Kubernetes オブジェクトレシーバー 🔗
The Kubernetes Objects receiver collects objects from the Kubernetes API server. The supported pipeline is logs. See パイプラインでデータを処理する and Kubernetesのログとイベントを設定する for more information.
注釈
This receiver supports authentication via service accounts only at the moment.
はじめに 🔗
To activate the Kubernetes Objects receiver, use this Helm configuration:
k8sObjects:
- name: pods
mode: pull
label_selector: environment in (production),tier in (frontend)
field_selector: status.phase=Running
interval: 15m
- name: events
mode: watch
group: events.k8s.io
namespaces: [default]
To complete the configuration, include the receiver in the logs pipelines of the service section of your configuration file. For example:
logs/objects:
receivers:
- k8sObjects
Activate the receiver manually 🔗
To activate the Kubernetes Objects receiver manually in the Collector configuration, add k8sobjects to the receivers section of your configuration file, as shown in the following example:
k8sobjects:
auth_type: serviceAccount
objects:
- name: pods
mode: pull
label_selector: environment in (production),tier in (frontend)
field_selector: status.phase=Running
interval: 15m
- name: events
mode: watch
group: events.k8s.io
namespaces: [default]
Main settings 🔗
These are the main configuration properties:
auth_type.serviceAccountby default. Determines how to authenticate to the Kubernetes API server. Values include none (for no authentication),serviceAccount(to use the standard service account token provided to the agent pod), orkubeConfigto use credentials from~/.kube/config.name. Name of the resource object to collect.mode. Defines how the object is collected:pullmode reads all objects of this type that use the list API at an interval.watchmode sets up a long connection using the watch API to just get updates.
label_selector. Select objects by label(s).field_selector. Select objects by field(s).interval.60m(minutes) by default. Inpullmode, the interval at which the object is pulled.exclude_watch_type. Inwatchmode, it allows excluding specific watch types. Valid values areADDED,MODIFIED,DELETED,BOOKMARK, andERROR.resource_version.1by default. Inwatchmode, it allows watch resources starting from a specific version. If not specified, the receiver will do an initial list to get theresourceVersionbefore starting the watch. See Kubernetes』 Efficient Detection of Change for details on why this is necessary.namespaces.allby default. An array of namespaces to collect events from.group. Optional. API group name. When a given resource object is present in multiple groups, use this field to specify which group to select. By default, it selects the first group.For example, if the
eventsresource is available in both thev1andevents.k8s.io/v1APIGroup, it will selectv1by default.
See more at 設定.
Configure the resources for the Kubernetes deployment 🔗
Follow these sections to set up the various Kubernetes resources required to deploy the Collector with the receiver.
設定 🔗
Create a ConfigMap with the config for otelcontribcol, replacing OTLP_ENDPOINT with a valid value.
apiVersion: v1
kind: ConfigMap
metadata:
name: otelcontribcol
labels:
app: otelcontribcol
data:
config.yaml: |
receivers:
k8sobjects:
objects:
- name: pods
mode: pull
- name: events
mode: watch
exporters:
otlp:
endpoint: <OTLP_ENDPOINT>
tls:
insecure: true
service:
pipelines:
logs:
receivers: [k8sobjects]
exporters: [otlp]
Service account 🔗
Create a service account for the Collector to use.
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
app: otelcontribcol
name: otelcontribcol
Role-based access control (RBAC) 🔗
Use the commands in this section to create a ClusterRole with the required permissions and a ClusterRoleBinding to grant the role to the service account created in the previous section.
注釈
This example will only collect pods and events. To collect other objects, add the appropriate rules.
When using watch mode you must also specify the list verb so that the receiver has permission to do its initial list if no resource_version was supplied, or use a list to recover from 410 Gone scenarios. Learn more in the official Kubernetes documentation at 「410 Gone」 responses .
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: otelcontribcol
labels:
app: otelcontribcol
rules:
- apiGroups:
- ""
resources:
- events
- pods
verbs:
- get
- list
- watch
- apiGroups:
- "events.k8s.io"
resources:
- events
verbs:
- watch
- list
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: otelcontribcol
labels:
app: otelcontribcol
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: otelcontribcol
subjects:
- kind: ServiceAccount
name: otelcontribcol
namespace: default
Deployment 🔗
Deploy the Collector with the Kubernetes Objects receiver as one replica, otherwise it’ll produce duplicated data.
apiVersion: apps/v1
kind: Deployment
metadata:
name: otelcontribcol
labels:
app: otelcontribcol
spec:
replicas: 1
selector:
matchLabels:
app: otelcontribcol
template:
metadata:
labels:
app: otelcontribcol
spec:
serviceAccountName: otelcontribcol
containers:
- name: otelcontribcol
image: otelcontribcol:latest # specify image
args: ["--config", "/etc/config/config.yaml"]
volumeMounts:
- name: config
mountPath: /etc/config
imagePullPolicy: IfNotPresent
volumes:
- name: config
configMap:
name: otelcontribcol
設定 🔗
The following table shows the configuration options for the receiver:
トラブルシューティング 🔗
Ensure resources are allocated 🔗
If the receiver returns an error similar to the one below, make sure that resource is added to ClusterRole.
{"kind": "receiver", "name": "k8sobjects", "pipeline": "logs", "resource": "events.k8s.io/v1, Resource=events", "error": "unknown"}
一般的なトラブルシューティング 🔗
Splunk Observability Cloudをご利用のお客様で、Splunk Observability Cloudでデータを確認できない場合は、以下の方法でサポートを受けることができます。
Splunk Observability Cloudをご利用のお客様
Splunk サポートポータル でケースを送信する
Contact Splunk Support .
見込み客および無料トライアルユーザー様
Splunk Answers のコミュニティサポートで質問し、回答を得る
Splunk #observability ユーザーグループの Slack チャンネルに参加して、世界中の顧客、パートナー、Splunk 社員とのコミュニケーションを図る。参加するには、Get Started with Splunk Community マニュアルの チャットグループ を参照してください。