Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Graduation review for Fluentd #69

Merged
merged 8 commits into from Apr 11, 2019
Merged

Conversation

edsiper
Copy link
Contributor

@edsiper edsiper commented Nov 16, 2017

No description provided.

Signed-off-by: Eduardo Silva <eduardo@treasure-data.com>
@lukaszgryglicki
Copy link
Member

@lukaszgryglicki
Copy link
Member

lukaszgryglicki commented Jan 17, 2018

New affiliations will be on prod today, ETA about 1-3 hours from now.

@lukaszgryglicki
Copy link
Member

K8s, Prometheus, OpenTracing, Fluentd is finished on prod, remaining (linkerd, gRPC, CoreDNS, containerd) are WIP ATM, but will be ready soon.
You can use fluentd.devstats.cncf.io now, it contains newest affiliations data.

Signed-off-by: Eduardo Silva <eduardo@treasure-data.com>
@edsiper
Copy link
Contributor Author

edsiper commented Aug 14, 2018

UPDATE

Fluentd graduation request has been updated:

  • add docker hub download stats
  • add companies using in production at scale
  • update maintainers list

cc: @bgrant0607 @caniszczyk

@ghost
Copy link

ghost commented Aug 14, 2018

Could you please provide a brief update on the incubation criteria, and provide some color in cases where metrics are stable or have declined relative to 18 months ago. I'm thinking specifically of the following:

  • Healthy number of committers
  • Substantial ongoing flow of commits and merged contributions

... where superficially it looks like metrics may have declined. Clearly this might correlate with transitioning towards maintenance mode, but there may be other explanations worth clarifying.


### Understanding Fluentd and it Ecosystem

Fluentd have a different ecosystem model that other projects, it's composed by a small and stable code base and most of the functionalities are available through plugins which can be: inputs, filters, parsers, buffers and outputs.
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: than other projects

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fixed, thanks.

Signed-off-by: Eduardo Silva <eduardo@treasure-data.com>
Signed-off-by: Eduardo Silva <eduardo@treasure-data.com>
@edsiper
Copy link
Contributor Author

edsiper commented Aug 15, 2018

@quinton-hoole thanks for the feedback.

I've added a new section called Progress since joining CNCF as an incubation project on December 2016 with some insights.

About contributors to Fluentd and it ecosystem please refer to the following dashboard that documents the contribution in the last quarter:

https://fluentd.devstats.cncf.io/d/7/contributing-companies?orgId=1&var-period=q&var-repogroup_name=All

@edsiper
Copy link
Contributor Author

edsiper commented Aug 17, 2018

Hi ToC & CNCF (cc: @caniszczyk @dankohn)

thanks for your time reviewing and providing feedback on this proposal. All your public/private suggestions have been considered and are reflected in the latest changes on this pull request.

Fluentd team would like to ask for an official voting process in the next ToC meeting (August 21th). We appreciate your consideration.

@caniszczyk
Copy link
Contributor

@edsiper I put it on the docket for the @cncf/toc to review at tomorrow's meeting on whether to vote or request more information.

Thanks for updating the proposal.

@ghost
Copy link

ghost commented Aug 21, 2018

@edsiper Thanks, but the dashboard you linked to shows a 50% decline in contributing companies between March 2017 and June 2018. Similarly a drop in developer of around 25% between Mar 2018 and June 2018. I would like you to explain why that is so.

https://fluentd.devstats.cncf.io/d/7/contributing-companies?orgId=1&var-period=q&var-repogroup_name=All

@edsiper
Copy link
Contributor Author

edsiper commented Aug 21, 2018

@quinton-hoole thanks for pointing that. Honestly we don't have a reason for the why, note that is visible only on Fluentd core, it's hard to know. But what we see is the continue creation and update of extensions/plugins made by the community (other companies and individuals) plus adoption.

@ghost
Copy link

ghost commented Aug 21, 2018

Thanks @edsiper , that makes sense. Please add a short note to that effect in the PR for completeness.

Signed-off-by: Eduardo Silva <eduardo@treasure-data.com>
@edsiper
Copy link
Contributor Author

edsiper commented Aug 21, 2018

@quinton-hoole done, note added at bottom of Understanding Fluentd and it Ecosystem section. thanks again.

@ghost
Copy link

ghost commented Aug 22, 2018

Perfect, thanks.

@caniszczyk
Copy link
Contributor

Just giving the @cncf/toc and folks an update on this, the trademark/legal dance took longer than expected on this but we will be moving forward soon with a vote on this.

@caniszczyk caniszczyk added this to In progress (due diligence) in TOC Project Backlog Oct 10, 2018
@quinton-hoole
Copy link
Contributor

Does fluentd have any official statements regarding security?

I've found a few third-party blogs like the one below, but have not been able to find any statements around security in the official fluentd documentation?

https://banzaicloud.com/blog/k8s-logging-tls/

See also #145

I tried checking the CII report for Fluentd, but unfortunately their web site is currently down:

https://bestpractices.coreinfrastructure.org/projects/1189

Any help in understanding fluentd's stance wrt secure logging would be appreciated.

Signed-off-by: Eduardo Silva <eduardo@treasure-data.com>
@edsiper
Copy link
Contributor Author

edsiper commented Nov 13, 2018

@quinton-hoole

From a security context and due to the nature of the tool, Fluentd cares about security when delivering the logs over the network offering optional TLS, but note this is optional and users decide when to enable it if the output plugin support that mode (e.g: Elasticsearch users sometimes uses HTTP and others HTTPs)

We are currently scheduling a security audit for Fluentd and this is being handled by CNCF, our initial meeting should be shortly.

Signed-off-by: Eduardo Silva <eduardo@treasure-data.com>
@edsiper
Copy link
Contributor Author

edsiper commented Jan 17, 2019

@bgrant0607
Copy link
Contributor

@caniszczyk caniszczyk moved this from In progress (due diligence) to TOC Approved (sponsors/voting) in TOC Project Backlog Feb 5, 2019
Signed-off-by: Eduardo Silva <eduardo@treasure-data.com>
@edsiper
Copy link
Contributor Author

edsiper commented Mar 25, 2019

update Fluentd Graduation document has been updated with current statistics

@caniszczyk caniszczyk merged commit 9bf74c0 into cncf:master Apr 11, 2019
@caniszczyk
Copy link
Contributor

congrats on graduating :)

@caniszczyk caniszczyk moved this from TOC Approved (sponsors/voting) to Done in TOC Project Backlog Apr 11, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
No open projects
Development

Successfully merging this pull request may close these issues.

None yet

6 participants