This topic describes how to use the eventer component to collect events from Kubernetes to Log Service. For more information about the source code for Kubernetes event collection, visit GitHub.

Collection configuration method

Note
  • If you use Alibaba Cloud Kubernetes, you only need to configure the endpoint, project, and logStore parameters.
  • If you use self-built Kubernetes, you need to configure the endpoint, project, logStore, regionId, internal, accessKeyId, and accessKeySecret parameters.
Deploy the YAML template as follows:
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: eventer-sls
  namespace: kube-system
spec:
  replicas: 1
  template:
    metadata:
      labels:
        task: monitoring
        k8s-app: eventer-sls
      annotations:
        scheduler.alpha.kubernetes.io/critical-pod: ''
    spec:
      serviceAccount: admin
      containers:
      - name: eventer-sls
        image: registry.cn-hangzhou.aliyuncs.com/ringtail/eventer:v1.6.1.3
        imagePullPolicy: IfNotPresent
        command:
        - /eventer
        - --source=kubernetes:https://kubernetes.default
        - --sink=sls:https://${endpoint}? project=${project}&logStore=${logstore}

Parameter settings

Parameter Type Required Description
endpoint String Yes The endpoint of Log Service. For more information, see Service endpoint.
project String Yes The project in Log Service.
logStore String Yes The Logstore in Log Service.
internal String Yes if you use self-built Kubernetes, and no if you use Alibaba Cloud Kubernetes Specifies whether Alibaba Cloud Kubernetes is used. Set this parameter to false.
regionId String Yes if you use self-built Kubernetes, and no if you use Alibaba Cloud Kubernetes The region ID of Log Service. For more information, see Service endpoint.
accessKeyId String Yes if you use self-built Kubernetes, and no if you use Alibaba Cloud Kubernetes The AccessKey ID of your account. We recommend that you use the AccessKey ID of a RAM user.
accessKeySecret String Yes if you use self-built Kubernetes, and no if you use Alibaba Cloud Kubernetes The AccessKey Secret of your account. We recommend that you use the AccessKey Secret of a RAM user.

Log sample

The following log sample is collected by Log Service. For more information, see Kubernetes.

The following table describes the content of the log.
Log field Type Description
hostname String The hostname of the event.
level String The level of the log. Valid values: Normal and Warning.
pod_id String The unique identifier of the pod. This field is available only when the event type is related to the pod.
pod_name String The name of the pod. This field is available only when the event type is related to the pod.
eventId JSON The details of the event, which is a JSON string.
hostname:  cn-hangzhou.i-***********"
level:  Normal
pod_id:  2a360760-1c82-11e9-9ddf-00163e0c7cbe
pod_name:  logtail-ds-blkkr
event_id:  {  
   "metadata":{  
      "name":"logtail-ds-blkkr. 157b7cc90de7e192",
      "namespace":"kube-system",
      "selfLink":"/api/v1/namespaces/kube-system/events/logtail-ds-blkkr. 157b7cc90de7e192",
      "uid":"2aaf75ab-1c82-11e9-9ddf-00163e0c7cbe",
      "resourceVersion":"6129169",
      "creationTimestamp":"2019-01-20T07:08:19Z"
   },
   "involvedObject":{  
      "kind":"Pod",
      "namespace":"kube-system",
      "name":"logtail-ds-blkkr",
      "uid":"2a360760-1c82-11e9-9ddf-00163e0c7cbe",
      "apiVersion":"v1",
      "resourceVersion":"6129161",
      "fieldPath":"spec.containers{logtail}"
   },
   "reason":"Started",
   "message":"Started container",
   "source":{  
      "component":"kubelet",
      "host":"cn-hangzhou.i-***********"
   },
   "firstTimestamp":"2019-01-20T07:08:19Z",
   "lastTimestamp":"2019-01-20T07:08:19Z",
   "count":1,
   "type":"Normal",
   "eventTime":null,
   "reportingComponent":"",
   "reportingInstance":""
}