Stackdriver

Stackdriver output plugin allows to ingest your records into Google Cloud Stackdriver Logging service.

Before to get started with the plugin configuration, make sure to obtain the proper credentials to get access to the service. We strongly recommend to use a common JSON credentials file, reference link:

Your goal is to obtain a credentials JSON file that will be used later by Calyptia Fluent Bit Stackdriver output plugin.

Configuration Parameters

Configuration File

If you are using a Google Cloud Credentials File, the following configuration is enough to get started:

[INPUT]
    Name  cpu
    Tag   cpu

[OUTPUT]
    Name        stackdriver
    Match       *

Example configuration file for k8s resource type:

local_resource_id is used by stackdriver output plugin to set the labels field for different k8s resource types. Stackdriver plugin will try to find the local_resource_id field in the log entry. If there is no field logging.googleapis.com/local_resource_id in the log, the plugin will then construct it by using the tag value of the log.

The local_resource_id should be in format:

  • k8s_container.<namespace_name>.<pod_name>.<container_name>

  • k8s_node.<node_name>

  • k8s_pod.<namespace_name>.<pod_name>

This implies that if there is no local_resource_id in the log entry then the tag of logs should match this format. Note that we have an option tag_prefix so it is not mandatory to use k8s_container(node/pod) as the prefix for tag.

[INPUT]
    Name               tail
    Tag_Regex          var.log.containers.(?<pod_name>[a-z0-9](?:[-a-z0-9]*[a-z0-9])?(?:\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*)_(?<namespace_name>[^_]+)_(?<container_name>.+)-(?<docker_id>[a-z0-9]{64})\.log$
    Tag                custom_tag.<namespace_name>.<pod_name>.<container_name>
    Path               /var/log/containers/*.log
    Parser             docker
    DB                 /var/log/fluent-bit-k8s-container.db

[OUTPUT]
    Name        stackdriver
    Match       custom_tag.*
    Resource    k8s_container
    k8s_cluster_name test_cluster_name
    k8s_cluster_location  test_cluster_location
    tag_prefix  custom_tag.

Resource Labels

Currently, there are four ways which fluent-bit uses to assign fields into the resource/labels section.

  1. Resource Labels API

  2. Monitored Resource API

  3. Local Resource Id

  4. Credentials / Config Parameters

If resource_labels is correctly configured, then fluent-bit will attempt to populate all resource/labels using the entries specified. Otherwise, fluent-bit will attempt to use the monitored resource API. Similarly, if the monitored resource API cannot be used, then fluent-bit will attempt to populate resource/labels using configuration parameters and/or credentials specific to the resource type. As mentioned in the Configuration File section, fluent-bit will attempt to use or construct a local resource ID for a K8s resource type which does not use the resource labels or monitored resource API.

Note that the project_id resource label will always be set from the service credentials or fetched from the metadata server and cannot be overridden.

Using the resource_labels parameter

The resource_labels configuration parameter offers an alternative API for assigning the resource labels. To use, input a list of comma separated strings specifying resource labels plaintext assignments (new=value), mappings from an original field in the log entry to a destination field (destination=$original) and/or environment variable assignments (new=${var}).

For instance, consider the following log entry:

{
  "keyA": "valA",
  "toplevel": {
    "keyB": "valB"
  }
}

Combined with the following Stackdriver configuration:

[OUTPUT]
    Name stackdriver
    Match *
    Resource_Labels  keyC=$keyA,keyD=$toplevel['keyB'],keyE=valC

This will produce the following log:

{
  "resource": {
    "type": "global",
    "labels": {
      "project_id": "fluent-bit",
      "keyC": "valA",
      "keyD": "valB"
      "keyE": "valC"
    }
  },
  "entries": [
    {
      "jsonPayload": {
        "keyA": "valA",
        "toplevel": {
           "keyB": "valB"
        }
      },
    }
  ]
}

This makes the resource_labels API the recommended choice for supporting new or existing resource types that have all resource labels known before runtime or available on the payload during runtime.

For instance, for a K8s resource type, resource_labels can be used in tandem with the Kubernetes filter to pack all six resource labels. Below is an example of what this could look like for a k8s_container resource:

[OUTPUT]
    Name            stackdriver
    Match           *
    Resource        k8s_container
    Resource_Labels cluster_name=my-cluster,location=us-central1-c,container_name=$kubernetes['container_name'],namespace_name=$kubernetes['namespace_name'],pod_name=$kubernetes['pod_name']

resource_labels also supports validation for required labels based on the input resource type. This allows fluent-bit to check if all specified labels are present for a given configuration before runtime. If validation is not currently supported for a resource type that you would like to use this API with, we encourage you to open a pull request for it. Adding validation for a new resource type is simple - all that is needed is to specify the resources associated with the type alongside the required labels here.

Troubleshooting Notes

Upstream connection error

Github reference: #761

An upstream connection error means Calyptia Fluent Bit was not able to reach Google services, the error looks like this:

[2019/01/07 23:24:09] [error] [oauth2] could not get an upstream connection

This belongs to a network issue by the environment where Calyptia Fluent Bit is running, make sure that from the Host, Container or Pod you can reach the following Google end-points:

Fail to process local_resource_id

The error looks like this:

[2020/08/04 14:43:03] [error] [output:stackdriver:stackdriver.0] fail to process local_resource_id from log entry for k8s_container

Do following check:

  • If the log entry does not contain the local_resource_id field, does the tag of the log match for format?

  • If tag_prefix is configured, does the prefix of tag specified in the input plugin match the tag_prefix?

    Other implementations

Stackdriver officially supports a logging agent based on Fluentd.

We plan to support some special fields in structured payloads. Use cases of special fields is here.

Last updated