Cloud Logging

1. Cloud Logging

Logging with Google Kubernetes Engine is the process of collecting and storing a record of events that occur in a GKE cluster. Often thought of as a passive form of systems monitoring, logging collects events logs that can be used, for example, to identify patterns or perhaps help track down the root cause of a system failure. Google Kubernetes Engine (GKE) logs and logs produced by Cloud Logging, both provide information to analyze your Google Cloud infrastructure. However, there are some key differences between the tools. Cloud Logging is a fully managed logging service that can be used to collect logs from a variety of sources, including Google Cloud services, like GKE, on-premises infrastructure, and third-party applications. Cloud Logging can be used to consolidate all of your logs in one place and analyze them for trends. Alternatively, a GKE log is a record of information about cluster events, container events, Pod events, node events, audit events, and general system details. The main types of GKE logs are: System, Workloads, API server, Scheduler, Controller Manager. You can find more information on the contents of each log type in the Google Cloud documentation. The /var/log directory in GKE is the default location for storing logs generated by applications and system processes that run on GKE nodes. This directory is not meant for long-term storage of logs, because it might be deleted when the node is deleted or when the disk on which it is stored runs out of space. For long-term storage and analysis of logs, it is recommended to use Cloud Logging. The first step to inspecting a log is to view it, for which there are two options. The first option is to use the kubectl command to display logs directly from a Pod. This option is quick, but it’s worth noting that logs aren’t saved to any database and may be lost if containers are restarted or deleted. The second option is to use Cloud Logging, which provides a single interface to review logs from containers, nodes, and other system services. This allows more options to broaden your visibility of GKE events to help correlate issues. Cloud Logging is a paid-for product, but offers a free tier that stores the first 50 gibibytes of log data for free for 30 days. This storage is in a bucket named _Default, which stores Data Access audit logs and Policy Denied audit logs. Admin audit logs are held for 400 days in a storage bucket named _Required, which stores logs including Admin Activity audit logs, System Event audit logs, and Login Audit logs. For longer retention options, user-defined log buckets can be created, and can have a retention period of up to 3650 days. Logs can also be exported to BigQuery.

2. Let's practice!

Create Your Free Account

By continuing, you accept our Terms of Use, our Privacy Policy and that your data is stored in the USA.

Architecting with Google Kubernetes Engine: Production

IntermediateSkill Level

5.0+

1 reviews

In this introduction, you'll explore the course goals and preview each section.

Exercise 1: Production Course introduction

The course closes with a summary of the key points covered in each section.

Exercise 1: Course summary