K
Q

Need to setup a Customized Kubernetes Logging strategy

7/12/2021

So far in our legacy deployments of webservices to VM clusters, we have effectively been using Log4j2 based multi-file logging on to a persistent Volume where the log files are rolled over each day. We have a need to maintain logs for about 3 months, before they can be purged.

We are migrating to a Kubernetes Infrastructure and have been struggling on what would be the best logging strategy to adapt with Kubernetes Clusters. We don't quite like the strategies involving spitting out all logging to STDOUT/ERROUT and using come centralized tools like Datadog to manage the logs.

Our Design requirements for the Kubernetes Logging Solution are:

  1. Using Lo4j2 to multiple files appenders.
  2. We want to maintain the multi-file log appender structure.
  3. We want to preserve the rolling logs in archives for about 3-months
  4. Need a way to have easy access to the logs for searching, filtering etc.
  5. The Kubectrl setup for viewing logs may be a bit too cumbersome for our needs.
  6. Ideally we would like to use the Datadog dashboard approach BUT using multi-file appenders.
  7. The serious limitation of Datadog we run into is the need for having everything pumped to STDOUT.
-- Brian Antao
datadog
kubectl
kubernetes
log4j2
logging

Similar Questions

kube-system containers continuously crash
Why does a Kubernetes config allows K8 dashboard connection but not via Java API?
Why eks cluster doesn't have corresponding logs in CloudWatch
Can Windows Containers be run on top of Kubernetes in a local development environment?
Failed to pull dockerhub image on Kubernetes

1 Answer

7/12/2021

Start using containers platforms or building containers means that as a first step we must to change our mindset. Create logs files in your containers is not the best practices for two reasons:

  1. Your containers should be stateless, so the should not save anything inside of it, because when it is deleted and created again your files will be desapeared.
  2. When you send your outputs using Passive Logging(STDOUT/STDERR), Kubernetes creates the logs files for you, this files can be used by platforms like fluentd or logstash to collects those logs and send it to a log aggregation tool.

I recommend to use the Passive Logging which is the recommended way by Kubernetes and the standard for cloud native applications, maybe in the future you will need to use your app in a cloud services, which also use Passive Logging to check application errors

In the following links you will see some refereces about why k8s recommends to use Passive Logging:

  1. k8s checklist best practices
  2. Twelve Factor Applications Logging
-- Francisco Vásquez
Source: StackOverflow