IBM Cloud Docs
IBM Cloud Kubernetes Service extension

IBM Cloud Kubernetes Service extension

In IBM Cloud Logs, you can use the IBM Cloud Kubernetes Service extension to gain insights into logs that are generated in an IBM Cloud account.

Before you begin

With this extension, you can create a dashboard designed to visualize and analyze logs from the IBM Cloud Kubernetes Service service. The dashboard provides an in-depth analysis of the IBM Cloud Kubernetes Service service, offering a comprehensive view of cluster performance, node activity, pod logs, and error analysis. It enables quick issue identification, trend analysis, and efficient Kubernetes monitoring.

In IBM Cloud Logs, logs that are generated by IBM Cloud services (known as platform logs) include metadata fields that you can use to enhance searches and analyze the data.

  • applicationName: The application name is the environment that produces and sends logs to IBM Cloud Logs. It is set to kubernetes.namespace_name.
  • subsystemName: The subsystem name is the service or application that produces and sends logs to IBM Cloud Logs. It is set to kubernetes.container_name:<container> where <container> is the IBM Cloud Kubernetes Service container name.

In IBM Cloud, you must configure IBM Cloud Logs Routing to route logs to the IBM Cloud Logs service.

Before you can monitor logs that are generated in an IBM Cloud account, you must configure the IBM Cloud Logs Routing service in the account to define the destination where you want to monitor the logs.

  • You can configure 1 or more IBM Cloud Logs instances in the account.
  • Platform logs generated in the region are routed to the IBM Cloud Logs instance configured in IBM Cloud Logs Routing. The IBM Cloud Logs instance can be in the same region, or in a different region, in the account.
  • You must define a service to service authorization between IBM Cloud Logs Routing and IBM Cloud Logs to grant permissions to the IBM Cloud Logs Routing service to send logs to the IBM Cloud Logs service.

For more information, see:

What this extension deploys

This extension includes one or more items.

Items included when extension is deployed
Includes Number
Alerts 5
Dashboards 1
Enrichments 0
Events to metrics 0
Rules 0
Views 0

Before deploying this extension, make sure that deploying the extension will not cause you to exceed limits for your IBM Cloud Logs instance. If deploying the extension results in limits being exceeded, the deployment will fail.

Deploying the extension

You can deploy this extension in any IBM Cloud Logs instance that collects IBM Cloud Kubernetes Service logs. This extension includes a set of pre-configured resources such as dashboards, views, and alerts that help you monitor critical metrics, identify anomalies, and optimize your system's performance.

For more information about deploying the extension, see Deploying, managing, and removing IBM Cloud Logs extensions.

After deploying, verify that the extension configuration handles data in a way that matches your IBM Cloud Logs instance configuration. For example, if you have TCO policies sending data to the Analyze and alert pipeline, you will need to change the dashboard configured by this extension to All Logs instead of Priority insights.

Dashboard

One dashboard is provided providing data about IBM Cloud Kubernetes Service logs including:

  • Count of clusters
  • Count of nodes
  • Count of pods
  • Count of containers
  • List of the node hosts
  • The node hosts with the most logs
  • The trend of node event logs

Alerts

You can deploy any of the following alert:

  • No logs from service: No logs have been received from the kubernetes service, indicating potential issues with logging configuration, service downtime, or connectivity problems affecting log transmission.
  • More than 5 erroneous cluster logs within 15 minutes: Over 5 error logs have been recorded at the cluster level within a 15-minute window indicating potential issues affecting the Kubernetes cluster's overall health or configuration.
  • More than 5 erroneous pod logs within 15 minutes: More than 5 error logs have been detected in pod-level operations within 15 minutes, suggesting issues with workloads or pod-level configurations.
  • Host change: A host change event has been detected which might indicate a node replacement, scaling operation, or unexpected infrastructure changes.
  • Permission denied: A permission denial has occurred during a Kubernetes operation possibly caused by misconfigured access controls or insufficient permissions for the requested action.