Updated on 2024-04-25 GMT+08:00

Collecting Kubernetes Events

Billing

LTS does not charge you for creating log groups and offers a free quota for log collection every month. You pay only for log volume that exceeds the quota. For details, see Price Calculator.

Reporting Kubernetes Events to LTS

Cloud Native Logging is not installed in a cluster.

When installing Cloud Native Logging, you can select Kubernetes events to create a default log collection policy, so that this add-on collects all events and reports them to LTS. For details about the installation method, see Collecting Container Logs Using Cloud Native Logging.

Cloud Native Logging has been installed in a cluster.

  1. Log in to the CCE console and click the cluster name to access the details page. In the navigation pane, choose Logging.
  2. Click View Log Collection Policies in the upper right corner.

    All log collection policies reported to LTS are displayed.

  3. Click Create Log Policy and configure parameters as required.

    Policy Template: If you do not select Kubernetes events while installing this add-on or delete the log collection policy, you can use this option to create a default log collection policy.

  4. On the Logging page, select the log stream configured in the log collection policy to view the events reported to LTS.

Reporting Kubernetes Events to AOM

After Cloud Native Logging 1.3.2 is installed, all warning events and some normal events will be reported to AOM by default. The reported events can be used to configure alarms. If the cluster version is 1.19.16, 1.21.11, 1.23.9, 1.25.4, or later, after Cloud Native Logging is installed, events will be reported to AOM by this add-on instead of the control plane component. After Cloud Native Logging is uninstalled, events will not be reported to AOM.

Custom Event Reporting

If the reported events cannot meet requirements, you can modify the settings for the events.

Using the CCE Console

  1. Log in to the CCE console and click the cluster name to access the details page. In the navigation pane, choose Settings.
  2. Click the Monitoring tab. In the Log Configuration area, modify the policy for reporting Kubernetes events to AOM.

    • Abnormal events: This option is enabled by default. All abnormal events are reported to AOM. You can click Configure Blacklist to add events that do not need to be reported to AOM to the blacklist.
    • Normal events: If this option is enabled, normal events will be reported to AOM. The system is pre-configured to report some normal events. If you need to customize the events to be reported, click Configure Whitelist to add the events to the whitelist.

  3. Click Confirm configuration.

Using kubectl

  1. Run the following command on the cluster to modify the event collection settings:

    kubectl edit logconfig -n kube-system default-event-aom

  2. Modify the event collection settings as required.

    apiVersion: logging.openvessel.io/v1
    kind: LogConfig
    metadata:
      annotations:
        helm.sh/resource-policy: keep
      name: default-event-aom
      namespace: kube-system
    spec:
      inputDetail:    # Settings on CCE from which events are collected
        type: event    # Type of logs to be collected from CCE. Do not change the value.
        event:
          normalEvents:    # Used to configure normal events
            enable: true    # Whether to enable normal event collection
            includeNames:    # Names of events to be collected. If this parameter is not specified, all events will be collected.
            - NotTriggerScaleUp
            excludeNames:    # Names of events that are not collected. If this parameter is not specified, all events will be collected.
            - ScaleDown
          warningEvents:    # Used to configure warning events
            enable: true    # Whether to enable warning event collection
            includeNames:    # Names of events to be collected. If this parameter is not specified, all events will be collected.
            - NotTriggerScaleUp
            excludeNames:    # Names of events that are not collected. If this parameter is not specified, all events will be collected.
            - ScaleDown
      outputDetail:
        type: AOM    # Type of the system that receives the events. Do not change the value.
        AOM:
          events:
          - name: DeleteNodeWithNoServer    # Event name. This parameter is mandatory.
            resourceType: Namespace    # Type of the resource that operations are performed on.
            severity: Major    # Event severity after an event is reported to AOM, which can be Critical, Major, Minor, or Info. The default value is Major.