Creating Sink Resources

Overview
Prerequisites
Create Sinks
- ClusterLogSink and LogSink Resources
- ClusterMetricSink and MetricSink Resources
Filter Sinks
List Sinks
- ClusterLogSink and LogSink Resources
- ClusterMetricSink and MetricSink Resources
Delete Sinks
- ClusterLogSink and LogSink Resources
- ClusterMetricSink and MetricSink Resources
Related Links

Page last updated:

This topic describes how to create a sink resource for a Kubernetes cluster provisioned with Enterprise Pivotal Container Service (Enterprise PKS) or for a namespace within a cluster.

Overview

Sink resources enable Enterprise PKS users to collect logs and metrics. You can create the following types of sink resources.

Sink Resource	Sink Type	Description
`ClusterLogSink`	Log sink	Forwards logs from a cluster to a log destination. Logs are transported using one of the following: The Syslog Protocol defined in RFC 5424 WebHook Fluent Bit output plugins
`LogSink`	Log sink	Forwards logs from a namespaced subset within a `ClusterLogSink` resource to a log destination. Logs are transported using one of the following: The Syslog Protocol defined in RFC 5424 WebHook Fluent Bit output plugins
`ClusterMetricSink`	Metric sink	Collects and writes metrics from a cluster to specified outputs using input and output plugins.
`MetricSink`	Metric sink	Collects and writes metrics from a namespace within a cluster to specified outputs using input and output plugins.

Prerequisites

Before creating a sink resource, do the following:

If you want to create a ClusterLogSink or LogSink resource, ensure that the Enable Log Sink Resources checkbox is selected in the Enterprise PKS tile.
If you want to create a ClusterMetricSink or MetricSink resource, ensure that the Enable Metric Sink Resources checkbox is selected in the Enterprise PKS tile.

For more information, see the Enterprise PKS installation topic for your IaaS:

CLI Requirements

To create and manage sink resources, you must install the Kubernetes CLI, kubectl. For installation instructions, see Installing the Kubernetes CLI.

Create Sinks

You can create log and metric sinks for clusters and namespaces.

If you want to create a ClusterLogSink or LogSink, see ClusterLogSink and LogSink Resources below.
If you want to create a ClusterMetricSink or MetricSink, see ClusterMetricSink and MetricSink Resources below.

ClusterLogSink and LogSink Resources

To create ClusterLogSink or LogSink resources, you can:

Create a Syslog ClusterLogSink or LogSink Resource
Create a Webhook ClusterLogSink or LogSink Resource
Create a ClusterLogSink or LogSink Resource with a Fluent Bit Output Plugin

Note: Log sinks created in Enterprise PKS do not support UDP connections.

Note: Enterprise PKS requires a secure connection for log forwarding when using ClusterLogSink and LogSink resources of type syslog or webhook. To forward logs using an unsecured connection, see Unsecured ClusterLogSink and LogSink Log Forwarding below.

Create a Syslog ClusterLogSink or LogSink Resource

ClusterLogSink and LogSink resources of type syslog deliver logs using the TCP-based syslog protocol.

To define a syslog ClusterLogSink or LogSink resource, perform the following steps:

Create a YAML file that specifies your log destination in the following format:
```
apiVersion: pksapi.io/v1beta1
kind: YOUR-SINK-RESOURCE
metadata:
   name: YOUR-SINK
   namespace: YOUR-NAMESPACE
spec:
   type: syslog
   host: YOUR-LOG-DESTINATION
   port: YOUR-LOG-DESTINATION-PORT
   enable_tls: true
```
Where:
- YOUR-SINK-RESOURCE is the sink resource you want to create. This must be either ClusterLogSink or LogSink. For information about these sink resources, see Overview.
- YOUR-SINK is a name you choose for your sink.
- YOUR-NAMESPACE is the name of your namespace. Omit this line if creating ClusterLogSink.
- YOUR-LOG-DESTINATION is the URL or IP address of your log management service.
- YOUR-LOG-DESTINATION-PORT is the port number of your log management service.
  Note: enable_tls must be true.
Save the YAML file with an appropriate file name. For example, my-cluster-log-sink.yml.
Apply the ClusterLogSink or LogSink resource to your cluster by running the following command:
```
kubectl apply -f YOUR-SINK.yml
```
Where YOUR-SINK.yml is the name of your YAML file. For example:
```
$ kubectl apply -f my-cluster-log-sink.yml
```

Create a Webhook ClusterLogSink or LogSink Resource

ClusterLogSink and LogSink resources of type webhook batch logs into one-second units, wrap the resulting payload in JSON, and use the POST method to deliver the logs to the address of your log management service.

