Collect Log4j logs from Java applications in clusters to Alibaba Cloud SLS - Container Service for Kubernetes

By configuring Log4j Appender in the workload YAML, you can write logs from Java applications in your cluster to Alibaba Cloud Simple Log Service (SLS) projects, achieving non-intrusive log collection.

Log4j is an open source logging framework maintained by Apache, designed specifically for Java applications. The core components of Log4j include Appenders (output targets), Layouts (output formats), and Filters. By configuring Appenders, you can specify the destination for log transmission, such as console and files.

Prerequisites

An ACK managed cluster is created.
An AccessKey is created for integrating Log4j Appender in the application.
To ensure account security, we recommend that you use a RAM user (rather than an Alibaba Cloud account) and create the corresponding AccessKey.

Step 1: Configure Log4j Appender in SLS

This step guides you to create an SLS project and Logstore. After configuring the Logstore data source as Log4j Appender, you can send Java application logs directly to SLS.

We recommend that you create the SLS project in the same region as your cluster. In this way, log data can be transmitted through the internal network, avoiding external bandwidth costs and network latency caused by cross-region transmission.

For more information about SLS project billing, see Billing overview.

Create an SLS project.
The following introduces the core parameters. Other parameters can remain as default. For more information, see Manage a project.
- Region: We recommend that you select the same region as your ACK cluster. In this example, China (Hangzhou) is selected.
- Project Name: In this example, k8s-log4j is used.
Create a Logstore in the project.
In this example, the Logstore Name is k8s-logstore, and other parameters remain as default. For more information, see Manage a logstore.
After k8s-logstore is created, follow the page prompts to access data.
Search and locate the Log4j access card, and follow the page prompts to complete the access.
In this example, the default configuration is used. You can configure based on your specific log data usage scenarios.

Step 2: Integrate Log4j in your application

This step demonstrates how to integrate the Log4j Appender plug-in into a Java application by deploying a Spring Boot sample application. After integration, when the container starts, the SLS configuration is passed through the JAVA_OPTS environment variable, and Log4j automatically reads the parameters and sends logs to SLS in real time.

Obtain the demo-deployment.yaml file and configure the JAVA_OPTS environment variable.

For more information about how to obtain the file, see demo-deployment.

View the sample file

apiVersion: apps/v1
kind: Deployment
metadata:
  name: log4j-appender-demo-spring-boot
  labels:
    app: log4j-appender
spec:
  replicas: 1
  selector:
    matchLabels:
      app: log4j-appender
  template:
    metadata:
      labels:
        app: log4j-appender
    spec:
      containers:
      - name: log4j-appender-demo-spring-boot
        image: registry.cn-hangzhou.aliyuncs.com/jaegertracing/log4j-appender-demo-spring-boot:0.0.2
        env:
          - name: JAVA_OPTS            #  Set the JAVA_OPTS environment variable
            value: "-Dproject={your_project} -Dlogstore={your_logstore} -Dendpoint={your_endpoint} -Daccess_key_id={your_access_key_id} -Daccess_key={your_access_key_secret}"
        ports:
        - containerPort: 8080

JAVA_OPTS configuration description:

-Dproject: SLS project name. In this example, k8s-log4j is used.
-Dlogstore: SLS Logstore name. In this example, k8s-logstore is used.
-Dendpoint: SLS service endpoint. Configure the service endpoint based on the region where your project is located. For more information,see Endpoints. In this example, cn-hangzhou.log.aliyuncs.com is used.
-Daccess_key_id: Replace with your AccessKey ID.
-Daccess_key: Replace with your AccessKey Secret.

Create a Deployment.
```
kubectl create -f demo-deployment.yaml
```

Obtain the demo-Service.yaml file. You can keep the default configuration.

For the file address, see demo-Service.

View the sample file

apiVersion: v1
kind: Service
metadata:
  labels:
    app: log4j-appender
  name: log4j-appender-demo-spring-boot-svc
  namespace: default
spec:
  ports:
  - port: 8080
    protocol: TCP
    targetPort: 8080
  selector:
    app: log4j-appender
  type: LoadBalancer

Deploy demo-Service.yaml to create a Service.
```
kubectl create -f demo-service.yaml
```

Step 3: Test the log collection function

After the Deployment and Service are successfully deployed, you can view the external access IP of the Service, which is EXTERNAL-IP, access the service to generate logs, and verify whether the logs are successfully written to SLS.

View the EXTERNAL-IP of the Service.

kubectl get svc

Expected output:

NAME                                  TYPE           CLUSTER-IP     EXTERNAL-IP      PORT(S)          AGE
log4j-appender-demo-spring-boot-svc   LoadBalancer   172.21.XX.XX   120.55.XXX.XXX   8080:30398/TCP   1h

Run the login command to test whether cluster logs are successfully generated.
Replace K8s_SERVICE_IP with EXTERNAL-IP.
```
curl http://${K8S_SERVICE_IP}:8080/login?name=bruce
```
You can view the complete API collection in GitHub log4j-appender-demo.

Step 4: View logs in the SLS console

You can log on to the SLS console to query and analyze logs.

Log on to the Simple Log Service console.
In the Projects section, click the target project to go to the project details page.
Click the icon on the right side of the Logstore and select Search & Analysis to view the logs output by the cluster.

Container Service for Kubernetes:Collect Log4j logs from Java applications to SLS

Prerequisites

Step 1: Configure Log4j Appender in SLS

Step 2: Integrate Log4j in your application

Step 3: Test the log collection function

Step 4: View logs in the SLS console

References