Skip to main content
Sumo Logic

Collect Redis Logs and Metrics for Kubernetes environments

In a Kubernetes environment, we use the Telegraf Operator, which is packaged with our Kubernetes collection. You can learn more about it here.The diagram below illustrates how data is collected from Redis in Kubernetes environments. In the architecture shown below, there are four services that make up the metric collection pipeline: Telegraf, Prometheus, Fluentd and FluentBit.

The first service in the pipeline is Telegraf. Telegraf collects metrics from Redis. Note that we’re running Telegraf in each pod we want to collect metrics from as a sidecar deployment: i.e. Telegraf runs in the same pod as the containers it monitors. Telegraf uses the Redis input plugin to obtain metrics. (For simplicity, the diagram doesn’t show the input plugins.) The injection of the Telegraf sidecar container is done by the Telegraf Operator. We also have Fluentbit that collects logs written to standard out and forwards them to FluentD, which in turn sends all the logs and metrics data to a Sumo Logic HTTP Source.

clipboard_e11ab9f058571b57eba3c28b30beae2da.png

Follow the below instructions to set up the metric collection:

  1. Configure Metrics Collection
    1. Setup Kubernetes Collection with the Telegraf operator
    2. Add annotations on your Redis pods
  2. Configure Logs Collection
    1. Configure logging in Redis.
    2. Add labels on your Redis pods to capture logs from standard output.
    3. Collecting Redis Logs from a Log file.

Prerequisites

Please ensure that you are monitoring your Kubernetes clusters with the Telegraf operator - If you are not, then please follow these instructions to do so.

Step 1 Configure Metrics Collection

Follow the steps to collect metrics from a Kubernetes environment:

Add annotations on your Redis pods

On your Redis Pods, add the following annotations:.

  annotations:
    telegraf.influxdata.com/class: sumologic-prometheus
    prometheus.io/scrape: "true"
    prometheus.io/port: "9273"
    telegraf.influxdata.com/inputs: |+
      
        servers = ["tcp://:<username-CHANGME>:<password-CHANGEME>@localhost:6379"]
        [inputs.redis.tags]
        environment="prod"
        component="database"
        db_system="redis"
        db_cluster="redis_prod_cluster01-CHANGEME"

Please enter in values for the following parameters (marked in bold above):

  • telegraf.influxdata.com/inputs - As telegraf will be run as a sidecar the host should always be localhost.
    • In the input plugins section i.e. :
      • servers - The URL to the Redis server. This can be a comma-separated list to connect to multiple Redis servers.
    • In the tags section i.e.  [inputs.redis.tags]
      • environment - This is the deployment environment where the Redis cluster identified by the value of servers resides. For example: dev, prod or qa. While this value is optional we highly recommend setting it.
      • db_cluster - Enter a name to identify this Redis cluster. This cluster name will be shown in the Sumo Logic dashboards.

Here’s an explanation for additional values set by this configuration that we request you please do not modify these values as they will cause the Sumo Logic apps to not function correctly.

  • telegraf.influxdata.com/class: sumologic-prometheus - This instructs the Telegraf operator what output to use. This should not be changed.
  • prometheus.io/scrape: "true" - This ensures our Prometheus will scrape the metrics.
  • prometheus.io/port: "9273" - This tells prometheus what ports to scrape on. This should not be changed.
  • telegraf.influxdata.com/inputs
    • In the tags section i.e.  [inputs.redis.tags]
      • component: “database” - This value is used by Sumo Logic apps to identify application components. 
      • db_system: “redis” - This value identifies the database system.

For more information on all other parameters please see this doc for more properties that can be configured in the Telegraf agent globally.

For more information on configuring the Redis input plugin for Telegraf please see this doc. 

 

  1. Once this has been done, the Sumo Logic Kubernetes collection will automatically start collecting metrics from the pods having the labels and annotations defined in the previous step. 

  2. Verify metrics in Sumo Logic by running the following metrics query:
    db_cluster=<Your_Redis_Cluster_Name> component="database" and db_system="redis"

Step 2 Configure Logs Collection

This section explains the steps to collect Redis logs from a Kubernetes environment.

  1. Collect Redis logs written to standard output:
    If your Redis helm chart/pod is writing the logs to standard output then follow the steps listed below to collect the logs: 
    1. Apply the following labels to yourthe Redis pods:
      labels:
          environment: "prod"
          component: "database"
          db_system: "redis"
          db_cluster: "redis_prod_cluster01

      Please enter in values for the following parameters (marked in bold above):

  • environment - This is the deployment environment where the Redis cluster identified by the value of servers resides. For example: dev, prod or qa. While this value is optional we highly recommend setting it.
  • db_cluster - Enter a name to identify this Redis cluster. This cluster name will be shown in the Sumo Logic dashboards.

    Here’s an explanation for additional values set by this configuration that we request you please do not modify as they will cause the Sumo Logic apps to not function correctly.
  • component: “database” - This value is used by Sumo Logic apps to identify application components. 

  • db_system: “redis” - This value identifies the database system.

    For all other parameters please see this doc for more properties that can be configured in the Telegraf agent globally.

The Sumologic-Kubernetes-Collection will automatically capture the logs from stdout and will send the logs to Sumologic. For more information on deploying Sumologic-Kubernetes-Collection,  please see this page.

2. Collect Redis logs written to log files (Optional)

If your Redis helm chart/pod is writing its logs to log files, you can use a sidecar to send log files to standard out. To do this:

  1. Determine the location of the Redis log file on Kubernetes. This can be determined from the redis.conf for your Redis cluster along with the mounts on the Redis pods.
  2. Install the Sumo Logic tailing sidecar operator.
  3. Add the following annotation in addition to the existing annotations.

annotations:
  tailing-sidecar: sidecarconfig;<mount>:<path_of_redis_log_file>/<redis_log_file_name>

Example:

annotations:
  tailing-sidecar: sidecarconfig;data:/redis-master-data/redis.log

4. Make sure that the Redis pods are running and annotations are applied by using the command: kubectl describe pod <redis_pod_name>
5. Sumo Logic Kubernetes collection will automatically start collecting logs from the pods having the annotations defined above. 

 

3. Add an FER to normalize the fields in Kubernetes environments

Labels created in Kubernetes environments automatically are prefixed with pod_labels. To normalize these for our app to work, we need to create a Field Extraction Rule. To do so:

  1. Go to Manage Data > Logs > Field Extraction Rules.

  2. Click the + Add button on the top right of the table.

  3. The following form appears:


clipboard_eb08010ff0bc97140a56494cd74643bc8.png

  1. Enter the following options:

  • Rule Name. Enter the name as App Observability - Database.
  • Applied At. Choose Ingest Time
  • Scope. Select Specific Data
    • Scope: Enter the following keyword search expression:
      pod_labels_environment=* pod_labels_component=database pod_labels_db_system=* pod_labels_db_cluster=*
    • Parse Expression.Enter the following parse expression:
      | if (!isEmpty(pod_labels_environment), pod_labels_environment, "") as environment
      | pod_labels_component as component
      | pod_labels_db_system as db_system
      | pod_labels_db_cluster as db_cluster

5. Click Save to create the rule.