Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cleanup hostname from bunyan fields in prod logs #2143

Merged
merged 1 commit into from
Jan 23, 2024
Merged

Cleanup hostname from bunyan fields in prod logs #2143

merged 1 commit into from
Jan 23, 2024

Conversation

sausage-todd
Copy link
Contributor

  • Bunyan, when writing logs in json, always includes hostname as a field
  • Bunyan takes the value for that field from the os (you can check it either in HOSTNAME env variable, or running the hostname command)
  • On kubernetes hostname in a container resolves to the pod name
  • Datadog, when receiving logs, tries to match hostname field to a name of any host it knows about. If hostname field isn't present in logs, it tries to derive it from a kubernetes node, which these logs came from
  • When hostname in logs doesn't match any of the hosts Datadog knows about, Datadog won't assign any extra tags, which those hosts already have
  • This was creating a problem, when we assigned tags such as account:crowd and cluster_name:crowd-kube-production to nodes, which weren't propagating to logs coming from these nodes
  • Without this tag propagation it's impossible to tell which kubernetes cluster the logs came from
  • To fix that, we just make Bunyan to stop populating hostname field in json logs, allowing Datadog to do its magic

Similar issue here: DataDog/datadog-agent#14860

Cleanup hostname from bunyan fields in prod logs
32bf6f5 
- Bunyan, when writing logs in json, always includes `hostname` as a
  field
- Bunyan takes the value for that field from the os (you can check it
  either in `HOSTNAME` env variable, or running the `hostname` command)
- On kubernetes hostname in a container resolves to the pod name
- Datadog, when receiving logs, tries to match `hostname` field to a
  name of any host it knows about. If `hostname` field isn't present in
  logs, it tries to derive it from a kubernetes node, which these logs
  came from
- When `hostname` in logs doesn't match any of the hosts Datadog knows
  about, Datadog won't assign any extra tags, which those hosts already
  have
- This was creating a problem, when we assigned tags such as
  `account:crowd` and `cluster_name:crowd-kube-production` to nodes,
  which weren't propagating to logs coming from these nodes
- Without this tag propagation it's impossible to tell which kubernetes
  cluster the logs came from
- To fix that, we just make Bunyan to stop populating `hostname` field
  in json logs, allowing Datadog to do its magic

Similar issue here: DataDog/datadog-agent#14860
@sausage-todd sausage-todd merged commit 904e2ee into main Jan 23, 2024
8 checks passed
@sausage-todd sausage-todd deleted the fix-datadog-logging branch January 23, 2024 17:40
sausage-todd added a commit that referenced this pull request Jan 23, 2024
@sausage-todd
Cleanup hostname from bunyan fields in prod logs (#2143)
043357f
sausage-todd added a commit that referenced this pull request Feb 1, 2024
@sausage-todd
Cleanup hostname from bunyan fields in prod logs (#2143)
3508b1d
@bbstilson bbstilson mentioned this pull request Sep 19, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@themarolt themarolt themarolt approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@sausage-todd @themarolt