kentik/orangeflow

By kentik

Updated over 3 years ago

AWS VPC Flows to Kentik.

Image
0

846

This image sends flow logs from the AWS Cloud platform into Kentik.

To learn more about this, see:

Flags exposed by the binary:

Usage of ./bin/orangeflow:
  -api_email string
    	Kentik Email Address
  -api_root string
    	API url prefix. If not set, defaults to https://api.kentik.com (default "https://api.kentik.com")
  -archive_bucket string
    	If set, archive flows here.
  -bucket_name string
    	Bucket to find VPC flow logs in.
  -company_id int
    	Kentik Company ID to use for devices
  -dest string
    	Address to send flow to. If not set, defaults to https://flow.kentik.com (default "https://flow.kentik.com")
  -disable_tagging
    	Turn off the tagging engine if set.
  -export_id int
    	Kentik export id
  -healthcheck string
    	Bind to this interface to allow healthchecks
  -log_level string
    	Logging Level (default "debug")
  -metalisten string
    	HTTP port to bind on (default "localhost:0")
  -metrics string
    	Metrics Configuration. none|syslog|stderr|graphite:127.0.0.1:2003 (default "syslog")
  -olly_dataset string
    	Olly dataset name
  -olly_write_key string
    	Olly dataset name
  -plan_id int
    	Kentik Plan ID to use for devices
  -redis string
    	host:port string on which to connect to redis
  -redis_db int
    	Redis DB to use
  -region string
    	Region to look for flow in (default "us-east")
  -sample_rate int
    	Sampling rate to use. 1 -> 1:1 sampling, 2 -> 1:2 sampling and so on. (default 1)
  -service_name string
    	Service identifier (default "orangeflow")
  -shard_follower
    	If true, this process is a sharding follower.
  -shard_leader
    	If true, this process is a sharding leader.
  -site_id int
    	Kentik Site ID to use for devices
  -stdout
    	Log to stdout (default true)
  -v	Show version and build information

This requires the following variables to be set:

  • AWS_IAM_ROLE_ARN
  • IAM role to assume for this code.
  • BUCKET_NAME
  • Bucket name to look in.
  • REGION
  • Region to run in.
  • KENTIK_API_TOKEN
  • Token for Kentik's API.
  • KENTIK_EMAIL
  • Email address associated with this token.
  • KENTIK_PLAN_ID
  • Kentik billing plan ID to store flow under.
  • KENTIK_EXPORT_ID
  • Kentik cloud export ID to store flow under.
  • KENTIK_COMPANY_ID
  • Kentik customer ID to store flow under.

To run, a basic example is:

docker run             \
       -d              \
       --name orangeflow \
       -p 8083:8083 \
       -e AWS_IAM_ROLE_ARN=$AWS_IAM_ROLE_ARN \
       -e KENTIK_API_TOKEN=$KENTIK_API_TOKEN \
kentik/orangeflow:v1                                             \
       --bucket_name=$BUCKET_NAME \
       --log_level=debug           \
       --region=$REGION \
       --api_email=$KENTIK_EMAIL \
       --plan_id=$KENTIK_PLAN \
       --export_id=$KENTIK_EXPORT_ID \
       --company_id=$KENTIK_COMPANY_ID 

Verify that this is working and get some useful stats with

curl 127.0.0.1:8083/service/info | jq '.'

Docker Pull Command

docker pull kentik/orangeflow