Setting up logging on ingress

Question

I'm setting up a global network policy as follows, however the documentation claims the entries are in /var/log/syslog. But which pod or resource would let me see this information?

apiVersion: projectcalico.org/v3
kind: GlobalNetworkPolicy
metadata:
 name: log-denied-packets
spec:
 applyOnForward: true
 preDNAT: true
 ingress:
 - action: Log
   destination:
     nets:
     - <loadbalancer_IP>/32
     ports:
     - 80
   protocol: TCP
   source:
     nets:
     - <client_address>/32
 - action: Log
   destination:
     nets:
     - <loadbalancer_IP>/32
     ports:
     - 80
   protocol: UDP
   source:
     nets:
     - <client_address>/32
 selector: ibm.role=='worker_public'
 order: 300
 types:
 - Ingress

score 0 · Answer 1 · edited Jun 20 '20 at 09:12

0

For Kubernetes plugin I found this in the calico docs:

How do I view Calico CNI logs?

The Calico CNI plugin emits logs to stderr, which are then logged out by the kubelet. Where these logs end up depend on how your kubelet is configured. For deployments using systemd, you can do this via journalctl.

Hope this help.

edited Jun 20 '20 at 09:12

Community

1
1

answered Oct 11 '19 at 13:36

Mark

3,644
6
23

Setting up logging on ingress

1 Answers1