

  4. Logging • Why ? ◦ Monitoring ◦ Troubleshooting

  5. Logging • Standalone Applications ◦ Writes to a log file

    ◦ Writes to local logging service ◦ Writes to a remote logging service

  6. Logging • Operational Perspective (reality) ◦ Multiple Applications ◦ Multiple

    Hosts ◦ Logging == Complexity

  7. Distributed Systems

  8. Distributed Systems • Considerations ◦ “Application” might be composed by

    multiple services ◦ Services might run in multiple Nodes/Hosts ◦ Applications & Services might scale (likely on demand)

  9. Distributed Systems • From a Logging perspective ◦ Log Sources

    might be many ◦ Applications and Services have their own “Logging way” ◦ Logs requires identity: origin + metadata

  10. Distributed Systems • What is Cloud Native ? ◦ “It’s

    about Scale and Resilience...” • Cloud Native Logging ? ◦ New challenges

  11. Scale Applications Requires Scale Logging

  12. Cloud Native Logging • Requirements ◦ Consume logs in many

    ways (sources) ◦ Structure log records (more than human readable) ◦ Enrich logs (identity) ◦ Deliver logs to a central or multiple places for Analysis

  13. Cloud Native Logging • A Web Server log looks simple

    195.168.207.127 - [16/Oct/2017 17:43:26 +0000] GET /documentation/0.12/installation/requirements.html HTTP/1.1 200 32062 195.168.207.127 - [16/Oct/2017 17:43:44 +0000] GET /documentation/0.12/configuration/schema.html HTTP/1.1 200 34046 186.15.28.177 - [16/Oct/2017 17:45:12 +0000] GET /stats/hub.fluent-bit.stats HTTP/1.1 200 2921 186.15.28.177 - [16/Oct/2017 17:45:13 +0000] GET /stats/hub.fluentd.stats HTTP/1.1 200 3406 195.168.207.127 - [16/Oct/2017 17:46:50 +0000] GET /documentation/0.12/configuration/file.html HTTP/1.1 200 36318 195.168.207.127 - [16/Oct/2017 17:47:21 +0000] GET /documentation/0.12/configuration/variables.html HTTP/1.1 200 32090 186.15.28.177 - [16/Oct/2017 17:49:54 +0000] GET /stats/hub.fluent-bit.stats HTTP/1.1 200 2921 186.15.28.177 - [16/Oct/2017 17:49:54 +0000] GET /stats/hub.fluentd.stats HTTP/1.1 200 3406 180.76.15.15 - [16/Oct/2017 17:54:16 +0000] GET /documentation/0.12/about/fluentd_and_fluentbit.html HTTP/1.1 200 32750

  14. Cloud Native Logging • Analysis for Applications at Scale (simple?)

  15. Cloud Native Logging • How to approach Data Analysis at

    Scale ? ◦ Different Sources / Applications ◦ Different log formats ◦ Different nodes/hosts

  16. Logging Pipeline

  17. Cloud Native / Logging Pipeline

  18. Cloud Native / Logging Pipeline: Input

  19. Cloud Native / Logging Pipeline: Parser

  20. Cloud Native / Logging Pipeline: Filter

  21. Cloud Native / Logging Pipeline: Buffer

  22. Cloud Native / Logging Pipeline: Routing

  23. Cloud Native / Logging Pipeline: Output

  24. UnStructured Data

  25. Cloud Native Logging • Unstructured Log / Raw Text HTTP

    Server Log File 195.168.207.127 - [16/Oct/2017 17:43:26] GET /docs/ HTTP/1.1 200 3206

  26. Cloud Native Logging • Unstructured Log / Raw Text HTTP

    Server Log File 195.168.207.127 - [16/Oct/2017 17:43:26] GET /docs/ HTTP/1.1 200 3206 IP Address

  27. Cloud Native Logging • Unstructured Log / Raw Text HTTP

    Server Log File 195.168.207.127 - [16/Oct/2017 17:43:26] GET /docs/ HTTP/1.1 200 3206 Date and Time (timestamp)

  28. Cloud Native Logging • Unstructured Log / Raw Text HTTP

    Server Log File 195.168.207.127 - [16/Oct/2017 17:43:26] GET /docs/ HTTP/1.1 200 3206 HTTP Method

