1

I have no idea how to do this. Any help would be great.

I'm running a pod on Fargate that holds my application container and a fluentd container. How can I send my logs from my application container to my fluentd container to push to splunk? I cannot set my log driver or log options (the normal way I would configure my container to change it's log destination) in my kubernetes deployment definition.

So how am I suppose to accomplish this, has anyone actually done this?

wesleywh
  • 1,053
  • 1
  • 13
  • 30
  • Changed the docker so it logs to a file and shares the directory between fluentd and itself. So fluentd now has access to the logs... i think. It just still isn't sending it to splunk, however I think* its a fluentd configuration at this point. log drivers are not available in kubernetes deployments, which makes my life a nightmare at this point. – wesleywh Nov 12 '20 at 18:32

1 Answers1

1

The way it works today is by making sure you are logging to a file and then add a Fluentxxx sidecar to the pod so that it can grab the log and send it to a destination. This is because there is no way (other than using interactively kubectl logs ) to grab logs printed to stdout (yet).

However we are working on this feature that will allow EKS/Fargate customers to 1) not bother about using a sidecar and 2) grab stdout logs out of the box.

The idea is that you will only need to specify a per cluster / per ns / per pod logging configuration and we will send the logs to supported (popular) destinations.

mreferre
  • 5,464
  • 3
  • 22
  • 29