# Configures a log scraping jobapiVersion:logging.gdc.goog/v1kind:LoggingTargetmetadata:# Choose a namespace that matches the namespace of the workload pods.namespace:my-project-namespacename:my-logging-targetspec:selector:matchPodNames:-my-pod-prefixparser:jsonlogAccessLevel:aoserviceName:my-service-name
以下 YAML 文件展示了如何完整指定 LoggingTarget 自定义资源。如需了解详情和字段的完整说明,请参阅 API 参考文档。
# Configures a log scraping jobapiVersion:logging.gdc.goog/v1kind:LoggingTargetmetadata:# Choose a namespace that matches the namespace of the workload pods.namespace:PROJECT_NAMESPACEname:LOGGING_TARGET_NAMEspec:# Choose a matching pattern that identifies the pods for this job.# Optional.# Relationship between different selectors: 'AND'selector:# The clusters to collect logs from.# The default configuration is to collect logs from all clusters.# The relationship between different clusters is an 'OR' relationship.# OptionalmatchClusters:-my-cluster-another-cluster# The pod name prefixes to collect logs from.# The logging platform scrapes all pods with names# that start with the specified prefixes.# The values must contain '[a-z0-9-]' characters only.# The relationship between different list elements is an 'OR' relationship.# Optional.matchPodNames:-my-pod-prefix-another-pod-prefix# The container name prefixes to collect logs from.# The logging platform scrapes all containers with names# that start with the specified prefixes.# The values must contain '[a-z0-9-]' characters only.# The relationship between different list elements is an 'OR' relationship.# Optional.matchContainerNames:-my-container-prefix-another-container-prefix# Choose the predefined parser for log entries.# Use parsers to map the log output to labels and extract fields.# Specify the log format.# Optional.# Options: klog_text, klog_json, klogr, gdch_json, jsonparser:klog_text# Specify an access level for log entries.# The default value is 'ao'.# Optional.# Options: ao, pa, iologAccessLevel:ao# Specify a service name to be applied as a label.# For user workloads consider this field as a workload name.# Required.serviceName:my-service-name# The additional static fields to apply to log entries.# The field is a key-value pair, where the field name is the key and# the field value is the value.# Optional.additionalFields:app:workload2key:value
[[["易于理解","easyToUnderstand","thumb-up"],["解决了我的问题","solvedMyProblem","thumb-up"],["其他","otherUp","thumb-up"]],[["很难理解","hardToUnderstand","thumb-down"],["信息或示例代码不正确","incorrectInformationOrSampleCode","thumb-down"],["没有我需要的信息/示例","missingTheInformationSamplesINeed","thumb-down"],["翻译问题","translationIssue","thumb-down"],["其他","otherDown","thumb-down"]],["最后更新时间 (UTC):2025-09-02。"],[[["\u003cp\u003eThis document explains how to collect logs from workflows in Google Distributed Cloud (GDC) air-gapped environments using a \u003ccode\u003eLoggingTarget\u003c/code\u003e custom resource.\u003c/p\u003e\n"],["\u003cp\u003eDeploying a \u003ccode\u003eLoggingTarget\u003c/code\u003e custom resource to your project namespace in the Management API server enables the logging platform to pull and aggregate logs from specified workflows.\u003c/p\u003e\n"],["\u003cp\u003eThe \u003ccode\u003eLoggingTarget\u003c/code\u003e configuration allows you to define targets, a log parser, service identification, and authorization to precisely control log collection and organization.\u003c/p\u003e\n"],["\u003cp\u003eCollected logs can be accessed and queried through the Grafana user interface or the Log Query API.\u003c/p\u003e\n"],["\u003cp\u003eBefore starting, ensure you have the necessary IAM permissions to manage \u003ccode\u003eLoggingTarget\u003c/code\u003e custom resources, which may include creator, editor, or viewer roles.\u003c/p\u003e\n"]]],[],null,["# Collect logs from your workflows\n\nThis page outlines the process for collecting logs from your workflows in\nGoogle Distributed Cloud (GDC) air-gapped environments to facilitate logging and data\nobservability.\n\nLogs record conditions and actions as you manage operations in\nGDC. You can scrape logs that your components produce to\nrecord events and activities. The logging platform offers a custom API to\ncollect project-level logs generated by your workflows through logging targets.