Skip to main content
Skip table of contents

Override ConfigMap to Restrict Logging to Specific Namespaces

How to override the logging configMap to restrict logging to specific namespaces.

As a cluster administrator, you may have a need to limit, or restrict, logging activities only to certain namespaces. Kommander allows you to do this by creating an override configMap that modifies the logging configuration created in the Create AppDeployment for Workspace Logging procedure.

Prerequisites

Create and use the Override Entries

To create and use the override configMap entries, follow these steps:

  1. Execute the following command to get the namespace of your workspace:

    CODE
    dkp get workspaces

    And copy the value under the NAMESPACE column for your workspace.

  2. Set the WORKSPACE_NAMESPACE variable to the namespace copied in the previous step:

    CODE
    export WORKSPACE_NAMESPACE=<WORKSPACE_NAMESPACE>
  3. Identify one or more namespaces to which you want to restrict logging.

  4. Create a file named logging-operator-logging-overrides.yaml and paste the following YAML code into it to create the overrides configMap:

    CODE
    apiVersion: v1
    kind: ConfigMap
    metadata:
      name: logging-operator-logging-overrides
      namespace: ${WORKSPACE_NAMESPACE}
    data:
      values.yaml: |
        ---
        clusterFlows:
        - name: cluster-containers
          spec:
            globalOutputRefs:
            - loki
            match:
            - exclude:
                namespaces:
                - <your-namespace>
                - <your-other-namespace>
  5. Add the relevant namespace values for metadata.namespace and the clusterFlows[0].spec.match[0].exclude.namespaces values at the end of the file, and save the file.

  6. Use the following command to apply the YAML file:

    CODE
    kubectl apply -f logging-operator-logging-overrides.yaml
  7. Edit the logging-operator AppDeployment to set the value of spec.configOverrides.name to logging-operator-logging-overrides.
    (Refer to Deploy an application with a custom configuration for more information)

    CODE
    dkp edit appdeployment -n ${WORKSPACE_NAMESPACE} logging-operator

    After your editing is complete, the AppDeployment resembles this example:

    CODE
    apiVersion: apps.kommander.d2iq.io/v1alpha3
    kind: AppDeployment
    metadata:
      name: logging-operator
      namespace: ${WORKSPACE_NAMESPACE}
    spec:
      appRef:
        name: logging-operator-3.17.10
        kind: ClusterApp
      configOverrides:
        name: logging-operator-logging-overrides
  8. Perform actions that generate log data, both in the specified namespaces and the namespaces you mean to exclude.

  9. Verify that the log data contains only the data you expected to receive.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.