If you have Kubernetes running in multiple clouds or in hybrid cloud and on premise infrastructure, then you need a logging agent that can collect logs everywhere and forward to your preferred analysis platform. Stanza allows you to standardize the way you collect and forward logs regardless of where those logs are.
Here’s a sample configuration collecting logs from a Kubernetes environment on Google Kubernetes Engine (GKE) and collecting logs from an on premise environment.
---
kind: ConfigMap
metadata:
name: stanza-config
namespace: default
apiVersion: v1
data:
logs.yaml: |2-
pipeline:
- type: kubernetes_container
cluster_name: CHANGE_ME
# avoid parsing stanza's log output
exclude:
- /var/log/containers/stanza-*_*-*.log
start_at: end
- type: google_cloud_output
events.yaml: |2-
pipeline:
- type: kubernetes_events
cluster_name: CHANGE_ME
- type: google_cloud_output
---
Full GKE config file can be found here: https://github.com/observIQ/stanza/blob/master/examples/k8s/gke/agent.yaml
Google already handles some of the kubernetes logs so when running Stanza in a GKE environment we only need to specify the collection of container and event logs. If you configured Stanza to run on premise – or a non GKE environment – it would look more like this:
---
kind: ConfigMap
metadata:
name: stanza-config
namespace: default
apiVersion: v1
data:
logs.yaml: |2-
pipeline:
- type: kubernetes_container
cluster_name: CHANGE_ME
# avoid parsing stanza's log output
exclude:
- /var/log/containers/stanza-*_*-*.log
start_at: end
- credentials_file: /stanza_home/log_destinations/google_cloud/log_credentials.json
type: google_cloud_output
events.yaml: |2-
pipeline:
- type: kubernetes_events
cluster_name: CHANGE_ME
- credentials_file: /stanza_home/log_destinations/google_cloud/log_credentials.json
type: google_cloud_output
---
Full on premise example config file can be found here: https://github.com/observIQ/stanza/blob/master/examples/k8s/onprem/agent.yaml
In this example we are forwarding all of the logs to Google Cloud Operations for further processing and analysis. You could choose to send your log data to any destination you choose.
We have configured Stanza to monitor Kubernetes sources and events. Here’s an example payload created by Stanza from a Kubernetes “Back-off” event that will be sent to Google Cloud Operations.
Stanza will make calls directly to the Kub API and handle log state changes like node restarts, evicted pods, and failed container starts.
Stanza is preferable to writing your own log collection because it does the heavy lifting for you and is still completely customizable to your unique log monitoring needs. Stanza is also highly performant and capable of handling larger volumes of data than existing alternatives.
Stanza is recommended for larger environments where performance is critical and/or hybrid/multi cloud environments where you would like to use a single tool to collect your logs instead of configuring different tools for each cloud provider.
Learn more here:
- Github – Stanza is an open source log agent. View the repository on Github.
- Docs – Installation, configuration, and example can be found in Stanza’s documentation. View the documentation on Github.
If you would like to learn more about Stanza or any of observIQ’s offerings, please reach out to info@observiq.com. We would be happy to support you as you evaluate if our solutions are the right fit for your organization and requirements.