Reputation: 6360
Collect stdout/stderr logs with sidecar container
I use company originated cloud environment which doesn't allow us to use node log collector and asks us to use a sidecar container to ship logs to ELK. However our container prints all the logs to stdout/stderr by following the 12 factor app practice.
Is there any way to collect stdout/stderr logs using a sidecar container (Prefered to use Filebeat)? I was checking documentation but it's not clearly mentioned anywhere.
There's another way in which I print all the logs to the specific directory within app container and share the volume with the sidecar Filebeat container. However, with this approach, I should think about the log rotation as well, which introduces more complexity. (Probably I need to create another container to aggregate logs and rotate logs.)
I think the recommended approach could be
- container logs go stdout/stderr
- Filebeat is deployed as Daemon Set
- Use Hint Base Autodiscover
Upvotes: 1
Views: 1283
Answers (1)
Reputation: 17689
Consider one of the below options
- Deploy Fluentd daemonset to collect the logs from all pods from a node
OR
- Deploy Fluent-bit daemonset to collect logs and get it forward to Fluentd pod
Configure Fluentd pod to push the logs to Elasticsearch.
Upvotes: 0
Related Questions
- Multi-line logs into ES from filebeat deployed as Kubernetes Daemonset
- Using Sidecar Mode for Kubernetes Log Collection
- Tailing sidecar container logs to an existing pod
- Shipping stdout and stderr to Logstash
- Access k8s pod logs generated from ssh exec
- How to get filebeat to ignore certain container logs
- Filebeat Kubernetes Processor and filtering
- Container STDOUT to two separate ELS indexes
- Kubernetes: How to collect stdout/stderr logs using sidecar container
- Filebeat with ELK stack running in Kubernetes does not capture pod name in logs