-
Notifications
You must be signed in to change notification settings - Fork 16
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Make Agents DaemonSet optional #116
Comments
Thanks for asking about the agents. I've already started working on code that uses the agents to perform log search and in the future the agents will also be used for notifications and other features that I think will be really useful. They're designed to be extremely light weight (typically <15MB memory and negligible CPU) so personally I think the trade off is worth it but I understand your concern. Would agents be helpful to you if they enabled search and other advanced features? |
I can imagine this is an amazing feature for most users and yourself. For myself, I want to have a "dead simple log viewer for my pods," sort of a replacement for kubectl logs, which kubetail was up to version 0.7. By simple, I also mean a minimal number of pods (max. 2 for redundancy) and being able to be run without any privileges. With Network Policies, this becomes a minimal attack surface and has minimal resource overhead. Mounting host folders for logs violates that and introducing an additional DaemonSet. I could imagine something like a config option |
Thanks for the details. For your use case, why not use |
I'm still thinking about how to implement this so we can support it in the future. For now, I added an experimental and undocumented feature to enable/disable agents to the helm chart. After upgrading to 0.7.3 you can set helm repo update
helm upgrade kubetail kubetail/kubetail --namespace=kubetail --set kubetail.agent.enabled=false When agents are disabled, the columns that expect data from the agents won't update but the rest of the app should work normally. |
My apologies for the late response.
In short, kubectl logs works for these use-cases, but I became quite fond of kubetail. Mainly due to the UX. It runs behind some Authenticated Proxy (in my current Lab cluster that is NGINX with oauth2-proxy). From time to time I fall back to kubectl, but kubetail actually became my default.
For my use-case this would totally suffice. Keeping the DaemonSet out and obviously losing the new functionality. |
No worries, thanks for the details. Great to hear you like the UX! I'll keep thinking about how to solve this and get back to you. |
@dihmandrake I created a cli tool that runs the app locally in "simple" mode using only your Kubernetes API. You can download it for your platform from the release page here: https://github.com/kubetail-org/kubetail/releases/tag/0.8.0-rc1 After downloading it, make it executable and then run the "serve" subcommand: mv kubetail-darwin-arm64 kubetail
chmod u+x kubetail
./kubetail serve Please try it out and let me know what you think! Although the "advanced" cluster-side installation will still be available via helm, I'm thinking of making this the default entry point for kubetail. |
Quick update, you can also install it with homebrew now: brew install kubetail-org/tap/kubetail |
@amorey I finally had some time to test the version and changes - my apologies it took so long. Anyways, I am now running the latest version via helm (0.7.4) with the agent mode disabled and some other small tweaks. It works perfectly for my use-case. For completeness, I am running kubetail fully in the cluster behind an authenticated gateway. Locally isn't one of my use-cases, but I see that it could come in handy for others. |
I just noticed that kubetail is having some issues with being unable to read EndpointSlices (they were introduced for the agents if I recall correctly):
Also, it appears the browser fails to establish a WebSocket connection (noticed via Chrome Devtools). Henceforth, it appears the log streaming is broken, but I cannot validate it. Both are non issues for me and since I am bit short on time to investigate this. I would kindly ask you to decide if you would like to keep this issue open or close it @amorey Edit: Correction: WebSocket issue is gone. Probably related to NGINX or other gateways in between. My apologies for blaming Kubetail |
Ok, thanks for letting me know. I'll take a look and get a bugfix out asap. |
For my small dev env it is only a UX decision. kubectl needs to be started and authenticated with certificates or others. Guess I am mostly lazy. My cluster gateways have OIDC with users already built in & Chrome is open anyways. Additionally, Kubetail is just easier, prettier and faster. Takes a second vs. 10 seconds Lastly, for any development work VS Code is open most of the time and I use the Kubernetes addon log function. As a side note, I used Kubernetes Dashboard for most of these tasks before, but it exploded in complexity recently (especially the Kong requirement). Hence, I removed it to avoid a bunch of tools, deployments and CRDs, which I do not really need & upgrades become rather painful. Fully off topic, it would be super interesting to expand K8s api server & kubelet and include the information currently collected by the Kubetail agents (log size & last event if I am not mistaken - log search probably too complex). Might be a fun, not sure how cumbersome, project if you ever feel like it. |
The EndpointSlices bug should be fixed in the new helm chart (v0.8.0): helm repo update
helm upgrade kubetail kubetail/kubetail --values /path/to/values.yaml Let me know if you notice any other problems. Thanks for the details about your development workflow! Doing everything through browser UIs makes sense if you already have auth set up on the cluster. We'll see how "simple mode" develops but I think it's a good entry point for new users so I could see it becoming a core feature. |
I was not able to test the new version exhaustively, but from a quick deployment and look around it appears the EndpointSlice logging issue has been resolved. |
Hi everyone,
The newly introduced Agents (DaemonSet) on every node provide additional functionality. I recognize that this might be useful for many people (especially the owner of this repo), but it introduces overhead for clusters with many nodes and might not be required by everyone.
Would it be possible to make the Agent optional and disable the functionality it provides (effectively keeping the behavior of pre-0.7 versions)?
I could imagine a sort of indicator in the UI: "Agents disabled" instead of the last events, etc.
Also, in the Helm Chart, this could be done by setting i.e.
agents.enabled: false
, which defaults totrue
.Would this be something "easily" accomplishable?
The text was updated successfully, but these errors were encountered: