Red Hat Summit 红帽全球峰会支持控制台(Console)开发人员开始试用联系人

转发遥测数据

Red Hat build of OpenTelemetry 3.8

将追踪、日志和指标导出到可观察性后端和云平台

Red Hat OpenShift Documentation Team

摘要

本文档论述了如何将遥测数据从 OpenTelemetry Collector 转发到各种目的地。了解如何将 trace 导出为 TempoStack、日志到 LokiStack,以及将遥测数据导出到第三方系统。包括云平台与 AWS 服务集成的配置流程(CloudWatch Logs、EMF、X-Ray)和 Google Cloud Operations Suite (云监控、云日志记录、Cloud Trace)。涵盖服务帐户设置、RBAC 配置、OTLP 协议使用情况和自定义收集器部署。

第 1 章 转发遥测数据
复制链接

您可以使用 OpenTelemetry Collector 来转发您的遥测数据。

1.1. 将 trace 转发到 TempoStack 实例
复制链接

要配置转发追踪到 TempoStack 实例,您可以部署和配置 OpenTelemetry Collector。您可以使用指定的处理器、接收器和导出器在部署模式中部署 OpenTelemetry Collector。有关其他模式,请参阅附加资源中的 OpenTelemetry Collector 文档链接。

先决条件

  • 已安装红帽构建的 OpenTelemetry Operator。
  • 已安装 Tempo Operator。
  • 在集群中部署了 TempoStack 实例。

流程

  1. 为 OpenTelemetry Collector 创建服务帐户。

    ServiceAccount 示例

    apiVersion: v1
kind: ServiceAccount
metadata:
  name: otel-collector-deployment
    Copy to Clipboard Toggle word wrap

  2. 为服务帐户创建集群角色。

    ClusterRole 示例

    apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: otel-collector
rules:
- apiGroups: [""]
  resources: ["pods", "namespaces",]
  verbs: ["get", "watch", "list"]
    1 
    
- apiGroups: ["apps"]
  resources: ["replicasets"]
  verbs: ["get", "watch", "list"]
    2 
    
- apiGroups: ["config.openshift.io"]
  resources: ["infrastructures", "infrastructures/status"]
  verbs: ["get", "watch", "list"]
    3
    Copy to Clipboard Toggle word wrap

    1
    本例使用 Kubernetes Attributes Processor,这需要 podnamespaces 资源的这些权限。
    2
    另外,由于 Kubernetes Attributes Processor,replicasets 资源还需要这些权限。
    3
    本例也使用 Resource Detection Processor,对于 infrastructuresstatus 需要这些权限。

  3. 将集群角色绑定到服务帐户。

    ClusterRoleBinding 示例

    apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: otel-collector
subjects:
- kind: ServiceAccount
  name: otel-collector-deployment
  namespace: otel-collector-example
roleRef:
  kind: ClusterRole
  name: otel-collector
  apiGroup: rbac.authorization.k8s.io
    Copy to Clipboard Toggle word wrap

  4. 创建 YAML 文件以定义 OpenTelemetryCollector 自定义资源(CR)。

    OpenTelemetryCollector 示例

    apiVersion: opentelemetry.io/v1beta1
kind: OpenTelemetryCollector
metadata:
  name: otel
spec:
  mode: deployment
  serviceAccount: otel-collector-deployment
  config:
    receivers:
      jaeger:
        protocols:
          grpc: {}
          thrift_binary: {}
          thrift_compact: {}
          thrift_http: {}
      opencensus: {}
      otlp:
        protocols:
          grpc: {}
          http: {}
      zipkin: {}
    processors:
      batch: {}
      k8sattributes: {}
      memory_limiter:
        check_interval: 1s
        limit_percentage: 50
        spike_limit_percentage: 30
      resourcedetection:
        detectors: [openshift]
    exporters:
      otlp:
        endpoint: "tempo-simplest-distributor:4317"
    1 
    
        tls:
          insecure: true
    service:
      pipelines:
        traces:
          receivers: [jaeger, opencensus, otlp, zipkin]
    2 
    
          processors: [memory_limiter, k8sattributes, resourcedetection, batch]
          exporters: [otlp]
    Copy to Clipboard Toggle word wrap

    1
    Collector exporter 配置为导出 OTLP 并指向 Tempo 经销商端点 "tempo-simplest-distributor:4317" (在这个示例中已创建)。
    2
    Collector 配置了 Jaeger trace 的接收器,OpenCensus trace over the OpenCensus 协议, Zipkin trace over the Zipkin protocol, 和 OTLP trace over the gRPC 协议。
提示

