[Filebeat] Refactor AWS S3 input with workers #27199
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
botelastic
bot
added
the
needs_team
This changes the AWS S3 input to allow it to process more SQS messages in parallel
by having workers that are fully utilized while there are SQS message to process.
The previous design processed SQS messages in batches ranging from 1 to 10 in size.
It waited until all messages were processed before requesting more. This left some
workers idle toward the the end of processing the batch. This also limited the maximum
number of messages processed in parallel to 10 because that is the largest request
size allowed by SQS.
The refactored input uses ephemeral goroutines as workers to process SQS messages. It
receives as many SQS messages as there are free workers. The total number of workers
is controlled by `max_number_of_messages` (same as before but without an upper limit).
Other changes
Prevent poison pill messages
When an S3 object processing error occurs the SQS message is returned to the after
the visibility timeout expires. This allows it to be reprocessed again or moved to
the SQS dead letter queue (if configured). But if no dead letter queue policy is
configured and the error is permanent (reprocessing won't fix it) then the message
would continuosly be reprocessed. On error the input will now check the
`ApproximateReceiveCount` attribute of the SQS message and delete it if it exceeds
the configured maximum retries.
Removal of api_timeout from S3 GetObject calls
The `api_timeout` has been removed from the S3 `GetObject` call. This limited the
maximum amount of time for processing the object since the response body is processed
as a stream while the request is open. Requests can still timeout in the server due
to inactivity.
Improved debug logs
The log messages have been enriched with more data about the related SQS message and
S3 object. For example the SQS `message_id`, `s3_bucket`, and `s3_object` are
included in some messages.
`DEBUG [aws-s3.sqs_s3_event] awss3/s3.go:127 End S3 object processing. {"id": "test_id", "queue_url": "https://sqs.us-east-1.amazonaws.com/144492464627/filebeat-s3-integtest-lxlmx6", "message_id": "a11de9f9-0a68-4c4e-a09d-979b87602958", "s3_bucket": "filebeat-s3-integtest-lxlmx6", "s3_object": "events-array.json", "elapsed_time_ns": 23262327}`
Increased test coverage
The refactored input has about 88% test coverage.
The specific AWS API methods used by the input were turned into interfaces to allow
for easier testing. The unit tests mock the AWS interfaces.
The parts of the input were separted into three components listed below. There's a defined
interface for each to allow for mock testing there too. To test the interactions between
these components go-mock is used to generate mocks and then assert the expectations.
1. The SQS receiver. (sqs.go)
2. The S3 Notification Event handler. (sqs_s3_event.go)
3. The S3 Object reader. (s3.go)
Terraform setup for integration test
Setup for executing the integration tests is now handled by Terraform.
See _meta/terraform/README.md for instructions.
Benchmark test
I added a benchmark that tests the input in isolation with mocked SQS and S3 responeses.
It uses a 7KB cloudtrail json.gz file containing about 60 messages for its input.
This removes any variability related to the network, but also means these do not reflect
real-work rates. They can be used to measure the effect of future changes.
+-------------------+--------------------+------------------+--------------------+------+
| MAX MSGS INFLIGHT | EVENTS PER SEC | S3 BYTES PER SEC | TIME (SEC) | CPUS |
+-------------------+--------------------+------------------+--------------------+------+
| 1 | 23019.782175720782 | 3.0 MB | 1.257266458 | 12 |
| 2 | 36237.53174269319 | 4.8 MB | 1.158798571 | 12 |
| 4 | 56456.84532752983 | 7.5 MB | 1.138285351 | 12 |
| 8 | 90485.15755430676 | 12 MB | 1.117244007 | 12 |
| 16 | 103853.8984324643 | 14 MB | 1.165541225 | 12 |
| 32 | 110380.28141417276 | 15 MB | 1.110814345 | 12 |
| 64 | 116074.13735061679 | 15 MB | 1.408100062 | 12 |
| 128 | 114854.80273666105 | 15 MB | 1.5331357140000001 | 12 |
| 256 | 118767.73924992209 | 16 MB | 2.041783413 | 12 |
| 512 | 122933.1033660647 | 16 MB | 1.255463303 | 12 |
| 1024 | 124222.51861746894 | 17 MB | 1.505765638 | 12 |
+-------------------+--------------------+------------------+--------------------+------+
Relates elastic#25750
Docs update
andrewkroh
force-pushed
the
feature/fb/aws-s3-refactor
branch
from
2776dfd to
d9e2eb3
Compare
andrewkroh
added
Team:Integrations
botelastic
bot
removed
the
needs_team
|
Pinging @elastic/integrations (Team:Integrations) |
|
Pinging @elastic/security-external-integrations (Team:Security-External Integrations) |
💚 Build Succeeded
Expand to view the summary
Build stats
Test stats 🧪
Trends 🧪💚 Flaky test reportTests succeeded. Expand to view the summary
Test stats 🧪
|
legoguy1000
reviewed
Aug 2, 2021
|
LGTM |
exekias
reviewed
Aug 5, 2021
Comment on lines
+34
to
+35
| cd x-pack/filebeat/inputs/awss3 | ||
| go test -tags aws,integration -run TestInputRun -v . |
There was a problem hiding this comment.
