Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: add OTLP/Traces output support #613

Merged
merged 13 commits into from
Feb 6, 2024
Merged

Commits on Feb 5, 2024

  1. feat: add OTLP/Traces output support

    Add OTLP/Traces output support, using stable OTEL golang SDK.
    
    Folding Falco events into traces allows them to be represented as "hierarchical" views.
    Using a TraceID taken from `container.id` (or Kubernetes labels down to `k8s.pod.name` if present), all Falco events will be "rooted" under the container where it occurred, enabling a tree~ish view of these.
    
    It's implemented alongside other outputs (`outputs/otlp.go`), using existing configuration approach (YAML config and/or environment vars), excerpt from `config_example.yaml` changes:
    
    ```yaml
    otlp:
      traces:
        # endpoint: "" # OTLP endpoint in the form of http://{domain or ip}:4318/v1/traces
        # protocol: "" # OTLP protocol http/json, http/protobuf, grpc (default: "" which uses SDK default: http/json)
        # timeout: "" # OTLP timeout: timeout value in milliseconds (default: "" which uses SDK default: 10000)
        # headers: "" # OTLP headers: list of headers to apply to all outgoing traces in the form of "some-key=some-value,other-key=other-value" (default: "")
        # synced: false # Set to true if you want traces to be sent synchronously (default: false)
        # duration: 1000 # Artificial span duration in milliseconds (default: 1000)
        # extraenvvars: # Extra env vars (override the other settings)
          # OTEL_EXPORTER_OTLP_TRACES_TIMEOUT: 10000
          # OTEL_EXPORTER_OTLP_TIMEOUT: 10000
    ```
    
    As the implementation uses upstream golang OTEL SDK, all OTEL environment
    variables [can also be used](https://opentelemetry.io/docs/concepts/sdk-configuration/otlp-exporter-configuration/), namely
    * OTEL_EXPORTER_OTLP_HEADERS, OTEL_EXPORTER_OTLP_TRACES_HEADERS
    * OTEL_EXPORTER_OTLP_TIMEOUT, OTEL_EXPORTER_OTLP_TRACES_TIMEOUT
    * OTEL_EXPORTER_OTLP_PROTOCOL, OTEL_EXPORTER_OTLP_TRACES_PROTOCOL
    
    See [otlp_traces.md](./docs/outputs/otlp_traces.md) for more details,
    including a `docker_compose.yaml` to stage a whole stack (falco,
    falcosidekick, Grafana Tempo and Grafana visualization).
    
    This PR idea and 1st draft was originally crafted during a hackathon at
    @grafana Labs, together with @mostafa and @petewall.
    
    --
    Signed-off-by: JuanJo Ciarlante <juanjosec@gmail.com>
    jjo committed Feb 5, 2024
    Configuration menu
    Copy the full SHA
    d462c5d View commit details
    Browse the repository at this point in the history
  2. Update config_example.yaml

    fix `key: value` in config_example.yaml
    
    Co-authored-by: Thomas Labarussias <issif+github@gadz.org>
    Signed-off-by: JuanJo Ciarlante <juanjosec@gmail.com>
    jjo and Issif committed Feb 5, 2024
    Configuration menu
    Copy the full SHA
    ed59731 View commit details
    Browse the repository at this point in the history
  3. Update types/types.go

    Co-authored-by: Thomas Labarussias <issif+github@gadz.org>
    Signed-off-by: JuanJo Ciarlante <juanjosec@gmail.com>
    jjo and Issif committed Feb 5, 2024
    Configuration menu
    Copy the full SHA
    dd78c57 View commit details
    Browse the repository at this point in the history
  4. Update outputs/otlp.go

    Co-authored-by: Thomas Labarussias <issif+github@gadz.org>
    Signed-off-by: JuanJo Ciarlante <juanjosec@gmail.com>
    jjo and Issif committed Feb 5, 2024
    Configuration menu
    Copy the full SHA
    1aaed16 View commit details
    Browse the repository at this point in the history
  5. Update outputs/otlp.go

    Co-authored-by: Thomas Labarussias <issif+github@gadz.org>
    Signed-off-by: JuanJo Ciarlante <juanjosec@gmail.com>
    jjo and Issif committed Feb 5, 2024
    Configuration menu
    Copy the full SHA
    8fe9a5f View commit details
    Browse the repository at this point in the history
  6. address more @Issif feedback (cleanup)

    Signed-off-by: JuanJo Ciarlante <juanjosec@gmail.com>
    jjo committed Feb 5, 2024
    Configuration menu
    Copy the full SHA
    1a2b17d View commit details
    Browse the repository at this point in the history
  7. use go 1.20 (fix CI), fix NewClient() call to use new `types.InitClie…

    …ntArgs`
    
    Signed-off-by: JuanJo Ciarlante <juanjosec@gmail.com>
    jjo committed Feb 5, 2024
    Configuration menu
    Copy the full SHA
    9e4a081 View commit details
    Browse the repository at this point in the history
  8. add screenshots from running whole OTLP stack (under docker-compose, …

    …as documented)
    
    Signed-off-by: JuanJo Ciarlante <juanjosec@gmail.com>
    jjo committed Feb 5, 2024
    Configuration menu
    Copy the full SHA
    9353d05 View commit details
    Browse the repository at this point in the history
  9. remove wrongly added local files

    Signed-off-by: JuanJo Ciarlante <juanjosec@gmail.com>
    jjo committed Feb 5, 2024
    Configuration menu
    Copy the full SHA
    b283312 View commit details
    Browse the repository at this point in the history
  10. clarify the un-need to parse OTLP.Traces.Headers field

    Signed-off-by: JuanJo Ciarlante <juanjosec@gmail.com>
    jjo committed Feb 5, 2024
    Configuration menu
    Copy the full SHA
    53e50cc View commit details
    Browse the repository at this point in the history
  11. fix outputs/otlp_test.go for NewClient() using types.InitClientArgs

    Signed-off-by: JuanJo Ciarlante <juanjosec@gmail.com>
    jjo committed Feb 5, 2024
    Configuration menu
    Copy the full SHA
    d2ade1a View commit details
    Browse the repository at this point in the history

Commits on Feb 6, 2024

  1. CI: fix linting

    Signed-off-by: JuanJo Ciarlante <juanjosec@gmail.com>
    jjo committed Feb 6, 2024
    Configuration menu
    Copy the full SHA
    367f3a6 View commit details
    Browse the repository at this point in the history
  2. go mod tidy (using go1.20.13)

    Signed-off-by: JuanJo Ciarlante <juanjosec@gmail.com>
    jjo committed Feb 6, 2024
    Configuration menu
    Copy the full SHA
    c753a13 View commit details
    Browse the repository at this point in the history