K
Q

Add centralized logging to kubernetes cluster that use systemd

9/6/2018

I'm trying to add centralized logging to my kubernetes cluster using EFK. I found out that my logs from pods that are written to system out are stored in journald in my master node. But I want to store those logs in elasticsearch.

Can I change docker config to redirect logs to var logs? I try to avoid to log from my pods in custom location.

Or can I intercept the logs from journald using fluentd or anything else?

Thanks

-- Dorin
fluentd
kubernetes
logging

Similar Questions

Running rabbitmq-peer-discovery-k8s throws socket error
imagePullSecrets not working with Kind deployment
Kubernetes target cpu utilization policy
Updating AKS kubernate cluster agent pool profile
Traffic is not coming to newly replicated pods in hpa kubernetes
How to serve Redis key with Nginx?
Is there a way to containerized a normal AWS Lambda function?
ENV_VARS "undefined" when deploying Next JS app through Gitlab CI/CD to a Kubernetes cluster:
How to init several PostgreSQL DBs on bare metal Kubernetes via Helm
cannot import name 'HttpUser' from 'locust' error when running Locust in Kubernetes

1 Answer

9/6/2018

Please try this link

The basic idea is to run Filebeat as a daemonset, which will collect and ship logs from containers and push to Elasticsearch.

-- fatcook
Source: StackOverflow