I use Google Kubernetes Engine, and it's a shared cluster (different teams / applications use it).

I want to export logs to stackdriver, so the basic integration doesn't fit my needs since everybody is able to see all the logs.

So I've found a workaround which is to bake a fluentd agent with the stack driver plugin in the docker image of each pod.

Then this agent sends the logs into a different GCP project with its own stackdriver workspace, then I'm able to grant access only to the team in charge of this pod.

My issue is that I have this warning message in the Stackdriver console :

It seems this issue is related to the label the plugin puts on each log :

It's not compliant with what the Google documentation describes :

https://cloud.google.com/monitoring/kubernetes-engine/migration

So I was wondering if I was using the right parameters in my fluentd file (or the right agent version), but I'm not able to find any documentation about that.

Here is my config file :

<source>
    @type tail
    path /app/logs/server.log
    pos_file /app/logs/server.log.pos
    read_from_head true
    tag app.server
    <parse>
       @type none
    </parse>
</source>

<match app.server>
    @type google_cloud
    vm_id app-server
    vm_name app-server
    detect_json true
    <buffer>
      flush_mode interval
      retry_type exponential_backoff
      @type file
      path /var/log/google-fluentd/buffers
      flush_thread_count 8
      flush_interval 1s
      retry_forever false
      retry_max_times 3
      retry_max_interval 300
      chunk_limit_size 1M
    </buffer>
</match>

Obviously it's not running in a VM, but I didn't find anything better do differentiate applications.