Link

KUBERNETES COLLECTOR DETAILS

Zebrium’s Kubernetes collector sends logs to Zebrium for automated Anomaly detection. Our github repository is located here.

ze-kubernetes-collector

Features

  • One step deployment using Helm
  • Sends logs from all Pods/Containers in a Kubernetes clusters
  • Runs a single instance of the collector per node in a Kubernetes cluster

Getting Started

Installing via helm version 3

  1. helm upgrade -i zlog-collector zlog-collector --namespace zebrium --create-namespace --repo https://raw.githubusercontent.com/zebrium/ze-kubernetes-collector/master/charts --set zebrium.collectorUrl=https://cloud-ingest.zebrium.com,zebrium.authToken=YOUR_AUTH_TOKEN,zebrium.timezone=KUBERNETES_HOST_TIMEZONE,zebrium.deployment=YOUR_DEPLOYMENT_NAME

NOTES:

KUBERNETES_HOST_TIMEZONE is the timezone setting on kubernetes host, for example, “UTC” or “America/Los_Angeles”. If this option is not provided, default value UTC will be used.

YOUR_DEPLOYMENT_NAME essentially defines a failure domain boundary for anomaly correlation. This allows you to collect logs from multiple applications and isolate the logs of one application from another application so as not to mix these in a Root Cause Report. This is referred to as Service Groups in the Zebrium UI.

Installing via helma version 2

  1. helm install --namespace zebrium --name zlog-collector --repo https://raw.githubusercontent.com/zebrium/ze-kubernetes-collector/master/charts zlog-collector --set zebrium.collectorUrl=YOUR_ZE_API_URL,zebrium.authToken=YOUR_ZE_API_AUTH_TOKEN,zebrium.timezone=KUBERNETES_HOST_TIMEZONE,zebrium.deployment=YOUR_DEPLOYMENT_NAME

NOTES:

KUBERNETES_HOST_TIMEZONE is the timezone setting on kubernetes host, for example, “UTC” or “America/Los_Angeles”. If this option is not provided, default value UTC will be used.

YOUR_DEPLOYMENT_NAME essentially defines a failure domain boundary for anomaly correlation. This allows you to collect logs from multiple applications and isolate the logs of one application from another application so as not to mix these in a Root Cause Report. This is referred to as Service Groups in the Zebrium UI.

Uninstalling via helm

If you used the “helm install” command to install zlog-collector chart, you should use the following command to delete:

helm delete --purge zlog-collector

Configuration

No special configuration is required

Tunable Parameters

Parameter Description Default Value Note
zebrium.bufferTotalLimitSize Total disk buffer to use on node 8GB Use helm command line option "--set zebrium.bufferTotalLimitSize=BUFFER_SIZE" to set. BUFFER_SIZE is either in MB or GB. For example, "256MB" or "1GB"

Setup

By default, Zebrium’s kubernetes log collector will be deployed to all Nodes in your cluster and collect logs from each container.

Additionally, each log line will have associated meta data from your Kubernetes deployment viewable in the Zebrium UI. This meta data will include:

  1. All Kubernetes Identifier tags such as Node, Pod Name and Id, Container Name and Id, Namespace, etc.
  2. All Kubernetes Labels
  3. All Kubernetes Annotations

Testing your installation

Once the collector has been deployed in your Kubernetes environment, your logs and anomaly detection will be available in the Zebrium UI.

Troubleshooting

In the event that Zebrium requires the ze_collector logs for troubleshooting, you can use these commands:

  1. Use: kubectl get pods --namespace zebrium to get the zlog-collector pod names first.
  2. Use: kubectl logs <pod_name> --namespace zebrium to get logs. Note: There may be multiple pods containing logs.

Contributors

  • Brady Zuo (Zebrium)