KubeCon 2017: k8s Logs & Metrics - I AM THE CAPTAIN NOW!

Ahoy, Kubernauts! We're fresh back from KubeCon + CloudNativeCon North America in Austin and practically drowning in enthusiasm from what continues to be THE event to attend if you are using—or curious about using—containers. Basically, it's a mecca for container experts, developers and implementers from around the world!

Splunk was represented by a fabulous crew from Field Specialists, Engineering, Product Management and Product Marketing who were on deck for the duration of the event to demonstrate how Splunk monitors logs and metrics in k8s, converse with customers and prospects, as well as forge and foster relationships with strategic cloud partners.

A major theme at this year’s conference was the portability of containers, k8s and serverless technologies. This focus provided Splunk with a tremendous podium for showcasing our unique ability in two key areas:

  1. Collecting, monitoring and driving analytics across IT Operations, Security, IoT and Business Analytics use cases from any environment—on-prem, cloud and hybrid (AWS, Azure, Google Cloud Platform).

  2. Further enriching your k8s data by allowing users to correlate trends and behaviors across platform services used by their k8s cluster and containers.

At the booth, Splunk crew members demoed Splunk Enterprise and Splunk Project Nova. Splunk Enterprise gave conference attendees insight on how to turn their machine data into answers using an analytics-driven approach by extracting value from container logs, k8s APIs and metrics used to monitor and troubleshoot k8s. This demo was met with a ton of enthusiasm. Customers and prospects were really excited about how easy Splunk makes it to ingest container logs using Splunk’s Universal Forwarder (UF) and create KPIs summarizing the health and capacity of a k8s cluster.

It is critical for k8s admins to understand the health of their clusters as they are onboarding new services. The following sample dashboard was showcased to visualize the cluster health and changes over time that may impact cluster/service/node stability, as well as providing quick contextual drill down into container logs and errors.

Splunk Kubernetes overview dashboard

You may be asking, “How do I get started?”

Sit back relax, get yourself a glass of rum and eggnog and let’s Splunk together… “It’s not magic!” The following repo provides some dashboards, a k8s Add-on and sample deployment configuration that will get you started with monitoring your k8s environment—you can get it on github.

For developers, Splunk Project Nova was a big hit. Splunk Project Nova’s Cloud APIs for logging and analyzing apps will help developers deliver higher quality code, faster—the key performance metric. We showed developers a simple API to ingest and search structured logs and metrics, and helped them sign up for the technology preview. Most exciting was helping developers collect logs from their pods and search them via API.

As we reflect upon the energy and success from this year’s KubeCon, we can’t help but get excited about returning next year! Splunk’s ability to turn machine data into answers is only getting stronger, evident in our customer momentum. Together with our partners, customers and prospects, we look forward to making significant contributions to Open Source and K8s in 2018!

Until then, ahoy mateys & Happy Holidays!

Marc Chéné

Posted by