This chart deploy a fluentd based daemonset to collect and forward logs to LogicMonitor
- LogicMonitor Collector installed and monitoring your Kubernetes Cluster.
Install the lm-logs chart, filling in the required values.
helm install -n <namespace> \
--set lm_company_name="<lm_company_name>" \
--set lm_access_id="<lm_access_id>" \
--set lm_access_key="<lm_access_key>" \
lm-logs logicmonitor/lm-logs
The following tables lists the configurable parameters of the lm-logs chart and their default values.
Parameter | Description | Default |
---|---|---|
global.imagePullSecrets |
List of global registry secret names | [] (does not add image pull secrets to deployed pods) |
global.nameOverride |
Global storage class for dynamic provisioning | "" |
global.fullnameOverride |
Global storage class for dynamic provisioning | "" |
global.lm_company_name |
LogicMonitor account name | nil |
global.lm_access_id |
LogicMonitor API Token Access ID | nil |
global.lm_access_key |
LogicMonitor API Token Access Key | nil |
image.repository |
Container image repository | logicmonitor/lm-logs-k8s-fluentd |
image.pullPolicy |
Container image pull policy | IfNotPresent |
image.tag |
Container image tag | "" |
resources.limits.memory |
Container memory resource limit | 1000Mi |
resources.requests.cpu. |
Container cpu resource requests | 300m |
resources.requests.memory |
Container memory resource requests | 700Mi |
fluent.device_less_logs |
beta feature. when set true, do not send resource information. send service and namespace as metadata when true |
false |
fluent.include_metadata |
if true send all metadata along with log msg | true |
fluent.buffer.memory |
fluentd's buffer memory plugin config | flush_interval 1s,chunk_limit_size 8m,flush_thread_count 8 |
tolerations |
Tolerations for pod assignment | {} (evaluated as a template) |
nodeSelectors |
Node labels for pod assignment | {} (evaluated as a template) |
affinity |
Affinity for pod assignment | {} (evaluated as a template) |
env |
Map to add extra environment variables | {} |
kubernetes.multiline_start_regexp |
Regexp to match beginning of multiline | /^\[(\d{4}-)?\d{2}-\d{2} \d{2}:\d{2}:\d{2}.\d{3}.*\]/ |
kubernetes.cluster_name |
ClusterName given while adding k8s cluster | "" |
For descriptions see: https://github.com/fabric8io/fluent-plugin-kubernetes_metadata_filter
- FLUENT_LOG_LEVEL
- FLUENT_CONTAINER_TAIL_TAG
- FLUENT_CONTAINER_TAIL_EXCLUDE_PATH
- FLUENT_CONTAINER_TAIL_PARSER_TYPE
- FLUENT_FILTER_KUBERNETES_URL
- KUBERNETES_VERIFY_SSL
- KUBERNETES_CA_FILE
- FLUENT_KUBERNETES_METADATA_SKIP_LABELS
- FLUENT_KUBERNETES_METADATA_SKIP_CONTAINER_METADATA
- FLUENT_KUBERNETES_METADATA_SKIP_MASTER_URL
- FLUENT_KUBERNETES_METADATA_SKIP_NAMESPACE_METADATA
Note: This feature may not be available to all customers.
To enable this feature set fluent.device_less_logs=true
- k8s pods are ephemeral, anomaly detection is done per pod. Which creates high volume of anomalies and makes it hard to monitor.
- When new pod is created, argus takes time to register it as LM Device and resource mapping fails until then. Consequently we miss initial pod logs.
When fluent.device_less_logs=true
Anomaly detection will be done on namespace
and service
- namespace will be k8s namespace
- service will be extracted from metadata for yaml in the following priority.
- kubernetets.labels.app ( deployments )
- kubernetets.labels.app_kubernetes_io/name (daemon sets)
- kubernetets.container_name
- kubernetets.pod_name
To use regexp to match beginning of multiline set kubernetes.multiline_start_regexp=<some-regex-pattern>
by default the regex is set to /^\[(\d{4}-)?\d{2}-\d{2} \d{2}:\d{2}:\d{2}.\d{3}.*\]/