You're viewing documentation for Anthos Config Management 1.3. This version has reached end of life and is no longer supported. View the latest documentation.

Viewing Anthos Config Management logs

Viewing logs

Anthos Config Management follows the same logging conventions as Kubernetes. By default, logging verbosity is set to 2.

On each enrolled cluster, multiple Deployments run in Pods in the config-management-system namespace. Each of these Deployments represents a different subsystem, as indicated by the name of the Deployment.

  • git-importer: imports configs found in the repo into the cluster as CustomResourceDefinitions (CRDs)
  • monitor: Exposes monitoring and metrics endpoints
  • syncer: Ensures that the cluster's configuration is kept in sync with the CRDs created by the git-importer

Even though tasks are divided by Deployment, you cannot query a Deployment's logs. However, you can use a label selector. Each Deployment has a label selector app=[Deployment name].

Use a Deployment's label selector to view its logs. The following example shows the logs for the syncer Deployment.

kubectl logs --namespace config-management-system -l app=syncer

The git-importer Pod has two different containers, importer and git-sync. To view the logs for only one of these containers, specify it with the -c option. The following example shows the logs for the importer container:

kubectl logs --namespace=config-management-system \
  -l app=git-importer \
  -c importer

Changing logging verbosity

The default logging verbosity is 2. If you need to increase the verbosity for debugging, follow these steps.

  1. Edit the config-management-operator Deployment:

    kubectl edit deployment -n=kube-system config-management-operator

    In the interactive editor, change the value of replicas to 0. This prevents the Operator from reverting the changes you make below.

  2. Get a list of all Deployments related to Anthos Config Management. The names of the Deployments, and the number of Deployments, are both subject to change.

    kubectl get deployments -n=config-management-system
  3. For each Deployment you are debugging or monitoring, edit the object. Replace syncer with the name of the Deployment you want to change.

    kubectl edit deployment syncer
  4. After modifying all the relevant Deployments, edit the config-management-operator object again and set replicas to 1.

    kubectl get deployments -n=config-management-system

When you are finished debugging, you may want to reduce the verbosity of the logs back to 2, to conserve disk space on your nodes. To do that, follow the procedure again, setting the value to 2.

Finding the Git commit that updated an object

When the Operator applies a change to a Kubernetes object because of an update to the repo, the hash for the Git commit is stored in the annotation. To view this hash, use kubectl get:

kubectl get clusterrolebinding namespace-readers -oyaml
kind: ClusterRoleBinding
  annotations: |
      {"apiVersion":"","kind":"ClusterRoleBinding","metadata":{"annotations":{"":"enabled","":"config-management-cluster","":"cluster/namespace-reader-clusterrolebinding.yaml","":"5edf7fda0cfccc351adfa2811954c80c812c26c5"},"creationTimestamp":null,"name":"namespace-readers"},"roleRef":{"apiGroup":"","kind":"ClusterRole","name":"namespace-reader"},"subjects":[{"apiGroup":"","kind":"User","name":""}]} enabled config-management-cluster cluster/namespace-reader-clusterrolebinding.yaml 5edf7fda0cfccc351adfa2811954c80c812c26c5
  creationTimestamp: 2019-02-11T19:39:37Z
  name: namespace-readers
  resourceVersion: "6301538"
  selfLink: /apis/
  uid: c45257a4-2e34-11e9-8a5e-42010a800134
  kind: ClusterRole
  name: namespace-reader
- apiGroup:
  kind: User

You can then use commands such as git show [HASH] to view information about the commit.

What's next