Configure kubernetes metadata enrichment #990
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
A documentation preview will be available soon. Request a new doc build by commenting
If your PR continues to fail for an unknown reason, the doc build pipeline may be broken. Elastic employees can check the pipeline status here. |
|
This pull request does not have a backport label. Could you fix it @MichaelKatsoulis? 🙏
|
2 tasks
gizas
reviewed
Apr 1, 2024
docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc
Outdated
Show resolved
Hide resolved
gizas
reviewed
Apr 1, 2024
| @@ -0,0 +1,41 @@ | |||
| [[configuring-kubernetes-metadata]] | |||
| = Configuring kubernetes metadata enrichment on {agent} managed by {fleet} | |||
|
|
|||
There was a problem hiding this comment.
Add a single line what kubernetes metadata enrichment is
Maybe a link here https://www.elastic.co/guide/en/observability/current/monitor-kubernetes.html#beats-metadata
gizas
reviewed
Apr 1, 2024
docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc
Outdated
Show resolved
Hide resolved
gizas
reviewed
Apr 1, 2024
| b. kubernetes metadata enrichers for metrics | ||
|
|
||
| In case the elastic-agent's policy does not include kubernetes integration, but {agent} runs inside a kubernetes | ||
| environment the kubernetes metadata are collected by the https://www.elastic.co/guide/en/beats/metricbeat/current/add-kubernetes-metadata.html[add_kubernetes_metadata processor]. The processor is configurable when {agent} is managed by {fleet}. |
There was a problem hiding this comment.
Suggested change
| environment the kubernetes metadata are collected by the https://www.elastic.co/guide/en/beats/metricbeat/current/add-kubernetes-metadata.html[add_kubernetes_metadata processor]. The processor is configurable when {agent} is managed by {fleet}. | |
| environment the kubernetes metadata are collected by the <<add_kubernetes_metadata-processor>>. The processor is configurable when {agent} is managed by {fleet}. |
gizas
reviewed
Apr 1, 2024
| [discrete] | ||
| == Kubernetes Logs | ||
|
|
||
| When it comes to container logs collection, the kubernetes autodiscover provider is used. It watches for pod resources |
There was a problem hiding this comment.
Suggested change
| When it comes to container logs collection, the kubernetes autodiscover provider is used. It watches for pod resources | |
| When it comes to container logs collection, the <<kubernetes-provider>> is used. It watches for pod resources |
gizas
reviewed
Apr 1, 2024
| [discrete] | ||
| == Kubernetes Logs | ||
|
|
||
| When it comes to container logs collection, the kubernetes autodiscover provider is used. It watches for pod resources |
There was a problem hiding this comment.
Suggested change
| When it comes to container logs collection, the kubernetes autodiscover provider is used. It watches for pod resources | |
| When it comes to container logs collection, the kubernetes autodiscover provider is used. It watches for pod events |
gizas
reviewed
Apr 1, 2024
| == Kubernetes Logs | ||
|
|
||
| When it comes to container logs collection, the kubernetes autodiscover provider is used. It watches for pod resources | ||
| in the cluster and associates each container log file under the log path provided with a pod's container object. |
There was a problem hiding this comment.
Suggested change
| in the cluster and associates each container log file under the log path provided with a pod's container object. | |
| in the cluster and associates each container log file with a corresponding pod container object. |
gizas
reviewed
Apr 1, 2024
| When it comes to container logs collection, the kubernetes autodiscover provider is used. It watches for pod resources | ||
| in the cluster and associates each container log file under the log path provided with a pod's container object. | ||
| That way when a log file is parsed and an event is ready to be published to ES, the internal mechanism knows to which actual | ||
| container this log file belongs to. The link is achieved through the container's ID which is part of the log file name. |
There was a problem hiding this comment.
Suggested change
| container this log file belongs to. The link is achieved through the container's ID which is part of the log file name. | |
| container this log file belongs to. The linkage is established by the container's ID, which forms an integral part of the filename for the log. |
gizas
reviewed
Apr 1, 2024
| container this log file belongs to. The link is achieved through the container's ID which is part of the log file name. | ||
| The kubernetes autodiscover provider has already collected all the metadata for that container, leveraging pod, namespace and node watchers. Thus the events are enriched with the relevant metadata. | ||
|
|
||
| In order to configure the metadata collection, the kubernetes provider needs to be configured. |
There was a problem hiding this comment.
