Allow sidecar to trigger pcap dump based on Cloud Logging entry

[jefsg]

Problem: Oftentimes an issue we want to troubleshoot is not easily triggered and can be weeks between occurrences. Keeping a pcap sidecar actively pushing captures into cloud logging for weeks might become expensive.

Potential solution:

If the sidecar could dump the last X minutes of buffered packet capture data when any container on the same instance logged a given text/json payload, it would allow for these longer term sidecar deployments to debug such intermittent issues.

We would want to be able to configure at least:

• Length of time to buffer captures (potentially also maximum size of that buffered data - warning log if the max size is reached)
• Length of time to continue dumping capture data after the triggering event (default to above buffer length)
• What log message to watch for (usually the error text that we expect the main container to output) - This could be read via shared volume for logging, or a streaming read from cloud logging
• Might benefit from a safety config to prevent accidental multiple triggers from causing large logging bills - i.e if the trigger event occurred continuously for a week before being looked at.