I use Google Kubernetes Engine, and it's a shared cluster (different teams / applications use it).
I want to export logs to stackdriver, so the basic integration doesn't fit my needs since everybody is able to see all the logs.
So I've found a workaround which is to bake a fluentd agent with the stack driver plugin in the docker image of each pod.
Then this agent sends the logs into a different GCP project with its own stackdriver workspace, then I'm able to grant access only to the team in charge of this pod.
My issue is that I have this warning message in the Stackdriver console :
It seems this issue is related to the label the plugin puts on each log :
It's not compliant with what the Google documentation describes :
https://cloud.google.com/monitoring/kubernetes-engine/migration
So I was wondering if I was using the right parameters in my fluentd file (or the right agent version), but I'm not able to find any documentation about that.
Here is my config file :
<source>
@type tail
path /app/logs/server.log
pos_file /app/logs/server.log.pos
read_from_head true
tag app.server
<parse>
@type none
</parse>
</source>
<match app.server>
@type google_cloud
vm_id app-server
vm_name app-server
detect_json true
<buffer>
flush_mode interval
retry_type exponential_backoff
@type file
path /var/log/google-fluentd/buffers
flush_thread_count 8
flush_interval 1s
retry_forever false
retry_max_times 3
retry_max_interval 300
chunk_limit_size 1M
</buffer>
</match>
Obviously it's not running in a VM, but I didn't find anything better do differentiate applications.