From 66d929b7100e5d92731f7f38016383ff2f36a84e Mon Sep 17 00:00:00 2001 From: Wesley Pettit Date: Thu, 21 Nov 2019 23:50:43 -0800 Subject: [PATCH] Add SSM Parameters and new versioning scheme to readme --- README.md | 128 +++++++++++++++++++++++++++++++++++++++++------------- 1 file changed, 98 insertions(+), 30 deletions(-) diff --git a/README.md b/README.md index 5feddb310..9f28f98cc 100644 --- a/README.md +++ b/README.md @@ -1,8 +1,86 @@ ## AWS for Fluent Bit Docker Image +### Versioning FAQ + +The version of the AWS for Fluent Bit image is not linked to the version of Fluent Bit which it contains. + +**What does the version number signify?** + +We use the standard `major.minor.patch` versioning scheme for our image, AKA Semantic Versioning. The initial release with this versioning scheme is `2.0.0`. An update to the patch version indicates backwards compatible bug fixes, a minor version change indicates new backwards compatible functionality, and a major version change indicates backwards incompatible changes. + +The AWS for Fluent Bit image includes the following contents: +* A base linux image (currently Amazon Linux) +* Fluent Bit +* Several Fluent Bit Go Plugins + +A change in any one of these pieces would lead to a change in our version number. + +**What about the 1.x image tags in your repositories?** + +The AWS for Fluent Bit image was launched in July 2019. Between July and October of 2019 we simply versioned the image based on the version of Fluent Bit that it contained. During this time we released `1.2.0`, `1.2.2` and `1.3.2`. + +The old versioning scheme was simple and it made it clear which version of Fluent Bit our image contained. However, it had a serious problem- how could we signify that we had changed the other parts of the image? If we did not update Fluent Bit, but updated one of the plugins, how would we signify this in a new release? There was no answer- we could only release an update when Fluent Bit released a new version. We ultimately realized this was unacceptable- bug fixes or new features in our plugins should not be tied to the Fluent Bit release cadence. + +Thus, we moved to the a new versioning scheme. Because customers already are relying on the `1.x` tags, we have left them in our repositories. The first version with the new scheme is `2.0.0`. From now on we will follow semantic versioning- but the move from `1.3.2` did not follow semantic versioning. There are no backwards incompatible changes between `aws-for-fluent-bit:1.3.2` and `aws-for-fluent-bit:2.0.0`. Our release notes for `2.0.0` clearly explain the change. + +**Does this mean you are diverging from fluent/fluent-bit?** + +No. We continue to consume Fluent Bit from its main repository. We are not forking Fluent Bit. + ### Public Images -There are image tags for `latest` and the version of Fluent Bit that is built in the image. The first release is Fluent Bit `1.2.0`. +Each release updates the `latest` tag and adds a tag for the version of the image. + +#### Using SSM to find available versions + +As of 2.0.0, there are SSM Public Parameters which allow you to see available versions. These parameters are available in every region that the image is available in. Any AWS account can query these parameters. + +To see a list of available version tags, run the following command: + +``` +aws ssm get-parameters-by-path --path /aws/service/aws-for-fluent-bit/ --query 'Parameters[*].Name' +``` + +Example output: + +``` +[ + "/aws/service/aws-for-fluent-bit/latest" + "/aws/service/aws-for-fluent-bit/2.0.0" +] +``` + +To see the ECR repository ID for a given image tag, run the following: + +``` +$ aws ssm get-parameter --name /aws/service/aws-for-fluent-bit/2.0.0 +{ + "Parameter": { + "Name": "/aws/service/aws-for-fluent-bit/2.0.0", + "Type": "String", + "Value": "906394416424.dkr.ecr.us-east-1.amazonaws.com/aws-for-fluent-bit:2.0.0", + "Version": 1, + "LastModifiedDate": 1539908129.759, + "ARN": "arn:aws:ssm:us-west-2::parameter/aws/service/aws-for-fluent-bit/2.0.0" + } +} +``` + +#### Using SSM Parameters in CloudFormation Templates + +You can use these SSM Parameters as parameters in your CloudFormation templates. + +``` +Parameters: + FireLensImage: + Description: Fluent Bit image for the FireLens Container + Type: AWS::SSM::Parameter::Value + Default: /aws/service/aws-for-fluent-bit/latest +``` + +#### Using image tags + +You should lock your deployments to a specific version tag. We guarantee that these tags will be immutable- once they are released the will not