Suggested change
| In order to configure the metadata collection, the kubernetes provider needs to be configured. | |
| In more details: | |
| * For **Standalone {agent}** | |
| Follow information of `add_resource_metadata` parameter of <<kubernetes-provider>> | |
| [source,yaml] | |
| .Example how to configure kubernetes metadata enrichment | |
| ------------------------------------------------ | |
| apiVersion: v1 | |
| kind: ConfigMap | |
| metadata: | |
| name: agent-node-datastreams | |
| namespace: kube-system | |
| labels: | |
| k8s-app: elastic-agent | |
| data: | |
| agent.yml: |- | |
| kubernetes.provider | |
| add_resource_metadata: | |
| namespace: | |
| #use_regex_include: false | |
| include_labels: ["namespacelabel1"] | |
| #use_regex_exclude: false | |
| #exclude_labels: ["namespacelabel2"] | |
| node: | |
| #use_regex_include: false | |
| include_labels: ["nodelabel2"] | |
| include_annotations: ["nodeannotation1"] | |
| #use_regex_exclude: false | |
| #exclude_labels: ["nodelabel3"] | |
| #deployment: false | |
| #cronjob: false | |
| --------------------------------------------------- | |
| * For **Managed {agent}**: | |
| See <<advanced-kubernetes-managed-by-fleet>> | |
gizas
reviewed
Apr 1, 2024
| b. kubernetes metadata enrichers for metrics | ||
|
|
||
| In case the elastic-agent's policy does not include kubernetes integration, but {agent} runs inside a kubernetes | ||
| environment the kubernetes metadata are collected by the https://www.elastic.co/guide/en/beats/metricbeat/current/add-kubernetes-metadata.html[add_kubernetes_metadata processor]. The processor is configurable when {agent} is managed by {fleet}. |
There was a problem hiding this comment.
NOTE: This document focuses on {agent} configuration solely. In case beats metadata enrichment for kubernetes needed advice relevant filebeat and metricbeat links
There was a problem hiding this comment.
after the beats prs
gizas
reviewed
Apr 1, 2024
| [discrete] | ||
| == Kubernetes metrics | ||
|
|
||
| Metrics collection triggers metricbeat with kubernetes module and related metricsets enabled under the hood. |
gizas
reviewed
Apr 1, 2024
| == Kubernetes metrics | ||
|
|
||
| Metrics collection triggers metricbeat with kubernetes module and related metricsets enabled under the hood. | ||
| The kubernetes metricsets use the so called kubernetes metadata enrichers mechanism. What this does is that the different metricsets share a set of resource watchers. Those watchers(pod, node, namespace, deployment, daemonset etc.) are responsible for watching for all the different resources creation, update and deletion by subscribing to kubernetes watch API. |
There was a problem hiding this comment.
Suggested change
| The kubernetes metricsets use the so called kubernetes metadata enrichers mechanism. What this does is that the different metricsets share a set of resource watchers. Those watchers(pod, node, namespace, deployment, daemonset etc.) are responsible for watching for all the different resources creation, update and deletion by subscribing to kubernetes watch API. | |
| The {agent} metrics collection implements metadata enrichment based on watchers, a mechanisms used in Kubernetes to observe changes to resources in the Kubernetes cluster. | |
| In more details, the different datasets share a set of resource watchers. Those watchers(pod, node, namespace, deployment, daemonset etc.) are responsible for watching for all different resource events ( creation, update and deletion) by subscribing to kubernetes watch API. This enables real-time synchronization of application state with the state of the Kubernetes cluster |
gizas
reviewed
Apr 1, 2024
|
|
||
| Metrics collection triggers metricbeat with kubernetes module and related metricsets enabled under the hood. | ||
| The kubernetes metricsets use the so called kubernetes metadata enrichers mechanism. What this does is that the different metricsets share a set of resource watchers. Those watchers(pod, node, namespace, deployment, daemonset etc.) are responsible for watching for all the different resources creation, update and deletion by subscribing to kubernetes watch API. | ||
| So they keep in an up to date shared store all the resource informations and metadata. Whenever metrics are collected by the different sources (kubelet, kube-state-metrics), before they get published to ES as events, they get enriched with needed metadata. |
There was a problem hiding this comment.
Suggested change
| So they keep in an up to date shared store all the resource informations and metadata. Whenever metrics are collected by the different sources (kubelet, kube-state-metrics), before they get published to ES as events, they get enriched with needed metadata. | |
| So they keep in an up to date shared cache store for all the resource informations and metadata. Whenever metrics are collected by the different sources (kubelet, kube-state-metrics), before they get published to {es} as events, they get enriched with needed metadata. |
gizas
reviewed
Apr 1, 2024
|
|
||
| The metadata enrichment can be configured by editing the kubernetes integration. | ||
| It can be disabled by switching off the `Add Metadata` toggle in every metricset. Exrta resource metadata like | ||
| node, namespace labels and annotations, as well as deployment and cronjob information can be configured per metricset. |
There was a problem hiding this comment.