您可以将 telemetrygen 部署为测试: 

apiVersion: batch/v1
kind: Job
metadata:
  name: telemetrygen
spec:
  template:
    spec:
      containers:
        - name: telemetrygen
          image: ghcr.io/open-telemetry/opentelemetry-collector-contrib/telemetrygen:latest
          args:
            - traces
            - --otlp-endpoint=otel-collector:4317
            - --otlp-insecure
            - --duration=30s
            - --workers=1
      restartPolicy: Never
  backoffLimit: 4
Copy to Clipboard Toggle word wrap

1.2. 将日志转发到 LokiStack 实例
复制链接

您可以使用 openshift-logging 租户模式部署 OpenTelemetry Collector 将日志转发到 LokiStack 实例。

先决条件

  • 已安装红帽构建的 OpenTelemetry Operator。
  • 已安装 Loki Operator。
  • 在集群中部署了受支持的 LokiStack 实例。有关支持的 LokiStack 配置的更多信息,请参阅 Logging

流程

  1. 为 OpenTelemetry Collector 创建服务帐户。

    ServiceAccount 对象示例

    apiVersion: v1
kind: ServiceAccount
metadata:
  name: otel-collector-deployment
  namespace: openshift-logging
    Copy to Clipboard Toggle word wrap

  2. 创建一个集群角色,为 Collector 的服务帐户授予将日志推送到 LokiStack 应用程序租户的权限。

    ClusterRole 对象示例

    apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: otel-collector-logs-writer
rules:
 - apiGroups: ["loki.grafana.com"]
   resourceNames: ["logs"]
   resources: ["application"]
   verbs: ["create"]
 - apiGroups: [""]
   resources: ["pods", "namespaces", "nodes"]
   verbs: ["get", "watch", "list"]
 - apiGroups: ["apps"]
   resources: ["replicasets"]
   verbs: ["get", "list", "watch"]
 - apiGroups: ["extensions"]
   resources: ["replicasets"]
   verbs: ["get", "list", "watch"]
    Copy to Clipboard Toggle word wrap

  3. 将集群角色绑定到服务帐户。

    ClusterRoleBinding 对象示例

    apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: otel-collector-logs-writer
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: otel-collector-logs-writer
subjects:
  - kind: ServiceAccount
    name: otel-collector-deployment
    namespace: openshift-logging
    Copy to Clipboard Toggle word wrap

  4. 创建 OpenTelemetryCollector 自定义资源 (CR) 对象。

    OpenTelemetryCollector CR 对象示例

    apiVersion: opentelemetry.io/v1beta1
kind: OpenTelemetryCollector
metadata:
  name: otel
  namespace: openshift-logging
spec:
  serviceAccount: otel-collector-deployment
  config:
    extensions:
      bearertokenauth:
        filename: "/var/run/secrets/kubernetes.io/serviceaccount/token"
    receivers:
      otlp:
        protocols:
          grpc: {}
          http: {}
    processors:
      k8sattributes: {}
      resource:
        attributes:
    1 
    
          - key:  kubernetes.namespace_name
            from_attribute: k8s.namespace.name
            action: upsert
          - key:  kubernetes.pod_name
            from_attribute: k8s.pod.name
            action: upsert
          - key: kubernetes.container_name
            from_attribute: k8s.container.name
            action: upsert
          - key: log_type
            value: application
            action: upsert
      transform:
        log_statements:
          - context: log
            statements:
              - set(attributes["level"], ConvertCase(severity_text, "lower"))
    exporters:
      otlphttp:
        endpoint: https://logging-loki-gateway-http.openshift-logging.svc.cluster.local:8080/api/logs/v1/application/otlp
        encoding: json
        tls:
          ca_file: "/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt"
        auth:
          authenticator: bearertokenauth
      debug:
        verbosity: detailed
    service:
      extensions: [bearertokenauth]
    2 
    
      pipelines:
        logs:
          receivers: [otlp]
          processors: [k8sattributes, transform, resource]
          exporters: [otlphttp]
    3 
    
        logs/test:
          receivers: [otlp]
          processors: []
          exporters: [debug]
    Copy to Clipboard Toggle word wrap

    1
    提供 Web 控制台要使用的以下资源属性: kubernetes.namespace_name,kubernetes.pod_name,kubernetes.container_name, 和 log_type
    2
    启用 OTLP HTTP Exporter 所需的 BearerTokenAuth Extension。
    3
    启用 OTLP HTTP Exporter 从 Collector 导出日志。
提示

您可以将 telemetrygen 部署为测试: 

apiVersion: batch/v1
kind: Job
metadata:
  name: telemetrygen
spec:
  template:
    spec:
      containers:
        - name: telemetrygen
          image: ghcr.io/open-telemetry/opentelemetry-collector-contrib/telemetrygen:v0.106.1
          args:
            - logs
            - --otlp-endpoint=otel-collector.openshift-logging.svc.cluster.local:4317
            - --otlp-insecure
            - --duration=180s
            - --workers=1
            - --logs=10
            - --otlp-attributes=k8s.container.name="telemetrygen"
      restartPolicy: Never
  backoffLimit: 4
Copy to Clipboard Toggle word wrap

