-
Notifications
You must be signed in to change notification settings - Fork 246
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Restart the Fluentbit pods when a Filter/Parser/Input/Output is created/removed. #465
Comments
Thanks for engaging @Kristian-ZH First, the creation, update, and deletion of Filter/Parser/Input/Output will trigger the configuration reload of fluent bit. This will happen within the pod, so the pod does not need to restart. I am not sure what you mean by Can you provide more information to determine if this is a bug? |
Hi, Yes I did not know about this feature, because I see that FB still does not provide dynamic support: fluent/fluent-bit#365 But this still does not work entirely in my setup. The new configurations are dynamically injected in the How to reproduce it.
Can you please check it and tell me if the bug exists in your setup as well or if it is something on my side? |
I need the following information too. The k8s version. |
@Kristian-ZH Fluent Operator will restart the fluentbit process whenever the config is updated without restarting the fluentbit pod, you can take a look at the code here: https://github.com/fluent/fluent-operator/blob/master/cmd/fluent-watcher/fluentbit/main.go It's a bug to fix if it doesn't pickup the latest config changes |
k8s version: 1.22.16 I also install the operator via helm: |
Native fluentbit does not support dynamic loading configuration. You need to use our packaged image |
Ahh, got it. Will try it :), thanks. |
Its base image is the official |
I have tested it with the |
Can you show the logs for it? It usually changes as its |
Sure, Here I deployed FB with just one input plugin (tail). After that, I applied a ClusterOutput (stdout).
|
Ahh I think that I found the problem,
And what I think is that it overrides your entrypoint and does not start the |
Bingo! Don't start to run before you can walk :) |
Now the question is: How can I start the watcher binary and at the same time load a custom plugin to the fluent-bit :D |
You might need to add a flag to the watcher https://github.com/fluent/fluent-operator/blob/master/cmd/fluent-watcher/fluentbit/main.go#L189 |
Yes... |
FluentBit supports loki plugin, why using a custom loki plugin? |
Long story short, because our setup needs a dynamic hostpath configuration based on the tags and the loki plugin is not powerful to achieve this. That's why we are using a fork of the plugin: https://github.com/gardener/logging |
Is your feature request related to a problem? Please describe.
Currently, the operator consists of two controllers:
fluentbit-controller
andfluentbit-config-controller
. Both controllers do not share resources and in this way when we deploy a ClusterFilter for example after the FB Daemonset is created, the new filter will not be applied to the fluent-bit.The
fluentbit-config-controller
will pick this Filter and will add it to the Secret containing all the configurations, but nothing will restart the fluent-bit pods.I think that one operator should handle its components end-to-end and such dynamic configurations should be also possible, so please consider this scenario.
Describe the solution you'd like
I was thinking about the following solution which follows the K8S immutability approach.
fluentbit-config-controller
update the Secret, it can add the Secret name or the secret hash as an annotation to theFluentBit
resource. It could be done with a simple Patch request.fb-controller
will take the new FluentBit object and will update the FluentBit Daemonset with the new SecretRef (taken from the annotation)K8S
will automatically restart the pods when the SecretRef is changed.Also with this approach the
fluentbit-config-controller
can keep only last two config secrets in case of debugging and the other could be deleted.Additional context
In case you like the mentioned approach I can open a PR with the implementation. I am also open to discussions of other possible approaches to this scenario.
The text was updated successfully, but these errors were encountered: