johanels/akvorado
1
0
Fork 0
mirror of https://github.com/akvorado/akvorado.git synced 2025-12-11 22:14:02 +01:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
3,906 Commits 83 Branches 70 Tags
2783bdea19ec204dbef2ac1af6b5e627e9b7c273
Commit Graph

183 Commits

Author SHA1 Message Date
Vincent Bernat
f9eee6f509 conntrackfixer: removal of the service
Some checks failed
CI / 🤖 Check dependabot status (push) Has been cancelled
Details
CI / 🐧 Test on Linux (${{ github.ref_type == 'tag' }}, misc) (push) Has been cancelled
Details
CI / 🐧 Test on Linux (coverage) (push) Has been cancelled
Details
CI / 🐧 Test on Linux (regular) (push) Has been cancelled
Details
CI / ❄️ Build on Nix (push) Has been cancelled
Details
CI / 🍏 Build and test on macOS (push) Has been cancelled
Details
CI / 🧪 End-to-end testing (push) Has been cancelled
Details
CI / 🔍 Upload code coverage (push) Has been cancelled
Details
CI / 🔬 Test only Go (push) Has been cancelled
Details
CI / 🔬 Test only JS (${{ needs.dependabot.outputs.package-ecosystem }}, 20) (push) Has been cancelled
Details
CI / 🔬 Test only JS (${{ needs.dependabot.outputs.package-ecosystem }}, 22) (push) Has been cancelled
Details
CI / 🔬 Test only JS (${{ needs.dependabot.outputs.package-ecosystem }}, 24) (push) Has been cancelled
Details
CI / ⚖️ Check licenses (push) Has been cancelled
Details
CI / 🐋 Build Docker images (push) Has been cancelled
Details
CI / 🐋 Tag Docker images (push) Has been cancelled
Details
CI / 🚀 Publish release (push) Has been cancelled
Details
Update Nix dependency hashes / Update dependency hashes (push) Has been cancelled
Details 
This is not needed anymore since Docker Engine v23. This version is
unmaintained since May 2025 (not that old).

See:
- https://github.com/moby/moby/pull/44752
- https://github.com/moby/moby/pull/44742

Fix #2153 (in a way)
 2025-12-08 15:05:56 +01:00
Vincent Bernat
820802ebe4 docker: add a bogus docker/.env file 
This prevents running `docker compose` from the `docker` directory as it
leads to an incomplete setup.
 2025-12-06 11:13:01 +01:00
Vincent Bernat
00e4578d17 build: switch to Node 22 
Node 20 is still supported. The idea is to use the same version of Node
as in Debian Unstable, since that's what I usually test.
 2025-11-28 23:48:39 +01:00
Vincent Bernat
bd37c1d553 common/httpserver: listen on an abstract Unix socket 
And make healthcheck command use it by default. This makes the
healthcheck command works whatever port the user has configured for the
HTTP service.
 2025-11-24 11:29:45 +01:00
Vincent Bernat
75922e6300 docker: restart geoip container on reboot 
When no restart policy is provided, the container won't be automatically
be restarted on boot, unlike the other containers.

Fix #2110
 2025-11-20 22:45:33 +01:00
Vincent Bernat
08b86db25d docker: ensure cleaner contexts for Docker builds
Some checks failed
CI / 🤖 Check dependabot status (push) Has been cancelled
Details
CI / 🐧 Test on Linux (${{ github.ref_type == 'tag' }}, misc) (push) Has been cancelled
Details
CI / 🐧 Test on Linux (coverage) (push) Has been cancelled
Details
CI / 🐧 Test on Linux (regular) (push) Has been cancelled
Details
CI / ❄️ Build on Nix (push) Has been cancelled
Details
CI / 🍏 Build and test on macOS (push) Has been cancelled
Details
CI / 🧪 End-to-end testing (push) Has been cancelled
Details
CI / 🔍 Upload code coverage (push) Has been cancelled
Details
CI / 🔬 Test only Go (push) Has been cancelled
Details
CI / 🔬 Test only JS (${{ needs.dependabot.outputs.package-ecosystem }}, 20) (push) Has been cancelled
Details
CI / 🔬 Test only JS (${{ needs.dependabot.outputs.package-ecosystem }}, 22) (push) Has been cancelled
Details
CI / 🔬 Test only JS (${{ needs.dependabot.outputs.package-ecosystem }}, 24) (push) Has been cancelled
Details
CI / ⚖️ Check licenses (push) Has been cancelled
Details
CI / 🐋 Build Docker images (push) Has been cancelled
Details
CI / 🐋 Tag Docker images (push) Has been cancelled
Details
CI / 🚀 Publish release (push) Has been cancelled
Details
Build IPinfo geoipupdate image / Build Docker images (push) Has been cancelled
Details
Update Nix dependency hashes / Update dependency hashes (push) Has been cancelled
Details 
`make docker` builds the context from a tarball. We don't use git
archive as we want to allow local modifications without committing them.
This is not unlike nix work.

