In a cluster, logs should have a separate storage and lifecycle independent of nodes, pods, or containers. This concept is called cluster-level logging.
Stuff you wanna know:
- The cluster-level logging mechanism is responsible for saving container logs to a central log store with search/browsing interface.
- Cluster-level logging architectures require a separate backend to store, analyze, and query logs.
- Kubernetes does not provide a native storage solution for log data.
- Options you can consider include:
- Use a node-level logging agent that runs on every node.
- Including a dedicated sidecar container for logging in an application pod.
- Pushing logs directly to a backend from within an application.
- You can implement cluster-level logging by including a node-level logging agent on each node.
More stuff:
- Logging Architecture — https://kubernetes.io/docs/concepts/cluster-administration/logging/
- Cluster level logging with Kubernetes — https://kubernetes.io/blog/2015/06/cluster-level-logging-with-kubernetes/
- Kubernetes logging: Approaches and best practices (Tigera) — https://www.tigera.io/learn/guides/kubernetes-monitoring/kubernetes-logging/
- Cluster logging (Rancher) — https://rancher.com/docs/rancher/v2.0-v2.4/en/cluster-admin/tools/cluster-logging/
- Understanding Red Hat OpenShift Logging — https://docs.openshift.com/container-platform/4.7/logging/cluster-logging.html
- Â Kubernetes Logging: Introduction & Challenges (Splunk) — https://www.splunk.com/en_us/blog/learn/kubernetes-logging.html
- Logging with Kubernetes clusters — https://cloud.ibm.com/docs/log-analysis?topic=log-analysis-kube
- Logging (Ubuntu) — https://ubuntu.com/kubernetes/docs/logging
- Application logging in Kubernetes — https://symantec-enterprise-blogs.security.com/blogs/expert-perspectives/application-logging-kubernetes
- Managing GKE logs — https://cloud.google.com/stackdriver/docs/solutions/gke/managing-logs
- Kubernetes Fluentd — https://docs.fluentd.org/v/0.12/articles/kubernetes-fluentd