Add Cilium flow logs
Gain visibility into network and app protocol flows, such as individual TCP connections, DNS queries, or HTTP requests.
If your cluster uses the Cilium CNI, you can collect Cilium flow logs in the Gloo telemetry pipeline. Then, you can use the meshctl hubble observe
command to gain visibility into network and protocol flows, such as individual TCP connections, DNS queries, or HTTP requests.
You can optionally set up a custom exporter to export these logs to an observability tool of your choice, such as Redis.
Single cluster
Get your current installation Helm values, and save them in a file.
helm get values gloo-platform -n gloo-mesh -o yaml > gloo-single.yaml open gloo-single.yaml
In your Helm values file, enable the default
logs/cilium_flows
pipeline in the Gloo telemetry collector agent.telemetryCollectorCustomization: pipelines: logs/cilium_flows: enabled: true
Upgrade your installation by using your updated values file.
helm upgrade gloo-platform gloo-platform/gloo-platform \ --namespace gloo-mesh \ --version $GLOO_VERSION \ --values gloo-single.yaml
Verify that your custom Cilium settings were added to the Gloo telemetry collector configmap.
kubectl get configmap gloo-telemetry-collector-config -n gloo-mesh -o yaml
Perform a rollout restart of the telemetry collector daemon set to force your configmap changes to be applied to the telemetry collector agent pod.
kubectl rollout restart -n gloo-mesh daemonset/gloo-telemetry-collector-agent
Explore and use the
meshctl hubble observe
command to view flow logs.
Multicluster
Get your current Helm values for the workload clusters.
helm get values gloo-platform -n gloo-mesh -o yaml --kube-context $REMOTE_CONTEXT > data-plane.yaml open data-plane.yaml
In your Helm values file, enable the default
logs/cilium_flows
pipeline in the Gloo telemetry collector agent.telemetryCollectorCustomization: pipelines: logs/cilium_flows: enabled: true
Upgrade the workload cluster.
helm upgrade gloo-platform gloo-platform/gloo-platform \ --kube-context $REMOTE_CONTEXT \ --namespace gloo-mesh \ -f data-plane.yaml \ --version $GLOO_VERSION
Verify that your settings are applied in the workload cluster.
Verify that the tracing settings were added to the Gloo telemetry collector configmap.
kubectl get configmap gloo-telemetry-collector-config -n gloo-mesh -o yaml --context $REMOTE_CONTEXT
Perform a rollout restart of the telemetry collector daemon set to force your configmap changes to be applied to the telemetry collector agent pods.
kubectl rollout restart -n gloo-mesh daemonset/gloo-telemetry-collector-agent --context $REMOTE_CONTEXT
Explore and use the
meshctl hubble observe
command to view flow logs.