Accelerating an implementation of Kubernetes in Splunk Observability Cloud

Planning

When planning the implementation of Kubernetes observability, you should consider the following steps to set yourself up for success:

• Determine the individuals or teams responsible for leading and contributing to the observability project.
• Typical stakeholders include:
  • A central observability team or designated observability administrators (if available).
  • An architect who understands the high-level architecture of your Kubernetes environment and can provide setup guidance.
• Clarify what your organization needs from your observability setup, including:
  • The type of telemetry data you want to collect.
  • Requirements for dashboards.
  • Requirements for detectors.
  • The Kubernetes cluster setup that will be used for the project.
  • Sufficient permission on the Kubernetes cluster fort agent installation for all involved personas.
  • The applications or services that will be used for auto-instrumentation or zero-configuration instrumentation.
  • Tag naming convention for various telemetry data.
• Define clear objectives and set realistic delivery timelines for the project.
• Schedule dedicated working sessions for each stage of the implementation, ensuring all relevant stakeholders can participate.
• Determine documentation requirements and decide where project documentation will be stored.
• Set up a reporting cadence to track progress and resolve blockers promptly.

Kubernetes infrastructure monitoring

• Review the different components of the Splunk OpenTelemetry Collector for Kubernetes helm chart and its functionality, for example:
  • Daemonset
  • ClusterReceiver
  • Gateway (optional)
  • Configmaps
  • Secrets
  • Operator (required for zero-code instrumentation)
• Review the advanced configurations to understand the different configuration options available in the values.yaml file.
• Check resource availability.
• Discuss the sizing of the Collector.
• Validate that telemetry data is available in Splunk Observability Cloud.

OpenTelemetry agent metrics onboarding

• Determine which supported monitors will need to be configured for metrics ingestion.
• Set up additional receiver configuration using receiver_creator to collect metrics from dynamically instantiated pods.
• Customize your pipeline to fit your use case, for example:
  • Adding an additional processor in the pipeline to filter data
  • Adding a new receiver to the pipeline

OpenTelemetry collector installation and configuration

• If you are collecting logs using the Splunk OpenTelemetry Collector for Kubernetes helm chart (which is the recommended approach), set up and configure the operators to format logs that fit your requirements for log parsing, for example:
  • Multiline configuration
  • JSON parsing

APM auto-instrumentation

• Automatically instrument an application in a supported language. Learn about auto instrumentation by reviewing the quick start guides in OpenTelemetry, auto-instrumentation and Splunk Observability Cloud: A jump start.
• Instrument an application with zero-code in a supported language. Learn about zero-code instrumentation by reviewing the Docs.

Custom content creation

• Dashboard creation: Build custom dashboards tailored to your use cases. Learn how to create and customize dashboards by reviewing the Docs.
• Detector creation: Set up custom alerts based on Kubernetes metrics. Learn more about Collected metrics and dimensions for Kubernetes and find an Introduction to alerts and detectors in Splunk Observability Cloud in the Docs.

Splunk Log Observer Connect configuration

• Configure Splunk Log Observer Connect to view log data from Splunk Cloud Platform or Splunk Enterprise in Splunk Observability Cloud. Learn more at Getting started with Log Observer Connect.
• Learn how related content works to allow seamless experiences across various telemetry data.

OOTB content review

• Explore prebuilt Kubernetes dashboards, navigators, and detectors. Learn more at Monitor Kubernetes.