Viewing Application Logs on Virtual Nodes

Viewing stdout and stderr logs using the kubectl logs command

Sending logs to a persistent log server

You can send the logs of applications running on virtual nodes to a remote log server such as OpenSearch, and view the logs on that server. Since virtual nodes do not support the Kubernetes daemonset, you cannot run a logging agent at the node level. Instead, you can run a lightweight logging agent as a sidecar for each of the application's pods. You can use any logging agent that can run as a sidecar on a Kubernetes pod, such as Fluent Bit.

For example, to run Fluent Bit as a sidecar on a pod to send application logs to a remote OpenSearch log server:

1. Create a Kubernetes ConfigMap per cluster or per namespace, specifying the Fluent Bit configuration settings to use. In particular, note that you must specify the remote log server's IP address, port number, and authentication parameters.

   For example:

   apiVersion: v1
   kind: ConfigMap
   metadata:
     name: fluentbit-config
   data:
     fluent-bit.conf: |
       [SERVICE]
           flush        1
           daemon       Off
    
       [INPUT]
           Name              tail
           Path              /mnt/log/*
    
       [OUTPUT]
           name  opensearch
           match *
           host <ip-address>
           port <port-number>
           tls On
           HTTP_User <username>
           HTTP_Passwd <example-password>
           Index fluent-bit
           Suppress_Type_Name On

   where:

   • host <ip-address> specifies the IP address of the Opensearch server.
   • port <port-number> specifies the port of the Opensearch server (9200 by default).
   • HTTP_User <username> specifies the username for the Opensearch server.
   • HTTP_Passwd <example-password> specifies the password for the Opensearch server.
2. Add a Fluent Bit sidecar to each pod. Note that you must configure all pods with a Fluent Bit sidecar to ensure that application logs are sent to the persistent log destination.

   1. In the volumes section of each pod spec, specify:

      • An emptyDir where application logs are written, as follows:

        - name: logs
          emptyDir: {}

      • A reference to the ConfigMap you created previously, as follows:

        - name: fluentbit-config
          configMap:
            name: fluentbit-config

   2. In the containers section of each pod spec, you must specify that the logging container:

      • Uses the fluent/fluent-bit image.
      • Mounts the logs emptyDir and the fluentbit-config ConfigMap.

      For example:

      - name: logging
        image: fluent/fluent-bit
        resources:
          requests:
            cpu: 100m
            memory: 50Mi
        volumeMounts:
        - name: logs
          mountPath: /mnt/log
        - name: fluentbit-config
          mountPath: /fluent-bit/etc 

   Here's an example of a complete pod specification:

   apiVersion: v1
   kind: Pod
   metadata:
     name: date-logging
   spec:
     containers:
     - name: date
       image: busybox
       resources:
         requests:
           cpu: 500m
           memory: 200Mi
       command: ["sh", "-c"]
       args:
         - while [ 1 ]; do
           echo "Writing the date in /mnt/log/date.log";
           date >> /mnt/log/date.log;
           sleep 10;
           done
       volumeMounts:
       - name: logs
         mountPath: /mnt/log
     - name: logging
       image:
        resources:
         requests:
           cpu: 100m
           memory: 50Mi
       volumeMounts:
       - name: logs
         mountPath: /mnt/log
       - name: fluentbit-config
         mountPath: /fluent-bit/etc
     volumes:
     - name: logs
       emptyDir: {}
     - name: fluentbit-config
       configMap:
         name: fluentbit-config