@kaiyan-sheng would this work with our existing AWS ci integration? that would be great.
There was a problem hiding this comment.
I think we have the aws tests run weekly right now in the CI and this would work. @v1v Do you know if this is easy to add?
There was a problem hiding this comment.
The AWS tests run on a weekly basis, as you said, and it runs the commands defined in:
beats/x-pack/metricbeat/Jenkinsfile.yml
Lines 35 to 47 in d898533
mage build test runs in the folder x-pack/metricbeat so, if the above-mentioned command is part of the mage then it should work.
There was a problem hiding this comment.
the test requires applying a terraform file (and destroying it at the end):
https://github.com/elastic/beats/blob/master/x-pack/filebeat/input/awss3/_meta/terraform/README.md#usage
will this happen?
There was a problem hiding this comment.
btw, shouldn't be the file https://github.com/elastic/beats/blob/master/x-pack/filebeat/Jenkinsfile.yml?
aspacca
reviewed
Aug 5, 2021
Comment on lines
+236
to
+237
| acker := newEventACKTracker(ctx) | ||
| defer acker.Wait() |
There was a problem hiding this comment.
actually one doubt here: do we really want to wait for all the events to be acked for the worker to shutdown?
There was a problem hiding this comment.
Yes. S3 event notifications for ObjectCreated sometimes contain information for more than object. This function returns after all the events generated from each of those objects (usually it's just 1 object) has been ACKed. Then the caller of this function can stop updating the SQS visibility timeout for this one SQS message and decide based on whether an error occurred while processing the S3 object if it should delete the SQS message or try to process it again.
There was a problem hiding this comment.
Yes, I understand the reason for waiting in the PR, but I was wondering if we should wait for ACK for actually handling the SQS message.
The current implementation doesn't have this: in theory ACK could be blocked for a certain amount of time (network issue reaching elasticsearch, for example), filebeat queue should be able to later catch up. While here we will block starting new workers if I got it right.
There was a problem hiding this comment.
The reason for waiting until all ACKs are received before deleting the SQS message (and freeing the worker) is that the queued events are non-persistent by default. If we delete the SQS message before receiving all ACKs then Filebeat is vulnerable to data loss if the process is killed before the queue is emptied (events are ACKed).
By waiting until all ACKs are received we ensure that another instance of Filebeat will process the same message again if this process is killed before all events are ACKed.
There was a problem hiding this comment.
I agree we should not delete the SQS message before receiving all ACKs, but by making the worker wait for the ACKs we prevent it from filling the Filebeat queue in cases of backpressure. If the ACK wait / keepalive / delete message handling was done somewhere else (in a goroutine) that would free the worker for keep processing other SQS messages and filling the queue.
There was a problem hiding this comment.
We could write it that way.
The current implementation is derived from having a single tuning knob of max_number_of_messages that controls the number of inflight messages. If we change the model then we'd add another option that controls the number of workers independently of the max_number_of_messages.
I'm hesitant to change it now without doing some testing to see if that is actually a problem. I think that if you size the max_number_of_messages parameter appropriately based on the files you're processing and your queue.mem.events size then you should be able to keep the internal memory queue full in this model without much of a problem.
andrewkroh
commented
Aug 5, 2021
|
|
||
| ctrl, ctx := gomock.WithContext(ctx, t) | ||
| defer ctrl.Finish() | ||
| mockS3Pager := newMockS3Pager(ctrl, 1, fakeObjects) |
There was a problem hiding this comment.
