YC K8s KMS NLB ALB Lockbox DNS CL CR
October 7, 2022
Cloud Logging
Это собственное решение для хранения и просмотра логов. Интегрирована с разными решениями. Например, k8s, dataproc, kafka.
export FOLDER=$(yc config get folder-id) yc logging group create \ --folder-id $FOLDER \ --name k8s \ --description "k8s" \ --retention-period=1h \ --async
Здесь мы создаём лог группу для хранения логов из кластера k8s. Период ротации один час.
Запишем тестовую запись в лог группу.
yc logging write \
--group-name=k8s \
--message="My message" \
--timestamp="2022-10-07T16:24:10.000Z" \
--level=INFO \
--json-payload='{"request_id": "1234"}'yc logging read --group-name=k8s --format=json --since "2022-10-07T16:21:10.000Z" --until "2022-10-07T16:25:10.000Z"
[
{
"uid": "2:1270c973:0",
"resource": {},
"timestamp": "2022-10-07T16:24:10Z",
"ingested_at": "2022-10-07T13:23:24.573Z",
"saved_at": "2022-10-07T13:23:25.307679Z",
"level": "INFO",
"message": "My message",
"json_payload": {
"request_id": "1234"
}
}
]yc logging read --group-name=k8s --format=json
yc logging write \
--group-name=k8s \
--message="Cameda" \
--resource-type Kubernetes \
--resource-id cato3s8k1fag8oqlv2rf \
--timestamp="2022-10-07T23:24:10.000Z" \
--level=INFO \
--json-payload='{"request_id": "1234"}'yc logging read --group-name=k8s --format=json --limit 2 yc logging read --group-name=k8s --format=json --resource-types=Kubernetes --since "2022-10-07T23:21:10.000Z" --until "2022-10-07T23:25:10.000Z" yc logging read --group-name=k8s --format=json --levels=INFO --since "2022-10-07T23:21:10.000Z" --until "2022-10-07T23:25:10.000Z" yc logging read --group-name=k8s --format=json --levels=DEBUG
yc logging read --group-name=k8s --format=json --levels=INFO --since "2022-10-07T23:21:10.000Z" --until "2022-10-07T23:25:10.000Z" > /tmp/e23i10vkl1ekklsa0uio.log
yc logging read --group-name=k8s --format json --filter='json_payload.kubernetes.labels.app: "yc-disk-csi-node-v2"' yc logging read --group-name=k8s --format json --filter='level=INFO' --filter='resource_type=Kubernetes' --since "2022-10-07T23:21:10.000Z" --until "2022-10-07T23:25:10.000Z"
"uid": "5:12861991:1",
"resource": {
"type": "kube-system",
"id": "yc-disk-csi-node-v2-t9nvm"
},
"timestamp": "2022-10-07T21:33:33.657089Z",
"ingested_at": "2022-10-07T21:33:34.017Z",
"saved_at": "2022-10-07T21:33:34.720253Z",
"level": "DEBUG",
"message": "2022-10-07T21:33:33.657007649Z stderr F I1007 21:33:33.656907 1 node.go:340] NodeGetVolumeStats(volume_id:\"ef30gc5391a2usf9l479\" volume_path:\"/var/lib/kubelet/pods/c343d5da-91b2-4130-9d33-e01614586955/volumes/kubernetes.io~csi/pvc-f49351c8-f170-4057-bdfb-7fade1029146/mount\" )",
"json_payload": {
"kubernetes": {
"container_hash": "sha256:6dd3637de4fda9092378e0a4defaf1aac941578483b9efc35be89f69c01a14c8",
"container_image": "cr.yandex/crpsjg1coh47p81vh2lc/yc-disk-csi-node:3451564a14",
"container_name": "yc-disk-csi-driver",
"docker_id": "53f73cb9f249295c8190f21d809d25f2c8d1cceb836fcb7c0711fd4c1e20d29b",
"host": "cl1n0nosftbqt0s7gocp-ufeg",
"labels": {
"app": "yc-disk-csi-node-v2",
"controller-revision-hash": "94dd5cf6f",
"pod-template-generation": "1"
},
"namespace_name": "kube-system",
"pod_id": "c27b3428-dabe-4d07-9663-776eff95cb30",
"pod_name": "yc-disk-csi-node-v2-t9nvm"Просмотр информации о лог группе.
export LOG=$(yc log group get k8s --format json | jq -r ".id")
yc log group list +----------------------+----------+----------------------+--------+ | ID | NAME | FOLDER ID | STATUS | +----------------------+----------+----------------------+--------+ | e233ul2lctrsllqua2tm | dataproc | $FOLDER | ACTIVE | | e235co7u6ve7r4u44iip | default | $FOLDER | ACTIVE | | e23h969s0kq6fttqoe6v | k8s | $FOLDER | ACTIVE | +----------------------+----------+----------------------+--------+
yc log group get k8s id: e23h969s0kq6fttqoe6v folder_id: $FOLDER cloud_id: $CLOUD created_at: "2022-07-03T16:14:05.311Z" name: k8s description: k8s status: ACTIVE retention_period: 3600s
yc log group list-operations k8s
+----------------------+---------------------+----------------------+---------------------+--------+------------------+
| ID | CREATED AT | CREATED BY | MODIFIED AT | STATUS | DESCRIPTION |
+----------------------+---------------------+----------------------+---------------------+--------+------------------+
| e234pbcfcivg07dmqea6 | 2022-07-03 16:14:05 | $USER | 2022-07-03 16:14:07 | DONE | Create log group |
+----------------------+---------------------+----------------------+---------------------+--------+------------------+
yc log group list-resources k8s
resources:
- type: kube-system
ids:
- node-local-dns-cls2h
- yc-disk-csi-node-v2-t9nvm
yc log group stats k8s
log_group_id: e23h969s0kq6fttqoe6v
bytes: "12627189"
records: "11313"Изменение срока хранения записей.
yc log group update --name=k8s --retention-period=24h
Добавить права SA на запись в лог группу и удалить их.
yc log group add-access-binding \ --name=k8s \ --role logging.editor \ --service-account-name cameda-service \ --async
yc log group remove-access-binding \ --name=k8s \ --role logging.editor \ --service-account-name cameda-service \ --async
Полезные ссылки.
Про фильтры: https://cloud.yandex.ru/docs/logging/concepts/filter
Мониторинг лог групп: https://cloud.yandex.ru/docs/logging/operations/monitoring