\n\nTo start collecting log data, deploy a `LoggingTarget` custom resource to your\nproject namespace in the Management API server. After the log collector pulls\ndata from your workflows, the logging platform aggregates logs from all log\nsources, adds indexes, and associates logs with labels according to the\nconfiguration from the `LoggingTarget` custom resource.\n\nAccess your collected logs using the Grafana user interface or the Log Query\nAPI, as detailed in [Query and view logs](/distributed-cloud/hosted/docs/latest/gdch/platform/pa-user/query-and-view-logs).\n\nFor best practices on implementing logging for data observability, refer to the\nKubernetes community guidelines:\n\n\u003chttps://github.com/kubernetes/community/blob/master/contributors/devel/sig-instrumentation/logging.md\u003e.\n\nBefore you begin\n----------------\n\nTo get the permissions that you need to manage `LoggingTarget` custom\nresources, ask your Organization IAM Admin or Project IAM Admin to grant you one\nof the associated `LoggingTarget` roles.\n\nDepending on the level of access and permissions you need, you might obtain\ncreator, editor, or viewer roles for this resource in an organization or a\nproject. For more information, see [Prepare IAM permissions](/distributed-cloud/hosted/docs/latest/gdch/platform/pa-user/obs-iam-permissions).\n\nConfigure the `LoggingTarget` custom resource\n---------------------------------------------\n\nThe `LoggingTarget` custom resource instructs the logging pipeline to collect\nlogs within your GDC project. You can specify the\ntargets for which you are collecting logs, a log parser, access levels, and any\nadditional settings.\n| **Important:** You must deploy the `LoggingTarget` custom resource into the project namespace of the Management API server from where you want to collect logs.\n\nThis resource defines the following configurations:\n\n- **Targets**: The criteria for selecting the pods and containers from which you want to collect logs. You can specify cluster names, pod name prefixes, and container name prefixes.\n- **Log analyzer**: A predefined parser to interpret log entries, map log outputs to labels, and extract relevant fields.\n- **Service identification**: The service name applied as a label to the log entries for easier identification and filtering.\n- **Authorization**: The access level for log entries, controlling who can view\n the collected logs.\n\n | **Note:** By default, all operational log entries are saved for the tenant ID of the project namespace. To overwrite this behavior, provide a `logAccessLevel` value in the `LoggingTarget` custom resource.\n\nBy configuring these parameters within the `LoggingTarget` custom resource, you\ncan precisely control the collection and organization of logs.\n\nFollow these steps to collect operational logs:\n\n1. Determine the GDC project from which you want to collect logs.\n2. In your `LoggingTarget` configuration, specify the pods for collecting your\n operational logs, the project namespace, and any additional settings.\n\n The following YAML file shows an example of a `LoggingTarget` configuration\n in `my-project-namespace`, where the pod name prefix to collect logs from\n is `my-pod-prefix`, the access level for log entries is granted to\n Application Operators (`ao`), the service name is `my-service-name`, and the\n log format is JSON: \n\n # Configures a log scraping job\n apiVersion: logging.gdc.goog/v1\n kind: LoggingTarget\n metadata:\n # Choose a namespace that matches the namespace of the workload pods.\n namespace: my-project-namespace\n name: my-logging-target\n spec:\n selector:\n matchPodNames:\n - my-pod-prefix\n parser: json\n logAccessLevel: ao\n serviceName: my-service-name\n\n Refer to the\n [complete `LoggingTarget` specification](#loggingtarget-specification) and\n the [API reference documentation](/distributed-cloud/hosted/docs/latest/gdch/apis/service/logging/v1/logging-v1#loggingtarget)\n for additional fields and options.