{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 太酷不给撩 的问题《How to Send Kubernetes Logs to AWS CloudWatch?》','https://www.manongdao.com/q-476843.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
AWS CloudWatch Logs in Docker
Setting an AWS CloudWatch Logs driver in docker is done with log-driver=awslogs and log-opt, for example -
#!/bin/bash
docker run \
--log-driver=awslogs \
--log-opt awslogs-region=eu-central-1 \
--log-opt awslogs-group=whatever-group \
--log-opt awslogs-stream=whatever-stream \
--log-opt awslogs-create-group=true \
wernight/funbox \
fortune
My Problem
I would like to use AWS CloudWatch logs in a Kubernetes cluster, where each pod contains a few Docker containers. Each deployment would have a separate Log Group, and each container would have a separate stream. I could not find a way to send the logging parameters to the docker containers via Kubernetes create / apply.
My Question
How can I send the log-driver and log-opt parameters to a Docker container in a pod / deployment?
What have I tried
- Setting relevant parameters for the Docker daemon on each machine. It's possible, but this way all the containers on the same machine would share the same stream - therefore irrelevant for my case.
- RTFM for
kubectl apply - Reading the relevant README in
kops - Read
Kubernetes Logging Architecture
You could use a Helm chart to install Fluentd:
This is from: https://github.com/kubernetes/charts/tree/master/incubator/fluentd-cloudwatch
From what I understand, Kubernetes prefer Cluster-level logging to Docker logging driver.
We could use fluentd to collect, transform, and push container logs to CloudWatch Logs.
All you need is to create a fluentd DaemonSet with ConfigMap and Secret. Files can be found in Github. It has been tested with Kubernetes v1.7.5.
The following are some explains.
In
With DaemonSet, fluentd collect every container logs from the host folder
/var/lib/docker/containers.Filter
fluent-plugin-kubernetes_metadata_filter plugin load the pod's metadata from Kubernetes API server.
The log record would be like this.
Make some tags with Fluentd record_transformer filter plugin.
Out
fluent-plugin-cloudwatch-logs plugin send to AWS CloudWatch Logs.
With
log_group_name_keyandlog_stream_name_keyconfiguration, log group and stream name can be any field of the record.As per kubernate, Kubernetes provides no native storage solution for log data, but you can integrate many existing logging solutions into your Kubernetes cluster and kubernate cluster-level-logging-architectures.
Fluentd image to send Kubernetes logs to CloudWatch too, so you can use that to Deploy,
Sliverfox has a great answer. You don't have to build your own image. Could also directly use fluentd official docker image, fluent/fluentd-kubernetes-daemonset:cloudwatch. The code is on fluentd-kubernetes-daemonset github.
You could replace the default fluent.conf with the configmap. Like below in the ds.yaml, and write your own fluent.conf in configmap.yaml. For the complete yaml files, you could refer to the example ds.yaml and configmap.yaml that we wrote.