From 144fb4bd42d57fdf1de54f2f1878d760e895334a Mon Sep 17 00:00:00 2001 From: turbo Date: Tue, 8 Sep 2020 15:02:00 +0200 Subject: [PATCH 1/3] rename everything --- .github/workflows/checks.yml | 2 +- .github/workflows/docker.yaml | 2 +- Dockerfile | 8 ++++---- Makefile | 4 ++-- README.md | 12 ++++++------ go.mod | 2 +- kustomization.yaml | 6 +++--- main.go | 2 +- {cabbage => rkubelog}/clusterrole.yaml | 2 +- {cabbage => rkubelog}/clusterrolebinding.yaml | 8 ++++---- {cabbage => rkubelog}/deployment.yaml | 14 +++++++------- {cabbage => rkubelog}/kustomization.yaml | 0 12 files changed, 31 insertions(+), 31 deletions(-) rename {cabbage => rkubelog}/clusterrole.yaml (90%) rename {cabbage => rkubelog}/clusterrolebinding.yaml (72%) rename {cabbage => rkubelog}/deployment.yaml (58%) rename {cabbage => rkubelog}/kustomization.yaml (100%) diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml index 77ac24e8..c6be5912 100644 --- a/.github/workflows/checks.yml +++ b/.github/workflows/checks.yml @@ -1,4 +1,4 @@ -name: Cabbage +name: rkubelog on: push: branches: diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml index 06bc9050..2c2aa6b3 100644 --- a/.github/workflows/docker.yaml +++ b/.github/workflows/docker.yaml @@ -12,7 +12,7 @@ jobs: - name: Publish to Registry uses: elgohr/Publish-Docker-Github-Action@master with: - name: quay.io/solarwinds/cabbage + name: quay.io/solarwinds/rkubelog workdir: . username: turbo password: ${{ secrets.QUAY_PASSWORD }} diff --git a/Dockerfile b/Dockerfile index 8b799ac4..b4f5f3e4 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,15 +1,15 @@ FROM golang:1.15.0-alpine as main RUN apk update && apk add --no-cache git ca-certificates wget && update-ca-certificates RUN wget -O /etc/ssl/certs/papertrail-bundle.pem https://papertrailapp.com/tools/papertrail-bundle.pem -WORKDIR /github.com/solarwinds/cabbage +WORKDIR /github.com/solarwinds/rkubelog ADD . . -RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags='-w -s -extldflags "-static"' -a -o /cabbage . +RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags='-w -s -extldflags "-static"' -a -o /rkubelog . FROM alpine COPY --from=main /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ COPY --from=main /etc/ssl/certs/papertrail-bundle.pem /etc/ssl/certs/ -COPY --from=main /cabbage /app/cabbage +COPY --from=main /rkubelog /app/rkubelog RUN chmod -R 777 /app USER 1001 WORKDIR /app -ENTRYPOINT ./cabbage \ No newline at end of file +ENTRYPOINT ./rkubelog \ No newline at end of file diff --git a/Makefile b/Makefile index 1e5b58a4..ea1fb6c1 100644 --- a/Makefile +++ b/Makefile @@ -8,7 +8,7 @@ tests: go test -v ./... build: - go build -o bin/cabbage + go build -o bin/rkubelog docker: - DOCKER_BUILDKIT=1 docker build -t quay.io/solarwinds/cabbage . \ No newline at end of file + DOCKER_BUILDKIT=1 docker build -t quay.io/solarwinds/rkubelog . \ No newline at end of file diff --git a/README.md b/README.md index 8522bf94..d4635eba 100644 --- a/README.md +++ b/README.md @@ -1,12 +1,12 @@ -# Cabbage +# rkubelog -Cabbage is the easiest way to get logs out of your k8s cluster and into [Papertrail](https://www.papertrail.com/) and [Loggly](https://www.loggly.com/). Because it doesn't require DaemonSets, sidecars, fluentd or persistent claims, it's one of the only solutions for logging in nodeless clusters, such as EKS on Fargate. But it's also perfect for smaller, local dev clusters to setup logging within seconds. +rkubelog is the easiest way to get logs out of your k8s cluster and into [Papertrail](https://www.papertrail.com/) and [Loggly](https://www.loggly.com/). Because it doesn't require DaemonSets, sidecars, fluentd or persistent claims, it's one of the only solutions for logging in nodeless clusters, such as EKS on Fargate. But it's also perfect for smaller, local dev clusters to setup logging within seconds. ## Usage > __Warning:__ You need a pull secret for quay.io/solarwinds in your cluster! If you don't have access to quay, build the image yourself and push it to your registry. -By default, cabbage runs in the `kube-system` namespace and will observe all logs from all pods in all namespaces except from