Offloading analytics data to AWS S3 exporter
Configure the DataPower Interact Gateway Collector to archive telemetry data to Amazon S3 for long-term retention, backup, and analytics.
Before you begin
Make sure
- you have an AWS account with S3 access.
- you have created an S3 bucket for storing telemetry data.
- you have created an IAM role with permissions to write to the S3 bucket.
- you have the AWS region, S3 bucket name, and role ARN.
About this task
The AWS S3 exporter archives traces, logs, and metrics from the DataPower Interact Gateway Collector to Amazon S3 for long-term storage, compliance, and offline analysis.
Procedure
-
Identify the namespace where the collector is deployed.
kubectl get nsSample output:
NAME STATUS AGE cert-manager Active 5h2m datapower-nano-system Active 4h53m default Active 5h6m envoy-gateway-system Active 5h5m fyre-ci-293280 Active 5h2m kube-node-lease Active 5h6m kube-public Active 5h6m kube-system Active 5h6m metallb-system Active 5h5mNote: Lists all namespaces and their deployments, including the DataPower Interact Gateway. In this example,fyre-ci-293280is the namespace in which the DataPower Interact Gateway is deployed. -
Create a Kubernetes secret containing the AWS S3 configuration.
kubectl create secret generic aws-credentials \ --from-literal=AWS_REGION='ap-south-1' \ --from-literal=AWS_S3_BUCKET='your-otel-telemetry-bucket' \ --from-literal=AWS_ROLE_ARN='arn:aws:iam::123456789012:role/OTelS3Role' \ -n <namespace>Important: Replaceap-south-1,your-otel-telemetry-bucket, andarn:aws:iam::123456789012:role/OTelS3Rolewith your actual AWS region, S3 bucket name, and IAM role ARN.Output:
secret/aws-credentials created -
Verify that the secret was created successfully.
kubectl get secret aws-credentials -n <namespace> -
Identify the collector deployment.
kubectl get deployment -n <namespace> | grep collectorSample output:
idig-nanogw-nanogw-analytics-collector 1/1 1 1 5h -
Edit the collector deployment to inject the secret as environment variables.
kubectl edit deployment <deployment_name> -n <namespace>-
Locate the
containerssection for theanalytics-collectorcontainer. -
Add the following
envFromsection under the container definition:envFrom: - secretRef: name: aws-credentials -
Save and exit the editor.
Sample deployment configuration:
apiVersion: apps/v1 kind: Deployment metadata: name: idig-nanogw-nanogw-analytics-collector namespace: <namespace> spec: replicas: 1 selector: matchLabels: app.kubernetes.io/name: nanogw-analytics-collector template: metadata: labels: app.kubernetes.io/name: nanogw-analytics-collector spec: containers: - name: analytics-collector image: your-image:tag envFrom: - secretRef: name: aws-credentials
-
Locate the
-
Identify the collector ConfigMap.
kubectl get configmap -n <namespace> | grep collectorSample output:
idig-nanogw-collector-config 1 5h11m -
Edit the collector ConfigMap to add the AWS S3 exporter configuration.
kubectl edit configmap <configmap_name> -n <namespace>-
Add the following exporter configuration under the
exporterssection:exporters: awss3: s3uploader: region: '${AWS_REGION}' s3_bucket: '${AWS_S3_BUCKET}' s3_prefix: 'otel-telemetry' role_arn: '${AWS_ROLE_ARN}' marshaler: otlp_json -
Update the service pipelines to include the AWS S3 exporter:
service: pipelines: traces/s3: receivers: [otlp] processors: [batch/apic] exporters: [awss3] logs/s3: receivers: [otlp] processors: [batch/apic] exporters: [awss3] metrics/s3: receivers: [otlp] processors: [batch/apic] exporters: [awss3] -
Save the ConfigMap.
Sample ConfigMap structure:
apiVersion: v1 kind: ConfigMap metadata: name: idig-nanogw-collector-config namespace: <namespace> data: config.yaml: | receivers: ... processors: batch/apic: ... exporters: awss3: s3uploader: region: '${AWS_REGION}' s3_bucket: '${AWS_S3_BUCKET}' s3_prefix: 'otel-telemetry' role_arn: '${AWS_ROLE_ARN}' marshaler: otlp_json service: pipelines: traces/s3: receivers: [otlp] processors: [batch/apic] exporters: [awss3] logs/s3: receivers: [otlp] processors: [batch/apic] exporters: [awss3] metrics/s3: receivers: [otlp] processors: [batch/apic] exporters: [awss3]
-
Add the following exporter configuration under the
-
Restart the collector deployment to apply the changes.
kubectl rollout restart deployment <deployment_name> -n <namespace>Output:
deployment.apps/idig-nanogw-nanogw-analytics-collector restarted -
Verify that the collector pods restart successfully.
kubectl get pods -n <namespace> | grep collectorSample output:
idig-nanogw-nanogw-analytics-collector-7d4f8ccf45-bk468 1/1 Running 0 30sThe OpenTelemetry Collector is now configured to export telemetry data to Amazon S3. Traces, logs, and metrics will be archived to your configured S3 bucket for long-term storage and analysis.