Suggested change
| node, namespace labels and annotations, as well as deployment and cronjob information can be configured per metricset. | |
| node, namespace labels and annotations, as well as deployment and cronjob information can be configured per dataset. |
gizas
reviewed
Apr 1, 2024
| node, namespace labels and annotations, as well as deployment and cronjob information can be configured per metricset. | ||
|
|
||
| image::images/kubernetes_metadata.png[metadata configuration] | ||
|
|
There was a problem hiding this comment.
NOTE: add_resource_metadata block needs to be configured to all datasets that are enabled
gizas
reviewed
Apr 1, 2024
| So they keep in an up to date shared store all the resource informations and metadata. Whenever metrics are collected by the different sources (kubelet, kube-state-metrics), before they get published to ES as events, they get enriched with needed metadata. | ||
|
|
||
| The metadata enrichment can be configured by editing the kubernetes integration. | ||
| It can be disabled by switching off the `Add Metadata` toggle in every metricset. Exrta resource metadata like |
There was a problem hiding this comment.
Suggested change
| It can be disabled by switching off the `Add Metadata` toggle in every metricset. Exrta resource metadata like | |
| **Only in metrics collection**, metadata enrichement can be disabled by switching off the `Add Metadata` toggle in every dataset. Exrta resource metadata like |
gizas
reviewed
Apr 1, 2024
| The metadata enrichment can be configured by editing the kubernetes integration. | ||
| It can be disabled by switching off the `Add Metadata` toggle in every metricset. Exrta resource metadata like | ||
| node, namespace labels and annotations, as well as deployment and cronjob information can be configured per metricset. | ||
|
|
There was a problem hiding this comment.
Suggested change
| - For **Managed {agent}**: | |
gizas
reviewed
Apr 1, 2024
| node, namespace labels and annotations, as well as deployment and cronjob information can be configured per metricset. | ||
|
|
||
| image::images/kubernetes_metadata.png[metadata configuration] | ||
|
|
There was a problem hiding this comment.
Suggested change
| - For **Standalone {agent}**: | |
| [source,yaml] | |
| .Elastic Agent Standalone manifest sample | |
| ------------------------------------------------ | |
| [output trunctated ...] | |
| - data_stream: | |
| dataset: kubernetes.state_pod | |
| type: metrics | |
| metricsets: | |
| - state_pod | |
| add_metadata: true | |
| hosts: | |
| - 'kube-state-metrics:8080' | |
| period: 10s | |
| add_resource_metadata: | |
| namespace: | |
| enabled: true | |
| #use_regex_include: false | |
| include_labels: ["namespacelabel1"] | |
| #use_regex_exclude: false | |
| #exclude_labels: ["namespacelabel2"] | |
| node: | |
| enabled: true | |
| #use_regex_include: false | |
| include_labels: ["nodelabel2"] | |
| include_annotations: ["nodeannotation1"] | |
| #use_regex_exclude: false | |
| #exclude_labels: ["nodelabel3"] | |
| #deployment: false | |
| #cronjob: false | |
| --------------------------------------------------- | |
| The `add_resource_metadata` block configures the watchers enrichment functionality. See <<kubernetes-provider>> for full description of add_resource_metadata. Same configuration parameters apply. |
kilfoyle
reviewed
Apr 2, 2024
docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc
Outdated
Show resolved
Hide resolved
|
This looks great @MichaelKatsoulis! I hope you don't mind a bunch of suggestions. |
…-metadata.asciidoc Co-authored-by: David Kilfoyle <[email protected]>
…-metadata.asciidoc Co-authored-by: David Kilfoyle <[email protected]>
…-metadata.asciidoc Co-authored-by: David Kilfoyle <[email protected]>
…-metadata.asciidoc Co-authored-by: David Kilfoyle <[email protected]>
…-metadata.asciidoc Co-authored-by: David Kilfoyle <[email protected]>
…-metadata.asciidoc Co-authored-by: David Kilfoyle <[email protected]>
@kilfoyle Thanks a lot! I updated the documentation with your suggestions! |
gizas
approved these changes
Apr 3, 2024
kilfoyle
reviewed
Apr 3, 2024
docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc
Outdated
Show resolved
Hide resolved
kilfoyle
reviewed
Apr 3, 2024
docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc
Outdated
Show resolved
Hide resolved
kilfoyle
reviewed
Apr 3, 2024
docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc
Outdated
Show resolved
Hide resolved
kilfoyle
reviewed
Apr 3, 2024
docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc
Outdated
Show resolved
Hide resolved
kilfoyle
previously approved these changes
Apr 3, 2024
There was a problem hiding this comment.
Thanks a lot for adding this @MichaelKatsoulis! The docs are really nice. 👍
I added just a few more super minor suggestions.
I'm not sure if you'll be able to merge in this repo (due to our newly heightened security settings), so whenever it's ready to merge just let me know.
Also, if this should appear in the current 8.13 docs let me know and I'll make sure it backports succcessfully.
…-metadata.asciidoc Co-authored-by: David Kilfoyle <[email protected]>
…-metadata.asciidoc Co-authored-by: David Kilfoyle <[email protected]>
…-metadata.asciidoc Co-authored-by: David Kilfoyle <[email protected]>
…-metadata.asciidoc Co-authored-by: David Kilfoyle <[email protected]>
kilfoyle
approved these changes
Apr 3, 2024
|
@kilfoyle I think it is ready now. Yes the documentation applies also for 8.13. I added the backport label. I believe I can merge it myself, the merge button is green ! |
|
Sounds good Michael! And thanks for letting me know about the merge button. Other people have had problems so I'm really glad to know it's not universal. :-) |
mergify bot
pushed a commit
that referenced
this pull request
Apr 4, 2024
* Configure kubernetes metadata enrichment * Add new page in index * Fix index * Apply review suggestions * Fix processor reference * Fix errors * Update docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc Co-authored-by: Andrew Gizas <[email protected]> * Update docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc Co-authored-by: Andrew Gizas <[email protected]> * Update docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc Co-authored-by: Andrew Gizas <[email protected]> * Update docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc Co-authored-by: Andrew Gizas <[email protected]> * Update docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc Co-authored-by: Andrew Gizas <[email protected]> * Update docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc Co-authored-by: Andrew Gizas <[email protected]> * Update docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc Co-authored-by: Andrew Gizas <[email protected]> * Update docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc Co-authored-by: Andrew Gizas <[email protected]> * Add a line * Update docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc Co-authored-by: David Kilfoyle <[email protected]> * Update docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc Co-authored-by: David Kilfoyle <[email protected]> * Update docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc Co-authored-by: David Kilfoyle <[email protected]> * Update docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc Co-authored-by: David Kilfoyle <[email protected]> * Update docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc Co-authored-by: David Kilfoyle <[email protected]> * Update docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc Co-authored-by: David Kilfoyle <[email protected]> * Minor typos fixes * Update docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc Co-authored-by: David Kilfoyle <[email protected]> * Update docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc Co-authored-by: David Kilfoyle <[email protected]> * Update docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc Co-authored-by: David Kilfoyle <[email protected]> * Update docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc Co-authored-by: David Kilfoyle <[email protected]> --------- Co-authored-by: Andrew Gizas <[email protected]> Co-authored-by: David Kilfoyle <[email protected]> (cherry picked from commit 10037c8)
MichaelKatsoulis
added a commit
that referenced
this pull request
Apr 8, 2024
* Configure kubernetes metadata enrichment * Add new page in index * Fix index * Apply review suggestions * Fix processor reference * Fix errors * Update docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc Co-authored-by: Andrew Gizas <[email protected]> * Update docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc Co-authored-by: Andrew Gizas <[email protected]> * Update docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc Co-authored-by: Andrew Gizas <[email protected]> * Update docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc Co-authored-by: Andrew Gizas <[email protected]> * Update docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc Co-authored-by: Andrew Gizas <[email protected]> * Update docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc Co-authored-by: Andrew Gizas <[email protected]> * Update docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc Co-authored-by: Andrew Gizas <[email protected]> * Update docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc Co-authored-by: Andrew Gizas <[email protected]> * Add a line * Update docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc Co-authored-by: David Kilfoyle <[email protected]> * Update docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc Co-authored-by: David Kilfoyle <[email protected]> * Update docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc Co-authored-by: David Kilfoyle <[email protected]> * Update docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc Co-authored-by: David Kilfoyle <[email protected]> * Update docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc Co-authored-by: David Kilfoyle <[email protected]> * Update docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc Co-authored-by: David Kilfoyle <[email protected]> * Minor typos fixes * Update docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc Co-authored-by: David Kilfoyle <[email protected]> * Update docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc Co-authored-by: David Kilfoyle <[email protected]> * Update docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc Co-authored-by: David Kilfoyle <[email protected]> * Update docs/en/ingest-management/elastic-agent/configuring-kubernetes-metadata.asciidoc Co-authored-by: David Kilfoyle <[email protected]> --------- Co-authored-by: Andrew Gizas <[email protected]> Co-authored-by: David Kilfoyle <[email protected]> (cherry picked from commit 10037c8) Co-authored-by: Michael Katsoulis <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR enhances elastic agent managed by fleet documentation with information and configuration for kubernetes metadata enrichment.
Part of elastic/beats#37858