itself or any other service in `kube-system`. +By default, rkubelog runs in the `kube-system` namespace and will observe all logs from all pods in all namespaces except from itself or any other service in `kube-system`. In `logging-config-patch.yaml` follow the comments to setup the connection to the syslog sink (Papertrail in this example) and set a system tag for the syslog messages. @@ -14,7 +14,7 @@ That's it. Preview with `kubectl apply -k . --dry-run -o yaml` and remove `--dry ## How it works -Cabbage deploys a customized `kail` in an alpine container, using it to query the k8s API for pods (and keeping the pod list in sync) and their logs. Kail is a command line k8s logging client that lives at the opposite end of the specificity spectrum from `kubectl logs ...`. You can run kail yourself by cloning this repo and running `go run main.go`. This will give you all logs from all pods in all namespaces. +rkubelog deploys a customized `kail` in an alpine container, using it to query the k8s API for pods (and keeping the pod list in sync) and their logs. Kail is a command line k8s logging client that lives at the opposite end of the specificity spectrum from `kubectl logs ...`. You can run kail yourself by cloning this repo and running `go run main.go`. This will give you all logs from all pods in all namespaces. To learn more about filters, read the [kail usage guide](https://github.com/boz/kail/tree/eb6734178238dc794641e82779855fabc2071e23#usage). ### Papertrail @@ -58,7 +58,7 @@ make build To run the code: ``` -bin/cabbage +bin/rkubelog ``` You are free to set the described environment variables or pass run time arguments described above and/or follow [kail usage guide](https://github.com/boz/kail/tree/eb6734178238dc794641e82779855fabc2071e23#usage). @@ -79,4 +79,4 @@ make docker ``` # Questions/Comments? -Please [open an issue](https://github.com/solarwinds/cabbage/issues/new), we'd love to hear from you. As a SolarWinds Project, it is supported in a best-effort fashion. \ No newline at end of file +Please [open an issue](https://github.com/solarwinds/rkubelog/issues/new), we'd love to hear from you. As a SolarWinds Project, it is supported in a best-effort fashion. \ No newline at end of file diff --git a/go.mod b/go.mod index 83feebf6..34fc8e67 100644 --- a/go.mod +++ b/go.mod @@ -1,4 +1,4 @@ -module github.com/solarwinds/cabbage +module github.com/solarwinds/rkubelog go 1.15 diff --git a/kustomization.yaml b/kustomization.yaml index 3c4aa8a7..68758b79 100644 --- a/kustomization.yaml +++ b/kustomization.yaml @@ -2,7 +2,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization bases: -- ./cabbage +- ./rkubelog namespace: kube-system @@ -23,12 +23,12 @@ patchesJSON6902: group: apps version: v1 kind: Deployment - name: cabbage + name: rkubelog path: logging-config-patch.yaml - target: group: rbac.authorization.k8s.io version: v1 kind: ClusterRoleBinding - name: cabbage-reader-binding + name: rkubelog-reader-binding path: namespace-binding-config.yaml \ No newline at end of file diff --git a/main.go b/main.go index 44c6d617..2c045ba4 100644 --- a/main.go +++ b/main.go @@ -15,7 +15,7 @@ import ( "github.com/boz/kail" "github.com/boz/kcache/nsname" "github.com/sirupsen/logrus" - "github.com/solarwinds/cabbage/logshipper" + "github.com/solarwinds/rkubelog/logshipper" kingpin "gopkg.in/alecthomas/kingpin.v2" apierrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/cabbage/clusterrole.yaml b/rkubelog/clusterrole.yaml similarity index 90% rename from cabbage/clusterrole.yaml rename to rkubelog/clusterrole.yaml index f6a3b7dc..c598fc71 100644 --- a/cabbage/clusterrole.yaml +++ b/rkubelog/clusterrole.yaml @@ -2,7 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: namespace: default - name: cabbage-reader + name: rkubelog-reader rules: - apiGroups: [""] # "" indicates the core API group resources: ["pods", "pods/log"] diff --git a/cabbage/clusterrolebinding.yaml b/rkubelog/clusterrolebinding.yaml similarity index 72% rename from cabbage/clusterrolebinding.yaml rename to rkubelog/clusterrolebinding.yaml index cd84f534..40ac81a2 100644 --- a/cabbage/clusterrolebinding.yaml +++ b/rkubelog/clusterrolebinding.yaml @@ -1,17 +1,17 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: cabbage-sa + name: rkubelog-sa --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: cabbage-reader-binding + name: rkubelog-reader-binding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: cabbage-reader + name: rkubelog-reader subjects: - kind: ServiceAccount - name: cabbage-sa + name: rkubelog-sa namespace: kube-system \ No newline at end of file diff --git a/cabbage/deployment.yaml b/rkubelog/deployment.yaml similarity index 58% rename from cabbage/deployment.yaml rename to rkubelog/deployment.yaml index 371a26c5..bbbb372a 100644 --- a/cabbage/deployment.yaml +++ b/rkubelog/deployment.yaml @@ -1,23 +1,23 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: "cabbage" + name: "rkubelog" namespace: "default" labels: - app: cabbage + app: rkubelog spec: replicas: 1 selector: matchLabels: - app: cabbage + app: rkubelog template: metadata: labels: kail.ignore: "true" - app: cabbage + app: rkubelog spec: - serviceAccountName: cabbage-sa + serviceAccountName: rkubelog-sa containers: - - image: quay.io/solarwinds/cabbage + - image: quay.io/solarwinds/rkubelog imagePullPolicy: Always - name: "cabbage" + name: "rkubelog" diff --git a/cabbage/kustomization.yaml b/rkubelog/kustomization.yaml similarity index 100% rename from cabbage/kustomization.yaml rename to rkubelog/kustomization.yaml From 8d2363e688089e25098d85fc55f96130a7854277 Mon Sep 17 00:00:00 2001 From: turbo Date: Tue, 8 Sep 2020 15:43:04 +0200 Subject: [PATCH 2/3] add license headers --- .dockerignore | 2 -- .github/workflows/checks.yml | 3 +++ .github/workflows/docker.yaml | 3 +++ .gitignore | 4 ---- Dockerfile | 3 +++ Makefile | 3 +++ kustomization.yaml | 3 +++ logging-config-patch.yaml | 5 ++++- logshipper/loggly.go | 3 +++ logshipper/models.go | 3 +++ logshipper/papertrail.go | 3 +++ main.go | 3 +++ namespace-binding-config.yaml | 3 +++ rkubelog/clusterrole.yaml | 3 +++ rkubelog/clusterrolebinding.yaml | 3 +++ rkubelog/deployment.yaml | 3 +++ rkubelog/kustomization.yaml | 3 +++ 17 files changed, 46 insertions(+), 7 deletions(-) diff --git a/.dockerignore b/.dockerignore index ecfc0dff..27ced45d 100644 --- a/.dockerignore +++ b/.dockerignore @@ -1,5 +1,3 @@ db/ - .vscode - bin/ diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml index c6be5912..eb738a0f 100644 --- a/.github/workflows/checks.yml +++ b/.github/workflows/checks.yml @@ -1,3 +1,6 @@ +# Copyright 2019 SolarWinds Worldwide, LLC. +# SPDX-License-Identifier: Apache-2.0 + name: rkubelog on: push: diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml index 2c2aa6b3..2238633e 100644 --- a/.github/workflows/docker.yaml +++ b/.github/workflows/docker.yaml @@ -1,3 +1,6 @@ +# Copyright 2019 SolarWinds Worldwide, LLC. +# SPDX-License-Identifier: Apache-2.0 + name: Build Release Docker Image on: diff --git a/.gitignore b/.gitignore index 414eb6b7..ae28b7b3 100644 --- a/.gitignore +++ b/.gitignore @@ -1,9 +1,5 @@ run.sh - .vscode - bin/ - db/ - *.config \ No newline at end of file diff --git a/Dockerfile b/Dockerfile index b4f5f3e4..875d14ec 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,3 +1,6 @@ +# Copyright 2019 SolarWinds Worldwide, LLC. +# SPDX-License-Identifier: Apache-2.0 + FROM golang:1.15.0-alpine as main RUN apk update && apk add --no-cache git ca-certificates wget && update-ca-certificates RUN wget -O /etc/ssl/certs/papertrail-bundle.pem https://papertrailapp.com/tools/papertrail-bundle.pem diff --git a/Makefile b/Makefile index ea1fb6c1..aa5f6d17 100644 --- a/Makefile +++ b/Makefile @@ -1,3 +1,6 @@ +# Copyright 2019 SolarWinds Worldwide, LLC. +# SPDX-License-Identifier: Apache-2.0 + lint: docker run --rm -v $(PWD):/app -w /app golangci/golangci-lint:v1.27.0 golangci-lint run --allow-parallel-runners --timeout 3m ./... diff --git a/kustomization.yaml b/kustomization.yaml index 68758b79..ba400637 100644 --- a/kustomization.yaml +++ b/kustomization.yaml @@ -1,3 +1,6 @@ +# Copyright 2019 SolarWinds Worldwide, LLC. +# SPDX-License-Identifier: Apache-2.0 + apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization diff --git a/logging-config-patch.yaml