I brought up a new Vault cluster using Terraform (https://github.com/sethvargo/vault-on-gke) and everything is working fine with Vault. However I can't seem to see any Container, Node or Pod logs in Stackdriver. The other GKE Cluster we have that was brought up manually is working fine.
I can view the logs on the pods using kubectl logs without a problem.
Existing cluster that works fine
I'm completely stumped as to why it's not working. Stackdriver is enabled for the cluster, and the beta Stackdriver box is ticked – same as the working cluster. The Compute service account has Editor role, same in both account.
Any thoughts?
Best Answer
You need to make sure that your kubernetes cluster has the correct permissions for logging and monitoring.
To have a properly running cluster, the kubernetes master needs the following oauth scopes (the latter two are for stackdriver):
In addition, the service account of the nodes in the kubernetes cluster need the following permissions:
For more information see: