There is a container which print logs to stdout/stderr, and I have no access to host machines, so can not use node log collector to collect and send them to a central logging system(ElasticSearch here), is there a way to use a sidecar container to do such thing?
Asked
Active
Viewed 5,297 times
1 Answers
4
You can use fluentbit as a sidecar to send logs to Elasticsearch. There is no process that you need to run in the host for this. Below is an example yaml.
apiVersion: apps/v1
kind: Deployment
metadata:
name: fluentbit-logging-sidecar
spec:
selector:
matchLabels:
app: fluentbit-logging-sidecar
replicas: 1
template:
metadata:
labels:
app: fluentbit-logging-sidecar
volumes:
- name: shared-data
emptyDir: {}
- name: config-volume
configMap:
name: fb-agent-config
containers:
- name: sample-logging
image: <image>
volumeMounts:
- name: shared-data
mountPath: /app/logs
- name: fb-sidecar
image: fluent/fluent-bit
volumeMounts:
- name: shared-data
mountPath: /app/logs
- name: config-volume
mountPath: /fluent-bit/etc/fluent-bit.conf
subPath: fluent-bit.conf
You need to configure your application to write log in filesystem in the path /app/logs. Because the app container and fluentbit container share the path using volumeMounts fluentbit sidecar will be able to read logs from that path and stream it to Elasticsearch. You need to configure details of elastic search in fluent-bit.conf file.
Arghya Sadhu
- 41,002
- 9
- 78
- 107
-
1is it possible to not modify app to write log to filesystem but just get log from stdout directly? – raja Jul 20 '20 at 05:57
-
Looking at input plugins fluentbit supports it's not possible https://docs.fluentbit.io/manual/pipeline/inputs – Arghya Sadhu Jul 20 '20 at 07:40