change. ##### Docker Hub @@ -10,43 +88,33 @@ There are image tags for `latest` and the version of Fluent Bit that is built in ##### Amazon ECR -We also provide images in Amazon ECR in each AWS Region for high availability. - -| Region | Registry ID | Full Image URI | -|----------------|--------------|-----------------------------------------------------------------------------| -| us-east-1 | 906394416424 | 906394416424.dkr.ecr.us-east-1.amazonaws.com/aws-for-fluent-bit:latest | -| eu-west-1 | 906394416424 | 906394416424.dkr.ecr.eu-west-1.amazonaws.com/aws-for-fluent-bit:latest | -| us-west-1 | 906394416424 | 906394416424.dkr.ecr.us-west-1.amazonaws.com/aws-for-fluent-bit:latest | -| ap-southeast-1 | 906394416424 | 906394416424.dkr.ecr.ap-southeast-1.amazonaws.com/aws-for-fluent-bit:latest | -| ap-northeast-1 | 906394416424 | 906394416424.dkr.ecr.ap-northeast-1.amazonaws.com/aws-for-fluent-bit:latest | -| us-west-2 | 906394416424 | 906394416424.dkr.ecr.us-west-2.amazonaws.com/aws-for-fluent-bit:latest | -| sa-east-1 | 906394416424 | 906394416424.dkr.ecr.sa-east-1.amazonaws.com/aws-for-fluent-bit:latest | -| ap-southeast-2 | 906394416424 | 906394416424.dkr.ecr.ap-southeast-2.amazonaws.com/aws-for-fluent-bit:latest | -| eu-central-1 | 906394416424 | 906394416424.dkr.ecr.eu-central-1.amazonaws.com/aws-for-fluent-bit:latest | -| ap-northeast-2 | 906394416424 | 906394416424.dkr.ecr.ap-northeast-2.amazonaws.com/aws-for-fluent-bit:latest | -| ap-south-1 | 906394416424 | 906394416424.dkr.ecr.ap-south-1.amazonaws.com/aws-for-fluent-bit:latest | -| us-east-2 | 906394416424 | 906394416424.dkr.ecr.us-east-2.amazonaws.com/aws-for-fluent-bit:latest | -| ca-central-1 | 906394416424 | 906394416424.dkr.ecr.ca-central-1.amazonaws.com/aws-for-fluent-bit:latest | -| eu-west-2 | 906394416424 | 906394416424.dkr.ecr.eu-west-2.amazonaws.com/aws-for-fluent-bit:latest | -| eu-west-3 | 906394416424 | 906394416424.dkr.ecr.eu-west-3.amazonaws.com/aws-for-fluent-bit:latest | -| ap-northeast-3 | 906394416424 | 906394416424.dkr.ecr.ap-northeast-3.amazonaws.com/aws-for-fluent-bit:latest | -| eu-north-1 | 906394416424 | 906394416424.dkr.ecr.eu-north-1.amazonaws.com/aws-for-fluent-bit:latest | -| ap-east-1 | 449074385750 | 449074385750.dkr.ecr.ap-east-1.amazonaws.com/aws-for-fluent-bit:latest | -| cn-north-1 | 128054284489 | 128054284489.dkr.ecr.cn-north-1.amazonaws.com/aws-for-fluent-bit:latest | -| cn-northwest-1 | 128054284489 | 128054284489.dkr.ecr.cn-northwest-1.amazonaws.com/aws-for-fluent-bit:latest | -| us-gov-east-1 | 161423150738 | 161423150738.dkr.ecr.us-gov-east-1.amazonaws.com/aws-for-fluent-bit:latest | -| us-gov-west-1 | 161423150738 | 161423150738.dkr.ecr.us-gov-west-1.amazonaws.com/aws-for-fluent-bit:latest | +We also provide images in Amazon ECR for high availability. These images are available in almost every AWS region, included AWS Gov Cloud. + +The official way to find the ECR image URIs for your region is to use the SSM Parameters. In your region, run the following command: + +``` +aws ssm get-parameters-by-path --path /aws/service/aws-for-fluent-bit/ +``` + +### Plugins + +We currently bundle the following projects in this image: +* [amazon-kinesis-firehose-for-fluent-bit](https://github.com/aws/amazon-kinesis-firehose-for-fluent-bit) +* [amazon-cloudwatch-logs-for-fluent-bit](https://github.com/aws/amazon-cloudwatch-logs-for-fluent-bit) +* [amazon-kinesis-streams-for-fluent-bit](https://github.com/aws/amazon-kinesis-streams-for-fluent-bit) ### Development #### Releasing -Use `make release` to build the image. -To run the integration tests, run `make integ-dev`. The `make integ-dev` command will run the integration tests for all of our plugins- +Use `make release` to build the image. +To run the integration tests, run `make integ-dev`. The `make integ-dev` command will run the integration tests for all of our plugins- kinesis streams, and cloudwatch. To run integration tests separately, execute `make integ-cloudwatch` or `make integ-kinesis`. +[Documentation on GitHub steps for releases](Release_Process.md). + #### Developing Features in the AWS Plugins You can build a version of the image with code in your GitHub fork. To do so, you must need to set the following environment variables. @@ -67,7 +135,7 @@ export KINESIS_PLUGIN_BRANCH="Your branch on your fork" ``` Then run `make cloudwatch-dev` or `make kinesis-dev` to build the image with your changes. - + To run the integration tests on your code, execute `make integ-cloudwatch-dev` or `make integ-kinesis-dev`. ## License