Kubernetes log query and Analysis Practice

Posted by agent47 on Fri, 27 Dec 2019 09:53:59 +0100

Introduction: This paper will introduce how to collect and query Kubernetes (K8s) logs based on the log service. In addition, it also gives a brief introduction to Ingress and Audit schemes. In order to facilitate our understanding through operation, this paper provides detailed operation steps and corresponding screenshots and configuration codes.

Author: baoze


For image download, domain name resolution and time synchronization, please click Alibaba open source image station

Preparation

In order to complete the following related operations, we need to prepare a K8s cluster. The operation steps are as follows:

  1. Land Container services console.
  2. Create a standard hosting cluster (Hangzhou region), and check [use EIP to expose API Server] and [use log service] in the wizard.
  3. After the cluster is created, return to the cluster list page and click more - > Manage cluster through CloudShell.
  4. Enter kubectl get DS - n Kube system in CloudShell. The logtail DS displayed in the result is the log service component installed for data collection.
  5. open Log service console , you can see that the project corresponding to the K8s cluster ID has also been created.

The operation screenshot is as follows:

Figure: creating a managed cluster (step 2)

Image: opening CloudShell (step 3)

Figure: viewing the log service component in CloudShell (step 4)

Figure: open the log service console and view the project (step 5)

1. Data collection

In K8s environment, container log data can be roughly divided into two categories: container standard output and container text file. The former is a unique form of container log. The latter is similar to the traditional text file log, but the files are stored in each container and isolated from each other. We will show you how to collect these two types of logs.

1.1. Mock data

We will use the following two YAML files to generate mock data in the form of standard output and in container files.
Vessel standard output

# Create two pod s to generate mock data
apiVersion: batch/v1
kind: Job
metadata:
  name: nginx-stdout-log-demo-1
  namespace: nginx-stdout
spec:
  template:
    metadata:
      name: nginx-stdout-log-demo-1
    spec:
      containers:
      - name: nginx-stdout-log-demo-1
        image: registry.cn-hangzhou.aliyuncs.com/log-service/docker-log-test:latest
        command: ["/bin/mock_log"]
        args: ["--stderr=false", "--stdout=true", "--log-type=nginx", "--total-count=100000000", "--logs-per-sec=5"]
      restartPolicy: Never
---
apiVersion: batch/v1
kind: Job
metadata:
  name: nginx-stdout-log-demo-2
  namespace: nginx-stdout
spec:
  template:
    metadata:
      name: nginx-stdout-log-demo-2
    spec:
      containers:
      - name: nginx-stdout-log-demo-2
        image: registry.cn-hangzhou.aliyuncs.com/log-service/docker-log-test:latest
        command: ["/bin/mock_log"]
        args: ["--stderr=false", "--stdout=true", "--log-type=nginx", "--total-count=100000000", "--logs-per-sec=5"]
      restartPolicy: Never

In container text file (/ var/log/access.log)

apiVersion: batch/v1
kind: Job
metadata:
  name: nginx-file-log-demo
  namespace: nginx-file
spec:
  template:
    metadata:
      name: nginx-file-log-demo
    spec:
      restartPolicy: Never
      containers:
      - name: nginx-file-log-demo
        image: registry.cn-hangzhou.aliyuncs.com/log-service/docker-log-test:latest
        command: ["/bin/mock_log"]
        args: ["--log-type=nginx", "--stdout=false", "--stderr=false", "--path=/var/log/access.log", "--total-count=100000000", "--logs-per-sec=5"]

Operation steps:

  1. Open CloudShell, refer to step 3 in the preparation.
  2. Apply the two YAML mentioned above in the cluster( Github).
  3. Execute kubectl get pods to view several pods responsible for generating logs.

  4. Check the log generation of two pods (replace the pod name in the command according to the actual situation)

    • Standard output: execute kubectl logs - N nginx stdout -- tail = 10 nginx stdout log demo-1-7kvwx.
    • In container file: execute kubectl exec - N nginx file nginx file log demo-7frsp -- bash - C "tail / var / log / access. Log".
$ kubectl create namespace nginx-stdout
$ kubectl create -f https://raw.githubusercontent.com/goclis/kubernetes-mock-log/master/pod_nginx_stdout.yaml
$ kubectl create namespace nginx-file
$ kubectl create -f https://raw.githubusercontent.com/goclis/kubernetes-mock-log/master/pod_nginx_file.yaml

Command: generate mock data (step 2)

$ kubectl get pods -A
NAMESPACE      NAME                                               READY   STATUS    RESTARTS   AGE
nginx-file     nginx-file-log-demo-7frsp                          1/1     Running   0          2m9s
nginx-stdout   nginx-stdout-log-demo-1-7kvwx                      1/1     Running   0          2m12s
nginx-stdout   nginx-stdout-log-demo-2-4x7vw                      1/1     Running   0          2m12s

Command: view log service component (step 3)

1.2. Acquisition standard output

Click to learn more, see the specific operation steps and the remaining log query content
Learn more
Key words: kubernetes case practice log query

Topics: Nginx Kubernetes Docker github

Hot Topics

©2024 Programmer Think