Container Troubleshooting With Kibana and CoScale
The integration of CoScale and Kibana allows you to create visualizations of your logs and a search feature to find specific errors.
Join the DZone community and get the full member experience.Join For Free
Some things are just better together. Like bacon and eggs. Gin and tonic. Or CoScale and Kibana. With our new integration, you can now jump straight from your favorite dashboard in CoScale to Kibana for contextual access to your log data, in order to troubleshoot that thorny issue about your containers that CoScale alerted you on.
Logs vs. Metrics: What's the Difference Anyway?
Metrics describe the state of some part of your system or application as a value over time. A classic example is CPU usage of your containers. Metrics are often used for monitoring, observability and alerting. Logs, on the other hand, are discrete records of unstructured or semi-structured text, describing specific actions or events that happened in your environment, e.g. a specific request issued to a service running in a container. At CoScale, we derive some of our metrics from logs, but we don't keep detailed records of all logs. There are other tools that are better suited for that, and which our clients are already using. A good example of such a tool (or rather set of tools) is the ELK stack.
Tell Me More About Logs and ELK
Logs are a vital part of your environment because they give you valuable information about what's been going on with your systems, applications, users, and so on. When the environment gets too large, the number of logs increases and managing them can become challenging.
With the increased adoption of containers and microservices, centralizing logs and accessing them in a fast and efficient manner has become crucial.
One of the best solutions to this problem is the Elasticstack or ELK stack, of which the core components are Elasticsearch, Logstash, and Kibana.
- Elasticsearch is a distributed, RESTful search and analytics engine that stores data centrally and lets you perform and combine many types of searches - structured, unstructured, geo, metric, any way you want.
- Logstash is an open source, server-side data processing pipeline that ingests data from a multitude of sources simultaneously, transforms it, and then sends it to Elasticsearch.
- Kibana helps us understand large volumes of logs by offering search, view and interaction capabilities with data stored in Elasticsearch indices.
Integration Between CoScale and Kibana
CoScale now integrates with Kibana for log search and visualization with the goal of providing detailed log information to the customer via a contextual click-through in CoScale. The idea is that the user detects an issue in CoScale and can immediately switch to the right Kibana view to troubleshoot and investigate the issue.
The main advantages of this approach are:
- A direct link between your log aggregation and monitoring tool, using each tool for what it is best suited.
- Contextual click through to get relevant information when needed, saving you time in troubleshooting.
You can integrate Kibana in your CoScale app, by providing the URL of your Kibana setup:
Links to Kibana can then be added to all widgets. The date and servers selected on a specific CoScale widget will automatically be propagated to Kibana, so context is saved and transferred automatically.
If you are using the Kibana Kubernetes plugin and the CoScale Kubernetes plugin, integration is even more seamless. CoScale will automatically choose the correct namespace and container in Kibana.
When using the ELK stack to gather logs from your servers, CoScale needs to know the name of the hostname field. For more information on how to capture the hostname, please check the official Fluentd documentation.
After providing the Kibana URL, you should be able to see the available integration in your CoScale dashboards. You will see the Kibana icon as one of the available technology drill downs at the bottom of your dashboards.
Any widget where you enable the Kibana link will automatically get a little icon in the top right with of the Kibana logo.
CoScale will keep your selection of servers and the time selection when you click on this. This way, you will immediately be able to access the relevant information, so you never lose context.
Example: from error metrics to error logs.
In this example, I'll show you how you can set a custom query. The widget below shows the errors (500s, 503s, 504s) on my web server. I added a custom query to Kibana that allows me to see the actual errors that occurred.
Clicking on the Kibana icon redirects me to a dashboard, preserving the custom query and the time interval selected on the CoScale dashboard.
As a result, I can now see this custom query in Kibana, allowing me to investigate the detailed logs of the errors that occurred on my web servers.
Try for Yourself
Don't just take my word for how easy it is now to monitor your containerized environment and get to valuable info in just one click. Test CoScale for yourself and start your free trial here.
Published at DZone with permission of Helen De Troy, DZone MVB. See the original article here.
Opinions expressed by DZone contributors are their own.