1.3. 将遥测数据转发到第三方系统
复制链接

OpenTelemetry Collector 通过 OpenTelemetry 协议(OTLP)使用 OTLP 导出数据,通过 gRPC 或 HTTP 传输实现。如果您需要将遥测数据转发到第三方系统,且不支持红帽构建的 OpenTelemetry 中的 OTLP 或其他支持的协议,则您可以通过 OTLP 接收遥测数据,并使用自定义导出器将其导出到第三方系统。

警告

红帽不支持自定义部署。

先决条件

  • 您已开发了自己的不支持的自定义导出器,该导出器可以通过 OTLP 将遥测数据导出到第三方系统。

流程

  • 通过 OperatorHub 或手动部署自定义收集器:

    • 如果您的第三方系统支持它,请使用 OperatorHub 部署自定义 Collector。

    • 使用配置映射、部署和服务手动部署自定义 Collector。

      自定义 Collector 部署示例

      apiVersion: v1
kind: ConfigMap
metadata:
  name: custom-otel-collector-config
data:
  otel-collector-config.yaml: |
    receivers:
      otlp:
        protocols:
          grpc:
    exporters:
      debug: {}
      prometheus:
    service:
      pipelines:
        traces:
          receivers: [otlp]
          exporters: [debug]
      1 
      
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: custom-otel-collector-deployment
spec:
  replicas: 1
  selector:
    matchLabels:
      component: otel-collector
  template:
    metadata:
      labels:
        component: otel-collector
    spec:
      containers:
      - name: opentelemetry-collector
        image: ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-contrib:latest
      2 
      
        command:
        - "/otelcol-contrib"
        - "--config=/conf/otel-collector-config.yaml"
        ports:
        - name: otlp
          containerPort: 4317
          protocol: TCP
        volumeMounts:
        - name: otel-collector-config-vol
          mountPath: /conf
          readOnly: true
      volumes:
      - name: otel-collector-config-vol
        configMap:
          name: custom-otel-collector-config
---
apiVersion: v1
kind: Service
metadata:
  name: custom-otel-collector-service
      3 
      
  labels:
    component: otel-collector
spec:
  type: ClusterIP
  ports:
  - name: otlp-grpc
    port: 4317
    targetPort: 4317
  selector:
    component: otel-collector
      Copy to Clipboard Toggle word wrap

      1
      使用第三方系统所需的导出器替换 debug
      2
      将镜像替换为带有第三方系统所需导出器所需的 OpenTelemetry Collector 版本。
      3
      红帽构建的 OpenTelemetry Collector CR 中使用服务名称来配置 OTLP 导出器。

1.4. 将遥测数据转发到 AWS
复制链接

要将遥测数据转发到 AWS,请使用带有以下导出器的 OpenTelemetry Collector :AWS CloudWatch Logs Exporter 用于日志,AWS EMF Exporter 用于指标,使用 AWS X-Ray Exporter 用于 trace。

1.5. 将遥测数据转发到 Google Cloud
复制链接

要将遥测数据转发到 Google Cloud Operations Suite,请将 OpenTelemetry Collector 与 Google Cloud Exporter 搭配使用。导出器将指标发送到 Google Cloud Monitoring,日志发送到 Google Cloud Logging,并追踪到 Google Cloud Trace。

法律通告
复制链接

Copyright © 2025 Red Hat, Inc.
The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, the Red Hat logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
Node.js® is an official trademark of Joyent. Red Hat is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.
The OpenStack® Word Mark and OpenStack logo are either registered trademarks/service marks or trademarks/service marks of the OpenStack Foundation, in the United States and other countries and are used with the OpenStack Foundation's permission. We are not affiliated with, endorsed or sponsored by the OpenStack Foundation, or the OpenStack community.
All other trademarks are the property of their respective owners.
Red Hat logoGithubredditYoutubeTwitter

学习

尝试、购买和销售

社区

关于红帽文档

通过我们的产品和服务,以及可以信赖的内容,帮助红帽用户创新并实现他们的目标。 了解我们当前的更新.

让开源更具包容性

红帽致力于替换我们的代码、文档和 Web 属性中存在问题的语言。欲了解更多详情,请参阅红帽博客.

關於紅帽

我们提供强化的解决方案,使企业能够更轻松地跨平台和环境(从核心数据中心到网络边缘)工作。

Theme

© 2026 Red Hat返回顶部