Reputation: 1012
Fluentd not able to access the logs present under /var/lib/docker/containers due to permission issue
I am trying to read the container logs through fluentd and pass it to the elastic search. I have mounted the directories from the host onto fluentd container which include all symlinks and actual files.
But when I see the fluentd container logs , it say those logs, present under /var/log/pods/ are unreadable. Then I manually navigated to the path under fluentd container where logs are present but unfortunately I got permission denied issue.
I went till /var/lib/docker/containers , then the permissions were 0700 and owner was root. Even I am trying to run my fluentd container by setting
- name: FLUENT_UID
value: "0"
But still it is not able to read.
volumes:
- name: varlog
hostPath:
path: /var/log/
- name: varlibdockercontainers
hostPath:
path: /var/lib/docker/containers
.....
volumeMounts:
- name: varlog
mountPath: /var/log/
- name: varlibdockercontainers
mountPath: /var/lib/docker/containers
Upvotes: 1
Views: 3641
Answers (1)
Reputation: 4787
You should take a look at security contexts. Among other things they allow you to specify the user that will run in the container with runAsUser, the primary group of that user with runAsGroup, and the volume owner with fsGroup.
Upvotes: 2
Related Questions
- FluentD log unreadable. it is excluded and would be examined next time
- FluentD cannot parse the log file content
- Logs of pods missing from /var/logs/ in Kubernetes
- Fluentd in docker cannot tail from my log file
- Fluentbit get Docker Logs(Systemd) in Kubernetes not working
- Permission issue when reading container logs with fluentd in Kubernetes
- fluentd error "Systemd::JournalError: No such file or directory"
- Unable to collect all kubernetes container/pod logs via fluentd/elasticsearch
- Sending logs from docker container to FluentD
- How to monitor docker containers log from non-root user?