To define a webhook ClusterLogSink or LogSink resource, perform the following steps:

Create a YAML file that specifies your log destination in the following format:
```
apiVersion: pksapi.io/v1beta1
kind: YOUR-SINK-RESOURCE
metadata:
  name: YOUR-SINK
  namespace: YOUR-NAMESPACE
spec:
  type: webhook
  url: YOUR-LOG-DESTINATION
```
Where:
- YOUR-SINK-RESOURCE is the sink resource you want to create. This must be either ClusterLogSink or LogSink. For information about these sink resources, see Overview.
- YOUR-SINK is a name you choose for your sink.
- YOUR-NAMESPACE is the name of your namespace. Omit this line if creating ClusterLogSink.
- YOUR-LOG-DESTINATION is the URL or IP address of your log management service.
Save the YAML file with an appropriate filename. For example, my-cluster-log-sink.yml.
Apply the ClusterLogSink or LogSink resource to your cluster by running the following command:
```
kubectl apply -f YOUR-SINK.yml
```
Where YOUR-SINK.yml is the name of your YAML file. For example:
```
$ kubectl apply -f my-cluster-log-sink.yml
```

Create a ClusterLogSink or LogSink Resource with a Fluent Bit Output Plugin

ClusterLogSink and LogSink resources with a Fluent Bit output plugin deliver logs to the output plugin that you specify in your resource configuration.

To define a ClusterLogSink or LogSink resource with a Fluent Bit output plugin, perform the following steps:

Create a YAML file that specifies your log destination in the following format:
```
apiVersion: pksapi.io/v1beta1
kind: YOUR-SINK-RESOURCE
metadata:
  name: YOUR-SINK
  namespace: YOUR-NAMESPACE
spec:
  type: http
  output_properties:
    Host: example.com
    Format: json
    Port: 443
    tls: on
    tls.verify: off
```
Where:
- YOUR-SINK-RESOURCE is the sink resource you want to create. This must be either ClusterLogSink or LogSink. For information about these sink resources, see Overview.
- YOUR-SINK is a name you choose for your log sink.
- YOUR-NAMESPACE is the name of your namespace. Omit this line if creating ClusterLogSink.
Note: This is a sample plugin configuration for http. For a full list of supported plugins, see the Fluent Bit documentation.
Save the YAML file with an appropriate filename. For example, my-cluster-log-sink.yml.
Apply the ClusterLogSink or LogSink resource to your cluster by running the following command:
```
kubectl apply -f YOUR-SINK.yml
```
Where YOUR-SINK.yml is the name of your YAML file. For example:
```
$ kubectl apply -f my-cluster-log-sink.yml
```

Unsecured ClusterLogSink and LogSink Log Forwarding

By default, Enterprise PKS requires a secure connection for log forwarding when using ClusterLogSink and LogSink resources of type syslog or webhook.

For debugging purposes on a local machine, you may want to temporarily forward logs using an unsecured connection. To do this, you must:

Disable sink forwarding validation by running the following command:

kubectl delete validatingwebhookconfigurations validator.pksapi.io

Set enable_tls to false in your log destination YAML file.

Warning: Disabling secure log forwarding is not recommended.

ClusterMetricSink and MetricSink Resources

A ClusterMetricSink resource collects metrics from a cluster using the Kubernetes Input Plugin and writes them to one or more outputs that you specify in your ClusterMetricSink configuration.

A MetricSink resource collects metrics from a namespace within a cluster using prometheus.io/scrape annotations set to true and writes them to one or more outputs that you specify in your MetricSink configuration.

For a list of supported output plugins, see Output Plugins in the telegraf GitHub repository.

Create a ClusterMetricSink or MetricSink Resource

To define a ClusterMetricSink or MetricSink resource, perform the following steps:

Create a YAML file in the following format:
```
apiVersion: pksapi.io/v1beta1
kind: YOUR-SINK-RESOURCE
metadata:
  name: YOUR-SINK
  namespace: YOUR-NAMESPACE
spec:
  inputs:
  outputs:
  - type: YOUR-OUTPUT-PLUGIN
```
Where:
- YOUR-SINK-RESOURCE is the sink resource you want to create. This must be either ClusterMetricSink or MetricSink. For information about these sink resources, see Overview.
- YOUR-SINK is a name you choose for your sink.
- YOUR-NAMESPACE is the name of your namespace. Omit this line if creating ClusterMetricSink.
- YOUR-OUTPUT-PLUGIN is the name of the output plugin you want to use for your metrics.
  Note: You can leave the inputs field blank. For ClusterMetricSink, this field is configured to include metrics from the kubelet by default. For MetricSink, the field includes all prometheus.io/scrape annotations set to true by default.
For example:
```
apiVersion: pksapi.io/v1beta1
kind: ClusterMetricSink
metadata:
  name: http
spec:
  inputs:
  outputs:
  - type: http
    url: https:example.com
    method: POST
    data_format: json
```

Create a ClusterMetricSink Resource to Export Node Exporter Metrics

To define a ClusterMetricSink resource to export Node Exporter metrics, perform the following steps:

Enable Node Exporter on cluster workers by selecting the Enable node exporter on workers checkbox in the In-Cluster Monitoring section in PKS.

