Status | |
---|---|
Stability | alpha |
Supported pipeline types | logs |
Distributions | contrib |
The kubernetes Objects receiver collects(pull/watch) objects from the Kubernetes API server.
Currently this receiver supports authentication via service accounts only. See example for more information.
The following is example configuration
k8sobjects:
auth_type: serviceAccount
objects:
- name: pods
mode: pull
label_selector: environment in (production),tier in (frontend)
field_selector: status.phase=Running
interval: 15m
- name: events
mode: watch
group: events.k8s.io
namespaces: [default]
Brief description of configuration properties:
auth_type
(default =serviceAccount
): Determines how to authenticate to the K8s API server. This can be one ofnone
(for no auth),serviceAccount
(to use the standard service account token provided to the agent pod), orkubeConfig
to use credentials from~/.kube/config
.name
: Name of the resource object to collectmode
: define in which way it collects this type of object, either "poll" or "watch".pull
mode will read all objects of this type use the list API at an interval.watch
mode will setup a long connection using the watch API to just get updates.
label_selector
: select objects by label(s)field_selector
: select objects by field(s)interval
: the interval at which object is pulled, default 60 minutes. Only useful forpull
mode.namespaces
: An array ofnamespaces
to collect events from. (default =all
)group
: API group name. It is an optional config. When given resource object is present in multiple groups, use this config to specify the group to select. By default, it will select the first group. For example,events
resource is available in bothv1
andevents.k8s.io/v1
APIGroup. In this case, it will selectv1
by default.
The full list of settings exposed for this receiver are documented here with detailed sample configurations here.
Follow the below sections to setup various Kubernetes resources required for the deployment.
Create a ConfigMap with the config for otelcontribcol
. Replace OTLP_ENDPOINT
with valid value.
cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: ConfigMap
metadata:
name: otelcontribcol
labels:
app: otelcontribcol
data:
config.yaml: |
receivers:
k8sobjects:
objects:
- name: pods
mode: pull
- name: events
mode: watch
exporters:
otlp:
endpoint: <OTLP_ENDPOINT>
tls:
insecure: true
service:
pipelines:
logs:
receivers: [k8sobjects]
exporters: [otlp]
EOF
Create a service account that the collector should use.
<<EOF | kubectl apply -f -
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
app: otelcontribcol
name: otelcontribcol
EOF
Use the below commands to create a ClusterRole
with required permissions and a
ClusterRoleBinding
to grant the role to the service account created above.
Following config will work for collecting pods and events only. You need to add
appropriate rule for collecting other objects.
<<EOF | kubectl apply -f -
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: otelcontribcol
labels:
app: otelcontribcol
rules:
- apiGroups:
- ""
resources:
- events
- pods
verbs:
- get
- list
- watch
- apiGroups:
- "events.k8s.io"
resources:
- events
verbs:
- watch
EOF
<<EOF | kubectl apply -f -
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: otelcontribcol
labels:
app: otelcontribcol
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: otelcontribcol
subjects:
- kind: ServiceAccount
name: otelcontribcol
namespace: default
EOF
Create a Deployment to deploy the collector. Note: This receiver must be deployed as one replica, otherwise it'll be producing duplicated data.
<<EOF | kubectl apply -f -
apiVersion: apps/v1
kind: Deployment
metadata:
name: otelcontribcol
labels:
app: otelcontribcol
spec:
replicas: 1
selector:
matchLabels:
app: otelcontribcol
template:
metadata:
labels:
app: otelcontribcol
spec:
serviceAccountName: otelcontribcol
containers:
- name: otelcontribcol
image: otelcontribcol:latest # specify image
args: ["--config", "/etc/config/config.yaml"]
volumeMounts:
- name: config
mountPath: /etc/config
imagePullPolicy: IfNotPresent
volumes:
- name: config
configMap:
name: otelcontribcol
EOF
If receiver returns error similar to below, make sure that resource is added to ClusterRole
.
{"kind": "receiver", "name": "k8sobjects", "pipeline": "logs", "resource": "events.k8s.io/v1, Resource=events", "error": "unknown"}