K
Q

Fluent Bit sidecar container unable to push logs to Cloudwatch from EKS Fargate Pod?

10/1/2021

We are using fluent bit as a sidecar container on a Fargate EKS pod to push logs to cloud watch reading from a common volume mount from main application pod. It looks like permissions issue to us. There is no error in the logs though. Please check below.

ConfigMap

    apiVersion: v1
    kind: ConfigMap
    metadata:
      name: fluent-bit-config
      namespace: eretail
      labels:
        k8s-app: fluent-bit
    data:
      fluent-bit.conf: |
        [SERVICE]
            Flush                     5
            Log_Level                 info
            Daemon                    off
            Parsers_File              parsers.conf
            # HTTP_Server               On
            # HTTP_Listen               0.0.0.0
            # HTTP_Port                 2020
            
        @INCLUDE application-log.conf
      
      application-log.conf: |
        [INPUT]
            Name                tail
            Path                /logs/boot/*.log
            Tag                 boot.*
            Parser              docker
            Mem_Buf_Limit       5MB
            Refresh_Interval    10
            
        [INPUT]
            Name                tail
            Path                /logs/access/*.log
            Tag                 access.*
            Parser              docker
            Mem_Buf_Limit       5MB
            Refresh_Interval    10
            
        [OUTPUT]
            Name                cloudwatch
            Match               *boot*
            region              ap-southeast-1
            log_group_name      eks-fluent-bit
            log_stream_prefix   ${HOSTNAME}-boot-log-
            auto_create_group   true
            # workers             1
            
        [OUTPUT]
            Name                cloudwatch
            Match               *access*
            region              ap-southeast-1
            log_group_name      eks-fluent-bit
            log_stream_prefix   ${HOSTNAME}-access-log-
            auto_create_group   true
            # workers             1
            
      parsers.conf: |
        [PARSER]
            Name                docker
            Format              json
            Time_Key            time
            Time_Format         %Y-%m-%dT%H:%M:%S.%LZ

Container Logs

    AWS for Fluent Bit Container Image Version 2.14.0
    Fluent Bit v1.7.4
    * Copyright (C) 2019-2021 The Fluent Bit Authors
    * Copyright (C) 2015-2018 Treasure Data
    * Fluent Bit is a CNCF sub-project under the umbrella of Fluentd
    * https://fluentbit.io
    
