Git Product home page Git Product logo

sumologic-k8s-api's Introduction

NOTE: This repo is now deprecated. Please refer to Sumo Logic's new solution and collection process for Kubernetes.

sumologic-k8s-api

Dockerized python script to extract information from the Kubernetes API and forward to SumoLogic.

Usage

This script can be run standalone or as a container. A Dockerfile has been provided should you wish to enhance. An example deployment YAML has also been provided.

Create a hosted collector and HTTP source in Sumo

In this step you create, on the Sumo service, an HTTP endpoint to receive your logs. This process involves creating an HTTP source on a hosted collector in Sumo. In Sumo, collectors use sources to receive data.

  1. If you don’t already have a Sumo account, you can create one by clicking the Free Trial button on https://www.sumologic.com/.
  2. Create a hosted collector, following the instructions on Configure a Hosted Collector in Sumo help. (If you already have a Sumo hosted collector that you want to use, skip this step.)
  3. Create an HTTP source on the collector you created in the previous step. For instructions, see HTTP Logs and Metrics Source in Sumo help.
  4. When you have configured the HTTP source, Sumo will display the URL of the HTTP endpoint. Make a note of the URL. You will use it when you configure the script to send data to Sumo.

Deploy the script as you want to

The script can be configured with the following environment variables:

Variable Description Required DEFAULT VALUE
SUMO_HTTP_URL The URL for the HTTP source created in the first step. YES
K8S_API_URL The URL for the Kubernetes API YES
X-Sumo-Name Desired source name. NO
X-Sumo-Host Desired host name. NO
X-Sumo-Category Desired source category. NO

Run On Node

You can simply add the script to one of your nodes and set it up via crontab. However, if the node dies so does your script unless baked into the image.

Run As CronJob

Example cronjob files has been provided. If you are using RBAC, you should use the sumologic-k8s-api-cronjob-rbac.yaml, other wise you can use sumologic-k8s-api-cronjob.yaml. This cronjob runs a sidecar container that starts kubectl proxy with the default port of 8001. The cronjob has a default schedule of running every 5 minutes, you can tune as needed. The K8S_API_URL variable has been set based on the kubectl sidecar container.

Running The CronJob in a different Namespace

The current YAML configuration assumes you are going to run the CronJob in the default namespace. If you plan to run it in a different namespace, you need to update the ClusterRoleBinding to indicate what Namespace you wish to run.

Common Errors

SSL: CERTIFICATE_VERIFY_FAILED

This CronJob runs kubectl proxy in a side car container, which allows the script to communicate with the API Server over localhost. You should need to change the K8S_API_URL in most cases. If you are getting this error, ensure you leave K8S_API_URL as the default value.

Unable to access the API, forbidden error messages

This likely means you are running the CronJob in a namespace other than default, see the above section on the changes needed to run the CronJob in a different namespace.

License

Released under Apache 2.0 License.

sumologic-k8s-api's People

Contributors

frankreno avatar granular-ryanbonham avatar

Watchers

avatar

Forkers

therealryanbonham datwiz mccartney

sumologic-k8s-api's Issues

Vulnerabilities in base python os layers

First of all, thank you for making an excellent product. I really appreciate your efforts on this. In a routine scan of our k8s container, we came up with the following vulnerabilities (which I believe are inherited from using python:3.3)

Lots of vulns come from this layer:

ADD file:1dd78a123212328bdc72ef7888024ea27fe141a72e24e0ea7c3c92b63b73d8d1 in /

46 OS high
python2.7-minimal (python2.7) version 2.7.9-2+deb8u1 has 3 vulnerabilities.

46 OS high
python2.7 version 2.7.9-2+deb8u1 has 3 vulnerabilities.

46 OS high
procps version 2:3.3.9-9 has 5 vulnerabilities.

46 OS high
perl-modules (perl) version 5.20.2-3+deb8u9 has 2 vulnerabilities.

46 OS high
perl-base (perl) version 5.20.2-3+deb8u9 has 2 vulnerabilities.

46 OS high
perl version 5.20.2-3+deb8u9 has 2 vulnerabilities.

46 OS high
openssh-client (openssh) version 1:6.7p1-5+deb8u4 has 11 vulnerabilities.

46 OS high
mysql-common (mysql-5.5) version 5.5.58-0+deb8u1 has 18 vulnerabilities.

46 OS high
mercurial-common (mercurial) version 3.1.2-2+deb8u4 has 6 vulnerabilities.

46 OS high
mercurial version 3.1.2-2+deb8u4 has 6 vulnerabilities.

46 OS high
linux-libc-dev (linux) version 3.16.51-2 has 80 vulnerabilities.

46 OS high
libx11-dev (libx11) version 2:1.6.2-3+deb8u1 has 3 vulnerabilities.

add http request status code error checking

Added checks for http requests to log and exit when an http return code other than "200" is returned.

