The Fluentd add-on is used as a unified logging layer.
It is implemented as a Daemonset, reading logs by all nodes and by default sends all output to stdout. This can be changed by editing the fluent.conf to collect logs from various sources, filter and tag according to rules, and send to various aggregators. To use a vendor supplied fluent.conf, simply create a configuration and include it in a fluent.conf file on your machine, adding the path to the spec as shown below.
There is also an optional Elasticsearch and Kibana integration for complete EFK logging stack and visualization.
The kURL Fluentd implementation does not support plugins. You can use the kURL Fluentd implementation to forward logs to a syslog sink or to explore logs in Elasticsearch.
Elasticsearch requires 1gb of memory for stability. Default storage is set to 20GB. Log rotation is not done by default. It uses the existing Rook/Ceph setups to handle the persistent volume claims.
spec:
fluentd:
version: "1.7.4"
fullEFKStack: true
fluentdConfPath: /mnt/replicated/fluent.conf
| Flag | Usage |
|---|---|
| version | The version of Fluentd to be installed. |
| fullEFKStack | This will ensure that ElasticSearch and Kibana will be installed for log aggregation and visualization. |
| fluentdConfPath | The absolute path to a custom Fluentd config file. |