# fluent-operator-walkthrough
**Repository Path**: anhongyang/fluent-operator-walkthrough
## Basic Information
- **Project Name**: fluent-operator-walkthrough
- **Description**: No description available
- **Primary Language**: Unknown
- **License**: Apache-2.0
- **Default Branch**: master
- **Homepage**: None
- **GVP Project**: No
## Statistics
- **Stars**: 0
- **Forks**: 0
- **Created**: 2024-10-29
- **Last Updated**: 2024-10-29
## Categories & Tags
**Categories**: Uncategorized
**Tags**: None
## README
# fluent-operator-walkthrough
- [fluent-operator-walkthrough](#fluent-operator-walkthrough)
- [Prerequisites](#prerequisites)
- [Install Fluent Operator](#install-fluent-operator)
- [Deploy Fluent Bit and Fluentd](#deploy-fluent-bit-and-fluentd)
- [Deploy Fluent Bit](#deploy-fluent-bit)
- [Deploy Fluentd](#deploy-fluentd)
- [Fluent Bit Only mode](#fluent-bit-only-mode)
- [Using Fluent Bit to collect kubelet logs and output to Elasticsearch](#using-fluent-bit-to-collect-kubelet-logs-and-output-to-elasticsearch)
- [Using Fluent Bit to collect K8s application logs and output to Kafka, Elasticsearch and Loki](#using-fluent-bit-to-collect-k8s-application-logs-and-output-to-kafka-elasticsearch-and-loki)
- [Fluent Bit + Fluentd mode](#fluent-bit--fluentd-mode)
- [Forward logs from Fluent Bit to Fluentd](#forward-logs-from-fluent-bit-to-fluentd)
- [Enable Fluentd Forward Input plugin to receive logs from Fluent Bit](#enable-fluentd-forward-input-plugin-to-receive-logs-from-fluent-bit)
- [ClusterFluentdConfig: Fluentd cluster-wide configuration](#clusterfluentdconfig-fluentd-cluster-wide-configuration)
- [FluentdConfig: Fluentd namespaced-wide configuration](#fluentdconfig-fluentd-namespaced-wide-configuration)
- [Use cluster-wide and namespaced-wide FluentdConfig together](#use-cluster-wide-and-namespaced-wide-fluentdconfig-together)
- [Use cluster-wide and namespaced FluentdConfig together in multi-tenant scenarios](#use-cluster-wide-and-namespaced-fluentdconfig-together-in-multi-tenant-scenarios)
- [Route logs to different Kafka topics based on namespace](#route-logs-to-different-kafka-topics-based-on-namespace)
- [Using buffer for Fluentd output](#using-buffer-for-fluentd-output)
- [Fluentd only mode](#fluentd-only-mode)
- [Use fluentd to receive logs from HTTP and output to stdout](#use-fluentd-to-receive-logs-from-http-and-output-to-stdout)
- [How to check the configuration and data](#how-to-check-the-configuration-and-data)
## Prerequisites
To get some hands-on experience on the Fluent Operator, you need a Kubernetes cluster - minikube is used here.
You also need some kind of data sink to receive logs, in this case we set up a Kafka cluster and an Elasticsearch cluster in the same Kubernetes cluster.
```shell
# If you already have a K8s cluster, you can skip installing minikube.
# Please be aware that the fluentbit and fluentd cases in this walkthrough might not work properly in a KinD cluster
# A minikube cluster is recommended if you don't have a K8s cluster.
# Setup a minikube cluster on the linux
./create-minikube-cluster.sh
# Setup a minikube cluster on the mac
./create-minikube-cluster-for-mac.sh
# Setup a Kafka cluster in the kafka namespace
./deploy-kafka.sh
# Setup an Elasticsearch cluster in the elastic namespace
# run 'export INSTALL_HELM=yes' first if helm is not installed
./deploy-es.sh
# Setup Loki
./deploy-loki.sh
```
>Note:
> On MacOS you may have to remove the old minikube links and link the newly installed binary:
> brew unlink minikube
> brew link minikube
> Reference: https://minikube.sigs.k8s.io/docs/start/
For some other examples of deploying data sinks (e.g. Loki, etc.) then have a look at https://github.com/calyptia/fluent-bit-devtools.