    [2021/10/04 10:36:01] [ info] [engine] started (pid=1)
    [2021/10/04 10:36:01] [ info] [storage] version=1.1.1, initializing...
    [2021/10/04 10:36:01] [ info] [storage] in-memory
    [2021/10/04 10:36:01] [ info] [storage] normal synchronization mode, checksum disabled, max_chunks_up=128
    time="2021-10-04T10:36:01Z" level=info msg="[cloudwatch 0] plugin parameter log_group_name = 'eks-fluent-bit'"
    time="2021-10-04T10:36:01Z" level=info msg="[cloudwatch 0] plugin parameter default_log_group_name = 'fluentbit-default'"
    time="2021-10-04T10:36:01Z" level=info msg="[cloudwatch 0] plugin parameter log_stream_prefix = 'ip-17-225-20-45.ap-southeast-1.compute.internal-boot-log-'"
    time="2021-10-04T10:36:01Z" level=info msg="[cloudwatch 0] plugin parameter log_stream_name = ''"
    time="2021-10-04T10:36:01Z" level=info msg="[cloudwatch 0] plugin parameter default_log_stream_name = '/fluentbit-default'"
    time="2021-10-04T10:36:01Z" level=info msg="[cloudwatch 0] plugin parameter region = 'ap-southeast-1'"
    time="2021-10-04T10:36:01Z" level=info msg="[cloudwatch 0] plugin parameter log_key = ''"
    time="2021-10-04T10:36:01Z" level=info msg="[cloudwatch 0] plugin parameter role_arn = ''"
    time="2021-10-04T10:36:01Z" level=info msg="[cloudwatch 0] plugin parameter auto_create_group = 'true'"
    time="2021-10-04T10:36:01Z" level=info msg="[cloudwatch 0] plugin parameter new_log_group_tags = ''"
    time="2021-10-04T10:36:01Z" level=info msg="[cloudwatch 0] plugin parameter log_retention_days = '0'"
    time="2021-10-04T10:36:01Z" level=info msg="[cloudwatch 0] plugin parameter endpoint = ''"
    time="2021-10-04T10:36:01Z" level=info msg="[cloudwatch 0] plugin parameter sts_endpoint = ''"
    time="2021-10-04T10:36:01Z" level=info msg="[cloudwatch 0] plugin parameter credentials_endpoint = "
    time="2021-10-04T10:36:01Z" level=info msg="[cloudwatch 0] plugin parameter log_format = ''"
    time="2021-10-04T10:36:01Z" level=info msg="[cloudwatch 1] plugin parameter log_group_name = 'eks-fluent-bit'"
    time="2021-10-04T10:36:01Z" level=info msg="[cloudwatch 1] plugin parameter default_log_group_name = 'fluentbit-default'"
    time="2021-10-04T10:36:01Z" level=info msg="[cloudwatch 1] plugin parameter log_stream_prefix = 'ip-17-225-20-45.ap-southeast-1.compute.internal-access-log-'"
    time="2021-10-04T10:36:01Z" level=info msg="[cloudwatch 1] plugin parameter log_stream_name = ''"
    time="2021-10-04T10:36:01Z" level=info msg="[cloudwatch 1] plugin parameter default_log_stream_name = '/fluentbit-default'"
    time="2021-10-04T10:36:01Z" level=info msg="[cloudwatch 1] plugin parameter region = 'ap-southeast-1'"
    time="2021-10-04T10:36:01Z" level=info msg="[cloudwatch 1] plugin parameter log_key = ''"
    time="2021-10-04T10:36:01Z" level=info msg="[cloudwatch 1] plugin parameter role_arn = ''"
    time="2021-10-04T10:36:01Z" level=info msg="[cloudwatch 1] plugin parameter auto_create_group = 'true'"
    time="2021-10-04T10:36:01Z" level=info msg="[cloudwatch 1] plugin parameter new_log_group_tags = ''"
    time="2021-10-04T10:36:01Z" level=info msg="[cloudwatch 1] plugin parameter log_retention_days = '0'"
    time="2021-10-04T10:36:01Z" level=info msg="[cloudwatch 1] plugin parameter endpoint = ''"
    time="2021-10-04T10:36:01Z" level=info msg="[cloudwatch 1] plugin parameter sts_endpoint = ''"
    time="2021-10-04T10:36:01Z" level=info msg="[cloudwatch 1] plugin parameter credentials_endpoint = "
    time="2021-10-04T10:36:01Z" level=info msg="[cloudwatch 1] plugin parameter log_format = ''"
    [2021/10/04 10:36:01] [ info] [sp] stream processor started
    [2021/10/04 10:36:01] [ info] [input:tail:tail.0] inotify_fs_add(): inode=1460720 watch_fd=1 name=/logs/boot/INTEGRATOR.log
    [2021/10/04 10:36:01] [ info] [input:tail:tail.0] inotify_fs_add(): inode=1460719 watch_fd=2 name=/logs/boot/server.log

Policy attached to the Fargate Pod Execution Role

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "logs:CreateLogStream",
                "logs:CreateLogGroup",
                "logs:DescribeLogStreams",
                "logs:PutLogEvents"
            ],
            "Resource": "*"
        }
    ]
}

Please help us to achieve this.

-- Nitin Garg
amazon-cloudwatchlogs
amazon-eks
aws-fargate
fluent-bit
kubernetes

Similar Questions

Using Kubernetes client-go how to check programatically if Node is "Ready"?
How to fix : "command terminated with exit code 255"
How can I use custom client certificate for external service with istio?
Oracle virtual box (6.0.10) exiting and erroring when the minikube start is ran
Unable to write to Kinesis from EKS container

0 Answers