Traces For Kubernetes System Components

    System component traces record the latency of and relationships between operations in the cluster.

    Kubernetes components emit traces using the OpenTelemetry Protocol with the gRPC exporter and can be collected and routed to tracing backends using an .

    For a complete guide to collecting traces and using the collector, see . However, there are a few things to note that are specific to Kubernetes components.

    By default, Kubernetes components export traces using the grpc exporter for OTLP on the IANA OpenTelemetry port, 4317. As an example, if the collector is running as a sidecar to a Kubernetes component, the following receiver configuration will collect spans and log them to standard output:

    Enabling tracing in the kube-apiserver

    To enable tracing, provide the kube-apiserver with a tracing configuration file with --tracing-config-file=<path-to-config>. This is an example config that records spans for 1 in 10000 requests, and uses the default OpenTelemetry endpoint:

    For more information about the struct, see API server config API (v1beta1).

    kubelet traces

    FEATURE STATE: Kubernetes v1.27 [beta]

    The kubelet CRI interface and authenticated http servers are instrumented to generate trace spans. As with the apiserver, the endpoint and sampling rate are configurable. Trace context propagation is also configured. A parent span’s sampling decision is always respected. A provided tracing configuration sampling rate will apply to spans without a parent. Enabled without a configured endpoint, the default OpenTelemetry Collector receiver address of “localhost:4317” is set.

    Enabling tracing in the kubelet

    If the is set to one million (1000000), then every span will be sent to the exporter.

    The kubelet in Kubernetes v1.27 collects spans from the garbage collection, pod synchronization routine as well as every gRPC method. Connected container runtimes like CRI-O and containerd can link the traces to their exported spans to provide additional context of information.

    Please note that exporting spans always comes with a small performance overhead on the networking and CPU side, depending on the overall configuration of the system. If there is any issue like that in a cluster which is running with tracing enabled, then mitigate the problem by either reducing the or disabling tracing completely by removing the configuration.

    Tracing instrumentation is still under active development, and may change in a variety of ways. This includes span names, attached attributes, instrumented endpoints, etc. Until this feature graduates to stable, there are no guarantees of backwards compatibility for tracing instrumentation.