Usage notes of the log collection feature for control plane components in ACK Edge Pro clusters - Simple Log Service

Simple Log Service and Container Service for Kubernetes (ACK) jointly launch the log collection feature for control plane components. You can use the feature to deliver the logs of control plane components in an ACK Edge Pro cluster to Simple Log Service for query and analysis. This topic describes the assets and billing of the log collection feature.

Assets

Dedicated projects and Logstores

Important

Before you disable the log collection feature, do not delete the projects or Logstores that are related to the logs of control plane components. Otherwise, the logs of control plane components cannot be delivered to Simple Log Service.Simple Log Service
If you have enabled the pay-by-ingested-data billing mode, Simple Log Service creates a dedicated Logstore that uses the pay-by-ingested-data billing mode by default. If you want to switch the billing mode from pay-by-ingested-data to pay-by-feature, you can modify the configuration of the Logstore. For more information, see Manage a logstore.

If you select an existing project when you enable the log collection feature for control plane components in an ACK Edge Pro cluster, Simple Log Service creates multiple dedicated Logstores in the project. The following table describes the Logstores.

If you create a project when you enable the log collection feature for control plane components in an ACK Edge Pro cluster, Simple Log Service creates a project named k8s-log-Cluster ID in the region where the cluster resides and multiple dedicated Logstores in the project. The following table describes the Logstores.

Logstore	Component	Description
`apiserver-Cluster ID`	kube-apiserver	Stores the logs of the kube-apiserver component. The kube-apiserver component is used to expose Kubernetes API. For more information, see kube-apiserver.
`kcm-Cluster ID`	kube-controller-manager	Stores the logs of the kube-controller-manager component. The kube-controller-manager component is the internal management and control center of a Kubernetes cluster. The component is embedded with core control links in all released Kubernetes versions. For more information, see kube-controller-manager.
`scheduler-Cluster ID`	kube-scheduler	Stores the logs of the kube-scheduler component. The kube-scheduler component is the default scheduler of a Kubernetes cluster. For more information, see kube-scheduler.
`ccm-Cluster ID`	Cloud Controller Manager	Stores the logs of the Cloud Controller Manager component. The Cloud Controller Manager component allows you to integrate Kubernetes with Alibaba Cloud services, such as Classic Load Balancer (CLB) and Virtual Private Cloud (VPC). CLB is formerly known as Server Load Balancer (SLB). The Cloud Controller Manager component provides management capabilities such as management on load balancing and cross-node communication. For more information, see CCM.
`audit-Cluster ID`	All components	Stores the audit logs of all components.
`config-operation-log`	None	Stores the operation logs of an ACK Edge Pro cluster.

Dedicated dashboards

Dashboard	Description
Kubernetes CVE Vulnerability	Displays the Common Vulnerabilities and Exposures (CVE) vulnerabilities that may occur in the current Kubernetes cluster, including Kubernetes CVE-2022-3294, Kubernetes CVE-2022-3172, and Kubernetes CVE-2022-3162.
Kubernetes Elastic Autoscale	Displays the information about Kubernetes resources on which auto scaling is performed, including the number of added standard Horizontal Pod Autoscaler (HPA)-based instances, number of removed standard HPA-based instances, number of added CronHPA-based instances, and number of removed CronHPA-based instances.
Kubernetes Network Policy Audit	Displays the information about Kubernetes network policies, including network policies and operation traces.
Kubernetes Node Operation Audit	Displays the operation information of Kubernetes nodes, including active nodes, new nodes, deleted nodes, and accounts that update nodes.
Kubernetes Audit Center Overview	Displays the Kubernetes audit information, including the total number of events, number of access requests over the Internet, number of unauthorized access requests, number of creation events, and number of deletion events.
Kubernetes Resource Operation Overview	Displays the information about operations that are performed on Kubernetes resources, including the creation, update, deletion, and access of resources. The resources include Deployment, StatefulSet, CronJob, DaemonSet, Job, Pod, Service, Ingress, ConfigMap, Secret, PersistentVolumeClaim, Role, ClusterRole, RoleBinding, and ClusterRoleBinding.
Kubernetes Resource Operation Details	Displays the details of the operations that are performed on Kubernetes resources, including the lists of created resources, updated resources, accessed resources, and deleted resources.
Kubernetes Operation Audit for Accounts	Displays the operation information of Kubernetes resources by account, including the number of created resources, number of updated resources, and operation traces.

Billing

On the ACK side, you are not charged for the log collection feature for control plane components in ACK Edge Pro clusters.
If your Logstore uses the pay-by-feature billing mode, you are charged for storage, read traffic, number of requests, data transformation, and data shipping after ACK collects the logs of control plane components in your ACK Edge Pro cluster to Simple Log Service. The fees are included in the bills of Simple Log Service. For more information, see Billable items of pay-by-feature.
If your Logstore uses the pay-by-ingested-data billing mode, you are charged only for read traffic over the Internet after ACK collects the logs of control plane components in your ACK Edge Pro cluster to Simple Log Service. The fees are included in the bills of Simple Log Service. For more information, see Billable items of pay-by-ingested-data.

Enable the log collection feature for control plane components in an ACK Edge Pro cluster

Enable the log collection feature when you create a cluster

Log on to the ACK console.
On the Clusters page, click Create Kubernetes Cluster.
In the Component Configurations step of the Create Cluster page, select Enable Log Service and select a project. For more information about other configurations, see Create an ACK Edge cluster.

Enable the log collection feature for an existing cluster

Log on to the ACK console.
On the Clusters page, click the ACK Edge Pro cluster that you want to manage.
In the left-side navigation pane, choose Operations > Log Center.
On the Logs of Control Plane Components tab, select a project and click Enable Component Log Collection.
You can select an existing project or create a project.

Related operations

Operation	Description
View logs	View logs in the ACK or Simple Log Service console. For more information, see View the logs of control plane components.
Disable the log collection feature	On the Logs of Control Plane Components tab, click Close. For more information, see Disable log collection for control plane components. Important If you disable the log collection feature, your project and delivered logs are not automatically deleted. To prevent additional fees after the log collection feature is disabled, you can delete your project in the Simple Log Service console. For more information, see Delete a project.

What to do next

After the logs of control plane components in an ACK Edge Pro cluster are collected to Simple Log Service, you can query, analyze, download, ship, and transform the logs. You can also configure alerts for the logs.Simple Log Service For more information, see Common operations on logs of Alibaba Cloud services.