brandon/oam
1
0
Fork 0
mirror of https://gitea.com/mcereda/oam.git synced 2026-02-09 05:44:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore(kb/loki): review and expand

Browse Source
This commit is contained in:
Michele Cereda
2025-05-10 23:29:14 +02:00
parent 181a25a78d
commit 3c3eccd7c3
3 changed files with 71 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.vscode/settings.json vendored
View File

@@ -180,6 +180,7 @@
"hoppscotch", "hoppscotch",
"imager", "imager",
"ingester", "ingester",
"ingesters",
"istio", "istio",
"istioctl", "istioctl",
"jdupes", "jdupes",

50
knowledge base/logging.md
View File

@@ -2,46 +2,40 @@
> TODO > TODO
Intro Recording of events or actions.
<!-- Remove this line to uncomment if used <!-- Remove this line to uncomment if used
## Table of contents <!-- omit in toc --> ## Table of contents <!-- omit in toc -->
1. [TL;DR](#tldr) 1. [TL;DR](#tldr)
1. [Level](#level)
1. [Further readings](#further-readings) 1. [Further readings](#further-readings)
1. [Sources](#sources) 1. [Sources](#sources)
## TL;DR ## TL;DR
<!-- Uncomment if used Usually composed at least by:
<details>
<summary>Setup</summary>
```sh - Timestamp.
``` - Level (A.K.A. Severity).
- Message.
- Other metadata.
</details> Long term storage is frequently cause of concern.<br/>
--> Analysis and search is extremely difficult and computationally expensive at scale.<br/>
Locality and standardization are often issues, with each application storing their own logs in their own format on their
own files in different locations. Finding a way to bring all those into a central location for analysis is one of the
goals of aggregation solutions.
<!-- Uncomment if used ## Level
<details>
<summary>Usage</summary>
```sh | Level | Summary |
``` | ----------- | -------------------------------------------------------------------------------------------------- |
| Debug | **Detailed** contextual information used during development or for troubleshooting |
</details> | Information | Normal, expected events |
--> | Warning | Situations that are unexpected but not errors; can potentially lead to problems if ignored |
| Error | Issues that need immediate attention, but might not require termination of operations |
<!-- Uncomment if used | Critical | Failures or events that require immediate and decisive attention, where operations cannot continue |
<details>
<summary>Real world use cases</summary>
```sh
```
</details>
-->
## Further readings ## Further readings
@@ -52,6 +46,8 @@ Intro
### Sources ### Sources
- [Distributed logging for Microservices] - [Distributed logging for Microservices]
- [Intro to Logging | Zero to Hero: Loki | Grafana]
- [Structure of Logs (Part 1) | Zero to Hero: Loki | Grafana]
<!-- <!--
Reference Reference
@@ -69,3 +65,5 @@ Intro
<!-- Upstream --> <!-- Upstream -->
<!-- Others --> <!-- Others -->
[distributed logging for microservices]: https://www.geeksforgeeks.org/distributed-logging-for-microservices/ [distributed logging for microservices]: https://www.geeksforgeeks.org/distributed-logging-for-microservices/
[Intro to Logging | Zero to Hero: Loki | Grafana]: https://www.youtube.com/watch?v=TLnH7efQNd0
[Structure of Logs (Part 1) | Zero to Hero: Loki | Grafana]: https://www.youtube.com/watch?v=cnhnoFz6xu0