  29. Cloud Native Logging • Unstructured Log / Raw Text HTTP

    Server Log File 195.168.207.127 - [16/Oct/2017 17:43:26] GET /docs/ HTTP/1.1 200 3206 URI

  30. 195.168.207.127 - [16/Oct/2017 17:43:26] GET /docs/ HTTP/1.1 200 3206 Cloud

    Native Logging • Unstructured Log / Raw Text HTTP Server Log File Protocol

  31. Cloud Native Logging • Unstructured Log / Raw Text HTTP

    Server Log File 195.168.207.127 - [16/Oct/2017 17:43:26] GET /docs/ HTTP/1.1 200 3206 Status

  32. Cloud Native Logging • Unstructured Log / Raw Text HTTP

    Server Log File 195.168.207.127 - [16/Oct/2017 17:43:26] GET /docs/ HTTP/1.1 200 3206 Bytes

  33. Cloud Native Logging • Unstructured Log / Raw Text HTTP

    Server Log File 195.168.207.127 - [16/Oct/2017 17:43:26] GET /docs/ HTTP/1.1 200 3206 IP Address Date and Time (timestamp) HTTP Method URI Protocol Status Bytes

  34. Cloud Native Logging • Structure ?

  35. Cloud Native Logging • Structured Logs ◦ Easy to query

    specific data ◦ Empower Filtering ◦ Analytics

  36. Cloud Native Logging • Logging Pipeline • Aware of Distributed

    Applications • Strategies for Applications at Scale • Unstructured to Structured Logs • Centralize logs in Backends

  37. Cloud Native Logging

  38. Cloud Native Logging • CNCF Project • More than 700

    plugins! • Reliable and Secure • Built-in Reliability • Written in Ruby + C

  39. Fluentd Users

  40. More than a Project… Logging Ecosystem

  41. Cloud Native Logging • Feedback: Fluentd is a Cloud Native

    Project, but ◦ “Sometimes we need something lightweight” ◦ “Performance is good, but can we make it better ?” ◦ “I wish features A, B, C…”

  42. Fluentd Ecosystem A new project was created

  43. Cloud Native Logging fluent/fluent-bit

  44. Cloud Native Logging

  45. Cloud Native Logging • Fluent Bit Highlights ◦ Written in

    C language ◦ Pluggable Architecture (more than 35 plugins) ◦ Async I/O, Event Driven, SSL/TLS, Monitoring...

  46. Cloud Native Logging • Some Plugins ◦ Input: Tail, Systemd,

    Syslog, Tcp, Metrics (cpu, mem, disk) ◦ Filters: Kubernetes, Parser, Record Modifier.. ◦ Output: Elasticsearch, InfluxDB, Kafka REST, Nats, HTTP

  47. Cloud Native Logging • Fluent Bit Primary Focus

  48. Kubernetes & Logging 101

  49. Kubernetes & Logging 101 Application

  50. Kubernetes & Logging 101 Application Container

  51. Kubernetes & Logging 101 Application Container 1 Application Container N

    POD

  52. Kubernetes & Logging 101 Application Container 1 Application Container N

    POD Application Container 1 Application Container N POD Node

  53. Kubernetes & Logging 101 Node 1 Node 2 Node 3

    Node N Master

  54. Kubernetes & Logging 101 Node Master /var/log/containers/*

  55. Kubernetes & Logging 101 Node Master /var/log/containers/* Read Logs

  56. Kubernetes & Logging 101 Node Master /var/log/containers/* Lookup Metadata Read

    Logs

  57. Kubernetes & Logging 101 Nodes Master /var/log/containers/* /var/log/containers/*

  58. DEMO

  59. • Kubernetes Cluster (Raspberry Pi) ◦ node0 : master /

    API Server ◦ node1 : worker node ◦ node2 : worker node ◦ node3 : worker node • PODS generate random data • Fluent Bit as DaemonSet • Data aggregated into Elasticsearch • Logs visualization with Kibana

  60. Cloud Native Logging • Fluent Bit & Monitoring (v0.13 dev)

  61. Cloud Native Logging Thanks! Eduardo Silva <[email protected]> @edsiper fluent/fluent-bit fluentbit.io