@aspacca I updated the S3 interface to account for your need to call ListObjects. I included a helper to mock the S3 pagination calls for your tests.
leehinman
approved these changes
Aug 5, 2021
aspacca
reviewed
Aug 10, 2021
|
/test |
aspacca
reviewed
Aug 11, 2021
|
LGTM please, @andrewkroh , could you wait for #27126 to be merged and adapt any needed changes in your PR? E2E tests failure should be fixed if you merge latest master |
aspacca
approved these changes
Aug 11, 2021
|
Sure, I'll wait for that and then fix any merge conflicts. |
kaiyan-sheng
approved these changes
Aug 11, 2021
There was a problem hiding this comment.
Thank you @andrewkroh for this enhancement. Should filebeat.reference.yml also get updated in the aws-s3 input section? Other than that, everything looks good.
|
I'll add the two new settings to filebeat.reference.yml when I do the merge for #27126.
|
…ats into feature/fb/aws-s3-refactor
mergify bot
pushed a commit
that referenced
this pull request
Aug 12, 2021
* Refactor AWS S3 input with workers
This changes the AWS S3 input to allow it to process more SQS messages in parallel
by having workers that are fully utilized while there are SQS message to process.
The previous design processed SQS messages in batches ranging from 1 to 10 in size.
It waited until all messages were processed before requesting more. This left some
workers idle toward the the end of processing the batch. This also limited the maximum
number of messages processed in parallel to 10 because that is the largest request
size allowed by SQS.
The refactored input uses ephemeral goroutines as workers to process SQS messages. It
receives as many SQS messages as there are free workers. The total number of workers
is controlled by `max_number_of_messages` (same as before but without an upper limit).
Other changes
Prevent poison pill messages
When an S3 object processing error occurs the SQS message is returned to the after
the visibility timeout expires. This allows it to be reprocessed again or moved to
the SQS dead letter queue (if configured). But if no dead letter queue policy is
configured and the error is permanent (reprocessing won't fix it) then the message
would continuosly be reprocessed. On error the input will now check the
`ApproximateReceiveCount` attribute of the SQS message and delete it if it exceeds
the configured maximum retries.
Removal of api_timeout from S3 GetObject calls
The `api_timeout` has been removed from the S3 `GetObject` call. This limited the
maximum amount of time for processing the object since the response body is processed
as a stream while the request is open. Requests can still timeout in the server due
to inactivity.
Improved debug logs
The log messages have been enriched with more data about the related SQS message and
S3 object. For example the SQS `message_id`, `s3_bucket`, and `s3_object` are
included in some messages.
`DEBUG [aws-s3.sqs_s3_event] awss3/s3.go:127 End S3 object processing. {"id": "test_id", "queue_url": "https://sqs.us-east-1.amazonaws.com/144492464627/filebeat-s3-integtest-lxlmx6", "message_id": "a11de9f9-0a68-4c4e-a09d-979b87602958", "s3_bucket": "filebeat-s3-integtest-lxlmx6", "s3_object": "events-array.json", "elapsed_time_ns": 23262327}`
Increased test coverage
The refactored input has about 88% test coverage.
The specific AWS API methods used by the input were turned into interfaces to allow
for easier testing. The unit tests mock the AWS interfaces.
The parts of the input were separted into three components listed below. There's a defined
interface for each to allow for mock testing there too. To test the interactions between
these components go-mock is used to generate mocks and then assert the expectations.
1. The SQS receiver. (sqs.go)
2. The S3 Notification Event handler. (sqs_s3_event.go)
3. The S3 Object reader. (s3.go)
Terraform setup for integration test
Setup for executing the integration tests is now handled by Terraform.
See _meta/terraform/README.md for instructions.
Benchmark test
I added a benchmark that tests the input in isolation with mocked SQS and S3 responeses.
It uses a 7KB cloudtrail json.gz file containing about 60 messages for its input.
This removes any variability related to the network, but also means these do not reflect
real-work rates. They can be used to measure the effect of future changes.
