K
Q

How can I get log rotation working inside a kubernetes container/pod?

4/18/2019

Our setup:

We are using kubernetes in GCP. We have pods that write logs to a shared volume, with a sidecar container that sucks up our logs for our logging system. We cannot just use stdout instead for this process.

Some of these pods are long lived and are filling up disk space because of no log rotation.

Question: What is the easiest way to prevent the disk space from filling up here (without scheduling pod restarts)?

I have been attempting to install logrotate using: RUN apt-get install -y logrotate in our Dockerfile and placing a logrotate config file in /etc/logrotate.d/dynamicproxy but it doesnt seem to get run. /var/lib/logrotate/status never gets generated.

I feel like I am barking up the wrong tree or missing something integral to getting this working. Any help would be appreciated.

-- Tyler Zale
google-cloud-platform
kubernetes
logrotate

Similar Questions

Connections to Telepresenced service get 502 errors
How to configure multiple services/containers in Kubernetes?
Logstash output is from another input
"container started" event of a pod from kubernetes using pythons kubernetes library
can't get product page from outside using browser via istio

3 Answers

12/12/2019

We ended up writing our own daemonset to properly collect the logs from the nodes instead of the container level. We then stopped writing to shared volumes from the containers and logged to stdout only.

We used fluentd to the logs around.

https://github.com/splunk/splunk-connect-for-kubernetes/tree/master/helm-chart/splunk-kubernetes-logging

-- Tyler Zale
Source: StackOverflow
4/18/2019

If you write to the filesystem the application creating the logs should be responsible for rotation. If you are running a java application with logback or log4j it is simple configuration change. For other languages/frameworks it is usually similar.

If that is not an option you could use a specialized tool to handle the rotation and piping the output to it. One example would be http://cr.yp.to/daemontools/multilog.html

As method of last resort you could investigate to log into a named pipe (FIFO) instead of a real file and have some other process handling the retrieval and writing of the data - including the rotation.

-- Thomas
Source: StackOverflow
4/19/2019

In general, you should write logs to stdout and configure log collection tool like ELK stack. This is the best practice.

However, if you want to run logrotate as a separate process in your container - you may use Supervisor, which serves as a very simple init system and allows you to run as many parallel process in container as you want.

Simple example for using Supervisor for rotating Nginx logs can be found here: https://github.com/misho-kr/docker-appliances/tree/master/nginx-nodejs

-- Vasily Angapov
Source: StackOverflow