Logging options often rely on an external daemon, a logging side car, or setting up application-level logging. Frequently, multiple tools are required to enable logging at every layer. There are few options for nodeless clusters, such as EKS on Fargate.
Kubernetes logs require active management to have the log data necessary for troubleshooting and analysis. Log streams need to be separated, storage and resource consumption monitored, and logs rotated.
Kubernetes is both highly distributed and dynamic. The combination of the high rate of change and the high number of layers producing logs results in large volumes of data and can overwhelm many logging solutions.
Loggly provides rKubeLog, an open-source connector designed to forward logs to SolarWinds® Loggly® from within a Kubernetes cluster without using a daemon or setting up application-level logging or a logging sidecar. The combination of Loggly and rKubeLog allows you to aggregate your application logs running in Kubernetes clusters, including those running in a nodeless cluster, such as AWS EKS on AWS Fargate, and those running in local Kubernetes clusters.
rKubelog uses the Kubernetes Control Plane API, which is already running in your cluster, to fetch logs from all the services running in the cluster. rKubeLog automatically separates the log streams, tags the logs, and forwards them to Loggly.
rKubeLog is easy to set up and deploy. Simply edit the template provided, add your Loggly ID, and deploy it to each cluster. Logs will begin immediately flowing into Loggly. With the logs being forwarded and aggregated directly to Loggly, there’s no need to store or rotate them. There’s also no need to pay for the additional storage or resource consumption required to accommodate a logging sidecar, Fluentd, or a daemon.
The rKubeLog template is fully customizable, allowing you to tag and filter your logs before they’re forwarded to Loggly. Using the Control Plane API, rKubeLog automatically picks up new deployments in the cluster and drops old ones, eliminating the need for additional log management.
Loggly is built to handle the both the high log volumes produced by multiple layers of each Kubernetes cluster and the high rate of change as containers are continually terminated, restarted, and rescheduled. Loggly goes far beyond Kubernetes and allows you to aggregate your logs, so you can search, analyze, and correlate data across your complete distributed stack.
Loggly offers powerful search capabilities, even over large data sets. The Dynamic Field Explorer™ provides a structured summary with search experience, so you can rapidly focus on specific logs of interest and filter out the noise. The multiple charts and fully customizable dashboards allow you to visualize your search results and quickly spot anomalies.