Had an issue getting the job to work and added the return code checks to help debug the issue.
Turns out the error was due to an embedded line feed char in a secret, but the error checking helped to diagnose the issue.

Add support to http_proxy & https_proxy for resolving hosts using proxy servers.

We are using http_proxy & https_proxy. We are resolving hosts using proxy servers. We are not using DNS nameservers to resolve the host.

So my question is how to add proxy in the cron job so that it will go through proxy & resolve the host.

2019-07-04 05:25:13,790 [level=INFO] [line=58]: getting data for nodes
2019-07-04 05:25:13,817 [level=INFO] [line=64]: pushing node data to sumo
Traceback (most recent call last):
File "/usr/local/lib/python3.6/site-packages/urllib3/connection.py", line 171, in _new_conn
(self._dns_host, self.port), self.timeout, **extra_kw)
File "/usr/local/lib/python3.6/site-packages/urllib3/util/connection.py", line 56, in create_connection
for res in socket.getaddrinfo(host, port, family, socket.SOCK_STREAM):
File "/usr/local/lib/python3.6/socket.py", line 745, in getaddrinfo
for res in _socket.getaddrinfo(host, port, family, type, proto, flags):
socket.gaierror: [Errno -2] Name or service not known

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "/usr/local/lib/python3.6/site-packages/urllib3/connectionpool.py", line 600, in urlopen
chunked=chunked)
File "/usr/local/lib/python3.6/site-packages/urllib3/connectionpool.py", line 343, in _make_request
self._validate_conn(conn)
File "/usr/local/lib/python3.6/site-packages/urllib3/connectionpool.py", line 849, in _validate_conn
conn.connect()
File "/usr/local/lib/python3.6/site-packages/urllib3/connection.py", line 314, in connect
conn = self._new_conn()
File "/usr/local/lib/python3.6/site-packages/urllib3/connection.py", line 180, in _new_conn
self, "Failed to establish a new connection: %s" % e)
urllib3.exceptions.NewConnectionError: <urllib3.connection.VerifiedHTTPSConnection object at 0x7f3951ff6fd0>: Failed to establish a new connection: [Errno -2] Name or service not known

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "/usr/local/lib/python3.6/site-packages/requests/adapters.py", line 445, in send
timeout=timeout
File "/usr/local/lib/python3.6/site-packages/urllib3/connectionpool.py", line 638, in urlopen
_stacktrace=sys.exc_info()[2])
File "/usr/local/lib/python3.6/site-packages/urllib3/util/retry.py", line 398, in increment
raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='endpoint4.collection.us2.sumologic.com', port=443): Max retries exceeded with url: /receiver/v1/http/ZaVnC4dhaV2Huc2fvRAIitEUX79bs-9ZxXo-vfe6F6d6H417OT2iOeYVdXkg-94Ns8CZRFjxR5p__g4vWk-j7siL6dizjkFMgaBuT9vHi-c59y5g9Em5fg== (Caused by NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x7f3951ff6fd0>: Failed to establish a new connection: [Errno -2] Name or service not known',))

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "/opt/sumo/extract-data.py", line 86, in
SumoAPILogger.run()
File "/opt/sumo/extract-data.py", line 67, in run
headers=self.headers)
File "/usr/local/lib/python3.6/site-packages/requests/api.py", line 112, in post
return request('post', url, data=data, json=json, **kwargs)
File "/usr/local/lib/python3.6/site-packages/requests/api.py", line 58, in request
return session.request(method=method, url=url, **kwargs)
File "/usr/local/lib/python3.6/site-packages/requests/sessions.py", line 512, in request
resp = self.send(prep, **send_kwargs)
File "/usr/local/lib/python3.6/site-packages/requests/sessions.py", line 622, in send
r = adapter.send(request, **kwargs)
File "/usr/local/lib/python3.6/site-packages/requests/adapters.py", line 513, in send
raise ConnectionError(e, request=request)
requests.exceptions.ConnectionError: HTTPSConnectionPool(host='endpoint4.collection.us2.sumologic.com', port=443): Max retries exceeded with url: /receiver/v1/http/ZaVnC4dhaV2Huc2fvRAIitEUX79bs-9ZxXo-vfe6F6d6H417OT2iOeYVdXkg-94Ns8CZRFjxR5p__g4vWk-j7siL6dizjkFMgaBuT9vHi-c59y5g9Em5fg== (Caused by NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x7f3951ff6fd0>: Failed to establish a new connection: [Errno -2] Name or service not known',))

Fails to run on EKS

Description:
Running the rbac config on my EKS cluster and it fails with the following error:

Steps to reproduce:
$ kubectl create -f sumologic-k8s-api-cronjob-rbac.yaml

$ kubectl logs sumologic-k8s-api-1536183000-r8fcc sumologic-k8s-api
sumologic-k8s-api-error.log

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.