fabiog1901.cockroachdb.cc_logexport module – Manage log export configuration.
Note
This module is part of the fabiog1901.cockroachdb collection (version 1.0.0).
To install it, use: ansible-galaxy collection install fabiog1901.cockroachdb.
You need further requirements to be able to use this module,
see Requirements for details.
To use it in a playbook, specify: fabiog1901.cockroachdb.cc_logexport.
New in fabiog1901.cockroachdb 1.0.0
Synopsis
Enable/Disable log exports to the cloud provider default monitoring solution.
A Cockroach Cloud Service Account API Key is required.
Export the key as environment variable ‘CC_KEY’ or pass it on module invokation
Requirements
The below requirements are needed on the host that executes this module.
cockroachdb-cloud-client
Parameters
Parameter |
Comments |
|---|---|
Define details for the API client |
|
The API version to use Default: |
|
The Service Account API key This value is log redacted By default it reads the env variable ‘CC_KEY’ |
|
the hostname of the API server Default: |
|
the path to the API endpoint Default: |
|
the port number, as a string, for the API server Default: |
|
http or https Choices:
|
|
whether the client should verify the server cert Choices:
|
|
auth_principal is either the AWS Role ARN that identifies a role that the cluster account can assume to write to CloudWatch or the GCP Project ID that the cluster service account has permissions to write to for cloud logging. |
|
Allowed: AWS┃GCP |
|
The UUID or the name of the cluster you want to get information for. |
|
log_name is an identifier for the logs in the customer’s log sink. Default: |
|
redact allows the customer to set a default redaction policy for logs before they are exported to the target sink. If a group config omits a redact flag and this one is set to true, then that group will receive redacted logs. Choices:
|
|
groups is a collection of log group configurations that allows the customer to define collections of CRDB log channels that are aggregated separately at the target sink. Each item contains an export configuration for a single log group which can route logs for a subset of CRDB channels. |
|
channels is a list of CRDB log channels to include in this group. |
|
min_level is the minimum log level to filter to this log group. Should be one of INFO, WARNING, ERROR, FATAL. Default: |
|
Choices:
|
|
region allows the customer to override the destination region for all logs for a cluster. |
|
Allowed values: enable, disable. Default: |
|
wait for long operation to complete Choices:
|
Examples
- name: enable log export to Google Log Explorer
fabiog1901.cockroachdb.cc_logexport:
state: present
cluster_id: fabio-cluster2
auth_principal: my-gcp-project
groups:
- channels:
- HEALTH
- OPS
log_name: crdb-ops
min_level: INFO
redact: no
default_log_name: crdb
default_redact: no
region: us-central1
cloud: GCP
wait: yes
api_client:
api_version: '2022-09-20'
register: out
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
|---|---|
LogExportClusterInfo contains a package of information that fully describes both the intended state of the log export configuration for a specific cluster but also some metadata around its deployment status, any error messages, and some timestamps. Returned: success |
|
Returned: success |
|
Returned: success |
|
LogExportClusterSpecification contains all the data necessary to configure log export for an individual cluster. Users would supply this data via the API and also receive it back when inspecting the state of their log export configuration. Returned: success |
|
auth_principal is either the AWS Role ARN that identifies a role that the cluster account can assume to write to CloudWatch or the GCP Project ID that the cluster service account has permissions to write to for cloud logging. Returned: success |
|
groups is a collection of log group configurations to customize which CRDB channels get aggregated into different groups at the target sink. Unconfigured channels will be sent to the default locations via the settings above. LogExportGroup contains an export configuration for a single log group which can route logs for a subset of CRDB channels. Returned: success |
|
channels is a list of CRDB log channels to include in this group. Returned: success |
|
log_name is the name of the group, reflected in the log sink Returned: success |
|
min_level is the minimum log level to filter to this log group. Should be one of INFO, WARNING, ERROR, FATAL. Returned: success |
|
redact is a boolean that governs whether this log group should aggregate redacted logs. Redaction settings will inherit from the cluster log export defaults if unset. Returned: success |
|
log_name is an identifier for the logs in the customer’s log sink. Returned: success |
|
redact controls whether logs are redacted before forwarding to customer sinks. By default they are not redacted. Returned: success |
|
region controls whether all logs are sent to a specific region in the customer sink. By default, logs will remain their region of origin depending on the cluster node’s region. Returned: success |
|
LogExportType encodes the cloud selection that we’re exporting to along with the cloud logging platform. Currently, each cloud has a single logging platform. Allowed: AWS_CLOUDWATCH┃GCP_CLOUD_LOGGING Returned: success |
|
LogExportStatus encodes the possible states that a configuration can be in as it is created, deployed, and disabled. Allowed Values: DISABLED┃DISABLING┃DISABLE_FAILED┃ENABLED┃ENABLING┃ENABLE_FAILED Returned: success |
|
Returned: success |
|
Returned: success |
Authors
Cockroach Labs