b/logging-config-patch.yaml index 81cad27a..07320972 100644 --- a/logging-config-patch.yaml +++ b/logging-config-patch.yaml @@ -1,7 +1,10 @@ +# Copyright 2019 SolarWinds Worldwide, LLC. +# SPDX-License-Identifier: Apache-2.0 + # This is the system tag in the syslog msgs sent to PT - op: add path: /spec/template/spec/containers/0/args - value: ["swing"] + value: ["rkubelog"] # Put your Papertrail & Loggly config here - op: add diff --git a/logshipper/loggly.go b/logshipper/loggly.go index b1b1b355..6f46c506 100644 --- a/logshipper/loggly.go +++ b/logshipper/loggly.go @@ -1,3 +1,6 @@ +// Copyright 2019 SolarWinds Worldwide, LLC. +// SPDX-License-Identifier: Apache-2.0 + package logshipper import ( diff --git a/logshipper/models.go b/logshipper/models.go index 99f89287..5879f0c4 100644 --- a/logshipper/models.go +++ b/logshipper/models.go @@ -1,3 +1,6 @@ +// Copyright 2019 SolarWinds Worldwide, LLC. +// SPDX-License-Identifier: Apache-2.0 + // Package logshipper contains all the log shippers package logshipper diff --git a/logshipper/papertrail.go b/logshipper/papertrail.go index 8f6b0286..7326e5ec 100644 --- a/logshipper/papertrail.go +++ b/logshipper/papertrail.go @@ -1,3 +1,6 @@ +// Copyright 2019 SolarWinds Worldwide, LLC. +// SPDX-License-Identifier: Apache-2.0 + package logshipper import ( diff --git a/main.go b/main.go index 2c045ba4..bd441f9c 100644 --- a/main.go +++ b/main.go @@ -1,3 +1,6 @@ +// Copyright 2019 SolarWinds Worldwide, LLC. +// SPDX-License-Identifier: Apache-2.0 + package main import ( diff --git a/namespace-binding-config.yaml b/namespace-binding-config.yaml index aa6c6d19..cd31323d 100644 --- a/namespace-binding-config.yaml +++ b/namespace-binding-config.yaml @@ -1,3 +1,6 @@ +# Copyright 2019 SolarWinds Worldwide, LLC. +# SPDX-License-Identifier: Apache-2.0 + # Change this if you've changed the namespace in kustomize - op: replace path: /subjects/0/namespace diff --git a/rkubelog/clusterrole.yaml b/rkubelog/clusterrole.yaml index c598fc71..51c94b5e 100644 --- a/rkubelog/clusterrole.yaml +++ b/rkubelog/clusterrole.yaml @@ -1,3 +1,6 @@ +# Copyright 2019 SolarWinds Worldwide, LLC. +# SPDX-License-Identifier: Apache-2.0 + apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: diff --git a/rkubelog/clusterrolebinding.yaml b/rkubelog/clusterrolebinding.yaml index 40ac81a2..876a59ef 100644 --- a/rkubelog/clusterrolebinding.yaml +++ b/rkubelog/clusterrolebinding.yaml @@ -1,3 +1,6 @@ +# Copyright 2019 SolarWinds Worldwide, LLC. +# SPDX-License-Identifier: Apache-2.0 + apiVersion: v1 kind: ServiceAccount metadata: diff --git a/rkubelog/deployment.yaml b/rkubelog/deployment.yaml index bbbb372a..4da91af0 100644 --- a/rkubelog/deployment.yaml +++ b/rkubelog/deployment.yaml @@ -1,3 +1,6 @@ +# Copyright 2019 SolarWinds Worldwide, LLC. +# SPDX-License-Identifier: Apache-2.0 + apiVersion: apps/v1 kind: Deployment metadata: diff --git a/rkubelog/kustomization.yaml b/rkubelog/kustomization.yaml index 0729c8a0..787f4c16 100644 --- a/rkubelog/kustomization.yaml +++ b/rkubelog/kustomization.yaml @@ -1,3 +1,6 @@ +# Copyright 2019 SolarWinds Worldwide, LLC. +# SPDX-License-Identifier: Apache-2.0 + apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization From fe23b9e9a550354467058bcd83edee75f9890f1e Mon Sep 17 00:00:00 2001 From: turbo Date: Tue, 8 Sep 2020 19:21:12 +0200 Subject: [PATCH 3/3] add infosec email --- README.md | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index d4635eba..22043455 100644 --- a/README.md +++ b/README.md @@ -78,5 +78,10 @@ To create a Docker image: make docker ``` -# Questions/Comments? -Please [open an issue](https://github.com/solarwinds/rkubelog/issues/new), we'd love to hear from you. As a SolarWinds Project, it is supported in a best-effort fashion. \ No newline at end of file +# Feedback + +Please [open an issue](https://github.com/solarwinds/rkubelog/issues/new), we'd love to hear from you. As a SolarWinds Project, it is supported in a best-effort fashion. + +# Security + +If you have identified a security vulnerability, please send an email to infosec@solarwinds.com (monitored 24/7). Please do not open a public issue. \ No newline at end of file