Container Service for Kubernetes (ACK) allows you to collect the logs of control plane components in an ACK Pro cluster. The logs are collected to a Log Service project that belongs to your account. This topic describes how to enable the log collection feature to collect the logs of control plane components in an ACK Pro cluster. It also describes how to view the collected logs.

Prerequisites

Your Alibaba Cloud account has a sufficient quota of Logstores in Log Service.
Note The default Logstore quota of an Alibaba Cloud account is 50. To increase the quota, Submit a ticket.

Background information

You can manage an ACK cluster in a more secure and effective way by analyzing the logs of the control plane components in the cluster. To enable the log collection feature for control plane components in an ACK Pro cluster, select Collect Logs of Control Plane Components when you create the cluster. The logs are shipped to the specified Log Service project that belongs to your account as log streams. You are charged based on the billing rules of Log Service on a pay-as-you-go basis. For more information, see Pay-as-you-go.

Enable log collection for control plane components

You can enable log collection for control plane components by using one of the following methods:

Method 1: Enable log collection for control plane components when you create a cluster

When you create a cluster, select Enable for Log Collection for Control Plane Components on the Component Configurations wizard page. For more information about how to create an ACK cluster, see Create an ACK Pro cluster.
Note
  • Enable is automatically selected when you create an ACK Pro cluster.
  • You can select an existing Log Service project in the Log Collection for Control Plane Components section.
a-1

Method 2: Enable log collection for control plane components in an existing cluster

  1. Log on to the ACK console.
  2. In the left-side navigation pane of the ACK console, click Clusters.
  3. On the Clusters page, find the cluster that you want to manage and click the name of the cluster or click Details in the Actions column. The details page of the cluster appears.
  4. In the left-side navigation pane of the details page, choose Operations > Log Center.
  5. Click the Logs of Control Plane Components tab. Then, click Enable Component Log Collection.

View the logs of control plane components

After you create the ACK Pro cluster, you can view the logs of the control plane components by using one of the following methods:

Method 1: View the logs of control plane components in the Log Service console.

  1. Log on to the Log Service console.
  2. In the Projects section, click the name of the Log Service project that is used for the cluster.
  3. On the Log Storage page, click the Logstores tab on the left side of the page and click the Logstore where the logs of control plane components are stored. You can query the logs of the following components: kube-apiserver, kube-scheduler, and kube-controller-manager, and the cloud controller manager (CCM). For more information, see Overview of Log Service.

Method 2: View the logs of control plane components in the ACK console.

You can use the following entries to view the logs of the four control plane components.
  • You can view the four control plane components in the Cluster Information menu.
    1. On the cluster details page, click the Cluster Resources tab and click the URL of the Log Service project.
    2. On the Log Storage page, click the Logstores tab on the left side of the page and click the Logstore where the logs of control plane components are stored. You can query the logs of the following components: kube-apiserver, kube-scheduler, and kube-controller-manager, and the CCM. For more information, see Overview of Log Service.
  • You can also view the four control plane components in the Operations menu.
    1. In the left-side navigation pane of the cluster details page, choose Operations > Log Center.
    2. Click the Logs of Control Plane Components tab. You can select a component and view its logs.

Logstores for control plane components

ACK allows you to collect the logs of the following control plane components. The log of each component is stored in a separate Logstore. For more information about the components, see Kubernetes components.

Component Logstore Description
kube-apiserver apiserver kube-apiserver is a component of the Kubernetes control plane that exposes the Kubernetes API. For more information, see kube-apiserver.
kube-controller-manager kcm kube-controller-manager is the control center of a Kubernetes cluster and runs controller processes. For more information, see kube-controller-manager.
kube-scheduler scheduler kube-scheduler is the default scheduler of a Kubernetes cluster. For more information, see kube-scheduler.
Cloud Controller Manager ccm The CCM allows you to integrate Kubernetes with Alibaba Cloud services, such as Classic Load Balancer (CLB) and Virtual Private Cloud (VPC). CLB is formerly known as Server Load Balancer (SLB). The CCM manages the features, such as load balancing and cross-node communication, that are provided by these services. For more information, see Cloud Controller Manager.

Disable log collection for control plane components

You can disable log collection for control plane components in the Operations menu in the ACK console.

  1. In the left-side navigation pane of the cluster details page, choose Operations > Log Center.
  2. Click the Logs of Control Plane Components tab. Then, click Close in the upper-right corner.
  3. In the message that appears, click OK.