+-------------------+--------------------+------------------+--------------------+------+
| MAX MSGS INFLIGHT | EVENTS PER SEC | S3 BYTES PER SEC | TIME (SEC) | CPUS |
+-------------------+--------------------+------------------+--------------------+------+
| 1 | 23019.782175720782 | 3.0 MB | 1.257266458 | 12 |
| 2 | 36237.53174269319 | 4.8 MB | 1.158798571 | 12 |
| 4 | 56456.84532752983 | 7.5 MB | 1.138285351 | 12 |
| 8 | 90485.15755430676 | 12 MB | 1.117244007 | 12 |
| 16 | 103853.8984324643 | 14 MB | 1.165541225 | 12 |
| 32 | 110380.28141417276 | 15 MB | 1.110814345 | 12 |
| 64 | 116074.13735061679 | 15 MB | 1.408100062 | 12 |
| 128 | 114854.80273666105 | 15 MB | 1.5331357140000001 | 12 |
| 256 | 118767.73924992209 | 16 MB | 2.041783413 | 12 |
| 512 | 122933.1033660647 | 16 MB | 1.255463303 | 12 |
| 1024 | 124222.51861746894 | 17 MB | 1.505765638 | 12 |
+-------------------+--------------------+------------------+--------------------+------+
Relates #25750
* Use InitializeAWSConfig
* Add s3Lister interface for mocking pagination of S3 ListObjects calls
* Add new config parameters to reference.yml
* Optimize uploading b/c it was slow in aws v2 sdk
(cherry picked from commit 7c76158)
# Conflicts:
# x-pack/filebeat/input/awss3/collector.go
# x-pack/filebeat/input/awss3/collector_test.go
andrewkroh
added a commit
that referenced
this pull request
Aug 13, 2021
* Refactor AWS S3 input with workers
This changes the AWS S3 input to allow it to process more SQS messages in parallel
by having workers that are fully utilized while there are SQS message to process.
The previous design processed SQS messages in batches ranging from 1 to 10 in size.
It waited until all messages were processed before requesting more. This left some
workers idle toward the the end of processing the batch. This also limited the maximum
number of messages processed in parallel to 10 because that is the largest request
size allowed by SQS.
The refactored input uses ephemeral goroutines as workers to process SQS messages. It
receives as many SQS messages as there are free workers. The total number of workers
is controlled by `max_number_of_messages` (same as before but without an upper limit).
Other changes
Prevent poison pill messages
When an S3 object processing error occurs the SQS message is returned to the after
the visibility timeout expires. This allows it to be reprocessed again or moved to
the SQS dead letter queue (if configured). But if no dead letter queue policy is
configured and the error is permanent (reprocessing won't fix it) then the message
would continuosly be reprocessed. On error the input will now check the
`ApproximateReceiveCount` attribute of the SQS message and delete it if it exceeds
the configured maximum retries.
Removal of api_timeout from S3 GetObject calls
The `api_timeout` has been removed from the S3 `GetObject` call. This limited the
maximum amount of time for processing the object since the response body is processed
as a stream while the request is open. Requests can still timeout in the server due
to inactivity.
Improved debug logs
The log messages have been enriched with more data about the related SQS message and
S3 object. For example the SQS `message_id`, `s3_bucket`, and `s3_object` are
included in some messages.
`DEBUG [aws-s3.sqs_s3_event] awss3/s3.go:127 End S3 object processing. {"id": "test_id", "queue_url": "https://sqs.us-east-1.amazonaws.com/144492464627/filebeat-s3-integtest-lxlmx6", "message_id": "a11de9f9-0a68-4c4e-a09d-979b87602958", "s3_bucket": "filebeat-s3-integtest-lxlmx6", "s3_object": "events-array.json", "elapsed_time_ns": 23262327}`
Increased test coverage
The refactored input has about 88% test coverage.
The specific AWS API methods used by the input were turned into interfaces to allow
for easier testing. The unit tests mock the AWS interfaces.
The parts of the input were separted into three components listed below. There's a defined
interface for each to allow for mock testing there too. To test the interactions between
these components go-mock is used to generate mocks and then assert the expectations.
1. The SQS receiver. (sqs.go)
2. The S3 Notification Event handler. (sqs_s3_event.go)
3. The S3 Object reader. (s3.go)
Terraform setup for integration test
Setup for executing the integration tests is now handled by Terraform.
See _meta/terraform/README.md for instructions.
Benchmark test
I added a benchmark that tests the input in isolation with mocked SQS and S3 responeses.
It uses a 7KB cloudtrail json.gz file containing about 60 messages for its input.
This removes any variability related to the network, but also means these do not reflect
real-work rates. They can be used to measure the effect of future changes.
