This topic describes how Anthos attached clusters integrates with Cloud Logging and shows you how to access your logs.
Anthos attached clusters supports Cloud Logging for workloads and for system components running on node pool nodes.
Anthos attached clusters includes a Fluentbit-based logging agent that runs on the node pool nodes as a Daemonset. Data collected by the logging agents can be managed and deleted like any other metric and log data, as described in Cloud Logging documentation.
Before you begin
Fulfill the prerequisites for Anthos attached clusters.
Authorize Cloud Logging and Cloud Monitoring to set up permissions for Google Cloud's operations suite.
What data is collected
You can configure Anthos attached clusters to capture any or all of the following information:
- Logs for system services on each of the node pool nodes
- Logs for workloads
If you don't specify a logging mode when you attach your cluster,
Anthos attached clusters enables system logging by default. For workload
logging, your cluster must be at Kubernetes version 1.23 or later. To
enable workload logging, follow the instructions
to attach your AKS cluster, but
--logging flag in your
gcloud container attached clusters register CLUSTER_NAME ... --logging=LOGGING_FLAG
Replace LOGGING_FLAG with a flag indicating what logging you want to enable:
NONE: disable logging (cannot be combined with other logging flags)
SYSTEM: enable logging of system activity on your cluster's node pools
SYSTEM,WORKLOAD: enable logging of both system and workload activity on your cluster's node pools
Access your logs
There are several ways to access your Anthos attached clusters logs in Cloud Logging:
Logs Explorer – You can see your logs directly from the Logs Explorer by using the logging filters to select the Kubernetes resources, such as cluster, node, namespace, pod, or container logs.
Google Cloud CLI – Using the
gcloud logging readcommand, select the appropriate cluster, node, pod, and container logs.
Understanding your logs
These are the resource types that are specific to Anthos attached clusters:
|Resource type||Display name|
||Workload container logs|
When Anthos attached clusters writes your cluster's logs, each log entry includes the resource type. Understanding where logs appear makes it easier to find logs when you need them.
System apps logs
System apps logs fall under the
k8s_container resource type. These include
logs from pods installed on the worker nodes by Anthos attached clusters.
Specifically, containers running in the following namespaces are included:
Finding your logs in the Cloud Logging user interface
You can view your logs using the Logs Explorer in the Cloud Logging user interface.
Using the Query Builder, you can build a query by adding query parameters
manually. For example, if you want to explore logs for system workloads, you can
start with selecting or searching for the
k8s_container resource type, and
then select the location and cluster name. You can then refine your search by
filtering the container or Pod names.
The Logs Explorer offers an additional way to build your search queries using the Logs field explorer. It shows the count of log entries, sorted by decreasing count, for the given log field. Using the Logs field explorer is particularly useful for Anthos attached clusters logs because it provides an easy way to select the Kubernetes values for your resources. For example, you can select logs for a specific cluster, Namespace, Pod name, and container name.
For more information, see Using the Logs Explorer.
This section includes sample queries that you can make on Logs Explorer.
Example 2: Get the logs of
kubelet on worker nodes for an Google Cloud
resource.type="k8s_node" resource.labels.cluster_name="azureClusters/CLUSTER_NAME" log_name="projects/PROJECT_ID/logs/kubelet"
Example 3: Get the logs of the
cilium-agent container for an
Google Cloud cluster CLUSTER_NAME:
resource.type="k8s_container" resource.labels.cluster_name="azureClusters/CLUSTER_NAME" resource.labels.container_name="cilium-agent"
Learn about Cloud Logging:
- Cloud Logging overview
- Using the Logs Explorer
- Building queries for Cloud Logging
- Create logs-based metrics