Architecture
Last updated on
The STACKIT Telemetry Router and its components are used to ingest and distribute telemetry data. A Telemetry Link connects the Telemetry Router with your cloud resources to automatically capture standardized data streams. You have full control to forward this unified data stream to internal STACKIT services or external destinations compatible with OpenTelemetry or S3.
Telemetry Link
Section titled “Telemetry Link”A Telemetry Link requires an existing Telemetry Router. One Telemetry Link can be created per region for each level (project, folder, organization). Configuring a Telemetry Link requires both the ID and an access token of the Telemetry Router that is to be linked. A Telemetry Link strictly assumes that the configured Telemetry Router is located in the same region.
Telemetry Router
Section titled “Telemetry Router”The Telemetry Router is a self-manageable component through which telemetry data can be introduced. In order to ingest data at the Telemetry Router endpoint, an individually creatable access token is required. Creating a Telemetry Router enables the setup of destinations, filtering, and emission of the captured data.
Access Token
Section titled “Access Token”Access Token are JSON Web Token (JWT) required in order to interact with a telemetry routers’ endpoint.
Destination
Section titled “Destination”For each instance of the Telemetry Router, you define destinations to which your data stream is forwarded.
You can send the data stream to an OpenTelemetry-compatible endpoint or to an S3-compatible STACKIT Object Storage.
For OpenTelemetry, either Basic or Token Auth can be used so that your Telemetry Router instance can authenticate itself to your destination.
You define the actual target endpoint using a URI.
Filter
Section titled “Filter”You can freely configure the filter for each Telemetry Router instance. Each configuration element is called an attribute and is identified by its key. Each filter attribute operates at one of three levels:
resourcescopelogRecord
You then provide expressions, that match the objects that are represented by these levels. Each expression is built by a matcher and a value that is matched. The following options for matcher are available:
Matcher
Section titled “Matcher”Type of matchers
Section titled “Type of matchers”-
=: Matches an expression.The
=matcher includes a list of the matching expressions. -
!=: Negates an expression match.The
!=matcher does not include a list of the matching expressions.
The value parameter
Section titled “The value parameter”With the value parameter you configure what actually should be evaluated by the matcher. It is an array of strings.
Examples
Section titled “Examples”The following provides potential scenarios for configuring the above resources by extending the known architecture.
Parallel emission to different target systems
Section titled “Parallel emission to different target systems”Multiple destinations can be configured for one Telemetry Router. Each of these destinations can be freely configured for OpenTelemetry or S3. Data captured by the Telemetry Router is forwarded in parallel to all configured destinations.
Capturing telemetry data from multiple STACKIT projects
Section titled “Capturing telemetry data from multiple STACKIT projects”It is possible to route the telemetry data of multiple projects through the same Telemetry Router. In this case, the regionality restrictions of the Telemetry Link must be observed.
Telemetry data from all levels
Section titled “Telemetry data from all levels”If it is necessary to capture telemetry data and, above all, audit logs from all hierarchy levels, this is also possible via the Telemetry Link. Due to technical limitations, a Telemetry Router must always be located within a project. The Telemetry Links at the organization, folder, and project levels are then configured to integrate a specific Telemetry Router.
