- Cluster level logging options:
- Use a node level logging agent that runs on every node e.g. as part of a daemonset – only captures standard output and error from applications
- Include a dedicated sidecar container for logging in an application pool – useful where an application produces multiple log files in different formats as you can have multiple sidecars each streaming a different log file. Increases disk usage though. Alternatively use a side car container that has a logging agent rather than streaming the log files, this increase resource consumption though and the logs can’t be access using kubectl logs command as they aren’t controlled by the kubelet.
- Push logs directly to a backend from within an application – syslog style simply redirect the logs from the application to a single external point and then have that backend perform the analysis and queries.