The module lifecycle stage: Preview
The module has requirements for installation
The observability module provides access control mechanisms for cluster-level and project-level logs.
To store and access logs in a cluster, make sure to enable loki and log-shipper modules.
Depending on the scope, two types of logs are distinguished:
| Scope | Description |
|---|---|
| Cluster level | Logs related to cluster components and system namespaces whose names match the d8-* and kube-* patterns. |
| Project level | Logs related to resources of a specific project based on the value of the namespace label. Access to these logs is limited to the corresponding project. |
Available logs exploration modes:
-
System data exploration: Available to DKP administrators in the Deckhouse web UI under “System” → “System management” → “Monitoring” → “Data exploration”. Select ‘default-logs’ data source. This section provides access to system namespaces logs.
-
Project data exploration: Available to DKP project users in the Deckhouse web UI in the corresponding project under “Monitoring” → “Data exploration”. Select ‘default-logs’ data source. In this section, queries are limited to logs related to the current project (within its namespace).
Project log collection and delivery
Below is an example of a basic DKP configuration where logs from pods within a project are sent to Loki storage.
For more information about the DKP log collection and delivery system, see Log collection and delivery.
To configure it, follow these steps:
-
Enable the
log-shipperandlokimodules by running the following commands:d8 system module enable log-shipper d8 system module enable loki -
Create a PodLoggingConfig resource that defines log collection rules for the project.
This resource lets you configure log collection from pods in the specified namespace and, if needed, define additional log processing rules before delivery.
In this example, logs from all pods in the project are collected and sent to Loki:
apiVersion: deckhouse.io/v1alpha1 kind: PodLoggingConfig metadata: name: namespace-logs namespace: project-namespace spec: clusterDestinationRefs: - d8-loki -
Create a ClusterLogDestination resourcethat defines the log delivery settings for Loki.
This resource lets you specify the storage connection parameters, buffering settings, and additional labels to apply to logs before sending them.
In this example, Loki is used as the destination storage:
apiVersion: deckhouse.io/v1alpha1 kind: ClusterLogDestination metadata: name: loki-storage spec: type: Loki loki: endpoint: http://192.168.1.1:3100