\n3. Apply the `LoggingTarget` configuration to the Management API server within\n the same namespace as your target pods:\n\n kubectl --kubeconfig \u003cvar translate=\"no\"\u003eKUBECONFIG_PATH\u003c/var\u003e apply -f \u003cvar translate=\"no\"\u003eLOGGING_TARGET_NAME\u003c/var\u003e.yaml\n\n Replace the following:\n - \u003cvar translate=\"no\"\u003eKUBECONFIG_PATH\u003c/var\u003e: the path to the kubeconfig file for the Management API server.\n - \u003cvar translate=\"no\"\u003eLOGGING_TARGET_NAME\u003c/var\u003e: the name of the `LoggingTarget` definition file, such as `my-logging-target`.\n\n The logging pipeline begins collecting logs from the additional components\n of your project.\n\nYou can query your collected logs using the Grafana user interface or the Log\nQuery API. For more information, see\n[Query and view logs](/distributed-cloud/hosted/docs/latest/gdch/application/ao-user/query-and-view-logs).\n\nIf you use Grafana to query your logs, you can use the built-in color coding\nfeature for different log levels. For more information on setting log-level\nvalues, see \u003chttps://grafana.com/docs/grafana/latest/explore/logs-integration/\u003e.\n\nComplete `LoggingTarget` specification\n--------------------------------------\n\nThe following YAML file shows an example for the complete specification of the\n`LoggingTarget` custom resource. For more information and a complete description\nof fields, see the\n[API reference documentation](/distributed-cloud/hosted/docs/latest/gdch/apis/service/logging/v1/logging-v1#loggingtarget). \n\n # Configures a log scraping job\n apiVersion: logging.gdc.goog/v1\n kind: LoggingTarget\n metadata:\n # Choose a namespace that matches the namespace of the workload pods.\n namespace: \u003cvar translate=\"no\"\u003e\u003cspan class=\"devsite-syntax-l devsite-syntax-l-Scalar devsite-syntax-l-Scalar-Plain\"\u003ePROJECT_NAMESPACE\u003c/span\u003e\u003c/var\u003e\n name: \u003cvar translate=\"no\"\u003e\u003cspan class=\"devsite-syntax-l devsite-syntax-l-Scalar devsite-syntax-l-Scalar-Plain\"\u003eLOGGING_TARGET_NAME\u003c/span\u003e\u003c/var\u003e\n spec:\n # Choose a matching pattern that identifies the pods for this job.\n # Optional.\n # Relationship between different selectors: 'AND'\n selector:\n # The clusters to collect logs from.\n # The default configuration is to collect logs from all clusters.\n # The relationship between different clusters is an 'OR' relationship.\n # Optional\n matchClusters:\n - my-cluster\n - another-cluster\n\n # The pod name prefixes to collect logs from.\n # The logging platform scrapes all pods with names\n # that start with the specified prefixes.\n # The values must contain '[a-z0-9-]' characters only.\n # The relationship between different list elements is an 'OR' relationship.\n # Optional.\n matchPodNames:\n - my-pod-prefix\n - another-pod-prefix\n\n # The container name prefixes to collect logs from.\n # The logging platform scrapes all containers with names\n # that start with the specified prefixes.\n # The values must contain '[a-z0-9-]' characters only.\n # The relationship between different list elements is an 'OR' relationship.\n # Optional.\n matchContainerNames:\n - my-container-prefix\n - another-container-prefix\n\n # Choose the predefined parser for log entries.\n # Use parsers to map the log output to labels and extract fields.\n # Specify the log format.\n # Optional.\n # Options: klog_text, klog_json, klogr, gdch_json, json\n parser: klog_text\n\n # Specify an access level for log entries.\n # The default value is 'ao'.\n # Optional.\n # Options: ao, pa, io\n logAccessLevel: ao\n\n # Specify a service name to be applied as a label.\n # For user workloads consider this field as a workload name.\n # Required.\n serviceName: my-service-name\n\n # The additional static fields to apply to log entries.\n # The field is a key-value pair, where the field name is the key and\n # the field value is the value.\n # Optional.\n additionalFields:\n app: workload2\n key: value\n\nReplace the following:\n\n- \u003cvar translate=\"no\"\u003ePROJECT_NAMESPACE\u003c/var\u003e: your project namespace.\n- \u003cvar translate=\"no\"\u003eLOGGING_TARGET_NAME\u003c/var\u003e: the name of the `LoggingTarget` definition file."]]