62
knowledge base/loki.md
View File

@@ -1,7 +1,11 @@
# Grafana Loki # Grafana Loki
Horizontally scalable, highly available, multi-tenant log aggregation system inspired by Prometheus and designed to be Log aggregation system.
very cost-effective and easy to operate.
Inspired by Prometheus<br/>
Designed to be cost-effective and easy to operate.
Horizontally scalable, highly available, multi-tenant
1. [TL;DR](#tldr) 1. [TL;DR](#tldr)
1. [Components](#components) 1. [Components](#components)
@@ -13,7 +17,7 @@ very cost-effective and easy to operate.
1. [Index gateway](#index-gateway) 1. [Index gateway](#index-gateway)
1. [Compactor](#compactor) 1. [Compactor](#compactor)
1. [Ruler](#ruler) 1. [Ruler](#ruler)
1. [Clients](#clients) 1. [Logs ingestion](#logs-ingestion)
1. [Logstash](#logstash) 1. [Logstash](#logstash)
1. [OpenTelemetry](#opentelemetry) 1. [OpenTelemetry](#opentelemetry)
1. [Labels](#labels) 1. [Labels](#labels)
@@ -29,22 +33,38 @@ very cost-effective and easy to operate.
## TL;DR ## TL;DR
It indexes **a set of labels** for each log stream instead of the full logs' contents.<br/> Loki does **not** require specific formats in input, but does require log entries to have at least one label.
The log data itself is compressed after indexing, and stored into _chunks_ on the local filesystem or in configured
object storage solutions.
Can be executed in (either-or): Loki works differently from stores like ElasticSearch.<br/>
For one, Loki indexes log streams **by their labels**, and not by the logs' full contents. This allows for smaller
indexes and higher parallelization, but prevents full text searches.<br/>
It then compresses the entries' data, and stores it as _chunks_ on the local file system or in configured object storage
solutions.
- _single binary_ mode, where all its components run simultaneously in a single process. Loki is built from a set of different components that work together as a set of microservices.<br/>
- _simple scalable deployment_ mode, which groups components into _read_, _write_, and _backend_ parts. Those can be executed in one of 3 different modes:
- _microservices mode_, which runs every component by itself in multiple, different processes.
Files, in Loki, can be _index_es or _chunk_s.<br/> - **Single Binary**.<br/>
Indexes are tables of contents, in TSDB format, of where to find logs for specific sets of labels.<br/> All components run simultaneously in and from a single process.<br/>
Suggested for testing, and ingesting up to a few GB of logs daily.
- **Simple Scalable Deployment**.<br/>
Multiple processes run components in groups, namely _read_, _write_, and _backend_ parts.<br/>
Suggested when ingesting from a few GB up to a few TB of logs daily.
- **Microservices**.<br/>
Multiple processes run each a single component.<br/>
Designed to be executed in Kubernetes clusters.
Data is stored in 2 main file types: _index_es, or _chunk_s.<br/>
Indexes define where to find logs for specific sets of labels.<br/>
Chunks are containers for log entries that are assigned specific sets of labels. Chunks are containers for log entries that are assigned specific sets of labels.
Loki does **not** collect logs itself.<br/> Loki does **not** collect logs itself.<br/>
It needs _agents_, or other logs producers, to collect and push logs to its _ingesters_. It needs _agents_, _collectors_, or other logs producers to push entries to it. They recommend using Grafana Alloy.
The _distributors_ receive and check the logs, then forward them to one or more _ingesters_ to ensure proper storage.
The _query frontend_, _query schedulers_, and _queriers_ organize and execute user queries against indexed data.<br/>
Loki uses LogQL for such user queries. One can also query logs from the CLI by using LogCLI.
<details> <details>
<summary>Setup</summary> <summary>Setup</summary>
@@ -73,8 +93,8 @@ The default configuration file **for package-based installations** is located at
`/etc/loki/loki.yaml`.<br/> `/etc/loki/loki.yaml`.<br/>
The docker image tries using `/etc/loki/local-config.yml` by default (as per the image's `COMMAND` setting). The docker image tries using `/etc/loki/local-config.yml` by default (as per the image's `COMMAND` setting).
Some settings are currently **not** reachable via direct CLI flags (e.g. `schema_configs`, `storage_config.aws.*`).<br/> Some settings are currently **not** reachable via direct CLI flags (e.g. `schema_configs`, `storage_config.aws.*`), and
Use a configuration file for those. as such _require_ one to use a configuration file.
<details style="padding: 0 0 1em 1em;"> <details style="padding: 0 0 1em 1em;">
<summary>Disable reporting</summary> <summary>Disable reporting</summary>
@@ -300,10 +320,18 @@ and caching offered by the query frontend.
Multiple rulers will use a consistent hash ring to distribute rule groups amongst available ruler instances. Multiple rulers will use a consistent hash ring to distribute rule groups amongst available ruler instances.
## Clients ## Logs ingestion
Refer [Send log data to Loki]. Refer [Send log data to Loki].
Logs are pushed to Loki via the `/api/v1/push` HTTP API endpoint as logproto or JSON payloads.<br/>
The distributors receive and validate the received requests, then forward the data to one or more ingesters.<br/>
Ingesters prepare and write the data into storage.
Loki stores logs as streams of log entries, all in the same format regardless of the format they were when ingested.
Indexes come in the form of labels, distinguishing log streams from one another.
### Logstash ### Logstash
Loki provides the `logstash-output-loki` Logstash output plugin to enable shipping logs to a Loki or Grafana Cloud Loki provides the `logstash-output-loki` Logstash output plugin to enable shipping logs to a Loki or Grafana Cloud
@@ -609,6 +637,7 @@ analytics:
- [How to Set Up Grafana, Loki, and Prometheus Locally with Docker Compose: Part 1 of 3] - [How to Set Up Grafana, Loki, and Prometheus Locally with Docker Compose: Part 1 of 3]
- [Deploying Grafana, Loki, and Prometheus on AWS ECS with EFS and Cloud Formation (Part 3 of 3)] - [Deploying Grafana, Loki, and Prometheus on AWS ECS with EFS and Cloud Formation (Part 3 of 3)]
- [AWS deployment (S3 Single Store)] - [AWS deployment (S3 Single Store)]
- [Zero to Hero: Loki] video playlist
<!-- <!--
Reference Reference
@@ -649,6 +678,7 @@ analytics:
[Understand labels]: https://grafana.com/docs/loki/latest/get-started/labels/ [Understand labels]: https://grafana.com/docs/loki/latest/get-started/labels/
[website]: https://grafana.com/oss/loki/ [website]: https://grafana.com/oss/loki/
[What is structured metadata]: https://grafana.com/docs/loki/latest/get-started/labels/structured-metadata/ [What is structured metadata]: https://grafana.com/docs/loki/latest/get-started/labels/structured-metadata/
[Zero to Hero: Loki]: https://www.youtube.com/playlist?list=PLDGkOdUX1Ujr9QOsM--ogwJAYu6JD48W7
<!-- Others --> <!-- Others -->
[deploying grafana, loki, and prometheus on aws ecs with efs and cloud formation (part 3 of 3)]: https://medium.com/@ahmadbilalch891/deploying-grafana-loki-and-prometheus-on-aws-ecs-with-efs-and-cloud-formation-part-3-of-3-24140ea8ccfb [deploying grafana, loki, and prometheus on aws ecs with efs and cloud formation (part 3 of 3)]: https://medium.com/@ahmadbilalch891/deploying-grafana-loki-and-prometheus-on-aws-ecs-with-efs-and-cloud-formation-part-3-of-3-24140ea8ccfb