Getting logs from all cluster Pods and sending them to Loki
apiVersion: deckhouse.io/v1alpha1
kind: ClusterLoggingConfig
metadata:
name: all-logs
spec:
type: KubernetesPods
destinationRefs:
- loki-storage
---
apiVersion: deckhouse.io/v1alpha1
kind: ClusterLogDestination
metadata:
name: loki-storage
spec:
type: Loki
loki:
endpoint: http://loki.loki:3100
Reading Pod logs from a specified namespace with a specified label and redirecting to Loki and Elasticsearch
Reading logs from namespace=whispers with label app=booking and storing them into Loki and Elasticsearch:
apiVersion: deckhouse.io/v1alpha1
kind: ClusterLoggingConfig
metadata:
name: whispers-booking-logs
spec:
type: KubernetesPods
kubernetesPods:
namespaceSelector:
matchNames:
- whispers
labelSelector:
matchLabels:
app: booking
destinationRefs:
- loki-storage
- es-storage
---
apiVersion: deckhouse.io/v1alpha1
kind: ClusterLogDestination
metadata:
name: loki-storage
spec:
type: Loki
loki:
endpoint: http://loki.loki:3100
---
apiVersion: deckhouse.io/v1alpha1
kind: ClusterLogDestination
metadata:
name: es-storage
spec:
type: Elasticsearch
elasticsearch:
endpoint: http://192.168.1.1:9200
index: logs-%F
auth:
strategy: Basic
user: elastic
password: c2VjcmV0IC1uCg==
Creating a source in namespace and reading logs of all Pods in that NS with forwarding them to Loki
Namespaced pipeline - reading logs from test-whispers namespace (all Pods):
apiVersion: deckhouse.io/v1alpha1
kind: PodLoggingConfig
metadata:
name: whispers-logs
namespace: tests-whispers
spec:
clusterDestinationRefs:
- loki-storage
---
apiVersion: deckhouse.io/v1alpha1
kind: ClusterLogDestination
metadata:
name: loki-storage
spec:
type: Loki
loki:
endpoint: http://loki.loki:3100
Reading only Pods in the specified namespace and having a certain label
Read logs from Pods with label app=booking in namespace test-whispers:
apiVersion: deckhouse.io/v1alpha1
kind: PodLoggingConfig
metadata:
name: whispers-logs
namespace: tests-whispers
spec:
labelSelector:
matchLabels:
app: booking
clusterDestinationRefs:
- loki-storage
---
apiVersion: deckhouse.io/v1alpha1
kind: ClusterLogDestination
metadata:
name: loki-storage
spec:
type: Loki
loki:
endpoint: http://loki.loki:3100
Migration from Promtail to Log-Shipper
Path /loki/api/v1/push has to be removed from the previously used Loki URL.
Vector will add this PATH automatically during working with Loki destination.
Working with Grafana Cloud
This documentation expects that you have created API key.
Firstly you should encode your token with base64.
echo -n "<YOUR-GRAFANACLOUD-TOKEN>" | base64 -w0
Then you can create ClusterLogDestination
apiVersion: deckhouse.io/v1alpha1
kind: ClusterLogDestination
metadata:
name: loki-storage
spec:
loki:
auth:
password: PFlPVVItR1JBRkFOQUNMT1VELVRPS0VOPg==
strategy: Basic
user: "<YOUR-GRAFANACLOUD-USER>"
endpoint: <YOUR-GRAFANACLOUD-URL> # For example https://logs-prod-us-central1.grafana.net or https://logs-prod-eu-west-0.grafana.net
type: Loki
Now you can create PodLogginConfig or ClusterPodLoggingConfig and send logs to Grafana Cloud.
Adding Loki source to Deckhouse Grafana
You can work with Loki from embeded to deckhouse Grafana. Just add GrafanaAdditionalDatasource
apiVersion: deckhouse.io/v1
kind: GrafanaAdditionalDatasource
metadata:
name: loki
spec:
access: Proxy
basicAuth: false
jsonData:
maxLines: 5000
timeInterval: 30s
type: loki
url: http://loki.loki:3100
Elasticsearch < 6.X usage
For Elasticsearch < 6.0 doc_type indexing should be set. Config should look like this:
---
apiVersion: deckhouse.io/v1alpha1
kind: ClusterLogDestination
metadata:
name: es-storage
spec:
type: Elasticsearch
elasticsearch:
endpoint: http://192.168.1.1:9200
docType: "vector" # Set any string here. It should not start with '_'
auth:
strategy: Basic
user: elastic
password: c2VjcmV0IC1uCg==