+-------------------+--------------------+------------------+--------------------+------+
| MAX MSGS INFLIGHT | EVENTS PER SEC | S3 BYTES PER SEC | TIME (SEC) | CPUS |
+-------------------+--------------------+------------------+--------------------+------+
| 1 | 23019.782175720782 | 3.0 MB | 1.257266458 | 12 |
| 2 | 36237.53174269319 | 4.8 MB | 1.158798571 | 12 |
| 4 | 56456.84532752983 | 7.5 MB | 1.138285351 | 12 |
| 8 | 90485.15755430676 | 12 MB | 1.117244007 | 12 |
| 16 | 103853.8984324643 | 14 MB | 1.165541225 | 12 |
| 32 | 110380.28141417276 | 15 MB | 1.110814345 | 12 |
| 64 | 116074.13735061679 | 15 MB | 1.408100062 | 12 |
| 128 | 114854.80273666105 | 15 MB | 1.5331357140000001 | 12 |
| 256 | 118767.73924992209 | 16 MB | 2.041783413 | 12 |
| 512 | 122933.1033660647 | 16 MB | 1.255463303 | 12 |
| 1024 | 124222.51861746894 | 17 MB | 1.505765638 | 12 |
+-------------------+--------------------+------------------+--------------------+------+
Relates #25750
* Use InitializeAWSConfig
* Add s3Lister interface for mocking pagination of S3 ListObjects calls
* Add new config parameters to reference.yml
* Optimize uploading b/c it was slow in aws v2 sdk
andrewkroh
added a commit
that referenced
this pull request
Aug 13, 2021
* Refactor AWS S3 input with workers
This changes the AWS S3 input to allow it to process more SQS messages in parallel
by having workers that are fully utilized while there are SQS message to process.
The previous design processed SQS messages in batches ranging from 1 to 10 in size.
It waited until all messages were processed before requesting more. This left some
workers idle toward the the end of processing the batch. This also limited the maximum
number of messages processed in parallel to 10 because that is the largest request
size allowed by SQS.
The refactored input uses ephemeral goroutines as workers to process SQS messages. It
receives as many SQS messages as there are free workers. The total number of workers
is controlled by `max_number_of_messages` (same as before but without an upper limit).
Other changes
Prevent poison pill messages
When an S3 object processing error occurs the SQS message is returned to the after
the visibility timeout expires. This allows it to be reprocessed again or moved to
the SQS dead letter queue (if configured). But if no dead letter queue policy is
configured and the error is permanent (reprocessing won't fix it) then the message
would continuosly be reprocessed. On error the input will now check the
`ApproximateReceiveCount` attribute of the SQS message and delete it if it exceeds
the configured maximum retries.
Removal of api_timeout from S3 GetObject calls
The `api_timeout` has been removed from the S3 `GetObject` call. This limited the
maximum amount of time for processing the object since the response body is processed
as a stream while the request is open. Requests can still timeout in the server due
to inactivity.
Improved debug logs
The log messages have been enriched with more data about the related SQS message and
S3 object. For example the SQS `message_id`, `s3_bucket`, and `s3_object` are
included in some messages.
`DEBUG [aws-s3.sqs_s3_event] awss3/s3.go:127 End S3 object processing. {"id": "test_id", "queue_url": "https://sqs.us-east-1.amazonaws.com/144492464627/filebeat-s3-integtest-lxlmx6", "message_id": "a11de9f9-0a68-4c4e-a09d-979b87602958", "s3_bucket": "filebeat-s3-integtest-lxlmx6", "s3_object": "events-array.json", "elapsed_time_ns": 23262327}`
Increased test coverage
The refactored input has about 88% test coverage.
The specific AWS API methods used by the input were turned into interfaces to allow
for easier testing. The unit tests mock the AWS interfaces.
The parts of the input were separted into three components listed below. There's a defined
interface for each to allow for mock testing there too. To test the interactions between
these components go-mock is used to generate mocks and then assert the expectations.
1. The SQS receiver. (sqs.go)
2. The S3 Notification Event handler. (sqs_s3_event.go)
3. The S3 Object reader. (s3.go)
Terraform setup for integration test
Setup for executing the integration tests is now handled by Terraform.
See _meta/terraform/README.md for instructions.
Benchmark test
I added a benchmark that tests the input in isolation with mocked SQS and S3 responeses.
It uses a 7KB cloudtrail json.gz file containing about 60 messages for its input.
This removes any variability related to the network, but also means these do not reflect
real-work rates. They can be used to measure the effect of future changes.