For the other Docker files, use a tailored `.dockerignore`:

 - dev, ignore everything except bin/akvorado
 - ipinfo-geoipupdate, ignore everything except the update script
 - nix, let nix handle it from the Git repository
 2025-11-19 20:41:47 +01:00
Vincent Bernat
39e3287136 docker: update Kafbat to 1.4.2 2025-11-19 06:28:57 +01:00
Vincent Bernat
a072ad38e0 docker: update Kafka to 4.1.1
Some checks failed
CI / 🤖 Check dependabot status (push) Has been cancelled
Details
CI / 🐧 Test on Linux (${{ github.ref_type == 'tag' }}, misc) (push) Has been cancelled
Details
CI / 🐧 Test on Linux (coverage) (push) Has been cancelled
Details
CI / 🐧 Test on Linux (regular) (push) Has been cancelled
Details
CI / ❄️ Build on Nix (push) Has been cancelled
Details
CI / 🍏 Build and test on macOS (push) Has been cancelled
Details
CI / 🧪 End-to-end testing (push) Has been cancelled
Details
CI / 🔍 Upload code coverage (push) Has been cancelled
Details
CI / 🔬 Test only Go (push) Has been cancelled
Details
CI / 🔬 Test only JS (${{ needs.dependabot.outputs.package-ecosystem }}, 20) (push) Has been cancelled
Details
CI / 🔬 Test only JS (${{ needs.dependabot.outputs.package-ecosystem }}, 22) (push) Has been cancelled
Details
CI / 🔬 Test only JS (${{ needs.dependabot.outputs.package-ecosystem }}, 24) (push) Has been cancelled
Details
CI / ⚖️ Check licenses (push) Has been cancelled
Details
CI / 🐋 Build Docker images (push) Has been cancelled
Details
CI / 🐋 Tag Docker images (push) Has been cancelled
Details
CI / 🚀 Publish release (push) Has been cancelled
Details
2025-11-19 06:27:05 +01:00
Vincent Bernat
cb92fc7199 outlet/flow: persist decoders' state 
Currently, for NetFlow, persist data/options templates and options. This
should allow the outlet to restart without loosing any message.

Fix #2100
 2025-11-18 21:13:51 +01:00
Vincent Bernat
2b056ff843 docker: add a stop grace period for outlet 
We are not in a hurry and it may flush data to ClickHouse.
 2025-11-17 21:54:45 +01:00
Vincent Bernat
9982a0ae90 docker: update Traefik to 3.6.1 
Fix #2095
 2025-11-13 20:07:24 +01:00
Vincent Bernat
65b6bedfc5 docker: do not enable eBPF by default :( 
It requires Linux 5.8+ and this may trigger some support request for
little gain.
 2025-10-29 04:22:09 +01:00
Vincent Bernat
44381916ed docker: add snippet for older kernels to CAP_SYS_ADMIN for inlet 
CAP_BPF was introduced in Linux 5.8.
 2025-10-28 10:12:34 +01:00
Vincent Bernat
1fdf0c3f9f inlet/flow: use eBPF for per-packet load-balancing of incoming flows 
By default, the 5-tuple is used to load balance flows. Exporters with
many flows are bound to a specific worker. Use eBPF to do a per-packet
load-balancing.

Currently, this is done randomly, but we will use a percpu counter in
the next commit. This will make the test easier too, maybe?

This should also enable graceful restart but not with the current
Docker Compose setup, we would need to use mode host or spawn a new one
in the same network namespace than the old one. This does not look like
very complex:

- spawn a new inlet in the same network namespace, but listening to a
  different HTTP port
- stop the previous inlet
- spawn a new inlet in the same network namespace
- stop the previous inlet

Alternatively, we could use SO_REUSEPORT for the HTTP socket too!
 2025-10-28 09:45:51 +01:00
Vincent Bernat
3a6ba16a2e console/authentication: template logout and avatar URLs if not provided
Some checks failed
CI / 🤖 Check dependabot status (push) Has been cancelled
Details
CI / 🐧 Test on Linux (${{ github.ref_type == 'tag' }}, misc) (push) Has been cancelled
Details
CI / 🐧 Test on Linux (coverage) (push) Has been cancelled
Details
CI / 🐧 Test on Linux (regular) (push) Has been cancelled
Details
CI / ❄️ Build on Nix (push) Has been cancelled
Details
CI / 🍏 Build and test on macOS (push) Has been cancelled
Details
CI / 🧪 End-to-end testing (push) Has been cancelled
Details
CI / 🔍 Upload code coverage (push) Has been cancelled
Details
CI / 🔬 Test only Go (push) Has been cancelled
Details
CI / 🔬 Test only JS (${{ needs.dependabot.outputs.package-ecosystem }}, 20) (push) Has been cancelled
Details
CI / 🔬 Test only JS (${{ needs.dependabot.outputs.package-ecosystem }}, 22) (push) Has been cancelled
Details
CI / 🔬 Test only JS (${{ needs.dependabot.outputs.package-ecosystem }}, 24) (push) Has been cancelled
Details
CI / ⚖️ Check licenses (push) Has been cancelled
Details
CI / 🐋 Build Docker images (push) Has been cancelled
Details
CI / 🐋 Tag Docker images (push) Has been cancelled
Details
CI / 🚀 Publish release (push) Has been cancelled
Details
2025-10-19 15:54:07 +02:00
Vincent Bernat
d59562d348 docker: another example to enable SSO 2025-10-19 12:57:56 +02:00
Vincent Bernat
9c6856c88e docker: fix version scheme for Vector 2025-10-16 02:57:59 +02:00
Vincent Bernat
1a106303d9 docker: update vector 2025-10-14 06:58:24 +02:00
Vincent Bernat
afb9e0d60e docker: add an example on how to configure SSO 
This is not really tested. The initial plan was to provide a demo with
Authelia, but the hard requirement on TLS makes it a bit difficult to
provide something that works out-of-the-box.

See also #1969, which is using a proxy instead.
 2025-10-06 08:22:58 +02:00
Vincent Bernat
65de0b16f3 config: stop shipping demo exporter configurations from orchestrator 
This pollutes the configuration. We can just ask the demo exporters to
read directly their configuration files.
 2025-10-05 10:13:37 +02:00
Vincent Bernat
d5b0f99fb3 docker: upgrade some test images 2025-09-20 08:59:37 +02:00
Vincent Bernat
9acdb537e7 docker: upgrade Loki 2025-09-20 08:40:53 +02:00
Vincent Bernat
82958eee8e docker: provide a snippet to unset default database configuration 2025-09-16 22:29:15 +02:00
Vincent Bernat
5fedf43ee2 docker: remove copying mime.types in final container 
It's present in distroless since more than a month.
 2025-09-14 20:28:16 +02:00
Vincent Bernat
b920a369ed docker: rename console-auth-headers middleware to console-auth 
The idea is that we could replace it with an authenticating
middleware (like OAuth2 Proxy).
 2025-09-14 14:43:52 +02:00
Vincent Bernat
3807e2ac1e docker: update Kafka and Loki 2025-09-06 21:33:58 +02:00
Vincent Bernat
fa9904af8c docker: fix metric collection for loki and demo exporters 2025-09-06 19:50:06 +02:00
Vincent Bernat
d3cffe290d docker: fix healthcheck for vector 2025-09-06 19:50:06 +02:00
Vincent Bernat
ba96f130a8 docker: fix vector configuration for Grafana logs 2025-09-06 19:50:06 +02:00
Vincent Bernat
529a8f69be docker: use profiles to optionally enable Prometheus, Loki and Grafana 
This is used for demo, it makes sense to also do that for the other
components. This helps test one of the component temporarily, for
example during the e2e tests.
 2025-09-06 19:50:06 +02:00
Vincent Bernat
ec9380289e docker: fix broken /metrics endpoint for inlet 
Add some tests in e2e.
 2025-09-03 08:06:46 +02:00
Vincent Bernat
b1d6382585 common/embed: replace all go:embed use by an embedded archive 
Some of the files were quite big:

- asns.csv ~ 3 MB
- index.js ~ 1.5 MB
- *.svg ~ 2 MB

Use a ZIP archive to put them all and embed it. This reduce the binary
size from 89 MB to 82 MB. 🤯

This also pulls some code modernization (use of http.ServeFileFS).
 2025-09-03 00:00:05 +02:00
Vincent Bernat
d102e5f20e docker: delete unused JMX-related files 
We don't use JMX anymore to monitor Kafka.
 2025-09-02 23:38:27 +02:00
Vincent Bernat
bee9a5de67 docker: enable HTTP compression for Traefik 
Also disable healthcheck. It triggers spurious errors (which eventually
get fixed).
 2025-09-02 19:47:02 +02:00
Vincent Bernat
871fc59814 docs: make it even easier to hack on the console 
We add a parameter to disable the healthcheck, making the console
available quickly.
 2025-08-31 15:59:41 +02:00
Vincent Bernat
e41bae008b docs: make it a bit simpler to hack Akvorado 
Add ability to enable the demo flows just with a profile instead of
modifying .env. Add more instructions on how to use Docker Compose and
how to hack on the console.
 2025-08-31 15:46:14 +02:00
Vincent Bernat
378c1f5e0a docker: add logs for ClickHouse 2025-08-31 10:14:16 +02:00
Vincent Bernat
413f923dcc docker: update ClickHouse to 25.8 2025-08-30 23:46:17 +02:00
Vincent Bernat
d8e5a27364 docker: make Prometheus keep metrics 1 month 2025-08-30 22:54:26 +02:00
Vincent Bernat
14aa8ff3cc docker: make logs in Loki expire 2025-08-30 22:51:32 +02:00
Vincent Bernat
94fb1c6483 build: accept building with a not up-to-date toolchain 
While I was relunctant to let Go download the right toolchain if we
didn't have one, this makes everything simpler. The Go version is now
fully controlled by `go.mod`. It also a nice for people wanting to build
on older distributions.

For Nix, GOTOOLCHAIN is set to local, so we rely on `go_latest` being
up-to-date enough. But they are usually quite fast to update, so it
should be OK.
 2025-08-30 19:14:59 +02:00
Vincent Bernat
1ce435efde console/frontend: add a link to GitHub on the documentation page 
This is only when branding is explicitely enabled. Now, that
akvorado.net does not redirect to GitHub anymore...
 2025-08-30 17:03:23 +02:00
Vincent Bernat
17dad7088f docker: accept several domains for TLS_DOMAIN 
And pass everything as SANs. Internally, the first one will be used for
the main domain.
 2025-08-30 15:42:45 +02:00
Vincent Bernat
6ef6454f8c docker: add healthcheck for Traefik 2025-08-30 13:29:54 +02:00
Vincent Bernat
0339a87891 docker: fix missing quote in Vector tests 2025-08-30 10:02:17 +02:00
Vincent Bernat
84a6da3b8a docker: remove unused Alloy configuration for Loki 2025-08-30 07:25:57 +02:00
Vincent Bernat
91cd91f3f8 docker: factor a bit log level normalization 2025-08-30 07:25:57 +02:00
Vincent Bernat
95e2011d0c docker: replace Alloy by Vector for parsing logs 
Alloy does not allow to turn the parsed metadata into actual metadata,
without enumerating each of them. Also, Vector is far more versatile.
And you can put unittests!

Also, parse more logs. Everything should be there, except ClickHouse.

Fix #1907
 2025-08-30 00:07:26 +02:00
Vincent Bernat
45ab047c80 config: also listen to 4739 for IPFIX 
This is the port defined in RFC 7011.
 2025-08-29 08:12:30 +02:00
Vincent Bernat
a50c47a723 docker: send alloy and loki logs to Loki 
Alloy is severely limited in this aspect. Maybe we should switch to
Vector instead.
 2025-08-29 07:19:18 +02:00