Create a YAML file in the following format:

apiVersion: pksapi.io/v1beta1
kind: ClusterMetricSink
metadata:
  name: YOUR-SINK
spec:
  inputs:
  - monitor_kubernetes_pods: true
    type: prometheus
  outputs:
  - type: YOUR-OUTPUT-PLUGIN

Where:

YOUR-SINK is a name you choose for your sink.
YOUR-OUTPUT-PLUGIN is the name of the output plugin you want to use for your metrics.
Note: You can leave the inputs field blank. This field is configured to include metrics from the kubelet by default.

For example:

apiVersion: pksapi.io/v1beta1
kind: ClusterMetricSink
metadata:
  name: http
spec:
  inputs:
  - monitor_kubernetes_pods: true
    type: prometheus
  outputs:
  - type: http
    url: https:example.com
    method: POST
    data_format: json

Save the YAML file with an appropriate filename. For example, my-cluster-metric-sink.yml.
Apply the ClusterMetricSink or MetricSink resource to your cluster by running the following command:
```
kubectl apply -f YOUR-SINK.yml
```
Where YOUR-SINK.yml is the name of your YAML file. For example:
```
$ kubectl apply -f my-cluster-metric-sink.yml
```

Filter Sinks

The LogSink and ClusterLogSink resources allow users to set filters to include or exclude logs or events. For more information, see Monitoring Clusters with Log Sinks.

To filter log sinks, add a filter properties section to the YAML file that specifies your log destination in the following format:

apiVersion: pksapi.io/v1beta1
kind: YOUR-SINK-RESOURCE
metadata:
   name: YOUR-SINK
   namespace: YOUR-NAMESPACE
spec:
   type: syslog
   host: YOUR-LOG-DESTINATION
   port: YOUR-LOG-DESTINATION-PORT
   enable_tls: true
   filters:
    include-events: true
    include-logs: false

Where:

YOUR-SINK-RESOURCE is the sink resource type that you created. This must be either ClusterLogSink or LogSink.
YOUR-SINK is the name you chose for your sink.
YOUR-NAMESPACE is the name of your namespace. Omit this line for ClusterLogSink.
YOUR-LOG-DESTINATION is the URL or IP address of your log management service.
YOUR-LOG-DESTINATION-PORT is the port number of your log management service.

The default values for these filter properties is true. If you do not specify filter properties, both logs and events are included.

List Sinks

To list sinks for clusters and namespaces, use the commands in the following sections.

ClusterLogSink and LogSink Resources

To list cluster log sinks, run the following command:

kubectl get clusterlogsinks

To list namespace log sinks, run the following command:

kubectl -n YOUR-NAMESPACE get logsinks

Where YOUR-NAMESPACE is the name of your namespace.

ClusterMetricSink and MetricSink Resources

To list cluster metric sinks, run the following command:

kubectl get clustermetricsinks

To list namespace metric sinks, run the following command:

kubectl -n YOUR-NAMESPACE get metricsinks

Where YOUR-NAMESPACE is the name of your namespace.

Delete Sinks

To delete sinks for clusters and namespaces, use the commands in the following sections.

ClusterLogSink and LogSink Resources

To delete a cluster log sink, run the following command:

kubectl delete clusterlogsink YOUR-SINK

Where YOUR-SINK is the name of your sink.

To delete a namespace log sink, run the following command:

kubectl -n YOUR-NAMESPACE delete logsink YOUR-SINK

Where:

YOUR-NAMESPACE is the name of your namespace.
YOUR-SINK is the name of your log sink.

ClusterMetricSink and MetricSink Resources

To delete a cluster metric sink, use the following command:

kubectl delete clustermetricsink YOUR-SINK

Where YOUR-SINK is the name of your sink.

To delete a namespace metric sink, use the following command:

kubectl -n YOUR-NAMESPACE delete metricsink YOUR-SINK

Where:

YOUR-NAMESPACE is the name of your namespace.
YOUR-SINK is the name of your metric sink.

For more information about sinks in Enterprise PKS, see the following topics:

For information about using sinks for monitoring, see Monitoring Clusters with Log Sinks.
For information about sink architecture, see Sink Architecture in Enterprise PKS.

Please send any feedback you have to pks-feedback@pivotal.io.

Create a pull request or raise an issue on the source for this page in GitHub

Creating Sink Resources

Overview

Prerequisites

CLI Requirements

Create Sinks

ClusterLogSink and LogSink Resources

Create a Syslog ClusterLogSink or LogSink Resource

Create a Webhook ClusterLogSink or LogSink Resource

Create a ClusterLogSink or LogSink Resource with a Fluent Bit Output Plugin

Unsecured ClusterLogSink and LogSink Log Forwarding

ClusterMetricSink and MetricSink Resources

Create a ClusterMetricSink or MetricSink Resource

Create a ClusterMetricSink Resource to Export Node Exporter Metrics

Filter Sinks

List Sinks

ClusterLogSink and LogSink Resources

ClusterMetricSink and MetricSink Resources

Delete Sinks

ClusterLogSink and LogSink Resources

ClusterMetricSink and MetricSink Resources

Related Links