+-------------------+--------------------+------------------+--------------------+------+
| MAX MSGS INFLIGHT | EVENTS PER SEC | S3 BYTES PER SEC | TIME (SEC) | CPUS |
+-------------------+--------------------+------------------+--------------------+------+
| 1 | 23019.782175720782 | 3.0 MB | 1.257266458 | 12 |
| 2 | 36237.53174269319 | 4.8 MB | 1.158798571 | 12 |
| 4 | 56456.84532752983 | 7.5 MB | 1.138285351 | 12 |
| 8 | 90485.15755430676 | 12 MB | 1.117244007 | 12 |
| 16 | 103853.8984324643 | 14 MB | 1.165541225 | 12 |
| 32 | 110380.28141417276 | 15 MB | 1.110814345 | 12 |
| 64 | 116074.13735061679 | 15 MB | 1.408100062 | 12 |
| 128 | 114854.80273666105 | 15 MB | 1.5331357140000001 | 12 |
| 256 | 118767.73924992209 | 16 MB | 2.041783413 | 12 |
| 512 | 122933.1033660647 | 16 MB | 1.255463303 | 12 |
| 1024 | 124222.51861746894 | 17 MB | 1.505765638 | 12 |
+-------------------+--------------------+------------------+--------------------+------+
Relates #25750
* Use InitializeAWSConfig
* Add s3Lister interface for mocking pagination of S3 ListObjects calls
* Add new config parameters to reference.yml
* Optimize uploading b/c it was slow in aws v2 sdk
Co-authored-by: Andrew Kroh <andrew.kroh@elastic.co>
This was referenced Aug 18, 2021
3 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What does this PR do?
This changes the AWS S3 input to allow it to process more SQS messages in parallel
by having workers that are fully utilized while there are SQS message to process.
The previous design processed SQS messages in batches ranging from 1 to 10 in size.
It waited until all messages were processed before requesting more. This left some
workers idle toward the end of processing the batch (as seen in the monitoring metrics
below). This also limited the maximum number of messages processed in parallel to
10 because that is the largest request size allowed by SQS.
The refactored input uses ephemeral goroutines as workers to process SQS messages. It
receives as many SQS messages as there are free workers. The total number of workers
is controlled by
max_number_of_messages(same as before but without an upper limit).Other changes
Prevent poison pill messages
When an S3 object processing error occurs the SQS message is returned to the after
the visibility timeout expires. This allows it to be reprocessed again or moved to
the SQS dead letter queue (if configured). But if no dead letter queue policy is
configured and the error is permanent (reprocessing won't fix it) then the message
would continuosly be reprocessed. On error the input will now check the
ApproximateReceiveCountattribute of the SQS message and delete it if it exceedsthe configured maximum retries.
Removal of api_timeout from S3 GetObject calls
The
api_timeouthas been removed from the S3GetObjectcall. This limited themaximum amount of time for processing the object since the response body is processed
as a stream while the request is open. Requests can still timeout in the server due
to inactivity.
Improved debug logs
The log messages have been enriched with more data about the related SQS message and
S3 object. For example the SQS
message_id,s3_bucket, ands3_objectareincluded in some messages.
DEBUG [aws-s3.sqs_s3_event] awss3/s3.go:127 End S3 object processing. {"id": "test_id", "queue_url": "https://sqs.us-east-1.amazonaws.com/144492464627/filebeat-s3-integtest-lxlmx6", "message_id": "a11de9f9-0a68-4c4e-a09d-979b87602958", "s3_bucket": "filebeat-s3-integtest-lxlmx6", "s3_object": "events-array.json", "elapsed_time_ns": 23262327}Increased test coverage
The refactored input has about 88% test coverage.
The specific AWS API methods used by the input were turned into interfaces to allow
for easier testing. The unit tests mock the AWS interfaces.
The parts of the input were separted into three components listed below. There's a defined
interface for each to allow for mock testing there too. To test the interactions between
these components go-mock is used to generate mocks and then assert the expectations.
Terraform setup for integration test
Setup for executing the integration tests is now handled by Terraform.
See _meta/terraform/README.md for instructions.
Benchmark test
I added a benchmark that tests the input in isolation with mocked SQS and S3 responeses.
It uses a 7KB cloudtrail json.gz file containing about 60 messages for its input.
This removes any variability related to the network, but also means these do not reflect
real-work rates. They can be used to measure the effect of future changes.
Relates #25750
Why is it important?
This enabled easier vertical scaling of Filebeat aws-s3 input and helps it better utilize the CPU that's available.
Checklist
CHANGELOG.next.asciidocorCHANGELOG-developer.next.asciidoc.Author's Checklist
Related issues