kubectl logs command can be used to dump or stream stdout logs. Try some commands:
$ kubectl logs fortune-pod # dump pod logs (stdout) $ kubectl logs fortune-pod -c fortune-backend # dump pod container logs (stdout, multi-container case) $ kubectl logs -f fortune-pod # stream pod logs (stdout) $ kubectl logs -f fortune-pod -c fortune-backend # stream pod container logs (stdout, multi-container case)
Application operators are often interested in long-term retention, indexing, and analysis of logs.
In this section, we’ll drain logs to a very simple provider called Papertrail.
-
Visit https://papertrailapp.com and create a free account.
-
Login to your account and add your first system:
-
Click on
Add your first system:
-
We’ll use sink resources to configure destinations for logs transported following the Syslog Protocol. We can create sink resource configuration for clusters (eg: cluster sink sample) or for namespaces (eg: sink sample).
-
Apply the resources to your cluster
$ kubectl apply -f cluster_sink.yml clustersink.apps.pivotal.io/demo-cluster-sink created $ kubectl apply -f sink.yml sink.apps.pivotal.io/demo-default-sink created
-
Go back to papertrail site and check the Events page. We should be able to see logs being streamed in.
All sink log entries use the following format:
APP-NAME/NAMESPACE/POD-ID/CONTAINER-NAME
-
Pod logs entries are distinguished by the string
pod.login the APP-NAME field -
Kubernetes API Event entries are distinguished by the string
k8s.eventin the APP-NAME field.