rkubelog is the easiest way to get logs out of your k8s cluster and into Papertrail and Loggly. Because it doesn't require DaemonSets, sidecars, fluentd or persistent claims, it's one of the only solutions for logging in nodeless clusters, such as EKS on Fargate. But it's also perfect for smaller, local dev clusters to setup logging within seconds.
Info: Make sure to always reference rkubelog versions explicitly in the image. Do not use
latest
tags. The current version isquay.io/solarwinds/rkubelog:<github_version>
, wheregithub_version
is the latest revision listed in Releases, for exampler17
.
By default, rkubelog runs in the kube-system
namespace and will observe all logs from all pods in all namespaces except from itself or any other service in kube-system
.
To deploy rkubelog:
- Follow the account setup steps in the How it Works section for the logging service of your choice
- Preview the deployment using
kubectl apply -k . --dry-run -o yaml
- If all looks good, apply the deployment using
kubectl apply -k .
If you run into issues, please read the Troubleshooting section at the end of this document.
In order to ship logs to Papertrail, you will need a Papertrail account. If you don't have one already, you can sign up for one here. After you are logged in, you will need to create a Log Destination
from under the Settings
menu. When a log destination is created, you will be given a host:port combo.
The PaperTrail credentials are automatically pulled from a secret named 'logging-secret'. Before deploying rkubelog, you need to create a kubernetes secret with that name in the kube-system
namespace with the following fields:
PAPERTRAIL_PROTOCOL
- Acceptable values are udp, tcp, tls. This also depends on the choices that are selected under theDestination Settings
; by default, a new destination accepts TLS and UDP connections.PAPERTRAIL_HOST
- Log destination hostPAPERTRAIL_PORT
- Log destination portLOGGLY_TOKEN
set toXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
to disable Loggly
For any help with Papertrail, please check out their help page here.
In order to ship logs to Loggly, you will need a Loggly account. If you don't have one already you can sign up for one here. After you are logged in, you will need to create a Customer Token
from under the Source Setup
menu item.
The Loggly credentials are automatically pulled from a secret named 'logging-secret'. Before deploying rkubelog, you need to create a kubernetes secret with that name in the kube-system
namespace with the following fields:
LOGGLY_TOKEN
- customer token from Loggly (not API token)
Also add these default values to disable PaperTrail logging:
PAPERTRAIL_PROTOCOL=tcp
PAPERTRAIL_HOST=logsX.papertrailapp.com
PAPERTRAIL_PORT=XXXXX
For any help with Loggly, please checkout their help page here.
Info: You only need to reference this section if you plan to contribute to the rkubelog development.
You will need Go (1.11+) installed on your machine. Then, clone this repo to a suitable location on your machine and cd
into it. For quick command access the project includes a Makefile.
To build run:
make build
To run the code:
bin/rkubelog
You are free to set the described environment variables or pass run time arguments described above and/or follow kail usage guide.
To run all the static checks:
make lint
To run tests:
make tests
To create a Docker image:
make docker
If you deploy rkubelog on nodeless clusters, such as EKS on Fargate, you may not see logs flow immediately. Specifically on EKS on Fargate it may take up to 2 minutes for a pod to be fully deployed, as AWS needs to provision Fargate nodes. You can check the progress using:
kubectl get pods -o wide -n kube-system | grep rkubelog
- The "status" should be "Runnig"
- The "node" column should have a proper value (
fargate-ip-192-168-X-X.us-east-2.compute.internal
) - The "nominated node" column should be empty
If all looks good and you still don't see logs in PT/LG, please open an issue.
Please restart the rkubelog deployment:
kubectl scale deployment rkubelog --replicas=0 -n kube-system
kubectl scale deployment rkubelog --replicas=1 -n kube-system
If the problem persists, please open an issue.
Please open an issue, we'd love to hear from you. As a SolarWinds Project, it is supported in a best-effort fashion.
If you have identified a security vulnerability, please send an email to infosec@solarwinds.com (monitored 24/7). Please do not open a public issue.