## Install Fluent Operator
Fluent Operator controls the lifecycle of the Fluent Bit and Fluentd deployments.
You can use the following script to launch the Fluent Operator in the `fluent` namespace:
```shell
./deploy-fluent-operator.sh
```
You can find more details of the Fluent Bit and Fluentd Custom Resource Definitions (CRDs) in the links below:
- https://github.com/fluent/fluent-operator#fluent-bit
- https://github.com/fluent/fluent-operator#fluentd
## Deploy Fluent Bit and Fluentd
The configuration of Fluent Bit and Fluentd are defined as CRDs with the Fluent Operator: you can create a Fluent Bit DaemonSet or a Fluentd StatefulSet by declaring a FluentBit or Fluentd Custom Resource (CR).
### Deploy Fluent Bit
The `FluentBit` CR works together with `ClusterFluentBitConfig` and they should be created together.
The following `FluentBit` CR is just an example.
To deploy the actual Fluent Bit DaemonSet, please refer to the [Using Fluent Bit to collect kubelet logs and output to Elasticsearch](#using-fluent-bit-to-collect-kubelet-logs-and-output-to-elasticsearch) and [Using Fluent Bit to collect K8s application logs and output to Kafka, Elasticsearch and Loki](#using-fluent-bit-to-collect-k8s-application-logs-and-output-to-kafka-elasticsearch-and-loki) sections.
```yaml
apiVersion: fluentbit.fluent.io/v1alpha2
kind: FluentBit
metadata:
name: fluent-bit
namespace: fluent
labels:
app.kubernetes.io/name: fluent-bit
spec:
image: kubesphere/fluent-bit:v1.8.11
positionDB:
hostPath:
path: /var/lib/fluent-bit/
resources:
requests:
cpu: 10m
memory: 25Mi
limits:
cpu: 500m
memory: 200Mi
fluentBitConfigName: fluent-bit-only-config
tolerations:
- operator: Exists
```
### Deploy Fluentd
```shell
cat < To double check the output, please refer to [this guide](#how-to-check-the-configuration-and-data).
### Using Fluent Bit to collect K8s application logs and output to Kafka, Elasticsearch and Loki
This covers the various data sinks in this example, they do not all have to be enabled but you will get errors on trying to send to a sink that is not available.
```shell
cat < To double check the output, please refer to [this guide](#how-to-check-the-configuration-and-data).
## Fluent Bit + Fluentd mode
With its rich plugins, Fluentd acts as a log aggregation layer and is able to perform more advanced log processing.
You can forward logs from Fluent Bit to Fluentd with ease using the Fluent Operator.
### Forward logs from Fluent Bit to Fluentd
To forward logs from Fluent Bit to Fluentd, we need to enable the Fluent Bit forward plugin as below:
```shell
cat <
@type forward
bind 0.0.0.0
port 24224
@id main
@type label_router
@label @48b7cb809bc2361ba336802a95eca0d4
namespaces kube-system,default
```
4. If you chose to forward the logs to Elasticsearch in the previous steps, you could query the elastic cluster kubernetes_ns buckets:
```bash
kubectl -n elastic exec -it elasticsearch-master-0 -c elasticsearch -- curl -X GET "localhost:9200/fluent-log*/_search?pretty" -H 'Content-Type: application/json' -d '{
"size" : 0,
"aggs" : {
"kubernetes_ns": {
"terms" : {
"field": "kubernetes.namespace_name.keyword"
}
}
}
}'
```
> If you don't use fluentd to extract the namspace field, you can use other query API.
5. You could also query the index of Elasticsearch. You will find that a new index has been created by fluent operator.
```bash
kubectl -n elastic exec -it elasticsearch-master-0 -c elasticsearch -- curl 'localhost:9200/_cat/indices?v'
```
6. If you chose to forward the logs to Kafka in the previous steps, you could query the kafka cluster and its topic:
```bash
# Enter a util pod to connect to kafka
kubectl run --rm utils -it --image arunvelsriram/utils bash
# Connect to kafka and read data from a kafka topic
kafkacat -C -b my-cluster-kafka-brokers.kafka.svc:9092 -t
# exit the util pod
exit
```
> Replace to the actual topic.